File manager

File manager - Edit - /home/aresglob/public_html/wp/wp-includes/images/smilies/lib.tar

Back
hybridauth/Logger/Logger.php��0000644��00000006276�15104256626�0012100 0��ustar�00��<?php /! Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Logger; use Hybridauth\Exception\RuntimeException; use Hybridauth\Exception\InvalidArgumentException; /* * Debugging and Logging utility. / class Logger implements LoggerInterface { const NONE = 'none'; // turn logging off const DEBUG = 'debug'; // debug, info and error messages const INFO = 'info'; // info and error messages const ERROR = 'error'; // only error messages /* * Debug level. * * One of Logger::NONE, Logger::DEBUG, Logger::INFO, Logger::ERROR * * @var string / protected $level; /* * Path to file writeable by the web server. Required if $this->level !== Logger::NONE. * * @var string / protected $file; /* * @param bool\|string $level One of Logger::NONE, Logger::DEBUG, Logger::INFO, Logger::ERROR * @param string $file File where to write messages * * @throws InvalidArgumentException * @throws RuntimeException / public function __construct($level, $file) { $this->level = self::NONE; if ($level && $level !== self::NONE) { $this->initialize($file); $this->level = $level === true ? Logger::DEBUG : $level; $this->file = $file; } } /* * @param string $file * * @throws InvalidArgumentException * @throws RuntimeException / protected function initialize($file) { if (!$file) { throw new InvalidArgumentException('Log file is not specified.'); } if (!file_exists($file) && !touch($file)) { throw new RuntimeException(sprintf('Log file %s can not be created.', $file)); } if (!is_writable($file)) { throw new RuntimeException(sprintf('Log file %s is not writeable.', $file)); } } /* * @inheritdoc / public function info($message, array $context = []) { if (!in_array($this->level, [self::DEBUG, self::INFO])) { return; } $this->log(self::INFO, $message, $context); } /* * @inheritdoc / public function debug($message, array $context = []) { if (!in_array($this->level, [self::DEBUG])) { return; } $this->log(self::DEBUG, $message, $context); } /* * @inheritdoc / public function error($message, array $context = []) { if (!in_array($this->level, [self::DEBUG, self::INFO, self::ERROR])) { return; } $this->log(self::ERROR, $message, $context); } /* * @inheritdoc / public function log($level, $message, array $context = []) { $datetime = new \DateTime(); $datetime = $datetime->format(DATE_ATOM); $content = sprintf('%s -- %s -- %s -- %s', $level, $_SERVER['REMOTE_ADDR'], $datetime, $message); $content .= ($context ? "\n" . print_r($context, true) : ''); $content .= "\n"; file_put_contents($this->file, $content, FILE_APPEND); } } ��hybridauth/Logger/Psr3LoggerWrapper.php��0000644��00000001730�15104256626�0014177 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Logger; use Psr\Log\LoggerAwareTrait; /* * Wrapper for PSR3 logger. / class Psr3LoggerWrapper implements LoggerInterface { use LoggerAwareTrait; /* * @inheritdoc / public function info($message, array $context = []) { $this->logger->info($message, $context); } /* * @inheritdoc / public function debug($message, array $context = []) { $this->logger->debug($message, $context); } /* * @inheritdoc / public function error($message, array $context = []) { $this->logger->error($message, $context); } /* * @inheritdoc / public function log($level, $message, array $context = []) { $this->logger->log($level, $message, $context); } } ��hybridauth/Logger/LoggerInterface.php��0000644��00000002221�15104256626�0013703 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Logger; /* * Logger interface, forward-compatible with PSR-3. / interface LoggerInterface { /* * Interesting events. * * Example: User logs in, SQL logs. * * @param string $message * @param array $context / public function info($message, array $context = array()); /* * Detailed debug information. * * @param string $message * @param array $context / public function debug($message, array $context = array()); /* * Runtime errors that do not require immediate action but should typically * be logged and monitored. * * @param string $message * @param array $context / public function error($message, array $context = array()); /* * Logs with an arbitrary level. * * @param mixed $level * @param string $message * @param array $context / public function log($level, $message, array $context = array()); } ��hybridauth/index.html��0000644��00000000004�15104256626�0010705 0��ustar�00��403.��hybridauth/Hybridauth.php��0000644��00000016271�15104256626�0011541 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth; use Hybridauth\Exception\InvalidArgumentException; use Hybridauth\Exception\UnexpectedValueException; use Hybridauth\Storage\StorageInterface; use Hybridauth\Logger\LoggerInterface; use Hybridauth\Logger\Logger; use Hybridauth\HttpClient\HttpClientInterface; /* * Hybridauth\Hybridauth * * For ease of use of multiple providers, Hybridauth implements the class Hybridauth\Hybridauth, * a sort of factory/façade which acts as an unified interface or entry point, and it expects a * configuration array containing the list of providers you want to use, their respective credentials * and authorized callback. / class Hybridauth { /* * Hybridauth config. * * @var array / protected $config; /* * Storage. * * @var StorageInterface / protected $storage; /* * HttpClient. * * @var HttpClientInterface / protected $httpClient; /* * Logger. * * @var LoggerInterface / protected $logger; /* * @param array\|string $config Array with configuration or Path to PHP file that will return array * @param HttpClientInterface $httpClient * @param StorageInterface $storage * @param LoggerInterface $logger * * @throws InvalidArgumentException / public function __construct( $config, HttpClientInterface $httpClient = null, StorageInterface $storage = null, LoggerInterface $logger = null ) { if (is_string($config) && file_exists($config)) { $config = include $config; } elseif (!is_array($config)) { throw new InvalidArgumentException('Hybridauth config does not exist on the given path.'); } $this->config = $config + [ 'debug_mode' => Logger::NONE, 'debug_file' => '', 'curl_options' => null, 'providers' => [] ]; $this->storage = $storage; $this->logger = $logger; $this->httpClient = $httpClient; } /* * Instantiate the given provider and authentication or authorization protocol. * * If not authenticated yet, the user will be redirected to the provider's site for * authentication/authorisation, otherwise it will simply return an instance of * provider's adapter. * * @param string $name adapter's name (case insensitive) * * @return \Hybridauth\Adapter\AdapterInterface * @throws InvalidArgumentException * @throws UnexpectedValueException / public function authenticate($name) { $adapter = $this->getAdapter($name); $adapter->authenticate(); return $adapter; } /* * Returns a new instance of a provider's adapter by name * * @param string $name adapter's name (case insensitive) * * @return \Hybridauth\Adapter\AdapterInterface * @throws InvalidArgumentException * @throws UnexpectedValueException / public function getAdapter($name) { $config = $this->getProviderConfig($name); $adapter = isset($config['adapter']) ? $config['adapter'] : sprintf('Hybridauth\\Provider\\%s', $name); if (!class_exists($adapter)) { $adapter = null; $fs = new \FilesystemIterator(__DIR__ . '/Provider/'); /* @var \SplFileInfo $file / foreach ($fs as $file) { if (!$file->isDir()) { $provider = strtok($file->getFilename(), '.'); if (strtolower($name) === mb_strtolower($provider)) { $adapter = sprintf('Hybridauth\\Provider\\%s', $provider); break; } } } if ($adapter === null) { throw new InvalidArgumentException('Unknown Provider.'); } } return new $adapter($config, $this->httpClient, $this->storage, $this->logger); } /* * Get provider config by name. * * @param string $name adapter's name (case insensitive) * * @throws UnexpectedValueException * @throws InvalidArgumentException * * @return array / public function getProviderConfig($name) { $name = strtolower($name); $providersConfig = array_change_key_case($this->config['providers'], CASE_LOWER); if (!isset($providersConfig[$name])) { throw new InvalidArgumentException('Unknown Provider.'); } if (!$providersConfig[$name]['enabled']) { throw new UnexpectedValueException('Disabled Provider.'); } $config = $providersConfig[$name]; $config += [ 'debug_mode' => $this->config['debug_mode'], 'debug_file' => $this->config['debug_file'], ]; if (!isset($config['callback']) && isset($this->config['callback'])) { $config['callback'] = $this->config['callback']; } return $config; } /* * Returns a boolean of whether the user is connected with a provider * * @param string $name adapter's name (case insensitive) * * @return bool * @throws InvalidArgumentException * @throws UnexpectedValueException / public function isConnectedWith($name) { return $this->getAdapter($name)->isConnected(); } /* * Returns a list of enabled adapters names * * @return array / public function getProviders() { $providers = []; foreach ($this->config['providers'] as $name => $config) { if ($config['enabled']) { $providers[] = $name; } } return $providers; } /* * Returns a list of currently connected adapters names * * @return array * @throws InvalidArgumentException * @throws UnexpectedValueException / public function getConnectedProviders() { $providers = []; foreach ($this->getProviders() as $name) { if ($this->isConnectedWith($name)) { $providers[] = $name; } } return $providers; } /* * Returns a list of new instances of currently connected adapters * * @return \Hybridauth\Adapter\AdapterInterface[] * @throws InvalidArgumentException * @throws UnexpectedValueException / public function getConnectedAdapters() { $adapters = []; foreach ($this->getProviders() as $name) { $adapter = $this->getAdapter($name); if ($adapter->isConnected()) { $adapters[$name] = $adapter; } } return $adapters; } /* * Disconnect all currently connected adapters at once / public function disconnectAllAdapters() { foreach ($this->getProviders() as $name) { $adapter = $this->getAdapter($name); if ($adapter->isConnected()) { $adapter->disconnect(); } } } } ��hybridauth/Exception/InvalidAccessTokenException.php��0000644��00000000501�15104256626�0016751 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class InvalidAccessTokenException extends InvalidArgumentException implements ExceptionInterface { } ��hybridauth/Exception/RuntimeException.php��0000644��00000000606�15104256626�0014671 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * RuntimeException * * Exception thrown if an error which can only be found on runtime occurs. / class RuntimeException extends Exception implements ExceptionInterface { } ��hybridauth/Exception/InvalidOpenidIdentifierException.php��0000644��00000000506�15104256626�0017775 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class InvalidOpenidIdentifierException extends InvalidArgumentException implements ExceptionInterface { } ��hybridauth/Exception/AuthorizationDeniedException.php��0000644��00000000502�15104256626�0017212 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class AuthorizationDeniedException extends UnexpectedValueException implements ExceptionInterface { } ��hybridauth/Exception/InvalidAuthorizationCodeException.php��0000644��00000000507�15104256626�0020210 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class InvalidAuthorizationCodeException extends InvalidArgumentException implements ExceptionInterface { } ��hybridauth/Exception/InvalidApplicationCredentialsException.php��0000644��00000000514�15104256626�0021174 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class InvalidApplicationCredentialsException extends InvalidArgumentException implements ExceptionInterface { } ��hybridauth/Exception/InvalidOauthTokenException.php��0000644��00000000500�15104256626�0016627 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class InvalidOauthTokenException extends InvalidArgumentException implements ExceptionInterface { } ��hybridauth/Exception/HttpRequestFailedException.php��0000644��00000000500�15104256626�0016634 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class HttpRequestFailedException extends UnexpectedValueException implements ExceptionInterface { } ��hybridauth/Exception/NotImplementedException.php��0000644��00000000473�15104256626�0016174 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class NotImplementedException extends BadMethodCallException implements ExceptionInterface { } ��hybridauth/Exception/UnexpectedValueException.php��0000644��00000001113�15104256626�0016341 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * UnexpectedValueException * * Exception thrown if a value does not match with a set of values. Typically this happens when a function calls * another function and expects the return value to be of a certain type or value not including arithmetic or * buffer related errors. / class UnexpectedValueException extends RuntimeException implements ExceptionInterface { } ��hybridauth/Exception/InvalidAuthorizationStateException.php��0000644��00000000510�15104256626�0020410 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class InvalidAuthorizationStateException extends InvalidArgumentException implements ExceptionInterface { } ��hybridauth/Exception/Exception.php��0000644��00000004075�15104256626�0013331 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * Hybridauth Base Exception / class Exception extends \Exception implements ExceptionInterface { /* * Shamelessly Borrowed from Slimframework * * @param $object / public function debug($object) { $title = 'Hybridauth Exception'; $code = $this->getCode(); $message = $this->getMessage(); $file = $this->getFile(); $line = $this->getLine(); $trace = $this->getTraceAsString(); $html = sprintf('<h1>%s</h1>', $title); $html .= '<p>Hybridauth has encountered the following error:</p>'; $html .= '<h2>Details</h2>'; $html .= sprintf('<div><strong>Exception:</strong> %s</div>', get_class($this)); $html .= sprintf('<div><strong>Message:</strong> <font color="#cc0000">%s</font></div>', $message); $html .= sprintf('<div><strong>File:</strong> %s</div>', $file); $html .= sprintf('<div><strong>Line:</strong> %s</div>', $line); $html .= sprintf('<div><strong>Code:</strong> %s</div>', $code); $html .= '<h2>Trace</h2>'; $html .= sprintf('<pre>%s</pre>', $trace); if ($object) { $html .= '<h2>Debug</h2>'; $obj_dump = print_r($object, true); // phpcs:ignore $html .= sprintf('<b>' . get_class($object) . '</b> extends <b>' . get_parent_class($object) . '</b><pre>%s</pre>', $obj_dump); } $html .= '<h2>Session</h2>'; $session_dump = print_r($_SESSION, true); $html .= sprintf('<pre>%s</pre>', $session_dump); // phpcs:ignore echo sprintf("<html><head><title>%s</title><style>body{margin:0;padding:30px;font:12px/1.5 Helvetica,Arial,Verdana,sans-serif;}h1{margin:0;font-size:48px;font-weight:normal;line-height:48px;}strong{display:inline-block;width:75px;}</style></head><body>%s</body></html>", $title, $html); } } ��hybridauth/Exception/InvalidArgumentException.php��0000644��00000000622�15104256626�0016335 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * InvalidArgumentException * * Exception thrown if an argument is not of the expected type. / class InvalidArgumentException extends RuntimeException implements ExceptionInterface { } ��hybridauth/Exception/UnexpectedApiResponseException.php��0000644��00000000504�15104256626�0017520 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class UnexpectedApiResponseException extends UnexpectedValueException implements ExceptionInterface { } ��hybridauth/Exception/HttpClientFailureException.php��0000644��00000000500�15104256626�0016625 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * / class HttpClientFailureException extends UnexpectedValueException implements ExceptionInterface { } ��hybridauth/Exception/ExceptionInterface.php��0000644��00000003351�15104256626�0015146 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * Hybridauth Exceptions Interface / interface ExceptionInterface { / ExceptionInterface Exception extends \Exception implements ExceptionInterface \| RuntimeException extends Exception \| \| UnexpectedValueException extends RuntimeException \| \| \| AuthorizationDeniedException extends UnexpectedValueException \| \| \| HttpClientFailureException extends UnexpectedValueException \| \| \| HttpRequestFailedException extends UnexpectedValueException \| \| \| InvalidAuthorizationCodeException extends UnexpectedValueException \| \| \| InvalidAuthorizationStateException extends UnexpectedValueException \| \| \| InvalidOauthTokenException extends UnexpectedValueException \| \| \| InvalidAccessTokenException extends UnexpectedValueException \| \| \| UnexpectedApiResponseException extends UnexpectedValueException \| \| \| \| BadMethodCallException extends RuntimeException \| \| \| NotImplementedException extends BadMethodCallException \| \| \| \| InvalidArgumentException extends RuntimeException \| \| \| InvalidApplicationCredentialsException extends InvalidArgumentException \| \| \| InvalidOpenidIdentifierException extends InvalidArgumentException / } ��hybridauth/Exception/BadMethodCallException.php��0000644��00000000660�15104256626�0015671 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Exception; /* * BadMethodCallException * * Exception thrown if a callback refers to an undefined method or if some arguments are missing. / class BadMethodCallException extends RuntimeException implements ExceptionInterface { } ��hybridauth/version.txt��0000644��00000000006�15104256626�0011140 0��ustar�00��3.11.0��hybridauth/Adapter/AbstractAdapter.php��0000644��00000021031�15104256626�0014050 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Adapter; use Hybridauth\Exception\NotImplementedException; use Hybridauth\Exception\InvalidArgumentException; use Hybridauth\Exception\HttpClientFailureException; use Hybridauth\Exception\HttpRequestFailedException; use Hybridauth\Storage\StorageInterface; use Hybridauth\Storage\Session; use Hybridauth\Logger\LoggerInterface; use Hybridauth\Logger\Logger; use Hybridauth\HttpClient\HttpClientInterface; use Hybridauth\HttpClient\Curl as HttpClient; use Hybridauth\Data; /* * Class AbstractAdapter / abstract class AbstractAdapter implements AdapterInterface { use DataStoreTrait; /* * Provider ID (unique name). * * @var string / protected $providerId = ''; /* * Specific Provider config. * * @var mixed / protected $config = []; /* * Extra Provider parameters. * * @var array / protected $params; /* * Callback url * * @var string / protected $callback = ''; /* * Storage. * * @var StorageInterface / public $storage; /* * HttpClient. * * @var HttpClientInterface / public $httpClient; /* * Logger. * * @var LoggerInterface / public $logger; /* * Whether to validate API status codes of http responses * * @var bool / protected $validateApiResponseHttpCode = true; /* * Common adapters constructor. * * @param array $config * @param HttpClientInterface $httpClient * @param StorageInterface $storage * @param LoggerInterface $logger / public function __construct( $config = [], HttpClientInterface $httpClient = null, StorageInterface $storage = null, LoggerInterface $logger = null ) { $this->providerId = (new \ReflectionClass($this))->getShortName(); $this->config = new Data\Collection($config); $this->setHttpClient($httpClient); $this->setStorage($storage); $this->setLogger($logger); $this->configure(); $this->logger->debug(sprintf('Initialize %s, config: ', get_class($this)), $config); $this->initialize(); } /* * Load adapter's configuration / abstract protected function configure(); /* * Adapter initializer / abstract protected function initialize(); /* * {@inheritdoc} / abstract public function isConnected(); /* * {@inheritdoc} / public function apiRequest($url, $method = 'GET', $parameters = [], $headers = [], $multipart = false) { throw new NotImplementedException('Provider does not support this feature.'); } /* * {@inheritdoc} / public function maintainToken() { // Nothing needed for most providers } /* * {@inheritdoc} / public function getUserProfile() { throw new NotImplementedException('Provider does not support this feature.'); } /* * {@inheritdoc} / public function getUserContacts() { throw new NotImplementedException('Provider does not support this feature.'); } /* * {@inheritdoc} / public function getUserPages() { throw new NotImplementedException('Provider does not support this feature.'); } /* * {@inheritdoc} / public function getUserActivity($stream) { throw new NotImplementedException('Provider does not support this feature.'); } /* * {@inheritdoc} / public function setUserStatus($status) { throw new NotImplementedException('Provider does not support this feature.'); } /* * {@inheritdoc} / public function setPageStatus($status, $pageId) { throw new NotImplementedException('Provider does not support this feature.'); } /* * {@inheritdoc} / public function disconnect() { $this->clearStoredData(); } /* * {@inheritdoc} / public function getAccessToken() { $tokenNames = [ 'access_token', 'access_token_secret', 'token_type', 'refresh_token', 'expires_in', 'expires_at', ]; $tokens = []; foreach ($tokenNames as $name) { if ($this->getStoredData($name)) { $tokens[$name] = $this->getStoredData($name); } } return $tokens; } /* * {@inheritdoc} / public function setAccessToken($tokens = []) { $this->clearStoredData(); foreach ($tokens as $token => $value) { $this->storeData($token, $value); } // Re-initialize token parameters. $this->initialize(); } /* * {@inheritdoc} / public function setHttpClient(HttpClientInterface $httpClient = null) { $this->httpClient = $httpClient ?: new HttpClient(); if ($this->config->exists('curl_options') && method_exists($this->httpClient, 'setCurlOptions')) { $this->httpClient->setCurlOptions($this->config->get('curl_options')); } } /* * {@inheritdoc} / public function getHttpClient() { return $this->httpClient; } /* * {@inheritdoc} / public function setStorage(StorageInterface $storage = null) { $this->storage = $storage ?: new Session(); } /* * {@inheritdoc} / public function getStorage() { return $this->storage; } /* * {@inheritdoc} / public function setLogger(LoggerInterface $logger = null) { $this->logger = $logger ?: new Logger( $this->config->get('debug_mode'), $this->config->get('debug_file') ); if (method_exists($this->httpClient, 'setLogger')) { $this->httpClient->setLogger($this->logger); } } /* * {@inheritdoc} / public function getLogger() { return $this->logger; } /* * Set Adapter's API callback url * * @param string $callback * * @throws InvalidArgumentException / protected function setCallback($callback) { if (!filter_var($callback, FILTER_VALIDATE_URL)) { throw new InvalidArgumentException('A valid callback url is required.'); } $this->callback = $callback; } /* * Overwrite Adapter's API endpoints * * @param array\|Data\Collection $endpoints / protected function setApiEndpoints($endpoints = null) { if (empty($endpoints)) { return; } $collection = is_array($endpoints) ? new Data\Collection($endpoints) : $endpoints; $this->apiBaseUrl = $collection->get('api_base_url') ?: $this->apiBaseUrl; $this->authorizeUrl = $collection->get('authorize_url') ?: $this->authorizeUrl; $this->accessTokenUrl = $collection->get('access_token_url') ?: $this->accessTokenUrl; } /* * Validate signed API responses Http status code. * * Since the specifics of error responses is beyond the scope of RFC6749 and OAuth Core specifications, * Hybridauth will consider any HTTP status code that is different than '200 OK' as an ERROR. * * @param string $error String to pre append to message thrown in exception * * @throws HttpClientFailureException * @throws HttpRequestFailedException / protected function validateApiResponse($error = '') { $error .= !empty($error) ? '. ' : ''; if ($this->httpClient->getResponseClientError()) { throw new HttpClientFailureException( $error . 'HTTP client error: ' . $this->httpClient->getResponseClientError() . '.' ); } // if validateApiResponseHttpCode is set to false, we by pass verification of http status code if (!$this->validateApiResponseHttpCode) { return; } $status = $this->httpClient->getResponseHttpCode(); if ($status < 200 \|\| $status > 299) { throw new HttpRequestFailedException( $error . 'HTTP error ' . $this->httpClient->getResponseHttpCode() . '. Raw Provider API response: ' . $this->httpClient->getResponseBody() . '.' ); } } } ��hybridauth/Adapter/OAuth2.php��0000644��00000054653�15104256626�0012126 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Adapter; use Hybridauth\Exception\Exception; use Hybridauth\Exception\InvalidApplicationCredentialsException; use Hybridauth\Exception\InvalidAuthorizationStateException; use Hybridauth\Exception\InvalidAuthorizationCodeException; use Hybridauth\Exception\AuthorizationDeniedException; use Hybridauth\Exception\InvalidAccessTokenException; use Hybridauth\Data; use Hybridauth\HttpClient; /* * This class can be used to simplify the authorization flow of OAuth 2 based service providers. * * Subclasses (i.e., providers adapters) can either use the already provided methods or override * them when necessary. / abstract class OAuth2 extends AbstractAdapter implements AdapterInterface { /* * Client Identifier * * RFC6749: client_id REQUIRED. The client identifier issued to the client during * the registration process described by Section 2.2. * * http://tools.ietf.org/html/rfc6749#section-2.2 * * @var string / protected $clientId = ''; /* * Client Secret * * RFC6749: client_secret REQUIRED. The client secret. The client MAY omit the * parameter if the client secret is an empty string. * * http://tools.ietf.org/html/rfc6749#section-2.2 * * @var string / protected $clientSecret = ''; /* * Access Token Scope * * RFC6749: The authorization and token endpoints allow the client to specify the * scope of the access request using the "scope" request parameter. * * http://tools.ietf.org/html/rfc6749#section-3.3 * * @var string / protected $scope = ''; /* * Base URL to provider API * * This var will be used to build urls when sending signed requests * * @var string / protected $apiBaseUrl = ''; /* * Authorization Endpoint * * RFC6749: The authorization endpoint is used to interact with the resource * owner and obtain an authorization grant. * * http://tools.ietf.org/html/rfc6749#section-3.1 * * @var string / protected $authorizeUrl = ''; /* * Access Token Endpoint * * RFC6749: The token endpoint is used by the client to obtain an access token by * presenting its authorization grant or refresh token. * * http://tools.ietf.org/html/rfc6749#section-3.2 * * @var string / protected $accessTokenUrl = ''; /* * TokenInfo endpoint * * Access token validation. OPTIONAL. * * @var string / protected $accessTokenInfoUrl = ''; /* * IPD API Documentation * * OPTIONAL. * * @var string / protected $apiDocumentation = ''; /* * Redirection Endpoint or Callback * * RFC6749: After completing its interaction with the resource owner, the * authorization server directs the resource owner's user-agent back to * the client. * * http://tools.ietf.org/html/rfc6749#section-3.1.2 * * @var string / protected $callback = ''; /* * Authorization Url Parameters * * @var array / protected $AuthorizeUrlParameters = []; /* * Authorization Url Parameter encoding type * @see https://www.php.net/manual/de/function.http-build-query.php * * @var string / protected $AuthorizeUrlParametersEncType = PHP_QUERY_RFC1738; /* * Authorization Request State * * @var bool / protected $supportRequestState = true; /* * Access Token name * * While most providers will use 'access_token' as name for the Access Token attribute, other do not. * On the latter case, this should be set by sub classes. * * @var string / protected $accessTokenName = 'access_token'; /* * Authorization Request HTTP method. * * @see exchangeCodeForAccessToken() * * @var string / protected $tokenExchangeMethod = 'POST'; /* * Authorization Request URL parameters. * * Sub classes may change add any additional parameter when necessary. * * @see exchangeCodeForAccessToken() * * @var array / protected $tokenExchangeParameters = []; /* * Authorization Request HTTP headers. * * Sub classes may add any additional header when necessary. * * @see exchangeCodeForAccessToken() * * @var array / protected $tokenExchangeHeaders = []; /* * Refresh Token Request HTTP method. * * @see refreshAccessToken() * * @var string / protected $tokenRefreshMethod = 'POST'; /* * Refresh Token Request URL parameters. * * Sub classes may change add any additional parameter when necessary. * * @see refreshAccessToken() * * @var array\|null / protected $tokenRefreshParameters = null; /* * Refresh Token Request HTTP headers. * * Sub classes may add any additional header when necessary. * * @see refreshAccessToken() * * @var array / protected $tokenRefreshHeaders = []; /* * Authorization Request URL parameters. * * Sub classes may change add any additional parameter when necessary. * * @see apiRequest() * * @var array / protected $apiRequestParameters = []; /* * Authorization Request HTTP headers. * * Sub classes may add any additional header when necessary. * * @see apiRequest() * * @var array / protected $apiRequestHeaders = []; /* * {@inheritdoc} / protected function configure() { $this->clientId = $this->config->filter('keys')->get('id') ?: $this->config->filter('keys')->get('key'); $this->clientSecret = $this->config->filter('keys')->get('secret'); if (!$this->clientId \|\| !$this->clientSecret) { throw new InvalidApplicationCredentialsException( 'Your application id is required in order to connect to ' . $this->providerId ); } $this->scope = $this->config->exists('scope') ? $this->config->get('scope') : $this->scope; if ($this->config->exists('tokens')) { $this->setAccessToken($this->config->get('tokens')); } if ($this->config->exists('supportRequestState')) { $this->supportRequestState = $this->config->get('supportRequestState'); } $this->setCallback($this->config->get('callback')); $this->setApiEndpoints($this->config->get('endpoints')); } /* * {@inheritdoc} / protected function initialize() { $this->AuthorizeUrlParameters = [ 'response_type' => 'code', 'client_id' => $this->clientId, 'redirect_uri' => $this->callback, 'scope' => $this->scope, ]; $this->tokenExchangeParameters = [ 'client_id' => $this->clientId, 'client_secret' => $this->clientSecret, 'grant_type' => 'authorization_code', 'redirect_uri' => $this->callback ]; $refreshToken = $this->getStoredData('refresh_token'); if (!empty($refreshToken)) { $this->tokenRefreshParameters = [ 'grant_type' => 'refresh_token', 'refresh_token' => $refreshToken, ]; } $this->apiRequestHeaders = [ 'Authorization' => 'Bearer ' . $this->getStoredData('access_token') ]; } /* * {@inheritdoc} / public function authenticate() { $this->logger->info(sprintf('%s::authenticate()', get_class($this))); if ($this->isConnected()) { return true; } try { $this->authenticateCheckError(); $code = filter_input($_SERVER['REQUEST_METHOD'] === 'POST' ? INPUT_POST : INPUT_GET, 'code'); if (empty($code)) { $this->authenticateBegin(); } else { $this->authenticateFinish(); } } catch (Exception $e) { $this->clearStoredData(); throw $e; } return null; } /* * {@inheritdoc} / public function isConnected() { if ((bool)$this->getStoredData('access_token')) { return (!$this->hasAccessTokenExpired() \|\| $this->isRefreshTokenAvailable()); } return false; } /* * If we can use a refresh token, then an expired token does not stop us being connected. * * @return bool / public function isRefreshTokenAvailable() { return is_array($this->tokenRefreshParameters); } /* * Authorization Request Error Response * * RFC6749: If the request fails due to a missing, invalid, or mismatching * redirection URI, or if the client identifier is missing or invalid, * the authorization server SHOULD inform the resource owner of the error. * * http://tools.ietf.org/html/rfc6749#section-4.1.2.1 * * @throws \Hybridauth\Exception\InvalidAuthorizationCodeException * @throws \Hybridauth\Exception\AuthorizationDeniedException / protected function authenticateCheckError() { $error = filter_input(INPUT_GET, 'error', FILTER_SANITIZE_SPECIAL_CHARS); if (!empty($error)) { $error_description = filter_input(INPUT_GET, 'error_description', FILTER_SANITIZE_SPECIAL_CHARS); $error_uri = filter_input(INPUT_GET, 'error_uri', FILTER_SANITIZE_SPECIAL_CHARS); $collated_error = sprintf('Provider returned an error: %s %s %s', $error, $error_description, $error_uri); if ($error == 'access_denied') { throw new AuthorizationDeniedException($collated_error); } throw new InvalidAuthorizationCodeException($collated_error); } } /* * Initiate the authorization protocol * * Build Authorization URL for Authorization Request and redirect the user-agent to the * Authorization Server. / protected function authenticateBegin() { $authUrl = $this->getAuthorizeUrl(); $this->logger->debug(sprintf('%s::authenticateBegin(), redirecting user to:', get_class($this)), [$authUrl]); HttpClient\Util::redirect($authUrl); } /* * Finalize the authorization process * * @throws \Hybridauth\Exception\HttpClientFailureException * @throws \Hybridauth\Exception\HttpRequestFailedException * @throws InvalidAccessTokenException * @throws InvalidAuthorizationStateException / protected function authenticateFinish() { $this->logger->debug( sprintf('%s::authenticateFinish(), callback url:', get_class($this)), [HttpClient\Util::getCurrentUrl(true)] ); $state = filter_input($_SERVER['REQUEST_METHOD'] === 'POST' ? INPUT_POST : INPUT_GET, 'state'); $code = filter_input($_SERVER['REQUEST_METHOD'] === 'POST' ? INPUT_POST : INPUT_GET, 'code'); /* * Authorization Request State * * RFC6749: state : RECOMMENDED. An opaque value used by the client to maintain * state between the request and callback. The authorization server includes * this value when redirecting the user-agent back to the client. * * http://tools.ietf.org/html/rfc6749#section-4.1.1 / if ($this->supportRequestState && (!$state \|\| $this->getStoredData('authorization_state') != $state) ) { $this->deleteStoredData('authorization_state'); throw new InvalidAuthorizationStateException( 'The authorization state [state=' . substr(htmlentities($state), 0, 100) . '] ' . 'of this page is either invalid or has already been consumed.' ); } /* * Authorization Request Code * * RFC6749: If the resource owner grants the access request, the authorization * server issues an authorization code and delivers it to the client: * * http://tools.ietf.org/html/rfc6749#section-4.1.2 / $response = $this->exchangeCodeForAccessToken($code); $this->validateAccessTokenExchange($response); $this->initialize(); } /* * Build Authorization URL for Authorization Request * * RFC6749: The client constructs the request URI by adding the following * $parameters to the query component of the authorization endpoint URI: * * - response_type REQUIRED. Value MUST be set to "code". * - client_id REQUIRED. * - redirect_uri OPTIONAL. * - scope OPTIONAL. * - state RECOMMENDED. * * http://tools.ietf.org/html/rfc6749#section-4.1.1 * * Sub classes may redefine this method when necessary. * * @param array $parameters * * @return string Authorization URL / protected function getAuthorizeUrl($parameters = []) { $this->AuthorizeUrlParameters = !empty($parameters) ? $parameters : array_replace( (array)$this->AuthorizeUrlParameters, (array)$this->config->get('authorize_url_parameters') ); if ($this->supportRequestState) { if (!isset($this->AuthorizeUrlParameters['state'])) { $this->AuthorizeUrlParameters['state'] = 'HA-' . str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890'); } $this->storeData('authorization_state', $this->AuthorizeUrlParameters['state']); } $queryParams = http_build_query($this->AuthorizeUrlParameters, '', '&', $this->AuthorizeUrlParametersEncType); return $this->authorizeUrl . '?' . $queryParams; } /* * Access Token Request * * This method will exchange the received $code in loginFinish() with an Access Token. * * RFC6749: The client makes a request to the token endpoint by sending the * following parameters using the "application/x-www-form-urlencoded" * with a character encoding of UTF-8 in the HTTP request entity-body: * * - grant_type REQUIRED. Value MUST be set to "authorization_code". * - code REQUIRED. The authorization code received from the authorization server. * - redirect_uri REQUIRED. * - client_id REQUIRED. * * http://tools.ietf.org/html/rfc6749#section-4.1.3 * * @param string $code * * @return string Raw Provider API response * @throws \Hybridauth\Exception\HttpClientFailureException * @throws \Hybridauth\Exception\HttpRequestFailedException / protected function exchangeCodeForAccessToken($code) { $this->tokenExchangeParameters['code'] = $code; $response = $this->httpClient->request( $this->accessTokenUrl, $this->tokenExchangeMethod, $this->tokenExchangeParameters, $this->tokenExchangeHeaders ); $this->validateApiResponse('Unable to exchange code for API access token'); return $response; } /* * Validate Access Token Response * * RFC6749: If the access token request is valid and authorized, the * authorization server issues an access token and optional refresh token. * If the request client authentication failed or is invalid, the authorization * server returns an error response as described in Section 5.2. * * Example of a successful response: * * HTTP/1.1 200 OK * Content-Type: application/json;charset=UTF-8 * Cache-Control: no-store * Pragma: no-cache * * { * "access_token":"2YotnFZFEjr1zCsicMWpAA", * "token_type":"example", * "expires_in":3600, * "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", * "example_parameter":"example_value" * } * * http://tools.ietf.org/html/rfc6749#section-4.1.4 * * This method uses Data_Parser to attempt to decodes the raw $response (usually JSON) * into a data collection. * * @param string $response * * @return \Hybridauth\Data\Collection * @throws InvalidAccessTokenException / protected function validateAccessTokenExchange($response) { $data = (new Data\Parser())->parse($response); $collection = new Data\Collection($data); if (!$collection->exists('access_token')) { throw new InvalidAccessTokenException( 'Provider returned no access_token: ' . htmlentities($response) ); } $this->storeData('access_token', $collection->get('access_token')); $this->storeData('token_type', $collection->get('token_type')); if ($collection->get('refresh_token')) { $this->storeData('refresh_token', $collection->get('refresh_token')); } // calculate when the access token expire if ($collection->exists('expires_in')) { $expires_at = time() + (int)$collection->get('expires_in'); $this->storeData('expires_in', $collection->get('expires_in')); $this->storeData('expires_at', $expires_at); } $this->deleteStoredData('authorization_state'); $this->initialize(); return $collection; } /* * Refreshing an Access Token * * RFC6749: If the authorization server issued a refresh token to the * client, the client makes a refresh request to the token endpoint by * adding the following parameters ... in the HTTP request entity-body: * * - grant_type REQUIRED. Value MUST be set to "refresh_token". * - refresh_token REQUIRED. The refresh token issued to the client. * - scope OPTIONAL. * * http://tools.ietf.org/html/rfc6749#section-6 * * This method is similar to exchangeCodeForAccessToken(). The only * difference is here we exchange refresh_token for a new access_token. * * @param array $parameters * * @return string\|null Raw Provider API response, or null if we cannot refresh * @throws \Hybridauth\Exception\HttpClientFailureException * @throws \Hybridauth\Exception\HttpRequestFailedException * @throws InvalidAccessTokenException / public function refreshAccessToken($parameters = []) { $this->tokenRefreshParameters = !empty($parameters) ? $parameters : $this->tokenRefreshParameters; if (!$this->isRefreshTokenAvailable()) { return null; } $response = $this->httpClient->request( $this->accessTokenUrl, $this->tokenRefreshMethod, $this->tokenRefreshParameters, $this->tokenRefreshHeaders ); $this->validateApiResponse('Unable to refresh the access token'); $this->validateRefreshAccessToken($response); return $response; } /* * Check whether access token has expired * * @param int\|null $time * @return bool\|null / public function hasAccessTokenExpired($time = null) { if ($time === null) { $time = time(); } $expires_at = $this->getStoredData('expires_at'); if (!$expires_at) { return null; } return $expires_at <= $time; } /* * Validate Refresh Access Token Request * * RFC6749: If valid and authorized, the authorization server issues an * access token as described in Section 5.1. If the request failed * verification or is invalid, the authorization server returns an error * response as described in Section 5.2. * * http://tools.ietf.org/html/rfc6749#section-6 * http://tools.ietf.org/html/rfc6749#section-5.1 * http://tools.ietf.org/html/rfc6749#section-5.2 * * This method simply use validateAccessTokenExchange(), however sub * classes may redefine it when necessary. * * @param $response * * @return \Hybridauth\Data\Collection * @throws InvalidAccessTokenException / protected function validateRefreshAccessToken($response) { return $this->validateAccessTokenExchange($response); } /* * Send a signed request to provider API * * RFC6749: Accessing Protected Resources: The client accesses protected * resources by presenting the access token to the resource server. The * resource server MUST validate the access token and ensure that it has * not expired and that its scope covers the requested resource. * * Note: Since the specifics of error responses is beyond the scope of * RFC6749 and OAuth specifications, Hybridauth will consider any HTTP * status code that is different than '200 OK' as an ERROR. * * http://tools.ietf.org/html/rfc6749#section-7 * * @param string $url * @param string $method * @param array $parameters * @param array $headers * @param bool $multipart * * @return mixed * @throws \Hybridauth\Exception\HttpClientFailureException * @throws \Hybridauth\Exception\HttpRequestFailedException * @throws InvalidAccessTokenException / public function apiRequest($url, $method = 'GET', $parameters = [], $headers = [], $multipart = false) { // refresh tokens if needed $this->maintainToken(); if ($this->hasAccessTokenExpired() === true) { $this->refreshAccessToken(); } if (strrpos($url, 'http://') !== 0 && strrpos($url, 'https://') !== 0) { $url = rtrim($this->apiBaseUrl, '/') . '/' . ltrim($url, '/'); } $parameters = array_replace($this->apiRequestParameters, (array)$parameters); $headers = array_replace($this->apiRequestHeaders, (array)$headers); $response = $this->httpClient->request( $url, $method, // HTTP Request Method. Defaults to GET. $parameters, // Request Parameters $headers, // Request Headers $multipart // Is request multipart ); $this->validateApiResponse('Signed API request to ' . $url . ' has returned an error'); $response = (new Data\Parser())->parse($response); return $response; } } ��hybridauth/Adapter/OpenID.php��0000644��00000017362�15104256626�0012136 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Adapter; use Hybridauth\Exception\InvalidOpenidIdentifierException; use Hybridauth\Exception\AuthorizationDeniedException; use Hybridauth\Exception\UnexpectedApiResponseException; use Hybridauth\Data; use Hybridauth\HttpClient; use Hybridauth\User; use Hybridauth\Thirdparty\OpenID\LightOpenID; /* * This class can be used to simplify the authentication flow of OpenID based service providers. * * Subclasses (i.e., providers adapters) can either use the already provided methods or override * them when necessary. / abstract class OpenID extends AbstractAdapter implements AdapterInterface { /* * LightOpenID instance * * @var object / protected $openIdClient = null; /* * Openid provider identifier * * @var string / protected $openidIdentifier = ''; /* * IPD API Documentation * * OPTIONAL. * * @var string / protected $apiDocumentation = ''; /* * {@inheritdoc} / protected function configure() { if ($this->config->exists('openid_identifier')) { $this->openidIdentifier = $this->config->get('openid_identifier'); } if (empty($this->openidIdentifier)) { throw new InvalidOpenidIdentifierException('OpenID adapter requires an openid_identifier.', 4); } $this->setCallback($this->config->get('callback')); $this->setApiEndpoints($this->config->get('endpoints')); } /* * {@inheritdoc} / protected function initialize() { $hostPort = parse_url($this->callback, PHP_URL_PORT); $hostUrl = parse_url($this->callback, PHP_URL_HOST); if ($hostPort) { $hostUrl .= ':' . $hostPort; } // @fixme: add proxy $this->openIdClient = new LightOpenID($hostUrl, null); } /* * {@inheritdoc} / public function authenticate() { $this->logger->info(sprintf('%s::authenticate()', get_class($this))); if ($this->isConnected()) { return true; } if (empty($_REQUEST['openid_mode'])) { $this->authenticateBegin(); } else { return $this->authenticateFinish(); } return null; } /* * {@inheritdoc} / public function isConnected() { return (bool)$this->storage->get($this->providerId . '.user'); } /* * {@inheritdoc} / public function disconnect() { $this->storage->delete($this->providerId . '.user'); return true; } /* * Initiate the authorization protocol * * Include and instantiate LightOpenID / protected function authenticateBegin() { $this->openIdClient->identity = $this->openidIdentifier; $this->openIdClient->returnUrl = $this->callback; $this->openIdClient->required = [ 'namePerson/first', 'namePerson/last', 'namePerson/friendly', 'namePerson', 'contact/email', 'birthDate', 'birthDate/birthDay', 'birthDate/birthMonth', 'birthDate/birthYear', 'person/gender', 'pref/language', 'contact/postalCode/home', 'contact/city/home', 'contact/country/home', 'media/image/default', ]; $authUrl = $this->openIdClient->authUrl(); $this->logger->debug(sprintf('%s::authenticateBegin(), redirecting user to:', get_class($this)), [$authUrl]); HttpClient\Util::redirect($authUrl); } /* * Finalize the authorization process. * * @throws AuthorizationDeniedException * @throws UnexpectedApiResponseException / protected function authenticateFinish() { $this->logger->debug( sprintf('%s::authenticateFinish(), callback url:', get_class($this)), [HttpClient\Util::getCurrentUrl(true)] ); if ($this->openIdClient->mode == 'cancel') { throw new AuthorizationDeniedException('User has cancelled the authentication.'); } if (!$this->openIdClient->validate()) { throw new UnexpectedApiResponseException('Invalid response received.'); } $openidAttributes = $this->openIdClient->getAttributes(); if (!$this->openIdClient->identity) { throw new UnexpectedApiResponseException('Provider returned an unexpected response.'); } $userProfile = $this->fetchUserProfile($openidAttributes); / with openid providers we only get user profiles once, so we store it / $this->storage->set($this->providerId . '.user', $userProfile); } /* * Fetch user profile from received openid attributes * * @param array $openidAttributes * * @return User\Profile / protected function fetchUserProfile($openidAttributes) { $data = new Data\Collection($openidAttributes); $userProfile = new User\Profile(); $userProfile->identifier = $this->openIdClient->identity; $userProfile->firstName = $data->get('namePerson/first'); $userProfile->lastName = $data->get('namePerson/last'); $userProfile->email = $data->get('contact/email'); $userProfile->language = $data->get('pref/language'); $userProfile->country = $data->get('contact/country/home'); $userProfile->zip = $data->get('contact/postalCode/home'); $userProfile->gender = $data->get('person/gender'); $userProfile->photoURL = $data->get('media/image/default'); $userProfile->birthDay = $data->get('birthDate/birthDay'); $userProfile->birthMonth = $data->get('birthDate/birthMonth'); $userProfile->birthYear = $data->get('birthDate/birthDate'); $userProfile = $this->fetchUserGender($userProfile, $data->get('person/gender')); $userProfile = $this->fetchUserDisplayName($userProfile, $data); return $userProfile; } /* * Extract users display names * * @param User\Profile $userProfile * @param Data\Collection $data * * @return User\Profile / protected function fetchUserDisplayName(User\Profile $userProfile, Data\Collection $data) { $userProfile->displayName = $data->get('namePerson'); $userProfile->displayName = $userProfile->displayName ? $userProfile->displayName : $data->get('namePerson/friendly'); $userProfile->displayName = $userProfile->displayName ? $userProfile->displayName : trim($userProfile->firstName . ' ' . $userProfile->lastName); return $userProfile; } /* * Extract users gender * * @param User\Profile $userProfile * @param string $gender * * @return User\Profile / protected function fetchUserGender(User\Profile $userProfile, $gender) { $gender = strtolower((string)$gender); if ('f' == $gender) { $gender = 'female'; } if ('m' == $gender) { $gender = 'male'; } $userProfile->gender = $gender; return $userProfile; } /* * OpenID only provide the user profile one. This method will attempt to retrieve the profile from storage. / public function getUserProfile() { $userProfile = $this->storage->get($this->providerId . '.user'); if (!is_object($userProfile)) { throw new UnexpectedApiResponseException('Provider returned an unexpected response.'); } return $userProfile; } } ��hybridauth/Adapter/DataStoreTrait.php��0000644��00000003640�15104256626�0013704 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Adapter; /* * Trait DataStoreTrait / trait DataStoreTrait { /* * Returns storage instance * * @return \Hybridauth\Storage\StorageInterface / abstract public function getStorage(); /* * Store a piece of data in storage. * * This method is mainly used for OAuth tokens (access, secret, refresh, and whatnot), but it * can be also used by providers to store any other useful data (i.g., user_id, auth_nonce, etc.) * * @param string $name * @param mixed $value / protected function storeData($name, $value = null) { // if empty, we simply delete the thing as we'd want to only store necessary data if (empty($value)) { $this->deleteStoredData($name); } $this->getStorage()->set($this->providerId . '.' . $name, $value); } /* * Retrieve a piece of data from storage. * * This method is mainly used for OAuth tokens (access, secret, refresh, and whatnot), but it * can be also used by providers to retrieve from store any other useful data (i.g., user_id, * auth_nonce, etc.) * * @param string $name * * @return mixed / protected function getStoredData($name) { return $this->getStorage()->get($this->providerId . '.' . $name); } /* * Delete a stored piece of data. * * @param string $name / protected function deleteStoredData($name) { $this->getStorage()->delete($this->providerId . '.' . $name); } /* * Delete all stored data of the instantiated adapter / protected function clearStoredData() { $this->getStorage()->deleteMatch($this->providerId . '.'); } } ��hybridauth/Adapter/AdapterInterface.php��0000644��00000006520�15104256626�0014213 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Adapter; use Hybridauth\HttpClient\HttpClientInterface; use Hybridauth\Storage\StorageInterface; use Hybridauth\Logger\LoggerInterface; /* * Interface AdapterInterface / interface AdapterInterface { /* * Initiate the appropriate protocol and process/automate the authentication or authorization flow. * * @return bool\|null / public function authenticate(); /* * Returns TRUE if the user is connected * * @return bool / public function isConnected(); /* * Clear all access token in storage / public function disconnect(); /* * Retrieve the connected user profile * * @return \Hybridauth\User\Profile / public function getUserProfile(); /* * Retrieve the connected user contacts list * * @return \Hybridauth\User\Contact[] / public function getUserContacts(); /* * Retrieve the connected user pages\|companies\|groups list * * @return array / public function getUserPages(); /* * Retrieve the user activity stream * * @param string $stream * * @return \Hybridauth\User\Activity[] / public function getUserActivity($stream); /* * Post a status on user wall\|timeline\|blog\|website\|etc. * * @param string\|array $status * * @return mixed API response / public function setUserStatus($status); /* * Post a status on page\|company\|group wall. * * @param string\|array $status * @param string $pageId * * @return mixed API response / public function setPageStatus($status, $pageId); /* * Send a signed request to provider API * * @param string $url * @param string $method * @param array $parameters * @param array $headers * @param bool $multipart * * @return mixed / public function apiRequest($url, $method = 'GET', $parameters = [], $headers = [], $multipart = false); /* * Do whatever may be necessary to make sure tokens do not expire. * Intended to be be called frequently, e.g. via Cron. / public function maintainToken(); /* * Return oauth access tokens. * * @return array / public function getAccessToken(); /* * Set oauth access tokens. * * @param array $tokens / public function setAccessToken($tokens = []); /* * Set http client instance. * * @param HttpClientInterface $httpClient / public function setHttpClient(HttpClientInterface $httpClient = null); /* * Return http client instance. / public function getHttpClient(); /* * Set storage instance. * * @param StorageInterface $storage / public function setStorage(StorageInterface $storage = null); /* * Return storage instance. / public function getStorage(); /* * Set Logger instance. * * @param LoggerInterface $logger / public function setLogger(LoggerInterface $logger = null); /* * Return logger instance. / public function getLogger(); } ��hybridauth/Adapter/OAuth1.php��0000644��00000044121�15104256626�0012112 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Adapter; use Hybridauth\Exception\Exception; use Hybridauth\Exception\InvalidApplicationCredentialsException; use Hybridauth\Exception\AuthorizationDeniedException; use Hybridauth\Exception\InvalidOauthTokenException; use Hybridauth\Exception\InvalidAccessTokenException; use Hybridauth\Data; use Hybridauth\HttpClient; use Hybridauth\Thirdparty\OAuth\OAuthConsumer; use Hybridauth\Thirdparty\OAuth\OAuthRequest; use Hybridauth\Thirdparty\OAuth\OAuthSignatureMethodHMACSHA1; use Hybridauth\Thirdparty\OAuth\OAuthUtil; /* * This class can be used to simplify the authorization flow of OAuth 1 based service providers. * * Subclasses (i.e., providers adapters) can either use the already provided methods or override * them when necessary. / abstract class OAuth1 extends AbstractAdapter implements AdapterInterface { /* * Base URL to provider API * * This var will be used to build urls when sending signed requests * * @var string / protected $apiBaseUrl = ''; /* * @var string / protected $authorizeUrl = ''; /* * @var string / protected $requestTokenUrl = ''; /* * @var string / protected $accessTokenUrl = ''; /* * IPD API Documentation * * OPTIONAL. * * @var string / protected $apiDocumentation = ''; /* * OAuth Version * * '1.0' OAuth Core 1.0 * '1.0a' OAuth Core 1.0 Revision A * * @var string / protected $oauth1Version = '1.0a'; /* * @var string / protected $consumerKey = null; /* * @var string / protected $consumerSecret = null; /* * @var object / protected $OAuthConsumer = null; /* * @var object / protected $sha1Method = null; /* * @var object / protected $consumerToken = null; /* * Authorization Url Parameters * * @var bool / protected $AuthorizeUrlParameters = []; /* * @var string / protected $requestTokenMethod = 'POST'; /* * @var array / protected $requestTokenParameters = []; /* * @var array / protected $requestTokenHeaders = []; /* * @var string / protected $tokenExchangeMethod = 'POST'; /* * @var array / protected $tokenExchangeParameters = []; /* * @var array / protected $tokenExchangeHeaders = []; /* * @var array / protected $apiRequestParameters = []; /* * @var array / protected $apiRequestHeaders = []; /* * {@inheritdoc} / protected function configure() { $this->consumerKey = $this->config->filter('keys')->get('id') ?: $this->config->filter('keys')->get('key'); $this->consumerSecret = $this->config->filter('keys')->get('secret'); if (!$this->consumerKey \|\| !$this->consumerSecret) { throw new InvalidApplicationCredentialsException( 'Your application id is required in order to connect to ' . $this->providerId ); } if ($this->config->exists('tokens')) { $this->setAccessToken($this->config->get('tokens')); } $this->setCallback($this->config->get('callback')); $this->setApiEndpoints($this->config->get('endpoints')); } /* * {@inheritdoc} / protected function initialize() { /* * Set up OAuth Signature and Consumer * * OAuth Core: All Token requests and Protected Resources requests MUST be signed * by the Consumer and verified by the Service Provider. * * The protocol defines three signature methods: HMAC-SHA1, RSA-SHA1, and PLAINTEXT.. * * The Consumer declares a signature method in the oauth_signature_method parameter.. * * http://oauth.net/core/1.0a/#signing_process / $this->sha1Method = new OAuthSignatureMethodHMACSHA1(); $this->OAuthConsumer = new OAuthConsumer( $this->consumerKey, $this->consumerSecret ); if ($this->getStoredData('request_token')) { $this->consumerToken = new OAuthConsumer( $this->getStoredData('request_token'), $this->getStoredData('request_token_secret') ); } if ($this->getStoredData('access_token')) { $this->consumerToken = new OAuthConsumer( $this->getStoredData('access_token'), $this->getStoredData('access_token_secret') ); } } /* * {@inheritdoc} / public function authenticate() { $this->logger->info(sprintf('%s::authenticate()', get_class($this))); if ($this->isConnected()) { return true; } try { if (!$this->getStoredData('request_token')) { // Start a new flow. $this->authenticateBegin(); } elseif (empty($_GET['oauth_token']) && empty($_GET['denied'])) { // A previous authentication was not finished, and this request is not finishing it. $this->authenticateBegin(); } else { // Finish a flow. $this->authenticateFinish(); } } catch (Exception $exception) { $this->clearStoredData(); throw $exception; } return null; } /* * {@inheritdoc} / public function isConnected() { return (bool)$this->getStoredData('access_token'); } /* * Initiate the authorization protocol * * 1. Obtaining an Unauthorized Request Token * 2. Build Authorization URL for Authorization Request and redirect the user-agent to the * Authorization Server. / protected function authenticateBegin() { $response = $this->requestAuthToken(); $this->validateAuthTokenRequest($response); $authUrl = $this->getAuthorizeUrl(); $this->logger->debug(sprintf('%s::authenticateBegin(), redirecting user to:', get_class($this)), [$authUrl]); HttpClient\Util::redirect($authUrl); } /* * Finalize the authorization process * * @throws AuthorizationDeniedException * @throws \Hybridauth\Exception\HttpClientFailureException * @throws \Hybridauth\Exception\HttpRequestFailedException * @throws InvalidAccessTokenException * @throws InvalidOauthTokenException / protected function authenticateFinish() { $this->logger->debug( sprintf('%s::authenticateFinish(), callback url:', get_class($this)), [HttpClient\Util::getCurrentUrl(true)] ); $denied = filter_input(INPUT_GET, 'denied'); $oauth_problem = filter_input(INPUT_GET, 'oauth_problem'); $oauth_token = filter_input(INPUT_GET, 'oauth_token'); $oauth_verifier = filter_input(INPUT_GET, 'oauth_verifier'); if ($denied) { throw new AuthorizationDeniedException( 'User denied access request. Provider returned a denied token: ' . htmlentities($denied) ); } if ($oauth_problem) { throw new InvalidOauthTokenException( 'Provider returned an error. oauth_problem: ' . htmlentities($oauth_problem) ); } if (!$oauth_token) { throw new InvalidOauthTokenException( 'Expecting a non-null oauth_token to continue the authorization flow.' ); } $response = $this->exchangeAuthTokenForAccessToken($oauth_token, $oauth_verifier); $this->validateAccessTokenExchange($response); $this->initialize(); } /* * Build Authorization URL for Authorization Request * * @param array $parameters * * @return string / protected function getAuthorizeUrl($parameters = []) { $this->AuthorizeUrlParameters = !empty($parameters) ? $parameters : array_replace( (array)$this->AuthorizeUrlParameters, (array)$this->config->get('authorize_url_parameters') ); $this->AuthorizeUrlParameters['oauth_token'] = $this->getStoredData('request_token'); return $this->authorizeUrl . '?' . http_build_query($this->AuthorizeUrlParameters, '', '&'); } /* * Unauthorized Request Token * * OAuth Core: The Consumer obtains an unauthorized Request Token by asking the Service Provider * to issue a Token. The Request Token's sole purpose is to receive User approval and can only * be used to obtain an Access Token. * * http://oauth.net/core/1.0/#auth_step1 * 6.1.1. Consumer Obtains a Request Token * * @return string Raw Provider API response * @throws \Hybridauth\Exception\HttpClientFailureException * @throws \Hybridauth\Exception\HttpRequestFailedException / protected function requestAuthToken() { /* * OAuth Core 1.0 Revision A: oauth_callback: An absolute URL to which the Service Provider will redirect * the User back when the Obtaining User Authorization step is completed. * * http://oauth.net/core/1.0a/#auth_step1 / if ('1.0a' == $this->oauth1Version) { $this->requestTokenParameters['oauth_callback'] = $this->callback; } $response = $this->oauthRequest( $this->requestTokenUrl, $this->requestTokenMethod, $this->requestTokenParameters, $this->requestTokenHeaders ); return $response; } /* * Validate Unauthorized Request Token Response * * OAuth Core: The Service Provider verifies the signature and Consumer Key. If successful, * it generates a Request Token and Token Secret and returns them to the Consumer in the HTTP * response body. * * http://oauth.net/core/1.0/#auth_step1 * 6.1.2. Service Provider Issues an Unauthorized Request Token * * @param string $response * * @return \Hybridauth\Data\Collection * @throws InvalidOauthTokenException / protected function validateAuthTokenRequest($response) { /* * The response contains the following parameters: * * - oauth_token The Request Token. * - oauth_token_secret The Token Secret. * - oauth_callback_confirmed MUST be present and set to true. * * http://oauth.net/core/1.0/#auth_step1 * 6.1.2. Service Provider Issues an Unauthorized Request Token * * Example of a successful response: * * HTTP/1.1 200 OK * Content-Type: text/html; charset=utf-8 * Cache-Control: no-store * Pragma: no-cache * * oauth_token=80359084-clg1DEtxQF3wstTcyUdHF3wsdHM&oauth_token_secret=OIF07hPmJB:P * 6qiHTi1znz6qiH3tTcyUdHnz6qiH3tTcyUdH3xW3wsDvV08e&example_parameter=example_value * * OAuthUtil::parse_parameters will attempt to decode the raw response into an array. / $tokens = OAuthUtil::parse_parameters($response); $collection = new Data\Collection($tokens); if (!$collection->exists('oauth_token')) { throw new InvalidOauthTokenException( 'Provider returned no oauth_token: ' . htmlentities($response) ); } $this->consumerToken = new OAuthConsumer( $tokens['oauth_token'], $tokens['oauth_token_secret'] ); $this->storeData('request_token', $tokens['oauth_token']); $this->storeData('request_token_secret', $tokens['oauth_token_secret']); return $collection; } /* * Requests an Access Token * * OAuth Core: The Request Token and Token Secret MUST be exchanged for an Access Token and Token Secret. * * http://oauth.net/core/1.0a/#auth_step3 * 6.3.1. Consumer Requests an Access Token * * @param string $oauth_token * @param string $oauth_verifier * * @return string Raw Provider API response * @throws \Hybridauth\Exception\HttpClientFailureException * @throws \Hybridauth\Exception\HttpRequestFailedException / protected function exchangeAuthTokenForAccessToken($oauth_token, $oauth_verifier = '') { $this->tokenExchangeParameters['oauth_token'] = $oauth_token; /* * OAuth Core 1.0 Revision A: oauth_verifier: The verification code received from the Service Provider * in the "Service Provider Directs the User Back to the Consumer" step. * * http://oauth.net/core/1.0a/#auth_step3 / if ('1.0a' == $this->oauth1Version) { $this->tokenExchangeParameters['oauth_verifier'] = $oauth_verifier; } $response = $this->oauthRequest( $this->accessTokenUrl, $this->tokenExchangeMethod, $this->tokenExchangeParameters, $this->tokenExchangeHeaders ); return $response; } /* * Validate Access Token Response * * OAuth Core: If successful, the Service Provider generates an Access Token and Token Secret and returns * them in the HTTP response body. * * The Access Token and Token Secret are stored by the Consumer and used when signing Protected Resources requests. * * http://oauth.net/core/1.0a/#auth_step3 * 6.3.2. Service Provider Grants an Access Token * * @param string $response * * @return \Hybridauth\Data\Collection * @throws InvalidAccessTokenException / protected function validateAccessTokenExchange($response) { /* * The response contains the following parameters: * * - oauth_token The Access Token. * - oauth_token_secret The Token Secret. * * http://oauth.net/core/1.0/#auth_step3 * 6.3.2. Service Provider Grants an Access Token * * Example of a successful response: * * HTTP/1.1 200 OK * Content-Type: text/html; charset=utf-8 * Cache-Control: no-store * Pragma: no-cache * * oauth_token=sHeLU7Far428zj8PzlWR75&oauth_token_secret=fXb30rzoG&oauth_callback_confirmed=true * * OAuthUtil::parse_parameters will attempt to decode the raw response into an array. / $tokens = OAuthUtil::parse_parameters($response); $collection = new Data\Collection($tokens); if (!$collection->exists('oauth_token')) { throw new InvalidAccessTokenException( 'Provider returned no access_token: ' . htmlentities($response) ); } $this->consumerToken = new OAuthConsumer( $collection->get('oauth_token'), $collection->get('oauth_token_secret') ); $this->storeData('access_token', $collection->get('oauth_token')); $this->storeData('access_token_secret', $collection->get('oauth_token_secret')); $this->deleteStoredData('request_token'); $this->deleteStoredData('request_token_secret'); return $collection; } /* * Send a signed request to provider API * * Note: Since the specifics of error responses is beyond the scope of RFC6749 and OAuth specifications, * Hybridauth will consider any HTTP status code that is different than '200 OK' as an ERROR. * * @param string $url * @param string $method * @param array $parameters * @param array $headers * @param bool $multipart * * @return mixed * @throws \Hybridauth\Exception\HttpClientFailureException * @throws \Hybridauth\Exception\HttpRequestFailedException / public function apiRequest($url, $method = 'GET', $parameters = [], $headers = [], $multipart = false) { // refresh tokens if needed $this->maintainToken(); if (strrpos($url, 'http://') !== 0 && strrpos($url, 'https://') !== 0) { $url = rtrim($this->apiBaseUrl, '/') . '/' . ltrim($url, '/'); } $parameters = array_replace($this->apiRequestParameters, (array)$parameters); $headers = array_replace($this->apiRequestHeaders, (array)$headers); $response = $this->oauthRequest($url, $method, $parameters, $headers, $multipart); $response = (new Data\Parser())->parse($response); return $response; } /* * Setup and Send a Signed Oauth Request * * This method uses OAuth Library. * * @param string $uri * @param string $method * @param array $parameters * @param array $headers * @param bool $multipart * * @return string Raw Provider API response * @throws \Hybridauth\Exception\HttpClientFailureException * @throws \Hybridauth\Exception\HttpRequestFailedException / protected function oauthRequest($uri, $method = 'GET', $parameters = [], $headers = [], $multipart = false) { $signing_parameters = $parameters; if ($multipart) { $signing_parameters = []; } $request = OAuthRequest::from_consumer_and_token( $this->OAuthConsumer, $this->consumerToken, $method, $uri, $signing_parameters ); $request->sign_request( $this->sha1Method, $this->OAuthConsumer, $this->consumerToken ); $uri = $request->get_normalized_http_url(); $headers = array_replace($request->to_header(), (array)$headers); $response = $this->httpClient->request( $uri, $method, $parameters, $headers, $multipart ); $this->validateApiResponse('Signed API request to ' . $uri . ' has returned an error'); return $response; } } ��hybridauth/User/Activity.php��0000644��00000002765�15104256626�0012153 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\User; use Hybridauth\Exception\UnexpectedValueException; /* * Hybridauth\User\Activity / final class Activity { /* * activity id on the provider side, usually given as integer * * @var string / public $id = null; /* * activity date of creation * * @var string / public $date = null; /* * activity content as a string * * @var string / public $text = null; /* * user who created the activity * * @var object / public $user = null; /* * / public function __construct() { $this->user = new \stdClass(); // typically, we should have a few information about the user who created the event from social apis $this->user->identifier = null; $this->user->displayName = null; $this->user->profileURL = null; $this->user->photoURL = null; } /* * Prevent the providers adapters from adding new fields. * * @throws UnexpectedValueException * @var string $name * * @var mixed $value * / public function __set($name, $value) { // phpcs:ignore throw new UnexpectedValueException(sprintf('Adding new property "%s\' to %s is not allowed.', $name, __CLASS__)); } } ��hybridauth/User/Contact.php��0000644��00000002765�15104256626�0011752 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\User; use Hybridauth\Exception\UnexpectedValueException; /* * Hybridauth\User\Contact / final class Contact { /* * The Unique contact user ID * * @var string / public $identifier = null; /* * User website, blog, web page * * @var string / public $webSiteURL = null; /* * URL link to profile page on the IDp web site * * @var string / public $profileURL = null; /* * URL link to user photo or avatar * * @var string / public $photoURL = null; /* * User displayName provided by the IDp or a concatenation of first and last name * * @var string / public $displayName = null; /* * A short about_me * * @var string / public $description = null; /* * User email. Not all of IDp grant access to the user email * * @var string / public $email = null; /* * Prevent the providers adapters from adding new fields. * * @param string $name * @param mixed $value * * @throws UnexpectedValueException / public function __set($name, $value) { throw new UnexpectedValueException(sprintf('Adding new property "%s" to %s is not allowed.', $name, __CLASS__)); } } ��hybridauth/User/Profile.php��0000644��00000006352�15104256626�0011753 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\User; use Hybridauth\Exception\UnexpectedValueException; /* * Hybridauth\Userobject represents the current logged in user profile. / final class Profile { /* * The Unique user's ID on the connected provider * * @var int\|null / public $identifier = null; /* * User website, blog, web page * * @var string\|null / public $webSiteURL = null; /* * URL link to profile page on the IDp web site * * @var string\|null / public $profileURL = null; /* * URL link to user photo or avatar * * @var string\|null / public $photoURL = null; /* * User displayName provided by the IDp or a concatenation of first and last name. * * @var string\|null / public $displayName = null; /* * A short about_me * * @var string\|null / public $description = null; /* * User's first name * * @var string\|null / public $firstName = null; /* * User's last name * * @var string\|null / public $lastName = null; /* * male or female * * @var string\|null / public $gender = null; /* * Language * * @var string\|null / public $language = null; /* * User age, we don't calculate it. we return it as is if the IDp provide it. * * @var int\|null / public $age = null; /* * User birth Day * * @var int\|null / public $birthDay = null; /* * User birth Month * * @var int\|null / public $birthMonth = null; /* * User birth Year * * @var int\|null / public $birthYear = null; /* * User email. Note: not all of IDp grant access to the user email * * @var string\|null / public $email = null; /* * Verified user email. Note: not all of IDp grant access to verified user email * * @var string\|null / public $emailVerified = null; /* * Phone number * * @var string\|null / public $phone = null; /* * Complete user address * * @var string\|null / public $address = null; /* * User country * * @var string\|null / public $country = null; /* * Region * * @var string\|null / public $region = null; /* * City * * @var string\|null / public $city = null; /* * Postal code * * @var string\|null / public $zip = null; /* * An extra data which is related to the user * * @var array / public $data = []; /* * Prevent the providers adapters from adding new fields. * * @throws UnexpectedValueException * @var mixed $value * * @var string $name / public function __set($name, $value) { throw new UnexpectedValueException(sprintf('Adding new property "%s" to %s is not allowed.', $name, __CLASS__)); } } ��hybridauth/Thirdparty/readme.md��0000644��00000001355�15104256626�0012633 0��ustar�00��##### Third party libraries Here we include a number of third party libraries. Those libraries are used by the various providers supported by Hybridauth. Library \| Description -------- \| ------------- [LightOpenID](https://gitorious.org/lightopenid) \| Contain LightOpenID. Solid OpenID library licensed under the MIT License. [OAuth Library](https://code.google.com/p/oauth/) \| Contain OAuth Library licensed under the MIT License. Notes: We no longer use the old OAuth clients. Please don't add new libs to this folder, unless strictly necessary. Both LightOpenID and OAuth are (to be) partially/indirectly tested within the Hybridauth library. Both LightOpenID and OAuth libraries are excluded from Codeclimate.com Analysis/GPA. ��hybridauth/Thirdparty/OpenID/README.md��0000644��00000000323�15104256626�0013443 0��ustar�00��This file is part of the LightOpenID PHP Library LightOpenID is an open source software available under the MIT License. https://github.com/iignatov/LightOpenID http://opensource.org/licenses/mit-license.php ��hybridauth/Thirdparty/OpenID/LightOpenID.php��0000644��00000127653�15104256626�0015023 0��ustar�00��<?php /! * This file is part of the LightOpenID PHP Library (https://github.com/iignatov/LightOpenID) * * LightOpenID is an open source software available under the MIT License. * * Updated: 52f9910 on 4 Mar 2016. / namespace Hybridauth\Thirdparty\OpenID; use Hybridauth\Exception\Exception; use Hybridauth\Exception\ExceptionInterface; /* * Class ErrorException * * @package Hybridauth\Thirdparty\OpenID / class ErrorException extends Exception implements ExceptionInterface { } /* * This class provides a simple interface for OpenID 1.1/2.0 authentication. * * It requires PHP >= 5.1.2 with cURL or HTTP/HTTPS stream wrappers enabled. * * @version v1.3.1 (2016-03-04) * @link https://code.google.com/p/lightopenid/ Project URL * @link https://github.com/iignatov/LightOpenID GitHub Repo * @author Mewp <mewp151 at gmail dot com> * @copyright Copyright (c) 2013 Mewp * @license http://opensource.org/licenses/mit-license.php MIT License / class LightOpenID { public $returnUrl ; public $required = array() ; public $optional = array() ; public $verify_peer = null ; public $capath = null ; public $cainfo = null ; public $cnmatch = null ; public $data ; public $oauth = array() ; public $curl_time_out = 30 // in seconds ; public $curl_connect_time_out = 30; // in seconds private $identity; private $claimed_id; protected $server; protected $version; protected $trustRoot; protected $aliases; protected $identifier_select = false ; protected $ax = false; protected $sreg = false; protected $setup_url = null; protected $headers = array() ; protected $proxy = null; protected $user_agent = 'LightOpenID' ; protected $xrds_override_pattern = null; protected $xrds_override_replacement = null; protected static $ax_to_sreg = array( 'namePerson/friendly' => 'nickname', 'contact/email' => 'email', 'namePerson' => 'fullname', 'birthDate' => 'dob', 'person/gender' => 'gender', 'contact/postalCode/home' => 'postcode', 'contact/country/home' => 'country', 'pref/language' => 'language', 'pref/timezone' => 'timezone', ); /* * LightOpenID constructor. * * @param $host * @param null $proxy * * @throws ErrorException / public function __construct($host, $proxy = null) { $this->set_realm($host); $this->set_proxy($proxy); $uri = rtrim(preg_replace('#((?<=\?)\|&)openid\.[^&]+#', '', $_SERVER['REQUEST_URI']), '?'); $this->returnUrl = $this->trustRoot . $uri; $this->data = ($_SERVER['REQUEST_METHOD'] === 'POST') ? $_POST : $_GET; if (!function_exists('curl_init') && !in_array('https', stream_get_wrappers())) { throw new ErrorException('You must have either https wrappers or curl enabled.'); } } /* * @param $name * * @return bool / public function __isset($name) { return in_array($name, array('identity', 'trustRoot', 'realm', 'xrdsOverride', 'mode')); } /* * @param $name * @param $value / public function __set($name, $value) { switch ($name) { case 'identity': if (strlen($value = trim((String) $value))) { if (preg_match('#^xri:/#i', $value, $m)) { $value = substr($value, strlen($m[0])); } elseif (!preg_match('/^(?:[=@+\$!\(]\|https?:)/i', $value)) { $value = "http://$value"; } if (preg_match('#^https?://[^/]+$#i', $value, $m)) { $value .= '/'; } } $this->$name = $this->claimed_id = $value; break; case 'trustRoot': case 'realm': $this->trustRoot = trim($value); break; case 'xrdsOverride': if (is_array($value)) { list($pattern, $replacement) = $value; $this->xrds_override_pattern = $pattern; $this->xrds_override_replacement = $replacement; } else { trigger_error('Invalid value specified for "xrdsOverride".', E_USER_ERROR); } break; } } /** * @param $name * * @return \|null / public function __get($name) { switch ($name) { case 'identity': # We return claimed_id instead of identity, # because the developer should see the claimed identifier, # i.e. what he set as identity, not the op-local identifier (which is what we verify) return $this->claimed_id; case 'trustRoot': case 'realm': return $this->trustRoot; case 'mode': return empty($this->data['openid_mode']) ? null : $this->data['openid_mode']; } } /* * @param $proxy * * @throws ErrorException / public function set_proxy($proxy) { if (!empty($proxy)) { // When the proxy is a string - try to parse it. if (!is_array($proxy)) { $proxy = parse_url($proxy); } // Check if $proxy is valid after the parsing. if ($proxy && !empty($proxy['host'])) { // Make sure that a valid port number is specified. if (array_key_exists('port', $proxy)) { if (!is_int($proxy['port'])) { $proxy['port'] = is_numeric($proxy['port']) ? intval($proxy['port']) : 0; } if ($proxy['port'] <= 0) { throw new ErrorException('The specified proxy port number is invalid.'); } } $this->proxy = $proxy; } } } /* * Checks if the server specified in the url exists. * * @param $url string url to check * @return true, if the server exists; false otherwise / public function hostExists($url) { if (strpos($url, '/') === false) { $server = $url; } else { $server = @parse_url($url, PHP_URL_HOST); } if (!$server) { return false; } return !!gethostbynamel($server); } /* * @param $uri / protected function set_realm($uri) { $realm = ''; # Set a protocol, if not specified. $realm .= (($offset = strpos($uri, '://')) === false) ? $this->get_realm_protocol() : ''; # Set the offset properly. $offset = (($offset !== false) ? $offset + 3 : 0); # Get only the root, without the path. $realm .= (($end = strpos($uri, '/', $offset)) === false) ? $uri : substr($uri, 0, $end); $this->trustRoot = $realm; } /* * @return string / protected function get_realm_protocol() { if (!empty($_SERVER['HTTPS'])) { $use_secure_protocol = ($_SERVER['HTTPS'] !== 'off'); } elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { $use_secure_protocol = ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'); } elseif (isset($_SERVER['HTTP__WSSC'])) { $use_secure_protocol = ($_SERVER['HTTP__WSSC'] == 'https'); } else { $use_secure_protocol = false; } return $use_secure_protocol ? 'https://' : 'http://'; } /* * @param $url * @param string $method * @param array $params * @param $update_claimed_id * * @return array\|bool\|string * @throws ErrorException / protected function request_curl($url, $method='GET', $params=array(), $update_claimed_id=false) { $params = http_build_query($params, '', '&'); $curl = curl_init($url . ($method == 'GET' && $params ? '?' . $params : '')); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_USERAGENT, $this->user_agent); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); if ($method == 'POST') { curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-type: application/x-www-form-urlencoded')); } else { curl_setopt($curl, CURLOPT_HTTPHEADER, array('Accept: application/xrds+xml, /')); } curl_setopt($curl, CURLOPT_TIMEOUT, $this->curl_time_out); // defaults to infinite curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $this->curl_connect_time_out); // defaults to 300s if (!empty($this->proxy)) { curl_setopt($curl, CURLOPT_PROXY, $this->proxy['host']); if (!empty($this->proxy['port'])) { curl_setopt($curl, CURLOPT_PROXYPORT, $this->proxy['port']); } if (!empty($this->proxy['user'])) { curl_setopt($curl, CURLOPT_PROXYUSERPWD, $this->proxy['user'] . ':' . $this->proxy['pass']); } } if ($this->verify_peer !== null) { curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verify_peer); if ($this->capath) { curl_setopt($curl, CURLOPT_CAPATH, $this->capath); } if ($this->cainfo) { curl_setopt($curl, CURLOPT_CAINFO, $this->cainfo); } } if ($method == 'POST') { curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $params); } elseif ($method == 'HEAD') { curl_setopt($curl, CURLOPT_HEADER, true); curl_setopt($curl, CURLOPT_NOBODY, true); } else { curl_setopt($curl, CURLOPT_HEADER, true); curl_setopt($curl, CURLOPT_HTTPGET, true); } $response = curl_exec($curl); if ($method == 'HEAD' && curl_getinfo($curl, CURLINFO_HTTP_CODE) == 405) { curl_setopt($curl, CURLOPT_HTTPGET, true); $response = curl_exec($curl); $response = substr($response, 0, strpos($response, "\r\n\r\n")); } if ($method == 'HEAD' \|\| $method == 'GET') { $header_response = $response; # If it's a GET request, we want to only parse the header part. if ($method == 'GET') { $header_response = substr($response, 0, strpos($response, "\r\n\r\n")); } $headers = array(); foreach (explode("\n", $header_response) as $header) { $pos = strpos($header, ':'); if ($pos !== false) { $name = strtolower(trim(substr($header, 0, $pos))); $headers[$name] = trim(substr($header, $pos+1)); } } if ($update_claimed_id) { # Update the claimed_id value in case of redirections. $effective_url = curl_getinfo($curl, CURLINFO_EFFECTIVE_URL); # Ignore the fragment (some cURL versions don't handle it well). if (strtok($effective_url, '#') != strtok($url, '#')) { $this->identity = $this->claimed_id = $effective_url; } } if ($method == 'HEAD') { return $headers; } else { $this->headers = $headers; } } if (curl_errno($curl)) { throw new ErrorException(curl_error($curl), curl_errno($curl)); } return $response; } /* * @param $array * @param $update_claimed_id * * @return array / protected function parse_header_array($array, $update_claimed_id) { $headers = array(); foreach ($array as $header) { $pos = strpos($header, ':'); if ($pos !== false) { $name = strtolower(trim(substr($header, 0, $pos))); $headers[$name] = trim(substr($header, $pos+1)); # Following possible redirections. The point is just to have # claimed_id change with them, because the redirections # are followed automatically. # We ignore redirections with relative paths. # If any known provider uses them, file a bug report. if ($name == 'location' && $update_claimed_id) { if (strpos($headers[$name], 'http') === 0) { $this->identity = $this->claimed_id = $headers[$name]; } elseif ($headers[$name][0] == '/') { $parsed_url = parse_url($this->claimed_id); $this->identity = $this->claimed_id = $parsed_url['scheme'] . '://' . $parsed_url['host'] . $headers[$name]; } } } } return $headers; } /* * @param $url * @param string $method * @param array $params * @param $update_claimed_id * * @return array\|false\|string * @throws ErrorException / protected function request_streams($url, $method='GET', $params=array(), $update_claimed_id=false) { if (!$this->hostExists($url)) { throw new ErrorException("Could not connect to $url.", 404); } if (empty($this->cnmatch)) { $this->cnmatch = parse_url($url, PHP_URL_HOST); } $params = http_build_query($params, '', '&'); switch ($method) { case 'GET': $opts = array( 'http' => array( 'method' => 'GET', 'header' => 'Accept: application/xrds+xml, /', 'user_agent' => $this->user_agent, 'ignore_errors' => true, ), 'ssl' => array( 'CN_match' => $this->cnmatch ) ); $url = $url . ($params ? '?' . $params : ''); if (!empty($this->proxy)) { $opts['http']['proxy'] = $this->proxy_url(); } break; case 'POST': $opts = array( 'http' => array( 'method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'user_agent' => $this->user_agent, 'content' => $params, 'ignore_errors' => true, ), 'ssl' => array( 'CN_match' => $this->cnmatch ) ); if (!empty($this->proxy)) { $opts['http']['proxy'] = $this->proxy_url(); } break; case 'HEAD': // We want to send a HEAD request, but since get_headers() doesn't // accept $context parameter, we have to change the defaults. $default = stream_context_get_options(stream_context_get_default()); // PHP does not reset all options. Instead, it just sets the options // available in the passed array, therefore set the defaults manually. $default += array( 'http' => array(), 'ssl' => array() ); $default['http'] += array( 'method' => 'GET', 'header' => '', 'user_agent' => '', 'ignore_errors' => false ); $default['ssl'] += array( 'CN_match' => '' ); $opts = array( 'http' => array( 'method' => 'HEAD', 'header' => 'Accept: application/xrds+xml, /', 'user_agent' => $this->user_agent, 'ignore_errors' => true, ), 'ssl' => array( 'CN_match' => $this->cnmatch ) ); // Enable validation of the SSL certificates. if ($this->verify_peer) { $default['ssl'] += array( 'verify_peer' => false, 'capath' => '', 'cafile' => '' ); $opts['ssl'] += array( 'verify_peer' => true, 'capath' => $this->capath, 'cafile' => $this->cainfo ); } // Change the stream context options. stream_context_get_default($opts); $headers = get_headers($url . ($params ? '?' . $params : '')); // Restore the stream context options. stream_context_get_default($default); if (!empty($headers)) { if (intval(substr($headers[0], strlen('HTTP/1.1 '))) == 405) { // The server doesn't support HEAD - emulate it with a GET. $args = func_get_args(); $args[1] = 'GET'; call_user_func_array(array($this, 'request_streams'), $args); $headers = $this->headers; } else { $headers = $this->parse_header_array($headers, $update_claimed_id); } } else { $headers = array(); } return $headers; } if ($this->verify_peer) { $opts['ssl'] += array( 'verify_peer' => true, 'capath' => $this->capath, 'cafile' => $this->cainfo ); } $context = stream_context_create($opts); $data = file_get_contents($url, false, $context); # This is a hack for providers who don't support HEAD requests. # It just creates the headers array for the last request in $this->headers. if (isset($http_response_header)) { $this->headers = $this->parse_header_array($http_response_header, $update_claimed_id); } return $data; } /* * @param $url * @param string $method * @param array $params * @param bool $update_claimed_id * * @return array\|bool\|false\|string * @throws ErrorException / protected function request($url, $method='GET', $params=array(), $update_claimed_id=false) { $use_curl = false; if (function_exists('curl_init')) { if (!$use_curl) { # When allow_url_fopen is disabled, PHP streams will not work. $use_curl = !ini_get('allow_url_fopen'); } if (!$use_curl) { # When there is no HTTPS wrapper, PHP streams cannott be used. $use_curl = !in_array('https', stream_get_wrappers()); } if (!$use_curl) { # With open_basedir or safe_mode set, cURL can't follow redirects. $use_curl = !(ini_get('safe_mode') \|\| ini_get('open_basedir')); } } return $use_curl ? $this->request_curl($url, $method, $params, $update_claimed_id) : $this->request_streams($url, $method, $params, $update_claimed_id); } /* * @return string / protected function proxy_url() { $result = ''; if (!empty($this->proxy)) { $result = $this->proxy['host']; if (!empty($this->proxy['port'])) { $result = $result . ':' . $this->proxy['port']; } if (!empty($this->proxy['user'])) { $result = $this->proxy['user'] . ':' . $this->proxy['pass'] . '@' . $result; } $result = 'http://' . $result; } return $result; } /* * @param $url * @param $parts * * @return string / protected function build_url($url, $parts) { if (isset($url['query'], $parts['query'])) { $parts['query'] = $url['query'] . '&' . $parts['query']; } $url = $parts + $url; $url = $url['scheme'] . '://' . (empty($url['username'])?'' :(empty($url['password'])? "{$url['username']}@" :"{$url['username']}:{$url['password']}@")) . $url['host'] . (empty($url['port'])?'':":{$url['port']}") . (empty($url['path'])?'':$url['path']) . (empty($url['query'])?'':"?{$url['query']}") . (empty($url['fragment'])?'':"#{$url['fragment']}"); return $url; } /* * Helper function used to scan for <meta>/<link> tags and extract information * from them * * @param $content * @param $tag * @param $attrName * @param $attrValue * @param $valueName * * @return bool / protected function htmlTag($content, $tag, $attrName, $attrValue, $valueName) { preg_match_all("#<{$tag}[^>]$attrName=['\"].?$attrValue.?['\"][^>]$valueName=['\"](.+?)['\"][^>]/?>#i", $content, $matches1); preg_match_all("#<{$tag}[^>]$valueName=['\"](.+?)['\"][^>]$attrName=['\"].?$attrValue.?['\"][^>]/?>#i", $content, $matches2); $result = array_merge($matches1[1], $matches2[1]); return empty($result)?false:$result[0]; } /* * Performs Yadis and HTML discovery. Normally not used. * @param $url Identity URL. * @return String OP Endpoint (i.e. OpenID provider address). * @throws ErrorException / public function discover($url) { if (!$url) { throw new ErrorException('No identity supplied.'); } # Use xri.net proxy to resolve i-name identities if (!preg_match('#^https?:#', $url)) { $url = "https://xri.net/$url"; } # We save the original url in case of Yadis discovery failure. # It can happen when we'll be lead to an XRDS document # which does not have any OpenID2 services. $originalUrl = $url; # A flag to disable yadis discovery in case of failure in headers. $yadis = true; # Allows optional regex replacement of the URL, e.g. to use Google Apps # as an OpenID provider without setting up XRDS on the domain hosting. if (!is_null($this->xrds_override_pattern) && !is_null($this->xrds_override_replacement)) { $url = preg_replace($this->xrds_override_pattern, $this->xrds_override_replacement, $url); } # We'll jump a maximum of 5 times, to avoid endless redirections. for ($i = 0; $i < 5; $i ++) { if ($yadis) { $headers = $this->request($url, 'HEAD', array(), true); $next = false; if (isset($headers['x-xrds-location'])) { $url = $this->build_url(parse_url($url), parse_url(trim($headers['x-xrds-location']))); $next = true; } if (isset($headers['content-type']) && $this->is_allowed_type($headers['content-type'])) { # Found an XRDS document, now let's find the server, and optionally delegate. $content = $this->request($url, 'GET'); preg_match_all('#<Service.?>(.?)</Service>#s', $content, $m); foreach ($m[1] as $content) { $content = ' ' . $content; # The space is added, so that strpos doesn't return 0. # OpenID 2 $ns = preg_quote('http://specs.openid.net/auth/2.0/', '#'); if (preg_match('#<Type>\s'.$ns.'(server\|signon)\s</Type>#s', $content, $type)) { if ($type[1] == 'server') { $this->identifier_select = true; } preg_match('#<URI.?>(.)</URI>#', $content, $server); preg_match('#<(Local\|Canonical)ID>(.)</\1ID>#', $content, $delegate); if (empty($server)) { return false; } # Does the server advertise support for either AX or SREG? $this->ax = (bool) strpos($content, '<Type>http://openid.net/srv/ax/1.0</Type>'); $this->sreg = strpos($content, '<Type>http://openid.net/sreg/1.0</Type>') \|\| strpos($content, '<Type>http://openid.net/extensions/sreg/1.1</Type>'); $server = $server[1]; if (isset($delegate[2])) { $this->identity = trim($delegate[2]); } $this->version = 2; $this->server = $server; return $server; } # OpenID 1.1 $ns = preg_quote('http://openid.net/signon/1.1', '#'); if (preg_match('#<Type>\s'.$ns.'\s</Type>#s', $content)) { preg_match('#<URI.?>(.)</URI>#', $content, $server); preg_match('#<.?Delegate>(.)</.?Delegate>#', $content, $delegate); if (empty($server)) { return false; } # AX can be used only with OpenID 2.0, so checking only SREG $this->sreg = strpos($content, '<Type>http://openid.net/sreg/1.0</Type>') \|\| strpos($content, '<Type>http://openid.net/extensions/sreg/1.1</Type>'); $server = $server[1]; if (isset($delegate[1])) { $this->identity = $delegate[1]; } $this->version = 1; $this->server = $server; return $server; } } $next = true; $yadis = false; $url = $originalUrl; $content = null; break; } if ($next) { continue; } # There are no relevant information in headers, so we search the body. $content = $this->request($url, 'GET', array(), true); if (isset($this->headers['x-xrds-location'])) { $url = $this->build_url(parse_url($url), parse_url(trim($this->headers['x-xrds-location']))); continue; } $location = $this->htmlTag($content, 'meta', 'http-equiv', 'X-XRDS-Location', 'content'); if ($location) { $url = $this->build_url(parse_url($url), parse_url($location)); continue; } } if (!$content) { $content = $this->request($url, 'GET'); } # At this point, the YADIS Discovery has failed, so we'll switch # to openid2 HTML discovery, then fallback to openid 1.1 discovery. $server = $this->htmlTag($content, 'link', 'rel', 'openid2.provider', 'href'); $delegate = $this->htmlTag($content, 'link', 'rel', 'openid2.local_id', 'href'); $this->version = 2; if (!$server) { # The same with openid 1.1 $server = $this->htmlTag($content, 'link', 'rel', 'openid.server', 'href'); $delegate = $this->htmlTag($content, 'link', 'rel', 'openid.delegate', 'href'); $this->version = 1; } if ($server) { # We found an OpenID2 OP Endpoint if ($delegate) { # We have also found an OP-Local ID. $this->identity = $delegate; } $this->server = $server; return $server; } throw new ErrorException("No OpenID Server found at $url", 404); } throw new ErrorException('Endless redirection!', 500); } /* * @param $content_type * * @return bool / protected function is_allowed_type($content_type) { # Apparently, some providers return XRDS documents as text/html. # While it is against the spec, allowing this here shouldn't break # compatibility with anything. $allowed_types = array('application/xrds+xml', 'text/xml'); # Only allow text/html content type for the Yahoo logins, since # it might cause an endless redirection for the other providers. if ($this->get_provider_name($this->claimed_id) == 'yahoo') { $allowed_types[] = 'text/html'; } foreach ($allowed_types as $type) { if (strpos($content_type, $type) !== false) { return true; } } return false; } /* * @param $provider_url * * @return string / protected function get_provider_name($provider_url) { $result = ''; if (!empty($provider_url)) { $tokens = array_reverse( explode('.', parse_url($provider_url, PHP_URL_HOST)) ); $result = strtolower( (count($tokens) > 1 && strlen($tokens[1]) > 3) ? $tokens[1] : (count($tokens) > 2 ? $tokens[2] : '') ); } return $result; } /* * @return array / protected function sregParams() { $params = array(); # We always use SREG 1.1, even if the server is advertising only support for 1.0. # That's because it's fully backwards compatible with 1.0, and some providers # advertise 1.0 even if they accept only 1.1. One such provider is myopenid.com $params['openid.ns.sreg'] = 'http://openid.net/extensions/sreg/1.1'; if ($this->required) { $params['openid.sreg.required'] = array(); foreach ($this->required as $required) { if (!isset(self::$ax_to_sreg[$required])) { continue; } $params['openid.sreg.required'][] = self::$ax_to_sreg[$required]; } $params['openid.sreg.required'] = implode(',', $params['openid.sreg.required']); } if ($this->optional) { $params['openid.sreg.optional'] = array(); foreach ($this->optional as $optional) { if (!isset(self::$ax_to_sreg[$optional])) { continue; } $params['openid.sreg.optional'][] = self::$ax_to_sreg[$optional]; } $params['openid.sreg.optional'] = implode(',', $params['openid.sreg.optional']); } return $params; } /* * @return array / protected function axParams() { $params = array(); if ($this->required \|\| $this->optional) { $params['openid.ns.ax'] = 'http://openid.net/srv/ax/1.0'; $params['openid.ax.mode'] = 'fetch_request'; $this->aliases = array(); $counts = array(); $required = array(); $optional = array(); foreach (array('required','optional') as $type) { foreach ($this->$type as $alias => $field) { if (is_int($alias)) { $alias = strtr($field, '/', '_'); } $this->aliases[$alias] = 'http://axschema.org/' . $field; if (empty($counts[$alias])) { $counts[$alias] = 0; } $counts[$alias] += 1; ${$type}[] = $alias; } } foreach ($this->aliases as $alias => $ns) { $params['openid.ax.type.' . $alias] = $ns; } foreach ($counts as $alias => $count) { if ($count == 1) { continue; } $params['openid.ax.count.' . $alias] = $count; } # Don't send empty ax.required and ax.if_available. # Google and possibly other providers refuse to support ax when one of these is empty. if ($required) { $params['openid.ax.required'] = implode(',', $required); } if ($optional) { $params['openid.ax.if_available'] = implode(',', $optional); } } return $params; } /* * @param $immediate * * @return string / protected function authUrl_v1($immediate) { $returnUrl = $this->returnUrl; # If we have an openid.delegate that is different from our claimed id, # we need to somehow preserve the claimed id between requests. # The simplest way is to just send it along with the return_to url. if ($this->identity != $this->claimed_id) { $returnUrl .= (strpos($returnUrl, '?') ? '&' : '?') . 'openid.claimed_id=' . $this->claimed_id; } $params = array( 'openid.return_to' => $returnUrl, 'openid.mode' => $immediate ? 'checkid_immediate' : 'checkid_setup', 'openid.identity' => $this->identity, 'openid.trust_root' => $this->trustRoot, ) + $this->sregParams(); return $this->build_url(parse_url($this->server), array('query' => http_build_query($params, '', '&'))); } /* * @param $immediate * * @return string / protected function authUrl_v2($immediate) { $params = array( 'openid.ns' => 'http://specs.openid.net/auth/2.0', 'openid.mode' => $immediate ? 'checkid_immediate' : 'checkid_setup', 'openid.return_to' => $this->returnUrl, 'openid.realm' => $this->trustRoot, ); if ($this->ax) { $params += $this->axParams(); } if ($this->sreg) { $params += $this->sregParams(); } if (!$this->ax && !$this->sreg) { # If OP doesn't advertise either SREG, nor AX, let's send them both # in worst case we don't get anything in return. $params += $this->axParams() + $this->sregParams(); } if (!empty($this->oauth) && is_array($this->oauth)) { $params['openid.ns.oauth'] = 'http://specs.openid.net/extensions/oauth/1.0'; $params['openid.oauth.consumer'] = str_replace(array('http://', 'https://'), '', $this->trustRoot); $params['openid.oauth.scope'] = implode(' ', $this->oauth); } if ($this->identifier_select) { $params['openid.identity'] = $params['openid.claimed_id'] = 'http://specs.openid.net/auth/2.0/identifier_select'; } else { $params['openid.identity'] = $this->identity; $params['openid.claimed_id'] = $this->claimed_id; } return $this->build_url(parse_url($this->server), array('query' => http_build_query($params, '', '&'))); } /* * Returns authentication url. Usually, you want to redirect your user to it. * @param bool $immediate * @return String The authentication url. * @throws ErrorException / public function authUrl($immediate = false) { if ($this->setup_url && !$immediate) { return $this->setup_url; } if (!$this->server) { $this->discover($this->identity); } if ($this->version == 2) { return $this->authUrl_v2($immediate); } return $this->authUrl_v1($immediate); } /* * Performs OpenID verification with the OP. * @return Bool Whether the verification was successful. * @throws ErrorException / public function validate() { # If the request was using immediate mode, a failure may be reported # by presenting user_setup_url (for 1.1) or reporting # mode 'setup_needed' (for 2.0). Also catching all modes other than # id_res, in order to avoid throwing errors. if (isset($this->data['openid_user_setup_url'])) { $this->setup_url = $this->data['openid_user_setup_url']; return false; } if ($this->mode != 'id_res') { return false; } $this->claimed_id = isset($this->data['openid_claimed_id'])?$this->data['openid_claimed_id']:$this->data['openid_identity']; $params = array( 'openid.assoc_handle' => $this->data['openid_assoc_handle'], 'openid.signed' => $this->data['openid_signed'], 'openid.sig' => $this->data['openid_sig'], ); if (isset($this->data['openid_ns'])) { # We're dealing with an OpenID 2.0 server, so let's set an ns # Even though we should know location of the endpoint, # we still need to verify it by discovery, so $server is not set here $params['openid.ns'] = 'http://specs.openid.net/auth/2.0'; } elseif (isset($this->data['openid_claimed_id']) && $this->data['openid_claimed_id'] != $this->data['openid_identity'] ) { # If it's an OpenID 1 provider, and we've got claimed_id, # we have to append it to the returnUrl, like authUrl_v1 does. $this->returnUrl .= (strpos($this->returnUrl, '?') ? '&' : '?') . 'openid.claimed_id=' . $this->claimed_id; } if ($this->data['openid_return_to'] != $this->returnUrl) { # The return_to url must match the url of current request. # I'm assuming that no one will set the returnUrl to something that doesn't make sense. return false; } $server = $this->discover($this->claimed_id); foreach (explode(',', $this->data['openid_signed']) as $item) { $value = $this->data['openid_' . str_replace('.', '_', $item)]; $params['openid.' . $item] = $value; } $params['openid.mode'] = 'check_authentication'; $response = $this->request($server, 'POST', $params); return preg_match('/is_valid\s:\strue/i', $response); } /* * @return array / protected function getAxAttributes() { $result = array(); if ($alias = $this->getNamespaceAlias('http://openid.net/srv/ax/1.0', 'ax')) { $prefix = 'openid_' . $alias; $length = strlen('http://axschema.org/'); foreach (explode(',', $this->data['openid_signed']) as $key) { $keyMatch = $alias . '.type.'; if (strncmp($key, $keyMatch, strlen($keyMatch)) !== 0) { continue; } $key = substr($key, strlen($keyMatch)); $idv = $prefix . '_value_' . $key; $idc = $prefix . '_count_' . $key; $key = substr($this->getItem($prefix . '_type_' . $key), $length); if (!empty($key)) { if (($count = intval($this->getItem($idc))) > 0) { $value = array(); for ($i = 1; $i <= $count; $i++) { $value[] = $this->getItem($idv . '_' . $i); } $value = ($count == 1) ? reset($value) : $value; } else { $value = $this->getItem($idv); } if (!is_null($value)) { $result[$key] = $value; } } } } else { // No alias for the AX schema has been found, // so there is no AX data in the OP's response. } return $result; } /* * @return array / protected function getSregAttributes() { $attributes = array(); $sreg_to_ax = array_flip(self::$ax_to_sreg); if ($alias = $this->getNamespaceAlias('http://openid.net/extensions/sreg/1.1', 'sreg')) { foreach (explode(',', $this->data['openid_signed']) as $key) { $keyMatch = $alias . '.'; if (strncmp($key, $keyMatch, strlen($keyMatch)) !== 0) { continue; } $key = substr($key, strlen($keyMatch)); if (!isset($sreg_to_ax[$key])) { # The field name isn't part of the SREG spec, so we ignore it. continue; } $attributes[$sreg_to_ax[$key]] = $this->data['openid_' . $alias . '_' . $key]; } } return $attributes; } /* * Gets AX/SREG attributes provided by OP. should be used only after successful validation. * Note that it does not guarantee that any of the required/optional parameters will be present, * or that there will be no other attributes besides those specified. * In other words. OP may provide whatever information it wants to. * * SREG names will be mapped to AX names. * * * @return array Array of attributes with keys being the AX schema names, e.g. 'contact/email' @see http://www.axschema.org/types/ / public function getAttributes() { if (isset($this->data['openid_ns']) && $this->data['openid_ns'] == 'http://specs.openid.net/auth/2.0' ) { # OpenID 2.0 # We search for both AX and SREG attributes, with AX taking precedence. return $this->getAxAttributes() + $this->getSregAttributes(); } return $this->getSregAttributes(); } /* * Gets an OAuth request token if the OpenID+OAuth hybrid protocol has been used. * * In order to use the OpenID+OAuth hybrid protocol, you need to add at least one * scope to the $openid->oauth array before you get the call to getAuthUrl(), e.g.: * $openid->oauth[] = 'https://www.googleapis.com/auth/plus.me'; * * Furthermore the registered consumer name must fit the OpenID realm. * To register an OpenID consumer at Google use: https://www.google.com/accounts/ManageDomains * * @return string\|bool OAuth request token on success, FALSE if no token was provided. / public function getOAuthRequestToken() { $alias = $this->getNamespaceAlias('http://specs.openid.net/extensions/oauth/1.0'); return !empty($alias) ? $this->data['openid_' . $alias . '_request_token'] : false; } /* * Gets the alias for the specified namespace, if it's present. * * @param string $namespace The namespace for which an alias is needed. * @param string $hint Common alias of this namespace, used for optimization. * @return string\|null The namespace alias if found, otherwise - NULL. / private function getNamespaceAlias($namespace, $hint = null) { $result = null; if (empty($hint) \|\| $this->getItem('openid_ns_' . $hint) != $namespace) { // The common alias is either undefined or points to // some other extension - search for another alias.. $prefix = 'openid_ns_'; $length = strlen($prefix); foreach ($this->data as $key => $val) { if (strncmp($key, $prefix, $length) === 0 && $val === $namespace) { $result = trim(substr($key, $length)); break; } } } else { $result = $hint; } return $result; } /* * Gets an item from the $data array by the specified id. * * @param string $id The id of the desired item. * @return string\|null The item if found, otherwise - NULL. / private function getItem($id) { return isset($this->data[$id]) ? $this->data[$id] : null; } } ��hybridauth/Thirdparty/OAuth/OAuthUtil.php��0000644��00000015636�15104256626�0014472 0��ustar�00��<?php /! * This file is part of the OAuth PHP Library (https://code.google.com/p/oauth/) * * OAuth `PHP' Library is an open source software available under the MIT License. / namespace Hybridauth\Thirdparty\OAuth; /* * Class OAuthUtil * * @package Hybridauth\Thirdparty\OAuth / class OAuthUtil { /* * @param $input * * @return array\|mixed\|string / public static function urlencode_rfc3986($input) { if (is_array($input)) { return array_map(array( '\Hybridauth\Thirdparty\OAuth\OAuthUtil', 'urlencode_rfc3986' ), $input); } elseif (is_scalar($input)) { return str_replace('+', ' ', str_replace('%7E', '~', rawurlencode($input))); } else { return ''; } } // This decode function isn't taking into consideration the above // modifications to the encoding process. However, this method doesn't // seem to be used anywhere so leaving it as is. /* * @param $string * * @return string / public static function urldecode_rfc3986($string) { return urldecode($string); } // Utility function for turning the Authorization: header into // parameters, has to do some unescaping // Can filter out any non-oauth parameters if needed (default behaviour) // May 28th, 2010 - method updated to tjerk.meesters for a speed improvement. // see http://code.google.com/p/oauth/issues/detail?id=163 /* * @param $header * @param bool $only_allow_oauth_parameters * * @return array / public static function split_header($header, $only_allow_oauth_parameters = true) { $params = array(); if (preg_match_all('/(' . ($only_allow_oauth_parameters ? 'oauth_' : '') . '[a-z_-])=(:?"([^"])"\|([^,]))/', $header, $matches)) { foreach ($matches[1] as $i => $h) { $params[$h] = OAuthUtil::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]); } if (isset($params['realm'])) { unset($params['realm']); } } return $params; } // helper to try to sort out headers for people who aren't running apache /** * @return array / public static function get_headers() { if (function_exists('apache_request_headers')) { // we need this to get the actual Authorization: header // because apache tends to tell us it doesn't exist $headers = apache_request_headers(); // sanitize the output of apache_request_headers because // we always want the keys to be Cased-Like-This and arh() // returns the headers in the same case as they are in the // request $out = array(); foreach ($headers as $key => $value) { $key = str_replace(" ", "-", ucwords(strtolower(str_replace("-", " ", $key)))); $out[$key] = $value; } } else { // otherwise we don't have apache and are just going to have to hope // that $_SERVER actually contains what we need $out = array(); if (isset($_SERVER['CONTENT_TYPE'])) { $out['Content-Type'] = $_SERVER['CONTENT_TYPE']; } if (isset($_ENV['CONTENT_TYPE'])) { $out['Content-Type'] = $_ENV['CONTENT_TYPE']; } foreach ($_SERVER as $key => $value) { if (substr($key, 0, 5) == "HTTP_") { // this is chaos, basically it is just there to capitalize the first // letter of every word that is not an initial HTTP and strip HTTP // code from przemek $key = str_replace(" ", "-", ucwords(strtolower(str_replace("_", " ", substr($key, 5))))); $out[$key] = $value; } } } return $out; } // This function takes a input like a=b&a=c&d=e and returns the parsed // parameters like this // array('a' => array('b','c'), 'd' => 'e') /* * @param $input * * @return array / public static function parse_parameters($input) { if (!isset($input) \|\| !$input) { return array(); } $pairs = explode('&', $input); $parsed_parameters = array(); foreach ($pairs as $pair) { $split = explode('=', $pair, 2); $parameter = OAuthUtil::urldecode_rfc3986($split[0]); $value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : ''; if (isset($parsed_parameters[$parameter])) { // We have already recieved parameter(s) with this name, so add to the list // of parameters with this name if (is_scalar($parsed_parameters[$parameter])) { // This is the first duplicate, so transform scalar (string) into an array // so we can add the duplicates $parsed_parameters[$parameter] = array( $parsed_parameters[$parameter] ); } $parsed_parameters[$parameter][] = $value; } else { $parsed_parameters[$parameter] = $value; } } return $parsed_parameters; } /* * @param $params * * @return string / public static function build_http_query($params) { if (!$params) { return ''; } // Urlencode both keys and values $keys = OAuthUtil::urlencode_rfc3986(array_keys($params)); $values = OAuthUtil::urlencode_rfc3986(array_values($params)); $params = array_combine($keys, $values); // Parameters are sorted by name, using lexicographical byte value ordering. // Ref: Spec: 9.1.1 (1) uksort($params, 'strcmp'); $pairs = array(); foreach ($params as $parameter => $value) { if (is_array($value)) { // If two or more parameters share the same name, they are sorted by their value // Ref: Spec: 9.1.1 (1) // June 12th, 2010 - changed to sort because of issue 164 by hidetaka sort($value, SORT_STRING); foreach ($value as $duplicate_value) { $pairs[] = $parameter . '=' . $duplicate_value; } } else { $pairs[] = $parameter . '=' . $value; } } // For each parameter, the name is separated from the corresponding value by an '=' character (ASCII code 61) // Each name-value pair is separated by an '&' character (ASCII code 38) return implode('&', $pairs); } } ��hybridauth/Thirdparty/OAuth/OAuthSignatureMethodHMACSHA1.php��0000644��00000002034�15104256626�0017711 0��ustar�00��<?php /! * This file is part of the OAuth PHP Library (https://code.google.com/p/oauth/) * * OAuth `PHP' Library is an open source software available under the MIT License. / namespace Hybridauth\Thirdparty\OAuth; /* * Class OAuthSignatureMethodHMACSHA1 * * @package Hybridauth\Thirdparty\OAuth / class OAuthSignatureMethodHMACSHA1 extends OAuthSignatureMethod { /* * @return string / public function get_name() { return "HMAC-SHA1"; } /* * @param $request * @param $consumer * @param $token * * @return string / public function build_signature($request, $consumer, $token) { $base_string = $request->get_signature_base_string(); $request->base_string = $base_string; $key_parts = array( $consumer->secret, $token ? $token->secret : '' ); $key_parts = OAuthUtil::urlencode_rfc3986($key_parts); $key = implode('&', $key_parts); return base64_encode(hash_hmac('sha1', $base_string, $key, true)); } } ��hybridauth/Thirdparty/OAuth/OAuthSignatureMethod.php��0000644��00000003361�15104256626�0016647 0��ustar�00��<?php /! * This file is part of the OAuth PHP Library (https://code.google.com/p/oauth/) * * OAuth `PHP' Library is an open source software available under the MIT License. / namespace Hybridauth\Thirdparty\OAuth; /* * Class OAuthSignatureMethod * * @package Hybridauth\Thirdparty\OAuth / abstract class OAuthSignatureMethod { /* * Needs to return the name of the Signature Method (ie HMAC-SHA1) * * @return string / abstract public function get_name(); /* * Build up the signature * NOTE: The output of this function MUST NOT be urlencoded. * the encoding is handled in OAuthRequest when the final * request is serialized * * @param OAuthRequest $request * @param OAuthConsumer $consumer * @param OAuthToken $token * @return string / abstract public function build_signature($request, $consumer, $token); /* * Verifies that a given signature is correct * * @param OAuthRequest $request * @param OAuthConsumer $consumer * @param OAuthToken $token * @param string $signature * @return bool / public function check_signature($request, $consumer, $token, $signature) { $built = $this->build_signature($request, $consumer, $token); // Check for zero length, although unlikely here if (strlen($built) == 0 \|\| strlen($signature) == 0) { return false; } if (strlen($built) != strlen($signature)) { return false; } // Avoid a timing leak with a (hopefully) time insensitive compare $result = 0; for ($i = 0; $i < strlen($signature); $i ++) { $result \|= ord($built[$i]) ^ ord($signature[$i]); } return $result == 0; } } ��hybridauth/Thirdparty/OAuth/OAuthRequest.php��0000644��00000024106�15104256626�0015175 0��ustar�00��<?php /! * This file is part of the OAuth PHP Library (https://code.google.com/p/oauth/) * * OAuth `PHP' Library is an open source software available under the MIT License. / namespace Hybridauth\Thirdparty\OAuth; /* * Class OAuthRequest * * @package Hybridauth\Thirdparty\OAuth / class OAuthRequest { public $parameters; public $http_method; public $http_url; // for debug purposes public $base_string; public static $version = '1.0'; public static $POST_INPUT = 'php://input'; /* * OAuthRequest constructor. * * @param $http_method * @param $http_url * @param null $parameters / public function __construct($http_method, $http_url, $parameters = null) { $parameters = ($parameters) ? $parameters : array(); $parameters = array_merge(OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters); $this->parameters = $parameters; $this->http_method = $http_method; $this->http_url = $http_url; } /* * attempt to build up a request from what was passed to the server * * @param null $http_method * @param null $http_url * @param null $parameters * * @return OAuthRequest / public static function from_request($http_method = null, $http_url = null, $parameters = null) { $scheme = (!isset($_SERVER['HTTPS']) \|\| $_SERVER['HTTPS'] != "on") ? 'http' : 'https'; $http_url = ($http_url) ? $http_url : $scheme . '://' . $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['REQUEST_URI']; $http_method = ($http_method) ? $http_method : $_SERVER['REQUEST_METHOD']; // We weren't handed any parameters, so let's find the ones relevant to // this request. // If you run XML-RPC or similar you should use this to provide your own // parsed parameter-list if (!$parameters) { // Find request headers $request_headers = OAuthUtil::get_headers(); // Parse the query-string to find GET parameters $parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']); // It's a POST request of the proper content-type, so parse POST // parameters and add those overriding any duplicates from GET if ($http_method == "POST" && isset($request_headers['Content-Type']) && strstr($request_headers['Content-Type'], 'application/x-www-form-urlencoded')) { $post_data = OAuthUtil::parse_parameters(file_get_contents(self::$POST_INPUT)); $parameters = array_merge($parameters, $post_data); } // We have a Authorization-header with OAuth data. Parse the header // and add those overriding any duplicates from GET or POST if (isset($request_headers['Authorization']) && substr($request_headers['Authorization'], 0, 6) == 'OAuth ') { $header_parameters = OAuthUtil::split_header($request_headers['Authorization']); $parameters = array_merge($parameters, $header_parameters); } } return new OAuthRequest($http_method, $http_url, $parameters); } /* * pretty much a helper function to set up the request * @param $consumer * @param $token * @param $http_method * @param $http_url * @param null $parameters * @return OAuthRequest / public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters = null) { $parameters = ($parameters) ? $parameters : array(); $defaults = array( "oauth_version" => OAuthRequest::$version, "oauth_nonce" => OAuthRequest::generate_nonce(), "oauth_timestamp" => OAuthRequest::generate_timestamp(), "oauth_consumer_key" => $consumer->key ); if ($token) { $defaults['oauth_token'] = $token->key; } $parameters = array_merge($defaults, $parameters); return new OAuthRequest($http_method, $http_url, $parameters); } /* * @param $name * @param $value * @param bool $allow_duplicates / public function set_parameter($name, $value, $allow_duplicates = true) { if ($allow_duplicates && isset($this->parameters[$name])) { // We have already added parameter(s) with this name, so add to the list if (is_scalar($this->parameters[$name])) { // This is the first duplicate, so transform scalar (string) // into an array so we can add the duplicates $this->parameters[$name] = array( $this->parameters[$name] ); } $this->parameters[$name][] = $value; } else { $this->parameters[$name] = $value; } } /* * @param $name * * @return \|null / public function get_parameter($name) { return isset($this->parameters[$name]) ? $this->parameters[$name] : null; } /* * @return array / public function get_parameters() { return $this->parameters; } /* * @param $name / public function unset_parameter($name) { unset($this->parameters[$name]); } /* * The request parameters, sorted and concatenated into a normalized string. * * @return string / public function get_signable_parameters() { $params = []; // Grab all parameters. foreach ($this->parameters as $key_param => $value_param) { // Process only scalar values. if (is_scalar($value_param)) { $params[$key_param] = $value_param; } } // Remove oauth_signature if present // Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.") if (isset($params['oauth_signature'])) { unset($params['oauth_signature']); } return OAuthUtil::build_http_query($params); } /* * Returns the base string of this request * * The base string defined as the method, the url * and the parameters (normalized), each urlencoded * and the concated with &. / public function get_signature_base_string() { $parts = array( $this->get_normalized_http_method(), $this->get_normalized_http_url(), $this->get_signable_parameters() ); $parts = OAuthUtil::urlencode_rfc3986($parts); return implode('&', $parts); } /* * just uppercases the http method / public function get_normalized_http_method() { return strtoupper($this->http_method); } /* * parses the url and rebuilds it to be * scheme://host/path / public function get_normalized_http_url() { $parts = parse_url($this->http_url); $scheme = (isset($parts['scheme'])) ? $parts['scheme'] : 'http'; $port = (isset($parts['port'])) ? $parts['port'] : (($scheme == 'https') ? '443' : '80'); $host = (isset($parts['host'])) ? strtolower($parts['host']) : ''; $path = (isset($parts['path'])) ? $parts['path'] : ''; if (($scheme == 'https' && $port != '443') \|\| ($scheme == 'http' && $port != '80')) { $host = "$host:$port"; } return "$scheme://$host$path"; } /* * builds a url usable for a GET request / public function to_url() { $post_data = $this->to_postdata(); $out = $this->get_normalized_http_url(); if ($post_data) { $out .= '?' . $post_data; } return $out; } /* * builds the data one would send in a POST request / public function to_postdata() { return OAuthUtil::build_http_query($this->parameters); } /* * builds the Authorization: header * @param null $realm * @return array / public function to_header($realm = null) { $first = true; if ($realm) { $out = 'OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"'; $first = false; } else { $out = 'OAuth'; } foreach ($this->parameters as $k => $v) { if (substr($k, 0, 5) != "oauth") { continue; } if (is_array($v)) { continue; } $out .= ($first) ? ' ' : ','; $out .= OAuthUtil::urlencode_rfc3986($k) . '="' . OAuthUtil::urlencode_rfc3986($v) . '"'; $first = false; } return array( 'Authorization' => $out ); //- hacked into this to make it return an array. 15/11/2014. } /* * @return string / public function __toString() { return $this->to_url(); } /* * @param $signature_method * @param $consumer * @param $token / public function sign_request($signature_method, $consumer, $token) { $this->set_parameter("oauth_signature_method", $signature_method->get_name(), false); $signature = $this->build_signature($signature_method, $consumer, $token); $this->set_parameter("oauth_signature", $signature, false); } /* * @param $signature_method * @param $consumer * @param $token * * @return mixed / public function build_signature($signature_method, $consumer, $token) { $signature = $signature_method->build_signature($this, $consumer, $token); return $signature; } /* * util function: current timestamp / private static function generate_timestamp() { return time(); } /* * util function: current nonce / private static function generate_nonce() { $mt = microtime(); $rand = mt_rand(); return md5($mt . $rand); // md5s look nicer than numbers } } ��hybridauth/Thirdparty/OAuth/OAuthConsumer.php��0000644��00000001540�15104256626�0015335 0��ustar�00��<?php /! * This file is part of the OAuth PHP Library (https://code.google.com/p/oauth/) * * OAuth `PHP' Library is an open source software available under the MIT License. / namespace Hybridauth\Thirdparty\OAuth; /* * Class OAuthConsumer * * @package Hybridauth\Thirdparty\OAuth / class OAuthConsumer { public $key; public $secret; public $callback_url; /* * OAuthConsumer constructor. * * @param $key * @param $secret * @param null $callback_url / public function __construct($key, $secret, $callback_url = null) { $this->key = $key; $this->secret = $secret; $this->callback_url = $callback_url; } /* * @return string / public function __toString() { return "OAuthConsumer[key=$this->key,secret=$this->secret]"; } } ��hybridauth/Thirdparty/OAuth/README.md��0000644��00000000320�15104256626�0013342 0��ustar�00��This package contains OAuth PHP Library. OAuth PHP Library is an open source software available under the MIT License. https://code.google.com/p/oauth/ http://oauth.googlecode.com/svn/code/php/LICENSE.txt ��hybridauth/Storage/Transient.php��0000644��00000006072�15104256626�0013007 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Storage; use Hybridauth\Exception\RuntimeException; /* * Hybridauth storage manager / class Transient implements StorageInterface { /* * Namespace * * @var string / protected $storeNamespace = 'HYBRIDAUTH::STORAGE'; /* * Key prefix * * @var string / protected $keyPrefix = ''; /* * We need short term data storage, so we will be using WordPress transient * * @var array / protected $transient = []; /* * Key used to identify the Transient * * @var string / protected $key = ''; /* * Initiate a new session * * @throws RuntimeException / public function __construct() { if(!empty($_COOKIE['lz_social_login'])){ $this->key = sanitize_text_field(wp_unslash($_COOKIE['lz_social_login'])); $transient = get_transient($this->key); if(!empty($transient)){ $this->transient = $transient; } return; } if(headers_sent()){ // phpcs:ignore throw new RuntimeException('HTTP headers already sent to browser and Hybridauth won\'t be able to start/resume LZ session. To resolve this, cookie must be set before outputing any data.'); } $this->key = 'lz_' . bin2hex(random_bytes(12)); if(!setcookie('lz_social_login', $this->key, time() + 90, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true)){ throw new RuntimeException('LZ session failed to start.'); } } /* * {@inheritdoc} / public function get($key) { if(empty($this->transient)){ $this->transient = get_transient($this->key); if(empty($this->transient) \|\| !is_array($this->transient)){ return null; } } if(isset($this->transient[$key])){ $value = $this->transient[$key]; if(is_array($value) && array_key_exists('lateObject', $value)){ $value = unserialize($value['lateObject']); } return $value; } return null; } /* * {@inheritdoc} / public function set($key, $value) { if(is_object($value)){ // We encapsulate as our classes may be defined after session is initialized. $value = ['lateObject' => serialize($value)]; } $this->transient[$key] = $value; set_transient($this->key, $this->transient, 60); } /* * {@inheritdoc} / public function clear() { delete_transient($this->key); setcookie('lz_social_login', '', time() - 3600, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true); } /* * {@inheritdoc} / public function delete($key) { if(isset($this->transient, $this->transient[$key])){ unset($this->transient[$key]); set_transient($this->key, $this->transient, 60); } } /* * {@inheritdoc} / public function deleteMatch($key) { if(isset($this->transient) && count($this->transient)){ foreach($this->transient as $k => $v) { if(strstr($k, $key)){ unset($this->transient[$k]); } } set_transient($this->key, $this->transient, 60); } } } ��hybridauth/Storage/Session.php��0000644��00000005731�15104256626�0012464 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Storage; use Hybridauth\Exception\RuntimeException; /* * Hybridauth storage manager / class Session implements StorageInterface { /* * Namespace * * @var string / protected $storeNamespace = 'HYBRIDAUTH::STORAGE'; /* * Key prefix * * @var string / protected $keyPrefix = ''; /* * Initiate a new session * * @throws RuntimeException / public function __construct() { if (session_id()) { return; } if (headers_sent()) { // phpcs:ignore throw new RuntimeException('HTTP headers already sent to browser and Hybridauth won\'t be able to start/resume PHP session. To resolve this, session_start() must be called before outputing any data.'); } if (!session_start()) { throw new RuntimeException('PHP session failed to start.'); } } /* * {@inheritdoc} / public function get($key) { $key = $this->keyPrefix . strtolower($key); if (isset($_SESSION[$this->storeNamespace], $_SESSION[$this->storeNamespace][$key])) { $value = $_SESSION[$this->storeNamespace][$key]; if (is_array($value) && array_key_exists('lateObject', $value)) { $value = unserialize($value['lateObject']); } return $value; } return null; } /* * {@inheritdoc} / public function set($key, $value) { $key = $this->keyPrefix . strtolower($key); if (is_object($value)) { // We encapsulate as our classes may be defined after session is initialized. $value = ['lateObject' => serialize($value)]; } $_SESSION[$this->storeNamespace][$key] = $value; } /* * {@inheritdoc} / public function clear() { $_SESSION[$this->storeNamespace] = []; } /* * {@inheritdoc} / public function delete($key) { $key = $this->keyPrefix . strtolower($key); if (isset($_SESSION[$this->storeNamespace], $_SESSION[$this->storeNamespace][$key])) { $tmp = $_SESSION[$this->storeNamespace]; unset($tmp[$key]); $_SESSION[$this->storeNamespace] = $tmp; } } /* * {@inheritdoc} / public function deleteMatch($key) { $key = $this->keyPrefix . strtolower($key); if (isset($_SESSION[$this->storeNamespace]) && count($_SESSION[$this->storeNamespace])) { $tmp = $_SESSION[$this->storeNamespace]; foreach ($tmp as $k => $v) { if (strstr($k, $key)) { unset($tmp[$k]); } } $_SESSION[$this->storeNamespace] = $tmp; } } } ��hybridauth/Storage/StorageInterface.php��0000644��00000001615�15104256626�0014263 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Storage; /* * Hybridauth storage manager interface / interface StorageInterface { /* * Retrieve a item from storage * * @param string $key * * @return mixed / public function get($key); /* * Add or Update an item to storage * * @param string $key * @param string $value / public function set($key, $value); /* * Delete an item from storage * * @param string $key / public function delete($key); /* * Delete a item from storage * * @param string $key / public function deleteMatch($key); /* * Clear all items in storage / public function clear(); } ��hybridauth/autoload.php��0000644��00000003676�15104256626�0011253 0��ustar�00��<?php /* * Basic autoloader for Hybridauth library which you may use as it is or as a template * to suit your application's environment. * * Note that you'd ONLY need this file if you are not using composer. / if (version_compare(PHP_VERSION, '5.4.0', '<')) { throw new Exception('Hybridauth 3 requires PHP version 5.4 or higher.'); } /* * Register the autoloader for Hybridauth classes. * * Based off the official PSR-4 autoloader example found at * http://www.php-fig.org/psr/psr-4/examples/ * * @param string $class The fully-qualified class name. * * @return void / spl_autoload_register( function ($class) { // project-specific namespace prefix. Will only kicks in for Hybridauth's namespace. $prefix = 'Hybridauth\\'; // base directory for the namespace prefix. $base_dir = __DIR__; // By default, it points to this same folder. // You may change this path if having trouble detecting the path to // the source files. // does the class use the namespace prefix? $len = strlen($prefix); if (strncmp($prefix, $class, $len) !== 0) { // no, move to the next registered autoloader. return; } // get the relative class name. $relative_class = substr($class, $len); // replace the namespace prefix with the base directory, replace namespace // separators with directory separators in the relative class name, append // with .php $file = $base_dir . DIRECTORY_SEPARATOR . str_replace('\\', DIRECTORY_SEPARATOR, $relative_class) . '.php'; // if the file exists, require it if (file_exists($file)) { require $file; return; } if(!defined('LOGINIZER_PRO_DIR')) { return; } $file = LOGINIZER_PRO_DIR . 'lib/hybridauth/'. str_replace('\\', DIRECTORY_SEPARATOR, $relative_class) . '.php'; if(file_exists($file)){ require $file; } } ); ��hybridauth/Data/Parser.php��0000644��00000004545�15104256626�0011544 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Data; /* * Parser * * This class is used to parse plain text into objects. It's used by hybriauth adapters to converts * providers api responses to a more 'manageable' format. / final class Parser { /* * Decodes a string into an object. * * This method will first attempt to parse data as a JSON string (since most providers use this format) * then XML and parse_str. * * @param string $raw * * @return mixed / public function parse($raw = null) { $data = $this->parseJson($raw); if (!$data) { $data = $this->parseXml($raw); if (!$data) { $data = $this->parseQueryString($raw); } } return $data; } /* * Decodes a JSON string * * @param $result * * @return mixed / public function parseJson($result) { return json_decode($result); } /* * Decodes a XML string * * @param $result * * @return mixed / public function parseXml($result) { libxml_use_internal_errors(true); $result = preg_replace('/([<\/])([a-z0-9-]+):/i', '$1', $result); $xml = simplexml_load_string($result); libxml_use_internal_errors(false); if (!$xml) { return []; } $arr = json_decode(json_encode((array)$xml), true); $arr = array($xml->getName() => $arr); return $arr; } /* * Parses a string into variables * * @param $result * * @return \StdClass / public function parseQueryString($result) { parse_str($result, $output); if (!is_array($output)) { return $result; } $result = new \StdClass(); foreach ($output as $k => $v) { $result->$k = $v; } return $result; } /* * needs to be improved * * @param $birthday * * @return array / public function parseBirthday($birthday) { $birthday = date_parse((string) $birthday); return [$birthday['year'], $birthday['month'], $birthday['day']]; } } ��hybridauth/Data/Collection.php��0000644��00000005305�15104256626�0012376 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Data; /* * A very basic Data collection. / final class Collection { /* * Data collection * * @var mixed / protected $collection = null; /* * @param mixed $data / public function __construct($data = null) { $this->collection = (object)$data; } /* * Retrieves the whole collection as array * * @return mixed / public function toArray() { return (array)$this->collection; } /* * Retrieves an item * * @param $property * * @return mixed / public function get($property) { if ($this->exists($property)) { return $this->collection->$property; } return null; } /* * Add or update an item * * @param $property * @param mixed $value / public function set($property, $value) { if ($property) { $this->collection->$property = $value; } } /* * .. until I come with a better name.. * * @param $property * * @return Collection / public function filter($property) { if ($this->exists($property)) { $data = $this->get($property); if (!is_a($data, 'Collection')) { $data = new Collection($data); } return $data; } return new Collection([]); } /* * Checks whether an item within the collection * * @param $property * * @return bool / public function exists($property) { return property_exists($this->collection, $property); } /* * Finds whether the collection is empty * * @return bool / public function isEmpty() { return !(bool)$this->count(); } /* * Count all items in collection * * @return int / public function count() { return count($this->properties()); } /* * Returns all items properties names * * @return array / public function properties() { $properties = []; foreach ($this->collection as $key => $value) { $properties[] = $key; } return $properties; } /* * Returns all items values * * @return array / public function values() { $values = []; foreach ($this->collection as $value) { $values[] = $value; } return $values; } } ��hybridauth/Provider/OpenID.php��0000644��00000002067�15104256626�0012344 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Provider; use Hybridauth\Adapter; /* * Generic OpenID providers adapter. * * Example: * * $config = [ * 'callback' => Hybridauth\HttpClient\Util::getCurrentUrl(), * * // authenticate with Yahoo openid * 'openid_identifier' => 'https://open.login.yahooapis.com/openid20/www.yahoo.com/xrds' * * // authenticate with stackexchange network openid * // 'openid_identifier' => 'https://openid.stackexchange.com/', * * // authenticate with Steam openid * // 'openid_identifier' => 'http://steamcommunity.com/openid', * * // etc. * ]; * * $adapter = new Hybridauth\Provider\OpenID($config); * * try { * $adapter->authenticate(); * * $userProfile = $adapter->getUserProfile(); * } catch (\Exception $e) { * echo $e->getMessage() ; * } / class OpenID extends Adapter\OpenID { } ��hybridauth/Provider/LinkedInOpenID.php��0000644��00000004175�15104256626�0013764 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Provider; use Hybridauth\Adapter\OAuth2; use Hybridauth\Data; use Hybridauth\Exception\UnexpectedApiResponseException; use Hybridauth\User; /* * LinkedIn OAuth2 provider adapter. / class LinkedInOpenID extends OAuth2 { /* * {@inheritdoc} / protected $scope = 'openid profile email'; /* * {@inheritdoc} / protected $apiBaseUrl = 'https://api.linkedin.com/v2/'; /* * {@inheritdoc} / protected $authorizeUrl = 'https://www.linkedin.com/oauth/v2/authorization'; /* * {@inheritdoc} / protected $accessTokenUrl = 'https://www.linkedin.com/oauth/v2/accessToken'; /* * {@inheritdoc} / protected $apiDocumentation = 'https://docs.microsoft.com/en-us/linkedin/shared/authentication/authentication'; /* * {@inheritdoc} / protected function initialize() { parent::initialize(); if ($this->isRefreshTokenAvailable()) { $this->tokenRefreshParameters += [ 'client_id' => $this->clientId, 'client_secret' => $this->clientSecret ]; } } /* * {@inheritdoc} / public function getUserProfile() { $response = $this->apiRequest('/userinfo', 'GET', []); $data = new Data\Collection($response); if (!$data->exists('sub')) { throw new UnexpectedApiResponseException('Provider API returned an unexpected response.'); } $userProfile = new User\Profile(); $userProfile->firstName = $data->get('given_name'); $userProfile->lastName = $data->get('family_name'); $userProfile->identifier = $data->get('sub'); $userProfile->email = $data->get('email'); $userProfile->emailVerified = $data->get('email_verified'); $userProfile->displayName = $data->get('name'); $userProfile->photoURL = $data->get('picture'); return $userProfile; } } ��hybridauth/HttpClient/HttpClientInterface.php��0000644��00000002506�15104256626�0015407 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\HttpClient; /* * Hybridauth Http clients interface / interface HttpClientInterface { /* * Send request to the remote server * * Returns the result (Raw response from the server) on success, FALSE on failure * * @param string $uri * @param string $method * @param array $parameters * @param array $headers * @param bool $multipart * * @return mixed / public function request($uri, $method = 'GET', $parameters = [], $headers = [], $multipart = false); /* * Returns raw response from the server on success, FALSE on failure * * @return mixed / public function getResponseBody(); /* * Retriever the headers returned in the response * * @return array / public function getResponseHeader(); /* * Returns latest request HTTP status code * * @return int / public function getResponseHttpCode(); /* * Returns latest error encountered by the client * This can be either a code or error message * * @return mixed / public function getResponseClientError(); } ��hybridauth/HttpClient/Curl.php��0000644��00000017120�15104256626�0012413 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\HttpClient; /* * Hybridauth default Http client / class Curl implements HttpClientInterface { /* * Default curl options * * These defaults options can be overwritten when sending requests. * * See setCurlOptions() * * @var array / protected $curlOptions = [ CURLOPT_TIMEOUT => 30, CURLOPT_CONNECTTIMEOUT => 30, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_MAXREDIRS => 5, CURLINFO_HEADER_OUT => true, CURLOPT_ENCODING => 'identity', // phpcs:ignore CURLOPT_USERAGENT => 'Hybridauth, PHP Social Authentication Library (https://github.com/hybridauth/hybridauth)', ]; /* * Method request() arguments * * This is used for debugging. * * @var array / protected $requestArguments = []; /* * Default request headers * * @var array / protected $requestHeader = [ 'Accept' => '/', 'Cache-Control' => 'max-age=0', 'Connection' => 'keep-alive', 'Expect' => '', 'Pragma' => '', ]; /* * Raw response returned by server * * @var string / protected $responseBody = ''; /* * Headers returned in the response * * @var array / protected $responseHeader = []; /* * Response HTTP status code * * @var int / protected $responseHttpCode = 0; /* * Last curl error number * * @var mixed / protected $responseClientError = null; /* * Information about the last transfer * * @var mixed / protected $responseClientInfo = []; /* * Hybridauth logger instance * * @var object / protected $logger = null; /* * {@inheritdoc} / public function request($uri, $method = 'GET', $parameters = [], $headers = [], $multipart = false) { $this->requestHeader = array_replace($this->requestHeader, (array)$headers); $this->requestArguments = [ 'uri' => $uri, 'method' => $method, 'parameters' => $parameters, 'headers' => $this->requestHeader, ]; $curl = curl_init(); switch ($method) { case 'GET': case 'DELETE': unset($this->curlOptions[CURLOPT_POST]); unset($this->curlOptions[CURLOPT_POSTFIELDS]); $uri = $uri . (strpos($uri, '?') ? '&' : '?') . http_build_query($parameters); if ($method === 'DELETE') { $this->curlOptions[CURLOPT_CUSTOMREQUEST] = 'DELETE'; } break; case 'PUT': case 'POST': case 'PATCH': $body_content = $multipart ? $parameters : http_build_query($parameters); if (isset($this->requestHeader['Content-Type']) && $this->requestHeader['Content-Type'] == 'application/json' ) { $body_content = json_encode($parameters); } if ($method === 'POST') { $this->curlOptions[CURLOPT_POST] = true; } else { $this->curlOptions[CURLOPT_CUSTOMREQUEST] = $method; } $this->curlOptions[CURLOPT_POSTFIELDS] = $body_content; break; } $this->curlOptions[CURLOPT_URL] = $uri; $this->curlOptions[CURLOPT_HTTPHEADER] = $this->prepareRequestHeaders(); $this->curlOptions[CURLOPT_HEADERFUNCTION] = [$this, 'fetchResponseHeader']; foreach ($this->curlOptions as $opt => $value) { curl_setopt($curl, $opt, $value); } $response = curl_exec($curl); $this->responseBody = $response; $this->responseHttpCode = curl_getinfo($curl, CURLINFO_HTTP_CODE); $this->responseClientError = curl_error($curl); $this->responseClientInfo = curl_getinfo($curl); if ($this->logger) { // phpcs:ignore $this->logger->debug(sprintf('%s::request( %s, %s ), response:', get_class($this), $uri, $method), $this->getResponse()); if (false === $response) { // phpcs:ignore $this->logger->error(sprintf('%s::request( %s, %s ), error:', get_class($this), $uri, $method), [$this->responseClientError]); } } curl_close($curl); return $this->responseBody; } /* * Get response details * * @return array Map structure of details / public function getResponse() { $curlOptions = $this->curlOptions; $curlOptions[CURLOPT_HEADERFUNCTION] = 'omitted'; return [ 'request' => $this->getRequestArguments(), 'response' => [ 'code' => $this->getResponseHttpCode(), 'headers' => $this->getResponseHeader(), 'body' => $this->getResponseBody(), ], 'client' => [ 'error' => $this->getResponseClientError(), 'info' => $this->getResponseClientInfo(), 'opts' => $curlOptions, ], ]; } /** * Reset curl options * * @param array $curlOptions / public function setCurlOptions($curlOptions) { foreach ($curlOptions as $opt => $value) { $this->curlOptions[$opt] = $value; } } /* * Set logger instance * * @param object $logger / public function setLogger($logger) { $this->logger = $logger; } /* * {@inheritdoc} / public function getResponseBody() { return $this->responseBody; } /* * {@inheritdoc} / public function getResponseHeader() { return $this->responseHeader; } /* * {@inheritdoc} / public function getResponseHttpCode() { return $this->responseHttpCode; } /* * {@inheritdoc} / public function getResponseClientError() { return $this->responseClientError; } /* * @return array / protected function getResponseClientInfo() { return $this->responseClientInfo; } /* * Returns method request() arguments * * This is used for debugging. * * @return array / protected function getRequestArguments() { return $this->requestArguments; } /* * Fetch server response headers * * @param mixed $curl * @param string $header * * @return int / protected function fetchResponseHeader($curl, $header) { $pos = strpos($header, ':'); if (!empty($pos)) { $key = str_replace('-', '_', strtolower(substr($header, 0, $pos))); $value = trim(substr($header, $pos + 2)); $this->responseHeader[$key] = $value; } return strlen($header); } /* * Convert request headers to the expect curl format * * @return array / protected function prepareRequestHeaders() { $headers = []; foreach ($this->requestHeader as $header => $value) { $headers[] = trim($header) . ': ' . trim($value); } return $headers; } } ��hybridauth/HttpClient/Guzzle.php��0000644��00000015113�15104256626�0012766 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\HttpClient; use GuzzleHttp\Client; use GuzzleHttp\Exception\RequestException; use GuzzleHttp\Exception\ServerException; use GuzzleHttp\Exception\TransferException; /* * Hybridauth Guzzle Http client * * Note: This is just a proof of concept. Feel free to improve it. * * Example: * * <code> * $guzzle = new Hybridauth\HttpClient\Guzzle(new GuzzleHttp\Client(), [ * 'verify' => '/path/to/your/certificate.crt', * 'headers' => ['User-Agent' => '..'] * // 'proxy' => ... * ]); * * $adapter = new Hybridauth\Provider\Github($config, $guzzle); * * $adapter->authenticate(); * </code> / class Guzzle implements HttpClientInterface { /* * Method request() arguments * * This is used for debugging. * * @var array / protected $requestArguments = []; /* * Default request headers * * @var array / protected $requestHeader = []; /* * Raw response returned by server * * @var string / protected $responseBody = ''; /* * Headers returned in the response * * @var array / protected $responseHeader = []; /* * Response HTTP status code * * @var int / protected $responseHttpCode = 0; /* * Last curl error number * * @var mixed / protected $responseClientError = null; /* * Information about the last transfer * * @var mixed / protected $responseClientInfo = []; /* * Hybridauth logger instance * * @var object / protected $logger = null; /* * GuzzleHttp client * * @var \GuzzleHttp\Client / protected $client = null; /* * .. * @param null $client * @param array $config / public function __construct($client = null, $config = []) { $this->client = $client ? $client : new Client($config); } /* * {@inheritdoc} / public function request($uri, $method = 'GET', $parameters = [], $headers = [], $multipart = false) { $this->requestHeader = array_replace($this->requestHeader, (array)$headers); $this->requestArguments = [ 'uri' => $uri, 'method' => $method, 'parameters' => $parameters, 'headers' => $this->requestHeader, ]; $response = null; try { switch ($method) { case 'GET': case 'DELETE': $response = $this->client->request($method, $uri, [ 'query' => $parameters, 'headers' => $this->requestHeader, ]); break; case 'PUT': case 'PATCH': case 'POST': $body_type = $multipart ? 'multipart' : 'form_params'; if (isset($this->requestHeader['Content-Type']) && $this->requestHeader['Content-Type'] === 'application/json' ) { $body_type = 'json'; } $body_content = $parameters; if ($multipart) { $body_content = []; foreach ($parameters as $key => $val) { if ($val instanceof \CURLFile) { $val = fopen($val->getFilename(), 'r'); } $body_content[] = [ 'name' => $key, 'contents' => $val, ]; } } $response = $this->client->request($method, $uri, [ $body_type => $body_content, 'headers' => $this->requestHeader, ]); break; } } catch (\Exception $e) { $response = $e->getResponse(); $this->responseClientError = $e->getMessage(); } if (!$this->responseClientError) { $this->responseBody = $response->getBody(); $this->responseHttpCode = $response->getStatusCode(); $this->responseHeader = $response->getHeaders(); } if ($this->logger) { // phpcs:ignore $this->logger->debug(sprintf('%s::request( %s, %s ), response:', get_class($this), $uri, $method), $this->getResponse()); if ($this->responseClientError) { // phpcs:ignore $this->logger->error(sprintf('%s::request( %s, %s ), error:', get_class($this), $uri, $method), [$this->responseClientError]); } } return $this->responseBody; } /* * Get response details * * @return array Map structure of details / public function getResponse() { return [ 'request' => $this->getRequestArguments(), 'response' => [ 'code' => $this->getResponseHttpCode(), 'headers' => $this->getResponseHeader(), 'body' => $this->getResponseBody(), ], 'client' => [ 'error' => $this->getResponseClientError(), 'info' => $this->getResponseClientInfo(), 'opts' => null, ], ]; } /* * Set logger instance * * @param object $logger / public function setLogger($logger) { $this->logger = $logger; } /* * {@inheritdoc} / public function getResponseBody() { return $this->responseBody; } /* * {@inheritdoc} / public function getResponseHeader() { return $this->responseHeader; } /* * {@inheritdoc} / public function getResponseHttpCode() { return $this->responseHttpCode; } /* * {@inheritdoc} / public function getResponseClientError() { return $this->responseClientError; } /* * @return array / protected function getResponseClientInfo() { return $this->responseClientInfo; } /* * Returns method request() arguments * * This is used for debugging. * * @return array / protected function getRequestArguments() { return $this->requestArguments; } } ��hybridauth/HttpClient/Util.php��0000644��00000004773�15104256626�0012435 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\HttpClient; use Hybridauth\Data; /* * HttpClient\Util home to a number of utility functions. / class Util { /* * Redirect handler. * * @var callable\|null / protected static $redirectHandler; /* * Exit handler. * * @var callable\|null / protected static $exitHandler; /* * Redirect to a given URL. * * In case your application need to perform certain required actions before Hybridauth redirect users * to IDPs websites, the default behaviour can be altered in one of two ways: * If callable $redirectHandler is defined, it will be called instead. * If callable $exitHandler is defined, it will be called instead of exit(). * * @param string $url * * @return mixed / public static function redirect($url) { if (static::$redirectHandler) { return call_user_func(static::$redirectHandler, $url); } header(sprintf('Location: %s', $url)); if (static::$exitHandler) { return call_user_func(static::$exitHandler); } exit(1); } /* * Redirect handler to which the regular redirect() will yield the action of redirecting users. * * @param callable $callback / public static function setRedirectHandler($callback) { self::$redirectHandler = $callback; } /* * Exit handler will be called instead of regular exit() when calling Util::redirect() method. * * @param callable $callback / public static function setExitHandler($callback) { self::$exitHandler = $callback; } /* * Returns the Current URL. * * @param bool $requestUri TRUE to use $_SERVER['REQUEST_URI'], FALSE for $_SERVER['PHP_SELF'] * * @return string / public static function getCurrentUrl($requestUri = false) { $collection = new Data\Collection($_SERVER); $protocol = 'http://'; if (($collection->get('HTTPS') && $collection->get('HTTPS') !== 'off') \|\| $collection->get('HTTP_X_FORWARDED_PROTO') === 'https') { $protocol = 'https://'; } return $protocol . $collection->get('HTTP_HOST') . $collection->get($requestUri ? 'REQUEST_URI' : 'PHP_SELF'); } } ��IPv6/BigInteger.php��0000644��00000347502�15104256626�0010102 0��ustar�00��<?php / vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: / /* * Pure-PHP arbitrary precision integer arithmetic library. * * Supports base-2, base-10, base-16, and base-256 numbers. Uses the GMP or BCMath extensions, if available, * and an internal implementation, otherwise. * * PHP versions 4 and 5 * * {@internal (all DocBlock comments regarding implementation - such as the one that follows - refer to the * {@link MATH_BIGINTEGER_MODE_INTERNAL MATH_BIGINTEGER_MODE_INTERNAL} mode) * * Math_BigInteger uses base-2*26 to perform operations such as multiplication and division and base-252 (ie. two base 226 digits) to perform addition and subtraction. Because the largest possible * value when multiplying two base-226 numbers together is a base-252 number, double precision floating * point numbers - numbers that should be supported on most hardware and whose significand is 53 bits - are * used. As a consequence, bitwise operators such as >> and << cannot be used, nor can the modulo operator %, * which only supports integers. Although this fact will slow this library down, the fact that such a high * base is being used should more than compensate. * * When PHP version 6 is officially released, we'll be able to use 64-bit integers. This should, once again, * allow bitwise operators, and will increase the maximum possible base to 231 (or 262 for addition / * subtraction). * * Numbers are stored in {@link http://en.wikipedia.org/wiki/Endianness little endian} format. ie. * (new Math_BigInteger(pow(2, 26)))->value = array(0, 1) * * Useful resources are as follows: * * - {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf Handbook of Applied Cryptography (HAC)} * - {@link http://math.libtomcrypt.com/files/tommath.pdf Multi-Precision Math (MPM)} * - Java's BigInteger classes. See /j2se/src/share/classes/java/math in jdk-1_5_0-src-jrl.zip * * Here's an example of how to use this library: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger(2); * $b = new Math_BigInteger(3); * * $c = $a->add($b); * * echo $c->toString(); // outputs 5 * ?> * </code> * * LICENSE: This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, * MA 02111-1307 USA * * @category Math * @package Math_BigInteger * @author Jim Wigginton <terrafrost@php.net> * @copyright MMVI Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @version $Id: BigInteger.php,v 1.33 2010/03/22 22:32:03 terrafrost Exp $ * @link http://pear.php.net/package/Math_BigInteger / /#@+ Reduction constants * * @access private * @see Math_BigInteger::_reduce() / /* * @see Math_BigInteger::_montgomery() * @see Math_BigInteger::_prepMontgomery() / define('MATH_BIGINTEGER_MONTGOMERY', 0); /* * @see Math_BigInteger::_barrett() / define('MATH_BIGINTEGER_BARRETT', 1); /* * @see Math_BigInteger::_mod2() / define('MATH_BIGINTEGER_POWEROF2', 2); /* * @see Math_BigInteger::_remainder() / define('MATH_BIGINTEGER_CLASSIC', 3); /* * @see Math_BigInteger::__clone() / define('MATH_BIGINTEGER_NONE', 4); /#@-/ /*#@+ Array constants * * Rather than create a thousands and thousands of new Math_BigInteger objects in repeated function calls to add() and * multiply() or whatever, we'll just work directly on arrays, taking them in as parameters and returning them. * * @access private / /* * $result[MATH_BIGINTEGER_VALUE] contains the value. / define('MATH_BIGINTEGER_VALUE', 0); /* * $result[MATH_BIGINTEGER_SIGN] contains the sign. / define('MATH_BIGINTEGER_SIGN', 1); /#@-/ /*#@+ @access private * @see Math_BigInteger::_montgomery() * @see Math_BigInteger::_barrett() / /* * Cache constants * * $cache[MATH_BIGINTEGER_VARIABLE] tells us whether or not the cached data is still valid. / define('MATH_BIGINTEGER_VARIABLE', 0); /* * $cache[MATH_BIGINTEGER_DATA] contains the cached data. / define('MATH_BIGINTEGER_DATA', 1); /#@-/ /*#@+ Mode constants. * * @access private * @see Math_BigInteger::Math_BigInteger() / /* * To use the pure-PHP implementation / define('MATH_BIGINTEGER_MODE_INTERNAL', 1); /* * To use the BCMath library * * (if enabled; otherwise, the internal implementation will be used) / define('MATH_BIGINTEGER_MODE_BCMATH', 2); /* * To use the GMP library * * (if present; otherwise, either the BCMath or the internal implementation will be used) / define('MATH_BIGINTEGER_MODE_GMP', 3); /#@-/ /** * The largest digit that may be used in addition / subtraction * * (we do pow(2, 52) instead of using 4503599627370496, directly, because some PHP installations * will truncate 4503599627370496) * * @access private / define('MATH_BIGINTEGER_MAX_DIGIT52', pow(2, 52)); /* * Karatsuba Cutoff * * At what point do we switch between Karatsuba multiplication and schoolbook long multiplication? * * @access private / define('MATH_BIGINTEGER_KARATSUBA_CUTOFF', 25); /* * Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256 * numbers. * * @author Jim Wigginton <terrafrost@php.net> * @version 1.0.0RC4 * @access public * @package Math_BigInteger / class Math_BigInteger { /* * Holds the BigInteger's value. * * @var Array * @access private / var $value; /* * Holds the BigInteger's magnitude. * * @var Boolean * @access private / var $is_negative = false; /* * Random number generator function * * @see setRandomGenerator() * @access private / var $generator = 'mt_rand'; /* * Precision * * @see setPrecision() * @access private / var $precision = -1; /* * Precision Bitmask * * @see setPrecision() * @access private / var $bitmask = false; /* * Mode independant value used for serialization. * * If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for * a variable that'll be serializable regardless of whether or not extensions are being used. Unlike $this->value, * however, $this->hex is only calculated when $this->__sleep() is called. * * @see __sleep() * @see __wakeup() * @var String * @access private / var $hex; /* * Converts base-2, base-10, base-16, and binary strings (eg. base-256) to BigIntegers. * * If the second parameter - $base - is negative, then it will be assumed that the number's are encoded using * two's compliment. The sole exception to this is -10, which is treated the same as 10 is. