public static function Crypto($text, $cipher, $key, $isEncrypt)
{
switch ($cipher) {
case 'DES':
$crypt = new Crypt_DES(CRYPT_DES_MODE_CBC);
$crypt->setKey($key);
$crypt->setIV($key);
if ($isEncrypt) {
return strtoupper(bin2hex($crypt->encrypt($text)));
} else {
return $crypt->decrypt(CryptoUtil::hex2bin($text));
}
break;
case 'AES-256':
$crypt = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_ECB);
$crypt->setKey($key);
if ($isEncrypt) {
return strtoupper(bin2hex($crypt->encrypt($text)));
} else {
return $crypt->decrypt(CryptoUtil::hex2bin($text));
}
break;
default:
break;
}
return "ERROR";
}
function rijndael_decrypt_file($file, $key)
{
require_once dirname(__FILE__) . '/includes/phpseclib/Crypt/Rijndael.php';
$rijndael = new Crypt_Rijndael();
$rijndael->setKey($key);
$ciphertext = file_get_contents($file);
print $rijndael->decrypt($ciphertext);
}
/**
* @group github451
*/
public function testKeyPaddingRijndael()
{
// this test case is from the following URL:
// https://web.archive.org/web/20070209120224/http://fp.gladman.plus.com/cryptography_technology/rijndael/aesdvec.zip
$aes = new Crypt_Rijndael();
$aes->disablePadding();
$aes->setKey(pack('H*', '2b7e151628aed2a6abf7158809cf4f3c762e7160'));
// 160-bit key. Valid in Rijndael.
$ciphertext = $aes->encrypt(pack('H*', '3243f6a8885a308d313198a2e0370734'));
$this->assertEquals($ciphertext, pack('H*', '231d844639b31b412211cfe93712b880'));
}
/**
* Initilizes cryptographic scheme
*/
private static function init()
{
if (is_null(self::$cryptographicScheme)) {
$key = KeyHandler::readKey();
$mysqlKey = "";
for ($a = 0; $a < strlen($key); $a++) {
$mysqlKey[$a % 16] = chr(ord($mysqlKey[$a % 16]) ^ ord($key[$a]));
}
$aes = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_ECB);
$aes->setKeyLength(128);
$aes->setBlockLength(128);
$aes->setKey($mysqlKey);
self::$cryptographicScheme = $aes;
}
}
/**
* This method returns instance of cipher. In case you need to use other than the default cipher,
* you can override it from model
*
* @return Initialized instance of cipher
*/
private function getCipher()
{
static $cipher = null;
if ($cipher == null) {
$cipher = new \Crypt_Rijndael();
$key = $this->getEncryptionKey();
if (strlen($key)) {
$cipher->setKey($key);
} else {
$cipher = null;
return null;
}
$cipher->setBlockLength(224);
}
return $cipher;
}
/**
* Decrypt the ciphertext
* @param string $cipherText
* @return object \stdClass Unserialized token
*/
public function decrypt($cipherText)
{
// Decryption: prefer mcrypt, if available (since it can decrypt data encrypted by either mcrypt or phpseclib)
$cipherText = base64_decode($cipherText);
$iv = substr($cipherText, 0, self::IV_SIZE);
$cipherText = substr($cipherText, self::IV_SIZE);
if (function_exists('mcrypt_decrypt')) {
$token = @mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $this->key, $cipherText, MCRYPT_MODE_CBC, $iv);
} else {
global $updraftplus;
$updraftplus->ensure_phpseclib('Crypt_Rijndael', 'Crypt/Rijndael');
$rijndael = new Crypt_Rijndael();
$rijndael->setKey($this->key);
$rijndael->setIV($iv);
$token = $rijndael->decrypt($cipherText);
}
return $token;
}
function decrypt_message($message, $asym_key)
{
$rsa = new Crypt_RSA();
$rij = new Crypt_Rijndael();
// Extract the Symmetric Key
$len = substr($message, 0, 3);
$len = hexdec($len);
$sym_key = substr($message, 0, $len);
//Extract the encrypted message
$message = substr($message, 3);
$ciphertext = substr($message, $len);
$ciphertext = base64_decode($ciphertext);
// Decrypt the encrypted symmetric key
$rsa->loadKey($asym_key);
$sym_key = base64_decode($sym_key);
$sym_key = $rsa->decrypt($sym_key);
// Decrypt the message
$rij->setKey($sym_key);
$plaintext = $rij->decrypt($ciphertext);
return $message;
}
/**
* @param null|string $input
* @return string
*/
public function generateKey($input = NULL)
{
$text = $input === NULL ? $this->username . ';' . date('d/m/Y H:i:s') . ';' . $this->ip : $input;
$cipher = new \Crypt_Rijndael();
$cipher->setKeyLength(256);
$cipher->setBlockLength(128);
$cipher->setKey(base64_decode($this->key));
$cipher->setIV(base64_decode($this->iv));
return base64_encode($cipher->encrypt($text));
}
/**
* Default Constructor.
*
* Determines whether or not the mcrypt extension should be used.
*
* $mode could be:
*
* - CRYPT_AES_MODE_ECB
*
* - CRYPT_AES_MODE_CBC
*
* - CRYPT_AES_MODE_CTR
*
* - CRYPT_AES_MODE_CFB
*
* - CRYPT_AES_MODE_OFB
*
* If not explictly set, CRYPT_AES_MODE_CBC will be used.
*
* @see Crypt_Rijndael::Crypt_Rijndael()
* @see Crypt_Base::Crypt_Base()
* @param optional Integer $mode
* @access public
*/
function __construct($mode = CRYPT_AES_MODE_CBC)
{
parent::__construct($mode);
}
public function inline_crypt_setup()
{
$lambda_functions =& Crypt_Rijndael::get_lambda_functions();
$block_size = $this->block_size;
$mode = $this->mode;
if (count($lambda_functions) < 5) {
$w = $this->w;
$dw = $this->dw;
$init_encryptBlock = '';
$init_decryptBlock = '';
} else {
$i = 0;
for ($cw = count($this->w); $i < $cw; ++$i) {
$w[] = '$w_' . $i;
$dw[] = '$dw_' . $i;
}
$init_encryptBlock = 'extract($self->w, EXTR_PREFIX_ALL, "w");';
$init_decryptBlock = 'extract($self->dw, EXTR_PREFIX_ALL, "dw");';
}
$code_hash = md5($mode . ', ' . $block_size . ', ' . implode(',', $w));
if (!isset($lambda_functions[$code_hash])) {
$Nr = $this->Nr;
$Nb = $this->Nb;
$c = $this->c;
$init_encryptBlock .= '' . "\n" . ' $t0 = $self->t0;' . "\n" . ' $t1 = $self->t1;' . "\n" . ' $t2 = $self->t2;' . "\n" . ' $t3 = $self->t3;' . "\n" . ' $sbox = $self->sbox;';
$s = 'e';
$e = 's';
$wc = $Nb - 1;
$_encryptBlock = '$in = unpack("N*", $in);' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $w[++$wc] . ';' . "\n" . '';
}
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= '$' . $e . $i . ' =' . "\n" . ' $t0[($' . $s . $i . ' >> 24) & 0xff] ^' . "\n" . ' $t1[($' . $s . ($i + $c[1]) % $Nb . ' >> 16) & 0xff] ^' . "\n" . ' $t2[($' . $s . ($i + $c[2]) % $Nb . ' >> 8) & 0xff] ^' . "\n" . ' $t3[ $' . $s . ($i + $c[3]) % $Nb . ' & 0xff] ^' . "\n" . ' ' . $w[++$wc] . ';' . "\n" . '';
}
}
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= '$' . $e . $i . ' =' . "\n" . ' $sbox[ $' . $e . $i . ' & 0xff] |' . "\n" . ' ($sbox[($' . $e . $i . ' >> 8) & 0xff] << 8) |' . "\n" . ' ($sbox[($' . $e . $i . ' >> 16) & 0xff] << 16) |' . "\n" . ' ($sbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n";
}
$_encryptBlock .= '$in = pack("N*"' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= ',' . "\n" . ' ($' . $e . $i . ' & 0xFF000000) ^' . "\n" . ' ($' . $e . ($i + $c[1]) % $Nb . ' & 0x00FF0000) ^' . "\n" . ' ($' . $e . ($i + $c[2]) % $Nb . ' & 0x0000FF00) ^' . "\n" . ' ($' . $e . ($i + $c[3]) % $Nb . ' & 0x000000FF) ^' . "\n" . ' ' . $w[$i] . "\n";
}
$_encryptBlock .= ');';
$init_decryptBlock .= '' . "\n" . ' $dt0 = $self->dt0;' . "\n" . ' $dt1 = $self->dt1;' . "\n" . ' $dt2 = $self->dt2;' . "\n" . ' $dt3 = $self->dt3;' . "\n" . ' $isbox = $self->isbox;';
$s = 'e';
$e = 's';
$wc = $Nb - 1;
$_decryptBlock = '$in = unpack("N*", $in);' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $dw[++$wc] . ';' . "\n";
}
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= '$' . $e . $i . ' =' . "\n" . ' $dt0[($' . $s . $i . ' >> 24) & 0xff] ^' . "\n" . ' $dt1[($' . $s . ($Nb + $i - $c[1]) % $Nb . ' >> 16) & 0xff] ^' . "\n" . ' $dt2[($' . $s . ($Nb + $i - $c[2]) % $Nb . ' >> 8) & 0xff] ^' . "\n" . ' $dt3[ $' . $s . ($Nb + $i - $c[3]) % $Nb . ' & 0xff] ^' . "\n" . ' ' . $dw[++$wc] . ';' . "\n" . '';
}
}
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= '$' . $e . $i . ' =' . "\n" . ' $isbox[ $' . $e . $i . ' & 0xff] |' . "\n" . ' ($isbox[($' . $e . $i . ' >> 8) & 0xff] << 8) |' . "\n" . ' ($isbox[($' . $e . $i . ' >> 16) & 0xff] << 16) |' . "\n" . ' ($isbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n";
}
$_decryptBlock .= '$in = pack("N*"' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= ',' . "\n" . ' ($' . $e . $i . ' & 0xFF000000) ^' . "\n" . ' ($' . $e . ($Nb + $i - $c[1]) % $Nb . ' & 0x00FF0000) ^' . "\n" . ' ($' . $e . ($Nb + $i - $c[2]) % $Nb . ' & 0x0000FF00) ^' . "\n" . ' ($' . $e . ($Nb + $i - $c[3]) % $Nb . ' & 0x000000FF) ^' . "\n" . ' ' . $dw[$i] . "\n";
}
$_decryptBlock .= ');';
switch ($mode) {
case CRYPT_RIJNDAEL_MODE_ECB:
$encrypt = $init_encryptBlock . '' . "\n" . ' $ciphertext = "";' . "\n" . ' $text = $self->_pad($text);' . "\n" . ' $plaintext_len = strlen($text);' . "\n" . '' . "\n" . ' for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {' . "\n" . ' $in = substr($text, $i, ' . $block_size . ');' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $ciphertext.= $in;' . "\n" . ' }' . "\n" . ' ' . "\n" . ' return $ciphertext;' . "\n" . ' ';
$decrypt = $init_decryptBlock . '' . "\n" . ' $plaintext = "";' . "\n" . ' $text = str_pad($text, strlen($text) + (' . $block_size . ' - strlen($text) % ' . $block_size . ') % ' . $block_size . ', chr(0));' . "\n" . ' $ciphertext_len = strlen($text);' . "\n" . '' . "\n" . ' for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {' . "\n" . ' $in = substr($text, $i, ' . $block_size . ');' . "\n" . ' ' . $_decryptBlock . '' . "\n" . ' $plaintext.= $in;' . "\n" . ' }' . "\n" . '' . "\n" . ' return $self->_unpad($plaintext);' . "\n" . ' ';
