Crypt: setPassword() fixes

phpseclib · Jan 12, 2024 · d6e8af3 · d6e8af3
1 parent b2a73d6
commit d6e8af3
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 4 deletions.
diff --git a/src/Crypt/AES.php b/src/Crypt/AES.php
@@ -56,8 +56,22 @@
  * @author  Jim Wigginton <[email protected]>
  * @access  public
  */
-class AES extends Base
+class AES extends Rijndael
 {
+    /**
+     * Dummy function
+     *
+     * Since \phpseclib\Crypt\AES extends \phpseclib\Crypt\Rijndael, this function is, technically, available, but it doesn't do anything.
+     *
+     * @see \phpseclib\Crypt\Rijndael::setBlockLength()
+     * @access public
+     * @param int $length
+     */
+    function setBlockLength($length)
+    {
+        return;
+    }
+
     /**
      * Turns key lengths, be they valid or invalid, to valid key lengths
      *

diff --git a/src/Crypt/Base.php b/src/Crypt/Base.php
@@ -147,6 +147,15 @@ abstract class Base
      */
     protected $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
 
+    /**
+     * Password Parameters
+     *
+     * @see self::setPassword()
+     * @var array
+     * @access private
+     */
+    protected $password = [];
+
     /**
      * The Key Length (in bytes)
      *
@@ -306,6 +315,7 @@ public function getBlockLength()
     public function setKey($key)
     {
         $this->key = $key;
+        $this->password = [];
         if (!$this->explicit_key_length) {
             $this->key_length = static::calculateNewKeyLength(strlen($key) << 3);
         }
@@ -330,6 +340,7 @@ public function setKey($key)
      */
     public function setPassword($password, $method = 'pbkdf2')
     {
+        $this->password = func_get_args();
         $this->cipher->setKeyLength($this->key_length);
         $this->cipher->setPassword(...func_get_args());
     }
@@ -415,9 +426,13 @@ protected function setup()
         if ($this->explicit_key_length) {
             $this->cipher->setKeyLength($this->key_length);
         }
-        $key_length = $this->key_length >> 3;
-        $key = str_pad(substr($this->key, 0, $key_length), $key_length, "\0");
-        $this->cipher->setKey($key);
+        if (empty($this->password)) {
+            $key_length = $this->key_length >> 3;
+            $key = str_pad(substr($this->key, 0, $key_length), $key_length, "\0");
+            $this->cipher->setKey($key);
+        } else {
+            $this->cipher->setPassword(...$this->password);
+        }
         if (!$this->ivSet) {
             $this->setIV('');
         }

diff --git a/src/Crypt/Rijndael.php b/src/Crypt/Rijndael.php
@@ -105,4 +105,33 @@ protected function calculateNewKeyLength($length)
                 return 256;
         }
     }
+
+    /**
+     * Sets the password.
+     *
+     * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows:
+     *     {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2} or pbkdf1:
+     *         $hash, $salt, $count, $dkLen
+     *
+     *         Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php
+     *
+     * @see Crypt/Hash.php
+     * @param string $password
+     * @param string $method
+     * @return bool
+     * @access public
+     * @internal Could, but not must, extend by the child Crypt_* class
+     */
+    public function setPassword($password, $method = 'pbkdf2')
+    {
+        $this->cipher->setKeyLength($this->key_length);
+        $args = func_get_args();
+        if (in_array($method, ['pbkdf1', 'pbkdf2']) && !isset($args[3])) {
+            $args[1] = $method;
+            $args[2] = isset($args[2]) ? $args[2] : 'sha1';
+            $args[3] = 'phpseclib';
+        }
+        $this->password = $args;
+        $this->cipher->setPassword(...$args);
+    }
 }