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('0x32', 16); // 50 in base-16 * * echo $a->toString(); // outputs 50 * ?> * </code> * * @param optional $x base-10 number or base-$base number if $base set. * @param optional integer $base * @return Math_BigInteger * @access public / function __construct($x = 0, $base = 10) { if ( !defined('MATH_BIGINTEGER_MODE') ) { switch (true) { case extension_loaded('gmp'): define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_GMP); break; case extension_loaded('bcmath'): define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_BCMATH); break; default: define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_INTERNAL); } } switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: if (is_resource($x) && get_resource_type($x) == 'GMP integer') { $this->value = $x; return; } $this->value = gmp_init(0); break; case MATH_BIGINTEGER_MODE_BCMATH: $this->value = '0'; break; default: $this->value = array(); } if (empty($x)) { return; } switch ($base) { case -256: if (ord($x[0]) & 0x80) { $x = ~$x; $this->is_negative = true; } case 256: switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $sign = $this->is_negative ? '-' : ''; $this->value = gmp_init($sign . '0x' . bin2hex($x)); break; case MATH_BIGINTEGER_MODE_BCMATH: // round $len to the nearest 4 (thanks, DavidMJ!) $len = (strlen($x) + 3) & 0xFFFFFFFC; $x = str_pad($x, $len, chr(0), STR_PAD_LEFT); for ($i = 0; $i < $len; $i+= 4) { $this->value = bcmul($this->value, '4294967296', 0); // 4294967296 == 232 $this->value = bcadd($this->value, 0x1000000 ord($x[$i]) + ((ord($x[$i + 1]) << 16) \| (ord($x[$i + 2]) << 8) \| ord($x[$i + 3])), 0); } if ($this->is_negative) { $this->value = '-' . $this->value; } break; // converts a base-28 (big endian / msb) number to base-226 (little endian / lsb) default: while (strlen($x)) { $this->value[] = $this->_bytes2int($this->_base256_rshift($x, 26)); } } if ($this->is_negative) { if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) { $this->is_negative = false; } $temp = $this->add(new Math_BigInteger('-1')); $this->value = $temp->value; } break; case 16: case -16: if ($base > 0 && $x[0] == '-') { $this->is_negative = true; $x = substr($x, 1); } $x = preg_replace('#^(?:0x)?([A-Fa-f0-9]).#', '$1', $x); $is_negative = false; if ($base < 0 && hexdec($x[0]) >= 8) { $this->is_negative = $is_negative = true; $x = bin2hex(~pack('H', $x)); } switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp = $this->is_negative ? '-0x' . $x : '0x' . $x; $this->value = gmp_init($temp); $this->is_negative = false; break; case MATH_BIGINTEGER_MODE_BCMATH: $x = ( strlen($x) & 1 ) ? '0' . $x : $x; $temp = new Math_BigInteger(pack('H', $x), 256); $this->value = $this->is_negative ? '-' . $temp->value : $temp->value; $this->is_negative = false; break; default: $x = ( strlen($x) & 1 ) ? '0' . $x : $x; $temp = new Math_BigInteger(pack('H', $x), 256); $this->value = $temp->value; } if ($is_negative) { $temp = $this->add(new Math_BigInteger('-1')); $this->value = $temp->value; } break; case 10: case -10: $x = preg_replace('#^(-?[0-9]).#', '$1', $x); switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $this->value = gmp_init($x); break; case MATH_BIGINTEGER_MODE_BCMATH: // explicitly casting $x to a string is necessary, here, since doing $x[0] on -1 yields different // results then doing it on '-1' does (modInverse does $x[0]) $this->value = (string) $x; break; default: $temp = new Math_BigInteger(); // array(10000000) is 107 in base-226. 107 is the closest to 226 we can get without passing it. $multiplier = new Math_BigInteger(); $multiplier->value = array(10000000); if ($x[0] == '-') { $this->is_negative = true; $x = substr($x, 1); } $x = str_pad($x, strlen($x) + (6 strlen($x)) % 7, 0, STR_PAD_LEFT); while (strlen($x)) { $temp = $temp->multiply($multiplier); $temp = $temp->add(new Math_BigInteger($this->_int2bytes(substr($x, 0, 7)), 256)); $x = substr($x, 7); } $this->value = $temp->value; } break; case 2: // base-2 support originally implemented by Lluis Pamies - thanks! case -2: if ($base > 0 && $x[0] == '-') { $this->is_negative = true; $x = substr($x, 1); } $x = preg_replace('#^([01]).#', '$1', $x); $x = str_pad($x, strlen($x) + (3 * strlen($x)) % 4, 0, STR_PAD_LEFT); $str = '0x'; while (strlen($x)) { $part = substr($x, 0, 4); $str.= dechex(bindec($part)); $x = substr($x, 4); } if ($this->is_negative) { $str = '-' . $str; } $temp = new Math_BigInteger($str, 8 * $base); // ie. either -16 or +16 $this->value = $temp->value; $this->is_negative = $temp->is_negative; break; default: // base not supported, so we'll let $this == 0 } } /** * This function exists to maintain backwards compatibility with older code * * @param int $x base-10 number or base-$base number if $base set. * @param int $base Number base / public function Math_BigInteger($x = 0, $base = 10) { self::__construct($x, $base); } /* * Converts a BigInteger to a byte string (eg. base-256). * * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're * saved as two's compliment. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('65'); * * echo $a->toBytes(); // outputs chr(65) * ?> * </code> * * @param Boolean $twos_compliment * @return String * @access public * @internal Converts a base-226 number to base-28 / function toBytes($twos_compliment = false) { if ($twos_compliment) { $comparison = $this->compare(new Math_BigInteger()); if ($comparison == 0) { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } $temp = $comparison < 0 ? $this->add(new Math_BigInteger(1)) : $this->copy(); $bytes = $temp->toBytes(); if (empty($bytes)) { // eg. if the number we're trying to convert is -1 $bytes = chr(0); } if (ord($bytes[0]) & 0x80) { $bytes = chr(0) . $bytes; } return $comparison < 0 ? ~$bytes : $bytes; } switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: if (gmp_cmp($this->value, gmp_init(0)) == 0) { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } $temp = gmp_strval(gmp_abs($this->value), 16); $temp = ( strlen($temp) & 1 ) ? '0' . $temp : $temp; $temp = pack('H', $temp); return $this->precision > 0 ? substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : ltrim($temp, chr(0)); case MATH_BIGINTEGER_MODE_BCMATH: if ($this->value === '0') { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } $value = ''; $current = $this->value; if ($current[0] == '-') { $current = substr($current, 1); } while (bccomp($current, '0', 0) > 0) { $temp = bcmod($current, '16777216'); $value = chr($temp >> 16) . chr($temp >> 8) . chr($temp) . $value; $current = bcdiv($current, '16777216', 0); } return $this->precision > 0 ? substr(str_pad($value, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : ltrim($value, chr(0)); } if (!count($this->value)) { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } $result = $this->_int2bytes($this->value[count($this->value) - 1]); $temp = $this->copy(); for ($i = count($temp->value) - 2; $i >= 0; --$i) { $temp->_base256_lshift($result, 26); $result = $result \| str_pad($temp->_int2bytes($temp->value[$i]), strlen($result), chr(0), STR_PAD_LEFT); } return $this->precision > 0 ? str_pad(substr($result, -(($this->precision + 7) >> 3)), ($this->precision + 7) >> 3, chr(0), STR_PAD_LEFT) : $result; } /** * Converts a BigInteger to a hex string (eg. base-16)). * * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're * saved as two's compliment. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('65'); * * echo $a->toHex(); // outputs '41' * ?> * </code> * * @param Boolean $twos_compliment * @return String * @access public * @internal Converts a base-226 number to base-28 / function toHex($twos_compliment = false) { return bin2hex($this->toBytes($twos_compliment)); } /* * Converts a BigInteger to a bit string (eg. base-2). * * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're * saved as two's compliment. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('65'); * * echo $a->toBits(); // outputs '1000001' * ?> * </code> * * @param Boolean $twos_compliment * @return String * @access public * @internal Converts a base-226 number to base-22 / function toBits($twos_compliment = false) { $hex = $this->toHex($twos_compliment); $bits = ''; for ($i = 0, $end = strlen($hex) & 0xFFFFFFF8; $i < $end; $i+=8) { $bits.= str_pad(decbin(hexdec(substr($hex, $i, 8))), 32, '0', STR_PAD_LEFT); } if ($end != strlen($hex)) { // hexdec('') == 0 $bits.= str_pad(decbin(hexdec(substr($hex, $end))), strlen($hex) & 7, '0', STR_PAD_LEFT); } return $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0'); } /* * Converts a BigInteger to a base-10 number. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('50'); * * echo $a->toString(); // outputs 50 * ?> * </code> * * @return String * @access public * @internal Converts a base-226 number to base-107 (which is pretty much base-10) / function toString() { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: return gmp_strval($this->value); case MATH_BIGINTEGER_MODE_BCMATH: if ($this->value === '0') { return '0'; } return ltrim($this->value, '0'); } if (!count($this->value)) { return '0'; } $temp = $this->copy(); $temp->is_negative = false; $divisor = new Math_BigInteger(); $divisor->value = array(10000000); // eg. 107 $result = ''; while (count($temp->value)) { list($temp, $mod) = $temp->divide($divisor); $result = str_pad(isset($mod->value[0]) ? $mod->value[0] : '', 7, '0', STR_PAD_LEFT) . $result; } $result = ltrim($result, '0'); if (empty($result)) { $result = '0'; } if ($this->is_negative) { $result = '-' . $result; } return $result; } /* * Copy an object * * PHP5 passes objects by reference while PHP4 passes by value. As such, we need a function to guarantee * that all objects are passed by value, when appropriate. More information can be found here: * * {@link http://php.net/language.oop5.basic#51624} * * @access public * @see __clone() * @return Math_BigInteger / function copy() { $temp = new Math_BigInteger(); $temp->value = $this->value; $temp->is_negative = $this->is_negative; $temp->generator = $this->generator; $temp->precision = $this->precision; $temp->bitmask = $this->bitmask; return $temp; } /* * __toString() magic method * * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call * toString(). * * @access public * @internal Implemented per a suggestion by Techie-Michael - thanks! / function __toString() { return $this->toString(); } /* * __clone() magic method * * Although you can call Math_BigInteger::__toString() directly in PHP5, you cannot call Math_BigInteger::__clone() * directly in PHP5. You can in PHP4 since it's not a magic method, but in PHP5, you have to call it by using the PHP5 * only syntax of $y = clone $x. As such, if you're trying to write an application that works on both PHP4 and PHP5, * call Math_BigInteger::copy(), instead. * * @access public * @see copy() * @return Math_BigInteger / function __clone() { return $this->copy(); } /* * __sleep() magic method * * Will be called, automatically, when serialize() is called on a Math_BigInteger object. * * @see __wakeup() * @access public / function __sleep() { $this->hex = $this->toHex(true); $vars = array('hex'); if ($this->generator != 'mt_rand') { $vars[] = 'generator'; } if ($this->precision > 0) { $vars[] = 'precision'; } return $vars; } /* * __wakeup() magic method * * Will be called, automatically, when unserialize() is called on a Math_BigInteger object. * * @see __sleep() * @access public / function __wakeup() { $temp = new Math_BigInteger($this->hex, -16); $this->value = $temp->value; $this->is_negative = $temp->is_negative; $this->setRandomGenerator($this->generator); if ($this->precision > 0) { // recalculate $this->bitmask $this->setPrecision($this->precision); } } /* * Adds two BigIntegers. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * * $c = $a->add($b); * * echo $c->toString(); // outputs 30 * ?> * </code> * * @param Math_BigInteger $y * @return Math_BigInteger * @access public * @internal Performs base-2*52 addition / function add($y) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_add($this->value, $y->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $temp = new Math_BigInteger(); $temp->value = bcadd($this->value, $y->value, 0); return $this->_normalize($temp); } $temp = $this->_add($this->value, $this->is_negative, $y->value, $y->is_negative); $result = new Math_BigInteger(); $result->value = $temp[MATH_BIGINTEGER_VALUE]; $result->is_negative = $temp[MATH_BIGINTEGER_SIGN]; return $this->_normalize($result); } /** * Performs addition. * * @param Array $x_value * @param Boolean $x_negative * @param Array $y_value * @param Boolean $y_negative * @return Array * @access private / function _add($x_value, $x_negative, $y_value, $y_negative) { $x_size = count($x_value); $y_size = count($y_value); if ($x_size == 0) { return array( MATH_BIGINTEGER_VALUE => $y_value, MATH_BIGINTEGER_SIGN => $y_negative ); } else if ($y_size == 0) { return array( MATH_BIGINTEGER_VALUE => $x_value, MATH_BIGINTEGER_SIGN => $x_negative ); } // subtract, if appropriate if ( $x_negative != $y_negative ) { if ( $x_value == $y_value ) { return array( MATH_BIGINTEGER_VALUE => array(), MATH_BIGINTEGER_SIGN => false ); } $temp = $this->_subtract($x_value, false, $y_value, false); $temp[MATH_BIGINTEGER_SIGN] = $this->_compare($x_value, false, $y_value, false) > 0 ? $x_negative : $y_negative; return $temp; } if ($x_size < $y_size) { $size = $x_size; $value = $y_value; } else { $size = $y_size; $value = $x_value; } $value[] = 0; // just in case the carry adds an extra digit $carry = 0; for ($i = 0, $j = 1; $j < $size; $i+=2, $j+=2) { $sum = $x_value[$j] 0x4000000 + $x_value[$i] + $y_value[$j] * 0x4000000 + $y_value[$i] + $carry; $carry = $sum >= MATH_BIGINTEGER_MAX_DIGIT52; // eg. floor($sum / 2*52); only possible values (in any base) are 0 and 1 $sum = $carry ? $sum - MATH_BIGINTEGER_MAX_DIGIT52 : $sum; $temp = (int) ($sum / 0x4000000); $value[$i] = (int) ($sum - 0x4000000 $temp); // eg. a faster alternative to fmod($sum, 0x4000000) $value[$j] = $temp; } if ($j == $size) { // ie. if $y_size is odd $sum = $x_value[$i] + $y_value[$i] + $carry; $carry = $sum >= 0x4000000; $value[$i] = $carry ? $sum - 0x4000000 : $sum; ++$i; // ie. let $i = $j since we've just done $value[$i] } if ($carry) { for (; $value[$i] == 0x3FFFFFF; ++$i) { $value[$i] = 0; } ++$value[$i]; } return array( MATH_BIGINTEGER_VALUE => $this->_trim($value), MATH_BIGINTEGER_SIGN => $x_negative ); } /** * Subtracts two BigIntegers. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * * $c = $a->subtract($b); * * echo $c->toString(); // outputs -10 * ?> * </code> * * @param Math_BigInteger $y * @return Math_BigInteger * @access public * @internal Performs base-2*52 subtraction / function subtract($y) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_sub($this->value, $y->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $temp = new Math_BigInteger(); $temp->value = bcsub($this->value, $y->value, 0); return $this->_normalize($temp); } $temp = $this->_subtract($this->value, $this->is_negative, $y->value, $y->is_negative); $result = new Math_BigInteger(); $result->value = $temp[MATH_BIGINTEGER_VALUE]; $result->is_negative = $temp[MATH_BIGINTEGER_SIGN]; return $this->_normalize($result); } /** * Performs subtraction. * * @param Array $x_value * @param Boolean $x_negative * @param Array $y_value * @param Boolean $y_negative * @return Array * @access private / function _subtract($x_value, $x_negative, $y_value, $y_negative) { $x_size = count($x_value); $y_size = count($y_value); if ($x_size == 0) { return array( MATH_BIGINTEGER_VALUE => $y_value, MATH_BIGINTEGER_SIGN => !$y_negative ); } else if ($y_size == 0) { return array( MATH_BIGINTEGER_VALUE => $x_value, MATH_BIGINTEGER_SIGN => $x_negative ); } // add, if appropriate (ie. -$x - +$y or +$x - -$y) if ( $x_negative != $y_negative ) { $temp = $this->_add($x_value, false, $y_value, false); $temp[MATH_BIGINTEGER_SIGN] = $x_negative; return $temp; } $diff = $this->_compare($x_value, $x_negative, $y_value, $y_negative); if ( !$diff ) { return array( MATH_BIGINTEGER_VALUE => array(), MATH_BIGINTEGER_SIGN => false ); } // switch $x and $y around, if appropriate. if ( (!$x_negative && $diff < 0) \|\| ($x_negative && $diff > 0) ) { $temp = $x_value; $x_value = $y_value; $y_value = $temp; $x_negative = !$x_negative; $x_size = count($x_value); $y_size = count($y_value); } // at this point, $x_value should be at least as big as - if not bigger than - $y_value $carry = 0; for ($i = 0, $j = 1; $j < $y_size; $i+=2, $j+=2) { $sum = $x_value[$j] 0x4000000 + $x_value[$i] - $y_value[$j] * 0x4000000 - $y_value[$i] - $carry; $carry = $sum < 0; // eg. floor($sum / 2*52); only possible values (in any base) are 0 and 1 $sum = $carry ? $sum + MATH_BIGINTEGER_MAX_DIGIT52 : $sum; $temp = (int) ($sum / 0x4000000); $x_value[$i] = (int) ($sum - 0x4000000 $temp); $x_value[$j] = $temp; } if ($j == $y_size) { // ie. if $y_size is odd $sum = $x_value[$i] - $y_value[$i] - $carry; $carry = $sum < 0; $x_value[$i] = $carry ? $sum + 0x4000000 : $sum; ++$i; } if ($carry) { for (; !$x_value[$i]; ++$i) { $x_value[$i] = 0x3FFFFFF; } --$x_value[$i]; } return array( MATH_BIGINTEGER_VALUE => $this->_trim($x_value), MATH_BIGINTEGER_SIGN => $x_negative ); } /** * Multiplies two BigIntegers * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * * $c = $a->multiply($b); * * echo $c->toString(); // outputs 200 * ?> * </code> * * @param Math_BigInteger $x * @return Math_BigInteger * @access public / function multiply($x) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_mul($this->value, $x->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $temp = new Math_BigInteger(); $temp->value = bcmul($this->value, $x->value, 0); return $this->_normalize($temp); } $temp = $this->_multiply($this->value, $this->is_negative, $x->value, $x->is_negative); $product = new Math_BigInteger(); $product->value = $temp[MATH_BIGINTEGER_VALUE]; $product->is_negative = $temp[MATH_BIGINTEGER_SIGN]; return $this->_normalize($product); } /* * Performs multiplication. * * @param Array $x_value * @param Boolean $x_negative * @param Array $y_value * @param Boolean $y_negative * @return Array * @access private / function _multiply($x_value, $x_negative, $y_value, $y_negative) { //if ( $x_value == $y_value ) { // return array( // MATH_BIGINTEGER_VALUE => $this->_square($x_value), // MATH_BIGINTEGER_SIGN => $x_sign != $y_value // ); //} $x_length = count($x_value); $y_length = count($y_value); if ( !$x_length \|\| !$y_length ) { // a 0 is being multiplied return array( MATH_BIGINTEGER_VALUE => array(), MATH_BIGINTEGER_SIGN => false ); } return array( MATH_BIGINTEGER_VALUE => min($x_length, $y_length) < 2 MATH_BIGINTEGER_KARATSUBA_CUTOFF ? $this->_trim($this->_regularMultiply($x_value, $y_value)) : $this->_trim($this->_karatsuba($x_value, $y_value)), MATH_BIGINTEGER_SIGN => $x_negative != $y_negative ); } /** * Performs long multiplication on two BigIntegers * * Modeled after 'multiply' in MutableBigInteger.java. * * @param Array $x_value * @param Array $y_value * @return Array * @access private / function _regularMultiply($x_value, $y_value) { $x_length = count($x_value); $y_length = count($y_value); if ( !$x_length \|\| !$y_length ) { // a 0 is being multiplied return array(); } if ( $x_length < $y_length ) { $temp = $x_value; $x_value = $y_value; $y_value = $temp; $x_length = count($x_value); $y_length = count($y_value); } $product_value = $this->_array_repeat(0, $x_length + $y_length); // the following for loop could be removed if the for loop following it // (the one with nested for loops) initially set $i to 0, but // doing so would also make the result in one set of unnecessary adds, // since on the outermost loops first pass, $product->value[$k] is going // to always be 0 $carry = 0; for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0 $temp = (!empty($x_value[$j]) ? $x_value[$j] : 0) (!empty($y_value[0]) ? $y_value[0] : 0) + $carry; // $product_value[$k] == 0 $carry = (int) ($temp / 0x4000000); $product_value[$j] = (int) ($temp - 0x4000000 * $carry); } $product_value[$j] = $carry; // the above for loop is what the previous comment was talking about. the // following for loop is the "one with nested for loops" for ($i = 1; $i < $y_length; ++$i) { $carry = 0; for ($j = 0, $k = $i; $j < $x_length; ++$j, ++$k) { $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; $carry = (int) ($temp / 0x4000000); $product_value[$k] = (int) ($temp - 0x4000000 * $carry); } $product_value[$k] = $carry; } return $product_value; } /** * Performs Karatsuba multiplication on two BigIntegers * * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=120 MPM 5.2.3}. * * @param Array $x_value * @param Array $y_value * @return Array * @access private / function _karatsuba($x_value, $y_value) { $m = min(count($x_value) >> 1, count($y_value) >> 1); if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) { return $this->_regularMultiply($x_value, $y_value); } $x1 = array_slice($x_value, $m); $x0 = array_slice($x_value, 0, $m); $y1 = array_slice($y_value, $m); $y0 = array_slice($y_value, 0, $m); $z2 = $this->_karatsuba($x1, $y1); $z0 = $this->_karatsuba($x0, $y0); $z1 = $this->_add($x1, false, $x0, false); $temp = $this->_add($y1, false, $y0, false); $z1 = $this->_karatsuba($z1[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_VALUE]); $temp = $this->_add($z2, false, $z0, false); $z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false); $z2 = array_merge(array_fill(0, 2 $m, 0), $z2); $z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]); $xy = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]); $xy = $this->_add($xy[MATH_BIGINTEGER_VALUE], $xy[MATH_BIGINTEGER_SIGN], $z0, false); return $xy[MATH_BIGINTEGER_VALUE]; } /** * Performs squaring * * @param Array $x * @return Array * @access private / function _square($x = false) { return count($x) < 2 MATH_BIGINTEGER_KARATSUBA_CUTOFF ? $this->_trim($this->_baseSquare($x)) : $this->_trim($this->_karatsubaSquare($x)); } /** * Performs traditional squaring on two BigIntegers * * Squaring can be done faster than multiplying a number by itself can be. See * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=7 HAC 14.2.4} / * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=141 MPM 5.3} for more information. * * @param Array $value * @return Array * @access private / function _baseSquare($value) { if ( empty($value) ) { return array(); } $square_value = $this->_array_repeat(0, 2 count($value)); for ($i = 0, $max_index = count($value) - 1; $i <= $max_index; ++$i) { $i2 = $i << 1; $temp = $square_value[$i2] + $value[$i] * $value[$i]; $carry = (int) ($temp / 0x4000000); $square_value[$i2] = (int) ($temp - 0x4000000 * $carry); // note how we start from $i+1 instead of 0 as we do in multiplication. for ($j = $i + 1, $k = $i2 + 1; $j <= $max_index; ++$j, ++$k) { $temp = $square_value[$k] + 2 * $value[$j] * $value[$i] + $carry; $carry = (int) ($temp / 0x4000000); $square_value[$k] = (int) ($temp - 0x4000000 * $carry); } // the following line can yield values larger 215. at this point, PHP should switch // over to floats. $square_value[$i + $max_index + 1] = $carry; } return $square_value; } / * Performs Karatsuba "squaring" on two BigIntegers * * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=151 MPM 5.3.4}. * * @param Array $value * @return Array * @access private / function _karatsubaSquare($value) { $m = count($value) >> 1; if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) { return $this->_baseSquare($value); } $x1 = array_slice($value, $m); $x0 = array_slice($value, 0, $m); $z2 = $this->_karatsubaSquare($x1); $z0 = $this->_karatsubaSquare($x0); $z1 = $this->_add($x1, false, $x0, false); $z1 = $this->_karatsubaSquare($z1[MATH_BIGINTEGER_VALUE]); $temp = $this->_add($z2, false, $z0, false); $z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false); $z2 = array_merge(array_fill(0, 2 $m, 0), $z2); $z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]); $xx = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]); $xx = $this->_add($xx[MATH_BIGINTEGER_VALUE], $xx[MATH_BIGINTEGER_SIGN], $z0, false); return $xx[MATH_BIGINTEGER_VALUE]; } /** * Divides two BigIntegers. * * Returns an array whose first element contains the quotient and whose second element contains the * "common residue". If the remainder would be positive, the "common residue" and the remainder are the * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder * and the divisor (basically, the "common residue" is the first positive modulo). * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * * list($quotient, $remainder) = $a->divide($b); * * echo $quotient->toString(); // outputs 0 * echo "\r\n"; * echo $remainder->toString(); // outputs 10 * ?> * </code> * * @param Math_BigInteger $y * @return Array * @access public * @internal This function is based off of {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=9 HAC 14.20}. / function divide($y) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $quotient = new Math_BigInteger(); $remainder = new Math_BigInteger(); list($quotient->value, $remainder->value) = gmp_div_qr($this->value, $y->value); if (gmp_sign($remainder->value) < 0) { $remainder->value = gmp_add($remainder->value, gmp_abs($y->value)); } return array($this->_normalize($quotient), $this->_normalize($remainder)); case MATH_BIGINTEGER_MODE_BCMATH: $quotient = new Math_BigInteger(); $remainder = new Math_BigInteger(); $quotient->value = bcdiv($this->value, $y->value, 0); $remainder->value = bcmod($this->value, $y->value); if ($remainder->value[0] == '-') { $remainder->value = bcadd($remainder->value, $y->value[0] == '-' ? substr($y->value, 1) : $y->value, 0); } return array($this->_normalize($quotient), $this->_normalize($remainder)); } if (count($y->value) == 1) { list($q, $r) = $this->_divide_digit($this->value, $y->value[0]); $quotient = new Math_BigInteger(); $remainder = new Math_BigInteger(); $quotient->value = $q; $remainder->value = array($r); $quotient->is_negative = $this->is_negative != $y->is_negative; return array($this->_normalize($quotient), $this->_normalize($remainder)); } static $zero; if ( !isset($zero) ) { $zero = new Math_BigInteger(); } $x = $this->copy(); $y = $y->copy(); $x_sign = $x->is_negative; $y_sign = $y->is_negative; $x->is_negative = $y->is_negative = false; $diff = $x->compare($y); if ( !$diff ) { $temp = new Math_BigInteger(); $temp->value = array(1); $temp->is_negative = $x_sign != $y_sign; return array($this->_normalize($temp), $this->_normalize(new Math_BigInteger())); } if ( $diff < 0 ) { // if $x is negative, "add" $y. if ( $x_sign ) { $x = $y->subtract($x); } return array($this->_normalize(new Math_BigInteger()), $this->_normalize($x)); } // normalize $x and $y as described in HAC 14.23 / 14.24 $msb = $y->value[count($y->value) - 1]; for ($shift = 0; !($msb & 0x2000000); ++$shift) { $msb <<= 1; } $x->_lshift($shift); $y->_lshift($shift); $y_value = &$y->value; $x_max = count($x->value) - 1; $y_max = count($y->value) - 1; $quotient = new Math_BigInteger(); $quotient_value = &$quotient->value; $quotient_value = $this->_array_repeat(0, $x_max - $y_max + 1); static $temp, $lhs, $rhs; if (!isset($temp)) { $temp = new Math_BigInteger(); $lhs = new Math_BigInteger(); $rhs = new Math_BigInteger(); } $temp_value = &$temp->value; $rhs_value = &$rhs->value; // $temp = $y << ($x_max - $y_max-1) in base 226 $temp_value = array_merge($this->_array_repeat(0, $x_max - $y_max), $y_value); while ( $x->compare($temp) >= 0 ) { // calculate the "common residue" ++$quotient_value[$x_max - $y_max]; $x = $x->subtract($temp); $x_max = count($x->value) - 1; } for ($i = $x_max; $i >= $y_max + 1; --$i) { $x_value = &$x->value; $x_window = array( isset($x_value[$i]) ? $x_value[$i] : 0, isset($x_value[$i - 1]) ? $x_value[$i - 1] : 0, isset($x_value[$i - 2]) ? $x_value[$i - 2] : 0 ); $y_window = array( $y_value[$y_max], ( $y_max > 0 ) ? $y_value[$y_max - 1] : 0 ); $q_index = $i - $y_max - 1; if ($x_window[0] == $y_window[0]) { $quotient_value[$q_index] = 0x3FFFFFF; } else { $quotient_value[$q_index] = (int) ( ($x_window[0] 0x4000000 + $x_window[1]) / $y_window[0] ); } $temp_value = array($y_window[1], $y_window[0]); $lhs->value = array($quotient_value[$q_index]); $lhs = $lhs->multiply($temp); $rhs_value = array($x_window[2], $x_window[1], $x_window[0]); while ( $lhs->compare($rhs) > 0 ) { --$quotient_value[$q_index]; $lhs->value = array($quotient_value[$q_index]); $lhs = $lhs->multiply($temp); } $adjust = $this->_array_repeat(0, $q_index); $temp_value = array($quotient_value[$q_index]); $temp = $temp->multiply($y); $temp_value = &$temp->value; $temp_value = array_merge($adjust, $temp_value); $x = $x->subtract($temp); if ($x->compare($zero) < 0) { $temp_value = array_merge($adjust, $y_value); $x = $x->add($temp); --$quotient_value[$q_index]; } $x_max = count($x_value) - 1; } // unnormalize the remainder $x->_rshift($shift); $quotient->is_negative = $x_sign != $y_sign; // calculate the "common residue", if appropriate if ( $x_sign ) { $y->_rshift($shift); $x = $y->subtract($x); } return array($this->_normalize($quotient), $this->_normalize($x)); } /** * Divides a BigInteger by a regular integer * * abc / x = a00 / x + b0 / x + c / x * * @param Array $dividend * @param Array $divisor * @return Array * @access private / function _divide_digit($dividend, $divisor) { $carry = 0; $result = array(); for ($i = count($dividend) - 1; $i >= 0; --$i) { $temp = 0x4000000 $carry + (!empty($dividend[$i]) ? $dividend[$i] : 0); $result[$i] = (int) ($temp / $divisor); $carry = (int) ($temp - $divisor * $result[$i]); } return array($result, $carry); } /** * Performs modular exponentiation. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * $c = new Math_BigInteger('30'); * * $c = $a->modPow($b, $c); * * echo $c->toString(); // outputs 10 * ?> * </code> * * @param Math_BigInteger $e * @param Math_BigInteger $n * @return Math_BigInteger * @access public * @internal The most naive approach to modular exponentiation has very unreasonable requirements, and * and although the approach involving repeated squaring does vastly better, it, too, is impractical * for our purposes. The reason being that division - by far the most complicated and time-consuming * of the basic operations (eg. +,-,,/) - occurs multiple times within it. * Modular reductions resolve this issue. Although an individual modular reduction takes more time * then an individual division, when performed in succession (with the same modulo), they're a lot faster. * * The two most commonly used modular reductions are Barrett and Montgomery reduction. Montgomery reduction, * although faster, only works when the gcd of the modulo and of the base being used is 1. In RSA, when the * base is a power of two, the modulo - a product of two primes - is always going to have a gcd of 1 (because * the product of two odd numbers is odd), but what about when RSA isn't used? * * In contrast, Barrett reduction has no such constraint. As such, some bigint implementations perform a * Barrett reduction after every operation in the modpow function. Others perform Barrett reductions when the * modulo is even and Montgomery reductions when the modulo is odd. BigInteger.java's modPow method, however, * uses a trick involving the Chinese Remainder Theorem to factor the even modulo into two numbers - one odd and * the other, a power of two - and recombine them, later. This is the method that this modPow function uses. * {@link http://islab.oregonstate.edu/papers/j34monex.pdf Montgomery Reduction with Even Modulus} elaborates. / function modPow($e, $n) { $n = $this->bitmask !== false && $this->bitmask->compare($n) < 0 ? $this->bitmask : $n->abs(); if ($e->compare(new Math_BigInteger()) < 0) { $e = $e->abs(); $temp = $this->modInverse($n); if ($temp === false) { return false; } return $this->_normalize($temp->modPow($e, $n)); } switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_powm($this->value, $e->value, $n->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $temp = new Math_BigInteger(); $temp->value = bcpowmod($this->value, $e->value, $n->value, 0); return $this->_normalize($temp); } if ( empty($e->value) ) { $temp = new Math_BigInteger(); $temp->value = array(1); return $this->_normalize($temp); } if ( $e->value == array(1) ) { list(, $temp) = $this->divide($n); return $this->_normalize($temp); } if ( $e->value == array(2) ) { $temp = new Math_BigInteger(); $temp->value = $this->_square($this->value); list(, $temp) = $temp->divide($n); return $this->_normalize($temp); } return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_BARRETT)); // is the modulo odd? if ( $n->value[0] & 1 ) { return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_MONTGOMERY)); } // if it's not, it's even // find the lowest set bit (eg. the max pow of 2 that divides $n) for ($i = 0; $i < count($n->value); ++$i) { if ( $n->value[$i] ) { $temp = decbin($n->value[$i]); $j = strlen($temp) - strrpos($temp, '1') - 1; $j+= 26 $i; break; } } // at this point, 2^$j * $n/(2^$j) == $n $mod1 = $n->copy(); $mod1->_rshift($j); $mod2 = new Math_BigInteger(); $mod2->value = array(1); $mod2->_lshift($j); $part1 = ( $mod1->value != array(1) ) ? $this->_slidingWindow($e, $mod1, MATH_BIGINTEGER_MONTGOMERY) : new Math_BigInteger(); $part2 = $this->_slidingWindow($e, $mod2, MATH_BIGINTEGER_POWEROF2); $y1 = $mod2->modInverse($mod1); $y2 = $mod1->modInverse($mod2); $result = $part1->multiply($mod2); $result = $result->multiply($y1); $temp = $part2->multiply($mod1); $temp = $temp->multiply($y2); $result = $result->add($temp); list(, $result) = $result->divide($n); return $this->_normalize($result); } /** * Performs modular exponentiation. * * Alias for Math_BigInteger::modPow() * * @param Math_BigInteger $e * @param Math_BigInteger $n * @return Math_BigInteger * @access public / function powMod($e, $n) { return $this->modPow($e, $n); } /* * Sliding Window k-ary Modular Exponentiation * * Based on {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=27 HAC 14.85} / * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=210 MPM 7.7}. In a departure from those algorithims, * however, this function performs a modular reduction after every multiplication and squaring operation. * As such, this function has the same preconditions that the reductions being used do. * * @param Math_BigInteger $e * @param Math_BigInteger $n * @param Integer $mode * @return Math_BigInteger * @access private / function _slidingWindow($e, $n, $mode) { static $window_ranges = array(7, 25, 81, 241, 673, 1793); // from BigInteger.java's oddModPow function //static $window_ranges = array(0, 7, 36, 140, 450, 1303, 3529); // from MPM 7.3.1 $e_value = $e->value; $e_length = count($e_value) - 1; $e_bits = decbin($e_value[$e_length]); for ($i = $e_length - 1; $i >= 0; --$i) { $e_bits.= str_pad(decbin($e_value[$i]), 26, '0', STR_PAD_LEFT); } $e_length = strlen($e_bits); // calculate the appropriate window size. // $window_size == 3 if $window_ranges is between 25 and 81, for example. for ($i = 0, $window_size = 1; $e_length > $window_ranges[$i] && $i < count($window_ranges); ++$window_size, ++$i); $n_value = $n->value; // precompute $this^0 through $this^$window_size $powers = array(); $powers[1] = $this->_prepareReduce($this->value, $n_value, $mode); $powers[2] = $this->_squareReduce($powers[1], $n_value, $mode); // we do every other number since substr($e_bits, $i, $j+1) (see below) is supposed to end // in a 1. ie. it's supposed to be odd. $temp = 1 << ($window_size - 1); for ($i = 1; $i < $temp; ++$i) { $i2 = $i << 1; $powers[$i2 + 1] = $this->_multiplyReduce($powers[$i2 - 1], $powers[2], $n_value, $mode); } $result = array(1); $result = $this->_prepareReduce($result, $n_value, $mode); for ($i = 0; $i < $e_length; ) { if ( !$e_bits[$i] ) { $result = $this->_squareReduce($result, $n_value, $mode); ++$i; } else { for ($j = $window_size - 1; $j > 0; --$j) { if ( !empty($e_bits[$i + $j]) ) { break; } } for ($k = 0; $k <= $j; ++$k) {// eg. the length of substr($e_bits, $i, $j+1) $result = $this->_squareReduce($result, $n_value, $mode); } $result = $this->_multiplyReduce($result, $powers[bindec(substr($e_bits, $i, $j + 1))], $n_value, $mode); $i+=$j + 1; } } $temp = new Math_BigInteger(); $temp->value = $this->_reduce($result, $n_value, $mode); return $temp; } /* * Modular reduction * * For most $modes this will return the remainder. * * @see _slidingWindow() * @access private * @param Array $x * @param Array $n * @param Integer $mode * @return Array / function _reduce($x, $n, $mode) { switch ($mode) { case MATH_BIGINTEGER_MONTGOMERY: return $this->_montgomery($x, $n); case MATH_BIGINTEGER_BARRETT: return $this->_barrett($x, $n); case MATH_BIGINTEGER_POWEROF2: $lhs = new Math_BigInteger(); $lhs->value = $x; $rhs = new Math_BigInteger(); $rhs->value = $n; return $x->_mod2($n); case MATH_BIGINTEGER_CLASSIC: $lhs = new Math_BigInteger(); $lhs->value = $x; $rhs = new Math_BigInteger(); $rhs->value = $n; list(, $temp) = $lhs->divide($rhs); return $temp->value; case MATH_BIGINTEGER_NONE: return $x; default: // an invalid $mode was provided } } /* * Modular reduction preperation * * @see _slidingWindow() * @access private * @param Array $x * @param Array $n * @param Integer $mode * @return Array / function _prepareReduce($x, $n, $mode) { if ($mode == MATH_BIGINTEGER_MONTGOMERY) { return $this->_prepMontgomery($x, $n); } return $this->_reduce($x, $n, $mode); } /* * Modular multiply * * @see _slidingWindow() * @access private * @param Array $x * @param Array $y * @param Array $n * @param Integer $mode * @return Array / function _multiplyReduce($x, $y, $n, $mode) { if ($mode == MATH_BIGINTEGER_MONTGOMERY) { return $this->_montgomeryMultiply($x, $y, $n); } $temp = $this->_multiply($x, false, $y, false); return $this->_reduce($temp[MATH_BIGINTEGER_VALUE], $n, $mode); } /* * Modular square * * @see _slidingWindow() * @access private * @param Array $x * @param Array $n * @param Integer $mode * @return Array / function _squareReduce($x, $n, $mode) { if ($mode == MATH_BIGINTEGER_MONTGOMERY) { return $this->_montgomeryMultiply($x, $x, $n); } return $this->_reduce($this->_square($x), $n, $mode); } /* * Modulos for Powers of Two * * Calculates $x%$n, where $n = 2*$e, for some $e. Since this is basically the same as doing $x & ($n-1), we'll just use this function as a wrapper for doing that. * * @see _slidingWindow() * @access private * @param Math_BigInteger * @return Math_BigInteger / function _mod2($n) { $temp = new Math_BigInteger(); $temp->value = array(1); return $this->bitwise_and($n->subtract($temp)); } /* * Barrett Modular Reduction * * See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=14 HAC 14.3.3} / * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=165 MPM 6.2.5} for more information. Modified slightly, * so as not to require negative numbers (initially, this script didn't support negative numbers). * * Employs "folding", as described at * {@link http://www.cosic.esat.kuleuven.be/publications/thesis-149.pdf#page=66 thesis-149.pdf#page=66}. To quote from * it, "the idea [behind folding] is to find a value x' such that x (mod m) = x' (mod m), with x' being smaller than x." * * Unfortunately, the "Barrett Reduction with Folding" algorithm described in thesis-149.pdf is not, as written, all that * usable on account of (1) its not using reasonable radix points as discussed in * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=162 MPM 6.2.2} and (2) the fact that, even with reasonable * radix points, it only works when there are an even number of digits in the denominator. The reason for (2) is that * (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line * comments for details. * * @see _slidingWindow() * @access private * @param Array $n * @param Array $m * @return Array / function _barrett($n, $m) { static $cache = array( MATH_BIGINTEGER_VARIABLE => array(), MATH_BIGINTEGER_DATA => array() ); $m_length = count($m); // if ($this->_compare($n, $this->_square($m)) >= 0) { if (count($n) > 2 $m_length) { $lhs = new Math_BigInteger(); $rhs = new Math_BigInteger(); $lhs->value = $n; $rhs->value = $m; list(, $temp) = $lhs->divide($rhs); return $temp->value; } // if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced if ($m_length < 5) { return $this->_regularBarrett($n, $m); } // n = 2 * m.length if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) { $key = count($cache[MATH_BIGINTEGER_VARIABLE]); $cache[MATH_BIGINTEGER_VARIABLE][] = $m; $lhs = new Math_BigInteger(); $lhs_value = &$lhs->value; $lhs_value = $this->_array_repeat(0, $m_length + ($m_length >> 1)); $lhs_value[] = 1; $rhs = new Math_BigInteger(); $rhs->value = $m; list($u, $m1) = $lhs->divide($rhs); $u = $u->value; $m1 = $m1->value; $cache[MATH_BIGINTEGER_DATA][] = array( 'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1) 'm1'=> $m1 // m.length ); } else { extract($cache[MATH_BIGINTEGER_DATA][$key]); } $cutoff = $m_length + ($m_length >> 1); $lsd = array_slice($n, 0, $cutoff); // m.length + (m.length >> 1) $msd = array_slice($n, $cutoff); // m.length >> 1 $lsd = $this->_trim($lsd); $temp = $this->_multiply($msd, false, $m1, false); $n = $this->_add($lsd, false, $temp[MATH_BIGINTEGER_VALUE], false); // m.length + (m.length >> 1) + 1 if ($m_length & 1) { return $this->_regularBarrett($n[MATH_BIGINTEGER_VALUE], $m); } // (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2 $temp = array_slice($n[MATH_BIGINTEGER_VALUE], $m_length - 1); // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2 // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1 $temp = $this->_multiply($temp, false, $u, false); // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1 // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) $temp = array_slice($temp[MATH_BIGINTEGER_VALUE], ($m_length >> 1) + 1); // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1 // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1) $temp = $this->_multiply($temp, false, $m, false); // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop // following this comment would loop a lot (hence our calling _regularBarrett() in that situation). $result = $this->_subtract($n[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false); while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false) >= 0) { $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false); } return $result[MATH_BIGINTEGER_VALUE]; } /** * (Regular) Barrett Modular Reduction * * For numbers with more than four digits Math_BigInteger::_barrett() is faster. The difference between that and this * is that this function does not fold the denominator into a smaller form. * * @see _slidingWindow() * @access private * @param Array $x * @param Array $n * @return Array / function _regularBarrett($x, $n) { static $cache = array( MATH_BIGINTEGER_VARIABLE => array(), MATH_BIGINTEGER_DATA => array() ); $n_length = count($n); if (count($x) > 2 $n_length) { $lhs = new Math_BigInteger(); $rhs = new Math_BigInteger(); $lhs->value = $x; $rhs->value = $n; list(, $temp) = $lhs->divide($rhs); return $temp->value; } if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) { $key = count($cache[MATH_BIGINTEGER_VARIABLE]); $cache[MATH_BIGINTEGER_VARIABLE][] = $n; $lhs = new Math_BigInteger(); $lhs_value = &$lhs->value; $lhs_value = $this->_array_repeat(0, 2 * $n_length); $lhs_value[] = 1; $rhs = new Math_BigInteger(); $rhs->value = $n; list($temp, ) = $lhs->divide($rhs); // m.length $cache[MATH_BIGINTEGER_DATA][] = $temp->value; } // 2 * m.length - (m.length - 1) = m.length + 1 $temp = array_slice($x, $n_length - 1); // (m.length + 1) + m.length = 2 * m.length + 1 $temp = $this->_multiply($temp, false, $cache[MATH_BIGINTEGER_DATA][$key], false); // (2 * m.length + 1) - (m.length - 1) = m.length + 2 $temp = array_slice($temp[MATH_BIGINTEGER_VALUE], $n_length + 1); // m.length + 1 $result = array_slice($x, 0, $n_length + 1); // m.length + 1 $temp = $this->_multiplyLower($temp, false, $n, false, $n_length + 1); // $temp == array_slice($temp->_multiply($temp, false, $n, false)->value, 0, $n_length + 1) if ($this->_compare($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]) < 0) { $corrector_value = $this->_array_repeat(0, $n_length + 1); $corrector_value[] = 1; $result = $this->_add($result, false, $corrector, false); $result = $result[MATH_BIGINTEGER_VALUE]; } // at this point, we're subtracting a number with m.length + 1 digits from another number with m.length + 1 digits $result = $this->_subtract($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]); while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false) > 0) { $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false); } return $result[MATH_BIGINTEGER_VALUE]; } /** * Performs long multiplication up to $stop digits * * If you're going to be doing array_slice($product->value, 0, $stop), some cycles can be saved. * * @see _regularBarrett() * @param Array $x_value * @param Boolean $x_negative * @param Array $y_value * @param Boolean $y_negative * @return Array * @access private / function _multiplyLower($x_value, $x_negative, $y_value, $y_negative, $stop) { $x_length = count($x_value); $y_length = count($y_value); if ( !$x_length \|\| !$y_length ) { // a 0 is being multiplied return array( MATH_BIGINTEGER_VALUE => array(), MATH_BIGINTEGER_SIGN => false ); } if ( $x_length < $y_length ) { $temp = $x_value; $x_value = $y_value; $y_value = $temp; $x_length = count($x_value); $y_length = count($y_value); } $product_value = $this->_array_repeat(0, $x_length + $y_length); // the following for loop could be removed if the for loop following it // (the one with nested for loops) initially set $i to 0, but // doing so would also make the result in one set of unnecessary adds, // since on the outermost loops first pass, $product->value[$k] is going // to always be 0 $carry = 0; for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0, $k = $i $temp = $x_value[$j] $y_value[0] + $carry; // $product_value[$k] == 0 $carry = (int) ($temp / 0x4000000); $product_value[$j] = (int) ($temp - 0x4000000 * $carry); } if ($j < $stop) { $product_value[$j] = $carry; } // the above for loop is what the previous comment was talking about. the // following for loop is the "one with nested for loops" for ($i = 1; $i < $y_length; ++$i) { $carry = 0; for ($j = 0, $k = $i; $j < $x_length && $k < $stop; ++$j, ++$k) { $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; $carry = (int) ($temp / 0x4000000); $product_value[$k] = (int) ($temp - 0x4000000 * $carry); } if ($k < $stop) { $product_value[$k] = $carry; } } return array( MATH_BIGINTEGER_VALUE => $this->_trim($product_value), MATH_BIGINTEGER_SIGN => $x_negative != $y_negative ); } /** * Montgomery Modular Reduction * * ($x->_prepMontgomery($n))->_montgomery($n) yields $x % $n. * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=170 MPM 6.3} provides insights on how this can be * improved upon (basically, by using the comba method). gcd($n, 2) must be equal to one for this function * to work correctly. * * @see _prepMontgomery() * @see _slidingWindow() * @access private * @param Array $x * @param Array $n * @return Array / function _montgomery($x, $n) { static $cache = array( MATH_BIGINTEGER_VARIABLE => array(), MATH_BIGINTEGER_DATA => array() ); if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) { $key = count($cache[MATH_BIGINTEGER_VARIABLE]); $cache[MATH_BIGINTEGER_VARIABLE][] = $x; $cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($n); } $k = count($n); $result = array(MATH_BIGINTEGER_VALUE => $x); for ($i = 0; $i < $k; ++$i) { $temp = $result[MATH_BIGINTEGER_VALUE][$i] $cache[MATH_BIGINTEGER_DATA][$key]; $temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000))); $temp = $this->_regularMultiply(array($temp), $n); $temp = array_merge($this->_array_repeat(0, $i), $temp); $result = $this->_add($result[MATH_BIGINTEGER_VALUE], false, $temp, false); } $result[MATH_BIGINTEGER_VALUE] = array_slice($result[MATH_BIGINTEGER_VALUE], $k); if ($this->_compare($result, false, $n, false) >= 0) { $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], false, $n, false); } return $result[MATH_BIGINTEGER_VALUE]; } /** * Montgomery Multiply * * Interleaves the montgomery reduction and long multiplication algorithms together as described in * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36} * * @see _prepMontgomery() * @see _montgomery() * @access private * @param Array $x * @param Array $y * @param Array $m * @return Array / function _montgomeryMultiply($x, $y, $m) { $temp = $this->_multiply($x, false, $y, false); return $this->_montgomery($temp[MATH_BIGINTEGER_VALUE], $m); static $cache = array( MATH_BIGINTEGER_VARIABLE => array(), MATH_BIGINTEGER_DATA => array() ); if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) { $key = count($cache[MATH_BIGINTEGER_VARIABLE]); $cache[MATH_BIGINTEGER_VARIABLE][] = $m; $cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($m); } $n = max(count($x), count($y), count($m)); $x = array_pad($x, $n, 0); $y = array_pad($y, $n, 0); $m = array_pad($m, $n, 0); $a = array(MATH_BIGINTEGER_VALUE => $this->_array_repeat(0, $n + 1)); for ($i = 0; $i < $n; ++$i) { $temp = $a[MATH_BIGINTEGER_VALUE][0] + $x[$i] $y[0]; $temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000))); $temp = $temp * $cache[MATH_BIGINTEGER_DATA][$key]; $temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000))); $temp = $this->_add($this->_regularMultiply(array($x[$i]), $y), false, $this->_regularMultiply(array($temp), $m), false); $a = $this->_add($a[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false); $a[MATH_BIGINTEGER_VALUE] = array_slice($a[MATH_BIGINTEGER_VALUE], 1); } if ($this->_compare($a[MATH_BIGINTEGER_VALUE], false, $m, false) >= 0) { $a = $this->_subtract($a[MATH_BIGINTEGER_VALUE], false, $m, false); } return $a[MATH_BIGINTEGER_VALUE]; } /** * Prepare a number for use in Montgomery Modular Reductions * * @see _montgomery() * @see _slidingWindow() * @access private * @param Array $x * @param Array $n * @return Array / function _prepMontgomery($x, $n) { $lhs = new Math_BigInteger(); $lhs->value = array_merge($this->_array_repeat(0, count($n)), $x); $rhs = new Math_BigInteger(); $rhs->value = $n; list(, $temp) = $lhs->divide($rhs); return $temp->value; } /* * Modular Inverse of a number mod 2*26 (eg. 67108864) * Based off of the bnpInvDigit function implemented and justified in the following URL: * * {@link http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn.js} * * The following URL provides more info: * * {@link http://groups.google.com/group/sci.crypt/msg/7a137205c1be7d85} * * As for why we do all the bitmasking... strange things can happen when converting from floats to ints. For * instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields * int(-2147483648). To avoid problems stemming from this, we use bitmasks to guarantee that ints aren't * auto-converted to floats. The outermost bitmask is present because without it, there's no guarantee that * the "residue" returned would be the so-called "common residue". We use fmod, in the last step, because the * maximum possible $x is 26 bits and the maximum $result is 16 bits. Thus, we have to be able to handle up to * 40 bits, which only 64-bit floating points will support. * * Thanks to Pedro Gimeno Fortea for input! * * @see _montgomery() * @access private * @param Array $x * @return Integer / function _modInverse67108864($x) // 226 == 67108864 { $x = -$x[0]; $result = $x & 0x3; // x-1 mod 22 $result = ($result (2 - $x * $result)) & 0xF; // x-1 mod 24 $result = ($result * (2 - ($x & 0xFF) * $result)) & 0xFF; // x-1 mod 28 $result = ($result * ((2 - ($x & 0xFFFF) * $result) & 0xFFFF)) & 0xFFFF; // x-1 mod 216 $result = fmod($result * (2 - fmod($x * $result, 0x4000000)), 0x4000000); // x-1 mod 226 return $result & 0x3FFFFFF; } /** * Calculates modular inverses. * * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger(30); * $b = new Math_BigInteger(17); * * $c = $a->modInverse($b); * echo $c->toString(); // outputs 4 * * echo "\r\n"; * * $d = $a->multiply($c); * list(, $d) = $d->divide($b); * echo $d; // outputs 1 (as per the definition of modular inverse) * ?> * </code> * * @param Math_BigInteger $n * @return mixed false, if no modular inverse exists, Math_BigInteger, otherwise. * @access public * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=21 HAC 14.64} for more information. / function modInverse($n) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_invert($this->value, $n->value); return ( $temp->value === false ) ? false : $this->_normalize($temp); } static $zero, $one; if (!isset($zero)) { $zero = new Math_BigInteger(); $one = new Math_BigInteger(1); } // $x mod $n == $x mod -$n. $n = $n->abs(); if ($this->compare($zero) < 0) { $temp = $this->abs(); $temp = $temp->modInverse($n); return $negated === false ? false : $this->_normalize($n->subtract($temp)); } extract($this->extendedGCD($n)); if (!$gcd->equals($one)) { return false; } $x = $x->compare($zero) < 0 ? $x->add($n) : $x; return $this->compare($zero) < 0 ? $this->_normalize($n->subtract($x)) : $this->_normalize($x); } /* * Calculates the greatest common divisor and B�zout's identity. * * Say you have 693 and 609. The GCD is 21. B�zout's identity states that there exist integers x and y such that * 693x + 609y == 21. In point of fact, there are actually an infinite number of x and y combinations and which * combination is returned is dependant upon which mode is in use. See * {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity B�zout's identity - Wikipedia} for more information. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger(693); * $b = new Math_BigInteger(609); * * extract($a->extendedGCD($b)); * * echo $gcd->toString() . "\r\n"; // outputs 21 * echo $a->toString() * $x->toString() + $b->toString() * $y->toString(); // outputs 21 * ?> * </code> * * @param Math_BigInteger $n * @return Math_BigInteger * @access public * @internal Calculates the GCD using the binary xGCD algorithim described in * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=19 HAC 14.61}. As the text above 14.61 notes, * the more traditional algorithim requires "relatively costly multiple-precision divisions". / function extendedGCD($n) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: extract(gmp_gcdext($this->value, $n->value)); return array( 'gcd' => $this->_normalize(new Math_BigInteger($g)), 'x' => $this->_normalize(new Math_BigInteger($s)), 'y' => $this->_normalize(new Math_BigInteger($t)) ); case MATH_BIGINTEGER_MODE_BCMATH: // it might be faster to use the binary xGCD algorithim here, as well, but (1) that algorithim works // best when the base is a power of 2 and (2) i don't think it'd make much difference, anyway. as is, // the basic extended euclidean algorithim is what we're using. $u = $this->value; $v = $n->value; $a = '1'; $b = '0'; $c = '0'; $d = '1'; while (bccomp($v, '0', 0) != 0) { $q = bcdiv($u, $v, 0); $temp = $u; $u = $v; $v = bcsub($temp, bcmul($v, $q, 0), 0); $temp = $a; $a = $c; $c = bcsub($temp, bcmul($a, $q, 0), 0); $temp = $b; $b = $d; $d = bcsub($temp, bcmul($b, $q, 0), 0); } return array( 'gcd' => $this->_normalize(new Math_BigInteger($u)), 'x' => $this->_normalize(new Math_BigInteger($a)), 'y' => $this->_normalize(new Math_BigInteger($b)) ); } $y = $n->copy(); $x = $this->copy(); $g = new Math_BigInteger(); $g->value = array(1); while ( !(($x->value[0] & 1)\|\| ($y->value[0] & 1)) ) { $x->_rshift(1); $y->_rshift(1); $g->_lshift(1); } $u = $x->copy(); $v = $y->copy(); $a = new Math_BigInteger(); $b = new Math_BigInteger(); $c = new Math_BigInteger(); $d = new Math_BigInteger(); $a->value = $d->value = $g->value = array(1); $b->value = $c->value = array(); while ( !empty($u->value) ) { while ( !($u->value[0] & 1) ) { $u->_rshift(1); if ( (!empty($a->value) && ($a->value[0] & 1)) \|\| (!empty($b->value) && ($b->value[0] & 1)) ) { $a = $a->add($y); $b = $b->subtract($x); } $a->_rshift(1); $b->_rshift(1); } while ( !($v->value[0] & 1) ) { $v->_rshift(1); if ( (!empty($d->value) && ($d->value[0] & 1)) \|\| (!empty($c->value) && ($c->value[0] & 1)) ) { $c = $c->add($y); $d = $d->subtract($x); } $c->_rshift(1); $d->_rshift(1); } if ($u->compare($v) >= 0) { $u = $u->subtract($v); $a = $a->subtract($c); $b = $b->subtract($d); } else { $v = $v->subtract($u); $c = $c->subtract($a); $d = $d->subtract($b); } } return array( 'gcd' => $this->_normalize($g->multiply($v)), 'x' => $this->_normalize($c), 'y' => $this->_normalize($d) ); } /* * Calculates the greatest common divisor * * Say you have 693 and 609. The GCD is 21. * * Here's an example: * <code> * <?php * include('Math/BigInteger.php'); * * $a = new Math_BigInteger(693); * $b = new Math_BigInteger(609); * * $gcd = a->extendedGCD($b); * * echo $gcd->toString() . "\r\n"; // outputs 21 * ?> * </code> * * @param Math_BigInteger $n * @return Math_BigInteger * @access public / function gcd($n) { extract($this->extendedGCD($n)); return $gcd; } /* * Absolute value. * * @return Math_BigInteger * @access public / function abs() { $temp = new Math_BigInteger(); switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp->value = gmp_abs($this->value); break; case MATH_BIGINTEGER_MODE_BCMATH: $temp->value = (bccomp($this->value, '0', 0) < 0) ? substr($this->value, 1) : $this->value; break; default: $temp->value = $this->value; } return $temp; } /* * Compares two numbers. * * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this is * demonstrated thusly: * * $x > $y: $x->compare($y) > 0 * $x < $y: $x->compare($y) < 0 * $x == $y: $x->compare($y) == 0 * * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). * * @param Math_BigInteger $x * @return Integer < 0 if $this is less than $x; > 0 if $this is greater than $x, and 0 if they are equal. * @access public * @see equals() * @internal Could return $this->subtract($x), but that's not as fast as what we do do. / function compare($y) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: return gmp_cmp($this->value, $y->value); case MATH_BIGINTEGER_MODE_BCMATH: return bccomp($this->value, $y->value, 0); } return $this->_compare($this->value, $this->is_negative, $y->value, $y->is_negative); } /* * Compares two numbers. * * @param Array $x_value * @param Boolean $x_negative * @param Array $y_value * @param Boolean $y_negative * @return Integer * @see compare() * @access private / function _compare($x_value, $x_negative, $y_value, $y_negative) { if ( $x_negative != $y_negative ) { return ( !$x_negative && $y_negative ) ? 1 : -1; } $result = $x_negative ? -1 : 1; if ( count($x_value) != count($y_value) ) { return ( count($x_value) > count($y_value) ) ? $result : -$result; } $size = max(count($x_value), count($y_value)); $x_value = array_pad($x_value, $size, 0); $y_value = array_pad($y_value, $size, 0); for ($i = count($x_value) - 1; $i >= 0; --$i) { if ($x_value[$i] != $y_value[$i]) { return ( $x_value[$i] > $y_value[$i] ) ? $result : -$result; } } return 0; } /* * Tests the equality of two numbers. * * If you need to see if one number is greater than or less than another number, use Math_BigInteger::compare() * * @param Math_BigInteger $x * @return Boolean * @access public * @see compare() / function equals($x) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: return gmp_cmp($this->value, $x->value) == 0; default: return $this->value === $x->value && $this->is_negative == $x->is_negative; } } /* * Set Precision * * Some bitwise operations give different results depending on the precision being used. Examples include left * shift, not, and rotates. * * @param Math_BigInteger $x * @access public * @return Math_BigInteger / function setPrecision($bits) { $this->precision = $bits; if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ) { $this->bitmask = new Math_BigInteger(chr((1 << ($bits & 0x7)) - 1) . str_repeat(chr(0xFF), $bits >> 3), 256); } else { $this->bitmask = new Math_BigInteger(bcpow('2', $bits, 0)); } $temp = $this->_normalize($this); $this->value = $temp->value; } /* * Logical And * * @param Math_BigInteger $x * @access public * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat> * @return Math_BigInteger / function bitwise_and($x) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_and($this->value, $x->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $left = $this->toBytes(); $right = $x->toBytes(); $length = max(strlen($left), strlen($right)); $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); return $this->_normalize(new Math_BigInteger($left & $right, 256)); } $result = $this->copy(); $length = min(count($x->value), count($this->value)); $result->value = array_slice($result->value, 0, $length); for ($i = 0; $i < $length; ++$i) { $result->value[$i] = $result->value[$i] & $x->value[$i]; } return $this->_normalize($result); } /* * Logical Or * * @param Math_BigInteger $x * @access public * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat> * @return Math_BigInteger / function bitwise_or($x) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_or($this->value, $x->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $left = $this->toBytes(); $right = $x->toBytes(); $length = max(strlen($left), strlen($right)); $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); return $this->_normalize(new Math_BigInteger($left \| $right, 256)); } $length = max(count($this->value), count($x->value)); $result = $this->copy(); $result->value = array_pad($result->value, 0, $length); $x->value = array_pad($x->value, 0, $length); for ($i = 0; $i < $length; ++$i) { $result->value[$i] = $this->value[$i] \| $x->value[$i]; } return $this->_normalize($result); } /* * Logical Exclusive-Or * * @param Math_BigInteger $x * @access public * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat> * @return Math_BigInteger / function bitwise_xor($x) { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_xor($this->value, $x->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $left = $this->toBytes(); $right = $x->toBytes(); $length = max(strlen($left), strlen($right)); $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); return $this->_normalize(new Math_BigInteger($left ^ $right, 256)); } $length = max(count($this->value), count($x->value)); $result = $this->copy(); $result->value = array_pad($result->value, 0, $length); $x->value = array_pad($x->value, 0, $length); for ($i = 0; $i < $length; ++$i) { $result->value[$i] = $this->value[$i] ^ $x->value[$i]; } return $this->_normalize($result); } /* * Logical Not * * @access public * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat> * @return Math_BigInteger / function bitwise_not() { // calculuate "not" without regard to $this->precision // (will always result in a smaller number. ie. ~1 isn't 1111 1110 - it's 0) $temp = $this->toBytes(); $pre_msb = decbin(ord($temp[0])); $temp = ~$temp; $msb = decbin(ord($temp[0])); if (strlen($msb) == 8) { $msb = substr($msb, strpos($msb, '0')); } $temp[0] = chr(bindec($msb)); // see if we need to add extra leading 1's $current_bits = strlen($pre_msb) + 8 strlen($temp) - 8; $new_bits = $this->precision - $current_bits; if ($new_bits <= 0) { return $this->_normalize(new Math_BigInteger($temp, 256)); } // generate as many leading 1's as we need to. $leading_ones = chr((1 << ($new_bits & 0x7)) - 1) . str_repeat(chr(0xFF), $new_bits >> 3); $this->_base256_lshift($leading_ones, $current_bits); $temp = str_pad($temp, ceil($this->bits / 8), chr(0), STR_PAD_LEFT); return $this->_normalize(new Math_BigInteger($leading_ones \| $temp, 256)); } /** * Logical Right Shift * * Shifts BigInteger's by $shift bits, effectively dividing by 2*$shift. * @param Integer $shift * @return Math_BigInteger * @access public * @internal The only version that yields any speed increases is the internal version. / function bitwise_rightShift($shift) { $temp = new Math_BigInteger(); switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: static $two; if (!isset($two)) { $two = gmp_init('2'); } $temp->value = gmp_div_q($this->value, gmp_pow($two, $shift)); break; case MATH_BIGINTEGER_MODE_BCMATH: $temp->value = bcdiv($this->value, bcpow('2', $shift, 0), 0); break; default: // could just replace _lshift with this, but then all _lshift() calls would need to be rewritten // and I don't want to do that... $temp->value = $this->value; $temp->_rshift($shift); } return $this->_normalize($temp); } /* * Logical Left Shift * * Shifts BigInteger's by $shift bits, effectively multiplying by 2*$shift. * @param Integer $shift * @return Math_BigInteger * @access public * @internal The only version that yields any speed increases is the internal version. / function bitwise_leftShift($shift) { $temp = new Math_BigInteger(); switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: static $two; if (!isset($two)) { $two = gmp_init('2'); } $temp->value = gmp_mul($this->value, gmp_pow($two, $shift)); break; case MATH_BIGINTEGER_MODE_BCMATH: $temp->value = bcmul($this->value, bcpow('2', $shift, 0), 0); break; default: // could just replace _rshift with this, but then all _lshift() calls would need to be rewritten // and I don't want to do that... $temp->value = $this->value; $temp->_lshift($shift); } return $this->_normalize($temp); } /* * Logical Left Rotate * * Instead of the top x bits being dropped they're appended to the shifted bit string. * * @param Integer $shift * @return Math_BigInteger * @access public / function bitwise_leftRotate($shift) { $bits = $this->toBytes(); if ($this->precision > 0) { $precision = $this->precision; if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) { $mask = $this->bitmask->subtract(new Math_BigInteger(1)); $mask = $mask->toBytes(); } else { $mask = $this->bitmask->toBytes(); } } else { $temp = ord($bits[0]); for ($i = 0; $temp >> $i; ++$i); $precision = 8 strlen($bits) - 8 + $i; $mask = chr((1 << ($precision & 0x7)) - 1) . str_repeat(chr(0xFF), $precision >> 3); } if ($shift < 0) { $shift+= $precision; } $shift%= $precision; if (!$shift) { return $this->copy(); } $left = $this->bitwise_leftShift($shift); $left = $left->bitwise_and(new Math_BigInteger($mask, 256)); $right = $this->bitwise_rightShift($precision - $shift); $result = MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ? $left->bitwise_or($right) : $left->add($right); return $this->_normalize($result); } /** * Logical Right Rotate * * Instead of the bottom x bits being dropped they're prepended to the shifted bit string. * * @param Integer $shift * @return Math_BigInteger * @access public / function bitwise_rightRotate($shift) { return $this->bitwise_leftRotate(-$shift); } /* * Set random number generator function * * $generator should be the name of a random generating function whose first parameter is the minimum * value and whose second parameter is the maximum value. If this function needs to be seeded, it should * be seeded prior to calling Math_BigInteger::random() or Math_BigInteger::randomPrime() * * If the random generating function is not explicitly set, it'll be assumed to be mt_rand(). * * @see random() * @see randomPrime() * @param optional String $generator * @access public / function setRandomGenerator($generator) { $this->generator = $generator; } /* * Generate a random number * * @param optional Integer $min * @param optional Integer $max * @return Math_BigInteger * @access public / function random($min = false, $max = false) { if ($min === false) { $min = new Math_BigInteger(0); } if ($max === false) { $max = new Math_BigInteger(0x7FFFFFFF); } $compare = $max->compare($min); if (!$compare) { return $this->_normalize($min); } else if ($compare < 0) { // if $min is bigger then $max, swap $min and $max $temp = $max; $max = $min; $min = $temp; } $generator = $this->generator; $max = $max->subtract($min); $max = ltrim($max->toBytes(), chr(0)); $size = strlen($max) - 1; $random = ''; $bytes = $size & 1; for ($i = 0; $i < $bytes; ++$i) { $random.= chr($generator(0, 255)); } $blocks = $size >> 1; for ($i = 0; $i < $blocks; ++$i) { // mt_rand(-2147483648, 0x7FFFFFFF) always produces -2147483648 on some systems $random.= pack('n', $generator(0, 0xFFFF)); } $temp = new Math_BigInteger($random, 256); if ($temp->compare(new Math_BigInteger(substr($max, 1), 256)) > 0) { $random = chr($generator(0, ord($max[0]) - 1)) . $random; } else { $random = chr($generator(0, ord($max[0]) )) . $random; } $random = new Math_BigInteger($random, 256); return $this->_normalize($random->add($min)); } /* * Generate a random prime number. * * If there's not a prime within the given range, false will be returned. If more than $timeout seconds have elapsed, * give up and return false. * * @param optional Integer $min * @param optional Integer $max * @param optional Integer $timeout * @return Math_BigInteger * @access public * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=15 HAC 4.44}. / function randomPrime($min = false, $max = false, $timeout = false) { $compare = $max->compare($min); if (!$compare) { return $min; } else if ($compare < 0) { // if $min is bigger then $max, swap $min and $max $temp = $max; $max = $min; $min = $temp; } // gmp_nextprime() requires PHP 5 >= 5.2.0 per <http://php.net/gmp-nextprime>. if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP && function_exists('gmp_nextprime') ) { // we don't rely on Math_BigInteger::random()'s min / max when gmp_nextprime() is being used since this function // does its own checks on $max / $min when gmp_nextprime() is used. When gmp_nextprime() is not used, however, // the same $max / $min checks are not performed. if ($min === false) { $min = new Math_BigInteger(0); } if ($max === false) { $max = new Math_BigInteger(0x7FFFFFFF); } $x = $this->random($min, $max); $x->value = gmp_nextprime($x->value); if ($x->compare($max) <= 0) { return $x; } $x->value = gmp_nextprime($min->value); if ($x->compare($max) <= 0) { return $x; } return false; } static $one, $two; if (!isset($one)) { $one = new Math_BigInteger(1); $two = new Math_BigInteger(2); } $start = time(); $x = $this->random($min, $max); if ($x->equals($two)) { return $x; } $x->_make_odd(); if ($x->compare($max) > 0) { // if $x > $max then $max is even and if $min == $max then no prime number exists between the specified range if ($min->equals($max)) { return false; } $x = $min->copy(); $x->_make_odd(); } $initial_x = $x->copy(); while (true) { if ($timeout !== false && time() - $start > $timeout) { return false; } if ($x->isPrime()) { return $x; } $x = $x->add($two); if ($x->compare($max) > 0) { $x = $min->copy(); if ($x->equals($two)) { return $x; } $x->_make_odd(); } if ($x->equals($initial_x)) { return false; } } } /* * Make the current number odd * * If the current number is odd it'll be unchanged. If it's even, one will be added to it. * * @see randomPrime() * @access private / function _make_odd() { switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: gmp_setbit($this->value, 0); break; case MATH_BIGINTEGER_MODE_BCMATH: if ($this->value[strlen($this->value) - 1] % 2 == 0) { $this->value = bcadd($this->value, '1'); } break; default: $this->value[0] \|= 1; } } /* * Checks a numer to see if it's prime * * Assuming the $t parameter is not set, this function has an error rate of 2*-80. The main motivation for the $t parameter is distributability. Math_BigInteger::randomPrime() can be distributed accross multiple pageloads * on a website instead of just one. * * @param optional Integer $t * @return Boolean * @access public * @internal Uses the * {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24}. / function isPrime($t = false) { $length = strlen($this->toBytes()); if (!$t) { // see HAC 4.49 "Note (controlling the error probability)" if ($length >= 163) { $t = 2; } // floor(1300 / 8) else if ($length >= 106) { $t = 3; } // floor( 850 / 8) else if ($length >= 81 ) { $t = 4; } // floor( 650 / 8) else if ($length >= 68 ) { $t = 5; } // floor( 550 / 8) else if ($length >= 56 ) { $t = 6; } // floor( 450 / 8) else if ($length >= 50 ) { $t = 7; } // floor( 400 / 8) else if ($length >= 43 ) { $t = 8; } // floor( 350 / 8) else if ($length >= 37 ) { $t = 9; } // floor( 300 / 8) else if ($length >= 31 ) { $t = 12; } // floor( 250 / 8) else if ($length >= 25 ) { $t = 15; } // floor( 200 / 8) else if ($length >= 18 ) { $t = 18; } // floor( 150 / 8) else { $t = 27; } } // ie. gmp_testbit($this, 0) // ie. isEven() or !isOdd() switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: return gmp_prob_prime($this->value, $t) != 0; case MATH_BIGINTEGER_MODE_BCMATH: if ($this->value === '2') { return true; } if ($this->value[strlen($this->value) - 1] % 2 == 0) { return false; } break; default: if ($this->value == array(2)) { return true; } if (~$this->value[0] & 1) { return false; } } static $primes, $zero, $one, $two; if (!isset($primes)) { $primes = array( 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997 ); if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) { for ($i = 0; $i < count($primes); ++$i) { $primes[$i] = new Math_BigInteger($primes[$i]); } } $zero = new Math_BigInteger(); $one = new Math_BigInteger(1); $two = new Math_BigInteger(2); } if ($this->equals($one)) { return false; } // see HAC 4.4.1 "Random search for probable primes" if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) { foreach ($primes as $prime) { list(, $r) = $this->divide($prime); if ($r->equals($zero)) { return $this->equals($prime); } } } else { $value = $this->value; foreach ($primes as $prime) { list(, $r) = $this->_divide_digit($value, $prime); if (!$r) { return count($value) == 1 && $value[0] == $prime; } } } $n = $this->copy(); $n_1 = $n->subtract($one); $n_2 = $n->subtract($two); $r = $n_1->copy(); $r_value = $r->value; // ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) { $s = 0; // if $n was 1, $r would be 0 and this would be an infinite loop, hence our $this->equals($one) check earlier while ($r->value[strlen($r->value) - 1] % 2 == 0) { $r->value = bcdiv($r->value, '2', 0); ++$s; } } else { for ($i = 0, $r_length = count($r_value); $i < $r_length; ++$i) { $temp = ~$r_value[$i] & 0xFFFFFF; for ($j = 1; ($temp >> $j) & 1; ++$j); if ($j != 25) { break; } } $s = 26 $i + $j - 1; $r->_rshift($s); } for ($i = 0; $i < $t; ++$i) { $a = $this->random($two, $n_2); $y = $a->modPow($r, $n); if (!$y->equals($one) && !$y->equals($n_1)) { for ($j = 1; $j < $s && !$y->equals($n_1); ++$j) { $y = $y->modPow($two, $n); if ($y->equals($one)) { return false; } } if (!$y->equals($n_1)) { return false; } } } return true; } /** * Logical Left Shift * * Shifts BigInteger's by $shift bits. * * @param Integer $shift * @access private / function _lshift($shift) { if ( $shift == 0 ) { return; } $num_digits = (int) ($shift / 26); $shift %= 26; $shift = 1 << $shift; $carry = 0; for ($i = 0; $i < count($this->value); ++$i) { $temp = $this->value[$i] $shift + $carry; $carry = (int) ($temp / 0x4000000); $this->value[$i] = (int) ($temp - $carry * 0x4000000); } if ( $carry ) { $this->value[] = $carry; } while ($num_digits--) { array_unshift($this->value, 0); } } /** * Logical Right Shift * * Shifts BigInteger's by $shift bits. * * @param Integer $shift * @access private / function _rshift($shift) { if ($shift == 0) { return; } $num_digits = (int) ($shift / 26); $shift %= 26; $carry_shift = 26 - $shift; $carry_mask = (1 << $shift) - 1; if ( $num_digits ) { $this->value = array_slice($this->value, $num_digits); } $carry = 0; for ($i = count($this->value) - 1; $i >= 0; --$i) { $temp = $this->value[$i] >> $shift \| $carry; $carry = ($this->value[$i] & $carry_mask) << $carry_shift; $this->value[$i] = $temp; } $this->value = $this->_trim($this->value); } /* * Normalize * * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision * * @param Math_BigInteger * @return Math_BigInteger * @see _trim() * @access private / function _normalize($result) { $result->precision = $this->precision; $result->bitmask = $this->bitmask; switch ( MATH_BIGINTEGER_MODE ) { case MATH_BIGINTEGER_MODE_GMP: if (!empty($result->bitmask->value)) { $result->value = gmp_and($result->value, $result->bitmask->value); } return $result; case MATH_BIGINTEGER_MODE_BCMATH: if (!empty($result->bitmask->value)) { $result->value = bcmod($result->value, $result->bitmask->value); } return $result; } $value = &$result->value; if ( !count($value) ) { return $result; } $value = $this->_trim($value); if (!empty($result->bitmask->value)) { $length = min(count($value), count($this->bitmask->value)); $value = array_slice($value, 0, $length); for ($i = 0; $i < $length; ++$i) { $value[$i] = $value[$i] & $this->bitmask->value[$i]; } } return $result; } /* * Trim * * Removes leading zeros * * @return Math_BigInteger * @access private / function _trim($value) { for ($i = count($value) - 1; $i >= 0; --$i) { if ( !empty($value[$i]) ) { break; } unset($value[$i]); } return $value; } /* * Array Repeat * * @param $input Array * @param $multiplier mixed * @return Array * @access private / function _array_repeat($input, $multiplier) { return ($multiplier) ? array_fill(0, $multiplier, $input) : array(); } /* * Logical Left Shift * * Shifts binary strings $shift bits, essentially multiplying by 2*$shift. * @param $x String * @param $shift Integer * @return String * @access private / function _base256_lshift(&$x, $shift) { if ($shift == 0) { return; } $num_bytes = $shift >> 3; // eg. floor($shift/8) $shift &= 7; // eg. $shift % 8 $carry = 0; for ($i = strlen($x) - 1; $i >= 0; --$i) { $temp = ord($x[$i]) << $shift \| $carry; $x[$i] = chr($temp); $carry = $temp >> 8; } $carry = ($carry != 0) ? chr($carry) : ''; $x = $carry . $x . str_repeat(chr(0), $num_bytes); } /* * Logical Right Shift * * Shifts binary strings $shift bits, essentially dividing by 2*$shift and returning the remainder. * @param $x String * @param $shift Integer * @return String * @access private / function _base256_rshift(&$x, $shift) { if ($shift == 0) { $x = ltrim($x, chr(0)); return ''; } $num_bytes = $shift >> 3; // eg. floor($shift/8) $shift &= 7; // eg. $shift % 8 $remainder = ''; if ($num_bytes) { $start = $num_bytes > strlen($x) ? -strlen($x) : -$num_bytes; $remainder = substr($x, $start); $x = substr($x, 0, -$num_bytes); } $carry = 0; $carry_shift = 8 - $shift; for ($i = 0; $i < strlen($x); ++$i) { $temp = (ord($x[$i]) >> $shift) \| $carry; $carry = (ord($x[$i]) << $carry_shift) & 0xFF; $x[$i] = chr($temp); } $x = ltrim($x, chr(0)); $remainder = chr($carry >> $carry_shift) . $remainder; return ltrim($remainder, chr(0)); } // one quirk about how the following functions are implemented is that PHP defines N to be an unsigned long // at 32-bits, while java's longs are 64-bits. /* * Converts 32-bit integers to bytes. * * @param Integer $x * @return String * @access private / function _int2bytes($x) { return ltrim(pack('N', $x), chr(0)); } /* * Converts bytes to 32-bit integers * * @param String $x * @return Integer * @access private / function _bytes2int($x) { $temp = unpack('Nint', str_pad($x, 4, chr(0), STR_PAD_LEFT)); return $temp['int']; } }��IPv6/IPv6.php��0000644��00000012756�15104256626�0006647 0��ustar�00��<?php / Copyright (c) 2011, Sam Clarke <www.samclarke.com> * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to * deal in the Software without restriction, including without limitation the * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or * sell copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. / // Include only if necessary if(!class_exists('Math_BigInteger')){ require_once 'BigInteger.php'; } /* * Converts human readable representation to a 128 bit int * which can be stored in MySQL using DECIMAL(39,0). * * Requires PHP to be compiled with IPv6 support. * This could be made to work without IPv6 support but * I don't think there would be much use for it if PHP * doesn't support IPv6. * * @param string $ip IPv4 or IPv6 address to convert * @return string 128 bit string that can be used with DECIMNAL(39,0) or false / if(!function_exists('inet_ptoi')) { function inet_ptoi($ip) { // make sure it is an ip if (filter_var($ip, FILTER_VALIDATE_IP) === false) return false; $parts = unpack('N', inet_pton($ip)); // fix IPv4 if (strpos($ip, '.') !== false) $parts = array(1=>0, 2=>0, 3=>0, 4=>$parts[1]); foreach ($parts as &$part) { // convert any unsigned ints to signed from unpack. // this should be OK as it will be a PHP float not an int if ($part < 0) $part += 4294967296; } // use BCMath if the extension exists if (function_exists('bcadd')) { $decimal = $parts[4]; $decimal = bcadd($decimal, bcmul($parts[3], '4294967296')); $decimal = bcadd($decimal, bcmul($parts[2], '18446744073709551616')); $decimal = bcadd($decimal, bcmul($parts[1], '79228162514264337593543950336')); } // otherwise use the pure PHP BigInteger else { $decimal = new Math_BigInteger($parts[4]); $part3 = new Math_BigInteger($parts[3]); $part2 = new Math_BigInteger($parts[2]); $part1 = new Math_BigInteger($parts[1]); $decimal = $decimal->add($part3->multiply(new Math_BigInteger('4294967296'))); $decimal = $decimal->add($part2->multiply(new Math_BigInteger('18446744073709551616'))); $decimal = $decimal->add($part1->multiply(new Math_BigInteger('79228162514264337593543950336'))); $decimal = $decimal->toString(); } return $decimal; } } /** * Converts a 128 bit int to a human readable representation. * * Requires PHP to be compiled with IPv6 support. * This could be made to work without IPv6 support but * I don't think there would be much use for it if PHP * doesn't support IPv6. * * @param string $decimal 128 bit int * @return string IPv4 or IPv6 / if(!function_exists('inet_itop')) { function inet_itop($decimal) { $parts = array(); // use BCMath if the extension exists if (function_exists('bcadd')) { $parts[1] = bcdiv($decimal, '79228162514264337593543950336', 0); $decimal = bcsub($decimal, bcmul($parts[1], '79228162514264337593543950336')); $parts[2] = bcdiv($decimal, '18446744073709551616', 0); $decimal = bcsub($decimal, bcmul($parts[2], '18446744073709551616')); $parts[3] = bcdiv($decimal, '4294967296', 0); $decimal = bcsub($decimal, bcmul($parts[3], '4294967296')); $parts[4] = $decimal; } // otherwise use the pure PHP BigInteger else { $decimal = new Math_BigInteger($decimal); list($parts[1],) = $decimal->divide(new Math_BigInteger('79228162514264337593543950336')); $decimal = $decimal->subtract($parts[1]->multiply(new Math_BigInteger('79228162514264337593543950336'))); list($parts[2],) = $decimal->divide(new Math_BigInteger('18446744073709551616')); $decimal = $decimal->subtract($parts[2]->multiply(new Math_BigInteger('18446744073709551616'))); list($parts[3],) = $decimal->divide(new Math_BigInteger('4294967296')); $decimal = $decimal->subtract($parts[3]->multiply(new Math_BigInteger('4294967296'))); $parts[4] = $decimal; $parts[1] = $parts[1]->toString(); $parts[2] = $parts[2]->toString(); $parts[3] = $parts[3]->toString(); $parts[4] = $parts[4]->toString(); } foreach ($parts as &$part) { // convert any signed ints to unsigned for pack // this should be fine as it will be treated as a float if ($part > 2147483647) $part -= 4294967296; } $ip = inet_ntop(pack('N4', $parts[1], $parts[2], $parts[3], $parts[4])); // fix IPv4 by removing :: from the beginning if (strpos($ip, '.') !== false) return substr($ip, 2); return $ip; } } // Example // // echo inet_ptoi('::FFFF:FFFF:FFFF:FFFF') . "\n"; // echo inet_ptoi('::FFFF:FFFF') . "\n"; // echo inet_ptoi('255.255.255.255') . "\n"; // echo inet_itop(inet_ptoi('::FFFF:FFFF:FFFF:FFFF')) . "\n"; // echo inet_itop(inet_ptoi('::FFFF:FFFF')) . "\n"; / Output: 18446744073709551615 4294967295 4294967295 ::ffff:ffff:ffff:ffff 255.255.255.255 / ��pquery/IQuery.php��0000644��00000012430�15104270523�0010017 0��ustar�00��<?php namespace pagelayerQuery; interface IQuery extends \Countable { /// Methods /// /* * Adds the specified class(es) to each of the set of matched elements. * @param string $classname The name of the class to add. You can add multiple classes by separating them with spaces. * @return IQuery / function addClass($classname); /* * Insert content, specified by the parameter, after each element in the set of matched elements. * @param string $content The content to add. * @return IQuery / function after($content); /* * Insert content, specified by the parameter, to the end of each element in the set of matched elements. * @param string $content The content to append. * @return IQuery / function append($content); /* * Get the value of an attribute for the first element in the set of matched elements or set one * or more attributes for every matched element. * @param string $name The name of the attribute. * @param null\|string $value The value to set or null to get the current attribute value. * @return string\|IQuery / function attr($name, $value = null); /* * Insert content, specified by the parameter, before each element in the set of matched elements. * @param string $content The content to add. * @return IQuery / function before($content); /* * Remove all child nodes of the set of matched elements from the DOM. * @return IQuery; / function clear(); /* * Get the value of a style property for the first element in the set of matched elements or * set one or more CSS properties for every matched element. / // function css($name, $value = null); /* * Determine whether any of the matched elements are assigned the given class. * @param string $classname The name of the class to check. / function hasClass($classname); /* * Get the HTML contents of the first element in the set of matched elements * or set the HTML contents of every matched element. * @param string\|null $value The value to set. / function html($value = null); /* * Insert content, specified by the parameter, to the beginning of each element in the set of matched elements. * @param string $content The content to add. / function prepend($content); /* * Get the value of a property for the first element in the set of matched elements * or set one or more properties for every matched element. * @param string $name The name of the property. * The currently supported properties are `tagname`, `selected`, and `checked`. * @param null\|string $value The value to set or null to get the current property value. / function prop($name, $value = null); /* * Remove the set of matched elements from the DOM. * @param null\|string $selector A css query to filter the set of removed nodes. / function remove($selector = null); /* * Remove an attribute from each element in the set of matched elements. * @param string $name The name of the attribute to remove. / function removeAttr($name); /* * Remove a single class, multiple classes, or all classes from each element in the set of matched elements. * @param string $classname The name of the class to remove. / function removeClass($classname); /* * Replace each element in the set of matched elements with the provided new content and return the set of elements that was removed. * @param string $content The content that will replace the nodes. / function replaceWith($content); /* * Returns the name of the element. * @param null\|string $tagName A new tag name or null to return the current tag name. / function tagName($value = null); /* * Get the combined text contents of each element in the set of matched elements, including their descendants, or set the text contents of the matched elements. * @param null\|string $value A string to set the text or null to return the current text. / function text($value = null); /* * Add or remove one or more classes from each element in the set of matched elements, * depending on either the class’s presence or the value of the switch argument. * @param string $classname * @param bool\|null / function toggleClass($classname, $switch = null); /* * Remove the parents of the set of matched elements from the DOM, leaving the matched elements in their place. / function unwrap(); /* * Get the current value of the first element in the set of matched elements or set the value of every matched element. * @param string\|null $value The new value of the element or null to return the current value. / function val($value = null); /* * Wrap an HTML structure around each element in the set of matched elements. * @param string A tag name or html string specifying the structure to wrap around the matched elements. / function wrap($wrapping_element); /* * Wrap an HTML structure around the content of each element in the set of matched elements. * @param string A tag name or html string specifying the structure to wrap around the content of the matched elements. / function wrapInner($wrapping_element); } ��pquery/gan_node_html.php��0000644��00000224041�15104270523�0011402 0��ustar�00��<?php /* * @author Niels A.D. * @author Todd Burry <todd@vanillaforums.com> * @copyright 2010 Niels A.D., 2014 Todd Burry * @license http://opensource.org/licenses/LGPL-2.1 LGPL-2.1 * @package pQuery / namespace pagelayerQuery; /* * Holds (x)html/xml tag information like tag name, attributes, * parent, children, self close, etc. * / class DomNode implements IQuery { /* * Element Node, used for regular elements / const NODE_ELEMENT = 0; /* * Text Node / const NODE_TEXT = 1; /* * Comment Node / const NODE_COMMENT = 2; /* * Conditional Node (<![if]> <![endif]) / const NODE_CONDITIONAL = 3; /* * CDATA Node (<![CDATA[]]> / const NODE_CDATA = 4; /* * Doctype Node / const NODE_DOCTYPE = 5; /* * XML Node, used for tags that start with ?, like <?xml and <?php / const NODE_XML = 6; /* * ASP Node / const NODE_ASP = 7; #php4 Compatibility with PHP4, this gets changed to a regular var in release tool #static $NODE_TYPE = self::NODE_ELEMENT; #php4e #php5 /* * Node type of class / const NODE_TYPE = self::NODE_ELEMENT; #php5e /* * Name of the selector class * @var string * @see select() / var $selectClass = 'pagelayerQuery\\HtmlSelector'; /* * Name of the parser class * @var string * @see setOuterText() * @see setInnerText() / var $parserClass = 'pagelayerQuery\\Html5Parser'; /* * Name of the class used for {@link addChild()} * @var string / var $childClass = __CLASS__; /* * Name of the class used for {@link addText()} * @var string / var $childClass_Text = 'pagelayerQuery\\TextNode'; /* * Name of the class used for {@link addComment()} * @var string / var $childClass_Comment = 'pagelayerQuery\\CommentNode'; /* * Name of the class used for {@link addContional()} * @var string / var $childClass_Conditional = 'pagelayerQuery\\ConditionalTagNode'; /* * Name of the class used for {@link addCDATA()} * @var string / var $childClass_CDATA = 'pagelayerQuery\\CdataNode'; /* * Name of the class used for {@link addDoctype()} * @var string / var $childClass_Doctype = 'pagelayerQuery\\DoctypeNode'; /* * Name of the class used for {@link addXML()} * @var string / var $childClass_XML = 'pagelayerQuery\\XmlNode'; /* * Name of the class used for {@link addASP()} * @var string / var $childClass_ASP = 'pagelayerQuery\\AspEmbeddedNode'; /* * Parent node, null if none * @var DomNode * @see changeParent() / var $parent = null; /* * Attributes of node * @var array * @internal array('attribute' => 'value') * @internal Public for faster access! * @see getAttribute() * @see setAttribute() * @access private / var $attributes = array(); /* * Namespace info for attributes * @var array * @internal array('tag' => array(array('ns', 'tag', 'ns:tag', index))) * @internal Public for easy outside modifications! * @see findAttribute() * @access private / var $attributes_ns = null; /* * Array of child nodes * @var array * @internal Public for faster access! * @see childCount() * @see getChild() * @see addChild() * @see deleteChild() * @access private / var $children = array(); /* * Full tag name (including namespace) * @var string * @see getTagName() * @see getNamespace() / var $tag = ''; /* * Namespace info for tag * @var array * @internal array('namespace', 'tag') * @internal Public for easy outside modifications! * @access private / var $tag_ns = null; /* * Is node a self closing node? No closing tag if true. * @var bool / var $self_close = false; /* * If self close, then this will be used to close the tag * @var string * @see $self_close / var $self_close_str = ' /'; /* * Use short tags for attributes? If true, then attributes * with values equal to the attribute name will not output * the value, e.g. selected="selected" will be selected. * @var bool / var $attribute_shorttag = false; /* * Function map used for the selector filter * @var array * @internal array('root' => 'filter_root') will cause the * selector to call $this->filter_root at :root * @access private / var $filter_map = array( 'root' => 'filter_root', 'nth-child' => 'filter_nchild', 'eq' => 'filter_nchild', //jquery (naming) compatibility 'gt' => 'filter_gt', 'lt' => 'filter_lt', 'nth-last-child' => 'filter_nlastchild', 'nth-of-type' => 'filter_ntype', 'nth-last-of-type' => 'filter_nlastype', 'odd' => 'filter_odd', 'even' => 'filter_even', 'every' => 'filter_every', 'first-child' => 'filter_first', 'last-child' => 'filter_last', 'first-of-type' => 'filter_firsttype', 'last-of-type' => 'filter_lasttype', 'only-child' => 'filter_onlychild', 'only-of-type' => 'filter_onlytype', 'empty' => 'filter_empty', 'not-empty' => 'filter_notempty', 'has-text' => 'filter_hastext', 'no-text' => 'filter_notext', 'lang' => 'filter_lang', 'contains' => 'filter_contains', 'has' => 'filter_has', 'not' => 'filter_not', 'element' => 'filter_element', 'text' => 'filter_text', 'comment' => 'filter_comment', 'checked' => 'filter_checked', 'selected' => 'filter_selected', ); /* * Class constructor * @param string\|array $tag Name of the tag, or array with taginfo (array( * 'tag_name' => 'tag', * 'self_close' => false, * 'attributes' => array('attribute' => 'value'))) * @param DomNode $parent Parent of node, null if none / function __construct($tag, $parent) { $this->parent = $parent; if (is_string($tag)) { $this->tag = $tag; } else { $this->tag = $tag['tag_name']; $this->self_close = $tag['self_close']; $this->attributes = $tag['attributes']; } } #php4 PHP4 class constructor compatibility #function DomNode($tag, $parent) {return $this->__construct($tag, $parent);} #php4e /* * Class destructor * @access private / function __destruct() { $this->delete(); } /* * Class toString, outputs {@link $tag} * @return string * @access private / function __toString() { return (($this->tag === '~root~') ? $this->toString(true, true, 1) : $this->tag); } /* * Class magic get method, outputs {@link getAttribute()} * @return string * @access private / function __get($attribute) { return $this->getAttribute($attribute); } /* * Class magic set method, performs {@link setAttribute()} * @access private / function __set($attribute, $value) { $this->setAttribute($attribute, $value); } /* * Class magic isset method, returns {@link hasAttribute()} * @return bool * @access private / function __isset($attribute) { return $this->hasAttribute($attribute); } /* * Class magic unset method, performs {@link deleteAttribute()} * @access private / function __unset($attribute) { return $this->deleteAttribute($attribute); } /* * Class magic invoke method, performs {@link query()}. * @param string $query The css query to run on the nodes. * @return \pQuery / function __invoke($query = '') { return $this->query($query); } /** * Returns place in document * @return string / function dumpLocation() { return (($this->parent) ? (($p = $this->parent->dumpLocation()) ? $p.' > ' : '').$this->tag.'('.$this->typeIndex().')' : ''); } /* * Returns all the attributes and their values * @return string * @access private / protected function toString_attributes() { $s = ''; foreach($this->attributes as $a => $v) { $s .= ' '.$a; if ((!$this->attribute_shorttag) \|\| ($v !== $a)) { $quote = '"';//(strpos($v, '"') === false) ? '"' : "'"; $v = str_replace('"', '"', $v); $s .= '='.$quote.$v.$quote; } } return $s; } /* * Returns the content of the node (child tags and text) * @param bool $attributes Print attributes of child tags * @param bool\|int $recursive How many sublevels of childtags to print. True for all. * @param bool $content_only Only print text, false will print tags too. * @return string * @access private / protected function toString_content($attributes = true, $recursive = true, $content_only = false) { $s = ''; foreach($this->children as $c) { $s .= $c->toString($attributes, $recursive, $content_only); } return $s; } /* * Returns the node as string * @param bool $attributes Print attributes (of child tags) * @param bool\|int $recursive How many sub-levels of child tags to print. True for all. * @param bool\|int $content_only Only print text, false will print tags too. * @return string / function toString($attributes = true, $recursive = true, $content_only = false) { if ($content_only) { if (is_int($content_only)) { --$content_only; } return $this->toString_content($attributes, $recursive, $content_only); } $s = '<'.$this->tag; if ($attributes) { $s .= $this->toString_attributes(); } if ($this->self_close) { $s .= $this->self_close_str.'>'; } else { $s .= '>'; if($recursive) { $s .= $this->toString_content($attributes); } $s .= '</'.$this->tag.'>'; } return $s; } /* * Similar to JavaScript outerText, will return full (html formatted) node * @return string / function getOuterText() { return $this->toString(); } /* * Similar to JavaScript outerText, will replace node (and child nodes) with new text * @param string $text * @param HtmlParserBase $parser Null to auto create instance * @return bool\|array True on succeed, array with errors on failure / function setOuterText($text, $parser = null) { if (trim($text)) { $index = $this->index(); if ($parser === null) { $parser = new $this->parserClass(); } $parser->setDoc($text); $parser->parse_all(); $parser->root->moveChildren($this->parent, $index); } $this->delete(); return (($parser && $parser->errors) ? $parser->errors : true); } /* * Return html code of node * @internal jquery (naming) compatibility * @param string\|null $value The value to set or null to get the value. * @see toString() * @return string / function html($value = null) { if ($value !== null) { $this->setInnerText($value); } return $this->getInnerText(); } /* * Similar to JavaScript innerText, will return (html formatted) content * @return string / function getInnerText() { return $this->toString(true, true, 1); } /* * Similar to JavaScript innerText, will replace child nodes with new text * @param string $text * @param HtmlParserBase $parser Null to auto create instance * @return bool\|array True on succeed, array with errors on failure / function setInnerText($text, $parser = null) { $this->clear(); if (trim($text)) { if ($parser === null) { $parser = new $this->parserClass(); } $parser->root =& $this; $parser->setDoc($text); $parser->parse_all(); } return (($parser && $parser->errors) ? $parser->errors : true); } /* * Similar to JavaScript plainText, will return text in node (and subnodes) * @return string / function getPlainText() { return preg_replace('`\s+`', ' ', $this->toString(true, true, true)); } /* * Return plaintext taking document encoding into account * @return string / function getPlainTextUTF8() { $txt = $this->toString(true, true, true); $enc = $this->getEncoding(); if ($enc !== false) { $txt = mb_convert_encoding($txt, 'UTF-8', $enc); } return preg_replace('`\s+`', ' ', $txt); } /* * Similar to JavaScript plainText, will replace child nodes with new text (literal) * @param string $text / function setPlainText($text) { $this->clear(); if (trim($text)) { $this->addText($text); } } /* * Delete node from parent and clear node / function delete() { if (($p = $this->parent) !== null) { $this->parent = null; $p->deleteChild($this); } else { $this->clear(); } } /* * Detach node from parent * @param bool $move_children_up Only detach current node and replace it with child nodes * @internal jquery (naming) compatibility * @see delete() / function detach($move_children_up = false) { if (($p = $this->parent) !== null) { $index = $this->index(); $this->parent = null; if ($move_children_up) { $this->moveChildren($p, $index); } $p->deleteChild($this, true); } } /* * Deletes all child nodes from node / function clear() { foreach($this->children as $c) { $c->parent = null; $c->delete(); } $this->children = array(); } /* * Get top parent * @return DomNode Root, null if node has no parent / function getRoot() { $r = $this->parent; $n = ($r === null) ? null : $r->parent; while ($n !== null) { $r = $n; $n = $r->parent; } return $r; } /* * Change parent * @param null\|DomNode $to New parent, null if none * @param false\|int $index Add child to parent if not present at index, false to not add, negative to count from end, null to append / #php4 #function changeParent($to, &$index) { #php4e #php5 function changeParent($to, &$index = null) { #php5e if ($this->parent !== null) { $this->parent->deleteChild($this, true); } $this->parent = $to; if ($index !== false) { $new_index = $this->index(); if (!(is_int($new_index) && ($new_index >= 0))) { $this->parent->addChild($this, $index); } } } /* * Find out if node has (a certain) parent * @param DomNode\|string $tag Match against parent, string to match tag, object to fully match node, null to return if node has parent * @param bool $recursive * @return bool / function hasParent($tag = null, $recursive = false) { if ($this->parent !== null) { if ($tag === null) { return true; } elseif (is_string($tag)) { return (($this->parent->tag === $tag) \|\| ($recursive && $this->parent->hasParent($tag))); } elseif (is_object($tag)) { return (($this->parent === $tag) \|\| ($recursive && $this->parent->hasParent($tag))); } } return false; } /* * Find out if node is parent of a certain tag * @param DomNode\|string $tag Match against parent, string to match tag, object to fully match node * @param bool $recursive * @return bool * @see hasParent() / function isParent($tag, $recursive = false) { return ($this->hasParent($tag, $recursive) === ($tag !== null)); } /* * Find out if node is text * @return bool / function isText() { return false; } /* * Find out if node is comment * @return bool / function isComment() { return false; } /* * Find out if node is text or comment node * @return bool / function isTextOrComment() { return false; } /* * Move node to other node * @param DomNode $to New parent, null if none * @param int $new_index Add child to parent at index if not present, null to not add, negative to count from end * @internal Performs {@link changeParent()} / #php4 #function move($to, &$new_index) { #php4e #php5 function move($to, &$new_index = -1) { #php5e $this->changeParent($to, $new_index); } /* * Move child nodes to other node * @param DomNode $to New parent, null if none * @param int $new_index Add child to new node at index if not present, null to not add, negative to count from end * @param int $start Index from child node where to start wrapping, 0 for first element * @param int $end Index from child node where to end wrapping, -1 for last element / #php4 #function moveChildren($to, &$new_index, $start = 0, $end = -1) { #php4e #php5 function moveChildren($to, &$new_index = -1, $start = 0, $end = -1) { #php5e if ($end < 0) { $end += count($this->children); } for ($i = $start; $i <= $end; $i++) { $this->children[$start]->changeParent($to, $new_index); } } /* * Index of node in parent * @param bool $count_all True to count all tags, false to ignore text and comments * @return int -1 if not found / function index($count_all = true) { if (!$this->parent) { return -1; } elseif ($count_all) { return $this->parent->findChild($this); } else{ $index = -1; //foreach($this->parent->children as &$c) { // if (!$c->isTextOrComment()) { // ++$index; // } // if ($c === $this) { // return $index; // } //} foreach(array_keys($this->parent->children) as $k) { if (!$this->parent->children[$k]->isTextOrComment()) { ++$index; } if ($this->parent->children[$k] === $this) { return $index; } } return -1; } } /* * Change index of node in parent * @param int $index New index / function setIndex($index) { if ($this->parent) { if ($index > $this->index()) { --$index; } $this->delete(); $this->parent->addChild($this, $index); } } /* * Index of all similar nodes in parent * @return int -1 if not found / function typeIndex() { if (!$this->parent) { return -1; } else { $index = -1; //foreach($this->parent->children as &$c) { // if (strcasecmp($this->tag, $c->tag) === 0) { // ++$index; // } // if ($c === $this) { // return $index; // } //} foreach(array_keys($this->parent->children) as $k) { if (strcasecmp($this->tag, $this->parent->children[$k]->tag) === 0) { ++$index; } if ($this->parent->children[$k] === $this) { return $index; } } return -1; } } /* * Calculate indent of node (number of parent tags - 1) * @return int / function indent() { return (($this->parent) ? $this->parent->indent() + 1 : -1); } /* * Get sibling node * @param int $offset Offset from current node * @return DomNode Null if not found / function getSibling($offset = 1) { $index = $this->index() + $offset; if (($index >= 0) && ($index < $this->parent->childCount())) { return $this->parent->getChild($index); } else { return null; } } /* * Get node next to current * @param bool $skip_text_comments * @return DomNode Null if not found * @see getSibling() * @see getPreviousSibling() / function getNextSibling($skip_text_comments = true) { $offset = 1; while (($n = $this->getSibling($offset)) !== null) { if ($skip_text_comments && ($n->tag[0] === '~')) { ++$offset; } else { break; } } return $n; } /* * Get node previous to current * @param bool $skip_text_comments * @return DomNode Null if not found * @see getSibling() * @see getNextSibling() / function getPreviousSibling($skip_text_comments = true) { $offset = -1; while (($n = $this->getSibling($offset)) !== null) { if ($skip_text_comments && ($n->tag[0] === '~')) { --$offset; } else { break; } } return $n; } /* * Get namespace of node * @return string * @see setNamespace() / function getNamespace() { if ($this->tag_ns === null) { $a = explode(':', $this->tag, 2); if (empty($a[1])) { $this->tag_ns = array('', $a[0]); } else { $this->tag_ns = array($a[0], $a[1]); } } return $this->tag_ns[0]; } /* * Set namespace of node * @param string $ns * @see getNamespace() / function setNamespace($ns) { if ($this->getNamespace() !== $ns) { $this->tag_ns[0] = $ns; $this->tag = $ns.':'.$this->tag_ns[1]; } } /* * Get tagname of node (without namespace) * @return string * @see setTag() / function getTag() { if ($this->tag_ns === null) { $this->getNamespace(); } return $this->tag_ns[1]; } /* * Set tag (with or without namespace) * @param string $tag * @param bool $with_ns Does $tag include namespace? * @see getTag() / function setTag($tag, $with_ns = false) { $with_ns = $with_ns \|\| (strpos($tag, ':') !== false); if ($with_ns) { $this->tag = $tag; $this->tag_ns = null; } elseif ($this->getTag() !== $tag) { $this->tag_ns[1] = $tag; $this->tag = (($this->tag_ns[0]) ? $this->tag_ns[0].':' : '').$tag; } } /* * Try to determine the encoding of the current tag * @return string\|bool False if encoding could not be found / function getEncoding() { $root = $this->getRoot(); if ($root !== null) { if ($enc = $root->select('meta[charset]', 0, true, true)) { return $enc->getAttribute("charset"); } elseif ($enc = $root->select('"?xml"[encoding]', 0, true, true)) { return $enc->getAttribute("encoding"); } elseif ($enc = $root->select('meta[content="charset="]', 0, true, true)) { $enc = $enc->getAttribute("content"); return substr($enc, strpos($enc, "charset=")+8); } } return false; } /** * Number of children in node * @param bool $ignore_text_comments Ignore text/comments with calculation * @return int / function childCount($ignore_text_comments = false) { if (!$ignore_text_comments) { return count($this->children); } else{ $count = 0; //foreach($this->children as &$c) { // if (!$c->isTextOrComment()) { // ++$count; // } //} foreach(array_keys($this->children) as $k) { if (!$this->children[$k]->isTextOrComment()) { ++$count; } } return $count; } } /* * Find node in children * @param DomNode $child * @return int False if not found / function findChild($child) { return array_search($child, $this->children, true); } /* * Checks if node has another node as child * @param DomNode $child * @return bool / function hasChild($child) { return ((bool) findChild($child)); } /* * Get childnode * @param int\|DomNode $child Index, negative to count from end * @param bool $ignore_text_comments Ignore text/comments with index calculation * @return DomNode / function &getChild($child, $ignore_text_comments = false) { if (!is_int($child)) { $child = $this->findChild($child); } elseif ($child < 0) { $child += $this->childCount($ignore_text_comments); } if ($ignore_text_comments) { $count = 0; $last = null; //foreach($this->children as &$c) { // if (!$c->isTextOrComment()) { // if ($count++ === $child) { // return $c; // } // $last = $c; // } //} foreach(array_keys($this->children) as $k) { if (!$this->children[$k]->isTextOrComment()) { if ($count++ === $child) { return $this->children[$k]; } $last = $this->children[$k]; } } return (($child > $count) ? $last : null); } else { return $this->children[$child]; } } /* * Add child node * @param string\|DomNode $tag Tag name or object * @param int $offset Position to insert node, negative to count from end, null to append * @return DomNode Added node / #php4 #function &addChild($tag, &$offset) { #php4e #php5 function &addChild($tag, &$offset = null) { #php5e if (is_array($tag)) { $tag = new $this->childClass($tag, $this); } elseif (is_string($tag)) { $nodes = $this->createNodes($tag); $tag = array_shift($nodes); if ($tag && $tag->parent !== $this) { $index = false; $tag->changeParent($this, $index); } } elseif (is_object($tag) && $tag->parent !== $this) { $index = false; //Needs to be passed by ref $tag->changeParent($this, $index); } if (is_int($offset) && ($offset < count($this->children)) && ($offset !== -1)) { if ($offset < 0) { $offset += count($this->children); } array_splice($this->children, $offset++, 0, array(&$tag)); } else { $this->children[] =& $tag; } return $tag; } /* * First child node * @param bool $ignore_text_comments Ignore text/comments with index calculation * @return DomNode / function &firstChild($ignore_text_comments = false) { return $this->getChild(0, $ignore_text_comments); } /* * Last child node * @param bool $ignore_text_comments Ignore text/comments with index calculation * @return DomNode / function &lastChild($ignore_text_comments = false) { return $this->getChild(-1, $ignore_text_comments); } /* * Insert childnode * @param string\|DomNode $tag Tagname or object * @param int $offset Position to insert node, negative to count from end, null to append * @return DomNode Added node * @see addChild(); / function &insertChild($tag, $index) { return $this->addChild($tag, $index); } /* * Add text node * @param string $text * @param int $offset Position to insert node, negative to count from end, null to append * @return DomNode Added node * @see addChild(); / #php4 #function &addText($text, &$offset) { #php4e #php5 function &addText($text, &$offset = null) { #php5e return $this->addChild(new $this->childClass_Text($this, $text), $offset); } /* * Add comment node * @param string $text * @param int $offset Position to insert node, negative to count from end, null to append * @return DomNode Added node * @see addChild(); / #php4 #function &addComment($text, &$offset) { #php4e #php5 function &addComment($text, &$offset = null) { #php5e return $this->addChild(new $this->childClass_Comment($this, $text), $offset); } /* * Add conditional node * @param string $condition * @param bool True for <!--[if, false for <![if * @param int $offset Position to insert node, negative to count from end, null to append * @return DomNode Added node * @see addChild(); / #php4 #function &addConditional($condition, $hidden = true, &$offset) { #php4e #php5 function &addConditional($condition, $hidden = true, &$offset = null) { #php5e return $this->addChild(new $this->childClass_Conditional($this, $condition, $hidden), $offset); } /* * Add CDATA node * @param string $text * @param int $offset Position to insert node, negative to count from end, null to append * @return DomNode Added node * @see addChild(); / #php4 #function &addCDATA($text, &$offset) { #php4e #php5 function &addCDATA($text, &$offset = null) { #php5e return $this->addChild(new $this->childClass_CDATA($this, $text), $offset); } /* * Add doctype node * @param string $dtd * @param int $offset Position to insert node, negative to count from end, null to append * @return DomNode Added node * @see addChild(); / #php4 #function &addDoctype($dtd, &$offset) { #php4e #php5 function &addDoctype($dtd, &$offset = null) { #php5e return $this->addChild(new $this->childClass_Doctype($this, $dtd), $offset); } /* * Add xml node * @param string $tag Tag name after "?", e.g. "php" or "xml" * @param string $text * @param array $attributes Array of attributes (array('attribute' => 'value')) * @param int $offset Position to insert node, negative to count from end, null to append * @return DomNode Added node * @see addChild(); / #php4 #function &addXML($tag = 'xml', $text = '', $attributes = array(), &$offset) { #php4e #php5 function &addXML($tag = 'xml', $text = '', $attributes = array(), &$offset = null) { #php5e return $this->addChild(new $this->childClass_XML($this, $tag, $text, $attributes), $offset); } /* * Add ASP node * @param string $tag Tag name after "%" * @param string $text * @param array $attributes Array of attributes (array('attribute' => 'value')) * @param int $offset Position to insert node, negative to count from end, null to append * @return DomNode Added node * @see addChild(); / #php4 #function &addASP($tag = '', $text = '', $attributes = array(), &$offset) { #php4e #php5 function &addASP($tag = '', $text = '', $attributes = array(), &$offset = null) { #php5e return $this->addChild(new $this->childClass_ASP($this, $tag, $text, $attributes), $offset); } /* * Delete a child node * @param int\|DomNode $child Child(index) to delete, negative to count from end * @param bool $soft_delete False to call {@link delete()} from child / function deleteChild($child, $soft_delete = false) { if (is_object($child)) { $child = $this->findChild($child); } elseif ($child < 0) { $child += count($this->children); } if (!$soft_delete) { $this->children[$child]->delete(); } unset($this->children[$child]); //Rebuild indices $tmp = array(); //foreach($this->children as &$c) { // $tmp[] =& $c; //} foreach(array_keys($this->children) as $k) { $tmp[] =& $this->children[$k]; } $this->children = $tmp; } /* * Wrap node * @param string\|DomNode $node Wrapping node, string to create new element node * @param int $wrap_index Index to insert current node in wrapping node, -1 to append * @param int $node_index Index to insert wrapping node, null to keep at same position * @return DomNode Wrapping node / function wrap($node, $wrap_index = -1, $node_index = null) { if ($node_index === null) { $node_index = $this->index(); } if (!is_object($node)) { $node = $this->parent->addChild($node, $node_index); } elseif ($node->parent !== $this->parent) { $node->changeParent($this->parent, $node_index); } $this->changeParent($node, $wrap_index); return $node; } /* * Wrap child nodes * @param string\|DomNode $node Wrapping node, string to create new element node * @param int $start Index from child node where to start wrapping, 0 for first element * @param int $end Index from child node where to end wrapping, -1 for last element * @param int $wrap_index Index to insert in wrapping node, -1 to append * @param int $node_index Index to insert current node, null to keep at same position * @return DomNode Wrapping node / function wrapInner($node, $start = 0, $end = -1, $wrap_index = -1, $node_index = null) { if ($end < 0) { $end += count($this->children); } if ($node_index === null) { $node_index = $end + 1; } if (!is_object($node)) { $node = $this->addChild($node, $node_index); } elseif ($node->parent !== $this) { $node->changeParent($this->parent, $node_index); } $this->moveChildren($node, $wrap_index, $start, $end); return $node; } /* * Number of attributes * @return int / function attributeCount() { return count($this->attributes); } /* * Find attribute using namespace, name or both * @param string\|int $attr Negative int to count from end * @param string $compare "namespace", "name" or "total" * @param bool $case_sensitive Compare with case sensitivity * @return array array('ns', 'attr', 'ns:attr', index) * @access private / protected function findAttribute($attr, $compare = 'total', $case_sensitive = false) { if (is_int($attr)) { if ($attr < 0) { $attr += count($this->attributes); } $keys = array_keys($this->attributes); return $this->findAttribute($keys[$attr], 'total', true); } else if ($compare === 'total') { $b = explode(':', $attr, 2); if ($case_sensitive) { $t =& $this->attributes; } else { $t = array_change_key_case($this->attributes); $attr = strtolower($attr); } if (isset($t[$attr])) { $index = 0; foreach($this->attributes as $a => $v) { if (($v === $t[$attr]) && (strcasecmp($a, $attr) === 0)) { $attr = $a; $b = explode(':', $attr, 2); break; } ++$index; } if (empty($b[1])) { return array(array('', $b[0], $attr, $index)); } else { return array(array($b[0], $b[1], $attr, $index)); } } else { return false; } } else { if ($this->attributes_ns === null) { $index = 0; foreach($this->attributes as $a => $v) { $b = explode(':', $a, 2); if (empty($b[1])) { $this->attributes_ns[$b[0]][] = array('', $b[0], $a, $index); } else { $this->attributes_ns[$b[1]][] = array($b[0], $b[1], $a, $index); } ++$index; } } if ($case_sensitive) { $t =& $this->attributes_ns; } else { $t = array_change_key_case($this->attributes_ns); $attr = strtolower($attr); } if ($compare === 'namespace') { $res = array(); foreach($t as $ar) { foreach($ar as $a) { if ($a[0] === $attr) { $res[] = $a; } } } return $res; } elseif ($compare === 'name') { return ((isset($t[$attr])) ? $t[$attr] : false); } else { trigger_error('Unknown comparison mode'); } } } /* * Checks if node has attribute * @param string\|int$attr Negative int to count from end * @param string $compare Find node using "namespace", "name" or "total" * @param bool $case_sensitive Compare with case sensitivity * @return bool / function hasAttribute($attr, $compare = 'total', $case_sensitive = false) { return ((bool) $this->findAttribute($attr, $compare, $case_sensitive)); } /* * Gets namespace of attribute(s) * @param string\|int $attr Negative int to count from end * @param string $compare Find node using "namespace", "name" or "total" * @param bool $case_sensitive Compare with case sensitivity * @return string\|array False if not found / function getAttributeNS($attr, $compare = 'name', $case_sensitive = false) { $f = $this->findAttribute($attr, $compare, $case_sensitive); if (is_array($f) && $f) { if (count($f) === 1) { return $this->attributes[$f[0][0]]; } else { $res = array(); foreach($f as $a) { $res[] = $a[0]; } return $res; } } else { return false; } } /* * Sets namespace of attribute(s) * @param string\|int $attr Negative int to count from end * @param string $namespace * @param string $compare Find node using "namespace", "name" or "total" * @param bool $case_sensitive Compare with case sensitivity * @return bool / function setAttributeNS($attr, $namespace, $compare = 'name', $case_sensitive = false) { $f = $this->findAttribute($attr, $compare, $case_sensitive); if (is_array($f) && $f) { if ($namespace) { $namespace .= ':'; } foreach($f as $a) { $val = $this->attributes[$a[2]]; unset($this->attributes[$a[2]]); $this->attributes[$namespace.$a[1]] = $val; } $this->attributes_ns = null; return true; } else { return false; } } /* * Gets value(s) of attribute(s) * @param string\|int $attr Negative int to count from end * @param string $compare Find node using "namespace", "name" or "total" * @param bool $case_sensitive Compare with case sensitivity * @return string\|array / function getAttribute($attr, $compare = 'total', $case_sensitive = false) { $f = $this->findAttribute($attr, $compare, $case_sensitive); if (is_array($f) && $f){ if (count($f) === 1) { return $this->attributes[$f[0][2]]; } else { $res = array(); foreach($f as $a) { $res[] = $this->attributes[$a[2]]; } return $res; } } else { return null; } } /* * Sets value(s) of attribute(s) * @param string\|int $attr Negative int to count from end * @param string $compare Find node using "namespace", "name" or "total" * @param bool $case_sensitive Compare with case sensitivity / function setAttribute($attr, $val, $compare = 'total', $case_sensitive = false) { if ($val === null) { return $this->deleteAttribute($attr, $compare, $case_sensitive); } $f = $this->findAttribute($attr, $compare, $case_sensitive); if (is_array($f) && $f) { foreach($f as $a) { $this->attributes[$a[2]] = (string) $val; } } else { $this->attributes[$attr] = (string) $val; } } /* * Add new attribute * @param string $attr * @param string $val / function addAttribute($attr, $val) { $this->setAttribute($attr, $val, 'total', true); } /* * Delete attribute(s) * @param string\|int $attr Negative int to count from end * @param string $compare Find node using "namespace", "name" or "total" * @param bool $case_sensitive Compare with case sensitivity / function deleteAttribute($attr, $compare = 'total', $case_sensitive = false) { $f = $this->findAttribute($attr, $compare, $case_sensitive); if (is_array($f) && $f) { foreach($f as $a) { unset($this->attributes[$a[2]]); if ($this->attributes_ns !== null) { unset($this->attributes_ns[$a[1]]); } } } } /* * Determine if node has a certain class * @param string $className * @return bool / function hasClass($className) { return ($className && preg_match('`\b'.preg_quote($className).'\b`si', $this->class)); } /* * Add new class(es) * @param string\|array $className / function addClass($className) { if (!is_array($className)) { $className = array($className); } $class = isset($this->class) ? $this->class : ''; foreach ($className as $c) { if (!(preg_match('`\b'.preg_quote($c).'\b`si', $class) > 0)) { $class .= ' '.$c; } } $this->class = trim($class); } /* * Remove clas(ses) * @param string\|array $className / function removeClass($className) { if (!is_array($className)) { $className = array($className); } $class = $this->class; foreach ($className as $c) { $class = preg_replace('`\b'.preg_quote($c).'\b`si', '', $class); } if ($class) { $this->class = $class; } else { unset($this->class); } } /* * Finds children using a callback function * @param callable $callback Function($node) that returns a bool * @param bool\|int $recursive Check recursively * @param bool $check_self Include this node in search? * @return array / function getChildrenByCallback($callback, $recursive = true, $check_self = false) { $count = $this->childCount(); if ($check_self && $callback($this)) { $res = array($this); } else { $res = array(); } if ($count > 0) { if (is_int($recursive)) { $recursive = (($recursive > 1) ? $recursive - 1 : false); } for ($i = 0; $i < $count; $i++) { if ($callback($this->children[$i])) { $res[] = $this->children[$i]; } if ($recursive) { $res = array_merge($res, $this->children[$i]->getChildrenByCallback($callback, $recursive)); } } } return $res; } /* * Finds children using the {$link match()} function * @param $conditions See {$link match()} * @param $custom_filters See {$link match()} * @param bool\|int $recursive Check recursively * @param bool $check_self Include this node in search? * @return array / function getChildrenByMatch($conditions, $recursive = true, $check_self = false, $custom_filters = array()) { $count = $this->childCount(); if ($check_self && $this->match($conditions, true, $custom_filters)) { $res = array($this); } else { $res = array(); } if ($count > 0) { if (is_int($recursive)) { $recursive = (($recursive > 1) ? $recursive - 1 : false); } for ($i = 0; $i < $count; $i++) { if ($this->children[$i]->match($conditions, true, $custom_filters)) { $res[] = $this->children[$i]; } if ($recursive) { $res = array_merge($res, $this->children[$i]->getChildrenByMatch($conditions, $recursive, false, $custom_filters)); } } } return $res; } /* * Checks if tag matches certain conditions * @param array $tags array('tag1', 'tag2') or array(array( * 'tag' => 'tag1', * 'operator' => 'or'/'and', * 'compare' => 'total'/'namespace'/'name', * 'case_sensitive' => true)) * @return bool * @internal Used by selector class * @see match() * @access private / protected function match_tags($tags) { $res = false; foreach($tags as $tag => $match) { if (!is_array($match)) { $match = array( 'match' => $match, 'operator' => 'or', 'compare' => 'total', 'case_sensitive' => false ); } else { if (is_int($tag)) { $tag = $match['tag']; } if (!isset($match['match'])) { $match['match'] = true; } if (!isset($match['operator'])) { $match['operator'] = 'or'; } if (!isset($match['compare'])) { $match['compare'] = 'total'; } if (!isset($match['case_sensitive'])) { $match['case_sensitive'] = false; } } if (($match['operator'] === 'and') && (!$res)) { return false; } elseif (!($res && ($match['operator'] === 'or'))) { if ($match['compare'] === 'total') { $a = $this->tag; } elseif ($match['compare'] === 'namespace') { $a = $this->getNamespace(); } elseif ($match['compare'] === 'name') { $a = $this->getTag(); } if ($match['case_sensitive']) { $res = (($a === $tag) === $match['match']); } else { $res = ((strcasecmp($a, $tag) === 0) === $match['match']); } } } return $res; } /* * Checks if attributes match certain conditions * @param array $attributes array('attr' => 'val') or array(array( * 'operator_value' => 'equals'/'='/'contains_regex'/etc * 'attribute' => 'attr', * 'value' => 'val', * 'match' => true, * 'operator_result' => 'or'/'and', * 'compare' => 'total'/'namespace'/'name', * 'case_sensitive' => true)) * @return bool * @internal Used by selector class * @see match() * @access private / protected function match_attributes($attributes) { $res = false; foreach($attributes as $attribute => $match) { if (!is_array($match)) { $match = array( 'operator_value' => 'equals', 'value' => $match, 'match' => true, 'operator_result' => 'or', 'compare' => 'total', 'case_sensitive' => false ); } else { if (is_int($attribute)) { $attribute = $match['attribute']; } if (!isset($match['match'])) { $match['match'] = true; } if (!isset($match['operator_result'])) { $match['operator_result'] = 'or'; } if (!isset($match['compare'])) { $match['compare'] = 'total'; } if (!isset($match['case_sensitive'])) { $match['case_sensitive'] = false; } } if (is_string($match['value']) && (!$match['case_sensitive'])) { $match['value'] = strtolower($match['value']); } if (($match['operator_result'] === 'and') && (!$res)) { return false; } elseif (!($res && ($match['operator_result'] === 'or'))) { $possibles = $this->findAttribute($attribute, $match['compare'], $match['case_sensitive']); $has = (is_array($possibles) && $possibles); $res = (($match['value'] === $has) \|\| (($match['match'] === false) && ($has === $match['match']))); if ((!$res) && $has && is_string($match['value'])) { foreach($possibles as $a) { $val = $this->attributes[$a[2]]; if (is_string($val) && (!$match['case_sensitive'])) { $val = strtolower($val); } switch($match['operator_value']) { case '%=': case 'contains_regex': $res = ((preg_match('`'.$match['value'].'`s', $val) > 0) === $match['match']); if ($res) break 1; else break 2; case '\|=': case 'contains_prefix': $res = ((preg_match('`\b'.preg_quote($match['value']).'[\-\s]`s', $val) > 0) === $match['match']); if ($res) break 1; else break 2; case '~=': case 'contains_word': $res = ((preg_match('`\s'.preg_quote($match['value']).'\s`s', " $val ") > 0) === $match['match']); if ($res) break 1; else break 2; case '=': case 'contains': $res = ((strpos($val, $match['value']) !== false) === $match['match']); if ($res) break 1; else break 2; case '$=': case 'ends_with': $res = ((substr($val, -strlen($match['value'])) === $match['value']) === $match['match']); if ($res) break 1; else break 2; case '^=': case 'starts_with': $res = ((substr($val, 0, strlen($match['value'])) === $match['value']) === $match['match']); if ($res) break 1; else break 2; case '!=': case 'not_equal': $res = (($val !== $match['value']) === $match['match']); if ($res) break 1; else break 2; case '=': case 'equals': $res = (($val === $match['value']) === $match['match']); if ($res) break 1; else break 2; case '>=': case 'bigger_than': $res = (($val >= $match['value']) === $match['match']); if ($res) break 1; else break 2; case '<=': case 'smaller_than': $res = (($val >= $match['value']) === $match['match']); if ($res) break 1; else break 2; default: trigger_error('Unknown operator "'.$match['operator_value'].'" to match attributes!'); return false; } } } } } return $res; } /** * Checks if node matches certain filters * @param array $tags array(array( * 'filter' => 'last-child', * 'params' => '123')) * @param array $custom_filters Custom map next to {@link $filter_map} * @return bool * @internal Used by selector class * @see match() * @access private / protected function match_filters($conditions, $custom_filters = array()) { foreach($conditions as $c) { $c['filter'] = strtolower($c['filter']); if (isset($this->filter_map[$c['filter']])) { if (!$this->{$this->filter_map[$c['filter']]}($c['params'])) { return false; } } elseif (isset($custom_filters[$c['filter']])) { if (!call_user_func($custom_filters[$c['filter']], $this, $c['params'])) { return false; } } else { trigger_error('Unknown filter "'.$c['filter'].'"!'); return false; } } return true; } /* * Checks if node matches certain conditions * @param array $tags array('tags' => array(tag_conditions), 'attributes' => array(attr_conditions), 'filters' => array(filter_conditions)) * @param array $match Should conditions evaluate to true? * @param array $custom_filters Custom map next to {@link $filter_map} * @return bool * @internal Used by selector class * @see match_tags(); * @see match_attributes(); * @see match_filters(); * @access private / function match($conditions, $match = true, $custom_filters = array()) { $t = isset($conditions['tags']); $a = isset($conditions['attributes']); $f = isset($conditions['filters']); if (!($t \|\| $a \|\| $f)) { if (is_array($conditions) && $conditions) { foreach($conditions as $c) { if ($this->match($c, $match)) { return true; } } } return false; } else { if (($t && (!$this->match_tags($conditions['tags']))) === $match) { return false; } if (($a && (!$this->match_attributes($conditions['attributes']))) === $match) { return false; } if (($f && (!$this->match_filters($conditions['filters'], $custom_filters))) === $match) { return false; } return true; } } /* * Finds children that match a certain attribute * @param string $attribute * @param string $value * @param string $mode Compare mode, "equals", "\|=", "contains_regex", etc. * @param string $compare "total"/"namespace"/"name" * @param bool\|int $recursive * @return array / function getChildrenByAttribute($attribute, $value, $mode = 'equals', $compare = 'total', $recursive = true) { if ($this->childCount() < 1) { return array(); } $mode = explode(' ', strtolower($mode)); $match = ((isset($mode[1]) && ($mode[1] === 'not')) ? 'false' : 'true'); return $this->getChildrenByMatch( array( 'attributes' => array( $attribute => array( 'operator_value' => $mode[0], 'value' => $value, 'match' => $match, 'compare' => $compare ) ) ), $recursive ); } /* * Finds children that match a certain tag * @param string $tag * @param string $compare "total"/"namespace"/"name" * @param bool\|int $recursive * @return array / function getChildrenByTag($tag, $compare = 'total', $recursive = true) { if ($this->childCount() < 1) { return array(); } $tag = explode(' ', strtolower($tag)); $match = ((isset($tag[1]) && ($tag[1] === 'not')) ? 'false' : 'true'); return $this->getChildrenByMatch( array( 'tags' => array( $tag[0] => array( 'match' => $match, 'compare' => $compare ) ) ), $recursive ); } /* * Finds all children using ID attribute * @param string $id * @param bool\|int $recursive * @return array / function getChildrenByID($id, $recursive = true) { return $this->getChildrenByAttribute('id', $id, 'equals', 'total', $recursive); } /* * Finds all children using class attribute * @param string $class * @param bool\|int $recursive * @return array / function getChildrenByClass($class, $recursive = true) { return $this->getChildrenByAttribute('class', $class, 'equals', 'total', $recursive); } /* * Finds all children using name attribute * @param string $name * @param bool\|int $recursive * @return array / function getChildrenByName($name, $recursive = true) { return $this->getChildrenByAttribute('name', $name, 'equals', 'total', $recursive); } /* * Performs a css query on the node. * @param string $query * @return IQuery Returns the matching nodes from the query. / public function query($query = '') { $select = $this->select($query); $result = new \pagelayerQuery((array)$select); return $result; } /** * Performs css query on node * @param string $query * @param int\|bool $index True to return node instead of array if only 1 match, * false to return array, int to return match at index, negative int to count from end * @param bool\|int $recursive * @param bool $check_self Include this node in search or only search child nodes * @return DomNode[]\|DomNode Returns an array of matching {@link DomNode} objects * or a single {@link DomNode} if `$index` is not false. / function select($query = '', $index = false, $recursive = true, $check_self = false) { $s = new $this->selectClass($this, $query, $check_self, $recursive); $res = $s->result; unset($s); if (is_array($res) && ($index === true) && (count($res) === 1)) { return $res[0]; } elseif (is_int($index) && is_array($res)) { if ($index < 0) { $index += count($res); } return ($index < count($res)) ? $res[$index] : null; } else { return $res; } } /** * Checks if node matches css query filter ":root" * @return bool * @see match() * @access private / protected function filter_root() { return (strtolower($this->tag) === 'html'); } /* * Checks if node matches css query filter ":nth-child(n)" * @param string $n 1-based index * @return bool * @see match() * @access private / protected function filter_nchild($n) { return ($this->index(false)+1 === (int) $n); } /* * Checks if node matches css query filter ":gt(n)" * @param string $n 0-based index * @return bool * @see match() * @access private / protected function filter_gt($n) { return ($this->index(false) > (int) $n); } /* * Checks if node matches css query filter ":lt(n)" * @param string $n 0-based index * @return bool * @see match() * @access private / protected function filter_lt($n) { return ($this->index(false) < (int) $n); } /* * Checks if node matches css query filter ":nth-last-child(n)" * @param string $n 1-based index * @return bool * @see match() * @access private / protected function filter_nlastchild($n) { if ($this->parent === null) { return false; } else { return ($this->parent->childCount(true) - $this->index(false) === (int) $n); } } /* * Checks if node matches css query filter ":nth-of-type(n)" * @param string $n 1-based index * @return bool * @see match() * @access private / protected function filter_ntype($n) { return ($this->typeIndex()+1 === (int) $n); } /* * Checks if node matches css query filter ":nth-last-of-type(n)" * @param string $n 1-based index * @return bool * @see match() * @access private / protected function filter_nlastype($n) { if ($this->parent === null) { return false; } else { return (count($this->parent->getChildrenByTag($this->tag, 'total', false)) - $this->typeIndex() === (int) $n); } } /* * Checks if node matches css query filter ":odd" * @return bool * @see match() * @access private / protected function filter_odd() { return (($this->index(false) & 1) === 1); } /* * Checks if node matches css query filter ":even" * @return bool * @see match() * @access private / protected function filter_even() { return (($this->index(false) & 1) === 0); } /* * Checks if node matches css query filter ":every(n)" * @return bool * @see match() * @access private / protected function filter_every($n) { return (($this->index(false) % (int) $n) === 0); } /* * Checks if node matches css query filter ":first" * @return bool * @see match() * @access private / protected function filter_first() { return ($this->index(false) === 0); } /* * Checks if node matches css query filter ":last" * @return bool * @see match() * @access private / protected function filter_last() { if ($this->parent === null) { return false; } else { return ($this->parent->childCount(true) - 1 === $this->index(false)); } } /* * Checks if node matches css query filter ":first-of-type" * @return bool * @see match() * @access private / protected function filter_firsttype() { return ($this->typeIndex() === 0); } /* * Checks if node matches css query filter ":last-of-type" * @return bool * @see match() * @access private / protected function filter_lasttype() { if ($this->parent === null) { return false; } else { return (count($this->parent->getChildrenByTag($this->tag, 'total', false)) - 1 === $this->typeIndex()); } } /* * Checks if node matches css query filter ":only-child" * @return bool * @see match() * @access private / protected function filter_onlychild() { if ($this->parent === null) { return false; } else { return ($this->parent->childCount(true) === 1); } } /* * Checks if node matches css query filter ":only-of-type" * @return bool * @see match() * @access private / protected function filter_onlytype() { if ($this->parent === null) { return false; } else { return (count($this->parent->getChildrenByTag($this->tag, 'total', false)) === 1); } } /* * Checks if node matches css query filter ":empty" * @return bool * @see match() * @access private / protected function filter_empty() { return ($this->childCount() === 0); } /* * Checks if node matches css query filter ":not-empty" * @return bool * @see match() * @access private / protected function filter_notempty() { return ($this->childCount() !== 0); } /* * Checks if node matches css query filter ":has-text" * @return bool * @see match() * @access private / protected function filter_hastext() { return ($this->getPlainText() !== ''); } /* * Checks if node matches css query filter ":no-text" * @return bool * @see match() * @access private / protected function filter_notext() { return ($this->getPlainText() === ''); } /* * Checks if node matches css query filter ":lang(s)" * @param string $lang * @return bool * @see match() * @access private / protected function filter_lang($lang) { return ($this->lang === $lang); } /* * Checks if node matches css query filter ":contains(s)" * @param string $text * @return bool * @see match() * @access private / protected function filter_contains($text) { return (strpos($this->getPlainTextUTF8(), $text) !== false); } /* * Checks if node matches css query filter ":has(s)" * @param string $selector * @return bool * @see match() * @access private / protected function filter_has($selector) { $s = $this->select((string) $selector, false); return (is_array($s) && (count($s) > 0)); } /* * Checks if node matches css query filter ":not(s)" * @param string $selector * @return bool * @see match() * @access private / protected function filter_not($selector) { $s = $this->select((string) $selector, false, true, true); return ((!is_array($s)) \|\| (array_search($this, $s, true) === false)); } /* * Checks if node matches css query filter ":element" * @return bool * @see match() * @access private / protected function filter_element() { return true; } /* * Checks if node matches css query filter ":text" * @return bool * @see match() * @access private / protected function filter_text() { return false; } /* * Checks if a node matches css query filter ":checked" * @return bool * @see match() / protected function filter_checked() { $attr = $this->getAttribute('checked'); if (is_array($attr)) $attr = reset($attr); return strcasecmp($attr, 'checked') === 0; } /* * Checks if node matches css query filter ":comment" * @return bool * @see match() * @access private / protected function filter_comment() { return false; } /* * Checks if a node matches css query filter ":selected" * @return bool * @see match() / protected function filter_selected() { $attr = $this->getAttribute('selected'); if (is_array($attr)) $attr = reset($attr); return strcasecmp($attr, 'selected') === 0; } public function after($content) { $offset = $this->index() + 1; $parent = $this->parent; $nodes = $this->createNodes($content); foreach ($nodes as $node) { $node->changeParent($parent, $offset); } return $this; } /* * Create a {@link DomNode} from its string representation. * @param string\|DomNode $content * @return DomNode / protected function createNode($content) { $nodes = $this->createNodes($content); return reset($nodes); } /* * Create an array of {@link DomNode} objects from their string representation. * @param string\|DomNode $content * @return DomNode[] / protected function createNodes($content) { if (is_string($content)) { if (strpos($content, ' ') === false) { $nodes = array(new $this->childClass($content, $this)); } else { $node = new $this->parserClass($content); $nodes = $node->root->children; } } else { $nodes = (array)$content; } return $nodes; } public function append($content) { $nodes = $this->createNodes($content); foreach ($nodes as $node) { $node->changeParent($this); } return $this; } public function attr($name, $value = null) { if ($value === null) return $this->getAttribute($name); $this->setAttribute($name, $value); return $this; } public function before($content) { $offset = $this->index(); $parent = $this->parent; $nodes = $this->createNodes($content); foreach ($nodes as $node) { $node->changeParent($parent, $offset); } return $this; } #[\ReturnTypeWillChange] public function count() { return 1; } // public function css($name, $value = null) { // // } public function prepend($content = null) { $offset = 0; $parent = $this; $nodes = $this->createNodes($content); foreach ($nodes as $node) { $node->changeParent($parent, $offset); } return $this; } public function prop($name, $value = null) { switch (strtolower($name)) { case 'checked': case 'disabled': case 'selected': if ($value !== null) { if ($value) { $this->attr($name, $name); } else { $this->removeAttr($name); } return $this; } return $this->attr($name) == $name; case 'tagname': return $this->tagName($value); } // The property is not supported, degrade gracefully if ($value === null) return $this; else return null; } public function remove($selector = null) { if ($selector == null) { $this->delete(); } else { $nodes = (array)$this->select($selector); foreach ($nodes as $node) { $node->delete(); } } } public function removeAttr($name) { $this->deleteAttribute($name); return $this; } function replaceWith($content) { $node_index = $this->index(); // Add the new node. $node = $this->createNode($content); $node->changeParent($this->parent, $node_index); // Remove this node. $this->remove(); return $node; } /* * @param type $value * @return string\|DomNode / public function tagName($value = null) { if ($value !== null) { $this->setTag($value); return $this; } return $this->getTag(); } public function text($value = null) { if ($value === null) return $this->getPlainText(); $this->setPlainText($value); return $this; } public function toggleClass($classname, $switch = null) { if ($switch === true) { $this->addClass($classname); } elseif ($switch === false) { $this->removeClass($classname); } else { if ($this->hasClass($classname)) $this->removeClass($classname); else $this->addClass($classname); } return $this; } public function unwrap() { $this->parent->detach(true); return $this; } public function val($value = null) { switch (strtolower($this->tag)) { case 'select': if ($value === null) { // Return the value of a selected child. return $this->query('option:selected')->attr('value'); } else { // Select the option with the right value and deselect the others. foreach ($this->query('option') as $option) { if ($option->attr('value') == $value) { $option->attr('selected', 'selected'); } else { $option->removeAttr('selected'); } } return $this; } case 'textarea': if ($value === null) { // Return the contents of the textarea. return $this->getInnerText(); } else { // Set the contents of the textarea. $this->setInnerText($value); return $this; } case 'input': switch (strtolower($this->getAttribute('type'))) { case 'checkbox': if ($value === null) return $this->prop('checked') ? $this->getAttribute('value') : null; else { if (!$value) { $this->deleteAttribute('checked'); } else { $this->setAttribute('value', $value); $this->setAttribute('checked', 'checked'); } return $this; } } } // Other node types can just get/set the value attribute. if ($value !== null) { $this->setAttribute('value', $value); return $this; } return $this->getAttribute('value'); } } /* * Node subclass for text / class TextNode extends DomNode { #php4 Compatibility with PHP4, this gets changed to a regular var in release tool #static $NODE_TYPE = self::NODE_TEXT; #php4e #php5 const NODE_TYPE = self::NODE_TEXT; #php5e var $tag = '~text~'; /* * @var string / var $text = ''; /* * Class constructor * @param DomNode $parent * @param string $text / function __construct($parent, $text = '') { $this->parent = $parent; $this->text = $text; } #php4 PHP4 class constructor compatibility #function TextNode($parent, $text = '') {return $this->__construct($parent, $text);} #php4e function isText() {return true;} function isTextOrComment() {return true;} protected function filter_element() {return false;} protected function filter_text() {return true;} function toString_attributes() {return '';} function toString_content($attributes = true, $recursive = true, $content_only = false) {return $this->text;} function toString($attributes = true, $recursive = true, $content_only = false) {return $this->text;} /* * {@inheritdoc} / public function text($value = null) { if ($value !== null) { $this->text = $value; return $this; } return $this->text; } /* * {@inheritdoc} / public function html($value = null) { if ($value !== null) { $this->text = $value; return $this; } return $this->text; } } /* * Node subclass for comments / class CommentNode extends DomNode { #php4 Compatibility with PHP4, this gets changed to a regular var in release tool #static $NODE_TYPE = self::NODE_COMMENT; #php4e #php5 const NODE_TYPE = self::NODE_COMMENT; #php5e var $tag = '~comment~'; /* * @var string / var $text = ''; /* * Class constructor * @param DomNode $parent * @param string $text / function __construct($parent, $text = '') { $this->parent = $parent; $this->text = $text; } #php4 PHP4 class constructor compatibility #function CommentNode($parent, $text = '') {return $this->__construct($parent, $text);} #php4e function isComment() {return true;} function isTextOrComment() {return true;} protected function filter_element() {return false;} protected function filter_comment() {return true;} function toString_attributes() {return '';} function toString_content($attributes = true, $recursive = true, $content_only = false) {return $this->text;} function toString($attributes = true, $recursive = true, $content_only = false) {return '<!--'.$this->text.'-->';} } /* * Node subclass for conditional tags / class ConditionalTagNode extends DomNode { #php4 Compatibility with PHP4, this gets changed to a regular var in release tool #static $NODE_TYPE = self::NODE_CONDITIONAL; #php4e #php5 const NODE_TYPE = self::NODE_CONDITIONAL; #php5e var $tag = '~conditional~'; /* * @var string / var $condition = ''; /* * Class constructor * @param DomNode $parent * @param string $condition e.g. "if IE" * @param bool $hidden <!--[if if true, <![if if false / function __construct($parent, $condition = '', $hidden = true) { $this->parent = $parent; $this->hidden = $hidden; $this->condition = $condition; } #php4 PHP4 class constructor compatibility #function ConditionalTagNode($parent, $condition = '', $hidden = true) {return $this->__construct($parent, $condition, $hidden);} #php4e protected function filter_element() {return false;} function toString_attributes() {return '';} function toString($attributes = true, $recursive = true, $content_only = false) { if ($content_only) { if (is_int($content_only)) { --$content_only; } return $this->toString_content($attributes, $recursive, $content_only); } $s = '<!'.(($this->hidden) ? '--' : '').'['.$this->condition.']>'; if($recursive) { $s .= $this->toString_content($attributes); } $s .= '<![endif]'.(($this->hidden) ? '--' : '').'>'; return $s; } } /* * Node subclass for CDATA tags / class CdataNode extends DomNode { #php4 Compatibility with PHP4, this gets changed to a regular var in release tool #static $NODE_TYPE = self::NODE_CDATA; #php4e #php5 const NODE_TYPE = self::NODE_CDATA; #php5e var $tag = '~cdata~'; /* * @var string / var $text = ''; /* * Class constructor * @param DomNode $parent * @param string $text / function __construct($parent, $text = '') { $this->parent = $parent; $this->text = $text; } #php4 PHP4 class constructor compatibility #function CdataNode($parent, $text = '') {return $this->__construct($parent, $text);} #php4e protected function filter_element() {return false;} function toString_attributes() {return '';} function toString_content($attributes = true, $recursive = true, $content_only = false) {return $this->text;} function toString($attributes = true, $recursive = true, $content_only = false) {return '<![CDATA['.$this->text.']]>';} } /* * Node subclass for doctype tags / class DoctypeNode extends DomNode { #php4 Compatibility with PHP4, this gets changed to a regular var in release tool #static $NODE_TYPE = self::NODE_DOCTYPE; #php4e #php5 const NODE_TYPE = self::NODE_DOCTYPE; #php5e var $tag = '!DOCTYPE'; /* * @var string / var $dtd = ''; /* * Class constructor * @param DomNode $parent * @param string $dtd / function __construct($parent, $dtd = '') { $this->parent = $parent; $this->dtd = $dtd; } #php4 PHP4 class constructor compatibility #function DoctypeNode($parent, $dtd = '') {return $this->__construct($parent, $dtd);} #php4e protected function filter_element() {return false;} function toString_attributes() {return '';} function toString_content($attributes = true, $recursive = true, $content_only = false) {return $this->text;} function toString($attributes = true, $recursive = true, $content_only = false) {return '<'.$this->tag.' '.$this->dtd.'>';} } /* * Node subclass for embedded tags like xml, php and asp / class EmbeddedNode extends DomNode { /* * @var string * @internal specific char for tags, like ? for php and % for asp * @access private / var $tag_char = ''; /* * @var string / var $text = ''; /* * Class constructor * @param DomNode $parent * @param string $tag_char {@link $tag_char} * @param string $tag {@link $tag} * @param string $text * @param array $attributes array('attr' => 'val') / function __construct($parent, $tag_char = '', $tag = '', $text = '', $attributes = array()) { $this->parent = $parent; $this->tag_char = $tag_char; if ($tag[0] !== $this->tag_char) { $tag = $this->tag_char.$tag; } $this->tag = $tag; $this->text = $text; $this->attributes = $attributes; $this->self_close_str = $tag_char; } #php4 PHP4 class constructor compatibility #function EmbeddedNode($parent, $tag_char = '', $tag = '', $text = '', $attributes = array()) {return $this->__construct($parent, $tag_char, $tag, $text, $attributes);} #php4e protected function filter_element() {return false;} function toString($attributes = true, $recursive = true, $content_only = false) { $s = '<'.$this->tag; if ($attributes) { $s .= $this->toString_attributes(); } $s .= $this->text.$this->self_close_str.'>'; return $s; } } /* * Node subclass for "?" tags, like php and xml / class XmlNode extends EmbeddedNode { #php4 Compatibility with PHP4, this gets changed to a regular var in release tool #static $NODE_TYPE = self::NODE_XML; #php4e #php5 const NODE_TYPE = self::NODE_XML; #php5e /* * Class constructor * @param DomNode $parent * @param string $tag {@link $tag} * @param string $text * @param array $attributes array('attr' => 'val') / function __construct($parent, $tag = 'xml', $text = '', $attributes = array()) { return parent::__construct($parent, '?', $tag, $text, $attributes); } #php4 PHP4 class constructor compatibility #function XmlNode($parent, $tag = 'xml', $text = '', $attributes = array()) {return $this->__construct($parent, $tag, $text, $attributes);} #php4e } /* * Node subclass for asp tags / class AspEmbeddedNode extends EmbeddedNode { #php4 Compatibility with PHP4, this gets changed to a regular var in release tool #static $NODE_TYPE = self::NODE_ASP; #php4e #php5 const NODE_TYPE = self::NODE_ASP; #php5e /* * Class constructor * @param DomNode $parent * @param string $tag {@link $tag} * @param string $text * @param array $attributes array('attr' => 'val') / function __construct($parent, $tag = '', $text = '', $attributes = array()) { return parent::__construct($parent, '%', $tag, $text, $attributes); } #php4 PHP4 class constructor compatibility #function AspEmbeddedNode($parent, $tag = '', $text = '', $attributes = array()) {return $this->__construct($parent, $tag, $text, $attributes);} #php4e } ?>��pquery/ganon.php��0000644��00000005233�15104270523�0007706 0��ustar�00��<?php /* * @author Niels A.D. * @author Todd Burry <todd@vanillaforums.com> * @copyright 2010 Niels A.D., 2014 Todd Burry * @license http://opensource.org/licenses/LGPL-2.1 LGPL-2.1 * @package pQuery / use pagelayerQuery\Html5Parser; use pagelayerQuery\HtmlFormatter; /* * Returns HTML DOM from string * @param string $str * @param bool $return_root Return root node or return parser object * @return Html5Parser\|DomNode / function str_get_dom($str, $return_root = true) { $a = new Html5Parser($str); return (($return_root) ? $a->root : $a); } /* * Returns HTML DOM from file/website * @param string $str * @param bool $return_root Return root node or return parser object * @param bool $use_include_path Use include path search in file_get_contents * @param resource $context Context resource used in file_get_contents (PHP >= 5.0.0) * @return Html5Parser\|DomNode / function file_get_dom($file, $return_root = true, $use_include_path = false, $context = null) { if (version_compare(PHP_VERSION, '5.0.0', '>=')) $f = file_get_contents($file, $use_include_path, $context); else { if ($context !== null) trigger_error('Context parameter not supported in this PHP version'); $f = file_get_contents($file, $use_include_path); } return (($f === false) ? false : str_get_dom($f, $return_root)); } /* * Format/beautify DOM * @param DomNode $root * @param array $options Extra formatting options {@link Formatter::$options} * @return bool / function dom_format(&$root, $options = array()) { $formatter = new HtmlFormatter($options); return $formatter->format($root); } if (version_compare(PHP_VERSION, '5.0.0', '<')) { /* * PHP alternative to str_split, for backwards compatibility * @param string $string * @return string / function str_split($string) { $res = array(); $size = strlen($string); for ($i = 0; $i < $size; $i++) { $res[] = $string[$i]; } return $res; } } if (version_compare(PHP_VERSION, '5.2.0', '<')) { /* * PHP alternative to array_fill_keys, for backwards compatibility * @param array $keys * @param mixed $value * @return array / function array_fill_keys($keys, $value) { $res = array(); foreach($keys as $k) { $res[$k] = $value; } return $res; } } #!! <- Ignore when converting to single file if (!defined('GANON_NO_INCLUDES')) { define('GANON_NO_INCLUDES', true); include_once('IQuery.php'); include_once('gan_tokenizer.php'); include_once('gan_parser_html.php'); include_once('gan_node_html.php'); include_once('gan_selector_html.php'); include_once('gan_formatter.php'); } #! ?>��pquery/gan_selector_html.php��0000644��00000057574�15104270523�0012314 0��ustar�00��<?php /* * @author Niels A.D. * @author Todd Burry <todd@vanillaforums.com> * @copyright 2010 Niels A.D., 2014 Todd Burry * @license http://opensource.org/licenses/LGPL-2.1 LGPL-2.1 * @package pQuery / namespace pagelayerQuery; /* * Tokenizes a css selector query / class CSSQueryTokenizer extends TokenizerBase { /* * Opening bracket token, used for "[" / const TOK_BRACKET_OPEN = 100; /* * Closing bracket token, used for "]" / const TOK_BRACKET_CLOSE = 101; /* * Opening brace token, used for "(" / const TOK_BRACE_OPEN = 102; /* * Closing brace token, used for ")" / const TOK_BRACE_CLOSE = 103; /* * String token / const TOK_STRING = 104; /* * Colon token, used for ":" / const TOK_COLON = 105; /* * Comma token, used for "," / const TOK_COMMA = 106; /* * "Not" token, used for "!" / const TOK_NOT = 107; /* * "All" token, used for "" in query / const TOK_ALL = 108; /** * Pipe token, used for "\|" / const TOK_PIPE = 109; /* * Plus token, used for "+" / const TOK_PLUS = 110; /* * "Sibling" token, used for "~" in query / const TOK_SIBLING = 111; /* * Class token, used for "." in query / const TOK_CLASS = 112; /* * ID token, used for "#" in query / const TOK_ID = 113; /* * Child token, used for ">" in query / const TOK_CHILD = 114; /* * Attribute compare prefix token, used for "\|=" / const TOK_COMPARE_PREFIX = 115; /* * Attribute contains token, used for "=" / const TOK_COMPARE_CONTAINS = 116; /** * Attribute contains word token, used for "~=" / const TOK_COMPARE_CONTAINS_WORD = 117; /* * Attribute compare end token, used for "$=" / const TOK_COMPARE_ENDS = 118; /* * Attribute equals token, used for "=" / const TOK_COMPARE_EQUALS = 119; /* * Attribute not equal token, used for "!