break;
case CRYPT_RIJNDAEL_MODE_CBC:
$encrypt = $init_encryptBlock . '' . "\n" . ' $ciphertext = "";' . "\n" . ' $text = $self->_pad($text);' . "\n" . ' $plaintext_len = strlen($text);' . "\n" . '' . "\n" . ' $in = $self->encryptIV;' . "\n" . '' . "\n" . ' for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {' . "\n" . ' $in = substr($text, $i, ' . $block_size . ') ^ $in;' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $ciphertext.= $in;' . "\n" . ' }' . "\n" . '' . "\n" . ' if ($self->continuousBuffer) {' . "\n" . ' $self->encryptIV = $in;' . "\n" . ' }' . "\n" . '' . "\n" . ' return $ciphertext;' . "\n" . ' ';
$decrypt = $init_decryptBlock . '' . "\n" . ' $plaintext = "";' . "\n" . ' $text = str_pad($text, strlen($text) + (' . $block_size . ' - strlen($text) % ' . $block_size . ') % ' . $block_size . ', chr(0));' . "\n" . ' $ciphertext_len = strlen($text);' . "\n" . '' . "\n" . ' $iv = $self->decryptIV;' . "\n" . '' . "\n" . ' for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {' . "\n" . ' $in = $block = substr($text, $i, ' . $block_size . ');' . "\n" . ' ' . $_decryptBlock . '' . "\n" . ' $plaintext.= $in ^ $iv;' . "\n" . ' $iv = $block;' . "\n" . ' }' . "\n" . '' . "\n" . ' if ($self->continuousBuffer) {' . "\n" . ' $self->decryptIV = $iv;' . "\n" . ' }' . "\n" . '' . "\n" . ' return $self->_unpad($plaintext);' . "\n" . ' ';
break;
case CRYPT_RIJNDAEL_MODE_CTR:
$encrypt = $init_encryptBlock . '' . "\n" . ' $ciphertext = "";' . "\n" . ' $plaintext_len = strlen($text);' . "\n" . ' $xor = $self->encryptIV;' . "\n" . ' $buffer = &$self->enbuffer;' . "\n" . '' . "\n" . ' if (strlen($buffer["encrypted"])) {' . "\n" . ' for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {' . "\n" . ' $block = substr($text, $i, ' . $block_size . ');' . "\n" . ' if (strlen($block) > strlen($buffer["encrypted"])) {' . "\n" . ' $in = $self->_generate_xor(' . $block_size . ', $xor);' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $buffer["encrypted"].= $in;' . "\n" . ' }' . "\n" . ' $key = $self->_string_shift($buffer["encrypted"], ' . $block_size . ');' . "\n" . ' $ciphertext.= $block ^ $key;' . "\n" . ' }' . "\n" . ' } else {' . "\n" . ' for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {' . "\n" . ' $block = substr($text, $i, ' . $block_size . ');' . "\n" . ' $in = $self->_generate_xor(' . $block_size . ', $xor);' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $key = $in;' . "\n" . ' $ciphertext.= $block ^ $key;' . "\n" . ' }' . "\n" . ' }' . "\n" . ' if ($self->continuousBuffer) {' . "\n" . ' $self->encryptIV = $xor;' . "\n" . ' if ($start = $plaintext_len % ' . $block_size . ') {' . "\n" . ' $buffer["encrypted"] = substr($key, $start) . $buffer["encrypted"];' . "\n" . ' }' . "\n" . ' }' . "\n" . '' . "\n" . ' return $ciphertext;' . "\n" . ' ';
$decrypt = $init_encryptBlock . '' . "\n" . ' $plaintext = "";' . "\n" . ' $ciphertext_len = strlen($text);' . "\n" . ' $xor = $self->decryptIV;' . "\n" . ' $buffer = &$self->debuffer;' . "\n" . '' . "\n" . ' if (strlen($buffer["ciphertext"])) {' . "\n" . ' for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {' . "\n" . ' $block = substr($text, $i, ' . $block_size . ');' . "\n" . ' if (strlen($block) > strlen($buffer["ciphertext"])) {' . "\n" . ' $in = $self->_generate_xor(' . $block_size . ', $xor);' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $buffer["ciphertext"].= $in;' . "\n" . ' }' . "\n" . ' $key = $self->_string_shift($buffer["ciphertext"], ' . $block_size . ');' . "\n" . ' $plaintext.= $block ^ $key;' . "\n" . ' }' . "\n" . ' } else {' . "\n" . ' for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {' . "\n" . ' $block = substr($text, $i, ' . $block_size . ');' . "\n" . ' $in = $self->_generate_xor(' . $block_size . ', $xor);' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $key = $in;' . "\n" . ' $plaintext.= $block ^ $key;' . "\n" . ' }' . "\n" . ' }' . "\n" . ' if ($self->continuousBuffer) {' . "\n" . ' $self->decryptIV = $xor;' . "\n" . ' if ($start = $ciphertext_len % ' . $block_size . ') {' . "\n" . ' $buffer["ciphertext"] = substr($key, $start) . $buffer["ciphertext"];' . "\n" . ' }' . "\n" . ' }' . "\n" . ' ' . "\n" . ' return $plaintext;' . "\n" . ' ';
break;
case CRYPT_RIJNDAEL_MODE_CFB:
$encrypt = $init_encryptBlock . '' . "\n" . ' $ciphertext = "";' . "\n" . ' $buffer = &$self->enbuffer;' . "\n" . '' . "\n" . ' if ($self->continuousBuffer) {' . "\n" . ' $iv = &$self->encryptIV;' . "\n" . ' $pos = &$buffer["pos"];' . "\n" . ' } else {' . "\n" . ' $iv = $self->encryptIV;' . "\n" . ' $pos = 0;' . "\n" . ' }' . "\n" . ' $len = strlen($text);' . "\n" . ' $i = 0;' . "\n" . ' if ($pos) {' . "\n" . ' $orig_pos = $pos;' . "\n" . ' $max = ' . $block_size . ' - $pos;' . "\n" . ' if ($len >= $max) {' . "\n" . ' $i = $max;' . "\n" . ' $len-= $max;' . "\n" . ' $pos = 0;' . "\n" . ' } else {' . "\n" . ' $i = $len;' . "\n" . ' $pos+= $len;' . "\n" . ' $len = 0;' . "\n" . ' }' . "\n" . ' $ciphertext = substr($iv, $orig_pos) ^ $text;' . "\n" . ' $iv = substr_replace($iv, $ciphertext, $orig_pos, $i);' . "\n" . ' }' . "\n" . ' while ($len >= ' . $block_size . ') {' . "\n" . ' $in = $iv;' . "\n" . ' ' . $_encryptBlock . ';' . "\n" . ' $iv = $in ^ substr($text, $i, ' . $block_size . ');' . "\n" . ' $ciphertext.= $iv;' . "\n" . ' $len-= ' . $block_size . ';' . "\n" . ' $i+= ' . $block_size . ';' . "\n" . ' }' . "\n" . ' if ($len) {' . "\n" . ' $in = $iv;' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $iv = $in;' . "\n" . ' $block = $iv ^ substr($text, $i);' . "\n" . ' $iv = substr_replace($iv, $block, 0, $len);' . "\n" . ' $ciphertext.= $block;' . "\n" . ' $pos = $len;' . "\n" . ' }' . "\n" . ' return $ciphertext;' . "\n" . ' ';
$decrypt = $init_encryptBlock . '' . "\n" . ' $plaintext = "";' . "\n" . ' $buffer = &$self->debuffer;' . "\n" . '' . "\n" . ' if ($self->continuousBuffer) {' . "\n" . ' $iv = &$self->decryptIV;' . "\n" . ' $pos = &$buffer["pos"];' . "\n" . ' } else {' . "\n" . ' $iv = $self->decryptIV;' . "\n" . ' $pos = 0;' . "\n" . ' }' . "\n" . ' $len = strlen($text);' . "\n" . ' $i = 0;' . "\n" . ' if ($pos) {' . "\n" . ' $orig_pos = $pos;' . "\n" . ' $max = ' . $block_size . ' - $pos;' . "\n" . ' if ($len >= $max) {' . "\n" . ' $i = $max;' . "\n" . ' $len-= $max;' . "\n" . ' $pos = 0;' . "\n" . ' } else {' . "\n" . ' $i = $len;' . "\n" . ' $pos+= $len;' . "\n" . ' $len = 0;' . "\n" . ' }' . "\n" . ' $plaintext = substr($iv, $orig_pos) ^ $text;' . "\n" . ' $iv = substr_replace($iv, substr($text, 0, $i), $orig_pos, $i);' . "\n" . ' }' . "\n" . ' while ($len >= ' . $block_size . ') {' . "\n" . ' $in = $iv;' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $iv = $in;' . "\n" . ' $cb = substr($text, $i, ' . $block_size . ');' . "\n" . ' $plaintext.= $iv ^ $cb;' . "\n" . ' $iv = $cb;' . "\n" . ' $len-= ' . $block_size . ';' . "\n" . ' $i+= ' . $block_size . ';' . "\n" . ' }' . "\n" . ' if ($len) {' . "\n" . ' $in = $iv;' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $iv = $in;' . "\n" . ' $plaintext.= $iv ^ substr($text, $i);' . "\n" . ' $iv = substr_replace($iv, substr($text, $i), 0, $len);' . "\n" . ' $pos = $len;' . "\n" . ' }' . "\n" . '' . "\n" . ' return $plaintext;' . "\n" . ' ';
break;
case CRYPT_RIJNDAEL_MODE_OFB:
$encrypt = $init_encryptBlock . '' . "\n" . ' $ciphertext = "";' . "\n" . ' $plaintext_len = strlen($text);' . "\n" . ' $xor = $self->encryptIV;' . "\n" . ' $buffer = &$self->enbuffer;' . "\n" . '' . "\n" . ' if (strlen($buffer["xor"])) {' . "\n" . ' for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {' . "\n" . ' $block = substr($text, $i, ' . $block_size . ');' . "\n" . ' if (strlen($block) > strlen($buffer["xor"])) {' . "\n" . ' $in = $xor;' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $xor = $in;' . "\n" . ' $buffer["xor"].= $xor;' . "\n" . ' }' . "\n" . ' $key = $self->_string_shift($buffer["xor"], ' . $block_size . ');' . "\n" . ' $ciphertext.= $block ^ $key;' . "\n" . ' }' . "\n" . ' } else {' . "\n" . ' for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {' . "\n" . ' $in = $xor;' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $xor = $in;' . "\n" . ' $ciphertext.= substr($text, $i, ' . $block_size . ') ^ $xor;' . "\n" . ' }' . "\n" . ' $key = $xor;' . "\n" . ' }' . "\n" . ' if ($self->continuousBuffer) {' . "\n" . ' $self->encryptIV = $xor;' . "\n" . ' if ($start = $plaintext_len % ' . $block_size . ') {' . "\n" . ' $buffer["xor"] = substr($key, $start) . $buffer["xor"];' . "\n" . ' }' . "\n" . ' }' . "\n" . ' return $ciphertext;' . "\n" . ' ';