=" / const TOK_COMPARE_NOT_EQUAL = 120; /* * Attribute compare bigger than token, used for ">=" / const TOK_COMPARE_BIGGER_THAN = 121; /* * Attribute compare smaller than token, used for "<=" / const TOK_COMPARE_SMALLER_THAN = 122; /* * Attribute compare with regex, used for "%=" / const TOK_COMPARE_REGEX = 123; /* * Attribute compare start token, used for "^=" / const TOK_COMPARE_STARTS = 124; /* * Sets query identifiers * @see TokenizerBase::$identifiers * @access private / var $identifiers = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890_-?'; /* * Map characters to match their tokens * @see TokenizerBase::$custom_char_map * @access private / var $custom_char_map = array( '.' => self::TOK_CLASS, '#' => self::TOK_ID, ',' => self::TOK_COMMA, '>' => 'parse_gt',//self::TOK_CHILD, '+' => self::TOK_PLUS, '~' => 'parse_sibling', '\|' => 'parse_pipe', '' => 'parse_star', '$' => 'parse_compare', '=' => self::TOK_COMPARE_EQUALS, '!' => 'parse_not', '%' => 'parse_compare', '^' => 'parse_compare', '<' => 'parse_compare', '"' => 'parse_string', "'" => 'parse_string', '(' => self::TOK_BRACE_OPEN, ')' => self::TOK_BRACE_CLOSE, '[' => self::TOK_BRACKET_OPEN, ']' => self::TOK_BRACKET_CLOSE, ':' => self::TOK_COLON ); /** * Parse ">" character * @internal Could be {@link TOK_CHILD} or {@link TOK_COMPARE_BIGGER_THAN} * @return int / protected function parse_gt() { if ((($this->pos + 1) < $this->size) && ($this->doc[$this->pos + 1] === '=')) { ++$this->pos; return ($this->token = self::TOK_COMPARE_BIGGER_THAN); } else { return ($this->token = self::TOK_CHILD); } } /* * Parse "~" character * @internal Could be {@link TOK_SIBLING} or {@link TOK_COMPARE_CONTAINS_WORD} * @return int / protected function parse_sibling() { if ((($this->pos + 1) < $this->size) && ($this->doc[$this->pos + 1] === '=')) { ++$this->pos; return ($this->token = self::TOK_COMPARE_CONTAINS_WORD); } else { return ($this->token = self::TOK_SIBLING); } } /* * Parse "\|" character * @internal Could be {@link TOK_PIPE} or {@link TOK_COMPARE_PREFIX} * @return int / protected function parse_pipe() { if ((($this->pos + 1) < $this->size) && ($this->doc[$this->pos + 1] === '=')) { ++$this->pos; return ($this->token = self::TOK_COMPARE_PREFIX); } else { return ($this->token = self::TOK_PIPE); } } /* * Parse "" character @internal Could be {@link TOK_ALL} or {@link TOK_COMPARE_CONTAINS} * @return int / protected function parse_star() { if ((($this->pos + 1) < $this->size) && ($this->doc[$this->pos + 1] === '=')) { ++$this->pos; return ($this->token = self::TOK_COMPARE_CONTAINS); } else { return ($this->token = self::TOK_ALL); } } /* * Parse "!" character * @internal Could be {@link TOK_NOT} or {@link TOK_COMPARE_NOT_EQUAL} * @return int / protected function parse_not() { if ((($this->pos + 1) < $this->size) && ($this->doc[$this->pos + 1] === '=')) { ++$this->pos; return ($this->token = self::TOK_COMPARE_NOT_EQUAL); } else { return ($this->token = self::TOK_NOT); } } /* * Parse several compare characters * @return int / protected function parse_compare() { if ((($this->pos + 1) < $this->size) && ($this->doc[$this->pos + 1] === '=')) { switch($this->doc[$this->pos++]) { case '$': return ($this->token = self::TOK_COMPARE_ENDS); case '%': return ($this->token = self::TOK_COMPARE_REGEX); case '^': return ($this->token = self::TOK_COMPARE_STARTS); case '<': return ($this->token = self::TOK_COMPARE_SMALLER_THAN); } } return false; } /* * Parse strings (" and ') * @return int / protected function parse_string() { $char = $this->doc[$this->pos]; while (true) { if ($this->next_search($char.'\\', false) !== self::TOK_NULL) { if($this->doc[$this->pos] === $char) { break; } else { ++$this->pos; } } else { $this->pos = $this->size - 1; break; } } return ($this->token = self::TOK_STRING); } } /* * Performs a css select query on HTML nodes / class HtmlSelector { /* * Parser object * @internal If string, then it will create a new instance as parser * @var CSSQueryTokenizer / var $parser = 'pagelayerQuery\\CSSQueryTokenizer'; /* * Target of queries * @var DomNode / var $root = null; /* * Last performed query, result in {@link $result} * @var string / var $query = ''; /* * Array of matching nodes * @var array / var $result = array(); /* * Include root in search, if false the only child nodes are evaluated * @var bool / var $search_root = false; /* * Search recursively * @var bool / var $search_recursive = true; /* * Extra function map for custom filters * @var array * @internal array('root' => 'filter_root') will cause the * selector to call $this->filter_root at :root * @see DomNode::$filter_map / var $custom_filter_map = array(); /* * Class constructor * @param DomNode $root {@link $root} * @param string $query * @param bool $search_root {@link $search_root} * @param bool $search_recursive {@link $search_recursive} * @param CSSQueryTokenizer $parser If null, then default class will be used / function __construct($root, $query = '', $search_root = false, $search_recursive = true, $parser = null) { if ($parser === null) { $parser = new $this->parser(); } $this->parser = $parser; $this->root =& $root; $this->search_root = $search_root; $this->search_recursive = $search_recursive; $this->select($query); } #php4 PHP4 class constructor compatibility #function HtmlSelector($root, $query = '', $search_root = false, $search_recursive = true, $parser = null) {return $this->__construct($root, $query, $search_root, $search_recursive, $parser);} #php4e /* * toString method, returns {@link $query} * @return string * @access private / function __toString() { return $this->query; } /* * Class magic invoke method, performs {@link select()} * @return array * @access private / function __invoke($query = '') { return $this->select($query); } /** * Perform query * @param string $query * @return array False on failure / function select($query = '') { $this->parser->setDoc($query); $this->query = $query; return (($this->parse()) ? $this->result : false); } /** * Trigger error * @param string $error * @internal %pos% and %tok% will be replace in string with position and token(string) * @access private / protected function error($error) { $error = htmlentities(str_replace( array('%tok%', '%pos%'), array($this->parser->getTokenString(), (int) $this->parser->getPos()), $error )); trigger_error($error); } /* * Get identifier (parse identifier or string) * @param bool $do_error Error on failure * @return string False on failure * @access private / protected function parse_getIdentifier($do_error = true) { $p =& $this->parser; $tok = $p->token; if ($tok === CSSQueryTokenizer::TOK_IDENTIFIER) { return $p->getTokenString(); } elseif($tok === CSSQueryTokenizer::TOK_STRING) { return str_replace(array('\\\'', '\\"', '\\\\'), array('\'', '"', '\\'), $p->getTokenString(1, -1)); } elseif ($do_error) { $this->error('Expected identifier at %pos%!'); } return false; } /* * Get query conditions (tag, attribute and filter conditions) * @return array False on failure * @see DomNode::match() * @access private / protected function parse_conditions() { $p =& $this->parser; $tok = $p->token; if ($tok === CSSQueryTokenizer::TOK_NULL) { $this->error('Invalid search pattern(1): Empty string!'); return false; } $conditions_all = array(); //Tags while ($tok !== CSSQueryTokenizer::TOK_NULL) { $conditions = array('tags' => array(), 'attributes' => array()); if ($tok === CSSQueryTokenizer::TOK_ALL) { $tok = $p->next(); if (($tok === CSSQueryTokenizer::TOK_PIPE) && ($tok = $p->next()) && ($tok !== CSSQueryTokenizer::TOK_ALL)) { if (($tag = $this->parse_getIdentifier()) === false) { return false; } $conditions['tags'][] = array( 'tag' => $tag, 'compare' => 'name' ); $tok = $p->next_no_whitespace(); } else { $conditions['tags'][''] = array( 'tag' => '', 'match' => false ); if ($tok === CSSQueryTokenizer::TOK_ALL) { $tok = $p->next_no_whitespace(); } } } elseif ($tok === CSSQueryTokenizer::TOK_PIPE) { $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_ALL) { $conditions['tags'][] = array( 'tag' => '', 'compare' => 'namespace', ); } elseif (($tag = $this->parse_getIdentifier()) !== false) { $conditions['tags'][] = array( 'tag' => $tag, 'compare' => 'total', ); } else { return false; } $tok = $p->next_no_whitespace(); } elseif ($tok === CSSQueryTokenizer::TOK_BRACE_OPEN) { $tok = $p->next_no_whitespace(); $last_mode = 'or'; while (true) { $match = true; $compare = 'total'; if ($tok === CSSQueryTokenizer::TOK_NOT) { $match = false; $tok = $p->next_no_whitespace(); } if ($tok === CSSQueryTokenizer::TOK_ALL) { $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_PIPE) { $this->next(); $compare = 'name'; if (($tag = $this->parse_getIdentifier()) === false) { return false; } } } elseif ($tok === CSSQueryTokenizer::TOK_PIPE) { $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_ALL) { $tag = ''; $compare = 'namespace'; } elseif (($tag = $this->parse_getIdentifier()) === false) { return false; } $tok = $p->next_no_whitespace(); } else { if (($tag = $this->parse_getIdentifier()) === false) { return false; } $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_PIPE) { $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_ALL) { $compare = 'namespace'; } elseif (($tag_name = $this->parse_getIdentifier()) !== false) { $tag = $tag.':'.$tag_name; } else { return false; } $tok = $p->next_no_whitespace(); } } if ($tok === CSSQueryTokenizer::TOK_WHITESPACE) { $tok = $p->next_no_whitespace(); } $conditions['tags'][] = array( 'tag' => $tag, 'match' => $match, 'operator' => $last_mode, 'compare' => $compare ); switch($tok) { case CSSQueryTokenizer::TOK_COMMA: $tok = $p->next_no_whitespace(); $last_mode = 'or'; continue 2; case CSSQueryTokenizer::TOK_PLUS: $tok = $p->next_no_whitespace(); $last_mode = 'and'; continue 2; case CSSQueryTokenizer::TOK_BRACE_CLOSE: $tok = $p->next(); break 2; default: $this->error('Expected closing brace or comma at pos %pos%!'); return false; } } } elseif (($tag = $this->parse_getIdentifier(false)) !== false) { $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_PIPE) { $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_ALL) { $conditions['tags'][] = array( 'tag' => $tag, 'compare' => 'namespace' ); } elseif (($tag_name = $this->parse_getIdentifier()) !== false) { $tag = $tag.':'.$tag_name; $conditions['tags'][] = array( 'tag' => $tag, 'match' => true ); } else { return false; } $tok = $p->next(); } elseif ($tag === 'text' && $tok === CSSQueryTokenizer::TOK_BRACE_OPEN) { $pos = $p->getPos(); $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_BRACE_CLOSE) { $conditions['tags'][] = array( 'tag' => '~text~', 'match' => true ); $p->next(); } else { $p->setPos($pos); } } else { $conditions['tags'][] = array( 'tag' => $tag, 'match' => true ); } } else { unset($conditions['tags']); } //Class $last_mode = 'or'; if ($tok === CSSQueryTokenizer::TOK_CLASS) { $p->next(); if (($class = $this->parse_getIdentifier()) === false) { return false; } $conditions['attributes'][] = array( 'attribute' => 'class', 'operator_value' => 'contains_word', 'value' => $class, 'operator_result' => $last_mode ); $last_mode = 'and'; $tok = $p->next(); } //ID if ($tok === CSSQueryTokenizer::TOK_ID) { $p->next(); if (($id = $this->parse_getIdentifier()) === false) { return false; } $conditions['attributes'][] = array( 'attribute' => 'id', 'operator_value' => 'equals', 'value' => $id, 'operator_result' => $last_mode ); $last_mode = 'and'; $tok = $p->next(); } //Attributes if ($tok === CSSQueryTokenizer::TOK_BRACKET_OPEN) { $tok = $p->next_no_whitespace(); while (true) { $match = true; $compare = 'total'; if ($tok === CSSQueryTokenizer::TOK_NOT) { $match = false; $tok = $p->next_no_whitespace(); } if ($tok === CSSQueryTokenizer::TOK_ALL) { $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_PIPE) { $tok = $p->next(); if (($attribute = $this->parse_getIdentifier()) === false) { return false; } $compare = 'name'; $tok = $p->next(); } else { $this->error('Expected pipe at pos %pos%!'); return false; } } elseif ($tok === CSSQueryTokenizer::TOK_PIPE) { $tok = $p->next(); if (($tag = $this->parse_getIdentifier()) === false) { return false; } $tok = $p->next_no_whitespace(); } elseif (($attribute = $this->parse_getIdentifier()) !== false) { $tok = $p->next(); if ($tok === CSSQueryTokenizer::TOK_PIPE) { $tok = $p->next(); if (($attribute_name = $this->parse_getIdentifier()) !== false) { $attribute = $attribute.':'.$attribute_name; } else { return false; } $tok = $p->next(); } } else { return false; } if ($tok === CSSQueryTokenizer::TOK_WHITESPACE) { $tok = $p->next_no_whitespace(); } $operator_value = ''; $val = ''; switch($tok) { case CSSQueryTokenizer::TOK_COMPARE_PREFIX: case CSSQueryTokenizer::TOK_COMPARE_CONTAINS: case CSSQueryTokenizer::TOK_COMPARE_CONTAINS_WORD: case CSSQueryTokenizer::TOK_COMPARE_ENDS: case CSSQueryTokenizer::TOK_COMPARE_EQUALS: case CSSQueryTokenizer::TOK_COMPARE_NOT_EQUAL: case CSSQueryTokenizer::TOK_COMPARE_REGEX: case CSSQueryTokenizer::TOK_COMPARE_STARTS: case CSSQueryTokenizer::TOK_COMPARE_BIGGER_THAN: case CSSQueryTokenizer::TOK_COMPARE_SMALLER_THAN: $operator_value = $p->getTokenString(($tok === CSSQueryTokenizer::TOK_COMPARE_EQUALS) ? 0 : -1); $p->next_no_whitespace(); if (($val = $this->parse_getIdentifier()) === false) { return false; } $tok = $p->next_no_whitespace(); break; } if ($operator_value && $val) { $conditions['attributes'][] = array( 'attribute' => $attribute, 'operator_value' => $operator_value, 'value' => $val, 'match' => $match, 'operator_result' => $last_mode, 'compare' => $compare ); } else { $conditions['attributes'][] = array( 'attribute' => $attribute, 'value' => $match, 'operator_result' => $last_mode, 'compare' => $compare ); } switch($tok) { case CSSQueryTokenizer::TOK_COMMA: $tok = $p->next_no_whitespace(); $last_mode = 'or'; continue 2; case CSSQueryTokenizer::TOK_PLUS: $tok = $p->next_no_whitespace(); $last_mode = 'and'; continue 2; case CSSQueryTokenizer::TOK_BRACKET_CLOSE: $tok = $p->next(); break 2; default: $this->error('Expected closing bracket or comma at pos %pos%!'); return false; } } } if (count($conditions['attributes']) < 1) { unset($conditions['attributes']); } while($tok === CSSQueryTokenizer::TOK_COLON) { if (count($conditions) < 1) { $conditions['tags'] = array(array( 'tag' => '', 'match' => false )); } $tok = $p->next(); if (($filter = $this->parse_getIdentifier()) === false) { return false; } if (($tok = $p->next()) === CSSQueryTokenizer::TOK_BRACE_OPEN) { $start = $p->pos; $count = 1; while ((($tok = $p->next()) !== CSSQueryTokenizer::TOK_NULL) && !(($tok === CSSQueryTokenizer::TOK_BRACE_CLOSE) && (--$count === 0))) { if ($tok === CSSQueryTokenizer::TOK_BRACE_OPEN) { ++$count; } } if ($tok !== CSSQueryTokenizer::TOK_BRACE_CLOSE) { $this->error('Expected closing brace at pos %pos%!'); return false; } $len = $p->pos - 1 - $start; $params = (($len > 0) ? substr($p->doc, $start + 1, $len) : ''); $tok = $p->next(); } else { $params = ''; } $conditions['filters'][] = array('filter' => $filter, 'params' => $params); } if (count($conditions) < 1) { $this->error('Invalid search pattern(2): No conditions found!'); return false; } $conditions_all[] = $conditions; if ($tok === CSSQueryTokenizer::TOK_WHITESPACE) { $tok = $p->next_no_whitespace(); } if ($tok === CSSQueryTokenizer::TOK_COMMA) { $tok = $p->next_no_whitespace(); continue; } else { break; } } return $conditions_all; } /* * Evaluate root node using custom callback * @param array $conditions {@link parse_conditions()} * @param bool\|int $recursive * @param bool $check_root * @return array * @access private / protected function parse_callback($conditions, $recursive = true, $check_root = false) { return ($this->result = $this->root->getChildrenByMatch( $conditions, $recursive, $check_root, $this->custom_filter_map )); } /* * Parse first bit of query, only root node has to be evaluated now * @param bool\|int $recursive * @return bool * @internal Result of query is set in {@link $result} * @access private / protected function parse_single($recursive = true) { if (($c = $this->parse_conditions()) === false) { return false; } $this->parse_callback($c, $recursive, $this->search_root); return true; } /* * Evaluate sibling nodes * @return bool * @internal Result of query is set in {@link $result} * @access private / protected function parse_adjacent() { $tmp = $this->result; $this->result = array(); if (($c = $this->parse_conditions()) === false) { return false; } foreach($tmp as $t) { if (($sibling = $t->getNextSibling()) !== false) { if ($sibling->match($c, true, $this->custom_filter_map)) { $this->result[] = $sibling; } } } return true; } /* * Evaluate {@link $result} * @param bool $parent Evaluate parent nodes * @param bool\|int $recursive * @return bool * @internal Result of query is set in {@link $result} * @access private / protected function parse_result($parent = false, $recursive = true) { $tmp = $this->result; $tmp_res = array(); if (($c = $this->parse_conditions()) === false) { return false; } foreach(array_keys($tmp) as $t) { $this->root = (($parent) ? $tmp[$t]->parent : $tmp[$t]); $this->parse_callback($c, $recursive); foreach(array_keys($this->result) as $r) { if (!in_array($this->result[$r], $tmp_res, true)) { $tmp_res[] = $this->result[$r]; } } } $this->result = $tmp_res; return true; } /* * Parse full query * @return bool * @internal Result of query is set in {@link $result} * @access private / protected function parse() { $p =& $this->parser; $p->setPos(0); $this->result = array(); if (!$this->parse_single()) { return false; } while (count($this->result) > 0) { switch($p->token) { case CSSQueryTokenizer::TOK_CHILD: $this->parser->next_no_whitespace(); if (!$this->parse_result(false, 1)) { return false; } break; case CSSQueryTokenizer::TOK_SIBLING: $this->parser->next_no_whitespace(); if (!$this->parse_result(true, 1)) { return false; } break; case CSSQueryTokenizer::TOK_PLUS: $this->parser->next_no_whitespace(); if (!$this->parse_adjacent()) { return false; } break; case CSSQueryTokenizer::TOK_ALL: case CSSQueryTokenizer::TOK_IDENTIFIER: case CSSQueryTokenizer::TOK_STRING: case CSSQueryTokenizer::TOK_BRACE_OPEN: case CSSQueryTokenizer::TOK_BRACKET_OPEN: case CSSQueryTokenizer::TOK_ID: case CSSQueryTokenizer::TOK_CLASS: case CSSQueryTokenizer::TOK_COLON: if (!$this->parse_result()) { return false; } break; case CSSQueryTokenizer::TOK_NULL: break 2; default: $this->error('Invalid search pattern(3): No result modifier found!'); return false; } } return true; } } ?> ��pquery/pQuery.php��0000644��00000016435�15104270523�0010077 0��ustar�00��<?php /* * @author Niels A.D. * @author Todd Burry <todd@vanillaforums.com> * @copyright 2010 Niels A.D., 2014 Todd Burry * @license http://opensource.org/licenses/LGPL-2.1 LGPL-2.1 * @package pQuery / use pagelayerQuery\IQuery; /* * A jQuery-like object for php. / class pagelayerQuery implements ArrayAccess, IteratorAggregate, IQuery { /// Properties /// /* * @var IQuery[] / protected $nodes = array(); /// Methods /// public function __construct($nodes = array()) { $this->nodes = $nodes; } public function addClass($classname) { foreach ($this->nodes as $node) { $node->addClass($classname); } return $this; } public function after($content) { foreach ($this->nodes as $node) { $node->after($content); } return $this; } public function append($content) { foreach ($this->nodes as $node) { $node->append($content); } return $this; } public function attr($name, $value = null) { if (empty($this->nodes) && $value === null) return ''; foreach ($this->nodes as $node) { if ($value === null) return $node->attr($name); $value = str_replace('<', '<', $value); $value = str_replace('>', '>', $value); $node->attr($name, $value); } return $this; } public function before($content) { foreach ($this->nodes as $node) { $node->before($content); } return $this; } public function clear() { foreach ($this->nodes as $node) { $node->clear(); } return $this; } /* * Get the count of matched elements. * * @return int Returns the count of matched elements. / #[\ReturnTypeWillChange] public function count() { return count($this->nodes); } /* * Format/beautify a DOM. * * @param pagelayerQuery\DomNode $dom The dom to format. * @param array $options Extra formatting options. See {@link pagelayerQuery\HtmlFormatter::$options}. * @return bool Returns `true` on sucess and `false` on failure. / // public static function format($dom, $options = array()) { // $formatter = new pagelayerQuery\HtmlFormatter($options); // return $formatter->format($dom); // } #[\ReturnTypeWillChange] public function getIterator() { return new ArrayIterator($this->nodes); } public function hasClass($classname) { foreach ($this->nodes as $node) { if ($node->hasClass($classname)) return true; } return false; } public function html($value = null) { if (empty($this->nodes) && $value === null) return ''; foreach ($this->nodes as $node) { if ($value === null) return $node->html(); $node->html($value); } return $this; } #[\ReturnTypeWillChange] public function offsetExists($offset){ return isset($this->nodes[$offset]); } #[\ReturnTypeWillChange] public function offsetGet($offset) { return isset($this->nodes[$offset]) ? $this->nodes[$offset] : null; } #[\ReturnTypeWillChange] public function offsetSet($offset, $value) { if (is_null($offset) \|\| !isset($this->nodes[$offset])) { throw new \BadMethodCallException("You are not allowed to add new nodes to the pQuery object."); } else { $this->nodes[$offset]->replaceWith($value); } } #[\ReturnTypeWillChange] public function offsetUnset($offset) { if (isset($this->nodes[$offset])) { $this->nodes[$offset]->remove(); unset($this->nodes[$offset]); } } /* * Query a file or url. * * @param string $path The path to the url. * @param resource $context A context suitable to be passed into {@link file_get_contents} * @return pagelayerQuery\DomNode Returns the root dom node for the html file. / public static function parseFile($path, $context = null) { $html_str = file_get_contents($path, false, $context); return static::parseStr($html_str); } /* * Query a string of html. * * @param string $html * @return pagelayerQuery\DomNode Returns the root dom node for the html string. / public static function parseStr($html) { $parser = new pagelayerQuery\Html5Parser($html); return $parser->root; } public function prepend($content = null) { foreach ($this->nodes as $node) { $node->prepend($content); } return $this; } public function prop($name, $value = null) { if (empty($this->nodes) && $value === null) return ''; foreach ($this->nodes as $node) { if ($value === null) return $node->prop($name); $node->prop($name, $value); } return $this; } public function remove($selector = null) { foreach ($this->nodes as $node) { $node->remove($selector); } if ($selector === null) $this->nodes = array(); return $this; } public function removeAttr($name) { foreach ($this->nodes as $node) { $node->removeAttr($name); } return $this; } public function removeClass($classname) { foreach ($this->nodes as $node) { $node->removeClass($classname); } return $this; } public function replaceWith($content) { foreach ($this->nodes as &$node) { $node = $node->replaceWith($content); } return $this; } public function tagName($value = null) { foreach ($this->nodes as $node) { if ($value === null) return $node->tagName(); $node->tagName($value); } return $this; } public function text($value = null) { if (empty($this->nodes) && $value === null) return ''; foreach ($this->nodes as $node) { if ($value === null) return $node->text(); $node->text($value); } return $this; } public function toggleClass($classname, $switch = null) { foreach ($this->nodes as $node) { $node->toggleClass($classname, $switch); } return $this; } public function unwrap() { foreach ($this->nodes as $node) { $node->unwrap(); } return $this; } public function val($value = null) { if (empty($this->nodes) && $value === null) return ''; foreach ($this->nodes as $node) { if ($value === null) return $node->val(); $node->val($value); } return $this; } public function wrap($wrapping_element) { foreach ($this->nodes as $node) { $node->wrap($wrapping_element); } return $this; } public function wrapInner($wrapping_element) { foreach ($this->nodes as $node) { $node->wrapInner($wrapping_element); } return $this; } } ��pquery/LICENSE��0000644��00000063641�15104270523�0007107 0��ustar�00�� GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. <one line to give the library's name and a brief idea of what it does.> Copyright (C) <year> <name of author> This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon>, 1 April 1990 Ty Coon, President of Vice That's all there is to it!��pquery/gan_tokenizer.php��0000644��00000037466�15104270523�0011460 0��ustar�00��<?php /* * @author Niels A.D. * @author Todd Burry <todd@vanillaforums.com> * @copyright 2010 Niels A.D., 2014 Todd Burry * @license http://opensource.org/licenses/LGPL-2.1 LGPL-2.1 * @package pQuery / namespace pagelayerQuery; /* * Converts a document into tokens * * Can convert any string into tokens. The base class only supports * identifier/whitespace tokens. For more tokens, the class can be * easily extended. * * Use like: * <code> * <?php * $a = new TokenizerBase('hello word'); * while ($a->next() !== $a::TOK_NULL) { * echo $a->token, ': ',$a->getTokenString(), "<br>\n"; * } * ?> * </code> * * @internal The tokenizer works with a character map that connects a certain * character to a certain function/token. This class is build with speed in mind. / class TokenizerBase { /* * NULL Token, used at end of document (parsing should stop after this token) / const TOK_NULL = 0; /* * Unknown token, used at unidentified character / const TOK_UNKNOWN = 1; /* * Whitespace token, used with whitespace / const TOK_WHITESPACE = 2; /* * Identifier token, used with identifiers / const TOK_IDENTIFIER = 3; /* * The document that is being tokenized * @var string * @internal Public for faster access! * @see setDoc() * @see getDoc() * @access private / var $doc = ''; /* * The size of the document (length of string) * @var int * @internal Public for faster access! * @see $doc * @access private / var $size = 0; /* * Current (character) position in the document * @var int * @internal Public for faster access! * @see setPos() * @see getPos() * @access private / var $pos = 0; /* * Current (Line/Column) position in document * @var array (Current_Line, Line_Starting_Pos) * @internal Public for faster access! * @see getLinePos() * @access private / var $line_pos = array(0, 0); /* * Current token * @var int * @internal Public for faster access! * @see getToken() * @access private / var $token = self::TOK_NULL; /* * Start position of token. If NULL, then current position is used. * @var int * @internal Public for faster access! * @see getTokenString() * @access private / var $token_start = null; /* * List with all the character that can be considered as whitespace * @var array\|string * @internal Variable is public + associated array for faster access! * @internal array(' ' => true) will recognize space (' ') as whitespace * @internal String will be converted to array in constructor * @internal Result token will be {@link self::TOK_WHITESPACE}; * @see setWhitespace() * @see getWhitespace() * @access private / var $whitespace = " \t\n\r\0\x0B"; /* * List with all the character that can be considered as identifier * @var array\|string * @internal Variable is public + associated array for faster access! * @internal array('a' => true) will recognize 'a' as identifier * @internal String will be converted to array in constructor * @internal Result token will be {@link self::TOK_IDENTIFIER}; * @see setIdentifiers() * @see getIdentifiers() * @access private / var $identifiers = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890_'; /* * All characters that should be mapped to a token/function that cannot be considered as whitespace or identifier * @var array * @internal Variable is public + associated array for faster access! * @internal array('a' => 'parse_a') will call $this->parse_a() if it matches the character 'a' * @internal array('a' => self::TOK_A) will set token to TOK_A if it matches the character 'a' * @see mapChar() * @see unmapChar() * @access private / var $custom_char_map = array(); /* * Automatically built character map. Built using {@link $identifiers}, {@link $whitespace} and {@link $custom_char_map} * @var array * @internal Public for faster access! * @access private / var $char_map = array(); /* * All errors found while parsing the document * @var array * @see addError() / var $errors = array(); /* * Class constructor * @param string $doc Document to be tokenized * @param int $pos Position to start parsing * @see setDoc() * @see setPos() / function __construct($doc = '', $pos = 0) { $this->setWhitespace($this->whitespace); $this->setIdentifiers($this->identifiers); $this->setDoc($doc, $pos); } #php4 PHP4 class constructor compatibility #function TokenizerBase($doc = '', $pos = 0) {return $this->__construct($doc, $pos);} #php4e /* * Sets target document * @param string $doc Document to be tokenized * @param int $pos Position to start parsing * @see getDoc() * @see setPos() / function setDoc($doc, $pos = 0) { $this->doc = $doc; $this->size = strlen($doc); $this->setPos($pos); } /* * Returns target document * @return string * @see setDoc() / function getDoc() { return $this->doc; } /* * Sets position in document * @param int $pos * @see getPos() / function setPos($pos = 0) { $this->pos = $pos - 1; $this->line_pos = array(0, 0); $this->next(); } /* * Returns current position in document (Index) * @return int * @see setPos() / function getPos() { return $this->pos; } /* * Returns current position in document (Line/Char) * @return array array(Line, Column) / function getLinePos() { return array($this->line_pos[0], $this->pos - $this->line_pos[1]); } /* * Returns current token * @return int * @see $token / function getToken() { return $this->token; } /* * Returns current token as string * @param int $start_offset Offset from token start * @param int $end_offset Offset from token end * @return string / function getTokenString($start_offset = 0, $end_offset = 0) { $token_start = ((is_int($this->token_start)) ? $this->token_start : $this->pos) + $start_offset; $len = $this->pos - $token_start + 1 + $end_offset; return (($len > 0) ? substr($this->doc, $token_start, $len) : ''); } /* * Sets characters to be recognized as whitespace * * Used like: setWhitespace('ab') or setWhitespace(array('a' => true, 'b', 'c')); * @param string\|array $ws * @see getWhitespace(); / function setWhitespace($ws) { if (is_array($ws)) { $this->whitespace = array_fill_keys(array_values($ws), true); $this->buildCharMap(); } else { $this->setWhiteSpace(str_split($ws)); } } /* * Returns whitespace characters as string/array * @param bool $as_string Should the result be a string or an array? * @return string\|array * @see setWhitespace() / function getWhitespace($as_string = true) { $ws = array_keys($this->whitespace); return (($as_string) ? implode('', $ws) : $ws); } /* * Sets characters to be recognized as identifier * * Used like: setIdentifiers('ab') or setIdentifiers(array('a' => true, 'b', 'c')); * @param string\|array $ident * @see getIdentifiers(); / function setIdentifiers($ident) { if (is_array($ident)) { $this->identifiers = array_fill_keys(array_values($ident), true); $this->buildCharMap(); } else { $this->setIdentifiers(str_split($ident)); } } /* * Returns identifier characters as string/array * @param bool $as_string Should the result be a string or an array? * @return string\|array * @see setIdentifiers() / function getIdentifiers($as_string = true) { $ident = array_keys($this->identifiers); return (($as_string) ? implode('', $ident) : $ident); } /* * Maps a custom character to a token/function * * Used like: mapChar('a', self::{@link TOK_IDENTIFIER}) or mapChar('a', 'parse_identifier'); * @param string $char Character that should be mapped. If set, it will be overridden * @param int\|string $map If function name, then $this->function will be called, otherwise token is set to $map * @see unmapChar() / function mapChar($char, $map) { $this->custom_char_map[$char] = $map; $this->buildCharMap(); } /* * Removes a char mapped with {@link mapChar()} * @param string $char Character that should be unmapped * @see mapChar() / function unmapChar($char) { unset($this->custom_char_map[$char]); $this->buildCharMap(); } /* * Builds the {@link $map_char} array * @internal Builds single array that maps all characters. Gets called if {@link $whitespace}, {@link $identifiers} or {@link $custom_char_map} get modified / protected function buildCharMap() { $this->char_map = $this->custom_char_map; if (is_array($this->whitespace)) { foreach($this->whitespace as $w => $v) { $this->char_map[$w] = 'parse_whitespace'; } } if (is_array($this->identifiers)) { foreach($this->identifiers as $i => $v) { $this->char_map[$i] = 'parse_identifier'; } } } /* * Add error to the array and appends current position * @param string $error / function addError($error) { $this->errors[] = htmlentities($error.' at '.($this->line_pos[0] + 1).', '.($this->pos - $this->line_pos[1] + 1).'!'); } /* * Parse line breaks and increase line number * @internal Gets called to process line breaks / protected function parse_linebreak() { if($this->doc[$this->pos] === "\r") { ++$this->line_pos[0]; if ((($this->pos + 1) < $this->size) && ($this->doc[$this->pos + 1] === "\n")) { ++$this->pos; } $this->line_pos[1] = $this->pos; } elseif($this->doc[$this->pos] === "\n") { ++$this->line_pos[0]; $this->line_pos[1] = $this->pos; } } /* * Parse whitespace * @return int Token * @internal Gets called with {@link $whitespace} characters / protected function parse_whitespace() { $this->token_start = $this->pos; while(++$this->pos < $this->size) { if (!isset($this->whitespace[$this->doc[$this->pos]])) { break; } else { $this->parse_linebreak(); } } --$this->pos; return self::TOK_WHITESPACE; } /* * Parse identifiers * @return int Token * @internal Gets called with {@link $identifiers} characters / protected function parse_identifier() { $this->token_start = $this->pos; while((++$this->pos < $this->size) && isset($this->identifiers[$this->doc[$this->pos]])) {} --$this->pos; return self::TOK_IDENTIFIER; } /* * Continues to the next token * @return int Next token ({@link TOK_NULL} if none) / function next() { $this->token_start = null; if (++$this->pos < $this->size) { if (isset($this->char_map[$this->doc[$this->pos]])) { if (is_string($this->char_map[$this->doc[$this->pos]])) { return ($this->token = $this->{$this->char_map[$this->doc[$this->pos]]}()); } else { return ($this->token = $this->char_map[$this->doc[$this->pos]]); } } else { return ($this->token = self::TOK_UNKNOWN); } } else { return ($this->token = self::TOK_NULL); } } /* * Finds the next token, but skips whitespace * @return int Next token ({@link TOK_NULL} if none) / function next_no_whitespace() { $this->token_start = null; while (++$this->pos < $this->size) { if (!isset($this->whitespace[$this->doc[$this->pos]])) { if (isset($this->char_map[$this->doc[$this->pos]])) { if (is_string($this->char_map[$this->doc[$this->pos]])) { return ($this->token = $this->{$this->char_map[$this->doc[$this->pos]]}()); } else { return ($this->token = $this->char_map[$this->doc[$this->pos]]); } } else { return ($this->token = self::TOK_UNKNOWN); } } else { $this->parse_linebreak(); } } return ($this->token = self::TOK_NULL); } /* * Finds the next token using stop characters. * * Used like: next_search('abc') or next_search(array('a' => true, 'b' => true, 'c' => true)); * @param string\|array $characters Characters to search for * @param bool $callback Should the function check the charmap after finding a character? * @return int Next token ({@link TOK_NULL} if none) / function next_search($characters, $callback = true) { $this->token_start = $this->pos; if (!is_array($characters)) { $characters = array_fill_keys(str_split($characters), true); } while(++$this->pos < $this->size) { if (isset($characters[$this->doc[$this->pos]])) { if ($callback && isset($this->char_map[$this->doc[$this->pos]])) { if (is_string($this->char_map[$this->doc[$this->pos]])) { return ($this->token = $this->{$this->char_map[$this->doc[$this->pos]]}()); } else { return ($this->token = $this->char_map[$this->doc[$this->pos]]); } } else { return ($this->token = self::TOK_UNKNOWN); } } else { $this->parse_linebreak(); } } return ($this->token = self::TOK_NULL); } /* * Finds the next token by searching for a string * @param string $needle The needle that's being searched for * @param bool $callback Should the function check the charmap after finding the needle? * @return int Next token ({@link TOK_NULL} if none) / function next_pos($needle, $callback = true) { $this->token_start = $this->pos; if (($this->pos < $this->size) && (($p = stripos($this->doc, $needle, $this->pos + 1)) !== false)) { $len = $p - $this->pos - 1; if ($len > 0) { $str = substr($this->doc, $this->pos + 1, $len); if (($l = strrpos($str, "\n")) !== false) { ++$this->line_pos[0]; $this->line_pos[1] = $l + $this->pos + 1; $len -= $l; if ($len > 0) { $str = substr($str, 0, -$len); $this->line_pos[0] += substr_count($str, "\n"); } } } $this->pos = $p; if ($callback && isset($this->char_map[$this->doc[$this->pos]])) { if (is_string($this->char_map[$this->doc[$this->pos]])) { return ($this->token = $this->{$this->char_map[$this->doc[$this->pos]]}()); } else { return ($this->token = $this->char_map[$this->doc[$this->pos]]); } } else { return ($this->token = self::TOK_UNKNOWN); } } else { $this->pos = $this->size; return ($this->token = self::TOK_NULL); } } /* * Expect a specific token or character. Adds error if token doesn't match. * @param string\|int $token Character or token to expect * @param bool\|int $do_next Go to next character before evaluating. 1 for next char, true to ignore whitespace * @param bool\|int $try_next Try next character if current doesn't match. 1 for next char, true to ignore whitespace * @param bool\|int $next_on_match Go to next character after evaluating. 1 for next char, true to ignore whitespace * @return bool / protected function expect($token, $do_next = true, $try_next = false, $next_on_match = 1) { if ($do_next) { if ($do_next === 1) { $this->next(); } else { $this->next_no_whitespace(); } } if (is_int($token)) { if (($this->token !== $token) && ((!$try_next) \|\| ((($try_next === 1) && ($this->next() !== $token)) \|\| (($try_next === true) && ($this->next_no_whitespace() !== $token))))) { $this->addError('Unexpected "'.$this->getTokenString().'"'); return false; } } else { if (($this->doc[$this->pos] !== $token) && ((!$try_next) \|\| (((($try_next === 1) && ($this->next() !== self::TOK_NULL)) \|\| (($try_next === true) && ($this->next_no_whitespace() !== self::TOK_NULL))) && ($this->doc[$this->pos] !== $token)))) { $this->addError('Expected "'.$token.'", but found "'.$this->getTokenString().'"'); return false; } } if ($next_on_match) { if ($next_on_match === 1) { $this->next(); } else { $this->next_no_whitespace(); } } return true; } } ?>��pquery/gan_formatter.php��0000644��00000032273�15104270523�0011440 0��ustar�00��<?php /* * @author Niels A.D. * @author Todd Burry <todd@vanillaforums.com> * @copyright 2010 Niels A.D., 2014 Todd Burry * @license http://opensource.org/licenses/LGPL-2.1 LGPL-2.1 * @package pQuery / namespace pagelayerQuery; /* * Indents text * @param string $text * @param int $indent * @param string $indent_string * @return string / function indent_text($text, $indent, $indent_string = ' ') { if ($indent && $indent_string) { return str_replace("\n", "\n".str_repeat($indent_string, $indent), $text); } else { return $text; } } /* * Class used to format/minify HTML nodes * * Used like: * <code> * <?php * $formatter = new HtmlFormatter(); * $formatter->format($root); * ?> * </code> / class HtmlFormatter { /* * Determines which elements start on a new line and which function as block * @var array('element' => array('new_line' => true, 'as_block' => true, 'format_inside' => true)) / var $block_elements = array( 'p' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'h1' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'h2' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'h3' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'h4' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'h5' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'h6' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'form' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'fieldset' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'legend' => array('new_line' => true, 'as_block' => false, 'format_inside' => true), 'dl' => array('new_line' => true, 'as_block' => false, 'format_inside' => true), 'dt' => array('new_line' => true, 'as_block' => false, 'format_inside' => true), 'dd' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'ol' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'ul' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'li' => array('new_line' => true, 'as_block' => false, 'format_inside' => true), 'table' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'tr' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'dir' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'menu' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'address' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'blockquote' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'center' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'del' => array('new_line' => true, 'as_block' => false, 'format_inside' => true), //'div' => array('new_line' => false, 'as_block' => true, 'format_inside' => true), 'hr' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'ins' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'noscript' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'pre' => array('new_line' => true, 'as_block' => true, 'format_inside' => false), 'script' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'style' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'html' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'head' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'body' => array('new_line' => true, 'as_block' => true, 'format_inside' => true), 'title' => array('new_line' => true, 'as_block' => false, 'format_inside' => false) ); /* * Determines which characters are considered whitespace * @var array("\t" => true) True to recognize as new line / var $whitespace = array( ' ' => false, "\t" => false, "\x0B" => false, "\0" => false, "\n" => true, "\r" => true ); /* * String that is used to generate correct indenting * @var string / var $indent_string = ' '; /* * String that is used to break lines * @var string / var $linebreak_string = "\n"; /* * Other formatting options * @var array / public $options = array( 'img_alt' => '', 'self_close_str' => null, 'attribute_shorttag' => false, 'sort_attributes' => false, 'attributes_case' => CASE_LOWER, 'minify_script' => true ); /* * Errors found during formatting * @var array / var $errors = array(); /* * Class constructor * @param array $options {@link $options} / function __construct($options = array()) { $this->options = array_merge($this->options, $options); if (isset($options['indent_str'])) $this->indent_string = $options['indent_str']; if (isset($options['linebreak_str'])) $this->linebreak_string = $options['linebreak_str']; } #php4 PHP4 class constructor compatibility #function HtmlFormatter($options = array()) {return $this->__construct($options);} #php4e /* * Class magic invoke method, performs {@link format()} * @access private / function __invoke(&$node) { return $this->format($node); } /* * Minifies HTML / removes unneeded whitespace * @param DomNode $root * @param bool $strip_comments * @param bool $recursive / static function minify_html(&$root, $strip_comments = true, $recursive = true) { if ($strip_comments) { foreach($root->select(':comment', false, $recursive, true) as $c) { $prev = $c->getSibling(-1); $next = $c->getSibling(1); $c->delete(); if ($prev && $next && ($prev->isText()) && ($next->isText())) { $prev->text .= $next->text; $next->delete(); } } } foreach($root->select('(!pre + !xmp + !style + !script + !"?php" + !"~text~" + !"~comment~"):not-empty > "~text~"', false, $recursive, true) as $c) { $c->text = preg_replace('`\s+`', ' ', $c->text); } } /* * Minifies javascript using JSMin+ * @param DomNode $root * @param string $indent_string * @param bool $wrap_comment Wrap javascript in HTML comments (<!-- ~text~ //-->) * @param bool $recursive * @return bool\|array Array of errors on failure, true on succes / static function minify_javascript(&$root, $indent_string = ' ', $wrap_comment = true, $recursive = true) { #php4 JSMin+ doesn't support PHP4 #return true; #php4e #php5 include_once('third party/jsminplus.php'); $errors = array(); foreach($root->select('script:not-empty > "~text~"', false, $recursive, true) as $c) { try { $text = $c->text; while ($text) { $text = trim($text); //Remove comment/CDATA tags at begin and end if (substr($text, 0, 4) === '<!--') { $text = substr($text, 5); continue; } elseif (strtolower(substr($text, 0, 9)) === '<![cdata[') { $text = substr($text, 10); continue; } if (($end = substr($text, -3)) && (($end === '-->') \|\| ($end === ']]>'))) { $text = substr($text, 0, -3); continue; } break; } if (trim($text)) { $text = \JSMinPlus::minify($text); if ($wrap_comment) { $text = "<!--\n".$text."\n//-->"; } if ($indent_string && ($wrap_comment \|\| (strpos($text, "\n") !== false))) { $text = indent_text("\n".$text, $c->indent(), $indent_string); } } $c->text = $text; } catch (\Exception $e) { $errors[] = array($e, $c->parent->dumpLocation()); } } return (($errors) ? $errors : true); #php5e } /* * Formats HTML * @param DomNode $root * @param bool $recursive * @access private / function format_html(&$root, $recursive = null) { if ($recursive === null) { $recursive = true; self::minify_html($root); } elseif (is_int($recursive)) { $recursive = (($recursive > 1) ? $recursive - 1 : false); } $root_tag = strtolower($root->tag); $in_block = isset($this->block_elements[$root_tag]) && $this->block_elements[$root_tag]['as_block']; $child_count = count($root->children); if (isset($this->options['attributes_case']) && $this->options['attributes_case']) { $root->attributes = array_change_key_case($root->attributes, $this->options['attributes_case']); $root->attributes_ns = null; } if (isset($this->options['sort_attributes']) && $this->options['sort_attributes']) { if ($this->options['sort_attributes'] === 'reverse') { krsort($root->attributes); } else { ksort($root->attributes); } } if ($root->select(':element', true, false, true)) { $root->setTag(strtolower($root->tag), true); if (($this->options['img_alt'] !== null) && ($root_tag === 'img') && (!isset($root->alt))) { $root->setAttribute('alt', $this->options['img_alt']); } } if ($this->options['self_close_str'] !== null) { $root->self_close_str = $this->options['self_close_str']; } if ($this->options['attribute_shorttag'] !== null) { $root->attribute_shorttag = $this->options['attribute_shorttag']; } $prev = null; $n_tag = ''; // $prev_tag = ''; $as_block = false; $prev_asblock = false; for($i = 0; $i < $child_count; $i++) { $n =& $root->children[$i]; $indent = $n->indent(); if (!$n->isText()) { $n_tag = strtolower($n->tag); $new_line = isset($this->block_elements[$n_tag]) && $this->block_elements[$n_tag]['new_line']; $as_block = isset($this->block_elements[$n_tag]) && $this->block_elements[$n_tag]['as_block']; $format_inside = ((!isset($this->block_elements[$n_tag])) \|\| $this->block_elements[$n_tag]['format_inside']); if ($prev && ($prev->isText()) && $prev->text && ($char = $prev->text[strlen($prev->text) - 1]) && isset($this->whitespace[$char])) { if ($this->whitespace[$char]) { $prev->text .= str_repeat($this->indent_string, $indent); } else { $prev->text = substr_replace($prev->text, $this->linebreak_string.str_repeat($this->indent_string, $indent), -1, 1); } } elseif (($new_line \|\| $prev_asblock \|\| ($in_block && ($i === 0)))){ if ($prev && ($prev->isText())) { $prev->text .= $this->linebreak_string.str_repeat($this->indent_string, $indent); } else { $root->addText($this->linebreak_string.str_repeat($this->indent_string, $indent), $i); ++$child_count; } } if ($format_inside && count($n->children)) { //$last = end($n->children); $last = $n->children[count($n->children) - 1]; $last_tag = ($last) ? strtolower($last->tag) : ''; $last_asblock = ($last_tag && isset($this->block_elements[$last_tag]) && $this->block_elements[$last_tag]['as_block']); if (($n->childCount(true) > 0) \|\| (trim($n->getPlainText()))) { if ($last && ($last->isText()) && $last->text && ($char = $last->text[strlen($last->text) - 1]) && isset($this->whitespace[$char])) { if ($as_block \|\| ($last->index() > 0) \|\| isset($this->whitespace[$last->text[0]])) { if ($this->whitespace[$char]) { $last->text .= str_repeat($this->indent_string, $indent); } else { $last->text = substr_replace($last->text, $this->linebreak_string.str_repeat($this->indent_string, $indent), -1, 1); } } } elseif (($as_block \|\| $last_asblock \|\| ($in_block && ($i === 0))) && $last) { if ($last && ($last->isText())) { $last->text .= $this->linebreak_string.str_repeat($this->indent_string, $indent); } else { $n->addText($this->linebreak_string.str_repeat($this->indent_string, $indent)); } } } elseif (!trim($n->getInnerText())) { $n->clear(); } if ($recursive) { $this->format_html($n, $recursive); } } } elseif (trim($n->text) && ((($i - 1 < $child_count) && ($char = $n->text[0]) && isset($this->whitespace[$char])) \|\| ($in_block && ($i === 0)))) { if (isset($this->whitespace[$char])) { if ($this->whitespace[$char]) { $n->text = str_repeat($this->indent_string, $indent).$n->text; } else { $n->text = substr_replace($n->text, $this->linebreak_string.str_repeat($this->indent_string, $indent), 0, 1); } } else { $n->text = $this->linebreak_string.str_repeat($this->indent_string, $indent).$n->text; } } $prev = $n; // $prev_tag = $n_tag; $prev_asblock = $as_block; } return true; } /* * Formats HTML/Javascript * @param DomNode $root * @see format_html() / function format(&$node) { $this->errors = array(); if ($this->options['minify_script']) { $a = self::minify_javascript($node, $this->indent_string, true, true); if (is_array($a)) { foreach($a as $error) { $this->errors[] = $error[0]->getMessage().' >>> '.$error[1]; } } } return $this->format_html($node); } } ?>��pquery/README.md��0000644��00000003746�15104270523�0007361 0��ustar�00��# pQuery [![Build Status](https://img.shields.io/travis/tburry/pquery.svg?style=flat)](https://travis-ci.org/tburry/pquery) [![Coverage](https://img.shields.io/scrutinizer/coverage/g/tburry/pquery.svg?style=flat)](https://scrutinizer-ci.com/g/tburry/pquery/) [![Latest Stable Version](http://img.shields.io/packagist/v/tburry/pquery.svg?style=flat)](https://packagist.org/packages/tburry/pquery) pQuery is a jQuery like html dom parser written in php. It is a fork of the [ganon dom parser](https://code.google.com/p/ganon/). ## Basic usage To get started using pQuery do the following. 1. Require the pQuery library into your project using [composer](http://getcomposer.org/doc/01-basic-usage.md#the-require-key). 2. Parse a snippet of html using `pQuery::parseStr()` or `pQuery::parseFile()` to return a document object model (DOM). 3. Run jQuery like functions on the DOM. ## Example The following example parses an html string and does some manipulation on it. ```php $html = '<div class="container"> <div class="inner verb">Hello</div> <div class="inner adj">Cruel</div> <div class="inner obj">World</div> </div>'; $dom = pQuery::parseStr($html); $dom->query('.inner') ->tagName('span'); $dom->query('.adj') ->html('Beautiful') ->tagName('i'); echo $dom->html(); ``` ## Differences between pQuery and ganon pQuery is a fork of the [ganon php processor](https://code.google.com/p/ganon/). Most of the functionality is identical to ganon with the following exceptions. pQuery is a composer package. * pQuery renames ganon's classes and puts them into a namespace. * pQuery is used only with objects rather than functions so that it can be autoloaded. * pQuery Adds the `IQuery` interface and the `pQuery` object that define the jQuery-like interface for querying the dom. * pQuery implements more of jQuery's methods. See the `IQuery` interface for a list of methods. * pQuery supports adding tags to the dom using the `<div class="something"></div>` notation rather than just `div`. ��pquery/gan_parser_html.php��0000644��00000061014�15104270523�0011750 0��ustar�00��<?php /** * @author Niels A.D. * @author Todd Burry <todd@vanillaforums.com> * @copyright 2010 Niels A.D., 2014 Todd Burry * @license http://opensource.org/licenses/LGPL-2.1 LGPL-2.1 * @package pQuery / namespace pagelayerQuery; /* * Parses a HTML document * * Functionality can be extended by overriding functions or adjusting the tag map. * Document may contain small errors, the parser will try to recover and resume parsing. / class HtmlParserBase extends TokenizerBase { /* * Tag open token, used for "<" / const TOK_TAG_OPEN = 100; /* * Tag close token, used for ">" / const TOK_TAG_CLOSE = 101; /* * Forward slash token, used for "/" / const TOK_SLASH_FORWARD = 103; /* * Backslash token, used for "\" / const TOK_SLASH_BACKWARD = 104; /* * String token, used for attribute values (" and ') / const TOK_STRING = 104; /* * Equals token, used for "=" / const TOK_EQUALS = 105; /* * Sets HTML identifiers, tags/attributes are considered identifiers * @see TokenizerBase::$identifiers * @access private / var $identifiers = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890:-_!?%'; /* * Status of the parser (tagname, closing tag, etc) * @var array / var $status = array(); /* * Map characters to match their tokens * @see TokenizerBase::$custom_char_map * @access private / var $custom_char_map = array( '<' => self::TOK_TAG_OPEN, '>' => self::TOK_TAG_CLOSE, "'" => 'parse_string', '"' => 'parse_string', '/' => self::TOK_SLASH_FORWARD, '\\' => self::TOK_SLASH_BACKWARD, '=' => self::TOK_EQUALS ); function __construct($doc = '', $pos = 0) { parent::__construct($doc, $pos); $this->parse_all(); } #php4 PHP4 class constructor compatibility #function HtmlParserBase($doc = '', $pos = 0) {return $this->__construct($doc, $pos);} #php4e /* Callback functions for certain tags @var array (TAG_NAME => FUNCTION_NAME) @internal Function should be a method in the class @internal Tagname should be lowercase and is everything after <, e.g. "?php" or "!doctype" @access private / var $tag_map = array( '!doctype' => 'parse_doctype', '?' => 'parse_php', '?php' => 'parse_php', '%' => 'parse_asp', 'style' => 'parse_style', 'script' => 'parse_script' ); /* * Parse a HTML string (attributes) * @internal Gets called with ' and " * @return int / protected function parse_string() { if ($this->next_pos($this->doc[$this->pos], false) !== self::TOK_UNKNOWN) { --$this->pos; } return self::TOK_STRING; } /* * Parse text between tags * @internal Gets called between tags, uses {@link $status}[last_pos] * @internal Stores text in {@link $status}[text] / function parse_text() { $len = $this->pos - 1 - $this->status['last_pos']; $this->status['text'] = (($len > 0) ? substr($this->doc, $this->status['last_pos'] + 1, $len) : ''); } /* * Parse comment tags * @internal Gets called with HTML comments ("<!--") * @internal Stores text in {@link $status}[comment] * @return bool / function parse_comment() { $this->pos += 3; if ($this->next_pos('-->', false) !== self::TOK_UNKNOWN) { $this->status['comment'] = $this->getTokenString(1, -1); --$this->pos; } else { $this->status['comment'] = $this->getTokenString(1, -1); $this->pos += 2; } $this->status['last_pos'] = $this->pos; return true; } /* * Parse doctype tag * @internal Gets called with doctype ("<!doctype") * @internal Stores text in {@link $status}[dtd] * @return bool / function parse_doctype() { $start = $this->pos; if ($this->next_search('[>', false) === self::TOK_UNKNOWN) { if ($this->doc[$this->pos] === '[') { if (($this->next_pos(']', false) !== self::TOK_UNKNOWN) \|\| ($this->next_pos('>', false) !== self::TOK_UNKNOWN)) { $this->addError('Invalid doctype'); return false; } } $this->token_start = $start; $this->status['dtd'] = $this->getTokenString(2, -1); $this->status['last_pos'] = $this->pos; return true; } else { $this->addError('Invalid doctype'); return false; } } /* * Parse cdata tag * @internal Gets called with cdata ("<![cdata") * @internal Stores text in {@link $status}[cdata] * @return bool / function parse_cdata() { if ($this->next_pos(']]>', false) === self::TOK_UNKNOWN) { $this->status['cdata'] = $this->getTokenString(9, -1); $this->status['last_pos'] = $this->pos + 2; return true; } else { $this->addError('Invalid cdata tag'); return false; } } /* * Parse php tags * @internal Gets called with php tags ("<?php") * @return bool / function parse_php() { $start = $this->pos; if ($this->next_pos('?>', false) !== self::TOK_UNKNOWN) { $this->pos -= 2; //End of file } $len = $this->pos - 1 - $start; $this->status['text'] = (($len > 0) ? substr($this->doc, $start + 1, $len) : ''); $this->status['last_pos'] = ++$this->pos; return true; } /* * Parse asp tags * @internal Gets called with asp tags ("<%") * @return bool / function parse_asp() { $start = $this->pos; if ($this->next_pos('%>', false) !== self::TOK_UNKNOWN) { $this->pos -= 2; //End of file } $len = $this->pos - 1 - $start; $this->status['text'] = (($len > 0) ? substr($this->doc, $start + 1, $len) : ''); $this->status['last_pos'] = ++$this->pos; return true; } /* * Parse style tags * @internal Gets called with php tags ("<style>") * @return bool / function parse_style() { if ($this->parse_attributes() && ($this->token === self::TOK_TAG_CLOSE) && ($start = $this->pos) && ($this->next_pos('</style>', false) === self::TOK_UNKNOWN)) { $len = $this->pos - 1 - $start; $this->status['text'] = (($len > 0) ? substr($this->doc, $start + 1, $len) : ''); $this->pos += 7; $this->status['last_pos'] = $this->pos; return true; } else { $this->addError('No end for style tag found'); return false; } } /* * Parse script tags * @internal Gets called with php tags ("<script>") * @return bool / function parse_script() { if ($this->parse_attributes() && ($this->token === self::TOK_TAG_CLOSE) && ($start = $this->pos) && ($this->next_pos('</script>', false) === self::TOK_UNKNOWN)) { $len = $this->pos - 1 - $start; $this->status['text'] = (($len > 0) ? substr($this->doc, $start + 1, $len) : ''); $this->pos += 8; $this->status['last_pos'] = $this->pos; return true; } else { $this->addError('No end for script tag found'); return false; } } /* * Parse conditional tags (+ all conditional tags inside) * @internal Gets called with IE conditionals ("<![if]" and "<!--[if]") * @internal Stores condition in {@link $status}[tag_condition] * @return bool / function parse_conditional() { if ($this->status['closing_tag']) { $this->pos += 8; } else { $this->pos += (($this->status['comment']) ? 5 : 3); if ($this->next_pos(']', false) !== self::TOK_UNKNOWN) { $this->addError('"]" not found in conditional tag'); return false; } $this->status['tag_condition'] = $this->getTokenString(0, -1); } if ($this->next_no_whitespace() !== self::TOK_TAG_CLOSE) { $this->addError('No ">" tag found 2 for conditional tag'); return false; } if ($this->status['comment']) { $this->status['last_pos'] = $this->pos; if ($this->next_pos('-->', false) !== self::TOK_UNKNOWN) { $this->addError('No ending tag found for conditional tag'); $this->pos = $this->size - 1; $len = $this->pos - 1 - $this->status['last_pos']; $this->status['text'] = (($len > 0) ? substr($this->doc, $this->status['last_pos'] + 1, $len) : ''); } else { $len = $this->pos - 10 - $this->status['last_pos']; $this->status['text'] = (($len > 0) ? substr($this->doc, $this->status['last_pos'] + 1, $len) : ''); $this->pos += 2; } } $this->status['last_pos'] = $this->pos; return true; } /* * Parse attributes (names + value) * @internal Stores attributes in {@link $status}[attributes] (array(ATTR => VAL)) * @return bool / function parse_attributes() { $this->status['attributes'] = array(); while ($this->next_no_whitespace() === self::TOK_IDENTIFIER) { $attr = $this->getTokenString(); if (($attr === '?') \|\| ($attr === '%')) { //Probably closing tags break; } if ($this->next_no_whitespace() === self::TOK_EQUALS) { if ($this->next_no_whitespace() === self::TOK_STRING) { $val = $this->getTokenString(1, -1); } else { $this->token_start = $this->pos; if (!isset($stop)) { $stop = $this->whitespace; $stop['<'] = true; $stop['>'] = true; } while ((++$this->pos < $this->size) && (!isset($stop[$this->doc[$this->pos]]))) { // Do nothing. } --$this->pos; $val = $this->getTokenString(); if (trim($val) === '') { $this->addError('Invalid attribute value'); return false; } } } else { $val = $attr; $this->pos = (($this->token_start) ? $this->token_start : $this->pos) - 1; } $this->status['attributes'][$attr] = $val; } return true; } /* * Default callback for tags * @internal Gets called after the tagname (<htmlENTERS_HERE attribute="value">) * @return bool / function parse_tag_default() { if ($this->status['closing_tag']) { $this->status['attributes'] = array(); $this->next_no_whitespace(); } else { if (!$this->parse_attributes()) { return false; } } if ($this->token !== self::TOK_TAG_CLOSE) { if ($this->token === self::TOK_SLASH_FORWARD) { $this->status['self_close'] = true; $this->next(); } elseif ((($this->status['tag_name'][0] === '?') && ($this->doc[$this->pos] === '?')) \|\| (($this->status['tag_name'][0] === '%') && ($this->doc[$this->pos] === '%'))) { $this->status['self_close'] = true; $this->pos++; if (isset($this->char_map[$this->doc[$this->pos]]) && (!is_string($this->char_map[$this->doc[$this->pos]]))) { $this->token = $this->char_map[$this->doc[$this->pos]]; } else { $this->token = self::TOK_UNKNOWN; } }/ else { $this->status['self_close'] = false; }/ } if ($this->token !== self::TOK_TAG_CLOSE) { $this->addError('Expected ">", but found "'.$this->getTokenString().'"'); if ($this->next_pos('>', false) !== self::TOK_UNKNOWN) { $this->addError('No ">" tag found for "'.$this->status['tag_name'].'" tag'); return false; } } return true; } /* * Parse tag * @internal Gets called after opening tag (<ENTERS_HEREhtml attribute="value">) * @internal Stores information about the tag in {@link $status} (comment, closing_tag, tag_name) * @return bool / function parse_tag() { $start = $this->pos; $this->status['self_close'] = false; $this->parse_text(); $next = (($this->pos + 1) < $this->size) ? $this->doc[$this->pos + 1] : ''; if ($next === '!') { $this->status['closing_tag'] = false; if (substr($this->doc, $this->pos + 2, 2) === '--') { $this->status['comment'] = true; if (($this->doc[$this->pos + 4] === '[') && (strcasecmp(substr($this->doc, $this->pos + 5, 2), 'if') === 0)) { return $this->parse_comment(); } else { return $this->parse_comment(); } } else { $this->status['comment'] = false; if ($this->doc[$this->pos + 2] === '[') { if (strcasecmp(substr($this->doc, $this->pos + 3, 2), 'if') === 0) { return $this->parse_conditional(); } elseif (strcasecmp(substr($this->doc, $this->pos + 3, 5), 'endif') === 0) { $this->status['closing_tag'] = true; return $this->parse_conditional(); } elseif (strcasecmp(substr($this->doc, $this->pos + 3, 5), 'cdata') === 0) { return $this->parse_cdata(); } } } } elseif ($next === '/') { $this->status['closing_tag'] = true; ++$this->pos; } else { $this->status['closing_tag'] = false; } if ($this->next() !== self::TOK_IDENTIFIER) { $this->addError('Tagname expected'); //if ($this->next_pos('>', false) === self::TOK_UNKNOWN) { $this->status['last_pos'] = $start - 1; return true; //} else { // return false; //} } $tag = $this->getTokenString(); $this->status['tag_name'] = $tag; $tag = strtolower($tag); if (isset($this->tag_map[$tag])) { $res = $this->{$this->tag_map[$tag]}(); } else { $res = $this->parse_tag_default(); } $this->status['last_pos'] = $this->pos; return $res; } /* * Parse full document * @return bool / function parse_all() { $this->errors = array(); $this->status['last_pos'] = -1; if (($this->token === self::TOK_TAG_OPEN) \|\| ($this->next_pos('<', false) === self::TOK_UNKNOWN)) { do { if (!$this->parse_tag()) { return false; } } while ($this->next_pos('<') !== self::TOK_NULL); } $this->pos = $this->size; $this->parse_text(); return true; } } /* * Parses a HTML document into a HTML DOM / class HtmlParser extends HtmlParserBase { /* * Root object * @internal If string, then it will create a new instance as root * @var DomNode / var $root = 'pagelayerQuery\\DomNode'; /* * Current parsing hierarchy * @internal Root is always at index 0, current tag is at the end of the array * @var array * @access private / var $hierarchy = array(); /* * Tags that don't need closing tags * @var array * @access private / var $tags_selfclose = array( 'area' => true, 'base' => true, 'basefont' => true, 'br' => true, 'col' => true, 'command' => true, 'embed' => true, 'frame' => true, 'hr' => true, 'img' => true, 'input' => true, 'ins' => true, 'keygen' => true, 'link' => true, 'meta' => true, 'param' => true, 'source' => true, 'track' => true, 'wbr' => true ); /* * Class constructor * @param string $doc Document to be tokenized * @param int $pos Position to start parsing * @param DomNode $root Root node, null to auto create / function __construct($doc = '', $pos = 0, $root = null) { if ($root === null) { $root = new $this->root('~root~', null); } $this->root =& $root; parent::__construct($doc, $pos); } #php4 PHP4 class constructor compatibility #function HtmlParser($doc = '', $pos = 0, $root = null) {return $this->__construct($doc, $pos, $root);} #php4e /* * Class magic invoke method, performs {@link select()} * @return array * @access private / function __invoke($query = '') { return $this->select($query); } /** * Class magic toString method, performs {@link DomNode::toString()} * @return string * @access private / function __toString() { return $this->root->getInnerText(); } /* * Performs a css select query on the root node * @see DomNode::select() * @return array / function select($query = '', $index = false, $recursive = true, $check_self = false) { return $this->root->select($query, $index, $recursive, $check_self); } /** * Updates the current hierarchy status and checks for * correct opening/closing of tags * @param bool $self_close Is current tag self closing? Null to use {@link tags_selfclose} * @internal This is were most of the nodes get added * @access private / protected function parse_hierarchy($self_close = null) { if ($self_close === null) { $this->status['self_close'] = ($self_close = isset($this->tags_selfclose[strtolower($this->status['tag_name'])])); } if ($self_close) { if ($this->status['closing_tag']) { //$c = end($this->hierarchy)->children $c = $this->hierarchy[count($this->hierarchy) - 1]->children; $found = false; for ($count = count($c), $i = $count - 1; $i >= 0; $i--) { if (strcasecmp($c[$i]->tag, $this->status['tag_name']) === 0) { for($ii = $i + 1; $ii < $count; $ii++) { $index = null; //Needs to be passed by ref $c[$i + 1]->changeParent($c[$i], $index); } $c[$i]->self_close = false; $found = true; break; } } if (!$found) { $this->addError('Closing tag "'.$this->status['tag_name'].'" which is not open'); } } elseif ($this->status['tag_name'][0] === '?') { //end($this->hierarchy)->addXML($this->status['tag_name'], '', $this->status['attributes']); $index = null; //Needs to be passed by ref $this->hierarchy[count($this->hierarchy) - 1]->addXML($this->status['tag_name'], '', $this->status['attributes'], $index); } elseif ($this->status['tag_name'][0] === '%') { //end($this->hierarchy)->addASP($this->status['tag_name'], '', $this->status['attributes']); $index = null; //Needs to be passed by ref $this->hierarchy[count($this->hierarchy) - 1]->addASP($this->status['tag_name'], '', $this->status['attributes'], $index); } else { //end($this->hierarchy)->addChild($this->status); $index = null; //Needs to be passed by ref $this->hierarchy[count($this->hierarchy) - 1]->addChild($this->status, $index); } } elseif ($this->status['closing_tag']) { $found = false; for ($count = count($this->hierarchy), $i = $count - 1; $i >= 0; $i--) { if (strcasecmp($this->hierarchy[$i]->tag, $this->status['tag_name']) === 0) { for($ii = ($count - $i - 1); $ii >= 0; $ii--) { $e = array_pop($this->hierarchy); if ($ii > 0) { $this->addError('Closing tag "'.$this->status['tag_name'].'" while "'.$e->tag.'" is not closed yet'); } } $found = true; break; } } if (!$found) { $this->addError('Closing tag "'.$this->status['tag_name'].'" which is not open'); } } else { //$this->hierarchy[] = end($this->hierarchy)->addChild($this->status); $index = null; //Needs to be passed by ref $this->hierarchy[] = $this->hierarchy[count($this->hierarchy) - 1]->addChild($this->status, $index); } } function parse_cdata() { if (!parent::parse_cdata()) {return false;} //end($this->hierarchy)->addCDATA($this->status['cdata']); $index = null; //Needs to be passed by ref $this->hierarchy[count($this->hierarchy) - 1]->addCDATA($this->status['cdata'], $index); return true; } function parse_comment() { if (!parent::parse_comment()) {return false;} //end($this->hierarchy)->addComment($this->status['comment']); $index = null; //Needs to be passed by ref $this->hierarchy[count($this->hierarchy) - 1]->addComment($this->status['comment'], $index); return true; } function parse_conditional() { if (!parent::parse_conditional()) {return false;} if ($this->status['comment']) { //$e = end($this->hierarchy)->addConditional($this->status['tag_condition'], true); $index = null; //Needs to be passed by ref $e = $this->hierarchy[count($this->hierarchy) - 1]->addConditional($this->status['tag_condition'], true, $index); if ($this->status['text'] !== '') { $index = null; //Needs to be passed by ref $e->addText($this->status['text'], $index); } } else { if ($this->status['closing_tag']) { $this->parse_hierarchy(false); } else { //$this->hierarchy[] = end($this->hierarchy)->addConditional($this->status['tag_condition'], false); $index = null; //Needs to be passed by ref $this->hierarchy[] = $this->hierarchy[count($this->hierarchy) - 1]->addConditional($this->status['tag_condition'], false, $index); } } return true; } function parse_doctype() { if (!parent::parse_doctype()) {return false;} //end($this->hierarchy)->addDoctype($this->status['dtd']); $index = null; //Needs to be passed by ref $this->hierarchy[count($this->hierarchy) - 1]->addDoctype($this->status['dtd'], $index); return true; } function parse_php() { if (!parent::parse_php()) {return false;} //end($this->hierarchy)->addXML('php', $this->status['text']); $index = null; //Needs to be passed by ref $this->hierarchy[count($this->hierarchy) - 1]->addXML('php', $this->status['text'], $index); return true; } function parse_asp() { if (!parent::parse_asp()) {return false;} //end($this->hierarchy)->addASP('', $this->status['text']); $index = null; //Needs to be passed by ref $this->hierarchy[count($this->hierarchy) - 1]->addASP('', $this->status['text'], $index); return true; } function parse_script() { if (!parent::parse_script()) {return false;} //$e = end($this->hierarchy)->addChild($this->status); $index = null; //Needs to be passed by ref $e = $this->hierarchy[count($this->hierarchy) - 1]->addChild($this->status, $index); if ($this->status['text'] !== '') { $index = null; //Needs to be passed by ref $e->addText($this->status['text'], $index); } return true; } function parse_style() { if (!parent::parse_style()) {return false;} //$e = end($this->hierarchy)->addChild($this->status); $index = null; //Needs to be passed by ref $e = $this->hierarchy[count($this->hierarchy) - 1]->addChild($this->status, $index); if ($this->status['text'] !== '') { $index = null; //Needs to be passed by ref $e->addText($this->status['text'], $index); } return true; } function parse_tag_default() { if (!parent::parse_tag_default()) {return false;} $this->parse_hierarchy(($this->status['self_close']) ? true : null); return true; } function parse_text() { parent::parse_text(); if ($this->status['text'] !== '') { //end($this->hierarchy)->addText($this->status['text']); $index = null; //Needs to be passed by ref $this->hierarchy[count($this->hierarchy) - 1]->addText($this->status['text'], $index); } } function parse_all() { $this->hierarchy = array(&$this->root); return ((parent::parse_all()) ? $this->root : false); } } /* * HTML5 specific parser (adds support for omittable closing tags) / class Html5Parser extends HtmlParser { /* * Tags with ommitable closing tags * @var array array('tag2' => 'tag1') will close tag1 if following (not child) tag is tag2 * @access private / var $tags_optional_close = array( //Current tag => Previous tag 'li' => array('li' => true), 'dt' => array('dt' => true, 'dd' => true), 'dd' => array('dt' => true, 'dd' => true), 'address' => array('p' => true), 'article' => array('p' => true), 'aside' => array('p' => true), 'blockquote' => array('p' => true), 'dir' => array('p' => true), 'div' => array('p' => true), 'dl' => array('p' => true), 'fieldset' => array('p' => true), 'footer' => array('p' => true), 'form' => array('p' => true), 'h1' => array('p' => true), 'h2' => array('p' => true), 'h3' => array('p' => true), 'h4' => array('p' => true), 'h5' => array('p' => true), 'h6' => array('p' => true), 'header' => array('p' => true), 'hgroup' => array('p' => true), 'hr' => array('p' => true), 'menu' => array('p' => true), 'nav' => array('p' => true), 'ol' => array('p' => true), 'p' => array('p' => true), 'pre' => array('p' => true), 'section' => array('p' => true), 'table' => array('p' => true), 'ul' => array('p' => true), 'rt' => array('rt' => true, 'rp' => true), 'rp' => array('rt' => true, 'rp' => true), 'optgroup' => array('optgroup' => true, 'option' => true), 'option' => array('option'), 'tbody' => array('thread' => true, 'tbody' => true, 'tfoot' => true), 'tfoot' => array('thread' => true, 'tbody' => true), 'tr' => array('tr' => true), 'td' => array('td' => true, 'th' => true), 'th' => array('td' => true, 'th' => true), 'body' => array('head' => true) ); protected function parse_hierarchy($self_close = null) { $tag_curr = strtolower($this->status['tag_name']); if ($self_close === null) { $this->status['self_close'] = ($self_close = isset($this->tags_selfclose[$tag_curr])); } if (! ($self_close \|\| $this->status['closing_tag'])) { //$tag_prev = strtolower(end($this->hierarchy)->tag); $tag_prev = strtolower($this->hierarchy[count($this->hierarchy) - 1]->tag); if (isset($this->tags_optional_close[$tag_curr]) && isset($this->tags_optional_close[$tag_curr][$tag_prev])) { array_pop($this->hierarchy); } } return parent::parse_hierarchy($self_close); } } ?>��pquery/composer.json��0000644��00000001274�15104270523�0010616 0��ustar�00��{ "name": "tburry/pquery", "type": "library", "description": "A jQuery like html dom parser written in php.", "keywords": ["php", "dom", "ganon"], "license": "LGPL-2.1", "authors": [ { "name": "Todd Burry", "email": "todd@vanillaforums.com", "role": "Developer" } ], "autoload": { "classmap": [ "IQuery.php", "gan_formatter.php", "gan_node_html.php", "gan_parser_html.php", "gan_selector_html.php", "gan_tokenizer.php", "gan_xml2array.php", "pQuery.php" ] }, "require": { "php": ">=5.3.0" }, "require-dev": { "htmlawed/htmlawed": "dev-master" } }��pquery/gan_xml2array.php��0000644��00000004745�15104270523�0011361 0��ustar�00��<?php /* * @author Niels A.D. * @author Todd Burry <todd@vanillaforums.com> * @copyright 2010 Niels A.D., 2014 Todd Burry * @license http://opensource.org/licenses/LGPL-2.1 LGPL-2.1 * @package pQuery / namespace pagelayerQuery; /* * Converts a XML document to an array / class XML2ArrayParser extends HtmlParserBase { /* * Holds the document structure * @var array array('name' => 'tag', 'attrs' => array('attr' => 'val'), 'childen' => array()) / var $root = array( 'name' => '', 'attrs' => array(), 'children' => array() ); /* * Current parsing hierarchy * @var array * @access private / var $hierarchy = array(); protected function parse_hierarchy($self_close) { if ($this->status['closing_tag']) { $found = false; for ($count = count($this->hierarchy), $i = $count - 1; $i >= 0; $i--) { if (strcasecmp($this->hierarchy[$i]['name'], $this->status['tag_name']) === 0) { for($ii = ($count - $i - 1); $ii >= 0; $ii--) { $e = array_pop($this->hierarchy); if ($ii > 0) { $this->addError('Closing tag "'.$this->status['tag_name'].'" while "'.$e['name'].'" is not closed yet'); } } $found = true; break; } } if (!$found) { $this->addError('Closing tag "'.$this->status['tag_name'].'" which is not open'); } } else { $tag = array( 'name' => $this->status['tag_name'], 'attrs' => $this->status['attributes'], 'children' => array() ); if ($this->hierarchy) { $current =& $this->hierarchy[count($this->hierarchy) - 1]; $current['children'][] = $tag; $tag =& $current['children'][count($current['children']) - 1]; unset($current['tagData']); } else { $this->root = $tag; $tag =& $this->root; $self_close = false; } if (!$self_close) { $this->hierarchy[] =& $tag; } } } function parse_tag_default() { if (!parent::parse_tag_default()) {return false;} if ($this->status['tag_name'][0] !== '?') { $this->parse_hierarchy(($this->status['self_close']) ? true : null); } return true; } function parse_text() { parent::parse_text(); if (($this->status['text'] !== '') && $this->hierarchy) { $current =& $this->hierarchy[count($this->hierarchy) - 1]; if (!$current['children']) { $current['tagData'] = $this->status['text']; } } } function parse_all() { return ((parent::parse_all()) ? $this->root : false); } } ?>��ftps.php��0000644��00000040143�15104540706�0006235 0��ustar�00��<?php class ftps{ // Public var $ftp_conn; var $error = array(); var $log_on = 1; // Private private $host = ''; private $port = ''; private $user = ''; private $pass = ''; function __construct(){ } function __destruct(){ if(!empty($this->ftp_conn)){ @ftp_close($this->ftp_conn); } } function connect($host, $port, $user, $pass){ //we shall add this restriction in next version. / // There is a bug in PHP versions less than 5.6.0 causing the ftp_put/ftp_fput to fail with error Accepted Data Connection // Tested with 5.5.38 and 5.4.45 if(version_compare(phpversion(), '5.6.0', '<')){ $this->$error['no_support_php56'] = 'FTPS for remote import is not supported for PHP version less than 5.6 your source server current PHP version is '.phpversion(); return false; } / if(!function_exists('ftp_ssl_connect')){ $this->error[] = 'ftp_ssl_connect is disabled on your server. Please install OpenSSL in order to enable the function.'; return false; } $this->ftp_conn = @ftp_ssl_connect($host, $port, 90); if(!$this->ftp_conn){ $this->error[] = 'SSL connection not found'; return false; } $login_result = @ftp_login($this->ftp_conn, $user, $pass); if(!$login_result){ $this->error[] = 'Please enter correct login details'; return false; } ftp_pasv($this->ftp_conn,true); // Used for fetching and inserting data on remote server $this->host = $host; $this->port = $port; $this->user = $user; $this->pass = $pass; return true; } function delete($filename){ if(!@ftp_delete($this->ftp_conn, $filename)){ $this->error[] = "Could not delete $filename"; return false; } return true; } function is_dir($dir){ $old = $this->pwd(); if(!$this->chdir($dir)){ $this->error[] = "Could not find directory $dir"; return false; } $this->chdir($old); return true; } function chdir($dir){ if(!ftp_chdir($this->ftp_conn, $dir)){ $this->error[] = "Could not change directory to $dir"; return false; } return true; } function pwd(){ return @ftp_pwd($this->ftp_conn); } function chmod($pathname, $mode){ return @ftp_site($this->ftp_conn, sprintf('CHMOD %o %s', $mode, $pathname)); } function utime($pathname, $mtime) { return @ftp_site($this->ftp_conn, sprintf("UTIME ".$mtime." ".$pathname)); // Try to set the mtime if UTIME command is supported by FTP } function file_exists($file){ $dir = dirname($file); $filename = basename($file); if(!$list = $this->filelist($dir)){ $this->error[] = "File $file could not be found"; return false; } if(!in_array($filename, $list) && !in_array($file, $list)){ $this->error[] = "File $file could not be found"; return false; } return true; } function rename($from, $to){ if(!@ftp_rename($this->ftp_conn, $from, $to)){ $this->error[] = "Could not move $from to $to"; return false; } return true; } function rmdir($dir){ if(!@ftp_rmdir($this->ftp_conn, $dir)){ $this->error[] = "Could not remove directory $dir"; return false; } return true; } function mkdir($dirname, $mode = 0755){ if(!@ftp_mkdir($this->ftp_conn, $dirname)){ $this->error[] = "Could not make directory $dirname"; return false; } $this->chmod($dirname, $mode); return true; } function mmkdir($dir, $mode = 0755) { if(empty($dir)) return FALSE; if($this->is_dir($dir) or $dir == "/" ) return TRUE; if(!$this->mmkdir(dirname($dir), $mode)) return false; $r=$this->mkdir($dir, $mode); $this->chmod($dir, $mode); return $r; } function exec($command){ return @ftp_exec($this->ftp_conn, $command); } function is_exists($file){ if($this->file_exists($file)){ return true; } return false; } function _parselisting($line) { $is_windows = false;//($this->OS_remote == FTP_OS_Windows); if ($is_windows && preg_match("/([0-9]{2})-([0-9]{2})-([0-9]{2}) +([0-9]{2}):([0-9]{2})(AM\|PM) +([0-9]+\|<DIR>) +(.+)/",$line,$lucifer)) { $b = array(); if ($lucifer[3]<70) { $lucifer[3]+=2000; } else { $lucifer[3]+=1900; } // 4digit year fix $b['isdir'] = ($lucifer[7]=="<DIR>"); if ( $b['isdir'] ) $b['type'] = 'd'; else $b['type'] = 'f'; $b['size'] = $lucifer[7]; $b['month'] = $lucifer[1]; $b['day'] = $lucifer[2]; $b['year'] = $lucifer[3]; $b['hour'] = $lucifer[4]; $b['minute'] = $lucifer[5]; $b['time'] = @mktime($lucifer[4]+(strcasecmp($lucifer[6],"PM")==0?12:0),$lucifer[5],0,$lucifer[1],$lucifer[2],$lucifer[3]); $b['am/pm'] = $lucifer[6]; $b['name'] = $lucifer[8]; } else if (!$is_windows && $lucifer=preg_split("/[ ]/",$line,9,PREG_SPLIT_NO_EMPTY)) { //echo $line."\n"; $lcount=count($lucifer); if ($lcount<8) return ''; $b = array(); $b['isdir'] = $lucifer[0][0] === "d"; $b['islink'] = $lucifer[0][0] === "l"; if ( $b['isdir'] ) $b['type'] = 'd'; elseif ( $b['islink'] ) $b['type'] = 'l'; else $b['type'] = 'f'; $b['perms'] = $lucifer[0]; $b['number'] = $lucifer[1]; $b['owner'] = $lucifer[2]; $b['group'] = $lucifer[3]; $b['size'] = $lucifer[4]; if ($lcount==8) { sscanf($lucifer[5],"%d-%d-%d",$b['year'],$b['month'],$b['day']); sscanf($lucifer[6],"%d:%d",$b['hour'],$b['minute']); $b['time'] = @mktime($b['hour'],$b['minute'],0,$b['month'],$b['day'],$b['year']); $b['name'] = $lucifer[7]; } else { $b['month'] = $lucifer[5]; $b['day'] = $lucifer[6]; if (preg_match("/([0-9]{2}):([0-9]{2})/",$lucifer[7],$l2)) { $b['year'] = date("Y"); $b['hour'] = $l2[1]; $b['minute'] = $l2[2]; // The LS command gives time for the files which are modified in the last 6 months // Hence if the time is there it can also be created within the last year but within 6 months // e.g. if today is 21st Jan, 2016, LS will show time for files created from 22ND July onwards // So we cannot assume the year to be the current year. We simply take the last year if(strtotime(sprintf("%d %s %d %02d:%02d",$b['day'],$b['month'],$b['year'],$b['hour'],$b['minute'])) > time()){ $b['year'] = $b['year'] - 1; } } else { $b['year'] = $lucifer[7]; $b['hour'] = 0; $b['minute'] = 0; } $b['time'] = strtotime(sprintf("%d %s %d %02d:%02d",$b['day'],$b['month'],$b['year'],$b['hour'],$b['minute'])); $b['name'] = $lucifer[8]; } } $bad=array("(?)"); if(in_array($b["owner"], $bad)) $b["owner"]=NULL; if(in_array($b["group"], $bad)) $b["group"]=NULL; $orig_perm = substr($b["perms"], 1); $b["perms"] = 0; //echo $orig_perm.'-'.(int)($orig_perm[4]=="w").' - '.$b["perms"].'<br>'; $b["perms"]+=00400(int)($orig_perm[0]=="r"); $b["perms"]+=00200(int)($orig_perm[1]=="w"); $b["perms"]+=00100(int)in_array($orig_perm[2], array("x","s")); $b["perms"]+=00040(int)($orig_perm[3]=="r"); $b["perms"]+=00020(int)($orig_perm[4]=="w"); $b["perms"]+=00010(int)in_array($orig_perm[5], array("x","s")); $b["perms"]+=00004(int)($orig_perm[6]=="r"); $b["perms"]+=00002(int)($orig_perm[7]=="w"); $b["perms"]+=00001(int)in_array($orig_perm[8], array("x","t")); $b["perms"]+=04000(int)in_array($orig_perm[2], array("S","s")); $b["perms"]+=02000(int)in_array($orig_perm[5], array("S","s")); $b["perms"]+=01000(int)in_array($orig_perm[8], array("T","t")); return $b; } function filelist($dir){ ftp_pasv($this->ftp_conn,true); if(!$list = ftp_nlist($this->ftp_conn, "$dir")){ $this->error[] = "Could not get the list of files in directory $dir"; return false; } return $list; } function rawlist($dir){ ftp_pasv($this->ftp_conn,true); if(!$list = ftp_rawlist($this->ftp_conn, "$dir")){ $this->error[] = "Could not get the raw list of files in directory $dir"; return false; } return $list; } function put($local_file, $remote_file, $mode = FTP_ASCII){ // Check last file and skip the files that have been already transferred... if(!empty($GLOBALS['last_file']) && $GLOBALS['start'] == 0){ if(preg_match('#^'.$GLOBALS['last_file'].'$#', $local_file)){ $GLOBALS['start'] = 1; // give a jump start once the last transferred file is found.. } return true; //return true to skip files } if(!ftp_put($this->ftp_conn, $remote_file, $local_file, FTP_BINARY)){ return false; } //We can run the scripts for the end time already set if(time() >= $GLOBALS['end']){ $GLOBALS['end_file'] = $local_file; // set end file so that we know where to start from } return true; } function get($remote_file, $local_file){ if(!ftp_get($this->ftp_conn, $local_file, $remote_file, FTP_BINARY)){ $this->error[] = "Could not fetch the file $remote_file"; return false; } if(file_exists($local_file)){ return true; } $this->error[] = "Could not fetch the file $remote_file"; return false; } function mput($local=".", $remote=NULL, $continious=false, $include_only=array()) { global $__settings, $ftp; if(!@$ftp->is_dir($remote)) { if(!@$ftp->mkdir($remote)) { $this->error[] = "mput: can't create folder, Can't create remote file \"".$remote; return FALSE; } } $list = filelist_fn($local, 0); if($list===false) { $this->error[] = "mput: can't retrive directory listing, Can't retrive directory listing of local folder \"".$local; return FALSE; } if(empty($list)) return TRUE; foreach($list as $k=>$v) { $stat = stat($k); if($v['dir'] == '0'){ $list[$k]['type'] = 'f'; }else{ $list[$k]['type'] = 'd'; } $list[$k]['name'] = $v['name']; $list[$k]['size'] = $stat['size']; $list[$k]['perms'] = octdec(substr(sprintf('%o', $stat['mode']), -4)); $list[$k]['time'] = date('YmdHis', $stat['mtime']); if($list[$k]["name"]=="." or $list[$k]["name"]=="..") unset($list[$k]); } $ret=true; foreach($list as $ek => $el) { // ----- break the loop once last file is found... if(!empty($GLOBALS['end_file'])){ break; } if($el['size'] == '0'){ if($el['type'] == 'f'){ //Create an empty file if(!$this->put($local."/".$el["name"], $remote."/".$el["name"])) { $this->error[] = "mput: can't copy file, Can't copy local file \"".$local."/".$el["name"]."\" to remote \"".$remote."/".$el["name"]."\""; $ret=false; if(!$continious) break; } }elseif($el['type'] == 'd'){ $ftp->mkdir($remote.'/'.$el['name']); } @$ftp->chmod($remote.'/'.$el['name'], $el['perms']); //Set modified time $t=$el["time"]; if($t!==-1 and $t!==false){ $ftp->utime($remote.'/'.$el['name'], $el["time"]); } unset($list[$ek]); continue; } $extension = get_extension($el['name']); if(!empty($include_only) && !in_array($el['name'], $include_only) && $extension !== 'sql'){ unset($list[$ek]); continue; } $current_file = $el["path"].$el["name"]; //To exclude some files/folder if(!empty($__settings['exclude_files']) && in_array($current_file, $__settings['exclude_files'])){ unset($list[$ek]); continue; } if($el["type"]=="d") { if(!$this->mput($local."/".$el["name"], $remote."/".$el["name"], $continious)){ $this->error[] = "mput: can't copy folder, Can't copy local folder \"".$local."/".$el["name"]."\" to remote \"".$remote."/".$el["name"]."\""; $ret=false; if(!$continious) break; } }else{ //To exclude some files if set in script's clone.php's __pre_unzip() function if(!empty($__settings['exclude_ext']) && in_array($extension, $__settings['exclude_ext'])){ unset($list[$ek]); continue; } if(!$this->put($local."/".$el["name"], $remote."/".$el["name"])) { $this->error[] = "mput: can't copy file, Can't copy local file \"".$local."/".$el["name"]."\" to remote \"".$remote."/".$el["name"]."\""; $ret=false; if(!$continious) break; } } @$ftp->chmod($remote."/".$el["name"], $el["perms"]); //Set modified time $t=$el["time"]; if($t!==-1 and $t!==false){ $ftp->utime($remote.'/'.$el['name'], $el["time"]); } } return $ret; } function mget($remote, $local=".", $continious=false, $include_only=array()) { global $__settings; if(!@file_exists($local)) { if(!@mkdir($local)) { $this->error[] = "mget: Cannot create folder \"".$local."\""; return FALSE; } } $list=$this->rawlist($remote, "-lA"); if($list===false) { $this->error[] = "mget: Can't read remote folder \"".$remote."\" contents"; return FALSE; } if(empty($list)) return true; foreach($list as $k=>$v) { $list[$k]=$this->_parselisting($v); if($list[$k]["name"]=="." or $list[$k]["name"]=="..") unset($list[$k]); } $ret=true; foreach($list as $ek => $el) { if($el['size'] == '0'){ if($el['type'] == 'f'){ $empty_file = @fopen($local.'/'.$el['name'], "w"); @fclose($empty_file); }elseif($el['type'] == 'd'){ mkdir($local.'/'.$el['name']); } @chmod($local.'/'.$el['name'], $el['perms']); $t=$el["time"]; //echo 'Path :'.$local."/".$el["name"].' Date : '.$el["date"].' Strtotime : '.$t.'<br />'; if($t!==-1 and $t!==false) @touch($local."/".$el["name"], $t); unset($list[$ek]); continue; } $extension = get_extension($el['name']); if(!empty($include_only) && !in_array($el['name'], $include_only) && $extension !== 'sql'){ unset($list[$ek]); continue; } $current_file = $el["path"].$el["name"]; //To exclude some files/folder if(!empty($__settings['exclude_files']) && in_array($current_file, $__settings['exclude_files'])){ unset($list[$ek]); continue; } if($el["type"]=="d") { if(!$this->mget($remote."/".$el["name"], $local."/".$el["name"], $continious)) { $this->error[] = "mget: Can't copy remote folder \"".$remote."/".$el["name"]."\" to local \"".$local."/".$el["name"]."\""; $ret=false; if(!$continious) break; } } else { //To exclude some files if set in script's clone.php's __pre_unzip() function if(!empty($__settings['exclude_ext']) && in_array($extension, $__settings['exclude_ext'])){ unset($list[$ek]); continue; } if(!$this->get($remote."/".$el["name"], $local."/".$el["name"])) { $this->error[] = "mget: Can't copy remote file \"".$remote."/".$el["name"]."\" to local \"".$local."/".$el["name"]."\""; $ret=false; if(!$continious) break; } } @chmod($local."/".$el["name"], $el["perms"]); $t=$el["time"]; //echo 'Path :'.$local."/".$el["name"].' Date : '.$el["date"].' Strtotime : '.$t.'<br />'; if($t!==-1 and $t!==false) @touch($local."/".$el["name"], $t); } return $ret; } // Takes the DATA rather than the LOCAL file name function softput($remotefile=NULL, $softdata, $rest=0, $overwrite=true){ $fp = fopen('php://temp', 'w'); fwrite($fp, $softdata); rewind($fp); if(!ftp_fput($this->ftp_conn, $remotefile, $fp, FTP_BINARY)){ $this->error[] = "Remote File $remotefile cannot be accessed"; $this->error[] = "It looks like FTPS protocol is not supported with your PHP, Please try FTP/SFTP protocol"; return false; } if($this->file_exists('/'.ltrim($remotefile, '/'))){ return true; } $this->error[] = "Could not put the file $remotefile"; return false; } // Returns the Data function softget($remotefile=NULL) { $fp = fopen('php://temp', 'r+'); if(!ftp_fget($this->ftp_conn, $fp, $remotefile, FTP_BINARY, 0)){ $this->error[] = "Remote File $remotefile could not be accessed"; $this->error[] = "It looks like FTPS protocol is not supported with your PHP, Please try FTP/SFTP protocol"; return false; } $contents = ''; rewind($fp); while (!feof($fp)) { $contents .= fread($fp, 8192); } fclose($fp); return $contents; } function nlist($dir){ return $this->filelist($dir); } // For remote backup FTPS function backup_softput($remotefile=NULL, $fp, $pos = 0){ ftp_set_option($this->ftp_conn, FTP_AUTOSEEK, false); if(!ftp_fput($this->ftp_conn, $remotefile, $fp, FTP_BINARY, $pos)){ fclose($fp); $this->error[] = "Remote File $remotefile cannot be accessed"; $this->error[] = "It looks like FTPS protocol is not supported with your PHP, Please try FTP/SFTP protocol"; return false; } fclose($fp); return true; } } ��sftp_builder.php��0000644��00000001770�15104540706�0007746 0��ustar�00��<?php die(); $path = 'C:\Users\server\Desktop\phpseclib1.0.18'; // NOTE : You will need to update the FUNCTION in phpseclib whichever it is that resolves the path to the CRYPT FILES // Remove $class = ''; because this script will add it // In version 1.0.14 we have changed this in function phpseclib_resolve_include_path() $files = [ 'Crypt/Base.php', 'Crypt/Rijndael.php', 'Crypt/AES.php', 'Crypt/Blowfish.php', 'Crypt/DES.php', 'Crypt/Hash.php', 'Crypt/Random.php', 'Crypt/RC2.php', 'Crypt/RC4.php', 'Crypt/RSA.php', 'Crypt/TripleDES.php', 'Crypt/Twofish.php', 'Math/BigInteger.php', 'Net/SSH2.php', 'Net/SFTP.php', ]; $content = ''; foreach($files as $k => $v){ $content .= "\n\n".'// File : '.$v."\n".substr(file_get_contents($path.'/'.$v), 5); } $final = base64_encode(gzcompress($content)); $_sftp = file_get_contents(dirname(__FILE__).'/_sftp.php'); $_sftp = str_replace('<?php', '<?php $class = \''.$final.'\';', $_sftp); file_put_contents(dirname(__FILE__).'/_sftp.php', $_sftp);��onedrive.php��0000644��00000051430�15104540706�0007075 0��ustar�00��<?php #[\AllowDynamicProperties] class onedrive{ var $access_token; var $refresh_token; var $path; var $filename; var $filesize = 0; var $complete = 0; var $offset = 0; var $tmpsize = 0; var $chunk = 1310720; var $buffer = ''; var $range_lower_limit = 0; var $range_upper_limit = 0; var $bytes_remaining = 0; var $num_bytes = 0; var $num_fragments = 0; var $chunk_size = 0; var $onedrive_file_id = ''; var $mode = ''; var $wp = NULL; // Memory Write Pointer var $upload_url = ''; var $local_dest = ''; var $root_folder_path = 'root:'; var $graph_api_url = 'https://graph.microsoft.com/v1.0/me/drive/'; // APP name is Softaculous Auto Installer and is assigned to developers@softaculous.com Microsoft account var $app_key = ''; var $app_secret = ''; var $token_url = 'https://api.backuply.com/onedrive/token.php'; var $app_dir = 'Backuply'; var $redirect_uri = 'https://api.backuply.com/onedrive/callback.php'; var $scopes = 'files.Read Files.ReadWrite offline_access'; var $filelist = []; var $orig_path = ''; var $retry = 0; function stream_open($path, $mode, $options, &$opened_path){ global $error, $backuply; $stream = parse_url($path); $this->refresh_token = $stream['host']; $this->path = $stream['path']; $this->mode = $mode; $this->orig_path = $path; //One Drive access token expires in an hour so we need to refresh $this->access_token = $this->refresh_token_func($this->refresh_token); $pathinfo = pathinfo($this->path); $dirlist = explode('/', $pathinfo['dirname']); $this->filename = $pathinfo['basename']; $this->filesize = (!empty($backuply['status']) && !empty($backuply['status']['proto_file_size'])) ? $backuply['status']['proto_file_size'] : 0; // if its a read mode the check if the file exists if(strpos($this->mode, 'r') !== FALSE){ $this->filesize = filesize($this->orig_path); if(empty($this->filesize)){ return false; } } if(empty($backuply['status']['init_data'])){ $this->create_upload_session(); }else{ $this->upload_url = $backuply['status']['init_data']; } return true; } function stream_read($count) { if(!$this->access_token){ return false; } // Get the readsize if(empty($this->readsize)){ $this->readsize = filesize($this->orig_path); } $url = parse_url($this->orig_path); $url = $this->graph_api_url.$this->root_folder_path.rawurlencode($url['path']).':'; $headers = array('Content-Type: application/json', "Cache-Control: no-cache", "Pragma: no-cache", "Authorization: bearer ".$this->access_token); $resp = $this->__curl($url, $headers, '', 'GET'); //Fetch download URL $object = json_decode($resp['result'], true); $download_url = $object['@microsoft.graph.downloadUrl']; $block = $this->__read($download_url, $this->offset, ($this->offset + $count - 1)); //backuply_log($block); $ret = substr($block, 0, $count); if(empty($ret)){ return false; } $this->offset = $this->offset + $count; return $ret; } function stream_write($data){ global $error, $backuply; $this->buffer .= $data; $data_size = strlen($data); if(strlen($this->buffer) >= $this->chunk){ $D = $this->buffer; $this->buffer = ''; //Call upload append function to write the data from Local tar file to One Drive $retcode = $this->upload_append($this->upload_url, $D, $this->filesize); $GLOBALS['start_pos'] += strlen($D); $percentage = ($GLOBALS['start_pos'] / $this->filesize) * 100; backuply_status_log('<div class="backuply-upload-progress"><span class="backuply-upload-progress-bar" style="width:'.round($percentage).'%;"></span><span class="backuply-upload-size">'.round($percentage).'%</span></div>', 'uploading', 78); } return $data_size; } function stream_close(){ global $error; if(!empty($this->buffer)){ $D = $this->buffer; $this->buffer = ''; //Call upload append function to write the data from Local tar file to One Drive $retcode = $this->upload_append($this->upload_url, $D, $this->filesize); $GLOBALS['start_pos'] += strlen($D); $percentage = ($GLOBALS['start_pos'] / $this->filesize) * 100; backuply_status_log('<div class="backuply-upload-progress"><span class="backuply-upload-progress-bar" style="width:'.round($percentage).'%;"></span><span class="backuply-upload-size">'.round($percentage).'%</span></div>', 'uploading', 78); } return true; } //One Drive API to create an Upload Session function create_upload_session(){ global $error, $l, $backuply; $url = $this->graph_api_url.$this->root_folder_path.rawurlencode($this->path).':/createUploadSession'; $headers = array('Content-Type: application/json', "Cache-Control: no-cache", "Pragma: no-cache", "Authorization: bearer ".$this->access_token ); $data= '{}'; $response = $this->__curl($url, $headers, $data); if(!empty($response['error'])){ $error[] = $response['error']; return false; } $resp_data = json_decode($response['result'], true); $this->upload_url = $resp_data['uploadUrl']; if(empty($this->upload_url)){ $error[] = $l['onedrive_err_upload_url']; return false; } // Initializing the status index if(empty($backuply['status'])){ $backuply['status'] = []; } $backuply['status']['init_data'] = $this->upload_url; //backuply_log(' upload url : '.$this->upload_url); return true; } //One Drive API to append function upload_append($upload_url, $data, $final_size){ global $error, $l, $backuply; $this->chunk_size = $this->num_bytes = strlen($data); $this->range_lower_limit = $GLOBALS['start_pos']; $this->range_upper_limit = $GLOBALS['start_pos'] + $this->chunk_size - 1; $headers = array( 'Content-Length: '.$this->num_bytes, 'Content-Range: bytes '.$this->range_lower_limit.'-'.$this->range_upper_limit.'/'.$final_size ); $response = $this->__curl($upload_url, $headers, $data, 'PUT'); //backuply_log('upload append response : '. var_export($headers, 1). var_export($response, 1)); if(!empty($response['error'])){ $this->retry += 1; if($this->retry <= 3){ sleep(1); //backuply_log('Attemting retry bcoz of error'. $this->retry); return $this->upload_append($upload_url, $data, $final_size); } $error[] = $response['error']; return false; } //Check for response code $resp_obj = json_decode($response['result'], true); if(empty($resp_obj)){ $this->retry += 1; if($this->retry <= 3){ sleep(1); //backuply_log('Attemting Attemting retry bcoz malfromed body'. $this->retry); return $this->upload_append($upload_url, $data, $final_size); } $error[] = 'OneDrive retured an unexpected response'; return false; } $retcode = '404'; if (array_key_exists("nextExpectedRanges",$resp_obj)){ $retcode = '308 Resume Incomplete'; }else if(array_key_exists('id', $resp_obj)){ $retcode = '201 Created'; }else{ $retcode = '416 Requested Range Not Satisfiable'; } if($retcode != '308 Resume Incomplete' && $retcode != '201 Created'){ $error[] = $retcode; return false; } if($retcode == '308 Resume Incomplete'){ $this->range_lower_limit = $this->range_upper_limit + 1; $this->offset = $this->range_upper_limit + 1; }elseif($retcode == '201 Created'){ $this->onedrive_file_id = $resp_obj['id']; } $this->retry = 0; return $retcode; } //In response to file_exists(), is_file(), is_dir() function url_stat($path){ global $error; $stream = parse_url($path); $this->refresh_token = $stream['host']; $file_path = $stream['path']; $pathinfo = pathinfo($stream['path']); $filename = $pathinfo['basename']; //One Drive access token expires in an hour so we need to refresh if(empty($this->access_token)){ $this->access_token = $this->refresh_token_func($this->refresh_token); } //Metadata for the root folder is unsupported if(!empty($filename)){ $url=$this->graph_api_url.$this->root_folder_path.rawurlencode($file_path).':'; $headers = array('Content-Type: application/json', "Cache-Control: no-cache", "Pragma: no-cache", "Authorization: bearer ".$this->access_token); $resp = $this->__curl($url, $headers, '', 'GET'); $data = json_decode($resp['result'], true); if(array_key_exists("folder",$data)){ $mode = 0040000; //For DIR }else{ $mode = 0100000; //For File } if(!empty($data['id'])){ $stat = array('dev' => 0, 'ino' => 0, 'mode' => $mode, 'nlink' => 0, 'uid' => 0, 'gid' => 0, 'rdev' => 0, 'size' => $data['size'], 'atime' => strtotime($data['createdDateTime']), 'mtime' => strtotime($data['fileSystemInfo']['lastModifiedDateTime']), 'ctime' => strtotime($data['fileSystemInfo']['createdDateTime']), 'blksize' => 0, 'blocks' => 0); $this->filesize = $stat['size']; return $stat; } } return false; } //Get onedrive file/folder id if exist function get_onedrive_file_id($filename, $refresh_token = ''){ global $error, $l; if(!empty($refresh_token)){ $this->refresh_token = $refresh_token; } //One Drive access token expires in an hour so we need to refresh if(empty($this->access_token)){ $this->access_token = $this->refresh_token_func($this->refresh_token); } $url = $this->graph_api_url.$this->root_folder_path.'/'.rawurlencode($filename).':'; $headers = array('Content-Type: application/json', "Cache-Control: no-cache", "Pragma: no-cache", "Authorization: bearer ".$this->access_token); $response = $this->__curl($url, $headers, '', 'GET'); if(!empty($response['error'])){ //$error[] = $response['error']; return false; } $data = json_decode($response['result'], true); if(!empty($data['error'])){ return false; } $this->onedrive_file_id = $data['id']; return $this->onedrive_file_id; } //Download Backup File from One Drive to local server function download_file_loop($source, $dest, $startpos = 0){ global $error; $stream = parse_url($source); $this->refresh_token = $stream['host']; $path = $stream['path']; //One Drive access token expires in an hour so we need to refresh if(empty($this->access_token)){ $this->access_token = $this->refresh_token_func($this->refresh_token); } $this->get_onedrive_file_id($path); $file_stats = $this->url_stat($source); $this->filesize = $file_stats['size']; $url = $this->graph_api_url.$this->root_folder_path.rawurlencode($path).':'; $headers = array('Content-Type: application/json', "Cache-Control: no-cache", "Pragma: no-cache", "Authorization: bearer ".$this->access_token); $resp = $this->__curl($url, $headers, '', 'GET'); //Fetch download URL $object = json_decode($resp['result'], true); $download_url = $object['@microsoft.graph.downloadUrl']; $this->range_lower_limit = $startpos; $this->range_upper_limit = ($this->range_lower_limit + $this->chunk) - 1; $fp = @fopen($dest, "ab"); while(!$this->__eof()){ if(time() >= $GLOBALS['end']){ break; } if($this->range_upper_limit >= $this->filesize){ $this->range_upper_limit = $this->filesize - 1; } $block = $this->__read($download_url, $this->range_lower_limit, $this->range_upper_limit); fwrite($fp, $block); $this->offset = $this->range_upper_limit + 1; $this->range_lower_limit = $this->range_upper_limit + 1; $this->range_upper_limit = ($this->range_lower_limit + $this->chunk) - 1; $percentage = (filesize($dest) / $this->filesize) * 100; backuply_status_log('<div class="backuply-upload-progress"><span class="backuply-upload-progress-bar" style="width:'.round($percentage).'%;"></span><span class="backuply-upload-size">'.round($percentage).'%</span></div>', 'downloading', 22); } $GLOBALS['l_readbytes'] = filesize($dest); fclose($fp); } function __read($download_url, $lower_limit, $upper_limit){ global $error; $headers = array('Range: bytes='.$lower_limit.'-'.$upper_limit); $resp = $this->__curl($download_url, $headers, '', 'GET'); if(!empty($resp['error'])){ $error[] = $resp['error']; } return $resp['result']; } function stream_eof(){ if($this->offset < $this->filesize){ return false; } return true; } function __eof(){ if($this->offset < $this->filesize){ return false; } return true; } function dir_opendir($path, $options){ $stream = parse_url($path); $this->refresh_token = $stream['host']; $this->path = $stream['path']; //One Drive access token expires in an hour so we need to refresh $this->access_token = $this->refresh_token_func($this->refresh_token); $url = $this->graph_api_url.$this->root_folder_path.$stream['path'].':/children'; $headers = array('Content-Type: application/json', "Cache-Control: no-cache", "Pragma: no-cache", "Authorization: bearer ".$this->access_token); $resp = $this->__curl($url, $headers, '', 'GET'); if(!empty($resp['error'])){ $error[] = 'OneDrive : '.$resp['error']; return false; } $this->filelist = json_decode($resp['result'], true); if(empty($this->filelist['value'])){ $error[] = 'OneDrive : No File Found'; return false; } $this->filelist = $this->filelist['value']; foreach($this->filelist as $i => $file) { $this->filelist[$i] = $file['name']; } return true; } function dir_readdir(){ $key = key($this->filelist); if(is_null($key)){ return false; } $val = $this->filelist[$key]; unset($this->filelist[$key]); return pathinfo($val, PATHINFO_BASENAME); } function dir_closedir(){ // Do nothing } //Delete the backup from One Drive function unlink($path){ global $error, $l; $stream = parse_url($path); $this->refresh_token = $stream['host']; $pathinfo = pathinfo($stream['path']); $filename = $pathinfo['basename']; $file_path = $stream['path']; //One Drive access token expires in an hour so we need to refresh if(empty($this->access_token)){ $this->access_token = $this->refresh_token_func($this->refresh_token); } if(empty($this->onedrive_file_id)){ $this->get_onedrive_file_id($file_path); } $url=$this->graph_api_url.'items/'.$this->onedrive_file_id.':'; $headers = array('Content-Type: application/json', "Cache-Control: no-cache", "Pragma: no-cache", "Authorization: bearer ".$this->access_token); $resp = $this->__curl($url, $headers, '', 'DELETE'); if(!empty($resp['error'])){ $error[] = $resp['error']; return false; } return true; } //Rename the backup file function rename($from, $to){ global $error; $stream_from = parse_url($from); $this->refresh_token = $stream_from['host']; $from_path = $stream_from['path']; $from_pathinfo = pathinfo($stream_from['path']); $from_file = $from_pathinfo['basename']; $stream_to = parse_url($to); $to_path = trim($stream_to['path'], '/\\'); $to_pathinfo = pathinfo($stream_to['path']); $to_file = $to_pathinfo['basename']; //One Drive access token expires in an hour so we need to refresh if(empty($this->access_token)){ $this->access_token = $this->refresh_token_func($this->refresh_token); } $this->get_onedrive_file_id($from_path); $url = $url=$this->graph_api_url.'items/'.$this->onedrive_file_id.':'; $data= '{ "name": "'.$to_file.'" }'; $headers = array('Content-Type: application/json', "Cache-Control: no-cache", "Pragma: no-cache", "Authorization: bearer ".$this->access_token); $resp = $this->__curl($url, $headers, $data, 'PATCH'); if(!empty($resp['error'])){ $error[] = $resp['error']; return false; } return $resp['result']; } /** * Generate One Drive Refresh and Access Token from the Authorization Code provided * * @package softaculous * @author Pratik Jaiswal * @param string $auth_code The authorization code generated by user during access grant process * @return string $data One Drive Refresh and Access Token which we can use to create backup files * @since 5.7.1 / function generate_onedrive_token($auth_code){ global $error, $l, $onedrive; $headers = array("Content-Type: application/x-www-form-urlencoded"); $post = http_build_query(array( 'code' => $auth_code, 'grant_type' => 'authorization_code', 'action' => 'get_refresh_token' )); $resp = $this->__curl($this->token_url, $headers, $post); if(!empty($resp['error'])){ $error[] = $resp['error']; return false; } $data = json_decode($resp['result'], true); if(!empty($data['error'])){ if(is_array($data['error'])){ $error[] = $data['error']['code'].' : '.$data['error']['message']; }else{ $error[] = $data['error'].' : '.$data['error_description']; } return false; } return $data; } /* * Generate a new Access Token or Refresh Token from the previous Refresh Token. * * @package softaculous * @author Pratik Jaiswal * @param string $refresh_token The refresh token generated by user during access grant process * @return string $token One Drive Access Token which we can use for authentication in behalf of user * @since 5.7.1 / function refresh_token_func($refresh_token){ global $error; $refresh_token = rawurldecode($refresh_token); $url = 'https://login.microsoftonline.com/common/oauth2/v2.0/token'; $headers = array("Content-Type: application/x-www-form-urlencoded"); $post = http_build_query(array( 'refresh_token' => $refresh_token, 'action' => 'get_access_token' )); $resp = $this->__curl($this->token_url, $headers, $post); if(!empty($resp['error'])){ $error[] = $resp['error']; return false; } $data = json_decode($resp['result'], true); if(!empty($data['error'])){ if(is_array($data['error'])){ $error[] = $data['error']['code'].' : '.$data['error']['message']; }else{ $error[] = $data['error'].' : '.$data['error_description']; } return false; } return $data['access_token']; } /* * Create Softaculous App Directory in user's One Drive account * * @package softaculous * @author Pratik jaiswal * @param string $refresh_token Refresh Token of user's One Drive account to generate the access token * @since 5.7.1 / function create_onedrive_app_dir($refresh_token){ global $error; $file_id = $this->get_onedrive_file_id($this->app_dir, $refresh_token); if(empty($file_id)){ $this->create_dir($this->app_dir); } } function create_dir($dirname){ global $error; $url = $this->graph_api_url.'root/children'; $data= '{ "name": "'.$dirname.'", "folder": { } }'; $headers = array('Content-Type: application/json', "Cache-Control: no-cache", "Pragma: no-cache", "Authorization: bearer ".$this->access_token); $resp = $this->__curl($url, $headers, $data, 'POST'); if(!empty($resp['error'])){ $error[] = $resp['error']; return false; } $data = json_decode($resp['result'], true); if(!empty($data['error'])){ if(is_array($data['error'])){ $error[] = $data['error']['code'].' : '.$data['error']['message']; }else{ $error[] = $data['error'].' : '.$data['error_description']; } return false; } return $data['id']; } function __curl($url, $headers = '', $post = '', $request_type = 'POST'){ global $error; // Set the curl parameters. $ch = curl_init($url); curl_setopt($ch, CURLOPT_URL, $url); if(!empty($headers)){ curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); } curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $request_type); //We are setting this as on some servers, the default HTTP version was taken as 2.0 by curl, causing issue curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); if(!empty($post)){ curl_setopt($ch, CURLOPT_POST, TRUE); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); } // Turn off the server and peer verification (TrustManager Concept). curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //Get response from the server. $resp = array(); $resp['result'] = curl_exec($ch); $resp['error'] = curl_error($ch); curl_close($ch); return $resp; } function get_quota($path){ $stream = parse_url($path); $this->refresh_token = $stream['host']; if(empty($this->access_token)) { $this->access_token = $this->refresh_token_func($this->refresh_token); } // Just make a GET request to the graph API and it will return basic details and Quota $url = $this->graph_api_url; $headers = array('Authorization: Bearer '.$this->access_token); $resp = $this->__curl($url, $headers, '', 'GET'); if(empty($resp) \|\| empty($resp['result'])){ return false; } $decoded_resp = json_decode($resp['result'], true); if(empty($decoded_resp) \|\| !is_array($decoded_resp) \|\| empty($decoded_resp['quota'])){ return false; } return ['total' => $decoded_resp['quota']['total'], 'used' => $decoded_resp['quota']['used']]; } } ��softsftp.php��0000644��00000020250�15104540706�0007126 0��ustar�00��<?php include_once('sftp.php'); class softsftp { var $sftp_conn = false; var $position; var $remotefile; var $readsize = 0; var $sftp; var $orig_path = ''; var $tmpsize = 0; var $tpfile = 'php://memory'; var $writepos = 0; var $wp = NULL; // Memory Write Pointer var $mode; function __construct(){ $this->softsftp(); } function softsftp(){ $this->sftp = new sftp(); } function __destruct(){ $this->position = 0; $this->remotefile = ''; } // Used to test a connection to the remote server function connect($host, $port, $user, $pass = '', $pri = '', $passphrase = ''){ //cannot put this code inside constructor since we need to pass the URL, the constructor takes void(no) parameters. //__construct is called only before stream_open() in older versions of PHP (< 5.6). In newer versions, it is called before all the stream functions. if(!is_object($this->sftp)){ $this->sftp = new sftp(); } //echo $host.' - '.$port.' - '.$user.' - '.$pass.' - '.$pri.' - '.$passphrase; $this->sftp_conn = $this->sftp->connect($host, $port, $user, $pass, $pri, $passphrase); //backuply_print($this->sftp->error); return $this->sftp_conn; } // Just so that we can connect everywhere function init($path, &$url = array()){ global $user; //backuply_print($user); if(!preg_match('/softsftp:\/\//i', $path)){ return false; } $url = parse_url($path); // By default the port is 21 if(empty($url['port'])){ $url['port'] = 21; } if(empty($url['pass'])){ $sftpuser = $user['remote_backup_locs'][$url['user']]['ftp_user']; $sftppri = $user['remote_backup_locs'][$url['user']]['private_key']; $sftppassphrase = $user['remote_backup_locs'][$url['user']]['passphrase']; if(empty($sftppri) && empty($sftppassphrase)){ return false; } } //backuply_print($flags); // Are we to connect if(empty($this->sftp_conn)){ $this->connect($url['host'], $url['port'], rawurldecode((empty($url['pass']) ? $sftpuser : $url['user'])), rawurldecode($url['pass']), $sftppri, $sftppassphrase); } if(empty($this->sftp_conn)){ return false; } return $this->sftp_conn; } // For fopen function stream_open($path, $mode){ if(!$init = $this->init($path, $url)){ return $init; } //echo 'IN OPEN : '.$this->sftp_conn.' - '.$path."\n"; //backuply_print($this->sftp->error); //echo 'HERE'; //die(); $this->orig_path = $path; $this->mode = $mode; $this->remotefile = $url['path']; $this->position = 0; // Sets file size if its in read mode if(strpos($this->mode, 'r') !== FALSE){ $this->readsize = filesize($this->orig_path); if(empty($this->readsize)){ return false; } } return $this->sftp_conn; } // AS of now not used function stream_read($count){ if(!$this->sftp_conn){ return false; } // Get the readsize if(empty($this->readsize)){ $this->readsize = filesize($this->orig_path); } $this->varname = $this->sftp->get($this->remotefile, false, $this->position, $count); $ret = substr($this->varname, 0, $count); if(empty($ret)){ return false; } $this->position = $this->position + $count; return $ret; } function stream_write($data){ $strlen = strlen($data); //echo 'IN WRITE : '.$strlen."\n"; //echo $this->remotefile.' - '.strlen($data);die(); if(!$this->sftp_conn){ return false; } $ret = $strlen; if(!$this->sftp->backup_softput($this->remotefile, $data)){ $ret = false; } return $ret; } function stream_close(){ $ret = true; //echo 'IN CLOSE : '.$this->position."\n"; if(preg_match('/w\|a/is', $this->mode)){ // Are we already more than 4 MB ? if($this->tmpsize > 0){ rewind($this->wp); if(!$this->sftp->backup_softput($this->remotefile, $this->wp, $this->writepos)){ $ret = false; } $this->writepos += $this->tmpsize; // Close the temp file and reset the variables fclose($this->wp); $this->wp = NULL; $this->tmpsize = 0; } } return $ret; } function stream_eof(){ return $this->position >= $this->readsize; } function stream_tell(){ return $this->position; } function dir_opendir($path, $options){ if(!$init = $this->init($path, $url)){ return $init; } $this->orig_path = $path; $this->remotefile = $url['path']; $this->filelist = $this->sftp->nlist($this->remotefile); //backuply_print($this->filelist); return true; } function dir_readdir(){ $key = key($this->filelist); if(is_null($key)){ return false; } $val = $this->filelist[$key]; unset($this->filelist[$key]); return pathinfo($val, PATHINFO_BASENAME); } function dir_closedir(){ // Do nothing } // Download a remote file to the local file function download_file_loop($path, $localfile, $startpos = 0){ if(!$init = $this->init($path, $url)){ return $init; } $file_stats = $this->url_stat($path); $this->filesize = $file_stats['size']; //We are passing the file pointer because SFTP -> get() checks if it is a file or a pointer. If it is a file, it opens the file in 'wb' mode. $fp = fopen($localfile, 'ab'); //Read 1MB in one iteration while($startpos < $this->filesize){ if(time() + 5 >= $GLOBALS['end']){ break; } $this->sftp->get($url['path'], $fp, $startpos, 1048576); // Set percentage $percentage = (filesize($localfile) / $this->filesize) 100; backuply_status_log('<div class="backuply-upload-progress"><span class="backuply-upload-progress-bar" style="width:'.round($percentage).'%;"></span><span class="backuply-upload-size">'.round($percentage).'%</span></div>', 'downloading', 22); $startpos += 1048576; } $GLOBALS['l_readbytes'] = filesize($localfile); fclose($fp); return true; } function mkdir($path, $mode, $options){ backuply_log('inside sftp mkdir function'); if(!$init = $this->init($path, $url)){ backuply_log('inside sftp mkdir : init'); return $init; } $ret = $this->sftp->mmkdir($url['path'], $mode); backuply_log('inside sftp mkdir : mmkdir'); return $ret; } function rmdir($path, $options){ if(!$init = $this->init($path, $url)){ return $init; } $res = $this->sftp->rmdir($url['path']); return $res; } function url_stat($path){ if(!$init = $this->init($path, $url)){ return $init; } $url['path'] = $this->cleanpath($url['path']); if(empty($url['path'])){ $url['path'] = '/'; } //backuply_print($url);die(); if($url['path'] == '/'){ $file = '.'; $dir = $url['path']; }else{ $file = basename($url['path']); $dir = dirname($url['path']); } $dir = $this->cleanpath($dir); if(empty($dir)){ $dir = '/'; } //echo $file.' - '.$dir." -- - - -\n";die(); $list = $this->sftp->rawlist($dir); //backuply_print($list); foreach($list as $k => $v){ $list[$k] = $this->sftp->_parselisting($v); if($k != $file){ continue; } //backuply_print($list[$k]); $stat = array('dev' => 0, 'ino' => 0, 'mode' => (isset($list[$k]['mode']) ? octdec($list[$k]['mode']) : 0), 'nlink' => 0, 'uid' => 0, 'gid' => 0, 'rdev' => 0, 'size' => $list[$k]['size'], 'atime' => $list[$k]['time'], 'mtime' => $list[$k]['time'], 'ctime' => $list[$k]['time'], 'blksize' => -1, 'blocks' => -1 ); return $stat + array_values($stat); } return false; } function unlink($path){ if(!$init = $this->init($path, $url)){ return $init; } $res = $this->sftp->delete($url['path']); return $res; } function rename($from, $to){ if(!$init = $this->init($from, $url)){ return $init; } $url_from = parse_url($from); $url_to = parse_url($to); //echo 'Rename : '.$url_from['path'].' - '.$url_to['path']."\n"; return $this->sftp->rename($url_from['path'], $url_to['path']); } function chdir($dir){ return $this->sftp->chdir($dir); } function pwd(){ return $this->sftp->pwd(); } function cleanpath($path){ $path = str_replace('\\\\', '/', $path); $path = str_replace('\\', '/', $path); $path = str_replace('//', '/', $path); return rtrim($path, '/'); } }��plugin-update-checker.php��0000644��00000151024�15104540706�0011442 0��ustar�00��<?php /** * Plugin Update Checker Library 3.2 * http://w-shadow.com/ * * Copyright 2016 Janis Elsts * Released under the MIT license. See license.txt for details. / if ( !class_exists('BackuplyUpdateChecker_3_2', false) ): /* * A custom plugin update checker. * * @author Janis Elsts * @copyright 2016 * @version 3.2 * @access public / class BackuplyUpdateChecker_3_2 { public $metadataUrl = ''; //The URL of the plugin's metadata file. public $pluginAbsolutePath = ''; //Full path of the main plugin file. public $pluginFile = ''; //Plugin filename relative to the plugins directory. Many WP APIs use this to identify plugins. public $slug = ''; //Plugin slug. public $optionName = ''; //Where to store the update info. public $muPluginFile = ''; //For MU plugins, the plugin filename relative to the mu-plugins directory. public $debugMode = false; //Set to TRUE to enable error reporting. Errors are raised using trigger_error() //and should be logged to the standard PHP error log. public $scheduler; protected $upgraderStatus; private $debugBarPlugin = null; private $cachedInstalledVersion = null; private $metadataHost = ''; //The host component of $metadataUrl. /* * Class constructor. * * @param string $metadataUrl The URL of the plugin's metadata file. * @param string $pluginFile Fully qualified path to the main plugin file. * @param string $slug The plugin's 'slug'. If not specified, the filename part of $pluginFile sans '.php' will be used as the slug. * @param integer $checkPeriod How often to check for updates (in hours). Defaults to checking every 12 hours. Set to 0 to disable automatic update checks. * @param string $optionName Where to store book-keeping info about update checks. Defaults to 'external_updates-$slug'. * @param string $muPluginFile Optional. The plugin filename relative to the mu-plugins directory. / public function __construct($metadataUrl, $pluginFile, $slug = '', $checkPeriod = 12, $optionName = '', $muPluginFile = ''){ $this->metadataUrl = $metadataUrl; $this->pluginAbsolutePath = $pluginFile; $this->pluginFile = plugin_basename($this->pluginAbsolutePath); $this->muPluginFile = $muPluginFile; $this->slug = $slug; $this->optionName = $optionName; $this->debugMode = (bool)(constant('WP_DEBUG')); //If no slug is specified, use the name of the main plugin file as the slug. //For example, 'my-cool-plugin/cool-plugin.php' becomes 'cool-plugin'. if ( empty($this->slug) ){ $this->slug = basename($this->pluginFile, '.php'); } //Plugin slugs must be unique. $slugCheckFilter = 'puc_is_slug_in_use-' . $this->slug; $slugUsedBy = apply_filters($slugCheckFilter, false); if ( $slugUsedBy ) { $this->triggerError(sprintf( 'Plugin slug "%s" is already in use by %s. Slugs must be unique.', htmlentities($this->slug), htmlentities($slugUsedBy) ), E_USER_ERROR); } add_filter($slugCheckFilter, array($this, 'getAbsolutePath')); if ( empty($this->optionName) ){ $this->optionName = 'external_updates-' . $this->slug; } //Backwards compatibility: If the plugin is a mu-plugin but no $muPluginFile is specified, assume //it's the same as $pluginFile given that it's not in a subdirectory (WP only looks in the base dir). if ( (strpbrk($this->pluginFile, '/\\') === false) && $this->isUnknownMuPlugin() ) { $this->muPluginFile = $this->pluginFile; } $this->scheduler = $this->createScheduler($checkPeriod); $this->upgraderStatus = new Backuply_PucUpgraderStatus_3_2(); $this->installHooks(); } /* * Create an instance of the scheduler. * * This is implemented as a method to make it possible for plugins to subclass the update checker * and substitute their own scheduler. * * @param int $checkPeriod * @return Backuply_PucScheduler_3_2 / protected function createScheduler($checkPeriod) { return new Backuply_PucScheduler_3_2($this, $checkPeriod); } /* * Install the hooks required to run periodic update checks and inject update info * into WP data structures. * * @return void / protected function installHooks(){ //Override requests for plugin information add_filter('plugins_api', array($this, 'injectInfo'), 20, 3); //Insert our update info into the update array maintained by WP. add_filter('site_transient_update_plugins', array($this,'injectUpdate')); //WP 3.0+ add_filter('transient_update_plugins', array($this,'injectUpdate')); //WP 2.8+ add_filter('site_transient_update_plugins', array($this, 'injectTranslationUpdates')); add_filter('plugin_row_meta', array($this, 'addCheckForUpdatesLink'), 10, 2); add_action('admin_init', array($this, 'handleManualCheck')); add_action('all_admin_notices', array($this, 'displayManualCheckResult')); //Clear the version number cache when something - anything - is upgraded or WP clears the update cache. add_filter('upgrader_post_install', array($this, 'clearCachedVersion')); add_action('delete_site_transient_update_plugins', array($this, 'clearCachedVersion')); //Clear translation updates when WP clears the update cache. //This needs to be done directly because the library doesn't actually remove obsolete plugin updates, //it just hides them (see getUpdate()). We can't do that with translations - too much disk I/O. add_action('delete_site_transient_update_plugins', array($this, 'clearCachedTranslationUpdates')); if ( did_action('plugins_loaded') ) { $this->initDebugBarPanel(); } else { add_action('plugins_loaded', array($this, 'initDebugBarPanel')); } //Rename the update directory to be the same as the existing directory. add_filter('upgrader_source_selection', array($this, 'fixDirectoryName'), 10, 3); //Enable language support (i18n). load_plugin_textdomain('plugin-update-checker', false, plugin_basename(dirname(__FILE__)) . '/languages'); //Allow HTTP requests to the metadata URL even if it's on a local host. $this->metadataHost = @parse_url($this->metadataUrl, PHP_URL_HOST); add_filter('http_request_host_is_external', array($this, 'allowMetadataHost'), 10, 2); } /* * Explicitly allow HTTP requests to the metadata URL. * * WordPress has a security feature where the HTTP API will reject all requests that are sent to * another site hosted on the same server as the current site (IP match), a local host, or a local * IP, unless the host exactly matches the current site. * * This feature is opt-in (at least in WP 4.4). Apparently some people enable it. * * That can be a problem when you're developing your plugin and you decide to host the update information * on the same server as your test site. Update requests will mysteriously fail. * * We fix that by adding an exception for the metadata host. * * @param bool $allow * @param string $host * @return bool / public function allowMetadataHost($allow, $host) { if ( strtolower($host) === strtolower($this->metadataHost) ) { return true; } return $allow; } /* * Retrieve plugin info from the configured API endpoint. * * @uses wp_remote_get() * * @param array $queryArgs Additional query arguments to append to the request. Optional. * @return BackuplyInfo_3_2 / public function requestInfo($queryArgs = array()){ //Query args to append to the URL. Plugins can add their own by using a filter callback (see addQueryArgFilter()). $installedVersion = $this->getInstalledVersion(); $queryArgs['installed_version'] = ($installedVersion !== null) ? $installedVersion : ''; $queryArgs = apply_filters('puc_request_info_query_args-'.$this->slug, $queryArgs); //Various options for the wp_remote_get() call. Plugins can filter these, too. $options = array( 'timeout' => 10, //seconds 'headers' => array( 'Accept' => 'application/json' ), ); $options = apply_filters('puc_request_info_options-'.$this->slug, $options); //The plugin info should be at 'http://your-api.com/url/here/$slug/info.json' $url = $this->metadataUrl; if ( !empty($queryArgs) ){ $url = add_query_arg($queryArgs, $url); } $result = wp_remote_get( $url, $options ); //Try to parse the response $status = $this->validateApiResponse($result); $pluginInfo = null; if ( !is_wp_error($status) ){ $pluginInfo = BackuplyInfo_3_2::fromJson($result['body']); if ( $pluginInfo !== null ) { $pluginInfo->filename = $this->pluginFile; $pluginInfo->slug = $this->slug; } } else { $this->triggerError( sprintf('The URL %s does not point to a valid plugin metadata file. ', $url) . $status->get_error_message(), E_USER_WARNING ); } $pluginInfo = apply_filters('puc_request_info_result-'.$this->slug, $pluginInfo, $result); return $pluginInfo; } /* * Check if $result is a successful update API response. * * @param array\|WP_Error $result * @return true\|WP_Error / private function validateApiResponse($result) { if ( is_wp_error($result) ) { /* @var WP_Error $result / return new WP_Error($result->get_error_code(), 'WP HTTP Error: ' . $result->get_error_message()); } if ( !isset($result['response']['code']) ) { return new WP_Error('puc_no_response_code', 'wp_remote_get() returned an unexpected result.'); } if ( $result['response']['code'] !== 200 ) { return new WP_Error( 'puc_unexpected_response_code', 'HTTP response code is ' . $result['response']['code'] . ' (expected: 200)' ); } if ( empty($result['body']) ) { return new WP_Error('puc_empty_response', 'The metadata file appears to be empty.'); } return true; } /* * Retrieve the latest update (if any) from the configured API endpoint. * * @uses BackuplyUpdateChecker::requestInfo() * * @return BackuplyUpdate_3_2 An instance of BackuplyUpdate, or NULL when no updates are available. / public function requestUpdate(){ //For the sake of simplicity, this function just calls requestInfo() //and transforms the result accordingly. $pluginInfo = $this->requestInfo(array('checking_for_updates' => '1')); if ( $pluginInfo == null ){ return null; } $update = BackuplyUpdate_3_2::fromBackuplyInfo($pluginInfo); //Keep only those translation updates that apply to this site. $update->translations = $this->filterApplicableTranslations($update->translations); return $update; } /* * Filter a list of translation updates and return a new list that contains only updates * that apply to the current site. * * @param array $translations * @return array / private function filterApplicableTranslations($translations) { $languages = array_flip(array_values(get_available_languages())); $installedTranslations = wp_get_installed_translations('plugins'); if ( isset($installedTranslations[$this->slug]) ) { $installedTranslations = $installedTranslations[$this->slug]; } else { $installedTranslations = array(); } $applicableTranslations = array(); foreach($translations as $translation) { //Does it match one of the available core languages? $isApplicable = array_key_exists($translation->language, $languages); //Is it more recent than an already-installed translation? if ( isset($installedTranslations[$translation->language]) ) { $updateTimestamp = strtotime($translation->updated); $installedTimestamp = strtotime($installedTranslations[$translation->language]['PO-Revision-Date']); $isApplicable = $updateTimestamp > $installedTimestamp; } if ( $isApplicable ) { $applicableTranslations[] = $translation; } } return $applicableTranslations; } /* * Get the currently installed version of the plugin. * * @return string Version number. / public function getInstalledVersion(){ if ( isset($this->cachedInstalledVersion) ) { return $this->cachedInstalledVersion; } $pluginHeader = $this->getPluginHeader(); if ( isset($pluginHeader['Version']) ) { $this->cachedInstalledVersion = $pluginHeader['Version']; return $pluginHeader['Version']; } else { //This can happen if the filename points to something that is not a plugin. $this->triggerError( sprintf( "Can't to read the Version header for '%s'. The filename is incorrect or is not a plugin.", $this->pluginFile ), E_USER_WARNING ); return null; } } /* * Get plugin's metadata from its file header. * * @return array / protected function getPluginHeader() { if ( !is_file($this->pluginAbsolutePath) ) { //This can happen if the plugin filename is wrong. $this->triggerError( sprintf( "Can't to read the plugin header for '%s'. The file does not exist.", $this->pluginFile ), E_USER_WARNING ); return array(); } if ( !function_exists('get_plugin_data') ){ /* @noinspection PhpIncludeInspection / require_once( ABSPATH . '/wp-admin/includes/plugin.php' ); } return get_plugin_data($this->pluginAbsolutePath, false, false); } /* * Check for plugin updates. * The results are stored in the DB option specified in $optionName. * * @return BackuplyUpdate_3_2\|null / public function checkForUpdates(){ $installedVersion = $this->getInstalledVersion(); //Fail silently if we can't find the plugin or read its header. if ( $installedVersion === null ) { $this->triggerError( sprintf('Skipping update check for %s - installed version unknown.', $this->pluginFile), E_USER_WARNING ); return null; } $state = $this->getUpdateState(); if ( empty($state) ){ $state = new stdClass; $state->lastCheck = 0; $state->checkedVersion = ''; $state->update = null; } $state->lastCheck = time(); $state->checkedVersion = $installedVersion; $this->setUpdateState($state); //Save before checking in case something goes wrong $state->update = $this->requestUpdate(); $this->setUpdateState($state); return $this->getUpdate(); } /* * Load the update checker state from the DB. * * @return stdClass\|null / public function getUpdateState() { $state = get_site_option($this->optionName, null); if ( empty($state) \|\| !is_object($state)) { $state = null; } if ( isset($state, $state->update) && is_object($state->update) ) { $state->update = BackuplyUpdate_3_2::fromObject($state->update); } return $state; } /* * Persist the update checker state to the DB. * * @param StdClass $state * @return void / private function setUpdateState($state) { if ( isset($state->update) && is_object($state->update) && method_exists($state->update, 'toStdClass') ) { $update = $state->update; /* @var BackuplyUpdate_3_2 $update / $state->update = $update->toStdClass(); } update_site_option($this->optionName, $state); } /* * Reset update checker state - i.e. last check time, cached update data and so on. * * Call this when your plugin is being uninstalled, or if you want to * clear the update cache. / public function resetUpdateState() { delete_site_option($this->optionName); } /* * Intercept plugins_api() calls that request information about our plugin and * use the configured API endpoint to satisfy them. * * @see plugins_api() * * @param mixed $result * @param string $action * @param array\|object $args * @return mixed / public function injectInfo($result, $action = null, $args = null){ $relevant = ($action == 'plugin_information') && isset($args->slug) && ( ($args->slug == $this->slug) \|\| ($args->slug == dirname($this->pluginFile)) ); if ( !$relevant ) { return $result; } $pluginInfo = $this->requestInfo(); $pluginInfo = apply_filters('puc_pre_inject_info-' . $this->slug, $pluginInfo); if ( $pluginInfo ) { return $pluginInfo->toWpFormat(); } return $result; } /* * Insert the latest update (if any) into the update list maintained by WP. * * @param StdClass $updates Update list. * @return StdClass Modified update list. / public function injectUpdate($updates){ //Is there an update to insert? $update = $this->getUpdate(); //No update notifications for mu-plugins unless explicitly enabled. The MU plugin file //is usually different from the main plugin file so the update wouldn't show up properly anyway. if ( $this->isUnknownMuPlugin() ) { $update = null; } if ( !empty($update) ) { //Let plugins filter the update info before it's passed on to WordPress. $update = apply_filters('puc_pre_inject_update-' . $this->slug, $update); $updates = $this->addUpdateToList($updates, $update); } else { //Clean up any stale update info. $updates = $this->removeUpdateFromList($updates); } return $updates; } /* * @param StdClass\|null $updates * @param BackuplyUpdate_3_2 $updateToAdd * @return StdClass / private function addUpdateToList($updates, $updateToAdd) { if ( !is_object($updates) ) { $updates = new stdClass(); $updates->response = array(); } $wpUpdate = $updateToAdd->toWpFormat(); $pluginFile = $this->pluginFile; if ( $this->isMuPlugin() ) { //WP does not support automatic update installation for mu-plugins, but we can still display a notice. $wpUpdate->package = null; $pluginFile = $this->muPluginFile; } $updates->response[$pluginFile] = $wpUpdate; return $updates; } /* * @param stdClass\|null $updates * @return stdClass\|null / private function removeUpdateFromList($updates) { if ( isset($updates, $updates->response) ) { unset($updates->response[$this->pluginFile]); if ( !empty($this->muPluginFile) ) { unset($updates->response[$this->muPluginFile]); } } return $updates; } /* * Insert translation updates into the list maintained by WordPress. * * @param stdClass $updates * @return stdClass / public function injectTranslationUpdates($updates) { $translationUpdates = $this->getTranslationUpdates(); if ( empty($translationUpdates) ) { return $updates; } //Being defensive. if ( !is_object($updates) ) { $updates = new stdClass(); } if ( !isset($updates->translations) ) { $updates->translations = array(); } //In case there's a name collision with a plugin hosted on wordpress.org, //remove any preexisting updates that match our plugin. $translationType = 'plugin'; $filteredTranslations = array(); foreach($updates->translations as $translation) { if ( ($translation['type'] === $translationType) && ($translation['slug'] === $this->slug) ) { continue; } $filteredTranslations[] = $translation; } $updates->translations = $filteredTranslations; //Add our updates to the list. foreach($translationUpdates as $update) { $convertedUpdate = array_merge( array( 'type' => $translationType, 'slug' => $this->slug, 'autoupdate' => 0, //AFAICT, WordPress doesn't actually use the "version" field for anything. //But lets make sure it's there, just in case. 'version' => isset($update->version) ? $update->version : ('1.' . strtotime($update->updated)), ), (array)$update ); $updates->translations[] = $convertedUpdate; } return $updates; } /* * Rename the update directory to match the existing plugin directory. * * When WordPress installs a plugin or theme update, it assumes that the ZIP file will contain * exactly one directory, and that the directory name will be the same as the directory where * the plugin/theme is currently installed. * * GitHub and other repositories provide ZIP downloads, but they often use directory names like * "project-branch" or "project-tag-hash". We need to change the name to the actual plugin folder. * * This is a hook callback. Don't call it from a plugin. * * @param string $source The directory to copy to /wp-content/plugins. Usually a subdirectory of $remoteSource. * @param string $remoteSource WordPress has extracted the update to this directory. * @param WP_Upgrader $upgrader * @return string\|WP_Error / public function fixDirectoryName($source, $remoteSource, $upgrader) { global $wp_filesystem; /* @var WP_Filesystem_Base $wp_filesystem / //Basic sanity checks. if ( !isset($source, $remoteSource, $upgrader, $upgrader->skin, $wp_filesystem) ) { return $source; } //If WordPress is upgrading anything other than our plugin, leave the directory name unchanged. if ( !$this->isPluginBeingUpgraded($upgrader) ) { return $source; } //Rename the source to match the existing plugin directory. $pluginDirectoryName = dirname($this->pluginFile); if ( $pluginDirectoryName === '.' ) { return $source; } $correctedSource = trailingslashit($remoteSource) . $pluginDirectoryName . '/'; if ( $source !== $correctedSource ) { //The update archive should contain a single directory that contains the rest of plugin files. Otherwise, //WordPress will try to copy the entire working directory ($source == $remoteSource). We can't rename //$remoteSource because that would break WordPress code that cleans up temporary files after update. if ( $this->isBadDirectoryStructure($remoteSource) ) { return new WP_Error( 'puc-incorrect-directory-structure', sprintf( 'The directory structure of the update is incorrect. All plugin files should be inside ' . 'a directory named <span class="code">%s</span>, not at the root of the ZIP file.', htmlentities($this->slug) ) ); } /* @var WP_Upgrader_Skin $upgrader->skin / $upgrader->skin->feedback(sprintf( 'Renaming %s to %s…', '<span class="code">' . basename($source) . '</span>', '<span class="code">' . $pluginDirectoryName . '</span>' )); if ( $wp_filesystem->move($source, $correctedSource, true) ) { $upgrader->skin->feedback('Plugin directory successfully renamed.'); return $correctedSource; } else { return new WP_Error( 'puc-rename-failed', 'Unable to rename the update to match the existing plugin directory.' ); } } return $source; } /* * Check for incorrect update directory structure. An update must contain a single directory, * all other files should be inside that directory. * * @param string $remoteSource Directory path. * @return bool / private function isBadDirectoryStructure($remoteSource) { global $wp_filesystem; /* @var WP_Filesystem_Base $wp_filesystem / $sourceFiles = $wp_filesystem->dirlist($remoteSource); if ( is_array($sourceFiles) ) { $sourceFiles = array_keys($sourceFiles); $firstFilePath = trailingslashit($remoteSource) . $sourceFiles[0]; return (count($sourceFiles) > 1) \|\| (!$wp_filesystem->is_dir($firstFilePath)); } //Assume it's fine. return false; } /* * Is there and update being installed RIGHT NOW, for this specific plugin? * * @param WP_Upgrader\|null $upgrader The upgrader that's performing the current update. * @return bool / public function isPluginBeingUpgraded($upgrader = null) { return $this->upgraderStatus->isPluginBeingUpgraded($this->pluginFile, $upgrader); } /* * Get the details of the currently available update, if any. * * If no updates are available, or if the last known update version is below or equal * to the currently installed version, this method will return NULL. * * Uses cached update data. To retrieve update information straight from * the metadata URL, call requestUpdate() instead. * * @return BackuplyUpdate_3_2\|null / public function getUpdate() { $state = $this->getUpdateState(); /* @var StdClass $state / //Is there an update available? if ( isset($state, $state->update) ) { $update = $state->update; //Check if the update is actually newer than the currently installed version. $installedVersion = $this->getInstalledVersion(); if ( ($installedVersion !== null) && version_compare($update->version, $installedVersion, '>') ){ $update->filename = $this->pluginFile; return $update; } } return null; } /* * Get a list of available translation updates. * * This method will return an empty array if there are no updates. * Uses cached update data. * * @return array / public function getTranslationUpdates() { $state = $this->getUpdateState(); if ( isset($state, $state->update, $state->update->translations) ) { return $state->update->translations; } return array(); } /* * Remove all cached translation updates. * * @see wp_clean_update_cache / public function clearCachedTranslationUpdates() { $state = $this->getUpdateState(); if ( isset($state, $state->update, $state->update->translations) ) { $state->update->translations = array(); $this->setUpdateState($state); } } /* * Add a "Check for updates" link to the plugin row in the "Plugins" page. By default, * the new link will appear after the "Visit plugin site" link. * * You can change the link text by using the "puc_manual_check_link-$slug" filter. * Returning an empty string from the filter will disable the link. * * @param array $pluginMeta Array of meta links. * @param string $pluginFile * @return array / public function addCheckForUpdatesLink($pluginMeta, $pluginFile) { $isRelevant = ($pluginFile == $this->pluginFile) \|\| (!empty($this->muPluginFile) && $pluginFile == $this->muPluginFile); if ( $isRelevant && current_user_can('update_plugins') ) { $linkUrl = wp_nonce_url( add_query_arg( array( 'puc_check_for_updates' => 1, 'puc_slug' => $this->slug, ), self_admin_url('plugins.php') ), 'puc_check_for_updates' ); $linkText = apply_filters('puc_manual_check_link-' . $this->slug, __('Check for updates', 'plugin-update-checker')); if ( !empty($linkText) ) { $final_link = sprintf('<a href="%s">%s</a>', esc_attr($linkUrl), $linkText); $pluginMeta[] = apply_filters('puc_manual_final_check_link-' . $this->slug, $final_link); } } return $pluginMeta; } /* * Check for updates when the user clicks the "Check for updates" link. * @see self::addCheckForUpdatesLink() * * @return void / public function handleManualCheck() { $shouldCheck = isset($_GET['puc_check_for_updates'], $_GET['puc_slug']) && $_GET['puc_slug'] == $this->slug && current_user_can('update_plugins') && check_admin_referer('puc_check_for_updates'); if ( $shouldCheck ) { $update = $this->checkForUpdates(); $status = ($update === null) ? 'no_update' : 'update_available'; wp_redirect(add_query_arg( array( 'puc_update_check_result' => $status, 'puc_slug' => $this->slug, ), self_admin_url('plugins.php') )); } } /* * Display the results of a manual update check. * @see self::handleManualCheck() * * You can change the result message by using the "puc_manual_check_message-$slug" filter. / public function displayManualCheckResult() { if ( isset($_GET['puc_update_check_result'], $_GET['puc_slug']) && ($_GET['puc_slug'] == $this->slug) ) { $status = strval($_GET['puc_update_check_result']); if ( $status == 'no_update' ) { $message = __('This plugin is up to date.', 'plugin-update-checker'); } else if ( $status == 'update_available' ) { $message = __('A new version of this plugin is available.', 'plugin-update-checker'); } else { $message = sprintf(__('Unknown update checker status "%s"', 'plugin-update-checker'), htmlentities($status)); } printf( '<div class="updated notice is-dismissible"><p>%s</p></div>', apply_filters('puc_manual_check_message-' . $this->slug, $message, $status) ); } } /* * Check if the plugin file is inside the mu-plugins directory. * * @return bool / protected function isMuPlugin() { static $cachedResult = null; if ( $cachedResult === null ) { //Convert both paths to the canonical form before comparison. $muPluginDir = realpath(WPMU_PLUGIN_DIR); $pluginPath = realpath($this->pluginAbsolutePath); if(!empty($muPluginDir)){ $cachedResult = (strpos($pluginPath, $muPluginDir) === 0); }else{ $cachedResult = false; } } return $cachedResult; } /* * MU plugins are partially supported, but only when we know which file in mu-plugins * corresponds to this plugin. * * @return bool / protected function isUnknownMuPlugin() { return empty($this->muPluginFile) && $this->isMuPlugin(); } /* * Clear the cached plugin version. This method can be set up as a filter (hook) and will * return the filter argument unmodified. * * @param mixed $filterArgument * @return mixed / public function clearCachedVersion($filterArgument = null) { $this->cachedInstalledVersion = null; return $filterArgument; } /* * Get absolute path to the main plugin file. * * @return string / public function getAbsolutePath() { return $this->pluginAbsolutePath; } /* * Register a callback for filtering query arguments. * * The callback function should take one argument - an associative array of query arguments. * It should return a modified array of query arguments. * * @uses add_filter() This method is a convenience wrapper for add_filter(). * * @param callable $callback * @return void / public function addQueryArgFilter($callback){ add_filter('puc_request_info_query_args-'.$this->slug, $callback); } /* * Register a callback for filtering arguments passed to wp_remote_get(). * * The callback function should take one argument - an associative array of arguments - * and return a modified array or arguments. See the WP documentation on wp_remote_get() * for details on what arguments are available and how they work. * * @uses add_filter() This method is a convenience wrapper for add_filter(). * * @param callable $callback * @return void / public function addHttpRequestArgFilter($callback){ add_filter('puc_request_info_options-'.$this->slug, $callback); } /* * Register a callback for filtering the plugin info retrieved from the external API. * * The callback function should take two arguments. If the plugin info was retrieved * successfully, the first argument passed will be an instance of BackuplyInfo. Otherwise, * it will be NULL. The second argument will be the corresponding return value of * wp_remote_get (see WP docs for details). * * The callback function should return a new or modified instance of BackuplyInfo or NULL. * * @uses add_filter() This method is a convenience wrapper for add_filter(). * * @param callable $callback * @return void / public function addResultFilter($callback){ add_filter('puc_request_info_result-'.$this->slug, $callback, 10, 2); } /* * Register a callback for one of the update checker filters. * * Identical to add_filter(), except it automatically adds the "puc_" prefix * and the "-$plugin_slug" suffix to the filter name. For example, "request_info_result" * becomes "puc_request_info_result-your_plugin_slug". * * @param string $tag * @param callable $callback * @param int $priority * @param int $acceptedArgs / public function addFilter($tag, $callback, $priority = 10, $acceptedArgs = 1) { add_filter('puc_' . $tag . '-' . $this->slug, $callback, $priority, $acceptedArgs); } /* * Initialize the update checker Debug Bar plugin/add-on thingy. / public function initDebugBarPanel() { $debugBarPlugin = dirname(__FILE__) . '/debug-bar-plugin.php'; if ( class_exists('Debug_Bar', false) && file_exists($debugBarPlugin) ) { /* @noinspection PhpIncludeInspection / require_once $debugBarPlugin; $this->debugBarPlugin = new Backuply_PucDebugBarPlugin_3_2($this); } } /* * Trigger a PHP error, but only when $debugMode is enabled. * * @param string $message * @param int $errorType / protected function triggerError($message, $errorType) { if ( $this->debugMode ) { trigger_error($message, $errorType); } } } endif; if ( !class_exists('BackuplyInfo_3_2', false) ): /* * A container class for holding and transforming various plugin metadata. * * @author Janis Elsts * @copyright 2016 * @version 3.2 * @access public / #[\AllowDynamicProperties] class BackuplyInfo_3_2 { //Most fields map directly to the contents of the plugin's info.json file. //See the relevant docs for a description of their meaning. public $name; public $slug; public $version; public $homepage; public $sections = array(); public $banners; public $translations = array(); public $download_url; public $author; public $author_homepage; public $requires; public $tested; public $upgrade_notice; public $rating; public $num_ratings; public $downloaded; public $active_installs; public $last_updated; public $id = 0; //The native WP.org API returns numeric plugin IDs, but they're not used for anything. public $filename; //Plugin filename relative to the plugins directory. /* * Create a new instance of BackuplyInfo from JSON-encoded plugin info * returned by an external update API. * * @param string $json Valid JSON string representing plugin info. * @return BackuplyInfo_3_2\|null New instance of BackuplyInfo, or NULL on error. / public static function fromJson($json){ /* @var StdClass $apiResponse / $apiResponse = json_decode($json); if ( empty($apiResponse) \|\| !is_object($apiResponse) ){ trigger_error( "Failed to parse plugin metadata. Try validating your .json file with http://jsonlint.com/", E_USER_NOTICE ); return null; } $valid = self::validateMetadata($apiResponse); if ( is_wp_error($valid) ){ trigger_error($valid->get_error_message(), E_USER_NOTICE); return null; } $info = new self(); foreach(get_object_vars($apiResponse) as $key => $value){ $info->$key = $value; } //json_decode decodes assoc. arrays as objects. We want it as an array. $info->sections = (array)$info->sections; return $info; } /* * Very, very basic validation. * * @param StdClass $apiResponse * @return bool\|WP_Error / protected static function validateMetadata($apiResponse) { if ( !isset($apiResponse->name, $apiResponse->version) \|\| empty($apiResponse->name) \|\| empty($apiResponse->version) ) { return new WP_Error( 'puc-invalid-metadata', "The plugin metadata file does not contain the required 'name' and/or 'version' keys." ); } return true; } /* * Transform plugin info into the format used by the native WordPress.org API * * @return object / public function toWpFormat(){ $info = new stdClass; //The custom update API is built so that many fields have the same name and format //as those returned by the native WordPress.org API. These can be assigned directly. $sameFormat = array( 'name', 'slug', 'version', 'requires', 'tested', 'rating', 'upgrade_notice', 'num_ratings', 'downloaded', 'active_installs', 'homepage', 'last_updated', ); foreach($sameFormat as $field){ if ( isset($this->$field) ) { $info->$field = $this->$field; } else { $info->$field = null; } } //Other fields need to be renamed and/or transformed. $info->download_link = $this->download_url; $info->author = $this->getFormattedAuthor(); $info->sections = array_merge(array('description' => ''), $this->sections); if ( !empty($this->banners) ) { //WP expects an array with two keys: "high" and "low". Both are optional. //Docs: https://wordpress.org/plugins/about/faq/#banners $info->banners = is_object($this->banners) ? get_object_vars($this->banners) : $this->banners; $info->banners = array_intersect_key($info->banners, array('high' => true, 'low' => true)); } return $info; } protected function getFormattedAuthor() { if ( !empty($this->author_homepage) ){ return sprintf('<a href="%s">%s</a>', $this->author_homepage, $this->author); } return $this->author; } } endif; if ( !class_exists('BackuplyUpdate_3_2', false) ): /* * A simple container class for holding information about an available update. * * @author Janis Elsts * @copyright 2016 * @version 3.2 * @access public / class BackuplyUpdate_3_2 { public $id = 0; public $slug; public $version; public $homepage; public $download_url; public $upgrade_notice; public $tested; public $translations = array(); public $filename; //Plugin filename relative to the plugins directory. private static $fields = array( 'id', 'slug', 'version', 'homepage', 'tested', 'download_url', 'upgrade_notice', 'filename', 'translations' ); /* * Create a new instance of BackuplyUpdate from its JSON-encoded representation. * * @param string $json * @return BackuplyUpdate_3_2\|null / public static function fromJson($json){ //Since update-related information is simply a subset of the full plugin info, //we can parse the update JSON as if it was a plugin info string, then copy over //the parts that we care about. $pluginInfo = BackuplyInfo_3_2::fromJson($json); if ( $pluginInfo != null ) { return self::fromBackuplyInfo($pluginInfo); } else { return null; } } /* * Create a new instance of BackuplyUpdate based on an instance of BackuplyInfo. * Basically, this just copies a subset of fields from one object to another. * * @param BackuplyInfo_3_2 $info * @return BackuplyUpdate_3_2 / public static function fromBackuplyInfo($info){ return self::fromObject($info); } /* * Create a new instance of BackuplyUpdate by copying the necessary fields from * another object. * * @param StdClass\|BackuplyInfo_3_2\|BackuplyUpdate_3_2 $object The source object. * @return BackuplyUpdate_3_2 The new copy. / public static function fromObject($object) { $update = new self(); $fields = self::$fields; if ( !empty($object->slug) ) { $fields = apply_filters('puc_retain_fields-' . $object->slug, $fields); } foreach($fields as $field){ if (property_exists($object, $field)) { $update->$field = $object->$field; } } return $update; } /* * Create an instance of StdClass that can later be converted back to * a BackuplyUpdate. Useful for serialization and caching, as it avoids * the "incomplete object" problem if the cached value is loaded before * this class. * * @return StdClass / public function toStdClass() { $object = new stdClass(); $fields = self::$fields; if ( !empty($this->slug) ) { $fields = apply_filters('puc_retain_fields-' . $this->slug, $fields); } foreach($fields as $field){ if (property_exists($this, $field)) { $object->$field = $this->$field; } } return $object; } /* * Transform the update into the format used by WordPress native plugin API. * * @return object / public function toWpFormat(){ $update = new stdClass; $update->id = $this->id; $update->slug = $this->slug; $update->new_version = $this->version; $update->url = $this->homepage; $update->package = $this->download_url; $update->tested = $this->tested; $update->plugin = $this->filename; if ( !empty($this->upgrade_notice) ){ $update->upgrade_notice = $this->upgrade_notice; } return $update; } } endif; if ( !class_exists('Backuply_PucScheduler_3_2', false) ): /* * The scheduler decides when and how often to check for updates. * It calls @see BackuplyUpdateChecker::checkForUpdates() to perform the actual checks. * * @version 3.2 / class Backuply_PucScheduler_3_2 { public $checkPeriod = 12; //How often to check for updates (in hours). public $throttleRedundantChecks = false; //Check less often if we already know that an update is available. public $throttledCheckPeriod = 72; /* * @var BackuplyUpdateChecker_3_2 / protected $updateChecker; private $cronHook = null; /* * Scheduler constructor. * * @param BackuplyUpdateChecker_3_2 $updateChecker * @param int $checkPeriod How often to check for updates (in hours). / public function __construct($updateChecker, $checkPeriod) { $this->updateChecker = $updateChecker; $this->checkPeriod = $checkPeriod; //Set up the periodic update checks $this->cronHook = 'check_plugin_updates-' . $this->updateChecker->slug; if ( $this->checkPeriod > 0 ){ //Trigger the check via Cron. //Try to use one of the default schedules if possible as it's less likely to conflict //with other plugins and their custom schedules. $defaultSchedules = array( 1 => 'hourly', 12 => 'twicedaily', 24 => 'daily', ); if ( array_key_exists($this->checkPeriod, $defaultSchedules) ) { $scheduleName = $defaultSchedules[$this->checkPeriod]; } else { //Use a custom cron schedule. $scheduleName = 'every' . $this->checkPeriod . 