$decrypt = $init_encryptBlock . '' . "\n" . ' $plaintext = "";' . "\n" . ' $ciphertext_len = strlen($text);' . "\n" . ' $xor = $self->decryptIV;' . "\n" . ' $buffer = &$self->debuffer;' . "\n" . '' . "\n" . ' if (strlen($buffer["xor"])) {' . "\n" . ' for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {' . "\n" . ' $block = substr($text, $i, ' . $block_size . ');' . "\n" . ' if (strlen($block) > strlen($buffer["xor"])) {' . "\n" . ' $in = $xor;' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $xor = $in;' . "\n" . ' $buffer["xor"].= $xor;' . "\n" . ' }' . "\n" . ' $key = $self->_string_shift($buffer["xor"], ' . $block_size . ');' . "\n" . ' $plaintext.= $block ^ $key;' . "\n" . ' }' . "\n" . ' } else {' . "\n" . ' for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {' . "\n" . ' $in = $xor;' . "\n" . ' ' . $_encryptBlock . '' . "\n" . ' $xor = $in;' . "\n" . ' $plaintext.= substr($text, $i, ' . $block_size . ') ^ $xor;' . "\n" . ' }' . "\n" . ' $key = $xor;' . "\n" . ' }' . "\n" . ' if ($self->continuousBuffer) {' . "\n" . ' $self->decryptIV = $xor;' . "\n" . ' if ($start = $ciphertext_len % ' . $block_size . ') {' . "\n" . ' $buffer["xor"] = substr($key, $start) . $buffer["xor"];' . "\n" . ' }' . "\n" . ' }' . "\n" . ' return $plaintext;' . "\n" . ' ';
break;
}
$lambda_functions[$code_hash] = create_function('$action, &$self, $text', 'if ($action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }');
}
$this->inline_crypt = $lambda_functions[$code_hash];
}
function analyse_db_file($timestamp, $res)
{
global $updraftplus;
$backup = $updraftplus->get_backup_history($timestamp);
if (!isset($backup['nonce']) || !isset($backup['db'])) {
return;
}
$updraft_dir = $updraftplus->backups_dir_location();
$db_file = $updraft_dir . '/' . $backup['db'];
if (!is_readable($db_file)) {
return;
}
// Encrypted - decrypt it
if ($updraftplus->is_db_encrypted($db_file)) {
$encryption = UpdraftPlus_Options::get_updraft_option('updraft_encryptionphrase');
if (!$encryption) {
echo sprintf(__('Error: %s', 'updraftplus'), __('Decryption failed. The database file is encrypted, but you have no encryption key entered.', 'updraftplus'));
return;
}
require_once UPDRAFTPLUS_DIR . '/includes/phpseclib/Crypt/Rijndael.php';
$rijndael = new Crypt_Rijndael();
// Get decryption key
$rijndael->setKey($encryption);
$ciphertext = $rijndael->decrypt(file_get_contents($db_file));
if ($ciphertext) {
$new_db_file = $updraft_dir . '/' . basename($db_file, '.crypt');
if (!file_put_contents($new_db_file, $ciphertext)) {
echo sprintf(__('Error: %s', 'updraftplus'), __('Failed to write out the decrypted database to the filesystem.', 'updraftplus'));
return false;
}
$db_file = $new_db_file;
} else {
echo sprintf(__('Error: %s', 'updraftplus'), __('Decryption failed. The most likely cause is that you used the wrong key.', 'updraftplus'));
return false;
}
}
$dbhandle = gzopen($db_file, 'r');
if (!$dbhandle) {
echo sprintf(__('Error: %s', 'updraftplus'), __('Failed to open database file.', 'updraftplus'));
return false;
}
# Analyse the file, print the results.
$line = 0;
$old_siteurl = '';
$old_table_prefix = '';
$old_siteinfo = array();
$gathering_siteinfo = true;
while (!gzeof($dbhandle) && $line < 100) {
$line++;
// Up to 1Mb
$buffer = rtrim(gzgets($dbhandle, 1048576));
// Comments are what we are interested in
if (substr($buffer, 0, 1) == '#') {
// TODO: More information - e.g. WordPress version. Warn if importing new into old.
if ('' == $old_siteurl && preg_match('/^\\# Backup of: (http(.*))$/', $buffer, $matches)) {
$old_siteurl = $matches[1];
echo __('Backup of:', 'updraftplus') . ' ' . htmlspecialchars($old_siteurl) . '<br>';
// Check for should-be migration
if ($old_siteurl != site_url()) {
echo apply_filters('updraftplus_dbscan_urlchange', sprintf(__('Error: %s', 'updraftplus'), '<a href="http://updraftplus.com/shop/migrator/">' . __('This backup set is from a different site - this is not a restoration, but a migration. You need the Migrator add-on in order to make this work.', 'updraftplus') . '</a>'), $old_siteurl, $res);
}
} elseif ('' == $old_table_prefix && preg_match('/^\\# Table prefix: (\\S+)$/', $buffer, $matches)) {
$old_table_prefix = $matches[1];
// echo '<strong>'.__('Old table prefix:', 'updraftplus').'</strong> '.htmlspecialchars($old_table_prefix).'<br>';
} elseif ($gathering_siteinfo && preg_match('/^\\# Site info: (\\S+)$/', $buffer, $matches)) {
if ('end' == $matches[1]) {
$gathering_siteinfo = false;
// Sanity checks
if (isset($old_siteinfo['multisite']) && !$old_siteinfo['multisite'] && is_multisite()) {
// Just need to check that you're crazy
if (!defined('UPDRAFTPLUS_EXPERIMENTAL_IMPORTINTOMULTISITE') || UPDRAFTPLUS_EXPERIMENTAL_IMPORTINTOMULTISITE != true) {
echo sprintf(__('Error: %s', 'updraftplus'), __('You are running on WordPress multisite - but your backup is not of a multisite site.', 'updraftplus'));
return false;
}
// Got the needed code?
if (!class_exists('UpdraftPlusAddOn_MultiSite') || !class_exists('UpdraftPlus_Addons_Migrator')) {
echo sprintf(__('Error: %s', 'updraftplus'), __('To import an ordinary WordPress site into a multisite installation requires both the multisite and migrator add-ons.', 'updraftplus'));
return false;
}
}
} elseif (preg_match('/^([^=]+)=(.*)$/', $matches[1], $kvmatches)) {
$key = $kvmatches[1];
$val = $kvmatches[2];
if ('multisite' == $key && $val) {
echo '<strong>' . __('Site information:', 'updraftplus') . '</strong>' . ' is a WordPress Network<br>';
}
$old_siteinfo[$key] = $val;
}
}
}
}
@gzclose($dbhandle);
}
/**
* Creates performance-optimized function for de/encrypt(), storing it in $this->inline_crypt
*
* @see Crypt_Rijndael::encrypt()
* @see Crypt_Rijndael::decrypt()
* @access private
*/
function inline_crypt_setup()
{
// Note: inline_crypt_setup() will be called only if $this->changed === true
// So here we are'nt under the same heavy timing-stress as we are in _de/encryptBlock() or de/encrypt().
// However...the here generated function- $code, stored as php callback in $this->inline_crypt, must work as fast as even possible.
$lambda_functions =& Crypt_Rijndael::get_lambda_functions();
$block_size = $this->block_size;
$mode = $this->mode;
// The first 5 generated $lambda_functions will use the key-words hardcoded for better performance.
// For memory reason we limit those ultra-optimized function code to 5.
// After that, we use pure (extracted) integer vars for the key-words which is faster than accessing them via array.
if (count($lambda_functions) < 5) {
$w = $this->w;
$dw = $this->dw;
$init_encryptBlock = '';
$init_decryptBlock = '';
} else {
for ($i = 0, $cw = count($this->w); $i < $cw; ++$i) {
$w[] = '$w_' . $i;
$dw[] = '$dw_' . $i;
}
$init_encryptBlock = 'extract($self->w, EXTR_PREFIX_ALL, "w");';
$init_decryptBlock = 'extract($self->dw, EXTR_PREFIX_ALL, "dw");';
}
$code_hash = md5("{$mode}, {$block_size}, " . implode(',', $w));
if (!isset($lambda_functions[$code_hash])) {
$Nr = $this->Nr;
$Nb = $this->Nb;
$c = $this->c;
// Generating encrypt code:
$init_encryptBlock .= '
$t0 = $self->t0;
$t1 = $self->t1;
$t2 = $self->t2;
$t3 = $self->t3;
$sbox = $self->sbox;';
$s = 'e';
$e = 's';
$wc = $Nb - 1;
// Preround: addRoundKey
$_encryptBlock = '$in = unpack("N*", $in);' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $w[++$wc] . ";\n";
}
// Mainrounds: shiftRows + subWord + mixColumns + addRoundKey
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= '$' . $e . $i . ' =
$t0[($' . $s . $i . ' >> 24) & 0xff] ^
$t1[($' . $s . ($i + $c[1]) % $Nb . ' >> 16) & 0xff] ^
$t2[($' . $s . ($i + $c[2]) % $Nb . ' >> 8) & 0xff] ^
$t3[ $' . $s . ($i + $c[3]) % $Nb . ' & 0xff] ^
' . $w[++$wc] . ";\n";
}
}
// Finalround: subWord + shiftRows + addRoundKey
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= '$' . $e . $i . ' =
$sbox[ $' . $e . $i . ' & 0xff] |
($sbox[($' . $e . $i . ' >> 8) & 0xff] << 8) |
($sbox[($' . $e . $i . ' >> 16) & 0xff] << 16) |
($sbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n";
}
$_encryptBlock .= '$in = pack("N*"' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= ',
($' . $e . $i . ' & 0xFF000000) ^
($' . $e . ($i + $c[1]) % $Nb . ' & 0x00FF0000) ^
($' . $e . ($i + $c[2]) % $Nb . ' & 0x0000FF00) ^
($' . $e . ($i + $c[3]) % $Nb . ' & 0x000000FF) ^
' . $w[$i] . "\n";
}
$_encryptBlock .= ');';
// Generating decrypt code:
$init_decryptBlock .= '
$dt0 = $self->dt0;
$dt1 = $self->dt1;
$dt2 = $self->dt2;
$dt3 = $self->dt3;
$isbox = $self->isbox;';
$s = 'e';
$e = 's';
$wc = $Nb - 1;
// Preround: addRoundKey
$_decryptBlock = '$in = unpack("N*", $in);' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $dw[++$wc] . ';' . "\n";
}
// Mainrounds: shiftRows + subWord + mixColumns + addRoundKey
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= '$' . $e . $i . ' =
$dt0[($' . $s . $i . ' >> 24) & 0xff] ^
$dt1[($' . $s . ($Nb + $i - $c[1]) % $Nb . ' >> 16) & 0xff] ^
$dt2[($' . $s . ($Nb + $i - $c[2]) % $Nb . ' >> 8) & 0xff] ^
$dt3[ $' . $s . ($Nb + $i - $c[3]) % $Nb . ' & 0xff] ^
' . $dw[++$wc] . ";\n";
}
}
// Finalround: subWord + shiftRows + addRoundKey
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= '$' . $e . $i . ' =