'hours'; add_filter('cron_schedules', array($this, '_addCustomSchedule')); } if ( !wp_next_scheduled($this->cronHook) && !defined('WP_INSTALLING') ) { wp_schedule_event(time(), $scheduleName, $this->cronHook); } add_action($this->cronHook, array($this, 'maybeCheckForUpdates')); register_deactivation_hook($this->updateChecker->pluginFile, array($this, '_removeUpdaterCron')); //In case Cron is disabled or unreliable, we also manually trigger //the periodic checks while the user is browsing the Dashboard. add_action( 'admin_init', array($this, 'maybeCheckForUpdates') ); //Like WordPress itself, we check more often on certain pages. /* @see wp_update_plugins / add_action('load-update-core.php', array($this, 'maybeCheckForUpdates')); add_action('load-plugins.php', array($this, 'maybeCheckForUpdates')); add_action('load-update.php', array($this, 'maybeCheckForUpdates')); //This hook fires after a bulk update is complete. add_action('upgrader_process_complete', array($this, 'maybeCheckForUpdates'), 11, 0); } else { //Periodic checks are disabled. wp_clear_scheduled_hook($this->cronHook); } } /* * Check for updates if the configured check interval has already elapsed. * Will use a shorter check interval on certain admin pages like "Dashboard -> Updates" or when doing cron. * * You can override the default behaviour by using the "puc_check_now-$slug" filter. * The filter callback will be passed three parameters: * - Current decision. TRUE = check updates now, FALSE = don't check now. * - Last check time as a Unix timestamp. * - Configured check period in hours. * Return TRUE to check for updates immediately, or FALSE to cancel. * * This method is declared public because it's a hook callback. Calling it directly is not recommended. / public function maybeCheckForUpdates(){ if ( empty($this->checkPeriod) ){ return; } $state = $this->updateChecker->getUpdateState(); $shouldCheck = empty($state) \|\| !isset($state->lastCheck) \|\| ( (time() - $state->lastCheck) >= $this->getEffectiveCheckPeriod() ); //Let plugin authors substitute their own algorithm. $shouldCheck = apply_filters( 'puc_check_now-' . $this->updateChecker->slug, $shouldCheck, (!empty($state) && isset($state->lastCheck)) ? $state->lastCheck : 0, $this->checkPeriod ); if ( $shouldCheck ) { $this->updateChecker->checkForUpdates(); } } /* * Calculate the actual check period based on the current status and environment. * * @return int Check period in seconds. / protected function getEffectiveCheckPeriod() { $currentFilter = current_filter(); if ( in_array($currentFilter, array('load-update-core.php', 'upgrader_process_complete')) ) { //Check more often when the user visits "Dashboard -> Updates" or does a bulk update. $period = 60; } else if ( in_array($currentFilter, array('load-plugins.php', 'load-update.php')) ) { //Also check more often on the "Plugins" page and /wp-admin/update.php. $period = 3600; } else if ( $this->throttleRedundantChecks && ($this->updateChecker->getUpdate() !== null) ) { //Check less frequently if it's already known that an update is available. $period = $this->throttledCheckPeriod 3600; } else if ( defined('DOING_CRON') && constant('DOING_CRON') ) { //WordPress cron schedules are not exact, so lets do an update check even //if slightly less than $checkPeriod hours have elapsed since the last check. $cronFuzziness = 20 * 60; $period = $this->checkPeriod * 3600 - $cronFuzziness; } else { $period = $this->checkPeriod * 3600; } return $period; } /** * Add our custom schedule to the array of Cron schedules used by WP. * * @param array $schedules * @return array / public function _addCustomSchedule($schedules){ if ( $this->checkPeriod && ($this->checkPeriod > 0) ){ $scheduleName = 'every' . $this->checkPeriod . 'hours'; $schedules[$scheduleName] = array( 'interval' => $this->checkPeriod 3600, 'display' => sprintf('Every %d hours', $this->checkPeriod), ); } return $schedules; } /** * Remove the scheduled cron event that the library uses to check for updates. * * @return void / public function _removeUpdaterCron(){ wp_clear_scheduled_hook($this->cronHook); } /* * Get the name of the update checker's WP-cron hook. Mostly useful for debugging. * * @return string / public function getCronHookName() { return $this->cronHook; } } endif; if ( !class_exists('Backuply_PucUpgraderStatus_3_2', false) ): /* * A utility class that helps figure out which plugin WordPress is upgrading. * * It may seem strange to have an separate class just for that, but the task is surprisingly complicated. * Core classes like Plugin_Upgrader don't expose the plugin file name during an in-progress update (AFAICT). * This class uses a few workarounds and heuristics to get the file name. / class Backuply_PucUpgraderStatus_3_2 { private $upgradedPluginFile = null; //The plugin that is currently being upgraded by WordPress. public function __construct() { //Keep track of which plugin WordPress is currently upgrading. add_filter('upgrader_pre_install', array($this, 'setUpgradedPlugin'), 10, 2); add_filter('upgrader_package_options', array($this, 'setUpgradedPluginFromOptions'), 10, 1); add_filter('upgrader_post_install', array($this, 'clearUpgradedPlugin'), 10, 1); add_action('upgrader_process_complete', array($this, 'clearUpgradedPlugin'), 10, 1); } /* * Is there and update being installed RIGHT NOW, for a specific plugin? * * Caution: This method is unreliable. WordPress doesn't make it easy to figure out what it is upgrading, * and upgrader implementations are liable to change without notice. * * @param string $pluginFile The plugin to check. * @param WP_Upgrader\|null $upgrader The upgrader that's performing the current update. * @return bool True if the plugin identified by $pluginFile is being upgraded. / public function isPluginBeingUpgraded($pluginFile, $upgrader = null) { if ( isset($upgrader) ) { $upgradedPluginFile = $this->getPluginBeingUpgradedBy($upgrader); if ( !empty($upgradedPluginFile) ) { $this->upgradedPluginFile = $upgradedPluginFile; } } return ( !empty($this->upgradedPluginFile) && ($this->upgradedPluginFile === $pluginFile) ); } /* * Get the file name of the plugin that's currently being upgraded. * * @param Plugin_Upgrader\|WP_Upgrader $upgrader * @return string\|null / private function getPluginBeingUpgradedBy($upgrader) { if ( !isset($upgrader, $upgrader->skin) ) { return null; } //Figure out which plugin is being upgraded. $pluginFile = null; $skin = $upgrader->skin; if ( $skin instanceof Plugin_Upgrader_Skin ) { if ( isset($skin->plugin) && is_string($skin->plugin) && ($skin->plugin !== '') ) { $pluginFile = $skin->plugin; } } elseif ( isset($skin->plugin_info) && is_array($skin->plugin_info) ) { //This case is tricky because Bulk_Plugin_Upgrader_Skin (etc) doesn't actually store the plugin //filename anywhere. Instead, it has the plugin headers in $plugin_info. So the best we can //do is compare those headers to the headers of installed plugins. $pluginFile = $this->identifyPluginByHeaders($skin->plugin_info); } return $pluginFile; } /* * Identify an installed plugin based on its headers. * * @param array $searchHeaders The plugin file header to look for. * @return string\|null Plugin basename ("foo/bar.php"), or NULL if we can't identify the plugin. / private function identifyPluginByHeaders($searchHeaders) { if ( !function_exists('get_plugins') ){ /* @noinspection PhpIncludeInspection / require_once( ABSPATH . '/wp-admin/includes/plugin.php' ); } $installedPlugins = get_plugins(); $matches = array(); foreach($installedPlugins as $pluginBasename => $headers) { $diff1 = array_diff_assoc($headers, $searchHeaders); $diff2 = array_diff_assoc($searchHeaders, $headers); if ( empty($diff1) && empty($diff2) ) { $matches[] = $pluginBasename; } } //It's possible (though very unlikely) that there could be two plugins with identical //headers. In that case, we can't unambiguously identify the plugin that's being upgraded. if ( count($matches) !== 1 ) { return null; } return reset($matches); } /* * @access private * * @param mixed $input * @param array $hookExtra * @return mixed Returns $input unaltered. / public function setUpgradedPlugin($input, $hookExtra) { if (!empty($hookExtra['plugin']) && is_string($hookExtra['plugin'])) { $this->upgradedPluginFile = $hookExtra['plugin']; } else { $this->upgradedPluginFile = null; } return $input; } /* * @access private * * @param array $options * @return array / public function setUpgradedPluginFromOptions($options) { if (isset($options['hook_extra']['plugin']) && is_string($options['hook_extra']['plugin'])) { $this->upgradedPluginFile = $options['hook_extra']['plugin']; } else { $this->upgradedPluginFile = null; } return $options; } /* * @access private * * @param mixed $input * @return mixed Returns $input unaltered. / public function clearUpgradedPlugin($input = null) { $this->upgradedPluginFile = null; return $input; } } endif; if ( !class_exists('Backuply_PucFactory', false) ): /* * A factory that builds instances of other classes from this library. * * When multiple versions of the same class have been loaded (e.g. BackuplyUpdateChecker 1.2 * and 1.3), this factory will always use the latest available version. Register class * versions by calling {@link Backuply_PucFactory::addVersion()}. * * At the moment it can only build instances of the BackuplyUpdateChecker class. Other classes * are intended mainly for internal use and refer directly to specific implementations. If you * want to instantiate one of them anyway, you can use {@link Backuply_PucFactory::getLatestClassVersion()} * to get the class name and then create it with <code>new $class(...)</code>. / class Backuply_PucFactory { protected static $classVersions = array(); protected static $sorted = false; /* * Create a new instance of BackuplyUpdateChecker. * * @see BackuplyUpdateChecker::__construct() * * @param $metadataUrl * @param $pluginFile * @param string $slug * @param int $checkPeriod * @param string $optionName * @param string $muPluginFile * @return BackuplyUpdateChecker_3_2 / public static function buildUpdateChecker($metadataUrl, $pluginFile, $slug = '', $checkPeriod = 12, $optionName = '', $muPluginFile = '') { $class = self::getLatestClassVersion('BackuplyUpdateChecker'); return new $class($metadataUrl, $pluginFile, $slug, $checkPeriod, $optionName, $muPluginFile); } /* * Get the specific class name for the latest available version of a class. * * @param string $class * @return string\|null / public static function getLatestClassVersion($class) { if ( !self::$sorted ) { self::sortVersions(); } if ( isset(self::$classVersions[$class]) ) { return reset(self::$classVersions[$class]); } else { return null; } } /* * Sort available class versions in descending order (i.e. newest first). / protected static function sortVersions() { foreach ( self::$classVersions as $class => $versions ) { uksort($versions, array(__CLASS__, 'compareVersions')); self::$classVersions[$class] = $versions; } self::$sorted = true; } protected static function compareVersions($a, $b) { return -version_compare($a, $b); } /* * Register a version of a class. * * @access private This method is only for internal use by the library. * * @param string $generalClass Class name without version numbers, e.g. 'BackuplyUpdateChecker'. * @param string $versionedClass Actual class name, e.g. 'BackuplyUpdateChecker_1_2'. * @param string $version Version number, e.g. '1.2'. / public static function addVersion($generalClass, $versionedClass, $version) { if ( !isset(self::$classVersions[$generalClass]) ) { self::$classVersions[$generalClass] = array(); } self::$classVersions[$generalClass][$version] = $versionedClass; self::$sorted = false; } } endif; //Register classes defined in this file with the factory. Backuply_PucFactory::addVersion('BackuplyUpdateChecker', 'BackuplyUpdateChecker_3_2', '3.2'); Backuply_PucFactory::addVersion('BackuplyUpdate', 'BackuplyUpdate_3_2', '3.2'); Backuply_PucFactory::addVersion('BackuplyInfo', 'BackuplyInfo_3_2', '3.2'); Backuply_PucFactory::addVersion('Backuply_PucGitHubChecker', 'Backuply_PucGitHubChecker_3_2', '3.2'); ��phpseclib/Crypt/TripleDES.php��0000644��00000037137�15104540706�0012137 0��ustar�00��<?php /* * Pure-PHP implementation of Triple DES. * * Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt). * * PHP versions 4 and 5 * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/TripleDES.php'; * * $des = new Crypt_TripleDES(); * * $des->setKey('abcdefghijklmnopqrstuvwx'); * * $size = 10 * 1024; * $plaintext = ''; * for ($i = 0; $i < $size; $i++) { * $plaintext.= 'a'; * } * * echo $des->decrypt($des->encrypt($plaintext)); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_TripleDES * @author Jim Wigginton <terrafrost@php.net> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Crypt_DES / if (!class_exists('Crypt_DES')) { include_once 'DES.php'; } /#@+ @access public * @see self::Crypt_TripleDES() / /* * Encrypt / decrypt using inner chaining * * Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3). / define('CRYPT_MODE_3CBC', -2); /* * BC version of the above. / define('CRYPT_DES_MODE_3CBC', -2); /* * Encrypt / decrypt using outer chaining * * Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC. / define('CRYPT_MODE_CBC3', CRYPT_MODE_CBC); /* * BC version of the above. / define('CRYPT_DES_MODE_CBC3', CRYPT_MODE_CBC3); /#@-/ /** * Pure-PHP implementation of Triple DES. * * @package Crypt_TripleDES * @author Jim Wigginton <terrafrost@php.net> * @access public / class Crypt_TripleDES extends Crypt_DES { /* * Key Length (in bytes) * * @see Crypt_TripleDES::setKeyLength() * @var int * @access private / var $key_length = 24; /* * The default salt used by setPassword() * * @see Crypt_Base::password_default_salt * @see Crypt_Base::setPassword() * @var string * @access private / var $password_default_salt = 'phpseclib'; /* * The namespace used by the cipher for its constants. * * @see Crypt_DES::const_namespace * @see Crypt_Base::const_namespace * @var string * @access private / var $const_namespace = 'DES'; /* * The mcrypt specific name of the cipher * * @see Crypt_DES::cipher_name_mcrypt * @see Crypt_Base::cipher_name_mcrypt * @var string * @access private / var $cipher_name_mcrypt = 'tripledes'; /* * Optimizing value while CFB-encrypting * * @see Crypt_Base::cfb_init_len * @var int * @access private / var $cfb_init_len = 750; /* * max possible size of $key * * @see self::setKey() * @see Crypt_DES::setKey() * @var string * @access private / var $key_length_max = 24; /* * Internal flag whether using CRYPT_DES_MODE_3CBC or not * * @var bool * @access private / var $mode_3cbc; /* * The Crypt_DES objects * * Used only if $mode_3cbc === true * * @var array * @access private / var $des; /* * Default Constructor. * * Determines whether or not the mcrypt extension should be used. * * $mode could be: * * - CRYPT_DES_MODE_ECB * * - CRYPT_DES_MODE_CBC * * - CRYPT_DES_MODE_CTR * * - CRYPT_DES_MODE_CFB * * - CRYPT_DES_MODE_OFB * * - CRYPT_DES_MODE_3CBC * * If not explicitly set, CRYPT_DES_MODE_CBC will be used. * * @see Crypt_DES::Crypt_DES() * @see Crypt_Base::Crypt_Base() * @param int $mode * @access public / function __construct($mode = CRYPT_MODE_CBC) { switch ($mode) { // In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC // and additional flag us internally as 3CBC case CRYPT_DES_MODE_3CBC: parent::Crypt_Base(CRYPT_MODE_CBC); $this->mode_3cbc = true; // This three $des'es will do the 3CBC work (if $key > 64bits) $this->des = array( new Crypt_DES(CRYPT_MODE_CBC), new Crypt_DES(CRYPT_MODE_CBC), new Crypt_DES(CRYPT_MODE_CBC), ); // we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects $this->des[0]->disablePadding(); $this->des[1]->disablePadding(); $this->des[2]->disablePadding(); break; // If not 3CBC, we init as usual default: parent::__construct($mode); } } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @param int $mode * @access public / function Crypt_TripleDES($mode = CRYPT_MODE_CBC) { $this->__construct($mode); } /* * Test for engine validity * * This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine() * * @see Crypt_Base::Crypt_Base() * @param int $engine * @access public * @return bool / function isValidEngine($engine) { if ($engine == CRYPT_ENGINE_OPENSSL) { $this->cipher_name_openssl_ecb = 'des-ede3'; $mode = $this->_openssl_translate_mode(); $this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode; } return parent::isValidEngine($engine); } /* * Sets the initialization vector. (optional) * * SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explicitly set, it'll be assumed * to be all zero's. * * @see Crypt_Base::setIV() * @access public * @param string $iv / function setIV($iv) { parent::setIV($iv); if ($this->mode_3cbc) { $this->des[0]->setIV($iv); $this->des[1]->setIV($iv); $this->des[2]->setIV($iv); } } /* * Sets the key length. * * Valid key lengths are 64, 128 and 192 * * @see Crypt_Base:setKeyLength() * @access public * @param int $length / function setKeyLength($length) { $length >>= 3; switch (true) { case $length <= 8: $this->key_length = 8; break; case $length <= 16: $this->key_length = 16; break; default: $this->key_length = 24; } parent::setKeyLength($length); } /* * Sets the key. * * Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or * 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate. * * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. * * If the key is not explicitly set, it'll be assumed to be all null bytes. * * @access public * @see Crypt_DES::setKey() * @see Crypt_Base::setKey() * @param string $key / function setKey($key) { $length = $this->explicit_key_length ? $this->key_length : strlen($key); if ($length > 8) { $key = str_pad(substr($key, 0, 24), 24, chr(0)); // if $key is between 64 and 128-bits, use the first 64-bits as the last, per this: // http://php.net/function.mcrypt-encrypt#47973 $key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24); } else { $key = str_pad($key, 8, chr(0)); } parent::setKey($key); // And in case of CRYPT_DES_MODE_3CBC: // if key <= 64bits we not need the 3 $des to work, // because we will then act as regular DES-CBC with just a <= 64bit key. // So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des. if ($this->mode_3cbc && $length > 8) { $this->des[0]->setKey(substr($key, 0, 8)); $this->des[1]->setKey(substr($key, 8, 8)); $this->des[2]->setKey(substr($key, 16, 8)); } } /* * Encrypts a message. * * @see Crypt_Base::encrypt() * @access public * @param string $plaintext * @return string $cipertext / function encrypt($plaintext) { // parent::en/decrypt() is able to do all the work for all modes and keylengths, // except for: CRYPT_MODE_3CBC (inner chaining CBC) with a key > 64bits // if the key is smaller then 8, do what we'd normally do if ($this->mode_3cbc && strlen($this->key) > 8) { return $this->des[2]->encrypt( $this->des[1]->decrypt( $this->des[0]->encrypt( $this->_pad($plaintext) ) ) ); } return parent::encrypt($plaintext); } /* * Decrypts a message. * * @see Crypt_Base::decrypt() * @access public * @param string $ciphertext * @return string $plaintext / function decrypt($ciphertext) { if ($this->mode_3cbc && strlen($this->key) > 8) { return $this->_unpad( $this->des[0]->decrypt( $this->des[1]->encrypt( $this->des[2]->decrypt( str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0") ) ) ) ); } return parent::decrypt($ciphertext); } /* * Treat consecutive "packets" as if they are a continuous buffer. * * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets * will yield different outputs: * * <code> * echo $des->encrypt(substr($plaintext, 0, 8)); * echo $des->encrypt(substr($plaintext, 8, 8)); * </code> * <code> * echo $des->encrypt($plaintext); * </code> * * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates * another, as demonstrated with the following: * * <code> * $des->encrypt(substr($plaintext, 0, 8)); * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); * </code> * <code> * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); * </code> * * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different * outputs. The reason is due to the fact that the initialization vector's change after every encryption / * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. * * Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), * however, they are also less intuitive and more likely to cause you problems. * * @see Crypt_Base::enableContinuousBuffer() * @see self::disableContinuousBuffer() * @access public / function enableContinuousBuffer() { parent::enableContinuousBuffer(); if ($this->mode_3cbc) { $this->des[0]->enableContinuousBuffer(); $this->des[1]->enableContinuousBuffer(); $this->des[2]->enableContinuousBuffer(); } } /* * Treat consecutive packets as if they are a discontinuous buffer. * * The default behavior. * * @see Crypt_Base::disableContinuousBuffer() * @see self::enableContinuousBuffer() * @access public / function disableContinuousBuffer() { parent::disableContinuousBuffer(); if ($this->mode_3cbc) { $this->des[0]->disableContinuousBuffer(); $this->des[1]->disableContinuousBuffer(); $this->des[2]->disableContinuousBuffer(); } } /* * Creates the key schedule * * @see Crypt_DES::_setupKey() * @see Crypt_Base::_setupKey() * @access private / function _setupKey() { switch (true) { // if $key <= 64bits we configure our internal pure-php cipher engine // to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same. case strlen($this->key) <= 8: $this->des_rounds = 1; break; // otherwise, if $key > 64bits, we configure our engine to work as 3DES. default: $this->des_rounds = 3; // (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately. if ($this->mode_3cbc) { $this->des[0]->_setupKey(); $this->des[1]->_setupKey(); $this->des[2]->_setupKey(); // because $des[0-2] will, now, do all the work we can return here // not need unnecessary stress parent::_setupKey() with our, now unused, $key. return; } } // setup our key parent::_setupKey(); } /* * Sets the internal crypt engine * * @see Crypt_Base::Crypt_Base() * @see Crypt_Base::setPreferredEngine() * @param int $engine * @access public * @return int / function setPreferredEngine($engine) { if ($this->mode_3cbc) { $this->des[0]->setPreferredEngine($engine); $this->des[1]->setPreferredEngine($engine); $this->des[2]->setPreferredEngine($engine); } return parent::setPreferredEngine($engine); } } ��phpseclib/Crypt/DES.php��0000644��00000223446�15104540706�0010757 0��ustar�00��<?php /* * Pure-PHP implementation of DES. * * Uses mcrypt, if available, and an internal implementation, otherwise. * * PHP versions 4 and 5 * * Useful resources are as follows: * * - {@link http://en.wikipedia.org/wiki/DES_supplementary_material Wikipedia: DES supplementary material} * - {@link http://www.itl.nist.gov/fipspubs/fip46-2.htm FIPS 46-2 - (DES), Data Encryption Standard} * - {@link http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-DES.html JavaScript DES Example} * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/DES.php'; * * $des = new Crypt_DES(); * * $des->setKey('abcdefgh'); * * $size = 10 * 1024; * $plaintext = ''; * for ($i = 0; $i < $size; $i++) { * $plaintext.= 'a'; * } * * echo $des->decrypt($des->encrypt($plaintext)); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_DES * @author Jim Wigginton <terrafrost@php.net> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Crypt_Base * * Base cipher class / if (!class_exists('Crypt_Base')) { include_once 'Base.php'; } /#@+ @access private * @see self::_setupKey() * @see self::_processBlock() / /* * Contains $keys[CRYPT_DES_ENCRYPT] / define('CRYPT_DES_ENCRYPT', 0); /* * Contains $keys[CRYPT_DES_DECRYPT] / define('CRYPT_DES_DECRYPT', 1); /#@-/ /*#@+ @access public * @see self::encrypt() * @see self::decrypt() / /* * Encrypt / decrypt using the Counter mode. * * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 / define('CRYPT_DES_MODE_CTR', CRYPT_MODE_CTR); /* * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 / define('CRYPT_DES_MODE_ECB', CRYPT_MODE_ECB); /* * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 / define('CRYPT_DES_MODE_CBC', CRYPT_MODE_CBC); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 / define('CRYPT_DES_MODE_CFB', CRYPT_MODE_CFB); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 / define('CRYPT_DES_MODE_OFB', CRYPT_MODE_OFB); /#@-/ /** * Pure-PHP implementation of DES. * * @package Crypt_DES * @author Jim Wigginton <terrafrost@php.net> * @access public / class Crypt_DES extends Crypt_Base { /* * Block Length of the cipher * * @see Crypt_Base::block_size * @var int * @access private / var $block_size = 8; /* * Key Length (in bytes) * * @see Crypt_Base::setKeyLength() * @var int * @access private / var $key_length = 8; /* * The namespace used by the cipher for its constants. * * @see Crypt_Base::const_namespace * @var string * @access private / var $const_namespace = 'DES'; /* * The mcrypt specific name of the cipher * * @see Crypt_Base::cipher_name_mcrypt * @var string * @access private / var $cipher_name_mcrypt = 'des'; /* * The OpenSSL names of the cipher / modes * * @see Crypt_Base::openssl_mode_names * @var array * @access private / var $openssl_mode_names = array( CRYPT_MODE_ECB => 'des-ecb', CRYPT_MODE_CBC => 'des-cbc', CRYPT_MODE_CFB => 'des-cfb', CRYPT_MODE_OFB => 'des-ofb' // CRYPT_MODE_CTR is undefined for DES ); /* * Optimizing value while CFB-encrypting * * @see Crypt_Base::cfb_init_len * @var int * @access private / var $cfb_init_len = 500; /* * Switch for DES/3DES encryption * * Used only if $engine == CRYPT_DES_MODE_INTERNAL * * @see self::_setupKey() * @see self::_processBlock() * @var int * @access private / var $des_rounds = 1; /* * max possible size of $key * * @see self::setKey() * @var string * @access private / var $key_length_max = 8; /* * The Key Schedule * * @see self::_setupKey() * @var array * @access private / var $keys; /* * Shuffle table. * * For each byte value index, the entry holds an 8-byte string * with each byte containing all bits in the same state as the * corresponding bit in the index value. * * @see self::_processBlock() * @see self::_setupKey() * @var array * @access private / var $shuffle = array( "\x00\x00\x00\x00\x00\x00\x00\x00", "\x00\x00\x00\x00\x00\x00\x00\xFF", "\x00\x00\x00\x00\x00\x00\xFF\x00", "\x00\x00\x00\x00\x00\x00\xFF\xFF", "\x00\x00\x00\x00\x00\xFF\x00\x00", "\x00\x00\x00\x00\x00\xFF\x00\xFF", "\x00\x00\x00\x00\x00\xFF\xFF\x00", "\x00\x00\x00\x00\x00\xFF\xFF\xFF", "\x00\x00\x00\x00\xFF\x00\x00\x00", "\x00\x00\x00\x00\xFF\x00\x00\xFF", "\x00\x00\x00\x00\xFF\x00\xFF\x00", "\x00\x00\x00\x00\xFF\x00\xFF\xFF", "\x00\x00\x00\x00\xFF\xFF\x00\x00", "\x00\x00\x00\x00\xFF\xFF\x00\xFF", "\x00\x00\x00\x00\xFF\xFF\xFF\x00", "\x00\x00\x00\x00\xFF\xFF\xFF\xFF", "\x00\x00\x00\xFF\x00\x00\x00\x00", "\x00\x00\x00\xFF\x00\x00\x00\xFF", "\x00\x00\x00\xFF\x00\x00\xFF\x00", "\x00\x00\x00\xFF\x00\x00\xFF\xFF", "\x00\x00\x00\xFF\x00\xFF\x00\x00", "\x00\x00\x00\xFF\x00\xFF\x00\xFF", "\x00\x00\x00\xFF\x00\xFF\xFF\x00", "\x00\x00\x00\xFF\x00\xFF\xFF\xFF", "\x00\x00\x00\xFF\xFF\x00\x00\x00", "\x00\x00\x00\xFF\xFF\x00\x00\xFF", "\x00\x00\x00\xFF\xFF\x00\xFF\x00", "\x00\x00\x00\xFF\xFF\x00\xFF\xFF", "\x00\x00\x00\xFF\xFF\xFF\x00\x00", "\x00\x00\x00\xFF\xFF\xFF\x00\xFF", "\x00\x00\x00\xFF\xFF\xFF\xFF\x00", "\x00\x00\x00\xFF\xFF\xFF\xFF\xFF", "\x00\x00\xFF\x00\x00\x00\x00\x00", "\x00\x00\xFF\x00\x00\x00\x00\xFF", "\x00\x00\xFF\x00\x00\x00\xFF\x00", "\x00\x00\xFF\x00\x00\x00\xFF\xFF", "\x00\x00\xFF\x00\x00\xFF\x00\x00", "\x00\x00\xFF\x00\x00\xFF\x00\xFF", "\x00\x00\xFF\x00\x00\xFF\xFF\x00", "\x00\x00\xFF\x00\x00\xFF\xFF\xFF", "\x00\x00\xFF\x00\xFF\x00\x00\x00", "\x00\x00\xFF\x00\xFF\x00\x00\xFF", "\x00\x00\xFF\x00\xFF\x00\xFF\x00", "\x00\x00\xFF\x00\xFF\x00\xFF\xFF", "\x00\x00\xFF\x00\xFF\xFF\x00\x00", "\x00\x00\xFF\x00\xFF\xFF\x00\xFF", "\x00\x00\xFF\x00\xFF\xFF\xFF\x00", "\x00\x00\xFF\x00\xFF\xFF\xFF\xFF", "\x00\x00\xFF\xFF\x00\x00\x00\x00", "\x00\x00\xFF\xFF\x00\x00\x00\xFF", "\x00\x00\xFF\xFF\x00\x00\xFF\x00", "\x00\x00\xFF\xFF\x00\x00\xFF\xFF", "\x00\x00\xFF\xFF\x00\xFF\x00\x00", "\x00\x00\xFF\xFF\x00\xFF\x00\xFF", "\x00\x00\xFF\xFF\x00\xFF\xFF\x00", "\x00\x00\xFF\xFF\x00\xFF\xFF\xFF", "\x00\x00\xFF\xFF\xFF\x00\x00\x00", "\x00\x00\xFF\xFF\xFF\x00\x00\xFF", "\x00\x00\xFF\xFF\xFF\x00\xFF\x00", "\x00\x00\xFF\xFF\xFF\x00\xFF\xFF", "\x00\x00\xFF\xFF\xFF\xFF\x00\x00", "\x00\x00\xFF\xFF\xFF\xFF\x00\xFF", "\x00\x00\xFF\xFF\xFF\xFF\xFF\x00", "\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF", "\x00\xFF\x00\x00\x00\x00\x00\x00", "\x00\xFF\x00\x00\x00\x00\x00\xFF", "\x00\xFF\x00\x00\x00\x00\xFF\x00", "\x00\xFF\x00\x00\x00\x00\xFF\xFF", "\x00\xFF\x00\x00\x00\xFF\x00\x00", "\x00\xFF\x00\x00\x00\xFF\x00\xFF", "\x00\xFF\x00\x00\x00\xFF\xFF\x00", "\x00\xFF\x00\x00\x00\xFF\xFF\xFF", "\x00\xFF\x00\x00\xFF\x00\x00\x00", "\x00\xFF\x00\x00\xFF\x00\x00\xFF", "\x00\xFF\x00\x00\xFF\x00\xFF\x00", "\x00\xFF\x00\x00\xFF\x00\xFF\xFF", "\x00\xFF\x00\x00\xFF\xFF\x00\x00", "\x00\xFF\x00\x00\xFF\xFF\x00\xFF", "\x00\xFF\x00\x00\xFF\xFF\xFF\x00", "\x00\xFF\x00\x00\xFF\xFF\xFF\xFF", "\x00\xFF\x00\xFF\x00\x00\x00\x00", "\x00\xFF\x00\xFF\x00\x00\x00\xFF", "\x00\xFF\x00\xFF\x00\x00\xFF\x00", "\x00\xFF\x00\xFF\x00\x00\xFF\xFF", "\x00\xFF\x00\xFF\x00\xFF\x00\x00", "\x00\xFF\x00\xFF\x00\xFF\x00\xFF", "\x00\xFF\x00\xFF\x00\xFF\xFF\x00", "\x00\xFF\x00\xFF\x00\xFF\xFF\xFF", "\x00\xFF\x00\xFF\xFF\x00\x00\x00", "\x00\xFF\x00\xFF\xFF\x00\x00\xFF", "\x00\xFF\x00\xFF\xFF\x00\xFF\x00", "\x00\xFF\x00\xFF\xFF\x00\xFF\xFF", "\x00\xFF\x00\xFF\xFF\xFF\x00\x00", "\x00\xFF\x00\xFF\xFF\xFF\x00\xFF", "\x00\xFF\x00\xFF\xFF\xFF\xFF\x00", "\x00\xFF\x00\xFF\xFF\xFF\xFF\xFF", "\x00\xFF\xFF\x00\x00\x00\x00\x00", "\x00\xFF\xFF\x00\x00\x00\x00\xFF", "\x00\xFF\xFF\x00\x00\x00\xFF\x00", "\x00\xFF\xFF\x00\x00\x00\xFF\xFF", "\x00\xFF\xFF\x00\x00\xFF\x00\x00", "\x00\xFF\xFF\x00\x00\xFF\x00\xFF", "\x00\xFF\xFF\x00\x00\xFF\xFF\x00", "\x00\xFF\xFF\x00\x00\xFF\xFF\xFF", "\x00\xFF\xFF\x00\xFF\x00\x00\x00", "\x00\xFF\xFF\x00\xFF\x00\x00\xFF", "\x00\xFF\xFF\x00\xFF\x00\xFF\x00", "\x00\xFF\xFF\x00\xFF\x00\xFF\xFF", "\x00\xFF\xFF\x00\xFF\xFF\x00\x00", "\x00\xFF\xFF\x00\xFF\xFF\x00\xFF", "\x00\xFF\xFF\x00\xFF\xFF\xFF\x00", "\x00\xFF\xFF\x00\xFF\xFF\xFF\xFF", "\x00\xFF\xFF\xFF\x00\x00\x00\x00", "\x00\xFF\xFF\xFF\x00\x00\x00\xFF", "\x00\xFF\xFF\xFF\x00\x00\xFF\x00", "\x00\xFF\xFF\xFF\x00\x00\xFF\xFF", "\x00\xFF\xFF\xFF\x00\xFF\x00\x00", "\x00\xFF\xFF\xFF\x00\xFF\x00\xFF", "\x00\xFF\xFF\xFF\x00\xFF\xFF\x00", "\x00\xFF\xFF\xFF\x00\xFF\xFF\xFF", "\x00\xFF\xFF\xFF\xFF\x00\x00\x00", "\x00\xFF\xFF\xFF\xFF\x00\x00\xFF", "\x00\xFF\xFF\xFF\xFF\x00\xFF\x00", "\x00\xFF\xFF\xFF\xFF\x00\xFF\xFF", "\x00\xFF\xFF\xFF\xFF\xFF\x00\x00", "\x00\xFF\xFF\xFF\xFF\xFF\x00\xFF", "\x00\xFF\xFF\xFF\xFF\xFF\xFF\x00", "\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF", "\xFF\x00\x00\x00\x00\x00\x00\x00", "\xFF\x00\x00\x00\x00\x00\x00\xFF", "\xFF\x00\x00\x00\x00\x00\xFF\x00", "\xFF\x00\x00\x00\x00\x00\xFF\xFF", "\xFF\x00\x00\x00\x00\xFF\x00\x00", "\xFF\x00\x00\x00\x00\xFF\x00\xFF", "\xFF\x00\x00\x00\x00\xFF\xFF\x00", "\xFF\x00\x00\x00\x00\xFF\xFF\xFF", "\xFF\x00\x00\x00\xFF\x00\x00\x00", "\xFF\x00\x00\x00\xFF\x00\x00\xFF", "\xFF\x00\x00\x00\xFF\x00\xFF\x00", "\xFF\x00\x00\x00\xFF\x00\xFF\xFF", "\xFF\x00\x00\x00\xFF\xFF\x00\x00", "\xFF\x00\x00\x00\xFF\xFF\x00\xFF", "\xFF\x00\x00\x00\xFF\xFF\xFF\x00", "\xFF\x00\x00\x00\xFF\xFF\xFF\xFF", "\xFF\x00\x00\xFF\x00\x00\x00\x00", "\xFF\x00\x00\xFF\x00\x00\x00\xFF", "\xFF\x00\x00\xFF\x00\x00\xFF\x00", "\xFF\x00\x00\xFF\x00\x00\xFF\xFF", "\xFF\x00\x00\xFF\x00\xFF\x00\x00", "\xFF\x00\x00\xFF\x00\xFF\x00\xFF", "\xFF\x00\x00\xFF\x00\xFF\xFF\x00", "\xFF\x00\x00\xFF\x00\xFF\xFF\xFF", "\xFF\x00\x00\xFF\xFF\x00\x00\x00", "\xFF\x00\x00\xFF\xFF\x00\x00\xFF", "\xFF\x00\x00\xFF\xFF\x00\xFF\x00", "\xFF\x00\x00\xFF\xFF\x00\xFF\xFF", "\xFF\x00\x00\xFF\xFF\xFF\x00\x00", "\xFF\x00\x00\xFF\xFF\xFF\x00\xFF", "\xFF\x00\x00\xFF\xFF\xFF\xFF\x00", "\xFF\x00\x00\xFF\xFF\xFF\xFF\xFF", "\xFF\x00\xFF\x00\x00\x00\x00\x00", "\xFF\x00\xFF\x00\x00\x00\x00\xFF", "\xFF\x00\xFF\x00\x00\x00\xFF\x00", "\xFF\x00\xFF\x00\x00\x00\xFF\xFF", "\xFF\x00\xFF\x00\x00\xFF\x00\x00", "\xFF\x00\xFF\x00\x00\xFF\x00\xFF", "\xFF\x00\xFF\x00\x00\xFF\xFF\x00", "\xFF\x00\xFF\x00\x00\xFF\xFF\xFF", "\xFF\x00\xFF\x00\xFF\x00\x00\x00", "\xFF\x00\xFF\x00\xFF\x00\x00\xFF", "\xFF\x00\xFF\x00\xFF\x00\xFF\x00", "\xFF\x00\xFF\x00\xFF\x00\xFF\xFF", "\xFF\x00\xFF\x00\xFF\xFF\x00\x00", "\xFF\x00\xFF\x00\xFF\xFF\x00\xFF", "\xFF\x00\xFF\x00\xFF\xFF\xFF\x00", "\xFF\x00\xFF\x00\xFF\xFF\xFF\xFF", "\xFF\x00\xFF\xFF\x00\x00\x00\x00", "\xFF\x00\xFF\xFF\x00\x00\x00\xFF", "\xFF\x00\xFF\xFF\x00\x00\xFF\x00", "\xFF\x00\xFF\xFF\x00\x00\xFF\xFF", "\xFF\x00\xFF\xFF\x00\xFF\x00\x00", "\xFF\x00\xFF\xFF\x00\xFF\x00\xFF", "\xFF\x00\xFF\xFF\x00\xFF\xFF\x00", "\xFF\x00\xFF\xFF\x00\xFF\xFF\xFF", "\xFF\x00\xFF\xFF\xFF\x00\x00\x00", "\xFF\x00\xFF\xFF\xFF\x00\x00\xFF", "\xFF\x00\xFF\xFF\xFF\x00\xFF\x00", "\xFF\x00\xFF\xFF\xFF\x00\xFF\xFF", "\xFF\x00\xFF\xFF\xFF\xFF\x00\x00", "\xFF\x00\xFF\xFF\xFF\xFF\x00\xFF", "\xFF\x00\xFF\xFF\xFF\xFF\xFF\x00", "\xFF\x00\xFF\xFF\xFF\xFF\xFF\xFF", "\xFF\xFF\x00\x00\x00\x00\x00\x00", "\xFF\xFF\x00\x00\x00\x00\x00\xFF", "\xFF\xFF\x00\x00\x00\x00\xFF\x00", "\xFF\xFF\x00\x00\x00\x00\xFF\xFF", "\xFF\xFF\x00\x00\x00\xFF\x00\x00", "\xFF\xFF\x00\x00\x00\xFF\x00\xFF", "\xFF\xFF\x00\x00\x00\xFF\xFF\x00", "\xFF\xFF\x00\x00\x00\xFF\xFF\xFF", "\xFF\xFF\x00\x00\xFF\x00\x00\x00", "\xFF\xFF\x00\x00\xFF\x00\x00\xFF", "\xFF\xFF\x00\x00\xFF\x00\xFF\x00", "\xFF\xFF\x00\x00\xFF\x00\xFF\xFF", "\xFF\xFF\x00\x00\xFF\xFF\x00\x00", "\xFF\xFF\x00\x00\xFF\xFF\x00\xFF", "\xFF\xFF\x00\x00\xFF\xFF\xFF\x00", "\xFF\xFF\x00\x00\xFF\xFF\xFF\xFF", "\xFF\xFF\x00\xFF\x00\x00\x00\x00", "\xFF\xFF\x00\xFF\x00\x00\x00\xFF", "\xFF\xFF\x00\xFF\x00\x00\xFF\x00", "\xFF\xFF\x00\xFF\x00\x00\xFF\xFF", "\xFF\xFF\x00\xFF\x00\xFF\x00\x00", "\xFF\xFF\x00\xFF\x00\xFF\x00\xFF", "\xFF\xFF\x00\xFF\x00\xFF\xFF\x00", "\xFF\xFF\x00\xFF\x00\xFF\xFF\xFF", "\xFF\xFF\x00\xFF\xFF\x00\x00\x00", "\xFF\xFF\x00\xFF\xFF\x00\x00\xFF", "\xFF\xFF\x00\xFF\xFF\x00\xFF\x00", "\xFF\xFF\x00\xFF\xFF\x00\xFF\xFF", "\xFF\xFF\x00\xFF\xFF\xFF\x00\x00", "\xFF\xFF\x00\xFF\xFF\xFF\x00\xFF", "\xFF\xFF\x00\xFF\xFF\xFF\xFF\x00", "\xFF\xFF\x00\xFF\xFF\xFF\xFF\xFF", "\xFF\xFF\xFF\x00\x00\x00\x00\x00", "\xFF\xFF\xFF\x00\x00\x00\x00\xFF", "\xFF\xFF\xFF\x00\x00\x00\xFF\x00", "\xFF\xFF\xFF\x00\x00\x00\xFF\xFF", "\xFF\xFF\xFF\x00\x00\xFF\x00\x00", "\xFF\xFF\xFF\x00\x00\xFF\x00\xFF", "\xFF\xFF\xFF\x00\x00\xFF\xFF\x00", "\xFF\xFF\xFF\x00\x00\xFF\xFF\xFF", "\xFF\xFF\xFF\x00\xFF\x00\x00\x00", "\xFF\xFF\xFF\x00\xFF\x00\x00\xFF", "\xFF\xFF\xFF\x00\xFF\x00\xFF\x00", "\xFF\xFF\xFF\x00\xFF\x00\xFF\xFF", "\xFF\xFF\xFF\x00\xFF\xFF\x00\x00", "\xFF\xFF\xFF\x00\xFF\xFF\x00\xFF", "\xFF\xFF\xFF\x00\xFF\xFF\xFF\x00", "\xFF\xFF\xFF\x00\xFF\xFF\xFF\xFF", "\xFF\xFF\xFF\xFF\x00\x00\x00\x00", "\xFF\xFF\xFF\xFF\x00\x00\x00\xFF", "\xFF\xFF\xFF\xFF\x00\x00\xFF\x00", "\xFF\xFF\xFF\xFF\x00\x00\xFF\xFF", "\xFF\xFF\xFF\xFF\x00\xFF\x00\x00", "\xFF\xFF\xFF\xFF\x00\xFF\x00\xFF", "\xFF\xFF\xFF\xFF\x00\xFF\xFF\x00", "\xFF\xFF\xFF\xFF\x00\xFF\xFF\xFF", "\xFF\xFF\xFF\xFF\xFF\x00\x00\x00", "\xFF\xFF\xFF\xFF\xFF\x00\x00\xFF", "\xFF\xFF\xFF\xFF\xFF\x00\xFF\x00", "\xFF\xFF\xFF\xFF\xFF\x00\xFF\xFF", "\xFF\xFF\xFF\xFF\xFF\xFF\x00\x00", "\xFF\xFF\xFF\xFF\xFF\xFF\x00\xFF", "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\x00", "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF" ); /* * IP mapping helper table. * * Indexing this table with each source byte performs the initial bit permutation. * * @var array * @access private / var $ipmap = array( 0x00, 0x10, 0x01, 0x11, 0x20, 0x30, 0x21, 0x31, 0x02, 0x12, 0x03, 0x13, 0x22, 0x32, 0x23, 0x33, 0x40, 0x50, 0x41, 0x51, 0x60, 0x70, 0x61, 0x71, 0x42, 0x52, 0x43, 0x53, 0x62, 0x72, 0x63, 0x73, 0x04, 0x14, 0x05, 0x15, 0x24, 0x34, 0x25, 0x35, 0x06, 0x16, 0x07, 0x17, 0x26, 0x36, 0x27, 0x37, 0x44, 0x54, 0x45, 0x55, 0x64, 0x74, 0x65, 0x75, 0x46, 0x56, 0x47, 0x57, 0x66, 0x76, 0x67, 0x77, 0x80, 0x90, 0x81, 0x91, 0xA0, 0xB0, 0xA1, 0xB1, 0x82, 0x92, 0x83, 0x93, 0xA2, 0xB2, 0xA3, 0xB3, 0xC0, 0xD0, 0xC1, 0xD1, 0xE0, 0xF0, 0xE1, 0xF1, 0xC2, 0xD2, 0xC3, 0xD3, 0xE2, 0xF2, 0xE3, 0xF3, 0x84, 0x94, 0x85, 0x95, 0xA4, 0xB4, 0xA5, 0xB5, 0x86, 0x96, 0x87, 0x97, 0xA6, 0xB6, 0xA7, 0xB7, 0xC4, 0xD4, 0xC5, 0xD5, 0xE4, 0xF4, 0xE5, 0xF5, 0xC6, 0xD6, 0xC7, 0xD7, 0xE6, 0xF6, 0xE7, 0xF7, 0x08, 0x18, 0x09, 0x19, 0x28, 0x38, 0x29, 0x39, 0x0A, 0x1A, 0x0B, 0x1B, 0x2A, 0x3A, 0x2B, 0x3B, 0x48, 0x58, 0x49, 0x59, 0x68, 0x78, 0x69, 0x79, 0x4A, 0x5A, 0x4B, 0x5B, 0x6A, 0x7A, 0x6B, 0x7B, 0x0C, 0x1C, 0x0D, 0x1D, 0x2C, 0x3C, 0x2D, 0x3D, 0x0E, 0x1E, 0x0F, 0x1F, 0x2E, 0x3E, 0x2F, 0x3F, 0x4C, 0x5C, 0x4D, 0x5D, 0x6C, 0x7C, 0x6D, 0x7D, 0x4E, 0x5E, 0x4F, 0x5F, 0x6E, 0x7E, 0x6F, 0x7F, 0x88, 0x98, 0x89, 0x99, 0xA8, 0xB8, 0xA9, 0xB9, 0x8A, 0x9A, 0x8B, 0x9B, 0xAA, 0xBA, 0xAB, 0xBB, 0xC8, 0xD8, 0xC9, 0xD9, 0xE8, 0xF8, 0xE9, 0xF9, 0xCA, 0xDA, 0xCB, 0xDB, 0xEA, 0xFA, 0xEB, 0xFB, 0x8C, 0x9C, 0x8D, 0x9D, 0xAC, 0xBC, 0xAD, 0xBD, 0x8E, 0x9E, 0x8F, 0x9F, 0xAE, 0xBE, 0xAF, 0xBF, 0xCC, 0xDC, 0xCD, 0xDD, 0xEC, 0xFC, 0xED, 0xFD, 0xCE, 0xDE, 0xCF, 0xDF, 0xEE, 0xFE, 0xEF, 0xFF ); /* * Inverse IP mapping helper table. * Indexing this table with a byte value reverses the bit order. * * @var array * @access private / var $invipmap = array( 0x00, 0x80, 0x40, 0xC0, 0x20, 0xA0, 0x60, 0xE0, 0x10, 0x90, 0x50, 0xD0, 0x30, 0xB0, 0x70, 0xF0, 0x08, 0x88, 0x48, 0xC8, 0x28, 0xA8, 0x68, 0xE8, 0x18, 0x98, 0x58, 0xD8, 0x38, 0xB8, 0x78, 0xF8, 0x04, 0x84, 0x44, 0xC4, 0x24, 0xA4, 0x64, 0xE4, 0x14, 0x94, 0x54, 0xD4, 0x34, 0xB4, 0x74, 0xF4, 0x0C, 0x8C, 0x4C, 0xCC, 0x2C, 0xAC, 0x6C, 0xEC, 0x1C, 0x9C, 0x5C, 0xDC, 0x3C, 0xBC, 0x7C, 0xFC, 0x02, 0x82, 0x42, 0xC2, 0x22, 0xA2, 0x62, 0xE2, 0x12, 0x92, 0x52, 0xD2, 0x32, 0xB2, 0x72, 0xF2, 0x0A, 0x8A, 0x4A, 0xCA, 0x2A, 0xAA, 0x6A, 0xEA, 0x1A, 0x9A, 0x5A, 0xDA, 0x3A, 0xBA, 0x7A, 0xFA, 0x06, 0x86, 0x46, 0xC6, 0x26, 0xA6, 0x66, 0xE6, 0x16, 0x96, 0x56, 0xD6, 0x36, 0xB6, 0x76, 0xF6, 0x0E, 0x8E, 0x4E, 0xCE, 0x2E, 0xAE, 0x6E, 0xEE, 0x1E, 0x9E, 0x5E, 0xDE, 0x3E, 0xBE, 0x7E, 0xFE, 0x01, 0x81, 0x41, 0xC1, 0x21, 0xA1, 0x61, 0xE1, 0x11, 0x91, 0x51, 0xD1, 0x31, 0xB1, 0x71, 0xF1, 0x09, 0x89, 0x49, 0xC9, 0x29, 0xA9, 0x69, 0xE9, 0x19, 0x99, 0x59, 0xD9, 0x39, 0xB9, 0x79, 0xF9, 0x05, 0x85, 0x45, 0xC5, 0x25, 0xA5, 0x65, 0xE5, 0x15, 0x95, 0x55, 0xD5, 0x35, 0xB5, 0x75, 0xF5, 0x0D, 0x8D, 0x4D, 0xCD, 0x2D, 0xAD, 0x6D, 0xED, 0x1D, 0x9D, 0x5D, 0xDD, 0x3D, 0xBD, 0x7D, 0xFD, 0x03, 0x83, 0x43, 0xC3, 0x23, 0xA3, 0x63, 0xE3, 0x13, 0x93, 0x53, 0xD3, 0x33, 0xB3, 0x73, 0xF3, 0x0B, 0x8B, 0x4B, 0xCB, 0x2B, 0xAB, 0x6B, 0xEB, 0x1B, 0x9B, 0x5B, 0xDB, 0x3B, 0xBB, 0x7B, 0xFB, 0x07, 0x87, 0x47, 0xC7, 0x27, 0xA7, 0x67, 0xE7, 0x17, 0x97, 0x57, 0xD7, 0x37, 0xB7, 0x77, 0xF7, 0x0F, 0x8F, 0x4F, 0xCF, 0x2F, 0xAF, 0x6F, 0xEF, 0x1F, 0x9F, 0x5F, 0xDF, 0x3F, 0xBF, 0x7F, 0xFF ); /* * Pre-permuted S-box1 * * Each box ($sbox1-$sbox8) has been vectorized, then each value pre-permuted using the * P table: concatenation can then be replaced by exclusive ORs. * * @var array * @access private / var $sbox1 = array( 0x00808200, 0x00000000, 0x00008000, 0x00808202, 0x00808002, 0x00008202, 0x00000002, 0x00008000, 0x00000200, 0x00808200, 0x00808202, 0x00000200, 0x00800202, 0x00808002, 0x00800000, 0x00000002, 0x00000202, 0x00800200, 0x00800200, 0x00008200, 0x00008200, 0x00808000, 0x00808000, 0x00800202, 0x00008002, 0x00800002, 0x00800002, 0x00008002, 0x00000000, 0x00000202, 0x00008202, 0x00800000, 0x00008000, 0x00808202, 0x00000002, 0x00808000, 0x00808200, 0x00800000, 0x00800000, 0x00000200, 0x00808002, 0x00008000, 0x00008200, 0x00800002, 0x00000200, 0x00000002, 0x00800202, 0x00008202, 0x00808202, 0x00008002, 0x00808000, 0x00800202, 0x00800002, 0x00000202, 0x00008202, 0x00808200, 0x00000202, 0x00800200, 0x00800200, 0x00000000, 0x00008002, 0x00008200, 0x00000000, 0x00808002 ); /* * Pre-permuted S-box2 * * @var array * @access private / var $sbox2 = array( 0x40084010, 0x40004000, 0x00004000, 0x00084010, 0x00080000, 0x00000010, 0x40080010, 0x40004010, 0x40000010, 0x40084010, 0x40084000, 0x40000000, 0x40004000, 0x00080000, 0x00000010, 0x40080010, 0x00084000, 0x00080010, 0x40004010, 0x00000000, 0x40000000, 0x00004000, 0x00084010, 0x40080000, 0x00080010, 0x40000010, 0x00000000, 0x00084000, 0x00004010, 0x40084000, 0x40080000, 0x00004010, 0x00000000, 0x00084010, 0x40080010, 0x00080000, 0x40004010, 0x40080000, 0x40084000, 0x00004000, 0x40080000, 0x40004000, 0x00000010, 0x40084010, 0x00084010, 0x00000010, 0x00004000, 0x40000000, 0x00004010, 0x40084000, 0x00080000, 0x40000010, 0x00080010, 0x40004010, 0x40000010, 0x00080010, 0x00084000, 0x00000000, 0x40004000, 0x00004010, 0x40000000, 0x40080010, 0x40084010, 0x00084000 ); /* * Pre-permuted S-box3 * * @var array * @access private / var $sbox3 = array( 0x00000104, 0x04010100, 0x00000000, 0x04010004, 0x04000100, 0x00000000, 0x00010104, 0x04000100, 0x00010004, 0x04000004, 0x04000004, 0x00010000, 0x04010104, 0x00010004, 0x04010000, 0x00000104, 0x04000000, 0x00000004, 0x04010100, 0x00000100, 0x00010100, 0x04010000, 0x04010004, 0x00010104, 0x04000104, 0x00010100, 0x00010000, 0x04000104, 0x00000004, 0x04010104, 0x00000100, 0x04000000, 0x04010100, 0x04000000, 0x00010004, 0x00000104, 0x00010000, 0x04010100, 0x04000100, 0x00000000, 0x00000100, 0x00010004, 0x04010104, 0x04000100, 0x04000004, 0x00000100, 0x00000000, 0x04010004, 0x04000104, 0x00010000, 0x04000000, 0x04010104, 0x00000004, 0x00010104, 0x00010100, 0x04000004, 0x04010000, 0x04000104, 0x00000104, 0x04010000, 0x00010104, 0x00000004, 0x04010004, 0x00010100 ); /* * Pre-permuted S-box4 * * @var array * @access private / var $sbox4 = array( 0x80401000, 0x80001040, 0x80001040, 0x00000040, 0x00401040, 0x80400040, 0x80400000, 0x80001000, 0x00000000, 0x00401000, 0x00401000, 0x80401040, 0x80000040, 0x00000000, 0x00400040, 0x80400000, 0x80000000, 0x00001000, 0x00400000, 0x80401000, 0x00000040, 0x00400000, 0x80001000, 0x00001040, 0x80400040, 0x80000000, 0x00001040, 0x00400040, 0x00001000, 0x00401040, 0x80401040, 0x80000040, 0x00400040, 0x80400000, 0x00401000, 0x80401040, 0x80000040, 0x00000000, 0x00000000, 0x00401000, 0x00001040, 0x00400040, 0x80400040, 0x80000000, 0x80401000, 0x80001040, 0x80001040, 0x00000040, 0x80401040, 0x80000040, 0x80000000, 0x00001000, 0x80400000, 0x80001000, 0x00401040, 0x80400040, 0x80001000, 0x00001040, 0x00400000, 0x80401000, 0x00000040, 0x00400000, 0x00001000, 0x00401040 ); /* * Pre-permuted S-box5 * * @var array * @access private / var $sbox5 = array( 0x00000080, 0x01040080, 0x01040000, 0x21000080, 0x00040000, 0x00000080, 0x20000000, 0x01040000, 0x20040080, 0x00040000, 0x01000080, 0x20040080, 0x21000080, 0x21040000, 0x00040080, 0x20000000, 0x01000000, 0x20040000, 0x20040000, 0x00000000, 0x20000080, 0x21040080, 0x21040080, 0x01000080, 0x21040000, 0x20000080, 0x00000000, 0x21000000, 0x01040080, 0x01000000, 0x21000000, 0x00040080, 0x00040000, 0x21000080, 0x00000080, 0x01000000, 0x20000000, 0x01040000, 0x21000080, 0x20040080, 0x01000080, 0x20000000, 0x21040000, 0x01040080, 0x20040080, 0x00000080, 0x01000000, 0x21040000, 0x21040080, 0x00040080, 0x21000000, 0x21040080, 0x01040000, 0x00000000, 0x20040000, 0x21000000, 0x00040080, 0x01000080, 0x20000080, 0x00040000, 0x00000000, 0x20040000, 0x01040080, 0x20000080 ); /* * Pre-permuted S-box6 * * @var array * @access private / var $sbox6 = array( 0x10000008, 0x10200000, 0x00002000, 0x10202008, 0x10200000, 0x00000008, 0x10202008, 0x00200000, 0x10002000, 0x00202008, 0x00200000, 0x10000008, 0x00200008, 0x10002000, 0x10000000, 0x00002008, 0x00000000, 0x00200008, 0x10002008, 0x00002000, 0x00202000, 0x10002008, 0x00000008, 0x10200008, 0x10200008, 0x00000000, 0x00202008, 0x10202000, 0x00002008, 0x00202000, 0x10202000, 0x10000000, 0x10002000, 0x00000008, 0x10200008, 0x00202000, 0x10202008, 0x00200000, 0x00002008, 0x10000008, 0x00200000, 0x10002000, 0x10000000, 0x00002008, 0x10000008, 0x10202008, 0x00202000, 0x10200000, 0x00202008, 0x10202000, 0x00000000, 0x10200008, 0x00000008, 0x00002000, 0x10200000, 0x00202008, 0x00002000, 0x00200008, 0x10002008, 0x00000000, 0x10202000, 0x10000000, 0x00200008, 0x10002008 ); /* * Pre-permuted S-box7 * * @var array * @access private / var $sbox7 = array( 0x00100000, 0x02100001, 0x02000401, 0x00000000, 0x00000400, 0x02000401, 0x00100401, 0x02100400, 0x02100401, 0x00100000, 0x00000000, 0x02000001, 0x00000001, 0x02000000, 0x02100001, 0x00000401, 0x02000400, 0x00100401, 0x00100001, 0x02000400, 0x02000001, 0x02100000, 0x02100400, 0x00100001, 0x02100000, 0x00000400, 0x00000401, 0x02100401, 0x00100400, 0x00000001, 0x02000000, 0x00100400, 0x02000000, 0x00100400, 0x00100000, 0x02000401, 0x02000401, 0x02100001, 0x02100001, 0x00000001, 0x00100001, 0x02000000, 0x02000400, 0x00100000, 0x02100400, 0x00000401, 0x00100401, 0x02100400, 0x00000401, 0x02000001, 0x02100401, 0x02100000, 0x00100400, 0x00000000, 0x00000001, 0x02100401, 0x00000000, 0x00100401, 0x02100000, 0x00000400, 0x02000001, 0x02000400, 0x00000400, 0x00100001 ); /* * Pre-permuted S-box8 * * @var array * @access private / var $sbox8 = array( 0x08000820, 0x00000800, 0x00020000, 0x08020820, 0x08000000, 0x08000820, 0x00000020, 0x08000000, 0x00020020, 0x08020000, 0x08020820, 0x00020800, 0x08020800, 0x00020820, 0x00000800, 0x00000020, 0x08020000, 0x08000020, 0x08000800, 0x00000820, 0x00020800, 0x00020020, 0x08020020, 0x08020800, 0x00000820, 0x00000000, 0x00000000, 0x08020020, 0x08000020, 0x08000800, 0x00020820, 0x00020000, 0x00020820, 0x00020000, 0x08020800, 0x00000800, 0x00000020, 0x08020020, 0x00000800, 0x00020820, 0x08000800, 0x00000020, 0x08000020, 0x08020000, 0x08020020, 0x08000000, 0x00020000, 0x08000820, 0x00000000, 0x08020820, 0x00020020, 0x08000020, 0x08020000, 0x08000800, 0x08000820, 0x00000000, 0x08020820, 0x00020800, 0x00020800, 0x00000820, 0x00000820, 0x00020020, 0x08000000, 0x08020800 ); /* * Test for engine validity * * This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine() * * @see Crypt_Base::isValidEngine() * @param int $engine * @access public * @return bool / function isValidEngine($engine) { if ($this->key_length_max == 8) { if ($engine == CRYPT_ENGINE_OPENSSL) { $this->cipher_name_openssl_ecb = 'des-ecb'; $this->cipher_name_openssl = 'des-' . $this->_openssl_translate_mode(); } } return parent::isValidEngine($engine); } /* * Sets the key. * * Keys can be of any length. DES, itself, uses 64-bit keys (eg. strlen($key) == 8), however, we * only use the first eight, if $key has more then eight characters in it, and pad $key with the * null byte if it is less then eight characters long. * * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. * * If the key is not explicitly set, it'll be assumed to be all zero's. * * @see Crypt_Base::setKey() * @access public * @param string $key / function setKey($key) { // We check/cut here only up to max length of the key. // Key padding to the proper length will be done in _setupKey() if (strlen($key) > $this->key_length_max) { $key = substr($key, 0, $this->key_length_max); } // Sets the key parent::setKey($key); } /* * Encrypts a block * * @see Crypt_Base::_encryptBlock() * @see Crypt_Base::encrypt() * @see self::encrypt() * @access private * @param string $in * @return string / function _encryptBlock($in) { return $this->_processBlock($in, CRYPT_DES_ENCRYPT); } /* * Decrypts a block * * @see Crypt_Base::_decryptBlock() * @see Crypt_Base::decrypt() * @see self::decrypt() * @access private * @param string $in * @return string / function _decryptBlock($in) { return $this->_processBlock($in, CRYPT_DES_DECRYPT); } /* * Encrypts or decrypts a 64-bit block * * $mode should be either CRYPT_DES_ENCRYPT or CRYPT_DES_DECRYPT. See * {@link http://en.wikipedia.org/wiki/Image:Feistel.png Feistel.png} to get a general * idea of what this function does. * * @see self::_encryptBlock() * @see self::_decryptBlock() * @access private * @param string $block * @param int $mode * @return string / function _processBlock($block, $mode) { static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; if (!$sbox1) { $sbox1 = array_map("intval", $this->sbox1); $sbox2 = array_map("intval", $this->sbox2); $sbox3 = array_map("intval", $this->sbox3); $sbox4 = array_map("intval", $this->sbox4); $sbox5 = array_map("intval", $this->sbox5); $sbox6 = array_map("intval", $this->sbox6); $sbox7 = array_map("intval", $this->sbox7); $sbox8 = array_map("intval", $this->sbox8); / Merge $shuffle with $[inv]ipmap / for ($i = 0; $i < 256; ++$i) { $shuffleip[] = $this->shuffle[$this->ipmap[$i]]; $shuffleinvip[] = $this->shuffle[$this->invipmap[$i]]; } } $keys = $this->keys[$mode]; $ki = -1; // Do the initial IP permutation. $t = unpack('Nl/Nr', $block); list($l, $r) = array($t['l'], $t['r']); $block = ($shuffleip[ $r & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") \| ($shuffleip[($r >> 8) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") \| ($shuffleip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") \| ($shuffleip[($r >> 24) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") \| ($shuffleip[ $l & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") \| ($shuffleip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") \| ($shuffleip[($l >> 16) & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") \| ($shuffleip[($l >> 24) & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); // Extract L0 and R0. $t = unpack('Nl/Nr', $block); list($l, $r) = array($t['l'], $t['r']); for ($des_round = 0; $des_round < $this->des_rounds; ++$des_round) { // Perform the 16 steps. for ($i = 0; $i < 16; $i++) { // start of "the Feistel (F) function" - see the following URL: // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png // Merge key schedule. $b1 = (($r >> 3) & 0x1FFFFFFF) ^ ($r << 29) ^ $keys[++$ki]; $b2 = (($r >> 31) & 0x00000001) ^ ($r << 1) ^ $keys[++$ki]; // S-box indexing. $t = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ $l; // end of "the Feistel (F) function" $l = $r; $r = $t; } // Last step should not permute L & R. $t = $l; $l = $r; $r = $t; } // Perform the inverse IP permutation. return ($shuffleinvip[($r >> 24) & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") \| ($shuffleinvip[($l >> 24) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") \| ($shuffleinvip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") \| ($shuffleinvip[($l >> 16) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") \| ($shuffleinvip[($r >> 8) & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") \| ($shuffleinvip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") \| ($shuffleinvip[ $r & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") \| ($shuffleinvip[ $l & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); } /* * Creates the key schedule * * @see Crypt_Base::_setupKey() * @access private / function _setupKey() { if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->des_rounds === $this->kl['des_rounds']) { // already expanded return; } $this->kl = array('key' => $this->key, 'des_rounds' => $this->des_rounds); static $shifts = array( // number of key bits shifted per round 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 ); static $pc1map = array( 0x00, 0x00, 0x08, 0x08, 0x04, 0x04, 0x0C, 0x0C, 0x02, 0x02, 0x0A, 0x0A, 0x06, 0x06, 0x0E, 0x0E, 0x10, 0x10, 0x18, 0x18, 0x14, 0x14, 0x1C, 0x1C, 0x12, 0x12, 0x1A, 0x1A, 0x16, 0x16, 0x1E, 0x1E, 0x20, 0x20, 0x28, 0x28, 0x24, 0x24, 0x2C, 0x2C, 0x22, 0x22, 0x2A, 0x2A, 0x26, 0x26, 0x2E, 0x2E, 0x30, 0x30, 0x38, 0x38, 0x34, 0x34, 0x3C, 0x3C, 0x32, 0x32, 0x3A, 0x3A, 0x36, 0x36, 0x3E, 0x3E, 0x40, 0x40, 0x48, 0x48, 0x44, 0x44, 0x4C, 0x4C, 0x42, 0x42, 0x4A, 0x4A, 0x46, 0x46, 0x4E, 0x4E, 0x50, 0x50, 0x58, 0x58, 0x54, 0x54, 0x5C, 0x5C, 0x52, 0x52, 0x5A, 0x5A, 0x56, 0x56, 0x5E, 0x5E, 0x60, 0x60, 0x68, 0x68, 0x64, 0x64, 0x6C, 0x6C, 0x62, 0x62, 0x6A, 0x6A, 0x66, 0x66, 0x6E, 0x6E, 0x70, 0x70, 0x78, 0x78, 0x74, 0x74, 0x7C, 0x7C, 0x72, 0x72, 0x7A, 0x7A, 0x76, 0x76, 0x7E, 0x7E, 0x80, 0x80, 0x88, 0x88, 0x84, 0x84, 0x8C, 0x8C, 0x82, 0x82, 0x8A, 0x8A, 0x86, 0x86, 0x8E, 0x8E, 0x90, 0x90, 0x98, 0x98, 0x94, 0x94, 0x9C, 0x9C, 0x92, 0x92, 0x9A, 0x9A, 0x96, 0x96, 0x9E, 0x9E, 0xA0, 0xA0, 0xA8, 0xA8, 0xA4, 0xA4, 0xAC, 0xAC, 0xA2, 0xA2, 0xAA, 0xAA, 0xA6, 0xA6, 0xAE, 0xAE, 0xB0, 0xB0, 0xB8, 0xB8, 0xB4, 0xB4, 0xBC, 0xBC, 0xB2, 0xB2, 0xBA, 0xBA, 0xB6, 0xB6, 0xBE, 0xBE, 0xC0, 0xC0, 0xC8, 0xC8, 0xC4, 0xC4, 0xCC, 0xCC, 0xC2, 0xC2, 0xCA, 0xCA, 0xC6, 0xC6, 0xCE, 0xCE, 0xD0, 0xD0, 0xD8, 0xD8, 0xD4, 0xD4, 0xDC, 0xDC, 0xD2, 0xD2, 0xDA, 0xDA, 0xD6, 0xD6, 0xDE, 0xDE, 0xE0, 0xE0, 0xE8, 0xE8, 0xE4, 0xE4, 0xEC, 0xEC, 0xE2, 0xE2, 0xEA, 0xEA, 0xE6, 0xE6, 0xEE, 0xEE, 0xF0, 0xF0, 0xF8, 0xF8, 0xF4, 0xF4, 0xFC, 0xFC, 0xF2, 0xF2, 0xFA, 0xFA, 0xF6, 0xF6, 0xFE, 0xFE ); // Mapping tables for the PC-2 transformation. static $pc2mapc1 = array( 0x00000000, 0x00000400, 0x00200000, 0x00200400, 0x00000001, 0x00000401, 0x00200001, 0x00200401, 0x02000000, 0x02000400, 0x02200000, 0x02200400, 0x02000001, 0x02000401, 0x02200001, 0x02200401 ); static $pc2mapc2 = array( 0x00000000, 0x00000800, 0x08000000, 0x08000800, 0x00010000, 0x00010800, 0x08010000, 0x08010800, 0x00000000, 0x00000800, 0x08000000, 0x08000800, 0x00010000, 0x00010800, 0x08010000, 0x08010800, 0x00000100, 0x00000900, 0x08000100, 0x08000900, 0x00010100, 0x00010900, 0x08010100, 0x08010900, 0x00000100, 0x00000900, 0x08000100, 0x08000900, 0x00010100, 0x00010900, 0x08010100, 0x08010900, 0x00000010, 0x00000810, 0x08000010, 0x08000810, 0x00010010, 0x00010810, 0x08010010, 0x08010810, 0x00000010, 0x00000810, 0x08000010, 0x08000810, 0x00010010, 0x00010810, 0x08010010, 0x08010810, 0x00000110, 0x00000910, 0x08000110, 0x08000910, 0x00010110, 0x00010910, 0x08010110, 0x08010910, 0x00000110, 0x00000910, 0x08000110, 0x08000910, 0x00010110, 0x00010910, 0x08010110, 0x08010910, 0x00040000, 0x00040800, 0x08040000, 0x08040800, 0x00050000, 0x00050800, 0x08050000, 0x08050800, 0x00040000, 0x00040800, 0x08040000, 0x08040800, 0x00050000, 0x00050800, 0x08050000, 0x08050800, 0x00040100, 0x00040900, 0x08040100, 0x08040900, 0x00050100, 0x00050900, 0x08050100, 0x08050900, 0x00040100, 0x00040900, 0x08040100, 0x08040900, 0x00050100, 0x00050900, 0x08050100, 0x08050900, 0x00040010, 0x00040810, 0x08040010, 0x08040810, 0x00050010, 0x00050810, 0x08050010, 0x08050810, 0x00040010, 0x00040810, 0x08040010, 0x08040810, 0x00050010, 0x00050810, 0x08050010, 0x08050810, 0x00040110, 0x00040910, 0x08040110, 0x08040910, 0x00050110, 0x00050910, 0x08050110, 0x08050910, 0x00040110, 0x00040910, 0x08040110, 0x08040910, 0x00050110, 0x00050910, 0x08050110, 0x08050910, 0x01000000, 0x01000800, 0x09000000, 0x09000800, 0x01010000, 0x01010800, 0x09010000, 0x09010800, 0x01000000, 0x01000800, 0x09000000, 0x09000800, 0x01010000, 0x01010800, 0x09010000, 0x09010800, 0x01000100, 0x01000900, 0x09000100, 0x09000900, 0x01010100, 0x01010900, 0x09010100, 0x09010900, 0x01000100, 0x01000900, 0x09000100, 0x09000900, 0x01010100, 0x01010900, 0x09010100, 0x09010900, 0x01000010, 0x01000810, 0x09000010, 0x09000810, 0x01010010, 0x01010810, 0x09010010, 0x09010810, 0x01000010, 0x01000810, 0x09000010, 0x09000810, 0x01010010, 0x01010810, 0x09010010, 0x09010810, 0x01000110, 0x01000910, 0x09000110, 0x09000910, 0x01010110, 0x01010910, 0x09010110, 0x09010910, 0x01000110, 0x01000910, 0x09000110, 0x09000910, 0x01010110, 0x01010910, 0x09010110, 0x09010910, 0x01040000, 0x01040800, 0x09040000, 0x09040800, 0x01050000, 0x01050800, 0x09050000, 0x09050800, 0x01040000, 0x01040800, 0x09040000, 0x09040800, 0x01050000, 0x01050800, 0x09050000, 0x09050800, 0x01040100, 0x01040900, 0x09040100, 0x09040900, 0x01050100, 0x01050900, 0x09050100, 0x09050900, 0x01040100, 0x01040900, 0x09040100, 0x09040900, 0x01050100, 0x01050900, 0x09050100, 0x09050900, 0x01040010, 0x01040810, 0x09040010, 0x09040810, 0x01050010, 0x01050810, 0x09050010, 0x09050810, 0x01040010, 0x01040810, 0x09040010, 0x09040810, 0x01050010, 0x01050810, 0x09050010, 0x09050810, 0x01040110, 0x01040910, 0x09040110, 0x09040910, 0x01050110, 0x01050910, 0x09050110, 0x09050910, 0x01040110, 0x01040910, 0x09040110, 0x09040910, 0x01050110, 0x01050910, 0x09050110, 0x09050910 ); static $pc2mapc3 = array( 0x00000000, 0x00000004, 0x00001000, 0x00001004, 0x00000000, 0x00000004, 0x00001000, 0x00001004, 0x10000000, 0x10000004, 0x10001000, 0x10001004, 0x10000000, 0x10000004, 0x10001000, 0x10001004, 0x00000020, 0x00000024, 0x00001020, 0x00001024, 0x00000020, 0x00000024, 0x00001020, 0x00001024, 0x10000020, 0x10000024, 0x10001020, 0x10001024, 0x10000020, 0x10000024, 0x10001020, 0x10001024, 0x00080000, 0x00080004, 0x00081000, 0x00081004, 0x00080000, 0x00080004, 0x00081000, 0x00081004, 0x10080000, 0x10080004, 0x10081000, 0x10081004, 0x10080000, 0x10080004, 0x10081000, 0x10081004, 0x00080020, 0x00080024, 0x00081020, 0x00081024, 0x00080020, 0x00080024, 0x00081020, 0x00081024, 0x10080020, 0x10080024, 0x10081020, 0x10081024, 0x10080020, 0x10080024, 0x10081020, 0x10081024, 0x20000000, 0x20000004, 0x20001000, 0x20001004, 0x20000000, 0x20000004, 0x20001000, 0x20001004, 0x30000000, 0x30000004, 0x30001000, 0x30001004, 0x30000000, 0x30000004, 0x30001000, 0x30001004, 0x20000020, 0x20000024, 0x20001020, 0x20001024, 0x20000020, 0x20000024, 0x20001020, 0x20001024, 0x30000020, 0x30000024, 0x30001020, 0x30001024, 0x30000020, 0x30000024, 0x30001020, 0x30001024, 0x20080000, 0x20080004, 0x20081000, 0x20081004, 0x20080000, 0x20080004, 0x20081000, 0x20081004, 0x30080000, 0x30080004, 0x30081000, 0x30081004, 0x30080000, 0x30080004, 0x30081000, 0x30081004, 0x20080020, 0x20080024, 0x20081020, 0x20081024, 0x20080020, 0x20080024, 0x20081020, 0x20081024, 0x30080020, 0x30080024, 0x30081020, 0x30081024, 0x30080020, 0x30080024, 0x30081020, 0x30081024, 0x00000002, 0x00000006, 0x00001002, 0x00001006, 0x00000002, 0x00000006, 0x00001002, 0x00001006, 0x10000002, 0x10000006, 0x10001002, 0x10001006, 0x10000002, 0x10000006, 0x10001002, 0x10001006, 0x00000022, 0x00000026, 0x00001022, 0x00001026, 0x00000022, 0x00000026, 0x00001022, 0x00001026, 0x10000022, 0x10000026, 0x10001022, 0x10001026, 0x10000022, 0x10000026, 0x10001022, 0x10001026, 0x00080002, 0x00080006, 0x00081002, 0x00081006, 0x00080002, 0x00080006, 0x00081002, 0x00081006, 0x10080002, 0x10080006, 0x10081002, 0x10081006, 0x10080002, 0x10080006, 0x10081002, 0x10081006, 0x00080022, 0x00080026, 0x00081022, 0x00081026, 0x00080022, 0x00080026, 0x00081022, 0x00081026, 0x10080022, 0x10080026, 0x10081022, 0x10081026, 0x10080022, 0x10080026, 0x10081022, 0x10081026, 0x20000002, 0x20000006, 0x20001002, 0x20001006, 0x20000002, 0x20000006, 0x20001002, 0x20001006, 0x30000002, 0x30000006, 0x30001002, 0x30001006, 0x30000002, 0x30000006, 0x30001002, 0x30001006, 0x20000022, 0x20000026, 0x20001022, 0x20001026, 0x20000022, 0x20000026, 0x20001022, 0x20001026, 0x30000022, 0x30000026, 0x30001022, 0x30001026, 0x30000022, 0x30000026, 0x30001022, 0x30001026, 0x20080002, 0x20080006, 0x20081002, 0x20081006, 0x20080002, 0x20080006, 0x20081002, 0x20081006, 0x30080002, 0x30080006, 0x30081002, 0x30081006, 0x30080002, 0x30080006, 0x30081002, 0x30081006, 0x20080022, 0x20080026, 0x20081022, 0x20081026, 0x20080022, 0x20080026, 0x20081022, 0x20081026, 0x30080022, 0x30080026, 0x30081022, 0x30081026, 0x30080022, 0x30080026, 0x30081022, 0x30081026 ); static $pc2mapc4 = array( 0x00000000, 0x00100000, 0x00000008, 0x00100008, 0x00000200, 0x00100200, 0x00000208, 0x00100208, 0x00000000, 0x00100000, 0x00000008, 0x00100008, 0x00000200, 0x00100200, 0x00000208, 0x00100208, 0x04000000, 0x04100000, 0x04000008, 0x04100008, 0x04000200, 0x04100200, 0x04000208, 0x04100208, 0x04000000, 0x04100000, 0x04000008, 0x04100008, 0x04000200, 0x04100200, 0x04000208, 0x04100208, 0x00002000, 0x00102000, 0x00002008, 0x00102008, 0x00002200, 0x00102200, 0x00002208, 0x00102208, 0x00002000, 0x00102000, 0x00002008, 0x00102008, 0x00002200, 0x00102200, 0x00002208, 0x00102208, 0x04002000, 0x04102000, 0x04002008, 0x04102008, 0x04002200, 0x04102200, 0x04002208, 0x04102208, 0x04002000, 0x04102000, 0x04002008, 0x04102008, 0x04002200, 0x04102200, 0x04002208, 0x04102208, 0x00000000, 0x00100000, 0x00000008, 0x00100008, 0x00000200, 0x00100200, 0x00000208, 0x00100208, 0x00000000, 0x00100000, 0x00000008, 0x00100008, 0x00000200, 0x00100200, 0x00000208, 0x00100208, 0x04000000, 0x04100000, 0x04000008, 0x04100008, 0x04000200, 0x04100200, 0x04000208, 0x04100208, 0x04000000, 0x04100000, 0x04000008, 0x04100008, 0x04000200, 0x04100200, 0x04000208, 0x04100208, 0x00002000, 0x00102000, 0x00002008, 0x00102008, 0x00002200, 0x00102200, 0x00002208, 0x00102208, 0x00002000, 0x00102000, 0x00002008, 0x00102008, 0x00002200, 0x00102200, 0x00002208, 0x00102208, 0x04002000, 0x04102000, 0x04002008, 0x04102008, 0x04002200, 0x04102200, 0x04002208, 0x04102208, 0x04002000, 0x04102000, 0x04002008, 0x04102008, 0x04002200, 0x04102200, 0x04002208, 0x04102208, 0x00020000, 0x00120000, 0x00020008, 0x00120008, 0x00020200, 0x00120200, 0x00020208, 0x00120208, 0x00020000, 0x00120000, 0x00020008, 0x00120008, 0x00020200, 0x00120200, 0x00020208, 0x00120208, 0x04020000, 0x04120000, 0x04020008, 0x04120008, 0x04020200, 0x04120200, 0x04020208, 0x04120208, 0x04020000, 0x04120000, 0x04020008, 0x04120008, 0x04020200, 0x04120200, 0x04020208, 0x04120208, 0x00022000, 0x00122000, 0x00022008, 0x00122008, 0x00022200, 0x00122200, 0x00022208, 0x00122208, 0x00022000, 0x00122000, 0x00022008, 0x00122008, 0x00022200, 0x00122200, 0x00022208, 0x00122208, 0x04022000, 0x04122000, 0x04022008, 0x04122008, 0x04022200, 0x04122200, 0x04022208, 0x04122208, 0x04022000, 0x04122000, 0x04022008, 0x04122008, 0x04022200, 0x04122200, 0x04022208, 0x04122208, 0x00020000, 0x00120000, 0x00020008, 0x00120008, 0x00020200, 0x00120200, 0x00020208, 0x00120208, 0x00020000, 0x00120000, 0x00020008, 0x00120008, 0x00020200, 0x00120200, 0x00020208, 0x00120208, 0x04020000, 0x04120000, 0x04020008, 0x04120008, 0x04020200, 0x04120200, 0x04020208, 0x04120208, 0x04020000, 0x04120000, 0x04020008, 0x04120008, 0x04020200, 0x04120200, 0x04020208, 0x04120208, 0x00022000, 0x00122000, 0x00022008, 0x00122008, 0x00022200, 0x00122200, 0x00022208, 0x00122208, 0x00022000, 0x00122000, 0x00022008, 0x00122008, 0x00022200, 0x00122200, 0x00022208, 0x00122208, 0x04022000, 0x04122000, 0x04022008, 0x04122008, 0x04022200, 0x04122200, 0x04022208, 0x04122208, 0x04022000, 0x04122000, 0x04022008, 0x04122008, 0x04022200, 0x04122200, 0x04022208, 0x04122208 ); static $pc2mapd1 = array( 0x00000000, 0x00000001, 0x08000000, 0x08000001, 0x00200000, 0x00200001, 0x08200000, 0x08200001, 0x00000002, 0x00000003, 0x08000002, 0x08000003, 0x00200002, 0x00200003, 0x08200002, 0x08200003 ); static $pc2mapd2 = array( 0x00000000, 0x00100000, 0x00000800, 0x00100800, 0x00000000, 0x00100000, 0x00000800, 0x00100800, 0x04000000, 0x04100000, 0x04000800, 0x04100800, 0x04000000, 0x04100000, 0x04000800, 0x04100800, 0x00000004, 0x00100004, 0x00000804, 0x00100804, 0x00000004, 0x00100004, 0x00000804, 0x00100804, 0x04000004, 0x04100004, 0x04000804, 0x04100804, 0x04000004, 0x04100004, 0x04000804, 0x04100804, 0x00000000, 0x00100000, 0x00000800, 0x00100800, 0x00000000, 0x00100000, 0x00000800, 0x00100800, 0x04000000, 0x04100000, 0x04000800, 0x04100800, 0x04000000, 0x04100000, 0x04000800, 0x04100800, 0x00000004, 0x00100004, 0x00000804, 0x00100804, 0x00000004, 0x00100004, 0x00000804, 0x00100804, 0x04000004, 0x04100004, 0x04000804, 0x04100804, 0x04000004, 0x04100004, 0x04000804, 0x04100804, 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, 0x00000200, 0x00100200, 0x00000A00, 0x00100A00, 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, 0x04000200, 0x04100200, 0x04000A00, 0x04100A00, 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, 0x00000204, 0x00100204, 0x00000A04, 0x00100A04, 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, 0x04000204, 0x04100204, 0x04000A04, 0x04100A04, 0x00020000, 0x00120000, 0x00020800, 0x00120800, 0x00020000, 0x00120000, 0x00020800, 0x00120800, 0x04020000, 0x04120000, 0x04020800, 0x04120800, 0x04020000, 0x04120000, 0x04020800, 0x04120800, 0x00020004, 0x00120004, 0x00020804, 0x00120804, 0x00020004, 0x00120004, 0x00020804, 0x00120804, 0x04020004, 0x04120004, 0x04020804, 0x04120804, 0x04020004, 0x04120004, 0x04020804, 0x04120804, 0x00020000, 0x00120000, 0x00020800, 0x00120800, 0x00020000, 0x00120000, 0x00020800, 0x00120800, 0x04020000, 0x04120000, 0x04020800, 0x04120800, 0x04020000, 0x04120000, 0x04020800, 0x04120800, 0x00020004, 0x00120004, 0x00020804, 0x00120804, 0x00020004, 0x00120004, 0x00020804, 0x00120804, 0x04020004, 0x04120004, 0x04020804, 0x04120804, 0x04020004, 0x04120004, 0x04020804, 0x04120804, 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, 0x04020204, 0x04120204, 0x04020A04, 0x04120A04, 0x04020204, 0x04120204, 0x04020A04, 0x04120A04, 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, 0x00020200, 0x00120200, 0x00020A00, 0x00120A00, 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, 0x04020200, 0x04120200, 0x04020A00, 0x04120A00, 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, 0x00020204, 0x00120204, 0x00020A04, 0x00120A04, 0x04020204, 0x04120204, 0x04020A04, 0x04120A04, 0x04020204, 0x04120204, 0x04020A04, 0x04120A04 ); static $pc2mapd3 = array( 0x00000000, 0x00010000, 0x02000000, 0x02010000, 0x00000020, 0x00010020, 0x02000020, 0x02010020, 0x00040000, 0x00050000, 0x02040000, 0x02050000, 0x00040020, 0x00050020, 0x02040020, 0x02050020, 0x00002000, 0x00012000, 0x02002000, 0x02012000, 0x00002020, 0x00012020, 0x02002020, 0x02012020, 0x00042000, 0x00052000, 0x02042000, 0x02052000, 0x00042020, 0x00052020, 0x02042020, 0x02052020, 0x00000000, 0x00010000, 0x02000000, 0x02010000, 0x00000020, 0x00010020, 0x02000020, 0x02010020, 0x00040000, 0x00050000, 0x02040000, 0x02050000, 0x00040020, 0x00050020, 0x02040020, 0x02050020, 0x00002000, 0x00012000, 0x02002000, 0x02012000, 0x00002020, 0x00012020, 0x02002020, 0x02012020, 0x00042000, 0x00052000, 0x02042000, 0x02052000, 0x00042020, 0x00052020, 0x02042020, 0x02052020, 0x00000010, 0x00010010, 0x02000010, 0x02010010, 0x00000030, 0x00010030, 0x02000030, 0x02010030, 0x00040010, 0x00050010, 0x02040010, 0x02050010, 0x00040030, 0x00050030, 0x02040030, 0x02050030, 0x00002010, 0x00012010, 0x02002010, 0x02012010, 0x00002030, 0x00012030, 0x02002030, 0x02012030, 0x00042010, 0x00052010, 0x02042010, 0x02052010, 0x00042030, 0x00052030, 0x02042030, 0x02052030, 0x00000010, 0x00010010, 0x02000010, 0x02010010, 0x00000030, 0x00010030, 0x02000030, 0x02010030, 0x00040010, 0x00050010, 0x02040010, 0x02050010, 0x00040030, 0x00050030, 0x02040030, 0x02050030, 0x00002010, 0x00012010, 0x02002010, 0x02012010, 0x00002030, 0x00012030, 0x02002030, 0x02012030, 0x00042010, 0x00052010, 0x02042010, 0x02052010, 0x00042030, 0x00052030, 0x02042030, 0x02052030, 0x20000000, 0x20010000, 0x22000000, 0x22010000, 0x20000020, 0x20010020, 0x22000020, 0x22010020, 0x20040000, 0x20050000, 0x22040000, 0x22050000, 0x20040020, 0x20050020, 0x22040020, 0x22050020, 0x20002000, 0x20012000, 0x22002000, 0x22012000, 0x20002020, 0x20012020, 0x22002020, 0x22012020, 0x20042000, 0x20052000, 0x22042000, 0x22052000, 0x20042020, 0x20052020, 0x22042020, 0x22052020, 0x20000000, 0x20010000, 0x22000000, 0x22010000, 0x20000020, 0x20010020, 0x22000020, 0x22010020, 0x20040000, 0x20050000, 0x22040000, 0x22050000, 0x20040020, 0x20050020, 0x22040020, 0x22050020, 0x20002000, 0x20012000, 0x22002000, 0x22012000, 0x20002020, 0x20012020, 0x22002020, 0x22012020, 0x20042000, 0x20052000, 0x22042000, 0x22052000, 0x20042020, 0x20052020, 0x22042020, 0x22052020, 0x20000010, 0x20010010, 0x22000010, 0x22010010, 0x20000030, 0x20010030, 0x22000030, 0x22010030, 0x20040010, 0x20050010, 0x22040010, 0x22050010, 0x20040030, 0x20050030, 0x22040030, 0x22050030, 0x20002010, 0x20012010, 0x22002010, 0x22012010, 0x20002030, 0x20012030, 0x22002030, 0x22012030, 0x20042010, 0x20052010, 0x22042010, 0x22052010, 0x20042030, 0x20052030, 0x22042030, 0x22052030, 0x20000010, 0x20010010, 0x22000010, 0x22010010, 0x20000030, 0x20010030, 0x22000030, 0x22010030, 0x20040010, 0x20050010, 0x22040010, 0x22050010, 0x20040030, 0x20050030, 0x22040030, 0x22050030, 0x20002010, 0x20012010, 0x22002010, 0x22012010, 0x20002030, 0x20012030, 0x22002030, 0x22012030, 0x20042010, 0x20052010, 0x22042010, 0x22052010, 0x20042030, 0x20052030, 0x22042030, 0x22052030 ); static $pc2mapd4 = array( 0x00000000, 0x00000400, 0x01000000, 0x01000400, 0x00000000, 0x00000400, 0x01000000, 0x01000400, 0x00000100, 0x00000500, 0x01000100, 0x01000500, 0x00000100, 0x00000500, 0x01000100, 0x01000500, 0x10000000, 0x10000400, 0x11000000, 0x11000400, 0x10000000, 0x10000400, 0x11000000, 0x11000400, 0x10000100, 0x10000500, 0x11000100, 0x11000500, 0x10000100, 0x10000500, 0x11000100, 0x11000500, 0x00080000, 0x00080400, 0x01080000, 0x01080400, 0x00080000, 0x00080400, 0x01080000, 0x01080400, 0x00080100, 0x00080500, 0x01080100, 0x01080500, 0x00080100, 0x00080500, 0x01080100, 0x01080500, 0x10080000, 0x10080400, 0x11080000, 0x11080400, 0x10080000, 0x10080400, 0x11080000, 0x11080400, 0x10080100, 0x10080500, 0x11080100, 0x11080500, 0x10080100, 0x10080500, 0x11080100, 0x11080500, 0x00000008, 0x00000408, 0x01000008, 0x01000408, 0x00000008, 0x00000408, 0x01000008, 0x01000408, 0x00000108, 0x00000508, 0x01000108, 0x01000508, 0x00000108, 0x00000508, 0x01000108, 0x01000508, 0x10000008, 0x10000408, 0x11000008, 0x11000408, 0x10000008, 0x10000408, 0x11000008, 0x11000408, 0x10000108, 0x10000508, 0x11000108, 0x11000508, 0x10000108, 0x10000508, 0x11000108, 0x11000508, 0x00080008, 0x00080408, 0x01080008, 0x01080408, 0x00080008, 0x00080408, 0x01080008, 0x01080408, 0x00080108, 0x00080508, 0x01080108, 0x01080508, 0x00080108, 0x00080508, 0x01080108, 0x01080508, 0x10080008, 0x10080408, 0x11080008, 0x11080408, 0x10080008, 0x10080408, 0x11080008, 0x11080408, 0x10080108, 0x10080508, 0x11080108, 0x11080508, 0x10080108, 0x10080508, 0x11080108, 0x11080508, 0x00001000, 0x00001400, 0x01001000, 0x01001400, 0x00001000, 0x00001400, 0x01001000, 0x01001400, 0x00001100, 0x00001500, 0x01001100, 0x01001500, 0x00001100, 0x00001500, 0x01001100, 0x01001500, 0x10001000, 0x10001400, 0x11001000, 0x11001400, 0x10001000, 0x10001400, 0x11001000, 0x11001400, 0x10001100, 0x10001500, 0x11001100, 0x11001500, 0x10001100, 0x10001500, 0x11001100, 0x11001500, 0x00081000, 0x00081400, 0x01081000, 0x01081400, 0x00081000, 0x00081400, 0x01081000, 0x01081400, 0x00081100, 0x00081500, 0x01081100, 0x01081500, 0x00081100, 0x00081500, 0x01081100, 0x01081500, 0x10081000, 0x10081400, 0x11081000, 0x11081400, 0x10081000, 0x10081400, 0x11081000, 0x11081400, 0x10081100, 0x10081500, 0x11081100, 0x11081500, 0x10081100, 0x10081500, 0x11081100, 0x11081500, 0x00001008, 0x00001408, 0x01001008, 0x01001408, 0x00001008, 0x00001408, 0x01001008, 0x01001408, 0x00001108, 0x00001508, 0x01001108, 0x01001508, 0x00001108, 0x00001508, 0x01001108, 0x01001508, 0x10001008, 0x10001408, 0x11001008, 0x11001408, 0x10001008, 0x10001408, 0x11001008, 0x11001408, 0x10001108, 0x10001508, 0x11001108, 0x11001508, 0x10001108, 0x10001508, 0x11001108, 0x11001508, 0x00081008, 0x00081408, 0x01081008, 0x01081408, 0x00081008, 0x00081408, 0x01081008, 0x01081408, 0x00081108, 0x00081508, 0x01081108, 0x01081508, 0x00081108, 0x00081508, 0x01081108, 0x01081508, 0x10081008, 0x10081408, 0x11081008, 0x11081408, 0x10081008, 0x10081408, 0x11081008, 0x11081408, 0x10081108, 0x10081508, 0x11081108, 0x11081508, 0x10081108, 0x10081508, 0x11081108, 0x11081508 ); $keys = array(); for ($des_round = 0; $des_round < $this->des_rounds; ++$des_round) { // pad the key and remove extra characters as appropriate. $key = str_pad(substr($this->key, $des_round 8, 8), 8, "\0"); // Perform the PC/1 transformation and compute C and D. $t = unpack('Nl/Nr', $key); list($l, $r) = array($t['l'], $t['r']); $key = ($this->shuffle[$pc1map[ $r & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x00") \| ($this->shuffle[$pc1map[($r >> 8) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x00") \| ($this->shuffle[$pc1map[($r >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x00") \| ($this->shuffle[$pc1map[($r >> 24) & 0xFF]] & "\x10\x10\x10\x10\x10\x10\x10\x00") \| ($this->shuffle[$pc1map[ $l & 0xFF]] & "\x08\x08\x08\x08\x08\x08\x08\x00") \| ($this->shuffle[$pc1map[($l >> 8) & 0xFF]] & "\x04\x04\x04\x04\x04\x04\x04\x00") \| ($this->shuffle[$pc1map[($l >> 16) & 0xFF]] & "\x02\x02\x02\x02\x02\x02\x02\x00") \| ($this->shuffle[$pc1map[($l >> 24) & 0xFF]] & "\x01\x01\x01\x01\x01\x01\x01\x00"); $key = unpack('Nc/Nd', $key); $c = ( $key['c'] >> 4) & 0x0FFFFFFF; $d = (($key['d'] >> 4) & 0x0FFFFFF0) \| ($key['c'] & 0x0F); $keys[$des_round] = array( CRYPT_DES_ENCRYPT => array(), CRYPT_DES_DECRYPT => array_fill(0, 32, 0) ); for ($i = 0, $ki = 31; $i < 16; ++$i, $ki-= 2) { $c <<= $shifts[$i]; $c = ($c \| ($c >> 28)) & 0x0FFFFFFF; $d <<= $shifts[$i]; $d = ($d \| ($d >> 28)) & 0x0FFFFFFF; // Perform the PC-2 transformation. $cp = $pc2mapc1[ $c >> 24 ] \| $pc2mapc2[($c >> 16) & 0xFF] \| $pc2mapc3[($c >> 8) & 0xFF] \| $pc2mapc4[ $c & 0xFF]; $dp = $pc2mapd1[ $d >> 24 ] \| $pc2mapd2[($d >> 16) & 0xFF] \| $pc2mapd3[($d >> 8) & 0xFF] \| $pc2mapd4[ $d & 0xFF]; // Reorder: odd bytes/even bytes. Push the result in key schedule. $val1 = ( $cp & 0xFF000000) \| (($cp << 8) & 0x00FF0000) \| (($dp >> 16) & 0x0000FF00) \| (($dp >> 8) & 0x000000FF); $val2 = (($cp << 8) & 0xFF000000) \| (($cp << 16) & 0x00FF0000) \| (($dp >> 8) & 0x0000FF00) \| ( $dp & 0x000000FF); $keys[$des_round][CRYPT_DES_ENCRYPT][ ] = $val1; $keys[$des_round][CRYPT_DES_DECRYPT][$ki - 1] = $val1; $keys[$des_round][CRYPT_DES_ENCRYPT][ ] = $val2; $keys[$des_round][CRYPT_DES_DECRYPT][$ki ] = $val2; } } switch ($this->des_rounds) { case 3: // 3DES keys $this->keys = array( CRYPT_DES_ENCRYPT => array_merge( $keys[0][CRYPT_DES_ENCRYPT], $keys[1][CRYPT_DES_DECRYPT], $keys[2][CRYPT_DES_ENCRYPT] ), CRYPT_DES_DECRYPT => array_merge( $keys[2][CRYPT_DES_DECRYPT], $keys[1][CRYPT_DES_ENCRYPT], $keys[0][CRYPT_DES_DECRYPT] ) ); break; // case 1: // DES keys default: $this->keys = array( CRYPT_DES_ENCRYPT => $keys[0][CRYPT_DES_ENCRYPT], CRYPT_DES_DECRYPT => $keys[0][CRYPT_DES_DECRYPT] ); } } /** * Setup the performance-optimized function for de/encrypt() * * @see Crypt_Base::_setupInlineCrypt() * @access private / function _setupInlineCrypt() { $lambda_functions =& Crypt_DES::_getLambdaFunctions(); // Engine configuration for: // - DES ($des_rounds == 1) or // - 3DES ($des_rounds == 3) $des_rounds = $this->des_rounds; // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. // (Currently, for Crypt_DES, one generated $lambda_function cost on php5.5@32bit ~135kb unfreeable mem and ~230kb on php5.5@64bit) // (Currently, for Crypt_TripleDES, one generated $lambda_function cost on php5.5@32bit ~240kb unfreeable mem and ~340kb on php5.5@64bit) // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one $gen_hi_opt_code = (bool)( count($lambda_functions) < 10 ); // Generation of a unique hash for our generated code $code_hash = "Crypt_DES, $des_rounds, {$this->mode}"; if ($gen_hi_opt_code) { // For hi-optimized code, we create for each combination of // $mode, $des_rounds and $this->key its own encrypt/decrypt function. // After max 10 hi-optimized functions, we create generic // (still very fast.. but not ultra) functions for each $mode/$des_rounds // Currently 2 5 generic functions will be then max. possible. $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } // Is there a re-usable $lambda_functions in there? If not, we have to create it. if (!isset($lambda_functions[$code_hash])) { // Init code for both, encrypt and decrypt. $init_crypt = 'static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; if (!$sbox1) { $sbox1 = array_map("intval", $self->sbox1); $sbox2 = array_map("intval", $self->sbox2); $sbox3 = array_map("intval", $self->sbox3); $sbox4 = array_map("intval", $self->sbox4); $sbox5 = array_map("intval", $self->sbox5); $sbox6 = array_map("intval", $self->sbox6); $sbox7 = array_map("intval", $self->sbox7); $sbox8 = array_map("intval", $self->sbox8);' /* Merge $shuffle with $[inv]ipmap / . ' for ($i = 0; $i < 256; ++$i) { $shuffleip[] = $self->shuffle[$self->ipmap[$i]]; $shuffleinvip[] = $self->shuffle[$self->invipmap[$i]]; } } '; switch (true) { case $gen_hi_opt_code: // In Hi-optimized code mode, we use our [3]DES key schedule as hardcoded integers. // No futher initialisation of the $keys schedule is necessary. // That is the extra performance boost. $k = array( CRYPT_DES_ENCRYPT => $this->keys[CRYPT_DES_ENCRYPT], CRYPT_DES_DECRYPT => $this->keys[CRYPT_DES_DECRYPT] ); $init_encrypt = ''; $init_decrypt = ''; break; default: // In generic optimized code mode, we have to use, as the best compromise [currently], // our key schedule as $ke/$kd arrays. (with hardcoded indexes...) $k = array( CRYPT_DES_ENCRYPT => array(), CRYPT_DES_DECRYPT => array() ); for ($i = 0, $c = count($this->keys[CRYPT_DES_ENCRYPT]); $i < $c; ++$i) { $k[CRYPT_DES_ENCRYPT][$i] = '$ke[' . $i . ']'; $k[CRYPT_DES_DECRYPT][$i] = '$kd[' . $i . ']'; } $init_encrypt = '$ke = $self->keys[CRYPT_DES_ENCRYPT];'; $init_decrypt = '$kd = $self->keys[CRYPT_DES_DECRYPT];'; break; } // Creating code for en- and decryption. $crypt_block = array(); foreach (array(CRYPT_DES_ENCRYPT, CRYPT_DES_DECRYPT) as $c) { / Do the initial IP permutation. / $crypt_block[$c] = ' $in = unpack("N", $in); $l = $in[1]; $r = $in[2]; $in = unpack("N", ($shuffleip[ $r & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") \| ($shuffleip[($r >> 8) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") \| ($shuffleip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") \| ($shuffleip[($r >> 24) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") \| ($shuffleip[ $l & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") \| ($shuffleip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") \| ($shuffleip[($l >> 16) & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") \| ($shuffleip[($l >> 24) & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01") ); ' . / Extract L0 and R0 / ' $l = $in[1]; $r = $in[2]; '; $l = '$l'; $r = '$r'; // Perform DES or 3DES. for ($ki = -1, $des_round = 0; $des_round < $des_rounds; ++$des_round) { // Perform the 16 steps. for ($i = 0; $i < 16; ++$i) { // start of "the Feistel (F) function" - see the following URL: // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png // Merge key schedule. $crypt_block[$c].= ' $b1 = ((' . $r . ' >> 3) & 0x1FFFFFFF) ^ (' . $r . ' << 29) ^ ' . $k[$c][++$ki] . '; $b2 = ((' . $r . ' >> 31) & 0x00000001) ^ (' . $r . ' << 1) ^ ' . $k[$c][++$ki] . ';' . / S-box indexing. / $l . ' = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ ' . $l . '; '; // end of "the Feistel (F) function" // swap L & R list($l, $r) = array($r, $l); } list($l, $r) = array($r, $l); } // Perform the inverse IP permutation. $crypt_block[$c].= '$in = ($shuffleinvip[($l >> 24) & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") \| ($shuffleinvip[($r >> 24) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") \| ($shuffleinvip[($l >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") \| ($shuffleinvip[($r >> 16) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") \| ($shuffleinvip[($l >> 8) & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") \| ($shuffleinvip[($r >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") \| ($shuffleinvip[ $l & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") \| ($shuffleinvip[ $r & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); '; } // Creates the inline-crypt function $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( array( 'init_crypt' => $init_crypt, 'init_encrypt' => $init_encrypt, 'init_decrypt' => $init_decrypt, 'encrypt_block' => $crypt_block[CRYPT_DES_ENCRYPT], 'decrypt_block' => $crypt_block[CRYPT_DES_DECRYPT] ) ); } // Set the inline-crypt function as callback in: $this->inline_crypt $this->inline_crypt = $lambda_functions[$code_hash]; } } ��phpseclib/Crypt/RSA.php��0000644��00000350205�15104540706�0010763 0��ustar�00��<?php /* * Pure-PHP PKCS#1 (v2.1) compliant implementation of RSA. * * PHP versions 4 and 5 * * Here's an example of how to encrypt and decrypt text with this library: * <code> * <?php * include 'Crypt/RSA.php'; * * $rsa = new Crypt_RSA(); * extract($rsa->createKey()); * * $plaintext = 'terrafrost'; * * $rsa->loadKey($privatekey); * $ciphertext = $rsa->encrypt($plaintext); * * $rsa->loadKey($publickey); * echo $rsa->decrypt($ciphertext); * ?> * </code> * * Here's an example of how to create signatures and verify signatures with this library: * <code> * <?php * include 'Crypt/RSA.php'; * * $rsa = new Crypt_RSA(); * extract($rsa->createKey()); * * $plaintext = 'terrafrost'; * * $rsa->loadKey($privatekey); * $signature = $rsa->sign($plaintext); * * $rsa->loadKey($publickey); * echo $rsa->verify($plaintext, $signature) ? 'verified' : 'unverified'; * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_RSA * @author Jim Wigginton <terrafrost@php.net> * @copyright 2009 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Crypt_Random / // the class_exists() will only be called if the crypt_random_string function hasn't been defined and // will trigger a call to __autoload() if you're wanting to auto-load classes // call function_exists() a second time to stop the include_once from being called outside // of the auto loader if (!function_exists('crypt_random_string')) { include_once 'Random.php'; } /* * Include Crypt_Hash / if (!class_exists('Crypt_Hash')) { include_once 'Hash.php'; } /#@+ @access public * @see self::encrypt() * @see self::decrypt() / /* * Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding} * (OAEP) for encryption / decryption. * * Uses sha1 by default. * * @see self::setHash() * @see self::setMGFHash() / define('CRYPT_RSA_ENCRYPTION_OAEP', 1); /* * Use PKCS#1 padding. * * Although CRYPT_RSA_ENCRYPTION_OAEP offers more security, including PKCS#1 padding is necessary for purposes of backwards * compatibility with protocols (like SSH-1) written before OAEP's introduction. / define('CRYPT_RSA_ENCRYPTION_PKCS1', 2); /* * Do not use any padding * * Although this method is not recommended it can none-the-less sometimes be useful if you're trying to decrypt some legacy * stuff, if you're trying to diagnose why an encrypted message isn't decrypting, etc. / define('CRYPT_RSA_ENCRYPTION_NONE', 3); /#@-/ /*#@+ @access public * @see self::sign() * @see self::verify() * @see self::setHash() / /* * Use the Probabilistic Signature Scheme for signing * * Uses sha1 by default. * * @see self::setSaltLength() * @see self::setMGFHash() / define('CRYPT_RSA_SIGNATURE_PSS', 1); /* * Use the PKCS#1 scheme by default. * * Although CRYPT_RSA_SIGNATURE_PSS offers more security, including PKCS#1 signing is necessary for purposes of backwards * compatibility with protocols (like SSH-2) written before PSS's introduction. / define('CRYPT_RSA_SIGNATURE_PKCS1', 2); /#@-/ /*#@+ @access private * @see self::createKey() / /* * ASN1 Integer / define('CRYPT_RSA_ASN1_INTEGER', 2); /* * ASN1 Bit String / define('CRYPT_RSA_ASN1_BITSTRING', 3); /* * ASN1 Octet String / define('CRYPT_RSA_ASN1_OCTETSTRING', 4); /* * ASN1 Object Identifier / define('CRYPT_RSA_ASN1_OBJECT', 6); /* * ASN1 Sequence (with the constucted bit set) / define('CRYPT_RSA_ASN1_SEQUENCE', 48); /#@-/ /*#@+ @access private * @see self::Crypt_RSA() / /* * To use the pure-PHP implementation / define('CRYPT_RSA_MODE_INTERNAL', 1); /* * To use the OpenSSL library * * (if enabled; otherwise, the internal implementation will be used) / define('CRYPT_RSA_MODE_OPENSSL', 2); /#@-/ /** * Default openSSL configuration file. / define('CRYPT_RSA_OPENSSL_CONFIG', dirname(__FILE__) . '/../openssl.cnf'); /#@+ @access public * @see self::createKey() * @see self::setPrivateKeyFormat() / /* * PKCS#1 formatted private key * * Used by OpenSSH / define('CRYPT_RSA_PRIVATE_FORMAT_PKCS1', 0); /* * PuTTY formatted private key / define('CRYPT_RSA_PRIVATE_FORMAT_PUTTY', 1); /* * XML formatted private key / define('CRYPT_RSA_PRIVATE_FORMAT_XML', 2); /* * PKCS#8 formatted private key / define('CRYPT_RSA_PRIVATE_FORMAT_PKCS8', 8); /* * OpenSSH formatted private key / define('CRYPT_RSA_PRIVATE_FORMAT_OPENSSH', 9); /#@-/ /*#@+ @access public * @see self::createKey() * @see self::setPublicKeyFormat() / /* * Raw public key * * An array containing two Math_BigInteger objects. * * The exponent can be indexed with any of the following: * * 0, e, exponent, publicExponent * * The modulus can be indexed with any of the following: * * 1, n, modulo, modulus / define('CRYPT_RSA_PUBLIC_FORMAT_RAW', 3); /* * PKCS#1 formatted public key (raw) * * Used by File/X509.php * * Has the following header: * * -----BEGIN RSA PUBLIC KEY----- * * Analogous to ssh-keygen's pem format (as specified by -m) / define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 4); define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW', 4); /* * XML formatted public key / define('CRYPT_RSA_PUBLIC_FORMAT_XML', 5); /* * OpenSSH formatted public key * * Place in $HOME/.ssh/authorized_keys / define('CRYPT_RSA_PUBLIC_FORMAT_OPENSSH', 6); /* * PKCS#1 formatted public key (encapsulated) * * Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set) * * Has the following header: * * -----BEGIN PUBLIC KEY----- * * Analogous to ssh-keygen's pkcs8 format (as specified by -m). Although PKCS8 * is specific to private keys it's basically creating a DER-encoded wrapper * for keys. This just extends that same concept to public keys (much like ssh-keygen) / define('CRYPT_RSA_PUBLIC_FORMAT_PKCS8', 7); /#@-/ /** * Pure-PHP PKCS#1 compliant implementation of RSA. * * @package Crypt_RSA * @author Jim Wigginton <terrafrost@php.net> * @access public / class Crypt_RSA { /* * Precomputed Zero * * @var Math_BigInteger * @access private / var $zero; /* * Precomputed One * * @var Math_BigInteger * @access private / var $one; /* * Private Key Format * * @var int * @access private / var $privateKeyFormat = CRYPT_RSA_PRIVATE_FORMAT_PKCS1; /* * Public Key Format * * @var int * @access public / var $publicKeyFormat = CRYPT_RSA_PUBLIC_FORMAT_PKCS8; /* * Modulus (ie. n) * * @var Math_BigInteger * @access private / var $modulus; /* * Modulus length * * @var Math_BigInteger * @access private / var $k; /* * Exponent (ie. e or d) * * @var Math_BigInteger * @access private / var $exponent; /* * Primes for Chinese Remainder Theorem (ie. p and q) * * @var array * @access private / var $primes; /* * Exponents for Chinese Remainder Theorem (ie. dP and dQ) * * @var array * @access private / var $exponents; /* * Coefficients for Chinese Remainder Theorem (ie. qInv) * * @var array * @access private / var $coefficients; /* * Hash name * * @var string * @access private / var $hashName; /* * Hash function * * @var Crypt_Hash * @access private / var $hash; /* * Length of hash function output * * @var int * @access private / var $hLen; /* * Length of salt * * @var int * @access private / var $sLen; /* * Hash function for the Mask Generation Function * * @var Crypt_Hash * @access private / var $mgfHash; /* * Length of MGF hash function output * * @var int * @access private / var $mgfHLen; /* * Encryption mode * * @var int * @access private / var $encryptionMode = CRYPT_RSA_ENCRYPTION_OAEP; /* * Signature mode * * @var int * @access private / var $signatureMode = CRYPT_RSA_SIGNATURE_PSS; /* * Public Exponent * * @var mixed * @access private / var $publicExponent = false; /* * Password * * @var string * @access private / var $password = false; /* * Components * * For use with parsing XML formatted keys. PHP's XML Parser functions use utilized - instead of PHP's DOM functions - * because PHP's XML Parser functions work on PHP4 whereas PHP's DOM functions - although surperior - don't. * * @see self::_start_element_handler() * @var array * @access private / var $components = array(); /* * Current String * * For use with parsing XML formatted keys. * * @see self::_character_handler() * @see self::_stop_element_handler() * @var mixed * @access private / var $current; /* * OpenSSL configuration file name. * * Set to null to use system configuration file. * @see self::createKey() * @var mixed * @Access public / var $configFile; /* * Public key comment field. * * @var string * @access private / var $comment = 'phpseclib-generated-key'; /* * The constructor * * If you want to make use of the openssl extension, you'll need to set the mode manually, yourself. The reason * Crypt_RSA doesn't do it is because OpenSSL doesn't fail gracefully. openssl_pkey_new(), in particular, requires * openssl.cnf be present somewhere and, unfortunately, the only real way to find out is too late. * * @return Crypt_RSA * @access public / function __construct() { if (!class_exists('Math_BigInteger')) { include_once 'Math/BigInteger.php'; } $this->configFile = CRYPT_RSA_OPENSSL_CONFIG; if (!defined('CRYPT_RSA_MODE')) { switch (true) { // Math/BigInteger's openssl requirements are a little less stringent than Crypt/RSA's. in particular, // Math/BigInteger doesn't require an openssl.cfg file whereas Crypt/RSA does. so if Math/BigInteger // can't use OpenSSL it can be pretty trivially assumed, then, that Crypt/RSA can't either. case defined('MATH_BIGINTEGER_OPENSSL_DISABLE'): define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); break; // openssl_pkey_get_details - which is used in the only place Crypt/RSA.php uses OpenSSL - was introduced in PHP 5.2.0 case !function_exists('openssl_pkey_get_details'): define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); break; case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>=') && file_exists($this->configFile): // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work ob_start(); @phpinfo(); $content = ob_get_contents(); ob_end_clean(); preg_match_all('#OpenSSL (Header\|Library) Version(.)#im', $content, $matches); $versions = array(); if (!empty($matches[1])) { for ($i = 0; $i < count($matches[1]); $i++) { $fullVersion = trim(str_replace('=>', '', strip_tags($matches[2][$i]))); // Remove letter part in OpenSSL version if (!preg_match('/(\d+\.\d+\.\d+)/i', $fullVersion, $m)) { $versions[$matches[1][$i]] = $fullVersion; } else { $versions[$matches[1][$i]] = $m[0]; } } } // it doesn't appear that OpenSSL versions were reported upon until PHP 5.3+ switch (true) { case !isset($versions['Header']): case !isset($versions['Library']): case $versions['Header'] == $versions['Library']: case version_compare($versions['Header'], '1.0.0') >= 0 && version_compare($versions['Library'], '1.0.0') >= 0: define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_OPENSSL); break; default: define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); define('MATH_BIGINTEGER_OPENSSL_DISABLE', true); } break; default: define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); } } $this->zero = new Math_BigInteger(); $this->one = new Math_BigInteger(1); $this->hash = new Crypt_Hash('sha1'); $this->hLen = $this->hash->getLength(); $this->hashName = 'sha1'; $this->mgfHash = new Crypt_Hash('sha1'); $this->mgfHLen = $this->mgfHash->getLength(); } /** * PHP4 compatible Default Constructor. * * @see self::__construct() * @access public / function Crypt_RSA() { $this->__construct(); } /* * Create public / private key pair * * Returns an array with the following three elements: * - 'privatekey': The private key. * - 'publickey': The public key. * - 'partialkey': A partially computed key (if the execution time exceeded $timeout). * Will need to be passed back to Crypt_RSA::createKey() as the third parameter for further processing. * * @access public * @param int $bits * @param int $timeout * @param Math_BigInteger $p / function createKey($bits = 1024, $timeout = false, $partial = array()) { if (!defined('CRYPT_RSA_EXPONENT')) { // http://en.wikipedia.org/wiki/65537_%28number%29 define('CRYPT_RSA_EXPONENT', '65537'); } // per <http://cseweb.ucsd.edu/~hovav/dist/survey.pdf#page=5>, this number ought not result in primes smaller // than 256 bits. as a consequence if the key you're trying to create is 1024 bits and you've set CRYPT_RSA_SMALLEST_PRIME // to 384 bits then you're going to get a 384 bit prime and a 640 bit prime (384 + 1024 % 384). at least if // CRYPT_RSA_MODE is set to CRYPT_RSA_MODE_INTERNAL. if CRYPT_RSA_MODE is set to CRYPT_RSA_MODE_OPENSSL then // CRYPT_RSA_SMALLEST_PRIME is ignored (ie. multi-prime RSA support is more intended as a way to speed up RSA key // generation when there's a chance neither gmp nor OpenSSL are installed) if (!defined('CRYPT_RSA_SMALLEST_PRIME')) { define('CRYPT_RSA_SMALLEST_PRIME', 4096); } // OpenSSL uses 65537 as the exponent and requires RSA keys be 384 bits minimum if (CRYPT_RSA_MODE == CRYPT_RSA_MODE_OPENSSL && $bits >= 384 && CRYPT_RSA_EXPONENT == 65537) { $config = array(); if (isset($this->configFile)) { $config['config'] = $this->configFile; } $rsa = openssl_pkey_new(array('private_key_bits' => $bits) + $config); openssl_pkey_export($rsa, $privatekey, null, $config); $publickey = openssl_pkey_get_details($rsa); $publickey = $publickey['key']; $privatekey = call_user_func_array(array($this, '_convertPrivateKey'), array_values($this->_parseKey($privatekey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1))); $publickey = call_user_func_array(array($this, '_convertPublicKey'), array_values($this->_parseKey($publickey, CRYPT_RSA_PUBLIC_FORMAT_PKCS1))); // clear the buffer of error strings stemming from a minimalistic openssl.cnf while (openssl_error_string() !== false) { } return array( 'privatekey' => $privatekey, 'publickey' => $publickey, 'partialkey' => false ); } static $e; if (!isset($e)) { $e = new Math_BigInteger(CRYPT_RSA_EXPONENT); } extract($this->_generateMinMax($bits)); $absoluteMin = $min; $temp = $bits >> 1; // divide by two to see how many bits P and Q would be if ($temp > CRYPT_RSA_SMALLEST_PRIME) { $num_primes = floor($bits / CRYPT_RSA_SMALLEST_PRIME); $temp = CRYPT_RSA_SMALLEST_PRIME; } else { $num_primes = 2; } extract($this->_generateMinMax($temp + $bits % $temp)); $finalMax = $max; extract($this->_generateMinMax($temp)); $generator = new Math_BigInteger(); $n = $this->one->copy(); if (!empty($partial)) { extract(unserialize($partial)); } else { $exponents = $coefficients = $primes = array(); $lcm = array( 'top' => $this->one->copy(), 'bottom' => false ); } $start = time(); $i0 = count($primes) + 1; do { for ($i = $i0; $i <= $num_primes; $i++) { if ($timeout !== false) { $timeout-= time() - $start; $start = time(); if ($timeout <= 0) { return array( 'privatekey' => '', 'publickey' => '', 'partialkey' => serialize(array( 'primes' => $primes, 'coefficients' => $coefficients, 'lcm' => $lcm, 'exponents' => $exponents )) ); } } if ($i == $num_primes) { list($min, $temp) = $absoluteMin->divide($n); if (!$temp->equals($this->zero)) { $min = $min->add($this->one); // ie. ceil() } $primes[$i] = $generator->randomPrime($min, $finalMax, $timeout); } else { $primes[$i] = $generator->randomPrime($min, $max, $timeout); } if ($primes[$i] === false) { // if we've reached the timeout if (count($primes) > 1) { $partialkey = ''; } else { array_pop($primes); $partialkey = serialize(array( 'primes' => $primes, 'coefficients' => $coefficients, 'lcm' => $lcm, 'exponents' => $exponents )); } return array( 'privatekey' => '', 'publickey' => '', 'partialkey' => $partialkey ); } // the first coefficient is calculated differently from the rest // ie. instead of being $primes[1]->modInverse($primes[2]), it's $primes[2]->modInverse($primes[1]) if ($i > 2) { $coefficients[$i] = $n->modInverse($primes[$i]); } $n = $n->multiply($primes[$i]); $temp = $primes[$i]->subtract($this->one); // textbook RSA implementations use Euler's totient function instead of the least common multiple. // see http://en.wikipedia.org/wiki/Euler%27s_totient_function $lcm['top'] = $lcm['top']->multiply($temp); $lcm['bottom'] = $lcm['bottom'] === false ? $temp : $lcm['bottom']->gcd($temp); $exponents[$i] = $e->modInverse($temp); } list($temp) = $lcm['top']->divide($lcm['bottom']); $gcd = $temp->gcd($e); $i0 = 1; } while (!$gcd->equals($this->one)); $d = $e->modInverse($temp); $coefficients[2] = $primes[2]->modInverse($primes[1]); // from <http://tools.ietf.org/html/rfc3447#appendix-A.1.2>: // RSAPrivateKey ::= SEQUENCE { // version Version, // modulus INTEGER, -- n // publicExponent INTEGER, -- e // privateExponent INTEGER, -- d // prime1 INTEGER, -- p // prime2 INTEGER, -- q // exponent1 INTEGER, -- d mod (p-1) // exponent2 INTEGER, -- d mod (q-1) // coefficient INTEGER, -- (inverse of q) mod p // otherPrimeInfos OtherPrimeInfos OPTIONAL // } return array( 'privatekey' => $this->_convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients), 'publickey' => $this->_convertPublicKey($n, $e), 'partialkey' => false ); } /* * Convert a private key to the appropriate format. * * @access private * @see self::setPrivateKeyFormat() * @param string $RSAPrivateKey * @return string / function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients) { $signed = $this->privateKeyFormat != CRYPT_RSA_PRIVATE_FORMAT_XML; $num_primes = count($primes); $raw = array( 'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi 'modulus' => $n->toBytes($signed), 'publicExponent' => $e->toBytes($signed), 'privateExponent' => $d->toBytes($signed), 'prime1' => $primes[1]->toBytes($signed), 'prime2' => $primes[2]->toBytes($signed), 'exponent1' => $exponents[1]->toBytes($signed), 'exponent2' => $exponents[2]->toBytes($signed), 'coefficient' => $coefficients[2]->toBytes($signed) ); // if the format in question does not support multi-prime rsa and multi-prime rsa was used, // call _convertPublicKey() instead. switch ($this->privateKeyFormat) { case CRYPT_RSA_PRIVATE_FORMAT_XML: if ($num_primes != 2) { return false; } return "<RSAKeyValue>\r\n" . ' <Modulus>' . base64_encode($raw['modulus']) . "</Modulus>\r\n" . ' <Exponent>' . base64_encode($raw['publicExponent']) . "</Exponent>\r\n" . ' <P>' . base64_encode($raw['prime1']) . "</P>\r\n" . ' <Q>' . base64_encode($raw['prime2']) . "</Q>\r\n" . ' <DP>' . base64_encode($raw['exponent1']) . "</DP>\r\n" . ' <DQ>' . base64_encode($raw['exponent2']) . "</DQ>\r\n" . ' <InverseQ>' . base64_encode($raw['coefficient']) . "</InverseQ>\r\n" . ' <D>' . base64_encode($raw['privateExponent']) . "</D>\r\n" . '</RSAKeyValue>'; break; case CRYPT_RSA_PRIVATE_FORMAT_PUTTY: if ($num_primes != 2) { return false; } $key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: "; $encryption = (!empty($this->password) \|\| is_string($this->password)) ? 'aes256-cbc' : 'none'; $key.= $encryption; $key.= "\r\nComment: " . $this->comment . "\r\n"; $public = pack( 'NaNaNa', strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus'] ); $source = pack( 'NaNaNaNa', strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption, strlen($this->comment), $this->comment, strlen($public), $public ); $public = base64_encode($public); $key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n"; $key.= chunk_split($public, 64); $private = pack( 'NaNaNaNa', strlen($raw['privateExponent']), $raw['privateExponent'], strlen($raw['prime1']), $raw['prime1'], strlen($raw['prime2']), $raw['prime2'], strlen($raw['coefficient']), $raw['coefficient'] ); if (empty($this->password) && !is_string($this->password)) { $source.= pack('Na', strlen($private), $private); $hashkey = 'putty-private-key-file-mac-key'; } else { $private.= crypt_random_string(16 - (strlen($private) & 15)); $source.= pack('Na', strlen($private), $private); if (!class_exists('Crypt_AES')) { include_once 'Crypt/AES.php'; } $sequence = 0; $symkey = ''; while (strlen($symkey) < 32) { $temp = pack('Na', $sequence++, $this->password); $symkey.= pack('H', sha1($temp)); } $symkey = substr($symkey, 0, 32); $crypto = new Crypt_AES(); $crypto->setKey($symkey); $crypto->disablePadding(); $private = $crypto->encrypt($private); $hashkey = 'putty-private-key-file-mac-key' . $this->password; } $private = base64_encode($private); $key.= 'Private-Lines: ' . ((strlen($private) + 63) >> 6) . "\r\n"; $key.= chunk_split($private, 64); if (!class_exists('Crypt_Hash')) { include_once 'Crypt/Hash.php'; } $hash = new Crypt_Hash('sha1'); $hash->setKey(pack('H', sha1($hashkey))); $key.= 'Private-MAC: ' . bin2hex($hash->hash($source)) . "\r\n"; return $key; case CRYPT_RSA_PRIVATE_FORMAT_OPENSSH: if ($num_primes != 2) { return false; } $publicKey = pack('NaNaNa', strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus']); $privateKey = pack( 'NaNaNaNaNaNaNa', strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['modulus']), $raw['modulus'], strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['privateExponent']), $raw['privateExponent'], strlen($raw['coefficient']), $raw['coefficient'], strlen($raw['prime1']), $raw['prime1'], strlen($raw['prime2']), $raw['prime2'] ); $checkint = crypt_random_string(4); $paddedKey = pack( 'aNa', $checkint . $checkint . $privateKey, strlen($this->comment), $this->comment ); $paddingLength = (7 strlen($paddedKey)) % 8; for ($i = 1; $i <= $paddingLength; $i++) { $paddedKey.= chr($i); } $key = pack( 'NaNaNaNNaNa', strlen('none'), 'none', strlen('none'), 'none', 0, '', 1, strlen($publicKey), $publicKey, strlen($paddedKey), $paddedKey ); $key = "openssh-key-v1\0$key"; return "-----BEGIN OPENSSH PRIVATE KEY-----\r\n" . chunk_split(base64_encode($key), 70) . "-----END OPENSSH PRIVATE KEY-----"; default: // eg. CRYPT_RSA_PRIVATE_FORMAT_PKCS1 $components = array(); foreach ($raw as $name => $value) { $components[$name] = pack('Caa', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($value)), $value); } $RSAPrivateKey = implode('', $components); if ($num_primes > 2) { $OtherPrimeInfos = ''; for ($i = 3; $i <= $num_primes; $i++) { // OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo // // OtherPrimeInfo ::= SEQUENCE { // prime INTEGER, -- ri // exponent INTEGER, -- di // coefficient INTEGER -- ti // } $OtherPrimeInfo = pack('Caa', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true)); $OtherPrimeInfo.= pack('Caa', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true)); $OtherPrimeInfo.= pack('Caa', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true)); $OtherPrimeInfos.= pack('Caa', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo); } $RSAPrivateKey.= pack('Caa', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos); } $RSAPrivateKey = pack('Caa', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); if ($this->privateKeyFormat == CRYPT_RSA_PRIVATE_FORMAT_PKCS8) { $rsaOID = pack('H', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA $RSAPrivateKey = pack( 'CaaCaa', CRYPT_RSA_ASN1_INTEGER, "\01\00", $rsaOID, 4, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey ); $RSAPrivateKey = pack('Caa', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); if (!empty($this->password) \|\| is_string($this->password)) { $salt = crypt_random_string(8); $iterationCount = 2048; if (!class_exists('Crypt_DES')) { include_once 'Crypt/DES.php'; } $crypto = new Crypt_DES(); $crypto->setPassword($this->password, 'pbkdf1', 'md5', $salt, $iterationCount); $RSAPrivateKey = $crypto->encrypt($RSAPrivateKey); $parameters = pack( 'CaaCaN', CRYPT_RSA_ASN1_OCTETSTRING, $this->_encodeLength(strlen($salt)), $salt, CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(4), $iterationCount ); $pbeWithMD5AndDES_CBC = "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03"; $encryptionAlgorithm = pack( 'CaaCaa', CRYPT_RSA_ASN1_OBJECT, $this->_encodeLength(strlen($pbeWithMD5AndDES_CBC)), $pbeWithMD5AndDES_CBC, CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($parameters)), $parameters ); $RSAPrivateKey = pack( 'CaaCaa', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($encryptionAlgorithm)), $encryptionAlgorithm, CRYPT_RSA_ASN1_OCTETSTRING, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey ); $RSAPrivateKey = pack('Caa', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); $RSAPrivateKey = "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . chunk_split(base64_encode($RSAPrivateKey), 64) . '-----END ENCRYPTED PRIVATE KEY-----'; } else { $RSAPrivateKey = "-----BEGIN PRIVATE KEY-----\r\n" . chunk_split(base64_encode($RSAPrivateKey), 64) . '-----END PRIVATE KEY-----'; } return $RSAPrivateKey; } if (!empty($this->password) \|\| is_string($this->password)) { $iv = crypt_random_string(8); $symkey = pack('H', md5($this->password . $iv)); // symkey is short for symmetric key $symkey.= substr(pack('H', md5($symkey . $this->password . $iv)), 0, 8); if (!class_exists('Crypt_TripleDES')) { include_once 'Crypt/TripleDES.php'; } $des = new Crypt_TripleDES(); $des->setKey($symkey); $des->setIV($iv); $iv = strtoupper(bin2hex($iv)); $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . "Proc-Type: 4,ENCRYPTED\r\n" . "DEK-Info: DES-EDE3-CBC,$iv\r\n" . "\r\n" . chunk_split(base64_encode($des->encrypt($RSAPrivateKey)), 64) . '-----END RSA PRIVATE KEY-----'; } else { $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . chunk_split(base64_encode($RSAPrivateKey), 64) . '-----END RSA PRIVATE KEY-----'; } return $RSAPrivateKey; } } /* * Convert a public key to the appropriate format * * @access private * @see self::setPublicKeyFormat() * @param string $RSAPrivateKey * @return string / function _convertPublicKey($n, $e) { $signed = $this->publicKeyFormat != CRYPT_RSA_PUBLIC_FORMAT_XML; $modulus = $n->toBytes($signed); $publicExponent = $e->toBytes($signed); switch ($this->publicKeyFormat) { case CRYPT_RSA_PUBLIC_FORMAT_RAW: return array('e' => $e->copy(), 'n' => $n->copy()); case CRYPT_RSA_PUBLIC_FORMAT_XML: return "<RSAKeyValue>\r\n" . ' <Modulus>' . base64_encode($modulus) . "</Modulus>\r\n" . ' <Exponent>' . base64_encode($publicExponent) . "</Exponent>\r\n" . '</RSAKeyValue>'; break; case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH: // from <http://tools.ietf.org/html/rfc4253#page-15>: // string "ssh-rsa" // mpint e // mpint n $RSAPublicKey = pack('NaNaNa', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus); $RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . $this->comment; return $RSAPublicKey; default: // eg. CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW or CRYPT_RSA_PUBLIC_FORMAT_PKCS1 // from <http://tools.ietf.org/html/rfc3447#appendix-A.1.1>: // RSAPublicKey ::= SEQUENCE { // modulus INTEGER, -- n // publicExponent INTEGER -- e // } $components = array( 'modulus' => pack('Caa', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($modulus)), $modulus), 'publicExponent' => pack('Caa', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($publicExponent)), $publicExponent) ); $RSAPublicKey = pack( 'Caaa', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])), $components['modulus'], $components['publicExponent'] ); if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW) { $RSAPublicKey = "-----BEGIN RSA PUBLIC KEY-----\r\n" . chunk_split(base64_encode($RSAPublicKey), 64) . '-----END RSA PUBLIC KEY-----'; } else { // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption. $rsaOID = pack('H', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA $RSAPublicKey = chr(0) . $RSAPublicKey; $RSAPublicKey = chr(3) . $this->_encodeLength(strlen($RSAPublicKey)) . $RSAPublicKey; $RSAPublicKey = pack( 'Caa', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey ); $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . chunk_split(base64_encode($RSAPublicKey), 64) . '-----END PUBLIC KEY-----'; } return $RSAPublicKey; } } /** * Break a public or private key down into its constituant components * * @access private * @see self::_convertPublicKey() * @see self::_convertPrivateKey() * @param string $key * @param int $type * @return array / function _parseKey($key, $type) { if ($type != CRYPT_RSA_PUBLIC_FORMAT_RAW && !is_string($key)) { return false; } switch ($type) { case CRYPT_RSA_PUBLIC_FORMAT_RAW: if (!is_array($key)) { return false; } $components = array(); switch (true) { case isset($key['e']): $components['publicExponent'] = $key['e']->copy(); break; case isset($key['exponent']): $components['publicExponent'] = $key['exponent']->copy(); break; case isset($key['publicExponent']): $components['publicExponent'] = $key['publicExponent']->copy(); break; case isset($key[0]): $components['publicExponent'] = $key[0]->copy(); } switch (true) { case isset($key['n']): $components['modulus'] = $key['n']->copy(); break; case isset($key['modulo']): $components['modulus'] = $key['modulo']->copy(); break; case isset($key['modulus']): $components['modulus'] = $key['modulus']->copy(); break; case isset($key[1]): $components['modulus'] = $key[1]->copy(); } return isset($components['modulus']) && isset($components['publicExponent']) ? $components : false; case CRYPT_RSA_PRIVATE_FORMAT_PKCS1: case CRYPT_RSA_PRIVATE_FORMAT_PKCS8: case CRYPT_RSA_PUBLIC_FORMAT_PKCS1: / Although PKCS#1 proposes a format that public and private keys can use, encrypting them is "outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here: http://tools.ietf.org/html/rfc1421#section-4.6.1.1 http://tools.ietf.org/html/rfc1421#section-4.6.1.3 DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell. DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's own implementation. ie. the implementation is the standard and any bugs that may exist in that implementation are part of the standard, as well. * OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects / if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) { $iv = pack('H', trim($matches[2])); $symkey = pack('H', md5($this->password . substr($iv, 0, 8))); // symkey is short for symmetric key $symkey.= pack('H', md5($symkey . $this->password . substr($iv, 0, 8))); // remove the Proc-Type / DEK-Info sections as they're no longer needed $key = preg_replace('#^(?:Proc-Type\|DEK-Info): .#m', '', $key); $ciphertext = $this->_extractBER($key); if ($ciphertext === false) { $ciphertext = $key; } switch ($matches[1]) { case 'AES-256-CBC': if (!class_exists('Crypt_AES')) { include_once 'Crypt/AES.php'; } $crypto = new Crypt_AES(); break; case 'AES-128-CBC': if (!class_exists('Crypt_AES')) { include_once 'Crypt/AES.php'; } $symkey = substr($symkey, 0, 16); $crypto = new Crypt_AES(); break; case 'DES-EDE3-CFB': if (!class_exists('Crypt_TripleDES')) { include_once 'Crypt/TripleDES.php'; } $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CFB); break; case 'DES-EDE3-CBC': if (!class_exists('Crypt_TripleDES')) { include_once 'Crypt/TripleDES.php'; } $symkey = substr($symkey, 0, 24); $crypto = new Crypt_TripleDES(); break; case 'DES-CBC': if (!class_exists('Crypt_DES')) { include_once 'Crypt/DES.php'; } $crypto = new Crypt_DES(); break; default: return false; } $crypto->setKey($symkey); $crypto->setIV($iv); $decoded = $crypto->decrypt($ciphertext); } else { $decoded = $this->_extractBER($key); } if ($decoded !== false) { $key = $decoded; } $components = array(); if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) { return false; } if ($this->_decodeLength($key) != strlen($key)) { return false; } $tag = ord($this->_string_shift($key)); / intended for keys for which OpenSSL's asn1parse returns the following: 0:d=0 hl=4 l= 631 cons: SEQUENCE 4:d=1 hl=2 l= 1 prim: INTEGER :00 7:d=1 hl=2 l= 13 cons: SEQUENCE 9:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 20:d=2 hl=2 l= 0 prim: NULL 22:d=1 hl=4 l= 609 prim: OCTET STRING ie. PKCS8 keys/ if ($tag == CRYPT_RSA_ASN1_INTEGER && substr($key, 0, 3) == "\x01\x00\x30") { $this->_string_shift($key, 3); $tag = CRYPT_RSA_ASN1_SEQUENCE; } if ($tag == CRYPT_RSA_ASN1_SEQUENCE) { $temp = $this->_string_shift($key, $this->_decodeLength($key)); if (ord($this->_string_shift($temp)) != CRYPT_RSA_ASN1_OBJECT) { return false; } $length = $this->_decodeLength($temp); switch ($this->_string_shift($temp, $length)) { case "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01": // rsaEncryption break; case "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03": // pbeWithMD5AndDES-CBC / PBEParameter ::= SEQUENCE { salt OCTET STRING (SIZE(8)), iterationCount INTEGER } / if (ord($this->_string_shift($temp)) != CRYPT_RSA_ASN1_SEQUENCE) { return false; } if ($this->_decodeLength($temp) != strlen($temp)) { return false; } $this->_string_shift($temp); // assume it's an octet string $salt = $this->_string_shift($temp, $this->_decodeLength($temp)); if (ord($this->_string_shift($temp)) != CRYPT_RSA_ASN1_INTEGER) { return false; } $this->_decodeLength($temp); list(, $iterationCount) = unpack('N', str_pad($temp, 4, chr(0), STR_PAD_LEFT)); $this->_string_shift($key); // assume it's an octet string $length = $this->_decodeLength($key); if (strlen($key) != $length) { return false; } if (!class_exists('Crypt_DES')) { include_once 'Crypt/DES.php'; } $crypto = new Crypt_DES(); $crypto->setPassword($this->password, 'pbkdf1', 'md5', $salt, $iterationCount); $key = $crypto->decrypt($key); if ($key === false) { return false; } return $this->_parseKey($key, CRYPT_RSA_PRIVATE_FORMAT_PKCS1); default: return false; } / intended for keys for which OpenSSL's asn1parse returns the following: 0:d=0 hl=4 l= 290 cons: SEQUENCE 4:d=1 hl=2 l= 13 cons: SEQUENCE 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 17:d=2 hl=2 l= 0 prim: NULL 19:d=1 hl=4 l= 271 prim: BIT STRING / $tag = ord($this->_string_shift($key)); // skip over the BIT STRING / OCTET STRING tag $this->_decodeLength($key); // skip over the BIT STRING / OCTET STRING length // "The initial octet shall encode, as an unsigned binary integer wtih bit 1 as the least significant bit, the number of // unused bits in the final subsequent octet. The number shall be in the range zero to seven." // -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf (section 8.6.2.2) if ($tag == CRYPT_RSA_ASN1_BITSTRING) { $this->_string_shift($key); } if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) { return false; } if ($this->_decodeLength($key) != strlen($key)) { return false; } $tag = ord($this->_string_shift($key)); } if ($tag != CRYPT_RSA_ASN1_INTEGER) { return false; } $length = $this->_decodeLength($key); $temp = $this->_string_shift($key, $length); if (strlen($temp) != 1 \|\| ord($temp) > 2) { $components['modulus'] = new Math_BigInteger($temp, 256); $this->_string_shift($key); // skip over CRYPT_RSA_ASN1_INTEGER $length = $this->_decodeLength($key); $components[$type == CRYPT_RSA_PUBLIC_FORMAT_PKCS1 ? 'publicExponent' : 'privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256); return $components; } if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_INTEGER) { return false; } $length = $this->_decodeLength($key); $components['modulus'] = new Math_BigInteger($this->_string_shift($key, $length), 256); $this->_string_shift($key); $length = $this->_decodeLength($key); $components['publicExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256); $this->_string_shift($key); $length = $this->_decodeLength($key); $components['privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256); $this->_string_shift($key); $length = $this->_decodeLength($key); $components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), 256)); $this->_string_shift($key); $length = $this->_decodeLength($key); $components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); $this->_string_shift($key); $length = $this->_decodeLength($key); $components['exponents'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), 256)); $this->_string_shift($key); $length = $this->_decodeLength($key); $components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); $this->_string_shift($key); $length = $this->_decodeLength($key); $components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($key, $length), 256)); if (!empty($key)) { if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) { return false; } $this->_decodeLength($key); while (!empty($key)) { if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) { return false; } $this->_decodeLength($key); $key = substr($key, 1); $length = $this->_decodeLength($key); $components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); $this->_string_shift($key); $length = $this->_decodeLength($key); $components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); $this->_string_shift($key); $length = $this->_decodeLength($key); $components['coefficients'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); } } return $components; case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH: $parts = explode(' ', $key, 3); $key = isset($parts[1]) ? base64_decode($parts[1]) : false; if ($key === false) { return false; } $comment = isset($parts[2]) ? $parts[2] : false; $cleanup = substr($key, 0, 11) == "\0\0\0\7ssh-rsa"; if (strlen($key) <= 4) { return false; } extract(unpack('Nlength', $this->_string_shift($key, 4))); $publicExponent = new Math_BigInteger($this->_string_shift($key, $length), -256); if (strlen($key) <= 4) { return false; } extract(unpack('Nlength', $this->_string_shift($key, 4))); $modulus = new Math_BigInteger($this->_string_shift($key, $length), -256); if ($cleanup && strlen($key)) { if (strlen($key) <= 4) { return false; } extract(unpack('Nlength', $this->_string_shift($key, 4))); $realModulus = new Math_BigInteger($this->_string_shift($key, $length), -256); return strlen($key) ? false : array( 'modulus' => $realModulus, 'publicExponent' => $modulus, 'comment' => $comment ); } else { return strlen($key) ? false : array( 'modulus' => $modulus, 'publicExponent' => $publicExponent, 'comment' => $comment ); } // http://www.w3.org/TR/xmldsig-core/#sec-RSAKeyValue // http://en.wikipedia.org/wiki/XML_Signature case CRYPT_RSA_PRIVATE_FORMAT_XML: case CRYPT_RSA_PUBLIC_FORMAT_XML: $this->components = array(); $xml = xml_parser_create('UTF-8'); xml_set_object($xml, $this); xml_set_element_handler($xml, '_start_element_handler', '_stop_element_handler'); xml_set_character_data_handler($xml, '_data_handler'); // add <xml></xml> to account for "dangling" tags like <BitStrength>...</BitStrength> that are sometimes added if (!xml_parse($xml, '<xml>' . $key . '</xml>')) { xml_parser_free($xml); unset($xml); return false; } xml_parser_free($xml); unset($xml); return isset($this->components['modulus']) && isset($this->components['publicExponent']) ? $this->components : false; // from PuTTY's SSHPUBK.C case CRYPT_RSA_PRIVATE_FORMAT_PUTTY: $components = array(); $key = preg_split('#\r\n\|\r\|\n#', $key); $type = trim(preg_replace('#PuTTY-User-Key-File-2: (.+)#', '$1', $key[0])); if ($type != 'ssh-rsa') { return false; } $encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1])); $comment = trim(preg_replace('#Comment: (.+)#', '$1', $key[2])); $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3])); $public = base64_decode(implode('', array_map('trim', array_slice($key, 4, $publicLength)))); $public = substr($public, 11); extract(unpack('Nlength', $this->_string_shift($public, 4))); $components['publicExponent'] = new Math_BigInteger($this->_string_shift($public, $length), -256); extract(unpack('Nlength', $this->_string_shift($public, 4))); $components['modulus'] = new Math_BigInteger($this->_string_shift($public, $length), -256); $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4])); $private = base64_decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength)))); switch ($encryption) { case 'aes256-cbc': if (!class_exists('Crypt_AES')) { include_once 'Crypt/AES.php'; } $symkey = ''; $sequence = 0; while (strlen($symkey) < 32) { $temp = pack('Na', $sequence++, $this->password); $symkey.= pack('H', sha1($temp)); } $symkey = substr($symkey, 0, 32); $crypto = new Crypt_AES(); } if ($encryption != 'none') { $crypto->setKey($symkey); $crypto->disablePadding(); $private = $crypto->decrypt($private); if ($private === false) { return false; } } extract(unpack('Nlength', $this->_string_shift($private, 4))); if (strlen($private) < $length) { return false; } $components['privateExponent'] = new Math_BigInteger($this->_string_shift($private, $length), -256); extract(unpack('Nlength', $this->_string_shift($private, 4))); if (strlen($private) < $length) { return false; } $components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($private, $length), -256)); extract(unpack('Nlength', $this->_string_shift($private, 4))); if (strlen($private) < $length) { return false; } $components['primes'][] = new Math_BigInteger($this->_string_shift($private, $length), -256); $temp = $components['primes'][1]->subtract($this->one); $components['exponents'] = array(1 => $components['publicExponent']->modInverse($temp)); $temp = $components['primes'][2]->subtract($this->one); $components['exponents'][] = $components['publicExponent']->modInverse($temp); extract(unpack('Nlength', $this->_string_shift($private, 4))); if (strlen($private) < $length) { return false; } $components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($private, $length), -256)); return $components; case CRYPT_RSA_PRIVATE_FORMAT_OPENSSH: $components = array(); $decoded = $this->_extractBER($key); $magic = $this->_string_shift($decoded, 15); if ($magic !== "openssh-key-v1\0") { return false; } $options = $this->_string_shift($decoded, 24); // \0\0\0\4none = ciphername // \0\0\0\4none = kdfname // \0\0\0\0 = kdfoptions // \0\0\0\1 = numkeys if ($options != "\0\0\0\4none\0\0\0\4none\0\0\0\0\0\0\0\1") { return false; } extract(unpack('Nlength', $this->_string_shift($decoded, 4))); if (strlen($decoded) < $length) { return false; } $publicKey = $this->_string_shift($decoded, $length); extract(unpack('Nlength', $this->_string_shift($decoded, 4))); if (strlen($decoded) < $length) { return false; } $paddedKey = $this->_string_shift($decoded, $length); if ($this->_string_shift($publicKey, 11) !== "\0\0\0\7ssh-rsa") { return false; } $checkint1 = $this->_string_shift($paddedKey, 4); $checkint2 = $this->_string_shift($paddedKey, 4); if (strlen($checkint1) != 4 \|\| $checkint1 !== $checkint2) { return false; } if ($this->_string_shift($paddedKey, 11) !== "\0\0\0\7ssh-rsa") { return false; } $values = array( &$components['modulus'], &$components['publicExponent'], &$components['privateExponent'], &$components['coefficients'][2], &$components['primes'][1], &$components['primes'][2] ); foreach ($values as &$value) { extract(unpack('Nlength', $this->_string_shift($paddedKey, 4))); if (strlen($paddedKey) < $length) { return false; } $value = new Math_BigInteger($this->_string_shift($paddedKey, $length), -256); } extract(unpack('Nlength', $this->_string_shift($paddedKey, 4))); if (strlen($paddedKey) < $length) { return false; } $components['comment'] = $this->_string_shift($decoded, $length); $temp = $components['primes'][1]->subtract($this->one); $components['exponents'] = array(1 => $components['publicExponent']->modInverse($temp)); $temp = $components['primes'][2]->subtract($this->one); $components['exponents'][] = $components['publicExponent']->modInverse($temp); return $components; } } /* * Returns the key size * * More specifically, this returns the size of the modulo in bits. * * @access public * @return int / function getSize() { return !isset($this->modulus) ? 0 : strlen($this->modulus->toBits()); } /* * Start Element Handler * * Called by xml_set_element_handler() * * @access private * @param resource $parser * @param string $name * @param array $attribs / function _start_element_handler($parser, $name, $attribs) { //$name = strtoupper($name); switch ($name) { case 'MODULUS': $this->current = &$this->components['modulus']; break; case 'EXPONENT': $this->current = &$this->components['publicExponent']; break; case 'P': $this->current = &$this->components['primes'][1]; break; case 'Q': $this->current = &$this->components['primes'][2]; break; case 'DP': $this->current = &$this->components['exponents'][1]; break; case 'DQ': $this->current = &$this->components['exponents'][2]; break; case 'INVERSEQ': $this->current = &$this->components['coefficients'][2]; break; case 'D': $this->current = &$this->components['privateExponent']; } $this->current = ''; } /* * Stop Element Handler * * Called by xml_set_element_handler() * * @access private * @param resource $parser * @param string $name / function _stop_element_handler($parser, $name) { if (isset($this->current)) { $this->current = new Math_BigInteger(base64_decode($this->current), 256); unset($this->current); } } /* * Data Handler * * Called by xml_set_character_data_handler() * * @access private * @param resource $parser * @param string $data / function _data_handler($parser, $data) { if (!isset($this->current) \|\| is_object($this->current)) { return; } $this->current.= trim($data); } /* * Loads a public or private key * * Returns true on success and false on failure (ie. an incorrect password was provided or the key was malformed) * * @access public * @param string $key * @param int $type optional / function loadKey($key, $type = false) { if (is_object($key) && strtolower(get_class($key)) == 'crypt_rsa') { $this->privateKeyFormat = $key->privateKeyFormat; $this->publicKeyFormat = $key->publicKeyFormat; $this->k = $key->k; $this->hLen = $key->hLen; $this->sLen = $key->sLen; $this->mgfHLen = $key->mgfHLen; $this->encryptionMode = $key->encryptionMode; $this->signatureMode = $key->signatureMode; $this->password = $key->password; $this->configFile = $key->configFile; $this->comment = $key->comment; if (is_object($key->hash)) { $this->hash = new Crypt_Hash($key->hash->getHash()); } if (is_object($key->mgfHash)) { $this->mgfHash = new Crypt_Hash($key->mgfHash->getHash()); } if (is_object($key->modulus)) { $this->modulus = $key->modulus->copy(); } if (is_object($key->exponent)) { $this->exponent = $key->exponent->copy(); } if (is_object($key->publicExponent)) { $this->publicExponent = $key->publicExponent->copy(); } $this->primes = array(); $this->exponents = array(); $this->coefficients = array(); foreach ($this->primes as $prime) { $this->primes[] = $prime->copy(); } foreach ($this->exponents as $exponent) { $this->exponents[] = $exponent->copy(); } foreach ($this->coefficients as $coefficient) { $this->coefficients[] = $coefficient->copy(); } return true; } if ($type === false) { $types = array( CRYPT_RSA_PUBLIC_FORMAT_RAW, CRYPT_RSA_PRIVATE_FORMAT_PKCS1, CRYPT_RSA_PRIVATE_FORMAT_XML, CRYPT_RSA_PRIVATE_FORMAT_PUTTY, CRYPT_RSA_PUBLIC_FORMAT_OPENSSH, CRYPT_RSA_PRIVATE_FORMAT_OPENSSH ); foreach ($types as $type) { $components = $this->_parseKey($key, $type); if ($components !== false) { break; } } } else { $components = $this->_parseKey($key, $type); } if ($components === false) { $this->comment = null; $this->modulus = null; $this->k = null; $this->exponent = null; $this->primes = null; $this->exponents = null; $this->coefficients = null; $this->publicExponent = null; return false; } if (isset($components['comment']) && $components['comment'] !== false) { $this->comment = $components['comment']; } $this->modulus = $components['modulus']; $this->k = strlen($this->modulus->toBytes()); $this->exponent = isset($components['privateExponent']) ? $components['privateExponent'] : $components['publicExponent']; if (isset($components['primes'])) { $this->primes = $components['primes']; $this->exponents = $components['exponents']; $this->coefficients = $components['coefficients']; $this->publicExponent = $components['publicExponent']; } else { $this->primes = array(); $this->exponents = array(); $this->coefficients = array(); $this->publicExponent = false; } switch ($type) { case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH: case CRYPT_RSA_PUBLIC_FORMAT_RAW: $this->setPublicKey(); break; case CRYPT_RSA_PRIVATE_FORMAT_PKCS1: switch (true) { case strpos($key, '-BEGIN PUBLIC KEY-') !== false: case strpos($key, '-BEGIN RSA PUBLIC KEY-') !== false: $this->setPublicKey(); } } return true; } /* * Sets the password * * Private keys can be encrypted with a password. To unset the password, pass in the empty string or false. * Or rather, pass in $password such that empty($password) && !is_string($password) is true. * * @see self::createKey() * @see self::loadKey() * @access public * @param string $password / function setPassword($password = false) { $this->password = $password; } /* * Defines the public key * * Some private key formats define the public exponent and some don't. Those that don't define it are problematic when * used in certain contexts. For example, in SSH-2, RSA authentication works by sending the public key along with a * message signed by the private key to the server. The SSH-2 server looks the public key up in an index of public keys * and if it's present then proceeds to verify the signature. Problem is, if your private key doesn't include the public * exponent this won't work unless you manually add the public exponent. phpseclib tries to guess if the key being used * is the public key but in the event that it guesses incorrectly you might still want to explicitly set the key as being * public. * * Do note that when a new key is loaded the index will be cleared. * * Returns true on success, false on failure * * @see self::getPublicKey() * @access public * @param string $key optional * @param int $type optional * @return bool / function setPublicKey($key = false, $type = false) { // if a public key has already been loaded return false if (!empty($this->publicExponent)) { return false; } if ($key === false && !empty($this->modulus)) { $this->publicExponent = $this->exponent; return true; } if ($type === false) { $types = array( CRYPT_RSA_PUBLIC_FORMAT_RAW, CRYPT_RSA_PUBLIC_FORMAT_PKCS1, CRYPT_RSA_PUBLIC_FORMAT_XML, CRYPT_RSA_PUBLIC_FORMAT_OPENSSH ); foreach ($types as $type) { $components = $this->_parseKey($key, $type); if ($components !== false) { break; } } } else { $components = $this->_parseKey($key, $type); } if ($components === false) { return false; } if (empty($this->modulus) \|\| !$this->modulus->equals($components['modulus'])) { $this->modulus = $components['modulus']; $this->exponent = $this->publicExponent = $components['publicExponent']; return true; } $this->publicExponent = $components['publicExponent']; return true; } /* * Defines the private key * * If phpseclib guessed a private key was a public key and loaded it as such it might be desirable to force * phpseclib to treat the key as a private key. This function will do that. * * Do note that when a new key is loaded the index will be cleared. * * Returns true on success, false on failure * * @see self::getPublicKey() * @access public * @param string $key optional * @param int $type optional * @return bool / function setPrivateKey($key = false, $type = false) { if ($key === false && !empty($this->publicExponent)) { $this->publicExponent = false; return true; } $rsa = new Crypt_RSA(); if (!$rsa->loadKey($key, $type)) { return false; } $rsa->publicExponent = false; // don't overwrite the old key if the new key is invalid $this->loadKey($rsa); return true; } /* * Returns the public key * * The public key is only returned under two circumstances - if the private key had the public key embedded within it * or if the public key was set via setPublicKey(). If the currently loaded key is supposed to be the public key this * function won't return it since this library, for the most part, doesn't distinguish between public and private keys. * * @see self::getPublicKey() * @access public * @param string $key * @param int $type optional / function getPublicKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS8) { if (empty($this->modulus) \|\| empty($this->publicExponent)) { return false; } $oldFormat = $this->publicKeyFormat; $this->publicKeyFormat = $type; $temp = $this->_convertPublicKey($this->modulus, $this->publicExponent); $this->publicKeyFormat = $oldFormat; return $temp; } /* * Returns the public key's fingerprint * * The public key's fingerprint is returned, which is equivalent to running `ssh-keygen -lf rsa.pub`. If there is * no public key currently loaded, false is returned. * Example output (md5): "c1:b1:30:29:d7:b8:de:6c:97:77:10:d7:46:41:63:87" (as specified by RFC 4716) * * @access public * @param string $algorithm The hashing algorithm to be used. Valid options are 'md5' and 'sha256'. False is returned * for invalid values. * @return mixed / function getPublicKeyFingerprint($algorithm = 'md5') { if (empty($this->modulus) \|\| empty($this->publicExponent)) { return false; } $modulus = $this->modulus->toBytes(true); $publicExponent = $this->publicExponent->toBytes(true); $RSAPublicKey = pack('NaNaNa', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus); switch ($algorithm) { case 'sha256': $hash = new Crypt_Hash('sha256'); $base = base64_encode($hash->hash($RSAPublicKey)); return substr($base, 0, strlen($base) - 1); case 'md5': return substr(chunk_split(md5($RSAPublicKey), 2, ':'), 0, -1); default: return false; } } /** * Returns the private key * * The private key is only returned if the currently loaded key contains the constituent prime numbers. * * @see self::getPublicKey() * @access public * @param string $key * @param int $type optional * @return mixed / function getPrivateKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1) { if (empty($this->primes)) { return false; } $oldFormat = $this->privateKeyFormat; $this->privateKeyFormat = $type; $temp = $this->_convertPrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients); $this->privateKeyFormat = $oldFormat; return $temp; } /* * Returns a minimalistic private key * * Returns the private key without the prime number constituants. Structurally identical to a public key that * hasn't been set as the public key * * @see self::getPrivateKey() * @access private * @param string $key * @param int $type optional / function _getPrivatePublicKey($mode = CRYPT_RSA_PUBLIC_FORMAT_PKCS8) { if (empty($this->modulus) \|\| empty($this->exponent)) { return false; } $oldFormat = $this->publicKeyFormat; $this->publicKeyFormat = $mode; $temp = $this->_convertPublicKey($this->modulus, $this->exponent); $this->publicKeyFormat = $oldFormat; return $temp; } /* * __toString() magic method * * @access public * @return string / function __toString() { $key = $this->getPrivateKey($this->privateKeyFormat); if ($key !== false) { return $key; } $key = $this->_getPrivatePublicKey($this->publicKeyFormat); return $key !== false ? $key : ''; } /* * __clone() magic method * * @access public * @return Crypt_RSA / function __clone() { $key = new Crypt_RSA(); $key->loadKey($this); return $key; } /* * Generates the smallest and largest numbers requiring $bits bits * * @access private * @param int $bits * @return array / function _generateMinMax($bits) { $bytes = $bits >> 3; $min = str_repeat(chr(0), $bytes); $max = str_repeat(chr(0xFF), $bytes); $msb = $bits & 7; if ($msb) { $min = chr(1 << ($msb - 1)) . $min; $max = chr((1 << $msb) - 1) . $max; } else { $min[0] = chr(0x80); } return array( 'min' => new Math_BigInteger($min, 256), 'max' => new Math_BigInteger($max, 256) ); } /* * DER-decode the length * * DER supports lengths up to (28)127, however, we'll only support lengths up to (28)4. See * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. * * @access private * @param string $string * @return int / function _decodeLength(&$string) { $length = ord($this->_string_shift($string)); if ($length & 0x80) { // definite length, long form $length&= 0x7F; $temp = $this->_string_shift($string, $length); list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)); } return $length; } /* * DER-encode the length * * DER supports lengths up to (28)127, however, we'll only support lengths up to (28)4. See * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. * * @access private * @param int $length * @return string / function _encodeLength($length) { if ($length <= 0x7F) { return chr($length); } $temp = ltrim(pack('N', $length), chr(0)); return pack('Ca', 0x80 \| strlen($temp), $temp); } /** * String Shift * * Inspired by array_shift * * @param string $string * @param int $index * @return string * @access private / function _string_shift(&$string, $index = 1) { $substr = substr($string, 0, $index); $string = substr($string, $index); return $substr; } /* * Determines the private key format * * @see self::createKey() * @access public * @param int $format / function setPrivateKeyFormat($format) { $this->privateKeyFormat = $format; } /* * Determines the public key format * * @see self::createKey() * @access public * @param int $format / function setPublicKeyFormat($format) { $this->publicKeyFormat = $format; } /* * Determines which hashing function should be used * * Used with signature production / verification and (if the encryption mode is CRYPT_RSA_ENCRYPTION_OAEP) encryption and * decryption. If $hash isn't supported, sha1 is used. * * @access public * @param string $hash / function setHash($hash) { // Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. switch ($hash) { case 'md2': case 'md5': case 'sha1': case 'sha256': case 'sha384': case 'sha512': $this->hash = new Crypt_Hash($hash); $this->hashName = $hash; break; default: $this->hash = new Crypt_Hash('sha1'); $this->hashName = 'sha1'; } $this->hLen = $this->hash->getLength(); } /* * Determines which hashing function should be used for the mask generation function * * The mask generation function is used by CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_SIGNATURE_PSS and although it's * best if Hash and MGFHash are set to the same thing this is not a requirement. * * @access public * @param string $hash / function setMGFHash($hash) { // Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. switch ($hash) { case 'md2': case 'md5': case 'sha1': case 'sha256': case 'sha384': case 'sha512': $this->mgfHash = new Crypt_Hash($hash); break; default: $this->mgfHash = new Crypt_Hash('sha1'); } $this->mgfHLen = $this->mgfHash->getLength(); } /* * Determines the salt length * * To quote from {@link http://tools.ietf.org/html/rfc3447#page-38 RFC3447#page-38}: * * Typical salt lengths in octets are hLen (the length of the output * of the hash function Hash) and 0. * * @access public * @param int $format / function setSaltLength($sLen) { $this->sLen = $sLen; } /* * Integer-to-Octet-String primitive * * See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}. * * @access private * @param Math_BigInteger $x * @param int $xLen * @return string / function _i2osp($x, $xLen) { $x = $x->toBytes(); if (strlen($x) > $xLen) { user_error('Integer too large'); return false; } return str_pad($x, $xLen, chr(0), STR_PAD_LEFT); } /* * Octet-String-to-Integer primitive * * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}. * * @access private * @param string $x * @return Math_BigInteger / function _os2ip($x) { return new Math_BigInteger($x, 256); } /* * Exponentiate with or without Chinese Remainder Theorem * * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.2}. * * @access private * @param Math_BigInteger $x * @return Math_BigInteger / function _exponentiate($x) { switch (true) { case empty($this->primes): case $this->primes[1]->equals($this->zero): case empty($this->coefficients): case $this->coefficients[2]->equals($this->zero): case empty($this->exponents): case $this->exponents[1]->equals($this->zero): return $x->modPow($this->exponent, $this->modulus); } $num_primes = count($this->primes); if (defined('CRYPT_RSA_DISABLE_BLINDING')) { $m_i = array( 1 => $x->modPow($this->exponents[1], $this->primes[1]), 2 => $x->modPow($this->exponents[2], $this->primes[2]) ); $h = $m_i[1]->subtract($m_i[2]); $h = $h->multiply($this->coefficients[2]); list(, $h) = $h->divide($this->primes[1]); $m = $m_i[2]->add($h->multiply($this->primes[2])); $r = $this->primes[1]; for ($i = 3; $i <= $num_primes; $i++) { $m_i = $x->modPow($this->exponents[$i], $this->primes[$i]); $r = $r->multiply($this->primes[$i - 1]); $h = $m_i->subtract($m); $h = $h->multiply($this->coefficients[$i]); list(, $h) = $h->divide($this->primes[$i]); $m = $m->add($r->multiply($h)); } } else { $smallest = $this->primes[1]; for ($i = 2; $i <= $num_primes; $i++) { if ($smallest->compare($this->primes[$i]) > 0) { $smallest = $this->primes[$i]; } } $one = new Math_BigInteger(1); $r = $one->random($one, $smallest->subtract($one)); $m_i = array( 1 => $this->_blind($x, $r, 1), 2 => $this->_blind($x, $r, 2) ); $h = $m_i[1]->subtract($m_i[2]); $h = $h->multiply($this->coefficients[2]); list(, $h) = $h->divide($this->primes[1]); $m = $m_i[2]->add($h->multiply($this->primes[2])); $r = $this->primes[1]; for ($i = 3; $i <= $num_primes; $i++) { $m_i = $this->_blind($x, $r, $i); $r = $r->multiply($this->primes[$i - 1]); $h = $m_i->subtract($m); $h = $h->multiply($this->coefficients[$i]); list(, $h) = $h->divide($this->primes[$i]); $m = $m->add($r->multiply($h)); } } return $m; } /* * Performs RSA Blinding * * Protects against timing attacks by employing RSA Blinding. * Returns $x->modPow($this->exponents[$i], $this->primes[$i]) * * @access private * @param Math_BigInteger $x * @param Math_BigInteger $r * @param int $i * @return Math_BigInteger / function _blind($x, $r, $i) { $x = $x->multiply($r->modPow($this->publicExponent, $this->primes[$i])); $x = $x->modPow($this->exponents[$i], $this->primes[$i]); $r = $r->modInverse($this->primes[$i]); $x = $x->multiply($r); list(, $x) = $x->divide($this->primes[$i]); return $x; } /* * Performs blinded RSA equality testing * * Protects against a particular type of timing attack described. * * See {@link http://codahale.com/a-lesson-in-timing-attacks/ A Lesson In Timing Attacks (or, Don't use MessageDigest.isEquals)} * * Thanks for the heads up singpolyma! * * @access private * @param string $x * @param string $y * @return bool / function _equals($x, $y) { if (function_exists('hash_equals')) { return hash_equals($x, $y); } if (strlen($x) != strlen($y)) { return false; } $result = "\0"; $x^= $y; for ($i = 0; $i < strlen($x); $i++) { $result\|= $x[$i]; } return $result === "\0"; } /* * RSAEP * * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.1}. * * @access private * @param Math_BigInteger $m * @return Math_BigInteger / function _rsaep($m) { if ($m->compare($this->zero) < 0 \|\| $m->compare($this->modulus) > 0) { user_error('Message representative out of range'); return false; } return $this->_exponentiate($m); } /* * RSADP * * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.2 RFC3447#section-5.1.2}. * * @access private * @param Math_BigInteger $c * @return Math_BigInteger / function _rsadp($c) { if ($c->compare($this->zero) < 0 \|\| $c->compare($this->modulus) > 0) { user_error('Ciphertext representative out of range'); return false; } return $this->_exponentiate($c); } /* * RSASP1 * * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.1 RFC3447#section-5.2.1}. * * @access private * @param Math_BigInteger $m * @return Math_BigInteger / function _rsasp1($m) { if ($m->compare($this->zero) < 0 \|\| $m->compare($this->modulus) > 0) { user_error('Message representative out of range'); return false; } return $this->_exponentiate($m); } /* * RSAVP1 * * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.2 RFC3447#section-5.2.2}. * * @access private * @param Math_BigInteger $s * @return Math_BigInteger / function _rsavp1($s) { if ($s->compare($this->zero) < 0 \|\| $s->compare($this->modulus) > 0) { user_error('Signature representative out of range'); return false; } return $this->_exponentiate($s); } /* * MGF1 * * See {@link http://tools.ietf.org/html/rfc3447#appendix-B.2.1 RFC3447#appendix-B.2.1}. * * @access private * @param string $mgfSeed * @param int $mgfLen * @return string / function _mgf1($mgfSeed, $maskLen) { // if $maskLen would yield strings larger than 4GB, PKCS#1 suggests a "Mask too long" error be output. $t = ''; $count = ceil($maskLen / $this->mgfHLen); for ($i = 0; $i < $count; $i++) { $c = pack('N', $i); $t.= $this->mgfHash->hash($mgfSeed . $c); } return substr($t, 0, $maskLen); } /* * RSAES-OAEP-ENCRYPT * * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.1 RFC3447#section-7.1.1} and * {http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding OAES}. * * @access private * @param string $m * @param string $l * @return string / function _rsaes_oaep_encrypt($m, $l = '') { $mLen = strlen($m); // Length checking // if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error // be output. if ($mLen > $this->k - 2 $this->hLen - 2) { user_error('Message too long'); return false; } // EME-OAEP encoding $lHash = $this->hash->hash($l); $ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2); $db = $lHash . $ps . chr(1) . $m; $seed = crypt_random_string($this->hLen); $dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1); $maskedDB = $db ^ $dbMask; $seedMask = $this->_mgf1($maskedDB, $this->hLen); $maskedSeed = $seed ^ $seedMask; $em = chr(0) . $maskedSeed . $maskedDB; // RSA encryption $m = $this->_os2ip($em); $c = $this->_rsaep($m); $c = $this->_i2osp($c, $this->k); // Output the ciphertext C return $c; } /** * RSAES-OAEP-DECRYPT * * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.2 RFC3447#section-7.1.2}. The fact that the error * messages aren't distinguishable from one another hinders debugging, but, to quote from RFC3447#section-7.1.2: * * Note. Care must be taken to ensure that an opponent cannot * distinguish the different error conditions in Step 3.g, whether by * error message or timing, or, more generally, learn partial * information about the encoded message EM. Otherwise an opponent may * be able to obtain useful information about the decryption of the * ciphertext C, leading to a chosen-ciphertext attack such as the one * observed by Manger [36]. * * As for $l... to quote from {@link http://tools.ietf.org/html/rfc3447#page-17 RFC3447#page-17}: * * Both the encryption and the decryption operations of RSAES-OAEP take * the value of a label L as input. In this version of PKCS #1, L is * the empty string; other uses of the label are outside the scope of * this document. * * @access private * @param string $c * @param string $l * @return string / function _rsaes_oaep_decrypt($c, $l = '') { // Length checking // if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error // be output. if (strlen($c) != $this->k \|\| $this->k < 2 $this->hLen + 2) { user_error('Decryption error'); return false; } // RSA decryption $c = $this->_os2ip($c); $m = $this->_rsadp($c); if ($m === false) { user_error('Decryption error'); return false; } $em = $this->_i2osp($m, $this->k); // EME-OAEP decoding $lHash = $this->hash->hash($l); $y = ord($em[0]); $maskedSeed = substr($em, 1, $this->hLen); $maskedDB = substr($em, $this->hLen + 1); $seedMask = $this->_mgf1($maskedDB, $this->hLen); $seed = $maskedSeed ^ $seedMask; $dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1); $db = $maskedDB ^ $dbMask; $lHash2 = substr($db, 0, $this->hLen); $m = substr($db, $this->hLen); $hashesMatch = $this->_equals($lHash, $lHash2); $leadingZeros = 1; $patternMatch = 0; $offset = 0; for ($i = 0; $i < strlen($m); $i++) { $patternMatch\|= $leadingZeros & ($m[$i] === "\1"); $leadingZeros&= $m[$i] === "\0"; $offset+= $patternMatch ? 0 : 1; } // we do & instead of && to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation // to protect against timing attacks if (!$hashesMatch & !$patternMatch) { user_error('Decryption error'); return false; } // Output the message M return substr($m, $offset + 1); } /** * Raw Encryption / Decryption * * Doesn't use padding and is not recommended. * * @access private * @param string $m * @return string / function _raw_encrypt($m) { $temp = $this->_os2ip($m); $temp = $this->_rsaep($temp); return $this->_i2osp($temp, $this->k); } /* * RSAES-PKCS1-V1_5-ENCRYPT * * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.1 RFC3447#section-7.2.1}. * * @access private * @param string $m * @return string / function _rsaes_pkcs1_v1_5_encrypt($m) { $mLen = strlen($m); // Length checking if ($mLen > $this->k - 11) { user_error('Message too long'); return false; } // EME-PKCS1-v1_5 encoding $psLen = $this->k - $mLen - 3; $ps = ''; while (strlen($ps) != $psLen) { $temp = crypt_random_string($psLen - strlen($ps)); $temp = str_replace("\x00", '', $temp); $ps.= $temp; } $type = 2; // see the comments of _rsaes_pkcs1_v1_5_decrypt() to understand why this is being done if (defined('CRYPT_RSA_PKCS15_COMPAT') && (!isset($this->publicExponent) \|\| $this->exponent !== $this->publicExponent)) { $type = 1; // "The padding string PS shall consist of k-3-\|\|D\|\| octets. ... for block type 01, they shall have value FF" $ps = str_repeat("\xFF", $psLen); } $em = chr(0) . chr($type) . $ps . chr(0) . $m; // RSA encryption $m = $this->_os2ip($em); $c = $this->_rsaep($m); $c = $this->_i2osp($c, $this->k); // Output the ciphertext C return $c; } /* * RSAES-PKCS1-V1_5-DECRYPT * * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}. * * For compatibility purposes, this function departs slightly from the description given in RFC3447. * The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the * private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the * public key should have the second byte set to 2. In RFC3447 (PKCS#1 v2.1), the second byte is supposed * to be 2 regardless of which key is used. For compatibility purposes, we'll just check to make sure the * second byte is 2 or less. If it is, we'll accept the decrypted string as valid. * * As a consequence of this, a private key encrypted ciphertext produced with Crypt_RSA may not decrypt * with a strictly PKCS#1 v1.5 compliant RSA implementation. Public key encrypted ciphertext's should but * not private key encrypted ciphertext's. * * @access private * @param string $c * @return string / function _rsaes_pkcs1_v1_5_decrypt($c) { // Length checking if (strlen($c) != $this->k) { // or if k < 11 user_error('Decryption error'); return false; } // RSA decryption $c = $this->_os2ip($c); $m = $this->_rsadp($c); if ($m === false) { user_error('Decryption error'); return false; } $em = $this->_i2osp($m, $this->k); // EME-PKCS1-v1_5 decoding if (ord($em[0]) != 0 \|\| ord($em[1]) > 2) { user_error('Decryption error'); return false; } $ps = substr($em, 2, strpos($em, chr(0), 2) - 2); $m = substr($em, strlen($ps) + 3); if (strlen($ps) < 8) { user_error('Decryption error'); return false; } // Output M return $m; } /* * EMSA-PSS-ENCODE * * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.1 RFC3447#section-9.1.1}. * * @access private * @param string $m * @param int $emBits / function _emsa_pss_encode($m, $emBits) { // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error // be output. $emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8) $sLen = $this->sLen !== null ? $this->sLen : $this->hLen; $mHash = $this->hash->hash($m); if ($emLen < $this->hLen + $sLen + 2) { user_error('Encoding error'); return false; } $salt = crypt_random_string($sLen); $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; $h = $this->hash->hash($m2); $ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2); $db = $ps . chr(1) . $salt; $dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1); $maskedDB = $db ^ $dbMask; $maskedDB[0] = ~chr(0xFF << ($emBits & 7)) & $maskedDB[0]; $em = $maskedDB . $h . chr(0xBC); return $em; } /* * EMSA-PSS-VERIFY * * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.2 RFC3447#section-9.1.2}. * * @access private * @param string $m * @param string $em * @param int $emBits * @return string / function _emsa_pss_verify($m, $em, $emBits) { // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error // be output. $emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8); $sLen = $this->sLen !== null ? $this->sLen : $this->hLen; $mHash = $this->hash->hash($m); if ($emLen < $this->hLen + $sLen + 2) { return false; } if ($em[strlen($em) - 1] != chr(0xBC)) { return false; } $maskedDB = substr($em, 0, -$this->hLen - 1); $h = substr($em, -$this->hLen - 1, $this->hLen); $temp = chr(0xFF << ($emBits & 7)); if ((~$maskedDB[0] & $temp) != $temp) { return false; } $dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1); $db = $maskedDB ^ $dbMask; $db[0] = ~chr(0xFF << ($emBits & 7)) & $db[0]; $temp = $emLen - $this->hLen - $sLen - 2; if (substr($db, 0, $temp) != str_repeat(chr(0), $temp) \|\| ord($db[$temp]) != 1) { return false; } $salt = substr($db, $temp + 1); // should be $sLen long $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; $h2 = $this->hash->hash($m2); return $this->_equals($h, $h2); } /* * RSASSA-PSS-SIGN * * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.1 RFC3447#section-8.1.1}. * * @access private * @param string $m * @return string / function _rsassa_pss_sign($m) { // EMSA-PSS encoding $em = $this->_emsa_pss_encode($m, 8 $this->k - 1); // RSA signature $m = $this->_os2ip($em); $s = $this->_rsasp1($m); $s = $this->_i2osp($s, $this->k); // Output the signature S return $s; } /** * RSASSA-PSS-VERIFY * * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.2 RFC3447#section-8.1.2}. * * @access private * @param string $m * @param string $s * @return string / function _rsassa_pss_verify($m, $s) { // Length checking if (strlen($s) != $this->k) { user_error('Invalid signature'); return false; } // RSA verification $modBits = 8 $this->k; $s2 = $this->_os2ip($s); $m2 = $this->_rsavp1($s2); if ($m2 === false) { user_error('Invalid signature'); return false; } $em = $this->_i2osp($m2, $modBits >> 3); if ($em === false) { user_error('Invalid signature'); return false; } // EMSA-PSS verification return $this->_emsa_pss_verify($m, $em, $modBits - 1); } /** * EMSA-PKCS1-V1_5-ENCODE * * See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}. * * @access private * @param string $m * @param int $emLen * @return string / function _emsa_pkcs1_v1_5_encode($m, $emLen) { $h = $this->hash->hash($m); if ($h === false) { return false; } // see http://tools.ietf.org/html/rfc3447#page-43 switch ($this->hashName) { case 'md2': $t = pack('H', '3020300c06082a864886f70d020205000410'); break; case 'md5': $t = pack('H', '3020300c06082a864886f70d020505000410'); break; case 'sha1': $t = pack('H', '3021300906052b0e03021a05000414'); break; case 'sha256': $t = pack('H', '3031300d060960864801650304020105000420'); break; case 'sha384': $t = pack('H', '3041300d060960864801650304020205000430'); break; case 'sha512': $t = pack('H', '3051300d060960864801650304020305000440'); } $t.= $h; $tLen = strlen($t); if ($emLen < $tLen + 11) { user_error('Intended encoded message length too short'); return false; } $ps = str_repeat(chr(0xFF), $emLen - $tLen - 3); $em = "\0\1$ps\0$t"; return $em; } /* * RSASSA-PKCS1-V1_5-SIGN * * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.1 RFC3447#section-8.2.1}. * * @access private * @param string $m * @return string / function _rsassa_pkcs1_v1_5_sign($m) { // EMSA-PKCS1-v1_5 encoding $em = $this->_emsa_pkcs1_v1_5_encode($m, $this->k); if ($em === false) { user_error('RSA modulus too short'); return false; } // RSA signature $m = $this->_os2ip($em); $s = $this->_rsasp1($m); $s = $this->_i2osp($s, $this->k); // Output the signature S return $s; } /* * RSASSA-PKCS1-V1_5-VERIFY * * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.2 RFC3447#section-8.2.2}. * * @access private * @param string $m * @return string / function _rsassa_pkcs1_v1_5_verify($m, $s) { // Length checking if (strlen($s) != $this->k) { user_error('Invalid signature'); return false; } // RSA verification $s = $this->_os2ip($s); $m2 = $this->_rsavp1($s); if ($m2 === false) { user_error('Invalid signature'); return false; } $em = $this->_i2osp($m2, $this->k); if ($em === false) { user_error('Invalid signature'); return false; } // EMSA-PKCS1-v1_5 encoding $em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k); if ($em2 === false) { user_error('RSA modulus too short'); return false; } // Compare return $this->_equals($em, $em2); } /* * Set Encryption Mode * * Valid values include CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1. * * @access public * @param int $mode / function setEncryptionMode($mode) { $this->encryptionMode = $mode; } /* * Set Signature Mode * * Valid values include CRYPT_RSA_SIGNATURE_PSS and CRYPT_RSA_SIGNATURE_PKCS1 * * @access public * @param int $mode / function setSignatureMode($mode) { $this->signatureMode = $mode; } /* * Set public key comment. * * @access public * @param string $comment / function setComment($comment) { $this->comment = $comment; } /* * Get public key comment. * * @access public * @return string / function getComment() { return $this->comment; } /* * Encryption * * Both CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1 both place limits on how long $plaintext can be. * If $plaintext exceeds those limits it will be broken up so that it does and the resultant ciphertext's will * be concatenated together. * * @see self::decrypt() * @access public * @param string $plaintext * @return string / function encrypt($plaintext) { switch ($this->encryptionMode) { case CRYPT_RSA_ENCRYPTION_NONE: $plaintext = str_split($plaintext, $this->k); $ciphertext = ''; foreach ($plaintext as $m) { $ciphertext.= $this->_raw_encrypt($m); } return $ciphertext; case CRYPT_RSA_ENCRYPTION_PKCS1: $length = $this->k - 11; if ($length <= 0) { return false; } $plaintext = str_split($plaintext, $length); $ciphertext = ''; foreach ($plaintext as $m) { $ciphertext.= $this->_rsaes_pkcs1_v1_5_encrypt($m); } return $ciphertext; //case CRYPT_RSA_ENCRYPTION_OAEP: default: $length = $this->k - 2 $this->hLen - 2; if ($length <= 0) { return false; } $plaintext = str_split($plaintext, $length); $ciphertext = ''; foreach ($plaintext as $m) { $ciphertext.= $this->_rsaes_oaep_encrypt($m); } return $ciphertext; } } /** * Decryption * * @see self::encrypt() * @access public * @param string $plaintext * @return string / function decrypt($ciphertext) { if ($this->k <= 0) { return false; } $ciphertext = str_split($ciphertext, $this->k); $ciphertext[count($ciphertext) - 1] = str_pad($ciphertext[count($ciphertext) - 1], $this->k, chr(0), STR_PAD_LEFT); $plaintext = ''; switch ($this->encryptionMode) { case CRYPT_RSA_ENCRYPTION_NONE: $decrypt = '_raw_encrypt'; break; case CRYPT_RSA_ENCRYPTION_PKCS1: $decrypt = '_rsaes_pkcs1_v1_5_decrypt'; break; //case CRYPT_RSA_ENCRYPTION_OAEP: default: $decrypt = '_rsaes_oaep_decrypt'; } foreach ($ciphertext as $c) { $temp = $this->$decrypt($c); if ($temp === false) { return false; } $plaintext.= $temp; } return $plaintext; } /* * Create a signature * * @see self::verify() * @access public * @param string $message * @return string / function sign($message) { if (empty($this->modulus) \|\| empty($this->exponent)) { return false; } switch ($this->signatureMode) { case CRYPT_RSA_SIGNATURE_PKCS1: return $this->_rsassa_pkcs1_v1_5_sign($message); //case CRYPT_RSA_SIGNATURE_PSS: default: return $this->_rsassa_pss_sign($message); } } /* * Verifies a signature * * @see self::sign() * @access public * @param string $message * @param string $signature * @return bool / function verify($message, $signature) { if (empty($this->modulus) \|\| empty($this->exponent)) { return false; } switch ($this->signatureMode) { case CRYPT_RSA_SIGNATURE_PKCS1: return $this->_rsassa_pkcs1_v1_5_verify($message, $signature); //case CRYPT_RSA_SIGNATURE_PSS: default: return $this->_rsassa_pss_verify($message, $signature); } } /* * Extract raw BER from Base64 encoding * * @access private * @param string $str * @return string / function _extractBER($str) { / X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them * above and beyond the ceritificate. * ie. some may have the following preceding the -----BEGIN CERTIFICATE----- line: * * Bag Attributes * localKeyID: 01 00 00 00 * subject=/O=organization/OU=org unit/CN=common name * issuer=/O=organization/CN=common name / $temp = preg_replace('#.?^-+[^-]+-+[\r\n ]$#ms', '', $str, 1); // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff $temp = preg_replace('#-+[^-]+-+#', '', $temp); // remove new lines $temp = str_replace(array("\r", "\n", ' '), '', $temp); $temp = preg_match('#^[a-zA-Z\d/+]={0,2}$#', $temp) ? base64_decode($temp) : false; return $temp != false ? $temp : $str; } } ��phpseclib/Crypt/Blowfish.php��0000644��00000072137�15104540706�0012120 0��ustar�00��<?php /** * Pure-PHP implementation of Blowfish. * * Uses mcrypt, if available, and an internal implementation, otherwise. * * PHP versions 4 and 5 * * Useful resources are as follows: * * - {@link http://en.wikipedia.org/wiki/Blowfish_(cipher) Wikipedia description of Blowfish} * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/Blowfish.php'; * * $blowfish = new Crypt_Blowfish(); * * $blowfish->setKey('12345678901234567890123456789012'); * * $plaintext = str_repeat('a', 1024); * * echo $blowfish->decrypt($blowfish->encrypt($plaintext)); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_Blowfish * @author Jim Wigginton <terrafrost@php.net> * @author Hans-Juergen Petrich <petrich@tronic-media.com> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Crypt_Base * * Base cipher class / if (!class_exists('Crypt_Base')) { include_once 'Base.php'; } /#@+ @access public * @see self::encrypt() * @see self::decrypt() / /* * Encrypt / decrypt using the Counter mode. * * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 / define('CRYPT_BLOWFISH_MODE_CTR', CRYPT_MODE_CTR); /* * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 / define('CRYPT_BLOWFISH_MODE_ECB', CRYPT_MODE_ECB); /* * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 / define('CRYPT_BLOWFISH_MODE_CBC', CRYPT_MODE_CBC); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 / define('CRYPT_BLOWFISH_MODE_CFB', CRYPT_MODE_CFB); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 / define('CRYPT_BLOWFISH_MODE_OFB', CRYPT_MODE_OFB); /#@-/ /** * Pure-PHP implementation of Blowfish. * * @package Crypt_Blowfish * @author Jim Wigginton <terrafrost@php.net> * @author Hans-Juergen Petrich <petrich@tronic-media.com> * @access public / class Crypt_Blowfish extends Crypt_Base { /* * Block Length of the cipher * * @see Crypt_Base::block_size * @var int * @access private / var $block_size = 8; /* * The namespace used by the cipher for its constants. * * @see Crypt_Base::const_namespace * @var string * @access private / var $const_namespace = 'BLOWFISH'; /* * The mcrypt specific name of the cipher * * @see Crypt_Base::cipher_name_mcrypt * @var string * @access private / var $cipher_name_mcrypt = 'blowfish'; /* * Optimizing value while CFB-encrypting * * @see Crypt_Base::cfb_init_len * @var int * @access private / var $cfb_init_len = 500; /* * The fixed subkeys boxes ($sbox0 - $sbox3) with 256 entries each * * S-Box 0 * * @access private * @var array / var $sbox0 = array( 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239, 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba, 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a ); /* * S-Box 1 * * @access private * @var array / var $sbox1 = array( 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff, 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41, 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf, 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7 ); /* * S-Box 2 * * @access private * @var array / var $sbox2 = array( 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb, 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115, 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a, 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10, 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027, 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0 ); /* * S-Box 3 * * @access private * @var array / var $sbox3 = array( 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51, 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28, 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd, 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb, 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84, 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048, 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525, 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d, 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6 ); /* * P-Array consists of 18 32-bit subkeys * * @var array * @access private / var $parray = array( 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89, 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, 0x9216d5d9, 0x8979fb1b ); /* * The BCTX-working Array * * Holds the expanded key [p] and the key-depended s-boxes [sb] * * @var array * @access private / var $bctx; /* * Holds the last used key * * @var array * @access private / var $kl; /* * The Key Length (in bytes) * * @see Crypt_Base::setKeyLength() * @var int * @access private * @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk * because the encryption / decryption / key schedule creation requires this number and not $key_length. We could * derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu * of that, we'll just precompute it once. / var $key_length = 16; /* * Sets the key length. * * Key lengths can be between 32 and 448 bits. * * @access public * @param int $length / function setKeyLength($length) { if ($length < 32) { $this->key_length = 4; } elseif ($length > 448) { $this->key_length = 56; } else { $this->key_length = $length >> 3; } parent::setKeyLength($length); } /* * Test for engine validity * * This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine() * * @see Crypt_Base::isValidEngine() * @param int $engine * @access public * @return bool / function isValidEngine($engine) { if ($engine == CRYPT_ENGINE_OPENSSL) { if (version_compare(PHP_VERSION, '5.3.7') < 0 && $this->key_length != 16) { return false; } if ($this->key_length < 16) { return false; } $this->cipher_name_openssl_ecb = 'bf-ecb'; $this->cipher_name_openssl = 'bf-' . $this->_openssl_translate_mode(); } return parent::isValidEngine($engine); } /* * Setup the key (expansion) * * @see Crypt_Base::_setupKey() * @access private / function _setupKey() { if (isset($this->kl['key']) && $this->key === $this->kl['key']) { // already expanded return; } $this->kl = array('key' => $this->key); / key-expanding p[] and S-Box building sb[] / $this->bctx = array( 'p' => array(), 'sb' => array( $this->sbox0, $this->sbox1, $this->sbox2, $this->sbox3 ) ); // unpack binary string in unsigned chars $key = array_values(unpack('C', $this->key)); $keyl = count($key); for ($j = 0, $i = 0; $i < 18; ++$i) { // xor P1 with the first 32-bits of the key, xor P2 with the second 32-bits ... for ($data = 0, $k = 0; $k < 4; ++$k) { $data = ($data << 8) \| $key[$j]; if (++$j >= $keyl) { $j = 0; } } $this->bctx['p'][] = $this->parray[$i] ^ $data; } // encrypt the zero-string, replace P1 and P2 with the encrypted data, // encrypt P3 and P4 with the new P1 and P2, do it with all P-array and subkeys $data = "\0\0\0\0\0\0\0\0"; for ($i = 0; $i < 18; $i += 2) { list($l, $r) = array_values(unpack('N', $data = $this->_encryptBlock($data))); $this->bctx['p'][$i ] = $l; $this->bctx['p'][$i + 1] = $r; } for ($i = 0; $i < 4; ++$i) { for ($j = 0; $j < 256; $j += 2) { list($l, $r) = array_values(unpack('N', $data = $this->_encryptBlock($data))); $this->bctx['sb'][$i][$j ] = $l; $this->bctx['sb'][$i][$j + 1] = $r; } } } /** * Encrypts a block * * @access private * @param string $in * @return string / function _encryptBlock($in) { $p = $this->bctx["p"]; // extract($this->bctx["sb"], EXTR_PREFIX_ALL, "sb"); // slower $sb_0 = $this->bctx["sb"][0]; $sb_1 = $this->bctx["sb"][1]; $sb_2 = $this->bctx["sb"][2]; $sb_3 = $this->bctx["sb"][3]; $in = unpack("N", $in); $l = $in[1]; $r = $in[2]; for ($i = 0; $i < 16; $i+= 2) { $l^= $p[$i]; $r^= $this->safe_intval(($this->safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]); $r^= $p[$i + 1]; $l^= $this->safe_intval(($this->safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]); } return pack("N", $r ^ $p[17], $l ^ $p[16]); } /* * Decrypts a block * * @access private * @param string $in * @return string / function _decryptBlock($in) { $p = $this->bctx["p"]; $sb_0 = $this->bctx["sb"][0]; $sb_1 = $this->bctx["sb"][1]; $sb_2 = $this->bctx["sb"][2]; $sb_3 = $this->bctx["sb"][3]; $in = unpack("N", $in); $l = $in[1]; $r = $in[2]; for ($i = 17; $i > 2; $i-= 2) { $l^= $p[$i]; $r^= $this->safe_intval(($this->safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]); $r^= $p[$i - 1]; $l^= $this->safe_intval(($this->safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]); } return pack("N", $r ^ $p[0], $l ^ $p[1]); } /* * Setup the performance-optimized function for de/encrypt() * * @see Crypt_Base::_setupInlineCrypt() * @access private / function _setupInlineCrypt() { $lambda_functions =& Crypt_Blowfish::_getLambdaFunctions(); // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. // (Currently, for Crypt_Blowfish, one generated $lambda_function cost on php5.5@32bit ~100kb unfreeable mem and ~180kb on php5.5@64bit) // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one. $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); // Generation of a unique hash for our generated code $code_hash = "Crypt_Blowfish, {$this->mode}"; if ($gen_hi_opt_code) { $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } $safeint = $this->safe_intval_inline(); if (!isset($lambda_functions[$code_hash])) { switch (true) { case $gen_hi_opt_code: $p = $this->bctx['p']; $init_crypt = ' static $sb_0, $sb_1, $sb_2, $sb_3; if (!$sb_0) { $sb_0 = $self->bctx["sb"][0]; $sb_1 = $self->bctx["sb"][1]; $sb_2 = $self->bctx["sb"][2]; $sb_3 = $self->bctx["sb"][3]; } '; break; default: $p = array(); for ($i = 0; $i < 18; ++$i) { $p[] = '$p_' . $i; } $init_crypt = ' list($sb_0, $sb_1, $sb_2, $sb_3) = $self->bctx["sb"]; list(' . implode(',', $p) . ') = $self->bctx["p"]; '; } // Generating encrypt code: $encrypt_block = ' $in = unpack("N", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 0; $i < 16; $i+= 2) { $encrypt_block.= ' $l^= ' . $p[$i] . '; $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]') . '; $r^= ' . $p[$i + 1] . '; $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]') . '; '; } $encrypt_block.= ' $in = pack("N", $r ^ ' . $p[17] . ', $l ^ ' . $p[16] . ' ); '; // Generating decrypt code: $decrypt_block = ' $in = unpack("N", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 17; $i > 2; $i-= 2) { $decrypt_block.= ' $l^= ' . $p[$i] . '; $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]') . '; $r^= ' . $p[$i - 1] . '; $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]') . '; '; } $decrypt_block.= ' $in = pack("N", $r ^ ' . $p[0] . ', $l ^ ' . $p[1] . ' ); '; $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( array( 'init_crypt' => $init_crypt, 'init_encrypt' => '', 'init_decrypt' => '', 'encrypt_block' => $encrypt_block, 'decrypt_block' => $decrypt_block ) ); } $this->inline_crypt = $lambda_functions[$code_hash]; } } ��phpseclib/Crypt/Twofish.php��0000644��00000120516�15104540706�0011761 0��ustar�00��<?php /* * Pure-PHP implementation of Twofish. * * Uses mcrypt, if available, and an internal implementation, otherwise. * * PHP versions 4 and 5 * * Useful resources are as follows: * * - {@link http://en.wikipedia.org/wiki/Twofish Wikipedia description of Twofish} * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/Twofish.php'; * * $twofish = new Crypt_Twofish(); * * $twofish->setKey('12345678901234567890123456789012'); * * $plaintext = str_repeat('a', 1024); * * echo $twofish->decrypt($twofish->encrypt($plaintext)); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_Twofish * @author Jim Wigginton <terrafrost@php.net> * @author Hans-Juergen Petrich <petrich@tronic-media.com> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Crypt_Base * * Base cipher class / if (!class_exists('Crypt_Base')) { include_once 'Base.php'; } /#@+ @access public * @see self::encrypt() * @see self::decrypt() / /* * Encrypt / decrypt using the Counter mode. * * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 / define('CRYPT_TWOFISH_MODE_CTR', CRYPT_MODE_CTR); /* * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 / define('CRYPT_TWOFISH_MODE_ECB', CRYPT_MODE_ECB); /* * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 / define('CRYPT_TWOFISH_MODE_CBC', CRYPT_MODE_CBC); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 / define('CRYPT_TWOFISH_MODE_CFB', CRYPT_MODE_CFB); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 / define('CRYPT_TWOFISH_MODE_OFB', CRYPT_MODE_OFB); /#@-/ /** * Pure-PHP implementation of Twofish. * * @package Crypt_Twofish * @author Jim Wigginton <terrafrost@php.net> * @author Hans-Juergen Petrich <petrich@tronic-media.com> * @access public / class Crypt_Twofish extends Crypt_Base { /* * The namespace used by the cipher for its constants. * * @see Crypt_Base::const_namespace * @var string * @access private / var $const_namespace = 'TWOFISH'; /* * The mcrypt specific name of the cipher * * @see Crypt_Base::cipher_name_mcrypt * @var string * @access private / var $cipher_name_mcrypt = 'twofish'; /* * Optimizing value while CFB-encrypting * * @see Crypt_Base::cfb_init_len * @var int * @access private / var $cfb_init_len = 800; /* * Q-Table * * @var array * @access private / var $q0 = array( 0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, 0x9A, 0x92, 0x80, 0x78, 0xE4, 0xDD, 0xD1, 0x38, 0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C, 0x43, 0x75, 0x37, 0x26, 0xFA, 0x13, 0x94, 0x48, 0xF2, 0xD0, 0x8B, 0x30, 0x84, 0x54, 0xDF, 0x23, 0x19, 0x5B, 0x3D, 0x59, 0xF3, 0xAE, 0xA2, 0x82, 0x63, 0x01, 0x83, 0x2E, 0xD9, 0x51, 0x9B, 0x7C, 0xA6, 0xEB, 0xA5, 0xBE, 0x16, 0x0C, 0xE3, 0x61, 0xC0, 0x8C, 0x3A, 0xF5, 0x73, 0x2C, 0x25, 0x0B, 0xBB, 0x4E, 0x89, 0x6B, 0x53, 0x6A, 0xB4, 0xF1, 0xE1, 0xE6, 0xBD, 0x45, 0xE2, 0xF4, 0xB6, 0x66, 0xCC, 0x95, 0x03, 0x56, 0xD4, 0x1C, 0x1E, 0xD7, 0xFB, 0xC3, 0x8E, 0xB5, 0xE9, 0xCF, 0xBF, 0xBA, 0xEA, 0x77, 0x39, 0xAF, 0x33, 0xC9, 0x62, 0x71, 0x81, 0x79, 0x09, 0xAD, 0x24, 0xCD, 0xF9, 0xD8, 0xE5, 0xC5, 0xB9, 0x4D, 0x44, 0x08, 0x86, 0xE7, 0xA1, 0x1D, 0xAA, 0xED, 0x06, 0x70, 0xB2, 0xD2, 0x41, 0x7B, 0xA0, 0x11, 0x31, 0xC2, 0x27, 0x90, 0x20, 0xF6, 0x60, 0xFF, 0x96, 0x5C, 0xB1, 0xAB, 0x9E, 0x9C, 0x52, 0x1B, 0x5F, 0x93, 0x0A, 0xEF, 0x91, 0x85, 0x49, 0xEE, 0x2D, 0x4F, 0x8F, 0x3B, 0x47, 0x87, 0x6D, 0x46, 0xD6, 0x3E, 0x69, 0x64, 0x2A, 0xCE, 0xCB, 0x2F, 0xFC, 0x97, 0x05, 0x7A, 0xAC, 0x7F, 0xD5, 0x1A, 0x4B, 0x0E, 0xA7, 0x5A, 0x28, 0x14, 0x3F, 0x29, 0x88, 0x3C, 0x4C, 0x02, 0xB8, 0xDA, 0xB0, 0x17, 0x55, 0x1F, 0x8A, 0x7D, 0x57, 0xC7, 0x8D, 0x74, 0xB7, 0xC4, 0x9F, 0x72, 0x7E, 0x15, 0x22, 0x12, 0x58, 0x07, 0x99, 0x34, 0x6E, 0x50, 0xDE, 0x68, 0x65, 0xBC, 0xDB, 0xF8, 0xC8, 0xA8, 0x2B, 0x40, 0xDC, 0xFE, 0x32, 0xA4, 0xCA, 0x10, 0x21, 0xF0, 0xD3, 0x5D, 0x0F, 0x00, 0x6F, 0x9D, 0x36, 0x42, 0x4A, 0x5E, 0xC1, 0xE0 ); /* * Q-Table * * @var array * @access private / var $q1 = array( 0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, 0x4A, 0xD3, 0xE6, 0x6B, 0x45, 0x7D, 0xE8, 0x4B, 0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1, 0x30, 0x0F, 0xF8, 0x1B, 0x87, 0xFA, 0x06, 0x3F, 0x5E, 0xBA, 0xAE, 0x5B, 0x8A, 0x00, 0xBC, 0x9D, 0x6D, 0xC1, 0xB1, 0x0E, 0x80, 0x5D, 0xD2, 0xD5, 0xA0, 0x84, 0x07, 0x14, 0xB5, 0x90, 0x2C, 0xA3, 0xB2, 0x73, 0x4C, 0x54, 0x92, 0x74, 0x36, 0x51, 0x38, 0xB0, 0xBD, 0x5A, 0xFC, 0x60, 0x62, 0x96, 0x6C, 0x42, 0xF7, 0x10, 0x7C, 0x28, 0x27, 0x8C, 0x13, 0x95, 0x9C, 0xC7, 0x24, 0x46, 0x3B, 0x70, 0xCA, 0xE3, 0x85, 0xCB, 0x11, 0xD0, 0x93, 0xB8, 0xA6, 0x83, 0x20, 0xFF, 0x9F, 0x77, 0xC3, 0xCC, 0x03, 0x6F, 0x08, 0xBF, 0x40, 0xE7, 0x2B, 0xE2, 0x79, 0x0C, 0xAA, 0x82, 0x41, 0x3A, 0xEA, 0xB9, 0xE4, 0x9A, 0xA4, 0x97, 0x7E, 0xDA, 0x7A, 0x17, 0x66, 0x94, 0xA1, 0x1D, 0x3D, 0xF0, 0xDE, 0xB3, 0x0B, 0x72, 0xA7, 0x1C, 0xEF, 0xD1, 0x53, 0x3E, 0x8F, 0x33, 0x26, 0x5F, 0xEC, 0x76, 0x2A, 0x49, 0x81, 0x88, 0xEE, 0x21, 0xC4, 0x1A, 0xEB, 0xD9, 0xC5, 0x39, 0x99, 0xCD, 0xAD, 0x31, 0x8B, 0x01, 0x18, 0x23, 0xDD, 0x1F, 0x4E, 0x2D, 0xF9, 0x48, 0x4F, 0xF2, 0x65, 0x8E, 0x78, 0x5C, 0x58, 0x19, 0x8D, 0xE5, 0x98, 0x57, 0x67, 0x7F, 0x05, 0x64, 0xAF, 0x63, 0xB6, 0xFE, 0xF5, 0xB7, 0x3C, 0xA5, 0xCE, 0xE9, 0x68, 0x44, 0xE0, 0x4D, 0x43, 0x69, 0x29, 0x2E, 0xAC, 0x15, 0x59, 0xA8, 0x0A, 0x9E, 0x6E, 0x47, 0xDF, 0x34, 0x35, 0x6A, 0xCF, 0xDC, 0x22, 0xC9, 0xC0, 0x9B, 0x89, 0xD4, 0xED, 0xAB, 0x12, 0xA2, 0x0D, 0x52, 0xBB, 0x02, 0x2F, 0xA9, 0xD7, 0x61, 0x1E, 0xB4, 0x50, 0x04, 0xF6, 0xC2, 0x16, 0x25, 0x86, 0x56, 0x55, 0x09, 0xBE, 0x91 ); /* * M-Table * * @var array * @access private / var $m0 = array( 0xBCBC3275, 0xECEC21F3, 0x202043C6, 0xB3B3C9F4, 0xDADA03DB, 0x02028B7B, 0xE2E22BFB, 0x9E9EFAC8, 0xC9C9EC4A, 0xD4D409D3, 0x18186BE6, 0x1E1E9F6B, 0x98980E45, 0xB2B2387D, 0xA6A6D2E8, 0x2626B74B, 0x3C3C57D6, 0x93938A32, 0x8282EED8, 0x525298FD, 0x7B7BD437, 0xBBBB3771, 0x5B5B97F1, 0x474783E1, 0x24243C30, 0x5151E20F, 0xBABAC6F8, 0x4A4AF31B, 0xBFBF4887, 0x0D0D70FA, 0xB0B0B306, 0x7575DE3F, 0xD2D2FD5E, 0x7D7D20BA, 0x666631AE, 0x3A3AA35B, 0x59591C8A, 0x00000000, 0xCDCD93BC, 0x1A1AE09D, 0xAEAE2C6D, 0x7F7FABC1, 0x2B2BC7B1, 0xBEBEB90E, 0xE0E0A080, 0x8A8A105D, 0x3B3B52D2, 0x6464BAD5, 0xD8D888A0, 0xE7E7A584, 0x5F5FE807, 0x1B1B1114, 0x2C2CC2B5, 0xFCFCB490, 0x3131272C, 0x808065A3, 0x73732AB2, 0x0C0C8173, 0x79795F4C, 0x6B6B4154, 0x4B4B0292, 0x53536974, 0x94948F36, 0x83831F51, 0x2A2A3638, 0xC4C49CB0, 0x2222C8BD, 0xD5D5F85A, 0xBDBDC3FC, 0x48487860, 0xFFFFCE62, 0x4C4C0796, 0x4141776C, 0xC7C7E642, 0xEBEB24F7, 0x1C1C1410, 0x5D5D637C, 0x36362228, 0x6767C027, 0xE9E9AF8C, 0x4444F913, 0x1414EA95, 0xF5F5BB9C, 0xCFCF18C7, 0x3F3F2D24, 0xC0C0E346, 0x7272DB3B, 0x54546C70, 0x29294CCA, 0xF0F035E3, 0x0808FE85, 0xC6C617CB, 0xF3F34F11, 0x8C8CE4D0, 0xA4A45993, 0xCACA96B8, 0x68683BA6, 0xB8B84D83, 0x38382820, 0xE5E52EFF, 0xADAD569F, 0x0B0B8477, 0xC8C81DC3, 0x9999FFCC, 0x5858ED03, 0x19199A6F, 0x0E0E0A08, 0x95957EBF, 0x70705040, 0xF7F730E7, 0x6E6ECF2B, 0x1F1F6EE2, 0xB5B53D79, 0x09090F0C, 0x616134AA, 0x57571682, 0x9F9F0B41, 0x9D9D803A, 0x111164EA, 0x2525CDB9, 0xAFAFDDE4, 0x4545089A, 0xDFDF8DA4, 0xA3A35C97, 0xEAEAD57E, 0x353558DA, 0xEDEDD07A, 0x4343FC17, 0xF8F8CB66, 0xFBFBB194, 0x3737D3A1, 0xFAFA401D, 0xC2C2683D, 0xB4B4CCF0, 0x32325DDE, 0x9C9C71B3, 0x5656E70B, 0xE3E3DA72, 0x878760A7, 0x15151B1C, 0xF9F93AEF, 0x6363BFD1, 0x3434A953, 0x9A9A853E, 0xB1B1428F, 0x7C7CD133, 0x88889B26, 0x3D3DA65F, 0xA1A1D7EC, 0xE4E4DF76, 0x8181942A, 0x91910149, 0x0F0FFB81, 0xEEEEAA88, 0x161661EE, 0xD7D77321, 0x9797F5C4, 0xA5A5A81A, 0xFEFE3FEB, 0x6D6DB5D9, 0x7878AEC5, 0xC5C56D39, 0x1D1DE599, 0x7676A4CD, 0x3E3EDCAD, 0xCBCB6731, 0xB6B6478B, 0xEFEF5B01, 0x12121E18, 0x6060C523, 0x6A6AB0DD, 0x4D4DF61F, 0xCECEE94E, 0xDEDE7C2D, 0x55559DF9, 0x7E7E5A48, 0x2121B24F, 0x03037AF2, 0xA0A02665, 0x5E5E198E, 0x5A5A6678, 0x65654B5C, 0x62624E58, 0xFDFD4519, 0x0606F48D, 0x404086E5, 0xF2F2BE98, 0x3333AC57, 0x17179067, 0x05058E7F, 0xE8E85E05, 0x4F4F7D64, 0x89896AAF, 0x10109563, 0x74742FB6, 0x0A0A75FE, 0x5C5C92F5, 0x9B9B74B7, 0x2D2D333C, 0x3030D6A5, 0x2E2E49CE, 0x494989E9, 0x46467268, 0x77775544, 0xA8A8D8E0, 0x9696044D, 0x2828BD43, 0xA9A92969, 0xD9D97929, 0x8686912E, 0xD1D187AC, 0xF4F44A15, 0x8D8D1559, 0xD6D682A8, 0xB9B9BC0A, 0x42420D9E, 0xF6F6C16E, 0x2F2FB847, 0xDDDD06DF, 0x23233934, 0xCCCC6235, 0xF1F1C46A, 0xC1C112CF, 0x8585EBDC, 0x8F8F9E22, 0x7171A1C9, 0x9090F0C0, 0xAAAA539B, 0x0101F189, 0x8B8BE1D4, 0x4E4E8CED, 0x8E8E6FAB, 0xABABA212, 0x6F6F3EA2, 0xE6E6540D, 0xDBDBF252, 0x92927BBB, 0xB7B7B602, 0x6969CA2F, 0x3939D9A9, 0xD3D30CD7, 0xA7A72361, 0xA2A2AD1E, 0xC3C399B4, 0x6C6C4450, 0x07070504, 0x04047FF6, 0x272746C2, 0xACACA716, 0xD0D07625, 0x50501386, 0xDCDCF756, 0x84841A55, 0xE1E15109, 0x7A7A25BE, 0x1313EF91 ); /* * M-Table * * @var array * @access private / var $m1 = array( 0xA9D93939, 0x67901717, 0xB3719C9C, 0xE8D2A6A6, 0x04050707, 0xFD985252, 0xA3658080, 0x76DFE4E4, 0x9A084545, 0x92024B4B, 0x80A0E0E0, 0x78665A5A, 0xE4DDAFAF, 0xDDB06A6A, 0xD1BF6363, 0x38362A2A, 0x0D54E6E6, 0xC6432020, 0x3562CCCC, 0x98BEF2F2, 0x181E1212, 0xF724EBEB, 0xECD7A1A1, 0x6C774141, 0x43BD2828, 0x7532BCBC, 0x37D47B7B, 0x269B8888, 0xFA700D0D, 0x13F94444, 0x94B1FBFB, 0x485A7E7E, 0xF27A0303, 0xD0E48C8C, 0x8B47B6B6, 0x303C2424, 0x84A5E7E7, 0x54416B6B, 0xDF06DDDD, 0x23C56060, 0x1945FDFD, 0x5BA33A3A, 0x3D68C2C2, 0x59158D8D, 0xF321ECEC, 0xAE316666, 0xA23E6F6F, 0x82165757, 0x63951010, 0x015BEFEF, 0x834DB8B8, 0x2E918686, 0xD9B56D6D, 0x511F8383, 0x9B53AAAA, 0x7C635D5D, 0xA63B6868, 0xEB3FFEFE, 0xA5D63030, 0xBE257A7A, 0x16A7ACAC, 0x0C0F0909, 0xE335F0F0, 0x6123A7A7, 0xC0F09090, 0x8CAFE9E9, 0x3A809D9D, 0xF5925C5C, 0x73810C0C, 0x2C273131, 0x2576D0D0, 0x0BE75656, 0xBB7B9292, 0x4EE9CECE, 0x89F10101, 0x6B9F1E1E, 0x53A93434, 0x6AC4F1F1, 0xB499C3C3, 0xF1975B5B, 0xE1834747, 0xE66B1818, 0xBDC82222, 0x450E9898, 0xE26E1F1F, 0xF4C9B3B3, 0xB62F7474, 0x66CBF8F8, 0xCCFF9999, 0x95EA1414, 0x03ED5858, 0x56F7DCDC, 0xD4E18B8B, 0x1C1B1515, 0x1EADA2A2, 0xD70CD3D3, 0xFB2BE2E2, 0xC31DC8C8, 0x8E195E5E, 0xB5C22C2C, 0xE9894949, 0xCF12C1C1, 0xBF7E9595, 0xBA207D7D, 0xEA641111, 0x77840B0B, 0x396DC5C5, 0xAF6A8989, 0x33D17C7C, 0xC9A17171, 0x62CEFFFF, 0x7137BBBB, 0x81FB0F0F, 0x793DB5B5, 0x0951E1E1, 0xADDC3E3E, 0x242D3F3F, 0xCDA47676, 0xF99D5555, 0xD8EE8282, 0xE5864040, 0xC5AE7878, 0xB9CD2525, 0x4D049696, 0x44557777, 0x080A0E0E, 0x86135050, 0xE730F7F7, 0xA1D33737, 0x1D40FAFA, 0xAA346161, 0xED8C4E4E, 0x06B3B0B0, 0x706C5454, 0xB22A7373, 0xD2523B3B, 0x410B9F9F, 0x7B8B0202, 0xA088D8D8, 0x114FF3F3, 0x3167CBCB, 0xC2462727, 0x27C06767, 0x90B4FCFC, 0x20283838, 0xF67F0404, 0x60784848, 0xFF2EE5E5, 0x96074C4C, 0x5C4B6565, 0xB1C72B2B, 0xAB6F8E8E, 0x9E0D4242, 0x9CBBF5F5, 0x52F2DBDB, 0x1BF34A4A, 0x5FA63D3D, 0x9359A4A4, 0x0ABCB9B9, 0xEF3AF9F9, 0x91EF1313, 0x85FE0808, 0x49019191, 0xEE611616, 0x2D7CDEDE, 0x4FB22121, 0x8F42B1B1, 0x3BDB7272, 0x47B82F2F, 0x8748BFBF, 0x6D2CAEAE, 0x46E3C0C0, 0xD6573C3C, 0x3E859A9A, 0x6929A9A9, 0x647D4F4F, 0x2A948181, 0xCE492E2E, 0xCB17C6C6, 0x2FCA6969, 0xFCC3BDBD, 0x975CA3A3, 0x055EE8E8, 0x7AD0EDED, 0xAC87D1D1, 0x7F8E0505, 0xD5BA6464, 0x1AA8A5A5, 0x4BB72626, 0x0EB9BEBE, 0xA7608787, 0x5AF8D5D5, 0x28223636, 0x14111B1B, 0x3FDE7575, 0x2979D9D9, 0x88AAEEEE, 0x3C332D2D, 0x4C5F7979, 0x02B6B7B7, 0xB896CACA, 0xDA583535, 0xB09CC4C4, 0x17FC4343, 0x551A8484, 0x1FF64D4D, 0x8A1C5959, 0x7D38B2B2, 0x57AC3333, 0xC718CFCF, 0x8DF40606, 0x74695353, 0xB7749B9B, 0xC4F59797, 0x9F56ADAD, 0x72DAE3E3, 0x7ED5EAEA, 0x154AF4F4, 0x229E8F8F, 0x12A2ABAB, 0x584E6262, 0x07E85F5F, 0x99E51D1D, 0x34392323, 0x6EC1F6F6, 0x50446C6C, 0xDE5D3232, 0x68724646, 0x6526A0A0, 0xBC93CDCD, 0xDB03DADA, 0xF8C6BABA, 0xC8FA9E9E, 0xA882D6D6, 0x2BCF6E6E, 0x40507070, 0xDCEB8585, 0xFE750A0A, 0x328A9393, 0xA48DDFDF, 0xCA4C2929, 0x10141C1C, 0x2173D7D7, 0xF0CCB4B4, 0xD309D4D4, 0x5D108A8A, 0x0FE25151, 0x00000000, 0x6F9A1919, 0x9DE01A1A, 0x368F9494, 0x42E6C7C7, 0x4AECC9C9, 0x5EFDD2D2, 0xC1AB7F7F, 0xE0D8A8A8 ); /* * M-Table * * @var array * @access private / var $m2 = array( 0xBC75BC32, 0xECF3EC21, 0x20C62043, 0xB3F4B3C9, 0xDADBDA03, 0x027B028B, 0xE2FBE22B, 0x9EC89EFA, 0xC94AC9EC, 0xD4D3D409, 0x18E6186B, 0x1E6B1E9F, 0x9845980E, 0xB27DB238, 0xA6E8A6D2, 0x264B26B7, 0x3CD63C57, 0x9332938A, 0x82D882EE, 0x52FD5298, 0x7B377BD4, 0xBB71BB37, 0x5BF15B97, 0x47E14783, 0x2430243C, 0x510F51E2, 0xBAF8BAC6, 0x4A1B4AF3, 0xBF87BF48, 0x0DFA0D70, 0xB006B0B3, 0x753F75DE, 0xD25ED2FD, 0x7DBA7D20, 0x66AE6631, 0x3A5B3AA3, 0x598A591C, 0x00000000, 0xCDBCCD93, 0x1A9D1AE0, 0xAE6DAE2C, 0x7FC17FAB, 0x2BB12BC7, 0xBE0EBEB9, 0xE080E0A0, 0x8A5D8A10, 0x3BD23B52, 0x64D564BA, 0xD8A0D888, 0xE784E7A5, 0x5F075FE8, 0x1B141B11, 0x2CB52CC2, 0xFC90FCB4, 0x312C3127, 0x80A38065, 0x73B2732A, 0x0C730C81, 0x794C795F, 0x6B546B41, 0x4B924B02, 0x53745369, 0x9436948F, 0x8351831F, 0x2A382A36, 0xC4B0C49C, 0x22BD22C8, 0xD55AD5F8, 0xBDFCBDC3, 0x48604878, 0xFF62FFCE, 0x4C964C07, 0x416C4177, 0xC742C7E6, 0xEBF7EB24, 0x1C101C14, 0x5D7C5D63, 0x36283622, 0x672767C0, 0xE98CE9AF, 0x441344F9, 0x149514EA, 0xF59CF5BB, 0xCFC7CF18, 0x3F243F2D, 0xC046C0E3, 0x723B72DB, 0x5470546C, 0x29CA294C, 0xF0E3F035, 0x088508FE, 0xC6CBC617, 0xF311F34F, 0x8CD08CE4, 0xA493A459, 0xCAB8CA96, 0x68A6683B, 0xB883B84D, 0x38203828, 0xE5FFE52E, 0xAD9FAD56, 0x0B770B84, 0xC8C3C81D, 0x99CC99FF, 0x580358ED, 0x196F199A, 0x0E080E0A, 0x95BF957E, 0x70407050, 0xF7E7F730, 0x6E2B6ECF, 0x1FE21F6E, 0xB579B53D, 0x090C090F, 0x61AA6134, 0x57825716, 0x9F419F0B, 0x9D3A9D80, 0x11EA1164, 0x25B925CD, 0xAFE4AFDD, 0x459A4508, 0xDFA4DF8D, 0xA397A35C, 0xEA7EEAD5, 0x35DA3558, 0xED7AEDD0, 0x431743FC, 0xF866F8CB, 0xFB94FBB1, 0x37A137D3, 0xFA1DFA40, 0xC23DC268, 0xB4F0B4CC, 0x32DE325D, 0x9CB39C71, 0x560B56E7, 0xE372E3DA, 0x87A78760, 0x151C151B, 0xF9EFF93A, 0x63D163BF, 0x345334A9, 0x9A3E9A85, 0xB18FB142, 0x7C337CD1, 0x8826889B, 0x3D5F3DA6, 0xA1ECA1D7, 0xE476E4DF, 0x812A8194, 0x91499101, 0x0F810FFB, 0xEE88EEAA, 0x16EE1661, 0xD721D773, 0x97C497F5, 0xA51AA5A8, 0xFEEBFE3F, 0x6DD96DB5, 0x78C578AE, 0xC539C56D, 0x1D991DE5, 0x76CD76A4, 0x3EAD3EDC, 0xCB31CB67, 0xB68BB647, 0xEF01EF5B, 0x1218121E, 0x602360C5, 0x6ADD6AB0, 0x4D1F4DF6, 0xCE4ECEE9, 0xDE2DDE7C, 0x55F9559D, 0x7E487E5A, 0x214F21B2, 0x03F2037A, 0xA065A026, 0x5E8E5E19, 0x5A785A66, 0x655C654B, 0x6258624E, 0xFD19FD45, 0x068D06F4, 0x40E54086, 0xF298F2BE, 0x335733AC, 0x17671790, 0x057F058E, 0xE805E85E, 0x4F644F7D, 0x89AF896A, 0x10631095, 0x74B6742F, 0x0AFE0A75, 0x5CF55C92, 0x9BB79B74, 0x2D3C2D33, 0x30A530D6, 0x2ECE2E49, 0x49E94989, 0x46684672, 0x77447755, 0xA8E0A8D8, 0x964D9604, 0x284328BD, 0xA969A929, 0xD929D979, 0x862E8691, 0xD1ACD187, 0xF415F44A, 0x8D598D15, 0xD6A8D682, 0xB90AB9BC, 0x429E420D, 0xF66EF6C1, 0x2F472FB8, 0xDDDFDD06, 0x23342339, 0xCC35CC62, 0xF16AF1C4, 0xC1CFC112, 0x85DC85EB, 0x8F228F9E, 0x71C971A1, 0x90C090F0, 0xAA9BAA53, 0x018901F1, 0x8BD48BE1, 0x4EED4E8C, 0x8EAB8E6F, 0xAB12ABA2, 0x6FA26F3E, 0xE60DE654, 0xDB52DBF2, 0x92BB927B, 0xB702B7B6, 0x692F69CA, 0x39A939D9, 0xD3D7D30C, 0xA761A723, 0xA21EA2AD, 0xC3B4C399, 0x6C506C44, 0x07040705, 0x04F6047F, 0x27C22746, 0xAC16ACA7, 0xD025D076, 0x50865013, 0xDC56DCF7, 0x8455841A, 0xE109E151, 0x7ABE7A25, 0x139113EF ); /* * M-Table * * @var array * @access private / var $m3 = array( 0xD939A9D9, 0x90176790, 0x719CB371, 0xD2A6E8D2, 0x05070405, 0x9852FD98, 0x6580A365, 0xDFE476DF, 0x08459A08, 0x024B9202, 0xA0E080A0, 0x665A7866, 0xDDAFE4DD, 0xB06ADDB0, 0xBF63D1BF, 0x362A3836, 0x54E60D54, 0x4320C643, 0x62CC3562, 0xBEF298BE, 0x1E12181E, 0x24EBF724, 0xD7A1ECD7, 0x77416C77, 0xBD2843BD, 0x32BC7532, 0xD47B37D4, 0x9B88269B, 0x700DFA70, 0xF94413F9, 0xB1FB94B1, 0x5A7E485A, 0x7A03F27A, 0xE48CD0E4, 0x47B68B47, 0x3C24303C, 0xA5E784A5, 0x416B5441, 0x06DDDF06, 0xC56023C5, 0x45FD1945, 0xA33A5BA3, 0x68C23D68, 0x158D5915, 0x21ECF321, 0x3166AE31, 0x3E6FA23E, 0x16578216, 0x95106395, 0x5BEF015B, 0x4DB8834D, 0x91862E91, 0xB56DD9B5, 0x1F83511F, 0x53AA9B53, 0x635D7C63, 0x3B68A63B, 0x3FFEEB3F, 0xD630A5D6, 0x257ABE25, 0xA7AC16A7, 0x0F090C0F, 0x35F0E335, 0x23A76123, 0xF090C0F0, 0xAFE98CAF, 0x809D3A80, 0x925CF592, 0x810C7381, 0x27312C27, 0x76D02576, 0xE7560BE7, 0x7B92BB7B, 0xE9CE4EE9, 0xF10189F1, 0x9F1E6B9F, 0xA93453A9, 0xC4F16AC4, 0x99C3B499, 0x975BF197, 0x8347E183, 0x6B18E66B, 0xC822BDC8, 0x0E98450E, 0x6E1FE26E, 0xC9B3F4C9, 0x2F74B62F, 0xCBF866CB, 0xFF99CCFF, 0xEA1495EA, 0xED5803ED, 0xF7DC56F7, 0xE18BD4E1, 0x1B151C1B, 0xADA21EAD, 0x0CD3D70C, 0x2BE2FB2B, 0x1DC8C31D, 0x195E8E19, 0xC22CB5C2, 0x8949E989, 0x12C1CF12, 0x7E95BF7E, 0x207DBA20, 0x6411EA64, 0x840B7784, 0x6DC5396D, 0x6A89AF6A, 0xD17C33D1, 0xA171C9A1, 0xCEFF62CE, 0x37BB7137, 0xFB0F81FB, 0x3DB5793D, 0x51E10951, 0xDC3EADDC, 0x2D3F242D, 0xA476CDA4, 0x9D55F99D, 0xEE82D8EE, 0x8640E586, 0xAE78C5AE, 0xCD25B9CD, 0x04964D04, 0x55774455, 0x0A0E080A, 0x13508613, 0x30F7E730, 0xD337A1D3, 0x40FA1D40, 0x3461AA34, 0x8C4EED8C, 0xB3B006B3, 0x6C54706C, 0x2A73B22A, 0x523BD252, 0x0B9F410B, 0x8B027B8B, 0x88D8A088, 0x4FF3114F, 0x67CB3167, 0x4627C246, 0xC06727C0, 0xB4FC90B4, 0x28382028, 0x7F04F67F, 0x78486078, 0x2EE5FF2E, 0x074C9607, 0x4B655C4B, 0xC72BB1C7, 0x6F8EAB6F, 0x0D429E0D, 0xBBF59CBB, 0xF2DB52F2, 0xF34A1BF3, 0xA63D5FA6, 0x59A49359, 0xBCB90ABC, 0x3AF9EF3A, 0xEF1391EF, 0xFE0885FE, 0x01914901, 0x6116EE61, 0x7CDE2D7C, 0xB2214FB2, 0x42B18F42, 0xDB723BDB, 0xB82F47B8, 0x48BF8748, 0x2CAE6D2C, 0xE3C046E3, 0x573CD657, 0x859A3E85, 0x29A96929, 0x7D4F647D, 0x94812A94, 0x492ECE49, 0x17C6CB17, 0xCA692FCA, 0xC3BDFCC3, 0x5CA3975C, 0x5EE8055E, 0xD0ED7AD0, 0x87D1AC87, 0x8E057F8E, 0xBA64D5BA, 0xA8A51AA8, 0xB7264BB7, 0xB9BE0EB9, 0x6087A760, 0xF8D55AF8, 0x22362822, 0x111B1411, 0xDE753FDE, 0x79D92979, 0xAAEE88AA, 0x332D3C33, 0x5F794C5F, 0xB6B702B6, 0x96CAB896, 0x5835DA58, 0x9CC4B09C, 0xFC4317FC, 0x1A84551A, 0xF64D1FF6, 0x1C598A1C, 0x38B27D38, 0xAC3357AC, 0x18CFC718, 0xF4068DF4, 0x69537469, 0x749BB774, 0xF597C4F5, 0x56AD9F56, 0xDAE372DA, 0xD5EA7ED5, 0x4AF4154A, 0x9E8F229E, 0xA2AB12A2, 0x4E62584E, 0xE85F07E8, 0xE51D99E5, 0x39233439, 0xC1F66EC1, 0x446C5044, 0x5D32DE5D, 0x72466872, 0x26A06526, 0x93CDBC93, 0x03DADB03, 0xC6BAF8C6, 0xFA9EC8FA, 0x82D6A882, 0xCF6E2BCF, 0x50704050, 0xEB85DCEB, 0x750AFE75, 0x8A93328A, 0x8DDFA48D, 0x4C29CA4C, 0x141C1014, 0x73D72173, 0xCCB4F0CC, 0x09D4D309, 0x108A5D10, 0xE2510FE2, 0x00000000, 0x9A196F9A, 0xE01A9DE0, 0x8F94368F, 0xE6C742E6, 0xECC94AEC, 0xFDD25EFD, 0xAB7FC1AB, 0xD8A8E0D8 ); /* * The Key Schedule Array * * @var array * @access private / var $K = array(); /* * The Key depended S-Table 0 * * @var array * @access private / var $S0 = array(); /* * The Key depended S-Table 1 * * @var array * @access private / var $S1 = array(); /* * The Key depended S-Table 2 * * @var array * @access private / var $S2 = array(); /* * The Key depended S-Table 3 * * @var array * @access private / var $S3 = array(); /* * Holds the last used key * * @var array * @access private / var $kl; /* * The Key Length (in bytes) * * @see Crypt_Twofish::setKeyLength() * @var int * @access private / var $key_length = 16; /* * Sets the key length. * * Valid key lengths are 128, 192 or 256 bits * * @access public * @param int $length / function setKeyLength($length) { switch (true) { case $length <= 128: $this->key_length = 16; break; case $length <= 192: $this->key_length = 24; break; default: $this->key_length = 32; } parent::setKeyLength($length); } /* * Setup the key (expansion) * * @see Crypt_Base::_setupKey() * @access private / function _setupKey() { if (isset($this->kl['key']) && $this->key === $this->kl['key']) { // already expanded return; } $this->kl = array('key' => $this->key); / Key expanding and generating the key-depended s-boxes / $le_longs = unpack('V', $this->key); $key = unpack('C', $this->key); $m0 = $this->m0; $m1 = $this->m1; $m2 = $this->m2; $m3 = $this->m3; $q0 = $this->q0; $q1 = $this->q1; $K = $S0 = $S1 = $S2 = $S3 = array(); switch (strlen($this->key)) { case 16: list($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[1], $le_longs[2]); list($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[3], $le_longs[4]); for ($i = 0, $j = 1; $i < 40; $i+= 2, $j+= 2) { $A = $m0[$q0[$q0[$i] ^ $key[ 9]] ^ $key[1]] ^ $m1[$q0[$q1[$i] ^ $key[10]] ^ $key[2]] ^ $m2[$q1[$q0[$i] ^ $key[11]] ^ $key[3]] ^ $m3[$q1[$q1[$i] ^ $key[12]] ^ $key[4]]; $B = $m0[$q0[$q0[$j] ^ $key[13]] ^ $key[5]] ^ $m1[$q0[$q1[$j] ^ $key[14]] ^ $key[6]] ^ $m2[$q1[$q0[$j] ^ $key[15]] ^ $key[7]] ^ $m3[$q1[$q1[$j] ^ $key[16]] ^ $key[8]]; $B = ($B << 8) \| ($B >> 24 & 0xff); $A = $this->safe_intval($A + $B); $K[] = $A; $A = $this->safe_intval($A + $B); $K[] = ($A << 9 \| $A >> 23 & 0x1ff); } for ($i = 0; $i < 256; ++$i) { $S0[$i] = $m0[$q0[$q0[$i] ^ $s4] ^ $s0]; $S1[$i] = $m1[$q0[$q1[$i] ^ $s5] ^ $s1]; $S2[$i] = $m2[$q1[$q0[$i] ^ $s6] ^ $s2]; $S3[$i] = $m3[$q1[$q1[$i] ^ $s7] ^ $s3]; } break; case 24: list($sb, $sa, $s9, $s8) = $this->_mdsrem($le_longs[1], $le_longs[2]); list($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[3], $le_longs[4]); list($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[5], $le_longs[6]); for ($i = 0, $j = 1; $i < 40; $i+= 2, $j+= 2) { $A = $m0[$q0[$q0[$q1[$i] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ $m1[$q0[$q1[$q1[$i] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ $m2[$q1[$q0[$q0[$i] ^ $key[19]] ^ $key[11]] ^ $key[3]] ^ $m3[$q1[$q1[$q0[$i] ^ $key[20]] ^ $key[12]] ^ $key[4]]; $B = $m0[$q0[$q0[$q1[$j] ^ $key[21]] ^ $key[13]] ^ $key[5]] ^ $m1[$q0[$q1[$q1[$j] ^ $key[22]] ^ $key[14]] ^ $key[6]] ^ $m2[$q1[$q0[$q0[$j] ^ $key[23]] ^ $key[15]] ^ $key[7]] ^ $m3[$q1[$q1[$q0[$j] ^ $key[24]] ^ $key[16]] ^ $key[8]]; $B = ($B << 8) \| ($B >> 24 & 0xff); $A = $this->safe_intval($A + $B); $K[] = $A; $A = $this->safe_intval($A + $B); $K[] = ($A << 9 \| $A >> 23 & 0x1ff); } for ($i = 0; $i < 256; ++$i) { $S0[$i] = $m0[$q0[$q0[$q1[$i] ^ $s8] ^ $s4] ^ $s0]; $S1[$i] = $m1[$q0[$q1[$q1[$i] ^ $s9] ^ $s5] ^ $s1]; $S2[$i] = $m2[$q1[$q0[$q0[$i] ^ $sa] ^ $s6] ^ $s2]; $S3[$i] = $m3[$q1[$q1[$q0[$i] ^ $sb] ^ $s7] ^ $s3]; } break; default: // 32 list($sf, $se, $sd, $sc) = $this->_mdsrem($le_longs[1], $le_longs[2]); list($sb, $sa, $s9, $s8) = $this->_mdsrem($le_longs[3], $le_longs[4]); list($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[5], $le_longs[6]); list($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[7], $le_longs[8]); for ($i = 0, $j = 1; $i < 40; $i+= 2, $j+= 2) { $A = $m0[$q0[$q0[$q1[$q1[$i] ^ $key[25]] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ $m1[$q0[$q1[$q1[$q0[$i] ^ $key[26]] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ $m2[$q1[$q0[$q0[$q0[$i] ^ $key[27]] ^ $key[19]] ^ $key[11]] ^ $key[3]] ^ $m3[$q1[$q1[$q0[$q1[$i] ^ $key[28]] ^ $key[20]] ^ $key[12]] ^ $key[4]]; $B = $m0[$q0[$q0[$q1[$q1[$j] ^ $key[29]] ^ $key[21]] ^ $key[13]] ^ $key[5]] ^ $m1[$q0[$q1[$q1[$q0[$j] ^ $key[30]] ^ $key[22]] ^ $key[14]] ^ $key[6]] ^ $m2[$q1[$q0[$q0[$q0[$j] ^ $key[31]] ^ $key[23]] ^ $key[15]] ^ $key[7]] ^ $m3[$q1[$q1[$q0[$q1[$j] ^ $key[32]] ^ $key[24]] ^ $key[16]] ^ $key[8]]; $B = ($B << 8) \| ($B >> 24 & 0xff); $A = $this->safe_intval($A + $B); $K[] = $A; $A = $this->safe_intval($A + $B); $K[] = ($A << 9 \| $A >> 23 & 0x1ff); } for ($i = 0; $i < 256; ++$i) { $S0[$i] = $m0[$q0[$q0[$q1[$q1[$i] ^ $sc] ^ $s8] ^ $s4] ^ $s0]; $S1[$i] = $m1[$q0[$q1[$q1[$q0[$i] ^ $sd] ^ $s9] ^ $s5] ^ $s1]; $S2[$i] = $m2[$q1[$q0[$q0[$q0[$i] ^ $se] ^ $sa] ^ $s6] ^ $s2]; $S3[$i] = $m3[$q1[$q1[$q0[$q1[$i] ^ $sf] ^ $sb] ^ $s7] ^ $s3]; } } $this->K = $K; $this->S0 = $S0; $this->S1 = $S1; $this->S2 = $S2; $this->S3 = $S3; } /* * _mdsrem function using by the twofish cipher algorithm * * @access private * @param string $A * @param string $B * @return array / function _mdsrem($A, $B) { // No gain by unrolling this loop. for ($i = 0; $i < 8; ++$i) { // Get most significant coefficient. $t = 0xff & ($B >> 24); // Shift the others up. $B = ($B << 8) \| (0xff & ($A >> 24)); $A<<= 8; $u = $t << 1; // Subtract the modular polynomial on overflow. if ($t & 0x80) { $u^= 0x14d; } // Remove t (a * x^2 + 1). $B ^= $t ^ ($u << 16); // Form u = at + t/a = t(a + 1/a). $u^= 0x7fffffff & ($t >> 1); // Add the modular polynomial on underflow. if ($t & 0x01) { $u^= 0xa6 ; } // Remove t * (a + 1/a) * (x^3 + x). $B^= ($u << 24) \| ($u << 8); } return array( 0xff & $B >> 24, 0xff & $B >> 16, 0xff & $B >> 8, 0xff & $B); } /** * Encrypts a block * * @access private * @param string $in * @return string / function _encryptBlock($in) { $S0 = $this->S0; $S1 = $this->S1; $S2 = $this->S2; $S3 = $this->S3; $K = $this->K; $in = unpack("V4", $in); $R0 = $K[0] ^ $in[1]; $R1 = $K[1] ^ $in[2]; $R2 = $K[2] ^ $in[3]; $R3 = $K[3] ^ $in[4]; $ki = 7; while ($ki < 39) { $t0 = $S0[ $R0 & 0xff] ^ $S1[($R0 >> 8) & 0xff] ^ $S2[($R0 >> 16) & 0xff] ^ $S3[($R0 >> 24) & 0xff]; $t1 = $S0[($R1 >> 24) & 0xff] ^ $S1[ $R1 & 0xff] ^ $S2[($R1 >> 8) & 0xff] ^ $S3[($R1 >> 16) & 0xff]; $R2^= $this->safe_intval($t0 + $t1 + $K[++$ki]); $R2 = ($R2 >> 1 & 0x7fffffff) \| ($R2 << 31); $R3 = ((($R3 >> 31) & 1) \| ($R3 << 1)) ^ $this->safe_intval($t0 + ($t1 << 1) + $K[++$ki]); $t0 = $S0[ $R2 & 0xff] ^ $S1[($R2 >> 8) & 0xff] ^ $S2[($R2 >> 16) & 0xff] ^ $S3[($R2 >> 24) & 0xff]; $t1 = $S0[($R3 >> 24) & 0xff] ^ $S1[ $R3 & 0xff] ^ $S2[($R3 >> 8) & 0xff] ^ $S3[($R3 >> 16) & 0xff]; $R0^= $this->safe_intval($t0 + $t1 + $K[++$ki]); $R0 = ($R0 >> 1 & 0x7fffffff) \| ($R0 << 31); $R1 = ((($R1 >> 31) & 1) \| ($R1 << 1)) ^ $this->safe_intval($t0 + ($t1 << 1) + $K[++$ki]); } // @codingStandardsIgnoreStart return pack("V4", $K[4] ^ $R2, $K[5] ^ $R3, $K[6] ^ $R0, $K[7] ^ $R1); // @codingStandardsIgnoreEnd } /* * Decrypts a block * * @access private * @param string $in * @return string / function _decryptBlock($in) { $S0 = $this->S0; $S1 = $this->S1; $S2 = $this->S2; $S3 = $this->S3; $K = $this->K; $in = unpack("V4", $in); $R0 = $K[4] ^ $in[1]; $R1 = $K[5] ^ $in[2]; $R2 = $K[6] ^ $in[3]; $R3 = $K[7] ^ $in[4]; $ki = 40; while ($ki > 8) { $t0 = $S0[$R0 & 0xff] ^ $S1[$R0 >> 8 & 0xff] ^ $S2[$R0 >> 16 & 0xff] ^ $S3[$R0 >> 24 & 0xff]; $t1 = $S0[$R1 >> 24 & 0xff] ^ $S1[$R1 & 0xff] ^ $S2[$R1 >> 8 & 0xff] ^ $S3[$R1 >> 16 & 0xff]; $R3^= $this->safe_intval($t0 + ($t1 << 1) + $K[--$ki]); $R3 = $R3 >> 1 & 0x7fffffff \| $R3 << 31; $R2 = ($R2 >> 31 & 0x1 \| $R2 << 1) ^ $this->safe_intval($t0 + $t1 + $K[--$ki]); $t0 = $S0[$R2 & 0xff] ^ $S1[$R2 >> 8 & 0xff] ^ $S2[$R2 >> 16 & 0xff] ^ $S3[$R2 >> 24 & 0xff]; $t1 = $S0[$R3 >> 24 & 0xff] ^ $S1[$R3 & 0xff] ^ $S2[$R3 >> 8 & 0xff] ^ $S3[$R3 >> 16 & 0xff]; $R1^= $this->safe_intval($t0 + ($t1 << 1) + $K[--$ki]); $R1 = $R1 >> 1 & 0x7fffffff \| $R1 << 31; $R0 = ($R0 >> 31 & 0x1 \| $R0 << 1) ^ $this->safe_intval($t0 + $t1 + $K[--$ki]); } // @codingStandardsIgnoreStart return pack("V4", $K[0] ^ $R2, $K[1] ^ $R3, $K[2] ^ $R0, $K[3] ^ $R1); // @codingStandardsIgnoreEnd } /* * Setup the performance-optimized function for de/encrypt() * * @see Crypt_Base::_setupInlineCrypt() * @access private / function _setupInlineCrypt() { $lambda_functions =& Crypt_Twofish::_getLambdaFunctions(); // Max. 10 Ultra-Hi-optimized inline-crypt functions. After that, we'll (still) create very fast code, but not the ultimate fast one. // (Currently, for Crypt_Twofish, one generated $lambda_function cost on php5.5@32bit ~140kb unfreeable mem and ~240kb on php5.5@64bit) $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); // Generation of a unique hash for our generated code $code_hash = "Crypt_Twofish, {$this->mode}"; if ($gen_hi_opt_code) { $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } $safeint = $this->safe_intval_inline(); if (!isset($lambda_functions[$code_hash])) { switch (true) { case $gen_hi_opt_code: $K = $this->K; $init_crypt = ' static $S0, $S1, $S2, $S3; if (!$S0) { for ($i = 0; $i < 256; ++$i) { $S0[] = (int)$self->S0[$i]; $S1[] = (int)$self->S1[$i]; $S2[] = (int)$self->S2[$i]; $S3[] = (int)$self->S3[$i]; } } '; break; default: $K = array(); for ($i = 0; $i < 40; ++$i) { $K[] = '$K_' . $i; } $init_crypt = ' $S0 = $self->S0; $S1 = $self->S1; $S2 = $self->S2; $S3 = $self->S3; list(' . implode(',', $K) . ') = $self->K; '; } // Generating encrypt code: $encrypt_block = ' $in = unpack("V4", $in); $R0 = '.$K[0].' ^ $in[1]; $R1 = '.$K[1].' ^ $in[2]; $R2 = '.$K[2].' ^ $in[3]; $R3 = '.$K[3].' ^ $in[4]; '; for ($ki = 7, $i = 0; $i < 8; ++$i) { $encrypt_block.= ' $t0 = $S0[ $R0 & 0xff] ^ $S1[($R0 >> 8) & 0xff] ^ $S2[($R0 >> 16) & 0xff] ^ $S3[($R0 >> 24) & 0xff]; $t1 = $S0[($R1 >> 24) & 0xff] ^ $S1[ $R1 & 0xff] ^ $S2[($R1 >> 8) & 0xff] ^ $S3[($R1 >> 16) & 0xff]; $R2^= ' . sprintf($safeint, '$t0 + $t1 + ' . $K[++$ki]) . '; $R2 = ($R2 >> 1 & 0x7fffffff) \| ($R2 << 31); $R3 = ((($R3 >> 31) & 1) \| ($R3 << 1)) ^ ' . sprintf($safeint, '($t0 + ($t1 << 1) + ' . $K[++$ki] . ')') . '; $t0 = $S0[ $R2 & 0xff] ^ $S1[($R2 >> 8) & 0xff] ^ $S2[($R2 >> 16) & 0xff] ^ $S3[($R2 >> 24) & 0xff]; $t1 = $S0[($R3 >> 24) & 0xff] ^ $S1[ $R3 & 0xff] ^ $S2[($R3 >> 8) & 0xff] ^ $S3[($R3 >> 16) & 0xff]; $R0^= ' . sprintf($safeint, '($t0 + $t1 + ' . $K[++$ki] . ')') . '; $R0 = ($R0 >> 1 & 0x7fffffff) \| ($R0 << 31); $R1 = ((($R1 >> 31) & 1) \| ($R1 << 1)) ^ ' . sprintf($safeint, '($t0 + ($t1 << 1) + ' . $K[++$ki] . ')') . '; '; } $encrypt_block.= ' $in = pack("V4", ' . $K[4] . ' ^ $R2, ' . $K[5] . ' ^ $R3, ' . $K[6] . ' ^ $R0, ' . $K[7] . ' ^ $R1); '; // Generating decrypt code: $decrypt_block = ' $in = unpack("V4", $in); $R0 = '.$K[4].' ^ $in[1]; $R1 = '.$K[5].' ^ $in[2]; $R2 = '.$K[6].' ^ $in[3]; $R3 = '.$K[7].' ^ $in[4]; '; for ($ki = 40, $i = 0; $i < 8; ++$i) { $decrypt_block.= ' $t0 = $S0[$R0 & 0xff] ^ $S1[$R0 >> 8 & 0xff] ^ $S2[$R0 >> 16 & 0xff] ^ $S3[$R0 >> 24 & 0xff]; $t1 = $S0[$R1 >> 24 & 0xff] ^ $S1[$R1 & 0xff] ^ $S2[$R1 >> 8 & 0xff] ^ $S3[$R1 >> 16 & 0xff]; $R3^= ' . sprintf($safeint, '$t0 + ($t1 << 1) + ' . $K[--$ki]) . '; $R3 = $R3 >> 1 & 0x7fffffff \| $R3 << 31; $R2 = ($R2 >> 31 & 0x1 \| $R2 << 1) ^ ' . sprintf($safeint, '($t0 + $t1 + '.$K[--$ki] . ')') . '; $t0 = $S0[$R2 & 0xff] ^ $S1[$R2 >> 8 & 0xff] ^ $S2[$R2 >> 16 & 0xff] ^ $S3[$R2 >> 24 & 0xff]; $t1 = $S0[$R3 >> 24 & 0xff] ^ $S1[$R3 & 0xff] ^ $S2[$R3 >> 8 & 0xff] ^ $S3[$R3 >> 16 & 0xff]; $R1^= ' . sprintf($safeint, '$t0 + ($t1 << 1) + ' . $K[--$ki]) . '; $R1 = $R1 >> 1 & 0x7fffffff \| $R1 << 31; $R0 = ($R0 >> 31 & 0x1 \| $R0 << 1) ^ ' . sprintf($safeint, '($t0 + $t1 + '.$K[--$ki] . ')') . '; '; } $decrypt_block.= ' $in = pack("V4", ' . $K[0] . ' ^ $R2, ' . $K[1] . ' ^ $R3, ' . $K[2] . ' ^ $R0, ' . $K[3] . ' ^ $R1); '; $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( array( 'init_crypt' => $init_crypt, 'init_encrypt' => '', 'init_decrypt' => '', 'encrypt_block' => $encrypt_block, 'decrypt_block' => $decrypt_block ) ); } $this->inline_crypt = $lambda_functions[$code_hash]; } } ��phpseclib/Crypt/RC4.php��0000644��00000023740�15104540706�0010727 0��ustar�00��<?php /* * Pure-PHP implementation of RC4. * * Uses mcrypt, if available, and an internal implementation, otherwise. * * PHP versions 4 and 5 * * Useful resources are as follows: * * - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm} * - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4} * * RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not * ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification. * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/RC4.php'; * * $rc4 = new Crypt_RC4(); * * $rc4->setKey('abcdefgh'); * * $size = 10 * 1024; * $plaintext = ''; * for ($i = 0; $i < $size; $i++) { * $plaintext.= 'a'; * } * * echo $rc4->decrypt($rc4->encrypt($plaintext)); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_RC4 * @author Jim Wigginton <terrafrost@php.net> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Crypt_Base * * Base cipher class / if (!class_exists('Crypt_Base')) { include_once 'Base.php'; } /#@+ @access private * @see self::_crypt() / define('CRYPT_RC4_ENCRYPT', 0); define('CRYPT_RC4_DECRYPT', 1); /#@-/ /** * Pure-PHP implementation of RC4. * * @package Crypt_RC4 * @author Jim Wigginton <terrafrost@php.net> * @access public / class Crypt_RC4 extends Crypt_Base { /* * Block Length of the cipher * * RC4 is a stream cipher * so we the block_size to 0 * * @see Crypt_Base::block_size * @var int * @access private / var $block_size = 0; /* * Key Length (in bytes) * * @see Crypt_RC4::setKeyLength() * @var int * @access private / var $key_length = 128; // = 1024 bits /* * The namespace used by the cipher for its constants. * * @see Crypt_Base::const_namespace * @var string * @access private / var $const_namespace = 'RC4'; /* * The mcrypt specific name of the cipher * * @see Crypt_Base::cipher_name_mcrypt * @var string * @access private / var $cipher_name_mcrypt = 'arcfour'; /* * Holds whether performance-optimized $inline_crypt() can/should be used. * * @see Crypt_Base::inline_crypt * @var mixed * @access private / var $use_inline_crypt = false; // currently not available /* * The Key * * @see self::setKey() * @var string * @access private / var $key; /* * The Key Stream for decryption and encryption * * @see self::setKey() * @var array * @access private / var $stream; /* * Default Constructor. * * Determines whether or not the mcrypt extension should be used. * * @see Crypt_Base::Crypt_Base() * @return Crypt_RC4 * @access public / function __construct() { parent::__construct(CRYPT_MODE_STREAM); } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @access public / function Crypt_RC4() { $this->__construct(); } /* * Test for engine validity * * This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine() * * @see Crypt_Base::Crypt_Base() * @param int $engine * @access public * @return bool / function isValidEngine($engine) { if ($engine == CRYPT_ENGINE_OPENSSL) { if (version_compare(PHP_VERSION, '5.3.7') >= 0) { $this->cipher_name_openssl = 'rc4-40'; } else { switch (strlen($this->key)) { case 5: $this->cipher_name_openssl = 'rc4-40'; break; case 8: $this->cipher_name_openssl = 'rc4-64'; break; case 16: $this->cipher_name_openssl = 'rc4'; break; default: return false; } } } return parent::isValidEngine($engine); } /* * Dummy function. * * Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1]. * If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before * calling setKey(). * * [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol, * the IV's are relatively easy to predict, an attack described by * {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir} * can be used to quickly guess at the rest of the key. The following links elaborate: * * {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009} * {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack} * * @param string $iv * @see self::setKey() * @access public / function setIV($iv) { } /* * Sets the key length * * Keys can be between 1 and 256 bytes long. * * @access public * @param int $length / function setKeyLength($length) { if ($length < 8) { $this->key_length = 1; } elseif ($length > 2048) { $this->key_length = 256; } else { $this->key_length = $length >> 3; } parent::setKeyLength($length); } /* * Encrypts a message. * * @see Crypt_Base::decrypt() * @see self::_crypt() * @access public * @param string $plaintext * @return string $ciphertext / function encrypt($plaintext) { if ($this->engine != CRYPT_ENGINE_INTERNAL) { return parent::encrypt($plaintext); } return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT); } /* * Decrypts a message. * * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). * At least if the continuous buffer is disabled. * * @see Crypt_Base::encrypt() * @see self::_crypt() * @access public * @param string $ciphertext * @return string $plaintext / function decrypt($ciphertext) { if ($this->engine != CRYPT_ENGINE_INTERNAL) { return parent::decrypt($ciphertext); } return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT); } /* * Setup the key (expansion) * * @see Crypt_Base::_setupKey() * @access private / function _setupKey() { $key = $this->key; $keyLength = strlen($key); $keyStream = range(0, 255); $j = 0; for ($i = 0; $i < 256; $i++) { $j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255; $temp = $keyStream[$i]; $keyStream[$i] = $keyStream[$j]; $keyStream[$j] = $temp; } $this->stream = array(); $this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array( 0, // index $i 0, // index $j $keyStream ); } /* * Encrypts or decrypts a message. * * @see self::encrypt() * @see self::decrypt() * @access private * @param string $text * @param int $mode * @return string $text / function _crypt($text, $mode) { if ($this->changed) { $this->_setup(); $this->changed = false; } $stream = &$this->stream[$mode]; if ($this->continuousBuffer) { $i = &$stream[0]; $j = &$stream[1]; $keyStream = &$stream[2]; } else { $i = $stream[0]; $j = $stream[1]; $keyStream = $stream[2]; } $len = strlen($text); for ($k = 0; $k < $len; ++$k) { $i = ($i + 1) & 255; $ksi = $keyStream[$i]; $j = ($j + $ksi) & 255; $ksj = $keyStream[$j]; $keyStream[$i] = $ksj; $keyStream[$j] = $ksi; $text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]); } return $text; } } ��phpseclib/Crypt/Random.php��0000644��00000036176�15104540706�0011566 0��ustar�00��<?php /* * Random Number Generator * * The idea behind this function is that it can be easily replaced with your own crypt_random_string() * function. eg. maybe you have a better source of entropy for creating the initial states or whatever. * * PHP versions 4 and 5 * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/Random.php'; * * echo bin2hex(crypt_random_string(8)); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_Random * @author Jim Wigginton <terrafrost@php.net> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / // laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently, // have phpseclib as a requirement as well. if you're developing such a program you may encounter // a "Cannot redeclare crypt_random_string()" error. if (!function_exists('crypt_random_string')) { /* * "Is Windows" test * * @access private / define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN'); /* * Generate a random string. * * Although microoptimizations are generally discouraged as they impair readability this function is ripe with * microoptimizations because this function has the potential of being called a huge number of times. * eg. for RSA key generation. * * @param int $length * @return string * @access public / function crypt_random_string($length) { if (!$length) { return ''; } if (CRYPT_RANDOM_IS_WINDOWS) { // method 1. prior to PHP 5.3, mcrypt_create_iv() would call rand() on windows if (extension_loaded('mcrypt') && version_compare(PHP_VERSION, '5.3.0', '>=')) { return @mcrypt_create_iv($length); } // method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was, // to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4 // openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both // call php_win32_get_random_bytes(): // // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008 // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392 // // php_win32_get_random_bytes() is defined thusly: // // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80 // // we're calling it, all the same, in the off chance that the mcrypt extension is not available if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.4', '>=')) { return openssl_random_pseudo_bytes($length); } } else { // method 1. the fastest if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.0', '>=')) { return openssl_random_pseudo_bytes($length); } // method 2 static $fp = true; if ($fp === true) { // warning's will be output unles the error suppression operator is used. errors such as // "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc. $fp = @fopen('/dev/urandom', 'rb'); } if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource() return fread($fp, $length); } // method 3. pretty much does the same thing as method 2 per the following url: // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391 // surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're // not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir // restrictions or some such if (extension_loaded('mcrypt')) { return @mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); } } // at this point we have no choice but to use a pure-PHP CSPRNG // cascade entropy across multiple PHP instances by fixing the session and collecting all // environmental variables, including the previous session data and the current session // data. // // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively) // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but // PHP isn't low level to be able to use those as sources and on a web server there's not likely // going to be a ton of keyboard or mouse action. web servers do have one thing that we can use // however, a ton of people visiting the website. obviously you don't want to base your seeding // soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled // by the user and (2) this isn't just looking at the data sent by the current user - it's based // on the data sent by all users. one user requests the page and a hash of their info is saved. // another user visits the page and the serialization of their data is utilized along with the // server envirnment stuff and a hash of the previous http request data (which itself utilizes // a hash of the session data before that). certainly an attacker should be assumed to have // full control over his own http requests. he, however, is not going to have control over // everyone's http requests. static $crypto = false, $v; if ($crypto === false) { // save old session data $old_session_id = session_id(); $old_use_cookies = ini_get('session.use_cookies'); $old_session_cache_limiter = session_cache_limiter(); $_OLD_SESSION = isset($_SESSION) ? $_SESSION : false; if ($old_session_id != '') { session_write_close(); } session_id(1); ini_set('session.use_cookies', 0); session_cache_limiter(''); session_start(); $v = $seed = $_SESSION['seed'] = pack('H', sha1( (isset($_SERVER) ? phpseclib_safe_serialize($_SERVER) : '') . (isset($_POST) ? phpseclib_safe_serialize($_POST) : '') . (isset($_GET) ? phpseclib_safe_serialize($_GET) : '') . (isset($_COOKIE) ? phpseclib_safe_serialize($_COOKIE) : '') . phpseclib_safe_serialize($GLOBALS) . phpseclib_safe_serialize($_SESSION) . phpseclib_safe_serialize($_OLD_SESSION) )); if (!isset($_SESSION['count'])) { $_SESSION['count'] = 0; } $_SESSION['count']++; session_write_close(); // restore old session data if ($old_session_id != '') { session_id($old_session_id); session_start(); ini_set('session.use_cookies', $old_use_cookies); session_cache_limiter($old_session_cache_limiter); } else { if ($_OLD_SESSION !== false) { $_SESSION = $_OLD_SESSION; unset($_OLD_SESSION); } else { unset($_SESSION); } } // in SSH2 a shared secret and an exchange hash are generated through the key exchange process. // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C. // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the // original hash and the current hash. we'll be emulating that. for more info see the following URL: // // http://tools.ietf.org/html/rfc4253#section-7.2 // // see the is_string($crypto) part for an example of how to expand the keys $key = pack('H', sha1($seed . 'A')); $iv = pack('H', sha1($seed . 'C')); // ciphers are used as per the nist.gov link below. also, see this link: // // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives switch (true) { case phpseclib_resolve_include_path('Crypt/AES.php'): if (!class_exists('Crypt_AES')) { include_once 'AES.php'; } $crypto = new Crypt_AES(CRYPT_AES_MODE_CTR); break; case phpseclib_resolve_include_path('Crypt/Twofish.php'): if (!class_exists('Crypt_Twofish')) { include_once 'Twofish.php'; } $crypto = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR); break; case phpseclib_resolve_include_path('Crypt/Blowfish.php'): if (!class_exists('Crypt_Blowfish')) { include_once 'Blowfish.php'; } $crypto = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR); break; case phpseclib_resolve_include_path('Crypt/TripleDES.php'): if (!class_exists('Crypt_TripleDES')) { include_once 'TripleDES.php'; } $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR); break; case phpseclib_resolve_include_path('Crypt/DES.php'): if (!class_exists('Crypt_DES')) { include_once 'DES.php'; } $crypto = new Crypt_DES(CRYPT_DES_MODE_CTR); break; case phpseclib_resolve_include_path('Crypt/RC4.php'): if (!class_exists('Crypt_RC4')) { include_once 'RC4.php'; } $crypto = new Crypt_RC4(); break; default: user_error('crypt_random_string requires at least one symmetric cipher be loaded'); return false; } $crypto->setKey($key); $crypto->setIV($iv); $crypto->enableContinuousBuffer(); } //return $crypto->encrypt(str_repeat("\0", $length)); // the following is based off of ANSI X9.31: // // http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf // // OpenSSL uses that same standard for it's random numbers: // // http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c // (do a search for "ANS X9.31 A.2.4") $result = ''; while (strlen($result) < $length) { $i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21 $r = $crypto->encrypt($i ^ $v); // strlen($v) == 20 $v = $crypto->encrypt($r ^ $i); // strlen($r) == 20 $result.= $r; } return substr($result, 0, $length); } } if (!function_exists('phpseclib_safe_serialize')) { /** * Safely serialize variables * * If a class has a private __sleep() method it'll give a fatal error on PHP 5.2 and earlier. * PHP 5.3 will emit a warning. * * @param mixed $arr * @access public / function phpseclib_safe_serialize(&$arr) { if (is_object($arr)) { return ''; } if (!is_array($arr)) { return serialize($arr); } // prevent circular array recursion if (isset($arr['__phpseclib_marker'])) { return ''; } $safearr = array(); $arr['__phpseclib_marker'] = true; foreach (array_keys($arr) as $key) { // do not recurse on the '__phpseclib_marker' key itself, for smaller memory usage if ($key !== '__phpseclib_marker') { $safearr[$key] = phpseclib_safe_serialize($arr[$key]); } } unset($arr['__phpseclib_marker']); return serialize($safearr); } } if (!function_exists('phpseclib_resolve_include_path')) { /* * Resolve filename against the include path. * * Wrapper around stream_resolve_include_path() (which was introduced in * PHP 5.3.2) with fallback implementation for earlier PHP versions. * * @param string $filename * @return string\|false * @access public / function phpseclib_resolve_include_path($filename) { if (function_exists('stream_resolve_include_path')) { return stream_resolve_include_path($filename); } // handle non-relative paths if (file_exists($filename)) { return realpath($filename); } $paths = PATH_SEPARATOR == ':' ? preg_split('#(?<!phar):#', get_include_path()) : explode(PATH_SEPARATOR, get_include_path()); foreach ($paths as $prefix) { // path's specified in include_path don't always end in / $ds = substr($prefix, -1) == DIRECTORY_SEPARATOR ? '' : DIRECTORY_SEPARATOR; $file = $prefix . $ds . $filename; if (file_exists($file)) { return realpath($file); } } return false; } } ��phpseclib/Crypt/AES.php��0000644��00000014375�15104540706�0010753 0��ustar�00��<?php /* * Pure-PHP implementation of AES. * * Uses mcrypt, if available/possible, and an internal implementation, otherwise. * * PHP versions 4 and 5 * * NOTE: Since AES.php is (for compatibility and phpseclib-historical reasons) virtually * just a wrapper to Rijndael.php you may consider using Rijndael.php instead of * to save one include_once(). * * If {@link self::setKeyLength() setKeyLength()} isn't called, it'll be calculated from * {@link self::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits * it'll be null-padded to 192-bits and 192 bits will be the key length until {@link self::setKey() setKey()} * is called, again, at which point, it'll be recalculated. * * Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't * make a whole lot of sense. {@link self::setBlockLength() setBlockLength()}, for instance. Calling that function, * however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one). * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/AES.php'; * * $aes = new Crypt_AES(); * * $aes->setKey('abcdefghijklmnop'); * * $size = 10 * 1024; * $plaintext = ''; * for ($i = 0; $i < $size; $i++) { * $plaintext.= 'a'; * } * * echo $aes->decrypt($aes->encrypt($plaintext)); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_AES * @author Jim Wigginton <terrafrost@php.net> * @copyright 2008 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Crypt_Rijndael / if (!class_exists('Crypt_Rijndael')) { include_once 'Rijndael.php'; } /#@+ @access public * @see self::encrypt() * @see self::decrypt() / /* * Encrypt / decrypt using the Counter mode. * * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 / define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR); /* * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 / define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB); /* * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 / define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 / define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 / define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB); /#@-/ /** * Pure-PHP implementation of AES. * * @package Crypt_AES * @author Jim Wigginton <terrafrost@php.net> * @access public / class Crypt_AES extends Crypt_Rijndael { /* * The namespace used by the cipher for its constants. * * @see Crypt_Base::const_namespace * @var string * @access private / var $const_namespace = 'AES'; /* * Dummy function * * Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything. * * @see Crypt_Rijndael::setBlockLength() * @access public * @param int $length / function setBlockLength($length) { return; } /* * Sets the key length * * Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount. * * @see Crypt_Rijndael:setKeyLength() * @access public * @param int $length / function setKeyLength($length) { switch ($length) { case 160: $length = 192; break; case 224: $length = 256; } parent::setKeyLength($length); } /* * Sets the key. * * Rijndael supports five different key lengths, AES only supports three. * * @see Crypt_Rijndael:setKey() * @see setKeyLength() * @access public * @param string $key / function setKey($key) { parent::setKey($key); if (!$this->explicit_key_length) { $length = strlen($key); switch (true) { case $length <= 16: $this->key_length = 16; break; case $length <= 24: $this->key_length = 24; break; default: $this->key_length = 32; } $this->_setEngine(); } } } ��phpseclib/Crypt/Rijndael.php��0000644��00000133432�15104540706�0012067 0��ustar�00��<?php /* * Pure-PHP implementation of Rijndael. * * Uses mcrypt, if available/possible, and an internal implementation, otherwise. * * PHP versions 4 and 5 * * If {@link self::setBlockLength() setBlockLength()} isn't called, it'll be assumed to be 128 bits. If * {@link self::setKeyLength() setKeyLength()} isn't called, it'll be calculated from * {@link self::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's * 136-bits it'll be null-padded to 192-bits and 192 bits will be the key length until * {@link self::setKey() setKey()} is called, again, at which point, it'll be recalculated. * * Not all Rijndael implementations may support 160-bits or 224-bits as the block length / key length. mcrypt, for example, * does not. AES, itself, only supports block lengths of 128 and key lengths of 128, 192, and 256. * {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=10 Rijndael-ammended.pdf#page=10} defines the * algorithm for block lengths of 192 and 256 but not for block lengths / key lengths of 160 and 224. Indeed, 160 and 224 * are first defined as valid key / block lengths in * {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=44 Rijndael-ammended.pdf#page=44}: * Extensions: Other block and Cipher Key lengths. * Note: Use of 160/224-bit Keys must be explicitly set by setKeyLength(160) respectively setKeyLength(224). * * {@internal The variable names are the same as those in * {@link http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf#page=10 fips-197.pdf#page=10}.}} * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/Rijndael.php'; * * $rijndael = new Crypt_Rijndael(); * * $rijndael->setKey('abcdefghijklmnop'); * * $size = 10 * 1024; * $plaintext = ''; * for ($i = 0; $i < $size; $i++) { * $plaintext.= 'a'; * } * * echo $rijndael->decrypt($rijndael->encrypt($plaintext)); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_Rijndael * @author Jim Wigginton <terrafrost@php.net> * @copyright 2008 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Crypt_Base * * Base cipher class / if (!class_exists('Crypt_Base')) { include_once 'Base.php'; } /#@+ @access public * @see self::encrypt() * @see self::decrypt() / /* * Encrypt / decrypt using the Counter mode. * * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 / define('CRYPT_RIJNDAEL_MODE_CTR', CRYPT_MODE_CTR); /* * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 / define('CRYPT_RIJNDAEL_MODE_ECB', CRYPT_MODE_ECB); /* * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 / define('CRYPT_RIJNDAEL_MODE_CBC', CRYPT_MODE_CBC); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 / define('CRYPT_RIJNDAEL_MODE_CFB', CRYPT_MODE_CFB); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 / define('CRYPT_RIJNDAEL_MODE_OFB', CRYPT_MODE_OFB); /#@-/ /** * Pure-PHP implementation of Rijndael. * * @package Crypt_Rijndael * @author Jim Wigginton <terrafrost@php.net> * @access public / class Crypt_Rijndael extends Crypt_Base { /* * The namespace used by the cipher for its constants. * * @see Crypt_Base::const_namespace * @var string * @access private / var $const_namespace = 'RIJNDAEL'; /* * The mcrypt specific name of the cipher * * Mcrypt is useable for 128/192/256-bit $block_size/$key_length. For 160/224 not. * Crypt_Rijndael determines automatically whether mcrypt is useable * or not for the current $block_size/$key_length. * In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly. * * @see Crypt_Base::cipher_name_mcrypt * @see Crypt_Base::engine * @see self::isValidEngine() * @var string * @access private / var $cipher_name_mcrypt = 'rijndael-128'; /* * The default salt used by setPassword() * * @see Crypt_Base::password_default_salt * @see Crypt_Base::setPassword() * @var string * @access private / var $password_default_salt = 'phpseclib'; /* * The Key Schedule * * @see self::_setup() * @var array * @access private / var $w; /* * The Inverse Key Schedule * * @see self::_setup() * @var array * @access private / var $dw; /* * The Block Length divided by 32 * * @see self::setBlockLength() * @var int * @access private * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size * because the encryption / decryption / key schedule creation requires this number and not $block_size. We could * derive this from $block_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu * of that, we'll just precompute it once. / var $Nb = 4; /* * The Key Length (in bytes) * * @see self::setKeyLength() * @var int * @access private * @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk * because the encryption / decryption / key schedule creation requires this number and not $key_length. We could * derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu * of that, we'll just precompute it once. / var $key_length = 16; /* * The Key Length divided by 32 * * @see self::setKeyLength() * @var int * @access private * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4 / var $Nk = 4; /* * The Number of Rounds * * @var int * @access private * @internal The max value is 14, the min value is 10. / var $Nr; /* * Shift offsets * * @var array * @access private / var $c; /* * Holds the last used key- and block_size information * * @var array * @access private / var $kl; /* * Sets the key. * * Keys can be of any length. Rijndael, itself, requires the use of a key that's between 128-bits and 256-bits long and * whose length is a multiple of 32. If the key is less than 256-bits and the key length isn't set, we round the length * up to the closest valid key length, padding $key with null bytes. If the key is more than 256-bits, we trim the * excess bits. * * If the key is not explicitly set, it'll be assumed to be all null bytes. * * Note: 160/224-bit keys must explicitly set by setKeyLength(), otherwise they will be round/pad up to 192/256 bits. * * @see Crypt_Base:setKey() * @see self::setKeyLength() * @access public * @param string $key / function setKey($key) { if (!$this->explicit_key_length) { $length = strlen($key); switch (true) { case $length <= 16: $this->key_size = 16; break; case $length <= 20: $this->key_size = 20; break; case $length <= 24: $this->key_size = 24; break; case $length <= 28: $this->key_size = 28; break; default: $this->key_size = 32; } } parent::setKey($key); } /* * Sets the key length * * Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount. * * Note: phpseclib extends Rijndael (and AES) for using 160- and 224-bit keys but they are officially not defined * and the most (if not all) implementations are not able using 160/224-bit keys but round/pad them up to * 192/256 bits as, for example, mcrypt will do. * * That said, if you want be compatible with other Rijndael and AES implementations, * you should not setKeyLength(160) or setKeyLength(224). * * Additional: In case of 160- and 224-bit keys, phpseclib will/can, for that reason, not use * the mcrypt php extension, even if available. * This results then in slower encryption. * * @access public * @param int $length / function setKeyLength($length) { switch (true) { case $length <= 128: $this->key_length = 16; break; case $length <= 160: $this->key_length = 20; break; case $length <= 192: $this->key_length = 24; break; case $length <= 224: $this->key_length = 28; break; default: $this->key_length = 32; } parent::setKeyLength($length); } /* * Sets the block length * * Valid block lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount. * * @access public * @param int $length / function setBlockLength($length) { $length >>= 5; if ($length > 8) { $length = 8; } elseif ($length < 4) { $length = 4; } $this->Nb = $length; $this->block_size = $length << 2; $this->changed = true; $this->_setEngine(); } /* * Test for engine validity * * This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine() * * @see Crypt_Base::Crypt_Base() * @param int $engine * @access public * @return bool / function isValidEngine($engine) { switch ($engine) { case CRYPT_ENGINE_OPENSSL: if ($this->block_size != 16) { return false; } $this->cipher_name_openssl_ecb = 'aes-' . ($this->key_length << 3) . '-ecb'; $this->cipher_name_openssl = 'aes-' . ($this->key_length << 3) . '-' . $this->_openssl_translate_mode(); break; case CRYPT_ENGINE_MCRYPT: $this->cipher_name_mcrypt = 'rijndael-' . ($this->block_size << 3); if ($this->key_length % 8) { // is it a 160/224-bit key? // mcrypt is not usable for them, only for 128/192/256-bit keys return false; } } return parent::isValidEngine($engine); } /* * Encrypts a block * * @access private * @param string $in * @return string / function _encryptBlock($in) { static $tables; if (empty($tables)) { $tables = &$this->_getTables(); } $t0 = $tables[0]; $t1 = $tables[1]; $t2 = $tables[2]; $t3 = $tables[3]; $sbox = $tables[4]; $state = array(); $words = unpack('N', $in); $c = $this->c; $w = $this->w; $Nb = $this->Nb; $Nr = $this->Nr; // addRoundKey $wc = $Nb - 1; foreach ($words as $word) { $state[] = $word ^ $w[++$wc]; } // fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components - // subBytes, shiftRows, mixColumns, and addRoundKey. fips-197.pdf#page=30, "Implementation Suggestions Regarding // Various Platforms" suggests that performs enhanced implementations are described in Rijndael-ammended.pdf. // Rijndael-ammended.pdf#page=20, "Implementation aspects / 32-bit processor", discusses such an optimization. // Unfortunately, the description given there is not quite correct. Per aes.spec.v316.pdf#page=19 [1], // equation (7.4.7) is supposed to use addition instead of subtraction, so we'll do that here, as well. // [1] http://fp.gladman.plus.com/cryptography_technology/rijndael/aes.spec.v316.pdf $temp = array(); for ($round = 1; $round < $Nr; ++$round) { $i = 0; // $c[0] == 0 $j = $c[1]; $k = $c[2]; $l = $c[3]; while ($i < $Nb) { $temp[$i] = $t0[$state[$i] >> 24 & 0x000000FF] ^ $t1[$state[$j] >> 16 & 0x000000FF] ^ $t2[$state[$k] >> 8 & 0x000000FF] ^ $t3[$state[$l] & 0x000000FF] ^ $w[++$wc]; ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; $l = ($l + 1) % $Nb; } $state = $temp; } // subWord for ($i = 0; $i < $Nb; ++$i) { $state[$i] = $sbox[$state[$i] & 0x000000FF] \| ($sbox[$state[$i] >> 8 & 0x000000FF] << 8) \| ($sbox[$state[$i] >> 16 & 0x000000FF] << 16) \| ($sbox[$state[$i] >> 24 & 0x000000FF] << 24); } // shiftRows + addRoundKey $i = 0; // $c[0] == 0 $j = $c[1]; $k = $c[2]; $l = $c[3]; while ($i < $Nb) { $temp[$i] = ($state[$i] & 0xFF000000) ^ ($state[$j] & 0x00FF0000) ^ ($state[$k] & 0x0000FF00) ^ ($state[$l] & 0x000000FF) ^ $w[$i]; ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; $l = ($l + 1) % $Nb; } switch ($Nb) { case 8: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6], $temp[7]); case 7: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6]); case 6: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5]); case 5: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4]); default: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3]); } } /* * Decrypts a block * * @access private * @param string $in * @return string / function _decryptBlock($in) { static $invtables; if (empty($invtables)) { $invtables = &$this->_getInvTables(); } $dt0 = $invtables[0]; $dt1 = $invtables[1]; $dt2 = $invtables[2]; $dt3 = $invtables[3]; $isbox = $invtables[4]; $state = array(); $words = unpack('N', $in); $c = $this->c; $dw = $this->dw; $Nb = $this->Nb; $Nr = $this->Nr; // addRoundKey $wc = $Nb - 1; foreach ($words as $word) { $state[] = $word ^ $dw[++$wc]; } $temp = array(); for ($round = $Nr - 1; $round > 0; --$round) { $i = 0; // $c[0] == 0 $j = $Nb - $c[1]; $k = $Nb - $c[2]; $l = $Nb - $c[3]; while ($i < $Nb) { $temp[$i] = $dt0[$state[$i] >> 24 & 0x000000FF] ^ $dt1[$state[$j] >> 16 & 0x000000FF] ^ $dt2[$state[$k] >> 8 & 0x000000FF] ^ $dt3[$state[$l] & 0x000000FF] ^ $dw[++$wc]; ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; $l = ($l + 1) % $Nb; } $state = $temp; } // invShiftRows + invSubWord + addRoundKey $i = 0; // $c[0] == 0 $j = $Nb - $c[1]; $k = $Nb - $c[2]; $l = $Nb - $c[3]; while ($i < $Nb) { $word = ($state[$i] & 0xFF000000) \| ($state[$j] & 0x00FF0000) \| ($state[$k] & 0x0000FF00) \| ($state[$l] & 0x000000FF); $temp[$i] = $dw[$i] ^ ($isbox[$word & 0x000000FF] \| ($isbox[$word >> 8 & 0x000000FF] << 8) \| ($isbox[$word >> 16 & 0x000000FF] << 16) \| ($isbox[$word >> 24 & 0x000000FF] << 24)); ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; $l = ($l + 1) % $Nb; } switch ($Nb) { case 8: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6], $temp[7]); case 7: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6]); case 6: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5]); case 5: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4]); default: return pack('N', $temp[0], $temp[1], $temp[2], $temp[3]); } } /* * Setup the key (expansion) * * @see Crypt_Base::_setupKey() * @access private / function _setupKey() { // Each number in $rcon is equal to the previous number multiplied by two in Rijndael's finite field. // See http://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplicative_inverse static $rcon = array(0, 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000, 0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000, 0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000, 0x97000000, 0x35000000, 0x6A000000, 0xD4000000, 0xB3000000, 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000 ); if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_length === $this->kl['key_length'] && $this->block_size === $this->kl['block_size']) { // already expanded return; } $this->kl = array('key' => $this->key, 'key_length' => $this->key_length, 'block_size' => $this->block_size); $this->Nk = $this->key_length >> 2; // see Rijndael-ammended.pdf#page=44 $this->Nr = max($this->Nk, $this->Nb) + 6; // shift offsets for Nb = 5, 7 are defined in Rijndael-ammended.pdf#page=44, // "Table 8: Shift offsets in Shiftrow for the alternative block lengths" // shift offsets for Nb = 4, 6, 8 are defined in Rijndael-ammended.pdf#page=14, // "Table 2: Shift offsets for different block lengths" switch ($this->Nb) { case 4: case 5: case 6: $this->c = array(0, 1, 2, 3); break; case 7: $this->c = array(0, 1, 2, 4); break; case 8: $this->c = array(0, 1, 3, 4); } $w = array_values(unpack('Nwords', $this->key)); $length = $this->Nb * ($this->Nr + 1); for ($i = $this->Nk; $i < $length; $i++) { $temp = $w[$i - 1]; if ($i % $this->Nk == 0) { // according to <http://php.net/language.types.integer>, "the size of an integer is platform-dependent". // on a 32-bit machine, it's 32-bits, and on a 64-bit machine, it's 64-bits. on a 32-bit machine, // 0xFFFFFFFF << 8 == 0xFFFFFF00, but on a 64-bit machine, it equals 0xFFFFFFFF00. as such, doing 'and' // with 0xFFFFFFFF (or 0xFFFFFF00) on a 32-bit machine is unnecessary, but on a 64-bit machine, it is. $temp = (($temp << 8) & 0xFFFFFF00) \| (($temp >> 24) & 0x000000FF); // rotWord $temp = $this->_subWord($temp) ^ $rcon[$i / $this->Nk]; } elseif ($this->Nk > 6 && $i % $this->Nk == 4) { $temp = $this->_subWord($temp); } $w[$i] = $w[$i - $this->Nk] ^ $temp; } // convert the key schedule from a vector of $Nb * ($Nr + 1) length to a matrix with $Nr + 1 rows and $Nb columns // and generate the inverse key schedule. more specifically, // according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=23> (section 5.3.3), // "The key expansion for the Inverse Cipher is defined as follows: // 1. Apply the Key Expansion. // 2. Apply InvMixColumn to all Round Keys except the first and the last one." // also, see fips-197.pdf#page=27, "5.3.5 Equivalent Inverse Cipher" list($dt0, $dt1, $dt2, $dt3) = $this->_getInvTables(); $temp = $this->w = $this->dw = array(); for ($i = $row = $col = 0; $i < $length; $i++, $col++) { if ($col == $this->Nb) { if ($row == 0) { $this->dw[0] = $this->w[0]; } else { // subWord + invMixColumn + invSubWord = invMixColumn $j = 0; while ($j < $this->Nb) { $dw = $this->_subWord($this->w[$row][$j]); $temp[$j] = $dt0[$dw >> 24 & 0x000000FF] ^ $dt1[$dw >> 16 & 0x000000FF] ^ $dt2[$dw >> 8 & 0x000000FF] ^ $dt3[$dw & 0x000000FF]; $j++; } $this->dw[$row] = $temp; } $col = 0; $row++; } $this->w[$row][$col] = $w[$i]; } $this->dw[$row] = $this->w[$row]; // Converting to 1-dim key arrays (both ascending) $this->dw = array_reverse($this->dw); $w = array_pop($this->w); $dw = array_pop($this->dw); foreach ($this->w as $r => $wr) { foreach ($wr as $c => $wc) { $w[] = $wc; $dw[] = $this->dw[$r][$c]; } } $this->w = $w; $this->dw = $dw; } /** * Performs S-Box substitutions * * @access private * @param int $word / function _subWord($word) { static $sbox; if (empty($sbox)) { list(, , , , $sbox) = $this->_getTables(); } return $sbox[$word & 0x000000FF] \| ($sbox[$word >> 8 & 0x000000FF] << 8) \| ($sbox[$word >> 16 & 0x000000FF] << 16) \| ($sbox[$word >> 24 & 0x000000FF] << 24); } /* * Provides the mixColumns and sboxes tables * * @see Crypt_Rijndael:_encryptBlock() * @see Crypt_Rijndael:_setupInlineCrypt() * @see Crypt_Rijndael:_subWord() * @access private * @return array &$tables / function &_getTables() { static $tables; if (empty($tables)) { // according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=19> (section 5.2.1), // precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so // those are the names we'll use. $t3 = array_map('intval', array( // with array_map('intval', ...) we ensure we have only int's and not // some slower floats converted by php automatically on high values 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491, 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC, 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB, 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B, 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83, 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A, 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F, 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA, 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B, 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713, 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6, 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85, 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411, 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B, 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1, 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF, 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E, 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6, 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B, 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD, 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8, 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2, 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049, 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810, 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197, 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F, 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C, 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927, 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733, 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5, 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0, 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C )); foreach ($t3 as $t3i) { $t0[] = (($t3i << 24) & 0xFF000000) \| (($t3i >> 8) & 0x00FFFFFF); $t1[] = (($t3i << 16) & 0xFFFF0000) \| (($t3i >> 16) & 0x0000FFFF); $t2[] = (($t3i << 8) & 0xFFFFFF00) \| (($t3i >> 24) & 0x000000FF); } $tables = array( // The Precomputed mixColumns tables t0 - t3 $t0, $t1, $t2, $t3, // The SubByte S-Box array( 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 ) ); } return $tables; } /* * Provides the inverse mixColumns and inverse sboxes tables * * @see Crypt_Rijndael:_decryptBlock() * @see Crypt_Rijndael:_setupInlineCrypt() * @see Crypt_Rijndael:_setupKey() * @access private * @return array &$tables / function &_getInvTables() { static $tables; if (empty($tables)) { $dt3 = array_map('intval', array( 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B, 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5, 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B, 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E, 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D, 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9, 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66, 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED, 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4, 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD, 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60, 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79, 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C, 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24, 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C, 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814, 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B, 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084, 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077, 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22, 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F, 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582, 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB, 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF, 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035, 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17, 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46, 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D, 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A, 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678, 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF, 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 )); foreach ($dt3 as $dt3i) { $dt0[] = (($dt3i << 24) & 0xFF000000) \| (($dt3i >> 8) & 0x00FFFFFF); $dt1[] = (($dt3i << 16) & 0xFFFF0000) \| (($dt3i >> 16) & 0x0000FFFF); $dt2[] = (($dt3i << 8) & 0xFFFFFF00) \| (($dt3i >> 24) & 0x000000FF); }; $tables = array( // The Precomputed inverse mixColumns tables dt0 - dt3 $dt0, $dt1, $dt2, $dt3, // The inverse SubByte S-Box array( 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D ) ); } return $tables; } /* * Setup the performance-optimized function for de/encrypt() * * @see Crypt_Base::_setupInlineCrypt() * @access private / function _setupInlineCrypt() { // Note: _setupInlineCrypt() will be called only if $this->changed === true // So here we are'nt under the same heavy timing-stress as we are in _de/encryptBlock() or de/encrypt(). // However...the here generated function- $code, stored as php callback in $this->inline_crypt, must work as fast as even possible. $lambda_functions =& Crypt_Rijndael::_getLambdaFunctions(); // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. // (Currently, for Crypt_Rijndael/AES, one generated $lambda_function cost on php5.5@32bit ~80kb unfreeable mem and ~130kb on php5.5@64bit) // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one. $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); // Generation of a uniqe hash for our generated code $code_hash = "Crypt_Rijndael, {$this->mode}, {$this->Nr}, {$this->Nb}"; if ($gen_hi_opt_code) { $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } if (!isset($lambda_functions[$code_hash])) { switch (true) { case $gen_hi_opt_code: // The hi-optimized $lambda_functions will use the key-words hardcoded for better performance. $w = $this->w; $dw = $this->dw; $init_encrypt = ''; $init_decrypt = ''; break; default: for ($i = 0, $cw = count($this->w); $i < $cw; ++$i) { $w[] = '$w[' . $i . ']'; $dw[] = '$dw[' . $i . ']'; } $init_encrypt = '$w = $self->w;'; $init_decrypt = '$dw = $self->dw;'; } $Nr = $this->Nr; $Nb = $this->Nb; $c = $this->c; // Generating encrypt code: $init_encrypt.= ' static $tables; if (empty($tables)) { $tables = &$self->_getTables(); } $t0 = $tables[0]; $t1 = $tables[1]; $t2 = $tables[2]; $t3 = $tables[3]; $sbox = $tables[4]; '; $s = 'e'; $e = 's'; $wc = $Nb - 1; // Preround: addRoundKey $encrypt_block = '$in = unpack("N", $in);'."\n"; for ($i = 0; $i < $Nb; ++$i) { $encrypt_block .= '$s'.$i.' = $in['.($i + 1).'] ^ '.$w[++$wc].";\n"; } // Mainrounds: shiftRows + subWord + mixColumns + addRoundKey for ($round = 1; $round < $Nr; ++$round) { list($s, $e) = array($e, $s); for ($i = 0; $i < $Nb; ++$i) { $encrypt_block.= '$'.$e.$i.' = $t0[($'.$s.$i .' >> 24) & 0xff] ^ $t1[($'.$s.(($i + $c[1]) % $Nb).' >> 16) & 0xff] ^ $t2[($'.$s.(($i + $c[2]) % $Nb).' >> 8) & 0xff] ^ $t3[ $'.$s.(($i + $c[3]) % $Nb).' & 0xff] ^ '.$w[++$wc].";\n"; } } // Finalround: subWord + shiftRows + addRoundKey for ($i = 0; $i < $Nb; ++$i) { $encrypt_block.= '$'.$e.$i.' = $sbox[ $'.$e.$i.' & 0xff] \| ($sbox[($'.$e.$i.' >> 8) & 0xff] << 8) \| ($sbox[($'.$e.$i.' >> 16) & 0xff] << 16) \| ($sbox[($'.$e.$i.' >> 24) & 0xff] << 24);'."\n"; } $encrypt_block .= '$in = pack("N"'."\n"; for ($i = 0; $i < $Nb; ++$i) { $encrypt_block.= ', ($'.$e.$i .' & '.((int)0xFF000000).') ^ ($'.$e.(($i + $c[1]) % $Nb).' & 0x00FF0000 ) ^ ($'.$e.(($i + $c[2]) % $Nb).' & 0x0000FF00 ) ^ ($'.$e.(($i + $c[3]) % $Nb).' & 0x000000FF ) ^ '.$w[$i]."\n"; } $encrypt_block .= ');'; // Generating decrypt code: $init_decrypt.= ' static $invtables; if (empty($invtables)) { $invtables = &$self->_getInvTables(); } $dt0 = $invtables[0]; $dt1 = $invtables[1]; $dt2 = $invtables[2]; $dt3 = $invtables[3]; $isbox = $invtables[4]; '; $s = 'e'; $e = 's'; $wc = $Nb - 1; // Preround: addRoundKey $decrypt_block = '$in = unpack("N", $in);'."\n"; for ($i = 0; $i < $Nb; ++$i) { $decrypt_block .= '$s'.$i.' = $in['.($i + 1).'] ^ '.$dw[++$wc].';'."\n"; } // Mainrounds: shiftRows + subWord + mixColumns + addRoundKey for ($round = 1; $round < $Nr; ++$round) { list($s, $e) = array($e, $s); for ($i = 0; $i < $Nb; ++$i) { $decrypt_block.= '$'.$e.$i.' = $dt0[($'.$s.$i .' >> 24) & 0xff] ^ $dt1[($'.$s.(($Nb + $i - $c[1]) % $Nb).' >> 16) & 0xff] ^ $dt2[($'.$s.(($Nb + $i - $c[2]) % $Nb).' >> 8) & 0xff] ^ $dt3[ $'.$s.(($Nb + $i - $c[3]) % $Nb).' & 0xff] ^ '.$dw[++$wc].";\n"; } } // Finalround: subWord + shiftRows + addRoundKey for ($i = 0; $i < $Nb; ++$i) { $decrypt_block.= '$'.$e.$i.' = $isbox[ $'.$e.$i.' & 0xff] \| ($isbox[($'.$e.$i.' >> 8) & 0xff] << 8) \| ($isbox[($'.$e.$i.' >> 16) & 0xff] << 16) \| ($isbox[($'.$e.$i.' >> 24) & 0xff] << 24);'."\n"; } $decrypt_block .= '$in = pack("N"'."\n"; for ($i = 0; $i < $Nb; ++$i) { $decrypt_block.= ', ($'.$e.$i. ' & '.((int)0xFF000000).') ^ ($'.$e.(($Nb + $i - $c[1]) % $Nb).' & 0x00FF0000 ) ^ ($'.$e.(($Nb + $i - $c[2]) % $Nb).' & 0x0000FF00 ) ^ ($'.$e.(($Nb + $i - $c[3]) % $Nb).' & 0x000000FF ) ^ '.$dw[$i]."\n"; } $decrypt_block .= ');'; $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( array( 'init_crypt' => '', 'init_encrypt' => $init_encrypt, 'init_decrypt' => $init_decrypt, 'encrypt_block' => $encrypt_block, 'decrypt_block' => $decrypt_block ) ); } $this->inline_crypt = $lambda_functions[$code_hash]; } } ��phpseclib/Crypt/RC2.php��0000644��00000062061�15104540706�0010724 0��ustar�00��<?php /* * Pure-PHP implementation of RC2. * * Uses mcrypt, if available, and an internal implementation, otherwise. * * PHP versions 4 and 5 * * Useful resources are as follows: * * - {@link http://tools.ietf.org/html/rfc2268} * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/RC2.php'; * * $rc2 = new Crypt_RC2(); * * $rc2->setKey('abcdefgh'); * * $plaintext = str_repeat('a', 1024); * * echo $rc2->decrypt($rc2->encrypt($plaintext)); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_RC2 * @author Patrick Monnerat <pm@datasphere.ch> * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Crypt_Base * * Base cipher class / if (!class_exists('Crypt_Base')) { include_once 'Base.php'; } /#@+ @access public * @see self::encrypt() * @see self::decrypt() / /* * Encrypt / decrypt using the Counter mode. * * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 / define('CRYPT_RC2_MODE_CTR', CRYPT_MODE_CTR); /* * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 / define('CRYPT_RC2_MODE_ECB', CRYPT_MODE_ECB); /* * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 / define('CRYPT_RC2_MODE_CBC', CRYPT_MODE_CBC); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 / define('CRYPT_RC2_MODE_CFB', CRYPT_MODE_CFB); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 / define('CRYPT_RC2_MODE_OFB', CRYPT_MODE_OFB); /#@-/ /** * Pure-PHP implementation of RC2. * * @package Crypt_RC2 * @access public / class Crypt_RC2 extends Crypt_Base { /* * Block Length of the cipher * * @see Crypt_Base::block_size * @var int * @access private / var $block_size = 8; /* * The Key * * @see Crypt_Base::key * @see self::setKey() * @var string * @access private / var $key; /* * The Original (unpadded) Key * * @see Crypt_Base::key * @see self::setKey() * @see self::encrypt() * @see self::decrypt() * @var string * @access private / var $orig_key; /* * Don't truncate / null pad key * * @see Crypt_Base::_clearBuffers() * @var bool * @access private / var $skip_key_adjustment = true; /* * Key Length (in bytes) * * @see Crypt_RC2::setKeyLength() * @var int * @access private / var $key_length = 16; // = 128 bits /* * The namespace used by the cipher for its constants. * * @see Crypt_Base::const_namespace * @var string * @access private / var $const_namespace = 'RC2'; /* * The mcrypt specific name of the cipher * * @see Crypt_Base::cipher_name_mcrypt * @var string * @access private / var $cipher_name_mcrypt = 'rc2'; /* * Optimizing value while CFB-encrypting * * @see Crypt_Base::cfb_init_len * @var int * @access private / var $cfb_init_len = 500; /* * The key length in bits. * * @see self::setKeyLength() * @see self::setKey() * @var int * @access private * @internal Should be in range [1..1024]. * @internal Changing this value after setting the key has no effect. / var $default_key_length = 1024; /* * The key length in bits. * * @see self::isValidEnine() * @see self::setKey() * @var int * @access private * @internal Should be in range [1..1024]. / var $current_key_length; /* * The Key Schedule * * @see self::_setupKey() * @var array * @access private / var $keys; /* * Key expansion randomization table. * Twice the same 256-value sequence to save a modulus in key expansion. * * @see self::setKey() * @var array * @access private / var $pitable = array( 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, 0x28, 0xE9, 0xFD, 0x79, 0x4A, 0xA0, 0xD8, 0x9D, 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, 0x53, 0x8E, 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, 0x17, 0x9A, 0x59, 0xF5, 0x87, 0xB3, 0x4F, 0x13, 0x61, 0x45, 0x6D, 0x8D, 0x09, 0x81, 0x7D, 0x32, 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, 0x0B, 0xF0, 0x95, 0x21, 0x22, 0x5C, 0x6B, 0x4E, 0x82, 0x54, 0xD6, 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, 0x73, 0x56, 0xC0, 0x14, 0xA7, 0x8C, 0xF1, 0xDC, 0x12, 0x75, 0xCA, 0x1F, 0x3B, 0xBE, 0xE4, 0xD1, 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, 0x6F, 0xBF, 0x0E, 0xDA, 0x46, 0x69, 0x07, 0x57, 0x27, 0xF2, 0x1D, 0x9B, 0xBC, 0x94, 0x43, 0x03, 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, 0x06, 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, 0x08, 0xE8, 0xEA, 0xDE, 0x80, 0x52, 0xEE, 0xF7, 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, 0x2A, 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, 0x4B, 0x9F, 0xD0, 0x5E, 0x04, 0x18, 0xA4, 0xEC, 0xC2, 0xE0, 0x41, 0x6E, 0x0F, 0x51, 0xCB, 0xCC, 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, 0x99, 0x7C, 0x3A, 0x85, 0x23, 0xB8, 0xB4, 0x7A, 0xFC, 0x02, 0x36, 0x5B, 0x25, 0x55, 0x97, 0x31, 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, 0x92, 0xAE, 0x05, 0xDF, 0x29, 0x10, 0x67, 0x6C, 0xBA, 0xC9, 0xD3, 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, 0x63, 0x16, 0x01, 0x3F, 0x58, 0xE2, 0x89, 0xA9, 0x0D, 0x38, 0x34, 0x1B, 0xAB, 0x33, 0xFF, 0xB0, 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, 0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, 0x0A, 0xA6, 0x20, 0x68, 0xFE, 0x7F, 0xC1, 0xAD, 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, 0x28, 0xE9, 0xFD, 0x79, 0x4A, 0xA0, 0xD8, 0x9D, 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, 0x53, 0x8E, 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, 0x17, 0x9A, 0x59, 0xF5, 0x87, 0xB3, 0x4F, 0x13, 0x61, 0x45, 0x6D, 0x8D, 0x09, 0x81, 0x7D, 0x32, 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, 0x0B, 0xF0, 0x95, 0x21, 0x22, 0x5C, 0x6B, 0x4E, 0x82, 0x54, 0xD6, 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, 0x73, 0x56, 0xC0, 0x14, 0xA7, 0x8C, 0xF1, 0xDC, 0x12, 0x75, 0xCA, 0x1F, 0x3B, 0xBE, 0xE4, 0xD1, 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, 0x6F, 0xBF, 0x0E, 0xDA, 0x46, 0x69, 0x07, 0x57, 0x27, 0xF2, 0x1D, 0x9B, 0xBC, 0x94, 0x43, 0x03, 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, 0x06, 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, 0x08, 0xE8, 0xEA, 0xDE, 0x80, 0x52, 0xEE, 0xF7, 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, 0x2A, 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, 0x4B, 0x9F, 0xD0, 0x5E, 0x04, 0x18, 0xA4, 0xEC, 0xC2, 0xE0, 0x41, 0x6E, 0x0F, 0x51, 0xCB, 0xCC, 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, 0x99, 0x7C, 0x3A, 0x85, 0x23, 0xB8, 0xB4, 0x7A, 0xFC, 0x02, 0x36, 0x5B, 0x25, 0x55, 0x97, 0x31, 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, 0x92, 0xAE, 0x05, 0xDF, 0x29, 0x10, 0x67, 0x6C, 0xBA, 0xC9, 0xD3, 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, 0x63, 0x16, 0x01, 0x3F, 0x58, 0xE2, 0x89, 0xA9, 0x0D, 0x38, 0x34, 0x1B, 0xAB, 0x33, 0xFF, 0xB0, 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, 0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, 0x0A, 0xA6, 0x20, 0x68, 0xFE, 0x7F, 0xC1, 0xAD ); /* * Inverse key expansion randomization table. * * @see self::setKey() * @var array * @access private / var $invpitable = array( 0xD1, 0xDA, 0xB9, 0x6F, 0x9C, 0xC8, 0x78, 0x66, 0x80, 0x2C, 0xF8, 0x37, 0xEA, 0xE0, 0x62, 0xA4, 0xCB, 0x71, 0x50, 0x27, 0x4B, 0x95, 0xD9, 0x20, 0x9D, 0x04, 0x91, 0xE3, 0x47, 0x6A, 0x7E, 0x53, 0xFA, 0x3A, 0x3B, 0xB4, 0xA8, 0xBC, 0x5F, 0x68, 0x08, 0xCA, 0x8F, 0x14, 0xD7, 0xC0, 0xEF, 0x7B, 0x5B, 0xBF, 0x2F, 0xE5, 0xE2, 0x8C, 0xBA, 0x12, 0xE1, 0xAF, 0xB2, 0x54, 0x5D, 0x59, 0x76, 0xDB, 0x32, 0xA2, 0x58, 0x6E, 0x1C, 0x29, 0x64, 0xF3, 0xE9, 0x96, 0x0C, 0x98, 0x19, 0x8D, 0x3E, 0x26, 0xAB, 0xA5, 0x85, 0x16, 0x40, 0xBD, 0x49, 0x67, 0xDC, 0x22, 0x94, 0xBB, 0x3C, 0xC1, 0x9B, 0xEB, 0x45, 0x28, 0x18, 0xD8, 0x1A, 0x42, 0x7D, 0xCC, 0xFB, 0x65, 0x8E, 0x3D, 0xCD, 0x2A, 0xA3, 0x60, 0xAE, 0x93, 0x8A, 0x48, 0x97, 0x51, 0x15, 0xF7, 0x01, 0x0B, 0xB7, 0x36, 0xB1, 0x2E, 0x11, 0xFD, 0x84, 0x2D, 0x3F, 0x13, 0x88, 0xB3, 0x34, 0x24, 0x1B, 0xDE, 0xC5, 0x1D, 0x4D, 0x2B, 0x17, 0x31, 0x74, 0xA9, 0xC6, 0x43, 0x6D, 0x39, 0x90, 0xBE, 0xC3, 0xB0, 0x21, 0x6B, 0xF6, 0x0F, 0xD5, 0x99, 0x0D, 0xAC, 0x1F, 0x5C, 0x9E, 0xF5, 0xF9, 0x4C, 0xD6, 0xDF, 0x89, 0xE4, 0x8B, 0xFF, 0xC7, 0xAA, 0xE7, 0xED, 0x46, 0x25, 0xB6, 0x06, 0x5E, 0x35, 0xB5, 0xEC, 0xCE, 0xE8, 0x6C, 0x30, 0x55, 0x61, 0x4A, 0xFE, 0xA0, 0x79, 0x03, 0xF0, 0x10, 0x72, 0x7C, 0xCF, 0x52, 0xA6, 0xA7, 0xEE, 0x44, 0xD3, 0x9A, 0x57, 0x92, 0xD0, 0x5A, 0x7A, 0x41, 0x7F, 0x0E, 0x00, 0x63, 0xF2, 0x4F, 0x05, 0x83, 0xC9, 0xA1, 0xD4, 0xDD, 0xC4, 0x56, 0xF4, 0xD2, 0x77, 0x81, 0x09, 0x82, 0x33, 0x9F, 0x07, 0x86, 0x75, 0x38, 0x4E, 0x69, 0xF1, 0xAD, 0x23, 0x73, 0x87, 0x70, 0x02, 0xC2, 0x1E, 0xB8, 0x0A, 0xFC, 0xE6 ); /* * Test for engine validity * * This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine() * * @see Crypt_Base::Crypt_Base() * @param int $engine * @access public * @return bool / function isValidEngine($engine) { switch ($engine) { case CRYPT_ENGINE_OPENSSL: if ($this->current_key_length != 128 \|\| strlen($this->orig_key) < 16) { return false; } $this->cipher_name_openssl_ecb = 'rc2-ecb'; $this->cipher_name_openssl = 'rc2-' . $this->_openssl_translate_mode(); } return parent::isValidEngine($engine); } /* * Sets the key length. * * Valid key lengths are 8 to 1024. * Calling this function after setting the key has no effect until the next * Crypt_RC2::setKey() call. * * @access public * @param int $length in bits / function setKeyLength($length) { if ($length < 8) { $this->default_key_length = 1; } elseif ($length > 1024) { $this->default_key_length = 128; } else { $this->default_key_length = $length; } $this->current_key_length = $this->default_key_length; parent::setKeyLength($length); } /* * Returns the current key length * * @access public * @return int / function getKeyLength() { return $this->current_key_length; } /* * Sets the key. * * Keys can be of any length. RC2, itself, uses 8 to 1024 bit keys (eg. * strlen($key) <= 128), however, we only use the first 128 bytes if $key * has more then 128 bytes in it, and set $key to a single null byte if * it is empty. * * If the key is not explicitly set, it'll be assumed to be a single * null byte. * * @see Crypt_Base::setKey() * @access public * @param string $key * @param int $t1 optional Effective key length in bits. / function setKey($key, $t1 = 0) { $this->orig_key = $key; if ($t1 <= 0) { $t1 = $this->default_key_length; } elseif ($t1 > 1024) { $t1 = 1024; } $this->current_key_length = $t1; // Key byte count should be 1..128. $key = strlen($key) ? substr($key, 0, 128) : "\x00"; $t = strlen($key); // The mcrypt RC2 implementation only supports effective key length // of 1024 bits. It is however possible to handle effective key // lengths in range 1..1024 by expanding the key and applying // inverse pitable mapping to the first byte before submitting it // to mcrypt. // Key expansion. $l = array_values(unpack('C', $key)); $t8 = ($t1 + 7) >> 3; $tm = 0xFF >> (8 * $t8 - $t1); // Expand key. $pitable = $this->pitable; for ($i = $t; $i < 128; $i++) { $l[$i] = $pitable[$l[$i - 1] + $l[$i - $t]]; } $i = 128 - $t8; $l[$i] = $pitable[$l[$i] & $tm]; while ($i--) { $l[$i] = $pitable[$l[$i + 1] ^ $l[$i + $t8]]; } // Prepare the key for mcrypt. $l[0] = $this->invpitable[$l[0]]; array_unshift($l, 'C'); parent::setKey(call_user_func_array('pack', $l)); } /* * Encrypts a message. * * Mostly a wrapper for Crypt_Base::encrypt, with some additional OpenSSL handling code * * @see self::decrypt() * @access public * @param string $plaintext * @return string $ciphertext / function encrypt($plaintext) { if ($this->engine == CRYPT_ENGINE_OPENSSL) { $temp = $this->key; $this->key = $this->orig_key; $result = parent::encrypt($plaintext); $this->key = $temp; return $result; } return parent::encrypt($plaintext); } /* * Decrypts a message. * * Mostly a wrapper for Crypt_Base::decrypt, with some additional OpenSSL handling code * * @see self::encrypt() * @access public * @param string $ciphertext * @return string $plaintext / function decrypt($ciphertext) { if ($this->engine == CRYPT_ENGINE_OPENSSL) { $temp = $this->key; $this->key = $this->orig_key; $result = parent::decrypt($ciphertext); $this->key = $temp; return $result; } return parent::decrypt($ciphertext); } /* * Encrypts a block * * @see Crypt_Base::_encryptBlock() * @see Crypt_Base::encrypt() * @access private * @param string $in * @return string / function _encryptBlock($in) { list($r0, $r1, $r2, $r3) = array_values(unpack('v', $in)); $keys = $this->keys; $limit = 20; $actions = array($limit => 44, 44 => 64); $j = 0; for (;;) { // Mixing round. $r0 = (($r0 + $keys[$j++] + ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF) << 1; $r0 \|= $r0 >> 16; $r1 = (($r1 + $keys[$j++] + ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF) << 2; $r1 \|= $r1 >> 16; $r2 = (($r2 + $keys[$j++] + ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF) << 3; $r2 \|= $r2 >> 16; $r3 = (($r3 + $keys[$j++] + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; $r3 \|= $r3 >> 16; if ($j === $limit) { if ($limit === 64) { break; } // Mashing round. $r0 += $keys[$r3 & 0x3F]; $r1 += $keys[$r0 & 0x3F]; $r2 += $keys[$r1 & 0x3F]; $r3 += $keys[$r2 & 0x3F]; $limit = $actions[$limit]; } } return pack('vvvv', $r0, $r1, $r2, $r3); } /** * Decrypts a block * * @see Crypt_Base::_decryptBlock() * @see Crypt_Base::decrypt() * @access private * @param string $in * @return string / function _decryptBlock($in) { list($r0, $r1, $r2, $r3) = array_values(unpack('v', $in)); $keys = $this->keys; $limit = 44; $actions = array($limit => 20, 20 => 0); $j = 64; for (;;) { // R-mixing round. $r3 = ($r3 \| ($r3 << 16)) >> 5; $r3 = ($r3 - $keys[--$j] - ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF; $r2 = ($r2 \| ($r2 << 16)) >> 3; $r2 = ($r2 - $keys[--$j] - ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF; $r1 = ($r1 \| ($r1 << 16)) >> 2; $r1 = ($r1 - $keys[--$j] - ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF; $r0 = ($r0 \| ($r0 << 16)) >> 1; $r0 = ($r0 - $keys[--$j] - ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF; if ($j === $limit) { if ($limit === 0) { break; } // R-mashing round. $r3 = ($r3 - $keys[$r2 & 0x3F]) & 0xFFFF; $r2 = ($r2 - $keys[$r1 & 0x3F]) & 0xFFFF; $r1 = ($r1 - $keys[$r0 & 0x3F]) & 0xFFFF; $r0 = ($r0 - $keys[$r3 & 0x3F]) & 0xFFFF; $limit = $actions[$limit]; } } return pack('vvvv', $r0, $r1, $r2, $r3); } /** * Setup the CRYPT_ENGINE_MCRYPT $engine * * @see Crypt_Base::_setupMcrypt() * @access private / function _setupMcrypt() { if (!isset($this->key)) { $this->setKey(''); } parent::_setupMcrypt(); } /* * Creates the key schedule * * @see Crypt_Base::_setupKey() * @access private / function _setupKey() { if (!isset($this->key)) { $this->setKey(''); } // Key has already been expanded in Crypt_RC2::setKey(): // Only the first value must be altered. $l = unpack('Ca/Cb/v', $this->key); array_unshift($l, $this->pitable[$l['a']] \| ($l['b'] << 8)); unset($l['a']); unset($l['b']); $this->keys = $l; } /** * Setup the performance-optimized function for de/encrypt() * * @see Crypt_Base::_setupInlineCrypt() * @access private / function _setupInlineCrypt() { $lambda_functions = &Crypt_RC2::_getLambdaFunctions(); // The first 10 generated $lambda_functions will use the $keys hardcoded as integers // for the mixing rounds, for better inline crypt performance [~20% faster]. // But for memory reason we have to limit those ultra-optimized $lambda_functions to an amount of 10. // (Currently, for Crypt_RC2, one generated $lambda_function cost on php5.5@32bit ~60kb unfreeable mem and ~100kb on php5.5@64bit) $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); // Generation of a unique hash for our generated code $code_hash = "Crypt_RC2, {$this->mode}"; if ($gen_hi_opt_code) { $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } // Is there a re-usable $lambda_functions in there? // If not, we have to create it. if (!isset($lambda_functions[$code_hash])) { // Init code for both, encrypt and decrypt. $init_crypt = '$keys = $self->keys;'; switch (true) { case $gen_hi_opt_code: $keys = $this->keys; default: $keys = array(); foreach ($this->keys as $k => $v) { $keys[$k] = '$keys[' . $k . ']'; } } // $in is the current 8 bytes block which has to be en/decrypt $encrypt_block = $decrypt_block = ' $in = unpack("v4", $in); $r0 = $in[1]; $r1 = $in[2]; $r2 = $in[3]; $r3 = $in[4]; '; // Create code for encryption. $limit = 20; $actions = array($limit => 44, 44 => 64); $j = 0; for (;;) { // Mixing round. $encrypt_block .= ' $r0 = (($r0 + ' . $keys[$j++] . ' + ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF) << 1; $r0 \|= $r0 >> 16; $r1 = (($r1 + ' . $keys[$j++] . ' + ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF) << 2; $r1 \|= $r1 >> 16; $r2 = (($r2 + ' . $keys[$j++] . ' + ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF) << 3; $r2 \|= $r2 >> 16; $r3 = (($r3 + ' . $keys[$j++] . ' + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; $r3 \|= $r3 >> 16;'; if ($j === $limit) { if ($limit === 64) { break; } // Mashing round. $encrypt_block .= ' $r0 += $keys[$r3 & 0x3F]; $r1 += $keys[$r0 & 0x3F]; $r2 += $keys[$r1 & 0x3F]; $r3 += $keys[$r2 & 0x3F];'; $limit = $actions[$limit]; } } $encrypt_block .= '$in = pack("v4", $r0, $r1, $r2, $r3);'; // Create code for decryption. $limit = 44; $actions = array($limit => 20, 20 => 0); $j = 64; for (;;) { // R-mixing round. $decrypt_block .= ' $r3 = ($r3 \| ($r3 << 16)) >> 5; $r3 = ($r3 - ' . $keys[--$j] . ' - ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF; $r2 = ($r2 \| ($r2 << 16)) >> 3; $r2 = ($r2 - ' . $keys[--$j] . ' - ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF; $r1 = ($r1 \| ($r1 << 16)) >> 2; $r1 = ($r1 - ' . $keys[--$j] . ' - ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF; $r0 = ($r0 \| ($r0 << 16)) >> 1; $r0 = ($r0 - ' . $keys[--$j] . ' - ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF;'; if ($j === $limit) { if ($limit === 0) { break; } // R-mashing round. $decrypt_block .= ' $r3 = ($r3 - $keys[$r2 & 0x3F]) & 0xFFFF; $r2 = ($r2 - $keys[$r1 & 0x3F]) & 0xFFFF; $r1 = ($r1 - $keys[$r0 & 0x3F]) & 0xFFFF; $r0 = ($r0 - $keys[$r3 & 0x3F]) & 0xFFFF;'; $limit = $actions[$limit]; } } $decrypt_block .= '$in = pack("v4", $r0, $r1, $r2, $r3);'; // Creates the inline-crypt function $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( array( 'init_crypt' => $init_crypt, 'encrypt_block' => $encrypt_block, 'decrypt_block' => $decrypt_block ) ); } // Set the inline-crypt function as callback in: $this->inline_crypt $this->inline_crypt = $lambda_functions[$code_hash]; } } ��phpseclib/Crypt/Hash.php��0000644��00000076410�15104540706�0011224 0��ustar�00��<?php /* * Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions. * * Uses hash() or mhash() if available and an internal implementation, otherwise. Currently supports the following: * * md2, md5, md5-96, sha1, sha1-96, sha256, sha256-96, sha384, and sha512, sha512-96 * * If {@link self::setKey() setKey()} is called, {@link self::hash() hash()} will return the HMAC as opposed to * the hash. If no valid algorithm is provided, sha1 will be used. * * PHP versions 4 and 5 * * {@internal The variable names are the same as those in * {@link http://tools.ietf.org/html/rfc2104#section-2 RFC2104}.}} * * Here's a short example of how to use this library: * <code> * <?php * include 'Crypt/Hash.php'; * * $hash = new Crypt_Hash('sha1'); * * $hash->setKey('abcdefg'); * * echo base64_encode($hash->hash('abcdefg')); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_Hash * @author Jim Wigginton <terrafrost@php.net> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /#@+ @access private * @see self::Crypt_Hash() / /* * Toggles the internal implementation / define('CRYPT_HASH_MODE_INTERNAL', 1); /* * Toggles the mhash() implementation, which has been deprecated on PHP 5.3.0+. / define('CRYPT_HASH_MODE_MHASH', 2); /* * Toggles the hash() implementation, which works on PHP 5.1.2+. / define('CRYPT_HASH_MODE_HASH', 3); /#@-/ /** * Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions. * * @package Crypt_Hash * @author Jim Wigginton <terrafrost@php.net> * @access public / class Crypt_Hash { /* * Hash Parameter * * @see self::setHash() * @var int * @access private / var $hashParam; /* * Byte-length of compression blocks / key (Internal HMAC) * * @see self::setAlgorithm() * @var int * @access private / var $b; /* * Byte-length of hash output (Internal HMAC) * * @see self::setHash() * @var int * @access private / var $l = false; /* * Hash Algorithm * * @see self::setHash() * @var string * @access private / var $hash; /* * Key * * @see self::setKey() * @var string * @access private / var $key = false; /* * Computed Key * * @see self::_computeKey() * @var string * @access private / var $computedKey = false; /* * Outer XOR (Internal HMAC) * * @see self::setKey() * @var string * @access private / var $opad; /* * Inner XOR (Internal HMAC) * * @see self::setKey() * @var string * @access private / var $ipad; /* * Engine * * @see self::setHash() * @var string * @access private / var $engine; /* * Default Constructor. * * @param string $hash * @return Crypt_Hash * @access public / function __construct($hash = 'sha1') { if (!defined('CRYPT_HASH_MODE')) { switch (true) { case extension_loaded('hash'): define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_HASH); break; case extension_loaded('mhash'): define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_MHASH); break; default: define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_INTERNAL); } } $this->setHash($hash); } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @param int $mode * @access public / function Crypt_Hash($hash = 'sha1') { $this->__construct($hash); } /* * Sets the key for HMACs * * Keys can be of any length. * * @access public * @param string $key / function setKey($key = false) { $this->key = $key; $this->_computeKey(); } /* * Pre-compute the key used by the HMAC * * Quoting http://tools.ietf.org/html/rfc2104#section-2, "Applications that use keys longer than B bytes * will first hash the key using H and then use the resultant L byte string as the actual key to HMAC." * * As documented in https://www.reddit.com/r/PHP/comments/9nct2l/symfonypolyfill_hash_pbkdf2_correct_fix_for/ * when doing an HMAC multiple times it's faster to compute the hash once instead of computing it during * every call * * @access private / function _computeKey() { if ($this->key === false) { $this->computedKey = false; return; } if (strlen($this->key) <= $this->b) { $this->computedKey = $this->key; return; } switch ($this->engine) { case CRYPT_HASH_MODE_MHASH: $this->computedKey = mhash($this->hash, $this->key); break; case CRYPT_HASH_MODE_HASH: $this->computedKey = hash($this->hash, $this->key, true); break; case CRYPT_HASH_MODE_INTERNAL: $this->computedKey = call_user_func($this->hash, $this->key); } } /* * Gets the hash function. * * As set by the constructor or by the setHash() method. * * @access public * @return string / function getHash() { return $this->hashParam; } /* * Sets the hash function. * * @access public * @param string $hash / function setHash($hash) { $this->hashParam = $hash = strtolower($hash); switch ($hash) { case 'md5-96': case 'sha1-96': case 'sha256-96': case 'sha512-96': $hash = substr($hash, 0, -3); $this->l = 12; // 96 / 8 = 12 break; case 'md2': case 'md5': $this->l = 16; break; case 'sha1': $this->l = 20; break; case 'sha256': $this->l = 32; break; case 'sha384': $this->l = 48; break; case 'sha512': $this->l = 64; } switch ($hash) { case 'md2-96': case 'md2': $this->b = 16; case 'md5-96': case 'sha1-96': case 'sha224-96': case 'sha256-96': case 'md2': case 'md5': case 'sha1': case 'sha224': case 'sha256': $this->b = 64; break; default: $this->b = 128; } switch ($hash) { case 'md2': $this->engine = CRYPT_HASH_MODE == CRYPT_HASH_MODE_HASH && in_array('md2', hash_algos()) ? CRYPT_HASH_MODE_HASH : CRYPT_HASH_MODE_INTERNAL; break; case 'sha384': case 'sha512': $this->engine = CRYPT_HASH_MODE == CRYPT_HASH_MODE_MHASH ? CRYPT_HASH_MODE_INTERNAL : CRYPT_HASH_MODE; break; default: $this->engine = CRYPT_HASH_MODE; } switch ($this->engine) { case CRYPT_HASH_MODE_MHASH: switch ($hash) { case 'md5': $this->hash = MHASH_MD5; break; case 'sha256': $this->hash = MHASH_SHA256; break; case 'sha1': default: $this->hash = MHASH_SHA1; } $this->_computeKey(); return; case CRYPT_HASH_MODE_HASH: switch ($hash) { case 'md5': $this->hash = 'md5'; return; case 'md2': case 'sha256': case 'sha384': case 'sha512': $this->hash = $hash; return; case 'sha1': default: $this->hash = 'sha1'; } $this->_computeKey(); return; } switch ($hash) { case 'md2': $this->hash = array($this, '_md2'); break; case 'md5': $this->hash = array($this, '_md5'); break; case 'sha256': $this->hash = array($this, '_sha256'); break; case 'sha384': case 'sha512': $this->hash = array($this, '_sha512'); break; case 'sha1': default: $this->hash = array($this, '_sha1'); } $this->ipad = str_repeat(chr(0x36), $this->b); $this->opad = str_repeat(chr(0x5C), $this->b); $this->_computeKey(); } /* * Compute the HMAC. * * @access public * @param string $text * @return string / function hash($text) { if (!empty($this->key) \|\| is_string($this->key)) { switch ($this->engine) { case CRYPT_HASH_MODE_MHASH: $output = mhash($this->hash, $text, $this->computedKey); break; case CRYPT_HASH_MODE_HASH: $output = hash_hmac($this->hash, $text, $this->computedKey, true); break; case CRYPT_HASH_MODE_INTERNAL: $key = str_pad($this->computedKey, $this->b, chr(0)); // step 1 $temp = $this->ipad ^ $key; // step 2 $temp .= $text; // step 3 $temp = call_user_func($this->hash, $temp); // step 4 $output = $this->opad ^ $key; // step 5 $output.= $temp; // step 6 $output = call_user_func($this->hash, $output); // step 7 } } else { switch ($this->engine) { case CRYPT_HASH_MODE_MHASH: $output = mhash($this->hash, $text); break; case CRYPT_HASH_MODE_HASH: $output = hash($this->hash, $text, true); break; case CRYPT_HASH_MODE_INTERNAL: $output = call_user_func($this->hash, $text); } } return substr($output, 0, $this->l); } /* * Returns the hash length (in bytes) * * @access public * @return int / function getLength() { return $this->l; } /* * Wrapper for MD5 * * @access private * @param string $m / function _md5($m) { return pack('H', md5($m)); } /** * Wrapper for SHA1 * * @access private * @param string $m / function _sha1($m) { return pack('H', sha1($m)); } /** * Pure-PHP implementation of MD2 * * See {@link http://tools.ietf.org/html/rfc1319 RFC1319}. * * @access private * @param string $m / function _md2($m) { static $s = array( 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251, 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63, 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50, 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165, 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210, 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157, 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27, 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15, 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233, 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228, 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237, 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 ); // Step 1. Append Padding Bytes $pad = 16 - (strlen($m) & 0xF); $m.= str_repeat(chr($pad), $pad); $length = strlen($m); // Step 2. Append Checksum $c = str_repeat(chr(0), 16); $l = chr(0); for ($i = 0; $i < $length; $i+= 16) { for ($j = 0; $j < 16; $j++) { // RFC1319 incorrectly states that C[j] should be set to S[c xor L] //$c[$j] = chr($s[ord($m[$i + $j] ^ $l)]); // per <http://www.rfc-editor.org/errata_search.php?rfc=1319>, however, C[j] should be set to S[c xor L] xor C[j] $c[$j] = chr($s[ord($m[$i + $j] ^ $l)] ^ ord($c[$j])); $l = $c[$j]; } } $m.= $c; $length+= 16; // Step 3. Initialize MD Buffer $x = str_repeat(chr(0), 48); // Step 4. Process Message in 16-Byte Blocks for ($i = 0; $i < $length; $i+= 16) { for ($j = 0; $j < 16; $j++) { $x[$j + 16] = $m[$i + $j]; $x[$j + 32] = $x[$j + 16] ^ $x[$j]; } $t = chr(0); for ($j = 0; $j < 18; $j++) { for ($k = 0; $k < 48; $k++) { $x[$k] = $t = $x[$k] ^ chr($s[ord($t)]); //$t = $x[$k] = $x[$k] ^ chr($s[ord($t)]); } $t = chr(ord($t) + $j); } } // Step 5. Output return substr($x, 0, 16); } /* * Pure-PHP implementation of SHA256 * * See {@link http://en.wikipedia.org/wiki/SHA_hash_functions#SHA-256_.28a_SHA-2_variant.29_pseudocode SHA-256 (a SHA-2 variant) pseudocode - Wikipedia}. * * @access private * @param string $m / function _sha256($m) { if (extension_loaded('suhosin')) { return pack('H', sha256($m)); } // Initialize variables $hash = array( 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 ); // Initialize table of round constants // (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311) static $k = array( 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 ); // Pre-processing $length = strlen($m); // to round to nearest 56 mod 64, we'll add 64 - (length + (64 - 56)) % 64 $m.= str_repeat(chr(0), 64 - (($length + 8) & 0x3F)); $m[$length] = chr(0x80); // we don't support hashing strings 512MB long $m.= pack('N2', 0, $length << 3); // Process the message in successive 512-bit chunks $chunks = str_split($m, 64); foreach ($chunks as $chunk) { $w = array(); for ($i = 0; $i < 16; $i++) { extract(unpack('Ntemp', $this->_string_shift($chunk, 4))); $w[] = $temp; } // Extend the sixteen 32-bit words into sixty-four 32-bit words for ($i = 16; $i < 64; $i++) { // @codingStandardsIgnoreStart $s0 = $this->_rightRotate($w[$i - 15], 7) ^ $this->_rightRotate($w[$i - 15], 18) ^ $this->_rightShift( $w[$i - 15], 3); $s1 = $this->_rightRotate($w[$i - 2], 17) ^ $this->_rightRotate($w[$i - 2], 19) ^ $this->_rightShift( $w[$i - 2], 10); // @codingStandardsIgnoreEnd $w[$i] = $this->_add($w[$i - 16], $s0, $w[$i - 7], $s1); } // Initialize hash value for this chunk list($a, $b, $c, $d, $e, $f, $g, $h) = $hash; // Main loop for ($i = 0; $i < 64; $i++) { $s0 = $this->_rightRotate($a, 2) ^ $this->_rightRotate($a, 13) ^ $this->_rightRotate($a, 22); $maj = ($a & $b) ^ ($a & $c) ^ ($b & $c); $t2 = $this->_add($s0, $maj); $s1 = $this->_rightRotate($e, 6) ^ $this->_rightRotate($e, 11) ^ $this->_rightRotate($e, 25); $ch = ($e & $f) ^ ($this->_not($e) & $g); $t1 = $this->_add($h, $s1, $ch, $k[$i], $w[$i]); $h = $g; $g = $f; $f = $e; $e = $this->_add($d, $t1); $d = $c; $c = $b; $b = $a; $a = $this->_add($t1, $t2); } // Add this chunk's hash to result so far $hash = array( $this->_add($hash[0], $a), $this->_add($hash[1], $b), $this->_add($hash[2], $c), $this->_add($hash[3], $d), $this->_add($hash[4], $e), $this->_add($hash[5], $f), $this->_add($hash[6], $g), $this->_add($hash[7], $h) ); } // Produce the final hash value (big-endian) return pack('N8', $hash[0], $hash[1], $hash[2], $hash[3], $hash[4], $hash[5], $hash[6], $hash[7]); } /** * Pure-PHP implementation of SHA384 and SHA512 * * @access private * @param string $m / function _sha512($m) { if (!class_exists('Math_BigInteger')) { include_once 'Math/BigInteger.php'; } static $init384, $init512, $k; if (!isset($k)) { // Initialize variables $init384 = array( // initial values for SHA384 'cbbb9d5dc1059ed8', '629a292a367cd507', '9159015a3070dd17', '152fecd8f70e5939', '67332667ffc00b31', '8eb44a8768581511', 'db0c2e0d64f98fa7', '47b5481dbefa4fa4' ); $init512 = array( // initial values for SHA512 '6a09e667f3bcc908', 'bb67ae8584caa73b', '3c6ef372fe94f82b', 'a54ff53a5f1d36f1', '510e527fade682d1', '9b05688c2b3e6c1f', '1f83d9abfb41bd6b', '5be0cd19137e2179' ); for ($i = 0; $i < 8; $i++) { $init384[$i] = new Math_BigInteger($init384[$i], 16); $init384[$i]->setPrecision(64); $init512[$i] = new Math_BigInteger($init512[$i], 16); $init512[$i]->setPrecision(64); } // Initialize table of round constants // (first 64 bits of the fractional parts of the cube roots of the first 80 primes 2..409) $k = array( '428a2f98d728ae22', '7137449123ef65cd', 'b5c0fbcfec4d3b2f', 'e9b5dba58189dbbc', '3956c25bf348b538', '59f111f1b605d019', '923f82a4af194f9b', 'ab1c5ed5da6d8118', 'd807aa98a3030242', '12835b0145706fbe', '243185be4ee4b28c', '550c7dc3d5ffb4e2', '72be5d74f27b896f', '80deb1fe3b1696b1', '9bdc06a725c71235', 'c19bf174cf692694', 'e49b69c19ef14ad2', 'efbe4786384f25e3', '0fc19dc68b8cd5b5', '240ca1cc77ac9c65', '2de92c6f592b0275', '4a7484aa6ea6e483', '5cb0a9dcbd41fbd4', '76f988da831153b5', '983e5152ee66dfab', 'a831c66d2db43210', 'b00327c898fb213f', 'bf597fc7beef0ee4', 'c6e00bf33da88fc2', 'd5a79147930aa725', '06ca6351e003826f', '142929670a0e6e70', '27b70a8546d22ffc', '2e1b21385c26c926', '4d2c6dfc5ac42aed', '53380d139d95b3df', '650a73548baf63de', '766a0abb3c77b2a8', '81c2c92e47edaee6', '92722c851482353b', 'a2bfe8a14cf10364', 'a81a664bbc423001', 'c24b8b70d0f89791', 'c76c51a30654be30', 'd192e819d6ef5218', 'd69906245565a910', 'f40e35855771202a', '106aa07032bbd1b8', '19a4c116b8d2d0c8', '1e376c085141ab53', '2748774cdf8eeb99', '34b0bcb5e19b48a8', '391c0cb3c5c95a63', '4ed8aa4ae3418acb', '5b9cca4f7763e373', '682e6ff3d6b2b8a3', '748f82ee5defb2fc', '78a5636f43172f60', '84c87814a1f0ab72', '8cc702081a6439ec', '90befffa23631e28', 'a4506cebde82bde9', 'bef9a3f7b2c67915', 'c67178f2e372532b', 'ca273eceea26619c', 'd186b8c721c0c207', 'eada7dd6cde0eb1e', 'f57d4f7fee6ed178', '06f067aa72176fba', '0a637dc5a2c898a6', '113f9804bef90dae', '1b710b35131c471b', '28db77f523047d84', '32caab7b40c72493', '3c9ebe0a15c9bebc', '431d67c49c100d4c', '4cc5d4becb3e42b6', '597f299cfc657e2a', '5fcb6fab3ad6faec', '6c44198c4a475817' ); for ($i = 0; $i < 80; $i++) { $k[$i] = new Math_BigInteger($k[$i], 16); } } $hash = $this->l == 48 ? $init384 : $init512; // Pre-processing $length = strlen($m); // to round to nearest 112 mod 128, we'll add 128 - (length + (128 - 112)) % 128 $m.= str_repeat(chr(0), 128 - (($length + 16) & 0x7F)); $m[$length] = chr(0x80); // we don't support hashing strings 512MB long $m.= pack('N4', 0, 0, 0, $length << 3); // Process the message in successive 1024-bit chunks $chunks = str_split($m, 128); foreach ($chunks as $chunk) { $w = array(); for ($i = 0; $i < 16; $i++) { $temp = new Math_BigInteger($this->_string_shift($chunk, 8), 256); $temp->setPrecision(64); $w[] = $temp; } // Extend the sixteen 32-bit words into eighty 32-bit words for ($i = 16; $i < 80; $i++) { $temp = array( $w[$i - 15]->bitwise_rightRotate(1), $w[$i - 15]->bitwise_rightRotate(8), $w[$i - 15]->bitwise_rightShift(7) ); $s0 = $temp[0]->bitwise_xor($temp[1]); $s0 = $s0->bitwise_xor($temp[2]); $temp = array( $w[$i - 2]->bitwise_rightRotate(19), $w[$i - 2]->bitwise_rightRotate(61), $w[$i - 2]->bitwise_rightShift(6) ); $s1 = $temp[0]->bitwise_xor($temp[1]); $s1 = $s1->bitwise_xor($temp[2]); $w[$i] = $w[$i - 16]->copy(); $w[$i] = $w[$i]->add($s0); $w[$i] = $w[$i]->add($w[$i - 7]); $w[$i] = $w[$i]->add($s1); } // Initialize hash value for this chunk $a = $hash[0]->copy(); $b = $hash[1]->copy(); $c = $hash[2]->copy(); $d = $hash[3]->copy(); $e = $hash[4]->copy(); $f = $hash[5]->copy(); $g = $hash[6]->copy(); $h = $hash[7]->copy(); // Main loop for ($i = 0; $i < 80; $i++) { $temp = array( $a->bitwise_rightRotate(28), $a->bitwise_rightRotate(34), $a->bitwise_rightRotate(39) ); $s0 = $temp[0]->bitwise_xor($temp[1]); $s0 = $s0->bitwise_xor($temp[2]); $temp = array( $a->bitwise_and($b), $a->bitwise_and($c), $b->bitwise_and($c) ); $maj = $temp[0]->bitwise_xor($temp[1]); $maj = $maj->bitwise_xor($temp[2]); $t2 = $s0->add($maj); $temp = array( $e->bitwise_rightRotate(14), $e->bitwise_rightRotate(18), $e->bitwise_rightRotate(41) ); $s1 = $temp[0]->bitwise_xor($temp[1]); $s1 = $s1->bitwise_xor($temp[2]); $temp = array( $e->bitwise_and($f), $g->bitwise_and($e->bitwise_not()) ); $ch = $temp[0]->bitwise_xor($temp[1]); $t1 = $h->add($s1); $t1 = $t1->add($ch); $t1 = $t1->add($k[$i]); $t1 = $t1->add($w[$i]); $h = $g->copy(); $g = $f->copy(); $f = $e->copy(); $e = $d->add($t1); $d = $c->copy(); $c = $b->copy(); $b = $a->copy(); $a = $t1->add($t2); } // Add this chunk's hash to result so far $hash = array( $hash[0]->add($a), $hash[1]->add($b), $hash[2]->add($c), $hash[3]->add($d), $hash[4]->add($e), $hash[5]->add($f), $hash[6]->add($g), $hash[7]->add($h) ); } // Produce the final hash value (big-endian) // (Crypt_Hash::hash() trims the output for hashes but not for HMACs. as such, we trim the output here) $temp = $hash[0]->toBytes() . $hash[1]->toBytes() . $hash[2]->toBytes() . $hash[3]->toBytes() . $hash[4]->toBytes() . $hash[5]->toBytes(); if ($this->l != 48) { $temp.= $hash[6]->toBytes() . $hash[7]->toBytes(); } return $temp; } /* * Right Rotate * * @access private * @param int $int * @param int $amt * @see self::_sha256() * @return int / function _rightRotate($int, $amt) { $invamt = 32 - $amt; $mask = (1 << $invamt) - 1; return (($int << $invamt) & 0xFFFFFFFF) \| (($int >> $amt) & $mask); } /* * Right Shift * * @access private * @param int $int * @param int $amt * @see self::_sha256() * @return int / function _rightShift($int, $amt) { $mask = (1 << (32 - $amt)) - 1; return ($int >> $amt) & $mask; } /* * Not * * @access private * @param int $int * @see self::_sha256() * @return int / function _not($int) { return ~$int & 0xFFFFFFFF; } /* * Add * * _sha256() adds multiple unsigned 32-bit integers. Since PHP doesn't support unsigned integers and since the * possibility of overflow exists, care has to be taken. Math_BigInteger() could be used but this should be faster. * * @param int $... * @return int * @see self::_sha256() * @access private / function _add() { static $mod; if (!isset($mod)) { $mod = pow(2, 32); } $result = 0; $arguments = func_get_args(); foreach ($arguments as $argument) { $result+= $argument < 0 ? ($argument & 0x7FFFFFFF) + 0x80000000 : $argument; } switch (true) { case is_int($result): // PHP 5.3, per http://php.net/releases/5_3_0.php, introduced "more consistent float rounding" case version_compare(PHP_VERSION, '5.3.0') >= 0 && (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': // PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster case (PHP_OS & "\xDF\xDF\xDF") === 'WIN': return fmod($result, $mod); } return (fmod($result, 0x80000000) & 0x7FFFFFFF) \| ((fmod(floor($result / 0x80000000), 2) & 1) << 31); } /* * String Shift * * Inspired by array_shift * * @param string $string * @param int $index * @return string * @access private / function _string_shift(&$string, $index = 1) { $substr = substr($string, 0, $index); $string = substr($string, $index); return $substr; } } ��phpseclib/Crypt/Base.php��0000644��00000312746�15104540706�0011220 0��ustar�00��<?php /* * Base Class for all Crypt_* cipher classes * * PHP versions 4 and 5 * * Internally for phpseclib developers: * If you plan to add a new cipher class, please note following rules: * * - The new Crypt_* cipher class should extend Crypt_Base * * - Following methods are then required to be overridden/overloaded: * * - _encryptBlock() * * - _decryptBlock() * * - _setupKey() * * - All other methods are optional to be overridden/overloaded * * - Look at the source code of the current ciphers how they extend Crypt_Base * and take one of them as a start up for the new cipher class. * * - Please read all the other comments/notes/hints here also for each class var/method * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Crypt * @package Crypt_Base * @author Jim Wigginton <terrafrost@php.net> * @author Hans-Juergen Petrich <petrich@tronic-media.com> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /#@+ @access public * @see self::encrypt() * @see self::decrypt() / /* * Encrypt / decrypt using the Counter mode. * * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 / define('CRYPT_MODE_CTR', -1); /* * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 / define('CRYPT_MODE_ECB', 1); /* * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 / define('CRYPT_MODE_CBC', 2); /* * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 / define('CRYPT_MODE_CFB', 3); /* * Encrypt / decrypt using the Output Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 / define('CRYPT_MODE_OFB', 4); /* * Encrypt / decrypt using streaming mode. / define('CRYPT_MODE_STREAM', 5); /#@-/ /*#@+ @access private * @see self::Crypt_Base() * @internal These constants are for internal use only / /* * Base value for the internal implementation $engine switch / define('CRYPT_ENGINE_INTERNAL', 1); /* * Base value for the mcrypt implementation $engine switch / define('CRYPT_ENGINE_MCRYPT', 2); /* * Base value for the OpenSSL implementation $engine switch / define('CRYPT_ENGINE_OPENSSL', 3); /#@-/ /** * Base Class for all Crypt_* cipher classes * * @package Crypt_Base * @author Jim Wigginton <terrafrost@php.net> * @author Hans-Juergen Petrich <petrich@tronic-media.com> * @access public / class Crypt_Base { /* * The Encryption Mode * * @see self::Crypt_Base() * @var int * @access private / var $mode; /* * The Block Length of the block cipher * * @var int * @access private / var $block_size = 16; /* * The Key * * @see self::setKey() * @var string * @access private / var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; /* * The Initialization Vector * * @see self::setIV() * @var string * @access private / var $iv; /* * A "sliding" Initialization Vector * * @see self::enableContinuousBuffer() * @see self::_clearBuffers() * @var string * @access private / var $encryptIV; /* * A "sliding" Initialization Vector * * @see self::enableContinuousBuffer() * @see self::_clearBuffers() * @var string * @access private / var $decryptIV; /* * Continuous Buffer status * * @see self::enableContinuousBuffer() * @var bool * @access private / var $continuousBuffer = false; /* * Encryption buffer for CTR, OFB and CFB modes * * @see self::encrypt() * @see self::_clearBuffers() * @var array * @access private / var $enbuffer; /* * Decryption buffer for CTR, OFB and CFB modes * * @see self::decrypt() * @see self::_clearBuffers() * @var array * @access private / var $debuffer; /* * mcrypt resource for encryption * * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. * * @see self::encrypt() * @var resource * @access private / var $enmcrypt; /* * mcrypt resource for decryption * * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. * * @see self::decrypt() * @var resource * @access private / var $demcrypt; /* * Does the enmcrypt resource need to be (re)initialized? * * @see Crypt_Twofish::setKey() * @see Crypt_Twofish::setIV() * @var bool * @access private / var $enchanged = true; /* * Does the demcrypt resource need to be (re)initialized? * * @see Crypt_Twofish::setKey() * @see Crypt_Twofish::setIV() * @var bool * @access private / var $dechanged = true; /* * mcrypt resource for CFB mode * * mcrypt's CFB mode, in (and only in) buffered context, * is broken, so phpseclib implements the CFB mode by it self, * even when the mcrypt php extension is available. * * In order to do the CFB-mode work (fast) phpseclib * use a separate ECB-mode mcrypt resource. * * @link http://phpseclib.sourceforge.net/cfb-demo.phps * @see self::encrypt() * @see self::decrypt() * @see self::_setupMcrypt() * @var resource * @access private / var $ecb; /* * Optimizing value while CFB-encrypting * * Only relevant if $continuousBuffer enabled * and $engine == CRYPT_ENGINE_MCRYPT * * It's faster to re-init $enmcrypt if * $buffer bytes > $cfb_init_len than * using the $ecb resource furthermore. * * This value depends of the chosen cipher * and the time it would be needed for it's * initialization [by mcrypt_generic_init()] * which, typically, depends on the complexity * on its internaly Key-expanding algorithm. * * @see self::encrypt() * @var int * @access private / var $cfb_init_len = 600; /* * Does internal cipher state need to be (re)initialized? * * @see self::setKey() * @see self::setIV() * @see self::disableContinuousBuffer() * @var bool * @access private / var $changed = true; /* * Padding status * * @see self::enablePadding() * @var bool * @access private / var $padding = true; /* * Is the mode one that is paddable? * * @see self::Crypt_Base() * @var bool * @access private / var $paddable = false; /* * Holds which crypt engine internaly should be use, * which will be determined automatically on __construct() * * Currently available $engines are: * - CRYPT_ENGINE_OPENSSL (very fast, php-extension: openssl, extension_loaded('openssl') required) * - CRYPT_ENGINE_MCRYPT (fast, php-extension: mcrypt, extension_loaded('mcrypt') required) * - CRYPT_ENGINE_INTERNAL (slower, pure php-engine, no php-extension required) * * @see self::_setEngine() * @see self::encrypt() * @see self::decrypt() * @var int * @access private / var $engine; /* * Holds the preferred crypt engine * * @see self::_setEngine() * @see self::setPreferredEngine() * @var int * @access private / var $preferredEngine; /* * The mcrypt specific name of the cipher * * Only used if $engine == CRYPT_ENGINE_MCRYPT * * @link http://www.php.net/mcrypt_module_open * @link http://www.php.net/mcrypt_list_algorithms * @see self::_setupMcrypt() * @var string * @access private / var $cipher_name_mcrypt; /* * The openssl specific name of the cipher * * Only used if $engine == CRYPT_ENGINE_OPENSSL * * @link http://www.php.net/openssl-get-cipher-methods * @var string * @access private / var $cipher_name_openssl; /* * The openssl specific name of the cipher in ECB mode * * If OpenSSL does not support the mode we're trying to use (CTR) * it can still be emulated with ECB mode. * * @link http://www.php.net/openssl-get-cipher-methods * @var string * @access private / var $cipher_name_openssl_ecb; /* * The default salt used by setPassword() * * @see self::setPassword() * @var string * @access private / var $password_default_salt = 'phpseclib/salt'; /* * The namespace used by the cipher for its constants. * * ie: AES.php is using CRYPT_AES_MODE_* for its constants * so $const_namespace is AES * * DES.php is using CRYPT_DES_MODE_* for its constants * so $const_namespace is DES... and so on * * All CRYPT_<$const_namespace>_MODE_* are aliases of * the generic CRYPT_MODE_* constants, so both could be used * for each cipher. * * Example: * $aes = new Crypt_AES(CRYPT_AES_MODE_CFB); // $aes will operate in cfb mode * $aes = new Crypt_AES(CRYPT_MODE_CFB); // identical * * @see self::Crypt_Base() * @var string * @access private / var $const_namespace; /* * The name of the performance-optimized callback function * * Used by encrypt() / decrypt() * only if $engine == CRYPT_ENGINE_INTERNAL * * @see self::encrypt() * @see self::decrypt() * @see self::_setupInlineCrypt() * @see self::$use_inline_crypt * @var Callback * @access private / var $inline_crypt; /* * Holds whether performance-optimized $inline_crypt() can/should be used. * * @see self::encrypt() * @see self::decrypt() * @see self::inline_crypt * @var mixed * @access private / var $use_inline_crypt; /* * If OpenSSL can be used in ECB but not in CTR we can emulate CTR * * @see self::_openssl_ctr_process() * @var bool * @access private / var $openssl_emulate_ctr = false; /* * Determines what options are passed to openssl_encrypt/decrypt * * @see self::isValidEngine() * @var mixed * @access private / var $openssl_options; /* * Has the key length explicitly been set or should it be derived from the key, itself? * * @see self::setKeyLength() * @var bool * @access private / var $explicit_key_length = false; /* * Don't truncate / null pad key * * @see self::_clearBuffers() * @var bool * @access private / var $skip_key_adjustment = false; /* * Default Constructor. * * Determines whether or not the mcrypt extension should be used. * * $mode could be: * * - CRYPT_MODE_ECB * * - CRYPT_MODE_CBC * * - CRYPT_MODE_CTR * * - CRYPT_MODE_CFB * * - CRYPT_MODE_OFB * * (or the alias constants of the chosen cipher, for example for AES: CRYPT_AES_MODE_ECB or CRYPT_AES_MODE_CBC ...) * * If not explicitly set, CRYPT_MODE_CBC will be used. * * @param int $mode * @access public / function __construct($mode = CRYPT_MODE_CBC) { // $mode dependent settings switch ($mode) { case CRYPT_MODE_ECB: $this->paddable = true; $this->mode = CRYPT_MODE_ECB; break; case CRYPT_MODE_CTR: case CRYPT_MODE_CFB: case CRYPT_MODE_OFB: case CRYPT_MODE_STREAM: $this->mode = $mode; break; case CRYPT_MODE_CBC: default: $this->paddable = true; $this->mode = CRYPT_MODE_CBC; } $this->_setEngine(); // Determining whether inline crypting can be used by the cipher if ($this->use_inline_crypt !== false) { $this->use_inline_crypt = version_compare(PHP_VERSION, '5.3.0') >= 0 \|\| function_exists('create_function'); } } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @param int $mode * @access public / function Crypt_Base($mode = CRYPT_MODE_CBC) { $this->__construct($mode); } /* * Sets the initialization vector. (optional) * * SetIV is not required when CRYPT_MODE_ECB (or ie for AES: CRYPT_AES_MODE_ECB) is being used. If not explicitly set, it'll be assumed * to be all zero's. * * @access public * @param string $iv * @internal Can be overwritten by a sub class, but does not have to be / function setIV($iv) { if ($this->mode == CRYPT_MODE_ECB) { return; } $this->iv = $iv; $this->changed = true; } /* * Sets the key length. * * Keys with explicitly set lengths need to be treated accordingly * * @access public * @param int $length / function setKeyLength($length) { $this->explicit_key_length = true; $this->changed = true; $this->_setEngine(); } /* * Returns the current key length in bits * * @access public * @return int / function getKeyLength() { return $this->key_length << 3; } /* * Returns the current block length in bits * * @access public * @return int / function getBlockLength() { return $this->block_size << 3; } /* * Sets the key. * * The min/max length(s) of the key depends on the cipher which is used. * If the key not fits the length(s) of the cipher it will paded with null bytes * up to the closest valid key length. If the key is more than max length, * we trim the excess bits. * * If the key is not explicitly set, it'll be assumed to be all null bytes. * * @access public * @param string $key * @internal Could, but not must, extend by the child Crypt_* class / function setKey($key) { if (!$this->explicit_key_length) { $this->setKeyLength(strlen($key) << 3); $this->explicit_key_length = false; } $this->key = $key; $this->changed = true; $this->_setEngine(); } /* * Sets the password. * * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2} or pbkdf1: * $hash, $salt, $count, $dkLen * * Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php * * @see Crypt/Hash.php * @param string $password * @param string $method * @return bool * @access public * @internal Could, but not must, extend by the child Crypt_* class / function setPassword($password, $method = 'pbkdf2') { $key = ''; switch ($method) { default: // 'pbkdf2' or 'pbkdf1' $func_args = func_get_args(); // Hash function $hash = isset($func_args[2]) ? $func_args[2] : 'sha1'; // WPA and WPA2 use the SSID as the salt $salt = isset($func_args[3]) ? $func_args[3] : $this->password_default_salt; // RFC2898#section-4.2 uses 1,000 iterations by default // WPA and WPA2 use 4,096. $count = isset($func_args[4]) ? $func_args[4] : 1000; // Keylength if (isset($func_args[5]) && $func_args[5] > 0) { $dkLen = $func_args[5]; } else { $dkLen = $method == 'pbkdf1' ? 2 $this->key_length : $this->key_length; } switch (true) { case $method == 'pbkdf1': if (!class_exists('Crypt_Hash')) { include_once 'Crypt/Hash.php'; } $hashObj = new Crypt_Hash(); $hashObj->setHash($hash); if ($dkLen > $hashObj->getLength()) { user_error('Derived key too long'); return false; } $t = $password . $salt; for ($i = 0; $i < $count; ++$i) { $t = $hashObj->hash($t); } $key = substr($t, 0, $dkLen); $this->setKey(substr($key, 0, $dkLen >> 1)); $this->setIV(substr($key, $dkLen >> 1)); return true; // Determining if php[>=5.5.0]'s hash_pbkdf2() function avail- and useable case !function_exists('hash_pbkdf2'): case !function_exists('hash_algos'): case !in_array($hash, hash_algos()): if (!class_exists('Crypt_Hash')) { include_once 'Crypt/Hash.php'; } $i = 1; $hmac = new Crypt_Hash(); $hmac->setHash($hash); $hmac->setKey($password); while (strlen($key) < $dkLen) { $f = $u = $hmac->hash($salt . pack('N', $i++)); for ($j = 2; $j <= $count; ++$j) { $u = $hmac->hash($u); $f^= $u; } $key.= $f; } $key = substr($key, 0, $dkLen); break; default: $key = hash_pbkdf2($hash, $password, $salt, $count, $dkLen, true); } } $this->setKey($key); return true; } /** * Encrypts a message. * * $plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other cipher * implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's * necessary are discussed in the following * URL: * * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} * * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. * strlen($plaintext) will still need to be a multiple of the block size, however, arbitrary values can be added to make it that * length. * * @see self::decrypt() * @access public * @param string $plaintext * @return string $ciphertext * @internal Could, but not must, extend by the child Crypt_* class / function encrypt($plaintext) { if ($this->paddable) { $plaintext = $this->_pad($plaintext); } if ($this->engine === CRYPT_ENGINE_OPENSSL) { if ($this->changed) { $this->_clearBuffers(); $this->changed = false; } switch ($this->mode) { case CRYPT_MODE_STREAM: return openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options); case CRYPT_MODE_ECB: $result = @openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options); return !defined('OPENSSL_RAW_DATA') ? substr($result, 0, -$this->block_size) : $result; case CRYPT_MODE_CBC: $result = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->encryptIV); if (!defined('OPENSSL_RAW_DATA')) { $result = substr($result, 0, -$this->block_size); } if ($this->continuousBuffer) { $this->encryptIV = substr($result, -$this->block_size); } return $result; case CRYPT_MODE_CTR: return $this->_openssl_ctr_process($plaintext, $this->encryptIV, $this->enbuffer); case CRYPT_MODE_CFB: // cfb loosely routines inspired by openssl's: // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} $ciphertext = ''; if ($this->continuousBuffer) { $iv = &$this->encryptIV; $pos = &$this->enbuffer['pos']; } else { $iv = $this->encryptIV; $pos = 0; } $len = strlen($plaintext); $i = 0; if ($pos) { $orig_pos = $pos; $max = $this->block_size - $pos; if ($len >= $max) { $i = $max; $len-= $max; $pos = 0; } else { $i = $len; $pos+= $len; $len = 0; } // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize $ciphertext = substr($iv, $orig_pos) ^ $plaintext; $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); $plaintext = substr($plaintext, $i); } $overflow = $len % $this->block_size; if ($overflow) { $ciphertext.= openssl_encrypt(substr($plaintext, 0, -$overflow) . str_repeat("\0", $this->block_size), $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); $iv = $this->_string_pop($ciphertext, $this->block_size); $size = $len - $overflow; $block = $iv ^ substr($plaintext, -$overflow); $iv = substr_replace($iv, $block, 0, $overflow); $ciphertext.= $block; $pos = $overflow; } elseif ($len) { $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); $iv = substr($ciphertext, -$this->block_size); } return $ciphertext; case CRYPT_MODE_OFB: return $this->_openssl_ofb_process($plaintext, $this->encryptIV, $this->enbuffer); } } if ($this->engine === CRYPT_ENGINE_MCRYPT) { if ($this->changed) { $this->_setupMcrypt(); $this->changed = false; } if ($this->enchanged) { @mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); $this->enchanged = false; } // re: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} // using mcrypt's default handing of CFB the above would output two different things. using phpseclib's // rewritten CFB implementation the above outputs the same thing twice. if ($this->mode == CRYPT_MODE_CFB && $this->continuousBuffer) { $block_size = $this->block_size; $iv = &$this->encryptIV; $pos = &$this->enbuffer['pos']; $len = strlen($plaintext); $ciphertext = ''; $i = 0; if ($pos) { $orig_pos = $pos; $max = $block_size - $pos; if ($len >= $max) { $i = $max; $len-= $max; $pos = 0; } else { $i = $len; $pos+= $len; $len = 0; } $ciphertext = substr($iv, $orig_pos) ^ $plaintext; $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); $this->enbuffer['enmcrypt_init'] = true; } if ($len >= $block_size) { if ($this->enbuffer['enmcrypt_init'] === false \|\| $len > $this->cfb_init_len) { if ($this->enbuffer['enmcrypt_init'] === true) { @mcrypt_generic_init($this->enmcrypt, $this->key, $iv); $this->enbuffer['enmcrypt_init'] = false; } $ciphertext.= @mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size)); $iv = substr($ciphertext, -$block_size); $len%= $block_size; } else { while ($len >= $block_size) { $iv = @mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size); $ciphertext.= $iv; $len-= $block_size; $i+= $block_size; } } } if ($len) { $iv = @mcrypt_generic($this->ecb, $iv); $block = $iv ^ substr($plaintext, -$len); $iv = substr_replace($iv, $block, 0, $len); $ciphertext.= $block; $pos = $len; } return $ciphertext; } $ciphertext = @mcrypt_generic($this->enmcrypt, $plaintext); if (!$this->continuousBuffer) { @mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); } return $ciphertext; } if ($this->changed) { $this->_setup(); $this->changed = false; } if ($this->use_inline_crypt) { $inline = $this->inline_crypt; return $inline('encrypt', $this, $plaintext); } $buffer = &$this->enbuffer; $block_size = $this->block_size; $ciphertext = ''; switch ($this->mode) { case CRYPT_MODE_ECB: for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $ciphertext.= $this->_encryptBlock(substr($plaintext, $i, $block_size)); } break; case CRYPT_MODE_CBC: $xor = $this->encryptIV; for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $block = substr($plaintext, $i, $block_size); $block = $this->_encryptBlock($block ^ $xor); $xor = $block; $ciphertext.= $block; } if ($this->continuousBuffer) { $this->encryptIV = $xor; } break; case CRYPT_MODE_CTR: $xor = $this->encryptIV; if (strlen($buffer['ciphertext'])) { for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $block = substr($plaintext, $i, $block_size); if (strlen($block) > strlen($buffer['ciphertext'])) { $buffer['ciphertext'].= $this->_encryptBlock($xor); } $this->_increment_str($xor); $key = $this->_string_shift($buffer['ciphertext'], $block_size); $ciphertext.= $block ^ $key; } } else { for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $block = substr($plaintext, $i, $block_size); $key = $this->_encryptBlock($xor); $this->_increment_str($xor); $ciphertext.= $block ^ $key; } } if ($this->continuousBuffer) { $this->encryptIV = $xor; if ($start = strlen($plaintext) % $block_size) { $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; } } break; case CRYPT_MODE_CFB: // cfb loosely routines inspired by openssl's: // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} if ($this->continuousBuffer) { $iv = &$this->encryptIV; $pos = &$buffer['pos']; } else { $iv = $this->encryptIV; $pos = 0; } $len = strlen($plaintext); $i = 0; if ($pos) { $orig_pos = $pos; $max = $block_size - $pos; if ($len >= $max) { $i = $max; $len-= $max; $pos = 0; } else { $i = $len; $pos+= $len; $len = 0; } // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize $ciphertext = substr($iv, $orig_pos) ^ $plaintext; $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); } while ($len >= $block_size) { $iv = $this->_encryptBlock($iv) ^ substr($plaintext, $i, $block_size); $ciphertext.= $iv; $len-= $block_size; $i+= $block_size; } if ($len) { $iv = $this->_encryptBlock($iv); $block = $iv ^ substr($plaintext, $i); $iv = substr_replace($iv, $block, 0, $len); $ciphertext.= $block; $pos = $len; } break; case CRYPT_MODE_OFB: $xor = $this->encryptIV; if (strlen($buffer['xor'])) { for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $block = substr($plaintext, $i, $block_size); if (strlen($block) > strlen($buffer['xor'])) { $xor = $this->_encryptBlock($xor); $buffer['xor'].= $xor; } $key = $this->_string_shift($buffer['xor'], $block_size); $ciphertext.= $block ^ $key; } } else { for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $xor = $this->_encryptBlock($xor); $ciphertext.= substr($plaintext, $i, $block_size) ^ $xor; } $key = $xor; } if ($this->continuousBuffer) { $this->encryptIV = $xor; if ($start = strlen($plaintext) % $block_size) { $buffer['xor'] = substr($key, $start) . $buffer['xor']; } } break; case CRYPT_MODE_STREAM: $ciphertext = $this->_encryptBlock($plaintext); break; } return $ciphertext; } /* * Decrypts a message. * * If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until * it is. * * @see self::encrypt() * @access public * @param string $ciphertext * @return string $plaintext * @internal Could, but not must, extend by the child Crypt_* class / function decrypt($ciphertext) { if ($this->paddable) { // we pad with chr(0) since that's what mcrypt_generic does. to quote from {@link http://www.php.net/function.mcrypt-generic}: // "The data is padded with "\0" to make sure the length of the data is n blocksize." $ciphertext = str_pad($ciphertext, strlen($ciphertext) + ($this->block_size - strlen($ciphertext) % $this->block_size) % $this->block_size, chr(0)); } if ($this->engine === CRYPT_ENGINE_OPENSSL) { if ($this->changed) { $this->_clearBuffers(); $this->changed = false; } switch ($this->mode) { case CRYPT_MODE_STREAM: $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options); break; case CRYPT_MODE_ECB: if (!defined('OPENSSL_RAW_DATA')) { $ciphertext.= @openssl_encrypt('', $this->cipher_name_openssl_ecb, $this->key, true); } $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options); break; case CRYPT_MODE_CBC: if (!defined('OPENSSL_RAW_DATA')) { $padding = str_repeat(chr($this->block_size), $this->block_size) ^ substr($ciphertext, -$this->block_size); $ciphertext.= substr(@openssl_encrypt($padding, $this->cipher_name_openssl_ecb, $this->key, true), 0, $this->block_size); $offset = 2 * $this->block_size; } else { $offset = $this->block_size; } $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->decryptIV); if ($this->continuousBuffer) { $this->decryptIV = substr($ciphertext, -$offset, $this->block_size); } break; case CRYPT_MODE_CTR: $plaintext = $this->_openssl_ctr_process($ciphertext, $this->decryptIV, $this->debuffer); break; case CRYPT_MODE_CFB: // cfb loosely routines inspired by openssl's: // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} $plaintext = ''; if ($this->continuousBuffer) { $iv = &$this->decryptIV; $pos = &$this->buffer['pos']; } else { $iv = $this->decryptIV; $pos = 0; } $len = strlen($ciphertext); $i = 0; if ($pos) { $orig_pos = $pos; $max = $this->block_size - $pos; if ($len >= $max) { $i = $max; $len-= $max; $pos = 0; } else { $i = $len; $pos+= $len; $len = 0; } // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $this->blocksize $plaintext = substr($iv, $orig_pos) ^ $ciphertext; $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); $ciphertext = substr($ciphertext, $i); } $overflow = $len % $this->block_size; if ($overflow) { $plaintext.= openssl_decrypt(substr($ciphertext, 0, -$overflow), $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); if ($len - $overflow) { $iv = substr($ciphertext, -$overflow - $this->block_size, -$overflow); } $iv = openssl_encrypt(str_repeat("\0", $this->block_size), $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); $plaintext.= $iv ^ substr($ciphertext, -$overflow); $iv = substr_replace($iv, substr($ciphertext, -$overflow), 0, $overflow); $pos = $overflow; } elseif ($len) { $plaintext.= openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); $iv = substr($ciphertext, -$this->block_size); } break; case CRYPT_MODE_OFB: $plaintext = $this->_openssl_ofb_process($ciphertext, $this->decryptIV, $this->debuffer); } return $this->paddable ? $this->_unpad($plaintext) : $plaintext; } if ($this->engine === CRYPT_ENGINE_MCRYPT) { $block_size = $this->block_size; if ($this->changed) { $this->_setupMcrypt(); $this->changed = false; } if ($this->dechanged) { @mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); $this->dechanged = false; } if ($this->mode == CRYPT_MODE_CFB && $this->continuousBuffer) { $iv = &$this->decryptIV; $pos = &$this->debuffer['pos']; $len = strlen($ciphertext); $plaintext = ''; $i = 0; if ($pos) { $orig_pos = $pos; $max = $block_size - $pos; if ($len >= $max) { $i = $max; $len-= $max; $pos = 0; } else { $i = $len; $pos+= $len; $len = 0; } // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize $plaintext = substr($iv, $orig_pos) ^ $ciphertext; $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); } if ($len >= $block_size) { $cb = substr($ciphertext, $i, $len - $len % $block_size); $plaintext.= @mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; $iv = substr($cb, -$block_size); $len%= $block_size; } if ($len) { $iv = @mcrypt_generic($this->ecb, $iv); $plaintext.= $iv ^ substr($ciphertext, -$len); $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len); $pos = $len; } return $plaintext; } $plaintext = @mdecrypt_generic($this->demcrypt, $ciphertext); if (!