$isbox[ $' . $e . $i . ' & 0xff] |
($isbox[($' . $e . $i . ' >> 8) & 0xff] << 8) |
($isbox[($' . $e . $i . ' >> 16) & 0xff] << 16) |
($isbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n";
}
$_decryptBlock .= '$in = pack("N*"' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= ',
($' . $e . $i . ' & 0xFF000000) ^
($' . $e . ($Nb + $i - $c[1]) % $Nb . ' & 0x00FF0000) ^
($' . $e . ($Nb + $i - $c[2]) % $Nb . ' & 0x0000FF00) ^
($' . $e . ($Nb + $i - $c[3]) % $Nb . ' & 0x000000FF) ^
' . $dw[$i] . "\n";
}
$_decryptBlock .= ');';
// Generating mode of operation code:
switch ($mode) {
case CRYPT_RIJNDAEL_MODE_ECB:
$encrypt = $init_encryptBlock . '
$ciphertext = "";
$text = $self->_pad($text);
$plaintext_len = strlen($text);
for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {
$in = substr($text, $i, ' . $block_size . ');
' . $_encryptBlock . '
$ciphertext.= $in;
}
return $ciphertext;
';
$decrypt = $init_decryptBlock . '
$plaintext = "";
$text = str_pad($text, strlen($text) + (' . $block_size . ' - strlen($text) % ' . $block_size . ') % ' . $block_size . ', chr(0));
$ciphertext_len = strlen($text);
for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {
$in = substr($text, $i, ' . $block_size . ');
' . $_decryptBlock . '
$plaintext.= $in;
}
return $self->_unpad($plaintext);
';
break;
case CRYPT_RIJNDAEL_MODE_CBC:
$encrypt = $init_encryptBlock . '
$ciphertext = "";
$text = $self->_pad($text);
$plaintext_len = strlen($text);
$in = $self->encryptIV;
for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {
$in = substr($text, $i, ' . $block_size . ') ^ $in;
' . $_encryptBlock . '
$ciphertext.= $in;
}
if ($self->continuousBuffer) {
$self->encryptIV = $in;
}
return $ciphertext;
';
$decrypt = $init_decryptBlock . '
$plaintext = "";
$text = str_pad($text, strlen($text) + (' . $block_size . ' - strlen($text) % ' . $block_size . ') % ' . $block_size . ', chr(0));
$ciphertext_len = strlen($text);
$iv = $self->decryptIV;
for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {
$in = $block = substr($text, $i, ' . $block_size . ');
' . $_decryptBlock . '
$plaintext.= $in ^ $iv;
$iv = $block;
}
if ($self->continuousBuffer) {
$self->decryptIV = $iv;
}
return $self->_unpad($plaintext);
';
break;
case CRYPT_RIJNDAEL_MODE_CTR:
$encrypt = $init_encryptBlock . '
$ciphertext = "";
$plaintext_len = strlen($text);
$xor = $self->encryptIV;
$buffer = &$self->enbuffer;
if (strlen($buffer["encrypted"])) {
for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {
$block = substr($text, $i, ' . $block_size . ');
if (strlen($block) > strlen($buffer["encrypted"])) {
$in = $self->_generate_xor(' . $block_size . ', $xor);
' . $_encryptBlock . '
$buffer["encrypted"].= $in;
}
$key = $self->_string_shift($buffer["encrypted"], ' . $block_size . ');
$ciphertext.= $block ^ $key;
}
} else {
for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {
$block = substr($text, $i, ' . $block_size . ');
$in = $self->_generate_xor(' . $block_size . ', $xor);
' . $_encryptBlock . '
$key = $in;
$ciphertext.= $block ^ $key;
}
}
if ($self->continuousBuffer) {
$self->encryptIV = $xor;
if ($start = $plaintext_len % ' . $block_size . ') {
$buffer["encrypted"] = substr($key, $start) . $buffer["encrypted"];
}
}
return $ciphertext;
';
$decrypt = $init_encryptBlock . '
$plaintext = "";
$ciphertext_len = strlen($text);
$xor = $self->decryptIV;
$buffer = &$self->debuffer;
if (strlen($buffer["ciphertext"])) {
for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {
$block = substr($text, $i, ' . $block_size . ');
if (strlen($block) > strlen($buffer["ciphertext"])) {
$in = $self->_generate_xor(' . $block_size . ', $xor);
' . $_encryptBlock . '
$buffer["ciphertext"].= $in;
}
$key = $self->_string_shift($buffer["ciphertext"], ' . $block_size . ');
$plaintext.= $block ^ $key;
}
} else {
for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {
$block = substr($text, $i, ' . $block_size . ');
$in = $self->_generate_xor(' . $block_size . ', $xor);
' . $_encryptBlock . '
$key = $in;
$plaintext.= $block ^ $key;
}
}
if ($self->continuousBuffer) {
$self->decryptIV = $xor;
if ($start = $ciphertext_len % ' . $block_size . ') {
$buffer["ciphertext"] = substr($key, $start) . $buffer["ciphertext"];
}
}
return $plaintext;
';
break;
case CRYPT_RIJNDAEL_MODE_CFB:
$encrypt = $init_encryptBlock . '
$ciphertext = "";
$buffer = &$self->enbuffer;
if ($self->continuousBuffer) {
$iv = &$self->encryptIV;
$pos = &$buffer["pos"];
} else {
$iv = $self->encryptIV;
$pos = 0;
}
$len = strlen($text);
$i = 0;
if ($pos) {
$orig_pos = $pos;
$max = ' . $block_size . ' - $pos;
if ($len >= $max) {
$i = $max;
$len-= $max;
$pos = 0;
} else {
$i = $len;
$pos+= $len;
$len = 0;
}
$ciphertext = substr($iv, $orig_pos) ^ $text;
$iv = substr_replace($iv, $ciphertext, $orig_pos, $i);
}
while ($len >= ' . $block_size . ') {
$in = $iv;
' . $_encryptBlock . ';
$iv = $in ^ substr($text, $i, ' . $block_size . ');
$ciphertext.= $iv;
$len-= ' . $block_size . ';
$i+= ' . $block_size . ';
}
if ($len) {
$in = $iv;
' . $_encryptBlock . '
$iv = $in;
$block = $iv ^ substr($text, $i);
$iv = substr_replace($iv, $block, 0, $len);
$ciphertext.= $block;
$pos = $len;
}
return $ciphertext;
';
$decrypt = $init_encryptBlock . '
$plaintext = "";
$buffer = &$self->debuffer;
if ($self->continuousBuffer) {
$iv = &$self->decryptIV;
$pos = &$buffer["pos"];
} else {
$iv = $self->decryptIV;
$pos = 0;
}
$len = strlen($text);
$i = 0;
if ($pos) {
$orig_pos = $pos;
$max = ' . $block_size . ' - $pos;
if ($len >= $max) {
$i = $max;
$len-= $max;
$pos = 0;
} else {
$i = $len;
$pos+= $len;
$len = 0;
}
$plaintext = substr($iv, $orig_pos) ^ $text;
$iv = substr_replace($iv, substr($text, 0, $i), $orig_pos, $i);
}
while ($len >= ' . $block_size . ') {
$in = $iv;
' . $_encryptBlock . '
$iv = $in;
$cb = substr($text, $i, ' . $block_size . ');
$plaintext.= $iv ^ $cb;
$iv = $cb;
$len-= ' . $block_size . ';
$i+= ' . $block_size . ';
}
if ($len) {
$in = $iv;
' . $_encryptBlock . '
$iv = $in;
$plaintext.= $iv ^ substr($text, $i);
$iv = substr_replace($iv, substr($text, $i), 0, $len);
$pos = $len;
}
return $plaintext;
';
break;
case CRYPT_RIJNDAEL_MODE_OFB:
$encrypt = $init_encryptBlock . '
$ciphertext = "";
$plaintext_len = strlen($text);
$xor = $self->encryptIV;
$buffer = &$self->enbuffer;
if (strlen($buffer["xor"])) {
for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {
$block = substr($text, $i, ' . $block_size . ');
if (strlen($block) > strlen($buffer["xor"])) {
$in = $xor;
' . $_encryptBlock . '
$xor = $in;
$buffer["xor"].= $xor;
}
$key = $self->_string_shift($buffer["xor"], ' . $block_size . ');
$ciphertext.= $block ^ $key;
}
} else {
for ($i = 0; $i < $plaintext_len; $i+= ' . $block_size . ') {
$in = $xor;
' . $_encryptBlock . '
$xor = $in;
$ciphertext.= substr($text, $i, ' . $block_size . ') ^ $xor;
}
$key = $xor;
}
if ($self->continuousBuffer) {
$self->encryptIV = $xor;
if ($start = $plaintext_len % ' . $block_size . ') {
$buffer["xor"] = substr($key, $start) . $buffer["xor"];
}
}
return $ciphertext;
';
$decrypt = $init_encryptBlock . '
$plaintext = "";
$ciphertext_len = strlen($text);
$xor = $self->decryptIV;
$buffer = &$self->debuffer;
if (strlen($buffer["xor"])) {
for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {
$block = substr($text, $i, ' . $block_size . ');
if (strlen($block) > strlen($buffer["xor"])) {
$in = $xor;
' . $_encryptBlock . '
$xor = $in;
$buffer["xor"].= $xor;
}
$key = $self->_string_shift($buffer["xor"], ' . $block_size . ');
$plaintext.= $block ^ $key;
}
} else {
for ($i = 0; $i < $ciphertext_len; $i+= ' . $block_size . ') {
$in = $xor;
' . $_encryptBlock . '
$xor = $in;
$plaintext.= substr($text, $i, ' . $block_size . ') ^ $xor;
}
$key = $xor;
}
if ($self->continuousBuffer) {
$self->decryptIV = $xor;
if ($start = $ciphertext_len % ' . $block_size . ') {
$buffer["xor"] = substr($key, $start) . $buffer["xor"];
}
}
return $plaintext;
';
break;
}
$lambda_functions[$code_hash] = create_function('$action, &$self, $text', 'if ($action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }');
}
$this->inline_crypt = $lambda_functions[$code_hash];
}
public function decrypt_message($message)
{
if (!$this->key_local) {
throw new Exception('No decryption key has been set');
}
$this->ensure_crypto_loaded();
$rsa = new Crypt_RSA();
$rij = new Crypt_Rijndael();
// Extract the Symmetric Key
$len = substr($message, 0, 3);
$len = hexdec($len);
$sym_key = substr($message, 3, $len);
// Extract the encrypted message
$cipherlen = substr($message, $len + 3, 16);
$cipherlen = hexdec($cipherlen);
$ciphertext = substr($message, $len + 19, $cipherlen);
$ciphertext = base64_decode($ciphertext);
// Decrypt the encrypted symmetric key
$rsa->loadKey($this->key_local);
$sym_key = base64_decode($sym_key);
$sym_key = $rsa->decrypt($sym_key);
// Decrypt the message
$rij->setKey($sym_key);
return $rij->decrypt($ciphertext);
}
/**
* Decrypts a message.
*
* If strlen($ciphertext) is not a multiple of 16, null bytes will be added to the end of the string until it is.
*
* @see Crypt_AES::encrypt()
* @access public
* @param String $ciphertext
*/
function decrypt($ciphertext)
{
if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) {
$changed = $this->changed;
$this->_mcryptSetup();
/*
if ($this->mode == CRYPT_AES_MODE_CTR) {
$iv = $this->decryptIV;
$xor = mcrypt_generic($this->enmcrypt, $this->_generate_xor(strlen($ciphertext), $iv));
$plaintext = $ciphertext ^ $xor;
if ($this->continuousBuffer) {
$this->decryptIV = $iv;
}
return $plaintext;
}
*/
if ($this->mode == 'ncfb') {
if ($changed) {
$this->ecb = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
mcrypt_generic_init($this->ecb, $this->key, "");
}
if (strlen($this->debuffer)) {
$plaintext = $ciphertext ^ substr($this->decryptIV, strlen($this->debuffer));
$this->debuffer .= substr($ciphertext, 0, strlen($plaintext));
if (strlen($this->debuffer) == 16) {
$this->decryptIV = $this->debuffer;
$this->debuffer = '';
mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
}
$ciphertext = substr($ciphertext, strlen($plaintext));
} else {
$plaintext = '';
}
$last_pos = strlen($ciphertext) & 0xfffffff0;
$plaintext .= $last_pos ? mdecrypt_generic($this->demcrypt, substr($ciphertext, 0, $last_pos)) : '';
if (strlen($ciphertext) & 0xf) {
if (strlen($plaintext)) {
$this->decryptIV = substr($ciphertext, $last_pos - 16, 16);
}
$this->decryptIV = mcrypt_generic($this->ecb, $this->decryptIV);
$this->debuffer = substr($ciphertext, $last_pos);
$plaintext .= $this->debuffer ^ $this->decryptIV;
}
return $plaintext;
}
if ($this->paddable) {
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
$ciphertext = str_pad($ciphertext, strlen($ciphertext) + 15 & 0xfffffff0, chr(0));
}
$plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
if (!$this->continuousBuffer) {
mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
}
return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
}
return parent::decrypt($ciphertext);
}
public function decrypt_message($message)
{
if (!$this->key_local) {
throw new Exception('No decryption key has been set');
}
$this->ensure_crypto_loaded();
$rsa = new Crypt_RSA();
if (defined('UDRPC_PHPSECLIB_ENCRYPTION_MODE')) {
$rsa->setEncryptionMode(UDRPC_PHPSECLIB_ENCRYPTION_MODE);
}
// Defaults to CRYPT_AES_MODE_CBC
$rij = new Crypt_Rijndael();
// Extract the Symmetric Key
$len = substr($message, 0, 3);
$len = hexdec($len);
$sym_key = substr($message, 3, $len);
// Extract the encrypted message
$cipherlen = substr($message, $len + 3, 16);
$cipherlen = hexdec($cipherlen);
$ciphertext = substr($message, $len + 19, $cipherlen);
$ciphertext = base64_decode($ciphertext);
// Decrypt the encrypted symmetric key
$rsa->loadKey($this->key_local);
$sym_key = base64_decode($sym_key);
$sym_key = $rsa->decrypt($sym_key);
// Decrypt the message
$rij->setKey($sym_key);
return $rij->decrypt($ciphertext);
}
function spool_file($type, $fullpath, $encryption = "")
{
@set_time_limit(900);
if (file_exists($fullpath)) {
$file = basename($fullpath);
$len = filesize($fullpath);
$filearr = explode('.', $file);
// //we've only got zip and gz...for now
$file_ext = array_pop($filearr);
header("Cache-Control: no-cache, must-revalidate");
// HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
// Date in the past
header("Content-Length: {$len};");
if ($file_ext == 'crypt') {
if ($encryption == "") {
$encryption = UpdraftPlus_Options::get_updraft_option('updraft_encryptionphrase');
}
if ($encryption == "") {
header('Content-type: text/plain');
_e("Decryption failed. The database file is encrypted, but you have no encryption key entered.", 'updraftplus');
$this->log('Decryption of database failed: the database file is encrypted, but you have no encryption key entered.', 'error');
} else {
if (!class_exists('Crypt_Rijndael')) {
require_once UPDRAFTPLUS_DIR . '/includes/phpseclib/Crypt/Rijndael.php';
}
$rijndael = new Crypt_Rijndael();
$rijndael->setKey($encryption);
$ciphertext = $rijndael->decrypt(file_get_contents($fullpath));
if ($ciphertext) {
header('Content-type: application/octet-stream');
header("Content-Disposition: attachment; filename=\"" . substr($file, 0, -6) . "\";");
print $ciphertext;
} else {
header('Content-type: text/plain');
echo __("Decryption failed. The most likely cause is that you used the wrong key.", 'updraftplus') . " " . __('The decryption key used:', 'updraftplus') . ' ' . $encryption;
}
}
} else {
if ($file_ext == 'zip') {
header('Content-type: application/zip');
} else {
header('Content-type: application/octet-stream');
}
header("Content-Disposition: attachment; filename=\"{$file}\";");
# Prevent the file being read into memory
@ob_end_flush();
readfile($fullpath);
}
// $this->delete_local($file);
} else {
echo __('File not found', 'updraftplus');
}
}
/**
* Setup the performance-optimized function for de/encrypt()
*
* @see Crypt_Base::_setupInlineCrypt()
* @access private
*/
function _setupInlineCrypt()
{
// Note: _setupInlineCrypt() will be called only if $this->changed === true
// So here we are'nt under the same heavy timing-stress as we are in _de/encryptBlock() or de/encrypt().
// However...the here generated function- $code, stored as php callback in $this->inline_crypt, must work as fast as even possible.
$lambda_functions =& Crypt_Rijndael::_getLambdaFunctions();
// We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function.
// (Currently, for Crypt_Rijndael/AES, one generated $lambda_function cost on php5.5@32bit ~80kb unfreeable mem and ~130kb on php5.5@64bit)
// After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one.
$gen_hi_opt_code = (bool) (count($lambda_functions) < 10);
// Generation of a uniqe hash for our generated code
$code_hash = "Crypt_Rijndael, {$this->mode}, {$this->Nr}, {$this->Nb}";
if ($gen_hi_opt_code) {
$code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key);
}
if (!isset($lambda_functions[$code_hash])) {
switch (true) {
case $gen_hi_opt_code:
// The hi-optimized $lambda_functions will use the key-words hardcoded for better performance.
$w = $this->w;
$dw = $this->dw;
$init_encrypt = '';
$init_decrypt = '';
break;
default:
for ($i = 0, $cw = count($this->w); $i < $cw; ++$i) {
$w[] = '$w[' . $i . ']';
$dw[] = '$dw[' . $i . ']';
}
$init_encrypt = '$w = $self->w;';
$init_decrypt = '$dw = $self->dw;';
}
$Nr = $this->Nr;
$Nb = $this->Nb;
$c = $this->c;
// Generating encrypt code:
$init_encrypt .= '
static $tables;
if (empty($tables)) {
$tables = &$self->_getTables();
}
$t0 = $tables[0];
$t1 = $tables[1];
$t2 = $tables[2];
$t3 = $tables[3];
$sbox = $tables[4];
';
$s = 'e';
$e = 's';
$wc = $Nb - 1;
// Preround: addRoundKey
$encrypt_block = '$in = unpack("N*", $in);' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$encrypt_block .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $w[++$wc] . ";\n";
}
// Mainrounds: shiftRows + subWord + mixColumns + addRoundKey
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$encrypt_block .= '$' . $e . $i . ' =
$t0[($' . $s . $i . ' >> 24) & 0xff] ^
$t1[($' . $s . ($i + $c[1]) % $Nb . ' >> 16) & 0xff] ^
$t2[($' . $s . ($i + $c[2]) % $Nb . ' >> 8) & 0xff] ^
$t3[ $' . $s . ($i + $c[3]) % $Nb . ' & 0xff] ^
' . $w[++$wc] . ";\n";
}
}
// Finalround: subWord + shiftRows + addRoundKey
for ($i = 0; $i < $Nb; ++$i) {
$encrypt_block .= '$' . $e . $i . ' =
$sbox[ $' . $e . $i . ' & 0xff] |
($sbox[($' . $e . $i . ' >> 8) & 0xff] << 8) |
($sbox[($' . $e . $i . ' >> 16) & 0xff] << 16) |
($sbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n";
}
$encrypt_block .= '$in = pack("N*"' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$encrypt_block .= ',
($' . $e . $i . ' & ' . (int) 0xff000000 . ') ^
($' . $e . ($i + $c[1]) % $Nb . ' & 0x00FF0000 ) ^
($' . $e . ($i + $c[2]) % $Nb . ' & 0x0000FF00 ) ^
($' . $e . ($i + $c[3]) % $Nb . ' & 0x000000FF ) ^
' . $w[$i] . "\n";
}
$encrypt_block .= ');';
// Generating decrypt code:
$init_decrypt .= '
static $invtables;
if (empty($invtables)) {
$invtables = &$self->_getInvTables();
}
$dt0 = $invtables[0];
$dt1 = $invtables[1];
$dt2 = $invtables[2];
$dt3 = $invtables[3];
$isbox = $invtables[4];
';
$s = 'e';
$e = 's';
$wc = $Nb - 1;
// Preround: addRoundKey
$decrypt_block = '$in = unpack("N*", $in);' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$decrypt_block .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $dw[++$wc] . ';' . "\n";
}
// Mainrounds: shiftRows + subWord + mixColumns + addRoundKey
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$decrypt_block .= '$' . $e . $i . ' =
$dt0[($' . $s . $i . ' >> 24) & 0xff] ^
$dt1[($' . $s . ($Nb + $i - $c[1]) % $Nb . ' >> 16) & 0xff] ^
$dt2[($' . $s . ($Nb + $i - $c[2]) % $Nb . ' >> 8) & 0xff] ^
$dt3[ $' . $s . ($Nb + $i - $c[3]) % $Nb . ' & 0xff] ^
' . $dw[++$wc] . ";\n";
}
}
// Finalround: subWord + shiftRows + addRoundKey
for ($i = 0; $i < $Nb; ++$i) {
$decrypt_block .= '$' . $e . $i . ' =
$isbox[ $' . $e . $i . ' & 0xff] |
($isbox[($' . $e . $i . ' >> 8) & 0xff] << 8) |
($isbox[($' . $e . $i . ' >> 16) & 0xff] << 16) |
($isbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n";
}
$decrypt_block .= '$in = pack("N*"' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$decrypt_block .= ',
($' . $e . $i . ' & ' . (int) 0xff000000 . ') ^
($' . $e . ($Nb + $i - $c[1]) % $Nb . ' & 0x00FF0000 ) ^
($' . $e . ($Nb + $i - $c[2]) % $Nb . ' & 0x0000FF00 ) ^
($' . $e . ($Nb + $i - $c[3]) % $Nb . ' & 0x000000FF ) ^
' . $dw[$i] . "\n";
}
$decrypt_block .= ');';
$lambda_functions[$code_hash] = $this->_createInlineCryptFunction(array('init_crypt' => '', 'init_encrypt' => $init_encrypt, 'init_decrypt' => $init_decrypt, 'encrypt_block' => $encrypt_block, 'decrypt_block' => $decrypt_block));
}
$this->inline_crypt = $lambda_functions[$code_hash];
}
/**
*
* Encrypts given value, with given key, and hex encodes it before
* returning.