$this->continuousBuffer) { @mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); } return $this->paddable ? $this->_unpad($plaintext) : $plaintext; } if ($this->changed) { $this->_setup(); $this->changed = false; } if ($this->use_inline_crypt) { $inline = $this->inline_crypt; return $inline('decrypt', $this, $ciphertext); } $block_size = $this->block_size; $buffer = &$this->debuffer; $plaintext = ''; switch ($this->mode) { case CRYPT_MODE_ECB: for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $plaintext.= $this->_decryptBlock(substr($ciphertext, $i, $block_size)); } break; case CRYPT_MODE_CBC: $xor = $this->decryptIV; for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $block = substr($ciphertext, $i, $block_size); $plaintext.= $this->_decryptBlock($block) ^ $xor; $xor = $block; } if ($this->continuousBuffer) { $this->decryptIV = $xor; } break; case CRYPT_MODE_CTR: $xor = $this->decryptIV; if (strlen($buffer['ciphertext'])) { for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $block = substr($ciphertext, $i, $block_size); if (strlen($block) > strlen($buffer['ciphertext'])) { $buffer['ciphertext'].= $this->_encryptBlock($xor); $this->_increment_str($xor); } $key = $this->_string_shift($buffer['ciphertext'], $block_size); $plaintext.= $block ^ $key; } } else { for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $block = substr($ciphertext, $i, $block_size); $key = $this->_encryptBlock($xor); $this->_increment_str($xor); $plaintext.= $block ^ $key; } } if ($this->continuousBuffer) { $this->decryptIV = $xor; if ($start = strlen($ciphertext) % $block_size) { $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; } } break; case CRYPT_MODE_CFB: if ($this->continuousBuffer) { $iv = &$this->decryptIV; $pos = &$buffer['pos']; } else { $iv = $this->decryptIV; $pos = 0; } $len = strlen($ciphertext); $i = 0; if ($pos) { $orig_pos = $pos; $max = $block_size - $pos; if ($len >= $max) { $i = $max; $len-= $max; $pos = 0; } else { $i = $len; $pos+= $len; $len = 0; } // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize $plaintext = substr($iv, $orig_pos) ^ $ciphertext; $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); } while ($len >= $block_size) { $iv = $this->_encryptBlock($iv); $cb = substr($ciphertext, $i, $block_size); $plaintext.= $iv ^ $cb; $iv = $cb; $len-= $block_size; $i+= $block_size; } if ($len) { $iv = $this->_encryptBlock($iv); $plaintext.= $iv ^ substr($ciphertext, $i); $iv = substr_replace($iv, substr($ciphertext, $i), 0, $len); $pos = $len; } break; case CRYPT_MODE_OFB: $xor = $this->decryptIV; if (strlen($buffer['xor'])) { for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $block = substr($ciphertext, $i, $block_size); if (strlen($block) > strlen($buffer['xor'])) { $xor = $this->_encryptBlock($xor); $buffer['xor'].= $xor; } $key = $this->_string_shift($buffer['xor'], $block_size); $plaintext.= $block ^ $key; } } else { for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $xor = $this->_encryptBlock($xor); $plaintext.= substr($ciphertext, $i, $block_size) ^ $xor; } $key = $xor; } if ($this->continuousBuffer) { $this->decryptIV = $xor; if ($start = strlen($ciphertext) % $block_size) { $buffer['xor'] = substr($key, $start) . $buffer['xor']; } } break; case CRYPT_MODE_STREAM: $plaintext = $this->_decryptBlock($ciphertext); break; } return $this->paddable ? $this->_unpad($plaintext) : $plaintext; } /** * OpenSSL CTR Processor * * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream * for CTR is the same for both encrypting and decrypting this function is re-used by both Crypt_Base::encrypt() * and Crypt_Base::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this * function will emulate CTR with ECB when necessary. * * @see self::encrypt() * @see self::decrypt() * @param string $plaintext * @param string $encryptIV * @param array $buffer * @return string * @access private / function _openssl_ctr_process($plaintext, &$encryptIV, &$buffer) { $ciphertext = ''; $block_size = $this->block_size; $key = $this->key; if ($this->openssl_emulate_ctr) { $xor = $encryptIV; if (strlen($buffer['ciphertext'])) { for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $block = substr($plaintext, $i, $block_size); if (strlen($block) > strlen($buffer['ciphertext'])) { $result = @openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, $this->openssl_options); $result = !defined('OPENSSL_RAW_DATA') ? substr($result, 0, -$this->block_size) : $result; $buffer['ciphertext'].= $result; } $this->_increment_str($xor); $otp = $this->_string_shift($buffer['ciphertext'], $block_size); $ciphertext.= $block ^ $otp; } } else { for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $block = substr($plaintext, $i, $block_size); $otp = @openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, $this->openssl_options); $otp = !defined('OPENSSL_RAW_DATA') ? substr($otp, 0, -$this->block_size) : $otp; $this->_increment_str($xor); $ciphertext.= $block ^ $otp; } } if ($this->continuousBuffer) { $encryptIV = $xor; if ($start = strlen($plaintext) % $block_size) { $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; } } return $ciphertext; } if (strlen($buffer['ciphertext'])) { $ciphertext = $plaintext ^ $this->_string_shift($buffer['ciphertext'], strlen($plaintext)); $plaintext = substr($plaintext, strlen($ciphertext)); if (!strlen($plaintext)) { return $ciphertext; } } $overflow = strlen($plaintext) % $block_size; if ($overflow) { $plaintext2 = $this->_string_pop($plaintext, $overflow); // ie. trim $plaintext to a multiple of $block_size and put rest of $plaintext in $plaintext2 $encrypted = openssl_encrypt($plaintext . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, $this->openssl_options, $encryptIV); $temp = $this->_string_pop($encrypted, $block_size); $ciphertext.= $encrypted . ($plaintext2 ^ $temp); if ($this->continuousBuffer) { $buffer['ciphertext'] = substr($temp, $overflow); $encryptIV = $temp; } } elseif (!strlen($buffer['ciphertext'])) { $ciphertext.= openssl_encrypt($plaintext . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, $this->openssl_options, $encryptIV); $temp = $this->_string_pop($ciphertext, $block_size); if ($this->continuousBuffer) { $encryptIV = $temp; } } if ($this->continuousBuffer) { if (!defined('OPENSSL_RAW_DATA')) { $encryptIV.= @openssl_encrypt('', $this->cipher_name_openssl_ecb, $key, $this->openssl_options); } $encryptIV = openssl_decrypt($encryptIV, $this->cipher_name_openssl_ecb, $key, $this->openssl_options); if ($overflow) { $this->_increment_str($encryptIV); } } return $ciphertext; } /* * OpenSSL OFB Processor * * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream * for OFB is the same for both encrypting and decrypting this function is re-used by both Crypt_Base::encrypt() * and Crypt_Base::decrypt(). * * @see self::encrypt() * @see self::decrypt() * @param string $plaintext * @param string $encryptIV * @param array $buffer * @return string * @access private / function _openssl_ofb_process($plaintext, &$encryptIV, &$buffer) { if (strlen($buffer['xor'])) { $ciphertext = $plaintext ^ $buffer['xor']; $buffer['xor'] = substr($buffer['xor'], strlen($ciphertext)); $plaintext = substr($plaintext, strlen($ciphertext)); } else { $ciphertext = ''; } $block_size = $this->block_size; $len = strlen($plaintext); $key = $this->key; $overflow = $len % $block_size; if (strlen($plaintext)) { if ($overflow) { $ciphertext.= openssl_encrypt(substr($plaintext, 0, -$overflow) . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, $this->openssl_options, $encryptIV); $xor = $this->_string_pop($ciphertext, $block_size); if ($this->continuousBuffer) { $encryptIV = $xor; } $ciphertext.= $this->_string_shift($xor, $overflow) ^ substr($plaintext, -$overflow); if ($this->continuousBuffer) { $buffer['xor'] = $xor; } } else { $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $key, $this->openssl_options, $encryptIV); if ($this->continuousBuffer) { $encryptIV = substr($ciphertext, -$block_size) ^ substr($plaintext, -$block_size); } } } return $ciphertext; } /* * phpseclib <-> OpenSSL Mode Mapper * * May need to be overwritten by classes extending this one in some cases * * @return int * @access private / function _openssl_translate_mode() { switch ($this->mode) { case CRYPT_MODE_ECB: return 'ecb'; case CRYPT_MODE_CBC: return 'cbc'; case CRYPT_MODE_CTR: return 'ctr'; case CRYPT_MODE_CFB: return 'cfb'; case CRYPT_MODE_OFB: return 'ofb'; } } /* * Pad "packets". * * Block ciphers working by encrypting between their specified [$this->]block_size at a time * If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to * pad the input so that it is of the proper length. * * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH, * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is * transmitted separately) * * @see self::disablePadding() * @access public / function enablePadding() { $this->padding = true; } /* * Do not pad packets. * * @see self::enablePadding() * @access public / function disablePadding() { $this->padding = false; } /* * Treat consecutive "packets" as if they are a continuous buffer. * * Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets * will yield different outputs: * * <code> * echo $rijndael->encrypt(substr($plaintext, 0, 16)); * echo $rijndael->encrypt(substr($plaintext, 16, 16)); * </code> * <code> * echo $rijndael->encrypt($plaintext); * </code> * * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates * another, as demonstrated with the following: * * <code> * $rijndael->encrypt(substr($plaintext, 0, 16)); * echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16))); * </code> * <code> * echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16))); * </code> * * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different * outputs. The reason is due to the fact that the initialization vector's change after every encryption / * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. * * Put another way, when the continuous buffer is enabled, the state of the Crypt_() object changes after each encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), * however, they are also less intuitive and more likely to cause you problems. * * @see self::disableContinuousBuffer() * @access public * @internal Could, but not must, extend by the child Crypt_* class / function enableContinuousBuffer() { if ($this->mode == CRYPT_MODE_ECB) { return; } $this->continuousBuffer = true; $this->_setEngine(); } /* * Treat consecutive packets as if they are a discontinuous buffer. * * The default behavior. * * @see self::enableContinuousBuffer() * @access public * @internal Could, but not must, extend by the child Crypt_* class / function disableContinuousBuffer() { if ($this->mode == CRYPT_MODE_ECB) { return; } if (!$this->continuousBuffer) { return; } $this->continuousBuffer = false; $this->changed = true; $this->_setEngine(); } /* * Test for engine validity * * @see self::Crypt_Base() * @param int $engine * @access public * @return bool / function isValidEngine($engine) { switch ($engine) { case CRYPT_ENGINE_OPENSSL: if ($this->mode == CRYPT_MODE_STREAM && $this->continuousBuffer) { return false; } $this->openssl_emulate_ctr = false; $result = $this->cipher_name_openssl && extension_loaded('openssl') && // PHP 5.3.0 - 5.3.2 did not let you set IV's version_compare(PHP_VERSION, '5.3.3', '>='); if (!$result) { return false; } // prior to PHP 5.4.0 OPENSSL_RAW_DATA and OPENSSL_ZERO_PADDING were not defined. instead of expecting an integer // $options openssl_encrypt expected a boolean $raw_data. if (!defined('OPENSSL_RAW_DATA')) { $this->openssl_options = true; } else { $this->openssl_options = OPENSSL_RAW_DATA \| OPENSSL_ZERO_PADDING; } $methods = openssl_get_cipher_methods(); if (in_array($this->cipher_name_openssl, $methods)) { return true; } // not all of openssl's symmetric cipher's support ctr. for those // that don't we'll emulate it switch ($this->mode) { case CRYPT_MODE_CTR: if (in_array($this->cipher_name_openssl_ecb, $methods)) { $this->openssl_emulate_ctr = true; return true; } } return false; case CRYPT_ENGINE_MCRYPT: return $this->cipher_name_mcrypt && extension_loaded('mcrypt') && in_array($this->cipher_name_mcrypt, @mcrypt_list_algorithms()); case CRYPT_ENGINE_INTERNAL: return true; } return false; } /* * Sets the preferred crypt engine * * Currently, $engine could be: * * - CRYPT_ENGINE_OPENSSL [very fast] * * - CRYPT_ENGINE_MCRYPT [fast] * * - CRYPT_ENGINE_INTERNAL [slow] * * If the preferred crypt engine is not available the fastest available one will be used * * @see self::Crypt_Base() * @param int $engine * @access public / function setPreferredEngine($engine) { switch ($engine) { //case CRYPT_ENGINE_OPENSSL: case CRYPT_ENGINE_MCRYPT: case CRYPT_ENGINE_INTERNAL: $this->preferredEngine = $engine; break; default: $this->preferredEngine = CRYPT_ENGINE_OPENSSL; } $this->_setEngine(); } /* * Returns the engine currently being utilized * * @see self::_setEngine() * @access public / function getEngine() { return $this->engine; } /* * Sets the engine as appropriate * * @see self::Crypt_Base() * @access private / function _setEngine() { $this->engine = null; $candidateEngines = array( $this->preferredEngine, CRYPT_ENGINE_OPENSSL, CRYPT_ENGINE_MCRYPT ); foreach ($candidateEngines as $engine) { if ($this->isValidEngine($engine)) { $this->engine = $engine; break; } } if (!$this->engine) { $this->engine = CRYPT_ENGINE_INTERNAL; } if ($this->engine != CRYPT_ENGINE_MCRYPT && $this->enmcrypt) { // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed, // (re)open them with the module named in $this->cipher_name_mcrypt @mcrypt_module_close($this->enmcrypt); @mcrypt_module_close($this->demcrypt); $this->enmcrypt = null; $this->demcrypt = null; if ($this->ecb) { @mcrypt_module_close($this->ecb); $this->ecb = null; } } $this->changed = true; } /* * Encrypts a block * * @access private * @param string $in * @return string * @internal Must be extended by the child Crypt_* class / function _encryptBlock($in) { user_error((version_compare(PHP_VERSION, '5.0.0', '>=') ? __METHOD__ : __FUNCTION__) . '() must extend by class ' . get_class($this), E_USER_ERROR); } /* * Decrypts a block * * @access private * @param string $in * @return string * @internal Must be extended by the child Crypt_* class / function _decryptBlock($in) { user_error((version_compare(PHP_VERSION, '5.0.0', '>=') ? __METHOD__ : __FUNCTION__) . '() must extend by class ' . get_class($this), E_USER_ERROR); } /* * Setup the key (expansion) * * Only used if $engine == CRYPT_ENGINE_INTERNAL * * @see self::_setup() * @access private * @internal Must be extended by the child Crypt_* class / function _setupKey() { user_error((version_compare(PHP_VERSION, '5.0.0', '>=') ? __METHOD__ : __FUNCTION__) . '() must extend by class ' . get_class($this), E_USER_ERROR); } /* * Setup the CRYPT_ENGINE_INTERNAL $engine * * (re)init, if necessary, the internal cipher $engine and flush all $buffers * Used (only) if $engine == CRYPT_ENGINE_INTERNAL * * _setup() will be called each time if $changed === true * typically this happens when using one or more of following public methods: * * - setKey() * * - setIV() * * - disableContinuousBuffer() * * - First run of encrypt() / decrypt() with no init-settings * * @see self::setKey() * @see self::setIV() * @see self::disableContinuousBuffer() * @access private * @internal _setup() is always called before en/decryption. * @internal Could, but not must, extend by the child Crypt_* class / function _setup() { $this->_clearBuffers(); $this->_setupKey(); if ($this->use_inline_crypt) { $this->_setupInlineCrypt(); } } /* * Setup the CRYPT_ENGINE_MCRYPT $engine * * (re)init, if necessary, the (ext)mcrypt resources and flush all $buffers * Used (only) if $engine = CRYPT_ENGINE_MCRYPT * * _setupMcrypt() will be called each time if $changed === true * typically this happens when using one or more of following public methods: * * - setKey() * * - setIV() * * - disableContinuousBuffer() * * - First run of encrypt() / decrypt() * * @see self::setKey() * @see self::setIV() * @see self::disableContinuousBuffer() * @access private * @internal Could, but not must, extend by the child Crypt_* class / function _setupMcrypt() { $this->_clearBuffers(); $this->enchanged = $this->dechanged = true; if (!isset($this->enmcrypt)) { static $mcrypt_modes = array( CRYPT_MODE_CTR => 'ctr', CRYPT_MODE_ECB => MCRYPT_MODE_ECB, CRYPT_MODE_CBC => MCRYPT_MODE_CBC, CRYPT_MODE_CFB => 'ncfb', CRYPT_MODE_OFB => MCRYPT_MODE_NOFB, CRYPT_MODE_STREAM => MCRYPT_MODE_STREAM, ); $this->demcrypt = @mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); $this->enmcrypt = @mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); // we need the $ecb mcrypt resource (only) in MODE_CFB with enableContinuousBuffer() // to workaround mcrypt's broken ncfb implementation in buffered mode // see: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} if ($this->mode == CRYPT_MODE_CFB) { $this->ecb = @mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, ''); } } // else should mcrypt_generic_deinit be called? if ($this->mode == CRYPT_MODE_CFB) { @mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size)); } } /* * Pads a string * * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize. * $this->block_size - (strlen($text) % $this->block_size) bytes are added, each of which is equal to * chr($this->block_size - (strlen($text) % $this->block_size) * * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless * and padding will, hence forth, be enabled. * * @see self::_unpad() * @param string $text * @access private * @return string / function _pad($text) { $length = strlen($text); if (!$this->padding) { if ($length % $this->block_size == 0) { return $text; } else { user_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})"); $this->padding = true; } } $pad = $this->block_size - ($length % $this->block_size); return str_pad($text, $length + $pad, chr($pad)); } /* * Unpads a string. * * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong * and false will be returned. * * @see self::_pad() * @param string $text * @access private * @return string / function _unpad($text) { if (!$this->padding) { return $text; } $length = ord($text[strlen($text) - 1]); if (!$length \|\| $length > $this->block_size) { return false; } return substr($text, 0, -$length); } /* * Clears internal buffers * * Clearing/resetting the internal buffers is done everytime * after disableContinuousBuffer() or on cipher $engine (re)init * ie after setKey() or setIV() * * @access public * @internal Could, but not must, extend by the child Crypt_* class / function _clearBuffers() { $this->enbuffer = $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); // mcrypt's handling of invalid's $iv: // $this->encryptIV = $this->decryptIV = strlen($this->iv) == $this->block_size ? $this->iv : str_repeat("\0", $this->block_size); $this->encryptIV = $this->decryptIV = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, "\0"); if (!$this->skip_key_adjustment) { $this->key = str_pad(substr($this->key, 0, $this->key_length), $this->key_length, "\0"); } } /* * String Shift * * Inspired by array_shift * * @param string $string * @param int $index * @access private * @return string / function _string_shift(&$string, $index = 1) { $substr = substr($string, 0, $index); $string = substr($string, $index); return $substr; } /* * String Pop * * Inspired by array_pop * * @param string $string * @param int $index * @access private * @return string / function _string_pop(&$string, $index = 1) { $substr = substr($string, -$index); $string = substr($string, 0, -$index); return $substr; } /* * Increment the current string * * @see self::decrypt() * @see self::encrypt() * @param string $var * @access private / function _increment_str(&$var) { for ($i = 4; $i <= strlen($var); $i+= 4) { $temp = substr($var, -$i, 4); switch ($temp) { case "\xFF\xFF\xFF\xFF": $var = substr_replace($var, "\x00\x00\x00\x00", -$i, 4); break; case "\x7F\xFF\xFF\xFF": $var = substr_replace($var, "\x80\x00\x00\x00", -$i, 4); return; default: $temp = unpack('Nnum', $temp); $var = substr_replace($var, pack('N', $temp['num'] + 1), -$i, 4); return; } } $remainder = strlen($var) % 4; if ($remainder == 0) { return; } $temp = unpack('Nnum', str_pad(substr($var, 0, $remainder), 4, "\0", STR_PAD_LEFT)); $temp = substr(pack('N', $temp['num'] + 1), -$remainder); $var = substr_replace($var, $temp, 0, $remainder); } /* * Setup the performance-optimized function for de/encrypt() * * Stores the created (or existing) callback function-name * in $this->inline_crypt * * Internally for phpseclib developers: * * _setupInlineCrypt() would be called only if: * * - $engine == CRYPT_ENGINE_INTERNAL and * * - $use_inline_crypt === true * * - each time on _setup(), after(!) _setupKey() * * * This ensures that _setupInlineCrypt() has always a * full ready2go initializated internal cipher $engine state * where, for example, the keys allready expanded, * keys/block_size calculated and such. * * It is, each time if called, the responsibility of _setupInlineCrypt(): * * - to set $this->inline_crypt to a valid and fully working callback function * as a (faster) replacement for encrypt() / decrypt() * * - NOT to create unlimited callback functions (for memory reasons!) * no matter how often _setupInlineCrypt() would be called. At some * point of amount they must be generic re-useable. * * - the code of _setupInlineCrypt() it self, * and the generated callback code, * must be, in following order: * - 100% safe * - 100% compatible to encrypt()/decrypt() * - using only php5+ features/lang-constructs/php-extensions if * compatibility (down to php4) or fallback is provided * - readable/maintainable/understandable/commented and... not-cryptic-styled-code :-) * - >= 10% faster than encrypt()/decrypt() [which is, by the way, * the reason for the existence of _setupInlineCrypt() :-)] * - memory-nice * - short (as good as possible) * * Note: - _setupInlineCrypt() is using _createInlineCryptFunction() to create the full callback function code. * - In case of using inline crypting, _setupInlineCrypt() must extend by the child Crypt_* class. * - The following variable names are reserved: * - $_* (all variable names prefixed with an underscore) * - $self (object reference to it self. Do not use $this, but $self instead) * - $in (the content of $in has to en/decrypt by the generated code) * - The callback function should not use the 'return' statement, but en/decrypt'ing the content of $in only * * * @see self::_setup() * @see self::_createInlineCryptFunction() * @see self::encrypt() * @see self::decrypt() * @access private * @internal If a Crypt_* class providing inline crypting it must extend _setupInlineCrypt() / function _setupInlineCrypt() { // If, for any reason, an extending Crypt_Base() Crypt_ class // not using inline crypting then it must be ensured that: $this->use_inline_crypt = false // ie in the class var declaration of $use_inline_crypt in general for the Crypt_* class, // in the constructor at object instance-time // or, if it's runtime-specific, at runtime $this->use_inline_crypt = false; } /** * Creates the performance-optimized function for en/decrypt() * * Internally for phpseclib developers: * * _createInlineCryptFunction(): * * - merge the $cipher_code [setup'ed by _setupInlineCrypt()] * with the current [$this->]mode of operation code * * - create the $inline function, which called by encrypt() / decrypt() * as its replacement to speed up the en/decryption operations. * * - return the name of the created $inline callback function * * - used to speed up en/decryption * * * * The main reason why can speed up things [up to 50%] this way are: * * - using variables more effective then regular. * (ie no use of expensive arrays but integers $k_0, $k_1 ... * or even, for example, the pure $key[] values hardcoded) * * - avoiding 1000's of function calls of ie _encryptBlock() * but inlining the crypt operations. * in the mode of operation for() loop. * * - full loop unroll the (sometimes key-dependent) rounds * avoiding this way ++$i counters and runtime-if's etc... * * The basic code architectur of the generated $inline en/decrypt() * lambda function, in pseudo php, is: * * <code> * +----------------------------------------------------------------------------------------------+ * \| callback $inline = create_function: \| * \| lambda_function_0001_crypt_ECB($action, $text) \| * \| { \| * \| INSERT PHP CODE OF: \| * \| $cipher_code['init_crypt']; // general init code. \| * \| // ie: $sbox'es declarations used for \| * \| // encrypt and decrypt'ing. \| * \| \| * \| switch ($action) { \| * \| case 'encrypt': \| * \| INSERT PHP CODE OF: \| * \| $cipher_code['init_encrypt']; // encrypt sepcific init code. \| * \| ie: specified $key or $box \| * \| declarations for encrypt'ing. \| * \| \| * \| foreach ($ciphertext) { \| * \| $in = $block_size of $ciphertext; \| * \| \| * \| INSERT PHP CODE OF: \| * \| $cipher_code['encrypt_block']; // encrypt's (string) $in, which is always: \| * \| // strlen($in) == $this->block_size \| * \| // here comes the cipher algorithm in action \| * \| // for encryption. \| * \| // $cipher_code['encrypt_block'] has to \| * \| // encrypt the content of the $in variable \| * \| \| * \| $plaintext .= $in; \| * \| } \| * \| return $plaintext; \| * \| \| * \| case 'decrypt': \| * \| INSERT PHP CODE OF: \| * \| $cipher_code['init_decrypt']; // decrypt sepcific init code \| * \| ie: specified $key or $box \| * \| declarations for decrypt'ing. \| * \| foreach ($plaintext) { \| * \| $in = $block_size of $plaintext; \| * \| \| * \| INSERT PHP CODE OF: \| * \| $cipher_code['decrypt_block']; // decrypt's (string) $in, which is always \| * \| // strlen($in) == $this->block_size \| * \| // here comes the cipher algorithm in action \| * \| // for decryption. \| * \| // $cipher_code['decrypt_block'] has to \| * \| // decrypt the content of the $in variable \| * \| $ciphertext .= $in; \| * \| } \| * \| return $ciphertext; \| * \| } \| * \| } \| * +----------------------------------------------------------------------------------------------+ * </code> * * See also the Crypt_::_setupInlineCrypt()'s for productive inline $cipher_code's how they works. * * Structure of: * <code> * $cipher_code = array( * 'init_crypt' => (string) '', // optional * 'init_encrypt' => (string) '', // optional * 'init_decrypt' => (string) '', // optional * 'encrypt_block' => (string) '', // required * 'decrypt_block' => (string) '' // required * ); * </code> * * @see self::_setupInlineCrypt() * @see self::encrypt() * @see self::decrypt() * @param array $cipher_code * @access private * @return string (the name of the created callback function) / function _createInlineCryptFunction($cipher_code) { $block_size = $this->block_size; // optional $init_crypt = isset($cipher_code['init_crypt']) ? $cipher_code['init_crypt'] : ''; $init_encrypt = isset($cipher_code['init_encrypt']) ? $cipher_code['init_encrypt'] : ''; $init_decrypt = isset($cipher_code['init_decrypt']) ? $cipher_code['init_decrypt'] : ''; // required $encrypt_block = $cipher_code['encrypt_block']; $decrypt_block = $cipher_code['decrypt_block']; // Generating mode of operation inline code, // merged with the $cipher_code algorithm // for encrypt- and decryption. switch ($this->mode) { case CRYPT_MODE_ECB: $encrypt = $init_encrypt . ' $_ciphertext = ""; $_plaintext_len = strlen($_text); for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { $in = substr($_text, $_i, '.$block_size.'); '.$encrypt_block.' $_ciphertext.= $in; } return $_ciphertext; '; $decrypt = $init_decrypt . ' $_plaintext = ""; $_text = str_pad($_text, strlen($_text) + ('.$block_size.' - strlen($_text) % '.$block_size.') % '.$block_size.', chr(0)); $_ciphertext_len = strlen($_text); for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { $in = substr($_text, $_i, '.$block_size.'); '.$decrypt_block.' $_plaintext.= $in; } return $self->_unpad($_plaintext); '; break; case CRYPT_MODE_CTR: $encrypt = $init_encrypt . ' $_ciphertext = ""; $_plaintext_len = strlen($_text); $_xor = $self->encryptIV; $_buffer = &$self->enbuffer; if (strlen($_buffer["ciphertext"])) { for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); if (strlen($_block) > strlen($_buffer["ciphertext"])) { $in = $_xor; '.$encrypt_block.' $self->_increment_str($_xor); $_buffer["ciphertext"].= $in; } $_key = $self->_string_shift($_buffer["ciphertext"], '.$block_size.'); $_ciphertext.= $_block ^ $_key; } } else { for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); $in = $_xor; '.$encrypt_block.' $self->_increment_str($_xor); $_key = $in; $_ciphertext.= $_block ^ $_key; } } if ($self->continuousBuffer) { $self->encryptIV = $_xor; if ($_start = $_plaintext_len % '.$block_size.') { $_buffer["ciphertext"] = substr($_key, $_start) . $_buffer["ciphertext"]; } } return $_ciphertext; '; $decrypt = $init_encrypt . ' $_plaintext = ""; $_ciphertext_len = strlen($_text); $_xor = $self->decryptIV; $_buffer = &$self->debuffer; if (strlen($_buffer["ciphertext"])) { for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); if (strlen($_block) > strlen($_buffer["ciphertext"])) { $in = $_xor; '.$encrypt_block.' $self->_increment_str($_xor); $_buffer["ciphertext"].= $in; } $_key = $self->_string_shift($_buffer["ciphertext"], '.$block_size.'); $_plaintext.= $_block ^ $_key; } } else { for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); $in = $_xor; '.$encrypt_block.' $self->_increment_str($_xor); $_key = $in; $_plaintext.= $_block ^ $_key; } } if ($self->continuousBuffer) { $self->decryptIV = $_xor; if ($_start = $_ciphertext_len % '.$block_size.') { $_buffer["ciphertext"] = substr($_key, $_start) . $_buffer["ciphertext"]; } } return $_plaintext; '; break; case CRYPT_MODE_CFB: $encrypt = $init_encrypt . ' $_ciphertext = ""; $_buffer = &$self->enbuffer; if ($self->continuousBuffer) { $_iv = &$self->encryptIV; $_pos = &$_buffer["pos"]; } else { $_iv = $self->encryptIV; $_pos = 0; } $_len = strlen($_text); $_i = 0; if ($_pos) { $_orig_pos = $_pos; $_max = '.$block_size.' - $_pos; if ($_len >= $_max) { $_i = $_max; $_len-= $_max; $_pos = 0; } else { $_i = $_len; $_pos+= $_len; $_len = 0; } $_ciphertext = substr($_iv, $_orig_pos) ^ $_text; $_iv = substr_replace($_iv, $_ciphertext, $_orig_pos, $_i); } while ($_len >= '.$block_size.') { $in = $_iv; '.$encrypt_block.'; $_iv = $in ^ substr($_text, $_i, '.$block_size.'); $_ciphertext.= $_iv; $_len-= '.$block_size.'; $_i+= '.$block_size.'; } if ($_len) { $in = $_iv; '.$encrypt_block.' $_iv = $in; $_block = $_iv ^ substr($_text, $_i); $_iv = substr_replace($_iv, $_block, 0, $_len); $_ciphertext.= $_block; $_pos = $_len; } return $_ciphertext; '; $decrypt = $init_encrypt . ' $_plaintext = ""; $_buffer = &$self->debuffer; if ($self->continuousBuffer) { $_iv = &$self->decryptIV; $_pos = &$_buffer["pos"]; } else { $_iv = $self->decryptIV; $_pos = 0; } $_len = strlen($_text); $_i = 0; if ($_pos) { $_orig_pos = $_pos; $_max = '.$block_size.' - $_pos; if ($_len >= $_max) { $_i = $_max; $_len-= $_max; $_pos = 0; } else { $_i = $_len; $_pos+= $_len; $_len = 0; } $_plaintext = substr($_iv, $_orig_pos) ^ $_text; $_iv = substr_replace($_iv, substr($_text, 0, $_i), $_orig_pos, $_i); } while ($_len >= '.$block_size.') { $in = $_iv; '.$encrypt_block.' $_iv = $in; $cb = substr($_text, $_i, '.$block_size.'); $_plaintext.= $_iv ^ $cb; $_iv = $cb; $_len-= '.$block_size.'; $_i+= '.$block_size.'; } if ($_len) { $in = $_iv; '.$encrypt_block.' $_iv = $in; $_plaintext.= $_iv ^ substr($_text, $_i); $_iv = substr_replace($_iv, substr($_text, $_i), 0, $_len); $_pos = $_len; } return $_plaintext; '; break; case CRYPT_MODE_OFB: $encrypt = $init_encrypt . ' $_ciphertext = ""; $_plaintext_len = strlen($_text); $_xor = $self->encryptIV; $_buffer = &$self->enbuffer; if (strlen($_buffer["xor"])) { for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); if (strlen($_block) > strlen($_buffer["xor"])) { $in = $_xor; '.$encrypt_block.' $_xor = $in; $_buffer["xor"].= $_xor; } $_key = $self->_string_shift($_buffer["xor"], '.$block_size.'); $_ciphertext.= $_block ^ $_key; } } else { for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { $in = $_xor; '.$encrypt_block.' $_xor = $in; $_ciphertext.= substr($_text, $_i, '.$block_size.') ^ $_xor; } $_key = $_xor; } if ($self->continuousBuffer) { $self->encryptIV = $_xor; if ($_start = $_plaintext_len % '.$block_size.') { $_buffer["xor"] = substr($_key, $_start) . $_buffer["xor"]; } } return $_ciphertext; '; $decrypt = $init_encrypt . ' $_plaintext = ""; $_ciphertext_len = strlen($_text); $_xor = $self->decryptIV; $_buffer = &$self->debuffer; if (strlen($_buffer["xor"])) { for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); if (strlen($_block) > strlen($_buffer["xor"])) { $in = $_xor; '.$encrypt_block.' $_xor = $in; $_buffer["xor"].= $_xor; } $_key = $self->_string_shift($_buffer["xor"], '.$block_size.'); $_plaintext.= $_block ^ $_key; } } else { for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { $in = $_xor; '.$encrypt_block.' $_xor = $in; $_plaintext.= substr($_text, $_i, '.$block_size.') ^ $_xor; } $_key = $_xor; } if ($self->continuousBuffer) { $self->decryptIV = $_xor; if ($_start = $_ciphertext_len % '.$block_size.') { $_buffer["xor"] = substr($_key, $_start) . $_buffer["xor"]; } } return $_plaintext; '; break; case CRYPT_MODE_STREAM: $encrypt = $init_encrypt . ' $_ciphertext = ""; '.$encrypt_block.' return $_ciphertext; '; $decrypt = $init_decrypt . ' $_plaintext = ""; '.$decrypt_block.' return $_plaintext; '; break; // case CRYPT_MODE_CBC: default: $encrypt = $init_encrypt . ' $_ciphertext = ""; $_plaintext_len = strlen($_text); $in = $self->encryptIV; for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { $in = substr($_text, $_i, '.$block_size.') ^ $in; '.$encrypt_block.' $_ciphertext.= $in; } if ($self->continuousBuffer) { $self->encryptIV = $in; } return $_ciphertext; '; $decrypt = $init_decrypt . ' $_plaintext = ""; $_text = str_pad($_text, strlen($_text) + ('.$block_size.' - strlen($_text) % '.$block_size.') % '.$block_size.', chr(0)); $_ciphertext_len = strlen($_text); $_iv = $self->decryptIV; for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { $in = $_block = substr($_text, $_i, '.$block_size.'); '.$decrypt_block.' $_plaintext.= $in ^ $_iv; $_iv = $_block; } if ($self->continuousBuffer) { $self->decryptIV = $_iv; } return $self->_unpad($_plaintext); '; break; } // Create the $inline function and return its name as string. Ready to run! if (version_compare(PHP_VERSION, '5.3.0') >= 0) { eval('$func = function ($_action, &$self, $_text) { ' . $init_crypt . 'if ($_action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' } };'); return $func; } return create_function('$_action, &$self, $_text', $init_crypt . 'if ($_action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }'); } /* * Holds the lambda_functions table (classwide) * * Each name of the lambda function, created from * _setupInlineCrypt() && _createInlineCryptFunction() * is stored, classwide (!), here for reusing. * * The string-based index of $function is a classwide * unique value representing, at least, the $mode of * operation (or more... depends of the optimizing level) * for which $mode the lambda function was created. * * @access private * @return array &$functions / function &_getLambdaFunctions() { static $functions = array(); return $functions; } /* * Generates a digest from $bytes * * @see self::_setupInlineCrypt() * @access private * @param $bytes * @return string / function _hashInlineCryptFunction($bytes) { if (!defined('CRYPT_BASE_WHIRLPOOL_AVAILABLE')) { define('CRYPT_BASE_WHIRLPOOL_AVAILABLE', (bool)(extension_loaded('hash') && in_array('whirlpool', hash_algos()))); } $result = ''; $hash = $bytes; switch (true) { case CRYPT_BASE_WHIRLPOOL_AVAILABLE: foreach (str_split($bytes, 64) as $t) { $hash = hash('whirlpool', $hash, true); $result .= $t ^ $hash; } return $result . hash('whirlpool', $hash, true); default: $len = strlen($bytes); for ($i = 0; $i < $len; $i+=20) { $t = substr($bytes, $i, 20); $hash = pack('H', sha1($hash)); $result .= $t ^ $hash; } return $result . pack('H', sha1($hash)); } } /* * Convert float to int * * On 32-bit Linux installs running PHP < 5.3 converting floats to ints doesn't always work * * @access private * @param string $x * @return int / function safe_intval($x) { switch (true) { case is_int($x): // PHP 5.3, per http://php.net/releases/5_3_0.php, introduced "more consistent float rounding" case version_compare(PHP_VERSION, '5.3.0') >= 0 && (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': // PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster case (PHP_OS & "\xDF\xDF\xDF") === 'WIN': return $x; } return (fmod($x, 0x80000000) & 0x7FFFFFFF) \| ((fmod(floor($x / 0x80000000), 2) & 1) << 31); } /* * eval()'able string for in-line float to int * * @access private * @return string / function safe_intval_inline() { // on 32-bit linux systems with PHP < 5.3 float to integer conversion is bad switch (true) { case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8: case version_compare(PHP_VERSION, '5.3.0') >= 0 && (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': case (PHP_OS & "\xDF\xDF\xDF") === 'WIN': return '%s'; break; default: $safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) \| '; return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))'; } } } ��phpseclib/psl.class��0000644��00000674160�15104540706�0010362 0��ustar�00��eJzsfW17IreS6Ofd57n/QXF8D3aCMeCX8UxmJsHQHrNjgw/gTGZzsjxtaOw+AzTpbvyye3J/+60qSf0qdTfYnkyy4e498YBUKpVKpapSqWp3t2P5u/3+ab2yuFn8+/+B/7f7zTf/59/ZN+xi6Vo7F6cXzJ4tptbMmvumbztz5kwYtL+tV7AVbwmNbi3Xg189ts/M+ZgdBD+eWq7FTPj/njOzmHVvIjQPodw4d8x32NKzmH9je2xqX7mm+/CKur0eOWPrLf/ze0CN/oKPPR9Nl2NrqxTFu7T9XTAefDY974a9YXPrjkGrIbbaKt3d3VXGzsy05xV/OhY9COKEbX2FXXbeTp1re75VAozcuTmzSmVWWpied+e40GGb/Y/sgh/r3va3SmfYg52Y9tSKwvwtio41unEYH8C6t0ZbpcVdtG3q56nHdqambPG9IMJuQJBi9Gm6Dwt/t9dvRAhUmICfrAdBQAIzBDBbIYjdXWyw89az/AtBHqDvjelbwAWRoXirqWOO31sPWxOg0fAa1mPkzH3gJg8I4dq30AuaAXmfawkRiydZPNcyxyHkH+Qfr/7fZnTO1PTOtX1ra4Ov5D/mG8rVzoenWfuzdtPo9I1X7MJyZ7aH+47B/rmBnXb1wK5dE+g7LrOJa1m4z0Y3pnttlXGvmfMHtoCditv4ygdC2vNrZrKRs3ggyNCatqLnTPw73LS4l2GJnZEN6zRmY2e0DCUBrqjHtvwbi230RY+NbRpobJlTgggExt/lz+zO9m+cpc9cy/Nde4RwyoInERf589Se2WIU7O7a1ze+RwC5xCgTzmU2c8b2BP9r0RQXy6up7d2U2dhG8FdLH7708MuRNcdeMJ9dx2WeNeXoARSbS6MoltQOR1oggX1BMg+/ubtxZvEZ2RyvydKdw9AW9Rs7QEIa+Z/WyMdvsMvEmU6dO5wmbIGxjbPzXgWrOoAW5pVza9HUaMZs7viAOccG12URLrj4ybsxp1N2Zcl9PYY/CBx+LWfnIiaeD3xhm1O2cFwaOjnrUKAPTg3W754MPjR6Bmv32UWv+2O7ZbTYRqMP/94osw/twWn3csCgRa/RGXxk3RPW6Hxk79udVpkZP130jH6fdXsErn1+cdY24Pt2p3l22Wp33rFj6NvpDoCVz9sDADzo0qACXNvoI8Bzo9c8hX82jttn7cHHMgE7aQ86CPuk22MNdtHoDdrNy7NGj11c9i66fQPQaAHoTrtz0oORjHOjM6jAyPAdM36Ef7D+aePsDIcjeI1LmEkPcWXN7sXHXvvd6YCdds9aBnx5bACGjeMzgw8HE2yeNdrnZdZqnDfeGdSrC5B6Yl9KTNmHUwO/xnEb8H/NQbvbwSk1u51BD/5Zhhn3BkH3D+2+UWaNXruPxDnpdc/5ZJHE0KtLgKBvx+CQkPzxVYIm+O/LvhEAZS2jcQbwYMk6qWUNF/uHEWzta8d9YChq+VcLc/TJvLYYC6Qv/95cwvZ0UY79hz1jH+xrEKA+MONr33Jdc+I6nv8DHCeVueW/FcADXj4//7HdjvfjTcTmBKA3vr94tbuLct5ZwHfO0h1ZFce93hVtvF3YjjviH5UbfzZlDBiInfFvJLz5Jy7mBTzAyLNGoF5UOMQJQLQQR2y/K3Ser3/4lrobcAYvSfAc2/7MXLBz0/vkhdTyQKhKorx6dUVtBHFGI8uDPcoPNQF7bE3sOZ62xoC6DM8b/fdDWMr+oHfZBCaAE4qx6n2Vf2oo+dV9zrrv2p1hz/g79Yj0qef0Ee1jffb1ffqnxtmZqs+Rvs8H2PbdD8NG6z8u+wPoW/1JTKeKfYi6OylKN2/M+dxCKTUn2RQSuXfS3K8f7MMhMQHJi6IORSisIBw9JAzhqARVA082hOCxKzxRTBBmLjb0rPkY/sKGrjWyF9RNtq0wdmeBgJ6XfA5fnirQe8aPK9Nnd+YDCNWRicqpxMZ3rq/xwEOZObNMPDsr9A+BGA7rwWkKZBme998NUXZ1jLNh98LoQAfPwx2FBxyXzxJNgZgQ8pacWxY05J+Tdu+8QcIAcIbTdOHQAYfwQ9h0fNNwQAgrRgigA8xzYruez66n5nwEnR+cJZvRZoU1oeOEUyMXh5KXmA2Neecsp2M8m2haoNrgIYYKh6eEmAJSpnW1/RKxQBlPP6GezO2F5b8KNDo8OkuppS6hUkTrIyg8X86uAMS1fWvNpWLigHCy50JZwQ8KHqDWr0tQULgeUIpjpQMLB64zIi3p6iGARkMQX3r2OHLCJsTIEIcYCoBDlL6Wv7WtbEkatLJhMfkjKW78ZDTlLoddCko9WHyDwQNqVx5s+lq1mtE7KiTUMitoeXnc/9gfGOfQup4hDQL0SVtTTR1mDho7n+1uaKf2LB9UL7kt+S7jS+LpaABicdhHrcTAKdQEVlpowmDJgtbsIrSfInPk5/fSXyx9wS4cCvCWOd3x7Zl2hRBeD47uQfsc8duLAmwtZwsNONLvSScvAnh40qbZ7z9qSciE0S3I3Q3sJBBFoIjDpp+Z/oh2/6Z1v0Cl2Lo3R/70AXfTxFnOxzqsAeNW3mpphiLTwbpeTk0XhluAlCTVWWJQaOSe8S69rufmJ5BoS1fIRxwHDE8wV1FyA596bIo2F4orc04yK2tNzhs/wQT/E6dXq9b3AT7+R7EwK/plAjVOrcQVVeGEa4dVK7VKNcYYEc4AFEdTsBQjY6HFjd4Cwhs/3MaBHxnIQrBFJjadvvRT0OSHW1isPi1k+F1KtNH3u/wP7LAZQvwOiaUc2EFpybpkk6nHjf9WZNwJ2MaflEMmFcnUiIgT6I8e5yFykVm4n5FPcWdPlvMRN9SowY0JpuGVBYw+gqMGjhlzitvvoYLnH7Ay/B+Ibm5+Wj4aivMAY/SQmHSq2Z7tWwFoAOpxmN6SpjpZTmFLWoS6NQbQ7Qk/e4GNgT/QkrwJT3XXuZtX1JRsg3S6Dpe3CCm5Ls3esKqanjS8PQftfUYcnx44dV5QH48klK7JmenxZtFW6/EgEciDCZiwkx7IYZaeRp+rd+2MHZDCkfeRXUY0+8ejyxXNYbhzAPNSSYn0e+sB+BnVDpAmjSlYi6BmzrwCqL+37mV7e+YlkW4goVbB+ZN1PzSD8bMIfAqCjPBeCV3eGftC17Dno/EWtL4BwMNP1kPeHIz5CP2uuENDJF6xJjc0YIdzPIvsgABSCIiDqXMYj56aFYwQmdWQ20RD3xnyqa8yTbGCME2O6ZrT5GDqHMYzTVOsK0yTT1g5zfNG87HLCCCea/1m5mjlhUvOaI0Vi83oaZcqMaNCa9R0ZoF++Mi1ioB6rjUbhUOsvHa6ma6xhsqZPu1aamZaaE3P4Lhagv673uSC3k87oakEu/Ic1mDFoPfTsl84h0IcdzwFHZn17f/GKxA3tRaRYyA1pY2O40eNLGt+7d/Iiwt0UgGG88D+KXGHyJA3K5UDMPjLGC+Ygp/wmwe8miwJJ48L/+vMmGhXYueX/QFquSabLae+vZiGynQwvr1Az84VTc/D6cHsjspgjdqjGzIFbWkISiWdfJ2uaYccyIKRLFRtR3hzZ6GDimzapYd2LHSxzJkYz6tspMjEdnaks9t3nKlXsS1/Qo5z9JHvupPRfv1g72vPIq1/5zCPdYI7V63mzD1WV/bcdB+ifqgIW61hAohDdkgkHRJJ37CjIkyV3BxZTLX6ZNHp9tRzHVuF55qxY7Tm7KozWN30FRMArCfm1LPUh41+WYpins9oq6Mu+Gw11E9R6/kdkb5BvWYEksC3MhFPccsqiD8Dn3C8byzYrplokwCdyPuP8MIH0U/h/cFic4t7Oz7NnTsKJrqyucuP5ntn83txFA6Ra5UQ7Nh2uThkniMufawQ1gxDJa4efItu/dHREjg62IkAOQo4RN7ZgC1dDlFw+O0/YTJDj2HwiwnngsNvQmyfJkLDXFlwTjSg9V04u7HDIwz40OZiAZwFnRRul88gs2gphajKZcALcg4GhngBdYV35P2EDf5kbg7uqgwscA3iIpiGu0QUKtYGOu0s6Qm5Mb0bdsomrogJ4bdpGDwVNIEzHzUK5DNzOg21LO6rMz3Bm7FxbcsVSgR1Z8u5/evSivyKTB1C8oViMefs/Hj14EWlnstd6MSQk3yKNeIavj3OZCwjSvgUirg0o6Xr4p60Mls+72QkpCGxR9Z8zsUFUye4rsrEU6WorGcg83GH4posx2PZsr2QuwKcSyATMY4MQ9O8EuMXGxh9JO7L9z7bbMYBfkOOU64LVnWdfdJon132jMS8yumJ7X+2iclrXrySHk5Me7p0rYJTHJD/35yyc5xGGmOKkckVCfuBSDh69sn6AuPhDDFecQWNnwZGp2W0hq3GoFHy2Nj0zaH/sLCGo6eZ/0EoEp99ua17HwMOxsPELHIvFkAx6GPgwnwkRUpq4n1AvdQXW/mwsg/6RgtG4bqAa/sPJVTBxIFAutPMwRhHME3zNY5nMQkJqGf9Opw72quhd5b/+878OXQthJkzb6FoiUCqNJufmwtPaqlBrFSoro50/QrGnCgbUwz7E12XBDhnc74MJDteTiaqY7SNl5+CDCKyB9UqPhOuvTnzMJ6HgsmskWXfovJ/54iGHm9pznk8jw+apBX8xG9FgxHB7lhMzRE/NkyAOFEpk787meVgHL+iZO77pr9MU7npzDGinGu0KLWkm2xqehQc58uAmkcS4lFT9Qj5nJlecM5Ai1Sxp+7t2XImuYeMIRvE9T0FfkXi37KnqAv4eswchfcTUUo5ZnNmHNdE2ZlznTeDSDTWY3COq6JDjKIphunnRzEfN7RAPgAzOHdq3jnm/oQgJnBhuj6wjDmnwEeQGhM6cmCjLD2MQYW/pPvijoMlJwFYlP+EBsBwW9X7Fyf8A6jV3x1vp2miPH5W48Zs0ZNPQY68dByEOCuJKAiIjcspr01qepHWX8o2jMw2dceTw0CxuSfdS08992eQstGpryiB+tKFdj0HCe2mN8+PlovOjzEzr/GY8cFkuLE9fIUmfQcF5MHzeJgkzvoAmuTsGI9iSmGMD8Ncz6QnO/Dn2PNylc9nn9WQ46qfHEoX1wTN+tYSOlgezkHc6GOYzQ6H5aPqMWwKtxCKcE8lmfs8qo0HcFr3I3S+KmM0i0kUrS3wGewGmCNtQPUJZc8sZ5l7DeBZvmi5mqD3eafMNSiIQo54KqDxLd1BBjq9IG4amQLDptnCIZbKxYw74VEfSC5Xz+IvjFbBEwO4EQ+EN0Q8iqKrZOTiuK7BWjFUtTx2Kr3agbCjCNNbc2qP8X3E908j0Y4dZ2qZ81XwD0VagEymf1ZB9DvXXLCr+NArEn9FOuOISuxOpuY1aQfLBYXIMM8fW64rDFp6eZCHoTU3r6bW35e25aOjcDUsf8Vu5K7LJCJuQjQF+eXI3AKL2v3ESG7bvuJWqEj4iecLkaC5JgDFWRh6Lr0QgHUmquCrcgyFnivGXTdkAQYTVmXmKgnHAzPZxeBjNLgjrk5nrxR0XZWTaNThwn/IXCTCEsPP726QyzlOePvkLuf0SDyKcBqV1Y7tYQSrIQ5VDDVz4qMK5YPR1F9eeQ9gAc04kjwgfk1kPAlLEy3HkxXQzbQ/pkjxdQaSfcEg1ZqOGIoeU6Z64llfrqD5ZD1cOaY7HkZ0ouHCdRCr1RiG9lYUinxamBkcToMnUOfsvhtMIt/N+HSzCCBJd18wjTzXzzEqHK70MqRQ/vvS8XEPBFe+vZNmmW3Yc57e5J9L1/bGPK2BVyarnmdYuDNd2kbySRk39QOw+CQHL3d5aD+b0etTEBlT69accycAHIo08tS6xjf8ruNrr3uTdIWDy49H/aXOWz5tMevVaH1FXYdyZlo2adljxvV+JtREtHK4fGZzNDGm04dc3cD2EvpjoV3uDeWQWZIG9iZoFcv5GPTxfKKSUYQn9ErbCw70KzEEkuqVmlaIyRkGiHywx37+/fX6uGAUyvAOBwFsDg+0yIB95PrPjo2HowTo1A7VfGRNzOXUR8ns+e5y5Dtu2kZu8gthjyc94Q/jdG6UHxama86Ehcw2MUIk+Zuz4AEcUkFgm5hEI7+Vn+RVwe6RB3kJAskHdVH6BK+1gqtGQrLMsUDHX70cjIWEq4oNLF7gEQV3ASv+pPvc9G+Gx/Z1XNnhbS69IOqoZU8mtrVzak2nMyBhLKoFI2Zb/QamF4qo+bfkoeEyrBKCpew89DgQDnvbw8Q/CRRkcqXIR6QzGTp4pUftd8P2lLLou7DDb5JPguEkyYIReawlD/Id8neiuaOKFErUJ3/I+Ax53iQwhW4KDoNNMwcR7q6I8gtLDTPxnU9bM3sEBwIwwNZ2mZVYaZt9K38qlfjj7jdvWNgK9o21jXdTF6cXB6khdOEh8UnU2Ju3LJIHov9u2Gr3RZKSIPZafOrpxu13nW7PSDbcSze87NDjX0zkYrSS7fcVWBjHl++S7Q7S7fpG78d208CUGpdGP4Xyob5Ho9k0LtJzrKZ7vDd+anfa6aYK4nWMD++Nj/0UQdRQW6dDFeA9BWDeumdcnH1MUUUB/BJmiUlxdHQ5UAwR9BFRNKk+ivUP+vQvgZz91MQPVKwg+xxj3EcPu8Q7HSkm9O6se9w4003nSDEd0VSH2ZFiNrKLhgAvFXjFcl8k2yuw0mffSHZW4KeKdUr1U1Bc9ktkeEl0VOxC2ZEicpLtFbtRHcqT7KjYlEHH7kmq+Qt98+ZZt5+mwJG+g4Z/Xr7Ud9HwT62awQ1ybcIu29+lJHRGyFumkA4F9PC0C9za6Q6GjbOz7geg96A7LCa8I0Auet1Bt9kF4vd63V6OLI/0A0EHC41TfmfQjHMFe6Rzz0A5nO5xoO1x3miqMTzUdsGEHpjDDLaXuusLbVd5ShBxf4TJYQKxlAzJp+mPRo+GRzj9y4uLbk9x/r3MXmAkNPYHWO2TtgqRWjWDBjLh2BA2S4otanrmOv44bFxcnLWbSvlU0zPUoNuF1ep8jIyd3j56vqKzodnoNI0zYClEA0+MFAA9b3VgeNBKOKBzY3DabfX1i1jTs1wbEHgHpw6OP+w0znM2dKFQz8ytTYK90ToHraA/6AHdfzTOPiIznbaPMcVe9via6Mv4iAlOGQw+wqhDkNbF5pYb15g5v9i5MOwPWrArE+OmRh7y4N2hCrxa1y0rG6XFrbpd1iqqe8Tpng1VR79ELz7ZwyzN7qLR739oDbn8xYxy22vAeD/svl+nY7tz0tUdpvxzmKVhiu79C5AMRmlbywHkJ17JQgqzBWLym92gx9eHtaO9oxRzUeYXGOAH+gOXPGaWlykfyNzh/4WhQhM9ukd46toIxJSxiHlhh5RaZMsFu3W2tdEEfnB8+eQDzXUauCJSpPBxK3Lcje3oePjhToi4nRlMzpqaC4/uxQpRju0IUif2H5/pzpsA4HdJgzlwWLx+w6qPmbVwCPL8NMVmG8EUXZKBBIotRFSSUUJf9oYed1j0cHC+nE4THMcvMqYO4Kxa6s0lb1HjuRHZNxEa7FD3OAsDSzpzEfjl8Vc+rsh3ZbKND9yj/Iq153SZyZq9ASM/FCb/8SgH0Mi3xhucLjGw6Lj+auQs8Tk73p+MMfzVRLB4N2e66KAkp/Nr3BMebIqr5bVXkTtjv354VH+b4OEf+CPloWdNYdwtomtZEK4s6VamaZY5KbbZ3/4m0aDmaUfJClwgHPeCoKuywe43rDEaOS6560W6XpQ9zFtYIy9hZtIjMBHUdN74yIP3eETfFI4buitCGS0D+uQ1AAIVybRiuHF3VIUxwxzdEAjWP+1enrUoyxI/IXheQVihJnCqjY52nvuMXHFnYaon/jmxKHlTfyngefyROWbcvbIw6TWlidyAGe5s8Pfv4YDWHE+VcQwe9Gj3uzu16uH+IbscnOwcsZ97J829w/rLX9iWTAeArISLgzSjUK1twIG/QfVi4IK39VdTSlsn7ngwCZXAt7IReD9p6/jWbCGvFoIv4UB0zeS3/AJz66uJ5Uzi+5nYbeFa10NKELdV+vq/kABb/xj/o/KP8bfbX2OycByojClEoIXlKVx3wOuUTBn3OLXdqW+jc23jHy4m+k62DxGtvOHQv1M0UE1P8GiqHcCZYIq52OTKrH5wsJ3ln0zTI2u3lZrhi6/R1PE493GeL6m3VnCxokRBjBxLNiW1tGsLdi5weCQV1dZ26rwQD7HiufPetTvvFA5WCTkSgFF6vVMqS56pcFImJ6LqtvOW2CKJfUUueM6EVUm2SJIJ7klDIQ7z3SnqE4Stdno839jPvwDIpT85Am0Xd67slcUMkr9/rv3CvgK+q1Vevizh/kj+UK9US1l8opDHsDQxMJwC3sZqAnmCeTMTLJ69CrEzPbizDnksFWmXoHmk1xtxS/jEOyRrRbCGQoDBz9VftpH8KldyJk4GJbYEVOQDOel/Xh0hqZTGH8cGKKaZMkfP4tCCHH/afNgCwG+qq793QlB48nzOSiT50VnKZIUOrAnX4EiLAg3pxqGnOQ/O0mXOHa4g5q6EeWMK5DuTh11j8mf53CcrY2VwuelwlSv8RUjGePBt8lZPLf94owiNN+OJ+vDogt25EyQ3H1Yre6X4PgBBEAt3iK4vWZMUOI1ZcFCuzuiOTCVNoS1JGdkki2/ScK9ni0yg+HsUIrNg66lBXY1AsKhu1EJookkma4Pk9R9ITiogRcULwGNbJRAzmGsVZSsmDuKnyDZ8W9rWjiNWPp6XNNZKl18xzV/x++lP1r09t/EOkPIXDeO32jlX7SHTxbe1GmiaCTHQzR4l8zBqPDilMb9CvuFXyDvXYFgsajvejVkDIoIdgl6Ads9oFem2z/upu8Xlv0RSn3RRh7AIv5fYNbvn5+R0YnTLDS165h3DS+8wn0W069jzSiyKIUcn7Nrq9+Nd1Ygrcw1GQleizKxrrD3DtNBVFCFG3eXhTq9z3kvv7R8E76X3375KAyqZ7mgCErd+cKhy/Mifa/Wj9MVetEFYnABQ616gk7hxFjbDs6HRa550L3vxzFkyOT4MsAMHEYY0qIYBoM1Bj3FPaMGZ7+fN3PJw1JEvkU/yF30aRp9t9ex/zsemNaX7+X5LoiJS+8dwVw7zsl5kGA4M2mYCg5UqDAzbZlC15N85E9u7CcmgXLwBb7XG3CX8YP6Z8AvMXwAMaZAPMI8Gkg2uRoVIahZc7ii4NIZRcIUWPB8crE7zuBldG3Ol9acR8smZN//okhcHWXjREaS+SUgn5ajm1DY9cqJtxGFupEGmPwAy/dnyRZ7vKws1AVAxTEpNgoPALz6I8pE5ZeLCYVu5CldT545jL7a1Evlj0Sq+DXMACnLkApScowS3B0I3InI0O2Rw41rWDoak7bU4O+ZgycEGjJ0+pOnjp8CGuKZAzp25VYp+o5z43GHhefsdeeAi04mDjSsD+IkZYrY35IFj6DYLCvw193kBP43nKeusH6KipTjw9T2V1zXy1id2vMdP8/Do3k5DSNqmv61MA3FifjmEiJ728UM5fqrGD4S4PI+K4+egmhCLXwzRUvpB+kRPH8npUyV9KKRkelyEPwdtpbj7YoibEPtxqf0s3OViylyQol8MCSInS3gcrD71HKRvzenS8jRWmdYnKw2/eOZynZWKWRjJGt55eagwVeHD39q9POT1RZwJZZ3c6Z82amxrbF/jwxyRSvkNqFhlCu4OvqhXt3UDBvpO8uzMgF8E9mx8wOeiOkTVkzlvHRSYS+1QN55exdWDzwGd0AgUoEEbAOAZaoDaH6BOgq5jD4mGYplg/AiseL/d3dJ/T+2rkgrv/zxrH7Ots/988WJbDSB1c03PodBDK9z/onzN8vr6IVG4iD+tc2ZBviBeBDWcZ4QeoMKPbtiW7m4lJWVGpmeFrlL4b6uksM41207u5XxpFO+fLYYSmzfG/ypplCszPN8dxt1xZf6l3v2VxrBgeYtybnGFcuGU/YWRSCYSSSOhaLFqhQT8kM+Zu4bTRFV4itONgHVCTzGvPX2vkf8BhEwvZRyavmkKcrH1pIiWQkRP4ZJ7wCl2hnL8nLVMDRxvnxqxIPfhyAV5JIWBup/+JlgAHDnOJxvvJBVvkbbgNNHfYaq98+lISwFs6N3YEz+8qytj0TwSyp/sBVvgK+N0sUS2hY/mg+JeiQvEiGQKkvPJ6eQOnpyaiHZYzvEmdqvUCWoy5EHaj0lD0Tq1A6376GLlgCRkfi4JFH7ZflZUM7f6l4t2YQnxR5uCQih8uVPIl5N/GNz/UHQvfkr84ebwh1oHfdGhPwjaz0ttCvoa+VsS7SaZzaSfirygE2c6de68AiPVtuMz0YHCw1/721fRrMX4EYHHMhqW16uNxTaBbYnqx7WDrneMSUaLEBPwYi5drNwuL0A4nJEzH/PfIq/NU8pSQGxBF/ObTub/NVPvlVRhWOWEWldmMmZPYTqUlVZafJBo9ww9P9+2CyAVO7aTLzgKG2HZwySZfVtnMuTZhXKYnONvu4hVqIGVxnU1KyYEXPCs2C5uoGqoUVCgZwyUnkS1zEol+Z/4sPBdVefsifmCFdkPNRtSF0CoCiOOSJAby8UQ9bFSBsRaRmvoWCN7bLEliDfe7WE2s0D2jSJ3cxGHk4zbBwhj/hQgHpEUy4URjonXsFubNmVrZ/Df10y8bVCbyhSObs/F4zR1o5837V8CcV1wo+HY336bim61MUg9E6HMyNIO9xyavo0x+6liSmo6UnV1Xbh48EYveFy3VfCpsNbS5qs+duYlnyHL2eYUc+NiKSdCz9nhJZlASD5Y+OhGrrAJ7D81fazTh6s4d+7KIf8EdQcpm4ws5BQbNYM/8F3NBE1u+O/CgW14NY30jRRR03NAZLqBB1T003g8g/uNV/pffVfpCxWA31sPZ4HTfp+8B9Z1BYMn2C47Sve7ci3z03eq0SLXmEpsIheiyt+jd3VZDTIHSVwcFpz4Xj2YOPRcY+LyElI3cXm1mYVzJozEFennWlB53aqdl7jEzcQ5C0biMljZJnaHmdOiOG1qhyFt6kcr00aEOagJE0ZEfE5kMB5jdYZfYzy6eFI9b1KMVNU+/PhdTtGUhvY5TtFU/cAv4xSNVMdc7UwSjZ/+TBKAEyLsz3gIKWYKe/IPeOo8yZL9WY4ZBTEoueEKxHjEufJko+sOksczrfbkUIDWnhyY9TVolT5z3iqgfa9o9yrdLu3Gcp3l9U222h+xMvEH22POFQ/YLXDYJRxIiVMu/mvseEteOOcfY3nX3PrzKz7f3+/ACg6gNF1Ss8FbUMvKKf1X36++DIulV+r4Qj4FJg8ExiLxh8TWPTNUXJ/xPEq1zRYuZlJ/w0oniU/zZfWk1WjU67XDo2Z9b7+53zw8rB8dH1VbzVqzVau/rNb3jerRUePwRbP5Yr/EKmnwwadUrVePj43G4d5xbe/lcb1+UNtvVI9evDwy9var+62WcfLyoPbyeK/Z2mvs79WO96r142rjsHVSPzip7e+9yAG/f2LU9g4OW4etg1qzvn9g7B8dHB+8AIwPjBdG8/BkHyZQN14CAi+M1uFx9fjk5KB5DN9XD4/hmxzwhrF3dHh8cnzQOHr58qRx0DBensBi1F40949rJ8bh/sv60eHhQc1oGocHe0e1JDFVYkgluAox0t5B/TBgpL3CPLD/FxN8NibYPzjeazXr1eqL5vFRowYTPqke5IB/edRq7B/tHdaaBwetPUDyJfQ7aRydtOr7zZODE/gJfqgD3MZeo/US2h3WT2C69erRwUH9+DgPvNE6gOV68aL68vDlIRDpRbW5d7Bv7DeOmy+PqvsntRf7h83qUbNRO6rDnPagMVDwsG7sHTaNvTzwxt5L48WLerN2VDWODqu4vC+O9hp1o1l90agfAdVwWidVIHbzoN582TLqx83jk8OXBwdHtRe1oxzwey9fHuy/fNE0Gi8PDhvGQQ0oUT+sHb08OmlUD2rV2sGL+pEBK9NoNBuNw6N1NmDS64cV2a8cP3kiR0UqZTnJ2G2JA95i4lU2QIYu0zGzeMwiHuR1zEYxsmfmdJvAYnMq9hw8r7WxJKRZi95LYfG4uXWXTL+8VY9dtcn9rWrJf5QBNUEXOPVOeaVp7BQmHt4qkRSJtt3d3fwVlaMFvcS/sz1r6NrXN36fbgBriSjOb9gAb+JG+KCIF6/3FugRFXGa0eO/zMkvLFqkiTBpZ2b8lZVrjZcjAQx9sxyW7cr3ynglCsrg3MfrvnY0IsnEQFwzyM3NPzCHEblYMZG5LKeOiM3Qm2ubU3Lu4nLIR/bjMHc/kMdNJLoBWQ16Cgx9IgvAjvGV1ZSS+XO0F+YC5nX1wG5B5es6rje6cfiUP9g4Rgzezz82Ojvdbq/fPO0Ofqkk3vfkl2Xfr8UVkVhSHLwhVXNKLcEgoV48s+db4RflgHt23mK1RPpyK375OzPvkWVgsJBpptZE8swh+yYyAo8zAzzZUez7NDz4z85bb3nFb60RfOIaPhyVR8pRG7rlu4/hRyFo1ztvZ874wrnb2rwvi12UgGfx6ovo1Nh56zv0L54IOwqN8jYFd8Ud85tSOXX/K3IvR65ACRhdcfK/VrsgwzE/czaeLzRDStblXyrAATMgFg9mSEyFCtQqUqzITNkrp1kJUmyvlx3pOeIMeTGBIEgA11r/y4rBJ48KmVFjkZqM+B3jG4IShKsBfFKstUSfBJJldSKGQHSHPoeOecYOnjeQNlrG8rOyQ2L4PPTymCEFLhtZwf8TzQkSbResM/ydPkNSGEvlaHjD1TNBDU3cUTLmQh4uyaRX24pEWOVE6/TLmDLT/aQZVhO1UdYFWJW1PTVxRupmmpkkdnZqOqmdnzyaE4NbYlPJZpPgBJ8kfpHLzmfO/w6BFVr3UMfCL7ZUrVQnVKK6bVZKl3RbJS4r37llBKIlXJL6ljH3ZNYLlnxXZUbv1YNXEAqZCr+j55JmmD7mvnqT9dYHCcr+9S+tXMzvnUksUaoYq25SXqqG7MrObY/y+n3Ou8ig0o1Q+jJjM0UJFd32zFXE+X9XiUxbR6X+EpTqz6pWi2VZTaWW5XDWmdMjb6QDXlGVdAoetmsetVNnRX2n+IN4hY/rt/RX8ZCFmIMnALeVJBB+wAaP9x1eTZ3RJ6rZC2AO9zG0AwUrBTfygmqr3Ndl3db/cSjX7H28GAzhr+F5t2UMm4Pe70HLAqEJuRf66jvuzNWQSVNWXIxYrpVHr4WEpmTiLKo/MjAqJ9ojL0ZCH3rwByI55/5e+z86rYZxlrkFnm8lsoIrMmkpM6ysSMtYYpZH01JCW5l9j1aKjsiLL/mDEIkz3PFZ98NJGw/5NRluNdqtEgVUIOSpSHzX6ioF77fqsRjJ3/T4Q5EDW0cOr7saRQLQctpkRNL9EYjNN8TgQ/dR++HzRJIVCQTTH3zN/VXPPJHW7vHHXXNfydSrx6Lt7mYM01lO40qM2h5Z79VGJm1/B606fLNS1B7541sS2XMuZkn8ZQOoqFjEBhD9Hif4/pco/Zk0Xl3pfwrS/3G0fBXximj5Sir9WbX8TCKtruU/Ae3+0vILLVIBLf8ptvv/Pi0/i9gra/lPctj9ebV85fn29Fq+aphsLT8aIRBc9Zeyb5K19766m4v4z/gHZt1tOnPfni+dpXe8nExE+bSsbmPbw34X5hhzsSSupaiDfau4uQ5mWFHfdVdYqVEKfwwvpJP4iCp9erv2bUA2+1aTPdi+rayDIQJMYJMqsxcnlmf57R+Dqn/2LeXI0KK+rSCmiDFZnZrNlaiZet/0Nsp8GjLCL+vREUGuTEjALaAkBWpUy+n3Vvqkp5EdorOl4z+vukOCbs+3Q47X2CGKM+EL2CEBsbJ2SBr1J90hrZWoqXgV+CXskCghlTskibd+h2DU/o3FNsJDfiOMcJG5s+C8FDWRyhg0P7a8kWtfWVgTL4bfz/3macdoG71fymzpYdauWEmWCqOxeILu2sHeIbsiijgT/JXXXorBC4Pwrx4IEVGYSRaExcgR0x1b43LwroIDR7jirUAMIP9VyA8AK8JFJLzwB449AgQ8X8DCC4gxaAHSqwfqx4pfxcL0o0W68Jo4qn5RGI/iN1S9Chz99AcWCx261sIy/a2Nf1Q3yrQSSQaJYRPoNgpsFL9lYRPKS2sFbMJ/aEPPEml+E+Fm8V9jIWZ5icIKxJklxn5MSgeZZNdcAu/BETQyf/f0Dviex7fiT6rxCte2KslUZxRqhpxA6rLCoZ1urvFthyUEVK8a+SyxzZBjV+QxU8aE6lVFO70xEMvJ/hj8KIn786GIZQvWRQ/7FkRtRVszmsH+EditQLsYgp9XnKyTbm19cZLKs/YlipMba/RJl6AhuvjCkxH9+TnlCKK1mhhJTkS5RRUzek5pkzEL/YZZdyK11bJ2FJZJmknoRVJyAkqJpJrA80ku/RyKr0PhadS1u21tO8nItZOkjZSUtzkm0pOZR7+pxQZHR28aJdBNZnNem2AnxQkWX+ffm16ITQa5YsgmqKU9PjUlLxLHqLpV7Dgtmri2wLGqwekxx2sE5Oc/UxOLCQaVwIZpa5UE+jlVbvoylnIdg+vxS5kyvL6kpXzUQgrc8JWhGERZQv7MuQ6cN+G36J7ZXJied+e46B1xzZnlI3XMOeVUwNTJ9ty37n0mW5XhW3Gr0m8wnjCXATNBD+KN1BiJ+vS4RnMYJvn7uX1vjUNkND9XKpXwFzH1Y8eZWuY8/B5TMQyn0QmHZe/pMZX8Oln1nvpsBSim69tvmu41VVqHHvR8B/8d8xULnEbmdDokdqSmfNfw//0brXqZlTiKJbzvQTDbucvHTq3pIsgg8WVQeHgTwykkNM/XoaP0sDCpeXk1D1bN2kqQnQoXxcWGqM9F9NS905LbOIp/BJMM29EyyRohzEyPUEwNErmC0IzA11vtTE7v5gguij8Vz52ejX8cSvRpToOGaU7S8YuaKdgPKFtcBNkG2xUzzaDUAZD+DSlPZczqQrX/Fo6Nb4hBfi9cx0eRY16DZPJ89j8/TO35pzz/a/2gFvhfX1b2Ki+BxOZkYo9AbpnTB8/2fguwCj/0dI6XoxgvZ7OH4PVZ+12n2zOkue1VstlcxQGB0AWbYTmdpvmf7tElJ13Z/sxcsL9FHs41+u+HcOL0B73L5qDbW+9VYpFBzrrv2p1hz/i7QldNPr9UvFPHT+y5X9/o/dhuGgjx0uiHaVJKHmi7SCF0XqBUjH8Rh5q+Ilr79WYGrVL0okmvnBxFolfkLSd+1n3PuepMnuxtZzBB5ftOueCNZtO4GOTOOPXUM95/jVnHVi/G6/96o2P2rB0TT0EwNT1/SIIMaGnfWkNJKO2W/Mr2ZF2/QA4IBduTCnb4/fd8Wph4VKwLGGtXjumOY6OCXEQZG+mpvQLcBY3Xv6EUpRenFwclzH7lDylmZ2ubofqJ/MWvAtETUsZm+9Bs7MC3c8ePkwOQ5mpgZOzU1KUrD+btO1PnDsRhOGikn5I9uDuG3xO7nqlyxkTIK8kkTht8357QNiLyV8VNfDjvwfOt2RCE0BBk/NwvOGrQfoVBf8tgNgVLZOocSubIQEV9p11gl+i3Ybb2EmmYfzbZnmdl8pXqCFInTMFPTC5dgmBpXA5OUydRqAuWWYRm0XNqFIjl4KSKfKUYWXammzLskrgyw89fh9qXdqiFFaUBiF40qdmqfwkHVr+vERtrbrEIORTbDD+7uxk4oTvismcocBJP07OFXM4Bm52bI1JCLb07f5+dKTtK+UJdgn+QR1SOHIigcsrwYYoC5641wzLleIRKPClmJdD7gzSTIJuvg9CUhPiDRcGM4FulgDzAF8AY7xSRtJsCEDcoolKVWag/aJsXWZ7iS1SS0yVaBv94IvGZv1CaJmlJq2TaggK3LMn33Mlgonj9aVLBZEvVDOl10ej3P7SG3LUKjPeK4lKoaJvjPpRF/lWxwYQPk1+SjNMshSRdZX8Fiycu/rntP+TlsVHD+ll4q3W/b7MdVvsFk3MXm13BuPfksqyU5i/rNTFykfczISxNsYyVwOuwpT85GuLFxNjayht8c5qOVExwY0F/OyHUbHSaxtmZ0RoefyQ0k3DXOhSBvZCN7kiIM6la70RU60SoxffEV2AiIS/OmWX7GL8oxLxNiZ+vzDH6y3l9Ql7XB8vHP1jRxHERBGZwKts7ExgOveyx0T4HM+CIw5kF9uJ49TLkGWuckiYL08WKfENvSc7C1evQBignIFFG68RXqeqz8sMPgGRzsM2Du6+Sig0Q2yilMh66PLWtFkx7fYUSP9lKJX4UsifSUaUaanpl9FhLnX5Sa/U3xeVaQff6rW0WkREp/3vfsgq7sQ9Z76SJ//2NrnBF+nGKtOa1j1H2mGwCKuDOxKLEf+NcpBy3kkKq4KXAU90FpDznq+6NlANdb3+o/QO/rwWiFCrYXSNtotV4dWbIsyY0TJzRq/kklZvoFOyjqSVT9KcZ1rV+XVqe7zG0rvgZ4OXybdiyyL3mY3hTTlbBiQESyqvjJ3IuK4wKbe9869BxbaxI8Uf2CynZ9vc3Ytqdk64UK4rD7LnU+VwljYL8UZp9h1U56HkMXqZ/aRjipa+7JCb5shGdgt25xGBs37xeGVOwGlGgQOsiivC+yneJH22UVyCRZPhVlroaXkEE3SgEO1MdDcMlYp0oboKCLt+yzVtzulRLBQXVA6Erz4FhBDD8iIYqh5ih5Wp0WPws53TVEJ9icVVY9SI9Kvd5HAvh58Xor7NCxNVH7uT1y5Be/c0IX+UsPH6efAPJD2wPjgXboXdFGxdCQXjFNmCvLD2f9Fj9hglILMAUKEkg92YWVpvW6MbJBbaN5uPoxt2qZkELN0DuEq6xKUhVEMG7nAYxbzUPLX7DaxHkAiNKhoxfaCfJjyp8PvnJ2HWan9QbTOkfyS+zh+ZSWGavUlfvt7UVL/nJ64mONKVPj2tgv58/UrzJnJoja0u/UqXLzvtO90NH5Z4P2uSrPFndHzkVNWDVHlXyEs9ckjwf0fcTFZuPWX7SqjV7RefEiMaltDsDoGhz0P7RyL4azHDGKPbQN0pYjQlGAvOitPJxtBBd9BKclxNAXT24ykJdnnvheby1Ei49vuZEGTNQom8wdDjlYBYs07/odvpBoJ2isGD0KXUwoTWEwr7SjygcCOm7smTZLzXe5bS6peLGx2tpAtWKOrNMXKUps2I6jpi0GmaJ4iF3zLl3h7ZZmSW+WGnPPeq+TX7W4fwckYtbP/ktnqnR74bN7vnFmfHTn0A8c579cuVzppxyrZFl34ZySqp9kWsWEjzIY/JaxlRcoMAnJYuE57mc/kXcHJX5AwgHoRYDGT0RV5duYEyCary4WYD8mtpXsgomyJGRxT0nXAiH7hSTiHQvBXjUhfY9mj5TdHthpDWsINBwan+ygtKYY2duKdHA6eIosgLnHE8FLNqEt13OAhNyKMZTTHMVX+IK93r6GwP9Zcda14Qr+EsLXiXIcxGdxxRNiPbSrT3mzvy1nfU8pBG5sUFANwn2k/lFs2If6XuFbxSTquARS7/vvBUM06b6Y75txRc8tKmomzCbMuMhM6NAtUl9ir7DeOz64hsqWdr2EQsbPsj661FG/qOM7MDg4Mc0sxZVLPe+XgAGO7WDCJ/zl2fiuXE4CBXWvaDf8D2uSMDbbwwvLo/P2s3hSbd33oBvGh9S4UARiFoPe6FopChq3NEXB1KySuSZCNr9DN/8kqhwmFAbSvNUn3mqT9glOrkYPomiiLrrM5STGBkuL9zw70jsXgxxiuCLfaNsOU+1hG/iGEdxNl2/ViAK+XeOc5ST4cFxwb90CwGTqicWIRHJV4DoMSqmyCZNLE7AivCr4Xt2Gj3B9F9AfbYoOn+F5OmVot8lLk2iwyLZGdZxCa8XonLxfth9rw4ju7NK0yn7J3q2fROUa9tn6DkxUQ8gRZtiF2mXUNXJq6lzFSS5i3wf5urjIcUulrfXaecP0jK4Uijwfxm/4Zp9KUZv5M9cIVlTCsmYauFZfl+W/zzHqL1QveiDttQYwFYBAjT7sXfUm7FKzzF48MNWcBjEfEypRCiRmq7yuzILRLRuuLVOmgAADhr+47sUCTX+MX3/vw6fP+jhgyXnVoi99VaLsv3zBTD2Qb4M7JnlLANvQPDbJu64t9a9NQIFEs2uWv1FpQr/DxOl4SlmsjN7vrznJZPvbDjn5tYt+eRocJP8/PCtu0QPEZ05tm9NMT8sSCgx7NY2m8HB6OHJ6Dnwv3he+vy3ShRPnyxh8Qsan/x5LCxblQ8zAytX+KYoHjIFJWk9i8wXfnz+BXOGRGYgISi8HHyBJdLBLh8t3UHkO/5n1jq9s7imAM0W0IluXjx/bOAOT0+v0ARA0PQFBEXsWtw1J4c6c66zsDSAV5a+xZrObAarn0KsPWGblO8ZF8izIqtIUfMdEH3I/a9ekRTEFxxzayrFYLA38PFBxzgbGj8ZzW3Jd7CQAAzffZjTKfwDxl/CXw8hC7Ux4c+UXJxT+8ZxxugkjsXO8rBZ9uAs2Z3JswZdYRjPJ8pwPL6F7zCux5nkRh+O4gRIZdIQPhlBjZTLhoNZcT1po8qRMaMXzPbK5NnplJkm1LwYZdjvUo1tbxgyc1IOpplFXn0nztMimSfWO1FB/vM46X3GdVz+mn1LpA8DbpmPnTtGCfVMj23wxNS0s+jUQLXqgd5+0IXBlYWeRxRNFJtyB2o73dphBwHKd2Kjoz98jOq+Nd4AOVe9f3HCPwxz/4C+X393zG8nZuY94QGtfGt0M7dxwR7KJAe59r5wnSvzakoBZJhH2ZrBHDAJ9tXSL8dGvXFgpj71niD/lgBpOKTn3sQihpzhLMDcmPPhkcMD4HyweYncfTwfdnDDgPm2H+7Mh0pstEK+sP3AxXdQqRPRCAm8P05xDCclpTlMpXz7Wbnv0UQIaftdDL3q/VG1WpU5zYHM9mw5I3ILhRrHKbMFLHcBj56cxWGlVg7zJwCZRha7WA4GD7GxlxjVU73fBwTKZN+VPHaHZh6JKSIwCCc8oyjD+p01nUZoK5TJICUqwdE4TiIOp71MZ5MkW/fC6EQ0a66dc81a/B25247SuvyIZSrH5vQ5VWsh3MQZ4vkg2z09L2kp9l0Rfb3QSbWGFl80XYLARdyhDBc+dw2TrzWdoN1yZ0Dn6XAGlmFYlKYZXf7B4CPMfmh0WkkDIc2A4uVw56DA62FJkMDvGdiKxE2Cjrp1irz19R92YLbcmyn+BgMjbHDr16pV+pn/pUDsCHZofZ+i5yIBdHHqkDUb/yYVt/mMuRpihP8DR+THv5janr+FhCWr7w0L7MhiNmRqAdZJ1iD5KjtXgy7GUQ9v3TwLUdpfUmUa1D7lLTqcxsuxsyM5UbkCkVUo+H72+OOwcXFx1m42Bu1up1hFEns+jEiZIeqc7E2mJUr6Ar+2M5nYq8HVXUIeBHnM4exeIuL4T/eBkUJrI3uNfPpjhhYnrgLoVN7UucOjHkbwYsPCWTVH5QqVu7nFyJcIh7ElFDp5wwmb2naJ4mgMBOrT2EGUE6ERoYUSMYtBhTenZAP/rbQd15T4dW/etMtcdxe2jFhEezazxraJ9nLoDybljAdE8MZoN8VGJEMq2lcwjY96JqKDqru3HCFakr2io1MAR8JYTw/toLpICvLSjw0/F94XggWUdBmWkFn4lQRLSEWqnHzGT6qPM9FyCI86se5HZPFF9LuIbsdgUrCgtndDcis2cBIunvGYT++kjfetsA/K0oCI6K81hvoDGQrCY7+hGHYDCAr6toc7N1aQBoYN2sv5UdDM2L61x2CmsrHpmwIUWA0YGZ/Es9UYNGAp0rjVgSQgN64cLKDjpZXJ9EldSFt87AmNPEXnL/0RPZuliYpnq/zzs932PYFWKCjzxSuGTzFX5LqUzh7xLEgEqUSQ9oTQoZ91bGwKT1cidl7kVtdptrPFIxcAP1KfUA6CHzr+xWhCzc5On2R7Q6QZHjIh9TDDH3bFBH98sjpNIxyKiL16qib8ZOsf4rmXAsvs3AOy2RbhqH02pXxrGgPEKYAJ8BGQDo5WRfktwyvZpEoAHhe54bNiOB2m07QjD50b4TEPXcfSO5r+9c6FIzL68yPj6PDI7SNaCodsxM5TKmE6e6/IXlvHvO+fGmdnWjfMl+fJIHzXdGXwuX7pvoxgRZ7XmUHDPN+htbZ3YiXPxNPoPJIvnsot8RQuib8urFNYP6XDYdU762xHA75rn3ADES8duA/eWVhzusHCYH+hIXv8TsIXXmSLX7SNi46ud0uoXBx6VeHxboqnclHkpJzErf959jypEfzwob8UxQm+7IPhKe2ZZz4bnmC2KYsmJwaDoMU6FCy80hPNbngqQsBY3CfTDRA5hrhyyXZZQo98WmW0DTrvtapSR+ZtMi139B2OmIRCM820l4QBI/VWfLpOj1H0r2nSC3p53P/YHxjnqpAbvUq8wghoBRaWgVo0BafIdlkmCWcOLxrSIX1CeQaK7HqHjj6KdimBaQOnBa4BXrNuWpRIv4y2MnyF5wZFnlLVZMed0UiMn3dwNOJ4U+a45WAE2LObqFjEoj57RqMF//PO+KlMnsPr5dR0MSugKFqkCInIYc94xARHOvmr4F2OT4qz1wqToE0khiPvQlnONjHZfhtjXJ8xbCJxSKwXFBE9kbsLrKKNk8Qq9VPMto9BBLZDtcz4k5fttTSoIghy2U/lDOSREbFnMxEPVQnsgY5r5V5ggam3xhQ2pRSOn2hKERc/IPjWeiN5tKA3ik6+jG2k9KvAbroe0nhbwTYOJFyA6PFyMsEH9xwzy1PpWQHWIp2MaPpz9Rf0O0X+yV6ls1Mk734WjsdDsskeob4IBb6AX7byENyGIVReKf6YycGknFnXksk6CzFFXT80Av42gXPeHVcxrUdykuquFTb6leNMIzljsuosqG/TdB48SYgAy+9XJUo8aDvVYFu3UumyARoIlUjmuIJHYXsOpx+eYMLSwW3vKLd/7hGT1I8SMXmzFd5GZh4h/ChDgOuVb/pLlD9OlCclAlpVyT2aJ+LLxBCZeSn7vuliXGigs6YZsEeXyHPnjjnz6QNdMwetMdjPpBhkinZdLhaOCyZ7hQ0c+S8efb6YRnqBMuf5zqIv/w32Ab/yRM5chApSoMHRlSTY0JiuRVyJ0gsh0PLoPlUCoqhBRteX8D/iCa8Ca+hHT62ppFPwxp/7JMJg2rw5yNERE0KHezNsv0TgrtBdAJzoIYmjc72GYfAiE+ZLNZXloW2PWTSe1g30ZyQyvx2fy9tZjLYzPUoIbwlxkiQpkoKi87g7xTNvLUqjQBl0KQh4zDkX+s9gbjzwMqohS83bW+LDZSoyOrZIfiEYccEuIopzBVcCPZ0ECwj8RHIsQf0QvlbpXdFtLg23X8IDNQLh970OkLiprgTK4sLiC/TxR0n6zH5+OdSz+XM+b4BCSLoIswQii9gl+FcsXiHcFuXIHvzinHy5nPGkjr4oc6zMHp912ut6/BLNo86rMORtZbdgH0S9l61UpA6H+Bn5ZMJfceakJX5i2ponH0O6pwm0q2KypCDFmgiaDAQOPUWv9kR6UlHZGqNDjV448Ag/+ZKHnmBHciQJxQJP7Bs4/jEk0Fz6zo5rEcHxfRvpUlgDW4DHYIf0ahX0OqEVrqVygn652mum3tr25Mu371PYtuyxDPdzXDkvsRBX1shccvI8REgJ7WK/WHN6/2y5QtsEcZcepxhVbC94BJiiTFzJDx1oWTNvBbdJayIUuY7Sr9Xad1ap7L5A/ylOC1+NDyf21CKby6YMsc7SHVn6hqmjZEIspO9Q0BxvWTzNtqo0xAdx+8if2JVpv2AqSPlwKYidFaYBKq207bDaaIXhRk03wBKj9CKpFHnHF91psUVRSMti1xnDsZiYfmGj4+Ttr3iWNX4vyzfp+ntBXHtb49zdkOVXyML8neV77JhUE3ZBJ7uXwhaLkpQOK/Fm7MJ1fGfkTEuU3I0/jYo/6so9x1SKUfow0/n0cyKnFEEIKRqKwqKpzTXxHIzG+9e/wF5zJvFvV4xTWLhgA6LJN31IeTbia8frEEV/L6QU8bOJfLG+82lrZo9gYWCfo0OjxErb3OWJP5VKPB29eOK2uFlU5pa/G/T4+rB2tHcU1QTNOzzg+f1IhAaBho1PEDHdGL1Z1cVABblHzTutuhvzN+seM4nRMpzDAuN4++APjkJa6gXDUO9C8SihT0sihf4WLA38FOkTOiKojCel2W0uzDG+lhjmpc0x78rsIJlSYRMZkPL2iv48e0hkAOCQfbajX9MYOOCfX5cOyenXq72VfBt/oLoRuFHIq+mx/mn38qwFapg1+hRJhMOljcDU9lBD8Rwi/0YMHr68/ChfW77E554ml8pAWQyoT7z2JDXPc3AJvRt8BX5nJbkhSbfXbEdLIwp3TvV4K1FR/vp/9SSnqmSZHNie35pTUN2w9Xq3X1fkn9eEUyvnoo2vVoqIJISU9LsKLggUAb6p7jtvIuFv8cDi32Li0FkUlobxFZfgr+TVh0K6VJLSJZRG4eVLWvAIkBjYzf/M8IA8TB1zrK88gJs8sX938IuoiMB0Q4lASPo5F2oUCD8sxMNzMCfBIiIJKeowKEX0zcwcDfkOzpDS2Cr7YCE48jyJ9qWxqP9Xb1hqUPjb9G5kXqJOk3L7iFaoD3jWr8O5k6RfaublcBkqwW+agvSqPXl63mg+VZWi3d34CejMKL4ihgssU5x1rv8b9K8paEdhYQj+W5nVY1eeu7sqD0tIqm+/TZ3nKxUiHi1dFx3hq29I6h7PpBVeXavybHk/O+44mCjeavN77YJt8dJbpA5jW5gyLtkCviptJ6/F0xiWXu/wjHOJXxS5juOfEgggSiGAZQN41joXrGpAQhIxOKKpsIBMh75PmJXBUPLvHPdTrCcJwx2hI8qmXnoWQiaYiwUq5GAgbiXQD3eERoeNoIRCRqBc8LoOrFHfCpk009Q6obZ5JsuxcE9QclpuBYjD34tmhrGv52CsjCMF4bSmitaceLylkpx+ykyR4XRJliwQbBx6IfTJphJnQSAqaioRltJVuT42xEq/u3mJHQPQRyvndYxMJJrRMbTQhxwR7+fNCEa/QMuNf7j/mG8Uqkkc4JdVrjbPaosweLG0YDxbsWp90spA/vt+/KhCuBW8YRxfvludLeqF2KIoJ6ye4ZOjXbDKdLEVfV46X3YobvDc6AyMVvGc8Wpg742f2p22ajdH9IQw0WJOJJXsF1xVYSZs655XSg8l0grVhtX7ocBU5UdTBmrtNdIrVsWyFtUjL6v3v+PxESKjmAy4RQc46vkozUEBhZMFviffH49bmIumdxZdLOCjDnOKyu8DE+Vk7MiTfVyPnGgckIT9Qe+yOej2eExOofAibJnSat4k7siCHIXHeE/TU5h8q50ZTykY5CTxysMdyswQb55CDKzMXkleSvHFnVXC0spPus7rRZEVVh/wk5Y47866x43grvjVGum+FBWV1mGlR7KUvg5hxmGTnPwjTp0C0lfhD1c8dkS8BELyGZfGOJWfp8wCIz/KwjxEzXUlNX5Wz6+D0S3rMOVBpfZFsGVmhcwMzozP/8n5Mhdn7h36ZC+YgxleecRX4kY+j0LxCJ3ClNLyXSJ4aE9ZdyH6ydpTGNoTwy+yBSlHTKN1DqoYCOgGluE7+zi86HVP28dt0PLiVdnX3/2ZmcLk58+8uz+0O63uByD1f1wqa2QTSk+1YVflw0JAI0GETyEKovGWfM9hvCVn1J/lO4RfvoXV0cVValYzR7eILUQ0UUlhJsgplyRRyXL+GPza7e9LEO3sPPIALGjRXy7IP4qpkEFq8rTI/D1d2sVTLIkujUlDUuJ8bbDAr9hkKB6O5YUwtWwvdyo3mJaWT8OeP24SYz7cqrPITRYuFkQ8WdnBR+uk/PKksTys6FF0vxh81OMay25ZmOTPgayg7wrY5pKWIjNkTBpmA0uhFn0ySunCTC98BAAni42pZs1b06YEPmSG8osq+G3u6JOgbwq5koiuC9yclCR9ZS+n8tlUbCA8cEGfGIIIhZOQiqxyz0WKonRs0j2UlFoSMr9d835OgFYYOzIlPRVjjz2TyoWlMwNzH/8l34kqj3VlS/Zacf2aYLDYk1JFvbrEzDUtlCc/+lTHQU2wWDyMyp9Gz6H4+0h8oiLyjStPoWeMXwmH4I/opo7jKtZANYEl71Kr0ge4XLEiOwRY1Z3cASIbuMdTysvnKSbb+GC6eK39isnrwmZvwGjnWT7mChxbPsV8bTArkss/8iHu/wGIYpkzOPmnqOnRApUF5cuS8KTCjnjhsBH3FAX1hLPcek/NUCn41tRceLTDCy17cIel9xSHC7PzJoCf1kASXp8/cAbdFEZxKYWOvZ0alSyPoapNYVeozqUcLAzqynzUqoruUi6EsoDMbq5CHiblSYU94afIE6VAZY7ElwSTwsioFNRdqmCLQTphzn8KdTVB9XTgGAxPwejyrIKLVtorHsgkPUNKy0n7JiYYUvXoScWUj7ZY86tzpya9Cum+1bwry2S/MIWT6oVJAHvFTNLkmVETIT9BdTHwsTy1mrHkZ13vS241PsVaadkMBW38xxyAa9nT66BczLBmKcM6GzSPj0sGdioHKTabYpPJGic+GcTw51ImXr/kjCkN+PQBFGTYULoLVrMGsma+u5uzTfTZzuQnOxmq/KhjgPEptDTVtJnYk9R6Ym+d6uvV3W3ynuP5pFZ2ev0EkTJ0zuxR8tc7MkrWbTR+HsMak+V0gi9B5EYQToAvhUv0FGyedfs6+gXIYUKA5AVyDMBzbPzU6Y0pE60gIkh3eGsRxdegT1lAAuFpCLf7jfp7rr+HclNT2Cxjw2Ee++YFsZcN5wXZ2zLirSySD3BTtEzpDYDeFfTOuJi1QKbc55OSiRq8m8rImWHaeWGkZI5OVi4PtccKUpY1o6z3M55nDCsxMP/OHlGNrYnp4ei8BJXDw/xFAXlM3y/u9V16rGlO/JyRVXnx2dbS45j0YyXht0WhAl5yjtI7eGzqYCUKKjd4R8HO9PqTqn/d2Z6VEbmJnDdnXRD/SCUs0xWpPEHVJiivBMUGgK2HGW2WmBcDKx145nzs33gi95oF23ucMVJM49ZkHyqLitkrnhLSVZf8PHnVZpoHOSq1YehFCjLjR2PwBnmYilyXISarUUo8F4uEIKddhVp/Y4wKOb0DT9uKS5kHl26Qsya+usZg/DQwOi2jtb7YS63i6tIve3ckTpcn3SQgAUSs85SXK6EUMEESnYXjeTaqArfmdGnxZIxI/iGeKxSh+iqcboyUw/6gZfR6BbdmHGZuHG64zzSBuETUp9mq0iKMlICsZDMhsUX8JiAsJhHeT2VyhI6R8ZOxu/+SKSvDfQaZkm2FPM+5xDfoo7k9UBwJXr6NVLLubX+HKo1PSzkWRh5q2kCHZ6VcArusUCVZsWkrMuntWDj/umT/Y5CIJIyYSBZnqEkqbm6i323/AqI0eN/wRDTUhv4k0MqIVtQ6pY3uSYYrOnllW3SxV8eDjNN8p3hGtFkCCb3VqSVELuisMww/UQFCw+YJkNQtC3k+djsIQmBe/KqlAFEicPllcPDP3LnjA/EBWqQ8rPC88VE81kIdywuMRK+ykQtnZ2eVsNDDSq362IUp5jDCKfbxfRpPpeRhQkSqOx48jGdcRHpkn8vc3TLpjnguH1AFzG9BlAI0WZkoL9enyJM5J7NcUunref4QJUPVywx3E/lO8/Ut3v9vb9j/y84ZVoAi0cAPnTj5Si9PiltIzycrNbMtpFkWFZ2Ez1qRCBlWbPdkxYKvxYu3ktlDibUwLisa0fW5q7ZmZXnqW1hS5vNlAornMY3Gt8nfHHpQZU6DRvwNTdhsjRe665ZhU110I85liZUIcfpTphiKpSDISEDAa82ynX2AOnNuLZEUCxMzeMtoeY+geSKSS9K7cv3fcpivD168wAM53lW6JkR2g7A5X5Vtirvf2c/IdABw9tlWLLkMRnvU8DueKiP8EhrO7Lk9M9Gjzn80Z6iM0+u5yMmYSMsRBpQQUgDpZQwh/kqfLRfSCT63TMw1GKhP82RaGN1Q374Jn5Kle1E2EGD2eJ/tMP9MukscTyAzKY5U/jg2JVA6nKtb2wEFbyfW7AB/Css1y3SBICDiNMKg1HjyjdgcY0lNUnmLdhLY7LCD79LdoR+fnguDOTOh126lsp0k2OPOCiYEHEBx5PHRIykQE79MbGs6BgLgTQPltfN4xgF7Ppoux5hY0rOmk9RiBlE9MnFJcrb7qkwltBUiaUpi85CpVsRC80wpVPxSlbcm8nM8k0o0jwqJwkQiFSoTEIvySjdWpBKJs19Wxpgws0SsS/BHEHakk2Hid/Q84izjRHrOFGqWB1pCRBQIPFFyTLDMQTL/TXoeq6Y0itP4C0/XgtxbKFdL0FCdqEX+XDRLy87bP2WWFkFwrpMQSYV68ooLiifN3sJ5+7sMpfLMwWvQsJJ5WqM8Nz9ZmDKfTFhTXJWiREWUWO38mAG5QPgFB4eocn9lsbg6WEyzLKjuZSbCEV+kVT0KDEXFhyZw9QBC1h4DHe3JAy/LEN5tU+QEnSmYeo7XHoAvbBcmDQwSuDfYFkY24G8Ckj0yRX5RnJ63Hd/sQW2bGM7b7C2rF3zILyenW3vp305KkxR4IAYcjpPllCyBK5DTIHfdT168VdwiA1iixpY+K0l8arhE/AIi/r3CrlIZckJjnTlAdoEtACSMEaE8XJtdxPWnZ0BW7kvnmtSxbyOlltILpBk0OZqih0z2Fx8N2CU2zfPGT7As/2nkPReQ/cNIasXjmgh2Wo9BRreQkjm5PuRHs+zj5WwRq7W3pJzelCH5u0DUoEcO00RhbmtvAf9f1mmcwxaU0TUp2FhmBKQWmNMi2AR39pSnx8ZxKPMkPdvgQSax4dABSEVeQQSP/OlDCroUBNmlXnHdekbjbNA+V20muY0vTi+G/cZFW7u03Mc8mtpZvuVAgZKqCr+SyPCQZvkL872nwXil12D1vU0elImmhFHp9a6uqYJprNGNI0cJ71WwVKLp06kg3kHJzVhm8S+k4MWTnDBQDPvDZLoEDVvFxj84V0P9rxqOvjI9nnY7LLNDcUgY2aRkC87JPOzr1pJ1cpRNhyftMyM1IiZS80QmNaFmiso7IncrVxAw2z5JVZQ1d0HCcDhixXbw1eKmopTVYCJPbSotTCn5eaxaAN7G51OwhfjbmvBMff36NesPGr0Be/v2LS/i49FWu3boaHYCW9VWbDkxnSvr2p7j0y05LA5ZdBMSCTVZm77KSQGv3Z2Y9vb0go0di9ualjWjYmD2J0u8ah05cw9XwMMrhAkGKm9ta4Q4DkWFmd5kzKDTONf5XjcnlAqWxgiAgdVwp3Vz6iaMkmSi2jOKrarzr61ARZ0wUj5cm/vuQyRMYA2ZoBgpYgzH8L5zzUXGqcsfF2zEmDtL8nLsNQl35WcCXPRJS8Uym/hY8k1L5YhThtL0FjymVfASmg8hvwr11tJl8qZfXYWZCYMCM9D1x/XXP71UkDHmUlBgn0Yh/04g8w16f2HOvbDgmyoW11O/jUtZbEFlX93z8yzD7in8+7lh6WRBp82+bxjeVM/Me3u2nAnXMB4R/E2+qNRo84e97oyOSXE4iT6xdYzmKEdDJFKapiwL28mYQ/H6kPEKZXRDbCUDtbHS4AzzkmH5jtgvq90BH1TqsSjITUBeMjhMaktpXea8Q4oHfJSVIHLeZcVBhBBQEO1H+FyYOnGH8dtwFsoH+1+tg0NWeVd+D/NfyQJTsbeaip1OxjTpclg4k78al9uSNKqpJVQUHp1HBRWXYHPg5YJkolg3T4GiMIUyy37tKCOoHje7bE56Qo56Gs6SnySH4Sf9wjz1YLeuzkilfUqiaFswgErVU5JaDzXhEBK3nME2ifcr9OY6l7b4Yj/gAdWT60c9Ol4j6XrUlyYkhepZcf7MkEV0nrc1dstKG3O9YVT54FddzOS1Z3xBVbV61REpiq1SdJust0ViiCch0peZucllXTpMtIPme2aNOhm5EFhvqCBZLmYRpZJ05JSUiFcYOwExLuq0yW/BwrDAinVnZPaHOSXIARB9svUNk2Vo+yeDi3h/vDdfzsyrEEKQ1lYE34XhJ4jHACPNpObkoXqB7jGM0g8Go4GaF+KBFwwGwz+QM0IbCFJQ+RP6HdvEGn5g8y0Ca/3xOmCi4F5K+wuH1CcmWicN5Z5ix32W2Nq4vPsqMkH9ZcHTh49lBP0WqP6ZErg5QWNpePqIQaEyonfhClZyK0P6JtBIJiMhC/XLJu+6IZErhkFmFhrMqNWYkBI8xf+Tbf1IgJ0ArQ7kik02TQoRlRSpXcwjJzQVGcpyHulsoQWZI+tOVxvyFS8LqUzipY8K0y6eMMv7qDWmlq899xa2yw+nyOWObpmD6uaJehqJuMCAG0A9se5TzLBmNY6Y+vs3gUNZDII5wRQJ/ngcWhiQFvSqyo6JgA6XxyUlm6fbSmWJt8xSPlrkgWcNJG+KsAO6ZodTmIlAB3x1jC09kHKobcDA9sjiGoHN6eqJxPX4M71m4r+Km2f6kXv9Ucu5AvrhLX0wIjp/xxH3M112235ZGLLCIF1askobeZ6FX132CtwdnPaiJe+WaFoJeW1C80z87vFbCf6+O3pfIfKzW/e2hy/l5/hqM9VX3lqIXlothojPNs3oGhQXQgR8KB7ppZnMdK/xGQV2oCMI/x27IAK1yzLp8Rk1BXLhH+mysNFm1OqT9fDmbcaLNVIPZCCRaKd1oPJ2olmZgCt9wMzC2LMslzyr5zs9C0Y394L0e3hVJNZXXrsSZ9CbfyrcgLkRiPNca2TZt6rlDsGF2TaTERGxl8yRaAF04vG9V6gXj4eIJ+/8KiOoK82aygSmCSmJJZ1jkiPJncBwZ861roTqKkFmRSKOC0eZrBA/Ejc70/EEBW9aV4kCSZa5Cu+K0sEQZT1mRS+B9Rfna5znJ4Ss3DFo0YH8mvuRE1Uj/CJzymkRzjBPVmrO9HQlrQiF47RVUDUtYQMHaCyUFee+tWmTJgUnNHvNxEvMaCgL/vLtt2mVkIOspGJ+KDpn0w7rUyWVOOHhx3bRiCHRLdn6nwo9b+zoZLl0c0TGyMgFGkwBuoHiOd4aW6Mb635r85/bZfYCNNYqaK79QW940WgNz4yTAcUvVhkrGGyxOXHN6xkPO1X7ICN4BtuErtduHNcf3tlj9aPWzRtS2ISStXCtazK/zBFY+eZ0ekVq+teVr/HRYySxLcwowkjDG2u6wASd5RBR+Du44wyQucJgTtDNlTeeFBpIQ1PoUKPfbLf5hqJEUWCeYZw56lwUlDF2fIWDPow7tuaVO/uTvbDGtkmuBfzXLkH9mv53GMAehrCVEEEkOAFur/nwGE/Oo1xfUyQiaHjLeLQUlre5AiHk3HlKwKIQc5TmQOqf/+sf9/Xqzj/uXxi//Ov110D2UqUUpatqEVPsh8saYwPM38O5IBJ8G2cPEbxc4Yhp9hwN90+KU4+xbPLuKLZtkjsxQDc1hDKGljfP0utPif9CIYfiKMKfKWmMfkJ8lkArqWZ6hZIQF9AmnL6WF/76VFJZbKYtOUJeVfvovkKejAsgCvwWkKieUZnVVeIoi7qBJgcKPn9Tn6ZNjj2ZmRge9CZ6/+cpVKf4XPnoRXANwqOj+aGfDt8zAE04F0RZmZgA3xz9kj+ZiKs6EeGssLEeOa8+DdOOjZI7ReFQC4IuM01wMSdQmcCYlFYG2D9MVtQDNrt2XNiYMy86c3oj5Pqefs4NtUWZN+X31n0jGDF3rp+s+2GI4MoTvcELC5ztFscL/97+3DPmi3wKqLy3HlaYu1hnnAPVQHwEHba8h9nMAiYVFIgUB8wmRpnfvHCzk7+1W04m3HMSXsc8OcmMAL+QXk0aqs6pmS8HAggRuqVuCj87IdFhGpJRvLH8jETk1KtzWq5JxGSi65WJeN5ofplsB4ity2/4TPEpGa0wjT4nR8XosxorJejzaB6Sr6u/WBHWDBFcl6cic3xS3lqZdp+Tx5R0W43XNHR7NM9NQV9a0hO4L4NUZxKf1cgTTOPzUORzb7yAKqtttpAqq+8vPn1eAzjIeJSa19+XDuUhCAjQO2mW2YYNTIMpl/65dG1vbPMYlnLASCa748V5goeaVxZelwRgzSXAAktAvMIU78Nca2rd4n0V2uZAFZ/nj7jGhBGu4/NIjyAr09NZNMdEhHOOai7R42WTixJa8JlQ6aWOnyZ40xzd8Is924s+ZrWB2g/Okon7ddylpgSKlxqUHkTeCIrX8vi+dXnlYap0LCkaJDwJPRJUUQlEz4wCjyosQDm4I4nuEcyihflR5KMf/IIuJ8Ubu/AlVO40c2qgFTNPLqiZMFJUV30hxoFLNPgqdpHMZQofNjBeIp2Uv8dCU1ZNeKgGmUp/uFrnTVUOjmg9ezn5IQUxY1V13b1SPPrh+3ibCGYhSO6eQp81Pcq/Mj3rcH8I6nikjq4a8W2muGvJvNjSzyd85hG2TpSlSaKsvg0red7NzthTJgPc/G/LdTBVkXXHzk3/ZnhsX4soii11qsNUBZP12UPlbV1okFmRfXgRE4HaL9tltlM/OPxdJvTrn21C13+2CT189gmJB0JhCvASbM9huJuvps5VCc8mLnPGsTqecPr5pj0P9YP4xy0DRPHECKvJsS2eJxIjdWqH1R2Qg0E8T5nOOYx05Gh7TFVdkDGZkKkMS8CPSv7wCJQnkb6EJ7dw3LHlbleUudFXXkRJDd268dMgRnRMhrivr4oZTZomSy0GwzxR6r33xseh8RPGYr4zqOiM0dI8eFSQyF2NE0MK1at41cHZLQXVewqoabjyLNLWD8QPHUCb7s5bUN3gGNyi82Zb85I/aIwmJPDr1uav9M6imtneWwW4Vxg4ftZjGPx8Rqa5ozQLO29nzhhwxJQUODW1IF3WqFwZNObvMx+2VIzh3Zi14PZGXFQMMfsXsEPtULkZ0SzdwrKitW0cYVnbeTsGs3OchUs9icummwm6zkHX80FTgMQ1keTCudsCdDCPllb4bz5EmtZlU0XjWwk3wFgZySYxviWEb0N8lShoW2tmx0Pzb0Oud/WhGlEGPjbHKfvniYTeabfPmbjTHQx/NHrtk3bj+MwozMPasCpSXV3PVKquz6sVWH82NWf+zBNKD3gWZGmMd9LoRJ9BZ1DZ0XoYybnqt+NoaoICx0OGt0pNSi7Z6zcUwY5BN575cehgUA3vsQs9KoubhSZKSqUveKZY1GBIZYIYbIgmq9+XkztHU7bZ+3gxwE7DfvtdpzG47BnDi/fNvvpFL8GYOuYYXRQ8Oqpkldibt7BXyqw053/OgSNCuBeXx2ft5vCkiwVJh73GB30BWQIPLGdPHpRnTzmyeH8wgZf8CtXjz8Ls6yp+6U2uN2V2mfRYYBgzLHrEu4ZhShtHlTp+3e83doi5dm5rw4ONMts4qNT5Tz9e1Da4QbHxslJjxjk27fc3RBE65aDcxkF76LJ3pjgdsAlFxsH/VoC3PGu0dG3/ASvY7YJU2118Gnn0Pzs18Z/b+k6tshhPNNPEuLgyPeYDbsCtOmJbALg+5EwLs95GhC+Wg8FDyWM8+UwywwJ9eDmjUBNVOl+2seQzlTmK6qxz2MYiB62yW217G5MY/IFtIC9UZ0khQ3aca9kbW/rOMRifns5fdRNm0d0/xcdX1ftqda9ar+1V6e+X1cPqQf2Y/jbohwb9fVCtVvdr+7DkWnVYHWOK6YWxoth9tbYtYtRca2GZ/hb/+uQEQ0fl6bjD9iIZcm54hrAb7VEDs/4KU9b+sSXgasHq8UKq4oLLivAt4+5P5dSefFrKqM0ndCEXvYfB4ilM1FLBx1tzKsyJVyAoSR2X+531FxbysZxsufrdhQEY9AkBzTMQ2xtiDvxw8wTlXlZ5BaKmdbx2jJZibfScLUBKCo0LI6C/19Jk3eeiMNEQPOzR5WRi34c0+Tf4v3+LV6L4t38LJ4ZvxH3YETPKWTa9tYZSOyTE70x6Ue864+XIIqcbpng7qOxV6nFyS3wCRTQDqv4dTkanYGZhZm7tvQa2Rwl90RicDvvGRaPXGHR7+Jqp9KqUvIahqGRvMbX9rdLXW9+//mpxY7rbrzAgHB+2xXDYTl2yWPeLKe6r+FDKrvFXHOLVG0cV370BHjS95KONsRd5m8kbgeFTo6TdrXYPJEe39zEyy+9ZqcReqX5KRofL7HYcKMp+GAtzRBKhU8cALTN0kUu8qU9kp698oktyotiC8Dv83+5ux/J3MVME2if/jn34HvsG1B3X2kF+DGoU8YtwkEjUHhvxhtAGvVOUI2KftL2D4MemrJjJ0z3LGAYCcVunxrd7Ip8VaIqjkeOORZrG2LMHvND3wgy+d/bYAnBLzGEhxi7TeAGyYXqMhbNYTk03qN1LeTG4iN6oMHxEipfW+GSfY7W/e7B7KDEt47U+em3YTMTZc8FBg+EF9zzWiaCGpMG7gMZFW+RlgglM7SsXA9yxghMw9hRvALDqMSFKLTGIASgKeub//DC155+S+eevHOdTBVRfhrOgopk4+d/CMU95XVKT0ZsIaGIiSXDZbpw7RJkXMgiReUXdXuMB9pb/+T0MRn+xwJwFHSvCKPw8/ka22fQQIW6SUK4TaLZVuru7q4ydmWnPK/50LLpIVv+K+lDYvz3fKqEigM+C8Z2IzKkrBdk3oTRAKXKGPdiJCdsjCvS3KEIiqSuNsLgbb23H3oGEOMOvSwApM1hWgJ6IwY0FJkgZ05FPx19FxqCXNkN8xE195+Tg2xa/fy+ItxsQkv4NVrLR6Ruv2AUmhOPBYUB7rB4L/HntmsiqZVh3i9YIn/Bcg2ZMrPWAdpaHe+5KXAxRXenFA0GmWCFM+eZM/Du8BMLNBLRzRjbdMo+d0TLctjhHj20hn230RY+NbRpobJlTvnl4kL78ObhDwkolLo+gKQuGQFyCKyZ7ZotRKLIDi3kHG2SJdeQQ5zJyPJhT8F+LpkhaCJr/oLkB+Kulb2H5clRNLKo+B/PZhY3jwWoQNIBiW56MkZJYikx5DtIK8BAko2S1dzciIiiYkc3xmoA0hKF5qY6xw8j+W179U0StUExLYIZiuW6bYlJexTa2eYX533FqvHz53PGp6Dk9ZId1WYQLLn4Ce4M/LhebCo98Aodfy9m5/DgCvrAxqAj2MAnWxKwjMubUYP3uyeBDo2ewdp9d9Lo/tltGi200+vBvsL8/tAen3csBgxa9RmfwkXVPWKPzkb1vd1plZvx00TP6fdbtETh8U9s24Pt2p3l22cJ3ysfQF7RmYOXz9gAAD7o0qADXNvoI8NzooV04aBy3z9qDj1wan7QHHYR9AidnAxSG3qDdvDxr9NjFZe+i2zcAjRaA7rQ7Jz0YyTg3OoMKjAzfMeNH+AfrnzbOznA4gte4hJn0EFfW7F587LXfnQ7YafesZcCXxwZgiDo9Hw4m2DxrtM/LrNU4b7wzqFcXIPXEvpSYsg+nBn6N4zbg/5pYWgunBKbDoNfA5B1wvA+C7h/amIWl0Wv3kTgnve45nyySGHp1CZAwOxASkj++StAE/33ZNwKgrGU0zgAeLFkntazhYv8wgq197cAJgoKWf4UmMMavsUD28u8xgA24CT7/Yc/YB/sa5KYPzPgazhvXhIPG838Qp8pbATzg5fPz9k/xbryF2JsAUxxLKOQxDbBwiuADRdHG24XduCP+UcGESIwB/7Az/o2EByccfcJjzrNGcDJVOEQ4Oa8tRBHb70b1k7aosCOTa4kGCq+tbBHRjONOWvxR+md/E2N8/cO3gowJmylajQxo/epV5L08IiDxi1p0MsRQlDkRLUX6BP6SHkBFHrXDKaR6645HTRZ8jCAAiZ8FXzxhj6aqiXwdHaBL7xWVA+BJgSlndzDmr5I1nMwoDePtCeBf/7ATX8loorIgE0fA8mHZN5ESbYmPVKskZ8PfMLUH/LYb+erOtX2Lt2e1yBZK1JJT5YPdVrZUJIPajvNIYEwq6SHyOJGjqlatcq/WSqyG2kqaz8yxqLzCq4ywqTOCkwMP/IylaTbOKMs3chrjxZL1ELk/WUKj9OxwwPEoF177CrlBKuSguFA6OKx1Ypdm7JNlLShzBmkSqCLzBHUAw3dczGTPeHIkT4Fpf4AnA8cSP/U4ph6oOJighi0XeIOhmy+ccJfnRghlPwqlQSVgYoQTqn0sZQxOAYu++EE2+IyhhpSlGwc80rG9xsDy0hZWIOLVAr6oeBeGEqtWapVqjOMiLAcokvQMxuJGxtiLCNr/SXtjRH3IwcPCUjyrjXNxYCJEijbemq4uMF3pocH2smgaVtjxYjXv0/hxbxZrgm7++fDjTqwhGgR5+KFC2cMoaDBu260UhgOKmJY/ixRGUl93JmQ34FFG+W1kCSbKB43SGpT0HWeyQ0FcYPF2J5jWwkUVO2aUBrUFuOkbDA4iWSahNoMwege2M12GzKw7GnRkjq2ZPSqTaaNwTiJFhGdSR3gui9G4UpT1zCe3INDQHrPQh6UmdYRd/7fSGk+ztUkd2XlA652aktCCyMeUqFqNZPI5xDPgyPNky0wvaSwN6UPxWHgBocysmikNEpiDte43RX7RlbC2QnRyJBq//iERLST7eoywNqpiVCV2TZm13nHpycfYxvcXYLisxQeoXXA/r67J6AZGWJE/7rLlRERGYHW7vFMjnjbrKc40kRAoiwkEjp8dvXzMeClsrAiN92VK5kwhiH/EU2io52F6YdPkjFZKBclPaRQwPJdFzpxakonpCVT65OiZVOOLp0Ge3mHKxRvzVriz0UqG4yLYCPxJFOV/xsDt2Qxd3b7FizqhN4/7hR0KTMCyGkHZoyiQMCkIc1Oj55F86Jm31jCxcVJbD8sc5jSyvWSDtZgLYOQtwbl5z0We4Px+WCp5JX0uxVSPRp6y2odnlZqB+E04qKFg5LpLXELF8zqRgDtyvaA9iOJJVPGmOflbOoVqTN/QtvJ5puSwobhDipggCdJkXioHa0BIljkWsNZ1jMr1g6zMtWr6vhnjY+a+WEawP2Igwt6JasjyeXxsUXAE9vo1qx2oGivNibAVfmoMY+FCY6/daQ+SeevriTY/Gr1+u9tJNtv9RviZKZ4Abb7+6fDkp4th98LoMB6MgvlL/TvMVMkvmUhm0J8H36qj2+WPWXnJx2Ae+jv43Y5njbybHRQs96Ak7dT2gmTlR2Ak1lJDLMBk5UOwNYeohvnQDyt7qQclewniITGSlNtPtKG82MlGB4lGPaPRSrY5TLT50GsPUoBeJBqdgWWfWvOXiUZ9Y6BqVqulZ9dq91LN6mncVc32ks3Ouz+m8K/tx1udv1eBOkiAOlc1OkyhdYY386l2LxLEUFBCy/09qjv3JfD/3nNz/0GK+2tHSQojMZB2iXbVWorCl/3UOlTrsVanjU7rLMUf2pXQr8NeuA77Weuw/wTr8LKyr1+H/bXXoR4M8CK9CtW9GN2w5kiatvuxNnKd4m0OYm0ag0Gvn17MerUaa2b8NACpYLRKYTPFc2ulbykOuJrehpf9Yfd9Ck9lO6N7kj7ZVA073WH/snkqvMlJca7qcWH0ztt9PBSHLaPTNlKCeV/ZDQNOL3sKSa9qfNxoDc+Nfr/xLtXhUDeN8NIufQiouoTth3AEpWTckZr+F8PLTv/y4qLbG6Rn/lLZp935sXHWbml2cE290HJdlCJavea4hMPGGZ43GOjb7g/SQkXNBHR0Di963QEQJO+gChE8N1rt9N5SLz/O56LRNIZAbkS0/7E/MM7zTjLR+e+X3UEDY5cNo5WmevJkE50uO+873Q8dmFa702xfNM6KnHTQ76zbfI/McXLWVhBDzRZw3lJoqnF+MfiY6qNmC2zfGAaxaKntquYLyUyyxmuqm5o3ztqd9zCz7kWqvZojmo0O4tcyzoy0UlVXc4REDUPqzqFbSgWpayQD8m27n0kMjZj4CGzbo3j2zFWrqzkk2b1nnFz20/xVV/MJp82QlEC840p0UjMKzbXZ7fUuL9JYqvkEeNjoSeKmRLSaS971upcX2j5qFsEN3Rg0T2EyScpoDrMwz/HaCsKLqJkiKkeT973Mffa2Ry8OywzUG0q7/OvSxictbOr4GJ8f92SAselZDV/EI3lb2xTDNAdweCuNNTIiNaPFUWwGzXUH8X2VfxJkQ4WAStQm6Rt0qCs6XLZb73BJqLa9qG1hS82szLjDJvxq/1sN7H0F7PBkTgn+oN+Rol+j2YSzll/0J9TLXeh5JLry6hoPtjXF69bJ1DHpVnXh2HNKBbRXpywG3oPnWzNed2Tk4NNnnuAp1p78IzLfQWpMGgNvbTCewPYoaOHKQm+c4wLVFiILFIyJUZGLmwU61vAxDoYVVhjeudxZbGpNABt8RcV2aiLfQpkHbcWH8++cEu8/tfEmt8zEuDyCHyZdYzAzbxtvFvZqMACMfLgfmy0yUykgD74m4R9JPFWRdBPvhTDPkYlxqldTa1bGCWFlWB4XVzIxa1KJxwZK+vIwlDIln4ABKeOYZRJBOJq8Nsz13HHDkhjBZ4dcKEkRQGyQo7quu9vjPoPUbp9MzWu+E3iYnjBawvsyuRUOvq1Q9Kn4h7zvIZ/qeMyjAf8/e+/a3baNLQx/P2u9/4H15ER2I8u6W0qatI7jND7j2Hlsp52uTEeLIimbE0n0EaU4PtP+93dfABAgQYqS7SRto7nEokBgA9jYN+yLfkuHNONmyAVrMqNyXQ/27IUxBC1AK29ngBAx+sbhJBxTqXlYaunoq4reYMdxLUNQsBPRx2oEBe0JVktHHkGhF6xmjzwyQW/svUGeVZZC0Cv7AFb+KGkRll45P317vF/wUlq+oZdAxDu6P/Tr6JEZogJgmnscRdML3FjgHYgd7pTCGNypfguS7DX5/BebHI1Jnv/yBvjqwY/oRrlEP6OmuQJRy9L47JfXKOYtUce46ZuD/cOsRNyxNBVitIUz6I62Di/CNd59cEI5ydxGIs19cowzHa23rx37vuKna5syyDEHGZlr19Jy/9XeKUh3Px3uZ5C3Z2n+nGRHe/u+pf3Lw5cnxdYBs8KU2aPF2p1TUVUzMdhbJJKP/feEkNl/T5DfnE3yzVJzCJfh/709eHvAolM2RibjkqW1rjqdeirmT/zDf+i3NRRpIL+lb0zknYuMXEj/rm5UZEMZ1pA0XBaaVnihwoETavh1ioixqyxIAAOKw6SGjDD8/w9VjRQajOqiYCfrFXqyFBhO50l9l3aV/NWx1WJ+kgpHS1Xddr89bpWqJYz8QpV3qcSc2RZnqf4WTrIaRFULPOjP2a5Lh05jddcpZL3CYqYqpNqWL3fm5irOgvgqQs/uwpLw6QHS2KR1I8MI15teZlNhV/ePS9aIPj2AA392nlspNbNMGhIshiyOMxqob1WnoTUaza/4d/ojfaK+0D0Xq/K5th3TNlBs2+L8/BdQWq5w8WrBx1QSiAcyzPmpszFHD7ztj87OIp7tgEi+Q2FXIuz94UMqkW398Z/TDSejtqhPql/0+V3Su63JkjHoba15ugARLAfol36EPoB+lIQ+B96mXIKqXMlh4Lko/wj/dywd7qKxIWJ/EnRvo+S5woMeV+9qvGDHfbzMSZ98VlhEb+iImAGNcu76WIxnOk/tT9mTiZ+7Pp0IMh08+kM/k3LNkEXJP1MrvvbZxE/O+cRPJtnFPZxT6vb2Z1UuQ5nzunzW1gW45eTxqm0JF9X9QQ0/jKqz8c86/ae1sSaFzVliwwU1Tfsy0jSm8Ug7f2TA0TNfHHy8AjUEFB158yo9RsrXak6+ZJI8Cy/N3GxDcs55eZ1l1MBT3eFTtpF104PJ1fwm6Su7/Kvmns6FiiAzMl/nvqmlmr4/UDgIZm1gFOGXXr/vcHIk91LPedtsJFUTdl6tRnNlGlyP4e9KEiJec+TlfRyQuTHiQriLaTQahR4Gm0p7GCrc4dz5ECYd/fABSOrN+wCzLBmkXlkbDysTzriOaVvI7GZ9lxzlcZxYRd9SUPLIxdhbstahTVODagLKUZz8pI2NwyV++dxazhGOVLzFJlArGDvaGqG1cxy+R99L7NKfRVfbISemn4dzMuyPjPy5WDnahabob+kvAhUzrOaQ9A2DBbGstcgH/OXg/OAf5w7lLY/fYzUHDH/CFeedWUwFMNiVNqp9IlTnWpNEdG8GHUs4bUscJOXbEpyz9vxr9hTnv1nRVLWlHafOwGK6ElT2HDJm6jXRmRER0niSe4D2nGMM64qmlgwQun/Ld7e9rOrUGs8otY8o7aGizB8b7H7jcKSV8gDsiS8Ddd8xEwIgIxWLT+J8yAM8jfDeYx5eLCKQA83oAD45HIiKOHf26uTt0Quqi+FUWpUNA5Afww/BlPvWqixwKg8KCsPLAskhRL35JKGFAP+S7hk4ks7Ho4Ph9nMZQa+NpgjTENosLi4CDrqj4fFMX8qS7viyyColRwfydo6m+4n7PqBQHODiFwn08DrnD9GGo0wiIjuImc7tDva5Y9/nJ9Z9FuvqA54SCQ0oh0DgbMi8KhsJHa86Ea+u+G0b1aptqh6D+YSYJnJ6gWo6yZ4Y5/XeLzyGK9NMKcHHD2JvFg5llY6RG44pcSDGcr5+e3aOT6fCbZ22WCgdIheEPtjVLEI7FmWtmN5gzgWil+JMxjUT084iZhrADzAdC/wTcmIWYlKuOgqX5DCPNz1I7IXAhOKfDMSK0e2ePOpFVGXssMOaNpgqS2LvTshfVCv3xtoheyLSOfjQ/p6SyIRz/p400wb80K7mbqhDF06K+1xEImAgVaY+jtRBmwXb0+AiApi5Ql6MKTS8BRB3fZLAwYpwlRkHnia+EAe4I9it4TiAo7SHTBrvOmlPVCgov4J7Eyc4oA2pq6CzgCIewrlkfpgdBn9YXHEVDMvm5bCxVHEMsQz2mhjNx5aHLYuT4l2VVc8wHY4rkvKgCl2q1CpWF/UkCCN532yYzfe0NIWcjCFMAkV0G3XGBL1OiRvKq5OxOpup3KBNEcRH0UWcW4rXNLNLApVrZleBC0zRVpwMWrg5nEgX2QVxxABHexo81YKaLNV5uPXqioaJZbRgWuEf7ZbmnQDo14wOnVLmnjnNe1bRBHBJbNU7khAZ+JpTeUzpE9fQmn53Aqz7ZJdM7eOVvO/ZB5F+iukIwv9j5sYhlttnmP7rDSbsO7YdIqKMMp5XZgtzQW1BahjGE3T54Eod+snMBEYCpZoiNRYe11V2QUGHkGACEgpS6HlS/UqNznJUHI1BTXE2PW0K/halR7SEBy8JnTRPHvZRlmAsSaaoaCF1mnOkNCJaZEy+vX9/f5l90GppkkEPVZl6Fk2fygxJ86ryom3dgSlxRYMUflLMUjNMWcEh/mi4seeUzaBEySjkXVyaIQIgC+hZ95RBGmUhFTBAUYkhudokjmlVUzbOHVcI/lSOhmprjo2wZ5BVQg7ID1gEAwRWpRQNUIWIaOb3GkfR+zh/znPHqHJHfXOOL1d8g9+lqwIJ80Ak5CQTEHEJZrR43Zxrg+VU9gktxvvwyok+KFeixRTdGNF4oNSjBvp+3Vy7N/aB7pTQy08qG++KZrAsJrJLaQ4uylGyXHsJeLZTh598wQ8/hcZaQizgafK7iMVZA5A8mzqRRaQo7+pUCKmyU8laZiih7FNdBq1hQ+Sx+FNhNld4T2ZahVck+dJNwSi764G58gcz1SplWgVmkoGOaKukkdjATorQZDEtSmqKH0XfbANRN1RfpFazlRbBD81iAHr/Jk4rFxMruR3YNAf8FCMRDsYyCQBecucFsvA+IpFNtkgD3S7MkBiRow0sk7ahYYblr+emwsIF7ZWV3X8j+ZSo4vhQuxfaO8OAgx8Pj9e7zUHiHWN+KH3+OOgD+hc0D7y0SB0z/AnljorliNFvgBc7eh0PpMiU0ReNCmM3vsR+pkHg67o4y6xygHf6SQDa3cg/1dCiRj/lnl8GKqNtUt9PUssBBwyY2EQ4rPIqkJc8Gq6BZ3DBhwyaOIZkJoP97efY1IGzmG7PXZzet2tibGxqYBuVI5KLAu8PMB6RoE+SI9CdgZ4XAe1Vc7YnsWA+D0BqWMTGMNrZAKkBmMkF+80jvSerJY14BTI9SLYogScpPSlR5zQCiZxdhLnuLYLMEGXGQRkU7zVgfXecC/j/iTs3VYIMCEZznBAl8L3k/L7TyAnc+MZcNvcG1+SCRBy0zpDlhaP1U8duuaArYpPtci7ufZVp/dqH09RCRDJddpl1KH8cZjcjiUnzn5VinUVoXFVYXkFQNkUTjsKzFa4CmutT1m+ZUdyQ3rIv5JbHWi4GrSYCFUgd5aozZMQeXoSSgk8ZjDDQkoyLA17OTbGst/Ka0qxsGcpYRLNWtL0lZdw537K4neSLiKXsN+MzauPD69jq+HApBlZZZrcbqPbSCanc5P1gTnm5v8xVmLnXt1gHqoZZvAyYNpMxoEpZnufJgjC3qK68Jg8kR5d56IQzWFV2QORCEMUZlkKKoUcHU8vPg1gY4uVT73IS+cA7kk61qzk1JF05eO7YI6uTb7EfFQiLqS0UQiOM6F6XaCTAKrvbS8xN2ubh+KLsdlWbPj/55JJpkdDGalvGy0jKpev71N6JzayRrkzy2QWJz8/172Bh++nwE9Ev27UqzP8q0hAFWsYcqAhGCcqM/SZT5klVhfn434t4LqJCNTvWKFrMqLZznHYzSYafBVeYsHc6FyGCVNZK0BpRsxoJDBzeD0Tt3HlOX59SMAK4EerFxB2CRM0rY+SoSGSWbCKKv4CcVUYgEmm+Y6vNR/j8WatD3wmRaaZPA6o2lzeOKM4baLmCKC+SwPc4udGO2VUgEAUpJIWYkzYJaIv1UKYB3bjEV5gubwZEfsZhmhN3epMZPu1GjX6qMil6jOcSb+7fT6PrKQ4yCVIm3vJ3Cy9yKaUQgquOEof/VNcLGaM0WbZvZ5NGXXLzQQizqz9x4N/vELOhV/zy6FFuoT0rOHdhI6c1p7I8eBu/vtPopwF0LOJY7wbOB0aWBNlhOt3CUjs+fug0CVfGpNd3FURCm9diBhQkO+ecutgAREXuqrkXgSFBUd0tHTi1DhJiBEP2sWQ8S8XFEj+JOrzu9fKlkZSfLdUKVwvAst/H53ecdEpDJMtRNIataKY+u3xswFAe65prTvpmoDS+sakd029IVaR+Ug9rBWWg1cRt7Da5m1E9FmFawdYib8LL1C6rctNEqxoKrQq4DSYkJ42chEZ25mPZkHM8kNRWTW5RC4cbhVPNVY6FEeV7x1eQwtYquhX6Zc6tZ87c8u5YVrgkvDP3G/2je/3ocR5J0rRCjMiXJpW7UREiLLnFxE/RejrNP+LV5z0YBaWVRxKlsm51lIGZQ35B8yLtqarKrFbxjkI4zGZsJi/J6DPG4m4iRXP7x+ecDidGs/7iCi9PhwHqVMFHQFuQRKHFUuOLLF13JwYynNmm6vLTm0XkyFbbiAIrbRpJ3rqVfSTtwGCuRRGGnKH6K014ITvqe9YE4UWWs5JGLVNty2wRa78XWJd67HrBZuVv/9r5bWfz+6c7W7/tPMCyq5WKsLcgCxQlrLnpDl4s0+0ywDcRljM0Rm1peyRydBv+AmVHTJvdgwlWjXwolhx7troW0JCFrgUyrgWL22OrHCFQa2DVbMUOZ15hINW7Jd0JT9nkoiMGRUDfG2poqdrtyPFFbp4wbaKcwq3teyeDhJItzrd/FFfGlQOXxZpybCu1KKsiy/5l4L2PGTdIb82/EnjthlNZamt4wx4WooKuvM9HgFHwiiNuRh0Gc7y9piqi15cBxWLwrQSKjeHUDz+E/oIqgfI49nID9AIMi8LKJgfYjfnv+0Bp3dfgj4HOnwurtD7LXlZeBNNgBrK8VqQDQ7IWc1FrIit8qJu+qUh/hkLDgrcSMYFm41Bc5HVoLVF/n9ILYuFfVXoh5cGw1OiLUTUVlQwQ/PIaAOi9CMTHvvJtMVLKwla5czEiaJIYEjVP3XAi8w0QmVCrnC5Dn6fqPy5qJrKs6aMbngIMWVaC1OZ2q/NHtYBvJsMIkN7BSql/sAM5/mufyHHZI3lkPZPjuzyU43Knclx4LFclMdYJffOUO8qDgb1zqUS4eKUqJHWGHtPhWZMWFkRMFdGT8R+AoIzvjaJk6MELISWSh0rSiSz1jtnikFBYa7Mp6kIlFOMAC6c7RF+wUxnfFIQkehrYgnCZx2ENSsW/JwWMtNqOt3QkSWM69W3VvWUmDtf3mSj7XDoe9kTk3hUZi8X9/bbDaV63M2XnH+v4a+ZcMu8FFYpWnVyaln/3SFOpOrdLTPapXDCogEZ+cO7Kl0qf0tXSWLFCqyrNcolZ1TLIPRovNaJArh8YH1mKIty1uLHsnC6xX+K+YcqIdcVk+foteLJoIdgyd/iugoDjXdX3TuqR85iLq+Zu8PkMZk9pJtykcLXwKuRL2VsT0mnAaS4zm7ReRMhcQGwQVDmGLY0pHOSE9LX0nJwqf77Wg7PjtJv9dr+72+x39Z4peC75CU1OVIZdZKaHr43vvms1i0zCwTzDCRC6Mj6yZ+if4iaC+STyw1HoMXfFCnbSMzTL+ESOENpdjGYgCwx5g1Y5u8J4THHDcOzKuGvm7be9BODyVq7Z7Ha4ES28S5PThiS+TxfjcVWMJb7+xdQJw7YEq2ALveHFwX82t+zkx3SdsHcjF5n6y18MkZ7ekkre+S31lHO/Zx5jqvYnK5z0pMiEQAyJEUaoYlZYWi4vVcV8xIEuLz4ZE/qjiFG5nqwpemfct9ocNz+JPLVanpZP60t5hwxCxmtKNU2zuV9PLaVflWQ3WwS61UcKdPiM1uH2mtQi9NO/2Xz3RZTBHbEC7xLmbawkgFHVxpG1u6162P8uIi4ZgxduMpvX9fV17X0wmwZjckn1I29n4k63r9CHcyeaYqq5Hf4Cj5s7BEGtWUPX1WdVo/uNkHkybQ0u+cUsWlAJGcw7CIwdkM4Fra5R5XxZFIl4+EI6iooUHxsr0D4u+iNXYbthzRC0HA+T5VsTGWminxMZLz4PMl7MrozlvCiLjKV3FpEFu73fnQU51IxinS697EFEx/h/QobUu8s3GsVXbZ1CgSTkAoOTkuEJOgKJznKRRSEDSNEZTCkt55bAlnWs3hRktUmgmRJGCWRhi63wS+M+yIERnoVT3ZRuEf74kpDeSXEzeiadTC3enKZgC/3kSigmLjczuKyVD6uKYR869V34FIhUJTB6TeO31kNOB0vi0Gcu2SoJWcUb1zIXpn4SvmXHR4ydk1E3qeY3oPzNF+4Y60DNMMMe4T7pbnhNb4wq3SdDTfFTb3MYYM14IZx6oR9M59ig+sezQRoS4x9FiM6zRRLyru3iLsk9dfKuouFYJmvun994STaTvKuMdQUJ+TuucPq328gPy0yTZcjcX8+iUUChRdxO6mHWgssLO1Ad2ZY4zElPiLP1B1cLfJ0PBZzPTGN5KHnsAnYhKa9wxdcIL1rbFbmlIgHbrBRwyBrmi5F5j6l6pIuF0MbjGnydkyIDVHtucgk6YIdHB/94eXBq1FlzJuHFJScYrFEymohDQX3OKMs51wE8/YTCyOjjBL9wUGfy48G5fh3nlKfl/KIWy1bGCkPWlzUzinyrvbPxXNRMwRqQqsLmBEVNehrggZ/LX+gSI+Z0MnPngzsLMW22VtxMZK6TCXJ569zUfYmAVLAfaZZl0AMRdXGDQRLRREXsa0FRE/cG22tZf1m2Hi2Q7bO9mEqTgkAtATFqrshM4CKht/shCn0WM+IQhAfExCdJun7OpxxzUmcY1712RSAIv6NNN5Wp2dnevoMgz27So57q9x5KcDAHWq0CR45daK0CHOuGnSwJNTn5e17ypVWiS1awci13KxQUmJLDp1h3NDUcoUU2J0qRyHib4eevw2k4Cf8viDXrA6ZqXFzxDUoqAkmmFSdf1/gqKHETYqaaWC4eKLUzvGuxQOdeCJXiXA+BG9mlgmIOtobClOG3D4A+0GYlJ5EzajCEnEtDGTZTeKveXSYiZPRAY/6G3TSDmMAFp4hhSCDViMxROWv8HHMTAM2vEcbUakSDgZYzh6RU+UyHNdw0uteVPD/0MZGYi8qRM+N6yeasRRUcAcl6bCxxNZYTQm9jySKfPnuA2chiuye9JphRyOJvvzmpZ7Vsjjn85GdezI4ir48IjuKg29WqZgkDBiVmUfGROSYLTompQ1AQ0GmFzWaE0I8hgqMLkLlhfUti8lLO3PnRsncjVyHYKFNp4OckCigHu0WhDB89emL7gfYkdJ5p+5AUXs0FYR1itsIUxDRsj60KhqV9qdjEtTdMzxh9OwE4szGrbci6G7FCIEN6wdeRMvbJzcGISlktQ9WtLgIm72U4SlWZVclwX9K4+5mSSqWqoA+50gjnqpf1WTRWVwU14SpgxUMrT0MqzUIUfjFTVcbOgmpZoVYbhDNjNFmoRxtAL3kvbMpiNXE5ne9VJb/6hvN4XXNzeUtDiTii/CAivSdNCMA+39VzGCM7OQsFgGLeLGRIduE8lcxQPCg+ZdmkJ5TzRI6Tn/pEcmABHJyCgF+qOnVkgc4jp2GFU7xn5icmRmRrnbHg0JkaXAZjQBCD7y4JzSxnlkmJmeZgfI71saw05xU1T6iAEZ/HjldJfa27oUJL9IbcaRQrC/lc6vXfzcRDOUnabsmhvir3xtS+BOW+RDqw0vo/hh9/Ls48m3y2RONlOe8dJXIsm0zs9ZeTdPHrQdY+t0pQmApDumeikM4osA5ZeAtSASfGlf7pKctflkg8v5FCY1WLKwB1RNQrJ+kVVRT272Jx1HPHnFqXTPo1PJbu3KXiLIvJVSDT2lNVGgDiAc5tHgwM3xfnLKoSdw8+uljSpiqLEOK9APcHr1akUaIGWFQRxWAwi2+kQXuBR6BKL5PcjEnZeQmqzvw6GKOVH0Mw1NCYcqxKlhiXg/TTw3CxTZmyJrtqZ+KqiAVhgDOJqDrZ3zti1CJY2P8sKcHpDINL90MYzWDVfsaU8ZY3q8aKUT9qZAE0gojZE0VaUZf9x+QMeOeAUt9g5lHLfh2O+CfjJdi+xuvnmhcdPLiMklzClFEnCxo5YshLtMxK7cuE+1WuF8SF4B1aN1meeDanyxZVCFEYCtFJEFNVwELH+rWd66MfE17zqB2Xv87d98k9soe3LHT5g4GNON84GI+yIPImYsgcvp66TZxfR0lcHTpuaBkkz96+PiCUTD1DgnR6XsPQPCDbCAUwQowJdvaOX1R8iucxR69hTU6B/9cuJoGNHKJbgbOgM43zcJ1WvT4ZCk/Baeosyvs16KLi8yGSyGl1NEnmb8Pd39Jzyrx1mEDLax+jUnKDNRxkSVXUatUh4hlo8ErAso0Yw7gVT0coh1mQxSZcGyfJ2AUb4FJ/3Uz3k5k2d7LFh8L6m7p95AIolqsQZA6ikNUDmv+AH2DkEK0hVWDAolbOxcyl2la4HrNoLGtP4QUhV3hlCohoCnyNPZG4Uc52qcysNxUYYxpNsZopqFAfAOXCoCZh43IaY0Aa2tMZFikVvle4mbQrtB2bWD01PdgWclGRHnkS+n7iMYJvRlMcR5+4ORo/I3IkLP0JqykxuNwhBYIam0GRIOTTcB00QMpnTh07YxzJQQhV6oSu929gh6CjxXSMO5R5MTlWS2V0jbbmivHAGdO/ZSOFbN6a1vqds/nyZtoCralBOD9QNW3sde9s//CQ6T9yf60IuAhaViwBbWdIidFoxl6xUgHZ1pg/ULrXaApJQqIz1VMXJFSqla3yIiZWRU2QPD08/rEqT4WwN+r4kV+f9D6VHp3l2pQf7XdLIKX27u2yLKweh2TaQgE1opkvSi4nkiloGnE19freG8xkL5NcbgCmeFSQiGkT+Y8IRkOSokmrpCdnbcMYHsjDFSoioReQl4k8w1gKXbjqoKhg+HvynH976mxKnpGhfd/bQX+cenx++vZ4n5ckq9EAZj176tSzhohoNIrJFZRb6VuT1LnKgyyrDEFzK7DowMRxFElxQw7x3eJLXlwnTQRDJx6jADbCSiGhmrcYRQjnoGZ6cvjqNxI7MTaXnjw2rzDs1WhVLxkHNrl3uRthR3NLVFtT0+j1GZmSehLaVv+rhrV9Lct0ixC3O8ro30rRlzR5SOSRvKxqhM2bxCVzMgQm67KhdH9Kbyfq2mEHGytuQ/oKc4Q3HT+MsLT9puDYldkws7p8vEZXt70xFeSL9GQiXTT9zPU759fRRAIr4cYPkKXg/SZAZsoQmauWZYRcSriWIfDKL8KFv8zU9M33ftDhYuJZcPuTQ3TFYikrp1gqrQONKlGJiJTDk2QW9O93IHJ/j5wQvzx06h93X/Jny3kE33oyccBjbv/E7D0hbgPRa7ve71IOgjeL8/NfEFtjemYctQlqUUoKEUQfk+bIlMDwgjCvDNGQ5Y0XLLtcCnOSVHnUdrEkJCtkbFyCNhPMNgpA3X6aLjkB82129HVK3+OLiiC8pt/xehRHKNmPPqz3CNUtgQdpyLZgrSUFF8Iye0tnW6a5Lrwmhxes+RG/nG5o4bOtwjIc1aTzVOYJ8djum2MnGEv5Me1mAUOmo0Rx27iGt6R1uD6PnprgZ0iP1R1IeJ48Le8KdBs3oFxHHvzkJZK3OAVZ+ynl/VMS4FU5H37ydzOTJrQgS/oadwCrAmsHtOguvgjSggp7qgyQcJBHi5UUdpjaqV2w2FemfirCQSeQZMkKJ5PAx3KvQG+l8Qct70qODUlDA70kGI1CD93oKXf7OIQJoOszD4GhSpqnsDEcZ+mV8EeYq1deIsgRARnVNJYHwt6dR7IdlTPWBUnyw+3tLKVfo6zQ+jeE+FnnlrDgHGQQFz93Wk5i9VtDWtj1qkfYSOCSiuPkN1QvOov7eHgdPrR56CnNg2arW6OolW5kMLQkR90/Ojk7WLviVkkNagMTInLEDQfczAJ0TGfrEexhtJh5dGMWRx5SHr6OIUFO6K6z4MKd+WTLVQX4cL9T5qS7ic1p6Ora17t+c2pfgtNOyav3F9H11Lh8V3cYhdfvKqmwLPKoXUpTyVntYsww5cL6CKVS5o4fB6O5s5j6wYiukKi2tyxMxGY1VSr9W86ochXMRMpR4KmLaRIExzfEqf5Fx1V7Agn4+UpyY1aLVL6KkXEro0a1XJQJfYFvyrgEprgUoNT6ZKPlZU4q+3qXi+n7fLZd4mYlUwQ5mXduUyUNMMjL25kJAm+V9eIiyNxnaDv1VCaZ1AyjqmrcX/v+4haGXdOEjMUjvxp578HI+7WibBlNUTvt3+SeCDafCutp8kbVqVzfiw01x1AoGBg61lfyDYTiblWQLJudkDdy4n7U8RwNYIKwYfyd+JOtiTlvPJbNsjY1a5Vdq5Wq2EYl6G7KRMVPq8Jit55JiulOoUWqPILIT7ENy2K7WSnU8FOXvcVqwTn19aRVtCTRold41yyWOVvr9NrnsytjDHFEatmMUMbSLq39ObpazGNhzy0C8/7KQAL1Jt+eqjCNR7ObqoEuuETfyKUU897SamReRmO8wR+RawgKkZQflUr15e3pKgReTfOuqzNSjery1RlXP6T4KT6o+MnZ2VUOLIPGhBQ9obAUq6SriUV/W9BsK7yr2EBuOdxqJ05jRpIGiCdVTUa2389Z7cVafu2r/PdvzcpLmHvvqXgnu4yodQuFv8yc/YMnoFoqfRd1SHTOmaO/oZY+x8zCrs7890mvj5cr18E40PKuZzNarJV/4t5SWPoErkqvoMerkozxyfUvivO3KV4UEZ3WuLj1rVStO/FkaOWgd5F89PrkpxwLox78/ZcNxRHnWdjV+DgLberk7044r5Cj8fB2ytcfywYoCrbnRiwXLK1YXgOAcpnUmEJYUtF8iuxpa+QY8gUB/kPkFbqHm7q8/foj5gz6msnH0Yf/msln3Uw+2UMhEgp8ORl8igQCw0Xoa94eu3r9afL2FMRPry22qSlY4mul2KtT179CQp9TogqxVqHQKDi9nKGnuG809ovy/k6Da2vFsTWzDhDwm3LQqur/0+tTAgSrSiV+M+rkCECt7eUk0nKvGkNFRSBjUj19UerZ0kJAclGqTrJ98je5ANqGrn6vdnpwvPe6yFvzq373F9Xv7tDH4w2ml3eS/PIZ8ngWBE5lt+Y4L5G8Jg0r6ARRdKxI46EwYEzkWsKZgSedoax7mE9qZe0mnTb/YWJEz5BWmUOM6wTri51BC4qFWh0rjOTeqI9wEm/O6L3pku/9FhsgOag91rIr4Jjc1KYcMCBaImjUEt4HN1jo+MEHd2y5/1OXURz8+JDal7iHUvUS6U67/lGEMDTschY0oYvOEF1f8QI8mMoAWKfb1gtJAN2MnGsqiXHpghodLVAp46g8ziieV1YiNR5tpKp9+ZQCbF8DRxo8Dy+EBr25bOd6QLSbnW7edQSMAnjvUeIFTtbAoYVIlcinRy9mSjGhM3caj4KZ8O7h1N90KAC7pDNR+8fnucNt1j+KyJGXHKOxhe6+N9fuDRxKV+aX4LsmUQxHrDa5B6qyrdrYw/DiQtQlyR0WQCK3ZLynwi81e8vMCVlcwTbuHNMeLD8nvaxvq/ykN/MB9ex8rxfh/FY+fZzrwG9082j96Bxb3+WuF7UyTebBaTqbRBValEZkqwB+gDtZ4NDfOb4I/XKre3vItSyJJvjtkgDrVUhKUc78oyeTPGpdPjFMM3hjQ36As/AiRGc1oukO0kPyzUdaNOd8FMiehh4I6LOrSHOSzxkUO3Z9HwmYKA2Ap6nCowku58PpA50DePbUd2e+w1WPI2DsN8VLJQrU40BUoF7grFG+JfeY4AE/R26SqhlDGQRW6UlZjs5Z4it10W/OgCwwNAPZz71c2KfKeZpo2SuJllT6c+d4gv98qrN08I/zg+MXB5IOSDJTkrRSIs71AgbkJ5vd8wH1WpDXMxccvhq+HTy0MyStLO0l5yr604BIxwgB/fX2kBbameSfeiWnIvkdRFw0NqOkQZlzwtFNUvULj2NG7v5/oralsoucvtyvOhuHmLBsglXA5kRJKc7g+OScApIw2ZMmP6C9XLhOb5AlnSqUyZwTLJzkyfs56VzEfMWv64n7TPGo6l1GxofzRsIwZkCbCE92YS8Yf5zVRrMg2A7GoLTOML8wtNnhqIodDpINdhbuVbgzDqeLjzuolNUu/3bUaBr9w/yrVI2tqnrG5jU/DGrTYI5VQXea9HLymhLFZfbhxi4SBDiIqPYGNacBH4dEEfV/JvoQlRF05DFfhCSbr9UT3YanFwvMHsb7pTViodUdUzYbzKPEXhArmfYEGG0CI/fNHLu8tS+urV62r9ODH98e7Z3ae2qu0tPZL6+PDo//nuoJFxa0CVwvdNEHNPEXHiewJhmu8yjTfi1zVL2jzFGdWtO6xo1kq90JgHAVwh5ujsJRZBEhrVN8efjyxL5/TdW3d+kiLQ1mjEPuuGTf+6/2TgcvDn463D+wD9FVQwzHkfe+fPfPj072/17UdaOtuo4jtF2V3XHo9+Dc3mUC7fVlOA/g8GQ7xQitszcH+4d7RzLRjAzvQH6bUvyikbUH0IrfT6PrKR9JGMyjQBEktRTAjzpdzAhH5SNn0TzyovFG2TkyfKlJ5rsHWjsRFcKylxIFpqWjaHqhW8wTwxKrPjJjEWeTDyiXfODGNyBx36BqLLkap8xSRAt0319A+ea0ayh1A+NBv3DVvWjrGgmFSQkAOo2yritKzQqlgKpsobHwJt0t8RYj3odB3xbE1aPcm2TCZoOOiLCTtk+04ooAYYD6nNWGa1UpK3GxirRQXUy06AgfCx1AptU6MP/5AdjM+zWpTVunNsJGxRjoAR8ERWYe/25NN8iJGsW0Q4paggVdTGGho4spqMyE+xOYJMZrbQpNQpvJUoPgOIU4y+KLykgIEhk3Ve9WSUGsZTCtXYfvgbr6oUurid923k7Dj+TdSJbxuPyLL1W20oGmj/3tOGKRaxCNBiC+yiydAxpHa2jamKm+ACyvd7lZ+du/3v1r59fNd7PtX99dw/8+xvOz8+1ft/7T+h3LDSRzzbcEyiZYciDXEFjZruTY3lZgyUlv/kq95QkLSX/jlfqzs3n8FPtMr0BdlwRJlyhgOvVjltHfcAIWu3W+W3N+DKbBzB2Lds5LOnp3ZaJXIruuTxTncEQam+QzzN44WVqevWpCS7oOwwTD02BsaX3remmpyzaakkieaLkYUHeAQuUT3lyD0Nczu5m7LlTP/VTOdBzAeeR0qo4cM92lBMN5bO+Q+st02Eg6zCZ3UlFI8NY8er85CT2QG0IggFtVp+JUsAPxU6Wy9UQjYVeXV6y0yDf+1m30WpptxVZKNbt1SZz8q73j44Oj5DbziQFldFUayLRHg1BEYYWSLCM//nh4/GPFUuZcv9N8CgTtmUPORZkLz/gdLeqvTo5ZUHwqzia+P4sWU3+TpyH9+tGmgN5L8VYlRRYQ6DSshtMSPMOwqCO0bVmpceBdRs7Gd8ADnv1z9s/pRjKFATNdvEzcZJscY0VVWOj0BdhC+Dawg+92VFcWejgaL+LLTEQTfqLhwP5jvpNTdqkR1ne/ssOXemgZrNSy7Z+8fnN08I/8XD/G8GpkXKP1PYKsLqp5/qdBiEUuPiNRPzSqvaMcN11MhkDeoV8UWV+f/ShPK8cATYCyuhcANNYlnuKtnDvTYuK1t5OkY7Ej7qAMgXYWyNj3aBosGUxPGnAdmX1zIFXSGzWw9KbGtvVKICS9WrhfiollmEeWLzEzXJkt5bBHnRMx3nqL2TkQRjThPFXyw72Se0O81bPKGcH/jgo4VZ6I+jkbLkaAm1vOd0gTM+4Pwt1Tc05ZwkRs7u5hPCBFQ7g+liM92iIWN+YJpAN+5WcFjzdLr5YYSe2tVU3algEy1m0a7kgmT8jGDmu/a9n8bDuadsLWEYQW2JXZjK/cG8xxkcEXHZZntmzBX9HDGkKbs0epENl0SPqaYpZ1aaKZn+NMYcMUS0W9fJE610eqFK4TXWPXWGJQYgQnTCd3Hsvl6zyRqbwX07mK003ek+nVdNTWFtmeJUD13rD2bu/Knttjhelrd093JyZ/t10gJqef/RlkZqGjfJWabcOnRr693Gz0kyM3y5RSMLi0r0ppkCzr5FY3DIKpw55PUyywQsK2xdKYyVCl55BfskhVKqZDXiVl3jo7xLcIniRbQMFZzEqhOcUnDIkTJWLDT9KSXwnHOQIUz3EtX4U+lPE/labFdHdLEvRoK51/K2E5uBkUreYcmrK5fHZ2soDxZqbgWnqHYoej5CWKQtXxmK8rsuriMuVjWeItnB55HscW3DDnQEoKg1HmuNIlAYbd0St3DvgRdK2Az4dd1K/NzGAryaijPX2X33zbafzqPE6EPOvcfwSOnZR7IYH4QzDTLfjZBchxcV66cXKYn8QAVsVRq8q7WRGgsI8WT1E8Sjuxi+A+bgNaSDClId7JLmJbrB+N9q6SNK9o/jL2Tuxqj0K7RPK1Z1EIY1Dpp4E3zy5uyngNZzyOppm1Xzt8Vo28KbrO1dqvrn2LKgHgAad6/NjWUzJl+O/Ozv7s5mq+s3dwVgM9/b9wHXgNvnXeLGbB9ptXb6h6cuK+gywSm2MbavcW08VPPOyHatG5H9xw7A7Hwc5VFMfhEJM8IY8C3qaqGpldVp0IbS5Y8i3pFkeWW+m0qYeO+vFwJO8mCf4BAESljf4e3LDisrnlmF9/F+EdXIoFC9pUuA4ZPPAWY8psip471H1e36pX6K/mkBONiO1FPzMsCNjsofd5XFUPRXYWWfVMNuCUkRRh0mh16RGNrMCaLsbj7St2C51HTqPfpEa0DvCFvaZkr6nBgMiE41KT4DFjtSruhRtiyue58BK4ikLM9qKgArlHLVeyVWfh1AuSgRw6jX4snpyG/576bjBGV3y8xxZoHpPHgkIWo1KOqEEo/BEo8cnHuUC8quMDkZnTwFSTwAVY4ZyB+EZNQEaL8QrfOv3n6BaiY4jx4HeusBnS7bSHnewDOHwpjuETAvIqjX0ZXQdYSS5B8usoXeJsE1fj0uUIwo/o4EtuKRIn0M4IP8oFEi0/uLOQViSaBlvJIr+CxhWSKy+BMMsyoDhjgARXjx2HMbNpOJy5s5vH9Np3XuQHz/jP7+GI019Ih9n3bLNiEACOovpWNnrgUrw8eiepddzMNgFexghVcYceyCwXl+G/348n0yjTn0hP16jD90a92X6ifrkauyFvszR10HOLUyk5zWs+pd8qkqj6qEEfbtLJ7zoMpKwx1H5AVGuTvwVT8U11w5atb53vxfrtqLWk70eH+wfHZwePnTfqJp1qgMJGDW+wNuGUqm6i/x8FdlxiQdCqcGNE1/IYqelQGo1dQPSrG+qZtBAs9xmN5td0TJB+JimY/chbJASZnYA28ahsnIk3NrZoID8g76dv5VGSP1MSZzT1zgJUUxittaId8udxOAnFKGS2wJQGTKgY4aoEcxX92MMR/hvQFEm8iC/hqIaxCB6qYg4pkDkCcmOF+exg0opgzOBBL5QjY2RAKXLPR+yGPxdLRtXM4MhPzBmFDNcIGC8MLdPfOugyCSP/G1hgprYnUhb2iYgfq109V8FROLWZTOIQeoEw1WB1yWTDxU/xpcsUUpwrdKai7lwq18mzm3EeLcCLEHggyldEB1OzTo78+asD5+zk5fnPe6cHzuGZ8+b05KfDFwcvnI29M/i+UXV+Pjx/dfL23IEWp3vH5784Jy+dveNfnL8fHr+oOgf/eHN6cHbmnJwy0wQN4/AAnh8e7x+9fYEq5fO37Ih7dPj68Bw6Pj+hQUV3h0C9oMPXB6do/jzfe354dHj+C5O/l4fnx9j3y5NTZ895s3d6friPLhnOm7enb07ODrB2K3R9fHj8EosEHrw+OD6vwcjwzDn4Cb44Z6/2jo5wOOpv7y3M5BRhdfZP3vxyevjjq3Pn1cnRiwN4+PwAINx7DsouDQcT3D/aO3xddV7svd778YDeOoGeTsW5lJA6P786wMc47h78d//88OQYp7R/cnx+Cl+rMOPTc/X6z4eYcH3v9PAMF+fl6clrniwuMbx1Qh3Bu8cH3BMuv7lL0AS/vz07UJ06Lw72jqA/2LLjzLYmm/0DZka7QEcyprX8EDU79yJwnIQA8w/uAk7oDAna/4QT5+fw4gJrR0+d70DCmrkgycTzH8TNyzPRv0Ln169/Ojw8NF/kNuKAQq/i8ub6+rqGvm/ssUwOR6JNvANHclt8qaEzmOMAEjlH/ET2ByyYPsllUBx4wKFq3CPQ9wtyYcb2O7r4ecgHKSVEiGZkVvBA/4sHwUegMbHgY6qdZlkQJ3IQoZBSkQ2I2z0hIZjG/NsPj8TCpjQkcVmnyRGSUWxZf5VMZUuAKudzwG85O45okfjbOfuoFwYzCgfSxKqASNZ2w4lJwJpr7n3MtU+BIkUTnAoXbUJP/akffOROz09THRrefHZHMpKHBl54BVxsgG/H6DumkpD/TUA6qDV70H+t2RezZBMP7MLpL2/OcSEGr09eHAygTaXq8EP5AJlqmUU5EC7zoQfrA4gA2tT7u59QMsoAufsQBsHJHew/Xzo5aGNODh6UnVwyo/1Lwf/vfq/ol+0hNxPD0M4931++c8/3Uzv3fL/05Ghg52UQ+EOgX/c1s8FIDEBzerl8w6BNak4vy2/Yfc/pZDHHJCj6nE5KzOkkPacTNae//bCtSGqGvCkTRJaCaaJ+ioadRxcX7HAe5OnyxdAeHp8fnB7vHZkgy6f6XuhDsXFhpYFe03dzGH5mWZyVzB2KJecw5LLsWNg2nHqtUasbe6PxHoCQuNxS5fr/+6//ZC1YKMpSBhsAWQQNDDmEi9GQtd15nDhk53iq8FjP3Th4/JjaDlS3SUPQW1dzUsEXHqS6Q+0PZll5YrXIsTkciCe8M1ug230W4BcBx8ZilrbLAO1KKHhjrIOGSspemAqqsBTZoOgpTzR6nPl928lyheWNgJiWaHR+WqLRyxLDnVgaHY5oUYKPV4Brc6oONq9a4FRGJvv6aPghcVFSEPk97ZKrY1Pyt96qXJn2UrbshJjJ8uXZKWatq9KAmpoIBwAWGo0Xk8mNGj2zWmUtZWb0Roj2xMC7BCGFPeuU1awqkw3KUBfN+lRyr9JGsCXrm7F9m5Va0suf6l26EGQWnC3mVts0IkfGOI0PnX0ijUjEUMvmiX0raRvRTYqhKGNPFswMjgF2p7QUEAQ+BGNk0mwhIKstRvFcjd0pWXJ833HJQKYPW4XfqYgWnDDd3jBbAEtLTA1wUIlEK/OaCbykTYwk2rHRO3ipOp8AsYt8NquKen3/uwhnqgh5BLOfhb4fTHfwT3SZCnwNGOxtIHQb2jNm/9qPQiqy/wg7vbgiq7IO3h5sDBn3DfDUyS6ATO/lCAVlUbSe9UYHhXVpOfEWMzyuYvFiNohi2LB15RBesuSg8Rg9NbmXCcdzsZvj4ko506T3tqYD9oa3GVPYEQ5SfgiarhdNUIaIdxAF4h04kHM2DVIYL/VOWXZ4p4EV7vACqd6/Whe/Whe/Whe/Whc/pXVRkcg1zIvJG6/cabz9Pws8rFOgXkgBLp3vrviPH9jYsk2FbDEZgt06+SmMk1IDcxzQwGoNTZGnzyoWy3LWQxZ5c82H/PNX++G5bjvcbvzR7YWarbD0XL5U86BmGmx+MZaz1ayBmiWwVXYKbJv7Yox/muGvXWYKICUF7iSDRPZ+z85PD/ZeQ9ed9c2IVt1eJ2akvlHSHCVn59gTMec+MIFAOH3mw62ZFo1jZhnKak8sPZAyLTbzTImrK6cpo2KWD6/KhdfiwZIhIjssa5JkUHOMjwIhsc/XmulmVXMQGgpXy95EpkVEdqsdEUGjE+mI6CAhI7N3Dm9RFtY1oWD6Kh1furkAgeq8fH2k45YJ1epWV06LtvHPevF/NnKhPZyGqGaE/8dn5yfKgVIK/sOfbg9++MEK2J6zEY9DVDE31gUwmKJZbZ9LVUSL+DnFvhRZMAfeOHBn3C6+/dSEdHj40592hoI35cwwAczhEUU1+buYGA6/mk+uvKIwuszEx+rwayRPhO4hCwBZtgo63nNS8kH4IEZcak6JMrDO7qyS4FqgH0Odc/9yl3PTFZ1PMjeQ1vPnJmSCWSDsi2SgU3uZmc15IkaoV0TE+AzmFZAhDf1Db7gmJ7q+sk/oFGS8WHq7ioZ0DSfflw8p4TI6rSRx7nx9IMZl6VFUdU9ODa5+Fe/5RPCI9N7FccWwCYTXaCcO0c403U71UeIq0IKduNCnYkFWwzueVem98YOve7Pi6Vp3b/ygYG9eROKSXu5gsubarDZnwVYo+VXgf18E//l1NArjS5uwY2+UlSjWIPKAy5fu9CLwRdXJ4snKJfmDThaQY/lkbadOkvfMlLhxJVYtyHt/E1kCJiCHL1uCZ8CgwqG/qt4OY2c4i94HU0rXn9y+KQ2NV132jScoxMKq41HSBxzoKZ8ZTcVDy1Zy1w/DqJtTW/ISjDvH3PVk2hcDbnOK7mj23tkcufF8KwFPvYme9y6Agzejc9B69sVbqRW0nFrdcpBraNzxRsNtwLgIDXWxDUFKCwtleC5d5L2+O8ruDa3odQLEexL+H5Jd1s45awMuueS7iVyZvIXINAvGwQd3OlfFdg3pjOXAJIsf4qDU7Z8+zToEZREB8Rj3mnFhFmzjaU54FAyr2j4QghBVT3CeATij4QCbD8aEidq5TMxJuCbauVrM8MYQ0+pkMeQcL4R4ffzginwF5KXnZRTFMIaprqp0AsTZAOpr6d6CBEpkDcWwo+TsmWrEOzhbPM3BBeYICj2azubWr+oNCg2qYnoB6Y+gQJMBO3huP4bzRDzD0zePlZHnBtXd7eDjFYDLCYIvolk4v5ysL3WsoZobe/XU6dbr+VRfmaeEBQe1kjWovp3MZ+g6PvTD+L4UmuXE/43r+2w6XEX5Em/dAYhXYvwCEA9lgQSfr/EpRguvT+FVBKaQ7y4zN60JMsVtFamHr6KxH8sUvOyKxpQpORmGR1rC3/gd6YzlSy8333EX82gCh5fOIh60wcCTDnLJtFQ/++wsAU2T2DtBHsk5Q7m4KTcyjVbCc+KCVeSC24qzPlbxn+rRgL04NitCMthS7ihb9gGk/dbZjMfRNeYbucKU4jQOQVfFBGHGsNkudWZOeRzCqwB4bFCr1ZyJezMMas7zxVw6jMAaoAucWoecqZ+8OTg+OzuCqZPOYJ0/XUPGY9sCiJ9sK5CAO9LiCLOrrrvgaa4jRIkSDeREBtHalnUtulpSqViD9PKW5poXBaNVWZApFbBkfHb7LEkGtEAoFazC7w0pDO+UVcYy5oNAYRbjYGCkgF72DpYWHiiuViC0FYlba3jT8g0TLtegQGk7JxWGnWmv3DgG8dbHAGI2U0tHYYDsjfjRQkdstt1s87URRII1UGA9dVrNpbOJ3fH8Hiaw+k4o+AVkA4LsqVNRYv4OPrE7Ot+F43YYPHZEVC9yRZY+U76v32Y7Uu/jB5SxjIM29MU+7+Zw+HlhH+7FLYfDbmtcXRtaWAw+6GTIQ32Xfv+ZHJn83MahG5MjmHoV11TIuTql+DaBkFTSYTS/VE7gtCGqhzxyrBoccKR2wlysUdVZt25ONkaNif4LmxKZlEZDQw0v6lLrjtBsR6S991RdhLUEpFt7+hcivsrDFMwoEc/UC7YjVhjRfgCSDt3D5/pZvxVHRvG05E5cmwhbJvK4xX1zTjsnOJyivLK/rPEDwEHQXbDtwBMOXdru7IsVWmV/9N4KZVcOqrBvjdELLLvnTneWhVjc03rmr85khSz/tDTpxf7DRacsjUxZGpWyNCJlaTRKbiTKpnDLIPKcEF67oYNTdMjsF/g3xqxZgnBwXS3RLMBJrOJ3bixM2TiYO49ZIaprBq3kB6wI6qoEVgqk4pe09Ipp5lpzKtRnIoUQUu8oNJUWK1KRwiH8b06VU6R8zlmilGONIZo7qexvGRDza0agzp9fK6JAx3z4ENjjQGRWFHPOiMRVxy6kb25t5RRmEF5AmRnkhBfausir5FdcEaLUwHr4pP5yXm7E1P6yYUHZt5QblJX08OvIpslAGiu11RmFs3iuNSvcS97HydW8YJu2HsuhhNDLephMFc6NtiW0AhNdrkzLRX8BLb0iZVj7yDxiQhCwvVQyuR9NTRIxC9JbdVLL9hdAxO+UhCcfwVabcxqFmDKx5ReDb4BkosU+zmIAR81ZUcDkTvkwarY1req4paEgfdL3q8wCpQEBJvd4SYuXaVDTLU6WtmA3y/wZ38VEnu+Xzie55jqboxVgi0lwWPBhicqRdz3yjj2r7poMRUCQlsm0qinABSQvVelB+FZ9IJ/bMhPn9JtZiqKcmmfBXIbHG9cqH8g7qwayjhAQskLIGV4CoL6LooiK3aMbTfOYkMAUFgo/VA6L62sT9XZyRByV2M2N48VEE4r5TgNJ6f8Fs6hisS8cR/PgMUYejH2OQsXuJ4tYGoGTPbwMxzIG71v2fM1KT4WxprIOUPghT2LiCxRoYM9AayDt09Ry5qSgzU11zn2FH/B0kiNi6pfM7cpyZHkf3Niu/kAhCKc7E/ejyBi3GW9JoRgdONO3bswlBTuPTTlV1lXD93CjRqEYOtOz6AavDlHgvUIJiyL2KCUhX3SqXhdXMuzNG2Ol6zneVYa+loyQUU9LkUjlQ/Bi1Ekmpt1ywG+zkIPvRA17SpdoE9m1ThPUDnNxW8PpZCZfBF6/D3KTK4v7QmySmwNU1DiGf+4EGaXl0qa8IsKJ+iwURvSAg1ZxC2KKNqqaRtdKrFE8h2aNjEDkfoxFsGSc2MZohiUCKt48//uLl03navjeHzV/N9+n6YOUeFl1HqCNtSoKUWMZKwxEz8xLfn6m+Fx6lZLau1yEKr50G1vanZGQNeNUuCe+FsSPsQbkYxFf9Qoe1Tjp4n0imbJ8ZAZMY5rc21y1VTZUwchFeGxBVrX1aqiqQhI0ftN+VSyozEhcMTXRRIKkHjKUWsozKGHIvi0iCwIISuEFmkjpb6z0gd83zVoG8gO94UKmzYt6l4QjTx2RyVgN8K75K6V+1h9gWmdEoUreWD+/2SPjNvzbFFk8sYLR4Qs8IRTyDkhsgUHcKGRgaKVhaCEMSsKz3EvkQXb6cr/Z6/dUIc92rcmBgo0qVowO5yJ+KdZ8GstNsV2t97uWYg58Um2zaqdn1cZZYcHiPOiBcKYrCalhiBDYhumkh+nYFk9eSuUNrYu7IIDAiXz37Gmn1qnVf61QsavLAaPr5lZyfMjIsk3rBEuEYni276UWEvyQIvBNRgTWhq3kWTqKXkVLSbzkzcT6wgQ4eTHfuoKf3IR+eBAtwnrmfSPJn0kMbYVz5Of3/J8o62yj4N1UWSpk0ZifllBrKcAPLieuZ1zZILjWoh6Z1yjfLjWnVS7/DokSEomXvjZCqWKB/8cdXNKIRHVqsnIkFovCTLzLOuM8vv+GzppPHPj3u6fiqD9xHj168O+ly0UAZWBZLBuW5/EvnMeSlgWIQJ2giA7djNbEJWZvlKBhRqhSdepSHimaRJ7ZED/FpkNtWJ3eSMFIY882GalK8qINsjyroqxqoAmsReKmiJPBlCuigp7ldiNJCi2N7yIjOukj6CImxBZ2v4wXQBrZDQxdOEWa7ZDGgIUKRb7sJNQPSXiN/WbSfpRmcGiM3kN4o4D/oKwGcMisJzHeV06wbBjo97KzaDJBin51NYtc75JD66VPm3TR5IT8eBF0Y7pkTgMUtlysKT4jP0BvoddnVyKneuHt6VH27uc/GR8VP9yeXMwx4LPmLnZo/SMAivMjlGz3e2acPZjnmIzH8/BDoE80jIVGwI7R6CmKhQ41vVNuByaZoQLmWO5bpCg4O3tFTuQj15tXUxXMJc1NUnUzhsTz0AynKNr5qszhjrWYQMvEpOnsaxtLW5TKv0+Z5sM5YZeCQmi4n0q6z7/6LKVlqrVKGpiFftB7KJjpLdICviVFepG9pcAJK0PwtdeEzlpUSc/0mso3Uybqb4kSeQbkRUDY/KPVi/KOKVHOq4mlXUQ+FkCsx6HkwGw+oIJ0j1OnvWQswe+ZrthvR0VzSCX4UvhpwxnCIIy5ymLE7uUR50fAWql+SEEeUzwqeB0Ap5r7VCBVYssErmfhfI6WTug9FZefDMbDxAnV5ait+XWYBFdk99Ji9cNRHj7UbkUND2s74hlx3OLN5JltQ8lE+DC997aWV1FsNOWggncVeG5UsVEvsMN6lgra2jJjM0orZCCl+grZH2gVAYj86m3RLLwYMPjYMEdSeYCmvqfGGm4XtadxcY7PntK7heIhQY+tCsQo7Gx7eSueiG0l8JNfQ88EBcZaMsij5a14h3NByVlnY6+ltBl+qCYbteX8S2MFeftFqMvvD2YBNPcC0U8ygtYpKgF5UmwGqSWJJLpJRZxyrposkzQQI8GmXPwwSHouAOri6LffeOFVASs9QqQQCUsPVKi4y8/qDCb8sFSdW74PeRVpCzZE9Z7gBahJJvxZ0CVmKjzEGXCBUSQM+M9/G/tbNDkdWTcN/NzWu1hy2P7bQKi1KYAsPbwCjprzyFk6b8ibDKc3b/HKzZVGMjbLvMTKW5/tMuuTTOVR2eY5OGV5nJF88CMJQj6HKrOqeaSLdQVaIvvCb9PYq1NR6phNAEUdmPtEL+U1FTzYzlWsSyfr4CWDLBM1NSInHQXsspJezElK7PBGgaSSGctkZcsIitlxFupvVhH17ly8z0yucOmN1iXUIkMlyihDSxWh362Dpb0gsqMK7w21wSn/WNt0uclmRSyULDSf3r5iyHIxb0WsM41Xqsx6WgjXr1RLqwAFMre60kqUkzVdo7Kl0Sz6AJHiMlwoRWvE8hnpoEswniUGQ/lZz3uJwPwYzbSynwVK1R0vj2QF63PfhJvYFlf8+i+aYW4XYvaFnKAc08gTrlegkzRaaiMQOgDyDtEg442nL8RyNMBJyY1PJF9qH/i2OrPyc7f4Q0DfHocyM8I3tkBfWWuKCWDZt/KIgHxI3NGdB/+IYCKwG8vpgPwsvyZRHI3skmeX4WhunVnpJbOdCTxqpsvMEiCLhf8vFl1Sa3rHm3k3K/upaZEagbP92yxpKQW0eKOyqJm+7OORtjAUw9L6VktViopm/JHxs7NDkYRjjK/BtCrRYk6RSeE0viLn0+GNDGyvxPb3TbOz9yGuiRfIVQuvdT6EwfX3o6fisbhN2qEccWiMbjR7Ne/hh6eNWqvWpP807godSttfqbW0wS6zvRaTAR50tTFtRj7LGqxk9P1q0eVWf3SLLobrBjUGYxLCtsN8hdGgqtYAmYGAQfyprFm4M38MW7FlAdYwphnnL8Xsbms+K2s2K20uK2EmK7CBr7sGaxu7Cmz8X5KlK/2oDH/MxuvQULfSMuDlP69+sWRy9hVM4WKBoptMSR+vVijQ4eeWugWN8ifXKm6xI+aES2CZMGeseIkpNqq0GeGPpCukMLqEmkDt7l1ByA9HNMQEO9oUiqLp0Q27a64h3F5cMVjuM3g4UhuUdLolY4SK3cGSsCDlb6gcwDjFrS9fY/LhLADdVBoV9A8L7z2iqESyjFLuYMnqJC1S/mAZj7G0P5h0RdOXmptoR2BNh7DVHG6+LPcxlV931fslmVfYer+kEucXQKxn9i3lPnb3jlKG2q0n+8+0NN2eZHr20m5PGtJZe9eug766PX1VktdSknUkyteRc6/QkxXKU5Bsfit10rXW05lX9ZB64A1zvGeKPXJytTO5YPluQMLrAoUcb8jrNyyxbgDdsJxPTyl/nvU16zWdSfSVMXVs02dpLY+S/K6W697ru47k2YbW9hyBk3xNQR4c4eFdzjbrW5byheYWcHCAg2La/y6o4vIsmljiH2SOTim/1EQOGdHN73YT9wbll3TnrkwuLONPNv5Z31CxAfGCyy6nAhvke1MQrxStqW0sk7Nxf8l1Qd9Pm1z7yNk02YutUUo9Mb5WxSIvd8jRSeFE8PX0IdDkF5M7Z9Hhrlxy1hOZcl1yUnlQvlci42Ka8iXBsFDbAfjz+++IVdX8d+yiWMrFpqw8X4ZY3IJQOO9qtdqvqdX4gk7fEsckrYqRapQr6n4KbyN978v70xjcUJwAo758rkjy+dyNipSZu16ftC23aBlKSRy2NZb23UIz3TKno7u1yKk1/iyeREU7bLPxJ7uynql/LdwgsO8APzKTyjP2l5tlAprltS/WnUgHsrzl3zhZn9bw/9lR5p4diu5iaT81RVIjpO8ICuSAwp2yIGeJqwK9+b3fGNhdim7vqFNEgqn1PTjqlBxzPUedJWbKr0ZIbvXVCPnnMULeveNO3pSKrZeryshklVtmjSz4/Y/p+FPOMLmO909OP7c3SaYf3ZWPz6ry/9o+Pp9divvq5fOnlvVv4+WjT7gMln3xXj6fXoL/47n52IInTVtRsRxrcfORf96Nad3qEfTG9Z0NTEUXzOONrOcNQS4ye8VUxBf9WpK6QPQtmF8HXDU4nMmKc4HvvBPQ/aoJzlhdgCqrqhEOR85NtKBq4irtlOjcSaqUayXGRZXKaWWuahzNsLKTzISMTkTDwIP2sZYHbB6pEdHmzQnGMeVOHMmEZ3jLZOsxuypvkvRcolaulr6z5jhnCCxMMtYSZHH/i6kfxOGMto/zfAlHKLx9O1tw3mnyZEK8C6eUw0uNe03pddV2UXIz/T5t5k79aCIcsIaYsygQOcxVqAwM83YqViAOHNEVZVTDbZiF8XuC6OpKT4/mXrs3jnfpzlyPkg/TinF9C9yHYSDewWKa0LTmbALczvtpdB3jCmBytxsBFuUtJpBhk1yZrFVlmlNDzmEy8QRzGvla/rMSRehE1VdLJdVSKXitdVg1QqUdQqO8au4JexGpfHditUsVcLrNHOxLUDQJ/U7MOotzzP5PVTkCb0Fp6jQ0jJHywzZyuj3XSdiLKFmenfEZIBQi3KX7Ad9oNbcRPZyEiGpMFFBWVX6W+bSGAbwZol2MajVfR1oeaQ/dsOIp4qNWH48cEm/CYOxrKbZEQqxs7r/vsJNn6it8Au8ych7Mwn9PfTcYK89XW1A3SueNbmKlW/X9Rjf9/nc7JjzlwbP4lma6S3YZHTOj8WIuir0TLWZiRVWp09vqOHvjOZCBC8waGQqnT6zLPf4QaGnHMAEjqDXu1LshQsilJJKtceGAUGUqFxOmTaj8lzuXVM3I2Fhmp8otcpk9Uu6ZK23brfbtrodUz3+Wa5nZRkkv/KrgCpyTjs+KShXHRwW2nDoK55L1Vfnkp06WGlacMMpNKTN2Imr5i0B6BWN+SmYpuXU/KrHDF/iOO8Kq8gEVEpZCCDTbUQOKBaTqxhHwWy4AYp94wsBrlLx+ynlPjfW4AaAnLtaMFCWJLPIAyBEChx1gf9VyQ1aFHzSWpBRyh/Bc3txyouG/YeJi0rGctetdqkH1yWcmXWVZAc5TJGsaUz0HPzMZx3lJtccALt6cKq/BDEWoCZYm8s2cnZkpsWO4LHNF+wzCUARzwvmCdIigI9uYYe0zlDSAS2iJSWMpLSU1W0h8oDzpAP1kK5GAlDiVcJsxSHBj5IlwJhYhsSYcg6pkjMP3GJcLeMaiBnIckO1g9Sef3M28RDX6FQSUvG40Jn9PdVvSumMJESgrPCi5My06IKtYLj2cWySBTx82cCfbuQQt7nw/9d5Ke5CtixhpV6uML9YyzNGSXJMWmbPHr2FTb1NcxixcmqmapFUtNwI88vY0bTmeZjcTqNFsEMxm0WxzEwgaFWMEggsDB5tvXr0Z/HRwenZ4clx1Kp1avVavwB/Pnla2HFD6B4PXB+evTl4MBqDlDwYv3x7vn0PTwQB+rTkVYB4Tczlo8g5WscSyHfSNEWmr6hwM3p4dnA4OTk9PTgvTjWuhQ3+knTAtMH+KnThDN0dVu2kz+AiCNUKd1Y1PsDwzVYNbvUbz7bbTXprZRhytNYOT/aP3MB/+n2rjLBsg9yezlpuzYAtl4ipuojJoVYWsLGqOippjco9RABqNF/ElFesSJtJE36Li3ptYvHtrDcyQe6lC/LCaOHRINdxRkKM+FY0XKVvV6/ObKyydjmIZCp2X7hUmNmGRmRNdRwALVgpACQ4E40SxZ07qcC0ji9K+Lat9ZY/CtqhwZ/tlqWSmtX2JRVqd2WKKkFmLo4tSbxEpMtupop5amKXYuvHN42RFw1gupjsGRUIa8Ta/2YKxdhIh/1PIOumlVE/1VeSHK4i2ZY57vsEKTl7gzrj32PD0NnzACe4nOV7kyx279a6MavJZSar8OecgzbVO+SYab0TBaDSuYD76eN0znoUp54C/TvD56zHPHvP0S3/Kk/jamOwa51EvxmAJsBXif0orESXFzISxllrnWN7Acx6ICAVKiAV9cvUssyl+TEdmfPL0mVPx5rNKtbAx1ovlxq/Np8WvYcH77GvwdMlrL+Volak3Gi6B7eSlDbZjeFz8Ht9ipt/jp6k3s7FHqbChJJ6Py4sPMFFZUe34Coa96Jv2TtNqf8Xfc0J4JCrc04jmmBwfwzeScFgfBN7QSdFgRV6njto7Yv5LTAPJCPOI7lRdNlSqoiHDWfQeyCQiQLqWB4zFlD5AE5cfZLqk4pl3UctkaVx7UX6AgNzKVt+l9BGzIINhevgdp0yuIXwbmY5z8wNkqgn3+j5HKCg5w6LE1hS9qgXQCV+uwJ1vYpyj+jHHjbtIoHjj+qh3x4aqa/9V8FZE2dOzPefN3/fPVDUpNPj67gxaJ5feJYp8UcClGi0zC+CWyg9KeXlkppq+/a2yHAHjqHLLwf8uQJPRLuoxsmvN4bLi9kgvqiUN/CREUTdL8ptwqJmWtyRVTm0WXMDCohlajYhdyyGxddUB0cejouPopTAM1NVDCfWZHTw0Lm7aRcwkJHm2lHIWE/IksScieSBwJXHuyUan6nZFMX17qSrRl2X38CDWrdRFOcJYIqZzPcQ0OwFFIqvrs6TCnYSmVJobZ/M/GZB/39ooyClidRZQgBs0QFts9BiwxHniAShYPHM3xIKpeEzhfyZef0SDcAgl/rVVaL4gv5GE0lgzB11lPWOSYn1Y8zlIDkVCeMIpFz3nFEHqJgvNWyqNkFGC/HoW6d4pqAlR+RnZmqdd7mh9soMlnLTyc/wsOzY52G9ijTqiVEMam74zyeW20/jVdmTFi6KCD/75zEbH7TBZYqqzSCiur9X1+7Y8dUVYt48aRpxYulJ6rtkOVm0HpDO2uZgWMnlXidQfNU+6QTY80fiONVeDQl0VtjFlaZN6u+ollFfUUmvD9/KU0rvVFUvdN6VUtjzNTlZvUAqVlm2Z1RO0p6LPpfqCYUT4BXY2VRoJn6aroaaCsZNxtBis5eNIJSQ7TjISSIhKssYyfGNRh09QHXj6IPzw2GhvS26X9YRV54rD/z9sIePK0mvlphl+cB6XEQutavQSQIiMqRMmhuMwgUz/lmdVysVRbL1mkkiu4FnSryW8pn0cxNZ2KfJqSrTy1+hKFKVFG+kFHrZw6gcf74oO6y7tDwUIVTEGLGbDciZ4YTUnZPlWXb5obJqQEbPNs20lTeeWRev/o4gIddB68Y+T0xSnzCy1uDol8iHKS5IoE7LpEHsAzci9AGEo5lZaCocdzRMPWO5FQC1U38mPO/pboJwicKhMleC8ljKsJVLzpS4EP6R/UTgz1ivXl0Ua8m7PxRw9KPchB5AJDpZFGY4fMHJJrFD+ZrqYDFjxwFv0cYR3XInUlsqZ0dhCy2RONEY2NkLr/AnXHs9YwAF4a4LmpAh5WxUh1yYAjx7BTzmGgWBylQq/237w7yo0twjOSdoNeCs3UICcpDf++fHlS/1/G0X1vHMjraCbel3/30YRfPJTVF1cQrd7N9D11oTOaea0WF79HM40enxvouRKxeqpwjllrcFtKVtT0JyKVveeugN8bmzdbjYpy1WeRiVpbRLAsuT65iqYAcZPXFDbt5EpTQDJ/YQejCg+YSdDpDSWGc0C4c9PLq94IzODZQ3jOQn4aJQawnqoPrfRIpbIkirmQ7+wsjBfeZVIIClzHwD3IRhjJIPlEgU/lisu4fuZXPegiRM0BHsH20vujpHT5L2YvofLXCGlXkjunbSLwioL23hBmnEVsNzN4Of8kpRTTDcmAhlsy3DpxnivRpewrvH+aEE+zq5/07yIdG9Vqi9vv48nJ0+jF3LPrNJ+BR9dtPFWpUsHDUwDOOTbgdYy411ss6NxANgpbzEmAJCzxwvPErOCn0M0c1XNGzze5qpQ0eOraBqHw3CMrpogLliWJg8TQEyAxjaExZ9ch1V80tUXiKoymChzBox+HXQRdJ3NkRvP0TFNkBI0iPPilbmbExAen5yTKygdRWcBEE5CXLQMBDGMhzeTwSSa3Qi32PibrRRgU0xcR86tGOISjbD6dokTVXP2OJwp1d1VFE5JRHMnRBbJKZLcUOBVmX5rFmzDuUEF1b7D28Lr2A9ydg9lvjgYj6rpVRZWGiniaKuCvaWbC7jYi1dd3EYzP5g9TjUF+aRe/28ndkfpGYtfyGdnHoqQKLWhO1n5UL4m748Bi4DYdR45I9hRPM87Y3d6sU2+zbOFN4/x6mObNOmYtjUcpfpy1OiM8pt+dD2lyKzLqzap7iO5DJi7cBZ9COE4ZgDC04qbsoO+1XP4H33BYK8ZG93xK/tTi1Naq9VQ2d9mEd7bjuc3gBvbtHOPt7NTfgaKCawVHwMkW1PbSjnvpDW9Ki0H6I+emfQ8ccUfkfd3wEyJDNQ5iANQ/ZoBi4/I9jT0spsbX0azubMJ5/ciinw8x6C5x7jPeYaQbTvGxmLDB3xytV9figMLrZKDTSEFSKQz55pQuZYB9HDKshpMnAcSmf1khGPVCtaklGtcdrRzPZwFqOIspAAbZPx8P4IGrNmHwE8fJOKa0C8sKUwu9eLVLBiFH2XIDGAHI58HAkgamagfpAEgjHCUAbyLQRseHUBBIGoycA395kWWQrRQ8ZuoMwLOW7sGkrApYx8CJmn4DDkqnW+JrnLVNJKD2fWsC5bdSnHfJyHEjios4FWY3eJZY5CTISvSLJiCDUlJrtBQwpkx06IAU1fSdkvozKv4cxgYnNFZd3bQhO+aCCyInuVYIKboh8A6RKp3lngwGlQGmyAho/exx2SqcMBs1k7uhzfdBtKcY3gU32Q5jyNYHkvZJCt5sv3aGCOk8FvCFVoGOG8oYIwxEBUXFDEn0xG8wdg8VnTVmEXVHELFCDG7wpWZy8ifkOJzQPHQbNT8GgY9guDGUTpYP2ESbIuoa6+KPYiHFhf9vJkXGuA5WK+sQpQcNosctq6mUnSerC8gZ5pdMFkQcfcD4q3vCEkrbKm0YGyKxakARG8xo4BRFdQ+ETIWAu0q5mKHRWNMMmusXLOquP8W2lYSWW+XaBkqjJqZx4YsjNL3FTqrCNXVcBdNgLREPTkswJBqjG9OKdhvZGitEupcWd3sjVzOdYgMaPIIrd4H0nyKUxNSyvXlDQw+1eeIXrXOO/wzcjr1//5VRKC6FEmUgxRMNCTrjNn3MBiN4MCFHLGKI16AMjVLMe5NoAcg8C9YTAC9DEVKDDVDY3dMbCZky2PsPHg/QLvw+0HDATHP7Cei2MWpRfO7wvzXmN3i3a+oKy0CvK2Y+YhVvlWj2XbcDxFTZpCj6xXKXpCIOrBV9AQAN+NRUsjEoMP2Kt7IuReyKMPtBdXK4j/MCJB2HEVXOUhGQhn+DsLJDCQgdm5Nwv9g7tt+cIUxh9P5FgcyxinMlzNWm/3o0YPQIUMSLj2qMZImhiNYkmDuaXuQRrGhG4NSRYTBnYH0NgdEWMwk9ieCicR/G3HD/xu7k6HvaocaFglI28InRQK+2slaNhr40fa9fh7pY/2WHOcklzWf+IGcyWNn7c9v5li8RKrjAWBsg5kQOnptPnDFyolb6luN9Z/1oV55LPwcHp8dnJ47b169cfZPXhw4Jy9vsW5LxtK52bsKmp94FSu/Psm+D9KClEfID470n/JjrfQhmQlkrHgYfawEsS4sxcwRkOTd2Vj4kXli8NRrEr45w9uOtcrHMpa6yWAE37oz5MyZF2my8rK+cn94KD93jvsFY1lwX05UYT/6gwq0iIMrEorzcf/2uIEon6Q8opxcgOUP4AysMK8VPsap0gygJt5/ZpyXH4xdcgn59SRgtzgAS+aFqryZqBW1NC2t5x2OdaefJWPd6RlbtobGGRPYxdfFdMiS8wXS1SY7NmzhylcTT14OXnt86zVEd3bhYxNOc7xrys6rxFiUXYsThyXuEDCZi2gGauAEhTom4ncwlnZ0MZ6voPHtxyrcUmmXu6OxAs3rRDOyCdU3sVp+UedLy91Hbg/TlQhF+bF+v0W3q46VrTB1f2Pd+adQtpGS3p9etpET1WUblQ8xI9usMFbJz2eXbawyfSl5Q8uEeRt5ey15Y80T9wWcL/n5fPKGrIpmyBsSDZbIG8vHWvb5k8sbWv6AgsZ3LW+ktvSO5Q1JD28tb+gFzG4tBHxhMsCaGlCpse58Pjlj3ds4mbE+pQ02L1kjfM4CkdxOu0WUd8/GlVWFmKX+6tUs8hd8pSEMu/qRrHBOXvIvQics+53QGV1JLig3g+GJYMm3qV+wpQLwv5VLrJsq8fvTZwk1x7AOvNgUfv/2V6XWucarkoGs9qqpKNlelfkKM6+aNC/1qpP3qpmLNA81ctwRLFf7d+djwK71e7ixxm4v80JIe9dv5l0wZi4W1eDZ+KXcq2AdMotH/lLve/OW3UQLh6Q9icGEwI7IU5FrkKdbjO8LLPb4++NUjICO64WDKMvnVs4gqkHOIJJ1Fg2iVJC8QVSDzCBZJMeRjUNFtWCKzE3ai8aRyryYlhtTmyliZxAFs/eW8m5bc3Pkt8iFQEtCbNA5JaYZr2hmnW39WkLL2eTcZVFRuZ7O0xTm1JxKtjW9MTAqtW5s5FWQGchaBujwtf2M44cHedUL+BWl+gzMCl6DbJy4/uGwkoEMUhlQlIrZGT1+9NSp1LRzXKssqa011QJOBiL2eRBWM70URB1AUwMraznrml5bIUPaG1trguNHSmxaRzldVKyrKY+Jwgf5vQAf9MIVy9FBhZIPzKq+A1XQN7W4WlHfgUzYkNnFzKO8qtq2pb4LZDN7+5zYZpCyYmwz606tjWzigIv49EE2YXwayBLVS/BTsn7sPZKwpfTI/pqo/cPromJvc5trFablK6rCtP0dvXaUeP3dhgqw3lhSMeqeyKWYTKo61pqInJ1lukTW6vNWQLLZTaCtUSl1QKVSV4QTP6uQeW2xslMoPIryU1B/izsWtZ3EFI0iXLZBV55ymlMNVFmuQX5drgLIl1eX/KMg7V0j16qIpfZ+KRLd+R7m0yqxHKXLhhF4KfKJcxoUl6WjoQaygFiafFvEhuWIkT0rOppwLbFBUkzM9sJaK3kb8a6kaFeCT5YU7ZaLUvb3DD65tARwlk/K5B+r8ckE2vUY5e1FPTGdT84py89cQfnFsUp9Dp+OV+qjrsEsDUH7c/HKLxBv/0jM8m738F54pVFmc0VemaLht2GW+mEpxy31N+6DXaZLWaY/a2uk9orG96iRrqcrroVTA0rB8bCkGsuvcNnoh8nOwoPcLS1RUp5hWAOEFWvHP1hNcAkLRuCDRTXhC2cmq7qzpBrFhZOauJhaKmsZW/YmAyOrwGM3Jc5x6Ii2S2miKLdeqm3xvuBnOT7o8NlLk2fGfFS2LSNAIXzlLLc6yaMcT2qrqVDzoIAOifnZUt+Irowy0Kpj4r556JoD9vVlOA407FjdVokwrWT5Xj5r7Phft5UsMoptIZgSi1MDFMOaFZxWW3x1Lu9jmcuscuH01B0ZNrdtR/HqF+Evdc1572j6q2wjvVuC9hed95z9+EIV6/U03jvg9suUcTGL++T2q4DwldtrwHzl9vfP7fXze1/MPkV260x5/4Bs/7b8iGpB3FomMPV3YmzQcwmRZEmjr9JDqpFloe9OgrD0VFaaKCUcfCZDwsknNyT8oa62YdS/2KV2iRkr8MQ5L7b3yc961nex7UvNpNzamEStHGx3YqanAf/il9mlsWF1Y3lZLEgtaJlTQ6tdDHOhQCawo6CLP9/1dPqklbO1U9M7u7G4c4fDv+qt9Nos7gu81vvK4+yfz8rj/kx30F8Ej9MX9M/M4j7rrfIXxePuS/vjwqmfVAEsezBW4+8ZaO4rnKCsn/udb93OTtYJ4Pl+auvyK2P8OeJtDLcd3Qhgb/7Zw3OQ8hYS9E8bpHOXKsfXEKEvMEQo/yJrlQNyVyFFdyba3yq4iKSfJRfxvGqF97z3dahMIScXzs8SC/V7Khp1Pz8dNCewZVgwxTPFSruxLLnqnFJZmHmESW6/SToVb6SSt25WHgxkWlVWbqvikFaqRjQznHwW/ES6kadwygWV2sAEOhUUzjROp9QH/kUjIM7vCgOtycRfRWOfs52k8sHCQ8rTsUl50q9D31Ik4gBz++jR45m0uzKcfDSLJuo1W/GGhw8Lc4qrd0Nc+miGBXIUYM7mN1tVTt6CB38WUFbpbBKFc1UtenvoxlQdCCsMYoogtd1UdVv1rF5dTMP/DTgLNGb5xooQU65E4c6dceBigVBCHxHNrF5Mopqx0BSmt8ZCI5xUOZbLJjK3cw3eD8E4mS7Oh7PqcM+WRXauAR3FOluK/C3JA/CQcgjIx+nY/oeDi2B+ROPJvbCVKMXyDqGXrCJeC3HSCVtlRdUqwUv4784ObfnO83F0PQrjy9rV5dV/IcYytn7rvFnMgm3MgBRiim7Msa7y/qt3sCE1fhtjMnE6BZSb3/3ghmPE5yodaHeaVIYyu6s6Eazx7DqMg6Q3HPVDMOOSNW3qoaMPNVpgAao4Wsw8WVI9FiVFKM80NwSm+p8fALffO5fz+dXjnZ1gWrsO34dXgR+6tWh2sYPf1AIMNplfbTk/y0aAN7E3C6/S8/5djfEKDkGFSkJTrReRzxzbUoaRSJTmACwfh8OZO7sh8JIUIvDn97DwDC+mFvfGCz/YrGT3hsnKt7Il8jz6DbZ+GlzL/BXi4WZO4+1noihvpdFstTvd3V6/bv8rPZzhL5BUcK24QEkb9WbbbB54l5E+qsyooT2SeTi0TGXch/O9WBiV/oO7PTrcPzg+O3jsvAlmkzCOBfVAMjS8cS5mLlYWqgLlC2j9vUt3doGZ5SOqtoGVFXATh1icCA8+UJ3o6oZ6llVB42g0vyZsQpSN48gLiZj6kbdI8H8UYuJ8SuSxcSbe2NiigfyA0mV8K1PEy58pg0K0wDozSA9VinTcbIRF/kz1uHgUKlAUXlzOY+qQMalKMFcxhUM4wn8DmiLVO44vq1i6GbofLuYB3TOPQy+YxnwEd6gI85jBg17CQFFDCSUfVSz9hAs8F0tGuaquL6OJOaOQ4RoBhYGhudqBH8ES0shUwGPOmXuSUj8g1vghUaLkkCKPcIfRh4CmRjPG6iYAuajIhVWnkg0XP8WXLtc5FwcGWQt1h4/l7GYsLgJehEB2sPY60ZPUrBOqc/7qwDk7eXn+897pgXN45rw5Pfnp8MXBC2dj7wy+b1Sdnw/PX528PXegxene8fkvzslLZ+/4F+fvh8cvqs7BP96cHpydOSen1N3h6zdHhwfw/PB4/+jti8PjH53n8C7WYDs6fH14Dh2fn9CgorvDgzPs8PXB6f4r+Lr3/PDo8PyXKnX28vD8GPt+eXLq7Dlv9k7PD/ffHu2dOm/enr45OTsAMF5A18eHxy9PYaSD1wfH5zUYGZ45Bz/BF+fs1d7REQ5H/e29hZmcIqzO/smbX04Pf3x17rw6OXpxAA+fHwCEe8+PDng4mOD+0d7h66rzYu/13o8H9NYJ9HQqzqWE1Pn51QE+xnH34L/754cnxzil/ZPj81P4WoUZn56r138+PDuoOnunh2e4OC9PT17zZHGJ4a0T6gjePT7gnnD5zV2CJvj97dmB6tR5cbB3BP3Blh1ntjXZ7B88ONoXWN2OSSc/xNKc7gUmSzPpKf/qLuCYUgb3/wknwCUuLoBwAVJ+B5xt5oLIFc9/AEpdmwbzZ+k3XrnTePt/Fnhgp0DBkApcOt9d8R8/zGfRNPS2J8SZvGgiXk+OxOvXPx0emsNyE3HGYQTB5K6vr2sRFucg7khsTrSJd+BUb4svtcv5ZOw4gIfOET/h/gTbhf4atbocAlgofcQQqmpNjQcBoekiwFlj+x1dhjjk46llV1IbgF9kxj9Z4AhfRjn8G3owoIpssWCG9HYluWwRJ38QYdWuCv5IXPIJCTcEwd9+eCR2IVUW3kz5JLbYzAyV00TPDIXAynnKUtNJOj4utEKZy7g0hyoKzW+cBUQgtxsONMS6Y5cu5ne8xnKczPxPgf5FE5wUkn4iwyw/U6dalelvtW1aJumAmixy+ODb8SAaDZTE/DcB6aDW7EH/tWZfzNIPRqAhwD6QyfD50cnPLw/PXqmUFiABmDkukI+XWZmDMbAJwnxYJMCS51H0/u5nlYxCeYuGMAjO8GD/ebkZQkNzhvCg7AyTae1fCrnj7neNftlmG4gnhqE9fL5fcg+f76f28Pl+6RnyCX4ZBD6lL7un6Q1GYgCa2MuSWwcNUxN7WX7r7ntiJ1SS3pjYSdmJnaQndqIm9rcfthUNzlBApZTm0Le0FpEic+fRxcVYJGvN0edKAC9rI5szkE/1/dHHY+Vy9dFe00NzLH5mWbDVFV8lMhQJDKuKC2sJC5JzK74tNl3jezBNruVnAivqD8YGm/5P1nZFGO0cBdOL+aXKX0j4nTWDpHMqJibapA1WFDzkmmHL7CfCUIJvmGkMe09sVjbUKsQdlnOFtqVo5mN1LX6LavGAzgi68Bvxo6VUX2YKsqOB7Ci/qbXntSecGRjm3enmTpzqoQJaJhPVkiujgQvtqlRzEVQjS+7TzGyo7UB1a86HE1uuMp1UdxgoIo9sJXdS4vjLMo9mDs2SOChoMb464P5uPZVMjzgbaeSwz+YkMT6yfZMDGoA1bct6GAkQBZMZDQdkwR4H01tjmN4ZIle9nrsRXGQXNGsq1D6MPqIxhGpe1amsLvzR2uKUkc1O1wHqOUNtHNPSZyZ1tv08+ug0spPNM6IisPBxLTZUmgeDIYyhjkzBC5/6R7/RatSHbrcKf/d7/mjYcT38uzka+btNf4h/+/WGC7/s4t/DXtBwR2hRqn/sus3ubtCnd4furtevtzv496jR9HZH/X5VH6jZdhv9fps7afUbXW9Ef9d79caoGTTx716nF4y8BnXYbXX7zbrfw793G53ddtDt499uu9MbBW6LBmr3Wy1/NzAGqvt9aN0b0YvNXjDsdkQnvaHn89+9ZqPTdoOAng/hz3aDZuQ1O26nP6RZ9L1W3e+0aNCmO2p2642WMZDX8RvDepMgafa69V5nVKdOoLfdfqPHy+UPWzApGjTY7fvekNp06y230asTAF2vH9SDHi31sN4Iem7LnJGP89/1GtTAbzXawyYt3W4PwBr5Lv7d6XTrHa9LnQfdTqfZGRFgrtvpuMN+m9rAsvR73SYvb9BrtNt1Y6BOx3Nb/a7LU3aHgBm8uW3P63gt6qTRaAOIHkHuwir2ui4vtbfbDPr9Fu9vEECzhtjH0dBruiYyDN2+1+nQmu+2G71WY0QDeQEMEzAC9Ie93X6rwQON/O7QbbV4uZptb9QhLN11W81Oq9fgLeh3et3dXWOg1rA3wknTi8P2cNhnaL32cAQLQGve7TYBHxjybsPv1fsedT4aNhtuv0+dt3u7niuWtwNSca/eahoDBaNeu+PzjIJ+r7PbGdKLvtfsNlt1WnNExcawR8A0W70+bgG1wTWHFabjMOr63RHvXa81arebrdQ5CurDdrvX5LPQazfrddqXbt/rjept2rt+0BgBFtPSNRtetwvNaEZdOK1en9p0d+te3+sSAC5gVQ/eNgbqup2GW/fpRb/XaTdHXYK8362PXDhY/GKn0WrxYewGwQjwhZau0YKdGQZtpgyt4ajeoaXbDWBRXdgOfSC3MWrAwtDStWB/6o1dpgBdDw5jK+AD227BGeHD6wVBr9ugg9nudEf90ZAG2vV7bRfwp8r7DvMfmucoqHdHux0mKb2O12jWd6lxG+hbu90nxOh0gf64TA/bgd+CP2kFWt3WaHe3Ts8bgDv+aJeet5t9pAG+iXW7fh2oZ5uJZ91tNNs0qD+sA+nyedD+qOHV+4SB9d1Oa7fp0YwA/fqN4S49b3b8NtCMnti7HshuJnoHrVHQAehpnbu7/bbXohf7u10P8ISWtN726nU4PYT2gNDtER/qdr0/6tY9pgxw7vqBRzNqADI2212T1nV78NaIz04r6HqdFhNJ2P3+sBkMec07zcDrUpuuP/I6jcaID3Kr3u80CTE8D6hOp93mQw075NdN9B4GQcsXKO0HrVYbjj4jQ33U7NV3GcJmAEeZltGre0MXjhsjg9fbbddpUL9ZHwIJpCUd9v3WaAi8zKR1u31PLFHDBXrcrNMS+V23Ua97YomAkTV3+3xe+iMgqgFThsbIbTGV6AVuJ+iPxP62ms3myETvlrfbacB60It+t9EdNjrMYWHngJLQUvh1INkuLyNgE4DucnugE7uC7LRajd0hI1IrqNf9Uc8kQX3YxM7ucMg8qDvqeW6dZ9fb7XSbBLk/gsPVF2wdzrTbY8Lb7MHRHPHZATq322ryCvS89ghWKoUM/Q5wIGZkwyEc0h7PAqgOLAvTQKC79UZDAAAEo+UzEYYZAbkf0t+wt96wwxSj6fsNv9Ux96jvdlpBm9cf0A8obLfDm9sL2v0hvQiEfNjf7TPja/j+qMkM0W17w91AsIwm7Fir3WAWE7Q9OEsp6t2sey6/2AIeAkeGKXMd5JuAN705HAFCM6npd/yh77Zppm7Qr/cbPLvAdX1g88z4hv2W33FNourXewFMtM74D8jVCeqMRS0PFlXKCZ1+m8Wt3gjOPUBPS9dsNJvDLgHQg8+w16AD20dcqDc8Y6D2yPU7Aa9/F2i712rQcvkNbzRqMFMbttweUASfsRH+0xRCC4gjjd3dXZ7Rbqfp8wr0gNIB4jfMpYMpeh4fOtjMEQhq1Emj53qjli/Yeq8fNPu8j2231x7xrEcgfQKZYmHG89qAF7zsTdiLnm9SBuARIxA4u4JIgkRUZzkNDuIuCEXM7Bpuoy0g77pABBhhdnfxRPUYmF2gP3D4+CADaeh4I3NGICYCF2IBA0SZXp+X0e+CSDNk6u0GjWAXcJAIbL3ZqQdNXsb6bmPYEpy32e3V63we4Vz2gro7SonE3TZIuby5deAFfZZ2QJYDAZkZYqfvj1xgSAQM7FYb5AYCpg+Samt3JAb1O0OXkKHeDDpDkK2MgXotkF5bgqs2+zBhlzppNIAc95mtt4PdFsrBjBhtkP09HnTYaAPTcJnxdYA2dhjrYPhmv2EO5AOVBmrByODBCe2yDABoW3fbDECvEXSBStOS1nugeoyYlXRg5YI+s4xRs98FVsJMEIQQPz3QsAtyZadJ0Aa7wz6IO9Q5SE5tAJCW0ev0YCX5vAC/qjeFeAYy3aiHaCwAAALDFD7odeq7XZfH2bKqeveimjWcVHEUPsHDXXe3HvCh6QBn6TPb9Ie7nXpfTLENvLDLKojrdwO3y1S53Xd3QUKh6faB4nXrTHFBc/KHeIYMfPdcoAOCaPX7bmN3JEShbrvTZPLsNYeNPgj1zH5b3XrT5YMFoLS9Jmtm9U4fqCxTYhTq03pMa9Rp93ssfnaGIDn5fDq7wCyCNpMK2BvAH/7bbfhN4NF8mkFcb9X51Lb9JsirAW84HL6O75k0qe35cPT5uPfasIgwZxqo1QMdhTkbkLIAZG5axjqcge6wJaSboQtKKM2o5fVBa2TS0h12YTtSxK/b2x21Oj1GMUDUoMmDDkG26LSYPoEGVgdBc1fw7d1emynx7sgP3KAjhIhdv90OPHEOuqPm0GRQQ9AXfZc7QWG67tV9/rvhNUYsLtVBFYBJjJg+1UFHYsGwBUx2F3RGOkydHojmrAT7IH42gaCZJxh4Q6M16jNJdvvNEQsI/XarCYT1/2fvXbvjNpID0O/3nPwHROFdkjZJoRtv2/IuRVKxElnWkbzZ5ChaHjwa0qxIDjMztKRkfX/7rUdjpgA0MCAlxRuvaQsEga7q6urqenQ3ujjYBe0JXCVhCKAJJmK1HSQlGN+KBQb87yTmkBF8+qCq8rbrCjoljFXIfVGDyxdwNAydAsLIXj8MzUgZ1kkGPKGy4pEKoQXymvsLvMKi4NEMMmcKcJPawmAgSIUgnCQHoqsi8zkcrCF2qnyeSAD15IMnQa0r0bCyQ6HDDAJvdkAi8AALn71+cHrqNOuo88rAqEtYgQGhgZ8qdpECUDKGbXVVglGstVXzSieay2sTF4niiAEd+qpi8QZNBcKctlmHHRgmbKtBk6YVDFmrcessZ7fIoAdRpXxfJrkpA3ZvixRCLfYuY/DLwQCxVQRbVAZVN6gF6Up5zibQKqos66oqDIKCpRGCcYjmOWRXGqwvvGO1HUdlGCluUQYKn4NgjBdhsLelLgGSgKHEFuWDMTdRxLYiL5OEtUEE7pfKbMAUBqDaa3YWINQsE7YVQQllUo6BokxDONgJLyCGqE3M01dZUoM/V9uIuciLmmMUZVQUgOUiAmIThFHCOg08PTBWip/7IPccMUSg58B3b/vIKAjgCLKLiiFNzBWBYQN1VWSs66BExa5T6qOjYVsKGrpMNUcJ4K2CFuLIu1QwwOP2VAqE8OB9cHiXhUaDw8YhRQQ+HyghbpGfgxMXsmlFFy3nPo1BwxZBZbU6mBImRmUlRD1xZ3JI6wA0IHvxiQqUZpMLdVfIU2ZRiVM5/DwooP8z1oFxUpRpypNDYF8gQGbzq1JwR3Vb15VBANEAz5kVGGvmbGviKErBQ+X7NC+y1E6rmBJiMBv2gQ+dRYF1HCBcrti9jQp0o0FRtzxKcCCKmGcyYMAnsbIdDeYDdB1XpCBOj3ggK/A0c7BC3OoYVCfPffoQptbGzlTlfhAHHY8SVCF4maxSwhKsiObAtIoyCC98jtgKiB0M2xqDSjDmgRz7sdYl91dW5kVUcpgIDQ3SMG5b2Bg0nTK57cQCwgJ24nJfo6OZWTbmRcHzMaEfpyC+PMNRghCHHFUHaOyzijhQgqUEA91WQVkRhX7BczAQXda5z5o5i2rwphKe14RAFvjPAgNmJ7WmH15DB7OTrpSpsiBiguMYFG/a1t6+AfuasoNRJiZW1jfI4spU1olL0gg0LBMQJXWE00CEsNCgYGNqUVakQWmNIygVcL2zthdUQvDu5zyTAZ6tAevNkVZdZWHKbiwYD5BvFpgoNaAwWEoDiCjr2nDIDj6AqXhezZgExmAneo6qELUkUWvSOMQolfpCKz+qbBwD2gBDI3oeGWPsWMuDPM8LYzV5DME5zyXUeVmEYETbLUogzAl55s/UMXR6YcdRWAcFhxfgi1RYLyEEzxw6z+q9NAqrkl2vMCzAd2dfAgrFEO60K6pjUPy15oGWVjpms17DkAcvkCfFVZmAB0UtBb0bgdng0DyDMD3MeC4NfKM05+EQxZkudNr2+iHqK4qaQ4ccPJUQNCZ1aBiDf5ow68DH8w2XAUnQQA5R7pdRVEfMOgVaoQ7Zx9BBUCd+3Ja6IEh07TNVEIcGiXVCwGGtTcl2Jy5BIRY8lZKUlQkgaueBDN0exnZ8pVGtefCWBtwn3RmweQwOoc8OJGgaCECY/yY1dZVGVgWBNwEKhFqdxeBkcDhYRuAFxjxpB0F4CAaMnUlwA0t0w9qTQ2GY5DZqAJMWhFxpXVXg2LAAQNQP6ohdX4gygsoGuyAfMAZLnoeDwQ6uHEtvAIFc0FlDKMHqB6ENu0GGg5TnL8G3SBsTX+N8WK1ZqUZgPUHweKyBn1txrAkWJcjAD2ZiQIwgntkemelPG5lpZ2RmaGLHzoaHEB/4vJRVgwulY7b5GSgYnbH/GyqQd1smgdCpCmvrr9VhXNiJuTAH9z1uW8IK5Ae8bnauA0AR8igMA/Dt7AwRxAIgvVblI8vsTF+W6DCMeCAq0C1QJ0/H12mRpp1OA3UE7gKrhCwuII6zizpQZVWxFMQxWJGaV/iKuoDggeMVHwYBOCjc4aCI4oqntwIFjnTkt00uhPU4dUgIYTxWQWYHVq4hpGCfFzzY3M/ZVmgMya0rBAEVxIzsxYAJBQvJE3YGYn+Qp6ITmUFQGPLcfZWEaZz5di7MN6Wfs6pIcpVWvAoIKhE1OCvLNE1y6zsXUVqCNiHCkhy4AXFgewTnJc4F8eQa6A1UEHa4p3nARgnMbKFz1sTQizDIeDRXGdjwiM2ygb4DV9bOpEMogCuCLW+lAvc+Z8kJi7gCT4inbkGrxnHABicHLAmHekEemzrnTodBXoDLzit/EICahPGAXwHassM6GIQ5BHgsluAuF4CSDVHoRzEvDxc56N6IlyGjKMI1IO4vP8UBz8MBYpo8YymtIMTOorA7BZ+n6BhSp8MYyWxgWmLcmVm7nRkFlplnOMDMgGmnVgc1GOKI49TI1CA7dtz5MOpU0lZ+dVWnxnqLIEOg29nRw8hRRRyC+5FOdcmmOIsgjoh4qh1ni+NKs4FK4XnA8wTgxtUgge2K/KTOysxKlPJDCM1rFgDwJzOWuqhKIapQNqgCm6SMnY7PYFCxXwx6r4TIq7baQwVR3B5HOkqKJGX1gpMxmV2bxDAKF5Bp1NdxEJe8xgmqXRdh2UwRqkBndmE1jsFx4JlxMKmp6ky0geAGmZ2kDoLAZJongYJCgwMYWwe8MEWm7RI+SLq2oTz0v29D9sok2i9TO9efQw90vP7Kh2g4ZfUCZj7JQrvwEyaVbxetYZiVtV1lj8IwA8Hn4AlixDDlAKuEYVRXLJk1EJxWqrM/ACci7WJABs2prWKE8VLHhgdgHdbg93GAm4NTWln25tBXVcWLPbhMB/46D3wIL+LCrzqRWVJENnSIqzjRpY2YEwgBQ45RqrLyQTLZFOOsg/W5ytL3cTGFVVCQ+TU7I6DGalP5HV0X4wwoLxKUBix3lfGY8jNV1uxP4QxqZLdNgNAHEAyxG6siiN944gGwhEnGsyDAoqICZd1Z14QY0diFNxwiWWLXLMGv0awl6hB8Z8Wz4bjunFfW/QH7AbEmEQM9HUFYy9NgKXSB6qxexLhkqpldIAo6sg6CDy+Kgs0ELvzEQWSXuOJC+TwjArhyY2c4wOmIoMN4IIPkgjfeng8IwT9WMTtuuE6rAp7AqzK/NHYOAGw9uNzsRcYhjJjE6kbQXnka2Ti1ALXOLI1D0BlB3Za6DEKH1I/sBF6dlHZ6Ev2/pGCJin2IHX1eVaog0IHxzX50HKSq5pndJAmj3Nj10QTkH9nYnusPdWwVZu1DMFiw/1D4IGaKNXMA0hUZpjxJciCroBYVFegOY2ehwHcImzUbiKm0iXvzari3ws7Xw6io2HqCLg5NzfNtaZJCFGpdVLBSoB1ZeHBCzliHJASbqdnVDaE9Fcap7ekunL/liArCWxx/HJmBN+QblkCQboj7eRdRGMcmylL27v0ixJUiKl9WYKp46QuCcV1BN7XD9Mwv0JrzGAHDGLEnoxT0tF3CT6IkzG2QVCQQydiFBwMeC06oUj/GGuwdx6YlzpvGQTsENBB0g2lgbZzBCDWsGBEzOFkcvMLoq42deMhxLZHdMyAxykNeTgb3JQY3mmcQIWQDv7rNugqCKxBTdrdg8PpxbTfuGLB1PJcWAsshaOY+8mFQG57ZzSEqSoPazh/4uoh4r4BfmbjydWc+IAd9UtptSUkAltGutqJAl+w+gZeagiMUWckEweNIuvRBvGI2MeBp+VHK8U2AyrCK21OSSpk4MxUr0gCEKGc/IQpKkEHe51TqEgY1G8eiwHiMfQbo3hIcJ7ZNECwBa+ySMEhFlbT9uriGIRJyh4KrXYJ24TgGHGs/5zmzpMx0UvJ4wZnCRNsxpcGhrtivU3kJKpaXjcHdNUVat6XOVFEYRTxp58PLPCpsOB5UEFfy3AAErH7N/Fcm8k3NCxeFioEfrD2Am1EzrxDj5osg6CjVuorKhBVpBB5IaBhhAG4VcIN1Gli6MmXFW4HHEmg7ha9x7YTnsCFcBMeSxxd4thB/GH97ZBZ82sgscEZm4IZm4MMx+SC7Na7tehRS6MSuwUR5GemK3aKoLPw4yWwEkIP7zk56BY3VCS9lZRmuZHa2ElXA39Tw7EOB+jzgiRgQ10qVPP8FHqJfhryTp8C128IuaKpcNVslQbGZQrH2JT/eFG1HD/fs5XZjANARxlbhlVA6iXl3VhyFGcg82/PARxeQWwRBEPhdbE9g+IOB40kfcDpC6Oi2R5kF0EqezgCvPYcQnl2eEvz82NiNARGEKWx8QIHllfXFwLIDQ+y+ssDUEDLZNWIYFUa3RzBYPqDW7gAB5Qjmn8M+MPJ+wEM/K8Gi2CgtBWsVKzvBXZgstvsuIDIB54WJLPI4BEPfaVEKoZHmECFPMEJh1R7iXGHE5hcGEm6NsdOLujY1D7g6iTROHtP4qH2wS7z7FDQ+xKZRW8tCSAmamwUAjDlYdtagWQExcswT0AHuiYx4k6HJwIsDr4LKmCCEgcb6DJ21hEewrzVuYWub3CwGKLuQAwq0ymPbueDmBYYnRhNQa7pizapq3LNkh0CFi4qs8qMcwtgwsTNHaQrRXkcnQRSV2yVhMAcQmFmfC1qXl+yY48RtnTNC8LKDMkx5C0QaFFFit1CmVQTWkFmXgddpOl5/gptm7XYU0Oq4iZXtAy4/GF7wNkEVRNZCqghC0Kqye2DqMK5YMHA7bazYckKJsPY765plACGK4T4CJxBcHvZWQJsnKueQPc+C3E+03eoQ1HHFrQMVG2hld4xEEGrF7GtrCP8gDO14KxAMVxnzH4NLiD2ZKojhArtvE0Z0HpS8MwS1dpLwXtkSLEtl95KBygIlHttoAB6jbWnP2ZhUJbzAFqRoLFklB0lWRTZgynDSyG5hNXmSg1fLPhpIIwTevAwJXm9peJsEeJd1YTpbW/O0QNtmpw5BT1TslkJ/G3Dq2OCEKjBxyhpDg4Nq1z6rCnpIa7tDNcWtROzFZMBo1dmIUAQQIse+dbTDCKJhXrxJ47IyLMaqxDAyZ8pBK8Mg5SngIkrTijV2WVYahgdvRATTa4KiHcdU4KrGObcogNFc22mtwEA8kbPUgauA2wh4Wksb8AvtSgaomjTkvksrcEs1E1PUQRmD79uuSIPGCq2HgpuOKht2G7RHbINqiBfigF1UMDnGr3gcGdxCHNiIIUVu8XgEoxYkuJWlJQx+6IMtszt5oMmaByAoF3A/Y6sxVJRb39mowvdDltIMnOXAmgbwz9JmPy0Ihcn9MO04EUEdFCzGQQTyau9xs5+qQhbpJAHraWMaqDT2C7tRJwuCmvcHFEWQQ2DH013Q1xintaXOT1Nwl3j9GAQ0ySzyOtClnVXKfQiLcp6wBjVVlin3KQydpGq2lOM+RGV3NuLmetBrbY8SRkWa8FauKgT5r9iQVT44Xaa0czM+br9gHy0AHyNgLVHGoNRiHqRpVfPMExFT4HxLe8CCTgMLwJSHQR0hC6hzyXjy0pQG9R9GHL4XNSgnbdekQQHXpV3JqDNVW+UMsVKogHntinK0NLH1bYsYXCKeG9Bgj0MOdoG8PE954qeIS+Un7FHiuheEVVypD+Gz3UFX4g4UXExqmwmMkXmyB0IP/NaBQ4oyw3UcHl86AUeJ1UtWK1yd5bkcH7xhzXFMBXoXwlYeU1miat2ZswFpzZMwbMx3AIqUJ1mjwiSKFxJK8IcCzbF+VQcwqnkcAYsybbdc4EYoGqTERhPUuMuuvZsRBn0eWUcbBCC18aKJdZKxCgKf3CQmtmuWCkJSXvCuK12qipdSUgiM4U82GWAutO58DgMBFwwkHt0QwujE7uICE5QGEc/mRjEE9xWHiWB1fVx6o+c5dFazmGcUfinDEphWOgk68wEVMB8sMNsdBeKSVXYdOgIlzCooUWUcxXbtOYYIIOF90QHOkIeskMPIQOM4kiuDWidF1tmIkOV5FNhJO5A03y7UFQWM7dpYjVFUleaBCTZPx5lv3WDQX5pnEEEai7LmcQSRaYzOYtslDiC2MSVHxjFozIB9tgDMKviAvHEnChPweKxziEuCPKbqJIxBlzABSV7nivtI++h7dHY8pBAe1IYne8DkAHvt50h5nteZ3WlX1tBuVju4IFlqO52s6yLNWUpBMwVxzkvIOKeGX2e0/Tq/CiFkZk81jsDY8aJpgGuQkbafJvkphL4cCODXUIrHES4rGuAwCUYCUlfzHHYAjiLYrXgsMnt2SMdu0VePeKYEfjmoUi/Qh8Vs1XzM1o/bMAjjT8l2rltB2rSvNgnSFb1p0Ipxbj/yiPLAT+36I/hYqV279MFSJoH9gADCcwzUqAOzDFyxzgq4j3OLud2aXQLPytR+NYJf/LBLG6SVrwLejQDxDRjL0q7pG/CW4rITu+Sltiq8zBIYQux9BGBWKxu3F7g3LuP5/QysNpjqzCo2sKyqGOsQ/JLw4cmP/374br54i59Cto5FWxfbnJZn3l/nV3jQDx4i/fL6lT0dyODfh3y8G36WeMgfJL5cFq9Gu7MoV+9v05lY3tkQeZ7fcsVf3AJJ7sqPbytDby+clZ7aT5tP8EvaxU25mi/6n/GemhWem3Rl8FQRg4es4ZFIV/OV/Jyevvymz8aXb+Y3FxWeqYRt6KPj8/BKW+ir3vtDb+DwjIklTx6eTC354/OpJR9Nrf0HR8nHNXELJO9iVq4u6HvxgyHavXczPpHKzb3e57ube/mBOOiM/JKOJ5zj0Qr2S17mfV9umu/6pdisjxLsHOXA3fdgiPz+GYNAirlatQglHKOnW74wq2UzKvtM+Ff8YrjMr5BNoIDxWLYLOkzgyFufrHCAX6fTQZ0L8183s4U9/QGP0UMQGv6FWb0z5grUN2mBy/z9kReGKerypXcxF0dRYh9acvCsuAtk2+pNfmU1P4wMQwdy1dh5TcHVHF6jXSjwSDazWr/Il0Ac4oESBY6Fy+t8NSsuNl1Dnz3boVWYMkey7Z85noiGp5m9A/1D5dYn+AHu3aX3DbYHieozrt0KPNSSW9E0+gDbsVrMLq2qJPGYgmoj37O1gIOSMJfXqw/YE7ss0/lyeXMJii33lE4JccMofAllrm6w4IeVcR0n4BRX55kJeDJhbzTwV/mgC83gsZkWFIv0BRmfspiJ84+xZOs0Yzp2alO0d+LuDicvuPef/vh/8mxoPiSWDpbd0PCtF8VD2JvjjSkvADhGUHLoFN1meMqmbxmZN9frrt8jc4p6f8K5F3x8bKdvRm3XumN6oP/T5vhsCQX2dnBcHH779uLlLg6FV3Q6bfMQGfPggdcv02Hh/fsgiQs6HbjxFdoF+DjUNj/X/G+wr901qsV78K2goy0w978g14PrQgG9fslOCa8CFDezC3q8LOB5wxhRF3oUDucQf3avdz2s2h7petB5uyx2N2/b7wR+OgrhYPS1Gn+tx18H7bf7mz87jLrv4WHS5VtQHFf54oM9EhjPyLwBEXx9BYoFD+tctoes1zDnnE7JWO4xkr3dky/w8OZNr8ghQuMMAEs8yaw1KPCHTyn/Cx5Sjsc/28PK8axylX7tffnlzswlVZhP5ZlilU3nWc4W4Og1BmS+1qcHXFJvSi4Nnni5Lnp0dNRGzvRU+Sq3JL21JL0FkkKi6K3z6O8GxgJ/842X7nt/pda/3PmLK28IDjZA9xfKq4tMGjxSnPnjQNHJLdL5U0j1S5DfVy8x0Yl9yJHQy53ZKzxDHUkeORu8OWUbGfjfZjE/ZHFBf4DSaGJf4DCTjLYweFQrID9w4nsWMFi4AcNzc9fYDvD4UjDv9BZt2rNDjhXwdTtCFD3Qswf3evLWlTO4+fKBp3sdcAGB6d7OBYjBYn9I9p+S7Nu6LXebDBx0OhNLxH4vJUCve4AK+KFOuphQ9ktPUdmFW3/2WxoODCgxBr9GWfsGT4mhOydTPjtjeg0G7Yothn9/GeTQKJCLVR12/TxiqO2ZdHimNB10NexPdVeT2+7STJwKZE8Cb59v1LPVbXbNrhyu1PWGu9Twe9etLEU43N6vFuDq7rVKLQtM+HX27z8+P3/2/OzR438/P37y5MDD5/tfI9QSXOH1iUVY0bI497t1IZaXvqwPiylnMdUtpp3FdLdY4CwWvGpZNM5KYUXv3tMv7lEygZYduuDkIh06bGIurnZUT+CQmA2OiJ2LPwOia5Q4l2Qu/vyAjmQ6918CId9+6+nQ+x3OCdavPO9Lt9q3zLQAKt4A/HkMQFsAL20A9sdrCBCAfyyAO0fLomkhjSdXKy9EKxe3beXitq1c3LaVi14rmwJCEdiBKQVpgTby+qVKYMQAq/iP+NWoc39qfimdYc/N/Aid8fc61FVCYx3EFn8fuob68DC/wxC/1fC+1dCeOKzFkD7sD+k7DOdbDeVbDeMpQ3jKIPblGB4fwpv4/NosQEou86vSHNpEJZjQpRlyKEGVuS8PqyYM2+L3VvqXu8XxDhRyoPcS2jz4Xe+AWWd+k264+Cdj86vw1J7yvTczwQo8xZnYcGku8QB3KLqcXx1535v8avmV9wgnsDBRDkWR8yvj3VyAT+LVOD/P2YYOOSRoKD1q1X5c42ndeB43TqvhDNhyhdODlqSfDFRJuDoU4WxhM7sO9EKls8t8NaPMBrgVs17TxTlrroyod+e1uTp/MzsHnHRKNQZ3xXx+sb/XxLJd7u6jm+C3ebeE4AUq2FstbkxPm1DWv249rgx/+Pz8TU6pRS6raK/JZnav3ZkH3v9Y9Ynt+RncuQMPV+ogJLpHySxbEyfdWlypCUeyDkqaxum4NzRMaYbPTjh1mflyU4Ejn+8oW2/DWmpK1x5iiDWUwE2kqHowlJyOKLQJgVB9HrBi5F+afwUjWct45hMht6etbWw1JwkbstVDoMoJ6vTuuqDaCaqngAZO0OAO2VVdqc7wxyXL+DMsz0Tbtbee49pzDRH8cU8hOCPrNm6af9nduT6nBGWz4WxwTvCpcseh+aDU7btYP8J3QocE48nbc8yDdIBh/TWqk90eMvYjp3VVL+0dKPp/Nld0Fjt4vs0kkWPctvNqutmx3Utcl3R6i+u3La9xrD23Dxnb6UEHe5X8MJIZ8juR8UPK6W5hJoHeNtRsgG4VbjZAE0POdZvWreepnBEO3C0EFRyYHoYKDkwPRQUHhn3Z5scxZFp4JggQj4PNKBhiMnjElskQ5iKDh0peiJLxK3eC1u4w6yd9bY/1JtWDa6y3soP+kmN9aLRPiBr7DflttE8a7Yd/56N9bCx8qvHuTx7udx7to869WB0Yzn7ar3VorRUJ2PhKu/g3LhlvHrlbuiszp/Na7+4AU3ZlhuotRVsamhevW48GwFodzWCtR45OaD/qbFJobi2jOeRee5Oj3bOZIREZSk/PXtwmOSkW/4dfQV5SaMf58ua6IWrx4fwS5HWBuQzXCUq/wtZ6rVJeU+pnd2WYH262uji6Al/76PX8p/v17Hp5fVMs8SaMDzVmhvMePX72wsO/AH4P6tg/8E5xcc2uTiGrX6yg/fmiGqmnXB6ZtzdHprq5X+clhEIf7i9XH8zifhj79y2q+//y4hC7jPLR/Qv0zwvKuEoNO+N0qv9b6VatoHVTn1Zm2UqyCsW6+VWhyCa1al6UEPm9ftPFYzO3KB/+xpSpX6/fyOSqu7vr530nn3CQn/8l2/0v1oNNZivfzTdIfpY0cF5WonadkpX++i0b62/ZWL3fsrH+lo31bzkbKyjef7hjItZfIJPqryZtqjtpIHRGd2uo4/31Yo5IeH24m07wZH6F+n9JKzXLl7w1Hd2es6d0/+ofXOn9RIHdA8+X+QIHEZ6ebUFoC2Ay8yl5FJ2ZZKnFg0lk6e1v+WOZ3b/a1LHrxv0as8Zueu7XkzB206ZfT67YdZs+bZpY0mAiBOrosLsmh11T+7nzwq4r+qQpYVvTDZ1ssD2HZaq70uRy9Y+mZ3PFgPlXmcj1X12fU3bJEl8H8cv+50R3S/E58N3PvUFyf915Z4e76f9g2lkYMr+OjLNgMH51yWZf8K4blBzop/sB6bf19GOP5j+i0M2vLj7gNO8OqDbQ/N6D5oPXnpEZa7MjtBko0wtvPo4zaPcX4ERXOOGonFy5zN971/PlEj879WhMgkjKbyMHif2ECpGUwTmSskVvey/KN6a62Xwhezt23+2beQj93AL15qaugWsrnP/v65/1vkH8jtWOFgqYDuw3RqvFB+8Nfe6fX3npIRVbttlHHw9tkJQcj9IEJ86QoQa0k5FL1Ca4bYvWCODJGkc5XyxARc35q0L8DtmCcPRGhI1qz3HR/Gx8X1r29r9pvPef731/7N+9g21lHj2Sq4sjhR892o4Qy0xCyMjGETZlJiPcRmFTZivCDXXDCGWZyQjHKJRlJiHcxkNZZjLCbRRO4mGbf26E3TKTEQ5R2C0zCeEYD7tlJiPcRuFkHm6Tw26ZyQjHKJwsh22RGUc4mYfb5LBbZhBhXwb7CF1lJiN0UegqMwnhEA9dZSYj3EbhZB6OyaGrzGSEYxROksP+sBtHOJmHY3LoKjOKcJs+dJWZjHCIwsn6sK8YxhFO4uE2fegqsxXhNjmcrA/7amk7wskUbuPhZDncpg9dZZwI3bqwjXCozGSEXQqHykxC6OLhUJnJCLdROJmHQ3I4VGYywjEKt8qhW/2PI5zMwyE5HCozinBMHw6VmYxwiMJJ+tBtoMYRTuLhmD4cKrMV4TY5nKQPXYXHKJwsh2P6cKjMZITbKNzKQ7e+ayN0q7CJCF0UujXOBIRDPHQriIkIt1E4mYdjcugefhMRjlE4SQ7dI2EY4WQejsmhWxZHEG7Th27RmYhwiMLJ+tDdi8MIJ/Fwmz5083ELwm1yOFkfups0jnAyhdt4OFkOt+lD978OQrcebFM4VmYyQknhWJlJCLs8HCszGeE2Cifz0CWHY2UmIxyjcFQOXYW38XBUDocKb6NwEg+H9OFYmckIhyjcqg9dhcd4uFUfDhXeRuFkHm6Tw636cKjwGIWT5XBIH46VmYxwG4VbeehWUW2EbiUxEaGLQveImYBwiIdu8ZmIcBuFk3k4JoduxBMRjlE4SQ77w24c4WQejsmhq8wowm360FVmMsIhCifrw75iGEc4iYfb9KGrzFaE2+Rwsj7sq6XtCCdTuI2Hk+Vwmz50lXEidOvCNsKhMpMRdikcKjMJoYuHQ2UmI9xG4WQeDsnhUJnJCMco3CqH/QG/ncLJPBySw6EyowjH9OFQmckIhyicpA/7Om47hZN4OKYPh8psRbhNDifpQ1fhMQony+GYPhwqMxnhNgq38tCt79oI3SpsIkIXhW6NMwHhEA/dCmIiwm0UTubhmBy6h99EhGMUTpJD90gYRjiZh2Ny6JbFEYR9Oesj7IvORIRDFPZ7egLCMR72O2Yiwm0UTubhNjnsN3siwjEKJ8thn4JhhJN5uE0O+//uMT539qnHz7zL/Poa91e+MRfXeNyje0/oY9xyyV/5YNoXLCT2ePJnnLzV057a2Xz+MqOvnAv+bvvyhj8XcezavNNOy9k1UO9MLMaJ6DgjKafm5XyrnDgw4IxxnEi1nXCXc+9x2mvf5iKjwpzNjjOPcbq1doZ3TkTKyYlDm8OSEuNxmk/Omqw4DV4bkDP8cSJ7m9mcM+pRYc73TE+Sdo2clZlz+HFSPU52y7lXOYs358cN2tkiOaWfoqtPWcs4d5nm9Gh05cTuQTtxJidh41yJnD+Vc/faVLKc85Xzp7Zr5PSxkc0ozInrqDCn5eNk8TaVfAuQ88tmPucypHu6HtOTh3Q9picP21zlHKU2CaLNs0iF6clDuh7Tk4dtrp4QzlO6nhDmU7qe0ZNHdD2jJ4/aNZ4QzlO6nhDmU7qe0ZNHdD2jJ4/aNXJ+Vk5knxL3Mroe05OHdD2mJw/bXOWE1hldU84+R9djevKQrsf05GGbqyeE85SuJ4T5lK5n9OQRXc/oyaN2jSeE85SuJ4T5lK5n9OQRXc/oyaN2jZynVnE6VU5HSlfOR8tpVjlpdNBOlOgfU2G6+g/pnq6angR01fQkeNgWOU6OzvlxCTOnQY05oSOnqrVpqtuAhDOia0iYI7rG9CSha0xPknaN/gmRR1f/lO7pqulJQFdNT4LTNuAZFaar/4ju6arpSUBXTU+CR21SCWdE15AwR3SN6UlC15ieJO0aQ8IZ0TUkzBFdY3qS0DWmJ0m7Rk7VyPkVObNiRtdjevKQrsf05GEnYzrxLaNrStzL6HpMTx7S9ZiePGxz9YRwntL1hDCf0vWMnjyi6xk9edSu8YRwntL1hDCf0vWMnjyi6xk9edSuMSW+ZXRNiXsZXY/pyUO6HtOTh22upsS3jK4pcS+j6zE9eUjXY3rysM3VE8J5StcTwnxK1zN68oiuZ/TkUbvGE8J5StcTwnxK1zN68oiuZ/Tk0aNRP+AKP7Q0W/2BYT8gl1+LLAyhYx8Abf98URlHZsY7Wv2rn7YZfjYbbJJZobPhZ7PBJvmsnTlUCUsTCRsQCEuTNDagr9p4YLDSYZFl1cYDg5XOWTuxthJjKRJSHoixlDRS3jf8bDbYJLNCZ8PPZoNNMij0Vo3C0kTCBgTC0iSNDeirNh4YrHRYZFm18cBgpQMi26pRjKVISHkgxlLSSHnfD2Mrzh4S21f2w9iKs4d01s5QrYThj4RJDoThTxqT3Lc0rKfYBrAGYUvDeoptAGiQVo1CtUVC6QRCtSWN0un7YWzF2UNi+8p+GFtx9pDAvrZqFIY/EiY5EIY/aUxy39KwnmIbwBqELQ3rKbYBoEFaNQrVFgmlEwjVljRKp1UjuUrsurFbzE4VO9/surFbfNZ2p5Tw9iLhhwWNt+eRJ+31/DDf5t6lGunKZoPdCzZObPjP2gZDCXsWCUsTNPbMI1/B61kamwCcruwWs1PFzje7buwWn7XdKSW8vUj4YUHj7XnkSXs9P4zdCzZObPjZbLB7wcaJDf9Z22AoYc8iYWmCxp555Ct4PUvDsRB70hylsI/LsRB70hylnLW9WyWc70i4xUHjfHsU2Hg9t5i9PfYV2A9jK87eHvsK7Iedte23Eu5FJAx/0LgXHrluXs/wcyzEnjRHKezjcizEnjRHKWdt71YJ5zsSbnHQON8eBTZe3y0m28y+AvthbMXZ22Nfgf2ws7bHoIR7EQnDHzTuhUeum7fN8D9bmEMOzA0mbMRciD0rfUafcc7f05mvUOCQfqX73pt86RWYf/Yng5mXMQMEfSJ6xbMC7AtcyxrWJ4VsCGAn4iv8RBTPvrri8yQwOS5hKkyT746+pDfvywtA8pPxfnju+nT+bh9sYqsGvInUTzX7FL79ae7T9T2V6RgTfOizEaPCenPvy+eIpA2Ir1uY27XIMt0a/XUBWXvaIptqd9S4KSxq9EXb036Nfps8333v95njd8lz3NsyPVJlW7SLw7a9jhrdnPRbTOtzVbbR9133A92RdjvawbSh7vBd5PXa6yC1zb1p3dFm+xBXnQIwRXKGukP3GSL7lxl4O+2lP6FK0E6VEAJhoa9sgOH7oehYcc9lOo1O2wNxjST1Wwg7gGGncNi699eAPTZ3yBuvvUtqG7BD3lDHrskYYsi6xr5EtGrxu7VIqrqiNMCQtE1Jv40dzP3u8F2khp0afVFjTxi6kiMKtySn17/97lC9wpLDTgEYYo7focQpAK5O73TNVsnxZS1t5jiF3O91QdhuOyG/nUoIPqFKCAa8BGIKT8QjscqhzvA5tLsTyBOgS9KVQMhlOjUytqaA657L+N0aN5jbSJQcLlSmR2q7Y93tdZKqWkxoM0S218EcWcBvtUuWcYxsSV7YIk82x8GcdoEuo5zM8TvtUi3yxg1hp119sp0C0O5otxSNiFzo5GS7CSNc9X3l7JqGqh5Xu/3lGjUO5rT7ri2rrdpvpxLCT6gSQqdKSC2RB3RP7ezd2yZ1Gx2Kwqw2N/cSoUuU1gK7qd1vUWKRt0n117V0kfRq7wNu5E61AGWNTlJDR2GJxHeRKknq1h62ye7W2GZI2GaI5EO3O1xd8BFcdXRTn9RwoAs6bf8kIudkwlD/9rvD1XcOGe4yp9fRHyM5rv69nUqIPqFKiIa9BJ9XJojA1j3TrpUt0wEMZUMbQC37p0EiAbUvapFIVAtJ2KtRywKqVXvYq70927shSYsada8JfVI7NfbvfRdzJHkSiRxnWjlq9HuYO4Vle4e6QzKq079DbfSHO32oOzr9JUkN2wi7zGkLQJ88iaTP1bTf6T3APqn9ju4Kg7M7fEdH9/u0T+pQLbJ/GyS3UwnxJ1QJsVMlWEbw3ghfS7mjv5rnGsu0AduFJRJt7/2mTLdGvQZ0FJZUtdmsRS2SPL9LdhdQFughSVvt7dYoa5GFO0xzMiftyqBsr2qQd0mVDOl0Qbu9w1x1kCcRdkl1dYGkZKw7/Ft3R1fkhtrba6OTex0OO7tDMqQr2L2ucXTHVslxdIejvwaQ3E4lJJ9QJSQDXoLa0MuaUvG9T47NYKPpSdgAysJqc68Vl2kBatUu7OhY21XK1bFKFOiT7VtK2jUKUv1e7bK9XVJljR1GSYQ9UnWnXWHrXjKn20bVLuxqr+/kqqNAr3+HmaP6AtDhar87lJu8Lrd7kqOVmyFbJafFvU7XhJ1u2sJVB4ed3dHjal8Ymv4dlpyeALQk53YqIf2EKiF1qwQMl1K9oTdd067XjU7hHsv0ADcF2kh8vXne7x/ErDeYu7U0ZdIuYGofrgs4yebae4CSVEmeBOy10e/U2CJb3PdIbbC5ZbCNpM9VJ3lt5ji52i3QZ5rvJtXVrq4wOAWgy/Z+ExyktrknmdPuJkd3tLnXam+n9lEBSIfk1ilyHZns3w+QOkheu2vGVMKpTXNwgsfqL25wJ0R/Y8KpWWG2uCuDmYkMJtTERHBX85VM3UFJKyjdxfLN/Oaiws0PmEKgj24HU6N4pS30Ve/9Yfe097OTh9sLnTw8mVDox+cTCj2aUN0PjkKPa2KKeX99MStXF5Qi4sBBp/duxpn23Pzpndu/uZfHe1/ni/zSm9M5+vlFc1A9c7evu5t8I/TYqu4meavIiMl90ztvHzMDMYxIUw0EmKtVizwCbxLJ/uw8vt2seGftW/Oh3/R/NR+WtH2moBPxMcnkBeU3OfIwfcABZp8wF/UB58KKw0Pcn4tHxXt75vURnuMOxffw8Ph9zBqQ7h9gSlHc0HvgvdtwhRIMcJJR49WzxRI6DdPKUXJZyhWCu4Mu5wtjdwRRzjnMfpmXMBTo+PfZinM7XucVg9BOYrk76OoGexk3FgNWPAB+CY1ZLgdQXsyvXjuG3tkLL79Yzr2F+a+b2YJ2JedALbToA+N4Q3uUgV85dshs9QH/bjV7F8iYvb7i1uQrx/dRddMjSONGhGdrGZ6tdlli8+Xy5pIzU+Jf8PC/zWK+OyURSD9zgVM2G8HmlAatpAhdsbUYqbt70nn/vvcn0DJvTPn2fnmzopymtuOvkXzMe3DRyp0jJJLhMfUBdC+d4G8Tb14vMJ1TA9iM42p+hZ+Lef1j+OEHc/q1BPPbJqeyzMHQSwBvU9ZQus0FQYJOP3CCthM3t5ogh1t/5EoGjg1amzULU/bKXNIjnd2kxR5JXMAFZaa9XpFeLr6O4LQd0q7kzESSkwV0zOKqkyejK09togG+L1UWT5N9vJWeAQCktrfZDUcZe2puzVibt2wrY2WSQjdjHSU+F2NbRH8sY22Wx2kSC45KtWGytRhuXrPt23gvZkauTq9HEWePGjBQL8yGY1NSgz++zF+brx6Z2XJlLo6ugbPi/mfUOK/NCoh+ba7MgpIgM+5ZZXLUWZQlkj5lWTO6mptxVczZQrYPTi43JGvTxKTF5eblgJsyTYzaUkH4DxhTX6AwK8ustPtjD+ymOPs7sL9D+zuyv2P7O7G/04N1QpTZtbjHb3iE0qWsrVxRX4239ueCur7euze7Wv2UX9xbK3OG/NoBqLcDaidgsB0wcAKG2wFDJ2C0HTByAsbbAWMnYLIdMHECptsB0y7g/S+87zEz+CZDDvl7Oy9BGF7xF12NvDY//cTvOoq/9r78cmfWExOmrRG1l6/w7wfemiJ+8dL+SdW93Jm9evX1CBYUUkA0jMV+ieZC9POAR0FpmZCyjRuyfEkDUGLYeTtj+g832a+Ih/e903nr0/rHz1xf1iMKTIh2c4WJGPd2n17cf7rYPbAaRfbMBejLvZ0LeLXYX08/7axe7l7svsL+fLm72H0lARgFFN0T3Abo5v3vPPzo4BX8vvef71N/7N+9fe+vffa3EO8B4m+/9SAOaSMO/bF/0xGruINY+2P/piPWYQex8sf+TUDs7Vw4eeynY/8mUXzh5LEfjv2bjrjHY1+P/ZuOuMdjX439u7ffHUtn71cYPHpPfApEn/ufcfxsQFirrXPcWe22+fubRjds0uCRzlv/2dN90JRnfO4G6QYVg+0218ujbdpUxXjz5ZdOZQpIwQNYrNBRuodorW/l7T3aX3sU97xDD30emgaYX1zM36Hj8sfnT75yIpzgzZ3mq/z8bJ3f8PzFCromX1Tnj6/q+cP5+/PTWf4a/CB08Zx1sJHB2G9pk+4dOXR8gR7FXqNeAhYk9Yh/9r0/e/jqGzA4Gf7BedShD97OnBaj0AJboBibna5UApunHNicraDFBU51N9tMa8g6UT7ZN4LxAM0RAyKAAfFn6//gS9176RhghJTcmjW+ZuQKfOEaX+vlGL5oja9RMQJfvMbXejmGL3lJ3Wd/OvjSl9Qb/ZcXjn4DPhsYcKMC7uofUD/A+4VLEhZk2vvOQG/APsmXKxqmTbyEs0Z2bcl7ApQ/73Q6d3i3GW5S+mR0pzWkvphtPv93+xI2tthre0ZDlu4ORr+H2a3f72D13TR/CrPvprmH+Q52301z3z7f3vC7af4Ulr+DecghvIPp72EecIO22/7WOJBzHScLA1H4eppvbTgmTCa50oaOrvZuYvEuqLDBGA/PllBgrwkTLl7uAmXgSni/+52IHbwHDzahRFNGFJGZdNslN28Qad+hyC+AKRV+cnsNBthU7QKsEdr6pbldV7L2h4gs74Gctj3wJAXi3eZp22taz0a8mdWr5Ro1knp1c1ngilpNnUfZZamUqVCfeYStTb46wP9173/3ww2sm6TrUrnPI8Ef9AMONtdUXENxPbHXHjB/JcnXY3GNxfXMXrvAyu6Boqs4gkmJo8NUc2xRD1gchabEMUxKHB+mmqOLusDabrykqzgPRYuTSnRzhkgPWBz1ocUhHFocj6Gbgyu6wHxgi72KA1UCcdRJ0BxC0gMWZ4UE4hSPQJyvETQnX3SBeV+6vYrzYEJxUkvYnKHSAxZHnYTiEJJQHA8SNgd3dIH5wBp7FQfKROKol6g5hKUHLM5KicQpJpE4XyRqTv7oAvNZOvYqzrqJxSk0cXM+TA9YHOMSiwNWYnH0SdwcStIF5sN47FUclpOIY2yS5oCZHrA4ByYRJ7Qk4uyUpDnVpAvMm4rtVZz+k4pzedLmxJwesDjYJhVHzqTiMJi0OaalC8zHE9mrOD4oEwf7ZM2ROz1gcTJOJs6sycRpMllzzksXmE9OsldxstGxOHPouDkNqAcsDu05FsfpHIuDbo6bI2i6wHz0kr2Ko5EeikOLHjbHCfWAxak/D8V5PA/FSTkPmzNsusB8cpS9ipOdTsSZSyfNaUg9YHFo0Yk4TuhEHPRz0hzB0wXmo6fsVRwNdSoObTptjlPqAYtTj07FeUSn4qSg0+YMny4wH3Nor6m4huLaP+nJAjcHMnnNMWv2Gotr/3ghBuajFe1VHO72SBxK+Kh/VJQFFocsPhIHvD0SBxM+sucTDVlznDqwh5/RmSRLmjBBl/DZyaH2Vov8aokhUzc42ngBGryA0nWSCBPZ22a23njY3gnd2b3YAm7vqt0AKwGsHE6EqFluf9SiZj1Uc3/vpBLASgB3PKUBDrkOVhjgkNwF1t0d5gCW3zArAawEsBoC/iVrlp/vZqI2Je6zoZrlB8SZqE2J+wHgX7JmX5xokCrBbXGfqiFuK8FtJbgt7geAf8malag5E7UpcZ8N1axEzZmoTYn7AeBfrub2x4ObgbF5ntrnDuBIAEcCOBLA0RDwL1mzEjVnojYl7gcGRiSAIwEcCeBoCPiXrHkzMEIxMEIxMMKhgREJ4EgARwI4GgL+JWtWouZM1KbE/cDAiARwJIAjARwNj6pfpmb5cawSVjITz7MhK6mENVTCSmbieTZkJX/ZmpWoORO1KXHvHBhKWEMlrGQmnmdDVvKXrbkZAEpYyUw8z4aspBLWUAkrmYnn2ZCV/GVrVqLmTNSmxP3AwFACWAlgJYAHrOQvWXP7g+nNwAjFwBiwkkpYQyWsZCaeZ0NW8petWYmaM1GbEvcDAyMSwJEAjgTwgJX8ZWveDIxQDIxQDIwBK6mENVTCSmbieTZkJX/ZmpWoORO1KXE/MDAiARwJ4EgAD1rJ/52aJ0XbrjPLbFW+sJ38sz5sSYnnqn2k0ycAll9lKwGsBLD6LMBcvvUdpCBbC7L1JwZWAlgJYCWA1WcB9ttnIaaiq1LRVekQw+4OrASwEsBKAKvPAsykakG2FmRrQfYgw+4IrASwEsBKAKvPAtw6G0YMDC0Ghh4aGB8FHAjgQAAHAjj4LMBaDAwtBoYWA0MPDYyPAg4EcCCAAwEcfBZgLQaGFgNDi4GhhwbGRwEHAjgQwIEADj4LsBYDQ4uBocXA0CMD4+7AgQAOBHAggIPPAmzHhTypOhZmVYv7+NMCKwGsBLASwOqzAFtYQbYWZGtBtv7EwEoAKwGsBLD6LMA+D4aGvFR0VSq6Kh1i2N2BlQBWAlgJYPVZgJlULcjWgmwtyB5k2B2BlQBWAlgJYPVZgLUYGFoMDC0Ghh4aGB8FHAjgQAAHAjj4LMBaDAwtBoYWA0MPDYyPAg4EcCCAAwEcfBZgLQaGFgNDi4GhhwbGRwEHAjgQwIEADj4LsBYDQ4uBocXA0CMD4+7AgQAOBHAggINPATwp2nYdB8xV+faHlZMS9/STiuep27JpAawFsBbAegj4l6m5daq0qDkUNYdDNYei5lDUHIqaw7+9mhl2zTB5UJ4W3NZD3NaC21pwWwtu67+xmkNRcyhqDkXN4VDNoag5FDWHoubwb6/m38bzb+P5t/H8axrPWowqcU/PU/F8AFgLYC2AtQD+G6s5FDWHouZQ1BwO1RyKmkNRcyhqDv/2amYZWTNMjCotRpUeGlVajCpxT89T8fxvquZQ1ByKmkNRczhUcyhqDkXNoag5/Nur+bfx/Nt4/m08/18dz1Oi7eoWe+19u1E9Fc9T+7wPrAWwFsDieaqHgOlHTrwHojYt7oOhmrWoORC1aXEfTOLQ1L32nSgiFc/x/tMCj/nyqXj+6YH5JxRkh4LsUJA9uBxzR2CZsCsUwKEADj8L8G/9/PfTzyLgawX2x+L58RDD7gw8Fl4fi+efHpjJDgXZoSA7FGQPMuyOwKEADgVwKIDDzwL8Wz//vfTzcBSRiucDCvAjgMd8+VQ8//TATHYoyA4F2aEge5BhdwQOBXAogEMBHH4W4N/6+e+nn4cC+2PxfEABfgTwWHh9LJ5/emAmOxRkh4LsUJA9yLA7AocCOBTAoQAOPwvwb/38a+znSdH25L32an2vxXNtn7uBtQDWAlgLYO0Ell/CRqK2UNxHQzWHouZI1BaK+2ioZl/MiSkt2izu+bkbWAtgLYC1AB5os6g5ErWF4j4aqjkUNUeitlDcR0M1/9bPfzf9LD6Lb+61eK7tczdwIIADARwI4GDrF8+RqC0U99FQzaGoORK1heI+GqqZqNp0lRJdpURXDbRZizZr0WZxz8/dXaVEVynRVUp01UCbRc2RqC0U99FQzb/1899BP2uht7XQ21robT2kt7XQ21robS30th7S21robS30thZ6Ww/pbS30thZ6Wwu9rYf0thZ6Wwu9rYXe1kN6Wwu9rYXe1kJv6yG9rYXe1kJva6G39ZDe1kJva6G3tdDbekhv/9bPf0/9rERXKdFVSnSVQ5Noobe10Nta6G09pLe10Nta6G0t9LYe0tta6G0t9LYWelsP6W0t9LYWelsLva2H9LYWelsLva2F3tZDelsLva2F3tZCb+shva2F3tZCb2uht/W43v6tn39l/Twp2p66197fnHenxHPlj5609xHASgBHAkCJ++hTAytBthJkK0G2GiL744GVAI4EgBL3g2TfFdj3N5+U0v2mqzbPlX3+6YGVAI4EgBL3g2TfFVgJspUgWwmy1RDZHw+sBHAkAJS4HyT7rsBWOlMxJFMxJDf34fB2+Y8AVgI4EgBK3EefGlgJspUgWwmy1RDZHw+sBHAkAJS4HyT7rsB2SDYMS0VXbZ4r+/zTAysBHAkAJe4Hyb4rsBJkK0G2EmSrIbI/HlgJ4EgAKHE/SPZdga3OXxs6JUzs+rmyzz89sDCxSpjY9XNln39SYCXIVoJsJchWQ2R/PLAwsUqY2PXzUbLvCowiKLoqFV21ea7s808PLEys6KpUdFU6TPZdgZUgWwmylSBbDZH98cDCxIquSkVXjZB9V2A7JNeGTgkTu36u7PNPDyxMrBImVilxP6iG7gqsBNlKkK0E2WqI7I8HFiZWCROrlLgfJPuuwHZIrg2d6KpUdFU61FUfCSxMrOiqVHRVOkz2XYGVIFsJspUgWw2R/fHAwsSKrkpFV42QPRG4HW1v/uJcpU2QLSPxz5LC8Dqv1hmYMB3jwlzOfzKewSSNXvkmx1SNZrH0cvj/GtPIL2b5qpvcr0n6vlqcA769Jvm7yDskyPzCAz6k+wf4695/+p0EkZYsmSnt2cl91ckEQKSW88trzNt2Qn+dujK39VJJipTxzc+tk7GKFu91c9RyViJHJq4Jadr8oYSk3mA9/SxlE5K23b0ekWdtQgq3u9cjctBNSOh2h3r6+cympHe7S3u6ud6mJHu7cz39/hlN/Xbnevr9M5oIzr83MHzWw7O8/7QaGJ47JY4zevVyt9x9hfXb6n2bObQLUXFeUIKoXBA+tNvb26DkV31FxDlDN7rr1cDkJ/6cPP+PZz9iAvrzs6d0j+nVrBI/GCt+etYufl7PLi72wPejjFj7bdAud0R62QNKYP3AC5RINItZu+nF4QNPu9N3l9433zxoUrxhVm1Xhk3qBLj+la4oAun+aCfYjpiAmnoLrn+l6wDqPlzPSIyli9m0AzPGrbPGvPRsY8KmwCsgY50y5aVtq0wv6R4viLo5+rWBkgkeN0hDqtP+2NdOrghCKyS0GiS0QkKr2xJaBQ2Uk9AqpDp7hDo74rmZLyqz+MqbV5VXfFiZ5X3zk7ni2yPv2c3yDXXSwixvLlbe7GprpuCf8gvF4x56rEUET7LRAN7Dl5jgN21y//LrIa1GPwAFvBXMQgiEsyj55QYlv+6Ou4ZIm4K4TYeTyE11tyFS0rEmkqRDMGWUyK4Ke9lTVK9e2rKo3ojzt8RjNdirl6iADj11VzxD9OiPoWcEj0if2crUu3w3W5Vv1kZQJMfsKtAyXxov+ArHQAA1o1gvHbSuHeHliAHBn2Ejcn6JGbYHwDYM8V38dJifNpRycW8rlHbV5QZyWcB2e3tWcFp79Z0oV3fiku+qa6C9/ceuwVksTP628xxEiaRKkVS5haoydQ6K1JHu/SNF7fZC5OzBW/FLMsaOSGe+4BeYuZfMyDXb/fyqNIfz69Xscvbfptrk+EWfqDL3Daez3+QIXmMaSCj8+OpidmVO2kC3SyzsQCE0xs5FfllU+XkDBF30O0sHsAjIeG1WT6jIo6bEXi9d3tnVa6gCgt+revb6ZpE3Tf6qVerQI9ER0wWYi9hT+9580SkYuAoGQoJbrxxzDB0C/wTEUWpn7zJ/f+Qp33szE91UzitDXXRpLueLD+AT5Evw1bzvDfhuX3mP4I3JQftSiDCHloKgL3KvxsztM2LvIfXrmvVHrdqP65XBBIL56sB7Z3YvLrzlCvzphqSfDFRJuDoUFTcrSgaP8gX0QqUz9CJ/MvT6gChmui6xOBAmGPTaXJ2/mZ0DynNCBj5BMZ9f7O8B8M0Vzi50On4f3XO/nwvxn82VsV06r70cAqTZfwE9OfhPSMD8ZuG95iKW7r7RWi1ujNtOdcl0qA8gATug12HIy4aFa06U88tidtVQ60RGzDpoSRDO1YhU2pg3ev7uyrOj9X5lBnt3zW6k6JyY8sC7rKK9Zt7p3nostao88P7HVojU/Hzg3ePYiiafvCNBzVQdPax/1xIIst8T/XX3S3ZSf85KJ6o9lt210B4dreWURsX+BmVHQO+L9jtRn9wsFuZqdfHB06DkooYMgfAdVl0YHBFXPJSv58vlrHA77LJPpvXDvbbeb42Dx5QWfmFgCCzM4c0SU4M61CcEElTs997jGrlCfH2Tw6BdzRv+zlaCXEzx/o82x3sX28tNG17tu6ZKH1/NVhv1VcxXbw4asSWptqLbnYecAdg5l3rg7a4zqhfz9+qAf2v7O7C/Q/s7sr9j+zuxv1P8zTMzs2txf/XT7NohwdRortA5A0BU0uvGZTiHAHDv3uxqBU7zPazAXNSH3zIGRwVrBHo7Aj2KINiOIBhFEG5HEI4iiLYjiEYRxNsRxKMIku0IklEE6XYE6f7Xu24M978ASwye91qqQA+sQKm8BOl6NbsGjOD7gNIcABfzUXYWSkd2GmpQ9pjwRp5fvsK/H3hrcpspSP6TSMCpJNesSQ8bjoiXr0awYYEtCH/uP+482u3Ni4waY/yZapDxh1SP913PibpsDPMN4ELX4GXwysYL67kVXLd5ky8qBKhAX67Ma7NYOhS4rejpHCwA6lQP1dYsv5gt1+4Iuka8OrXGPlt6Vwbd43zxYRjpj+CNYVFEwAtLwoMHRTpfdpVm87PzdksUgz/uSGYTCN0u1nMHNE5sW2LAoTFKBqExHGASdkcLNg7RSEGXi4I/w24K/rBYNXZ/SLYaawoydoDChH1YmOWKVt8W88sZyN7LsnEmhhgLdaGAdiUTpOn+ztuKe3h55O2RrpHyWpn3Znl0dOQIqIlFd5aP4Zn5Plh3bmJvgJqhHm9P0uNUug0LRmV03yrQnXKK/nzrmkcDrYZyA2x+uYuO7gwV96shMerh2cyjNXiqKXgcCpNQd+UeyMJ4kjXxABO+njw4UI6GsDUNGcTmGkE/O5alT9CnxGT1azfQXB1K568fsezQ8/PiYl5uhNWxjEO++x6/7vHhoC+N+zSASpIKh4f/hXc6p8Fq9bj3+Blq3cubFa+NrGcwhmgFd5g6fZD9m/W7e0+/QPdidjWo8i7QokOBl2rIyuKCORfRg0V6dY5MoAuHor8Yv30tPh1eG+3h7y/Cb1+DD2+PXy7ubF1717fHLxZ1t6+5q1vg7y+2T1hrT29Df3eRfcIae3hr/D3+j66t61vj7/F/dE1d3bulEULFDVrhDP2vcuU98UltPffRnR8a5BcTRu3IoO37xWusuzsXLl1M+HZ3Fm5IseSLfi5oX5y7dLiObHBpNfxQtTYfOfZMTd4t5SADFayKveXKXA851f2ISE0JiKCS5SpfrNDxvofVPDIzqObC23u0mfW55x16OJeN7+v5xcX8HdqmPz5/MuDyWcRvVqvrr+7fN1dH72ZvZ9emmuVH88Xr+/jX/ceX+Wvz1Wm+ys/Prhqbdv5iBdICftn546t6/nD+/vx0lr9e5JdH11evR+viYHLLcm/z07U/R4P2Zw1R0DLxHrklC3RLSBUEPJSU3UCw73l/9mSZbyAuzfbhIT2jul5Cl7wFP+fIG/OPuE7tqDNQcsXYV646cf59qE54Ol4tDN4XhxC7s1cMHe224S1KL6jmB3Z6BzQNsEuomgBUzZ/t1A2+1L2X4/g3FdHMzBp/oyoF/nCNv/XyNvijNf5G1Qv88Rp/6+Vt8CcvSZzsTwd/+pL6vfeSOvNii9SMvYMxYkARjQ5zlzIU8Mt3+bX3BIh6PlzMvctxAX9fDFmMAT/+lph6brQlWqrQ2dVPZgGBZMdH3e6gooIgt9BN6l57ImjI0N7VEeyhd/tRd/UD3dR/MjfQTX0P/V29QDf1fSftjk6gm/pP5gN20A+6sHd0AXvo3RHKNg9wwOeSfw9GsWZph55jSbUTwY6tlGxWhM95wUUsgTer2I65mZE5m93Ngsku/o3Tb5tH7phvV84t7AoY+2gMykbuEso+GoCyOFkL7RKUVEtTZxt3bS3b8YzsnWg/6mylaC2pvTCr4Q7HuYQyv7goILSGEl81fcqFmfMbbI6XKAZjYmIJA6Lg//v3STzufwdvjq7fXP8/SCpv9fjCe3azMIfPvnvmzS6vL8yluWJjsEQLCW6kqQ5plfESJ53Bs8xxtvpqNSt5mhprXHp7331/fLLcpwjnp3wxm99A87DKOfis129mJS2po6+8JhaNDRPwx6VZ0vs93CzhXdrbWe3lP+WzC1qKRMT5Fc2nL67yiw6tB94cp9DfzZbmyBMrrcub6+v5YrVs++tfrWu+rPQBLmjT5TCLD7zlm1zxtflTR/w7SMMDIgPuI6XXOB7X3v/8Afrlrd1Ygjz+6qulWf2r+QCtaG5+xvl47HFTHbgAbKP518+8Frwwq5sFrbh6yF+UmTk0aGkqbzWnymnzBHaqxwuywPyLGXDq4vV8MVu9ucRKrxfzn2YVVovNWq8y3wCaTR9g/6NLQB0fUjuj9cv/+cOa7z9ChdjB1ClXOQgFaBaOh5bwF09YA4XQUxaUWmoDoNV8frE8mplVTeHPm9Xlxf1FXWrlh/+0NCQXh9p7/ugEn/x89PPPaxK+MwuzC3VBG6BDPfM+RwFAEX0zf2enyz0cJeAtFYt88YE62fsGxfNbvv09CD7dwc/sqry4qczebntc7NJ4/qIptWOX16/MO9FXe7vIR1fRw29tb+/mRVmZ+nWnkCnfzL0iX5o4RD0JpO1ZOOr2DRSDeb+3lN9ft4L+fvL45Ozpi7Ov0KO7nC2xz7CfcV2++ODBgIPOgt6uF4YYhN8UvTYHyKT86gP6e0tcXipWOaheGJE5jOHrD4SZ1pwA1XJer95hv9KwWy7n5Yw2wFTz8mY96Lx6doFDH/v+3gsLcW+fKqpMfkEYecOA17ymtc35zQo3Jq8Ws5IHL/cG0tK8vphdzmwttI159vrNaskSb1dGkOYDXDWZ1fjbUBOvbwpwlt8ceNUM0Rc3K3i4xIeluaL1lKvqPqiYpblg8gDLzCybtbaGSh7nUBP6xrOVZdkSn7x7M79st2jGdNUwUqFqGprAJ2Ah1fwXkGp80p4wKOdX1Yy04EYX4cjKizntf7r+QC3GHRZAOVOD/XK96XD7CkSRh7OV6KoZePi4ad3Cow/EQC5wXho1YqPfZUs2yuDH7868Fz88+vFPx8/PvMcvvGfPf/i3x6dnp9694xfw970D70+Pf/zuhz/+6EGJ58dPf/wP74dH3vHT//D+9fHT0wPv7N+fPT978cL74TlryO+fPXl8Bs8fPz158sfTx0//2XsIsE9/+BFE+fvHPwLiH3+gSi26x2cvEOH3Z89PvoM/jx8+fvL4x/84IGSPHv/4FHE/+uG5d+w9O37+4+OTPz45fu49++PzZz+8OAMyTgH108dPHz2Hms6+P3v64xHUDM+8s3+DP7wX3x0/eYLVEb7jP0JLniOt3skPz/7j+eN//u5H77sfnpyewcOHZ0Dh8cMnZ1wdNPDkyfHj7w+80+Pvj//5jKB+AEzP7bhsKPX+9N0ZPsZ6j+H/kx8f//AUm3Tyw9Mfn8OfB9Di5z+uwf/0+MXZgXf8/PELZM6j5z98z41FFgPUD4QIYJ+eMSZkf7uXoAj+/ccXZ2uk3unZ8RPAB132tNetm87+Axhy8xo3BrKO44c45Y/W3hOKj9+g/Z+T9/wvs0vvT7PXr8E4gEB+AxZikdeL+XL1B1ClR1dm9a2tYC3P33//b48ft+G4iB2ggNRainfv3h3Nr+HZ/GZRGrIWtszyPgzJQ/vHEZoQzwMh8p7wkwYfGB36sfiAIjAwYBuOGCNEwq8N0ojl71t36J/+8KVtY3cHamsLKxtsYRD2LZLGo/px/vr1xdrdd3osFgLUPXh0YIbI9fzu+MV359//cHp2/vjpj2fPnx4/2T3waAOQC/PaT+q4Qu/A3cI13SWoBXMFqvh6YUpS39BLaOejo+DI//JoCwnf4y3UDz96iIRRCt7NF2+XmzrVkd5a56ZKL7B1/tMfDtf987fhrq7HxtDImDourL/l+cAbvyV4bMhKy63yAkxwqzY7jS03a+ML71m+ACcMKmwer1/3xBc8lbXs2iLACe8xb1jZPBzdjI0Q5MFQxV+7NpE//LAyhxfm6vXqDTkjuInBsAmjqGvp3afJ6r3HzUDBvhndQr5uwHHj5n6CVhRTqCfJAv/kGlyUuxD8iTiO6zl1frE0TppJEtasuTNdL8CBWi81TBYEJ0XgEk8igwKlj6WCP3QdZs8PN7hb+N/BSt6lBz8JifPrvHLS9vjq6pembTZE2ynvbfJOQBmuFjflar446pN1jYqA9jbNkXiun0VjU8jGtS392SGw0X+SvvXciTC9TYhmYzIuKFb5cCuu949sb6qewdnd93prgtN2Epr3K/A2cKHuYp5XiBoJ2d0fWAccMHi7zTaTtgkcWh8Y2nY2QNHlJyLp+7vQNL4VbnrljSfUrX/oU8LmO3qr1Eg+9jeTYX25fmHs/BAqDlw7Jt+gJ9n/itswy/wKYy38UgQiabYLjkHgFOLBsfF2ox27gm4HtdRpjo+cNt92PCBsY63956a1/IlL55uPTbnjJVbuFR+ocLkZ8xhN2qdrwwHOFng+1XROWAXQ1k7dxr9u2yXRYgtuGy79j+29vKXd433nUmeOPhOSN9Rba6Kxz6wOAxav5hfzd2bRFlv8WX8hSy+cXxvt8hzm7leud3ZGs/tSUIROhdJf48x1FoNTltLf/eKuAd/Ur92VA2HbKo4nfgi0ac0WjNq/LUYdbWNP4PouehRnkIZbcIbpbXFGqsfmDs44HFqWmCZGbvyX/KFdR0Hjt4suG+b97ncQ+57zshPhPKCxd45z08u9/X3v927T4ET21aBd+AQ9spWz01tOptL7/SC1/YZ89AdwA9RtkwAL55YBZ7McdY+LU5u/A0qgVWBAQ62butGd0ODvmb7TaGSvx5B3sql1eOCP1friu2P8zOYjK3bqsHaJEY6Me1gjlLtOiXBsPWEr6xpHriH6tyYdhHGkg5yt61bpVAebAuOys80ItMoMqB5325pI+yPa9r8ufVzjHSXvU9mwhqZiyOXoEN0cTQfPDrzdc8TqjIPGfKKeXG+VZ0Fky5JPJTK6LZEjcvxxtFjEtyfnDla61bfa5VVtpRUx357W3jgaHT8j4+ajea12B/ejNDtI8PRJPjdyYa5Nvtor3yz2/PdBvH+wrl8isc/mA3DRiQPOGYCd2LMjm80Mdw29Vub9avNuUiBJqxQE6AjHrPc0W54LfjKP92/ryG3Q0hfg5vJ69UF8c7bv/fWvWNGSqJUvBiehhry0tZhN9dSorXbm+oFdOhJNPWDGHojJhDtNQk30DNrUUFjw5jIvt1B04NGc3Kegq+nGoS81v/DuHV9fX9hVoyUdb0JbTOhr3Iv51Ws+8+TKe8hnrvG2mnq2WK54iqGZUbpZoth+Z9fwzZXdqGLcFeMPn9mWX628J4TbY3lpvgXNy9VNfkG4V3MeSqPblQ8Pb7f7ZmiL++bI2Qtz1ZLqbzea6/e0xekc2rigbWndHt0AfSX+cn57sq7T88RJtzt8uK2t78AjNbS//7Xtt/v0ZYinBtCtYEgSOqkO/8yTZi4xsOgcsyAC3dEDFlUXBie6YBt14zyEUtTeBl24bXxJHb69sdEoOm7s5fXkxsbbqBttLJfa/3qNLmmjk7PAnrmAofW3oUj/d5WnU2/+b+nKiT3p4srQHL616s2p1lzBAX3LbSe5Rl2N5wQupnvtAu7ezB6Q6VhOG5+o7qzROmaqn1AVW+eqL8bo/tMiv74Gu4KLEN+fRsNEtlfvuh7S5RCZGBrs7VwO0shHA3/3xS5th8WSo2yW5OKswqenF13aiQQ3RUcpHtg6gus535/qHv0vjJm2f1UFKsNdq/j75xHH9u79pp1sWB9tNHQmQ6gO4BLDJU4OPO3DnyrWcKfgmdIhbrXBIjFeIvwTNzkr/FMHUESHMObi7m56lUHBLMWCCWKIsGAAf2YaL/BWKXimEFhF+CzEclhEK7hTafcgfy9BejA5nvahvBcQZIT0IGSMLyICR+KJbo14/QDfIqxCksMOWhWkWBIBNdKskOYMkHkJ3WELVYgX/DNKsRxWn2BjuFLVQalDahlWTqRhyzRWo4igGBvvIw818hoLe3SHFQJiJDfoUhkSMdgo6pYAS2F7vACfZYgjQIo0VYNvM/yT+gtbo0K4i7r5SrwAmxwRh5BrSJUOkJaMeIUdEWEtHvKHmK3xQtQkCJtQi6IuuSmC+xmyDcsj4YpkjLiCQF6K7UiQNBQTD7EplCwvIpZ3SVURFo2JbcjeFBFhn2iSHh95rBFlRF2NdXnYGhJvYnmUdFEqooO6A5Er5FhArESUzFlqCPLBJ4FHwaDujamzkGldtB7KjIc9pEhIEqSZhDelUYBvNTUZkWWEGyvFdnjcQGpHFy1CewkNT+wwJFSj3HgpCQ+hICkhjiNlIXaATzXjJetSqqmJNABCGtiIl7iACSwVCpRHAxT5ATixX5ALNFp8agyA9XufBlKCQki9hBRozFLroQRp4rVPlBJ7ECN2rkfahDpXd+Xfw7wUnqIhhf1FyImxmujD5mFrFQq0ZvnHO+pIksOgi1L7pCxIsEnskGj0HzwiP0KBQmnVAUkmsQYrJOWTouD5pAy6ekqxriENRwKIpbCzlCKisXcUiRFWQ2KUYhvoQvov6EkUDklP07ggSUa+kWDj4FREOSnNgKR1A9w7yvIFRT5HHgSu+H3rs7yiLfW4hU2cSLjDMzkq9g7xtEMO5i7tR3ytmZ/Lo96EDwLjhA/+alW/Y12sTXx46aZPr+k7eWPKt8ubS4GkdEwx7eOYaNGFK5z8Sjztf/RvScK/vnxAX1l2XH8G+YsF+Ys9J2DnL19+6YwS8NR1NvG4136+WEDEjJ8YreyXffnKO3n5l1f4gcrNRYXbRHADBYToL16W3nuo64njc7L793fKlzt/eWWbtLN8OV9AkHv5EprwpYcv/oxf+fayoViC0P36RuyYBl/k0FQz3JqF/gluPF3l50uTL0r6vuX3UOABNuHbA/xuxvxkFgdbqaZfWKhPwjTi4Re9oML7rqbwuRf0fjREWJdH2dwpXSL4pZ3Z74tecEQHSuIRa/9twOHzHt7UtRGH8+68d8tfmLplOTzyni3m5Np9b3cbQ4Sh4kMcct5D2t36vymhO++BgcB5FdNHopt+cHHclg00lRWQf+a/RjqC4FeuUThAdDpCtD05xBZ/C8VDLP52oHhD+1v+DtbS/hbJljK4cg8Z7j0Jdjt4x1rVmhEWjjg+NdBtJCk6wm2pEOQOxsDvKfzdaMLbxje8YD0hxHGfUQLg9Fnp5lvTf4JHh4Dy/Ein+Tn9cU4fBl6tjnR2fr00N9WcDu2yBb29nG89W2zfE4UOvT81tX6OCIoXopxBFE7V9/dOLm/ezJezq93+1Lwz9rTIxz4HFrqn+YBSmuXWok67Rv99nPuZiTHa8t8XRZzkBh1G/31QxqYO0OX23+dRWNdRkON9pHwT6aTG+6zwozhNS0qFVqdBleUFlSmMX1Yqa3sUboJX9LkniBGf4UPbAaEHl63yezz7HWivoDOm+euyGg8/4g2P0Fmb5+UN2JrFfC5KEngcYi/jd6X66ChQSnxw3YS7Q0cQ+u9DkEVdZ5T2LYFAKgzRxweeRaVfFyXxw2RFVBU58y+L4lJHzI+shiiypvKZDupU5yHxtVBlZKquI+y/r1I/yXOuDGKzICp8AoZYGKKBwhDSyC+TqgyIIF2YqEoIaepXplC14Q6qSj/OqXNLlRU1RhXdykyYFXFWUgWmLkyYoNvvv/drAKnKmCv2y1yV1NO6MpkuY2pxmCdhGuYsGWXh5wBABMXAqrTKe5VlaWAiityh+WmgyjiuiI2+H+ikpBYXdZQldclUx8b3i5paWUV5klHAD8TFZR4HERENMXOms7jr/gKlSZH4OcuzNqrQFLUD1RXQX9VEaRQEwDFFFcSRnydBFHILYGTkBfVfqkpdZppZqhOty7TfZ7kuapPmilum8jgOCbjUYZEWCeX/LJO4jFTOrVGAMUXHHO7jLPNjTRXXoW+CiImGGCjP/cSRbDTLw5LCVbg3AaDlhIQauiNJQmpZEBZ+URZWGlXplwVVHJoqzfOQ+6zIyjIPqS/jVJu4rrsBD7AiTEFkDTU/SfMoDrjz07BMk1Sx1JVl4msmIvMLU9c1VZCHEXSVIU7A0ywPatuviUrSWrdVRGvQPwOLc81O0EweTDUQEAhI8DFZm8DNFXioeMQpWInLeUWBMqcSgBgGNQKEKhbfl94e/R3FoJn/X3g3HrCg+8bweztrDOvjivbb8c5LW6RxaHGYdoh+Z7xqfrW7ak4WWH8nxmt0Swja9PcPaYGwQ5jNu4bbIHEe2xLzzTf8oVuHp+xU0kd+G8dyeUNGEDMkQC2HBZ6N/ubmSvqYO/zAurHL64vZChiPLOjESnz2ZVOczrXE256x23k3doKm45g1cGXdjpvhY/D21hnocBVpdz2jbxfFzylzmSUMPO99d7jw7iW7f7gQ1fO02g8wgQdad066uZzBvbkCI0X8ewdOGx5qDyKIbz4c1nhornw51GZuKzQ6DkcavbP0xXEt9A3s8zkGjHvQhB1K3RS9womD/eGDs7ZCq3Qq9Atirteu23m8+85SbSFcY813pZuAszuSTcC9sIOg3tmDcxtwUB8bXsWYXHSJg88+SeiB6mchdAmR8IbIVfspv7jhA2npy3wS2DYQH9sFCnanwEOI8VRE+IfJOUAx77yGf2/2xWa+Xo3f5zDoL+bz623j7q4imOPE0217MMepqDsAaWcegp3LHCNFKAEqeacYwduUKcfLFFzGVdVKdyWDhAEo6EsAc25wDBic3bstEwxOE94BSDvTH4CKJMYZbHA9grZZhz2/moM4GrR9O6/dDFJdBr2hAYLSi3dvcXTZ4fNqgGe0PfW1C/trfFO73tT4xrjemC5BOIJWzpQYlNWSpoT6nMI3hesNbrXbyV1v8m7NK2TDqifELlVxXFVCKewu7YageZONcTn36nzRBhuL/+h9q1ug7EsfuyJ3nafeL6uwbDGtLKpXGEGTygZYtppWNsSyZlpZNEwg1JPKklp/Pa0safw3tzjDC1yx6qa0573OMIgVyn+vmL0+BM9ill8JlK35gacpujib/tr0xobXG05u+LThwqaNtgUfMQMUpHyyE9xGqr/e/SlmWQDv4CzLP9JBBufmPRjG5d7u9/nqzfnD2Wu7ucIx1WLPtDmfY9YKKn9/U57OaxrcI26nCvBwOTq4i+4iXGTaedvfqWkTFL0dzEI0PHFDgmarWY9fBGuOgSdZWTa7JKBUX1B3y6IosiqqSuVHGUR+IDS7sc5yCJnzIE7KKvITfJapKPNVlAcQblaVomcQp9emrNI68U2UBdmuYyTsxkkQ6DhO6rqESD1QCJiaIgzzNInTKFWRomdV4Zfa+FUc1lla51RBmBRRmKoKIkMIQvNwd3j4rJkBnJ7AjMj1feFuM9lVB0VZZj4xo5n0gmg2h+i/wGfN5FdtshBCX3rWTIJFtaogAFZOZjSzY3llIJyuqOHNLJkuAhOXqibO2tmyughVUcVUQTNrpoLEaJVkDmZsc9fSMW/NSpL1Y/Hgsc4w2ZNFumtjLjT0LTSE6eUMJzj3Ymc2pqbTttVri4zWa8tsrXeLl719ztHC7K0nDj9m3jH1xbxj6GcdIzGa92S3mXesErgxGoP83Wb+UQemjqOyIjG285CmDKug0CRlzXxkqtKsKorSKbLNRGUdhGkRBTQmmgnLIvajylcZibGduMxrBYMi4zFhJzCrPK5SpVJnBc1kJqiWwNchtaCZ1AyjxI/rwuCzZnIzNCYsdFoSIXaSs4pqGCpGOytoZj9rnRRpFlPTm1nQoFBxFhd2IPJsqI7KBHgX4bNmVrSs40zHWeisoJkhzUytwpy+N91tZkphKNQ6MgE+a2ZM0yIFvVpE3CqeOU2SvMzKOHJW0EypRpkufJ0QYDO1Ghv4P0ypgmaKtahCVcOFhMFOtaaBUlFQuCtopl0NaL+qzrnz7PSrroow0MonKbLTsKChcbaUWNlMxxbG1D70jbOCZp42AELSuiQWNfO1WeDnyHVikZ23hdJBqrmvmvlbP/dNbBLfzSI7lxsCwRpsDfHWzulGpY5L6D5im53bjfIy1LmhsdHM8WZVFhVBVbvtmJ38TYu8joPKMG95EjiA7it0TmOjmQwOE1PlwE8eGzwprMIU5AptiKOCZoIYZE35QRxyH/BEcQHEBr5PYtpMGFd+nWbAQHpmJ479OAoLE7hZ1MwoV2C8Iq2I2mZmOYriKM+4k5sZ5iiBYeDrnPrAzjQHuigqVbhHcjPrXKQgNH5JFTSzz9B2lYP+oH6xs9BVnRpTZKQ+mtloAwMuTHN3Bc00dRmVWQRyQh1qp6tNEKo0L62p5GnrJIkDqJ/KNdPXYE11AcrGrSrsVHZUwfjVLEXNlDaoH7D4MbGomdrOVQ39n5A4N1Pc0GNhkBm3Nm3mvnUQB8poYlEzB14ZcCVgpNOgsnPhBUgr9DHrIjsnDi3SUaDdUlTmOglMaUwOTpfKqAWVSqFPykQj9zT7cyav8qSq4rIyPmhCEuc6SipgWg1Sa8DFc/cB6GMfPCIYsApUS0HS4UNfgBqOco2qISeZV6AestQPsSU+jAR6ViQKfMBIgWYJE+VugU6rIklAQgM/TKqUxkGgwfkqkgKUZaLDLGAnLDPgEuUKhKEwBbUU+qgCpzUEZez7Vejug7AsowroAkEyoS5itmhJrbOsrEEFg3tFrYrqsohBGQZ5Bb8MVRCXYaiytAzzMAG7mdzFCfPHvLC3Y37Q2yEPaPBImuaz3fUJDXjsg/f7Tdzw1dpz+rzrKwrcclxgoa2kmxUW+LO9xMIPoDQtssBf21dZLA6xzNIcbJ/8EussIa+z+J9itUWBQ3Sr5RbgxS++3sJfEw2I8NiaS7qPU45u9x5xTosnPsMKjcF50Q+3W50ZH+aWRdvSGXpyxeTwW6gdDxpvzdOqsbyGE+DTu8Lz2kjiSE3lXtbxm1556QtU7+coFPhUOfc9Wbil7wLRbpBbM1cP8Tabxpwh+Hhi5/TgmbfxZN6qO/KW4JbqFrxdr3Nt1rYOv8Vjdntao18cStrFj+ll1wtmt0Dfm6X/NKtqPDNvZ1QHGs3z+naudahMuS6jB8tU6zLBYBmzLhMOlqnXZaLBMq/XZQY7c2d9+MfLRJbpsXXy0uFH68ed3D3o9KBGG4IIwltDdCdp8Of/gNqT7cmvYKw4V2acJZ3rMlSy6JWcyBtegb0Dcywg/LoNe3TDUdISw4uvU/hoBgzGsCQNQQxL6wBEqP4GzcIteUZy4lxlo5KvOyUFJC4l709lQPnmbgzg5eg3g/ZEFFopW6p8M6XU22YBe1vB7SvdY2aXV7zHSvDK91gJsi6VJWd05XsMC6+Aj5XglfCxEnmLM7/gSvja9hMh7hXwte2nMu6V77XtZ8kZLhM0Zdwr3WvbT2XcK9xr209l3Cvba9tPZdwr2mvbz2van3clG9dWHCmKIGi85HDZfvmPbgW+M0uvuKGkJZtzdI88jHYhmH5Dye0RVoJizhpRY6PBNn28mtP3a1DtkejV/lPtfBq0n451Xh84kk8FZ3HFeD2V8484ldMP47EdR9Kf66NPBtC7TkKQcbT7yANKr8G2qXm4frllXd/OCuAU1GrwXX4p3uHZ480nFeLA8WmHJbT3N0GdB4TdcTTT7OoneOHhuasQfGCh1jRSvsQ1uT2F0zq27D7GQl/32LdH9bTKcda/JlntX5si337LxOAmKaxg/JwJYjpFif8neM7x7CjLW0zdW/N9f4ixTqaN8ezp/BPx6uP4QXvhAN/g0RL/H7VMSslYq8DO9Vq1Jg6nWJfeJdi7GaYsu7lazl5fmaqZyJoxqagpX8xwowtu36nmZimnP9dATWnOREflN4dJfeFdz5fLWTG7mK0+4PL2/CezqC/m7zzec3PglZix6v9n712047ixs+0r8D3UaJQhGfNQ54M9cqaOiTK25WU5M/+/HIWryS5KbTW7Od1NHSafv2v/Nt4XdUB1dZOU5UkyEb1MNatRwMbGxsZ+UCjg1QRHWV2oZ+yv64UUPJwgPLIum9dB1TFxcOs8GKx9TfRqst7Uu08AaBvt9PT0rtbZ2Zh7TyvoGlONhbs3x7heTgfOu1nuI99sL/hRV6UH3CzfHrrH0ka7d9TTMYyC6d7VyeoljkhTs8JKxPOX9eZcLppOvpsS7tKrWeHmr22xWNrnT7o0gu+29U+9LPRse+PUPsd7RvxRTxiaZHeMNVeigENd3DHUsX/7fK4KG/eCTxfrm9lKGdB7xnOca95lNM0Ks/Xg1IrBxvk9hzCt321Z14POvOgtXutPhv9Oy3CsC1FzyiPukm9nqvl//Zpmc5fd3Gg8+dAbuW0n307bDPxM2TVA7zDP78UFLK+3jvPkZevb2+sL0dE/14t6NdksVWfT5yftO+nx1z1msZN49GDE2cJ9Vb875JGsK6Rt9kqMPx2J+OlIxE9HIn46EvG/0ZGI9Gaf/b0fioh7Hz1di3RS37frR5YQ66bT1fZZiVsH/IkBF8++OX/6/PzP0hme/fm5emleHXZyqzaQO9SjoQxM58+eY+z0JC578uSJdSDpDzj/1kiiBzTxABaHCL0koGu9dK4c5stX1vXscrVUUcP17K96H1flnV4ih/n8vXKJEueupFGnenfV92rh/GS2Emc8mU50IA0/0wYK8nk1u6HbRnkjxVzUl5N2pOzvQwzvcrPc1PQ74m4uang/HAwtdXp1Kxa24NitnJFakYqqWfXLU0yrfP88xeavrEZzis0/NjZqBN9c98CvhtHRyKaHquVaaceGYZ3hUXsCoQqnd7SxEcKenekzgtQGRWIq6gHfsjmMkmp6C7JQikDDqrPAF6Jk2JwM5Itm7krL175GwJcKJvPZZH1whPtPjXJn9anVS6Pab9K1CfbteTvBEgPOkKnhopHM5Iatoq+po0sxlk19Pnsj5f/ud3dIuGs/iWFera7NcH1boe6pBZ+wnjeNxW01zvW+xLvqdmoD64aNceorNauwZLI+NsqTNH+5FdNtdxzSDu0sfzVZvKy/Xr48CVRs91vk8tWx9Yg0KvEjTnpUdn5Rv5q8kQIfneIw8yuWaBSzrzJq1B8qSkUWyjAkVpW4AoeQb7BUSFpXu6xTGAG698Vy88ooDgYnUp+LqXkuaE2XfMGpuS/6yY1blRrWooeX4gluL04vl9dKJer/k/Xq8kwqfXEW2Y4/seuLcOqEjuMEzsSNw0v76sq/cl0vvkrcS8e1p+FZ/W5zpqve/Ht6+duvA9uOf91CqU/9jyrS8RJ3Z533aUp1LX3Snij7dj1//zfSHQRSv283M2gttncW/LY+EONWra5sZCaIqwygOb/+uInOl1egBHqdyYarw6Ci7qA9VV812T15M5nN1dsKd7iLPZZNz6Gx7FwdkiojFUbEP0nQJfGNWgmpuopa/vjVk91uZE8ZezzK9t7JhsOG31XzPevNL6nix5XZlLJnsc3Ez5V6kqB2QR7O3asvnvCrsfe9JPBXEHig93S/aB9W3C6ac48lqANB3LRn2UodgNnKJtSU2SnT8NGH+LqtUh6pWp9fTCQtwo2W/ZQF1ldXAkkCFY96PDutF7N6qi5+u2S2ijYVykgOtTqb7718WW8uB885qIg/XKkCDw/OpvWbs1uqWhnT6mJ4aMRQV7/RulIW2vzNowit/8S+3LcrGUTU8lQJqTgtyK3xfzNbn18sl3M1lCvFnEstEWceHo3awZUKulSR7YrNO5vdU9FEvZEg7VopRE2btn1ZDwMyzjQ2gv3yTOy8Xc2/+Nv7V8co0lDgGgcAUoHdCH89eX9BT3TQRZcjI6EaI2VYX1ziuGKa6aXaaFHVlbGO8n9G8cqFTZcqhJaGeDlZTcXK18cIytQC4eVCpLqomxB1pudDVLiwvpRIeMO5YjVbrSzM6huYNRWzkbihb+tG2T27J5Qvpd2UbT848npoXHVsfcPAtSj/dP5vjF7HPKOe8TyzJnoK/Gapngy8VdPobyRUX4p+l2raAXPknCCbSEit38PNn3/3/bf/3E6cqnhjfTmZigtRMdnNe2si8LDuPR7Ay7t41e1SPU+VHjV7x8ZTWzPSE0zwPpw0hyhFWThmbph9vXgzWy0XmJGad++r9ieUgCCr+g1OPW+ynE42k+aMCuvydrVS88n6yzZzlei0+au9es04QFLXaqnuZl3Pr5Tg8+USZqdHz++eFm0BCmuOEYspM+Vx8QrNDlf1XJz3m3r+/qir0mSNoy5e3ipYmWxOLRm6b98pTYvelkrhwrCXr6WSwkUXS7FgVYBaJg53eKxcQKNuOiD54qLZbE89G1c6x/MW9axkXkv5+gEJ3kFspz2Xqm3XTR6ojWoNMYYLqf3qDb0LZlBVp5rPXktF2lJeLqF95mtt+FZ2K7EYP+vC1xZPe5muVYgLa1suGq+m+zJOpL1d120helfP066Em3qp7OqNOJhN0/ySt/wlMfHyAmYgPfz98lYvuX+rjh5RYqrDAN6rDXFUy7ZT6sphLecSSi/VS+76vHnldjqsnWw2k8vXtbpxMeWigEPnCDpRwr1nFWSce3z+vPxeIhw1al4uVRMpH9OWo8+ZVUcKQNmH7hH7IBvrp9v1ZmhlsOO1Mt7m6Fpty8jkRMxTOVDlidpS9ISqcaeKCdUdgg5K57h5Vf9FLFAfI3ujZoIwFawPhcfEoYzks8XVUlVnLe01Pe28h1ReTIM5oS0G+bB/r7AYtn1nn1lCMhVXSHQ7+6uaJlDvPWAConv4p5qFJggXAA8godDt1dW2mF33V6NdUzGWc8jeqLuxLnLd1cPIx/AeF2r+iIPUkSB3vVKz6WJZYqGdQbTPDwWJb685NaxMuy3g6haztLAFPL+0VIMv3y4MWaVdXtW9PWx1JN52MfSWfi6dN1EGKG16sB5kyBRN8IhRY2npSEcCkjdfdjMe7be9SMgc0dFZ51NDQb0HQfLVuf7qfIaDtdo/jMeESCgmI0QgVl6rZ4qzxUyh1+GBvuW09/XB1r1NvpcTiQLO8QihXvXKM66bRZ8/+7qQ7vlc0Ycql89MmyvqbKz2D+sLqmEYaA+q+Zsn1sHB9lFXOsHblchwfjkXJ7t7PUxPT8ZaOKWV9S6tHFvGUvfxuh8cjKURc1htBmusH7/BwkzxierfRgc/HqgrB2od/PBYimF92cnrw8b7ba1M6if57tnzH/Ym+Ody//f5s2d/fFruS/LPXz/L0q+f782lbfY9aXoG0wvwj4Zrp34zMKUfDySAXGwOXow8jN9KM3jc3t8Teivt559/OWY7Q0PbCkiVF9vdeR9u2WKsgxuGaye3za3/7R3GPXQSuzI37X23ezA639ihStCA4R5+M+oIhw2D7tK7bXuV6e2CltG3pOEy09Fjnvo377pxh0vB7iTW8+f/4uKx90QtV1jXwgsbDpxC4+8uMcPJoa97hLDBPNcKzxqa497atPqlTXMuWqV6+icVrtaMsfSQPesdVoShVaKZRwu17c2jdpiXuHSjnHcKsfiKjMIIjEXKTFXxCG96ifPBXPhVV06zxOhGLwytF6jIBPksVcClRNXIiYBDp5Bh9XKy6b8gqRd/MigwJ3NXs5fdYtMhX6iLp/o9VAkJaoGgyaaJbvm041p1RsRUao2Qye7/9v3X+ycYd5/Y47uB1555F53unu9sSu0d28jB/wjbikBGmMhwoUT97qaprjozsOeneI7e1tlFGFBOrYP0wHxddvZmX+qcqc0p7dnNK4TkK718a7JuZz4Wws+nL5dvLDwMvKhFlcIKczyar9ulHYvXdyp2fJ9wPBldvlxNbiSKVM/YxMVIa9d6Uk/P8PH51vnLZm3Kb4taLW9bc4rgXDmkfj7namOWmcLCnhqbg91GZ/Fwjpm52xSf2abl84OjkYPMunhPvS/bptXPtuQTj0LLf/h+bG38zuNhx0T4YaU4v3iAIO0dh82MxUcU5yGC/EoifJ/79xZB0o6+njBW4O6jdruc0ZFG8tOzR/segu5cGMjM8Z70H+v3OLLS6NG975/+6VA6+Oi39UJNPuTCMLPFrbAaT6toK98WqUbjbe80JBLTc840A+Mxh/is9NvnT63/Lzn1nDv7/eV6dXnaeJGzlzL63azPnv/wzdnl5M3NWbMaan22Wrw8SzxH/qnfbU5vplc7M352Uy+eP/+a8zkY+jB7q6bApmpmRLlYjGt6TpHeY32npIPVEpMb6USYz+WFM11u8++JF7cP4K5mN+sT59Q+U0XiL9jA6aVRzuF0qUIGnK4CKR+JHqlGKz11T/1HRztl7DQupiZCXWOmpPHczbpbNYK0izQ4vauPj73WY/l79TSrfQBlHYo5G+XIgKpWEiya51pq2dwRZmR69yt05iisclcDTM8e22WuB/3d9t6+mqE4vfkEEx11h5roZwNY5KpeROUiaNfmAYxbT0OwhkLNCuIpIsISNWGAoevRVC1hmb9/pP6YbbqlyVyVXC/EPcwwuTJbdw/rZtN6crpVTvMNZmjUHomYWZT8b/XMBSV+hAfWj7BiYyKB5ewvtxKecENFdcNsM3zGMhsZpHuV2trG+vFqbFSfqdNX3mwnHg0BVirxbCRntIV6+2Rluqjm4+BokWapr7312KVb8HvWrEftvBM+HfZ2Ann07/ajLosuKhmxoHtYTz8Cwvttg4L7yu27z9VY4kax/YRvRhNqpX651QH6+tS6vJce+wt2c3drte6eDTtV8s+alT3/hsluCHmsum7b5Y8bSlFvBqxUqG3mdGxh4lG9ctnltncNsBR1dTu3mod1jCMnaz189JZnWif3Ox7TdcP45/auX3mJMXU8WF/8eHXpDsII93A7STtkH0wuLiV6ePlqmM/NfKL0/G5jGZvgHKititQ2MSPLmpnxtG4MTP3Vmlub36f1zZ/WN39a3/xpffPfeH3z2PLm1kN+Zi5t/m6iuu9r65vlAtxu/f7m+g9qbnStglYJrV/ppc3tuuWPvGz5wauWn7KD6BplE+aIrzLAKMJtMqm+eWSf6u7u3ioDc2tq9WWzH/XPWoLf/uHzz8ZX2fJ9t1bNX3zRDAdHo982Q8eRFrGpXcm7rDNLpxAv2TzgzdUMeK2mz6a9Tv6cRzueOO2bg5jce4uzKwdv6Ggck1gX7z8h0x++H2R4j5PjcAziOTV9ru5eny+vzrlcSlzSb7Wk6hg5yf/UTT4bXUGeu+18gwy1vNifgLiPUkq1YGK1XMwuRT9iFtly+frjV6gr5VyN4RdSiKpcmWd3Vk7SmJWTC/etXFej/JUe5T9+W+Gbkwsm08Wg5bL87pbL8kHLZfm9K8eOWtX19ELc1K9Vs/MrXQDqVN3dYJJmUKfq/g32a9eJJ0oadXp2jzo9G9bpWVun3/7hpHWwW+6te/9jy4P1Yu6BD/th+fJls6hyB8Dsl/bptz+U33+bfm2K3Fztt0W/KL2S9yEFcbWYWQyvjSjnQWjXjryDgVcDmmWfOqeOoWvzjQ2MVt3NXJ88XRujnh61+i/uwnysr7kzZrM5OoypSdIm7bWnyu6LL+gB1rO/9l7WfzNZbb/YvffdW3XH4y4rQar4y7FXjFWYLFR2t1ivu0T8UuPckSnlg14QhpB8ZKMmOHYKqCebrRtpDLU3pXrqw2rxDfr3Spjv9JedRLsr02R03mS0O+lozh/cIlsF6w01z87UBzfGNvu71LCYXNdrMeiu2p1d6ZncdbeX/8j2AcO6Ie15m+0vbclBdmpSSvrMwc5m1Z5ifVNfzq4kcFB3PrS3aBetbj1nfr+4Fls5qoqsLndU5BlfTlMjD/f74fybDFYnzfPjrvw99bi6OFfbFJ/P68UvtrJ+ZiJ8YNu91/w6/auep3fvnS1geXttBsMNez09W78/jCb7wA5j/aEdrp63a9pEwhUe/v/onJ6q6aAXpyPp8boUowDhezbI5GqD5ZKbdommqriafl4s9dsAp2Na1F4HXbXdEVqVvM+RWs8vX9XT2/nITkEDFallJ7c3I1pK1WYOD/Sg61GZ/ohFEzcTvlHDRzzNCkgcAdKp8Ie3M/0SIB4QuUF4Qu2t1Ro+AM2SS+8mKpq6nd+qV9/0sgxdwn2t5xdX+GbGA0y2NzKz3xUJT2lVvyt8znE+K8+ZLQr1O8ORsGVx3L/RxS0lklVIFuGzn6rfKY6vLXi8q3ljjkNooxLHzOJs1xjHzLoZj9HlIbu4Xho3hjgE2M9x9iwPkeXpvPyM2yv8Tl3jRgelJCmPVkYy1CjG9YyH3FaotWeWiMN5fSQOUccYv+2Ep/xCYFzxzBIzJkaePlRRQjAelJyh3AhX7My4sULihCcQ8whn1DpgrXGLD9XFZok8hLgIeSwxMkG9ciQOkW2GrJzcuDFCsgA35jaPR4YO2TQot4IkhXmjg9wilJVDtw7q60HIDOWWlMoxbvRxowcVFUjgodwUkngoMeMp0qHZHMg/w28b+Rco12et0Sg2xA4i01ZxsWL1UW5CIVFWAhl8lG6bBlDxRG1UP2cmIU8sRu1YX9bULNGmPpFnwdZE4hwZhjyHmVUY3Mhuxd+oXcHmRok8B7vElcq8MWar4Raewp6idh5K91HrEN+6qXFjQmFYFtsU9Q3YprydXsI32xE6TFCvguJBMJsOBFVI8bk0LSdnLXCLj7JC3oiseEZ3jsxz80YeeM1z1FMmpuXgSsVzuHHFS8w6Un4qBPXSh3yjgTKImvF2UzkVbrFpsXRNEMzF7QE7GgzDM43chcID/K5QIk9nL+nZeIXNZHo5G3kWqJ0LsR3UKEQpIXsHbs/NOhY0YFomzQ+ZlDxGHhpOeei3qdUQN/JscB4b71G3FBhCxpAkNUu06fqQzGOj0/3it4dsK/ZZ23SP9GO40UaNAiZDKRkNAJm7pnJyKKdit2ImUEuJ6ymbAxlGg27FUYlehfrkkAe1ROybtCtztPo0Pn4aH61P4+On8fHT+PhpfPw0PqrxkfcdjSL004WaKq5N0N2L0r82/M4Wb/byL1132qmXXpRaojuKGqdk+BNbm4rVuEEO1nRK7LwckVPTLbDnah/CTHCjdhc070Q3hNFJi857sI+zs7CJ6bsYNgQDL512/VqPPn5n7VnPwKTRt50tBy8O1hz7CpSY95x8ZA7TdAIciejYaYG6s/Q6qWMO02XPd3E45sBNR8HghCFQYZboUdVu1zHpM528cxQMiipTOYzQ6OTZ1+iIGOAxnuEQNhht2YvZp+gt6SIYzzDC4bgQmn2toEgQlWMr+ztHdvYyjr+lWUcGWgwsOXwwgOTYxLCB4dZgXGDUx7AnZmBZ9HwI+z5sKTRNLkXipOeT6ZTo0jkScQQcjLb0kzbNgP4/7HyXy6bhqFSMDNMcHbwm5rSaUJaxKH2pa3YrulYGA3SDjGQ4sjN4dsZGooh9gbE9W5CqoAw0D7bpwNlycGQX5jDNGJu2xHGfLndsXGD4wZiQ4SvHIMbeZA3fbEeGrxz7OOKU/dieXhp1TM1huqRrokLo5FEKw0gGYwxOJBwyRiJ2W1omAzl2LoYKjGoY/w+CWFgLhw/CDvHH5qjHQJrXTQ/AIIRDM8M5jkqMtxnakWgKsyNrfiHL4EYddNEx0nqJJJXZHAyu6LEpHkmKgTR7DWHBbEeGVQzRSYJkQ8ICwy0dMQ5iUfYOehjGTsifsSJDdKJQZDYHYwkCDuP5qoFWq4nWCCyxWSKjPsZpDC8ZXTO04+jPWK4M943vhX60mKtnV6tbtdPP9kheqG0YrmcLteXbqxrL4ZcrrOwf3bqqexEfuxVtZaf2fa7bpfZfbH1/Ym2vXbk7UZ7l90j0w/f3SFTdo7hnI4meXnEfinc389nlZo7HsscjcrabP43rZ+vhWPe5Hz3t2rlaaXc7oGqe6uPycIPqbhEF2+bJiNDbW1SrfcQWG0M83G6scOdhFs3a54Pt5f/9/b5rvXNF92RuSzl/msxn014CLiF31OMZ9Wyqe6KT623YzH0y7/EwzLpdbGbctm0hRt1mOBbLGntCjpw6YGh9xxaazcPHXY1jPHLsdskcNAZenNYZfvVEFKJ21GrOJuVzu5GjRNA4ow/69L2juxbtb7ltdYj4a+wmc4Hn22rZOHM/VatVjvWGIMdcFtg2pVIK3m+1DuuXXbs2L3aoN99QM3UcXLdbx9uau0rpd5msq9lKHU6rlhZgm0fR0+P+Wg7V9NfcW6Re9NMtuIEfNh/acJnGBu9kqb201D6qqgtLUsmxzUwdubC26uubzYgWnl619qa3FKGjmLWeYrbRbyv3NjDBhj4ss82pLfsevmObuvbaZrNNvrHcZWC2G6fzOu1Pib6j3tje81h93LTRlsf6gCx7h2nLl79X327bsNMdf7xtydv7DTS5fbWrTzjdY+6B6cPqz/BYGS2PvSB6w516Mu/Gvde39OIew2T/qX2pB7W2eaTvF9ajf5eQ5ZHhOge3Dt/F7q0hUWuzhkvBVC/QZ3ystWszm8fITPpl0+nWp9ZTGLLuVFa71yp2v1lM5ZORn5FR45bbBQt6vYJar8MX1/ueF2+E3NzM3xsnUGPfBE48NKx/Lan0Bjxdt0Yr6L2BRKvXM7r12cbISm7RO+QNFPjHsaf3SvPzZmrhHIsA1oe3C74il6tX5NAY5iAXq4NtlOl8bkVH6tAaz/j6Whm2xPPqm8NYhUAbdaK1PnTNkKnku/09P6py6GY8tKXrC+axH/oAzseb5hBnN95xBOfjeXOuqs7oR1xRJ/G8kDo0fzzevHixY0eUmV6wpRLF/cqO5/xCHeCzue7npl/Uezw7Obm3fJ8r+f7Dav6QoocCGsr8blWrIKW1Nuz60JhCryz7RafZbn7pR3zTz582cbvQp1rPjy1lEX1TaGIi7dlUeKD2T1md47wWTlcdKFtSdjQ/2hsO6RW+2HZRrWS829mf6yVXWH85vjyJCftvBegk+w9KasaFWW911uiZKFtnnxgiyf3b/n0+W6uX19S7jStH/XLVL+9oVyd8g04oORl9EJFC24p6TVDXxuoNMPnaNQ/U0btDNhOJTbKvLEWkvq8+mYeQP/5J7xI06Hhffjm23es33F9xJePE9HRg4St1/uuhqrcyZCXvj49/+vxz1f0O1WVH2fnKxclXShnqL+eoO13sSB2j1T83q8n1/zzBP+JqnHDra0cX6owX6qIYj4XaR1qEQaHuSK4o1NlRqKsLdccL9VCMzUKdIy3CoFBvJFcU6u4o1NOFeuOF2lqhKNQ90iIMCg1GckWhXluomQDBhZjIE21xo2cfM1SnpT1R9jWWSP2MbTyhfraOw1Q/OJp5/WqXvVF8sbUnjTakEqqyXvVipAhYSJfU3pvU7Sd19ib1+kndfUmbHtt00h95ZZh219ZL2jlpjyE/ymds+5h9/reoH+x/9asYd/rf/ntXOsmv5X8Nkf7L/a/v38//qmdWrq0+2VvuN/Tv63+/P7ne54HhItCn+Y9yqOER4rexnq8Tn2j7PTl5/NML+ete7mTcJ8KJ8Z9e2WOuTiceLfsu/zk+CMBr859e2WO+XSceLfuuAWNkfEJ2Nsu2+2WPDWY68WjZd42QH+6df7Pne/XzUMcsdnina96yr55/3KlP3rplHj0vfMetW63b8/V33LrVOL0RZf+t//WuPceW3d1k4/oeq9a1ix9btn7fYwAHt5rbKP1RT0RO5mqverUver3QxMzDVUbmH8395Z8p5O/omAvYr9VOxmoWab6pV/V0iLkt2U7O8oszuvbWhfdd7zb7mCiqaOlgcvDiBXq2fL44eKF6d2wME3ojRSYd/+LC/KI3oGBa8o4J5Nsb7kJcr2RcuFY7nZ/o85NEiW1TqDFjWp9tYdBd7f50MZ8t6vx+Y/d4+49k0d+QZj65vphOzpubVJ1/139r4mW9+RpJqibF9kajP3TznnZvP8ntvPEcopkp5Qj+arKaqneLsT1ScyKskXuzPWR/aF0f4/IFd4acoYrc4KzfEtaP/9e1/0Gf4/Di1Mg104d9X9fXavMA6QJqW5FmK/zNknt46I3Sb+eb1aTXrts1w+4k1uQaM3SY2xpMy+2OVdQAgJm9w61sjzC1vj0J2R252jNWdebqaxXBPH4zOpBop/lazT0c8I8DdYL3a7X34ouDezrDx6qxzvW59tfTALsm3Uymh49aqzm2/lPLpZ7O/HxsPVKHzx7jnUN1ZriaOFyqbW6O9eTWenvfx6drfXTTRJrm5HaN2ahttXN/llX9T+bNeC523G9NnplgbnbV38B3mPOPXT1H9vJVZSywfde0piEu1SkMuntjklGHwVt7a6nXxNq33FrDUM8jtGEcbIURUtrj2aLZWLXZcLR5cABU0OcOdKch14szLcFAAC3jOW97ol67Mi8cjFjObNF57kdv/EcMx3eO0vLlj84uyuPX7i6y49feLprj1/7w61GlcdDtGqnbX3bYKqOzNfjm4TM2uG171kb97CIHLe+e2Rtkajbd6WhTUU/9qR728W4+Qjq79fn4jfrnw6eD+hLsmRbqkvWnhz5Q0A+aQupLsGcqqUvWn1L6QEE/aNqpL8Ge6acuWX8a6gMF/aCpqr4ExpTVdtdUP/dCozbhfSav1M8uTlI/o6ykfu4xkYWK3bf7IfH9Z766W+49A9bdcu+ZsO6WHTNiw/G/veGe8KR+fjYvbWl8RIUcWvoDywhY3cu763Fsj3c35oLwzYPng3DXyJyQ+rnDu++dG0K+5ki8z78/YCJp5KaTnmPgBIdyDCe/3DHs9573m3wauemD5X3gRFVX9AMmrEZu+mB5Hzi51RX9gEmukZs+WN47J8Q+gu+/a2pM/Xyo2797mkz93LtfIvGHz6t1WXzw/FqXxQfPs3VZ3HO+7W8ycGw3wS8dOJp9mtTMwQmBrIG/4fCxBw07qNen8vVmW5oJk8Pt+g5fI+n9HHSEeKD+VjzfXToev8cYVw9wj3Fpx22GVnmbcWn7rsFhlzv3jRc1Y4O+XSpWkxVqrQJ2C5stvugWQ6jE5wNwHfkSU3N7GqabtTM2LfYftmmx/z9s02K1O+X18q+z+Zx7q92slmoH1/UZTq6Ybd6f3byenS3W67PpanK1OXk9uX29XNSLE27CczJZXV5JmSe2d7p5t7HS7/Pq2b99b6Xzl0u5+9X1z+PFju/pJuqTlH9uvvhC6bPbOll9q44vn6+X1uuFOhNNatgUKJFUqrRvYWpRz82plY6i8SUnF29vlBVtuvyRWJ29hy3E1IrHiVrSqMpR6l0suTfooIj2AFItj9q3masqV/VVvVpxUWSzDfDzf3Ha7ZMGx9X/2ltB++NbQfvjJ0oYSe7eCrrZGcuWv5uliPymv0k0tzzH9W7xl63XfiGP/uqvf2x7b5uH8tuTLpOf+zI0+0v7xv7S/qf9pT/tL/3Zp/2lP+0v/V+/v/ToBtOd4/3M3GHa+tfZtQxOL1+KzxJ7/L3EBjLkrpbrzR/EkastnvUO0505f/PNn54+Ne/7zNyE+mPvQv0/fRvqXfu0+t0+rf5H3KfV/1vt0+p/wD6tD1HOubkL93bx5bdN0Zj+2k5QlE0C54P2jO1F1lt7xg660n07Un+PWdtQxb49Zv1fYY/ZJrZVb1PUk+tBMhn71JNJdX9vw1gZBO2tjP5mm9V2z6r+l+0Fq95Y4Gawzcsof1e7wfp/H7vBai4dr8y/LOfT7kXh8YU4j/tzB3iNcnF212vDW7UdmZzQ9byevWsOYb9fNdURt4PpDJ46jTMv+YR//h4v7bUTDR+4nTQc/t9w82hsykq/Zz6WQZzePYP/QJkfvH8LffCouP8VL6Pf82VrveawPyQOanyvF6z9kSVfI69R9+KL5z98X6bf7F+nfnt9/b4ta7uKz5fXODN4s7xczteK8y5fqdmdP5ffCYOqY6Y4YfZIzWvixG0GBm9q1QKPGh7E64rte3/SGzDDSiRXUx7KFn90etsSP72y3i9v5TtSpppwwbTcSCEEbxmjxVEs1Gu8V3U955SA4lot42xjyCKZr/jiMF8BbAu+1K9+Nxa7rRKRU1X/YD0uzto6fPqng/VRd8ytyCfhgygSB5rMFjx61no7eX9qWc/ViSfHrMNk06r6uC2OZzMfcOZwVauTiKHBerJ+rys4nV3idWNrstmoSdhpvb5czS4wsrX5bM8uTlezv/5Vnz35f4XHLyZnT8uyPFtd+uev1xN1UrQ6INN6frncbKxqfvtqpdT7dLOevba+UYi94PRBOp1Zz19Nrmern3t6XLTHRYqUf7mdXb4WqV/eKoPXZyGqmZFmmFIvLXKKsJs7UAL3Jgq3d3vYrtNqPUF95F+5bX22UKdXTNY3/zSbPnFtO3lI2p93lLNjilQ1Tc2IRLfDA9P/vO1gBi9wvHmAg72Xb+mOejVcyy98T/+i3rxVC5AdWIcbhHp5mzqtWxqZL7O/h0GrSzwCetElPO4tRO7uVgtO2+Ian2xxgWDzZvwD34rf+zb8jnfd735Jfufb8HteYd/t2nWi4Yvfopd7vwEqYeRaoOweA9jIu0W7cXO/nkwttBO+W8Nik4LRYj/JUF0js8dbWuMb+njEVKvd7Gv1aHobuYdPoNvXAqjzkZLMp2OD+7rnhuZd3QYuLYbf962xnW3WblegC2squz2zjqfyg693p+7G3nQzl8GlOYlXcZA+6tm6wFnPqqNNZ1jGe5+gaOR94Y9jU9sWs2VUW2Y3tKlWjV1mv5ZRjRX1EKvqbuublZ68Mcxq1HfrlxuUozxsNy6498sLH/2lFY0f3aL3wfuAXzebyQx2sein0WjSrPjqf739UEsc5q4NDdqsmo0DZuPt0i4F/qBSfsIajJ/0K8W9Aj+31KSIuqh2JviHXvVfYAGOG2y9Ubipr2+sJ4OMhom2qtW78NO+1D9xLYSUsWtNQLM10+4GMFL8uGWvvdUWW0m0p3wxsken+pHBD3t8qOP/Hs/2fPfTrhp21+83gnboe9/RFG7tbsf3wa/ymk5vsMeOuYnXwCPuc4aNp6GP4X5c+5zhpToxpp7u2huK3f9wa82lcXM7W7LL0lob+51pLxCvb8V9wdohK8OItS3hDBnqrOytzvBT/+ut1x8M39MmM16D0BsGjRW7v9T7FTpepqE3nl/UeM/haEPP9Vp7rtf6iPMvrc8/f/x6XFuH3EJlh0N6vZ7d6Y/6DnA925nRT2Ou6k7Xtv7pTocmhW770Xcb/RrV5avVIfxwcw1rILtMDiGaIfuLnWum2hFc8hpfvjT7aTGd1PMHrWFq7vnszoVMZ822Sx9/RZPwlsZh7ci0VCAVPFhpTriyhhd+lshxcbDBHItatrGDzpqz3AB3KHN3gX/sDtQyN7vbXZhcuLwFe1tXq+X13QW0WUumItOsPm1CY02dIvCJEvh4sAFhu1djk4C4KpJwIYXjhbjcyaZ49ORmMp1SGU7iMoFqAvkDamlzHRSGrQcfVhslfKOfycsJ5nM2+v2zm6WYTE9tq7pTXGcq36pZbUnQlDIwLzUp1+4kZjmhzeqI83FdX1dt3T0+a6py1quX6KyxcLz4xcVYXDQwXdbYDU/SpOXzbjNAc/+yftZYCqIMTG+UNbh8rLR83ExbnPa1qSdzLtery9PFbL05fbl8czZZXb6avanPJvX6bKVV0Pbtk8m1KEKaUs2i/fZGYoYnjm3t/fZni49noZPPuLhFr9fju4lbVRGjaCdZbrGMZiTh2VZVQ5u3uWph3lMRQ5lA7yrLXjWzMJQK7/W+aTfRPBuUopfjfEx9+f4+ffn+z1x5VzZT9usvrGeY1qdkqjL6PNs/dgo4bSy3/kJ5UK2PM22RnMlq3nw3J5T0I9LOy8h9R2oa86ad2Da+liyPur7yn91Ze2qe881kNcOrsHjOZzV7jeEMOXQK9bbyqE7V5KWpV4Iyu9zZ1eyGv5wkwr8n8sGwwbGLP5/+3C3i+5VXQPYGv61lkI0jMdZC6otbCyIb29haFTn76fX8erHcyv6/z+rIVvRuiWR76dM6yU/rJK1P6yQ/rZP8b71OUrurzz7OYslPqyUfslqyXQRnzCm1oX5/6mlHkv7cU39JpZ71kuhOpxDn2uy6m6utTaSSauqlMxe8HbS0Thz1VA0n4U6EcCw87dYDPs78UZXiPt14DUPN0SHTH74fZHiPp63gynO9wkjdvT5fXp2LZawwRPxWS3p+6saS/6mbfDa6PPLpv35bpOXX7Qb/5vpMudBfAbpPM+VcvPpquZhdipLESrLl8vXHr1VXyrka/y+kEFXDMs/uV0NJaNZQLty3hl218lc6TPj4rcZXl7ic8VIXgzbM8nu2YZYP2jDL711D9uBKWAjvsv1K1Tu/0gWgYtU9m04SDipW3b/pfu2KPbvd3NxujIo9u2/Fng0r9qyt2IcsiW7925AcBm7ug1eOG8L/6svHjdIetIb84bOJw8Xbo+P7r7qCu2G/ey7j/l+wprnbJvjvYQ2ztuaPupD5G92Z1koPmE9RlXfc+MxJ3DM3wBRrf4n82eNGwadWpZJy7gfziG2uA4OcdgtHpSMsr6UXqXnT9+0y0uuhFG1OeoFps/Nds+XXuEDtXU8X1uUEc1PHowupmzlgNSk1fS/fKHneq9nb1a0A8kzNIV1eijWpdU4jy7UetPx7e0WHWgRhfs+HfSW++eVrk8eXjrcTJNK6u22o8QjryXzzi51AcyqIyuyDHMHD6z5atqp+yyo71s5Phgcg9WcvsSOoshaF/lzXPMMM57QWUfSzkG59LGfS/2lcU+aDFrO+EiHO68niIRVupDQPEWqeCo83Mlam7914tXn6bIr34CXnb3eK0Bxv+jcTZbpbFuOFpunszWxKs/fcnS1oPJn7oMHLMuezryfv9Lax4gXV84gzKV4aMj7WW34uuq/VExj9tXoAUYKO1cygjBo/NcsR1Mxf30+25cpP86q/yrl7D6GLfvlHf3teveRcnUBb/+V2tkIsprYWuL2+EAeu9xXolyeC/VmfNdcvmh1Gnw2mOk3/9SvpXW/UJJwyjckxHskAh6fWtfQK620tn5p9LKdL61r690zNrGNnXKuNqNVKe2xVMJ/Vt/3CMRZOsB+mei73k3pMcbOqL5fXEoCrPTEtNYmw5e/7ZvTthdL63p719fj5aXd2/o9mOOpMHLXN6A7DiREa3WE4377+2xhMF03c01za+O6/mbEMXg66Rwza2co9nc6vbzn3cjmj3eL13m7xLVtdgRM2Ld6u4keqhjpVeVt4e7SVvl2Nyvuc9nF1JRrfIeiDB5/LPe/rKXHnasUwoi0xnRP0jp5bnC3wIt/4u2IfJM/r+ahA37XmPVVv8uXL+e21ekzTD8nbxGkTIasO9vuP84A/+co6XNf0Q8Gpe+ocda/y3PSEg0Rr4zUZ/WCsJ/bNKzUXbLVvBzWLH/D+xAF2ElrPXqoH8xv79PR04ylP0BbHJ8jNc2U+ZaYnuF3fsXyxmUW5x6FQXdpdB5h8UPtu7JHln+pQ5tALPR60XcVRHuU8JLosI/lJeAxuGGVRxtO6q6pyK5eHLBdhmIUZD+MuyrAKK55AnTh5kAeBeYR0aHvyX6CPyrUd+Y/H/pZhFEY8IToI3czNeMp2GVVlVfKg8CwooiLige9+kWZpVoY8OlluDRPzOOa4ytM85XHeThW7scuz3eMkl/94gHiVSn5FzFOPqyqtUh60nblBEiQlTnyOSz/yo5wayCq7su3BieFOWqQFj2/OvMIv/JAnd1epm7oVz4MOJO+Kx9a7npKA57YHXuqnfkUB/MiNXB6SnmS5nduBWVAUiPojnixcOlVRFTx43SsSL/F4jLifu6Eb8pz6MJcmDfXRzKVXeRWPZq6CKqoinlMce7n8+OZhzWHs+Z7P87IDJw3SQJ+z7JRBGfBk8CqpnMrh4fWlGzmRwxPM06yIRaM83dv1HM8J8NkV1crHwanQse3LfzyYOxCji3gatS93uh7PUk+K3Ms9fXC27cROzMPZvSgJk5DHQ9upWFTA08DdKkmTNAsGx0/bkfyHRnR9x3VcHpXuZLHIwIPgi6p0S7c5tL3MyszlSeVSPTfiSdBRJYbp8kj3Mo2CKEjMGjmundgJz0l3itiLPR44HsRu7uY8Bt0Ti3FSns/uhU7mZDyKvcjDMpRSYUhiMUHKk7iDLJUKVqYxiGW7gctj0KPQy7yMh7BLtwmlQ/IM7kIuezxSPHDdxE0i1rQovdLzeL2UflxFPGXei/3YT8xTrdMw8KTd2C+SwimckOdZ6x+oyymLsnDRjr70atcOcV2MLq9yHr8eJVJRJ+cR82GQBVlpnkov/SYNpUvDLIs8yzOeoi5eRxqjoP6l83iJj1okvnSdlIfRJ7Gf+zlPCc/sIA5iHqEeB1J+5ZueQVyVXdg8Rz4PxLtULg8ur1L5KXkaeyF9PXNCnhIuvcHjefdJKv27KNBhxWXKD09mdxwpM0hMXxdLI0k3QvXLRHpMwtPYba0j9CNxcFHFw8q1FfPEdumZXs5D2MUbyc0ZhczSOI1L81j21JW+5VToaEGReqnHQ+F192KhQVzJf8jEq8QWXH2guZMUSZGh7SJbDFZsgIeei58I7IH39qRZ8oINGonXD3NKXokLlP4ACV3pXg4PedcOnsYQqL0wHR6DXog38ngofFYVbuGGpjHETl5Ie0IqJ5Yq5A5VEYpHEaWj7bwyL3MXwmSSeyDjBGoXJFESpfRvsS8/OfJxS/FSkWeeL5+IknOfJ9oHQRqlEQ+mr/KojEoeHB+lXiGOHWlysYbQT+nt06AIihLXPdGjk7gwKhnKPCnHdEG59IlQ+jFqlIgbk1+wqNKvfHHlUKMnlc4j1MgXPbriyiGYLyNJGtFjZOJg7BQF2VmsfkxjiHMRMMyhZ6mE/LjoOzJExzJ6s11ix3fEplFoJH23jDjCSn8I5AYIGdqZnTkwkrQosiKLQrPDZqX4VQ+SSBcRlx3QHfligKkPaR1fqpw67KSun/hiapBcqwM1jV3fFYkhgPTYIC9Nq0sq8Z1uQP9WSFN4IQc7T0b4vIS6pNIy8qUQwEukKZyUw4QjI3mQcvzySr/0PbRX5YqNJLHpVItA2jzyaDlZHksQxIGslPYUX49MUvGvogvUwonVaEfJHbGFIERBSS7liEOEkGo4SkrbLCgO81AcHHSbB2EQVuwXMkZXvk1Lk3ihlJ6Nz+KFZSRHTStfjFRcADKPJElZQjDHlqFM7MrssOI2srRgXGdHcSTmghslY2kuBiG5jHtlBGk96XhO7kKwIBJ/HFYcSmR8yfwcgiWRyB4GjmneWSk+12UM4BTyE0EtZSzRk58wUJGoxalcBoeh5CeNCfU6YlxFgTR2ESszRTva4q7kP7Mf6ZGcTlJcgLQpO6kjQ0qQQ/JcwlkJgqDSxJYxTRoJGeroE9qIJFANbQ58uRhy6bhmjcTXhE5KA0hlDAwCqEtGCBn4K/apJJP/CnbqKA7jMGHtEtGiE9ACRR1O4UJ1YnSlxJWmCyqS0ill7IW6MuWkHXbSLInFQvnZdeTHw2dxlhL6ZOhHqXLeSUQPH8WqDSCYJ6Nk4qfmUO4WStyMfUTGbKd02dMDsYsowedcCZi4yFA4QDysjwzTNJCfigZjSzQtt+B6IHFoFZkjrAwjqvMwcSLBjgTgkFBVKImprlQG4cLhSBrIYCtDCGoXSRAUelCjOG9xDTkElhFb9JuZ5i2eQxxZThUl6idD5kEqQ0oRIXOnlCG1cmjGmbg0O6fqYhmc/QpWJx1afgoU5ObS7MJCLOfol+PwfzMAdEYBMA2IgFQ7EZCWTATE9YIIyH5KBNQ+GQio3SAQkMMWEdBoskB3QmTiEQFpyURANFNBBORYSQREM7lEQA6yREAImRIBTS4LiIBIUBAB4fpsIiAtnAjIXkAEZDckArJHEAE54BIBTY+UEwEhYUQEhIcpiIDIMCUCQkUVEZBeiAhIl0gEhOoyIuDAIxEB6bKIgPRIREB6KiIgewERELV2iICohUsExPWKCGi2UU4E5HBDBITT8ImAyCQmAkJyjwjIkYIICAE8IiDurYiApqPIiYBI7BIB6RCIgLheEgHRN2MiIEcZIiBHCiIg1BsQAc2CEiIgJAmJgJA8IwLiekEEREEhEZBOnggIYyiIgLi3IgKaAJgRAZGgJAJCLT4REJmXREB8LoiAkNwlAsJgSiIgmiAjAhoFVSEREI1YEAH1YAoEhLQlEZCujwjIgZgIyHGTCMiRnQhoFhQQAZF5TASEznsA6OZEQKTReAMrrYiAECYmAqJ2BRHQ5LKSCIgahURAeP6ECIjrGREQ10siID77REBkHhMBkT4lAppBUUYEhOQpERA3BkRASB4SASF5QATk8EQEhGUGRECozicCmh22IgIiQ5sICNVpHcEFOURANLSeyIDkPhEQhpESASGkRwQ028gjAiKTkggIyfUMCwpKiYDoOwUREJnnREAUGhMBIaRPBDRjlYoIiMwdIiCsKCACwgA8IiAsTc/xccQnAiLzkgioB18goOm9cyIgbvSJgMgwIAKi7SoiINTiEAFRO5cICCFzIiDuTYiApq+LiIBQnUsEhLpcIiDUEhEBkXlOBEShEREQwmREQBhDQAQ0IV0zDxLEREBYlEMEhBorIiDUEhIBcb0kAkKAjAgIIT0ioGl1KREQUiVEQBTkEQGhipwIiMwTIiBq5BIBofaCCIg0IRHQKMjLiIDoCyEREOoqiYDIpCQCQoCMCAgD0OpATXMiIATwiYBmGxVEQCQuiYBIXBEBoZaQCIjPMREQn30iIGodEQGhuowIaNbIJQKiFh4RELVLiIDoLxEREJnkREAI5hMBUVOXCAghbSKg6et8IiCsLiUCQi0RERBtFxABUYuKCIhCSyIgMk+IgFB1TAQcIC0REDfGREBIWxEB0bguERCF+kRACOYQAdGPIiIgtOEQAU248IiAyDAnAsLUcyIgMneIgFBRQQTE55wICCFDIiA+B0RAczZAT+aijVwiICT0iYBQV0oEROYxERDq1dEnPjtEQKjOJQKaHdYjAqLKFREQakmIgMjcJgKipg4REOljIiBqHREBYTwJEdC0upgICEk8IiASe0RAmK5HBMT1jAgIVdtEQKgrIQJCAxER0LS6kAgIqVwiICR3iYC4bhMBod6ECIhaV0RAFBoTAfE5JQIOHr4QAXFjTASEhDYREDWNiIBQY0oERE0dIiDaNCQCotYxEdD0dR4REAlsIiCkioiAKMghAiLDjAgIwXIiIAQIiYAQICUC/r0CoDsKgOrpn0JA9l8iIDVJBMTnjAjIsZIICGeSEQHpWIiA0HZABDStXXdC9kEiIG6MiIAcTImAKKgkAqKZIiIgx0EiIIcnIuBgHCQCcjQnAkKqhAiIGwsiIP0wEZAOnwjI0Z8IiDQ2EdB0FAUREBL6REBI6BIB6cCJgHSJREAOT0RA+mEiIIS0iYBm/42IgJCkIAIiQ48ICNWFREBYckgExOeKCIh7IyIgCsqJgGYb+URASBgQATHcBERAjg5EQEjuEAHpb4mA7MtEQHTDgAhocplPBOQQQwRELTwiIK57RECOcURA1DokAmrHjuAZ11MioFlQRASktycC0iMRAVE7lwiIzxkRkA6cCAgn4xIBUeuACDggTSIgMveIgMgkJwJCgJQIiM8ZERBdoCQCwgJTIiCawCYCmkGRSwSEnjMioHZlQECOIERACJAQAVE7jwiI6xUREAL7RECzII8IiMwdIiB03gNA9fRPISBHEOINfSwREMI4REDULiMCmlyWEgHpqImAuLEkAqKmCREQHTMlAuJzTgTk4EsERD4VEdAMimwiICSviIAMG4iAkDwjAiJzjwiIzwURkIMyERCqC4iAgzkoIiDDBiIgVKd1BCuqiICQXE9kIPOcCAiTroiAEDImAppt5BABkcAjAkJaPcMCCSsiIEd8IiA+F0RAFBoTASFwQAQ0XVBOBES7hERAjuBEQBiAQwSEees5PoYQREB89oiAuNclApreuyACQl05ERAZekRAtF1OBITqKiIgahQRAaEBnwiIeyMioFmQTwSE6iIiINqlJAJCLQUREJ3UJwKi0IIIiMwTIiDu9YiAg6UvZB60hUMEhIQVERCqyImAUKNLBMTnlAiI2tlEQOQTEwFNqwuJgFBRSQREe8VEQEjrEwFRaEkERI1KIiDUnhEBkSYjAg6exRABoSKXCIjPKREQmaREQNQ0IQLiulYHaucTASFATgQczHwSASGJRwREe+VEQLSLSwSEihwiID4HREBowycCoo0SIqBZo4gICNcREwFRo4gIiIIKIiD0XxABIVhABERNSyIghEyIgKYx5ERAVDkkAqJf+ERASJsSAVFoQASE5CkREJmXRECoNCYCmh02JQLixpgICJ0HREB8LomAMIycCIjMQyIgjMcnAkIzIRHQVF1MBIQqCiIgCvWJgMi8IgJCRRkREJkXRECoNCMC4nNKBDTXQenJXLRLSQREJgEREOoKiYAoKCYCQkU6+oSqQyIgrpdEQLONHCIgCgqIgGiviAiIQhMiIKQNiYBQkUMERK0LIiCssSQCmqpziICQKiYCInFMBEQmDhEQtUuIgFB1QgSEACUREPf6RECTnTMiIDIsiYC4MSICwuoSIiBqURIBUeuACAiDiYmAEKAiAg4WIRABYUUOERAFJURA6LwgAkKNFREQAoREQLSdSwRErWMi4GD1HREQVU6IgJCwIAKioIoIiIJsIiBq5BMBcT0jAkIzIRHw7xUAvR0ASAREn82JgPgcEQHxOSMCwlBdIiCaJiMC4nNFBIT9BETAAQCyE6JpuD6I7RsRAdF8GREQBZVEQBhbRASEXWVEQAgWEgEHAEgEhOG5REBIlRABcWNBBERBKREQtpEQAWGEEREQaWwi4AAAiYCQ0CcCQkKXCIjPFREQhpoTAXHdJwJCGJcICCFtIuAAAImAkKQgAiJDjwgI1YVEQHitkAiIzxUREPdGREAUlBMBBwBIBISEAREQfTMgAiIThwgIyR0iIDQQEwFRqEMERLcKiIBDAESMCkkiIiBq4REBcd0jAiKTmAiIWodEQBgSl84xQEqJgEMAxMCBTFwiIAzDJgKidi4REJ8zIiCEiYiAcBQuERC1DoiAw0eNQEBk7hEBkUlOBIQAKREQnzMiILpASQSEBaZEQDSBTQQcACAREHrOiIDQf0gEhLQeERACJERA1M4jAuJ6RQSEwD4RcACAREBk7hABoXMDAImAyFDjDYwkJwJCGIcIiNplRMABABIB0egZERA3lkRA1DQhAqJjpkRAfM6JgMg8JgIin4oIOABAIiAkr4iA0HNKBITkGREQmXtEQHwuiIAQxiMCQnUBEXAAgERAZJgQAaE6rSNYUUUEhOR6IgOZ50RAmHRFBISQMRFwAIBEQCTwiICQVs+wQMKKCIgMXSIgPhdEQBQaEwEhcEAEHAAgERDtEhIBYRgpERAG4BABYd56jg8ZVkRAfPaIgLjXJQIOAJAICHXlREBk6BEB0XY5ERCqq4iAqFFEBIQGfCIg7o2IgAMAJAJCdREREO1SEgGhloIIiE7qEwFRaEEEROYJERD3ekTAAQCSedAWDhEQElZEQKgiJwJCjS4REJ9TIiBqZxMBkU9MBBwAIBEQKiqJgGivmAgIaX0iIAotiYCoUUkEhNozIiDSZETAAQASAaEilwiIzykREJmkREDUNCEC4rpWB2rnEwEhQE4EHAAgERCSeERAtFdOBES7uERAqMghAuJzQASENnwiINooIQIOAJAICNcREwFRo4gIiIIKIiD0XxABIVhABERNSyIghEyIgAMAJAKiyiEREP3CJwJC2pQIiEIDIiAkT4mAyLwkAkKlMRFwAIBEQNwYEwGh84AIiM8lERCGkRMBkXlIBITx+ERAaCYkAg4AkAgIVRREQBTqEwGReUUEhIoyIiAyL4iAUGlGBMTnlAg4AEAiINqlJAIik4AICHWFREAUFBMBoSIdfULVIREQ10si4AAAiYAoKCACor0iIiAKTYiAkDYkAkJFDhEQtS6IgLDGkgg4AEAiIKSKiYBIHBMBkYlDBETtEiIgVJ0QASFASQTEvT4RcACAREBkWBIBcWNEBITVJURA1KIkAqLWAREQBhMTASFARQQcAiAQEFbkEAFRUEIEhM4LIiDUWBEBIUBIBETbuURA1DomAg4AkAiIKidEQEhYEAFRUEUEREE2ERA18omAuJ4RAaGZkAh4XwCcLd588z+LAac73gOUIEKMhu0alb4TBiQTacFImMKjcxcCKdlvPfEuoV6n5VRJ4Qd8IJTmVRrEZAA/K6XTJaYhutINKz2bkErgGmqqjOM8j/Qqaok+XD9n0OOrgCbSK8kCidcy2ocbeoHvM77JAhkAvHgw119mjrh/2kSQpU7GONIPylSCMT2KV2VuE6VyT6LhoFmb5eeVrUN5wToJKjjSZGryfDD/ZUvJEoHwCVMg8VVOksmqsIhS3Z8DcbqJXugseok9dsUgjnzX4bDky1gR6oV6cSmkqCavDfcXyLCd0BNVfiwjt44RkyD2ylA/ssokjC909Cyjb8Vp+sqO41Svus6ll6d6jiwq8lKQbfi2TyHWwKirDMQTOrqbRYF4IgJ86AZeVBFrJVyWGIl+WbxMlpbst1UZO6mt15Qkduxmg2mpyPalaxONYslMRUN0YUUZ5tr7SJWqONOPfiOJAVzNzL50ef3QzhM/UwX67awgSLMBbWau4FVM/+gKUOUuPVQc5oFojO3ieZEd6wWvthvH+o0g18vEYDkjIPGsF+pVNaUCIncwYR1LB5BhlAvNoyjJfAY9EvNKdhyA/TJMSpdjZBgUaeXrpx2hrdiIC4kczw9dPW3hy2BcDiZDJcoWIicbp24lY1TavO6VyphCHvAriZc4a2BnYiO5fn4mJZXaoQelAHxl68E4LB178IKHwL0Tp6T9JCxkyON0Q1F4pR3ot0+lubKC0J44gYy6nKmJHImwC4KH8EgoSRjTyEjsqAdC/YKcJImrzNXLMjLhOz7IiRNhGY8jehgVSaIXJWS2mJnLcNCO1IDJWF9VKMgYx0TSi8py8PRCXFpup4ycotx37arUA3DsO2W+hbi2DFxipvSBrqtANdbjqCMDMAXLg1Qs0gSMqhA1V3yUaMtA6MWc2PKKVJrZ0S+CuoWX8Bmzgn01Nc4xL8jTUL8zowIcPfkiEVroSpcdLqdOw0i/fe0FEsrqSU9fQsSQ4YKjAhYNG1hVqXE3dArpDQRIqUPkZ4xpJIxxxfsP5vrdxMv0qj4p03Y11Ems5EqkyyHDFdyPOPch0VUio71eOBJneaRfPiyyMNWzCTKOl6m002B1pgzcScxhQvnlSK/xFaso9HRtKg4otEmSVSTuOkz0e02RWwUkGd8P1VNLTt9LrBGpyRejw2a+5yacQMkziYrCQj/jLItKT4RlcSk0HOp1wBKh5AzHfRmE4kAvcvWSyHX1A1dfIlrHNeOVOPBT148092aZ+FiG2mWVeHp+XwRPROWMRQpxElWzTk4ks8kGdhGHgVvqNTq5U3qDwEjl7YShJpDIzvTMuOhTBkzOePqR2IV+xJjGlcRs+jmoREyeflczkM7m5gQVCRc9ibwHc/0S3vslCbNIJIzV694ks1Rckn5Bt/DtjJNc4sWC2CHVpIFYQqkpVNx6XOqVK1VaiLs128jNvTQpOD0aqK6uNyAI06DK80SHdBK2hJxwrEKRRYfvCVYVEkKk3yRiS+wCKtNq8JA7qYIitjmVEEp0n3gEjLAqArdgqJ1XbuC4nOfNxd0nCYHcsZ1Y2JCPUmIJEvTLimohfqbiTnOOww2jmNFwWAaJE+snf3kiyiBVxp4vrMEgVUaMQIJjPVdVVWXI+VzparlEKkwjwCYYEA4gUMKErNDLJsLKCznPLj2ushPOuLkSO0c5J/E9J/Vl8ORsTupV0u60TNF14nP61QtSV+zLtLrI98ss1+9Y5qLdlPOG2gHwRi+NithpVhGpdRu0RvG6MgzSIVd5Edh6ujZKnCoczOdGoV8Uen7Q98oqs/kkQBmdXwR6MXESymVOcsk4nQWciJR+mcYx53zFveVOxYfivgoanMgsKCmCUkJFzmU4cS5DrF4uFouXJA9L6Znv8AGqWLl4PYJHIg6u0C9plImMqXqxiIyfEioNplkTFQc7nLXxotSx80ivRRMg9Pn4QYJZz8tjzWapDBj60b7cmSec8JLhKC8DTlxK0C7jgWcGJ4mYXVGRxwTphEw5D+ioeFe/CRx5eeRFzS4VldgFn0PLaF0I6+kdE7wirPQicolSC/XepvkARmzU4xReloRx7pP81RM7CVwYzIt5+TafkThqEPIi/VqCwGmgp4diL/cTTsRUlV0kgT8ITpI0tvULSLaMauJV2enErZf67dPQD8Lc0S+OCrLEfqhnbQSwQ72eWAWCepsGsdY4kLD87xkCx98FDGxiINueGIim8oiBsOyQGMjxkhjI/kwMhIfKiIFI7xEDzdE9IAbSWRMDkdghBqLtA2IgHQoxkAMwMRAu0iYG4nNFDDQnCRJiIOwgIgZyWCIGstsQA2FDLjEQRukSA1EjjxhIV0gMHEwfEgOReUAMZL8lBnKcIwaidgUxENc9YiB9MTEQRukTAwePSoiB7HvEQNQuIwYiw4IYiO4UEgPpT4mBSB8SA5HGJwaa4XhMDORgSQzEjTYxEBIGxEA6emIg0vvEQBSaEwOhGZ8YaBpDTAxE4oQYiEwiYiDdHDEQKvKIgSjUJQbCYiNiIIcuYuDgSSAxEA3tEQMhVUoMREMHxEBYnUsMhAAuMRCfU2IgCs2JgYMIjBjIkYAYiAxtYiAKcoiBsKiCGEivRAyENipiILSREgMHQxQxEBnaxED4WZcYCCMJiIG4nhADGUYQA6GNkBiIGjnEQJNkEmIgMimIgcikJAZyECUGQkUBMRCZB8RAGE9FDKRDJwaaqvOJgVBdRAzk6E4MRI0iYiAKKoiBUFFMDORIQwyESjNioOkZImIgR2hiIApKiIGQvAeBsUcM5GhBDIQGcmIgrpfEQFN1GTEQug2JgWjckhgIc42IgRyuiIG47hADUQuHGIjapcRAM9RziIGQvCIG4kaXGAiVlsRASFsRA1ELlxgIARJioB6YgYFmP0qJgVBdQAxEhh4xEDcWxEAIkxEDUVBBDGRkQAyE2mNi4ACZiIHIPCcG4saMGAgrKoiBqF1FDGQYQQxE5gExEKrziYGDmJIYCHXlxECoIiYG4rNHDESGKTEQNbWJgRDSJgai7WxioFlQQQyE5DExEJk4xEAUVBADkWFGDER6jxgItefEQAhsEwMHT5mIgVBLQgxEJikxEBK6xEDUyCcGQpiUGIjMY2IgCq2IgWaoFxEDkYlDDERBJTEQOg+JgUhTEQMhQEwMxOeQGAgj8YmB5gjrEwNhUQUxELXLiIFQnUsMREEuMRCSx8RA9MGSGAghA2Kg2Y9KYiBcTU4MhFQJMRDW5REDUbuMGIg0ETEQwpTEQOSTEQMHC0aIgZDEJwaidg4xEBnGxEBkGBADkWFJDET6mBiImobEQHMqPCEGQi0lMRCN6xMD8TkkBqLQihiI2jnEQHy2iYHIxyYGmuF4RAxEJiExEOrS80CwroAYCPNOiYHQQEQMRI1KYiAMoyIGmp6hIAYik4IYiMb1iYGoUUUMhFo8YiAEyIiBECwmBkKlFTFwsEyJGIjMC2IgEnvEQEhYEgORJiUG4rNLDITqPGIgBPCIgYPnZsRAZJ4SAzHulMRAfE6IgahRSQxE5gExENcLYiCu58RAM9xKiIFIUBEDUWhCDIRaKmIgMkyJgahRRgxELXxiIAQLiYFmjRxiIAoqiYFQV04MRIYVMRACuMRAGEBODETmGTEQbe0QA02n6hAD0eglMRCeIScG4rNNDEQ/coiBKNQmBuKzTwxEQS4x8O8ZAsffB1RPARUG0uMQA+mUiYH0ocRApMmIgdBaQAxEmpgYiOb0iIFmYJQSAznmEQPRDCExkKM+MRBNGxED4X0yYiDS+MRACOkRA02LT4mB7PzEQHoZYiDdGTEQAgTEQHglmxgIG4qIgbieEAPNgipiII2PGMj+TAyEWhJiICzbIwaiVzjEQGgjIQZCsJgYaHathBjIfksMZDcjBuK6QwyEiipiIFRUEAPxOScG4t6UGGhGySkxkCMBMZDujBio/SYwEJ8jYiAyL4mB+GwTA1HTjBhoxisxMRC6LYiBUEVODMT1mBgIY/CIgWhHlxgIlVbEQBSaEQNNwIiJgQwRiIEcoYmBHFCJgcgwIgYiw4AYCMFSYiDSuMRAk59zYiD8qU8MRC1cYiB8q0sMZARADET6khiIglxiINKUxMDBKk1iIKwrIAYic4cYiM8ZMRCfc2IgPlfEQFhsRQxEN7GJgYNnm8RAqCgkBuJzQAyE5AUxEGopiIF67AQGou18YiCjAWLgAJmIgZAwIQbCjD1iIKQtiYF01sRAjhbEQA5XxECOl8TAAckQA1GLihgIqUpiIK73ITAkBnKgJQZyFCEGchgjBpo1qoiB6DsxMRCqCIiBuJ4QA3E9IQbC6kJiIGrkEwPRj0pioNmPImIgJIyIgVBXSAzEZ4cYiC4QEAORoU0MhEozYiC0kRIDBw8WiIG4MSUGolCbGIgbI2Ig1FgQA1FoRAxE7WJiID4nxMDBY2FiIDKJiIFQUUEMRB+xiYEQJiQGor8ExECoNyMGoo1KYqDpGRJiICQMiYHIJCcG4rNDDIQAOTEQhhEQAyGASwyEBhxi4GCOgxgIqQpiID67xECowiEGIsOKGIg0NjEQxuASA6F2jxhoqi4kBqJjJsRANG5MDITqfGIgapETA1FQRQyEADkxEMZjEwPNYaIkBkItDjEQtXCJgWi7jBiIghxiINKXxEBcL4mBELgiBg4mvIiBkMQlBqK9cmIgahcSA6F/jxiIDGNiINoxIgZCyIoYaPo6mxiIgjxiIFRREAORuUsMRJqEGAjrKoiBUK9HDIQAGTHQDF5jYiAyjImBSBwRA5F5SgxEhiUxEI0eEgOhgYoYiOsxMXCwApAYiMYNiYFol4QYCMlzYiAEcImBqLVHDIQwPjEQwoTEwMFCcWIgpEqJgWhoPQ+EzzExEBnGxEBcT4mBMG+bGIj2ComBJtaGxEBIaxMDYQAFMRC184mBSBMQA2FpMTEQaq+IgSjUIQaaUw8pMRCqC4iBUJdPDEShDjEQGRbEQNTIJQYi85AYiPQRMXCw7pQYCMlzYiAy9ImBECAnBqJdImIgVJ0QA2EAATEQtXaIgabqKmIgauERA5FJSQxEQRExENcLYiD6S0oMhAFUxEDUNCMGmgOfRwxEJj4xEJn7xECowiYGIo1HDETtAmIg0iTEQBhMQAw0h3KHGIgqe8RAqMInBiJzhxgIA/CJgUgfEgPRRjkxEJ8jYuDfMwSOvxPIxaCM77kYVPvTiBhI4yMGwiYyYiCapyAGot+mxEAOUcTAwTuBxEAYYkgMpEMnBqInuMRAWjYxEAKkxEB2S2IgjNIlBg5mx4mBaO+UGHjMvg0MhLQlMZCDLjEQGsiJgRxdiIGweI8YaI4cFTGQQxQxEFIVxECO3MRACFMSA+lQiIEQzCYGsm8TAwevRhADOXASA5F5TAzkqE8MRIYOMZDujxiImtrEQPZ/YuDAWRADYQApMZC+khiIzx4xkCEFMRCfM2IgR31iINo0JgaaYURMDISeA2IgQwRiIFSUEQPpuYiBSJ8RA+nQiYEQLCAGmg49IwZyVCAGovoBMZDujxgIFcXEQKSviIGohUcMRKEhMdBso4oYCGkTYiBujIiBUFFCDNTjHzAQaQJiIN0lMRB9LSQGmjFlSQyEGXvEQOg8JQZyECUG4rpHDIQANjEQQjrEQFwviYFmQQ4xENIWxEBIWBIDYWkhMRD694mBHACIgahdSAzkSE8MNOOVmBgInRfEQI4WxEAIkBADUWhMDETtEmIg2iUhBkKAmBhoRmA5MRCZu8RAjhDEQEjbh0CbGAjDyIiBKMghBqJGKTHQHKJKYiAyCYiBaNCSGIgMC2IgCq2IgRyWiIH4nBEDofaQGDjAWmIgxzBiIFRUEgPhmjJiINRiEwOh0pwYCGOIiIGonUsMNNvIIwaiFjYxELVwiYG4MSMGokZcC0YXlBEDOQATA5G+JAaaYYRDDIRUATEQtUiIgbheEQNRkEMMxHWXGAiTDomB6A4ZMdB0QR4xELXwiIFQXUEMZEhBDIT+HWIgMveIgRAsIgZCvSExcDCzRgxE9TNiIKRKiIEQICEGIsOSGIj0LjEQagyJgSjIIQaaA59HDIQqbGIgMvSJgahRQgyEADkxEJ9tYiDuLYiBqLVHDBystSEGIkFMDIRUKTEQ1uUTA5F5QAxE5ikxELWLiIEwqoIYaMYMKTEQN8bEQJh6RQzE9ZIYCBUVxEAIEBMDIWRCDISQHjHQnFkriIG40SYG4nNADEQbBcRASJsTA2HGMTEQqs6JgSg0IwaaTjUkBqIWCTEQN6bEQLimihiI6wExEGqsiIFQXU4MhAABMXCwTIkYCHOtiIHIsCIGIhObGIga+cRASF4RA3E9IAbis0sMHMwIEAOhf5cYiIL0PBBujIiB6LA+MRDWmBMD0S4FMRD3OsRAs6CCGIgbK2IgMk+JgbgxJAai7RxiIDSQEgPRjjkxENcDYqBpDCUxEDXKiYH4HBEDUYuMGIhMImIgCs2IgWgXmxiI6yEx0Ay3ImIgauEQA9HQMTEQmXjEQKRJiIEo1CEGIk1ODITxRMRAsyCXGIjMXWIgbvSJgdB/RAxEmogYiM8FMRCGURADUZBPDDRfuKiIgZAwJgZC5z4xELXwiIEQoCAGok1dYiAKyomBUHVBDDQLiomBSJATA2HSPjEQ/SskBqJ2GTEQmbvEQAiZEwNxb0wM3AeB6tDJ57cX2fuN/HuSLd/dC/t2c98Hsdz6YvluxwYv8Ij6jQH81i9koK56907oQ7/8xCGUVoyG0htywmb1m1jIZ7jsl90dWeldVnCjXs5MS+TAQu/OMYFeBL/1szP6HuSgd8U0xzS9EyYS690vIbl+h4DWihtpOHpDSxiUXn6OzPXGlUijvebg8T87AYrQExT07vQrUJTefBKf9T6T0IPeWxK/9ct5MCi9h+RgLQhu0TtGIhO9SyRaQQeVqAXHOj2nTS+CbPVmjyhOb/CIPIebOtILQlr9IAOJ9a4dyEpv1UgfyY6C6/o5BdpR776IlHrHRdO76F0WIbPeWRG36N0UkZXeQRFX9GaJEExvkIjM9Z4YULLeCNGskd78EJno/S6QWG9yiNt1xIFa6Pd7oAe9byFUrbeqwG+9P+HgpQ36FSTW+xBCQr33IATQ+w1CIXprQdRFbycIleonYkipF92b04B6pwhkqLcHhJx6S0AUp7cBRBq94x/qpXf5w116Zz+IrZdCmuGA3sEPv/WufchQ79SH4vTufKiR3ogP9dIrriCM3nAPYuhN9gZxB27XW+rhRr2NHjLUW+chWz7Q0fvjoS30nni4rvfBQ0o9kTB4LIUEeqc7/NarkHGL3tEOwlBpets63KW3qoMwens6CKm3pDOpUe9CgGR6Mhw36uXFkFxvMYdv9W5yqJde/ohs9a5xKFrvFGeqTu8Oh6/0jnDIUBMwMtE7v+G33uQN1/XGbihCPyCGTvQGboMVSFCR3q4Nkust2pCJ3pYNRdPq9N5ryFDvt4b0eiUWPutVpHcNnrOFOrP7wwbRjzohOts5igaaYKGAtDNb/U4UQ2FeiTu1+fr1Ad2wbbfWDobj2OCJkJ4tRVZsXrdrWL0speqal4ObPheOXlAv6ex8gDaBwcJ7PaHW2Y5+bTjs+rpe+MdpHRaRd32dToVGwUFeT5iaJmzHXUfUrz2HPTPUsSCURsfPrfQZ3erpf9zV6476bdjBSjC36yvsfPS1cdiZre5DegEkiuh7ODoe+mkOF1xDaw4F9E/N01TcwtGDiiq6/l3ot6xRqF4n3/kAfeQI+z1rN9i4UT8uQ2I+SKfj5yBGqCZBcYxlj9cTwbjOWugHIxCAbReODNc69KChMiTUB4d2/ZuDc3P+J7Jl79czL8iBAzt99mDGn8MXk+kHDPjNx5t8aMYuwJTsIyyUIukN+VA0BwdOIgxeq2OX1E/qUDvGYtQ84wLOnnPg0vMvuK6nFCEkc+DDav0MdvAqAW5kjTj+9Nw5IzJG1nSrjLUZw3L85BCh11WypWgwpuqq3qjYbKWDzGnMejkYCuW8gz59BWlon5wpY7zG6Qa9nYS5cECf1AGp9DEUkJ8WxcGczocvGbG+mm+RLcWgeesl67hejUQ6zToyFEe+5bQv+wsDEz09iqx6UQBDQkIAmUO/eDUgQ704BTLTa7F2nGijEthT9LI7pGcUQD7kdBsfKtCfszUHay56wKS3edPPnPCZ5k3vxwCkN5gzagv1cwuk0bug4d5i3yha1FeT2/nGypeL9WZ1e7lZrraPpC/qTb26ni3UwfWv6s2remUtV9ZiucGJ9tcYR6363aZerGfLhbV+tbydT62LWh1wP93O7vH1clpblzrRF1vfn1j59///dz+cf//0X78t0vLr82+eFeV5mWf3TCnYf9+UP3x/35TVfUt/NpLy6RW0Vb+7mc8uN/P31rreHO+S3Xo7m893a68XzWSTdf3FF93nfhhzM1lNrq3lzUZaZDK3ni429UtpN+h+O7K5vRDBBoHN1e3iUt09CJ0O2XxPdomvZfjPzrpFlHqxMQRFHsoi1fc/jxnm83qzhnm9rt9vK+GP9fu1dTlZKDUtr6zJ4r01rxcvN69OLasR9Niabdb1/OrYWtV/uZ2tauYnWsUtKmO5MNkcrCWXzdu6XliOG59cyF2S4dRyg5B/zJeLl+pKW/rbV0vJhAVaM0ltXUsfmt3MkbPnihDS4lp4lWCulCxlLbpMVQlNijanxcGGpvG2tlbLW52EX7el395YmyW+uJyLHOuNhKDz2bSX07GofDqdidSP1cW3M8l8cauMSoLk9ZZ018tVbUoHATar2bVK1hZcv4OxqATbLWJm2Vn7rDX32eaAdj1Zr2+v66mqhfpLLvaE28r42+Wm/sJyQvvMdX0lnSpDhL5dD4uQHNQ/YhtfQw2HR8fWUnmrt7O1qiBUQRGg3DPRktamk7hnUvkddRt2ORYyXHFhFn1HH2s66HPRsm6nXd1Pl6aS7O5b/USto1c/syvr8DePN69m65OvGnWdS6pzmspRPzP181gb4xNLxgP53GbZT7QWk7p8ZR3KiFFv5aB+LkVNbVa/fyLN98V2IhRHyZRA69lflVtxwi/Hk16s6snrke+GZbn+vcty/QeWNeVwee8CPHeQyc8DbfOOc2m+25ty8VLG2MO+sn++p4cc+Ig2zZ8GnkH8jvR1RxGUo4IoR812uQqitMfrnEPn3jrvhRulBxrdqNadqC1UUo1l81J0KnFEmxOKFIJXIo7mOl2+XYy7usm1JNns8hU3r27W9eV8dsGYZLpuhwTrUJWZls+PrCuJYG7Xqu+JIk5Y/b5/ubjd0GUohS2vrqTfiKd6D88mViAN1Y0H/Gk8+vVS5DyccciXe46s2bUMDdfSTyeqQ7MN8OXFvO6EONsqv/NSku/1QMv86TsucazHqFf9bqJKPG5CMyh2utzWF39+kEHQWk/QClfW++Wt9Xay2KiWUEvURGYlJgYReNNOm1qZw/odD/JXOeqYUNXa8JNS7yMVTBoXRRFH28KmMqQxmvlCwhl2exluR5vvuGcEqvZnEitQN2rEl4Bgsl7KBSWOxAMDefnTC20lL5qSKv7Yqt9IqCCamryZzOaqDU9HM/hBuraUtBZ/gX4q94gzny/figr1ExzJbmS02TtgtIGc2ePHBw2tT512e/TY68cNv/pEOWZ7xO+NOFV7xHGOOdRhAe6o5x4pIP6QAtQo5Mb3KmB0CLpXAYl7vxqMjTtjBeweb+4Ya37uxwC7h3+5TbX9l1tpL8VJvxQfvOv70RFr/zB1oWZa9w9U/SR/50PVx+rlmL++q583JvrVV0+soNeYKjhsv7PiPcFgv8v9bNVzsfv+zb+3/D03+9sRTc+Uvr2QJDrxtqHBJBoTb4v7veX+yjar7EQa82qy3qjGvFmu1xgHH9e4f98cyeyqP3gcAoy/AS0fNbd3Y0ebgTKx2zVCAo5TYkm3KxXdW497SlDJHje9fhTDZFA7xu16rEH5T7/9ofz+2/TrVoDGgkUnO4DnYZSjv+ub4wgDjT5Bac3ZbKAtK1YGd6nmqSQ6OTzg9MOBddo2v/rqfDG5rtc3k8tavjjApMTBkRpcmNzQxZbFnp1JBNm02/r25ma5kiANQRzaZKUDH/OulQi9WuzyvZKnelKlpyCmTe7Xy+mttLSSdm9zS4CzXerjy9mNBGKo67nO8Il10CQ8UUo53O4/0ms8Ew5FuMZuVRCqhIBhzi7k/837M2WP+KTkGCn1QZHEYMD6Byv+Qgmg5deTBr0eMAyJBeYXEoDjKzc+05Fv+/VIkb+ZLc75RG5E9iY6Pp/PxGwm85fLlYS41+vDoyPINaZkLWTbefc13ciQrbveqDH+8oBgLHe6nV22CQ+uYwN985M2n9/9ru1YI9b2ZEw/Yx1K+o5UY6rngNZLNbOEhl4sauUTJqv3HDHbKGXBzM6mtf5QX148sMeJ/0azmM7a6iKhRlU6wchYMtbDRqq8NdcyqMWYSnKpbtPdGsPRZQguLG9Xl/Xh+ujU0kVgMDo8gscGoS3qWmKO4618D1f10fJGOAO0CGAjj7auRgUxu2toZqh7B+8+RxNtVe7Le9/SNObwlkGOomQ1FzieqMmjS2Qm66v/8mJ0XmpfpeSWkU7YfTsu28+GFep/9kUUW71zZ0ixNdPP8fEb1OFDR1fz7v/cMnw1V4S5v/ObyfRwfXshHw+7744tCcUHrvxo68qx9ejf7Ud9dTbzlKYQ+2KwkoisZtfhVHdH0Ga1hzOrs0X3DR2H/mqnnozllXL/CDermY5LqTWU4ahfrvrlHXM95SDE/o0k3DJHNXRI7qJs+0uRUkJoGc2+tD7//PFs1HQljx9fSOrD2WJzpPUtlx7PXoxarbOd2NmZ2N1O7O5M7G0n9nYlVsrYSo6L2zeYPalnmErbdbu4pm9Vj98uV9O1fHW7kJDv9eHBt/94cKya3AxzHl8q563dnnF7d/1t/zqRpMET45tV75vVMJiaTKffKyL8Yzubr+5RbXzi9HKRpq8nKlrS8k/WrMk2QqHqUCASWP8h//5ov/hRWcmLPQPg1exmfeIk0enN9Oq3N5OX9RP1aPxRNXt5K1AdnFrfrevb6dLK1aO8JojJMSI8OoZ542nZRA2jCquXyxvrlYh5JaMTZgWXC+nOa+vEKHXNZVgSqa1fza423y/fysfutEuSe09HpyNyqnVRj54aE4rW89uXLwXCMHf6ff1yspp23Zcl/2mymi1v19Z388lGqnO9fiTC4CZdjZt6hetWvRBKvFQj4cik7LReX65mFxwnm2nOk8m1JJMRVwl5ahQ7moT1cEfqMVnf1Jci0ZnluYhbb1ZL5cKWSunT2frydr0Wva9vxTYmCzy8vZ79ddKfJmS5/7aQymxuF9JM8/eEPYqOKUXr5ewNowCpkg5ZhT42aj5Xoo3LzallfSdgOKnXp0qi0zeeE/YtxfrReXFsFCj0wiocRqf+aXSksgUgrfkcTz1Unej5WdGdMPNkqphBLGKzmlxy3hTB3wGmotkoSsBjZf1v6/n8dGDCIoP1arO5+eLs7Orm9OV8Mr2eLE5v5rfrUzHAM7jo5cvV5ObV+/NNfflqsZwvX74/ayDobKt2/aGuvr4ZdSh0ynz0+sRyxDHz8+9Vz4dzxt/bHVX7cXCDdFAVINuDJD8hgpRqDaOb1/zC3fpizi+8F1uhzttXMwnpDjFsiLfaMWBILZWfhceSkYLORF346ivL9a3fWc0bilX1wvqP7RzM3Jw2h5+QgxM+NAe3zeE1crDih+bgtTnMX+iLD8vh7Y9swRc7RizlWMcGMtV4h/L7c8s5EnR9bIwKbarXSPX6jlRzpJrvTjV8SNgMgGjRPV5fetufZZQYmnM/xlCFjccYPfN4YjVDd+8if0xt65//s0/ph1s5jbX8739vqfnHh+e0ZYWSkxN+SE5bPULNMvpH+/TdjHLSlLuH/t1uYdQljLoDwxU0F+9yAn0HcNirq6plVbGeR/t6zGGvw1M1vO1+N71+0epT3Xa/m+YvjEbYexN687ersa480o3v7sJ3d9/9Xdcwj2ZCbKxhMDk19ihK80k/lkUb2i+aT077yW0/ee0nv/0UtJ/C9lP0Ygi4ECT6mwkyWvzYypCPWfxoocGvUuiwqN2TdR9a1n3XhhT1fxU8G69V7IXnKeh5Cnyegp+nAOjZKEFPPwZCT0cYeroboqcjFD3djdHTEY6e7gbp6QhJT3ej9GyUpWf/FTC9g6anPZye/o/h6akeRPYi9X2JQdXnpMcNXynLPDn5pdQg+jvZww7N1zsIovn6Y3DE9JeDxPSXk8T0l6PE9JezxPTvGiZmizfPe/Gt+pN48YuC3VFL3mPFey34zgAYfXxf8LuDEnYHvnfdsBX03nXDMODd6qJm98Psn/rjP1S96fxRS/48HM8MmfoZfiil7cvwg2BtX4Y7mG0YiH3CgU848L8ZB7qnj+rx3mH97maCV7XaZ4hdlD/+zHGwEOghDxx7t/bsXgaJUoVsi9vri3qFx9KrSzV3vMZc87xZTHezqt9gZl8n1C/azOqpettj83bZn6k/WFtXs4Wa6L6a1fOpOWf+XCqm55Prxenb2evZTT2dTU6Xq5dn6q+zCree49bzCRaD1AIqv/1GF3kp2PKmPtfvnG/zDORvQkR78HheveHaOxrY7X32e5/j7rPT7B03zMjtbSrnGxvM9W7Ous9euCOjMO8SFb2S097NftF9TtJdElVdoqDsPme9AkKv+5zvkiiJemIHvZvT7nPR01fm7cgo6old9W4ue5LmvQISre0unwH0/CoPx03Gna2lv7S5zX88kBsOXhz1FuKg+CctL7VpzCR6seRWOlw3EvfXVprJu2+UBGOrerioB55kWk/NBGPrc4aanLddBXWwnnxl9RXZCWx+ozXYF7CXoLs62nzfvu5gs1WUiiK+NDyFcoF7nuz5/nbGimKvJ+8O24LaVlfj/edWOCRbTB2r90rWanm0gkgwcnBsRfpJJF4x2fkcshHFfEynfh79gJVp8RfWc6MMyQkXVsu37RPfyXxTrxbwa+ba60f3EdY/tsJjiRHvL6+zW153KK8qZjq7uqqxPmqXdG1c1Wl7LLoavlgwOurvjD+ayY6ed7ecY8v9f+x9aXvjxpHw9/d58h/gGa1JzZAUT4mSPePw9GijK5LGdtZ2+EAkJCHDywQ5GmXj/e1vHd1AN9ANgpTG62TDcRQS6LO6urqquo4C21PGi1s9BUyslb3t+kZtp3g2xNuuxdrWNR0PsvTgozteeUE+UgeRdiWnErTd2D4LTb4j2+5X0eIsiFFOKE98pfwHeU8l7MHh1+vX5psNUuKALIQKl7j0TaZgPrLk0c4HadSo30ByNhzOyKgA2Y6vBZcwv5+Xpt5yb+xO71aAvaXl49wLSj6b5r8FMk5G1sJK18V7bzbaBx5mLuwQiiNvjntgunxRMvaMVgHSGmACDBFsIvKUDcRDYTRBxfbrhmL8MCgZWzJ2SWlF6IPSUpMAIx7hYYiOZ5bumDULlBbK5RJq29BioeCMZgjBHIw3Z+yYLBKV3vOw+lHPu6YZICwVS9H00fmBAcYSVfJ5/oZT3hVaANnxP8K3JFLuxiRyHPtittSvVhOoKH0MWEnC7e2ighH5QkTTvQgZE9paxaMiRNi3zj6d1Qk0TrparB/IGqXQg1QwiA0VjRRnsEZTBPMDlngZyhfB8N4jk9PbxWwCS/XRw7ASZEIu6IGgBNLjBjadCyu5XPifGElEAYD6A3vKY8UhWxHpCmJ4d+dNvQXqtJZKRCh1HCWHXdzRGsS/BT5+PH7UzyHj/h8Gi2Fp6gfL0t3s4567AET76KFZSWRjkmb/U3vr5AOPJaFGqVaq7ep9vrgW4AqlsfBYPhaTYIMs3APyeCUTrPEYwHKkNSY+lZLTms/Hj9QKCF5OT7ZdMhWvyuLHSgYCWo3x2CEFHwdaQMf/Oa/vrb8IlqGr69gNcDt6JZ1fABoxKxAblbTvwtguLxAeDaf3ywrkxzEe7/qMldZiWK3dMKTo4+lIQU4Hb81nY9UAQj1YCvTWcMDQTqSKbxw7axGWpJ5s5wtPQ4yZ9KLhbOCX4YwX1MDSVGTnwVrZaOE0Je0b7Z1lVH8jwJhfSuXq3xBoqSAIm1MvgBT6I+aKUPoZVaomviYCFGk7/6ZAia4coOkt7hqiVqO7O25p0yuHREtV2dKmNw+JlmrUEn+0ltLA9LfXry2vf12HgbQOhgsApQHD6SJ3keEVtJcYjTnOQYgE0Fp43KRcuiWHrDYTl6kUp3BRcBWgvmYMpHMg/VbYORC9UO5dkHqE7WKlOPInRI2JogRO/mYG55AbDIGsw7mwG3WkHNLx5g18aoxUDRYeEbrQLeIh4RDx4ISF57N5uH0S5ZRGlXLJBqPLUUlC8Xp0QVLzw8K4oZX71AWVHnLpoZ2+Pfz4M10LPwwtaIlXF+qmxjVERDASwEy4xP3FwaJAfEe7hE7Tj15I62AKIOmQYsdfrsgwOKkiTTedCF13HyJ+0aAaldSR7qkT6lEZlVmxmNewXSiMpZXe5jdA+Z1tr3riNbPf6cRrphvcrVFkC4NutOUuCkNp4I9CAJP2wNsTrhz5zIruY9rOnad42Bia0BXfHKXEUDh0ykUW1Ruxv6MfUrPQv1kQMV29PSNzaiRs7sLLTdHDbuQxPxmgl+m9534ExhAANb0rBssFzodMr0l/45Ppzp4eWdyJAVFnIt/NHpCYlUol7IM6l6x4tBB4bTsbeehTMFswA4vRNHCCN+7wg+KPphLSAod3AkT5QCwvspnw/xR4Q3pil3TFgzu5GbkD2W3gvPkyGfL1zlueULm+LJZP+MNeh0xupazMJ9kBrdWKA0vhyVFk25N7dzHCGY8IBW+8JcYRUJBVh2Efykw8kE4eRUwSXI8xrBFy2+gUuRovF64BwQO9ndatCFfAscNwWHP09Mh7n8j+3hvthuqJj+4iCEWNaODA7w0p+AG5vIvYB4z3wllx4nz0XT5ylN7ZK3s1XeYTMNoF1rGSZIr5iDP43dBLqxURvcU7GumghT7POWMBYYQWL2BmrBUrMpQHsHsxn/DoFaLD8CHNuEwcgTn4knPQLd1HF/Sf4yMUk6TDMIdfcvay8ZMvPnt2YMIgdwjItbAQsOXyI72CznkhBg/u3QBVeZNRIy+vPF7oe6rg/LcAEsbz+zX6GSni4eGLgoMRgunWA6aJjjdQOp8roCrxYTd5E/KFuAqJ49OP0bh+3k2iVcKWTH9rs0HjCceM2vTXsMO+ZVKAW0EuAA7mKGWFSgDy5Npv4DuowcTkQyg/mxpChsNl20f8Ks0KGTmsNpFRzYqlps08MqpZtdS0WUpGNWuWmjajybCmtJKM17RYT8qPQZaKPcol7XUCogJeYjd69DxIPH8YhiZOFRPmXSw8sjI7MptdcduMcQO+JsGt7k8jS84XZ69eCEvOXOnFT9MXSREhs5uIoTvE850gV9rxSzmcij/9MVfC9lDHV8qhChFePqCF5cPw59KLr5IjSMicMO9T15/SxIMjzdMi0n5EroU2m7Rodpv7dOEHY0MA2wrA83ZDddOOh1vVpMXYFJBJYJbe2LE4twNg9ASY0zd1HosGUDT5GiorWu7b21SFBW5z0VaeV5Rs94Sx0y63hdx+praqybaqsbakcn5tW7UfnXhbNbUt8cnQ1jrcxE9SIk2ga9+fumOxUSMUXesihJ+n7T8bymRBFyaMjlIyBjfxsVsxYv28Uj+2hukWg+b6Kj6lGwia66u4LURKI9mLc1cGqkZUNKShn4F4Yi+GazqenJhV8hXMM5MTl2jCsnUzuXQlmqgmm1jj4JVoomZqItXdi/YonNPbLePuV8ljWmfpJJNsZelEgXSWLqtHi/zYPVvkZ2vGbhRydjrDY/d2UapWLFXXsnajkLeLV13L241C5i5edS1zF/rAxKrafGPk55+GuxPI91txd3p32bi7UXiE5qzE9v8sh6cB9Dk4vFE6i8efzRi9kcbpAb6+dtgSYHt+b6QxfFqT27J9I43v05rcnvsb/bOxf5nwKRP75z+V//OfygAaG9iEAzQ2sC0LaCB9n4MFjC3gehawZHqLn40ZQfvO3pAdtO/nDZlC+y7OyhqOMvOGyfU18YapikfFxGFIYYKVKxx5r5BPDjWeGU6dAXGYNDDaf2/eOjkLRuRU/WKOimoqx7RaYu5qLfHIUktjpNnMWntkqabBmKtpj5K1dvVHBq8W/BjuiXAt0tYqukqE//b2aI32Lq9apfn9/P/hqvPd4ivnYrXwihfvLpyLP3WuXlac/MdqqbJLka7GPgbD16NFoYkBNoN1uT5UxYt9uhmqk31UI3z5zlt4ObRjk4H5sfr97AGND6QuGWtIIWTpfVrK8I0YfMu/WbiLxyNq62uc3Fv++g3Mgr7Bx58OxytUqmtzzBEoX8lCO4vABZBNvQd5N3bVYuMpei3uivJYrPiWkZu8d2KtzMcu3iV9ojuFpQeIfbuYBctcoq/i2/HMHVFeEnFzKnOJcBEOQSla4gryrjHqJDkFtVmKnq216g3vZ6KYAGhe6UiU+0aAcC8E59qVYng4gX83dZcrzCaEawaL7t8+qk//LyxcON1w3fDJ8ywaQ1Rpq6D0t+t84+SohO+Ncs6Rk1tNw5+pS3ty3OmdXfWO0NZj4gdkbwlrhNfWN4/O3QI2uTcqOLcLjxZ9eO8u7kAKQGPI6SNe4OLl7Oxm6XKoZBdow/yRWp7d8nIHs9vlA96lU5S7IJgNfbo6Hs2Gq4hy3PpjQJI83r2+uBI1XuxSRyPPHVOLPgVvc+RrQqnZiqLDLhe+iKbGiINjka/p3ph7weoL/+5+GVCDbOVUoDEXMCAsQBj+36Mp0nIE9xSBDpq/WS3xup7WyJtiLZjPHqXoGPPwoBUf5jC71UbJhurQ0xwBvBQgC/DJw/1sos/I53HdrhZT6JpjyI1mDpmNrm7+5g2X0gGQzV1xmsPZlAPMke0rryre1rs3s48eTY1mjOHuYOTCRhVt8aMFF6+Ce5ftLMTmQ7cVag4fy9kt2AwI8MJ3xw6GAifiHpt1dARcv+s5V+f96+9blz3n+Mq5uDz/7rjb6zovWlfwG0T074+v352/v3agxGXr7PovznnfaZ39xfnT8Vm34PR+uLjsXV0555fU3PHpxckxZgQ9PuucvO8en33rtKHu2fk1oPLp8TU0fH1OnYrmjntX2OBp77LzDn622scnx9d/KVBj/ePrM2y7f37ptJyL1uX1cef9SevSuXh/eXF+1YNhdKHps+Oz/iX01DvtnV2XoGd45vS+gx/O1bvWyQl2R+213sNMLnGsTuf84i+Xx9++u3benZ90e/Cw3YMRttonPe4OJtg5aR2fFpxu67T1bY9qnUNLl2JfypE637/r4WPstwX/da6Pz89wSp3zs+tL+FmAGV9eh9W/P77qFZzW5fEVAqd/eX7Kk0UQQ61zagjqnvW4JQS/vkpQBH+/v+qFjTrdXusE2oMlO0ssa7TYfxzC1r5Dsw0myPwQpQT3znOciErzC3cFO3SBhO4//YnzvX93B6QN8PHriAj/UbibvBXth+h8enr8g16NS4jtCW0Ke/WHh4cShn/mCNLk1yrKBHuwIYviR+l+ORk7DqCQc8JPZHvTD8xoRf4vnEGnxC2ClHPn4RCx/J7KPR3zNpKzhp03m4hCIBlzTgwgiAPvE1CYQNo5kXVTZOwksiYwo7igNgYBhyEKDayAqcMUeTeYqy80icfEfORdAm1C+Tu0cXGpVaQhgwEAf4ZnD/TL6Y1ySFJxX7O9P74vYgEepRdQc1RfdhyN3AUyiIQIDanIejRYzubC84CAMJhNh8Lz4cYjsiVsuVbLwMfUi+j0w1PFjh3s2Fv84f+RLjjeX84AjVxk+aB1mWO4E/fwFTG8tgV6B6yxWB7qVVucXFTG2hO+jPfz8o+vBa7H8pro+bevWkdHqlFe8q1k2nYlBok5vEfLHcbSVDfuc7SVcseDVvA4mXh4Xg56YbalwYVIjChKOVEpJyrliFK/Usf581bvghOGRWmbnD3JrgvninCQAR4vFfROF/7+CtWITTXwlghKCyDg7em3/agAwIJxXua+gFKD3hl9B/o2wGHmCg572KlQEzKNyAkZDac1Rr7h7t6xNofOmHCMC/cZb7ha+MtHlfXQm6Zgs2FUfwTYfLXAGLF0bKK9HxyZo0AwEZhaTKaXIKZ5vpgtZ8PZGNijsf8Bztird0UQwh6g06WHqT7RLtmhaaI763IxG62GIfzXgQeHWgH4VAV4Xv6xGFKxDZCXGF3zggnO1bqa2lKqC4TE4GIxuyFoBHiVdBUy2FfDe0/kCMGuOfTalsh25Y6XSm6WLVHu6vjbs9b1+8ve4OLqyohwNB/GjICHbxqgAf20prMinwDLZ0C+agL5cMZZcU+ZzCaoF5oYJ5dHkexiWNS6OqtIy3PrgLAQ5Rv5tneJ6xaOJ2qiDYx7GOAvpZX28fXVNbKKOeEDrbVy5f2y8vCkyIdJKCg5zwoNUTFVISYDsSMY9XDV+/N72L096KDefCLcFJk5BrfrWWjCO5cqIF3VYx2llr0FRqntAqXdc2DJrq5OpDYgRH/MEOlN0fd99FWUprYgeAnyyx/H1U5qZmg7/DgN9QWIu1cnFqyjEcjc3zMxQlijWwwQHwmqduQWzQ+Av+4fIxaM/AWmEskPBv3jk95ggJaeub1SaY9Y0mBcGk5vc2zquRnBjSG9iWZd8NpDmT5aWSd5B0EpyAZ7iTgosMXhtLsh5aKgMrxg76xTv7g8/q513RuAdHPaug43d1ld/4vVNch31v4ytfsemojj1Q+nJ09rFRp4+hmYZUmotn1FLt0H0YO2Bq0pK8oRF6WqBYP8nLrL+0Hbv5PONTPSEQSK9A27xvvEaQlkYnB/OvI+AZiICKEWR/DdoUoh0iOUCw5sPdmA0IkMe+K31gvljlkFW3RSKTjTAtefFWQ79oV73z457sh1u2x9Hye1SaQO4enkF+7DbgKz+7Cl935olA9LQgGZoWNCb9F9PQUVtbXM0C4jYkNtUWw8a6s86zHmdkO3kXfnp729UhDc77F4jf4RA5EJLMsImIS9g1HsZwYrnGruPFiNUbGXhC+cHsAdCII34HqDUNrhQA78EootAhj2GI5IzAxbhMI+KSRTT0bD0sDwD2wEPn6rkfk6I9RkWPQYWbUY4krEKZcqpbJGXRTyAkMmCVTtTIidmo/ewsPxr3BJ/stbhDk8wwJ//OgunBZSj+hRqt8Wlt/5OzT1ldEnUOnv3JSdaavuZpRszNQbk3J02meSae4w4vEydzmPnY7OGyf9MDMPkHfB1uPT0pxqw9NPCn10SXw3Du5U0OS875UcU1Q77Cl2hmwCQkGrU/u2JLZ9atcfjJ3Kk4ln7JGj3vNPW56HNoydeOxI1sEQLMDuXnoT1yevQzgoQVya8PDmRPl+sYxv4y00p45TwZJpWKMLvnX983MNTILLPLbOzKMs8lmH98vx9ONzjWyo9G0cHIr8lCHQ3KEe8z1Lj3j9fgbt2XuTuk5zj5qmcqNejT2y1oNuc9W+USsLFP7ZSO099LOm/8AdP19/ga0/DcKhs+epG3wIrZ7hef8zLMHk7vbd+lU4/bb/eVcCh2EDjqLoRbfFZ+sz0g6fYlq1N3a9qnFYkc7vWUcV3p0nBqVp29IOfUUOMozp1P8UBoDMRsA14QqGdOuOAwtbBHyhGkfhqWRpLtpL7bQT5rdLdIv+2qjYYZWhuyDXaF0SQgkEE6yRLICvLqAYEPfIcxwbWC39MTl0F9V0aVype36qlC6Gnd94QxfrpjRNHvN4gfHuou48oHGDG5hbxdiPrH4NVou5t/BnmLlgNJvmbPnAFQF/ECzdxXLgsQwxuIdzdOwt1IAJWx5TYWJBNbSTYYVE1lwdATZepfXzRDMQdJ9fmOaYBMpsvg4mG28WkSDYCIZzq+KOzvLk/Cgv8ozS2MrIN8EjYN/EovszT1RX/9gn11rH+nOnqJVIoz4oeANmIFT1uM5Ppgay1TdOLrzsLoYxH4oYl9Y4sGup0F6sMLJdYjjHdM1Md8wI5on7gUMyCNWQ0AGg2ZZHwdkKdCsNa4KZnelSWeSvxoMAqk9XFLIOSy3QtQXIC+eUx4gR0aaQKwS72KN78tGMwyKGlEMijCxw6/pjtH0aereAEo/Qbqi8wPi4U+8hv4s3LriJlv5wNXYXBZnKPiSOjqLhRY3YHN4hVIPZxCMShGx2wVklc1aSBQDMYgygesR53/pTuinHMS9nMwf1LIbVFtFvVOVEbM1NKBeyGvp1gKOFZzFciMcEqFwy8oB+O47l96Ly8qJcFjaFuIo2gnZA60r2RJgE5wthAxFX/ud2HVPQ5tjAIlWVXNIJkV4yYXPG/nIJwxkjONnwANeUgoKEloo5OOh05FjXZ4h5okdOcyrQ5/aOaZc8t8J+qFYJ84fCtGMtJnocuti+iu1+qBEG1FwuH9FK5KOPWwrN9FYTtPsDdJwWOCtp1C035fl4ORMLLUrwD8F/2rp+N2gffysu18KF6x5foSGUaT3wY766yRUcyy2TIYqn/kBGQ16DGZTexSuJ/beasp2cMMBhc7qRP8K5IyHSW5Chv5OzodhrIU0bkGELDEBqPCmQuVAIDugCduHlgTUZfNe7vALGuODk6qVqqQzTz719w8URHeQ+TGyVXUPEY4EDSHoie2wguz+0Ti8uOOLbxA+AB8DQoFoJiSwcBofIZYCYg8lz0YQRGCtzd7Mb5oby8dWRH9j/PtA+63s8Bpd8DEFbd95yIB4E1ipQzpuOBsOx505jIYy0nhfe3YAmOwBsz+deyknm33lodfSPE76T3HW+Y0jkS692X/qTXCEcFHxjaAX2bnZCOJoCcqofoq7eZL58zMtm0QclzZU16VsjgvMo9S1Roi2j/FGpin4j6NEBFGFCQW4W3hwvGPK5N28REXMFIn7zwdK9C6I+q1RxN5FnRvlYwjAagyviB7fkMiSP7nzuuRzQKcTMEMoPeKbCQOE4BSReAcsMhyvIE+SF0CjVXpt7kMQBQ4elwoo2sozBE0ItxziT+9m271KqCjzLUNfQH8VgNbSV0hR+shJXQavTgpLixxR4PdadJbnLNoOyUXxbe+sOoAIFjLO1ZsFV25RpobA9y2Sf4VhTviaYJbyxEc4QMdZMT2fIpUGetBSuGHNEiKBXkasFWUPl0MwqZ2geNX6RRxhWLr7FMHPCyspQQShGyVscG00WESq0DUYhtF3RQEQTprEY4yp22LlFXHXuqZYFwN75SRHnklhwcpXhC/vQ0icy2F/eozOFEIjDgNWvHKcI8lboVpI7ImFG6bGkl5TeIlCQS4ZiYawgsqHumEu2HPFzTMIjX+PRFa5gc7xP3nDFvhJoyYshrj30BNjBnyCC7CqNxz/f+4qshmwlmg2PyMYMn5hFZQxgiB3DAi1GDsUK9TDOHh5wt6sF8phohCbi7RmkHqNsI6OOzkjvCJJUGH4UswKsLyVmay0YN7zYmdukqmiq1DU64per9ULYhVS5FVALR0sTsQsWOczAxPZ+uDg/651dG6QwOEFTDYP3G43aweA/qk1OJfUf1UO9vsF6VHYGnADV1vaeQqag6zkAJ4oc7z14N6XVMBiVvNFq73/uZx/dj3voX7MXrBYfAXPDeOiNtwVmv0WCK1TJMdcJYjRaZ6GAxVdtwLeOx6rEQ8b1sAOrjX2Hk0C4AXkmTQNpgSewHTFfWL4vF4/C8F14tEHfuFLUAt2IYcGPXoz3vzptnZz0rq7xxvi0p49h5tSaoj7KUbKnu5noCIgQZnbgMjwbdpJy9utl5Vkei7zm0fwHlt+FGS1BBsX4n/6t1mlMKmHLCdp95kOmhKDIWkkcnzQbS686PLAp/25KIU7p9o7ylBV5WihKBqs58mtYjuxZ0cIPEwbwign1RzD3iKGjGh/UMAHQ9V10b0MmI0gwyFkRfdVwqacsqDp3kzngzyLkGzm8K8go6Iewu36L6TMzbDSDqatepeDUy4f71hQzMBk5NpKyaGtJ8hgacSGCSFWTBAhqsiJcm/hTf7KaxJQisTV+88a2uJhbg9p5+4bahN/JrY/1aXzJcJMsiVplnkRKL0VyNUcF4AI/5vj/c4qnuaYoVevE/dvZTzShxBOJtsQZi0ZSA5w5O2fjt10KzES9xOehNYars2BH04Kj+IYWSKdcsLURuXzGR4fi7shbuv44oFZTa0Y/ROKzpOd+NCQM4wooPwAUW5B3+IChICK8IGCBrA9E8pLIhDS3W9DzH0lvf7xI8GI+sYU1pjRJEVGb0CYDlGYyWcYnuyik29Ls7iaFetSgjVn29JybFZrgo3rEWyzQA4EUgagQ9CYT8sziDC+0E13hu6Cog/WmRUYJuf7UpHBqAvboizeCQUiOSeh7bSEUVGaSMFpZH1PpkKHkwiGwTGUjnhIL0/j0YlYqJ4OCqVtWDW5roAI7NlElSZes3Ya+4AIr5HXGqT89xQR1tNs1EcK9CWbjFZXAPQZrqQkYIv8KU8q3GF0JUGTkf/RHnkzBSTcWHjnKT9AElsqydc2fnYfZagy8sadDQaRbsh6oSdgAfzQQjBAgyng2WwhG034qJ/aemIytvApTY6hofRBVMzO4bgVoEK8FRP+DB6WvyC3GEoKytByuGjkuS9vxnGyizGyRIjQrxRUpEg5iPHvm+uGmKvHE/kiishzoCljRBZTw/+4ppdcDOrSl4gw+iunUG2kBZj15d8bDSfjSsKmXs7maNFKZpYkE3MyWy9lk4+2/Q0phVC3CWHVFgF+OQozzVPD41aPDjWb2MOXQAKtC36gImaIE5Q0nxLCIztqTFXHRohw8huah6dg02Na5WkfxdVq2JPysofnqJ07/bcFzlArREZCxgn4ORDidZXxyjLBI4fkE39f0SbVUzOe66pMsLcBe4IrwJUv5cOOJgD+fdFMYy2d31/5+A62jUTsucjm+0bDdijsczw8OMZElG4P6qUdc8S2fXfmdaeotBVUuvuWMh3lF9Zh6W0HHpzhFi2/dUZj+CoDIiQRROBx6/jhvgZgtfRNPW6bpC2l68S07h5M1rpy3PD8i5YtpqulpxjbqcLK2L+vCqt0olIlAdes8eKiJoGxEHqec0xVWhhZjhPUt5hlMW7Boa5vySWQDFn6UVEyi7xTdvd7rZuRkc1LyNDKyCQnZgnxYL9GsV2UZj4aNjoWNjoT4caCsprlS5i0hwmVwAhpljVBvBMLikD2PorzI40cWwSjejxcYtoUgOYqRIYelkBuv8jMl7xAJGMP9WP15VySYjZ4YC1Z+NhAyQbLfOlU7k6FioKQyU2MXeNWaFYDMvmI7qICbjx/jrRiqSBEnKlh8G6xuNE6b6LdtxYDZvZnNPpCWSvesYmPP3mpM5jbL2ZIWM9SZK6tC6TRJ0YlWaWiazBPwSsY+Sd5K03ZTn/9RPQgGotdBzOBehQBs7B+JLaZViH6pYDSlkY0qCy45qh89kFTd+UaA+ihWpPj2bqjkqTV0EZIRiSiejiiWFLf6A+YMQp5AnaVkCbRhJcQKGKUj0iaKISduVJm3r2jyjVB7fIH14wwFolVM/hqlzE8ppm2f6s8K/to36lcxLSyRDnlpsZzNxkHJ95a3hEQYJWhvcTus1esHL9EcYTryPxVbpUqp+lbPPQtYH2nPnKOjN4703Y/lPcOP9AiMPsL0JJkYXjraRh9xu11wnGLRmSYqxOzK4xW8ZAUetlJDqzAyVZh4FXXBtQpzc4WqtcIviQoS0yvmCiOEipOfFyu71qrV1Kq/mKqqJ42hal5mVQY69csutZOcKoUwIK7weHo7w2U7jz05JweI1olWVdumKSd7QsknY7DG9bfA2GMwbwy+Xwj5I4WEFPS9E5f544xAvB+phhXdJKunagzTL+FFHm1Xu34XcfBgCy5m8Bwfsxl7yhVxPDMlnha2OAmiCN/7sg21s6Pt6aiQWB/d0jqRBfHJS8INKsRD17vpHL6qWVm4DxbFT04QHsYdtbk3ThVOpuH9Il/ehaMJv1SA98Fz/WEmbvA+BuJGL9aoIFGi0eLb5az9uPQCNrEyI5YkNoI/XldHp1Aimu76SkClVPmAuLz1dapaneq6OiGtivH663sLSVW85to+FTxJCjLJ6vrO0wiPL+M0kNcxSO2/rICBRgRGIzy6gZeXtuplLt6woWI7/uzBJV5vpJ9jFEUuSTt2JeenMHfSPE8QnLjXdoKRJiustDgfBuss4ssV5P/iTQqHLja79JOKvzYoKkSNF1/DgGDg3+H91NufFj9NXzgGLlYuqeN8LXyo32IqxBuY134dwyZgkkDc0j+G++xnjCrz4us9WT5L23LvWBuP7UvZR1gvSycX9tZ5M8pWLzI19+f05qphc3/O1FzXPrxoD8smu9mG2LWPMdrdYZvZxilYVnvL6u6XbYeVMo06DbAapQ2Hvr7dr/dUfDdpkEyWlOn7l6L//PY7eIcVUi8oflHxfeAtijCxIloeFKtHThDcF4HYIUQiJ9ojx5QyQ/GGxbQ88sJIEDfhhrnr/OMfjh/IS+D4W4r27HpBtbFfHN4MKd7zFJbHmFIV7QHfqN3aC73ACXTY+QtGj/lXpZ0FO4SVuIhxXsL8UOSEyJ25r/g/m8II5jb2pvmcgB1e34ffC/KthRIVHPOLWL2IPMoK4ZPkmIwyPEd4TU4qZV6bzjBaGBxl9Ctr8/oSYRvag6gjBhYW0Ewl14EgXNcYdRDNpWATn+vFEwznwOiUz8cG47x29mu7eH++v5uKXdzk8H41/TAI5mN/KZsoOPt187iFrLDJ2ulYl6B8IdrF38TxVZ5tSgV6kLFbPsm0ytVEJzrNl4W1p9lWGEmnhQp9+SU6LdjJkE2HKUItK6BXEF5AbzcylLJ6AKFRuLiAmK+Wy8eiqIAuqEV0gipO3KH0R43XXn+Pg00hViWDCecr+w7I9/EhO186lYZVMf9c07YGH271rgxmh1pVzeOSPfagVtzXUgOTbTLSVBY9jGxlHidr7oeEkk8CgStg/vOa/XimpoXyWYVkOKTXr0MqFyJj2qUS9xquyztalnu3kk/amGSCjJw1BcJfyFkVMFperWp3Z8PVkB4a4YKmuKmJGsW3gbckbYGAXnoHqLUNMHymCNZs96+LKGRYNUoz8mw7M+Ii5FplvrOIBhg/e+yjEydFTmhZ5OmT008fuZ+fcvxwG7bzJ2sE8UQ9ww5W44obIGdcnCxeMlqFEM0Sm0SstdmtLw7v01aHoX3jT6v33qe8aBz/5gWF3NWAbZWXselYj9KbDHUI3l1pjZWpYbSWUBrxchjU2CWtA6rO3MDZmZJv0ltnh6xL067vJuGdDNb5OSRiHfcVkTFz4OGQogkkF95JEmO5Vzw8+FvmPaTfQryhezjcQzl2ZpWDNVOhuFSVenEZV2unnAqRzVZtM4st+UFT+Vh32gXL1fF/9fKVUum09cMuJb3QCqe1u0Gf1jsdQ038sFJM/Wi3CQt/bQuecodjaGG0vgXrjYZDLcQ1ubEWLCcifmLL/zxYr948a/rL3d2Ck/I2jRnQx1l6lnFq97CmoaYW+K1HG7cwMA14XZnsYw7WDVruoDWj1lulQcYebcjGaZTxswwyMIzSaP6UjXQ/xwC1Nml4+hPrMbClosp2WPgfHbPg1bRLV5LtVhiUyagR7xT5Tf/jLlsVijro0HaPNxaULiLMbGK1S4okBsHix7sU7SZYW9k5yQLWqVh5w+sFWrZ0txLzwrrbCHsjukCMGMawMbv0AFUySyay7PF3eQSPrRghBYB7OVvN594iH7KQtJ5ZtjHqaIv4afe+PT4jwyPBGDp/6v2F3qxTW+ufFxeL2bB4/Tj3jpx6QYQr7HU3bKTb+1MRN/+RAyAt9rq9WrHT7hRgXhs2tFlxVV6JSVC0IqG0l6AKINNk7iVHYO2ddY3g3kIz83lXNAUoOhg+OxTSRB9tKEl/mnV2ElGEOKuZhKwWVl9rJWFIXSBKfAYjibg9CZdTbR+kHdSbpImBavuQiKqZMC7Qzrz4dbM+6bW3zfHkBIarKs2YJ+eFBg/C1cbJTUO7CX4UJ32pfZovuD/HDbSA/zNfPevLtfGd8/PcOZryIRigmtFUsF5t1CioQbHSeGtuRiT0g88LcUP0wlhuMveF4OateW8yZ8WNKfHZdFGX8cYqtkSF+B6LSkoUKYS71ahCio1LdukY0EMtSql0nFzimjJVp6Q2kF25ZE79geHlUwttjTJJ69KKBXM02K1TSGxsQRqraLUkdeKWpEpFk4bSoIYz72nNlOwZZF+JhipKWm7lTIZpz6HT0HdPcvsY/AYs5t/G/UyDs19xbic2KlpN1ejotWMqkLiut0HY3GzBSW0tK3TYrdJ0iOuxL0z+/zbWlBwM+A4qP/NH+UqpWmrWy6VKpdaoH+IuLaGNJMZ82EVjeiBikT2I5dTC6A7nx11drs3VyuVReb98WHWb+/Vmc//2AH5X6F+jXM6xdAuyUWg4jsHjW+VvO1e/fHt1fFPr/rnXbv35fcvSZwxzhJVnKZU8plWu7UZU2K54CAm3qatsnWkb0M6ab4flYiViY6Mtan5lHsBmGh5lcqqgw2i5hYyzRr4JZ5VdvIlEm9igctuctGkSTBt5s0h+wVyVisX3aPaArkFLjN4ccKBpf7nCYNJDe2T6VKnGYIFqKRDZbFvFng+qsMOvonBij3OlawEhLQ58QhCKwpbQ3TI1YY4HRq/Q4i1FDombctB9XpzMWezifjXLRzieZxCHROwPEeTFPLA1A4yhlvrJeuGXKQgozU6EKaFgO1565M7UcwwlUdmIIZpE/JMWZzM5rujsffrwwkfPPcoEn/DkscZfPPOIy08fYjltTAb83Q4vpxsAM+S7QihOn3+pObnjk0Ylm/gsQyN29oljwyfPPLjKEwZV2RDTBG0VvVsYfjhFDAWSngLfaIT3yEix1xh6IyN+lF4jybmbZGQlo7ZMy76YcQJsV7q5UEBpwXWgF4vCdnBG0xUG6JTGuRTD1ZsAKIyL82K2WgYYBgoVrwGsgfeCkthQ55gCh0dBISEXHuXyxrQYwNfwmyoNgb838HwUcSMxbwZHjjR2i5m6veFSG3sBg095wMFwDP8c++88KOGzX4kkAmHoQdFMoMPg5tFhczJj1xjsCi+PXlAekuCF1Doj11Z05O0HT0vep3CyjsDj3CWcXmHkB8MVxYzFII5HFqEgXXVSqVcrLwOPuKhivbSPMtnzNFOzjEe906G4lVPHHd/NFv7yfqIsgM/Aj+boTh8ppQMIjBhYDmoeE64tvfHYzJdjT9QJAFL0GoObP3Uu+x0YfE3pWRugj4HUCxQJE4NzwkITb+3Rahvd4J2ILYVFa0GlgPOUUMBLf+l/9ByRanb5iFmWKG4rCR2IriLVPfVL1Y57133nZrV0Fi4F5hSYlzPvJmL6teABMAgM3UAJwfV8ra/84BXvuiWAyF2MOJwqhl5b3QW8yyfuo0O3rggrfGLsNdYwAhk9WGVEAtl+AVftgdfL2E6UjMgPBMyAGA4xMpxoAmZzjBszzHwVpdrmzLgyAjJldg4FBW2wwEJHOQ3yuZfRfWO+9Hq3gH9eor0XSxIyccGa23lFHUFpAJQo/ykm0Jkv6aXxrP9RXJY/15X9Bnf1pjFYNT8Lb4IZQHARQyLm7EXUTRCLQERsfUSSPZ0549kURcAphdG2jF2ADJcwTLTw8q/5b47Cjv4hu9k9ckqvXk5EEoadVHtgfw6og1E4otB1AxGArt27zKdVJrlSbWBtdDRDl0n7Tfmx2CGEwqWSxGJtRoZcC8gbukIBdcutyTPwBNP6sInNTezXzFp+0izE0+qtS8EQQalSbf7zQynN/L6yvw5YnxfI0Unbb28N5axWQGFD21oDyc8WeBkZCDE/Dt84ijRM/LlB+QSE/d2BMg15q0ZHAq166ko8H9yfAvKnAfvzYexzQChbMps1WsqU8W/r8bPetG7k4RXASPX1gUds/RUd2luEQ1Qazs5h2MMeyuYyRGPlfSRrZL5zSU2mGh8PsIlhTGFWnQ+Ce/92KfXUmtJdu2p6Rh22cpM54NmKeysaBI5BXmA9UXlugNbSxUj+a8BgaG3vVZTKATl4UiLgF84jF4p8wCxPK3TVIcYX6MlybDoAp3w0elMGIX78pu6M3zj7tQrdCB2F9g/manWoVqFqVazmOBVyyzhSLRnk56hcNjdyEGukUhN9r+n8EOpV1c4PZefOefs/e51rtfCRdnlsbLBajjdYDhs8e39yYq5UDUfPkCuHozjvXPeunavry+Ozb0nQtOEiIkUC8yUAv/wyPNxCr8hdLP/ip0/lCvyv/NOnWvlFSphlC6JhOzb6xnhq2YsbUSDz5NZu68+O8PiJIX31sJwJ6fETR/ysOIuf/WfGW/xUDrbAXap4qONv9SDcwu1jDXtNtVOQy05i12DdOupIWo0P/tyZffQ4f4Qy0D1910GL6QNPjm6j9sdU0arjeIGJxEin546d2XDpLdEHdDxmbZ5XEOrN1TTw76aoq/Kn7uKRMB+VHA9L/57yFlVk2hoO3Yml/Vt/iHf18Jq1hzKx0611NNDPihKIoZaStHWoLcb0W0hgyBBnyaMsUQY00SKP+MaTVRbu9M5zKD0eZWT46E1LBvNK2WmxKFXDDw8PJX+5KsH09o6v3xev94LlavR4t5it5sEeMBKVg70xNL5y77xg74fS/mG5WK6WDzCLlZMX+iCnWdovVUtVS1zrFJoDq8irtsZT3oZ5m/Gen4ndwc/2DPEzsT5PG8TWTJCVl4P2kqAU5+fz8m+83xXu3EA/TGyfCP2bQi25ZZvrexichsLKwmQr6CnGIKRHa2Igmy82TWk6qL0C5nqzk2nrDtFJp3lBLI1uB9n49Nh2Z51BIsZ7ilujHiWjINpBtHYZQwCm4p4y8uzovjlRefpOeKbV2hARs0M50dEmRPw5JmOwT/nnn9Nn2A6/h0lhUoOfQ2VFBe3QnzSt39W8fvyXWKUovcO/3EIpU/vXWCst6Ue0XNVnWS7zESid51OZ1N8lA74xcyOj+meZ8WeedcaZp8x+KwhQJf2Sh5Clklphe3aSqv9mpDUOlsxi53PP8nPTpd/NRHV69dnmmjXt2FpRYEtnWkoWhHcysLAcocoJTZZqFgc43mXCIpXqk8XIN9JrlIGuvjKbouKHJHNqcO3V01aSuIyhGxtvla1l5Q9lgKY2xp47Xc3jlAUNHypCxV6mfwfSi9h6JKl6E4y/VX9GaStKcilcjBn/coU0hULdEl8u4b+/NfIXLdj/TwWOKOrBk+Fg2QMSyfAeJ4tybTPwZQChBYzPDUoC58Jzx6fPB9KU2Wog+kakfjpan61Ny6WhDHd90jY9O8ZkfTVBomQCCfphLr65ocBzQiHDVEwQiEUp+HyA0B+ho250n/BQIzPz68u9T5PxKPDvisPZwttDU/OiErrC1oQ5qdkPpyeDK/9u6gKMY1U3TYexRXCRKPpCNsOKHZg5FIG/7OS4GAwBr5dw4r+/7hebxhClWBhOzcHsBs2g89iE2PNppT224R7cu9PRGPcyVcsNKC9v/G2O38zmiRdpXQzvXaRIMImRu3QTPakPje3A0rqjkfM1lH/7NeLEW7ykcoeUzIcukF+M3OndGGjPC7wdDJyx/8Fzvm77y6vlgujP21Kp9PWe+oAt3dFoPZhNvCXF7oReTPbHJJ6GSyHHTcOhyBpsOp3joaUYdm3DE+kuR3EssjgeJYsZ3Y8SOGnm/GQ8DkrskAsc4E0B5f9U6myyi2xJKbI6n6r23+y4nXuJDt//+Gnxj5+mL1PsvMX1ARvox+zHLbkqpDNAbqciGka/RhtfFPoWRzFhnlErr+XCMM1BzaZhGHjFPHCF1zY1Gma4MLQofBusfOiJlOvMEFcTHuR/GiWar1kGHE+yIAQXNVgv59GduPN8DvsOnwRQ0ZOcTkEf524qT62IETKXQsWopNiU65Kt2XjYZ7uIkB2tZ8Q+5xS2uxiyj920YHy1kY59esRzE/rpSPzaqdvQMR54fUt8jPfXKMSmIhA0OYTQE0RJj5Lq/qzmw0mxz32ia8OWbg1p6sX1ORS42Pp0DPjZNt8C9fGMOReUqW2cdwE/mSC2Uf4FqrqB84fdQlA5tfBgpMxLKbYMv3kSh9CwO0Oekah+Jgev7SR3Iyg3psgy34KFJKtqiDC/w9chef0sIUWeeucczukzHGC/V3A96TbbBrB/fYhtqPdPwSyTFCHMvYwdV+xp31NHbr0TT+X/DAm+Uy3UjEOuPn3IBO9NR2qE7r8GHj7PrXna/t3wqiktjtilYlmPrELg/z0MvxUWOp2hfmTuDckyeTx+LHDgAtUsHytKn38OQINGxWiPnJJlWs2uF0X7EoCRz+Pxvu685RV0lk+G+BL1v9D0H2Hw3W+csnMUywUoXlKYYxhqFEHYCKwrVIY5PdZ5Oe9YV5WYXQcgxMEJbMq1XTtE4rHXODrapSfSK+6wGjD+XgZWwzQ68XcUO83ZcZdQ5iawAdWs6MuL/grcdCFsJgn7vT2R+EcNS0+P1J0ZCiv0whgTLXd63n1/8v7KJJtIXdVqsWClxZdpujDD3rWGNM71frg4P+udXW/dbZzobdT7xfbdRofPRj3++ek9Vjfrsbv9JNXTZsN5drefqNrrhnM9Pvuud3nV277vmCnDpqB+yuLqXHryHDG2FYrkFsI5m/+z0E0DZUxedMQIoznapK6GZ1AlFScJUJp4hJiVht6k0VhlNTV0npEp6LpLd4NlslzsfLbVwl6sq6XfLYWrhI/Nq/SFcZlEth55ibZmDZnxyLJVSkIjyQNK2zMnMxdjfZkjvCZAG/Jxi5WHgaWCFYMa4yLx1fEMOVp/vAJWLo9BoVyMEDucwagwEpqM9PPg4vLMPvronTlbhHwhPp+4YwwC541SVjbG0W0W99WZka7IHdtWdwww+ZMe6NWRyhjLFgyXkLR7bKmxnI1nD4Aed4i8qOGUdhtvgJCJVEum+xup1QtD3Moo2TS15IuvzNXjMbZlbf25ufKHsHic8osC9yfeNCyDP8zFArVYYC02ubt9p5YUv82FI23fKVCpsI7+2DIceSWv1dSeWoApETeEojl1anjUTW/9O7zgCytEj2xV5A2ZLG9OnZBEN07laVaVy9Uy5h+NKhffAo7Ss4SA++v67nG11o1AlLENQrxOH0eGkchkAmkjibLUqHUssTkzTF/yb6m9epG5nF5r+37jeQtSek+m3DG0YB+JjTxNPPs1emzeawuqnGiKuUqUB1YbBSaEpa+pUOD0lKRHou/ZYB/vMpoS9hqufobFF31vtvTx7jVA4QiUB2mD0BJICl1a+CTr2gvVBx7/Ohuin4fSidJ2g0Hv0zKNpEQsN5iJpces3aTCD6cnG7WPdibpFUzG1nqFONCVBSco4RobY7sTJDWLFqnjM4aqtxmUKC2sD/JjC8j0awrimO0Qtxt5EtXUZqzDzxJIX5GldBGZTQ/Z5sn8KgVwyePd2EIqU68cWes0UAr/ZldBUqY17YRNnlKmqNJxoT0WVtp0+XaUrrL/ai34pRrIKtGG55Cx2vpTyXbfkOmYStHIp3Hl6kmcETyWTfTbnsVZJpS6x5Lnh1mR4y1Z3S/Z7IQkeBGPB37jyWjgIFE++Mt7lGlFbYxsPWNVhdZqgb7JqCTkICcTv4FMShMJbxWc84UIjxzV2gnFApCD79nGU7jZRfl4Y3k+ohc+i9GGewtMdMIWuH9KZkCRwqnyOJNUHAdlXOjFhJKiSDRKu9hrEIxiMpFZ54MRqj2xuGFSzAQIrmYTT0s1w2HhA45w7anVQ5qFOgi0rnVGs2luSdHMZ4HHq0KPZGWfLXHni9nN2INWoZGHe28adr4ScbuH3mLp4v/PphiLD2Oyg8wMHboYi7qAReAwL1YLlGEUA27DMPwhB6gGQHygKO0BpozjAPVqGlAXwxALRA17hk0cuHeeI4P5PHItBQ4ijnvgLT56C47YzoMQjwA9Zh/i4HVWcxwsqWJG3ie8P4tehnc1BECgwj4Gv54vvACBSjHxAVJDzxsF2Dv04d8+irs4ITdjCH0GJkUi5wD58VRBHoUbF/ZaygDD7sOFpEu/B1oxhCJs3DGiN4bkn7jTFd4Mkom2AQmSm6k7wyDvAg1wmYEuoAj6gUNa427yuCmGzYPPoYrQ6WbhjZINWlRghYT+y7yv7zxzcqOsmq2E8iqbiiu89WzPZuhOlEYFokyvbNVFE1urB9vbw4XXUt3eY3CqMRCy0SOA1JtKaKvcmM4AxJKar5Fws3J1uhchUWStH6vawHpo6wfqV8Zh/X6FpGQ8mw3KrxWR/s9KPOHXfx55x7gN8FLii7jY4P0ChDew5aGx7ZwNJBellpfYaVuzzQow0vbjtt1szNmqhjAp/M+1fn7DQTWbwqnHnQAFXcFZtaAsL0N/MVxNMHcFnB9OEVc1zjPcu6M4Q+BNbjx0PyIGBFgDP8w+jpyvbCMqj/cyyD1/9F39iNjFbBlcXFw9wTAFmRcjD1ZzTO4zQu7hxou3jIAP+w6PIT79pTsSxitES2tiDMb+zcJdwF65FfdGk1mwpFwghZDLGPkBJuZZ+cE9dLl8wLPHkkzIwn4/9Zje7HQ22B4pp7A4d9MzpCbO49Tt/ezH7M5sPIoumow3UEl1g+GKCueqFdTj3iWT0WtzK5g3skHTYeg6nMFXiV1Nw8i8rVPuT69jWzOxsf2UvYRyCMgj3IvMtol0isR/EWzz94vQUcbO58JoVns8I8LaL1ZT7mQzoqw6/Qw4W4gfhgVHm3XiffREVd+YUN8wh+fAfdeZ+FN/4o6R+A6zmRHEtgOeRrPVUj4PkVrNLYtiOODlaghNkCjoj1jsHpOfrn62uNG5BsIIHg0kh+BR5q49hMN9Y8w1m25k8mw7ZxANQKF6E76//mxHgv1O87c8DCb6ffy2h4H3mx0DzmCwnPHS53ediXsHmDXxAKeTCkwz4U2svtJeYjmFeC6mEiexxr2ugiCUjO0ykJz3B1PC6OQQzLhqhPSuAbraWPBqAR8crbH5AxANx7C8zwVv0ZgN2JH1Auw6TSfOV+qh6RDO2jLJtOl86029BcBPWLtP0AouYN3m2F3c4XdxzkOLv6x8pjIUjxv/2KdtJlMhLVIrZ8yHfSeGeupPT91PeWrCALcbvG1CHKFBvn3r1FSgwZHBV1XoN+u5yzwmry9jgneqpwF44n4ylP3U71uKBzdht186B3HMh9dJqZWHg+1WnK+/5lIgVFWADpbobVxg5TFhBa7BzWINquB+Wn+FA63+WP5ZtFL+1Cxb5X+xLCZ9UA5ayVldP+AlW28W4rXcTym13E9cK6qUakrY7V0W2XRURJpXIttrpVgkxOBiXCZABTUc3vnqq1fN3VevKtUDJVnmg5cbj5lNFvUs1erIGXgRjv/3H8f+9IMM1LJt3PiX8zeVmkPPUMp07xbu/N5pYvrRX0kGnaDbij/lGwrMhrnpJpS8Al8RJXbhGj8VPZDdl6IVw0YMI+DZozuKuvFTIqz7pYP46cC+QXWvyDYqV7pAmRXppiaG4fz+yzdQ+6CfUPmkRTbnX9bg5shq5qO30Ezo04WezeyNjARj7o5kXPJ6wZE05ur6cnDR6g5Oev1rdHyq7+6ajzlJvLmfdXuAUzP8ew9ssgfCg0iHWLgJrrS9kdgDDHIZzFGgg5H/laj8NWOjjeVBFDEgXUxpyKg75uAPId5FrnSMaAY2gAt3yKOfttQ/InMN9FssOKH/ohXVBNm4wp2SAPfxNJj7C75DFGEgjOXWkCB+K2WUaJXormzNItmW3OD5oGz5L6M9zxdybxyDJLPDe1sNOSBqlWVFjRcQt/rJ4smycq9zyfS77KW3mETX2YnrarNEabzZT1XDhGDXmzXd3cX4/byoYr+/NygDblXxJ9PMI5H7f23iunixft5JwW+jaXMSKbSdRryKRnI/W41HqOZGI4IEGN4H0jglvDvHy/XRimvv8e26NCFApj8vFIJKiAuS/f1AEf57Z/T9+PxscN7qXeyqpaGRsHsRh4Izdh/fOjtkF855wMWx4o04Igh2gFPI7lWrExJsOWW52PSb7NYTKwScRWQfHh2TYQZ3kTYcdRwvK6HKX5SDiU1GjeLhPpuDwEzgO98VCLsNJZF76CZKAzG7iU5G1biXm3zRML/ATq1vgJ22vqs169Z3jUpiGAo2W+z7aVqGq0ul1hk701JRQ0nT5ac952bqaBgu2YbDZVNtIqUDSlSXVCCCBUiXUzbcxtFNkxt8cITYi8Vk+cQeuU4pLHcWnszWLUzYG729Ov72rHX9/rI3uLi6onfuGDWld/dkrRP2e4P6AaAYtHOw2Om3ff6OnvVo/SbMhxDMy3s2S4LxwH/T2dJxhU6BfBA/084XI/r35o+9237z211rbPt/q11t7Sa5sQ0WzJGDl9baNnuWEXi8tAlX1zPnlxWafFEcSV0AWs5m46Dke8tbitV6v5yM9xa3w1q9fvByDoJPsdZ0Lvsd9fevR4ke4HP9OKcrB2UgZBJKye8C2m9EofKRFCjDVsxWy/lqqTYmXhDdDPcKuVQRIpc33YrZ2aYrGL6UmtA9z8ovSUc+xYfPuE6i6+JyVjxHUBQFWcDbHH/pf0xaxYG0usEiiRx+xXqpEi6U8uzXjQXPmNbL2flkheanE8VINKNg6ldnwTy/86nA1Q3wRQln55Nilx9Tvki58BOmaONG4sRqhSF7vcVitsjn5GgBiKwxThy59hucWIlQcSJHb9GcpOGDigSIFHJ4z48PVQM+VDfHB3mMJaXbGKZYl3wWVH1ccmvgGKOy9ZPmXm+Epbwa9lHKJCkCs9mKK9POPRJHz7n0Jq5P1kHAhMzgKH8mADdKFcOWw6dbADlt020IbU8BihHoNquBxJ2ndm1uvRG1mxvgJgbZ7GL2EK8T3kTK+1arRmm6mgxCZw6KOB0b9VdxCz62aR/lcxG32D2+arVPeoP2yfFZ9/jsW0MYzZ3JwE+xLOWoYNb5YOaOmDkCRv41mIVW1zVUTTRU/TmWmDXheEJZXGACsUBo+AQqG0sDozEB7safj43LbagnVcukVcb6Ix+jFeQTs07cCMnRYcwzdwTk09B5NNeki+vOQrNI4W6SFrPAueIS1r5y4P+/fqPiDj56/dpsPcsLn7YkO35iTeCRJVAdjXVhnSAMrehUbJXlQmqraJQQMy2iGGW8craVtE+RF1SspTbV+zRvecttX3ilu8EaVzdbY1Jzy3447g7wo4b5AkNRtsdJtY4Uqmayh47NHNDLEnamYtsEUKX4dgE88GySxx8FR5lXhDMYSdDQRBYaJ26dgIueCkZngYnBrKTMWD6eSvrfFOszUCwj5Hf8f9OlTemSwaJgZ5LGd154CxQkA3JzayP8FYknKrUAmXuIsu8dGqkunSVw+MBJu8ulO2RXOA+jlT/iQ7WlyMVSmgVucTo9v9iXKJEIFBXdhm3NvSaw2S4fRsu7iEPHYjmqgEe7DPv0DAxAtMHUkKuGKmnzUN/L3fBpV5TLthtC3jsTAhO4vRGhHzm0+MtHB4TuZSaEdsnLwB+uQK522HjzVsdyZ+QFw4V/Y7o3SYpdw9nIvXfHXglO6D23iE6OIFL50yK3WRQ7Z89pOSf0DjDOueb+WmJX5WeAN13yllgBt3HKDqRdHy3FSn7QI6+d3V8To7m+d6dQXWq27z2MAraao6PF3Xw2fpy4XzyD5Ky/eExskzXOiAPpdIT749Es2inqkS+imAeG7GiZDFcXXgDo6egh/aOjq8xHlxN1ajm4ZEP/ENY2n5jf+iv/eoxvDiNNlmOJBmM2v75q9S4+u5D/HJq1SWL9s5LJReB6czyDjSiAh2CMyf27t5hhDOYyyvGG96Hhs4kDVtVpYkPBogiPaBeVVqjDxc0PrOlTFGySp9F1GCGnYVvu7nMud1Jt9lw6nWTE5Q2WewTLPbQs93DNciffZ17ujj+/9xbo7f9brvhw3YpfXVSebcmrxh1e/d/f4cG88u8tLhb8u2ddcNMerz7LHk/ajG+w4B9xwQ0m46y/WLPgyfeZFzxMzPhbLnmQuuSn3/afuuDufI6RRj4V29oW1x9vfx8yubuF8Yzir6Otf3e7xfUY1MJNz20X0GA++GC8JuPoEvK980D2GY++B3/ZlC/g2y5kZ92pU/+2XZBGAsHqDrlhdFB7cYpGGXQ1NsP0jYQQaObBd7Il3brTiaWA2uEUkG+coeeP8+FY9mKX3LuprCM3YmMbMQWcYkjqJ4MulZJX6Pd02S+AiG4Hw3W8pbSCXLK9pIT6Ojbzqoi2KUVhq/JMBOrAyHPS018167X/Ts24ej5fou/hoBU8TiYeoMRwEOUqHIisTQ6M/+oJe8D2IhlmZQ3eI0MbDGbA1Q6ErR4sIFoOE84ZtAATvn+XgsdEl4Jhd4iUbsN7b/iBek7snTHFu1E2CYYPmPjjMY5oCVvBZVcdNDl4nK1yC7R+wumhfYdxN524N944vp20fs1bi090nFGoUf3gFJ0qwE+17oInmQ5uOYANSLY2yN5pjxDbISvyGPB2xsLqRbM04y031hQc88DiyRTNkCdtnqna1Ig8l7jnErVcYqck9irSLJtxzwNJ4nDSpCoPY41FPcRaJzIY6VSZCgdMgpXRaiPUElESyfBG3Ta2AqP9q2w1PjRjT7JywbENkUtc8dx4jn+NGlRLehPpOSU8rsKKpWiU8c1C+p+QOmjLPVFGK27yPU33SzRalggFU1sBYf8xjACb2LnntEHYqT8SPzomlcAwI4Xu9p6bQidZyAMWEzkE2a07XLJlHhkrK3QgDGpGRlGx4ByYUI/NtPByyJ3OML6ec0/2Cxjr7QaIDZnp36zgqFpqhl3G8Rhttc6gDoyzg0ZZk1WwpCgk7gfAamjRmwbICXJ+5qkzm4vYL0N3CsNRm1GDiuAsR/7trUfJFJiNGM6Az8KhkCHY1dKbO7USjP3h3qNp3TyqrXEdGfAN1XCk2Cs4qNAjdxq2HaU0SBiLbMraRyWkl+OoLjeOeyNd59kbZhS23juF6Z/jIB78wNOmOXG1UQFkaE0AMLMbCn4HBPd2NbZ0FBmUCxs2tS0VmWkKHAYPffSHGJlvWlRKCP0pxVEUnvkwQLW52Q1FuCO72VPk0BfOj7X9n5OHeYvVmjvjUgmmvXyKNWDlQLcGrByYrQHbgLhxM308RuMwmgtj4ADBFe1Xwka1Paz3EbPOYzkXDm08Z08QMP4UD1MHNcFkuYuadwF+PKCdl3BSnzhKSB3Rmhrc8iuH9xksbSBtD7kL3CGwtoEv3NeC4Yy03Hpr0O1oNlytMRJOZ6Ws5sNPYaXCPJvDFFbqn5BXklzfkHTc4QmNYrD8/nWCp3i9hnvqRnhJT7blnvAsjXBcO0uHybN0qB/z+lE6ihdgRjElztkzTSgckDdJnt2TlLM7ZB3JCXdr1vFReuV6E8z9buWEpNzmwZgq67gnYs7UGjp26PzcE3g1wYGqI7Xwas/BeDJrHM7QyHgS3KvK7Ec3LOja4BUrainH7qO0pl9I9vyz7TFtcOxhipiY9CjFURHuEOrgyCq/yb5X2FbJZ5ymqBoQYzMoGChyTfG7yqDx7GoGk+L74IlKse0Oq/mHYVAZfIRJKtL/Mwv9Fhm7ko4czylS81LiLM2C9Vz6FCTlYy1ECMnVmiIullN9HvC5SA0aIlGyl7ZRQuYxFB2lqaTKjesLyX7sDr38i58+lcsvCjCqmKO2MmhS1EXxggSUolY5BFr1Kw1u6CbL0d0oLwCxZ0mkkXzOLnK3FAoS4z+OAC6PoT/XjYcYOoqYaMdqL0wL1Rh0zk8vWtc5ilgeS1cWC6encB5hqE4M3GMubQ5si37dMaDB/F9QgDyhrBNO2xdXyFWNxxQEDGQwhMmHYq34j390YRzscFNykNlHtv9mPAM5gnooVzCBLGabper37kfJVff7LxLrpStvYIWhUEEiVRq7ECofKGYAx61VlTblUGmTqoMIG/1n10AoJPy59RCmq6wDy1VWn0Tyydxdujc+GfrMVwsMRBqItMIhVR55KFkHTjD27+4x5iKJiiy7oTkPH5Z3/kcPA6jLAURma4izC89FAx3edaRMgGLVWqUWjrMJx09eCAYfK6XGLqCbCPQEpSO45wIlkQFHgA97UkMMCB9VwmoOCY8KCAflEunq6fkk55VRvVARAmn2viKn/gxdVVkmFbCJJgrH624hUUmJChv2x9FhqwDJO3cxoojvsNHZQVeEyiSHdCd1ZTlQyt9Qy0OnIjY7AenaEVqeaH6x8VQRSNgru8b7Swplz80hMzDXNB6evHZCmRxoim8w+Gqh3Ic0y/tl5WH4WhK1sVVXW8hoBZTNx1EBZLSAMOIY6mvIVVeMI+xMZLzAQQ0RhRVEI1iNfReINLbgox/shO88KRDAhRIW2DAUwBHpDq14LeIY1k0il5aTO7N6YEvGKtIFbKoCsEvcIu4RR0hGmbtSiarh559Fvv4nk7AVTtIkZ4cSkBeKQGQjIJ9VyNPhN9CGCC5CEbmrBdySQJv4p7wSqu4mrnwmsZoqc/vaqSVXTS3wtdP8LWU+k5yXbkLeO71qFS+urlCoO+/2nokhODReHR9uZ65oveQNTRy8SVuJkpg0Vp0E7mAeBCIYFaM117HbM/xu9IwwUhbH8mLMpCLieI00Wq8k7B7E6z3AOVULpAlz/EsJ5alodI7UQrpR+cSuMJskNDE84K9jai0eyDrlZ08IpE/Z7OT6b5Er40LDzgTVUS9+Kuv/XpBkIK95sUG1jg0SOuGwXjt7QpjeETLu+gvn2D1zfDwW9d292tcTr4xlGQ6I+T8ywCfH4hSI96VzADLll1rhxI1w1FsJASkksU/tjtl9wMtGvb7rXR73//KM1CspzhxuZ3271kTFy0rXMofck+SOM0JJcvcvT/M01ffvnuhlTpEEfJLkKLwJRbDFrJbRttnOn8JyE1EuOMU0UnEfKx8vbFflS2WflXDEAJr/H43mfCnUecz107fM0w7H8EQ6meWGY3STiUJSMQN4LOOQJ0U1BqTENYoEkdHaiV5K9htGQE9sNxMZwCnOWf2CBudBd1ikNQ3DdfEMkAo89eytZjl84xa/wl0JV/q+uu6240ocKhjc65mOlKaRIW4+G0OcWRYPxNmAYQ6Ndxsk2TEAzLcDmpxoYq2b0X33B7mHEoJzGGZxQxuvQBechWuCrYQQY4NsKtYo9OOViRUJMqLNs/IiTSMv0vxMvMjGvIaCUSq3YeYxMqp2grhqxy4tHE9JxRet3FN0OWqITx0rZyOi3m801NZ5haCaRN0gKWgoqMtOFtUEI4HlMil9njL5cFRGrU+1EE0aeS4Ds/MbjNFMk2yrFKf4ViZYTqy45tqbe9RuvZ9TQWISMJ5zSytCxBbuHww+7TZc0ZyY46VlZpXvn5gfUVzHZrUVrNeiqmFsyWicGNk0e5RJmukydAZ5h3HCc7VytVwrl4fl/XKz6jb3683m/u1BeQSPq+VGuVyuV8rGAKumeI/WOJabdt3YsmtTpExb3xXo+xD6blRvyl4ZH7ii1/rmvRqicFr6rWG/I+j3EKYNcy5X9hvQex1mXeH+q1vM2hDp09J/3d6/WPDaFv1bo4km+m/Y+69x//WyPfAnGkCoMYV3lro5y9JwExGJt8JILd1cBakPBXSIWzyLiJuoEgDhYLF8ijrfnG8mkqCEyUosPgadeCh0VKCZn8o7yxdbKJ4kuxcdD88qLJgsopq/vUVUoB8C62WGNYZFBtHBfMQozHoMCzPyHXQjK1LcPg3X/sXllQiBn1lsMVmENLdzbn5GFP7XFVKC7eSP36v48WQK8MySx1rKVn0yacsK+GelbR121bfLUUJzJu4P0nVnV97SiXx7nVOYdGKvf0erQtZ+6DQzHK9GXuZw+8pbWpGt429PlKEZom9HkzjlhYO/1gjcnlbY0dNjWuEUxTrYBkzJvAPGdwijzwSicPwZIBSoZbMCSDFzE0a32yY+ENVTJtPhEnlZ1DoT8d55E7aaNo1vnziNTKfcXTR8a2BrffSpWo+44Wv0inzptt2pzg3WJiNtZ4wRxjG/NqZR49x0O/DGn5KB3dBFa83IiBPT4URvvU9DzxuhbeYsCFvyl86DPx7jPcPNYob+oxgwbcZGlfASs1GEbn8cvQuN7jRTOmwg7POG0njDKesB3oL0spzdkauoJYV3aPa9IWKG09pwyUPfhLCB5MrHNB06kTLrO+yrZ5JKw6yFmhODQeaNJ3ezBra1HFnykwhcS8OIUIMlwmA+9lXIWFMUUm3FsDPmyiA/tzMQ2QmQUU9uACTMHp83arSkcVxWBxPzZC3gUZqP1dvbsy8jbtHYKqYkFjGtrSE0wr8XO3WxY1FEnmOZf00h3V3PSrqJSsmR/FZUKjL0DWdiCSkV+sqaECaTQkhbWgUzoudm1lsp8KOI6q+Mlo0t3kT5NtaXjrqx5+RQulcRmjDyNyTgYn2wZ6uVtmmTmHSYz0d6kqNSPchzNgyIdq4auyDAkEs2vzMB2B3FID02K0ZOKm2VzPCTQstiGzxacLMXWpJzCyukcW0dSuCIbgaRmopf6SRAqD82pQBCebvh/hfqQq6bIf1HGCbOluFjO1On2D7SZJF12ygmShnwNSYuW5WmAgrrto0m12XeNJZBRGYeyd7TDpLvSMeELPM6fKLmn4xNMRuEeJdZgxKHuj1uv6A09X8W+9Jg8lvjYsaxpGFm7xMF/XcW7oPT7l2yP2Abhr1fV/RycUzNnOR9QwI38Hg4MBLKW2zQJ79yfig1yofO0FuI5HMAjtWEREoSV5Wxe+TIBXLrxFtSoiF0kc1J/1h0vRXJnpf3FFbRx0gznprS/RVGAMKy6D7nPc6ExAudQ1XSGqt5FqE42tFif+S9FnoR3s7G49kDJ4fzhh5HB4LnRfy0e98enzmd3uX1cf+407ru0VOQxKeeig2vtH7aLgVGX/gwQS/QXuFnPBu64z95j8fdI6dcccpl/k8rF6xu/uYNl2/2zt/MFnfu1P876cD3zt/jb2c19Zd7nbM3qOKApZm6E0+fKYDdWyRq22vsKVyaYBgAGnehp3nuZenVN38tvv7xr8WfXxdfv5wEOeF2DphQ0C1H9/ZgW0xmArxpYMSVo2+9s27ybbBc3d6uHVc0ppzFET4aDyZ9waULkq2qbvWcquXFT4sXBefFT1N0sHdyu5bWtWFNXCB/MKi//ugW/94q/tdPo73XP79689/lQvXXnZdhdecbsRUG5EfmiWzrzlGCuob0BTv5QrXpxgdHBP6IVYL/9vbISXPveuHPx163d1Wa38//H1IXpiyvnAugQMWLdxcxD0x0C+VKDtbColT8PUZnmhDPWMBzxP3o+mMMzlXgBLDoi7z0FrhT9QYLHN4JQ31h2C+KOeXJfez0ur0ap5DOC16/KDjTovi9G40BRysiTAVOnfpthC/feQsvR6c33gzIDKs4HdS3YWSCwGNP67F/s3AXj0dU7WsE/Fv++g3AiL45jtQ+53MGOPK1wytZFHhpvIeK8pCGhfPJgnAaektMOp5zb4ZwoNzd+3/7MJ5MZ/NfFoDpHx8+xVsP/L9TeIIy/K6Uq/WvwjcJOYqfG6K8YhtqkNdXIdqqrHnOjRr5VR2DN7yfidGHcgP9MujkePTONwKmeyF86ffJcad3dtU7wiQYEyBPIgMxIIh38+jcLdwp5fy+XXi0dMN7dMygWHvu9NEB5EG3do4FR+7OznA2f6SWhTszUPbb5QOdOYiWQTAb+qTNlDHCRPpjfwyLRulQX1yJGi92qaORR0HtXkkUla/D3IYLj/2aCbkZT3As8jWpZ7kX0ryiF39ADTISFmjMGFVvBJwB/L9HUyT2MbgvUGA/PjMKSP+Bp/SmAW+zPVjZwBvz8KAVP4qYJkfJ2xF6miOAlwJkeGfmPNyLOALhjHwe1y3QFuiaz+fRDEBYkCePTNEcnY5RXMGjcFUx5AAfwjg1mjG6ZMPIhQIa1mUeLbh4xXEwgB8Qe20EX6g5jq7Bs1uwpb2LgavHDqZVlgHr1JlENOL6Xc+5Ou9ff9+67DnHV87F5fl3x91e13nRuoLfQMS/P75+d/7+2oESl62z6784532ndfYX50/HZ92C0/vh4rJ3deWcX1Jzx6cXJ8c9eH581jl5j+kLnTbUPTu/BlQ+Pb6Ghq/PqVPR3HHvChs87V123sHPVvv45Pj6LwVqrH98fYZt988vnZZz0YKDrvP+pHXpXLy/vDi/6sEwutD02fFZ/xJ66p32zq5L0DM8c3rfwQ/n6l3r5AS7o/Za72EmlzhWp3N+8ZfL42/fXTvvzk+6PXjY7sEIMfEidwcT7Jy0jk8LTrd12vq2R7XOoaVLsS/lSJ3v3/XwMfbbgv86qM7AKXXOz64v4WcBZnx5HVb//viqV3Bal8dXCJz+5fkpTxZBDLXOqSGoe9bjlhD8+ipBEfz9/qoXNgpnT+sE2oMlO0ssa7TYf0Tm7m62eHSY8vJDtBpDqysnTo75tbuCfbpAsvaf/sT53seYnkvAyq/J2QuY62D5RyDypam3fCt6CZH69PS742O9HhcRuxQaFfYiDw8Ppdkcns1Wi6FHNiOiTLAH+7IofpTQkMRxAJOcE34i25t+YAot2oMRBd4Qjq4StwhE/s7DMWL5PfVgP5b3pjR5MW0ogcLfF8Oxi34Ln4DGBOJswyJKTk6xGQczjBGRkyfeV8RVRJ2IGzNnTyo8hVOcP516CyTbRJ/DhTrWHqs556+u3hU5GAg8DGOMcnCdEZwKUmagCBwAARE3Y4oOdGqTeRbhYLyD0/Nub9Bpd2rMOsDUOcqQDDIUlqlBIWDGilXWT66bm95jOLdzfSCxuVUdDoXk8WlArA6eUhynJDnoNUPGacGQk0/1KWzI3IVbJnXDZN0uMghouVQplUUTLIxGOhKcIuFivEtg3NCIMlDR97+TMvE1BT8hcdyZQzMPs8UIr5sHxC3JBQAoX4iXkcJGV+aE3RwdyXYGsh1TSZS7NypqHAMAyV04saQUNpldCGVYYyfRMQbtqn9lUhuoICKntY2hEpuraGyAjW01X12xsNF01b6R2w3JYc46d5RtgzlevcuJRxGliEfGS3SkM8hcmGLDxNCDig7CVu0QsBbcDgax5nD2SLGt82YhzQnm3hDVHwQHyS/x7NdPlYpRn4OJHtknOduUsltOONEiznlJFAKkDvPMKeGC/3ekwBxUjaPydfptKUgatWSJ2dzeDICOLwdj1X1ky82qNgZTOGiUjUOfuJ+AsQXWGENd056G1dqBDZ423JBg0o5DgXLXupzJAtstjKQ5Axyxle4cSz3A7di9C8ON8xFqOICRxVdCm+tjjCm/swwST9hBbXgztG6QEDIgSKKMEyT6fo8EYzYFPoQiBMgW6UJsuVgZ7gWw6xbqizYZKiCzcZBdQbU7uPMXq+FyZrDB6XpLlKimICRJGDMkmc/gfUOHKR3GkVMyhS1LNEezxBzvVCgZVrwYX7tep72+EKxvhkLXlxkK9TN0d56lUM00qONbAp33aT7miGWwZ0xsVmhyZYZifOeFX827k2lO9F0txXr62Vyov40Wipa7p7jKPq6V4rV+Y+Ii/xBX5odXORPT3c3eHobZoysUoFkGQGPMOgdpIF5LW5Ejao2UNpHSn0jIKgh1i7Aw0E4tUVO5xNG6N1zVoOHvdKkujZmZjteLbswkMSBS8JXJZAcmco06j+U96rFwn+c8NrZD9QruT6J8wNl8cPI+E3vnrbNfv4kilRj6Zj2jLYM4fiIdpGVihkziv3W9XRvIHjwMrnI3E3kZYJONZvIWRgRhLYAQtgi88UcMrhjMUFdGCSIwPiILWDbiboTmj+WfMbMvtSFyMuVT1n5EmcQ3rVHNVsNsYCIJU2IvrYJVmHtDfOzXk0mc5+2c8QLyyltyDgzs3HfH4h7J+ejR0eTkJZVKShNQ9fg7FHhxEgvvl5WPIj2Jw8nzJAoULEJrmqmyv8wxDRa3imFnjDSoPcTkfMZ4jwZp5fi7jS/z/Y82UsvtQYEkJZWLEBWJe0PEKIzBhkdDXGNDsXKVjOWqtnKZ8ALIVxLWwHIGwq6Z8oZMH4UfJCbpCZUQuJywoW8LVBTvaCrVZhHooJP37kqhdyb0sIvBjCr7u46SzKdyWLWXrdZ3cWQBJQVSI+zOMbs0KaYXK7J3DpgCw7Zy5/PFDFg25dJYYbmAqrhjIDsCkUWwXO+jt3h0PFQQ3js4GkRCXG6MBQu/C3gDhYVkAFf/bjoTSX6SnRzfSpDKbcPo71vxX8H76QrfYLyq7Pb2a4UFw56JldB3hyK5GLYHVqUlSmyQyABXXcn4JhGF3hpiTNIiRoaLMkQPPKVAQYAP+MeUtYAwm+OBCcDfeMsHD6jUPt8zCqSEU4evET3n1l8ES3hNj2WSoLEbwALNKZSYHxwlOoiUuagv25NwKU20K8+X9YPDg1q8spidYmdc2Xe+EYGIwktrnm186k2YOW6do8QbAIq62x0PL5bT4cp1myY4KoZ/CrkLlzzu1tlCtW8q/3iklcc4tzAUmDqzSngg4g6ZYpYPYqv4MhYvu4C3KmiVb7yhi4v34DEnRlpktKuBtVt4d6sxiGTQd5G5fIAwhW12w95UKsctXs1CIVFuWcnEOXlAUN6Ju2GPQ9yicveEye55zKUYmse5zS+/dFJRP3E0YCfaYjMerD8rkhWbaypWLRUr+/GKqWZOjPx4hS+MpTKc35/LvJu0UGxQa6NlWfxRAEnkPvCme1GiBCAwMrEZCAQuYyPLA4gW+ACXnk8pgCWvfKAjNHoFgYwPFY6MipW8fhnjID8uI3OruJpMOKUcQMEEBkP0DHYLIMII75Hh0IOTbAR7bzEhoWw0W4++YaAFthTHQ9qEybopnUQvCWyjGBJnz71sZctKu9Jyj+ibYswQx97ohxhntLwJbEizXRZuC5sh+7YeV5FxuBXbE/vhqX4NT1/6wWpKqxGT1tIWNxUtUlHIWrOq9GnwiCgowdkVp4jXzgFGPMToHPRpogVZ+cXuBghlAngaRl2jNTwH+B+uKH/4C7zVAxb9BWXqu+XkI2QZg8WW/nQ1WwGjs8K8kUnsu3IfMd6psMMEWl6k3ASRzZFiOuQ47wMpqcsrpxsPavqYPhKfYlBV1YZk5DnB1J/PPSXSK52RnEQ7SmbJcVKDpEIyNNzin45mpSTXWh5Hiq+UfgpuULEZqxiZNm0woCR5SLYULSmGu5iNV0thJUX5QfncoKQ88TV0nNYYbZDu7tnkhgAKYspsLIww2UZn5AdDYBfd6fARhQlnSH4U0TqIxKcFRJuRNyElNJlQ0dmhWQNlWZYnrojZ4My6Ptsu0LN1Ez7/XkIrsVBSbTWivYEsqZI/nmKc0JUdRwh2uCFYJ177kcgiFNsoYbdiw4hMuCIRDObIXHmhMZeWHteo1MkFyDdM7wBnbtG8Qci4UZiDvbBDJaPoYrZSjR2SE/cDOQucF5bz0Q1Zg8cjmulirld5N5ukTRerZZie98F9LGTrUiR+wTQ38j5U0c8LfaGYdiDn7Q7vw27V6SemTYNAcEf2riSqjxLT4ZQxtEN5eQoMhYXHruojjzPjhP0mJsV6AXkLQSuNPBjMCmcMoisOnYxlUAVBOnW0DPSntPQFxdo+VMnlr67ecQpWNK8P9bavIt1FdHygCoTscWBPrHw6a7APShM89j94wBACprG0hUfIfDED+E+y6ON4qTrhhNs0X7M2QrkCFQiUVi/TTUl69wZlnq3CE1V7GZqN1apsVauarVaa2JbkOwTbkeQ68OBZz3hcG5iILMzxehQwos56jMuEOWu6N6COtcYTcSdLuwbk2aJaNWO1NPRhJ85QjewEw3tvtBpbXO8UPeUgAH55vkZVaSyUejEf+TnFqxouRfEC0HQnKvWImqIKUP/Wv1tRTutF5C0xR1O9+f1cWiaBpO+rWRJFk2gBr+uqYNVIf45HAV6KokWfuPcvBbOjo9BghiOBSL6ipDdNujeDfAZDbxrDMsrVH9CpFxgSJ+JH3mYl5qEejrGLz0ISSgwMqc8Lp6m3muJXbRhtzXb9mEdd3i6OirQn0o4TxoQiUIHcEej2kbwECDsIqDu08YrVn+mygU/HAHP4AXKNH0vJvjJt6uQUaHMrWGmAeqxCZdMK1UQFcxVFmxrNHqUNxMaHQkKnhevqTqWEi2yStd1QnbuaTj3cp+6CEsXTjhWUUxkiyySwLNQzVMI1KxBeGSCPHx5EelQK5SuF3cWlRnSMbjYcxzQaswvWw+zWD+43csASVf7wrN5XYWupflTQ1e2KxUa0M5f+m0LmU5w+nGIsRKI3LT34H/y5N/JdMnjHX3L6IMWIV1oay2iykcPRZ/bkipYj7mm1FEPVfLn4WdyTSxSNvLkq1Vq9sX/QPCybv8X7igd1ETFdc26uQF5eenEWVMNOQ2E1fPJvR6x/O2I5/3bE+rcj1u/aEYup1R+2dMOKarxzp0HxP1e4X6dAwJAI3Dtfz/nLH5eL2dQfFid0Dg1nk/89Ly7pCeM4oSfMszl2oYATwh9/SAGC3Gr+sMbnCytYnb7wZdzr6+UfX/9BdeWJPHk0uZpXWL+XNZdQL7NwqOu8r0hdh+GnYIrINkfId8W+VMWKAwWHbFeDsQ1Rwcln/iWlQ8QpCRXXDGY88j5xo9eXsQYzcDVtzOs+EJ4KdFU7mN0OZuTdDiv+Uox0UKo2of1S9fAPJreu6+/P+8dX70Iz6NCzSz7AMzwLYHpjOCII7QFGgCLt2ezD808q6mWAzMQNdIIT7HXamSYI5fQJwoOsE4xm1ZHX2c+/ZvSmeMPFRDe0gu1OthUkd0J1BdmUONMEefP2QfS5AbL5uWY3uBUd0Lz62RYOysXm1c++cJ97XhwaXpvXecZ5ncfndR7O6+UfiyHxTZC+UHFkpmwxwSFG365nd3djT9rTGoW29SM/PrvuXZ61TvThy6fq2qjdCaeQTTs7pWd6V/zMAKyNRdu476mJR9iUQ9iKP5CH9QZOq0Je1F1W+WC2+Kw+o1Pib+VsKHDhczkc/sZehLxk/7Q+hM2y2Yfwz8VrVAclB7eVY9ovZeln4ijmMuVPrcMC/N0/wL/tGv7tNfFvuY5/+13826LnB/sFteJhCx8eVvFvs0wFqGKPKnapYreCf2tNrWKZXnX26VWDGqGKFfrbp5H0OjSqjlaxzsOgKjUqVqVG+jSSCr09pN7reo99GmSXBtlsU3X+ToUbPOA+NVjTKlYIOA2uQsNu0JM+9dXq0V+GQFWruE8FyjT9Jn2vUuEuN0jPD6nZA32OLZpRj161aKZtqlih52UCS48a3K9oFTs8IypQI4D0qfoB907Pq/Sk3NYqtqmvOvXSZGSgJw3uhZpqMzLoPfZoFj0aWJuAU6f2ewSQPlVp09t9HXM6NJhDHgz10qBiXapSobcVBteBvo40sA5VaVKBNvdIw+7QCrb5b0sfKs3igHCmRoVbVKxGTXV41jTsA32OTZrjARUoc0WaaZWG2qHvfXre1VGuRwPr8ApSgTqDiCqWCdWbvNb6HFvUY4X3HQ27R9/LVPiAVrnN+KyjXJ2HyphDxSq8++hvh6pUCQKHZa1ilQr3eaX4OwHnkJ40aDna1EhLx5xDWoJDKtCg9iuMOVydtwBPoa9X5H1BwKkTcHrUVJVBRNWbvEB6j3Uaf5P+7nNhxhwmJtTIPq9mXZ8jDaNDBTo0yCq132dUpAbLvF90zGlRgQMq3KUCFWqqTo2UmQJQ9YZesco0jZa7xrSFBtak5zVqtk5/y/o6tqlAl/cdryO3z70zcBifu1rFBhXrMIgIOAe8B/k5fT+k6gd6jwdMYaj9Kq8j/W3wQcA4Q4Ov6VDdp4oNGmSXgU9V9hntaXZdAlRf3x0dKtaiv1WmP9wIVelTUzUaQ0vvscOkngpXCYv6XJHJCO8UmmNZR/J9xkkqUCNsqVP7dWqwwYjBBE2Ea9z9LQ7livlQ5jOOTxk+KJmcMjB5jwtiqAOWp8PQYMrMxJwp8wFNn8/3ur6zxA5iwsIHMcOKVv+AQc3w0Skkn6QM834zIgK8SfloZtpV04kAw7xNBfgk5XOWcbtcjlDoUMdz3vi8WEyXeBsyE8I40K2KDavtZeXQZ6zm7cmHyCEjFfXY0tkAprd8kvKeZZ6BmR/eZYxUjRhwmtEu5iOy0YrIDhNbPncO9SNyvxOhKHNEjPMHfI7zxuGdrvMPggviGXUigsAHFlPLGmNR2bCzmLVgysx0kg8R5p2YpLd1lGOORTA56vHBpIaJD2OyPlQ++nlj8oHIZzeTgt5BRBx6MXrFxzGvFA27yXuZzzueCNPPQ/1Q5lVrCcLiSMrPBJBJ7gFTGP1Q3qc5Mm+pHtDME/YVAtjWMafMoGZSxuvILBwfKNQUM1pweGmMh8KfMJfLpyozxgf0hA+1uj5H5lj4lBGnKjMAzFwxcGhUXb0i8yrMHTG1Z/aGGR7mIph5LutIznx7lYbKbD8fUnXlTGceKcaW80HPzDkfGczUsRzBjAefQZXYHJmOKbIDn30sxfBhzad5jA1gro+Zc2ZN+axhVpkPSj6aWzrpYM6B+Uw+45iR69HSC9aO8VkfKh/6zPwzL8HnLMsRfAIyj3TYM5ytzPCwbFJjOsPzYn6GsUjfVnyCM0/LQgELGszbM4/NLGWMneNDn8UZltGYqWMBocwMJPXY0ufYZeDzvuBdwIIVHw0sOxC0O/pGZqGGpRJmhlkQYFaH+W0Wfw4raYfy6bMeyhOLpNzGQG1VPpp7nV6nWukLolct12t8TLdr7VrnUBzWrW6rXOsK6JWrzfaBoGa9arXNx/dh77DXb8UO8c5h57DXEUd5vVsvH/KBXmlWmvttPtYrvUrvsM+H+2HzsFnu8RHfrrartSYf9K391n63ysd9db+63z6IHfq1Tq3TOOCj/7B2WGu2akKYbVZ7PWYDGtVG9bDJzMABzKBbZ5agDZ/aATMGjXajfXjA7EH9oH7QrMWYhGq9ChBiVqFRaVR61bIQ09qtzj6zDfVWvdWvMfMA0OnXm8xClLvl7kG5L/hh+FcTolDjoNHtxZiKbrVb7XeZtTjoHnSrZWYw9uFTqzCbUWvVWq0aMxuNw8ZhpSNZDv4w6et0D2vMflRaULEcY0JavVav2mFW5KB/0G+1mSEB8Lc7B8yWtHvw75CZk165V26VmUVptpqtSpkZFcCXdqPK7Mp+fb/ebsWYlm6z22w2W+JM7B20GkJr0W/0e03BxrThX4WZmWqn2ulUmaXpd/qddp0Zm1qlVqkeMHvThIHsN2JMzkHtoFZtMatT7pQ7zQozPAeHB4eNPrM9++39dr3CzE+9XW+Xq8wCNWqN2v4hM0KH9cN6s18TXEGzVunHmKJqq9qq7TNr1Kl36ocdZpCq8Ok0mU3qNrqNfpOZpXa33e3UmGWqN+vNg6aUUvv9To/ZJ2imUz6IMVH1Sr1ycLAvuKDOQW+fGSpclmpdsFUd+FevCNax0d2vMYsFA9yH8bA4c7B/0CkzuwX79bDVjzFddfj0D5n1gsbqvRYzYLBEjXZbsGGwGJUmM2O1fq0Pa846BIB1r8aM2QEsULfN7Fmj3qjvd2JMGoD7sN5hVq1f7pdrDWbYYD2bgA3Mtu139isHzLxBP7V6n1m4ZqfZ6dWZkYOtVm8cMjvXaXVah/sxpm6/ud+stZm1azfbzXqXGTxYTyQOjI2NXqPaY2YPSF23sc8sH+7RZl0wftBrpcvs3yF8YMV00DWajWavy6xg5bByeNgSDKHYMFQRdulBj5nDg/JBuVFmFhG23UGtzIzifm+/1+kzu1jpV/r7vRjTCCSqUetKTQ786zMDuV/Zr9TqzEYCRTmo7DMzedg/7JfbzFIedg+7zTIzlrDPKvt1Zi+BNDY63RiT2eq3+t0us5qwho1ykxnObr/bb3aZ7QQKVGt0mPkEQgKwYxYUtlGj0ewKtU+v2y0zO1qv1WEDxJjSfhPwsM2sKdDLdrvCDCrs44NujdlUGEurXmZmFQhDFVa1ywd0G/CIGddatVZtdLtCmXPYOajEmNjGfmO/d8CsbK/Wq3VbzNDCTjzYLwu2Fsl6m5lbgNxhrdUTvNZ+rd0XemCYBuwMRobWYavZiDG9SMbqVWZ9Yb92uhVmgIEANg/bzAbXutD/PjPDQJgr3QNmiXt1QO4+M8ZwTgIsmD0GnKqUKzEmGRa/328zq9yDT6vFDDPgwv5+pSd0j90DoIiMAEAE+w1moVsN+NdkRrrf68MJxOz0fne/227EmGqAULPV6whlYKex32UGu9KtdHsNZrOBuuy36sxsA3R73Q6z3MButPcPmPEGursP5yovAfTaaMeZ8Cr86zErvl/eL3ca/5+9d+9v20jShf9/PwXs0USUTUkEeE/sZHlNvPHtSM5k5/U6+kEkJNEmCYUgLWpOsp/91FPVuDUaICnLnmR2tDsOSTS6q7ur695VjrLfNjrdiojlJEr0hw0Rzkl+GQzaIqITog2aPRHU6/TX7ou4TtxmUO9oQjvGAfXkc1StVJsdEeA7dFqdhojxRBgGdluEeaxWo9FUdqFGvdYVwZ7kEac2qCtTw7Bfq2tCPk2iQUKAQE4nvtUQgX/o0DEfiNhfpb9OT4R/u2k325WGMuVViKyIIjBoEWEciDpQGxLZ72tKAUlP7UZHVANClUq7LgoCCTI1ZyhqAk2u06yLskDb2Gs7ojK0u21IVaKrkvBB8Aj7oKXpNzQlguS+AXE7EeyJTbbaolAQ2280HVErmvRXr4tyQWICMX9RMdqNdqNSE0WDCHALchi3oYPktDWlg8gVYayyNxIpb9vK+0Bo12qKGkIrUat1RBmhUfp2XVQSwmKigKKYdDG9nqgnJME5lb6mpAwbw0bPFlWFtmUIus+d0F+lEbpUnCrJlsLs6K/hiApDRNru1ZQiQ0zYdkSdIYZQH3Q1pYZI3bA9cJSJvknnXhQcRciFqdFfvdpWKmqFuheVh9hXd2CL4kNEYkBskJeR8GLQGGpKUAciqSOqEE1uWB2IQkTshXBX1CKSR7pDR5QjWmWn2RUVqQv5uCGKEm1Xu9cRdYlmTxuiK01EyCo9UZ06TaKoVVGgOhCP+qJGkXhebbdFmSKu3qvVlEqluCB/prPRHIp6ReJDk4SGNOPrgME3RdUiUbrSbIjCRUekYldF7SJptzdsivJFElbN7ogKRkoGkXVRxAjGjlNX3iiSJgfDL6qU5VhKO7SyWF9eIjr/oAK8F9WmDWYmFKDvQBdSy1XH8gnZabfqah9JIq23lHzeJMwFO9HcnZUW2LlsesWB+MvLRaQBsgq/2CIC2BGplbhRH6KAHIduBYRYzmB3CKbIiNEiIZO2W3OP1mvANkaARq0K9ZIb1xsOzg8DQBgNOsh70aJNUhg7bBJN7Qo/GhBygUEK8jSbkIY1d2q3D1LCkNerTrcn+g5JD7Wm0lWdRrsL7sudd5oVKGOCAMM2pF4Gpta1h0qfrZHMDrahuV+bHbAKwcBBDZKoHEwapyEElh73oCUKBnbqUHUYS2s1G1oHvzskmtIXXuaQ5go+p7lra3XwEn6x26lC0+POiaRB+uHf23Yd9I5nROwdmjwjwKBqQ0uUM1gd4PAzMI7dgFyouXfbdbAKITV0KIYi7bSqtT7EZYZw0LZBfBnydrcO+YABsO0h9CJhH/UqyBZvQa9RhQaiGVerXcjivKHd6hACB0MITaUiCnV34NRxOHlfGvShJxSeyOIQki6/W63WoTAwMthOFRRHcx9zW+VE7gwHijdVO60KxF9ernrbAfNjaKstG1oiz7TnNKFe8uc6nZ6KaBmV7qAJ2VFzNze7baU21kgEgSDCg7aHWFFB1y59GQgNpAVqQ3Dk3zu9GtgGz7rWboM+CitpN2GD0NzTtBtN4UeDRqML6wm/2O+1oGoyAPXKANYTbuM0BtAchDn22jDlcPuGM4QowAA0el2I3Zo7eziEbsMbWh90oAHy9EmUg3rDs2iQ3NET91a/RqB1RZYjvteF6MyfSQ8A9ec2TeINxCE09zcJPo6413tVUqta4kdrkbAFkYuhrfccmAB4RjQ1yBncfkj81VZOk2FzAJ2KP3ecCgwlmru8UYOewxvdbNWg0Qkja/QhxTIGDhsdSE78e7VvQ17ngdod0GDZR6c3gJYuXLsKPpneoxYRDsji3KBd7UNJ46Wj4wXewwP1SX8ciG+XKEQfyjMPRLoURGfer3a7D8mVl641GEBH1dzxrUZNqY29emcAuZyn3+71ocUxMvQrNYhZ/LlWr0MUY2AUieelJmURjJOXl5RPqKCa+55kwKaYyEjmqEAB41l0SMe3hcUP+q0eBBHuvEF4VhEDSLPS6EHtZ8AcpwOLDM+IIISdSDNuVLrQUflFwiZYGHmgSgvkTdQZuzaECYD3yG40oVHwCji1BmQFXtJmrwIDB2MvKbywGWnhAQ7IlbCARnMIgYM3t9KEqCC/D50BzAHcCT2AOYbRvlfrQujnGdm9JqxjDGS3MYT4pYUTVPqQMrmTXrcL6wl3QowOIhfPqDuswlDIvw+JOvZFn21X620YNXhJOzTNtgRdDIbVDtRRLfxgMIQEwxtKQj2sJ7zpJD5AXeQXBw0b2iAvUZ9U0YEoyDU6hFCB+N1hzYHKystLAMJ8o4UrdFsQi7lxs9aCWZOXru/0YEDkDhuDak9JsH3iNLDJcoektUBJ5vZEMCHo8+casWcS3jWTWrsGpZc3l3QMaBr8uUvnsiGmaWfY60Aq5f3q9QCwLF2z3oM9gpeuXh9AX2Kk6hCvpmlrwmSrCS2CG9AWQtFiyIndwnzJe0TaNJRknh2Re5ieufMB7cqgq0ImGhWYD3gfO8MW7H1a+ITjwAbHHYIYdcUyXB2SrloXI7xDSg5UHV7eVqcDTZ7b9KpVKGMMQK8+hAWTAXBIkCDJRgu3aDcgIfMsOvUWTDCMrpV2D9ZJBqA57MEEw9DW7Q7wnn8nuRtKNQNAKgmsybwy/WoLhngtPKPTg77K+9K0WzAI8ov9YQ26Lr9Ya7RhS2UASGSD/sXta8R7m2Ivag/rDZjbuL3T78Aio4Vz9OswKjGE9VoHmh4vl9MeQI/i3yF2kqrDM2qRvOmIHbXSJLQbqgCe9qAOOwUvaa3ahiKnuah6NjRA7oSUU6govIyDeh9GJUbXFomkDTFvNupOA2YCnl2vXYWRndt3K1U4SxgzW70GVDAtXGTYgaeEMafVcqCj8oy6vSEMf7zRIterMJJBF2okd0joAu2dZ+G0OtAWuJ9aqw+TnOYEr/UcpTjDagTrMA9kN6uwB3GHlV4P5jMeqErCUU1Uy3rfrsCyz8s4JJnMljC/yK2QDkchNtmW8MJ2f1CBj4EhbJCeW1NBjM6gAbM1f+4MenAL8UCDYb+vXAY9u9OF+4FJVqWP8VtfUClz8jxlJI71BAEGPdKhe0IwnQpp/xU5RyTM1uArk3NHtKgjCkKF1Gn4yvhdZ9iFr4xXadBrwVemecpqHfjKuJMa8YKaiLs2afbwlfHnAcl+A2GUbVLh4CsTDtvsw1fGyNAYtOArYyAbtS58ZZqnjORtZWhqE3WBr4wPr9NvwVem+FQfvjLhyNUmfGU8ULdpw1fGbbpDG74y3tPmwIavTPOUVSvwlXFjuzKEr4w7ISIJX5kgg92Fr4x/H7aa8JXx0vWHHfjKhHyRZFHpqojZ6hC+Ms1TVh/AVyb0qtuBr4wPaaMzgK+MsbFT78JXxsC0iai35TikPWXdHnxlQvnbffjKNE9Zow9fmbCMng1fmRzerg1fGUNL4hV8ZYLGLTb9C1Gt9+ErUxzWga9MmGC/Dl+Z5imj2StdlQS8GnxlDPmwAtOdik2iQ90VydbpUW890QqHvXYFvjIeiCRl+MoYgEqnCl+Z5ikj3KmKebnSIymwF4aJ1nrwlTGE3XqtodwHNVJ44CtjYKrNGnxljEg1+lBrKc2xbsNXprH1agu+MmEB3Qp8ZULJaS0cEf5J7u3AV8bL2Kc5KG9LrdWo1JSUS2zKga9MGGK7AV+ZJkw2evCVCW+qOfCV8TJCVeg6Ki6XKGLPVrSu2YMGKiTLgRlD9oVEIPjK+N12qwdfmeYps6vwlQlbJylfeVKIvfXgK2MAhkT1hqKsVYd0GIbCynsV4jAVcXg1CRXgK2Ngas0KfGWap6zXga9MKPagCl8Z71erVYevjDskbQ6+Mm5TJbW8qkJPe/0KfGXCJtpV+Mq4fafbgq9M85R1GvCV8fq36ENL5AHauUpVWVcGdVLc6yoIpN8ewlfGwBCPh6+MO2+R4NcSbkuabQ++Ms1TRlNoienSbjeG8JVxJ+rA8ItEX9rKl9QkQb2pVBXaRfaV8R4NSAwaiOxhE5+Cr0zzlDVhl5BYyjaJpm1R0Bok2MFXxmvebDl1ZVRsD2s2fGXCy0hd77dU+DHpwrbIhA4RPfjKNE/ZoAZfGaMl5Pe6yOFExmrwlfFyVdtN+Mp4GTvNAXxlvLz1fge+Mv693+zAV8b9VO0mfGWap6zRgK+Ml6LbrsFXxp00OzZ8Zfw7aW7wlfFeONV+TxnkSSOqwFfG7Z3+AL4ynmmvW4WvTPOUVbrwlTFU1aYDXxljVLPDvjJeljqdorpIs0PiaPCV8fKSEg1fGQ9ENAK+Mh6oUx3AV6Z5ylpD+Mp4o0mshK+MB2oR2K22urBQH8JXxstoD3rwlTFgpDbDV8btSRBsKb9hmw4kfGWap6xlw1fGLw5aLfjKeBaNwQC+Mt6vpmPDV8adNIlINUVx65CoDF8Zz3RAtGRQVepPvw1fmeYpI/baEp2oV6elrYu5zO4TUH1RLZuNXh++Mp4dYQJ8Zdy+W7XhK+P9arS68JUxwMOKDV+Z7ilrwVfGkFRIyaj0VEhVvw9fGWNR3x7CV8adk6YOXxnPdOD04SvjI1Cno1YXy1hzQKR2oEeAk/YNXxmfIyJi8JXxsiD2oqKC+kjbgq+MPxOOwFfGwNTrPfjK+LNTb8FXxsvYp6PWr6WXrtJo9eErY8grgzp8ZdwYgTuOKFzVKqmWVRWBRjQavjIGrE4afV1cdYNWpQ5fGfdDmg18ZZqnjKSQdkPFYJOQUBEjUpO0fPjKuEM61fCV8YyIpsNXxohBYhB8ZUwN+tUefGUMWKVTh69M85T12FfGkJDkX1OGphqRWvjKeNBmrQZfGS8paaIdZfQg9taHr4wHatWqjgopIcLNvjLNU+awr4zPQsMZwFfGG213evCV8TLW7Dp8ZdymT3JQX+x1hC2tvooW6LYrHfjKGEjSs+Ar0zxljQF8ZQzVsNaEr4w7gRLSF+3PoTMPXxljXY+IXk+UsqHd6MBXxr/bxB5tsfa36v0efGWap8xx4CvjJbJ77aZyAShCrjxl7S58ZbxfNnLZDFV4Z78GXxnPYjDow1fGvw+I8w0aaX7UIfENvjJG0WHHga+MsahR6cNXxrNDbFN3qDxl3S58ZbxcTdLFm+pyUNsZwlfGyNDusK9M95Q14StjyJvEhZri2u7QIYavjJelSjS6KjbYRq9ega+MZ6e4IH8mnIavjJe62XPgK9OMG7TQPYln6FeIzleaSrdtNeAr499Bl3oSO0TKRB2+Mp41nYWB0viane4AvjI+JtW2DV/ZF1TKqmalDH6yjrKWwE/WUBQAfjJ4y3h2DjQh0YNYn65VVJAtlJu2cuJDKBabHvxk8JalyRGULBW6Az9ZO7JMDtiUyp00QO2E1sFPBm8ZI0YFZFgFzA/BEhVDbEAWrqb3C34yeMuE70O5VCG4Dk6PnB34yeAt470YMO1XlmTItiLZwk82UK5Y+MngLUtz2z4IiZAR+MngLeMXa9DzRMuDnwzeMu6kAlVMFDH4yeAtY2BsSB8ie8BPBm9Zmgl2wCiayoEIOVTFETXB1moqPhk6YhilDEVHmdps6ByicbCfbChUBX4yeMvScngdnES8mfCTwVvGS9eC7COSD/xk8JbxctnQ4x11oQw6otIQ4UF3quqKIqRCW7slWgejEDYBPxm8ZcJhISyLqAw/GbxlvER1SAddddcJWpF4ZOAng1TKQFahfzTSijP8ZPCWMVRDiBsibMBPBm8Zz6KOoykHE34yeMt4uYYs5wqm1aEuiLIAPxm8ZWlKLm2FkA6h5YiTF34yeMuE1oH1qbuxNnRE0RDhJ4O3jJGkARrTVHcAITlqNwHhJ+uGMcNtiCEihMBPBm8ZDzSEeaOtorIhNorQCD8ZvGXcpg3qqPxTTVgg2umB4CeDt4zXtgvbSUPdLYKiKWom/GTwlnGbAfQGMbvBTwZvmfA1CAIiBsBPBm9ZeumG0GzEHwQ/Gbxl/LkP5UZUG/jJ4C0TogqOJPyI/WQ9EZvhJ4O3jAGDn6xZ0bS/LkxHKhoQfrKqrfQmCFwibsFPBm8Z71EbUobIGOwnGwqHhZ8MKjDPrgIziaPZ8WrQchrKbQ19TrQ5+MngLePPHchNofcf0rrI6vCTwVvGwAygo4uGDj8ZvGWa7w+S+FAJ9lDR1H1kG5xH+A78ZPCWMbR9qM6iOMNP1lORh/CTwVvGyzuA+WqgXTxpQIQUARJ+MnjLGMI+dDgx2MJPBm8ZA1CHIKYi9hWJF8YHtmkrGQ8KaLWisXWoX6J8wU8Gbxk3rkHRFDUTfjJ4y5gyVNmmVVUsvgZvGc+0A3uMWGPgJ4O3TLuDAw1V9FP4yZrK9wo/GbxlDMAQBgBR/+Eng7eMf29AUhDzNfxkjjJuwE8Gb5nms4DSrwIqhhA3RNiAnwzeMoZ2AGOAmALgJ4O3jAfqQuQXgR9+MnjLGJghhC9N9IKfDN4yhqQL24lYTuAnq6uwEPjJ4C3jfWxAFxRNEHo2vGX8bo/lVnVnHMpoVbs3PYT8IrEN8JO1VAgc/GTwljGENnRB0QThJ4O3jDt3oACJ+gM/GbxljKVdGG/62iX0FoRiEYnhJ4O3jJerB/OhcmdXYQES+w/8ZPCW8T7WoSK3lEsIYr6jvDBQYjQVBn4yeMt4oDb0DNEy2E/WFVsQ/GTwlvHnKoxqYlKDnwzeMv48gLYkuhL8ZPCWpc9REzqEaBDwk8FbxsvSgfFSXXtssYosdoYmDM8SSQg/WUWZQ+En6yjTAfxk8JZp931ggVP3dm02cAo1GMDuK15L+MkcpebATwZvGW96FaqYKGLwk8FbxgA0WELXWHkDBjB1K7wFA4yYX+Ang7eMIezBADNU9yYgIKtA2QZUalGo4SeDt4wBaMEMryWIgJ+srsIU2U/WVKkhatB0Rc+FnwzeMp5dDcqlqJbwk8FbxkA2YGxTuQU6sMf0NYtxHSYlMSjBTwZvGc9oAC1K+ZscVnRUvAp08ZpSlmFXHij7HqwUA3WBDmpcVbtbZ0P/E+0PfjJ4yxjCPkxKdeXLg3bbVD4IGAkcdTEHJnZ1mx5+sm5F3QuGT6CX3iP4yeAtY6xzoKGKfgo/GbxlPKjI9WKk7UKJlIAx+MngLeN3O/ByKB9HH4axVvocwU8GbxnvUY1twzwj+MkcdXMEfjJ4yxhy+MmqyjtTgV1frPrwk8Fbxm1MnjL4yeAt48YVeBgk1g5+MnjL+PcGjNbKZN2DU0hcQvCTwVvG+9iF80FcD/CTwVtWpJQhC86P3q11qpKXpxWxT9TRfoxq/hYPPvaupXbEqaiIVuWeADit3BUC+74gsO8KgXNfEDh3haB6XxBUN0Dwgz8dx1UoJb9UohTnJw7/YfqnK1WvJx/crmFRyXo9X+OWDQuq0uv56DINiwrT63BvX5z+yxaeV5nw0mXndeDzC2UkwEyVrb7fmsQKyrgecaLIL68ov8A1KlSCURvSu912gMxOvSGFYKf+/PIouXuJWopcM4densfNbzxVNInPrdT3RF0BSfY8mvqBR2f5ozud8GFWTcrRAKouuhRS4Fz4iRLA2vAzVXQ4Hp4rLiwXE8lGjXqSBCAe3EtZYhcrxN3Jqt1TleLPXIQ4qraZX4e4sPwHF9RI9MJ1ek21KUxFdeEk5UKBWxaINwzm1LYdDAbNTxrMqjrbjgUb6KeM9W3xWFpR46qzW1Fi1cpITVSVDwxUIpR3mUdlC91/qdIzyOg8CahBVK1l+nafgNt/d8A1gqMSLtbTp0+tbJtssRp3Sus/vrV4ciS5pBtkymUkVjPqPZJMeBTr6bcJOLSiz0yD1VhcOIBo36U352yuKmUsvXQYiVHB4bm/JiIcLhKPO/XOQGdRzgVFQkcfSvt/e7Rf1kbVkCRs2StoyekcwtosldQTO/HETj1xEk+c1JNq4kk1+eTXxDi/psb5NTHOr3Zq7VgTEGlcJGKRSs2SIf5COpUt72OmWkY6NZ0QAyrtBU1atKCBf+r4p3YQw3k2GwcLb1aK9uWt/a4c79Jb553p2IcdV9Gdg39s/FMp7Lia6rhm7BhpVEt7E+qGSMHee65QZNH3J1atgg+PiUiW997jP/lldzqAYlZ5S1sl/5u8s35hVHprtd9Fn218NHehcMBWXdjJLuxK3IWzsQtHXk9DYdtxF9WNXVRVF2konLiL2rt3efWBuvpSvI97qMY91HdZikQXtbiLxi5LkeiiHnfR3GUpEl004i5axUtRon+fPEH54t/487ffEiflYr8XF7k1ln58+w6r2CGk2+sWNyqVVLMDDNOmUQgZMUiVB7HNo/xeeA4U/pPc9431+PHeJB/vTwXJjMgf1OQ/ldz1ObWjtzN4H9TlP3b+2070dgblg4b8x8l/uxq9ncH2oCn/qZreNixdrkhilK5CSnYO+uXinzb+ad0bidyJ9m5DIu9Ee+upjht3p73WzsRXo1vNd59OjLUuW+8+nThrBDoJ2V2JdbpLJwHZXYl3mu45CcDuTMy1LhOA3Zm4pwm8k4DszsRe6zIB2b+Jv4LBTPwTZLT1SXwg0VH7k1hCgi24n8QdEh2d3xujCOtRQrmqOvnE9wIk18M/qFgYjO6NXezEh3ZhFzvxoW3YxZ34UDPVcetL86E043AS5Oje+JJG9RPk6d74lDZEAvJ741vaQiUgvy8+pjGeBOD3xtfSXKOaXPL74nPaEAnI743vpReqmoD833zQAEM+H0ywsNF9scQEExrfF3dM9OndF6NMzP3iLjzz95QxS6j7jxZG+vGbzANl5qoYnojpyzY8EXOYY3hSFUNZka1XMZrYDCtFrFSJnrA2rCrV404v/cVkeTXLd2Ckbby6f6KT96AbP1D1klO+2oytOGSPnTJOS8ZeTDLIS9+6dCdzzGQ1X/jTqRha4ZDy/etEmeTsWWnlnBTq9Xtvac18Yt/B5HKOuj/ufGmNfO+CPk68+VIrv7yH8jugDnR+I4KRrTBNHZ9eTS7EM8yliwNrda33laFAUccd1XGman3nCSqaZ8bbW7GkgZ5sIzCr8+UChdfZU+2PufL6tT+9nfsz1EFFUauP3uJi6t9oQEqVb6ZWrYqR1OytfnnKETFjDdjfDYCceDOUdV0SXpRc+mf9i2M9tuyD7NL8whP6hUZf8bQaxlUe+ouZhcm7j5bU0fLYpc/LR9Q39XrsZvoVWJsX8sdrvcRa28beO+NxwYqt5uNNS1axD8Ix3YZlGiK9IAI0Pq9/qdK3dXZhfnkaLgnhB7OtlSBQ2rkRf1HHTyzr6d4UvoV4XC54mopxzzy1WnlPC/1SquIeimRzucK7UqFJokCVmm660laG3KhCWFyVj2jF3OBBPU04N9IE/DTh3EgT8NOEEyVNwE8TTpTTlBNFeIfiI2lPyWQeO3we/q32sIyfUp6eEwbyx7cV5l2T+dsUl907seWxHT520o8deeyEj6vpx1V5XA0f196l4fsAIttMvCKVxkp48MSqtjP0Ym+p+OFbBl39ibyVIwtC4iihMaPZwabGTtSYKMamxtWoMc6SaqyT3KWtQC5hOdNt80Hmtd9ufk7U8xbzq0aNE/PTQT5xmHpWiIIA/MfYRGKAHyaGlsyD6D/okfsLiaMQF3pC1KVqZzgRI0eJBFz6QO9SC3rbVi9VmWQfHDD9ZjhKAIR/TIKTpbopDHG2XEHGEGcXDHF2wRBnBwyp7oIh1S3n50Q9b4sh1U0YUmE+YkKR7E5XBEcquThSycMRO8QRO4sj9g44EvZoYmxJ6vjjW1FgTpyyaXEiwH58K0rJSXVTO1E0Tiqb2onycGIX8ru+98/id6qi7b8Mv6sV87t6Mb9rFPO7ZiG/q1XMDO9bnM1cfhezu42EIWJ2m8lCxOo2E4WI0W2kYhGb2wbUkMltAaq93ayqbyMGl0u9qhF/02nG4aGRzfHOKqqYomAwyQi7qtqFzLEq79n8gqOG/CVDQ2X8Ir4Ws7UtltfZHhOc7THB2RoTqttjQsjMtgC1uj0mVDdggr0rJvDcFIJlMcHOwYQkC0xhQmULTAi72cy9KltyL3tL7uVsyb2q23CvOIrwmvReUrzd+cg79KXasDeOuQ0MMGPvWOlYpa2jDJ/Np5O510u/tFu0oaGLJI+burPzsXsWvhRYT7/Sy56fXXrL59xsGLbS4tFIa3/hro8su2L9NF0u3MMfJolVmDAEh3IbIBroyOpcLL0Fx1wjXBkxxqVgOZlOD6zRwqN5WR+9xa11gTsPI3/sla3z1TK6XLCaUvdoxM/9uZcwC+xdevOzq8kZgXA2ktD00rnvTw9KuFwwX5Yysz4g5YyAN0fZFUQDawOZAlnx+9mVGyDseDaul8Lw2YepVS5b/zeMJ6T2v5eth4nQWusoJ6wx/CtyVm4AqRCMh3lHFQadBypaVV/Lt3H/77LxiIWLusvC8kx+zBOcUq24zHZUKTz/4AeoZj8CnS+DguMf+BJTwpr+xytBb+T6HMK/u/grUrMg7sMOlMl8ebCHmwwQSmG4L4AuftnOvmxv/bKTfdnZ+uVq9uXqFi8bXD4bHu3n9Gg6HfjLPyEMOEnlqfBbU6PspsILvXFPlS9sf+/Hs30c7klO9xl7cdTBtiitdJgQXQrWXOk0IW4UtnQSLZ3CltVEy6JjhHiBEtZiMrue0oEv7ZcRzP0jaN/+QdzJjzl96HtvsrR/H0ejK0ZsGWjLnnp2xvqoeXU3q2VRS5aT9o9YkjnaN6locVM7bGrHTY3+PJHDuakTNzW66UTQ56bVuGlNb6qvnyC2WDMxuS1cR9nFO8pFzTtYPaNXd7F+xi/tYAWNX9rGGhpPaWeraHJKW1tHtSltZyXVprTBWhq1ZqtpSopnRBIr1NF+bjzAnW2ocQ+fYEvNwLgFDm5nV42XcQf7avzSDnbW+KVt7K3xlHa2uyantLX9VZvSdnZYbUob7LFR66xddkscvKuNNu7hE2y1G2E0MKzU4FsQUuFCCR7Eg9YUld+gModgHLFtUL1SrD0nX2mErxQr0slXmuErmRXfN7mBE9xamWqN3Fo9u3duXdueW9e359aN7bl1827cGumTtmfXqdXbhl1vabSNXtzeeBu/srURN35lszE3nsqORt30VLYy7qanspWRNz2VYmNv1DbP6Mv4I8a2ozyl6G4G4PjtXQ3BKZi2YcpbGoXjhdvaOBy/srWROH5ls7E4nsqORuP0VLYyHqenspUROT2VYmNy1DbPqLwdpt3FwBy/vauhOYNpepebWO8WRNHMeiu7s157d9br7M56qzuw3kJ7XiJ6X2y0CetyaBwuZaEyRVqFAMSWjH18xxXz+CfzDOUdJSHt8zv7+0VN1Y5uaJoSueSye+qnnNdS6CKvpX7KvnWQ/iknpYFaaLGeR7aewu2JfRX0/8fHL9zl1XF3cqkyvRxdX13/f9hucWE8sl6vFt7h6x9e0/6cT5YLd3FrXS+80YST9UxUehiXo2E9GEank3M0gqVdOjhdXV/7i2VgnbuBd+iU5b/I6SUfGmVOAyBP6w1rvpqde4vgyLJ+ClT+le9fvEaalW4PwMa5goIyLKvuR3cyRbKlMg+HvlyBbIEMNrAVeTNvDrOtPy9LWOnNJPBiCDG7jzQkuzZq3EM9evh//yPqqoT0JX1/xOEAJGjO0G1gLbxLd8HpDNJjWYdWsBpdWa5Mwp9z/pUlCWLTqX8T0OOFdwHnBqd7UYPRPn6wXnTe/HDWffb9s5dvBt8PTiRLDr6cvOw8L376u8VJciLwsWJn8fYilU24E48eOQ0MrtxSln/NsjQWIYR7Bg8KEr3IhLAy48lH2Xv6wiOEndUdqzTxjhArzb9ZMsB4cjlZBgfJgZC1JuovUDG29J22vOuNXGTbkURWi0vkv7n2g2AiWa8fIRnOykMiqXkI3C0HNKtB1awUDtGgl5JxasLBIzGk0qBsjf0V0nTFGH0x9Vmf4MGufdr7qLPDuFtsY5yoKhAM98YIb+Wo6CtCiBt34fEMb658mlEcKD0GNPWq5MY5pLMjM+O0TZbVAaQj2gTv1xVRFni0Jkvgq9offxFvDzE7dEccjrqF00tlfypbczouyHQUheH60evWX+Wg3FxNqBd/jgw+4RFV5xmHrzNd0gQvryRW/AJR0JxgKiDcVfHjctJpDW/oXGGkC4mVxuIwhNbV5PIqQhJM+9zDbnF2MrV+cV4iOlDXdLCJYcRH82dsdOJ8Wg304nOYOZ3GWzpCU8/lKYt3EEmGsKOEbsCjRg2pjpLzegPQZWwiBrTAlov4eEU8cDKzCy4Uiqc/mYOnKQyduevJbDWLMFSmSUMTkpEUUkJqqEePGg7rXhHWH/NQCbw/iOf7UmEYcCegodkzGpKFq+Xy+uvjY29+dDP5MLn2xhP3yF9cHuPb8WBOX+dzuHynk+WSgPH4l98t9jkvaeoTWVirNPdudMJQuvZvSkScncbBwcHht3LMQs8G0Wo7JilEli9WU1r5wF8tRp4AS9io6NrXUUNC7jTkNzc3RyN3tDgieK6OVje01Yup79Nvx1fu6Ng991fL49GVe23Xjq7HF9YPtOznvv8Bybc610SHaDlYjPAvF+711a1V+qHTO/jdPBiPQTi69CXH3BHh1/HFZOoFx/QTP8UYL0BFDl9HBIBZTOnF6xdxv/9JLGY/sBJUdDR1gwA5tqxTz7OO3zuBdxwsRscBHXzvWD09fk/vMRjYw/fjD4f2Wf2sckgND98vpkf/mFxHS/WDt/BoCDoF3toFF8GUr3DSBI+TB44X2HoCjv6tfPyOmLYAawFBpyv4RgyMXSTdR2HTPUT9m3BBEihJm/OcNlWtrxHkDvfwW0Lz0t55+qE3uvKpxeG3S18C7koH38B8Q9t9vSKyw9zW+k7N5jiaGX9//qw3eHk6+Np6jTSCgcgdgUVU3Tu/tQgRCCA6yhcLjxeN0IfYRhkLhwRvdIQDXNM4X9Ih55RDRGeub7ln/0LWNfAvlhG1pq3zibaAmo/90Srm5ow6Vgnn/uGpeuPhAQ809twp9zgRihs+5pxsNEmcFZr3SCQQ2SHAEj6eTmYTNQpeXxDVXAbcoWx/mWEug5JPLvBfj6fIWdLgjx9P0P35akk/Bpw6jeiox1TrmChP4E0FPOpl4gUy7xhKoW7CnwkOtWRgnmBds/SMJgLXxWoxp6E9fm/s0xLyyO89MABJXyfkANMkbiakL0EbkDGTzvtHj6fGM0bYxmQku8D7ch1vuHpE50tovMJyUMeQcEezW0hGMMIL3DgBY2OZRpt1THPf/DCwTl8N3/zcORlYz06t1yev/vasP+hbDzun9J0Ut5+fvfnh1U9vLGpx0nn55u/Wq6HVefl368dnL/tla/Bfr08Gp6fWqxPu7tmL18+fIUP9s5e95z/1n7383urSuy9fvSFUfvHsDXX85hUPqrp7NjhFhy8GJ70f6Gun++z5szd/F4Y0fPbmJfoevjqxOtbrzsmbZ72fnndOrNc/nbx+dTogMPrU9ctnL4cnNNLgxeDlmyMamX6zBn+jL9bpD53nzzEc99f5iWZyAlit3qvXfz959v0Pb6wfXj3vD+jH7oAg7HSfD2Q4mmDveefZi7LV77zofD/gt15RTyfqXIaQWj//MMDPGLdD/9978+zVS0yp9+rlmxP6WqYZn7yJXv/52emgbHVOnp1icYYnr17IZLHE9NYr7ojefTmQnrD86V2iJvj+0+kg6tTqDzrPqT/aspeZbY03+z9IlPUufRJbmKLJb9DR3UvPsnQqJ4/dFR3TBQjZf05m1s+Ty0uSJwgpnxD7WrgXC5L4/oOo69HcW36rBolw+sWLvz1LvyYt1BmlPhO80Yf8w0yV+bpqExzTqTxUX46ulrMpwfmMsEl+Cfsjzsd/qr9rz2WaD6iO1QSPDdM7VsreX/7jMfd04o1XEhoGIRSnKIgXLxNTpoLStH6//vpsgW4ksyiGCLXJnNYzf7689ImsSdK73HYkp1+/0NpS72PvgtRfYnkZzejlm+9f0cH6+37ZqoAnbYDjnOQdb7nc2HGXTu7gzZv9styA2zi7sbOxy9evfh6cvBo61KezRZ8Lb0YMbUyMeFPHdIZPT5/1qN/qFv2ejaakqG7slEjOgHqsqR7/8h+HGUTii6sGJDpxWSMTkV9i+FwLfDAgwh8o6h9+I6JtED6InYPTQF8h1nrtMbeOQhpHxAyYe0EUOYj01FBdpJ/oMN+QluJ9hAooesP7FaltN/7iAzFTkgWR19RXt/9I/F+6H1R+whnGJGGXbxYgs7FALGGpYZujohOTOA17JBcQVG/11f1b5/lPg3dYO0gtYj5gifxow7bwizqu541y+uz7l9ogUFI3jYHXEohv2vod6MS2J18/meHkeu4IqXIzWLY3wgPDyp4wh3tnLT1gycqYlJrfJfnPXboQNTngVNLwbt4A6T+zB2Zw+p03HW0LEmNvGgxvb9iJF5IsW61OIV7mrLwu9+sb8CZUUDySR5WpMG0H20ikE+YrnaImelfWP6UERTMpTS5I04XOP/4mNu6JPSLHCJjKlL2ZhxB4NDb9rJPmBHCwUJogI4YV0LApyLyJIoDRnPzF/YJL0CTIfRIvGLAfiXYtSUZ2rd5q6V9cRBB3lkwXld2LxPobL4zFPfeWN543T7xrsA0GpOf5U9bYkZ5Ha/LdBqqYN6UfOyedN6c/dTtnvZ/evBoOsQ118Q5+qpF6V+M0DxYaqOPphPJjofS4rewYWrrso8pR5aRXS61YnBkbK8aGhuyoyolvLg8QN9wPYqbCraLWdysSwJ19Y7oCkTP6zL2cT5akxuVA0CVk8tz5LjBMgrO5d0no9hHWqwt3GpghOqFdJdVWtjJMQUy7FAoRWYBAHANvKS9+H76w9YULhi4e56m1P1ueLaizfSN8kT0qF5CoxW4gxMfiqXVoF49Nu7WcuYHhvuWnwXAu3RZuEDMuCLicCXq+VIZ/thxfsE1jQdr95B9MWXIT1p+PZoq+Xs6uE44jNllOwBWnxDdCL5ryLShq65I4MD+MxoF5NzR5lq0rmOZ5iLknEEVDu5jkRIzQKBUgvWn9wGPEBQFIwNUEEA3K2GIOj9h8OvngpeCNqwFc+Tci0arHV96ajeWw8JNMPFpNWU5m30nooD0Lpp53TSLxJGC5ObdyRNRS//nG/eCtUr9jj9P3ardBCoLWiAg9f06T2kyhJ3NQ/YDHDaxSSLHZ8RRTnfzaBoEHM1Us11uHhKgw5x9yyQNFVFiuIJayjNFE1TtgtwcjBNOUfdk9QhMfZirOJhQNubzx6Tn8HdMJ2Dy7JQgEfyp1GK7FFOiLGYz+n+crDhv6tlyIxsNgE7TQR+wKPclOLmNXjgqmxAZk+frVdPmNsiPLD9Y2tuT0aFaBTXkfBVEh3jXE9luvQJNSe2jqSYzGbr7ROKpwZH331eXym3hix6mZxUio1TbZW4e4FPIBOoH8i2y8+pGkOPlOBO8ot7NQyOCmcSt1XTErGGjnorCQir6UBLhkNmSwntLemysFWA9EpBqbxcT9A+uON68iEnU29d0x+ifyun+Qc0mmSFQlhMiTYPNCbvNu6uRAJizgXoETbWBX+IpvEt0FjlBp0iHJy7oGnAiR6sxbT4JlUNpnm2MwPRMUjAJmuJ5EPv68ej14eXr6/Kz/7JTV3S2bD16idX8/e+WPDnbgz7w4DoMY4391Xrx+bV25JMvNJgFtI2vGyRavCHjqV5FGDh0IQJxZkffZnpMexj8/I6a/WGYuaxFFm8wv/Mzve1DOIX88xbuXHq4a8g9Bpik9J1nlbASZtZSNXiTJ6/KMJ3FGjLa0/5cQ+NIPHqHq4rfnopQcWH+TGZaOHh38ZTLDFSc1Jn2SVQgMN+Wjdcm7j8a3EL3Z9fK2FHbz1jbcvsRf9s6auhSbeJEzqT7Oz6MYAvQ28RLu9CFADGWH+JbrwrueuiNC/Kff0kT36X9g4ddnS/cyiEdz+MWDTGI3/P2eQf4MZk2gzHrBfH9pudcwjAu3DjcgWrkb4pYwKEowx+qas5UtJ1OOQKgfVR/fhViGV2Cj5diX/d5/Z6JJOa8o3Ch4x9C/hRowhj52JEH64SUZCBP+IuRPpzPmsYsIXkyUaBNBMs9On/3/AwMFCkFINVMm7i16z7oIThVZNNFubE0xTc/jzEnw8pGuxfmnDREwgBrGnWDyDw7IaUkprt12hedWVo3yL8cUvX42/Ok5rH2cIFH+du3mRee/CC++f/ZGumkO5W/nbk670VxQrnQDNLSsduXRozYL4okqbTceB1wRh4gDgEL//jUpCRwfuNx5hnYlBM4Oi57eZaHsytnzAcz2VrtgYsmoO47bEzo5c29D8yN7P6JApmQQ0x33DiqBCj1qOEb6jr88onJ8zNhe07Gdo/gyuF7Lw/W70abUKXAan3gKavdyCKr3cgacrY5AUz8CgvdO4/Pg/SdhffOLYj11SuRg7IeYXXcO2NpEfBlSq6QWrtUr1Xq73XCa1Wal1m7EjsdzFQQLgTh3APaziAVLBe2yRYLY4xwhDpnujz79gNazBzSP84bcysz8zIlS8hRBw7GUOnhnoT2ONGLmtBDPw9/OlrfX8oBY7T78M4oF7udLrEkzIIlO6xycyVTFM6xGTp+kJ5/htkHJiM65hYcK1FBT7pb0mPsV062bHdPBpLvMKhi/a6l+aFBRGQJYp0TrOODkPGx/ZOOsiglG0D+a00fv15U7BR3xFyRSVfbZVV9rZXqehCH1dFoEJraLhlFjUQyMCn/h4dOCm9KDBG9K7jkpG4DnwHrwlAH67TfYhx485eXLCoumwohZ7FddmpAdtskcxMbc99ZvK+8OivJH867AEPQ/uXgaXg5J+UQgP29GXYbRMsO449lOdbnDGY9mgaCE+E5RcjbfWfuH+9bXpDYWZA3JO4HS7xHt7xo5Rc4nc+fKWwMl8ngF/vIkkeIZ5h7V8I/wWioB7029eRhBOSdNFUyphqhTd/4hKFt99+Nk/OI/HxwUzBc9PI3rPq5xB68quKRE5F7u1UruAFgVFXBdc7mVedkaXS2IapWt0zcnZ687feKswzf5dzTxlzUioCdVgKW2MaGRtnHno9lqWkq5Pqz9mtMm3tZ02g2JuMBCxr+B9EMSN5ThKRyIY5hTA1XWSgxB2LCcTxgkcNWxFH1HHvJ3ByrtOjIAJJ848oQz1id/r747OFDBInnw5Wb4wZ+kTdePxq6Li3N0lPrxrvAUHRDanFHozomv47Ss0vnkUl1XIPFqFpwfhMb3ZepaTyl1s4GaTqlprlxTINLjT+UgjY/JTmv2NnnNkdUKZzKPyvKeAWiinmeLAPUM+BSZ5P9CUmOQJowrvyMGoLmRcj/Y1SRhWBuz/33L2Uk/xJnjpcVJNHqTDu393MXT5Th0mY/VuxSAzBbJFWZurJ3L+8JCzrdWhcszg6mzOHq4UQjdimlze6bWqgT2WoVPGeZokOnwJlulIyPsX34pffd1ZX3wXelt53DoHl5UDtvvHh0cPfoLjLN7NmzRazPRzwm9yF+UJ7IoxHPH3igUeL59akgHXLg0e7utVMjm/0fKQf/wSKa09aJ9aeEnfRx04UdEF5rY16EYkysMJhYwKwphlCJStPPpxt9nEpV4G0tWQrz5yrJp5b9jzUCtxoZlkEU1XoNLoQUizXINO4YVzZVRj1JUCAAWE6XPtvCb+eIfe303kfIcirMNY/yjs56KmfXoP+OPBK3Sd08e/HJA5PyQyPfX1sWE78XfWof76v4y6RbsEJOolXPvcjKXC3IcgO/NuTVu07mjZXTpWS518ee8UZ/+8tvhQSU5ZCUxJMdlegiJUaW12B0bXs6S8B2Ow7glCfFQbpT7oyVhvEHQowHf/nIIHpWaIuK2SH70FpNRcgJ3n5iJU6bW97d43r9FEP1FOTTzOOYXZyU5xH/9z9F3vTUigydLjk4LOIcXrTOubYRowHFXiI9xF7dlvvBZtoIJAu/GvjSHPIVEC7Z1O/EQYzqeXFxQu3mOwVkNLRciAsEG6WuC/NAWzja7iq3SzB8/g6oSePKDCCjbUypCGZH0FOH8mlUNGuqgmHh+IvEuIL3FyvpeGKztLQre3+Jt3UpotMsXw8IkexthOZ72bkJz9N42wnP4V6j2ZowmKfNLybwK8E4QkbNRuiyph/41e6rC5mUEfukmmDyg7qLihjyQGVd0Zyqxv0UDGrrIY6Ohpkxas8P6cymxDxVDxFO4AgdKatgIh7a3+R3eec8/H7N32KMppo8wPQexxQkxaU57Ed0QEUb6fLoiYvnaneEC9KEl1sIHRrPzv4yi+rZiG1VT87i5J7OaOXs14xkzdEyvsXtlbTI/b3/29q4hAaXWpqLFnejDHj1FvkvoseeIkSf1GX3kS6Xa0hv7vg/bUrgkovHQl623uIBvoZ+y1cItOvansJEXcqG6SHVoNyAxPo7CiFP97nJEzQYGeSfxoxEbdvOnqcPNgYpR+iBCTV9dR516S4EGp7ASv6+IiLHQSC82rSauyrJABQIbSlUl7/IoutB0kA0ZfxlOfZ7MReN+9MZ879UPJsmnZWs154sMe8sbPziLY9r54qQEw4AolKFoSJgm3y7jQPrb/UUcKx0NkYmOz4C4fVT7k88a0t6o57ySiF3vMm9Lh67DldKox1cmvksAXBy8rq5EZVY7bmcsbJYTaG7Fuc16Wbt8lEcraYUPfbGZIPVwphk8UPYKc4i63jpbCgzP3MUk8BM+QPnNM8oVGSLIwyR7oQNlJGBq5dQY8UUpMMXvLBWs6rnLUugJK2WaoiYvp6A8MHklM5QvEpUS4D3h0TbYIJBT+ut4Na6zwb57LFPF5CtGRB2IhDec3wGjYv2MyMTkInGlBaQJuboWknHND305ckHFQE1DEGS9Ni1G5Prm1za5v7XOwW74l02jhJucWfH/UT1+ne3oS0e2QDUfza41F2QidOQgH4mTc/xsiGxcWd4VhdCAlcYhyHkyHF6RmMxBWRWmzns/Nj+yZVq3QHIrZUMt6CVpawwt3Dsee/MCK1EqEirRednQA61fjt+8bB1mF53XmxbcPOiUY+bVWNKpvoR3MMgkBDwlJKmQlz8gckXOatMre6PVYiH8RnNj50xatd9G04m7DoVo9csuWoxSCM5HID2JHvYrHLqABdxomj4fzfxx8l270Ww2HbuRX+IgXDRsh3SjSiocpX9qpX5hglrknEisyfloPPloBConrsG4PPdwDBWh/DLnUA2WPYjZOwLq6kySAOYElH2mY5VMGCy2z0TwQmyAScU3GICGqUqr0an5TCJRJG4RBwGFPcYqGHp0ODToW44ROjw01CBQL0QhFVMVUiETyYmr0KWheNbq029Winpr6xCDyGE+sc1A3j7Ij4YyYsEOuB1CFRKacJaHJdOGN9WG5+CDepwDrY7gaqxv7qZi4rZ5RsMkOvNvDfNza5g/eGtNv9yv2ftR438N5RKT3F61VHBGMZ1yNPJU1Ih872xWmSwNVpV/Y/xnt6lMlrpJZV/iM/+ceO/k4z1PdXvERxqNmB2bj02qMjwnIddE6phlh2yPegWvbpVh1FXW6uSjr6xmyMalAb4dPjVUdlfjhWxu7I3okJZUEFjI9OgrChSVSSgFa0ONW5aS0+zrSHozyzks4jMoypyhhtjfP9BMqjuCVQnXgEFr7Q5ZRgLLCHtqOHRBjF9vBelOyaDSAtraN7rQmUEZuHW2sZ5FPiAduCcmk4M6GEovTwkQatpZKeiTxIx0xo4/LhmrVzaTsY1pTbagYJ+TMsklv1KUd+YaGRhvrRly+6sGkQ07S7nC2WVo1Ge2oKkVSZigUkrMP89kYr6HVaQMhyaf1JWHyv69aZtpiH7fRrFLPc8LTEw043Ih/jYhJWHTreNHohcjgpriYsreYtA6M8vBhYVDK97MHx/EdnMARTQhBC5fsQxZh0rdQL2EGiQs2d9Z6V9YQy+ISchjKyYKm4VF4U2oO2ookzD4K3U2y6bjJc1HkS19w4m+Du+ZS1zfgtBLMuAMaXz9w+s630BGTniVL/j8VmrucPY2QRBqVgubnavbhFKGBTVMkB5YUry5SdpmXa5cLjwQi9oS4DidRmNxsCP6HUf9luXyo3t9vfCvFygyQCO98DkXnVTpkPzFc1w8vuD7YIh6+zozt3Sli/Ca49SdE1yX3pHvX9ePiEJPRn+p2w2n9numgzwGITnd4hzQ6ufiNFY67RdikZVNN8SmpdplYqp1Y6SRAGXRMftGMgmjah/9lG2dzJeoi0TZ1nFmQ9VW/fBNFr8TvgsjdtM2xDwUqTInI2vmLa/8cWYzf1ap6CSBH2mFq6UPXML3W66Rdeuv4LpTkQbQVznfNY4IYeAzUwOcizL/Tp3zCYDHz+VKEgrjI/AMOQM3CSDPEgFMuLHr0tiXuIKPpabz8obkpIl3+IJED9ebZmKaMjiXXK08c0CkFUWCV8H6R6egeO2jMkm0UnxysUSmvOqJzYwu+k+4tlG9HL6MaJC89/UzqXdC+/h3BYL8UlOxspMlycPo2U3NpMyXsVMQcKYttcsIiKVtkFQF8AGjWTS4VI26nS/dNUK3925h3gWA1t46STxj1Iu9xjeLCVK+MxmMsgcz9US6LuSrtM795ZVMATHbDGA0tHl9hOSUwywL2yMkCF6SXu1O7bStyUW7lAiVd+TDdJyfct6Zx4T5Rr1kbk9OaZ+TTD8372c2wedWSQu1hKEpPhClJ9UsFXpup72P7iLOZ7ZPb2QEGZ2C4xZjlFo3K4ugQ766uR+9keMoSXSeUtCL+owa5vQZIgTeiMTkPFQI1/3TcWE1vz9syGSB3RIZ0li0pVQQY0oZUX5pIWGbwL7tA/q0NwyZnnVMy8HEYmThywdRMl5NStDwKoIkTrOcsQVl8cyITp3xmG3AxZlw/yi2EztpO+GmeUXI9p08M4upHlmm0aa6ZNXdbDFiTdYP1F4iifqd0sEmpKbXUkEzSJayDBMT5Z09XoDbL26G2VbaT7VPX0/KpmHYu02YcbJ9pBnu2RwqFVM94wXXO2XW+aRJmTJLRFNSwRKfMqsiC45pNTPUMQUOPiYV+7RhJ9LqN6pz0lKj1Tk1b0zvGai3uZbNN/k+9+SqKaNHkSQWnbPwcBn4oZx2qXK0tz7j2elPI8/SOppCTge3Gzq4NXSgprhLoYaYIzM6KLDLSQDLETDl5LAGzr0+48x6UWSH6i21+bdam9szw/mV+16qZYGbIa9EuBGXuMh2OJPN7wCD1CvaSqu/1EGzvCmSVwHu288B93p3uDMoZoJby9IVZrKTQtqxWSq9Ncm+IV8nlijLJ8IXQtN4tAfmG60bVqhwlVQWspwK93kLxUbq7Csb45N1ehquXeIUcdfJ8yNeWt1mnE/BEt2HXrqNvRdFyJn/ktv5dXI3M+zHYKzKrE3y8D4JD3xWS1JkQLXUlyTiDWpy2bOW199tcX/rbH8pNhYn86mw6Md2sclchAOpx7VY3IIPKMGY9lyyRKa6kVboJP4xkf6Kdu09/df+Bv99IsBLHiwHj+g/hgVbzRITeLv3/h1R99wkotbjRNPJO3y93f7N2/SbPBt9ScMpMmDfGnIFRRkjvwmvD1xMfShOeOHYYmmV5Gu2HUUVs3ncwCpN5Fq+JMyD6bzCth/bvCgCy3fy/bAAFOA3tckgdhRoPsGdkxDE3DUypVuPFizdSxaaeKUfhXHo4QK5dIYDFBtxpyzh85Fc+tYFh/lSd+VEZlgzAO/fhUJR4QF9z6RYHc3wAh1KWyj2hUIx4/EGFNTw6hOQJVoT48FVy7ppm+OFjXY52dfjx3uT6K4gX6jDWaSVELvojbdPi83nfcyWy2joonVkkDKHlY/6NynoCw7INwya+VpLcv6VLEvS5he13uBNM7HXfOFDcaBEnLPOY3cSQgol7VPFRf+3midiKeKONopD+89gpMimTM5oJPFK/CmNFQT+v5qxomBKn9tYESPDvy0Wu1ksEiftX89oYdC5/m25CJnvg/9VpgvSyHSrhWQLO9xbk6z4eO+Wk0Lwl8OIpYR7tpNJw2hJvV+lf/1pOvge8l4VGg+2OCYZxCaM4n7vDTfyDTY7GGsK7VkiJtCmQ3kkFHA5q7aOKEfaPEsPkuiA4Gee9xMci99+4xOefcruvXxcyRoe+HFkGDOZOrjF7VmK7WQ1z3WSuTwoQp1t6JwaM5fW5S015w1EULDcPIkmFlz5q+mYK2MuSesi9Rb3T5Dg2UVqIlpvxKLQdw7pviI2cZhgJHc3qSg70Gc1qhxub1Q5TOvJh9voyU+UDerLmU4e/1NMJ8klvYPxJK+3nSwhkZnyE2whd93jwuXYtEHbGD3ubMB4kASmyEyRhjnf0lFowDg8TA332UwYIdX7bEaMF2FyvIwV43+HESNOE3hHI4ZTuRcjxvoTjRi6vhHPa/1nNElk62Xsrf/kJomCKX1uk0SMDJtNEusUePkmCZJIx6vRVjYJ1XR3o0T04n1bJVTH25klwvyhEu/7r2eZSJCKT7FMHB9v6T8n4mnl8kZ5iL+NHDL4dZVUFJM8Mr+XBKfkIkoPnuorHr2exOHj4/QBW59Nvfnl8mqTHUZvlWuJYflFtSa97UH8rhL0XJKNSbo79xCLHqW01US9P6Z2excxaDZB5lG1BuV4KQ9IDHUM6suPnZPOm9Ofup2z3k9vXg2HprCCtGilviy8y9XUXbwwHIJws4z5dIydfaCjugxW566xm92FOM2+s6VMF1GuqZ/AFXVdATcWNgh6L0hyQZC1ewH/7n5IH/YRXPBitXRJg0uIcO/dj+4diWIexfskcrbFhmZo15/iPBfenU1M4YmVGuyfYOTZYi03r6dxqiHnTsCgDJtYojDRVKWcgOJxgnh8o1mCECUj5ROwC9Akp75/DWDEDrTwZj7SkKhkklGD+J1kfVgUkZDajh7XkSXJKMAlsfC1AKVUJ8sJp8EOxKu/9GEPOl+lu5HE/kipy5AQrfWtmftBwnqUM2gy54HQDwqzzqN6Axzxk2aGEjbgS/FK0ly8xcwPlgKUdTFZBFLwtqzLam/3PrwDll768RV9tXI+QXXj3gKDkZIix/ql27/eS7SS2L3CLWJt/X3CoCFmsmLEVWasyIxRSUR0oJ80pvBEDMkzQlhDSw4PssEklOpAG+X9O72zDXYhsWlsh+6hnSg01WRQ2T0nbI2xlDbu5koVSbleeB8n/ooT6XBSjRuk1nGnH7huyjnhxJGFhqk+DUdDlS99mIvjD/UtnyhT5yRJmHIMNDm4o+EPoSnfU52YEamMfz+YjT8hEmWR43EuZhUEC90LDpk2+sMn41EGl3KHyczMeKk99eZW0sePoTB0BxHk1PO0m+Le/Ohm8mFy7Y0n7pG/uDzGt+NojDN3eukvCCFniXGj336HWTnqPN3xjFTXo+nkfOnPRovb6+URnZDji8nUC47pJ356Pb74y7V76T21nYr14vULq37kHFV//yNJPYWSZ1begUEYIrbGoDnBZllnxvyrwXkMk/AmOXxDtshtpLVc4ri2wwuWZwEhV8pnOEsJbutKbstKpvFtptvbnG5vM93eZrpNNP+HkxBYkhtmY7apdKx7/6jktEXHtxW9Zzvj47Vj9y7eyXh2jZ7h28Rbt8a3UiMl4PqHnWPPKRdaezZC9A8nhugfmyGKoyz+kZhKAQCJHvWdko2deYtLrySfiSpMIVxCAd1DgOsBoHI0cHJGKuwx7i3vdQ3C9W3hShXshuEZm87SBybT/fo2v0vDM+5S37MsV8ntdbuAIViAEsmj8ujwPdHYyOBkbcreGJLVu1orjMYFeElPQxCyRolig0Tixa2Wlk6RXB9zp9Eyb8W4w7YqFQzHJ6tIcXaZh9YEljvDtF3nt6RIBd70Qr1GsuhpIkFNmmHf3NwcjdzR4oh58+qGtmxBoif9dnzljo5ZmD0eXbnXdi3m3E3rh07Pol+co9rv1vF9yAI1W8kC1d9ZOp1p2XA2iQf3yf6TuJHD89lKoJInKb5eHB1juKHNeCbHYKMGDrxX50DZvwz6YBgPMXPXZygHtI5NAQrGw1B5eJpolac+TJjDTriOea73PzUBku4dFu9jWf+RZQxO5y4+WV/Mjn1HOT/dLylrc3/pWVf+DdI+SabLi4U/Q1CJHeYWgaGggmCWGxxMWBDMvo3UFr2XJX0MwVDpXQ6+ifKV2ZWt1K/0KrD25STW/X16Ez6/9pWB53MoXxl7E1EejwkeV4AMg2JIGoZH2Hn0yEZmHC1Y6fUPr8M4JfHiZsbwP0oexIupT6T/qBj/sLTx2aNd3V4hTPa0oz74MOQoD//MumA9ov/EUr4ksc8w9SItL01Nocl9HkUuy4F20Nu21dp2Vq4isWcb7SpqfB/qlVlRCocoFPOjPv6tEO2gEK0/r0KU6X69LlCIss+2VYjyei0isX3O9LnFPbQTHoVjuHi5rZsrP/CUB8CTrHaojbV0SWJgbvXryl9O8CviMqV14FGLsbF5NNBDmJmJVi28YDJeeQ8lVZ94L2YuuM1C+TZIRwiTyJfFtKy9Gha/TryJSNHkaIE78wpHiIMZjCMQe/XoYE45Oz1qea9mYVnvqLNosBCcMD1sibNVSs6qvN6Z74ubJUyYP/PHq6lvyD/4rxRmJ9lpQxwq45qRWs4DFX8XJqktjL4LO8gNwqtk3nn434v/nj/8JttXBEFuZ5/rVmIOs8+7i/gGUl/E9CdyJxEi/AVw8x5U4nakEldi8UUXNsL9+SdcbIxIzw5Bd/HZ36WQeBpN4wC4BK4o+UmiE2lRzn5d7HZnMqyOh6ijkqHnJ0U1tPTmViLLlP5Myu1x3boIItNaFWXvFgOAIXAuXKODKHowfdkvPN33EXD55fZf33orqgxWeIV0m21SZc92xZRMV9vUejMOn4MjEQxxx4n6DfFEba7WuWHiXwyVMmEvoacqPqBPAbK2Qup840QfJMQ4oW1nnBIlb4uQAl234eyImFsh5QZ03Ps1t1M96fxeNtN73N+mnNMScJaXYfKLbGuwRA5QEpS9hf9NeretBypFPZ6ZbrDh9y0WWVNH45XI1gpgP8itsTxcGEL6VI+UToeMhW0yq5rsKbMzt1sVKJCbk+u4MMqeZhssvAu5S0i7Fs4u25+pIGnObJ4KtcXHHVGKY91N6GQuA7MhTi68H5ldD0QfXQAfSNiKNYaHREEfEuSaJS0MuuOp5dw0UhuZuPptMBLusBLm+RoP2jp/GdhWrBom75sGFumQo8XkHAFv80g4rFrH/N9a0rAUnKu5CZHMkGGUW0yML5Zkrn4oAWAPStzHV1mZ4LR7wHZkbpxFWbz15MlTtmIZFhFnISqzKF2kTmPx08in8VU0Ff3Ez9yEi2KdnG+6p1S7W61douUOvCRqmwBT4xSFrQtCJQHtYQj2Yz3YI6TIqsrI9AqBgourQKPOIXHm4/ppxIaGoKZbctft2iaRBKAkFjEnATN1HDWiVvTVhBMINQztdLdwPJW09Ty0EfbJ2pvFtYryAEkaw7bcq4N0mEzcs6ogk+YNUh0X9UqNtC/O7WwyY6Sb0wFN49dbDbKM52ytOFUiPYr5SuxWJyxF0GJXorwe1XOL8DmvPus6gQXrLAqoNjcksfg3EdczSOyC+IkboVw2J3nT9GurYrhdkXlR6tSmX+bfdujAMXTgcAfp9w3h2BtnGgdFyi4bQCqF6/4t49l3+jvRdLLQ6GJr5BLmOcSva4CrTCYCvNJnoslwDSMTd9bxV42206VgY37HTb0rz6JZiUtPZOMFf9WUcMbc3bH55+TqZFtsDiPN0q1S3KX9rpxe/uzOTiNaGr+ft2I5zEH6SNxsVNQkyx10QKNVc9hUnwJ7XQR2RFR56Iis0hAHCtkNmECEJ29mZlvEp6zNFutTvLHumLMKFggLamij5K+v9NZbGjm6mBPHQGec6tux7hyAQt4qkywnm5hSPeQyLBP1SeCDKKd59rxt4DJEvmbAkpzoRojwV4x2xUig8+CzzSyYxIfVPNYqTJ4TS0nnC13+NsisW6mQqdGLhZfNSaLNahwrDBmAs/uRr+TlX4Tc2XayIXQvdAKmCo+ek15nqRhra5LOJBC96Z6PSMfDRNxKhT89ts7DD/wo80o6uEEMaYmoiuzjwE9kMPik6Ie01S4cuhwNY4iDMOXjiXPqxdFuJpFSHYJwnDgg7VtWZM1ypaJnm4OGwMXDrk3xZgKklm5GhTjlFnY0hkQdxgUtHyX73RJZw4KM6VinDRfn4eIkvPPW1/6c0HqSExb5Z/d4yqLnNa1uzkHij1/7N6W9cyzv3bKQ3I/PMnNVJdNiHrf41Fyrb67gBCdhY+6CyDN1dkdX8MGbEce6cgPro0eovZovPDfw57iJTHj662qy4FiEoJyK7aI/2LbcsM4dX5ELh5nMP/rTjwjDE+HGG8dxzmOf6OhHN0CNunNvSQATA0GNet8vwzg4mV1znkpiOsnBQDT81YKmvLj2Ay84sniSAqu66cvV4vggYkaHINAX7oJB48WQstcjhocjDSYz73Dkz4PVLFklmf5UgAJHH1j+NSo7UZeBVUIOrsflw/Kj8jGolT8arRZRFguPewz47t5kTrPKHkcLhT1lAxYe7nxxt0QAaL08CUYktVNKjYZLy6X7mJAhjGKmv24t3Q9eIBHSGD851pLriqbeD9dHFQG7FoIiZslgxXiFTkt8AZEDNtxZFFHBURi3KNznWlN/qYLPjdPE7iBmJlz5GWcpW8HNnpmCVEXtEvUjhOCteeHPl5f+DAgZteKiqNmfyymcDBdNICtLbjSpIMjzxYwuR+Nwh2VePGS8557CJwaWdsRG/MvcOjntlKNOkoPyKxNIB9f+DWqlXWDm5eQAh3iosrrIY/BiIMshvynXffkqMA4pl1x0Q0Btq3TujdxVoO+t3qU/Hquo/0BlKzuQeo58VZUjFWQCNBVqMN9f8hy/M+3fszlHHy1cSM3h1sRIB3ox97meI9oF1JCoT7LIY0D7hIR+9DMOtUQ0qXOksM5ykyNmB5EkCR7TpegUAlHVytJyR8ILDf2Kfl7EnWf6C4y7p3YIcUof+bSYsS+BP/EbtMI0rpawYZ+5M3GdqKTmFaEFTSKFqauA5UliOKMPCYKJ/ntEPTxCqZPIt0mHiY73jEOPiTj6QtQY3hCYOeKrCAfC/T/kG+zACI1s8zV1rFRZQ1ggKU1+4dFpPUf4NDWalS0I/gsmt0ycZAV4YkJwmWipCUeSJGZ3lBw1HVMzCabu+RFN6RKog9SbtMzH1y5tXXD8vlojYuGtEU2T3IqTCC+YNg0weyamqwDGIkJvQpDEsJm0XUoUgAt6bpBkE7V8w4K9D54q5yDn90w9Syilc9ZIYY1Lv/019UnK5HmgCcCs1XpxB2bXk1HL3WONzTP1yo/TUa0042dzQryAgTRZ9qR9OMuiUjyhjzT5KKPeFufUiqUx2YJiZ6Ix8slUP0GFOd2rDxZhPnQ2Znroghd/nOcGmtwxs1iiWuRmzEDiE60x8NBUXJIjNJRFJhGiEUafZRAjmVlY37Ii2MfeBVGNMekL2g69ej14eXr6/GzwstN9PujvGxxYmAOLo3Fd1ywm7s/ktO9zJp85BPbuLZ14KRBrMJfvi4A8UKKuvOdp76VfM5yp3WG7dkcfSvs995H7aL9sObHFwZtDaeicvrSfc1KFEvHNqTcvJcZ4G/X0jt3P5idbTvbTANE6zMKTabBxLUnweM0v/ehBi07ABwizk6q17rx4pP5vOSmDJdDY5YbZb5z8InBfPetH0/4Be0IqbGVcaVTajttq1FqtxkWTvtv8f/UK1FuooiiKDDrOGR6IKXYq3/dOf/3+9Nl5tf9/Bt3O//mpU7zQo6tFiSjDUfqBTgMNL1X5pU07kHzxwDSMzsXmI/c6YJviOI0Gd0YCtbja0Iyy5ke74urDQ/x1B0TWrNc/dZ8/61k/Dv7OP3I8tHWUhTz1N7pazT+cBaSCLhHX7jVqajal1Hpg/Tb0tM+jDl72dUD2s7O4nkIw99awxtFanV27UchkSAZpjcJV1Ikqm+TK1sP/rjwsW6dvTs5ed/pnzwfDN2ZbPQnp8yCYnsnRwPRw06sUA1G2YmtXcn3LVsgkXr7CGP1nL7/Psgn8Ke5krAsddu3UGzpT+72Ace0makhQbU5Y0qcmMoXMkY1pNUgd953WNHmD2YsCA75AWNunwBtBis0K+88CfWcB6H5Acu53HfUUnQlU0d/MTpx7uu+JF7ymQJ1OxqTc/szuXyVKlg0W/JOTwZs32l12BA4GSbWbVNrv9EWfxxHF1leWnXv5/lNBfPHq5ZvvX70YnPxdV16S4F5Yk+U+zCMooIpPUNS1OZGoLFedpqSBB0tONUd6o1gYebbuGto52L0TWzbhhIqUV/wlrvqrPGDKqRKrJ+b7/NrCwQtSSNLG3uh8Mi+l3jCStPfCaJidCOId4jvMtiUV5rZv7+sez/j1x08tpwE/ysTw+HzhuR8KSXtijbXr3c4vBBv1Oz8u4SPHs++l9mWPUIwveM5N4cp4mHBZvtcfOtvEGaJdIU1ULaJQyveaG5dUvSVgLIUASV8PUgTwO6sAr/FaIWpbX2+Rd5rASN4KNo/jZMd5/ernwcmroaNNixNDqbknzRYANh1I6qiGdqah3mfkhZRFSwY/hK0NbcNqXYlICS1mM850h0XQuk1Dmxt8kQ9rOH4qCCFsF1J0Vfor2T5F1bchzruUD9vW3diZTtyAiZKGPV9/rQwJB5l3/nkeM91CSPT2BaSvHAtheimNhhFzMUs5G5YcDuvDIRKJhm6gQWpFM4vTlYuJ8/u4lOhEiXpa9fvJ0+PYkrOvedT8XZwkLjEKHIvVwpMcKUu+1xxmiJjMgtgKHprFhUrHuxAinWtwdiVdAlrqQxiv43RKobsgtkJHnon0cPBkRH6u6wVfwJ6IxX8ZZvhMeAESrqGxn5uZ4tOQWVpET2gVsuktNmL6poRbRoGHxzJcR1VR6hLAd7Zw55debA1rQuMqWy3iKk6N/mk0q2XLbrarYrxgNMj6SEiOe5H2GiSZd/GIlbJFg1YbNEyNPtfq9I9drdCw1brTTgwryFk9slPENpFgyTMEp3uZ1MmeOUyLfieZLUhIR1H2l7CPlIyUCKaOxtgm5EWGOYoV+MxwJIuZBOrTAQlblf2s6h52/bu2LtHEQwlOhs6I5OmQsGSxPRXmjIpJR6lXwq0MawtW+UJQen85affyxvPmhFF8oIFUWDYVvXJkWkyETqY65yWNJvOtNgrLuvDnJKTlVAMRmRM9lkWETnPseYxE85zLC0xNZtcrWhZmGr9UaLkW7J+W78lBksIVvHIxtqcFL372VpIJKaZO48ADwA4yTzcezOMEmzjbhr6cdxm1MuwqGs3YUWqykvdKOWvhXwwT0EmC7PD6qyAUdTLhamwkrpYCDx53UoQOgADB6hoRHmM4O+O4NxkDNc3YHc+luaBaJVufs78zgSKh+GXL3ZEkjhxatvlkRumUOQH7drnQUs/UkqlMXsmlDcU/bXHREnH75cSGFO7b72bJ0aRMxGKlGVUiY1zR5mZ1zOhwfZNVGtW1SNnnAr0yA1oa8wog07vSipvxEuXeHkgkXtPwgZOufauo8Pvcq+Ayv9BUFs4SwYbv3xksPck/k/YaQZz92Xj1W+D/oDbjA2eJe/9NmBdOlQlkw4JQP/8i/+iZIbnHnTHOINu/fjCiEdR5OEcUxKhkngffqTvYRKCiwSePn8o7WxqIt7XU5VjpFrscNENNV3NhOV0szoihQ86ZGSxllEBE3pvJdBqOkYoiN4ixoMmajHgQPzXLmPmpYVO/7yjopiKZDRVJZH3XxfKrSqcij7fMnhLaQwz5MzSlehYFqShAtkrRoeydm7s/l0CmXfoOrSym3B9yh2VrF0Xqzsze2tRksVuPi1SP+o315AKseXHHjsFWbZx273nn9PRZ708664y5noEI7Tq4ClWwVPm3dYwr9fLVy0EB5ukTHnsXLtEvwxuwsyImj0aejOX8cf0L0ggAd0J++30XigbZOVTh/7zUSZO2iomUpIvE+hldj7F5tti3gTFfFBGkBKfLFAwwwLkNIwoZ+BfdqdsvsYO6aIKluf0S2xjzlET9hnDwosv3BrmK34xqDxjyWubgQWEqy90wRETIP+9JTovAX+Qg52HAHQ60XtXxYKft88Wi/1qsEqRQvLnxMzvZCy1CAUH41z25X7DwJKzWefQIFkb0wmHhe5yFnu0C6s6DFWV6jI2xyJrCEfF7a+srC65H+yC2Ht94+yTO8pXaVeBpRl0X1uObhXtNPISHlY5g0L1nYTfXDltsp80SGiXmZLDpjgqIwRqQRg7SoW4mgXfmzsfs1dXu4haiRRhaH57uk1xFJJtg+k6uC7sWui6qKAlwLzUGGnU2DzeOnKN6TpUBvq0zuZjgAtN0cnm1nN7GCBj4Fl+CWML2pG5KRbmNojj8UlSWTjkekAboGt78Me5fsP1qscy8Z0heOphdT/3bwHp44U+BqQ/L6bxC7jJnVXjFfTpeR15A+P9hNfVWH7350bl3LP4wuZVxTAcvIMywa+14lRoNy/wz/D1vfM5hK56eaHDc5nqIQ0zin2u9PfeuEOuggOaSd7jGgN9cycturfflIgn7W9ZWic6CNYMETA/Ul7IE/dMP4oAJZrSkYd2L9dHDzGr9hG1cruaEXlH22BBttZsEQ7WecR7zdLam9AJwBiuEdiDXP7VeekTrCBiGPhp+FfAFOpCiEduYQTfhnIe/ADizCuR+XHzXzh1P1hKrEPDGToLRKuArSPN7QXcnQneH87RbiEzi7Ll06hn6slwp4UWJIYsGT0KIyBbT5SpcDcP/5tKVMgHT3PlOcRBe3hl7c382oc3xF+mbfGzecg4k5iexnqW1VMqyHscfHxCCWMcW7Kz8X0lTvA6v8sSX1UKOIpehJqqNPx7HTWhLpDAKN57MD1FAIBpdFfYTPjj2lu5kasgAfR/CTEZoUb/PMoylWF6JbAbM5vM9ekSJr2J2kZZHspLfyTNE8OdXNdbf6HfedBKt48aaL2WW8bjNMv6FxPWIs/jKQ9nShZvZgeRhOtBFsjAwCrckJKl6VPdYt+9vbyzYwQqg2RR0C4BmIJhtiuXbZBwoNgzoGSawQLOj0GOmTpoD63L0K18mnQn99oUAMxmZo84GsbJz5SdP6vwiCsfVc+tb1qzrptG3AHAWL2k3QzAzEZmlvQ8cv62KHXjuYnRVQgp8wX2DfiNY/u7gIL4ZZYjglF4VUm3qSt/rDe3fvgtR4O6IOU1k5/kqgXtF7XIz08ziir+J/WQ8yR+YZ5Hxj+1wYLInwnAm9laAz97qTOyt0GqVsxIziUGzTd7cgl0DkZMdy70ctJKrRwQpYWzqmFmlpTe6mivVJ3sETU6a/Zm9j+4I3kR36XapI2N0hnlrJe4XzQpYnp/GYm+0WvqSJ7UAQZI6yjQYx0dR6o7MpeaIdCWhG9EqPNZXJMkzjF3F/VhWZrEzgKTrutFv5uA93ZpCQ8f2lJltKhQyT54mRPJNk+9sUyOkeCGAGtlaM+G6f2VI1LyJ0OYbegrpb6kYRoTMxD/D6w6jiIHVZNc9vbUF4CVCaZKQCleDJPi1VTKMeGCA+OnT5Jo7emckMn5t7dKZNnWw1PQQ9jb4JlHTIfKsDPiWmmtyBrz+xn1JgHFoxi7j3JOw363zDTtdeDZ02hImVC1eB+P88E/0a1qGuNuCZF5KjYC/TaPsjgszY8GbbOw7gTuzrlwkA0hkiYj1sjLMaVzOJTQDSQ3JDavCL6fFMemYg+/cDfRLXlevqKAeViEFEs5ZRLCoZmFtGMkUiHroqYHj0m8876gUO5ep4fLqkrKkRFLsyONcMuC5eEGnhQeipdISBpPlio0jMMckdicbIREZz/IJ1V0LRKnUiBndR+WZyqWLOc/DYkkR6mS1pU1zvK+R89hKyKoKxymyT5ZOZEcPdrBUImQiNNqxBUQy6sC+dAFsUQaMTFx7pGqz0UJlxBGbBtKhEzoD38KwRkYrQeVJVI4vtHZoRmxOlQRbEWxnutlEMn64kSEMRst/WhzHlqEaaYljbY6y/2NZJuYZy4R2vyJhWVhHloX5P9WyoDvvN4QefE7LQoEGPv8TaOAZG80/Sf9OI9WXUriNiKIEkBxEyVdINyrPWxqqciWSQ03uNMrWKUmTCVC+8qCJuvnS4p2k+I1at1nKL+kjmxSsHB1md3E7Xp5M4YK0dppcgHRAcmKxK4YON3eXs57P4Y3WF3We+Jg/UJj1KLsQBfsVdn0QX8DXR8lJ5qNLbFtKguanUj3TnBtq5BNnRXawzfa8vNUx9ZNDVXTxUBXDSs9Q68qA01pn24h8JrKg6TukzSx0XUapJiLbJXAtlOxEZ5mn7i7kNd5OF7i3/U5M/DNpA/NYG/iyysD8sysD0SXWqU94oF0aXF3DG70XLElBTG1t/P6zC+vWXwGfovyM554KKElREJWNMUUg0PGBSoY4uh1NSaJHVXIo2u5Hb5wnsesaaZ5oLsdKf9r1/annIowzSvSd08Hthg5uczuIgqkww2JNYOs7iRptX0eh8vE84gzu5SR04UpntAl6VRfg19kM8NST3spY+kXdbYn6/O03+ha9S8eGSZFVkYtskwS6JZ1iCazO8xgYsTxfuzG9ggOGN/h0FTgHsilM1rG/LjU5jSaEjHl9ZpRr4/ov4VrqLW4TfEpuPGS62GLvNu+fcarhad2mhFNE/qNxMrIQx1FEJiiECbDNaRRWSV54M/8jYjkuVFPVIH5HM6SVOE/n3BMWNPcCpMoKXwtgolJhRZw6ZG8CslThAIdUN0KmAl8ZwggXfGvmfgjLCDBVn8x5IPTjX6DWgIfTikvqxNODcqo/ucznSxSHv1p6C75mwkCFZZjdAJdz0tSQZFoO/WESml45P0x/S8tUSbuXErnl45/jG1wVvrL1JN4ivgf1Xp1DmBOj+6Ef+MJeMQa/3XuPsjBRTZ3KO2w5A8GKTRpleEYkRGq1dswZ4o/z89VncFkb5X0mPf3hFsnvi7NM8qIxwcycatPoag3ypS++BHxOCB4jNu4bhdfnrxfex4m/SlhlcefenX5gFoqAvyMrkZbX0gy6yT45jiv3WDw0X1uM7nTeJvHEcK/TjHAa0kXYpGMfXyr+EC6t4GI5vJmXJdhxGpEMWj3OxUncp3yc3ZB7wz4TDnz4ZAzM4EyEiR9yMTEXEuPk867vFfDZXB6b9gqnQNhkVgyZbkJiUYVVNDnKirlwTuB1lPd4s+maa+RkLn7MDw60u2nzA+t24k3HCNG2/kqyd5wc4xMCC5sVFVhY/T289YM4vwDxsgFYxZV/o5wyLPnGVu8ZmtP5XV0j43wUAV5G5n6Jj8RxRzpqV6WcPiBCcTkas/XQOSDpKuC4I+9XpLYnTgLKcMHpsROG9GjApc/RipbSSqe3eeK3tpQH2uM/hj09e+swI/3+oWzpf3JbcMaqvtmgGd7jCLNUNZp2pdVq1EoFmZSZt5hdDfpV/3wCtt54gf9DHgsMmVKhus1s6NEWRkx9zVTvOzCT0tacLBuJppkOlVId3aYJa0WpEsiZK6Zpe+mG4qGTg9CFsoulbCtn8SYLSXFfuiF2k73mQ/bUbjRkzj+bLzkzwmczEyU5bt51Rhg9FlPP/eiFKSmzhSLYu2syNUW3CxBAe+mxmVErDJ3Dju92ZaYaXZlp/J6ZyVZ8bmZ89Fkube4a3150PdIQ7n5fNyOTPLfYmqsFsP9ZOPGfJS56i7e248T5wY0cwzlz17F7vxwZl+KPsxTb4ZKFsqKcaFtdFK2kjY3pNremNrN0m5mpjbuFJJDrAJK0KYnuDELCfJOQ4ObJB2I6WYdywi398AcRBfDfP53kIrlAC6WYtUoCx7gZSQ9bCT6zgzy/nKvDkLfhu0a3pUfZUnLJH9zWDnH40Si8bJ7DptA41yjJ7NCvGdqQ1+R1VOjkkkwTsZsTxxn3oifzQltC1t1VxPr/QNqvOc1FlvFvF7FjqAy9QeCPVDScoFRZ2i0DbgzBNvHDnWKy8uOxClMyKFYIm3+ENbhs6zx65DQkEXnIJrNJe1Ve2ouLqG7e/Jo67HOobrRLUd03VXERt/XlOrW6BxobeX86ef51ZpSMGHw4Cg6D5WqMy5hHJFPhku+Yi4f9z/L9zfH74HzO/xy9D7Iy7xt9wNhcFd383gTD5cJfXQdHl75/OfXYLMa/HAejyRGbyo5nweVx07WrTadSH9nnXnPcqmdh6chd0purW5U4UW4Qo2IeFw8jCI+OjiA3ck5KGLTml2JBu0JWg7ncuB352EQOcODwhYup7y75gjUu6R4hqDU2t6HU2nzkoSiickhLcspFULY+uouz8Wp2rZjWYc1p19qNptNuRjZDelA6tA+kWOJccjzKPWBpkBiIGjp2rVlrVRu11oHcFHc/+pMxVvycUCKgiXmzWQQ3DhmiNphkqSXgaVyuiEgQ/ngSICuXoxfefD++Guyulv6hWghJBCmroIJwYydVWJcNYSKkJsIRoeoqsjcB1RG5EumV1Myd66PHdkQ4IcL61+r40cg3obOP7xsTTIjMHWcKZhNcP8tEL2aoDqiOwtRFGYClR+p+CFWyUiEJopPZamZd+0EwwX3xPb7ETCeVU9CG0fFhs1DlRvlKacLLsZJV5vqSEsfAd8+55OR8TJ84HiIatFaxJNXezdVkdCX3vRu1QxQq4DXG/qkb65xcTmUzyJpV31D3sqGvvfHCt76fEFXwgZ5Lz+WTMJkTKj7YiRvtym8UndwiE0dGS1gfcOwhU0bSfRrNMj0p06Msw4EGcEjiWEriTVhAkMuksq6yR3H96NGhHRFdU/PQQAJ5EmlC6fWoxDQpYuhqmO2qtk1XJQXKcHiQ6lP9mO21talXrdt0x/GP8cfsGHbDNMgFF8VJgy+/JZbDnABZSdhFDw1bkYAibVgi0DMZfTr/ddanr2+KmG4iPU6Y1HwiSGZIJHBKiHvrr+SYlqoVBstu0pO1+ngQ/kTIiHy46zCq6ILEkrFynmwe6A9SHbwa67XSMK82OE3c3HOi3HdUEeI83emmMt81U8f80kOu72UeeBwOHBmURulhQ0luzGLcOBbijOCN05XHrZLL9WzV5Y8LDvqQGnDa5sZk8RNqlGdl8NlkDf+66C+kTc19fWDCHJohsQitt7IICEgxFHsZNxYuv6d0QY4d2j4btZzUPnnkP10zNUPew0yi5pph26YWlYqlpjSVn1ZADGVLeV+WmSzgudVK8ad2u6T1l7Dyfac+fb1zdajQ8vkPb+ETIP48GQcGBf3BJAg8AhgNDKVB8fO29xfg/s2hHEV3mPeErB7C4vc0/BZ7x63wPnd+NV+tEitPxRyknbbshN2Zm4QFWPOL+OZXd8nP6JVZgSgTgPRCX7352Bt/3+uXVJVebcP2LkdEyNjpHpSw6Nlty6kanDawrlkeMq0bKhitVQ2cOQoSsfvVoPLmrHuiAlLemqwPDszYHCnzmxg515JfePgclrjnIl0B0RvI413vH0SciL9OoK9OloZwgxSnb7Sr/F6j0la6C20BC/lg8Zne+GR5cZWShaLFUJKA8wFJBejuNk6uFY1LQz1aW48x1KNbIL2jityzNA/+gqRQ5WRGp9FyxeGGnO2VOZGXuEYcDiW1w1WZd/zEmkM0buIxJhapThP4wUirHZO2JeEgonFwFsUJp40ihUgyNOVo5t786GbyYXLtjSfukb+4PMa34+5fe9W/dtpYur86zeAsWrzsch5aP4fvb+AZfzT5qYFSK1sJULTf5r4jGuBqBOD8IOcFlleYEMQClXUUCktJMcaxsy+6qdce8WlP/PCYpqC3uM0V3RID3Kv0s1s1qYQYoxEJHOM4ngkHYHFrrfFrXBfJ7Aemv/twBbcjcchG3r6OgMVVYSVskx/hrrGXqM9kWcrJjXvQSP6GQ0CzSwCt0h4GMIdMOb5tChoQLKdReSbvEGVQJly7mKkjSMPDXPlL4z5fWgALzwEkKUJu+porSRWKUnmB/fjbp473k965mPkYy9peGmtUc0/rffp3+56C/J5ud+tpeWBITLRVjvZEEV1zOvHJktSOyysO7JPr9LAbKXtY3ukBn5KUjN50Knn+kG1RrtvHzThZoXHUczDxMIshstEy33EtLkEhVTjDnIkTa+wj4Rlssh9QhmYsIfUzsNn4zj+BM7+9cW/pwLlIcWtYeRU6zZGPEeZb3mo0Re7MeRLyMJ5abrYxNTky4Z+kuEqgrElr+GjlVS2KmoDX7Nv7prfBXPYrxkej/EfjqMPsQ3Wp7XwESa6091FVrapwjsesEB31+auFoslEVSQL2MfcqsjcOpSrVwbwuAEv3ce8px95MBIgw6uh5yMicQzt3q8YebvR3bz+2as4yns6yhnd3W3087z+z9k8kfd0nDP6uTa6/qKxAMxnIJGreyOR7r2RyPNNJDKtDN1aeYVn1/GJzj683MbVeGnMCx03UOfPelDiUPJkLeWD334j/fZW+9FU0nodF8fN3im+LXp4Gde7zdfT5XSuTWvA5Ow28STxLE9mTnWQJy6nGo22aTQuaJSEKuH5HSc+mzcqhjPRdKQ3zdlSVakqTHpo2Ll496NW4T7n1O5aFewm/iTALBzajYb+Cmnc3QwuAcXCxufpxuebES+11eidrQaZ+yepzUa/SVOAmXRlR9gwb3Sb2yBDCxPr/nG7df+407qP00s5Llz3UbrxaId1Hyl03LDuY4Xsd1j30aZ1H++y7myxWyXMRh9zAn246zBlaAz2RyMIIfbF7UZmFMmg3zgDcW71OiF1H5Nvr4yjhHuSCE8yL1xmU84N62dcygI2XsC+QeJiZ8nHDLct4Ne0oHrjfJZMqxq3vQeL3t1Nd//CViPYf8B/MjajezQZ/RMtOrptQm6eZW0Smw3oYcvQbk09FaFk5zzwpygbyzTYcEvtXqbDzofMZDa5oL6YKcbg2wLESd3WRNJMRTbvYIjQRo9005QxKNRS2dPzXVRoM9XGTrgZ8hRyE8z5JdfMpSYLE2dtW1myJyyRKOGNH2ZDzKJfZ4poqcsrvm4pthqxhTxIeXNuD6yZ5875tilfgi1zfNVkrpwL8pATCaCI72TpZWtBqPJA0dBjj2gyguI41OtqFUxvsyF7NB6qPt9+benwILtNqtkTc7Mn6WbwChqaJW7/x4O/REEUufKq6hjJKxNMScrSI9wp4BryUrICbOQGno+lbzHr4YrXcK9NlrRoMH1h6NDhdmsoDpNHAm8zNCN8BC8ZKnCHBZimIBic7nLv9husU+qpcMVF2KDM3K6i0lncsoeIwdvs60dAl5pJIpYrNp1zEF3av5eUGMW2B7veviTHdCXpJtv+xECGcMqxn2thTuxghvh9ZpKmpgVSNsoQk0jJvgczqhrISLSicTSbjZlgaMHz6Z7k2yRIpedJDZR4ViyEbUV4/gDZj8xBhILW4SptjFHMxBxG67tDziNz4bmC1ANZ/I3iPh4k30Iai9Rb31k28bBDOw9ZktGN8Xvf0Rv0mp2JH9CT+QBMLWtPAaj6y98a3v0uAonAVh/TwEegc/Xv9D2vMNWD3rFmw4kTHCUvfEUbhY4zN79Mr9yaXolfiu9l6TM/VIlNvn2qipZnb2qxqrtO5A558DSVS8So8sbRQMk3v00nIdm4yNpCm6hLpYgivCFGKNJByAn5qkEReVCsdO5JGDiOJPK0z6NABZ2RIW9MxPbSqf+E7WayPWeO+EYOnA1AVvRlK06ZGS/jL1VCwfoPxszWkT3p6dNoo8O/fNk2zXfiOLSoP6ZOGb5jqSaJn7Ln3Yhmp94Sl6fEQZ1V8nFNQlVKVMIbR7ZcYszQ1bdUibTCGBY4+lWGrNj1LenglMw3EL0/CPV5wsKLODiH7VhlVWSOxKyFz4E+uewwQrXzRPrCLXXAwFtGsy9xByaNkJc7nstTGUqL4zOj2QNTCdRIdDGllQurU/JdDbMeOrpalEq29eSJJTBzQHnz4EDy3x7h1kx4VQtN/19719rctpFs/wrski3JS8ok+F5byXqz9t7cchyXlP22WRZEQhJsCuASVETdcvLb7/SZB+YJgrLsTbxmuWgRmGfPTM90T/dp2Li3eKMp/ECP/YgHQ+Pw41W5NWrM2WxZ3Bzsx/uiBuLg4VsMy7NTt6JkT4zdwlgDjd27XhcXBKMTvcjnoQlTx6O2mbZ8r7l0kWVyAhsQElrObqPXi2vGYt8mVxnN7eh/KSLb/0XPF3g8TabREq+OZsm60ursGCnViFv6+bnePVjoouUBbllnU9LA8ra+R2FlB/Gfalaui7/eMoYTiGMPef9YWGxVCb2lCkxGOl2xNcl+H6AqQkQVP1FcwJZGNouWM45K9Lsly2XnM1rbrKzTn06mb1/8bfr65aufatusCsKDBiXtMBbeO2B04HEk6yOmsw3GxXPZq6WpSJrl6sAqJ486seoqMi+GkO3ramDDGAC2PrxLD1RAPa6eUS4dHx9rOzr9biiGajNfeBU14YQ/usr7L4kRFqs/KB8sbFXpVzb4JbPBDw3ZoEEuD0NTXG6js7iqkyEuaqWwWSAniMkAFWFMMX7jzbsJZLtPvvnhc/LNlxsmnJRM0ml/4Rx084dloZuvPPS/iof+6ysP/Wge+q/PyUPfFGuXdf5hGGNerD0WAk+fUujE2fXiOlmn0UOW6KEC0FilF8kK2ldba2TkPwBchMB9r2Doq3B2RlDI37pRVpLFfZd96KsTtcnuvmSTI6ha8XGePdaa6VVJdi7zdHbGRKhiNRdIfp2fzTUgSvtNvzPHi2b5SSMmGRPLATXo2J2dvDBpOMB+gZ0ti1L82O/s28vcaCHZ5x2D57DWsDbxyswlQ7D9XBV+kyrleDKfi/CaizSByrK7r4e1mV2vSLU5hc7sWPFYQUDy0BqTqlI85jhF7WisE4qxMZndUSG2zRoswlVZn/vs8nZjnNxgvZZfMgpdpDlpd1O6R75K8ludLNyvRJJOdwsWiaZFnpZiHKReUnWhmW5SJYd+0lUDTsklhXVCGkobVbdMaloiv5jJasfiBJml2eKgUnCW0VM2P5tsX7tuWxqFPkSe0ajlnyfYbk+pyw4fxdMyqmpjI8UY5B4IJIBr0vPzdCb80oC8QEPKEsVPnvB027XqpV75x/sGApOIgHTIpzsrREhQgbFEE69cpnACnJEZTFrKqAeqAJEvaN8gmTcOCqd8sqAPv2NbLwkSsL4pvEclHSeApXH9zase3RQKCCFbk1q+sV+K53zNpsz039YJm56Txp+qaonpETh1fhpbNOHxZDRKv4QQ90c1LkF19mbY3mGEQ2htbLUvF8ksjQTf4XE3OFwXN8RJc2CXSb50iLDKpQDDkrsNIuDcrLL1Os39A4fISfk8+l4410l7qHmBBXJ0dLSVLtu83kSEP2EnLgZu99OfLijV8q7XdGK/H9YlLab/e7gXiTtfmddHMS946P3eWJfbqE/PulZfCutafFbWdQK7A4fDfJ+Xa3aok8CfFDlxw0EIuY3DfFUsl7DOTW/JVxlwlXNOTNjEUuPZT0IRLOEF8Hm4WB2n4V0NsxpTjPHrqjQgoErO8UbTNCwprBzW6IcNK453NKxAzcKMwbRr0Axs/dBJXkWYLIqXENLz1bgyBdoSLEmb7QFjDb4fQCSnASOR3CrE1B4hA5O3KJQXlEfPagZKF3chZJG4S0AlmZ1LdEwXBquCmkmD2gSyxEE3mBtnbl6wKbz607FWXkCVgISPrIRmPQ/E4qgXxh1Noa2X1JXDwb3+mScL/V9lIRsKr7xJxHel/UrVbNasy0iGcsJth9KJ3sXM6Vu7/aS35/pq8g7h73hcGDzUKr4XNSQXo5sx9LNivS6u6nk6oW//rpk6yLiFq5uU9WwHbXMaBO0HV2w2MooJI1OhSWKcxg5ApjL9pIcnE+BXbPaRU0uQbNxhLtpTxe9IGXb8PEE7/y4LOKjKMonj7ajIlhIoiuiwO0oqNfHwSNxCsP6pAG1CWX8U/YOEAyBmT0VpjMlAp7sokrnAC7/iL9WrvGgg8fAadp9XW0z0eSunfJCnl+liCUQdthI95wWjY8eqlCkHyzzY199P+XrZF/7Ys0VSlirhd0jIB24fvtnNyrJV0UaLPJcksqWewkQndZ7u339VIfsuygvfqcjWHu7tvvMAz37EN04x8oS0Hw8GzgnEEYH2zhbF7D3OaKiFbZt2yHrPzRHPFLg5og872cuWaIjmLdrDX/HPobzF4HEi2aTWEiqk9fKW8M49yENVr5fJ7P3Bfs6kIK3vEjG55izkOfl7N0ZekWH4WrvOq2XOp3xo3RVLAQumFuCVBmAWTpS4hvEfx/p5aw+o+ui4irmRbOQvv8MMTy+hTj03NCjOR9Kw9xQvl2quKRcN85ZbTa7gQUr4BfADuO6WyJrriiUPZPrmVymyIFU9X/Ocl4jKfWdOAvA651SjIOjZxQWHL87R0FZU3iRL/poYuzYNZM/kLR574x6sAYXDMjtvslyaSIdIJrU0YQBaL5DpnTBlVUtpaCrvRdZK/Sfq04+YwhdJSBkLHn8WZSihSF7Q2Fd8T8xW87DfkiM/4g2aFyluUREDVcYYAHsSHjUcxP9MQP4tsvekeqSoqrPZtfSYQdQHS6FBoUIw6AliEnT7HT64vPp9ulDjwQoGAz4V4L45hwMwHTcvtb1joGdlv7v9gVkZ184IbsuS3xD0WyL8iKGZhE6FHWZFGdBQzoxc3d6kitbAfhzRNbNZDVxLGTUUaWRyHGVYNZw8R5yA6q1BOYNgZvGkHkX4hIR1oFikmGDmOfI6X2cLODSdZwi5IWNglNBkibARPDyIPrRmRWKcW9j+yuvz82yWpTnhM+KqnecvWzwEBbU7uyyKuVDrFtdslC7YCVcFiFE1J2ue1Tc4ZxAQ1mtRxxEmCLRv5pTgsgXNCnHIYxXyrUG86gonmuIsOcvIBay+tkt26OdNk/NHpTD9l1kNzogsL5dlOltkZxwkMEpWgNKHA3QF3rlOZ5d59u/rVMPrpAn4Z7s4gdeJ81RBoWpm79PN7JJIhrAxsOcgX6Kng1Fn/FTOh3bSBs3anN5tio7CnvFiLlbJ8pLHSG6ztl6v0jbvZ5uf1KoWyM0RbEWc5sIbDrEUWxvx8J+dh8Il0fWWqZanCjEWPh0bjApw+ER/GYIxBS5+1cQKIJ/9MOrUMwnmqn7rmDIiX5VT4CyJSvS90mhGIHSp6qnMrvFzPb+9JRlUNzq4UwF6za6+ZNwglxE8zjdMroKvpvEN2nD3Mb7LOMt8v1qTrCVrPNSJYVXcSM2i05FORTsen5lgqbZYr89qFXCIGC1PrnF48jXMObMV8ePUPi3xszmMBAfqBYNbszLIHItxiSKflxykKF0kjMXNK4BfeDFeL7mToQbYHpSx7+OsH0okmvyRQsH9xJLQsZMHwE7uH/X7vwYvLflIv6WRq5E/WtW4fJVItkokOCxnJScqvM2p3392Qwp8QYJJS14iG6S6D/GE9+AmFEkjDo8ra96KJuwa42BalmnIpJr0zWe9Y4NIl895ulkvxYgq7PC3//OWnePZ9js4io86sHh9LlYsO5Qd5en6KcvbVnm/OTIJtNv92N9/eOtVoxnN2/cBnDa11d+z7uGrTtcY52P+Ls3DyaHf/JE+cpUsrbq9YIcP+GKqoAL8CjgZjsOUULdVIFuykXOgYoN2ZEyXI2moRl7LCFV4cHoS6iyhb08Ltj07Ws+NTVDffazgDBuCuKCVrJgCNNe0+QrxRDBmLVVeGNu7CIbEtub1TSqgxMtlOuMxLz3ykmT3FRmolXUjbrM/QRF3IFGqcx1XTzOTtIg2lSymVZgWxx9VHK3Xq2uXkfP7cLHhPVCxhNja46wE12xgLt+ojfEOPfdUutE2jtrVYzNyV60s+84P0WyK+hduo3lWFRgeG73E2pWxrSuiO279obH39t9uipoSHzNH6+A4fiAgfVo2wp5ZhZiZu2gG/Ohsp2RrliWm+yJ+RmZ8HlK3OCTjHokWdQsaFXmSZuPLLzMz3w0Tmc/rzG13gKeK5M6R7xNbp9EOxM4PTG6z7K68gO33ZPal2cJwPxvlKKA5IZENxM/RoygGREyNVZyBg3E20wRaicPYDRnKNelfHdKi1oXOz9GH48gCwRL/uRP5u8uU7qOgOOMRLIQPBiYgNg1nnr0oy+srqWnaW0cQldI1n9QkHbJxbHGNlJpZlwlHkl2tilUEwZNiVTx50h53BJriVZJRWLs1TdBMwSpWkGZ2RfOMtEln12uhc2PFODBIxmKQsSdVRrq9nc1WBVsXSpAnYYpudiuAGkIgjW7SMwJ+RHBiYYMA2z22NneQQl2psSnGkpIWcR+tk4U+TSJM/ZCRw9Kjl/GjcefRpHfCqJZPaXyBWTUFniNP08a7SL0D1uOvVlArt9q7SK1jIbTGNUKr3CL3asTRypHQXMDqPsIn2bm7uPBAEoL0JHoIkMyDWZGvV8ViIac8n8SauvfwoVPOX2YF+XCcrtkMTFbz8vuLvFilp3SO8LAP8CHRByZgdIc91rYIPY7iZ0x2ZCWeM2IyaanX6cAFxiylki21UjrDqpSeUUo0HjQtZdyNqlL6ZinDxqUMx1opA7OUQeNSBkOtlKFZSr95KR2tlJFVSmPq9ntaKWOzlF7jtvRGWikTq5TGbelpY9Q150sUN25LPNBKscYobj7rtJHuWnTphtvi+4hSYhqjhgvspUKTilzfOfLRpGMG8TN1zmgZzpkiVVa+ZEcvtmWwdf4gK3+sDkT0+XyAdcRjpkImtyBNecyh+z8CQfNGFv1bTvIkSzU7y9znIavm5B6ofbeTlIcaInJAvFW22Y0iv9mHtpDB0W7d9qrsMIPI+7IKbqtUeNauKJR4PIdHj8dfSG94T1ikXou+B/ge4bvbpf+6eNHFo+6EvmM8ifF3D2l6eNvH33287ePJAH8PJp6IR0MkHiLZCH+PkHiEYsf4e4y/J7zqDiXqdnr4HuGbXnfRvm6MJ2hNl7XGra/bQ+o+vgdIN0CeIfKjIV00oYsmdMdIM+HfeI6GdCf0NgZtYlAijn31xaBP3EMK1B2DPvGAf1NZMeqOh3gLIsQjPEfdMYgQo+4eetxDrT3WY8/wYYR6oEAP49Hr828qvYeR6A3wN/raQ1976GsPNfVA7h562Qe1+6Bwv+sbv36MFD3+3cM3UmP8+6i1j172MdR99LWPuvuotT/G36BwH1QdYHQHHV99A9Q3AMUHoOQA/RugjgFKH4CSA1ByAEoOUMcANBygjiF6NgQ9h5g7w65v/IaY60P0b9jn30iNWoeg5xD0HKJ/Q9BziFqHoOcQPRt1+DelHKHMkXe+jEDDEWg4Qk0jzJQR+jdCHSP0b4SaRujZCKM1RuljzI5xzL97+Mbb2EfPMWoaox9j1DFGb8ag5Bj9GGMejtGbMeqbgG4T1DRBbyaY5xPMuAnoNOn7+jdBTROM/wQjNEEdE5Q+Aa0mk5GZ0a8N281Cnn6cvHnx2u+x4hptCuASwUhrbDfpI5IBsdivvNdSNFAhuArCTxCeHGnvclejbbIfHZzbFNmOutFDboTMniYrdkg7V5IaCfeg4UOzJfc1DVhNaULHQrlHJqUYV++wq8v/w+pySt7681whleuqIps/Fr1FP4vUwcLdOaT+9BtSN/AKvAeiTDlV2H8XdGaXB+BaGj2gEuqpItZnBf7cBWSzOo4dH4s6dqOUcTORs68acKJ82o14MMXgVRZLEztpHP3+3gpppl0vBJICc6eZYw+SEHj2SnEJWM6SvHuwlyNeDDdxNDEG8so913AAJiMsx5z/flwC0Thb1BG3YXl0w6ZUl+ZMZUXH7TqhgFTP9HjwTBpdtqJLin4bwZTPZUbRjBSjEWMii0xZc4iPMtSyBZrVDtKMSlwhJawqRXG8H1B8s22kfLbjQtU2J6LTVCnLxBoQM+RQuhvIFDWbVgU7tNLA9h8LR4BXrzwt5614R2qBZ9FB5dT47pBEH9T1Lsjz3hFDjgfBRe2T8izaeH5iYsVDUi5n5CL5DrEKrDQrHYshuKd5vDbWIaivxDVH4I7ubLE7GyzirSbtb66K+VtyiV9ROv+B5gFFMjEmMeNoxkPGIvzbhTE47P/nRBtfbjFOwYMMmntbNVd0zDewstl2q4OF02eLJCzGxfMotFE0oU6Dimu3BKsMTVHw6YA5dvZrbHhDaPr287eWYZhsBvG+UISU4G1+fn3Ft3pamwdZvj5UvsNPnW3jry9OX5quCUj4yN1gKKWbkHb958/FL3NLnSWr1a3Yd+qWuQe1MLTuTeC3im0+kc35k6jW5gGyLZIcKMhPjemrf7x+7Z7SrRqtotqyiifNynRO8zJ/KEwCr5nqdTr4q8dOQ5sE7bZTJsdhvM7FRAxfFtfde94PcNenWmSr7YtMW2O/0yWGkZ7KheZLrTzY3WwCnOBAW5+HYne2p57Wndr5F1ko8qZCvSqlxnZ0C0/w8IIm0Y+CjIGOR5x+H7ZxBifvY52Sh6CiNiDbGUStLagT84NLatwTzBP40rsE30jbdWcRnaRXxS9pqbANScwt+Zl+xdYIvLsP2ODnKa2mZHV7SIYLZECwToQ1erJkUj9bZmRpYGN7Oqs1aLu9zbabVA+817ub2rgICc46V6CwDZFYVPoqEowJW2LM2098jYXjlYjabbVLgfkGj5E2bq+KR2Kj9gZK9p/Q3IdSReINC3bH27R76/TZjJ2iP1+XzRUuG/HYrN/lvw9MTUrQNrZhfSYv8Vgh34XE3ngk3mAkdkk2o/TuJFvikNBnVzzoqjLJjw3W7musBRItSOyltndM/OHt2DA0488h5iqCWKKJzTlrQyaqzxKHfTob824BCXWSe8fHp3Sw5EB2Sk1lxbbu3jsiW+NmcXKewPsxRPK9LF9er3lS550wdcvY6fQq26RzZ0ysbA1Hgi8I4ZXJG9DSKwvi2hzoiaJvxco6zxYLQpbQXrZEvwiKiN8+3xO85VmWszOEwAMqLXTLskxzsiW+C7rl3kbA4TgveBWh84adqeEQWNDLj/c2CjzxU4gQZ2RaByQTFEMIYM9ILUte1Nzgh795qhv8iMSPj8nySiSWIkU0Dp625cNqSUud62anIzZA1zY8pKgSLIKn643gveR47A08odqo1Jljk2ROwgPx14NjHosdReMRTWsg0lTVK3k5OqJfLgzbYUsbivsCqm66HLw41ZqTpjSXXKV0Mp/7vEr/s+tkdQ/rBIMkIDA2CvXimW8xmaP7+deTGofo2GwKh7JX08i9fhGudVorv9HX37dRW/tFUXZVQkeZrrVBRhMA9akK1wHITMW2g7Y73V1i+hiHpY0Y+1QP7hmt6tYWnd6BzliU2H64XW63GZLWzENxn7ITV9J5TmhqBuZExYrQA6MlR1rSZ55zi6hGpbFXQsWTnsKfhVwq30ewCY8uixvwifNisShuiGvIpUroFmmUaWFGANOcrOGLOU/PM0LrfyPgb5OcjlvZRc7SLQrJFwj0dh314jZnYFzD+C75JQGEGzE4qmPYbwt9nss6vyvyX9IVY4y8EGBEXxDWClV72yjirYshdUfWxeqOUac3EJQxGByo680+vBvD4+HrKF/jrHtWj0P9lJh/bjfveq5HC+IMoX/CkNrXuegkS7jfqiJHsNneD4SI8EJWUoCSfSrj5zry/O3lSTvNZ8VcXCb7EQXJlUW4BRAFtUxq3pCXTJoKRy4gqqTRyekL4fQRvU9vS/Ci65IDLEQ/LtP89PS1S37SP4mbtq0KqKYAhObMdEaGd+bF6Zvua+SXtt+BrVMI3uQgvBm9CikHwHoq0Vm+9YYkdma3yOfbfEXxPPF3yRO6Vd+MO4wtGxFhWpENOc3+/T+soLCX��phpseclib/openssl.cnf��0000644��00000000150�15104540706�0010666 0��ustar�00��# minimalist openssl.cnf file for use with phpseclib HOME = . RANDFILE = $ENV::HOME/.rnd [ v3_ca ] ��phpseclib/System/SSH_Agent.php��0000644��00000003513�15104540706�0012271 0��ustar�00��<?php /* * Pure-PHP ssh-agent client wrapper * * PHP versions 4 and 5 * * Originally System_SSH_Agent was accessed as System/SSH_Agent.php instead of * System/SSH/Agent.php. The problem with this is that PSR0 compatible autoloaders * don't support that kind of directory layout hence the package being moved and * this "alias" being created to maintain backwards compatibility. * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category System * @package System_SSH_Agent * @author Jim Wigginton <terrafrost@php.net> * @copyright 2014 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net * @internal See http://api.libssh.org/rfc/PROTOCOL.agent / require_once 'SSH/Agent.php'; ��phpseclib/System/SSH/Agent.php��0000644��00000037732�15104540706�0012223 0��ustar�00��<?php /* * Pure-PHP ssh-agent client. * * PHP versions 4 and 5 * * Here are some examples of how to use this library: * <code> * <?php * include 'System/SSH/Agent.php'; * include 'Net/SSH2.php'; * * $agent = new System_SSH_Agent(); * * $ssh = new Net_SSH2('www.domain.tld'); * if (!$ssh->login('username', $agent)) { * exit('Login Failed'); * } * * echo $ssh->exec('pwd'); * echo $ssh->exec('ls -la'); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category System * @package System_SSH_Agent * @author Jim Wigginton <terrafrost@php.net> * @copyright 2014 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net * @internal See http://api.libssh.org/rfc/PROTOCOL.agent / /#@+ Message numbers * * @access private / // to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1) define('SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES', 11); // this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2). define('SYSTEM_SSH_AGENT_IDENTITIES_ANSWER', 12); define('SYSTEM_SSH_AGENT_FAILURE', 5); // the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3) define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13); // the SSH1 response is SSH_AGENT_RSA_RESPONSE (4) define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14); /#@-/ /*@+ Agent forwarding status * * @access private / // no forwarding requested and not active define('SYSTEM_SSH_AGENT_FORWARD_NONE', 0); // request agent forwarding when opportune define('SYSTEM_SSH_AGENT_FORWARD_REQUEST', 1); // forwarding has been request and is active define('SYSTEM_SSH_AGENT_FORWARD_ACTIVE', 2); /#@-/ /*@+ Signature Flags * * See https://tools.ietf.org/html/draft-miller-ssh-agent-00#section-5.3 * * @access private / define('SYSTEM_SSH_AGENT_RSA2_256', 2); define('SYSTEM_SSH_AGENT_RSA2_512', 4); /#@-/ /** * Pure-PHP ssh-agent client identity object * * Instantiation should only be performed by System_SSH_Agent class. * This could be thought of as implementing an interface that Crypt_RSA * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. * The methods in this interface would be getPublicKey, setSignatureMode * and sign since those are the methods phpseclib looks for to perform * public key authentication. * * @package System_SSH_Agent * @author Jim Wigginton <terrafrost@php.net> * @access internal / class System_SSH_Agent_Identity { /* * Key Object * * @var Crypt_RSA * @access private * @see self::getPublicKey() / var $key; /* * Key Blob * * @var string * @access private * @see self::sign() / var $key_blob; /* * Socket Resource * * @var resource * @access private * @see self::sign() / var $fsock; /* * Signature flags * * @var int * @access private * @see self::sign() * @see self::setHash() / var $flags = 0; /* * Default Constructor. * * @param resource $fsock * @return System_SSH_Agent_Identity * @access private / function __construct($fsock) { $this->fsock = $fsock; } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @param resource $fsock * @access public / function System_SSH_Agent_Identity($fsock) { $this->__construct($fsock); } /* * Set Public Key * * Called by System_SSH_Agent::requestIdentities() * * @param Crypt_RSA $key * @access private / function setPublicKey($key) { $this->key = $key; $this->key->setPublicKey(); } /* * Set Public Key * * Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key * but this saves a small amount of computation. * * @param string $key_blob * @access private / function setPublicKeyBlob($key_blob) { $this->key_blob = $key_blob; } /* * Get Public Key * * Wrapper for $this->key->getPublicKey() * * @param int $format optional * @return mixed * @access public / function getPublicKey($format = null) { return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format); } /* * Set Signature Mode * * Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie. * ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1 * * @param int $mode * @access public / function setSignatureMode($mode) { } /* * Set Hash * * ssh-agent doesn't support using hashes for RSA other than SHA1 * * @param string $hash * @access public / function setHash($hash) { $this->flags = 0; switch ($hash) { case 'sha1': break; case 'sha256': $this->flags = SYSTEM_SSH_AGENT_RSA2_256; break; case 'sha512': $this->flags = SYSTEM_SSH_AGENT_RSA2_512; break; default: user_error('The only supported hashes for RSA are sha1, sha256 and sha512'); } } /* * Create a signature * * See "2.6.2 Protocol 2 private key signature request" * * @param string $message * @return string * @access public / function sign($message) { // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE $packet = pack('CNaNaN', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, $this->flags); $packet = pack('Na', strlen($packet), $packet); if (strlen($packet) != fputs($this->fsock, $packet)) { user_error('Connection closed during signing'); } $length = current(unpack('N', fread($this->fsock, 4))); $type = ord(fread($this->fsock, 1)); if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) { user_error('Unable to retreive signature'); } $signature_blob = fread($this->fsock, $length - 1); $length = current(unpack('N', $this->_string_shift($signature_blob, 4))); if ($length != strlen($signature_blob)) { user_error('Malformed signature blob'); } $length = current(unpack('N', $this->_string_shift($signature_blob, 4))); if ($length > strlen($signature_blob) + 4) { user_error('Malformed signature blob'); } $type = $this->_string_shift($signature_blob, $length); $this->_string_shift($signature_blob, 4); return $signature_blob; } /** * String Shift * * Inspired by array_shift * * @param string $string * @param int $index * @return string * @access private / function _string_shift(&$string, $index = 1) { $substr = substr($string, 0, $index); $string = substr($string, $index); return $substr; } } /* * Pure-PHP ssh-agent client identity factory * * requestIdentities() method pumps out System_SSH_Agent_Identity objects * * @package System_SSH_Agent * @author Jim Wigginton <terrafrost@php.net> * @access public / class System_SSH_Agent { /* * Socket Resource * * @var resource * @access private / var $fsock; /* * Agent forwarding status * * @access private / var $forward_status = SYSTEM_SSH_AGENT_FORWARD_NONE; /* * Buffer for accumulating forwarded authentication * agent data arriving on SSH data channel destined * for agent unix socket * * @access private / var $socket_buffer = ''; /* * Tracking the number of bytes we are expecting * to arrive for the agent socket on the SSH data * channel / var $expected_bytes = 0; /* * Default Constructor * * @return System_SSH_Agent * @access public / function __construct($address = null) { if (!$address) { switch (true) { case isset($_SERVER['SSH_AUTH_SOCK']): $address = $_SERVER['SSH_AUTH_SOCK']; break; case isset($_ENV['SSH_AUTH_SOCK']): $address = $_ENV['SSH_AUTH_SOCK']; break; default: user_error('SSH_AUTH_SOCK not found'); return false; } } $this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr); if (!$this->fsock) { user_error("Unable to connect to ssh-agent (Error $errno: $errstr)"); } } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @access public / function System_SSH_Agent($address = null) { $this->__construct($address); } /* * Request Identities * * See "2.5.2 Requesting a list of protocol 2 keys" * Returns an array containing zero or more System_SSH_Agent_Identity objects * * @return array * @access public / function requestIdentities() { if (!$this->fsock) { return array(); } $packet = pack('NC', 1, SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES); if (strlen($packet) != fputs($this->fsock, $packet)) { user_error('Connection closed while requesting identities'); return array(); } $length = current(unpack('N', fread($this->fsock, 4))); $type = ord(fread($this->fsock, 1)); if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) { user_error('Unable to request identities'); return array(); } $identities = array(); $keyCount = current(unpack('N', fread($this->fsock, 4))); for ($i = 0; $i < $keyCount; $i++) { $length = current(unpack('N', fread($this->fsock, 4))); $key_blob = fread($this->fsock, $length); $key_str = 'ssh-rsa ' . base64_encode($key_blob); $length = current(unpack('N', fread($this->fsock, 4))); if ($length) { $key_str.= ' ' . fread($this->fsock, $length); } $length = current(unpack('N', substr($key_blob, 0, 4))); $key_type = substr($key_blob, 4, $length); switch ($key_type) { case 'ssh-rsa': if (!class_exists('Crypt_RSA')) { include_once 'Crypt/RSA.php'; } $key = new Crypt_RSA(); $key->loadKey($key_str); break; case 'ssh-dss': // not currently supported break; } // resources are passed by reference by default if (isset($key)) { $identity = new System_SSH_Agent_Identity($this->fsock); $identity->setPublicKey($key); $identity->setPublicKeyBlob($key_blob); $identities[] = $identity; unset($key); } } return $identities; } /* * Signal that agent forwarding should * be requested when a channel is opened * * @param Net_SSH2 $ssh * @return bool * @access public / function startSSHForwarding($ssh) { if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_NONE) { $this->forward_status = SYSTEM_SSH_AGENT_FORWARD_REQUEST; } } /* * Request agent forwarding of remote server * * @param Net_SSH2 $ssh * @return bool * @access private / function _request_forwarding($ssh) { $request_channel = $ssh->_get_open_channel(); if ($request_channel === false) { return false; } $packet = pack( 'CNNaC', NET_SSH2_MSG_CHANNEL_REQUEST, $ssh->server_channels[$request_channel], strlen('auth-agent-req@openssh.com'), 'auth-agent-req@openssh.com', 1 ); $ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST; if (!$ssh->_send_binary_packet($packet)) { return false; } $response = $ssh->_get_channel_packet($request_channel); if ($response === false) { return false; } $ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN; $this->forward_status = SYSTEM_SSH_AGENT_FORWARD_ACTIVE; return true; } /** * On successful channel open * * This method is called upon successful channel * open to give the SSH Agent an opportunity * to take further action. i.e. request agent forwarding * * @param Net_SSH2 $ssh * @access private / function _on_channel_open($ssh) { if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_REQUEST) { $this->_request_forwarding($ssh); } } /* * Forward data to SSH Agent and return data reply * * @param string $data * @return data from SSH Agent * @access private / function _forward_data($data) { if ($this->expected_bytes > 0) { $this->socket_buffer.= $data; $this->expected_bytes -= strlen($data); } else { $agent_data_bytes = current(unpack('N', $data)); $current_data_bytes = strlen($data); $this->socket_buffer = $data; if ($current_data_bytes != $agent_data_bytes + 4) { $this->expected_bytes = ($agent_data_bytes + 4) - $current_data_bytes; return false; } } if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) { user_error('Connection closed attempting to forward data to SSH agent'); } $this->socket_buffer = ''; $this->expected_bytes = 0; $agent_reply_bytes = current(unpack('N', fread($this->fsock, 4))); $agent_reply_data = fread($this->fsock, $agent_reply_bytes); $agent_reply_data = current(unpack('a', $agent_reply_data)); return pack('Na', $agent_reply_bytes, $agent_reply_data); } } ��phpseclib/bootstrap.php��0000644��00000000700�15104540706�0011242 0��ustar�00��<?php /* * Bootstrapping File for phpseclib * * @license http://www.opensource.org/licenses/mit-license.html MIT License / if (extension_loaded('mbstring')) { // 2 - MB_OVERLOAD_STRING if (ini_get('mbstring.func_overload') & 2) { throw new \UnexpectedValueException( 'Overloading of string functions using mbstring.func_overload ' . 'is not supported by phpseclib.' ); } } ��phpseclib/Net/SSH1.php��0000644��00000156435�15104540706�0010512 0��ustar�00��<?php /* * Pure-PHP implementation of SSHv1. * * PHP versions 4 and 5 * * Here's a short example of how to use this library: * <code> * <?php * include 'Net/SSH1.php'; * * $ssh = new Net_SSH1('www.domain.tld'); * if (!$ssh->login('username', 'password')) { * exit('Login Failed'); * } * * echo $ssh->exec('ls -la'); * ?> * </code> * * Here's another short example: * <code> * <?php * include 'Net/SSH1.php'; * * $ssh = new Net_SSH1('www.domain.tld'); * if (!$ssh->login('username', 'password')) { * exit('Login Failed'); * } * * echo $ssh->read('username@username:~$'); * $ssh->write("ls -la\n"); * echo $ssh->read('username@username:~$'); * ?> * </code> * * More information on the SSHv1 specification can be found by reading * {@link http://www.snailbook.com/docs/protocol-1.5.txt protocol-1.5.txt}. * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Net * @package Net_SSH1 * @author Jim Wigginton <terrafrost@php.net> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /#@+ Encryption Methods * * @see self::getSupportedCiphers() * @access public / /* * No encryption * * Not supported. / define('NET_SSH1_CIPHER_NONE', 0); /* * IDEA in CFB mode * * Not supported. / define('NET_SSH1_CIPHER_IDEA', 1); /* * DES in CBC mode / define('NET_SSH1_CIPHER_DES', 2); /* * Triple-DES in CBC mode * * All implementations are required to support this / define('NET_SSH1_CIPHER_3DES', 3); /* * TRI's Simple Stream encryption CBC * * Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, does define it (see cipher.h), * although it doesn't use it (see cipher.c) / define('NET_SSH1_CIPHER_BROKEN_TSS', 4); /* * RC4 * * Not supported. * * @internal According to the SSH1 specs: * * "The first 16 bytes of the session key are used as the key for * the server to client direction. The remaining 16 bytes are used * as the key for the client to server direction. This gives * independent 128-bit keys for each direction." * * This library currently only supports encryption when the same key is being used for both directions. This is * because there's only one $crypto object. Two could be added ($encrypt and $decrypt, perhaps). / define('NET_SSH1_CIPHER_RC4', 5); /* * Blowfish * * Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, defines it (see cipher.h) and * uses it (see cipher.c) / define('NET_SSH1_CIPHER_BLOWFISH', 6); /#@-/ /*#@+ Authentication Methods * * @see self::getSupportedAuthentications() * @access public / /* * .rhosts or /etc/hosts.equiv / define('NET_SSH1_AUTH_RHOSTS', 1); /* * pure RSA authentication / define('NET_SSH1_AUTH_RSA', 2); /* * password authentication * * This is the only method that is supported by this library. / define('NET_SSH1_AUTH_PASSWORD', 3); /* * .rhosts with RSA host authentication / define('NET_SSH1_AUTH_RHOSTS_RSA', 4); /#@-/ /*#@+ Terminal Modes * * @link http://3sp.com/content/developer/maverick-net/docs/Maverick.SSH.PseudoTerminalModesMembers.html * @access private / define('NET_SSH1_TTY_OP_END', 0); /#@-/ /** * The Response Type * * @see self::_get_binary_packet() * @access private / define('NET_SSH1_RESPONSE_TYPE', 1); /* * The Response Data * * @see self::_get_binary_packet() * @access private / define('NET_SSH1_RESPONSE_DATA', 2); /#@+ Execution Bitmap Masks * * @see self::bitmap * @access private / define('NET_SSH1_MASK_CONSTRUCTOR', 0x00000001); define('NET_SSH1_MASK_CONNECTED', 0x00000002); define('NET_SSH1_MASK_LOGIN', 0x00000004); define('NET_SSH1_MASK_SHELL', 0x00000008); /#@-/ /*#@+ @access public * @see self::getLog() / /* * Returns the message numbers / define('NET_SSH1_LOG_SIMPLE', 1); /* * Returns the message content / define('NET_SSH1_LOG_COMPLEX', 2); /* * Outputs the content real-time / define('NET_SSH1_LOG_REALTIME', 3); /* * Dumps the content real-time to a file / define('NET_SSH1_LOG_REALTIME_FILE', 4); /#@-/ /*#@+ @access public * @see self::read() / /* * Returns when a string matching $expect exactly is found / define('NET_SSH1_READ_SIMPLE', 1); /* * Returns when a string matching the regular expression $expect is found / define('NET_SSH1_READ_REGEX', 2); /#@-/ /** * Pure-PHP implementation of SSHv1. * * @package Net_SSH1 * @author Jim Wigginton <terrafrost@php.net> * @access public / class Net_SSH1 { /* * The SSH identifier * * @var string * @access private / var $identifier = 'SSH-1.5-phpseclib'; /* * The Socket Object * * @var object * @access private / var $fsock; /* * The cryptography object * * @var object * @access private / var $crypto = false; /* * Execution Bitmap * * The bits that are set represent functions that have been called already. This is used to determine * if a requisite function has been successfully executed. If not, an error should be thrown. * * @var int * @access private / var $bitmap = 0; /* * The Server Key Public Exponent * * Logged for debug purposes * * @see self::getServerKeyPublicExponent() * @var string * @access private / var $server_key_public_exponent; /* * The Server Key Public Modulus * * Logged for debug purposes * * @see self::getServerKeyPublicModulus() * @var string * @access private / var $server_key_public_modulus; /* * The Host Key Public Exponent * * Logged for debug purposes * * @see self::getHostKeyPublicExponent() * @var string * @access private / var $host_key_public_exponent; /* * The Host Key Public Modulus * * Logged for debug purposes * * @see self::getHostKeyPublicModulus() * @var string * @access private / var $host_key_public_modulus; /* * Supported Ciphers * * Logged for debug purposes * * @see self::getSupportedCiphers() * @var array * @access private / var $supported_ciphers = array( NET_SSH1_CIPHER_NONE => 'No encryption', NET_SSH1_CIPHER_IDEA => 'IDEA in CFB mode', NET_SSH1_CIPHER_DES => 'DES in CBC mode', NET_SSH1_CIPHER_3DES => 'Triple-DES in CBC mode', NET_SSH1_CIPHER_BROKEN_TSS => 'TRI\'s Simple Stream encryption CBC', NET_SSH1_CIPHER_RC4 => 'RC4', NET_SSH1_CIPHER_BLOWFISH => 'Blowfish' ); /* * Supported Authentications * * Logged for debug purposes * * @see self::getSupportedAuthentications() * @var array * @access private / var $supported_authentications = array( NET_SSH1_AUTH_RHOSTS => '.rhosts or /etc/hosts.equiv', NET_SSH1_AUTH_RSA => 'pure RSA authentication', NET_SSH1_AUTH_PASSWORD => 'password authentication', NET_SSH1_AUTH_RHOSTS_RSA => '.rhosts with RSA host authentication' ); /* * Server Identification * * @see self::getServerIdentification() * @var string * @access private / var $server_identification = ''; /* * Protocol Flags * * @see self::Net_SSH1() * @var array * @access private / var $protocol_flags = array(); /* * Protocol Flag Log * * @see self::getLog() * @var array * @access private / var $protocol_flag_log = array(); /* * Message Log * * @see self::getLog() * @var array * @access private / var $message_log = array(); /* * Real-time log file pointer * * @see self::_append_log() * @var resource * @access private / var $realtime_log_file; /* * Real-time log file size * * @see self::_append_log() * @var int * @access private / var $realtime_log_size; /* * Real-time log file wrap boolean * * @see self::_append_log() * @var bool * @access private / var $realtime_log_wrap; /* * Interactive Buffer * * @see self::read() * @var array * @access private / var $interactiveBuffer = ''; /* * Timeout * * @see self::setTimeout() * @access private / var $timeout; /* * Current Timeout * * @see self::_get_channel_packet() * @access private / var $curTimeout; /* * Log Boundary * * @see self::_format_log() * @access private / var $log_boundary = ':'; /* * Log Long Width * * @see self::_format_log() * @access private / var $log_long_width = 65; /* * Log Short Width * * @see self::_format_log() * @access private / var $log_short_width = 16; /* * Hostname * * @see self::Net_SSH1() * @see self::_connect() * @var string * @access private / var $host; /* * Port Number * * @see self::Net_SSH1() * @see self::_connect() * @var int * @access private / var $port; /* * Timeout for initial connection * * Set by the constructor call. Calling setTimeout() is optional. If it's not called functions like * exec() won't timeout unless some PHP setting forces it too. The timeout specified in the constructor, * however, is non-optional. There will be a timeout, whether or not you set it. If you don't it'll be * 10 seconds. It is used by fsockopen() in that function. * * @see self::Net_SSH1() * @see self::_connect() * @var int * @access private / var $connectionTimeout; /* * Default cipher * * @see self::Net_SSH1() * @see self::_connect() * @var int * @access private / var $cipher; /* * Default Constructor. * * Connects to an SSHv1 server * * @param string $host * @param int $port * @param int $timeout * @param int $cipher * @return Net_SSH1 * @access public / function __construct($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES) { if (!class_exists('Math_BigInteger')) { include_once 'Math/BigInteger.php'; } // Include Crypt_Random // the class_exists() will only be called if the crypt_random_string function hasn't been defined and // will trigger a call to __autoload() if you're wanting to auto-load classes // call function_exists() a second time to stop the include_once from being called outside // of the auto loader if (!function_exists('crypt_random_string') && !class_exists('Crypt_Random') && !function_exists('crypt_random_string')) { include_once 'Crypt/Random.php'; } $this->protocol_flags = array( 1 => 'NET_SSH1_MSG_DISCONNECT', 2 => 'NET_SSH1_SMSG_PUBLIC_KEY', 3 => 'NET_SSH1_CMSG_SESSION_KEY', 4 => 'NET_SSH1_CMSG_USER', 9 => 'NET_SSH1_CMSG_AUTH_PASSWORD', 10 => 'NET_SSH1_CMSG_REQUEST_PTY', 12 => 'NET_SSH1_CMSG_EXEC_SHELL', 13 => 'NET_SSH1_CMSG_EXEC_CMD', 14 => 'NET_SSH1_SMSG_SUCCESS', 15 => 'NET_SSH1_SMSG_FAILURE', 16 => 'NET_SSH1_CMSG_STDIN_DATA', 17 => 'NET_SSH1_SMSG_STDOUT_DATA', 18 => 'NET_SSH1_SMSG_STDERR_DATA', 19 => 'NET_SSH1_CMSG_EOF', 20 => 'NET_SSH1_SMSG_EXITSTATUS', 33 => 'NET_SSH1_CMSG_EXIT_CONFIRMATION' ); $this->_define_array($this->protocol_flags); $this->host = $host; $this->port = $port; $this->connectionTimeout = $timeout; $this->cipher = $cipher; } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @param string $host * @param int $port * @param int $timeout * @param int $cipher * @access public / function Net_SSH1($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES) { $this->__construct($host, $port, $timeout, $cipher); } /* * Connect to an SSHv1 server * * @return bool * @access private / function _connect() { $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->connectionTimeout); if (!$this->fsock) { user_error(rtrim("Cannot connect to {$this->host}:{$this->port}. Error $errno. $errstr")); return false; } $this->server_identification = $init_line = fgets($this->fsock, 255); if (defined('NET_SSH1_LOGGING')) { $this->_append_log('<-', $this->server_identification); $this->_append_log('->', $this->identifier . "\r\n"); } if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) { user_error('Can only connect to SSH servers'); return false; } if ($parts[1][0] != 1) { user_error("Cannot connect to SSH $parts[1] servers"); return false; } fputs($this->fsock, $this->identifier."\r\n"); $response = $this->_get_binary_packet(); if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) { user_error('Expected SSH_SMSG_PUBLIC_KEY'); return false; } $anti_spoofing_cookie = $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 8); $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4); if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 2) { return false; } $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2)); $server_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $this->server_key_public_exponent = $server_key_public_exponent; if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 2) { return false; } $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2)); $server_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $this->server_key_public_modulus = $server_key_public_modulus; $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4); if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 2) { return false; } $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2)); $host_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $this->host_key_public_exponent = $host_key_public_exponent; if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 2) { return false; } $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2)); $host_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $this->host_key_public_modulus = $host_key_public_modulus; $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4); // get a list of the supported ciphers if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 4) { return false; } extract(unpack('Nsupported_ciphers_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4))); foreach ($this->supported_ciphers as $mask => $name) { if (($supported_ciphers_mask & (1 << $mask)) == 0) { unset($this->supported_ciphers[$mask]); } } // get a list of the supported authentications if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 4) { return false; } extract(unpack('Nsupported_authentications_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4))); foreach ($this->supported_authentications as $mask => $name) { if (($supported_authentications_mask & (1 << $mask)) == 0) { unset($this->supported_authentications[$mask]); } } $session_id = pack('H', md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie)); $session_key = crypt_random_string(32); $double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0)); if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) { $double_encrypted_session_key = $this->_rsa_crypt( $double_encrypted_session_key, array( $server_key_public_exponent, $server_key_public_modulus ) ); $double_encrypted_session_key = $this->_rsa_crypt( $double_encrypted_session_key, array( $host_key_public_exponent, $host_key_public_modulus ) ); } else { $double_encrypted_session_key = $this->_rsa_crypt( $double_encrypted_session_key, array( $host_key_public_exponent, $host_key_public_modulus ) ); $double_encrypted_session_key = $this->_rsa_crypt( $double_encrypted_session_key, array( $server_key_public_exponent, $server_key_public_modulus ) ); } $cipher = isset($this->supported_ciphers[$this->cipher]) ? $this->cipher : NET_SSH1_CIPHER_3DES; $data = pack('C2anaN', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0); if (!$this->_send_binary_packet($data)) { user_error('Error sending SSH_CMSG_SESSION_KEY'); return false; } switch ($cipher) { //case NET_SSH1_CIPHER_NONE: // $this->crypto = new Crypt_Null(); // break; case NET_SSH1_CIPHER_DES: if (!class_exists('Crypt_DES')) { include_once 'Crypt/DES.php'; } $this->crypto = new Crypt_DES(); $this->crypto->disablePadding(); $this->crypto->enableContinuousBuffer(); $this->crypto->setKey(substr($session_key, 0, 8)); break; case NET_SSH1_CIPHER_3DES: if (!class_exists('Crypt_TripleDES')) { include_once 'Crypt/TripleDES.php'; } $this->crypto = new Crypt_TripleDES(CRYPT_DES_MODE_3CBC); $this->crypto->disablePadding(); $this->crypto->enableContinuousBuffer(); $this->crypto->setKey(substr($session_key, 0, 24)); break; //case NET_SSH1_CIPHER_RC4: // if (!class_exists('Crypt_RC4')) { // include_once 'Crypt/RC4.php'; // } // $this->crypto = new Crypt_RC4(); // $this->crypto->enableContinuousBuffer(); // $this->crypto->setKey(substr($session_key, 0, 16)); // break; } $response = $this->_get_binary_packet(); if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) { user_error('Expected SSH_SMSG_SUCCESS'); return false; } $this->bitmap = NET_SSH1_MASK_CONNECTED; return true; } /** * Login * * @param string $username * @param string $password * @return bool * @access public / function login($username, $password = '') { if (!($this->bitmap & NET_SSH1_MASK_CONSTRUCTOR)) { $this->bitmap \|= NET_SSH1_MASK_CONSTRUCTOR; if (!$this->_connect()) { return false; } } if (!($this->bitmap & NET_SSH1_MASK_CONNECTED)) { return false; } $data = pack('CNa', NET_SSH1_CMSG_USER, strlen($username), $username); if (!$this->_send_binary_packet($data)) { user_error('Error sending SSH_CMSG_USER'); return false; } $response = $this->_get_binary_packet(); if ($response === true) { return false; } if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) { $this->bitmap \|= NET_SSH1_MASK_LOGIN; return true; } elseif ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_FAILURE) { user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE'); return false; } $data = pack('CNa', NET_SSH1_CMSG_AUTH_PASSWORD, strlen($password), $password); if (!$this->_send_binary_packet($data)) { user_error('Error sending SSH_CMSG_AUTH_PASSWORD'); return false; } // remove the username and password from the last logged packet if (defined('NET_SSH1_LOGGING') && NET_SSH1_LOGGING == NET_SSH1_LOG_COMPLEX) { $data = pack('CNa', NET_SSH1_CMSG_AUTH_PASSWORD, strlen('password'), 'password'); $this->message_log[count($this->message_log) - 1] = $data; } $response = $this->_get_binary_packet(); if ($response === true) { return false; } if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) { $this->bitmap \|= NET_SSH1_MASK_LOGIN; return true; } elseif ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_FAILURE) { return false; } else { user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE'); return false; } } /** * Set Timeout * * $ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. * Setting $timeout to false or 0 will mean there is no timeout. * * @param mixed $timeout / function setTimeout($timeout) { $this->timeout = $this->curTimeout = $timeout; } /* * Executes a command on a non-interactive shell, returns the output, and quits. * * An SSH1 server will close the connection after a command has been executed on a non-interactive shell. SSH2 * servers don't, however, this isn't an SSH2 client. The way this works, on the server, is by initiating a * shell with the -s option, as discussed in the following links: * * {@link http://www.faqs.org/docs/bashman/bashref_65.html http://www.faqs.org/docs/bashman/bashref_65.html} * {@link http://www.faqs.org/docs/bashman/bashref_62.html http://www.faqs.org/docs/bashman/bashref_62.html} * * To execute further commands, a new Net_SSH1 object will need to be created. * * Returns false on failure and the output, otherwise. * * @see self::interactiveRead() * @see self::interactiveWrite() * @param string $cmd * @return mixed * @access public / function exec($cmd, $block = true) { if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) { user_error('Operation disallowed prior to login()'); return false; } $data = pack('CNa', NET_SSH1_CMSG_EXEC_CMD, strlen($cmd), $cmd); if (!$this->_send_binary_packet($data)) { user_error('Error sending SSH_CMSG_EXEC_CMD'); return false; } if (!$block) { return true; } $output = ''; $response = $this->_get_binary_packet(); if ($response !== false) { do { $output.= substr($response[NET_SSH1_RESPONSE_DATA], 4); $response = $this->_get_binary_packet(); } while (is_array($response) && $response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_EXITSTATUS); } $data = pack('C', NET_SSH1_CMSG_EXIT_CONFIRMATION); // i don't think it's really all that important if this packet gets sent or not. $this->_send_binary_packet($data); fclose($this->fsock); // reset the execution bitmap - a new Net_SSH1 object needs to be created. $this->bitmap = 0; return $output; } /** * Creates an interactive shell * * @see self::interactiveRead() * @see self::interactiveWrite() * @return bool * @access private / function _initShell() { // connect using the sample parameters in protocol-1.5.txt. // according to wikipedia.org's entry on text terminals, "the fundamental type of application running on a text // terminal is a command line interpreter or shell". thus, opening a terminal session to run the shell. $data = pack('CNaN4C', NET_SSH1_CMSG_REQUEST_PTY, strlen('vt100'), 'vt100', 24, 80, 0, 0, NET_SSH1_TTY_OP_END); if (!$this->_send_binary_packet($data)) { user_error('Error sending SSH_CMSG_REQUEST_PTY'); return false; } $response = $this->_get_binary_packet(); if ($response === true) { return false; } if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) { user_error('Expected SSH_SMSG_SUCCESS'); return false; } $data = pack('C', NET_SSH1_CMSG_EXEC_SHELL); if (!$this->_send_binary_packet($data)) { user_error('Error sending SSH_CMSG_EXEC_SHELL'); return false; } $this->bitmap \|= NET_SSH1_MASK_SHELL; //stream_set_blocking($this->fsock, 0); return true; } /** * Inputs a command into an interactive shell. * * @see self::interactiveWrite() * @param string $cmd * @return bool * @access public / function write($cmd) { return $this->interactiveWrite($cmd); } /* * Returns the output of an interactive shell when there's a match for $expect * * $expect can take the form of a string literal or, if $mode == NET_SSH1_READ_REGEX, * a regular expression. * * @see self::write() * @param string $expect * @param int $mode * @return bool * @access public / function read($expect, $mode = NET_SSH1_READ_SIMPLE) { if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) { user_error('Operation disallowed prior to login()'); return false; } if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) { user_error('Unable to initiate an interactive shell session'); return false; } $match = $expect; while (true) { if ($mode == NET_SSH1_READ_REGEX) { preg_match($expect, $this->interactiveBuffer, $matches); $match = isset($matches[0]) ? $matches[0] : ''; } $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false; if ($pos !== false) { return $this->_string_shift($this->interactiveBuffer, $pos + strlen($match)); } $response = $this->_get_binary_packet(); if ($response === true) { return $this->_string_shift($this->interactiveBuffer, strlen($this->interactiveBuffer)); } $this->interactiveBuffer.= substr($response[NET_SSH1_RESPONSE_DATA], 4); } } /* * Inputs a command into an interactive shell. * * @see self::interactiveRead() * @param string $cmd * @return bool * @access public / function interactiveWrite($cmd) { if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) { user_error('Operation disallowed prior to login()'); return false; } if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) { user_error('Unable to initiate an interactive shell session'); return false; } $data = pack('CNa', NET_SSH1_CMSG_STDIN_DATA, strlen($cmd), $cmd); if (!$this->_send_binary_packet($data)) { user_error('Error sending SSH_CMSG_STDIN'); return false; } return true; } /** * Returns the output of an interactive shell when no more output is available. * * Requires PHP 4.3.0 or later due to the use of the stream_select() function. If you see stuff like * "^[[00m", you're seeing ANSI escape codes. According to * {@link http://support.microsoft.com/kb/101875 How to Enable ANSI.SYS in a Command Window}, "Windows NT * does not support ANSI escape sequences in Win32 Console applications", so if you're a Windows user, * there's not going to be much recourse. * * @see self::interactiveRead() * @return string * @access public / function interactiveRead() { if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) { user_error('Operation disallowed prior to login()'); return false; } if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) { user_error('Unable to initiate an interactive shell session'); return false; } $read = array($this->fsock); $write = $except = null; if (stream_select($read, $write, $except, 0)) { $response = $this->_get_binary_packet(); return substr($response[NET_SSH1_RESPONSE_DATA], 4); } else { return ''; } } /* * Disconnect * * @access public / function disconnect() { $this->_disconnect(); } /* * Destructor. * * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call * disconnect(). * * @access public / function __destruct() { $this->_disconnect(); } /* * Disconnect * * @param string $msg * @access private / function _disconnect($msg = 'Client Quit') { if ($this->bitmap) { $data = pack('C', NET_SSH1_CMSG_EOF); $this->_send_binary_packet($data); / $response = $this->_get_binary_packet(); if ($response === true) { $response = array(NET_SSH1_RESPONSE_TYPE => -1); } switch ($response[NET_SSH1_RESPONSE_TYPE]) { case NET_SSH1_SMSG_EXITSTATUS: $data = pack('C', NET_SSH1_CMSG_EXIT_CONFIRMATION); break; default: $data = pack('CNa', NET_SSH1_MSG_DISCONNECT, strlen($msg), $msg); } / $data = pack('CNa', NET_SSH1_MSG_DISCONNECT, strlen($msg), $msg); $this->_send_binary_packet($data); fclose($this->fsock); $this->bitmap = 0; } } /* * Gets Binary Packets * * See 'The Binary Packet Protocol' of protocol-1.5.txt for more info. * * Also, this function could be improved upon by adding detection for the following exploit: * http://www.securiteam.com/securitynews/5LP042K3FY.html * * @see self::_send_binary_packet() * @return array * @access private / function _get_binary_packet() { if (feof($this->fsock)) { //user_error('connection closed prematurely'); return false; } if ($this->curTimeout) { $read = array($this->fsock); $write = $except = null; $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 $sec = floor($this->curTimeout); $usec = 1000000 ($this->curTimeout - $sec); // on windows this returns a "Warning: Invalid CRT parameters detected" error if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { //$this->_disconnect('Timeout'); return true; } $elapsed = strtok(microtime(), ' ') + strtok('') - $start; $this->curTimeout-= $elapsed; } $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 $data = fread($this->fsock, 4); if (strlen($data) < 4) { return false; } $temp = unpack('Nlength', $data); $padding_length = 8 - ($temp['length'] & 7); $length = $temp['length'] + $padding_length; $raw = ''; while ($length > 0) { $temp = fread($this->fsock, $length); $raw.= $temp; $length-= strlen($temp); } $stop = strtok(microtime(), ' ') + strtok(''); if (strlen($raw) && $this->crypto !== false) { $raw = $this->crypto->decrypt($raw); } $padding = substr($raw, 0, $padding_length); $type = $raw[$padding_length]; $data = substr($raw, $padding_length + 1, -4); if (strlen($raw) < 4) { return false; } $temp = unpack('Ncrc', substr($raw, -4)); //if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) { // user_error('Bad CRC in packet from server'); // return false; //} $type = ord($type); if (defined('NET_SSH1_LOGGING')) { $temp = isset($this->protocol_flags[$type]) ? $this->protocol_flags[$type] : 'UNKNOWN'; $temp = '<- ' . $temp . ' (' . round($stop - $start, 4) . 's)'; $this->_append_log($temp, $data); } return array( NET_SSH1_RESPONSE_TYPE => $type, NET_SSH1_RESPONSE_DATA => $data ); } /** * Sends Binary Packets * * Returns true on success, false on failure. * * @see self::_get_binary_packet() * @param string $data * @return bool * @access private / function _send_binary_packet($data) { if (feof($this->fsock)) { //user_error('connection closed prematurely'); return false; } $length = strlen($data) + 4; $padding = crypt_random_string(8 - ($length & 7)); $orig = $data; $data = $padding . $data; $data.= pack('N', $this->_crc($data)); if ($this->crypto !== false) { $data = $this->crypto->encrypt($data); } $packet = pack('Na', $length, $data); $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 $result = strlen($packet) == fputs($this->fsock, $packet); $stop = strtok(microtime(), ' ') + strtok(''); if (defined('NET_SSH1_LOGGING')) { $temp = isset($this->protocol_flags[ord($orig[0])]) ? $this->protocol_flags[ord($orig[0])] : 'UNKNOWN'; $temp = '-> ' . $temp . ' (' . round($stop - $start, 4) . 's)'; $this->_append_log($temp, $orig); } return $result; } /** * Cyclic Redundancy Check (CRC) * * PHP's crc32 function is implemented slightly differently than the one that SSH v1 uses, so * we've reimplemented it. A more detailed discussion of the differences can be found after * $crc_lookup_table's initialization. * * @see self::_get_binary_packet() * @see self::_send_binary_packet() * @param string $data * @return int * @access private / function _crc($data) { static $crc_lookup_table = array( 0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, 0x706AF48F, 0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988, 0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91, 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE, 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7, 0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9, 0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172, 0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, 0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59, 0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423, 0xCFBA9599, 0xB8BDA50F, 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924, 0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D, 0x76DC4190, 0x01DB7106, 0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433, 0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818, 0x7F6A0DBB, 0x086D3D2D, 0x91646C97, 0xE6635C01, 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E, 0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457, 0x65B0D9C6, 0x12B7E950, 0x8BBEB8EA, 0xFCB9887C, 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65, 0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, 0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB, 0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0, 0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9, 0x5005713C, 0x270241AA, 0xBE0B1010, 0xC90C2086, 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F, 0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, 0x2EB40D81, 0xB7BD5C3B, 0xC0BA6CAD, 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A, 0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683, 0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8, 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1, 0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE, 0xF762575D, 0x806567CB, 0x196C3671, 0x6E6B06E7, 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC, 0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, 0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B, 0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55, 0x316E8EEF, 0x4669BE79, 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236, 0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F, 0xC5BA3BBE, 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D, 0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A, 0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713, 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38, 0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, 0x86D3D2D4, 0xF1D4E242, 0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777, 0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, 0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45, 0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2, 0xA7672661, 0xD06016F7, 0x4969474D, 0x3E6E77DB, 0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9, 0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605, 0xCDD70693, 0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94, 0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D ); // For this function to yield the same output as PHP's crc32 function, $crc would have to be // set to 0xFFFFFFFF, initially - not 0x00000000 as it currently is. $crc = 0x00000000; $length = strlen($data); for ($i=0; $i<$length; $i++) { // We AND $crc >> 8 with 0x00FFFFFF because we want the eight newly added bits to all // be zero. PHP, unfortunately, doesn't always do this. 0x80000000 >> 8, as an example, // yields 0xFF800000 - not 0x00800000. The following link elaborates: // http://www.php.net/manual/en/language.operators.bitwise.php#57281 $crc = (($crc >> 8) & 0x00FFFFFF) ^ $crc_lookup_table[($crc & 0xFF) ^ ord($data[$i])]; } // In addition to having to set $crc to 0xFFFFFFFF, initially, the return value must be XOR'd with // 0xFFFFFFFF for this function to return the same thing that PHP's crc32 function would. return $crc; } /* * String Shift * * Inspired by array_shift * * @param string $string * @param int $index * @return string * @access private / function _string_shift(&$string, $index = 1) { $substr = substr($string, 0, $index); $string = substr($string, $index); return $substr; } /* * RSA Encrypt * * Returns mod(pow($m, $e), $n), where $n should be the product of two (large) primes $p and $q and where $e * should be a number with the property that gcd($e, ($p - 1) * ($q - 1)) == 1. Could just make anything that * calls this call modexp, instead, but I think this makes things clearer, maybe... * * @see self::Net_SSH1() * @param Math_BigInteger $m * @param array $key * @return Math_BigInteger * @access private / function _rsa_crypt($m, $key) { / if (!class_exists('Crypt_RSA')) { include_once 'Crypt/RSA.php'; } $rsa = new Crypt_RSA(); $rsa->loadKey($key, CRYPT_RSA_PUBLIC_FORMAT_RAW); $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); return $rsa->encrypt($m); / // To quote from protocol-1.5.txt: // The most significant byte (which is only partial as the value must be // less than the public modulus, which is never a power of two) is zero. // // The next byte contains the value 2 (which stands for public-key // encrypted data in the PKCS standard [PKCS#1]). Then, there are non- // zero random bytes to fill any unused space, a zero byte, and the data // to be encrypted in the least significant bytes, the last byte of the // data in the least significant byte. // Presumably the part of PKCS#1 they're refering to is "Section 7.2.1 Encryption Operation", // under "7.2 RSAES-PKCS1-v1.5" and "7 Encryption schemes" of the following URL: // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf $modulus = $key[1]->toBytes(); $length = strlen($modulus) - strlen($m) - 3; $random = ''; while (strlen($random) != $length) { $block = crypt_random_string($length - strlen($random)); $block = str_replace("\x00", '', $block); $random.= $block; } $temp = chr(0) . chr(2) . $random . chr(0) . $m; $m = new Math_BigInteger($temp, 256); $m = $m->modPow($key[0], $key[1]); return $m->toBytes(); } /* * Define Array * * Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of * named constants from it, using the value as the name of the constant and the index as the value of the constant. * If any of the constants that would be defined already exists, none of the constants will be defined. * * @param array $array * @access private / function _define_array() { $args = func_get_args(); foreach ($args as $arg) { foreach ($arg as $key => $value) { if (!defined($value)) { define($value, $key); } else { break 2; } } } } /* * Returns a log of the packets that have been sent and received. * * Returns a string if NET_SSH1_LOGGING == NET_SSH1_LOG_COMPLEX, an array if NET_SSH1_LOGGING == NET_SSH1_LOG_SIMPLE and false if !defined('NET_SSH1_LOGGING') * * @access public * @return array\|false\|string / function getLog() { if (!defined('NET_SSH1_LOGGING')) { return false; } switch (NET_SSH1_LOGGING) { case NET_SSH1_LOG_SIMPLE: return $this->message_number_log; break; case NET_SSH1_LOG_COMPLEX: return $this->_format_log($this->message_log, $this->protocol_flags_log); break; default: return false; } } /* * Formats a log for printing * * @param array $message_log * @param array $message_number_log * @access private * @return string / function _format_log($message_log, $message_number_log) { $output = ''; for ($i = 0; $i < count($message_log); $i++) { $output.= $message_number_log[$i] . "\r\n"; $current_log = $message_log[$i]; $j = 0; do { if (strlen($current_log)) { $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; } $fragment = $this->_string_shift($current_log, $this->log_short_width); $hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary)); // replace non ASCII printable characters with dots // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters // also replace < with a . since < messes up the output on web browsers $raw = preg_replace('#[^\x20-\x7E]\|<#', '.', $fragment); $output.= str_pad($hex, $this->log_long_width - $this->log_short_width, ' ') . $raw . "\r\n"; $j++; } while (strlen($current_log)); $output.