*
* Compatible with mysql: "hex(aes_encrypt($val, $key))
*
* @param string $val - value to encrypt
* @param string $ky - key
* @return string encrypted value
*/
public function encrypt($val, $key)
{
if (empty($val)) {
return $val;
}
$mysqlKey = "";
for ($a = 0; $a < strlen($key); $a++) {
$mysqlKey[$a % 16] = chr(ord($mysqlKey[$a % 16]) ^ ord($key[$a]));
}
$aes = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_ECB);
$aes->setKeyLength(128);
$aes->setBlockLength(128);
$aes->setKey($mysqlKey);
$encrypt = $aes->encrypt($val);
$encrypt = strtoupper(bin2hex($encrypt));
return $encrypt;
}
/**
* Treat consecutive packets as if they are a discontinuous buffer.
*
* The default behavior.
*
* @see Crypt_Rijndael::enableContinuousBuffer()
* @access public
*/
function disableContinuousBuffer()
{
parent::disableContinuousBuffer();
if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) {
mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv);
mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
}
}
function osc_decrypt_alert($string) {
$key = hash("sha256", osc_get_alert_private_key(), true);
if(function_exists('mcrypt_module_open')) {
$cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, '');
$cipherText = '';
if (mcrypt_generic_init($cipher, $key, $key) != -1) {
$cipherText = mdecrypt_generic($cipher, $string);
mcrypt_generic_deinit($cipher);
}
return trim(substr($cipherText, 32));
};
require_once LIB_PATH . 'phpseclib/Crypt/Rijndael.php';
$cipher = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_CBC);
$cipher->disablePadding();
$cipher->setBlockLength(256);
$cipher->setKey($key);
$cipher->setIV($key);
return trim(substr($cipher->decrypt($string), 32));
}
/**
* Default Constructor.
*
* Determines whether or not the mcrypt extension should be used.
*
* $mode could be:
*
* - CRYPT_AES_MODE_ECB
*
* - CRYPT_AES_MODE_CBC
*
* - CRYPT_AES_MODE_CTR
*
* - CRYPT_AES_MODE_CFB
*
* - CRYPT_AES_MODE_OFB
*
* If not explictly set, CRYPT_AES_MODE_CBC will be used.
*
* @see Crypt_Rijndael::Crypt_Rijndael()
* @see Crypt_Base::Crypt_Base()
* @param optional Integer $mode
* @access public
*/
function Crypt_AES($mode = CRYPT_AES_MODE_CBC)
{
parent::Crypt_Rijndael($mode);
}
function encrypt($fullpath, $key, $rformat = 'inline')
{
if (!function_exists('mcrypt_encrypt')) {
$this->log(sprintf(__('Your web-server does not have the %s module installed.', 'updraftplus'), 'mcrypt') . ' ' . __('Without it, encryption will be a lot slower.', 'updraftplus'), 'warning', 'nomcrypt');
}
if ($this->have_addons < 10) {
$this->log(__("A future release of UpdraftPlus will move the encryption feature into an add-on (and add more features to it).", 'updraftplus') . ' ' . sprintf(__('See: %s', 'updraftplus'), 'http://updraftplus.com/next-updraftplus-release-ready-testing/'), 'warning', 'needpremiumforcrypt');
}
$this->ensure_phpseclib('Crypt_Rijndael', 'Crypt/Rijndael');
$rijndael = new Crypt_Rijndael();
$rijndael->setKey($key);
if ('inline' === $rformat) {
return $rijndael->encrypt(file_get_contents($fullpath));
}
}
/**
* Sets the key.
*
* Rijndael supports five different key lengths, AES only supports three.
*
* @see Crypt_Rijndael:setKey()
* @see setKeyLength()
* @access public
* @param String $key
*/
function setKey($key)
{
parent::setKey($key);
if (!$this->explicit_key_length) {
$length = strlen($key);
switch (true) {
case $length <= 16:
$this->key_size = 16;
break;
case $length <= 24:
$this->key_size = 24;
break;
default:
$this->key_size = 32;
}
$this->_setupEngine();
}
}
/**
* Setup the performance-optimized function for de/encrypt()
*
* @see Crypt_Base::_setupInlineCrypt()
* @access private
*/
function _setupInlineCrypt()
{
// Note: _setupInlineCrypt() will be called only if $this->changed === true
// So here we are'nt under the same heavy timing-stress as we are in _de/encryptBlock() or de/encrypt().
// However...the here generated function- $code, stored as php callback in $this->inline_crypt, must work as fast as even possible.
$lambda_functions =& Crypt_Rijndael::_getLambdaFunctions();
// The first 10 generated $lambda_functions will use the key-words hardcoded for better performance.
// For memory reason we limit those ultra-optimized functions.
// After that, we use pure (extracted) integer vars for the key-words which is faster than accessing them via array.
if (count($lambda_functions) < 10) {
$w = $this->w;
$dw = $this->dw;
$init_encrypt = '';
$init_decrypt = '';
} else {
for ($i = 0, $cw = count($this->w); $i < $cw; ++$i) {
$w[] = '$w[' . $i . ']';
$dw[] = '$dw[' . $i . ']';
}
$init_encrypt = '$w = $self->w;';
$init_decrypt = '$dw = $self->dw;';
}
$code_hash = md5(str_pad("Crypt_Rijndael, {$this->mode}, {$this->block_size}, ", 32, "") . implode(',', $w));
if (!isset($lambda_functions[$code_hash])) {
$Nr = $this->Nr;
$Nb = $this->Nb;
$c = $this->c;
// Generating encrypt code:
$init_encrypt .= '
static $t0, $t1, $t2, $t3, $sbox;
if (!$t0) {
for ($i = 0; $i < 256; ++$i) {
$t0[$i] = (int)$self->t0[$i];
$t1[$i] = (int)$self->t1[$i];
$t2[$i] = (int)$self->t2[$i];
$t3[$i] = (int)$self->t3[$i];
$sbox[$i] = (int)$self->sbox[$i];
}
}
';
$s = 'e';
$e = 's';
$wc = $Nb - 1;
// Preround: addRoundKey
$encrypt_block = '$in = unpack("N*", $in);' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$encrypt_block .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $w[++$wc] . ";\n";
}
// Mainrounds: shiftRows + subWord + mixColumns + addRoundKey
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$encrypt_block .= '$' . $e . $i . ' =
$t0[($' . $s . $i . ' >> 24) & 0xff] ^
$t1[($' . $s . ($i + $c[1]) % $Nb . ' >> 16) & 0xff] ^
$t2[($' . $s . ($i + $c[2]) % $Nb . ' >> 8) & 0xff] ^
$t3[ $' . $s . ($i + $c[3]) % $Nb . ' & 0xff] ^
' . $w[++$wc] . ";\n";
}
}
// Finalround: subWord + shiftRows + addRoundKey
for ($i = 0; $i < $Nb; ++$i) {
$encrypt_block .= '$' . $e . $i . ' =
$sbox[ $' . $e . $i . ' & 0xff] |
($sbox[($' . $e . $i . ' >> 8) & 0xff] << 8) |
($sbox[($' . $e . $i . ' >> 16) & 0xff] << 16) |
($sbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n";
}
$encrypt_block .= '$in = pack("N*"' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$encrypt_block .= ',
($' . $e . $i . ' & 0xFF000000) ^
($' . $e . ($i + $c[1]) % $Nb . ' & 0x00FF0000) ^
($' . $e . ($i + $c[2]) % $Nb . ' & 0x0000FF00) ^
($' . $e . ($i + $c[3]) % $Nb . ' & 0x000000FF) ^
' . $w[$i] . "\n";
}
$encrypt_block .= ');';
// Generating decrypt code:
$init_decrypt .= '
static $dt0, $dt1, $dt2, $dt3, $isbox;
if (!$dt0) {
for ($i = 0; $i < 256; ++$i) {
$dt0[$i] = (int)$self->dt0[$i];
$dt1[$i] = (int)$self->dt1[$i];
$dt2[$i] = (int)$self->dt2[$i];
$dt3[$i] = (int)$self->dt3[$i];
$isbox[$i] = (int)$self->isbox[$i];
}
}
';
$s = 'e';
$e = 's';
$wc = $Nb - 1;
// Preround: addRoundKey
$decrypt_block = '$in = unpack("N*", $in);' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$decrypt_block .= '$s' . $i . ' = $in[' . ($i + 1) . '] ^ ' . $dw[++$wc] . ';' . "\n";
}
// Mainrounds: shiftRows + subWord + mixColumns + addRoundKey
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$decrypt_block .= '$' . $e . $i . ' =
$dt0[($' . $s . $i . ' >> 24) & 0xff] ^
$dt1[($' . $s . ($Nb + $i - $c[1]) % $Nb . ' >> 16) & 0xff] ^
$dt2[($' . $s . ($Nb + $i - $c[2]) % $Nb . ' >> 8) & 0xff] ^
$dt3[ $' . $s . ($Nb + $i - $c[3]) % $Nb . ' & 0xff] ^
' . $dw[++$wc] . ";\n";
}
}
// Finalround: subWord + shiftRows + addRoundKey
for ($i = 0; $i < $Nb; ++$i) {
$decrypt_block .= '$' . $e . $i . ' =
$isbox[ $' . $e . $i . ' & 0xff] |
($isbox[($' . $e . $i . ' >> 8) & 0xff] << 8) |
($isbox[($' . $e . $i . ' >> 16) & 0xff] << 16) |
($isbox[($' . $e . $i . ' >> 24) & 0xff] << 24);' . "\n";
}
$decrypt_block .= '$in = pack("N*"' . "\n";
for ($i = 0; $i < $Nb; ++$i) {
$decrypt_block .= ',
($' . $e . $i . ' & 0xFF000000) ^
($' . $e . ($Nb + $i - $c[1]) % $Nb . ' & 0x00FF0000) ^
($' . $e . ($Nb + $i - $c[2]) % $Nb . ' & 0x0000FF00) ^
($' . $e . ($Nb + $i - $c[3]) % $Nb . ' & 0x000000FF) ^
' . $dw[$i] . "\n";
}
$decrypt_block .= ');';
$lambda_functions[$code_hash] = $this->_createInlineCryptFunction(array('init_crypt' => '', 'init_encrypt' => $init_encrypt, 'init_decrypt' => $init_decrypt, 'encrypt_block' => $encrypt_block, 'decrypt_block' => $decrypt_block));
}
$this->inline_crypt = $lambda_functions[$code_hash];
}
/**
* Decrypts a message.
*
* If strlen($ciphertext) is not a multiple of 16, null bytes will be added to the end of the string until it is.
*
* @see Crypt_AES::encrypt()
* @access public
* @param String $ciphertext
*/
function decrypt($ciphertext)
{
if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) {
$this->_mcryptSetup();
/*
if ($this->mode == CRYPT_AES_MODE_CTR) {
$iv = $this->decryptIV;
$xor = mcrypt_generic($this->enmcrypt, $this->_generate_xor(strlen($ciphertext), $iv));
$plaintext = $ciphertext ^ $xor;
if ($this->continuousBuffer) {
$this->decryptIV = $iv;
}
return $plaintext;
}
*/
if ($this->mode != 'ctr') {
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
$ciphertext = str_pad($ciphertext, strlen($ciphertext) + 15 & 0xfffffff0, chr(0));
}
$plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
if (!$this->continuousBuffer) {
mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
}
return $this->mode != 'ctr' ? $this->_unpad($plaintext) : $plaintext;
}
return parent::decrypt($ciphertext);
}
public function inline_crypt_setup()
{
$lambda_functions =& Crypt_Rijndael::get_lambda_functions();
$block_size = $this->block_size;
$mode = $this->mode;
if (count($lambda_functions) < 5) {
$w = $this->w;
$dw = $this->dw;
$init_encryptBlock = "";
$init_decryptBlock = "";
} else {
$i = 0;
for ($cw = count($this->w); $i < $cw; ++$i) {
$w[] = "\$w_" . $i;
$dw[] = "\$dw_" . $i;
}
$init_encryptBlock = "extract(\$self->w, EXTR_PREFIX_ALL, \"w\");";
$init_decryptBlock = "extract(\$self->dw, EXTR_PREFIX_ALL, \"dw\");";
}
$code_hash = md5("{$mode}, {$block_size}, " . implode(",", $w));
if (!$lambda_functions[$code_hash]) {
$Nr = $this->Nr;
$Nb = $this->Nb;
$c = $this->c;
$init_encryptBlock .= "\n \$t0 = \$self->t0;\n \$t1 = \$self->t1;\n \$t2 = \$self->t2;\n \$t3 = \$self->t3;\n \$sbox = \$self->sbox;";
$s = "e";
$e = "s";
$wc = $Nb - 1;
$_encryptBlock = "\$in = unpack(\"N*\", \$in);\n";
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= "\$s" . $i . " = \$in[" . ($i + 1) . "] ^ " . $w[++$wc] . ";\n";
}
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= "\$" . $e . $i . " =\n \$t0[(\$" . $s . $i . " >> 24) & 0xff] ^\n \$t1[(\$" . $s . ($i + $c[1]) % $Nb . " >> 16) & 0xff] ^\n \$t2[(\$" . $s . ($i + $c[2]) % $Nb . " >> 8) & 0xff] ^\n \$t3[ \$" . $s . ($i + $c[3]) % $Nb . " & 0xff] ^\n " . $w[++$wc] . ";\n";
}
}
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= "\$" . $e . $i . " =\n \$sbox[ \$" . $e . $i . " & 0xff] |\n (\$sbox[(\$" . $e . $i . " >> 8) & 0xff] << 8) |\n (\$sbox[(\$" . $e . $i . " >> 16) & 0xff] << 16) |\n (\$sbox[(\$" . $e . $i . " >> 24) & 0xff] << 24);\n";
}
$_encryptBlock .= "\$in = pack(\"N*\"\n";
for ($i = 0; $i < $Nb; ++$i) {
$_encryptBlock .= ",\n (\$" . $e . $i . " & 0xFF000000) ^\n (\$" . $e . ($i + $c[1]) % $Nb . " & 0x00FF0000) ^\n (\$" . $e . ($i + $c[2]) % $Nb . " & 0x0000FF00) ^\n (\$" . $e . ($i + $c[3]) % $Nb . " & 0x000000FF) ^\n " . $w[$i] . "\n";
}
$_encryptBlock .= ");";
$init_decryptBlock .= "\n \$dt0 = \$self->dt0;\n \$dt1 = \$self->dt1;\n \$dt2 = \$self->dt2;\n \$dt3 = \$self->dt3;\n \$isbox = \$self->isbox;";
$s = "e";
$e = "s";
$wc = $Nb - 1;
$_decryptBlock = "\$in = unpack(\"N*\", \$in);\n";
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= "\$s" . $i . " = \$in[" . ($i + 1) . "] ^ " . $dw[++$wc] . ";\n";
}
for ($round = 1; $round < $Nr; ++$round) {
list($s, $e) = array($e, $s);
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= "\$" . $e . $i . " =\n \$dt0[(\$" . $s . $i . " >> 24) & 0xff] ^\n \$dt1[(\$" . $s . ($Nb + $i - $c[1]) % $Nb . " >> 16) & 0xff] ^\n \$dt2[(\$" . $s . ($Nb + $i - $c[2]) % $Nb . " >> 8) & 0xff] ^\n \$dt3[ \$" . $s . ($Nb + $i - $c[3]) % $Nb . " & 0xff] ^\n " . $dw[++$wc] . ";\n";
}
}
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= "\$" . $e . $i . " =\n \$isbox[ \$" . $e . $i . " & 0xff] |\n (\$isbox[(\$" . $e . $i . " >> 8) & 0xff] << 8) |\n (\$isbox[(\$" . $e . $i . " >> 16) & 0xff] << 16) |\n (\$isbox[(\$" . $e . $i . " >> 24) & 0xff] << 24);\n";
}
$_decryptBlock .= "\$in = pack(\"N*\"\n";
for ($i = 0; $i < $Nb; ++$i) {
$_decryptBlock .= ",\n (\$" . $e . $i . " & 0xFF000000) ^\n (\$" . $e . ($Nb + $i - $c[1]) % $Nb . " & 0x00FF0000) ^\n (\$" . $e . ($Nb + $i - $c[2]) % $Nb . " & 0x0000FF00) ^\n (\$" . $e . ($Nb + $i - $c[3]) % $Nb . " & 0x000000FF) ^\n " . $dw[$i] . "\n";
}
$_decryptBlock .= ");";
switch ($mode) {
case CRYPT_RIJNDAEL_MODE_ECB:
$encrypt = $init_encryptBlock . "\n \$ciphertext = \"\";\n \$text = \$self->_pad(\$text);\n \$plaintext_len = strlen(\$text);\n\n for (\$i = 0; \$i < \$plaintext_len; \$i+= " . $block_size . ") {\n \$in = substr(\$text, \$i, " . $block_size . ");\n " . $_encryptBlock . "\n \$ciphertext.= \$in;\n }\n \n return \$ciphertext;\n ";
$decrypt = $init_decryptBlock . "\n \$plaintext = \"\";\n \$text = str_pad(\$text, strlen(\$text) + (" . $block_size . " - strlen(\$text) % " . $block_size . ") % " . $block_size . ", chr(0));\n \$ciphertext_len = strlen(\$text);\n\n for (\$i = 0; \$i < \$ciphertext_len; \$i+= " . $block_size . ") {\n \$in = substr(\$text, \$i, " . $block_size . ");\n " . $_decryptBlock . "\n \$plaintext.= \$in;\n }\n\n return \$self->_unpad(\$plaintext);\n ";
break;
case CRYPT_RIJNDAEL_MODE_CBC:
$encrypt = $init_encryptBlock . "\n \$ciphertext = \"\";\n \$text = \$self->_pad(\$text);\n \$plaintext_len = strlen(\$text);\n\n \$in = \$self->encryptIV;\n\n for (\$i = 0; \$i < \$plaintext_len; \$i+= " . $block_size . ") {\n \$in = substr(\$text, \$i, " . $block_size . ") ^ \$in;\n " . $_encryptBlock . "\n \$ciphertext.= \$in;\n }\n\n if (\$self->continuousBuffer) {\n \$self->encryptIV = \$in;\n }\n\n return \$ciphertext;\n ";
$decrypt = $init_decryptBlock . "\n \$plaintext = \"\";\n \$text = str_pad(\$text, strlen(\$text) + (" . $block_size . " - strlen(\$text) % " . $block_size . ") % " . $block_size . ", chr(0));\n \$ciphertext_len = strlen(\$text);\n\n \$iv = \$self->decryptIV;\n\n for (\$i = 0; \$i < \$ciphertext_len; \$i+= " . $block_size . ") {\n \$in = \$block = substr(\$text, \$i, " . $block_size . ");\n " . $_decryptBlock . "\n \$plaintext.= \$in ^ \$iv;\n \$iv = \$block;\n }\n\n if (\$self->continuousBuffer) {\n \$self->decryptIV = \$iv;\n }\n\n return \$self->_unpad(\$plaintext);\n ";
break;
case CRYPT_RIJNDAEL_MODE_CTR:
$encrypt = $init_encryptBlock . "\n \$ciphertext = \"\";\n \$plaintext_len = strlen(\$text);\n \$xor = \$self->encryptIV;\n \$buffer = &\$self->enbuffer;\n\n if (strlen(\$buffer[\"encrypted\"])) {\n for (\$i = 0; \$i < \$plaintext_len; \$i+= " . $block_size . ") {\n \$block = substr(\$text, \$i, " . $block_size . ");\n if (strlen(\$block) > strlen(\$buffer[\"encrypted\"])) {\n \$in = \$self->_generate_xor(" . $block_size . ", \$xor);\n " . $_encryptBlock . "\n \$buffer[\"encrypted\"].= \$in;\n }\n \$key = \$self->_string_shift(\$buffer[\"encrypted\"], " . $block_size . ");\n \$ciphertext.= \$block ^ \$key;\n }\n } else {\n for (\$i = 0; \$i < \$plaintext_len; \$i+= " . $block_size . ") {\n \$block = substr(\$text, \$i, " . $block_size . ");\n \$in = \$self->_generate_xor(" . $block_size . ", \$xor);\n " . $_encryptBlock . "\n \$key = \$in;\n \$ciphertext.= \$block ^ \$key;\n }\n }\n if (\$self->continuousBuffer) {\n \$self->encryptIV = \$xor;\n if (\$start = \$plaintext_len % " . $block_size . ") {\n \$buffer[\"encrypted\"] = substr(\$key, \$start) . \$buffer[\"encrypted\"];\n }\n }\n\n return \$ciphertext;\n ";
$decrypt = $init_encryptBlock . "\n \$plaintext = \"\";\n \$ciphertext_len = strlen(\$text);\n \$xor = \$self->decryptIV;\n \$buffer = &\$self->debuffer;\n\n if (strlen(\$buffer[\"ciphertext\"])) {\n for (\$i = 0; \$i < \$ciphertext_len; \$i+= " . $block_size . ") {\n \$block = substr(\$text, \$i, " . $block_size . ");\n if (strlen(\$block) > strlen(\$buffer[\"ciphertext\"])) {\n \$in = \$self->_generate_xor(" . $block_size . ", \$xor);\n " . $_encryptBlock . "\n \$buffer[\"ciphertext\"].= \$in;\n }\n \$key = \$self->_string_shift(\$buffer[\"ciphertext\"], " . $block_size . ");\n \$plaintext.= \$block ^ \$key;\n }\n } else {\n for (\$i = 0; \$i < \$ciphertext_len; \$i+= " . $block_size . ") {\n \$block = substr(\$text, \$i, " . $block_size . ");\n \$in = \$self->_generate_xor(" . $block_size . ", \$xor);\n " . $_encryptBlock . "\n \$key = \$in;\n \$plaintext.= \$block ^ \$key;\n }\n }\n if (\$self->continuousBuffer) {\n \$self->decryptIV = \$xor;\n if (\$start = \$ciphertext_len % " . $block_size . ") {\n \$buffer[\"ciphertext\"] = substr(\$key, \$start) . \$buffer[\"ciphertext\"];\n }\n }\n \n return \$plaintext;\n ";
break;
case CRYPT_RIJNDAEL_MODE_CFB:
$encrypt = $init_encryptBlock . "\n \$ciphertext = \"\";\n \$buffer = &\$self->enbuffer;\n\n if (\$self->continuousBuffer) {\n \$iv = &\$self->encryptIV;\n \$pos = &\$buffer[\"pos\"];\n } else {\n \$iv = \$self->encryptIV;\n \$pos = 0;\n }\n \$len = strlen(\$text);\n \$i = 0;\n if (\$pos) {\n \$orig_pos = \$pos;\n \$max = " . $block_size . " - \$pos;\n if (\$len >= \$max) {\n \$i = \$max;\n \$len-= \$max;\n \$pos = 0;\n } else {\n \$i = \$len;\n \$pos+= \$len;\n \$len = 0;\n }\n \$ciphertext = substr(\$iv, \$orig_pos) ^ \$text;\n \$iv = substr_replace(\$iv, \$ciphertext, \$orig_pos, \$i);\n }\n while (\$len >= " . $block_size . ") {\n \$in = \$iv;\n " . $_encryptBlock . ";\n \$iv = \$in ^ substr(\$text, \$i, " . $block_size . ");\n \$ciphertext.= \$iv;\n \$len-= " . $block_size . ";\n \$i+= " . $block_size . ";\n }\n if (\$len) {\n \$in = \$iv;\n " . $_encryptBlock . "\n \$iv = \$in;\n \$block = \$iv ^ substr(\$text, \$i);\n \$iv = substr_replace(\$iv, \$block, 0, \$len);\n \$ciphertext.= \$block;\n \$pos = \$len;\n }\n return \$ciphertext;\n ";
$decrypt = $init_encryptBlock . "\n \$plaintext = \"\";\n \$buffer = &\$self->debuffer;\n\n if (\$self->continuousBuffer) {\n \$iv = &\$self->decryptIV;\n \$pos = &\$buffer[\"pos\"];\n } else {\n \$iv = \$self->decryptIV;\n \$pos = 0;\n }\n \$len = strlen(\$text);\n \$i = 0;\n if (\$pos) {\n \$orig_pos = \$pos;\n \$max = " . $block_size . " - \$pos;\n if (\$len >= \$max) {\n \$i = \$max;\n \$len-= \$max;\n \$pos = 0;\n } else {\n \$i = \$len;\n \$pos+= \$len;\n \$len = 0;\n }\n \$plaintext = substr(\$iv, \$orig_pos) ^ \$text;\n \$iv = substr_replace(\$iv, substr(\$text, 0, \$i), \$orig_pos, \$i);\n }\n while (\$len >= " . $block_size . ") {\n \$in = \$iv;\n " . $_encryptBlock . "\n \$iv = \$in;\n \$cb = substr(\$text, \$i, " . $block_size . ");\n \$plaintext.= \$iv ^ \$cb;\n \$iv = \$cb;\n \$len-= " . $block_size . ";\n \$i+= " . $block_size . ";\n }\n if (\$len) {\n \$in = \$iv;\n " . $_encryptBlock . "\n \$iv = \$in;\n \$plaintext.= \$iv ^ substr(\$text, \$i);\n \$iv = substr_replace(\$iv, substr(\$text, \$i), 0, \$len);\n \$pos = \$len;\n }\n\n return \$plaintext;\n ";
break;
case CRYPT_RIJNDAEL_MODE_OFB:
$encrypt = $init_encryptBlock . "\n \$ciphertext = \"\";\n \$plaintext_len = strlen(\$text);\n \$xor = \$self->encryptIV;\n \$buffer = &\$self->enbuffer;\n\n if (strlen(\$buffer[\"xor\"])) {\n for (\$i = 0; \$i < \$plaintext_len; \$i+= " . $block_size . ") {\n \$block = substr(\$text, \$i, " . $block_size . ");\n if (strlen(\$block) > strlen(\$buffer[\"xor\"])) {\n \$in = \$xor;\n " . $_encryptBlock . "\n \$xor = \$in;\n \$buffer[\"xor\"].= \$xor;\n }\n \$key = \$self->_string_shift(\$buffer[\"xor\"], " . $block_size . ");\n \$ciphertext.= \$block ^ \$key;\n }\n } else {\n for (\$i = 0; \$i < \$plaintext_len; \$i+= " . $block_size . ") {\n \$in = \$xor;\n " . $_encryptBlock . "\n \$xor = \$in;\n \$ciphertext.= substr(\$text, \$i, " . $block_size . ") ^ \$xor;\n }\n \$key = \$xor;\n }\n if (\$self->continuousBuffer) {\n \$self->encryptIV = \$xor;\n if (\$start = \$plaintext_len % " . $block_size . ") {\n \$buffer[\"xor\"] = substr(\$key, \$start) . \$buffer[\"xor\"];\n }\n }\n return \$ciphertext;\n ";
$decrypt = $init_encryptBlock . "\n \$plaintext = \"\";\n \$ciphertext_len = strlen(\$text);\n \$xor = \$self->decryptIV;\n \$buffer = &\$self->debuffer;\n\n if (strlen(\$buffer[\"xor\"])) {\n for (\$i = 0; \$i < \$ciphertext_len; \$i+= " . $block_size . ") {\n \$block = substr(\$text, \$i, " . $block_size . ");\n if (strlen(\$block) > strlen(\$buffer[\"xor\"])) {\n \$in = \$xor;\n " . $_encryptBlock . "\n \$xor = \$in;\n \$buffer[\"xor\"].= \$xor;\n }\n \$key = \$self->_string_shift(\$buffer[\"xor\"], " . $block_size . ");\n \$plaintext.= \$block ^ \$key;\n }\n } else {\n for (\$i = 0; \$i < \$ciphertext_len; \$i+= " . $block_size . ") {\n \$in = \$xor;\n " . $_encryptBlock . "\n \$xor = \$in;\n \$plaintext.= substr(\$text, \$i, " . $block_size . ") ^ \$xor;\n }\n \$key = \$xor;\n }\n if (\$self->continuousBuffer) {\n \$self->decryptIV = \$xor;\n if (\$start = \$ciphertext_len % " . $block_size . ") {\n \$buffer[\"xor\"] = substr(\$key, \$start) . \$buffer[\"xor\"];\n }\n }\n return \$plaintext;\n ";
break;
}
$lambda_functions[$code_hash] = create_function("\$action, &\$self, \$text", "if (\$action == \"encrypt\") { " . $encrypt . " } else { " . $decrypt . " }");
}
$this->inline_crypt = $lambda_functions[$code_hash];
}
/**
* Decrypts a message.
*
* If strlen($ciphertext) is not a multiple of 16, null bytes will be added to the end of the string until it is.
*
* @see Crypt_AES::encrypt()
* @access public
* @param String $ciphertext
*/
function decrypt($ciphertext)
{
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
$ciphertext = str_pad($ciphertext, strlen($ciphertext) + 15 & 0xfffffff0, chr(0));
if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) {
$this->_mcryptSetup();
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, $this->mcrypt[0], $this->mode, $this->mcrypt[1]);
mcrypt_generic_init($td, $this->key, $this->decryptIV);
$plaintext = mdecrypt_generic($td, $ciphertext);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
if ($this->continuousBuffer) {
$this->decryptIV = substr($ciphertext, -16);
}
return $this->_unpad($plaintext);
}
return parent::decrypt($ciphertext);
}
function unpack_package($package, $delete_package = true)
{
global $wp_filesystem, $updraftplus;
$updraft_dir = $updraftplus->backups_dir_location();
// If not database, then it is a zip - unpack in the usual way
if (!preg_match('/db\\.gz(\\.crypt)?$/i', $package)) {
return parent::unpack_package($updraft_dir . '/' . $package, $delete_package);
}
$backup_dir = $wp_filesystem->find_folder($updraft_dir);
// Unpack a database. The general shape of the following is copied from class-wp-upgrader.php
@set_time_limit(1800);
$this->skin->feedback('unpack_package');
$upgrade_folder = $wp_filesystem->wp_content_dir() . 'upgrade/';
@$wp_filesystem->mkdir($upgrade_folder, 0775);
//Clean up contents of upgrade directory beforehand.
$upgrade_files = $wp_filesystem->dirlist($upgrade_folder);
if (!empty($upgrade_files)) {
foreach ($upgrade_files as $file) {
$wp_filesystem->delete($upgrade_folder . $file['name'], true);
}
}
//We need a working directory
$working_dir = $upgrade_folder . basename($package, '.crypt');
# $working_dir_filesystem = WP_CONTENT_DIR.'/upgrade/'. basename($package, '.crypt');
// Clean up working directory
if ($wp_filesystem->is_dir($working_dir)) {
$wp_filesystem->delete($working_dir, true);
}
if (!$wp_filesystem->mkdir($working_dir, 0775)) {
return new WP_Error('mkdir_failed', __('Failed to create a temporary directory', 'updraftplus') . ' (' . $working_dir . ')');
}
// Unpack package to working directory
if ($updraftplus->is_db_encrypted($package)) {
$this->skin->feedback('decrypt_database');
$encryption = UpdraftPlus_Options::get_updraft_option('updraft_encryptionphrase');
if (!$encryption) {
return new WP_Error('no_encryption_key', __('Decryption failed. The database file is encrypted, but you have no encryption key entered.', 'updraftplus'));
}
// Encrypted - decrypt it
require_once UPDRAFTPLUS_DIR . '/includes/phpseclib/Crypt/Rijndael.php';
$rijndael = new Crypt_Rijndael();
// Get decryption key
$rijndael->setKey($encryption);
$ciphertext = $rijndael->decrypt($wp_filesystem->get_contents($backup_dir . $package));
if ($ciphertext) {
$this->skin->feedback('decrypted_database');
if (!$wp_filesystem->put_contents($working_dir . '/backup.db.gz', $ciphertext)) {
return new WP_Error('write_failed', __('Failed to write out the decrypted database to the filesystem', 'updraftplus'));
}
} else {
return new WP_Error('decryption_failed', __('Decryption failed. The most likely cause is that you used the wrong key.', 'updraftplus'));
}
} else {
if (!$wp_filesystem->copy($backup_dir . $package, $working_dir . '/backup.db.gz')) {
if ($wp_filesystem->errors->get_error_code()) {
foreach ($wp_filesystem->errors->get_error_messages() as $message) {
show_message($message);
}
}
return new WP_Error('copy_failed', $this->strings['copy_failed']);
}
}
// Once extracted, delete the package if required (non-recursive, is a file)
if ($delete_package) {
$wp_filesystem->delete($backup_dir . $package, false, true);
}
return $working_dir;
}
public function decrypt($fullpath, $key, $ciphertext = false)
{
$this->ensure_phpseclib('Crypt_Rijndael', 'Crypt/Rijndael');
$rijndael = new Crypt_Rijndael();
$rijndael->setKey($key);
return false == $ciphertext ? $rijndael->decrypt(file_get_contents($fullpath)) : $rijndael->decrypt($ciphertext);
}
public function decrypt($fullpath, $key, $ciphertext = false)
{
$this->ensure_phpseclib('Crypt_Rijndael', 'Crypt/Rijndael');
$rijndael = new Crypt_Rijndael();
if (defined('UPDRAFTPLUS_DECRYPTION_ENGINE')) {
if ('openssl' == UPDRAFTPLUS_DECRYPTION_ENGINE) {
$rijndael->setPreferredEngine(CRYPT_ENGINE_OPENSSL);
} elseif ('mcrypt' == UPDRAFTPLUS_DECRYPTION_ENGINE) {
$rijndael->setPreferredEngine(CRYPT_ENGINE_MCRYPT);
} elseif ('internal' == UPDRAFTPLUS_DECRYPTION_ENGINE) {
$rijndael->setPreferredEngine(CRYPT_ENGINE_INTERNAL);
}
}
$rijndael->setKey($key);
return false == $ciphertext ? $rijndael->decrypt(file_get_contents($fullpath)) : $rijndael->decrypt($ciphertext);
}