= "\r\n"; } return $output; } /* * Helper function for _format_log * * For use with preg_replace_callback() * * @param array $matches * @access private * @return string / function _format_log_helper($matches) { return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); } /* * Return the server key public exponent * * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, * the raw bytes. This behavior is similar to PHP's md5() function. * * @param bool $raw_output * @return string * @access public / function getServerKeyPublicExponent($raw_output = false) { return $raw_output ? $this->server_key_public_exponent->toBytes() : $this->server_key_public_exponent->toString(); } /* * Return the server key public modulus * * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, * the raw bytes. This behavior is similar to PHP's md5() function. * * @param bool $raw_output * @return string * @access public / function getServerKeyPublicModulus($raw_output = false) { return $raw_output ? $this->server_key_public_modulus->toBytes() : $this->server_key_public_modulus->toString(); } /* * Return the host key public exponent * * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, * the raw bytes. This behavior is similar to PHP's md5() function. * * @param bool $raw_output * @return string * @access public / function getHostKeyPublicExponent($raw_output = false) { return $raw_output ? $this->host_key_public_exponent->toBytes() : $this->host_key_public_exponent->toString(); } /* * Return the host key public modulus * * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, * the raw bytes. This behavior is similar to PHP's md5() function. * * @param bool $raw_output * @return string * @access public / function getHostKeyPublicModulus($raw_output = false) { return $raw_output ? $this->host_key_public_modulus->toBytes() : $this->host_key_public_modulus->toString(); } /* * Return a list of ciphers supported by SSH1 server. * * Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output * is set to true, returns, instead, an array of constants. ie. instead of array('Triple-DES in CBC mode'), you'll * get array(NET_SSH1_CIPHER_3DES). * * @param bool $raw_output * @return array * @access public / function getSupportedCiphers($raw_output = false) { return $raw_output ? array_keys($this->supported_ciphers) : array_values($this->supported_ciphers); } /* * Return a list of authentications supported by SSH1 server. * * Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output * is set to true, returns, instead, an array of constants. ie. instead of array('password authentication'), you'll * get array(NET_SSH1_AUTH_PASSWORD). * * @param bool $raw_output * @return array * @access public / function getSupportedAuthentications($raw_output = false) { return $raw_output ? array_keys($this->supported_authentications) : array_values($this->supported_authentications); } /* * Return the server identification. * * @return string * @access public / function getServerIdentification() { return rtrim($this->server_identification); } /* * Logs data packets * * Makes sure that only the last 1MB worth of packets will be logged * * @param string $data * @access private / function _append_log($protocol_flags, $message) { switch (NET_SSH1_LOGGING) { // useful for benchmarks case NET_SSH1_LOG_SIMPLE: $this->protocol_flags_log[] = $protocol_flags; break; // the most useful log for SSH1 case NET_SSH1_LOG_COMPLEX: $this->protocol_flags_log[] = $protocol_flags; $this->_string_shift($message); $this->log_size+= strlen($message); $this->message_log[] = $message; while ($this->log_size > NET_SSH1_LOG_MAX_SIZE) { $this->log_size-= strlen(array_shift($this->message_log)); array_shift($this->protocol_flags_log); } break; // dump the output out realtime; packets may be interspersed with non packets, // passwords won't be filtered out and select other packets may not be correctly // identified case NET_SSH1_LOG_REALTIME: echo "<pre>\r\n" . $this->_format_log(array($message), array($protocol_flags)) . "\r\n</pre>\r\n"; @flush(); @ob_flush(); break; // basically the same thing as NET_SSH1_LOG_REALTIME with the caveat that NET_SSH1_LOG_REALTIME_FILE // needs to be defined and that the resultant log file will be capped out at NET_SSH1_LOG_MAX_SIZE. // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily // at the beginning of the file case NET_SSH1_LOG_REALTIME_FILE: if (!isset($this->realtime_log_file)) { // PHP doesn't seem to like using constants in fopen() $filename = NET_SSH1_LOG_REALTIME_FILE; $fp = fopen($filename, 'w'); $this->realtime_log_file = $fp; } if (!is_resource($this->realtime_log_file)) { break; } $entry = $this->_format_log(array($message), array($protocol_flags)); if ($this->realtime_log_wrap) { $temp = "<<< START >>>\r\n"; $entry.= $temp; fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp)); } $this->realtime_log_size+= strlen($entry); if ($this->realtime_log_size > NET_SSH1_LOG_MAX_SIZE) { fseek($this->realtime_log_file, 0); $this->realtime_log_size = strlen($entry); $this->realtime_log_wrap = true; } fputs($this->realtime_log_file, $entry); } } } ��phpseclib/Net/SCP.php��0000644��00000025132�15104540706�0010406 0��ustar�00��<?php /* * Pure-PHP implementation of SCP. * * PHP versions 4 and 5 * * The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}. * * Here's a short example of how to use this library: * <code> * <?php * include 'Net/SCP.php'; * include 'Net/SSH2.php'; * * $ssh = new Net_SSH2('www.domain.tld'); * if (!$ssh->login('username', 'password')) { * exit('bad login'); * } * * $scp = new Net_SCP($ssh); * $scp->put('abcd', str_repeat('x', 10241024)); ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Net * @package Net_SCP * @author Jim Wigginton <terrafrost@php.net> * @copyright 2010 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /#@+ @access public * @see self::put() / /* * Reads data from a local file. / define('NET_SCP_LOCAL_FILE', 1); /* * Reads data from a string. / define('NET_SCP_STRING', 2); /#@-/ /*#@+ @access private * @see self::_send() * @see self::_receive() / /* * SSH1 is being used. / define('NET_SCP_SSH1', 1); /* * SSH2 is being used. / define('NET_SCP_SSH2', 2); /#@-/ /** * Pure-PHP implementations of SCP. * * @package Net_SCP * @author Jim Wigginton <terrafrost@php.net> * @access public / class Net_SCP { /* * SSH Object * * @var object * @access private / var $ssh; /* * Packet Size * * @var int * @access private / var $packet_size; /* * Mode * * @var int * @access private / var $mode; /* * Default Constructor. * * Connects to an SSH server * * @param Net_SSH1\|Net_SSH2 $ssh * @return Net_SCP * @access public / function __construct($ssh) { if (!is_object($ssh)) { return; } switch (strtolower(get_class($ssh))) { case 'net_ssh2': $this->mode = NET_SCP_SSH2; break; case 'net_ssh1': $this->packet_size = 50000; $this->mode = NET_SCP_SSH1; break; default: return; } $this->ssh = $ssh; } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @param Net_SSH1\|Net_SSH2 $ssh * @access public / function Net_SCP($ssh) { $this->__construct($ssh); } /* * Uploads a file to the SCP server. * * By default, Net_SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file. * So, for example, if you set $data to 'filename.ext' and then do Net_SCP::get(), you will get a file, twelve bytes * long, containing 'filename.ext' as its contents. * * Setting $mode to NET_SCP_LOCAL_FILE will change the above behavior. With NET_SCP_LOCAL_FILE, $remote_file will * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how * large $remote_file will be, as well. * * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take * care of that, yourself. * * @param string $remote_file * @param string $data * @param int $mode * @param callable $callback * @return bool * @access public / function put($remote_file, $data, $mode = NET_SCP_STRING, $callback = null) { if (!isset($this->ssh)) { return false; } if (empty($remote_file)) { user_error('remote_file cannot be blank', E_USER_NOTICE); return false; } if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to return false; } $temp = $this->_receive(); if ($temp !== chr(0)) { return false; } if ($this->mode == NET_SCP_SSH2) { $this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC] - 4; } $remote_file = basename($remote_file); if ($mode == NET_SCP_STRING) { $size = strlen($data); } else { if (!is_file($data)) { user_error("$data is not a valid file", E_USER_NOTICE); return false; } $fp = @fopen($data, 'rb'); if (!$fp) { return false; } $size = filesize($data); } $this->_send('C0644 ' . $size . ' ' . $remote_file . "\n"); $temp = $this->_receive(); if ($temp !== chr(0)) { return false; } $sent = 0; while ($sent < $size) { $temp = $mode & NET_SCP_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size); $this->_send($temp); $sent+= strlen($temp); if (is_callable($callback)) { call_user_func($callback, $sent); } } $this->_close(); if ($mode != NET_SCP_STRING) { fclose($fp); } return true; } /* * Downloads a file from the SCP server. * * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the * operation * * @param string $remote_file * @param string $local_file * @return mixed * @access public / function get($remote_file, $local_file = false) { if (!isset($this->ssh)) { return false; } if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from return false; } $this->_send("\0"); if (!preg_match('#(?<perms>[^ ]+) (?<size>\d+) (?<name>.+)#', rtrim($this->_receive()), $info)) { return false; } $this->_send("\0"); $size = 0; if ($local_file !== false) { $fp = @fopen($local_file, 'wb'); if (!$fp) { return false; } } $content = ''; while ($size < $info['size']) { $data = $this->_receive(); // SCP usually seems to split stuff out into 16k chunks $size+= strlen($data); if ($local_file === false) { $content.= $data; } else { fputs($fp, $data); } } $this->_close(); if ($local_file !== false) { fclose($fp); return true; } return $content; } /* * Sends a packet to an SSH server * * @param string $data * @access private / function _send($data) { switch ($this->mode) { case NET_SCP_SSH2: $this->ssh->_send_channel_packet(NET_SSH2_CHANNEL_EXEC, $data); break; case NET_SCP_SSH1: $data = pack('CNa', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data); $this->ssh->_send_binary_packet($data); } } /** * Receives a packet from an SSH server * * @return string * @access private / function _receive() { switch ($this->mode) { case NET_SCP_SSH2: return $this->ssh->_get_channel_packet(NET_SSH2_CHANNEL_EXEC, true); case NET_SCP_SSH1: if (!$this->ssh->bitmap) { return false; } while (true) { $response = $this->ssh->_get_binary_packet(); switch ($response[NET_SSH1_RESPONSE_TYPE]) { case NET_SSH1_SMSG_STDOUT_DATA: if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 4) { return false; } extract(unpack('Nlength', $response[NET_SSH1_RESPONSE_DATA])); return $this->ssh->_string_shift($response[NET_SSH1_RESPONSE_DATA], $length); case NET_SSH1_SMSG_STDERR_DATA: break; case NET_SSH1_SMSG_EXITSTATUS: $this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION)); fclose($this->ssh->fsock); $this->ssh->bitmap = 0; return false; default: user_error('Unknown packet received', E_USER_NOTICE); return false; } } } } /* * Closes the connection to an SSH server * * @access private / function _close() { switch ($this->mode) { case NET_SCP_SSH2: $this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC, true); break; case NET_SCP_SSH1: $this->ssh->disconnect(); } } } ��phpseclib/Net/SSH2.php��0000644��00000530153�15104540706�0010504 0��ustar�00��<?php /* * Pure-PHP implementation of SSHv2. * * PHP versions 4 and 5 * * Here are some examples of how to use this library: * <code> * <?php * include 'Net/SSH2.php'; * * $ssh = new Net_SSH2('www.domain.tld'); * if (!$ssh->login('username', 'password')) { * exit('Login Failed'); * } * * echo $ssh->exec('pwd'); * echo $ssh->exec('ls -la'); * ?> * </code> * * <code> * <?php * include 'Crypt/RSA.php'; * include 'Net/SSH2.php'; * * $key = new Crypt_RSA(); * //$key->setPassword('whatever'); * $key->loadKey(file_get_contents('privatekey')); * * $ssh = new Net_SSH2('www.domain.tld'); * if (!$ssh->login('username', $key)) { * exit('Login Failed'); * } * * echo $ssh->read('username@username:~$'); * $ssh->write("ls -la\n"); * echo $ssh->read('username@username:~$'); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Net * @package Net_SSH2 * @author Jim Wigginton <terrafrost@php.net> * @copyright 2007 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /#@+ Execution Bitmap Masks * * @see self::bitmap * @access private / define('NET_SSH2_MASK_CONSTRUCTOR', 0x00000001); define('NET_SSH2_MASK_CONNECTED', 0x00000002); define('NET_SSH2_MASK_LOGIN_REQ', 0x00000004); define('NET_SSH2_MASK_LOGIN', 0x00000008); define('NET_SSH2_MASK_SHELL', 0x00000010); define('NET_SSH2_MASK_WINDOW_ADJUST', 0x00000020); /#@-/ /*#@+ Channel constants * * RFC4254 refers not to client and server channels but rather to sender and recipient channels. we don't refer * to them in that way because RFC4254 toggles the meaning. the client sends a SSH_MSG_CHANNEL_OPEN message with * a sender channel and the server sends a SSH_MSG_CHANNEL_OPEN_CONFIRMATION in response, with a sender and a * recepient channel. at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel * would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snipet: * The 'recipient channel' is the channel number given in the original * open request, and 'sender channel' is the channel number allocated by * the other side. * * @see self::_send_channel_packet() * @see self::_get_channel_packet() * @access private / define('NET_SSH2_CHANNEL_EXEC', 1); // PuTTy uses 0x100 define('NET_SSH2_CHANNEL_SHELL', 2); define('NET_SSH2_CHANNEL_SUBSYSTEM', 3); define('NET_SSH2_CHANNEL_AGENT_FORWARD', 4); define('NET_SSH2_CHANNEL_KEEP_ALIVE', 5); /#@-/ /*#@+ @access public * @see self::getLog() / /* * Returns the message numbers / define('NET_SSH2_LOG_SIMPLE', 1); /* * Returns the message content / define('NET_SSH2_LOG_COMPLEX', 2); /* * Outputs the content real-time / define('NET_SSH2_LOG_REALTIME', 3); /* * Dumps the content real-time to a file / define('NET_SSH2_LOG_REALTIME_FILE', 4); /* * Make sure that the log never gets larger than this / define('NET_SSH2_LOG_MAX_SIZE', 1024 1024); /*#@-/ /*#@+ @access public * @see self::read() / /* * Returns when a string matching $expect exactly is found / define('NET_SSH2_READ_SIMPLE', 1); /* * Returns when a string matching the regular expression $expect is found / define('NET_SSH2_READ_REGEX', 2); /* * Returns whenever a data packet is received. * * Some data packets may only contain a single character so it may be necessary * to call read() multiple times when using this option / define('NET_SSH2_READ_NEXT', 3); /#@-/ /** * Pure-PHP implementation of SSHv2. * * @package Net_SSH2 * @author Jim Wigginton <terrafrost@php.net> * @access public / class Net_SSH2 { /* * The SSH identifier * * @var string * @access private / var $identifier; /* * The Socket Object * * @var object * @access private / var $fsock; /* * Execution Bitmap * * The bits that are set represent functions that have been called already. This is used to determine * if a requisite function has been successfully executed. If not, an error should be thrown. * * @var int * @access private / var $bitmap = 0; /* * Error information * * @see self::getErrors() * @see self::getLastError() * @var string * @access private / var $errors = array(); /* * Server Identifier * * @see self::getServerIdentification() * @var array\|false * @access private / var $server_identifier = false; /* * Key Exchange Algorithms * * @see self::getKexAlgorithims() * @var array\|false * @access private / var $kex_algorithms = false; /* * Key Exchange Algorithm * * @see self::getMethodsNegotiated() * @var string\|false * @access private / var $kex_algorithm = false; /* * Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods * * @see self::_key_exchange() * @var int * @access private / var $kex_dh_group_size_min = 1536; /* * Preferred Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods * * @see self::_key_exchange() * @var int * @access private / var $kex_dh_group_size_preferred = 2048; /* * Maximum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods * * @see self::_key_exchange() * @var int * @access private / var $kex_dh_group_size_max = 4096; /* * Server Host Key Algorithms * * @see self::getServerHostKeyAlgorithms() * @var array\|false * @access private / var $server_host_key_algorithms = false; /* * Encryption Algorithms: Client to Server * * @see self::getEncryptionAlgorithmsClient2Server() * @var array\|false * @access private / var $encryption_algorithms_client_to_server = false; /* * Encryption Algorithms: Server to Client * * @see self::getEncryptionAlgorithmsServer2Client() * @var array\|false * @access private / var $encryption_algorithms_server_to_client = false; /* * MAC Algorithms: Client to Server * * @see self::getMACAlgorithmsClient2Server() * @var array\|false * @access private / var $mac_algorithms_client_to_server = false; /* * MAC Algorithms: Server to Client * * @see self::getMACAlgorithmsServer2Client() * @var array\|false * @access private / var $mac_algorithms_server_to_client = false; /* * Compression Algorithms: Client to Server * * @see self::getCompressionAlgorithmsClient2Server() * @var array\|false * @access private / var $compression_algorithms_client_to_server = false; /* * Compression Algorithms: Server to Client * * @see self::getCompressionAlgorithmsServer2Client() * @var array\|false * @access private / var $compression_algorithms_server_to_client = false; /* * Languages: Server to Client * * @see self::getLanguagesServer2Client() * @var array\|false * @access private / var $languages_server_to_client = false; /* * Languages: Client to Server * * @see self::getLanguagesClient2Server() * @var array\|false * @access private / var $languages_client_to_server = false; /* * Preferred Algorithms * * @see self::setPreferredAlgorithms() * @var array * @access private / var $preferred = array(); /* * Block Size for Server to Client Encryption * * "Note that the length of the concatenation of 'packet_length', * 'padding_length', 'payload', and 'random padding' MUST be a multiple * of the cipher block size or 8, whichever is larger. This constraint * MUST be enforced, even when using stream ciphers." * * -- http://tools.ietf.org/html/rfc4253#section-6 * * @see self::Net_SSH2() * @see self::_send_binary_packet() * @var int * @access private / var $encrypt_block_size = 8; /* * Block Size for Client to Server Encryption * * @see self::Net_SSH2() * @see self::_get_binary_packet() * @var int * @access private / var $decrypt_block_size = 8; /* * Server to Client Encryption Object * * @see self::_get_binary_packet() * @var object * @access private / var $decrypt = false; /* * Client to Server Encryption Object * * @see self::_send_binary_packet() * @var object * @access private / var $encrypt = false; /* * Client to Server HMAC Object * * @see self::_send_binary_packet() * @var object * @access private / var $hmac_create = false; /* * Server to Client HMAC Object * * @see self::_get_binary_packet() * @var object * @access private / var $hmac_check = false; /* * Size of server to client HMAC * * We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read. * For the client to server side, the HMAC object will make the HMAC as long as it needs to be. All we need to do is * append it. * * @see self::_get_binary_packet() * @var int * @access private / var $hmac_size = false; /* * Server Public Host Key * * @see self::getServerPublicHostKey() * @var string * @access private / var $server_public_host_key; /* * Session identifier * * "The exchange hash H from the first key exchange is additionally * used as the session identifier, which is a unique identifier for * this connection." * * -- http://tools.ietf.org/html/rfc4253#section-7.2 * * @see self::_key_exchange() * @var string * @access private / var $session_id = false; /* * Exchange hash * * The current exchange hash * * @see self::_key_exchange() * @var string * @access private / var $exchange_hash = false; /* * Message Numbers * * @see self::Net_SSH2() * @var array * @access private / var $message_numbers = array(); /* * Disconnection Message 'reason codes' defined in RFC4253 * * @see self::Net_SSH2() * @var array * @access private / var $disconnect_reasons = array(); /* * SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254 * * @see self::Net_SSH2() * @var array * @access private / var $channel_open_failure_reasons = array(); /* * Terminal Modes * * @link http://tools.ietf.org/html/rfc4254#section-8 * @see self::Net_SSH2() * @var array * @access private / var $terminal_modes = array(); /* * SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes * * @link http://tools.ietf.org/html/rfc4254#section-5.2 * @see self::Net_SSH2() * @var array * @access private / var $channel_extended_data_type_codes = array(); /* * Send Sequence Number * * See 'Section 6.4. Data Integrity' of rfc4253 for more info. * * @see self::_send_binary_packet() * @var int * @access private / var $send_seq_no = 0; /* * Get Sequence Number * * See 'Section 6.4. Data Integrity' of rfc4253 for more info. * * @see self::_get_binary_packet() * @var int * @access private / var $get_seq_no = 0; /* * Server Channels * * Maps client channels to server channels * * @see self::_get_channel_packet() * @see self::exec() * @var array * @access private / var $server_channels = array(); /* * Channel Buffers * * If a client requests a packet from one channel but receives two packets from another those packets should * be placed in a buffer * * @see self::_get_channel_packet() * @see self::exec() * @var array * @access private / var $channel_buffers = array(); /* * Channel Status * * Contains the type of the last sent message * * @see self::_get_channel_packet() * @var array * @access private / var $channel_status = array(); /* * Packet Size * * Maximum packet size indexed by channel * * @see self::_send_channel_packet() * @var array * @access private / var $packet_size_client_to_server = array(); /* * Message Number Log * * @see self::getLog() * @var array * @access private / var $message_number_log = array(); /* * Message Log * * @see self::getLog() * @var array * @access private / var $message_log = array(); /* * The Window Size * * Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 2GB) * * @var int * @see self::_send_channel_packet() * @see self::exec() * @access private / var $window_size = 0x7FFFFFFF; /* * Window size, server to client * * Window size indexed by channel * * @see self::_send_channel_packet() * @var array * @access private / var $window_size_server_to_client = array(); /* * Window size, client to server * * Window size indexed by channel * * @see self::_get_channel_packet() * @var array * @access private / var $window_size_client_to_server = array(); /* * Server signature * * Verified against $this->session_id * * @see self::getServerPublicHostKey() * @var string * @access private / var $signature = ''; /* * Server signature format * * ssh-rsa or ssh-dss. * * @see self::getServerPublicHostKey() * @var string * @access private / var $signature_format = ''; /* * Interactive Buffer * * @see self::read() * @var array * @access private / var $interactiveBuffer = ''; /* * Current log size * * Should never exceed NET_SSH2_LOG_MAX_SIZE * * @see self::_send_binary_packet() * @see self::_get_binary_packet() * @var int * @access private / var $log_size; /* * Timeout * * @see self::setTimeout() * @access private / var $timeout; /* * Current Timeout * * @see self::_get_channel_packet() * @access private / var $curTimeout; /* * Real-time log file pointer * * @see self::_append_log() * @var resource * @access private / var $realtime_log_file; /* * Real-time log file size * * @see self::_append_log() * @var int * @access private / var $realtime_log_size; /* * Has the signature been validated? * * @see self::getServerPublicHostKey() * @var bool * @access private / var $signature_validated = false; /* * Real-time log file wrap boolean * * @see self::_append_log() * @access private / var $realtime_log_wrap; /* * Flag to suppress stderr from output * * @see self::enableQuietMode() * @access private / var $quiet_mode = false; /* * Time of first network activity * * @var int * @access private / var $last_packet; /* * Exit status returned from ssh if any * * @var int * @access private / var $exit_status; /* * Flag to request a PTY when using exec() * * @var bool * @see self::enablePTY() * @access private / var $request_pty = false; /* * Flag set while exec() is running when using enablePTY() * * @var bool * @access private / var $in_request_pty_exec = false; /* * Flag set after startSubsystem() is called * * @var bool * @access private / var $in_subsystem; /* * Contents of stdError * * @var string * @access private / var $stdErrorLog; /* * The Last Interactive Response * * @see self::_keyboard_interactive_process() * @var string * @access private / var $last_interactive_response = ''; /* * Keyboard Interactive Request / Responses * * @see self::_keyboard_interactive_process() * @var array * @access private / var $keyboard_requests_responses = array(); /* * Banner Message * * Quoting from the RFC, "in some jurisdictions, sending a warning message before * authentication may be relevant for getting legal protection." * * @see self::_filter() * @see self::getBannerMessage() * @var string * @access private / var $banner_message = ''; /* * Did read() timeout or return normally? * * @see self::isTimeout() * @var bool * @access private / var $is_timeout = false; /* * Log Boundary * * @see self::_format_log() * @var string * @access private / var $log_boundary = ':'; /* * Log Long Width * * @see self::_format_log() * @var int * @access private / var $log_long_width = 65; /* * Log Short Width * * @see self::_format_log() * @var int * @access private / var $log_short_width = 16; /* * Hostname * * @see self::Net_SSH2() * @see self::_connect() * @var string * @access private / var $host; /* * Port Number * * @see self::Net_SSH2() * @see self::_connect() * @var int * @access private / var $port; /* * Number of columns for terminal window size * * @see self::getWindowColumns() * @see self::setWindowColumns() * @see self::setWindowSize() * @var int * @access private / var $windowColumns = 80; /* * Number of columns for terminal window size * * @see self::getWindowRows() * @see self::setWindowRows() * @see self::setWindowSize() * @var int * @access private / var $windowRows = 24; /* * Crypto Engine * * @see self::setCryptoEngine() * @see self::_key_exchange() * @var int * @access private / var $crypto_engine = false; /* * A System_SSH_Agent for use in the SSH2 Agent Forwarding scenario * * @var System_SSH_Agent * @access private / var $agent; /* * Send the identification string first? * * @var bool * @access private / var $send_id_string_first = true; /* * Send the key exchange initiation packet first? * * @var bool * @access private / var $send_kex_first = true; /* * Some versions of OpenSSH incorrectly calculate the key size * * @var bool * @access private / var $bad_key_size_fix = false; /* * Should we try to re-connect to re-establish keys? * * @var bool * @access private / var $retry_connect = false; /* * Binary Packet Buffer * * @var string\|false * @access private / var $binary_packet_buffer = false; /* * Preferred Signature Format * * @var string\|false * @access private / var $preferred_signature_format = false; /* * Authentication Credentials * * @var array * @access private / var $auth = array(); /* * Default Constructor. * * $host can either be a string, representing the host, or a stream resource. * * @param mixed $host * @param int $port * @param int $timeout * @see self::login() * @return Net_SSH2 * @access public / function __construct($host, $port = 22, $timeout = 10) { // Include Math_BigInteger // Used to do Diffie-Hellman key exchange and DSA/RSA signature verification. if (!class_exists('Math_BigInteger')) { include_once 'Math/BigInteger.php'; } if (!function_exists('crypt_random_string')) { include_once 'Crypt/Random.php'; } if (!class_exists('Crypt_Hash')) { include_once 'Crypt/Hash.php'; } // include Crypt_Base so constants can be defined for setCryptoEngine() if (!class_exists('Crypt_Base')) { include_once 'Crypt/Base.php'; } $this->message_numbers = array( 1 => 'NET_SSH2_MSG_DISCONNECT', 2 => 'NET_SSH2_MSG_IGNORE', 3 => 'NET_SSH2_MSG_UNIMPLEMENTED', 4 => 'NET_SSH2_MSG_DEBUG', 5 => 'NET_SSH2_MSG_SERVICE_REQUEST', 6 => 'NET_SSH2_MSG_SERVICE_ACCEPT', 20 => 'NET_SSH2_MSG_KEXINIT', 21 => 'NET_SSH2_MSG_NEWKEYS', 30 => 'NET_SSH2_MSG_KEXDH_INIT', 31 => 'NET_SSH2_MSG_KEXDH_REPLY', 50 => 'NET_SSH2_MSG_USERAUTH_REQUEST', 51 => 'NET_SSH2_MSG_USERAUTH_FAILURE', 52 => 'NET_SSH2_MSG_USERAUTH_SUCCESS', 53 => 'NET_SSH2_MSG_USERAUTH_BANNER', 80 => 'NET_SSH2_MSG_GLOBAL_REQUEST', 81 => 'NET_SSH2_MSG_REQUEST_SUCCESS', 82 => 'NET_SSH2_MSG_REQUEST_FAILURE', 90 => 'NET_SSH2_MSG_CHANNEL_OPEN', 91 => 'NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION', 92 => 'NET_SSH2_MSG_CHANNEL_OPEN_FAILURE', 93 => 'NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST', 94 => 'NET_SSH2_MSG_CHANNEL_DATA', 95 => 'NET_SSH2_MSG_CHANNEL_EXTENDED_DATA', 96 => 'NET_SSH2_MSG_CHANNEL_EOF', 97 => 'NET_SSH2_MSG_CHANNEL_CLOSE', 98 => 'NET_SSH2_MSG_CHANNEL_REQUEST', 99 => 'NET_SSH2_MSG_CHANNEL_SUCCESS', 100 => 'NET_SSH2_MSG_CHANNEL_FAILURE' ); $this->disconnect_reasons = array( 1 => 'NET_SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT', 2 => 'NET_SSH2_DISCONNECT_PROTOCOL_ERROR', 3 => 'NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED', 4 => 'NET_SSH2_DISCONNECT_RESERVED', 5 => 'NET_SSH2_DISCONNECT_MAC_ERROR', 6 => 'NET_SSH2_DISCONNECT_COMPRESSION_ERROR', 7 => 'NET_SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE', 8 => 'NET_SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED', 9 => 'NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE', 10 => 'NET_SSH2_DISCONNECT_CONNECTION_LOST', 11 => 'NET_SSH2_DISCONNECT_BY_APPLICATION', 12 => 'NET_SSH2_DISCONNECT_TOO_MANY_CONNECTIONS', 13 => 'NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER', 14 => 'NET_SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE', 15 => 'NET_SSH2_DISCONNECT_ILLEGAL_USER_NAME' ); $this->channel_open_failure_reasons = array( 1 => 'NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED' ); $this->terminal_modes = array( 0 => 'NET_SSH2_TTY_OP_END' ); $this->channel_extended_data_type_codes = array( 1 => 'NET_SSH2_EXTENDED_DATA_STDERR' ); $this->_define_array( $this->message_numbers, $this->disconnect_reasons, $this->channel_open_failure_reasons, $this->terminal_modes, $this->channel_extended_data_type_codes, array(60 => 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'), array(60 => 'NET_SSH2_MSG_USERAUTH_PK_OK'), array(60 => 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST', 61 => 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'), // RFC 4419 - diffie-hellman-group-exchange-sha{1,256} array(30 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST_OLD', 31 => 'NET_SSH2_MSG_KEXDH_GEX_GROUP', 32 => 'NET_SSH2_MSG_KEXDH_GEX_INIT', 33 => 'NET_SSH2_MSG_KEXDH_GEX_REPLY', 34 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST') ); if (is_resource($host)) { $this->fsock = $host; return; } if (is_string($host)) { $this->host = $host; $this->port = $port; $this->timeout = $timeout; } } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @param mixed $host * @param int $port * @param int $timeout * @access public / function Net_SSH2($host, $port = 22, $timeout = 10) { $this->__construct($host, $port, $timeout); } /* * Set Crypto Engine Mode * * Possible $engine values: * CRYPT_MODE_INTERNAL, CRYPT_MODE_MCRYPT * * @param int $engine * @access public / function setCryptoEngine($engine) { $this->crypto_engine = $engine; } /* * Send Identification String First * * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, * both sides MUST send an identification string". It does not say which side sends it first. In * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy * * @access public / function sendIdentificationStringFirst() { $this->send_id_string_first = true; } /* * Send Identification String Last * * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, * both sides MUST send an identification string". It does not say which side sends it first. In * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy * * @access public / function sendIdentificationStringLast() { $this->send_id_string_first = false; } /* * Send SSH_MSG_KEXINIT First * * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy * * @access public / function sendKEXINITFirst() { $this->send_kex_first = true; } /* * Send SSH_MSG_KEXINIT Last * * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy * * @access public / function sendKEXINITLast() { $this->send_kex_first = false; } /* * Connect to an SSHv2 server * * @return bool * @access private / function _connect() { if ($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) { return false; } $this->bitmap \|= NET_SSH2_MASK_CONSTRUCTOR; $this->curTimeout = $this->timeout; $this->last_packet = strtok(microtime(), ' ') + strtok(''); // == microtime(true) in PHP5 if (!is_resource($this->fsock)) { $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 // with stream_select a timeout of 0 means that no timeout takes place; // with fsockopen a timeout of 0 means that you instantly timeout // to resolve this incompatibility a timeout of 100,000 will be used for fsockopen if timeout is 0 $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->curTimeout == 0 ? 100000 : $this->curTimeout); if (!$this->fsock) { $host = $this->host . ':' . $this->port; user_error(rtrim("Cannot connect to $host. Error $errno. $errstr")); return false; } $elapsed = strtok(microtime(), ' ') + strtok('') - $start; if ($this->curTimeout) { $this->curTimeout-= $elapsed; if ($this->curTimeout < 0) { $this->is_timeout = true; return false; } } } $this->identifier = $this->_generate_identifier(); if ($this->send_id_string_first) { fputs($this->fsock, $this->identifier . "\r\n"); } / According to the SSH2 specs, "The server MAY send other lines of data before sending the version string. Each line SHOULD be terminated by a Carriage Return and Line Feed. Such lines MUST NOT begin with "SSH-", and SHOULD be encoded in ISO-10646 UTF-8 [RFC3629] (language is not specified). Clients MUST be able to process such lines." / $temp = ''; $extra = ''; while (!feof($this->fsock) && !preg_match('#^SSH-(\d\.\d+)#', $temp, $matches)) { if (substr($temp, -2) == "\r\n") { $extra.= $temp; $temp = ''; } if ($this->curTimeout) { if ($this->curTimeout < 0) { $this->is_timeout = true; return false; } $read = array($this->fsock); $write = $except = null; $start = strtok(microtime(), ' ') + strtok(''); $sec = floor($this->curTimeout); $usec = 1000000 ($this->curTimeout - $sec); // on windows this returns a "Warning: Invalid CRT parameters detected" error // the !count() is done as a workaround for <https://bugs.php.net/42682> if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { $this->is_timeout = true; return false; } $elapsed = strtok(microtime(), ' ') + strtok('') - $start; $this->curTimeout-= $elapsed; } $temp.= fgets($this->fsock, 255); } if (feof($this->fsock)) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (defined('NET_SSH2_LOGGING')) { $this->_append_log('<-', $extra . $temp); $this->_append_log('->', $this->identifier . "\r\n"); } $this->server_identifier = trim($temp, "\r\n"); if (strlen($extra)) { $this->errors[] = $extra; } if (version_compare($matches[1], '1.99', '<')) { user_error("Cannot connect to SSH $matches[1] servers"); return false; } if (!$this->send_id_string_first) { fputs($this->fsock, $this->identifier . "\r\n"); } if (!$this->send_kex_first) { $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response) \|\| ord($response[0]) != NET_SSH2_MSG_KEXINIT) { user_error('Expected SSH_MSG_KEXINIT'); return false; } if (!$this->_key_exchange($response)) { return false; } } if ($this->send_kex_first && !$this->_key_exchange()) { return false; } $this->bitmap\|= NET_SSH2_MASK_CONNECTED; return true; } /** * Generates the SSH identifier * * You should overwrite this method in your own class if you want to use another identifier * * @access protected * @return string / function _generate_identifier() { $identifier = 'SSH-2.0-phpseclib_1.0'; $ext = array(); if (extension_loaded('openssl')) { $ext[] = 'openssl'; } elseif (extension_loaded('mcrypt')) { $ext[] = 'mcrypt'; } if (extension_loaded('gmp')) { $ext[] = 'gmp'; } elseif (extension_loaded('bcmath')) { $ext[] = 'bcmath'; } if (!empty($ext)) { $identifier .= ' (' . implode(', ', $ext) . ')'; } return $identifier; } /* * Key Exchange * * @param string $kexinit_payload_server optional * @access private / function _key_exchange($kexinit_payload_server = false) { $preferred = $this->preferred; $kex_algorithms = isset($preferred['kex']) ? $preferred['kex'] : $this->getSupportedKEXAlgorithms(); $server_host_key_algorithms = isset($preferred['hostkey']) ? $preferred['hostkey'] : $this->getSupportedHostKeyAlgorithms(); $s2c_encryption_algorithms = isset($preferred['server_to_client']['crypt']) ? $preferred['server_to_client']['crypt'] : $this->getSupportedEncryptionAlgorithms(); $c2s_encryption_algorithms = isset($preferred['client_to_server']['crypt']) ? $preferred['client_to_server']['crypt'] : $this->getSupportedEncryptionAlgorithms(); $s2c_mac_algorithms = isset($preferred['server_to_client']['mac']) ? $preferred['server_to_client']['mac'] : $this->getSupportedMACAlgorithms(); $c2s_mac_algorithms = isset($preferred['client_to_server']['mac']) ? $preferred['client_to_server']['mac'] : $this->getSupportedMACAlgorithms(); $s2c_compression_algorithms = isset($preferred['server_to_client']['comp']) ? $preferred['server_to_client']['comp'] : $this->getSupportedCompressionAlgorithms(); $c2s_compression_algorithms = isset($preferred['client_to_server']['comp']) ? $preferred['client_to_server']['comp'] : $this->getSupportedCompressionAlgorithms(); // some SSH servers have buggy implementations of some of the above algorithms switch (true) { case $this->server_identifier == 'SSH-2.0-SSHD': case substr($this->server_identifier, 0, 13) == 'SSH-2.0-DLINK': if (!isset($preferred['server_to_client']['mac'])) { $s2c_mac_algorithms = array_values(array_diff( $s2c_mac_algorithms, array('hmac-sha1-96', 'hmac-md5-96') )); } if (!isset($preferred['client_to_server']['mac'])) { $c2s_mac_algorithms = array_values(array_diff( $c2s_mac_algorithms, array('hmac-sha1-96', 'hmac-md5-96') )); } } $str_kex_algorithms = implode(',', $kex_algorithms); $str_server_host_key_algorithms = implode(',', $server_host_key_algorithms); $encryption_algorithms_server_to_client = implode(',', $s2c_encryption_algorithms); $encryption_algorithms_client_to_server = implode(',', $c2s_encryption_algorithms); $mac_algorithms_server_to_client = implode(',', $s2c_mac_algorithms); $mac_algorithms_client_to_server = implode(',', $c2s_mac_algorithms); $compression_algorithms_server_to_client = implode(',', $s2c_compression_algorithms); $compression_algorithms_client_to_server = implode(',', $c2s_compression_algorithms); $client_cookie = crypt_random_string(16); $kexinit_payload_client = pack( 'CaNaNaNaNaNaNaNaNaNaNaCN', NET_SSH2_MSG_KEXINIT, $client_cookie, strlen($str_kex_algorithms), $str_kex_algorithms, strlen($str_server_host_key_algorithms), $str_server_host_key_algorithms, strlen($encryption_algorithms_client_to_server), $encryption_algorithms_client_to_server, strlen($encryption_algorithms_server_to_client), $encryption_algorithms_server_to_client, strlen($mac_algorithms_client_to_server), $mac_algorithms_client_to_server, strlen($mac_algorithms_server_to_client), $mac_algorithms_server_to_client, strlen($compression_algorithms_client_to_server), $compression_algorithms_client_to_server, strlen($compression_algorithms_server_to_client), $compression_algorithms_server_to_client, 0, '', 0, '', 0, 0 ); if ($this->send_kex_first) { if (!$this->_send_binary_packet($kexinit_payload_client)) { return false; } $kexinit_payload_server = $this->_get_binary_packet(); if ($kexinit_payload_server === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($kexinit_payload_server) \|\| ord($kexinit_payload_server[0]) != NET_SSH2_MSG_KEXINIT) { user_error('Expected SSH_MSG_KEXINIT'); return false; } } $response = $kexinit_payload_server; $this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT) $server_cookie = $this->_string_shift($response, 16); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->kex_algorithms = explode(',', $this->_string_shift($response, $temp['length'])); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length'])); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->encryption_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->encryption_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->mac_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->mac_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->compression_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->compression_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->languages_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->languages_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); if (!strlen($response)) { return false; } extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1))); $first_kex_packet_follows = $first_kex_packet_follows != 0; if (!$this->send_kex_first && !$this->_send_binary_packet($kexinit_payload_client)) { return false; } // we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the // diffie-hellman key exchange as fast as possible $decrypt = $this->_array_intersect_first($s2c_encryption_algorithms, $this->encryption_algorithms_server_to_client); $decryptKeyLength = $this->_encryption_algorithm_to_key_size($decrypt); if ($decryptKeyLength === null) { user_error('No compatible server to client encryption algorithms found'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } $encrypt = $this->_array_intersect_first($c2s_encryption_algorithms, $this->encryption_algorithms_client_to_server); $encryptKeyLength = $this->_encryption_algorithm_to_key_size($encrypt); if ($encryptKeyLength === null) { user_error('No compatible client to server encryption algorithms found'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } $keyLength = $decryptKeyLength > $encryptKeyLength ? $decryptKeyLength : $encryptKeyLength; // through diffie-hellman key exchange a symmetric key is obtained $this->kex_algorithm = $kex_algorithm = $this->_array_intersect_first($kex_algorithms, $this->kex_algorithms); if ($kex_algorithm === false) { user_error('No compatible key exchange algorithms found'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } if (strpos($kex_algorithm, 'diffie-hellman-group-exchange') === 0) { $dh_group_sizes_packed = pack( 'NNN', $this->kex_dh_group_size_min, $this->kex_dh_group_size_preferred, $this->kex_dh_group_size_max ); $packet = pack( 'Ca', NET_SSH2_MSG_KEXDH_GEX_REQUEST, $dh_group_sizes_packed ); if (!$this->_send_binary_packet($packet)) { return false; } $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response)) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) { user_error('Expected SSH_MSG_KEX_DH_GEX_GROUP'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('NprimeLength', $this->_string_shift($response, 4))); $primeBytes = $this->_string_shift($response, $primeLength); $prime = new Math_BigInteger($primeBytes, -256); if (strlen($response) < 4) { return false; } extract(unpack('NgLength', $this->_string_shift($response, 4))); $gBytes = $this->_string_shift($response, $gLength); $g = new Math_BigInteger($gBytes, -256); $exchange_hash_rfc4419 = pack( 'aNaNa', $dh_group_sizes_packed, $primeLength, $primeBytes, $gLength, $gBytes ); $clientKexInitMessage = NET_SSH2_MSG_KEXDH_GEX_INIT; $serverKexReplyMessage = NET_SSH2_MSG_KEXDH_GEX_REPLY; } else { switch ($kex_algorithm) { // see http://tools.ietf.org/html/rfc2409#section-6.2 and // http://tools.ietf.org/html/rfc2412, appendex E case 'diffie-hellman-group1-sha1': $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF'; break; // see http://tools.ietf.org/html/rfc3526#section-3 case 'diffie-hellman-group14-sha1': $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . '3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF'; break; } // For both diffie-hellman-group1-sha1 and diffie-hellman-group14-sha1 // the generator field element is 2 (decimal) and the hash function is sha1. $g = new Math_BigInteger(2); $prime = new Math_BigInteger($prime, 16); $exchange_hash_rfc4419 = ''; $clientKexInitMessage = NET_SSH2_MSG_KEXDH_INIT; $serverKexReplyMessage = NET_SSH2_MSG_KEXDH_REPLY; } switch ($kex_algorithm) { case 'diffie-hellman-group-exchange-sha256': $kexHash = new Crypt_Hash('sha256'); break; default: $kexHash = new Crypt_Hash('sha1'); } /* To increase the speed of the key exchange, both client and server may reduce the size of their private exponents. It should be at least twice as long as the key material that is generated from the shared secret. For more details, see the paper by van Oorschot and Wiener [VAN-OORSCHOT]. -- http://tools.ietf.org/html/rfc4419#section-6.2 / $one = new Math_BigInteger(1); $keyLength = min($keyLength, $kexHash->getLength()); $max = $one->bitwise_leftShift(16 $keyLength); // 2 * 8 * $keyLength $max = $max->subtract($one); $x = $one->random($one, $max); $e = $g->modPow($x, $prime); $eBytes = $e->toBytes(true); $data = pack('CNa', $clientKexInitMessage, strlen($eBytes), $eBytes); if (!$this->_send_binary_packet($data)) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response)) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != $serverKexReplyMessage) { user_error('Expected SSH_MSG_KEXDH_REPLY'); return false; } if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->server_public_host_key = $server_public_host_key = $this->_string_shift($response, $temp['length']); if (strlen($server_public_host_key) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $public_key_format = $this->_string_shift($server_public_host_key, $temp['length']); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $fBytes = $this->_string_shift($response, $temp['length']); $f = new Math_BigInteger($fBytes, -256); if (strlen($response) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($response, 4)); $this->signature = $this->_string_shift($response, $temp['length']); if (strlen($this->signature) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($this->signature, 4)); $this->signature_format = $this->_string_shift($this->signature, $temp['length']); $key = $f->modPow($x, $prime); $keyBytes = $key->toBytes(true); $this->exchange_hash = pack( 'NaNaNaNaNaaNaNaNa', strlen($this->identifier), $this->identifier, strlen($this->server_identifier), $this->server_identifier, strlen($kexinit_payload_client), $kexinit_payload_client, strlen($kexinit_payload_server), $kexinit_payload_server, strlen($this->server_public_host_key), $this->server_public_host_key, $exchange_hash_rfc4419, strlen($eBytes), $eBytes, strlen($fBytes), $fBytes, strlen($keyBytes), $keyBytes ); $this->exchange_hash = $kexHash->hash($this->exchange_hash); if ($this->session_id === false) { $this->session_id = $this->exchange_hash; } $server_host_key_algorithm = $this->_array_intersect_first($server_host_key_algorithms, $this->server_host_key_algorithms); if ($server_host_key_algorithm === false) { user_error('No compatible server host key algorithms found'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } switch ($server_host_key_algorithm) { case 'ssh-dss': $expected_key_format = 'ssh-dss'; break; //case 'rsa-sha2-256': //case 'rsa-sha2-512': //case 'ssh-rsa': default: $expected_key_format = 'ssh-rsa'; } if ($public_key_format != $expected_key_format \|\| $this->signature_format != $server_host_key_algorithm) { switch (true) { case $this->signature_format == $server_host_key_algorithm: case $server_host_key_algorithm != 'rsa-sha2-256' && $server_host_key_algorithm != 'rsa-sha2-512': case $this->signature_format != 'ssh-rsa': user_error('Server Host Key Algorithm Mismatch'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } } $packet = pack( 'C', NET_SSH2_MSG_NEWKEYS ); if (!$this->_send_binary_packet($packet)) { return false; } $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response)) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != NET_SSH2_MSG_NEWKEYS) { user_error('Expected SSH_MSG_NEWKEYS'); return false; } $this->encrypt = $this->_encryption_algorithm_to_crypt_instance($encrypt); $this->decrypt = $this->_encryption_algorithm_to_crypt_instance($decrypt); $keyBytes = pack('Na', strlen($keyBytes), $keyBytes); if ($this->encrypt) { if ($this->crypto_engine) { $this->encrypt->setPreferredEngine($this->crypto_engine); } $this->encrypt->enableContinuousBuffer(); $this->encrypt->disablePadding(); if ($this->encrypt->getBlockLength()) { $this->encrypt_block_size = $this->encrypt->getBlockLength() >> 3; } $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id); while ($this->encrypt_block_size > strlen($iv)) { $iv.= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); } $this->encrypt->setIV(substr($iv, 0, $this->encrypt_block_size)); $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'C' . $this->session_id); while ($encryptKeyLength > strlen($key)) { $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); } $this->encrypt->setKey(substr($key, 0, $encryptKeyLength)); $this->encrypt->name = $decrypt; } if ($this->decrypt) { if ($this->crypto_engine) { $this->decrypt->setPreferredEngine($this->crypto_engine); } $this->decrypt->enableContinuousBuffer(); $this->decrypt->disablePadding(); if ($this->decrypt->getBlockLength()) { $this->decrypt_block_size = $this->decrypt->getBlockLength() >> 3; } $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id); while ($this->decrypt_block_size > strlen($iv)) { $iv.= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); } $this->decrypt->setIV(substr($iv, 0, $this->decrypt_block_size)); $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'D' . $this->session_id); while ($decryptKeyLength > strlen($key)) { $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); } $this->decrypt->setKey(substr($key, 0, $decryptKeyLength)); $this->decrypt->name = $decrypt; } / The "arcfour128" algorithm is the RC4 cipher, as described in [SCHNEIER], using a 128-bit key. The first 1536 bytes of keystream generated by the cipher MUST be discarded, and the first byte of the first encrypted packet MUST be encrypted using the 1537th byte of keystream. -- http://tools.ietf.org/html/rfc4345#section-4 / if ($encrypt == 'arcfour128' \|\| $encrypt == 'arcfour256') { $this->encrypt->encrypt(str_repeat("\0", 1536)); } if ($decrypt == 'arcfour128' \|\| $decrypt == 'arcfour256') { $this->decrypt->decrypt(str_repeat("\0", 1536)); } $mac_algorithm = $this->_array_intersect_first($c2s_mac_algorithms, $this->mac_algorithms_client_to_server); if ($mac_algorithm === false) { user_error('No compatible client to server message authentication algorithms found'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } $createKeyLength = 0; // ie. $mac_algorithm == 'none' switch ($mac_algorithm) { case 'hmac-sha2-256': $this->hmac_create = new Crypt_Hash('sha256'); $createKeyLength = 32; break; case 'hmac-sha1': $this->hmac_create = new Crypt_Hash('sha1'); $createKeyLength = 20; break; case 'hmac-sha1-96': $this->hmac_create = new Crypt_Hash('sha1-96'); $createKeyLength = 20; break; case 'hmac-md5': $this->hmac_create = new Crypt_Hash('md5'); $createKeyLength = 16; break; case 'hmac-md5-96': $this->hmac_create = new Crypt_Hash('md5-96'); $createKeyLength = 16; } $this->hmac_create->name = $mac_algorithm; $mac_algorithm = $this->_array_intersect_first($s2c_mac_algorithms, $this->mac_algorithms_server_to_client); if ($mac_algorithm === false) { user_error('No compatible server to client message authentication algorithms found'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } $checkKeyLength = 0; $this->hmac_size = 0; switch ($mac_algorithm) { case 'hmac-sha2-256': $this->hmac_check = new Crypt_Hash('sha256'); $checkKeyLength = 32; $this->hmac_size = 32; break; case 'hmac-sha1': $this->hmac_check = new Crypt_Hash('sha1'); $checkKeyLength = 20; $this->hmac_size = 20; break; case 'hmac-sha1-96': $this->hmac_check = new Crypt_Hash('sha1-96'); $checkKeyLength = 20; $this->hmac_size = 12; break; case 'hmac-md5': $this->hmac_check = new Crypt_Hash('md5'); $checkKeyLength = 16; $this->hmac_size = 16; break; case 'hmac-md5-96': $this->hmac_check = new Crypt_Hash('md5-96'); $checkKeyLength = 16; $this->hmac_size = 12; } $this->hmac_check->name = $mac_algorithm; $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'E' . $this->session_id); while ($createKeyLength > strlen($key)) { $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); } $this->hmac_create->setKey(substr($key, 0, $createKeyLength)); $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'F' . $this->session_id); while ($checkKeyLength > strlen($key)) { $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); } $this->hmac_check->setKey(substr($key, 0, $checkKeyLength)); $compression_algorithm = $this->_array_intersect_first($c2s_compression_algorithms, $this->compression_algorithms_client_to_server); if ($compression_algorithm === false) { user_error('No compatible client to server compression algorithms found'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } //$this->decompress = $compression_algorithm == 'zlib'; $compression_algorithm = $this->_array_intersect_first($s2c_compression_algorithms, $this->compression_algorithms_client_to_server); if ($compression_algorithm === false) { user_error('No compatible server to client compression algorithms found'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } //$this->compress = $compression_algorithm == 'zlib'; return true; } /* * Maps an encryption algorithm name to the number of key bytes. * * @param string $algorithm Name of the encryption algorithm * @return int\|null Number of bytes as an integer or null for unknown * @access private / function _encryption_algorithm_to_key_size($algorithm) { if ($this->bad_key_size_fix && $this->_bad_algorithm_candidate($algorithm)) { return 16; } switch ($algorithm) { case 'none': return 0; case 'aes128-cbc': case 'aes128-ctr': case 'arcfour': case 'arcfour128': case 'blowfish-cbc': case 'blowfish-ctr': case 'twofish128-cbc': case 'twofish128-ctr': return 16; case '3des-cbc': case '3des-ctr': case 'aes192-cbc': case 'aes192-ctr': case 'twofish192-cbc': case 'twofish192-ctr': return 24; case 'aes256-cbc': case 'aes256-ctr': case 'arcfour256': case 'twofish-cbc': case 'twofish256-cbc': case 'twofish256-ctr': return 32; } return null; } /* * Maps an encryption algorithm name to an instance of a subclass of * \phpseclib\Crypt\Base. * * @param string $algorithm Name of the encryption algorithm * @return mixed Instance of \phpseclib\Crypt\Base or null for unknown * @access private / function _encryption_algorithm_to_crypt_instance($algorithm) { switch ($algorithm) { case '3des-cbc': if (!class_exists('Crypt_TripleDES')) { include_once 'Crypt/TripleDES.php'; } return new Crypt_TripleDES(); break; case '3des-ctr': if (!class_exists('Crypt_TripleDES')) { include_once 'Crypt/TripleDES.php'; } return new Crypt_TripleDES(CRYPT_DES_MODE_CTR); break; case 'aes256-cbc': case 'aes192-cbc': case 'aes128-cbc': if (!class_exists('Crypt_Rijndael')) { include_once 'Crypt/Rijndael.php'; } return new Crypt_Rijndael(); break; case 'aes256-ctr': case 'aes192-ctr': case 'aes128-ctr': if (!class_exists('Crypt_Rijndael')) { include_once 'Crypt/Rijndael.php'; } return new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_CTR); $this->encrypt_block_size = 16; // eg. 128 / 8 break; case 'blowfish-cbc': if (!class_exists('Crypt_Blowfish')) { include_once 'Crypt/Blowfish.php'; } return new Crypt_Blowfish(); break; case 'blowfish-ctr': if (!class_exists('Crypt_Blowfish')) { include_once 'Crypt/Blowfish.php'; } return new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR); break; case 'twofish128-cbc': case 'twofish192-cbc': case 'twofish256-cbc': case 'twofish-cbc': if (!class_exists('Crypt_Twofish')) { include_once 'Crypt/Twofish.php'; } return new Crypt_Twofish(); break; case 'twofish128-ctr': case 'twofish192-ctr': case 'twofish256-ctr': if (!class_exists('Crypt_Twofish')) { include_once 'Crypt/Twofish.php'; } return new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR); break; case 'arcfour': case 'arcfour128': case 'arcfour256': if (!class_exists('Crypt_RC4')) { include_once 'Crypt/RC4.php'; } return new Crypt_RC4(); break; case 'none': //return new Crypt_Null(); } return null; } /* * Tests whether or not proposed algorithm has a potential for issues * * @link https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-openssh.html * @link https://bugzilla.mindrot.org/show_bug.cgi?id=1291 * @param string $algorithm Name of the encryption algorithm * @return bool * @access private / function _bad_algorithm_candidate($algorithm) { switch ($algorithm) { case 'arcfour256': case 'aes192-ctr': case 'aes256-ctr': return true; } return false; } /* * Login * * The $password parameter can be a plaintext password, a Crypt_RSA object or an array * * @param string $username * @param mixed $password * @param mixed $... * @return bool * @see self::_login() * @access public / function login($username) { $args = func_get_args(); $this->auth[] = $args; return call_user_func_array(array(&$this, '_login'), $args); } /* * Login Helper * * @param string $username * @param mixed $password * @param mixed $... * @return bool * @see self::_login_helper() * @access private / function _login($username) { if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) { if (!$this->_connect()) { return false; } } $args = array_slice(func_get_args(), 1); if (empty($args)) { return $this->_login_helper($username); } foreach ($args as $arg) { if ($this->_login_helper($username, $arg)) { return true; } } return false; } /* * Login Helper * * @param string $username * @param string $password * @return bool * @access private * @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} * by sending dummy SSH_MSG_IGNORE messages. / function _login_helper($username, $password = null) { if (!($this->bitmap & NET_SSH2_MASK_CONNECTED)) { return false; } if (!($this->bitmap & NET_SSH2_MASK_LOGIN_REQ)) { $packet = pack( 'CNa', NET_SSH2_MSG_SERVICE_REQUEST, strlen('ssh-userauth'), 'ssh-userauth' ); if (!$this->_send_binary_packet($packet)) { return false; } $response = $this->_get_binary_packet(); if ($response === false) { if ($this->retry_connect) { $this->retry_connect = false; if (!$this->_connect()) { return false; } return $this->_login_helper($username, $password); } $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) { user_error('Expected SSH_MSG_SERVICE_ACCEPT'); return false; } $this->bitmap \|= NET_SSH2_MASK_LOGIN_REQ; } if (strlen($this->last_interactive_response)) { return !is_string($password) && !is_array($password) ? false : $this->_keyboard_interactive_process($password); } // although PHP5's get_class() preserves the case, PHP4's does not if (is_object($password)) { switch (strtolower(get_class($password))) { case 'crypt_rsa': return $this->_privatekey_login($username, $password); case 'system_ssh_agent': return $this->_ssh_agent_login($username, $password); } } if (is_array($password)) { if ($this->_keyboard_interactive_login($username, $password)) { $this->bitmap \|= NET_SSH2_MASK_LOGIN; return true; } return false; } if (!isset($password)) { $packet = pack( 'CNaNaNa', NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection', strlen('none'), 'none' ); if (!$this->_send_binary_packet($packet)) { return false; } $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response)) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { case NET_SSH2_MSG_USERAUTH_SUCCESS: $this->bitmap \|= NET_SSH2_MASK_LOGIN; return true; //case NET_SSH2_MSG_USERAUTH_FAILURE: default: return false; } } $packet = pack( 'CNaNaNaCNa', NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection', strlen('password'), 'password', 0, strlen($password), $password ); // remove the username and password from the logged packet if (!defined('NET_SSH2_LOGGING')) { $logged = null; } else { $logged = pack( 'CNaNaNaCNa', NET_SSH2_MSG_USERAUTH_REQUEST, strlen('username'), 'username', strlen('ssh-connection'), 'ssh-connection', strlen('password'), 'password', 0, strlen('password'), 'password' ); } if (!$this->_send_binary_packet($packet, $logged)) { return false; } $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response)) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed if (defined('NET_SSH2_LOGGING')) { $this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'; } if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . $this->_string_shift($response, $length); return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER); case NET_SSH2_MSG_USERAUTH_FAILURE: // can we use keyboard-interactive authentication? if not then either the login is bad or the server employees // multi-factor authentication if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $auth_methods = explode(',', $this->_string_shift($response, $length)); if (!strlen($response)) { return false; } extract(unpack('Cpartial_success', $this->_string_shift($response, 1))); $partial_success = $partial_success != 0; if (!$partial_success && in_array('keyboard-interactive', $auth_methods)) { if ($this->_keyboard_interactive_login($username, $password)) { $this->bitmap \|= NET_SSH2_MASK_LOGIN; return true; } return false; } return false; case NET_SSH2_MSG_USERAUTH_SUCCESS: $this->bitmap \|= NET_SSH2_MASK_LOGIN; return true; } return false; } /* * Login via keyboard-interactive authentication * * See {@link http://tools.ietf.org/html/rfc4256 RFC4256} for details. This is not a full-featured keyboard-interactive authenticator. * * @param string $username * @param string $password * @return bool * @access private / function _keyboard_interactive_login($username, $password) { $packet = pack( 'CNaNaNaNaNa', NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection', strlen('keyboard-interactive'), 'keyboard-interactive', 0, '', 0, '' ); if (!$this->_send_binary_packet($packet)) { return false; } return $this->_keyboard_interactive_process($password); } /** * Handle the keyboard-interactive requests / responses. * * @param string $responses... * @return bool * @access private / function _keyboard_interactive_process() { $responses = func_get_args(); if (strlen($this->last_interactive_response)) { $response = $this->last_interactive_response; } else { $orig = $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } } if (!strlen($response)) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { case NET_SSH2_MSG_USERAUTH_INFO_REQUEST: if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->_string_shift($response, $length); // name; may be empty if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->_string_shift($response, $length); // instruction; may be empty if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->_string_shift($response, $length); // language tag; may be empty if (strlen($response) < 4) { return false; } extract(unpack('Nnum_prompts', $this->_string_shift($response, 4))); for ($i = 0; $i < count($responses); $i++) { if (is_array($responses[$i])) { foreach ($responses[$i] as $key => $value) { $this->keyboard_requests_responses[$key] = $value; } unset($responses[$i]); } } $responses = array_values($responses); if (isset($this->keyboard_requests_responses)) { for ($i = 0; $i < $num_prompts; $i++) { if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); // prompt - ie. "Password: "; must not be empty $prompt = $this->_string_shift($response, $length); //$echo = $this->_string_shift($response) != chr(0); foreach ($this->keyboard_requests_responses as $key => $value) { if (substr($prompt, 0, strlen($key)) == $key) { $responses[] = $value; break; } } } } // see http://tools.ietf.org/html/rfc4256#section-3.2 if (strlen($this->last_interactive_response)) { $this->last_interactive_response = ''; } elseif (defined('NET_SSH2_LOGGING')) { $this->message_number_log[count($this->message_number_log) - 1] = str_replace( 'UNKNOWN', 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST', $this->message_number_log[count($this->message_number_log) - 1] ); } if (!count($responses) && $num_prompts) { $this->last_interactive_response = $orig; return false; } / After obtaining the requested information from the user, the client MUST respond with an SSH_MSG_USERAUTH_INFO_RESPONSE message. / // see http://tools.ietf.org/html/rfc4256#section-3.4 $packet = $logged = pack('CN', NET_SSH2_MSG_USERAUTH_INFO_RESPONSE, count($responses)); for ($i = 0; $i < count($responses); $i++) { $packet.= pack('Na', strlen($responses[$i]), $responses[$i]); $logged.= pack('Na', strlen('dummy-answer'), 'dummy-answer'); } if (!$this->_send_binary_packet($packet, $logged)) { return false; } if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { $this->message_number_log[count($this->message_number_log) - 1] = str_replace( 'UNKNOWN', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE', $this->message_number_log[count($this->message_number_log) - 1] ); } / After receiving the response, the server MUST send either an SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, or another SSH_MSG_USERAUTH_INFO_REQUEST message. / // maybe phpseclib should force close the connection after x request / responses? unless something like that is done // there could be an infinite loop of request / responses. return $this->_keyboard_interactive_process(); case NET_SSH2_MSG_USERAUTH_SUCCESS: return true; case NET_SSH2_MSG_USERAUTH_FAILURE: return false; } return false; } /* * Login with an ssh-agent provided key * * @param string $username * @param System_SSH_Agent $agent * @return bool * @access private / function _ssh_agent_login($username, $agent) { $this->agent = $agent; $keys = $agent->requestIdentities(); foreach ($keys as $key) { if ($this->_privatekey_login($username, $key)) { return true; } } return false; } /* * Login with an RSA private key * * @param string $username * @param Crypt_RSA $password * @return bool * @access private * @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} * by sending dummy SSH_MSG_IGNORE messages. / function _privatekey_login($username, $privatekey) { // see http://tools.ietf.org/html/rfc4253#page-15 $publickey = $privatekey->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_RAW); if ($publickey === false) { return false; } $publickey = array( 'e' => $publickey['e']->toBytes(true), 'n' => $publickey['n']->toBytes(true) ); $publickey = pack( 'NaNaNa', strlen('ssh-rsa'), 'ssh-rsa', strlen($publickey['e']), $publickey['e'], strlen($publickey['n']), $publickey['n'] ); switch ($this->signature_format) { case 'rsa-sha2-512': $hash = 'sha512'; $signatureType = 'rsa-sha2-512'; break; case 'rsa-sha2-256': $hash = 'sha256'; $signatureType = 'rsa-sha2-256'; break; //case 'ssh-rsa': default: $hash = 'sha1'; $signatureType = 'ssh-rsa'; } $part1 = pack( 'CNaNaNa', NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection', strlen('publickey'), 'publickey' ); $part2 = pack('NaNa', strlen($signatureType), $signatureType, strlen($publickey), $publickey); $packet = $part1 . chr(0) . $part2; if (!$this->_send_binary_packet($packet)) { return false; } $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response)) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { case NET_SSH2_MSG_USERAUTH_FAILURE: if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . $this->_string_shift($response, $length); return false; case NET_SSH2_MSG_USERAUTH_PK_OK: // we'll just take it on faith that the public key blob and the public key algorithm name are as // they should be if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { $this->message_number_log[count($this->message_number_log) - 1] = str_replace( 'UNKNOWN', 'NET_SSH2_MSG_USERAUTH_PK_OK', $this->message_number_log[count($this->message_number_log) - 1] ); } } $packet = $part1 . chr(1) . $part2; $privatekey->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); $privatekey->setHash($hash); $signature = $privatekey->sign(pack('Naa', strlen($this->session_id), $this->session_id, $packet)); $signature = pack('NaNa', strlen($signatureType), $signatureType, strlen($signature), $signature); $packet.= pack('Na', strlen($signature), $signature); if (!$this->_send_binary_packet($packet)) { return false; } $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response)) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); switch ($type) { case NET_SSH2_MSG_USERAUTH_FAILURE: // either the login is bad or the server employs multi-factor authentication return false; case NET_SSH2_MSG_USERAUTH_SUCCESS: $this->bitmap \|= NET_SSH2_MASK_LOGIN; return true; } return false; } /** * Set Timeout * * $ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. * Setting $timeout to false or 0 will mean there is no timeout. * * @param mixed $timeout * @access public / function setTimeout($timeout) { $this->timeout = $this->curTimeout = $timeout; } /* * Get the output from stdError * * @access public / function getStdError() { return $this->stdErrorLog; } /* * Execute Command * * If $callback is set to false then Net_SSH2::_get_channel_packet(NET_SSH2_CHANNEL_EXEC) will need to be called manually. * In all likelihood, this is not a feature you want to be taking advantage of. * * @param string $command * @param Callback $callback * @return string * @access public / function exec($command, $callback = null) { $this->curTimeout = $this->timeout; $this->is_timeout = false; $this->stdErrorLog = ''; if (!$this->isAuthenticated()) { return false; } if ($this->in_request_pty_exec) { user_error('If you want to run multiple exec()\'s you will need to disable (and re-enable if appropriate) a PTY for each one.'); return false; } // RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to // be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but, // honestly, if you're transferring more than 2GB, you probably shouldn't be using phpseclib, anyway. // see http://tools.ietf.org/html/rfc4254#section-5.2 for more info $this->window_size_server_to_client[NET_SSH2_CHANNEL_EXEC] = $this->window_size; // 0x8000 is the maximum max packet size, per http://tools.ietf.org/html/rfc4253#section-6.1, although since PuTTy // uses 0x4000, that's what will be used here, as well. $packet_size = 0x4000; $packet = pack( 'CNaN3', NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SSH2_CHANNEL_EXEC, $this->window_size_server_to_client[NET_SSH2_CHANNEL_EXEC], $packet_size ); if (!$this->_send_binary_packet($packet)) { return false; } $this->channel_status[NET_SSH2_CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_OPEN; $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_EXEC); if ($response === false) { return false; } if ($this->request_pty === true) { $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); $packet = pack( 'CNNaCNaN5a', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_EXEC], strlen('pty-req'), 'pty-req', 1, strlen('vt100'), 'vt100', $this->windowColumns, $this->windowRows, 0, 0, strlen($terminal_modes), $terminal_modes ); if (!$this->_send_binary_packet($packet)) { return false; } $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response)) { return false; } list(, $type) = unpack('C', $this->_string_shift($response, 1)); switch ($type) { case NET_SSH2_MSG_CHANNEL_SUCCESS: break; case NET_SSH2_MSG_CHANNEL_FAILURE: default: user_error('Unable to request pseudo-terminal'); return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } $this->in_request_pty_exec = true; } // sending a pty-req SSH_MSG_CHANNEL_REQUEST message is unnecessary and, in fact, in most cases, slows things // down. the one place where it might be desirable is if you're doing something like Net_SSH2::exec('ping localhost &'). // with a pty-req SSH_MSG_CHANNEL_REQUEST, exec() will return immediately and the ping process will then // then immediately terminate. without such a request exec() will loop indefinitely. the ping process won't end but // neither will your script. // although, in theory, the size of SSH_MSG_CHANNEL_REQUEST could exceed the maximum packet size established by // SSH_MSG_CHANNEL_OPEN_CONFIRMATION, RFC4254#section-5.1 states that the "maximum packet size" refers to the // "maximum size of an individual data packet". ie. SSH_MSG_CHANNEL_DATA. RFC4254#section-5.2 corroborates. $packet = pack( 'CNNaCNa', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_EXEC], strlen('exec'), 'exec', 1, strlen($command), $command ); if (!$this->_send_binary_packet($packet)) { return false; } $this->channel_status[NET_SSH2_CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_REQUEST; $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_EXEC); if ($response === false) { return false; } $this->channel_status[NET_SSH2_CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_DATA; if ($callback === false \|\| $this->in_request_pty_exec) { return true; } $output = ''; while (true) { $temp = $this->_get_channel_packet(NET_SSH2_CHANNEL_EXEC); switch (true) { case $temp === true: return is_callable($callback) ? true : $output; case $temp === false: return false; default: if (is_callable($callback)) { if (call_user_func($callback, $temp) === true) { $this->_close_channel(NET_SSH2_CHANNEL_EXEC); return true; } } else { $output.= $temp; } } } } /* * Creates an interactive shell * * @see self::read() * @see self::write() * @return bool * @access private / function _initShell() { if ($this->in_request_pty_exec === true) { return true; } $this->window_size_server_to_client[NET_SSH2_CHANNEL_SHELL] = $this->window_size; $packet_size = 0x4000; $packet = pack( 'CNaN3', NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SSH2_CHANNEL_SHELL, $this->window_size_server_to_client[NET_SSH2_CHANNEL_SHELL], $packet_size ); if (!$this->_send_binary_packet($packet)) { return false; } $this->channel_status[NET_SSH2_CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_OPEN; $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_SHELL); if ($response === false) { return false; } $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); $packet = pack( 'CNNaCNaN5a', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_SHELL], strlen('pty-req'), 'pty-req', 1, strlen('vt100'), 'vt100', $this->windowColumns, $this->windowRows, 0, 0, strlen($terminal_modes), $terminal_modes ); if (!$this->_send_binary_packet($packet)) { return false; } $response = $this->_get_binary_packet(); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } if (!strlen($response)) { return false; } list(, $type) = unpack('C', $this->_string_shift($response, 1)); switch ($type) { case NET_SSH2_MSG_CHANNEL_SUCCESS: // if a pty can't be opened maybe commands can still be executed case NET_SSH2_MSG_CHANNEL_FAILURE: break; default: user_error('Unable to request pseudo-terminal'); return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } $packet = pack( 'CNNaC', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_SHELL], strlen('shell'), 'shell', 1 ); if (!$this->_send_binary_packet($packet)) { return false; } $this->channel_status[NET_SSH2_CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_REQUEST; $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_SHELL); if ($response === false) { return false; } $this->channel_status[NET_SSH2_CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_DATA; $this->bitmap \|= NET_SSH2_MASK_SHELL; return true; } /** * Return the channel to be used with read() / write() * * @see self::read() * @see self::write() * @return int * @access public / function _get_interactive_channel() { switch (true) { case $this->in_subsystem: return NET_SSH2_CHANNEL_SUBSYSTEM; case $this->in_request_pty_exec: return NET_SSH2_CHANNEL_EXEC; default: return NET_SSH2_CHANNEL_SHELL; } } /* * Return an available open channel * * @return int * @access public / function _get_open_channel() { $channel = NET_SSH2_CHANNEL_EXEC; do { if (isset($this->channel_status[$channel]) && $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_OPEN) { return $channel; } } while ($channel++ < NET_SSH2_CHANNEL_SUBSYSTEM); return false; } /* * Returns the output of an interactive shell * * Returns when there's a match for $expect, which can take the form of a string literal or, * if $mode == NET_SSH2_READ_REGEX, a regular expression. * * @see self::write() * @param string $expect * @param int $mode * @return string * @access public / function read($expect = '', $mode = NET_SSH2_READ_SIMPLE) { $this->curTimeout = $this->timeout; $this->is_timeout = false; if (!$this->isAuthenticated()) { user_error('Operation disallowed prior to login()'); return false; } if (!($this->bitmap & NET_SSH2_MASK_SHELL) && !$this->_initShell()) { user_error('Unable to initiate an interactive shell session'); return false; } $channel = $this->_get_interactive_channel(); if ($mode == NET_SSH2_READ_NEXT) { return $this->_get_channel_packet($channel); } $match = $expect; while (true) { if ($mode == NET_SSH2_READ_REGEX) { preg_match($expect, substr($this->interactiveBuffer, -1024), $matches); $match = isset($matches[0]) ? $matches[0] : ''; } $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false; if ($pos !== false) { return $this->_string_shift($this->interactiveBuffer, $pos + strlen($match)); } $response = $this->_get_channel_packet($channel); if (is_bool($response)) { $this->in_request_pty_exec = false; return $response ? $this->_string_shift($this->interactiveBuffer, strlen($this->interactiveBuffer)) : false; } $this->interactiveBuffer.= $response; } } /* * Inputs a command into an interactive shell. * * @see self::read() * @param string $cmd * @return bool * @access public / function write($cmd) { if (!$this->isAuthenticated()) { user_error('Operation disallowed prior to login()'); return false; } if (!($this->bitmap & NET_SSH2_MASK_SHELL) && !$this->_initShell()) { user_error('Unable to initiate an interactive shell session'); return false; } return $this->_send_channel_packet($this->_get_interactive_channel(), $cmd); } /* * Start a subsystem. * * Right now only one subsystem at a time is supported. To support multiple subsystem's stopSubsystem() could accept * a string that contained the name of the subsystem, but at that point, only one subsystem of each type could be opened. * To support multiple subsystem's of the same name maybe it'd be best if startSubsystem() generated a new channel id and * returns that and then that that was passed into stopSubsystem() but that'll be saved for a future date and implemented * if there's sufficient demand for such a feature. * * @see self::stopSubsystem() * @param string $subsystem * @return bool * @access public / function startSubsystem($subsystem) { $this->window_size_server_to_client[NET_SSH2_CHANNEL_SUBSYSTEM] = $this->window_size; $packet = pack( 'CNaN3', NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SSH2_CHANNEL_SUBSYSTEM, $this->window_size, 0x4000 ); if (!$this->_send_binary_packet($packet)) { return false; } $this->channel_status[NET_SSH2_CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_OPEN; $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_SUBSYSTEM); if ($response === false) { return false; } $packet = pack( 'CNNaCNa', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_SUBSYSTEM], strlen('subsystem'), 'subsystem', 1, strlen($subsystem), $subsystem ); if (!$this->_send_binary_packet($packet)) { return false; } $this->channel_status[NET_SSH2_CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_REQUEST; $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_SUBSYSTEM); if ($response === false) { return false; } $this->channel_status[NET_SSH2_CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_DATA; $this->bitmap \|= NET_SSH2_MASK_SHELL; $this->in_subsystem = true; return true; } /** * Stops a subsystem. * * @see self::startSubsystem() * @return bool * @access public / function stopSubsystem() { $this->in_subsystem = false; $this->_close_channel(NET_SSH2_CHANNEL_SUBSYSTEM); return true; } /* * Closes a channel * * If read() timed out you might want to just close the channel and have it auto-restart on the next read() call * * @access public / function reset() { $this->_close_channel($this->_get_interactive_channel()); } /* * Is timeout? * * Did exec() or read() return because they timed out or because they encountered the end? * * @access public / function isTimeout() { return $this->is_timeout; } /* * Disconnect * * @access public / function disconnect() { $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); if (isset($this->realtime_log_file) && is_resource($this->realtime_log_file)) { fclose($this->realtime_log_file); } } /* * Destructor. * * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call * disconnect(). * * @access public / function __destruct() { $this->disconnect(); } /* * Is the connection still active? * * @return bool * @access public / function isConnected() { return (bool) ($this->bitmap & NET_SSH2_MASK_CONNECTED); } /* * Have you successfully been logged in? * * @return bool * @access public / function isAuthenticated() { return (bool) ($this->bitmap & NET_SSH2_MASK_LOGIN); } /* * Pings a server connection, or tries to reconnect if the connection has gone down * * Inspired by http://php.net/manual/en/mysqli.ping.php * * @return bool * @access public / function ping() { if (!$this->isAuthenticated()) { if (!empty($this->auth)) { return $this->_reconnect(); } return false; } $this->window_size_server_to_client[NET_SSH2_CHANNEL_KEEP_ALIVE] = $this->window_size; $packet_size = 0x4000; $packet = pack( 'CNaN3', NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SSH2_CHANNEL_KEEP_ALIVE, $this->window_size_server_to_client[NET_SSH2_CHANNEL_KEEP_ALIVE], $packet_size ); if (!@$this->_send_binary_packet($packet)) { return $this->_reconnect(); } $this->channel_status[NET_SSH2_CHANNEL_KEEP_ALIVE] = NET_SSH2_MSG_CHANNEL_OPEN; $response = @$this->_get_channel_packet(NET_SSH2_CHANNEL_KEEP_ALIVE); if ($response !== false) { $this->_close_channel(NET_SSH2_CHANNEL_KEEP_ALIVE); return true; } return $this->_reconnect(); } /** * In situ reconnect method * * @return boolean * @access private / function _reconnect() { $this->_reset_connection(NET_SSH2_DISCONNECT_CONNECTION_LOST); $this->retry_connect = true; if (!$this->_connect()) { return false; } foreach ($this->auth as $auth) { $result = call_user_func_array(array(&$this, 'login'), $auth); } return $result; } /* * Resets a connection for re-use * * @param int $reason * @access private / function _reset_connection($reason) { $this->_disconnect($reason); $this->decrypt = $this->encrypt = false; $this->decrypt_block_size = $this->encrypt_block_size = 8; $this->hmac_check = $this->hmac_create = false; $this->hmac_size = false; $this->session_id = false; $this->retry_connect = true; $this->get_seq_no = $this->send_seq_no = 0; } /* * Gets Binary Packets * * See '6. Binary Packet Protocol' of rfc4253 for more info. * * @see self::_send_binary_packet() * @return string * @access private / function _get_binary_packet($skip_channel_filter = false) { if (!is_resource($this->fsock) \|\| feof($this->fsock)) { $this->bitmap = 0; user_error('Connection closed prematurely'); return false; } $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 $raw = fread($this->fsock, $this->decrypt_block_size); if (!strlen($raw)) { return ''; } if ($this->decrypt !== false) { $raw = $this->decrypt->decrypt($raw); } if ($raw === false) { user_error('Unable to decrypt content'); return false; } if (strlen($raw) < 5) { return false; } extract(unpack('Npacket_length/Cpadding_length', $this->_string_shift($raw, 5))); $remaining_length = $packet_length + 4 - $this->decrypt_block_size; // quoting <http://tools.ietf.org/html/rfc4253#section-6.1>, // "implementations SHOULD check that the packet length is reasonable" // PuTTY uses 0x9000 as the actual max packet size and so to shall we if ($remaining_length < -$this->decrypt_block_size \|\| $remaining_length > 0x9000 \|\| $remaining_length % $this->decrypt_block_size != 0) { if (!$this->bad_key_size_fix && $this->_bad_algorithm_candidate($this->decrypt->name) && !($this->bitmap & NET_SSH2_MASK_LOGIN)) { $this->bad_key_size_fix = true; $this->_reset_connection(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); return false; } user_error('Invalid size'); return false; } $buffer = ''; while ($remaining_length > 0) { $temp = fread($this->fsock, $remaining_length); if ($temp === false \|\| feof($this->fsock)) { $this->bitmap = 0; user_error('Error reading from socket'); return false; } $buffer.= $temp; $remaining_length-= strlen($temp); } $stop = strtok(microtime(), ' ') + strtok(''); if (strlen($buffer)) { $raw.= $this->decrypt !== false ? $this->decrypt->decrypt($buffer) : $buffer; } $payload = $this->_string_shift($raw, $packet_length - $padding_length - 1); $padding = $this->_string_shift($raw, $padding_length); // should leave $raw empty if ($this->hmac_check !== false) { $hmac = fread($this->fsock, $this->hmac_size); if ($hmac === false \|\| strlen($hmac) != $this->hmac_size) { $this->bitmap = 0; user_error('Error reading socket'); return false; } elseif ($hmac != $this->hmac_check->hash(pack('NNCa', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) { user_error('Invalid HMAC'); return false; } } //if ($this->decompress) { // $payload = gzinflate(substr($payload, 2)); //} $this->get_seq_no++; if (defined('NET_SSH2_LOGGING')) { $current = strtok(microtime(), ' ') + strtok(''); $message_number = isset($this->message_numbers[ord($payload[0])]) ? $this->message_numbers[ord($payload[0])] : 'UNKNOWN (' . ord($payload[0]) . ')'; $message_number = '<- ' . $message_number . ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; $this->_append_log($message_number, $payload); $this->last_packet = $current; } return $this->_filter($payload, $skip_channel_filter); } /** * Filter Binary Packets * * Because some binary packets need to be ignored... * * @see self::_get_binary_packet() * @return string * @access private / function _filter($payload, $skip_channel_filter) { switch (ord($payload[0])) { case NET_SSH2_MSG_DISCONNECT: $this->_string_shift($payload, 1); if (strlen($payload) < 8) { return false; } extract(unpack('Nreason_code/Nlength', $this->_string_shift($payload, 8))); $this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . $this->_string_shift($payload, $length); $this->bitmap = 0; return false; case NET_SSH2_MSG_IGNORE: $payload = $this->_get_binary_packet($skip_channel_filter); break; case NET_SSH2_MSG_DEBUG: $this->_string_shift($payload, 2); if (strlen($payload) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($payload, 4))); $this->errors[] = 'SSH_MSG_DEBUG: ' . $this->_string_shift($payload, $length); $payload = $this->_get_binary_packet($skip_channel_filter); break; case NET_SSH2_MSG_UNIMPLEMENTED: return false; case NET_SSH2_MSG_KEXINIT: if ($this->session_id !== false) { $this->send_kex_first = false; if (!$this->_key_exchange($payload)) { $this->bitmap = 0; return false; } $payload = $this->_get_binary_packet($skip_channel_filter); } } // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && !$this->isAuthenticated() && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { $this->_string_shift($payload, 1); if (strlen($payload) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($payload, 4))); $this->banner_message = $this->_string_shift($payload, $length); $payload = $this->_get_binary_packet(); } // only called when we've already logged in if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && $this->isAuthenticated()) { switch (ord($payload[0])) { case NET_SSH2_MSG_CHANNEL_DATA: case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: case NET_SSH2_MSG_CHANNEL_REQUEST: case NET_SSH2_MSG_CHANNEL_CLOSE: case NET_SSH2_MSG_CHANNEL_EOF: if (!$skip_channel_filter && !empty($this->server_channels)) { $this->binary_packet_buffer = $payload; $this->_get_channel_packet(true); $payload = $this->_get_binary_packet(); } break; case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4 if (strlen($payload) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($payload, 4))); $this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . $this->_string_shift($payload, $length); if (!$this->_send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE))) { return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } $payload = $this->_get_binary_packet($skip_channel_filter); break; case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1 $this->_string_shift($payload, 1); if (strlen($payload) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($payload, 4))); $data = $this->_string_shift($payload, $length); if (strlen($payload) < 4) { return false; } extract(unpack('Nserver_channel', $this->_string_shift($payload, 4))); switch ($data) { case 'auth-agent': case 'auth-agent@openssh.com': if (isset($this->agent)) { $new_channel = NET_SSH2_CHANNEL_AGENT_FORWARD; if (strlen($payload) < 8) { return false; } extract(unpack('Nremote_window_size', $this->_string_shift($payload, 4))); extract(unpack('Nremote_maximum_packet_size', $this->_string_shift($payload, 4))); $this->packet_size_client_to_server[$new_channel] = $remote_window_size; $this->window_size_server_to_client[$new_channel] = $remote_maximum_packet_size; $this->window_size_client_to_server[$new_channel] = $this->window_size; $packet_size = 0x4000; $packet = pack( 'CN4', NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, $server_channel, $new_channel, $packet_size, $packet_size ); $this->server_channels[$new_channel] = $server_channel; $this->channel_status[$new_channel] = NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION; if (!$this->_send_binary_packet($packet)) { return false; } } break; default: $packet = pack( 'CN3aNa', NET_SSH2_MSG_REQUEST_FAILURE, $server_channel, NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED, 0, '', 0, '' ); if (!$this->_send_binary_packet($packet)) { return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } } $payload = $this->_get_binary_packet($skip_channel_filter); break; case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: $this->_string_shift($payload, 1); if (strlen($payload) < 8) { return false; } extract(unpack('Nchannel', $this->_string_shift($payload, 4))); extract(unpack('Nwindow_size', $this->_string_shift($payload, 4))); $this->window_size_client_to_server[$channel]+= $window_size; $payload = ($this->bitmap & NET_SSH2_MASK_WINDOW_ADJUST) ? true : $this->_get_binary_packet($skip_channel_filter); } } return $payload; } /* * Enable Quiet Mode * * Suppress stderr from output * * @access public / function enableQuietMode() { $this->quiet_mode = true; } /* * Disable Quiet Mode * * Show stderr in output * * @access public / function disableQuietMode() { $this->quiet_mode = false; } /* * Returns whether Quiet Mode is enabled or not * * @see self::enableQuietMode() * @see self::disableQuietMode() * * @access public * @return bool / function isQuietModeEnabled() { return $this->quiet_mode; } /* * Enable request-pty when using exec() * * @access public / function enablePTY() { $this->request_pty = true; } /* * Disable request-pty when using exec() * * @access public / function disablePTY() { if ($this->in_request_pty_exec) { $this->_close_channel(NET_SSH2_CHANNEL_EXEC); $this->in_request_pty_exec = false; } $this->request_pty = false; } /* * Returns whether request-pty is enabled or not * * @see self::enablePTY() * @see self::disablePTY() * * @access public * @return bool / function isPTYEnabled() { return $this->request_pty; } /* * Gets channel data * * Returns the data as a string if it's available and false if not. * * @param $client_channel * @return mixed * @access private / function _get_channel_packet($client_channel, $skip_extended = false) { if (!empty($this->channel_buffers[$client_channel])) { return array_shift($this->channel_buffers[$client_channel]); } while (true) { if ($this->binary_packet_buffer !== false) { $response = $this->binary_packet_buffer; $this->binary_packet_buffer = false; } else { $read = array($this->fsock); $write = $except = null; if (!$this->curTimeout) { @stream_select($read, $write, $except, null); } else { if ($this->curTimeout < 0) { $this->is_timeout = true; return true; } $read = array($this->fsock); $write = $except = null; $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 $sec = floor($this->curTimeout); $usec = 1000000 ($this->curTimeout - $sec); // on windows this returns a "Warning: Invalid CRT parameters detected" error if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { $this->is_timeout = true; if ($client_channel == NET_SSH2_CHANNEL_EXEC && !$this->request_pty) { $this->_close_channel($client_channel); } return true; } $elapsed = strtok(microtime(), ' ') + strtok('') - $start; $this->curTimeout-= $elapsed; } $response = $this->_get_binary_packet(true); if ($response === false) { $this->bitmap = 0; user_error('Connection closed by server'); return false; } } if ($client_channel == -1 && $response === true) { return true; } if (!strlen($response)) { return false; } extract(unpack('Ctype', $this->_string_shift($response, 1))); if (strlen($response) < 4) { return false; } if ($type == NET_SSH2_MSG_CHANNEL_OPEN) { extract(unpack('Nlength', $this->_string_shift($response, 4))); } else { extract(unpack('Nchannel', $this->_string_shift($response, 4))); } // will not be setup yet on incoming channel open request if (isset($channel) && isset($this->channel_status[$channel]) && isset($this->window_size_server_to_client[$channel])) { $this->window_size_server_to_client[$channel]-= strlen($response); // resize the window, if appropriate if ($this->window_size_server_to_client[$channel] < 0) { $packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$channel], $this->window_size); if (!$this->_send_binary_packet($packet)) { return false; } $this->window_size_server_to_client[$channel]+= $this->window_size; } switch ($type) { case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: /* if ($client_channel == NET_SSH2_CHANNEL_EXEC) { $this->_send_channel_packet($client_channel, chr(0)); } / // currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR if (strlen($response) < 8) { return false; } extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8))); $data = $this->_string_shift($response, $length); $this->stdErrorLog.= $data; if ($skip_extended \|\| $this->quiet_mode) { continue 2; } if ($client_channel == $channel && $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA) { return $data; } if (!isset($this->channel_buffers[$channel])) { $this->channel_buffers[$channel] = array(); } $this->channel_buffers[$channel][] = $data; continue 2; case NET_SSH2_MSG_CHANNEL_REQUEST: if ($this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_CLOSE) { continue 2; } if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $value = $this->_string_shift($response, $length); switch ($value) { case 'exit-signal': $this->_string_shift($response, 1); if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->errors[] = 'SSH_MSG_CHANNEL_REQUEST (exit-signal): ' . $this->_string_shift($response, $length); $this->_string_shift($response, 1); if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); if ($length) { $this->errors[count($this->errors)].= "\r\n" . $this->_string_shift($response, $length); } $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_EOF; continue 3; case 'exit-status': if (strlen($response) < 5) { return false; } extract(unpack('Cfalse/Nexit_status', $this->_string_shift($response, 5))); $this->exit_status = $exit_status; // "The client MAY ignore these messages." // -- http://tools.ietf.org/html/rfc4254#section-6.10 continue 3; default: // "Some systems may not implement signals, in which case they SHOULD ignore this message." // -- http://tools.ietf.org/html/rfc4254#section-6.9 continue 3; } } switch ($this->channel_status[$channel]) { case NET_SSH2_MSG_CHANNEL_OPEN: switch ($type) { case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION: if (strlen($response) < 4) { return false; } extract(unpack('Nserver_channel', $this->_string_shift($response, 4))); $this->server_channels[$channel] = $server_channel; if (strlen($response) < 4) { return false; } extract(unpack('Nwindow_size', $this->_string_shift($response, 4))); if ($window_size < 0) { $window_size&= 0x7FFFFFFF; $window_size+= 0x80000000; } $this->window_size_client_to_server[$channel] = $window_size; if (strlen($response) < 4) { return false; } $temp = unpack('Npacket_size_client_to_server', $this->_string_shift($response, 4)); $this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server']; $result = $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended); $this->_on_channel_open(); return $result; //case NET_SSH2_MSG_CHANNEL_OPEN_FAILURE: default: user_error('Unable to open channel'); return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } break; case NET_SSH2_MSG_CHANNEL_REQUEST: switch ($type) { case NET_SSH2_MSG_CHANNEL_SUCCESS: return true; case NET_SSH2_MSG_CHANNEL_FAILURE: return false; default: user_error('Unable to fulfill channel request'); return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } case NET_SSH2_MSG_CHANNEL_CLOSE: return $type == NET_SSH2_MSG_CHANNEL_CLOSE ? true : $this->_get_channel_packet($client_channel, $skip_extended); } } // ie. $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA switch ($type) { case NET_SSH2_MSG_CHANNEL_DATA: / if ($channel == NET_SSH2_CHANNEL_EXEC) { // SCP requires null packets, such as this, be sent. further, in the case of the ssh.com SSH server // this actually seems to make things twice as fast. more to the point, the message right after // SSH_MSG_CHANNEL_DATA (usually SSH_MSG_IGNORE) won't block for as long as it would have otherwise. // in OpenSSH it slows things down but only by a couple thousandths of a second. $this->_send_channel_packet($channel, chr(0)); } / if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $data = $this->_string_shift($response, $length); if ($channel == NET_SSH2_CHANNEL_AGENT_FORWARD) { $agent_response = $this->agent->_forward_data($data); if (!is_bool($agent_response)) { $this->_send_channel_packet($channel, $agent_response); } break; } if ($client_channel == $channel) { return $data; } if (!isset($this->channel_buffers[$channel])) { $this->channel_buffers[$channel] = array(); } $this->channel_buffers[$channel][] = $data; break; case NET_SSH2_MSG_CHANNEL_CLOSE: $this->curTimeout = 0; if ($this->bitmap & NET_SSH2_MASK_SHELL) { $this->bitmap&= ~NET_SSH2_MASK_SHELL; } if ($this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_EOF) { $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); } $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_CLOSE; if ($client_channel == $channel) { return true; } case NET_SSH2_MSG_CHANNEL_EOF: break; default: user_error('Error reading channel data'); return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); } } } /* * Sends Binary Packets * * See '6. Binary Packet Protocol' of rfc4253 for more info. * * @param string $data * @param string $logged * @see self::_get_binary_packet() * @return bool * @access private / function _send_binary_packet($data, $logged = null) { if (!is_resource($this->fsock) \|\| feof($this->fsock)) { $this->bitmap = 0; user_error('Connection closed prematurely'); return false; } //if ($this->compress) { // // the -4 removes the checksum: // // http://php.net/function.gzcompress#57710 // $data = substr(gzcompress($data), 0, -4); //} // 4 (packet length) + 1 (padding length) + 4 (minimal padding amount) == 9 $packet_length = strlen($data) + 9; // round up to the nearest $this->encrypt_block_size $packet_length+= (($this->encrypt_block_size - 1) $packet_length) % $this->encrypt_block_size; // subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length $padding_length = $packet_length - strlen($data) - 5; $padding = crypt_random_string($padding_length); // we subtract 4 from packet_length because the packet_length field isn't supposed to include itself $packet = pack('NCa', $packet_length - 4, $padding_length, $data . $padding); $hmac = $this->hmac_create !== false ? $this->hmac_create->hash(pack('Na', $this->send_seq_no, $packet)) : ''; $this->send_seq_no++; if ($this->encrypt !== false) { $packet = $this->encrypt->encrypt($packet); } $packet.= $hmac; $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 $result = strlen($packet) == fputs($this->fsock, $packet); $stop = strtok(microtime(), ' ') + strtok(''); if (defined('NET_SSH2_LOGGING')) { $current = strtok(microtime(), ' ') + strtok(''); $message_number = isset($this->message_numbers[ord($data[0])]) ? $this->message_numbers[ord($data[0])] : 'UNKNOWN (' . ord($data[0]) . ')'; $message_number = '-> ' . $message_number . ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; $this->_append_log($message_number, isset($logged) ? $logged : $data); $this->last_packet = $current; } return $result; } /** * Logs data packets * * Makes sure that only the last 1MB worth of packets will be logged * * @param string $data * @access private / function _append_log($message_number, $message) { // remove the byte identifying the message type from all but the first two messages (ie. the identification strings) if (strlen($message_number) > 2) { $this->_string_shift($message); } switch (NET_SSH2_LOGGING) { // useful for benchmarks case NET_SSH2_LOG_SIMPLE: $this->message_number_log[] = $message_number; break; // the most useful log for SSH2 case NET_SSH2_LOG_COMPLEX: $this->message_number_log[] = $message_number; $this->log_size+= strlen($message); $this->message_log[] = $message; while ($this->log_size > NET_SSH2_LOG_MAX_SIZE) { $this->log_size-= strlen(array_shift($this->message_log)); array_shift($this->message_number_log); } break; // dump the output out realtime; packets may be interspersed with non packets, // passwords won't be filtered out and select other packets may not be correctly // identified case NET_SSH2_LOG_REALTIME: switch (PHP_SAPI) { case 'cli': $start = $stop = "\r\n"; break; default: $start = '<pre>'; $stop = '</pre>'; } echo $start . $this->_format_log(array($message), array($message_number)) . $stop; @flush(); @ob_flush(); break; // basically the same thing as NET_SSH2_LOG_REALTIME with the caveat that NET_SSH2_LOG_REALTIME_FILE // needs to be defined and that the resultant log file will be capped out at NET_SSH2_LOG_MAX_SIZE. // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily // at the beginning of the file case NET_SSH2_LOG_REALTIME_FILE: if (!isset($this->realtime_log_file)) { // PHP doesn't seem to like using constants in fopen() $filename = NET_SSH2_LOG_REALTIME_FILENAME; $fp = fopen($filename, 'w'); $this->realtime_log_file = $fp; } if (!is_resource($this->realtime_log_file)) { break; } $entry = $this->_format_log(array($message), array($message_number)); if ($this->realtime_log_wrap) { $temp = "<<< START >>>\r\n"; $entry.= $temp; fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp)); } $this->realtime_log_size+= strlen($entry); if ($this->realtime_log_size > NET_SSH2_LOG_MAX_SIZE) { fseek($this->realtime_log_file, 0); $this->realtime_log_size = strlen($entry); $this->realtime_log_wrap = true; } fputs($this->realtime_log_file, $entry); } } /* * Sends channel data * * Spans multiple SSH_MSG_CHANNEL_DATAs if appropriate * * @param int $client_channel * @param string $data * @return bool * @access private / function _send_channel_packet($client_channel, $data) { while (strlen($data)) { if (!$this->window_size_client_to_server[$client_channel]) { $this->bitmap^= NET_SSH2_MASK_WINDOW_ADJUST; // using an invalid channel will let the buffers be built up for the valid channels $this->_get_channel_packet(-1); $this->bitmap^= NET_SSH2_MASK_WINDOW_ADJUST; } / The maximum amount of data allowed is determined by the maximum packet size for the channel, and the current window size, whichever is smaller. -- http://tools.ietf.org/html/rfc4254#section-5.2 / $max_size = min( $this->packet_size_client_to_server[$client_channel], $this->window_size_client_to_server[$client_channel] ); $temp = $this->_string_shift($data, $max_size); $packet = pack( 'CN2a', NET_SSH2_MSG_CHANNEL_DATA, $this->server_channels[$client_channel], strlen($temp), $temp ); $this->window_size_client_to_server[$client_channel]-= strlen($temp); if (!$this->_send_binary_packet($packet)) { return false; } } return true; } /** * Closes and flushes a channel * * Net_SSH2 doesn't properly close most channels. For exec() channels are normally closed by the server * and for SFTP channels are presumably closed when the client disconnects. This functions is intended * for SCP more than anything. * * @param int $client_channel * @param bool $want_reply * @return bool * @access private / function _close_channel($client_channel, $want_reply = false) { // see http://tools.ietf.org/html/rfc4254#section-5.3 $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); if (!$want_reply) { $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); } $this->channel_status[$client_channel] = NET_SSH2_MSG_CHANNEL_CLOSE; $this->curTimeout = 0; while (!is_bool($this->_get_channel_packet($client_channel))) { } if ($want_reply) { $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); } if ($this->bitmap & NET_SSH2_MASK_SHELL) { $this->bitmap&= ~NET_SSH2_MASK_SHELL; } } /* * Disconnect * * @param int $reason * @return bool * @access private / function _disconnect($reason) { if ($this->bitmap & NET_SSH2_MASK_CONNECTED) { $data = pack('CNNaNa', NET_SSH2_MSG_DISCONNECT, $reason, 0, '', 0, ''); $this->_send_binary_packet($data); } $this->bitmap = 0; if (is_resource($this->fsock) && get_resource_type($this->fsock) == 'stream') { fclose($this->fsock); } return false; } /* * String Shift * * Inspired by array_shift * * @param string $string * @param int $index * @return string * @access private / function _string_shift(&$string, $index = 1) { $substr = substr($string, 0, $index); $string = substr($string, $index); return $substr; } /* * Define Array * * Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of * named constants from it, using the value as the name of the constant and the index as the value of the constant. * If any of the constants that would be defined already exists, none of the constants will be defined. * * @param array $array * @access private / function _define_array() { $args = func_get_args(); foreach ($args as $arg) { foreach ($arg as $key => $value) { if (!defined($value)) { define($value, $key); } else { break 2; } } } } /* * Returns a log of the packets that have been sent and received. * * Returns a string if NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX, an array if NET_SSH2_LOGGING == NET_SSH2_LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING') * * @access public * @return array\|false\|string / function getLog() { if (!defined('NET_SSH2_LOGGING')) { return false; } switch (NET_SSH2_LOGGING) { case NET_SSH2_LOG_SIMPLE: return $this->message_number_log; case NET_SSH2_LOG_COMPLEX: $log = $this->_format_log($this->message_log, $this->message_number_log); return PHP_SAPI == 'cli' ? $log : '<pre>' . $log . '</pre>'; default: return false; } } /* * Formats a log for printing * * @param array $message_log * @param array $message_number_log * @access private * @return string / function _format_log($message_log, $message_number_log) { $output = ''; for ($i = 0; $i < count($message_log); $i++) { $output.= $message_number_log[$i] . "\r\n"; $current_log = $message_log[$i]; $j = 0; do { if (strlen($current_log)) { $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; } $fragment = $this->_string_shift($current_log, $this->log_short_width); $hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary)); // replace non ASCII printable characters with dots // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters // also replace < with a . since < messes up the output on web browsers $raw = preg_replace('#[^\x20-\x7E]\|<#', '.', $fragment); $output.= str_pad($hex, $this->log_long_width - $this->log_short_width, ' ') . $raw . "\r\n"; $j++; } while (strlen($current_log)); $output.= "\r\n"; } return $output; } /* * Helper function for _format_log * * For use with preg_replace_callback() * * @param array $matches * @access private * @return string / function _format_log_helper($matches) { return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); } /* * Helper function for agent->_on_channel_open() * * Used when channels are created to inform agent * of said channel opening. Must be called after * channel open confirmation received * * @access private / function _on_channel_open() { if (isset($this->agent)) { $this->agent->_on_channel_open($this); } } /* * Returns the first value of the intersection of two arrays or false if * the intersection is empty. The order is defined by the first parameter. * * @param array $array1 * @param array $array2 * @return mixed False if intersection is empty, else intersected value. * @access private / function _array_intersect_first($array1, $array2) { foreach ($array1 as $value) { if (in_array($value, $array2)) { return $value; } } return false; } /* * Returns all errors * * @return string[] * @access public / function getErrors() { return $this->errors; } /* * Returns the last error * * @return string * @access public / function getLastError() { $count = count($this->errors); if ($count > 0) { return $this->errors[$count - 1]; } } /* * Return the server identification. * * @return string * @access public / function getServerIdentification() { $this->_connect(); return $this->server_identifier; } /* * Return a list of the key exchange algorithms the server supports. * * @return array * @access public / function getKexAlgorithms() { $this->_connect(); return $this->kex_algorithms; } /* * Return a list of the host key (public key) algorithms the server supports. * * @return array * @access public / function getServerHostKeyAlgorithms() { $this->_connect(); return $this->server_host_key_algorithms; } /* * Return a list of the (symmetric key) encryption algorithms the server supports, when receiving stuff from the client. * * @return array * @access public / function getEncryptionAlgorithmsClient2Server() { $this->_connect(); return $this->encryption_algorithms_client_to_server; } /* * Return a list of the (symmetric key) encryption algorithms the server supports, when sending stuff to the client. * * @return array * @access public / function getEncryptionAlgorithmsServer2Client() { $this->_connect(); return $this->encryption_algorithms_server_to_client; } /* * Return a list of the MAC algorithms the server supports, when receiving stuff from the client. * * @return array * @access public / function getMACAlgorithmsClient2Server() { $this->_connect(); return $this->mac_algorithms_client_to_server; } /* * Return a list of the MAC algorithms the server supports, when sending stuff to the client. * * @return array * @access public / function getMACAlgorithmsServer2Client() { $this->_connect(); return $this->mac_algorithms_server_to_client; } /* * Return a list of the compression algorithms the server supports, when receiving stuff from the client. * * @return array * @access public / function getCompressionAlgorithmsClient2Server() { $this->_connect(); return $this->compression_algorithms_client_to_server; } /* * Return a list of the compression algorithms the server supports, when sending stuff to the client. * * @return array * @access public / function getCompressionAlgorithmsServer2Client() { $this->_connect(); return $this->compression_algorithms_server_to_client; } /* * Return a list of the languages the server supports, when sending stuff to the client. * * @return array * @access public / function getLanguagesServer2Client() { $this->_connect(); return $this->languages_server_to_client; } /* * Return a list of the languages the server supports, when receiving stuff from the client. * * @return array * @access public / function getLanguagesClient2Server() { $this->_connect(); return $this->languages_client_to_server; } /* * Returns a list of algorithms the server supports * * @return array * @access public / public function getServerAlgorithms() { $this->_connect(); return array( 'kex' => $this->kex_algorithms, 'hostkey' => $this->server_host_key_algorithms, 'client_to_server' => array( 'crypt' => $this->encryption_algorithms_client_to_server, 'mac' => $this->mac_algorithms_client_to_server, 'comp' => $this->compression_algorithms_client_to_server, 'lang' => $this->languages_client_to_server ), 'server_to_client' => array( 'crypt' => $this->encryption_algorithms_server_to_client, 'mac' => $this->mac_algorithms_server_to_client, 'comp' => $this->compression_algorithms_server_to_client, 'lang' => $this->languages_server_to_client ) ); } /* * Returns a list of KEX algorithms that phpseclib supports * * @return array * @access public / function getSupportedKEXAlgorithms() { $kex_algorithms = array( 'diffie-hellman-group-exchange-sha256',// RFC 4419 'diffie-hellman-group-exchange-sha1', // RFC 4419 // Diffie-Hellman Key Agreement (DH) using integer modulo prime // groups. 'diffie-hellman-group14-sha1', // REQUIRED 'diffie-hellman-group1-sha1', // REQUIRED ); return $kex_algorithms; } /* * Returns a list of host key algorithms that phpseclib supports * * @return array * @access public / function getSupportedHostKeyAlgorithms() { return array( 'rsa-sha2-256', // RFC 8332 'rsa-sha2-512', // RFC 8332 'ssh-rsa', // RECOMMENDED sign Raw RSA Key 'ssh-dss' // REQUIRED sign Raw DSS Key ); } /* * Returns a list of symmetric key algorithms that phpseclib supports * * @return array * @access public / function getSupportedEncryptionAlgorithms() { $algos = array( // from <http://tools.ietf.org/html/rfc4345#section-4>: 'arcfour256', 'arcfour128', //'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key // CTR modes from <http://tools.ietf.org/html/rfc4344#section-4>: 'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key 'aes192-ctr', // RECOMMENDED AES with 192-bit key 'aes256-ctr', // RECOMMENDED AES with 256-bit key 'twofish128-ctr', // OPTIONAL Twofish in SDCTR mode, with 128-bit key 'twofish192-ctr', // OPTIONAL Twofish with 192-bit key 'twofish256-ctr', // OPTIONAL Twofish with 256-bit key 'aes128-cbc', // RECOMMENDED AES with a 128-bit key 'aes192-cbc', // OPTIONAL AES with a 192-bit key 'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key 'twofish128-cbc', // OPTIONAL Twofish with a 128-bit key 'twofish192-cbc', // OPTIONAL Twofish with a 192-bit key 'twofish256-cbc', 'twofish-cbc', // OPTIONAL alias for "twofish256-cbc" // (this is being retained for historical reasons) 'blowfish-ctr', // OPTIONAL Blowfish in SDCTR mode 'blowfish-cbc', // OPTIONAL Blowfish in CBC mode '3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode '3des-cbc', // REQUIRED three-key 3DES in CBC mode //'none' // OPTIONAL no encryption; NOT RECOMMENDED ); $engines = array( CRYPT_ENGINE_OPENSSL, CRYPT_ENGINE_MCRYPT, CRYPT_ENGINE_INTERNAL ); $ciphers = array(); foreach ($engines as $engine) { foreach ($algos as $algo) { $obj = $this->_encryption_algorithm_to_crypt_instance($algo); if (strtolower(get_class($obj)) == 'crypt_rijndael') { $obj->setKeyLength(preg_replace('#[^\d]#', '', $algo)); } switch ($algo) { case 'arcfour128': case 'arcfour256': if ($engine == CRYPT_ENGINE_INTERNAL) { $algos = array_diff($algos, array($algo)); $ciphers[] = $algo; } else { continue 2; } } if ($obj->isValidEngine($engine)) { $algos = array_diff($algos, array($algo)); $ciphers[] = $algo; } } } return $ciphers; } /* * Returns a list of MAC algorithms that phpseclib supports * * @return array * @access public / function getSupportedMACAlgorithms() { return array( // from <http://www.ietf.org/rfc/rfc6668.txt>: 'hmac-sha2-256',// RECOMMENDED HMAC-SHA256 (digest length = key length = 32) 'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20) 'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20) 'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16) 'hmac-md5', // OPTIONAL HMAC-MD5 (digest length = key length = 16) //'none' // OPTIONAL no MAC; NOT RECOMMENDED ); } /* * Returns a list of compression algorithms that phpseclib supports * * @return array * @access public / function getSupportedCompressionAlgorithms() { return array( 'none' // REQUIRED no compression //'zlib' // OPTIONAL ZLIB (LZ77) compression ); } /* * Return list of negotiated algorithms * * Uses the same format as https://www.php.net/ssh2-methods-negotiated * * @return array * @access public / function getAlgorithmsNegotiated() { $this->_connect(); return array( 'kex' => $this->kex_algorithm, 'hostkey' => $this->signature_format, 'client_to_server' => array( 'crypt' => $this->encrypt->name, 'mac' => $this->hmac_create->name, 'comp' => 'none', ), 'server_to_client' => array( 'crypt' => $this->decrypt->name, 'mac' => $this->hmac_check->name, 'comp' => 'none', ) ); } /* * Accepts an associative array with up to four parameters as described at * <https://www.php.net/manual/en/function.ssh2-connect.php> * * @param array $methods * @access public / function setPreferredAlgorithms($methods) { $preferred = $methods; if (isset($preferred['kex'])) { $preferred['kex'] = array_intersect( $preferred['kex'], $this->getSupportedKEXAlgorithms() ); } if (isset($preferred['hostkey'])) { $preferred['hostkey'] = array_intersect( $preferred['hostkey'], $this->getSupportedHostKeyAlgorithms() ); } $keys = array('client_to_server', 'server_to_client'); foreach ($keys as $key) { if (isset($preferred[$key])) { $a = &$preferred[$key]; if (isset($a['crypt'])) { $a['crypt'] = array_intersect( $a['crypt'], $this->getSupportedEncryptionAlgorithms() ); } if (isset($a['comp'])) { $a['comp'] = array_intersect( $a['comp'], $this->getSupportedCompressionAlgorithms() ); } if (isset($a['mac'])) { $a['mac'] = array_intersect( $a['mac'], $this->getSupportedMACAlgorithms() ); } } } $keys = array( 'kex', 'hostkey', 'client_to_server/crypt', 'client_to_server/comp', 'client_to_server/mac', 'server_to_client/crypt', 'server_to_client/comp', 'server_to_client/mac', ); foreach ($keys as $key) { $p = $preferred; $m = $methods; $subkeys = explode('/', $key); foreach ($subkeys as $subkey) { if (!isset($p[$subkey])) { continue 2; } $p = $p[$subkey]; $m = $m[$subkey]; } if (count($p) != count($m)) { $diff = array_diff($m, $p); $msg = count($diff) == 1 ? ' is not a supported algorithm' : ' are not supported algorithms'; user_error(implode(', ', $diff) . $msg); return false; } } $this->preferred = $preferred; } /* * Returns the banner message. * * Quoting from the RFC, "in some jurisdictions, sending a warning message before * authentication may be relevant for getting legal protection." * * @return string * @access public / function getBannerMessage() { return $this->banner_message; } /* * Returns the server public host key. * * Caching this the first time you connect to a server and checking the result on subsequent connections * is recommended. Returns false if the server signature is not signed correctly with the public host key. * * @return mixed * @access public / function getServerPublicHostKey() { if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) { if (!$this->_connect()) { return false; } } $signature = $this->signature; $server_public_host_key = $this->server_public_host_key; if (strlen($server_public_host_key) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($server_public_host_key, 4))); $this->_string_shift($server_public_host_key, $length); if ($this->signature_validated) { return $this->bitmap ? $this->signature_format . ' ' . base64_encode($this->server_public_host_key) : false; } $this->signature_validated = true; switch ($this->signature_format) { case 'ssh-dss': $zero = new Math_BigInteger(); if (strlen($server_public_host_key) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $p = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); if (strlen($server_public_host_key) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $q = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); if (strlen($server_public_host_key) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $g = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); if (strlen($server_public_host_key) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $y = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); / The value for 'dss_signature_blob' is encoded as a string containing r, followed by s (which are 160-bit integers, without lengths or padding, unsigned, and in network byte order). / $temp = unpack('Nlength', $this->_string_shift($signature, 4)); if ($temp['length'] != 40) { user_error('Invalid signature'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } $r = new Math_BigInteger($this->_string_shift($signature, 20), 256); $s = new Math_BigInteger($this->_string_shift($signature, 20), 256); switch (true) { case $r->equals($zero): case $r->compare($q) >= 0: case $s->equals($zero): case $s->compare($q) >= 0: user_error('Invalid signature'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } $w = $s->modInverse($q); $u1 = $w->multiply(new Math_BigInteger(sha1($this->exchange_hash), 16)); list(, $u1) = $u1->divide($q); $u2 = $w->multiply($r); list(, $u2) = $u2->divide($q); $g = $g->modPow($u1, $p); $y = $y->modPow($u2, $p); $v = $g->multiply($y); list(, $v) = $v->divide($p); list(, $v) = $v->divide($q); if (!$v->equals($r)) { user_error('Bad server signature'); return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } break; case 'ssh-rsa': case 'rsa-sha2-256': case 'rsa-sha2-512': if (strlen($server_public_host_key) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $e = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); if (strlen($server_public_host_key) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $rawN = $this->_string_shift($server_public_host_key, $temp['length']); $n = new Math_BigInteger($rawN, -256); $nLength = strlen(ltrim($rawN, "\0")); / if (strlen($signature) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($signature, 4)); $signature = $this->_string_shift($signature, $temp['length']); if (!class_exists('Crypt_RSA')) { include_once 'Crypt/RSA.php'; } $rsa = new Crypt_RSA(); switch ($this->signature_format) { case 'rsa-sha2-512': $hash = 'sha512'; break; case 'rsa-sha2-256': $hash = 'sha256'; break; //case 'ssh-rsa': default: $hash = 'sha1'; } $rsa->setHash($hash); $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); $rsa->loadKey(array('e' => $e, 'n' => $n), CRYPT_RSA_PUBLIC_FORMAT_RAW); if (!$rsa->verify($this->exchange_hash, $signature)) { user_error('Bad server signature'); return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } / if (strlen($signature) < 4) { return false; } $temp = unpack('Nlength', $this->_string_shift($signature, 4)); $s = new Math_BigInteger($this->_string_shift($signature, $temp['length']), 256); // validate an RSA signature per "8.2 RSASSA-PKCS1-v1_5", "5.2.2 RSAVP1", and "9.1 EMSA-PSS" in the // following URL: // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf // also, see SSHRSA.c (rsa2_verifysig) in PuTTy's source. if ($s->compare(new Math_BigInteger()) < 0 \|\| $s->compare($n->subtract(new Math_BigInteger(1))) > 0) { user_error('Invalid signature'); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } $s = $s->modPow($e, $n); $s = $s->toBytes(); switch ($this->signature_format) { case 'rsa-sha2-512': $hash = 'sha512'; break; case 'rsa-sha2-256': $hash = 'sha256'; break; //case 'ssh-rsa': default: $hash = 'sha1'; } $hashObj = new Crypt_Hash($hash); switch ($this->signature_format) { case 'rsa-sha2-512': $h = pack('N5a', 0x00305130, 0x0D060960, 0x86480165, 0x03040203, 0x05000440, $hashObj->hash($this->exchange_hash)); break; case 'rsa-sha2-256': $h = pack('N5a', 0x00303130, 0x0D060960, 0x86480165, 0x03040201, 0x05000420, $hashObj->hash($this->exchange_hash)); break; //case 'ssh-rsa': default: $hash = 'sha1'; $h = pack('N4a', 0x00302130, 0x0906052B, 0x0E03021A, 0x05000414, $hashObj->hash($this->exchange_hash)); } $h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 2 - strlen($h)) . $h; if ($s != $h) { user_error('Bad server signature'); return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } break; default: user_error('Unsupported signature format'); return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } return $this->signature_format . ' ' . base64_encode($this->server_public_host_key); } /** * Returns the exit status of an SSH command or false. * * @return false\|int * @access public / function getExitStatus() { if (is_null($this->exit_status)) { return false; } return $this->exit_status; } /* * Returns the number of columns for the terminal window size. * * @return int * @access public / function getWindowColumns() { return $this->windowColumns; } /* * Returns the number of rows for the terminal window size. * * @return int * @access public / function getWindowRows() { return $this->windowRows; } /* * Sets the number of columns for the terminal window size. * * @param int $value * @access public / function setWindowColumns($value) { $this->windowColumns = $value; } /* * Sets the number of rows for the terminal window size. * * @param int $value * @access public / function setWindowRows($value) { $this->windowRows = $value; } /* * Sets the number of columns and rows for the terminal window size. * * @param int $columns * @param int $rows * @access public / function setWindowSize($columns = 80, $rows = 24) { $this->windowColumns = $columns; $this->windowRows = $rows; } } ��phpseclib/Net/SFTP/Stream.php��0000644��00000056517�15104540706�0012003 0��ustar�00��<?php /* * SFTP Stream Wrapper * * Creates an sftp:// protocol handler that can be used with, for example, fopen(), dir(), etc. * * PHP version 5 * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Net * @package Net_SFTP_Stream * @author Jim Wigginton <terrafrost@php.net> * @copyright 2013 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * SFTP Stream Wrapper * * @package Net_SFTP_Stream * @author Jim Wigginton <terrafrost@php.net> * @access public / class Net_SFTP_Stream { /* * SFTP instances * * Rather than re-create the connection we re-use instances if possible * * @var array / static $instances; /* * SFTP instance * * @var object * @access private / var $sftp; /* * Path * * @var string * @access private / var $path; /* * Mode * * @var string * @access private / var $mode; /* * Position * * @var int * @access private / var $pos; /* * Size * * @var int * @access private / var $size; /* * Directory entries * * @var array * @access private / var $entries; /* * EOF flag * * @var bool * @access private / var $eof; /* * Context resource * * Technically this needs to be publically accessible so PHP can set it directly * * @var resource * @access public / var $context; /* * Notification callback function * * @var callable * @access public / var $notification; /* * Registers this class as a URL wrapper. * * @param string $protocol The wrapper name to be registered. * @return bool True on success, false otherwise. * @access public / static function register($protocol = 'sftp') { if (in_array($protocol, stream_get_wrappers(), true)) { return false; } $class = function_exists('get_called_class') ? get_called_class() : __CLASS__; return stream_wrapper_register($protocol, $class); } /* * The Constructor * * @access public / function __construct() { if (defined('NET_SFTP_STREAM_LOGGING')) { echo "__construct()\r\n"; } if (!class_exists('Net_SFTP')) { include_once 'Net/SFTP.php'; } } /* * Path Parser * * Extract a path from a URI and actually connect to an SSH server if appropriate * * If "notification" is set as a context parameter the message code for successful login is * NET_SSH2_MSG_USERAUTH_SUCCESS. For a failed login it's NET_SSH2_MSG_USERAUTH_FAILURE. * * @param string $path * @return string * @access private / function _parse_path($path) { $orig = $path; extract(parse_url($path) + array('port' => 22)); if (isset($query)) { $path.= '?' . $query; } elseif (preg_match('/(\?\|\?#)$/', $orig)) { $path.= '?'; } if (isset($fragment)) { $path.= '#' . $fragment; } elseif ($orig[strlen($orig) - 1] == '#') { $path.= '#'; } if (!isset($host)) { return false; } if (isset($this->context)) { $context = stream_context_get_params($this->context); if (isset($context['notification'])) { $this->notification = $context['notification']; } } if ($host[0] == '$') { $host = substr($host, 1); global ${$host}; if (!is_object($$host) \|\| get_class($$host) != 'Net_SFTP') { return false; } $this->sftp = $$host; } else { if (isset($this->context)) { $context = stream_context_get_options($this->context); } if (isset($context[$scheme]['session'])) { $sftp = $context[$scheme]['session']; } if (isset($context[$scheme]['sftp'])) { $sftp = $context[$scheme]['sftp']; } if (isset($sftp) && is_object($sftp) && get_class($sftp) == 'Net_SFTP') { $this->sftp = $sftp; return $path; } if (isset($context[$scheme]['username'])) { $user = $context[$scheme]['username']; } if (isset($context[$scheme]['password'])) { $pass = $context[$scheme]['password']; } if (isset($context[$scheme]['privkey']) && is_object($context[$scheme]['privkey']) && get_Class($context[$scheme]['privkey']) == 'Crypt_RSA') { $pass = $context[$scheme]['privkey']; } if (!isset($user) \|\| !isset($pass)) { return false; } // casting $pass to a string is necessary in the event that it's a Crypt_RSA object if (isset(self::$instances[$host][$port][$user][(string) $pass])) { $this->sftp = self::$instances[$host][$port][$user][(string) $pass]; } else { $this->sftp = new Net_SFTP($host, $port); $this->sftp->disableStatCache(); if (isset($this->notification) && is_callable($this->notification)) { / if !is_callable($this->notification) we could do this: user_error('fopen(): failed to call user notifier', E_USER_WARNING); the ftp wrapper gives errors like that when the notifier isn't callable. i've opted not to do that, however, since the ftp wrapper gives the line on which the fopen occurred as the line number - not the line that the user_error is on. / call_user_func($this->notification, STREAM_NOTIFY_CONNECT, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0); call_user_func($this->notification, STREAM_NOTIFY_AUTH_REQUIRED, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0); if (!$this->sftp->login($user, $pass)) { call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_ERR, 'Login Failure', NET_SSH2_MSG_USERAUTH_FAILURE, 0, 0); return false; } call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_INFO, 'Login Success', NET_SSH2_MSG_USERAUTH_SUCCESS, 0, 0); } else { if (!$this->sftp->login($user, $pass)) { return false; } } self::$instances[$host][$port][$user][(string) $pass] = $this->sftp; } } return $path; } /* * Opens file or URL * * @param string $path * @param string $mode * @param int $options * @param string $opened_path * @return bool * @access public / function _stream_open($path, $mode, $options, &$opened_path) { $path = $this->_parse_path($path); if ($path === false) { return false; } $this->path = $path; $this->size = $this->sftp->size($path); $this->mode = preg_replace('#[bt]$#', '', $mode); $this->eof = false; if ($this->size === false) { if ($this->mode[0] == 'r') { return false; } else { $this->sftp->touch($path); $this->size = 0; } } else { switch ($this->mode[0]) { case 'x': return false; case 'w': $this->sftp->truncate($path, 0); $this->size = 0; } } $this->pos = $this->mode[0] != 'a' ? 0 : $this->size; return true; } /* * Read from stream * * @param int $count * @return mixed * @access public / function _stream_read($count) { switch ($this->mode) { case 'w': case 'a': case 'x': case 'c': return false; } // commented out because some files - eg. /dev/urandom - will say their size is 0 when in fact it's kinda infinite //if ($this->pos >= $this->size) { // $this->eof = true; // return false; //} $result = $this->sftp->get($this->path, false, $this->pos, $count); if (isset($this->notification) && is_callable($this->notification)) { if ($result === false) { call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0); return 0; } // seems that PHP calls stream_read in 8k chunks call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($result), $this->size); } if (empty($result)) { // ie. false or empty string $this->eof = true; return false; } $this->pos+= strlen($result); return $result; } /* * Write to stream * * @param string $data * @return mixed * @access public / function _stream_write($data) { switch ($this->mode) { case 'r': return false; } $result = $this->sftp->put($this->path, $data, NET_SFTP_STRING, $this->pos); if (isset($this->notification) && is_callable($this->notification)) { if (!$result) { call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0); return 0; } // seems that PHP splits up strings into 8k blocks before calling stream_write call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($data), strlen($data)); } if ($result === false) { return false; } $this->pos+= strlen($data); if ($this->pos > $this->size) { $this->size = $this->pos; } $this->eof = false; return strlen($data); } /* * Retrieve the current position of a stream * * @return int * @access public / function _stream_tell() { return $this->pos; } /* * Tests for end-of-file on a file pointer * * In my testing there are four classes functions that normally effect the pointer: * fseek, fputs / fwrite, fgets / fread and ftruncate. * * Only fgets / fread, however, results in feof() returning true. do fputs($fp, 'aaa') on a blank file and feof() * will return false. do fread($fp, 1) and feof() will then return true. do fseek($fp, 10) on ablank file and feof() * will return false. do fread($fp, 1) and feof() will then return true. * * @return bool * @access public / function _stream_eof() { return $this->eof; } /* * Seeks to specific location in a stream * * @param int $offset * @param int $whence * @return bool * @access public / function _stream_seek($offset, $whence) { switch ($whence) { case SEEK_SET: if ($offset >= $this->size \|\| $offset < 0) { return false; } break; case SEEK_CUR: $offset+= $this->pos; break; case SEEK_END: $offset+= $this->size; } $this->pos = $offset; $this->eof = false; return true; } /* * Change stream options * * @param string $path * @param int $option * @param mixed $var * @return bool * @access public / function _stream_metadata($path, $option, $var) { $path = $this->_parse_path($path); if ($path === false) { return false; } // stream_metadata was introduced in PHP 5.4.0 but as of 5.4.11 the constants haven't been defined // see http://www.php.net/streamwrapper.stream-metadata and https://bugs.php.net/64246 // and https://github.com/php/php-src/blob/master/main/php_streams.h#L592 switch ($option) { case 1: // PHP_STREAM_META_TOUCH return $this->sftp->touch($path, $var[0], $var[1]); case 2: // PHP_STREAM_OWNER_NAME case 3: // PHP_STREAM_GROUP_NAME return false; case 4: // PHP_STREAM_META_OWNER return $this->sftp->chown($path, $var); case 5: // PHP_STREAM_META_GROUP return $this->sftp->chgrp($path, $var); case 6: // PHP_STREAM_META_ACCESS return $this->sftp->chmod($path, $var) !== false; } } /* * Retrieve the underlaying resource * * @param int $cast_as * @return resource * @access public / function _stream_cast($cast_as) { return $this->sftp->fsock; } /* * Advisory file locking * * @param int $operation * @return bool * @access public / function _stream_lock($operation) { return false; } /* * Renames a file or directory * * Attempts to rename oldname to newname, moving it between directories if necessary. * If newname exists, it will be overwritten. This is a departure from what Net_SFTP * does. * * @param string $path_from * @param string $path_to * @return bool * @access public / function _rename($path_from, $path_to) { $path1 = parse_url($path_from); $path2 = parse_url($path_to); unset($path1['path'], $path2['path']); if ($path1 != $path2) { return false; } $path_from = $this->_parse_path($path_from); $path_to = parse_url($path_to); if ($path_from === false) { return false; } $path_to = $path_to['path']; // the $component part of parse_url() was added in PHP 5.1.2 // "It is an error if there already exists a file with the name specified by newpath." // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-6.5 if (!$this->sftp->rename($path_from, $path_to)) { if ($this->sftp->stat($path_to)) { return $this->sftp->delete($path_to, true) && $this->sftp->rename($path_from, $path_to); } return false; } return true; } /* * Open directory handle * * The only $options is "whether or not to enforce safe_mode (0x04)". Since safe mode was deprecated in 5.3 and * removed in 5.4 I'm just going to ignore it. * * Also, nlist() is the best that this function is realistically going to be able to do. When an SFTP client * sends a SSH_FXP_READDIR packet you don't generally get info on just one file but on multiple files. Quoting * the SFTP specs: * * The SSH_FXP_NAME response has the following format: * * uint32 id * uint32 count * repeats count times: * string filename * string longname * ATTRS attrs * * @param string $path * @param int $options * @return bool * @access public / function _dir_opendir($path, $options) { $path = $this->_parse_path($path); if ($path === false) { return false; } $this->pos = 0; $this->entries = $this->sftp->nlist($path); return $this->entries !== false; } /* * Read entry from directory handle * * @return mixed * @access public / function _dir_readdir() { if (isset($this->entries[$this->pos])) { return $this->entries[$this->pos++]; } return false; } /* * Rewind directory handle * * @return bool * @access public / function _dir_rewinddir() { $this->pos = 0; return true; } /* * Close directory handle * * @return bool * @access public / function _dir_closedir() { return true; } /* * Create a directory * * Only valid $options is STREAM_MKDIR_RECURSIVE * * @param string $path * @param int $mode * @param int $options * @return bool * @access public / function _mkdir($path, $mode, $options) { $path = $this->_parse_path($path); if ($path === false) { return false; } return $this->sftp->mkdir($path, $mode, $options & STREAM_MKDIR_RECURSIVE); } /* * Removes a directory * * Only valid $options is STREAM_MKDIR_RECURSIVE per <http://php.net/streamwrapper.rmdir>, however, * <http://php.net/rmdir> does not have a $recursive parameter as mkdir() does so I don't know how * STREAM_MKDIR_RECURSIVE is supposed to be set. Also, when I try it out with rmdir() I get 8 as * $options. What does 8 correspond to? * * @param string $path * @param int $mode * @param int $options * @return bool * @access public / function _rmdir($path, $options) { $path = $this->_parse_path($path); if ($path === false) { return false; } return $this->sftp->rmdir($path); } /* * Flushes the output * * See <http://php.net/fflush>. Always returns true because Net_SFTP doesn't cache stuff before writing * * @return bool * @access public / function _stream_flush() { return true; } /* * Retrieve information about a file resource * * @return mixed * @access public / function _stream_stat() { $results = $this->sftp->stat($this->path); if ($results === false) { return false; } return $results; } /* * Delete a file * * @param string $path * @return bool * @access public / function _unlink($path) { $path = $this->_parse_path($path); if ($path === false) { return false; } return $this->sftp->delete($path, false); } /* * Retrieve information about a file * * Ignores the STREAM_URL_STAT_QUIET flag because the entirety of Net_SFTP_Stream is quiet by default * might be worthwhile to reconstruct bits 12-16 (ie. the file type) if mode doesn't have them but we'll * cross that bridge when and if it's reached * * @param string $path * @param int $flags * @return mixed * @access public / function _url_stat($path, $flags) { $path = $this->_parse_path($path); if ($path === false) { return false; } $results = $flags & STREAM_URL_STAT_LINK ? $this->sftp->lstat($path) : $this->sftp->stat($path); if ($results === false) { return false; } return $results; } /* * Truncate stream * * @param int $new_size * @return bool * @access public / function _stream_truncate($new_size) { if (!$this->sftp->truncate($this->path, $new_size)) { return false; } $this->eof = false; $this->size = $new_size; return true; } /* * Change stream options * * STREAM_OPTION_WRITE_BUFFER isn't supported for the same reason stream_flush isn't. * The other two aren't supported because of limitations in Net_SFTP. * * @param int $option * @param int $arg1 * @param int $arg2 * @return bool * @access public / function _stream_set_option($option, $arg1, $arg2) { return false; } /* * Close an resource * * @access public / function _stream_close() { } /* * __call Magic Method * * When you're utilizing an SFTP stream you're not calling the methods in this class directly - PHP is calling them for you. * Which kinda begs the question... what methods is PHP calling and what parameters is it passing to them? This function * lets you figure that out. * * If NET_SFTP_STREAM_LOGGING is defined all calls will be output on the screen and then (regardless of whether or not * NET_SFTP_STREAM_LOGGING is enabled) the parameters will be passed through to the appropriate method. * * @param string * @param array * @return mixed * @access public / function __call($name, $arguments) { if (defined('NET_SFTP_STREAM_LOGGING')) { echo $name . '('; $last = count($arguments) - 1; foreach ($arguments as $i => $argument) { var_export($argument); if ($i != $last) { echo ','; } } echo ")\r\n"; } $name = '_' . $name; if (!method_exists($this, $name)) { return false; } return call_user_func_array(array($this, $name), $arguments); } } Net_SFTP_Stream::register(); ��phpseclib/Net/SFTP.php��0000644��00000315651�15104540706�0010545 0��ustar�00��<?php /* * Pure-PHP implementation of SFTP. * * PHP versions 4 and 5 * * Currently only supports SFTPv2 and v3, which, according to wikipedia.org, "is the most widely used version, * implemented by the popular OpenSSH SFTP server". If you want SFTPv4/5/6 support, provide me with access * to an SFTPv4/5/6 server. * * The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}. * * Here's a short example of how to use this library: * <code> * <?php * include 'Net/SFTP.php'; * * $sftp = new Net_SFTP('www.domain.tld'); * if (!$sftp->login('username', 'password')) { * exit('Login Failed'); * } * * echo $sftp->pwd() . "\r\n"; * $sftp->put('filename.ext', 'hello, world!'); * print_r($sftp->nlist()); * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Net * @package Net_SFTP * @author Jim Wigginton <terrafrost@php.net> * @copyright 2009 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include Net_SSH2 / if (!class_exists('Net_SSH2')) { include_once 'SSH2.php'; } /#@+ @access public * @see self::getLog() / /* * Returns the message numbers / define('NET_SFTP_LOG_SIMPLE', NET_SSH2_LOG_SIMPLE); /* * Returns the message content / define('NET_SFTP_LOG_COMPLEX', NET_SSH2_LOG_COMPLEX); /* * Outputs the message content in real-time. / define('NET_SFTP_LOG_REALTIME', 3); /#@-/ /** * SFTP channel constant * * Net_SSH2::exec() uses 0 and Net_SSH2::read() / Net_SSH2::write() use 1. * * @see Net_SSH2::_send_channel_packet() * @see Net_SSH2::_get_channel_packet() * @access private / define('NET_SFTP_CHANNEL', 0x100); /#@+ @access public * @see self::put() / /* * Reads data from a local file. / define('NET_SFTP_LOCAL_FILE', 1); /* * Reads data from a string. / // this value isn't really used anymore but i'm keeping it reserved for historical reasons define('NET_SFTP_STRING', 2); /* * Reads data from callback: * function callback($length) returns string to proceed, null for EOF / define('NET_SFTP_CALLBACK', 16); /* * Resumes an upload / define('NET_SFTP_RESUME', 4); /* * Append a local file to an already existing remote file / define('NET_SFTP_RESUME_START', 8); /#@-/ /** * Pure-PHP implementations of SFTP. * * @package Net_SFTP * @author Jim Wigginton <terrafrost@php.net> * @access public / class Net_SFTP extends Net_SSH2 { /* * Packet Types * * @see self::Net_SFTP() * @var array * @access private / var $packet_types = array(); /* * Status Codes * * @see self::Net_SFTP() * @var array * @access private / var $status_codes = array(); /* * The Request ID * * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support * concurrent actions, so it's somewhat academic, here. * * @var boolean * @see self::_send_sftp_packet() * @access private / var $use_request_id = false; /* * The Packet Type * * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support * concurrent actions, so it's somewhat academic, here. * * @var int * @see self::_get_sftp_packet() * @access private / var $packet_type = -1; /* * Packet Buffer * * @var string * @see self::_get_sftp_packet() * @access private / var $packet_buffer = ''; /* * Extensions supported by the server * * @var array * @see self::_initChannel() * @access private / var $extensions = array(); /* * Server SFTP version * * @var int * @see self::_initChannel() * @access private / var $version; /* * Current working directory * * @var string * @see self::realpath() * @see self::chdir() * @access private / var $pwd = false; /* * Packet Type Log * * @see self::getLog() * @var array * @access private / var $packet_type_log = array(); /* * Packet Log * * @see self::getLog() * @var array * @access private / var $packet_log = array(); /* * Error information * * @see self::getSFTPErrors() * @see self::getLastSFTPError() * @var array * @access private / var $sftp_errors = array(); /* * Stat Cache * * Rather than always having to open a directory and close it immediately there after to see if a file is a directory * we'll cache the results. * * @see self::_update_stat_cache() * @see self::_remove_from_stat_cache() * @see self::_query_stat_cache() * @var array * @access private / var $stat_cache = array(); /* * Max SFTP Packet Size * * @see self::Net_SFTP() * @see self::get() * @var array * @access private / var $max_sftp_packet; /* * Stat Cache Flag * * @see self::disableStatCache() * @see self::enableStatCache() * @var bool * @access private / var $use_stat_cache = true; /* * Sort Options * * @see self::_comparator() * @see self::setListOrder() * @var array * @access private / var $sortOptions = array(); /* * Canonicalization Flag * * Determines whether or not paths should be canonicalized before being * passed on to the remote server. * * @see self::enablePathCanonicalization() * @see self::disablePathCanonicalization() * @see self::realpath() * @var bool * @access private / var $canonicalize_paths = true; /* * Request Buffers * * @see self::_get_sftp_packet() * @var array * @access private / var $requestBuffer = array(); /* * Default Constructor. * * Connects to an SFTP server * * @param string $host * @param int $port * @param int $timeout * @return Net_SFTP * @access public / function __construct($host, $port = 22, $timeout = 10) { parent::__construct($host, $port, $timeout); $this->max_sftp_packet = 1 << 15; $this->packet_types = array( 1 => 'NET_SFTP_INIT', 2 => 'NET_SFTP_VERSION', / the format of SSH_FXP_OPEN changed between SFTPv4 and SFTPv5+: SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.1 pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 / 3 => 'NET_SFTP_OPEN', 4 => 'NET_SFTP_CLOSE', 5 => 'NET_SFTP_READ', 6 => 'NET_SFTP_WRITE', 7 => 'NET_SFTP_LSTAT', 9 => 'NET_SFTP_SETSTAT', 11 => 'NET_SFTP_OPENDIR', 12 => 'NET_SFTP_READDIR', 13 => 'NET_SFTP_REMOVE', 14 => 'NET_SFTP_MKDIR', 15 => 'NET_SFTP_RMDIR', 16 => 'NET_SFTP_REALPATH', 17 => 'NET_SFTP_STAT', / the format of SSH_FXP_RENAME changed between SFTPv4 and SFTPv5+: SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.5 / 18 => 'NET_SFTP_RENAME', 19 => 'NET_SFTP_READLINK', 20 => 'NET_SFTP_SYMLINK', 101=> 'NET_SFTP_STATUS', 102=> 'NET_SFTP_HANDLE', / the format of SSH_FXP_NAME changed between SFTPv3 and SFTPv4+: SFTPv4+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.4 pre-SFTPv4 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-7 / 103=> 'NET_SFTP_DATA', 104=> 'NET_SFTP_NAME', 105=> 'NET_SFTP_ATTRS', 200=> 'NET_SFTP_EXTENDED' ); $this->status_codes = array( 0 => 'NET_SFTP_STATUS_OK', 1 => 'NET_SFTP_STATUS_EOF', 2 => 'NET_SFTP_STATUS_NO_SUCH_FILE', 3 => 'NET_SFTP_STATUS_PERMISSION_DENIED', 4 => 'NET_SFTP_STATUS_FAILURE', 5 => 'NET_SFTP_STATUS_BAD_MESSAGE', 6 => 'NET_SFTP_STATUS_NO_CONNECTION', 7 => 'NET_SFTP_STATUS_CONNECTION_LOST', 8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED', 9 => 'NET_SFTP_STATUS_INVALID_HANDLE', 10 => 'NET_SFTP_STATUS_NO_SUCH_PATH', 11 => 'NET_SFTP_STATUS_FILE_ALREADY_EXISTS', 12 => 'NET_SFTP_STATUS_WRITE_PROTECT', 13 => 'NET_SFTP_STATUS_NO_MEDIA', 14 => 'NET_SFTP_STATUS_NO_SPACE_ON_FILESYSTEM', 15 => 'NET_SFTP_STATUS_QUOTA_EXCEEDED', 16 => 'NET_SFTP_STATUS_UNKNOWN_PRINCIPAL', 17 => 'NET_SFTP_STATUS_LOCK_CONFLICT', 18 => 'NET_SFTP_STATUS_DIR_NOT_EMPTY', 19 => 'NET_SFTP_STATUS_NOT_A_DIRECTORY', 20 => 'NET_SFTP_STATUS_INVALID_FILENAME', 21 => 'NET_SFTP_STATUS_LINK_LOOP', 22 => 'NET_SFTP_STATUS_CANNOT_DELETE', 23 => 'NET_SFTP_STATUS_INVALID_PARAMETER', 24 => 'NET_SFTP_STATUS_FILE_IS_A_DIRECTORY', 25 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_CONFLICT', 26 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_REFUSED', 27 => 'NET_SFTP_STATUS_DELETE_PENDING', 28 => 'NET_SFTP_STATUS_FILE_CORRUPT', 29 => 'NET_SFTP_STATUS_OWNER_INVALID', 30 => 'NET_SFTP_STATUS_GROUP_INVALID', 31 => 'NET_SFTP_STATUS_NO_MATCHING_BYTE_RANGE_LOCK' ); // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-7.1 // the order, in this case, matters quite a lot - see Net_SFTP::_parseAttributes() to understand why $this->attributes = array( 0x00000001 => 'NET_SFTP_ATTR_SIZE', 0x00000002 => 'NET_SFTP_ATTR_UIDGID', // defined in SFTPv3, removed in SFTPv4+ 0x00000004 => 'NET_SFTP_ATTR_PERMISSIONS', 0x00000008 => 'NET_SFTP_ATTR_ACCESSTIME', // 0x80000000 will yield a floating point on 32-bit systems and converting floating points to integers // yields inconsistent behavior depending on how php is compiled. so we left shift -1 (which, in // two's compliment, consists of all 1 bits) by 31. on 64-bit systems this'll yield 0xFFFFFFFF80000000. // that's not a problem, however, and 'anded' and a 32-bit number, as all the leading 1 bits are ignored. (-1 << 31) & 0xFFFFFFFF => 'NET_SFTP_ATTR_EXTENDED' ); // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 // the flag definitions change somewhat in SFTPv5+. if SFTPv5+ support is added to this library, maybe name // the array for that $this->open5_flags and similarly alter the constant names. $this->open_flags = array( 0x00000001 => 'NET_SFTP_OPEN_READ', 0x00000002 => 'NET_SFTP_OPEN_WRITE', 0x00000004 => 'NET_SFTP_OPEN_APPEND', 0x00000008 => 'NET_SFTP_OPEN_CREATE', 0x00000010 => 'NET_SFTP_OPEN_TRUNCATE', 0x00000020 => 'NET_SFTP_OPEN_EXCL' ); // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2 // see Net_SFTP::_parseLongname() for an explanation $this->file_types = array( 1 => 'NET_SFTP_TYPE_REGULAR', 2 => 'NET_SFTP_TYPE_DIRECTORY', 3 => 'NET_SFTP_TYPE_SYMLINK', 4 => 'NET_SFTP_TYPE_SPECIAL', 5 => 'NET_SFTP_TYPE_UNKNOWN', // the followin types were first defined for use in SFTPv5+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-05#section-5.2 6 => 'NET_SFTP_TYPE_SOCKET', 7 => 'NET_SFTP_TYPE_CHAR_DEVICE', 8 => 'NET_SFTP_TYPE_BLOCK_DEVICE', 9 => 'NET_SFTP_TYPE_FIFO' ); $this->_define_array( $this->packet_types, $this->status_codes, $this->attributes, $this->open_flags, $this->file_types ); if (!defined('NET_SFTP_QUEUE_SIZE')) { define('NET_SFTP_QUEUE_SIZE', 32); } } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @param string $host * @param int $port * @param int $timeout * @access public / function Net_SFTP($host, $port = 22, $timeout = 10) { $this->__construct($host, $port, $timeout); } /* * Login * * @param string $username * @param string $password * @return bool * @access public / function login($username) { $args = func_get_args(); $this->auth[] = $args; if (!call_user_func_array(array(&$this, '_login'), $args)) { return false; } $this->window_size_server_to_client[NET_SFTP_CHANNEL] = $this->window_size; $packet = pack( 'CNaN3', NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SFTP_CHANNEL, $this->window_size, 0x4000 ); if (!$this->_send_binary_packet($packet)) { return false; } $this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_OPEN; $response = $this->_get_channel_packet(NET_SFTP_CHANNEL, true); if ($response === false) { return false; } $packet = pack( 'CNNaCNa', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SFTP_CHANNEL], strlen('subsystem'), 'subsystem', 1, strlen('sftp'), 'sftp' ); if (!$this->_send_binary_packet($packet)) { return false; } $this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; $response = $this->_get_channel_packet(NET_SFTP_CHANNEL, true); if ($response === false) { // from PuTTY's psftp.exe $command = "test -x /usr/lib/sftp-server && exec /usr/lib/sftp-server\n" . "test -x /usr/local/lib/sftp-server && exec /usr/local/lib/sftp-server\n" . "exec sftp-server"; // we don't do $this->exec($command, false) because exec() operates on a different channel and plus the SSH_MSG_CHANNEL_OPEN that exec() does // is redundant $packet = pack( 'CNNaCNa', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SFTP_CHANNEL], strlen('exec'), 'exec', 1, strlen($command), $command ); if (!$this->_send_binary_packet($packet)) { return false; } $this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; $response = $this->_get_channel_packet(NET_SFTP_CHANNEL, true); if ($response === false) { return false; } } $this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_DATA; if (!$this->_send_sftp_packet(NET_SFTP_INIT, "\0\0\0\3")) { return false; } $response = $this->_get_sftp_packet(); if ($this->packet_type != NET_SFTP_VERSION) { user_error('Expected SSH_FXP_VERSION'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('Nversion', $this->_string_shift($response, 4))); $this->version = $version; while (!empty($response)) { if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $key = $this->_string_shift($response, $length); if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $value = $this->_string_shift($response, $length); $this->extensions[$key] = $value; } /* SFTPv4+ defines a 'newline' extension. SFTPv3 seems to have unofficial support for it via 'newline@vandyke.com', however, I'm not sure what 'newline@vandyke.com' is supposed to do (the fact that it's unofficial means that it's not in the official SFTPv3 specs) and 'newline@vandyke.com' / 'newline' are likely not drop-in substitutes for one another due to the fact that 'newline' comes with a SSH_FXF_TEXT bitmask whereas it seems unlikely that 'newline@vandyke.com' would. / / if (isset($this->extensions['newline@vandyke.com'])) { $this->extensions['newline'] = $this->extensions['newline@vandyke.com']; unset($this->extensions['newline@vandyke.com']); } / $this->use_request_id = true; / A Note on SFTPv4/5/6 support: <http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-5.1> states the following: "If the client wishes to interoperate with servers that support noncontiguous version numbers it SHOULD send '3'" Given that the server only sends its version number after the client has already done so, the above seems to be suggesting that v3 should be the default version. This makes sense given that v3 is the most popular. <http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-5.5> states the following; "If the server did not send the "versions" extension, or the version-from-list was not included, the server MAY send a status response describing the failure, but MUST then close the channel without processing any further requests." So what do you do if you have a client whose initial SSH_FXP_INIT packet says it implements v3 and a server whose initial SSH_FXP_VERSION reply says it implements v4 and only v4? If it only implements v4, the "versions" extension is likely not going to have been sent so version re-negotiation as discussed in draft-ietf-secsh-filexfer-13 would be quite impossible. As such, what Net_SFTP would do is close the channel and reopen it with a new and updated SSH_FXP_INIT packet. / switch ($this->version) { case 2: case 3: break; default: return false; } $this->pwd = $this->_realpath('.'); $this->_update_stat_cache($this->pwd, array()); return true; } /* * Disable the stat cache * * @access public / function disableStatCache() { $this->use_stat_cache = false; } /* * Enable the stat cache * * @access public / function enableStatCache() { $this->use_stat_cache = true; } /* * Clear the stat cache * * @access public / function clearStatCache() { $this->stat_cache = array(); } /* * Enable path canonicalization * * @access public / function enablePathCanonicalization() { $this->canonicalize_paths = true; } /* * Enable path canonicalization * * @access public / function disablePathCanonicalization() { $this->canonicalize_paths = false; } /* * Returns the current directory name * * @return mixed * @access public / function pwd() { return $this->pwd; } /* * Logs errors * * @param string $response * @param int $status * @access public / function _logError($response, $status = -1) { if ($status == -1) { if (strlen($response) < 4) { return; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); } $error = $this->status_codes[$status]; if ($this->version > 2 \|\| strlen($response) < 4) { extract(unpack('Nlength', $this->_string_shift($response, 4))); $this->sftp_errors[] = $error . ': ' . $this->_string_shift($response, $length); } else { $this->sftp_errors[] = $error; } } /* * Returns canonicalized absolute pathname * * realpath() expands all symbolic links and resolves references to '/./', '/../' and extra '/' characters in the input * path and returns the canonicalized absolute pathname. * * @param string $path * @return mixed * @access public / function realpath($path) { return $this->_realpath($path); } /* * Canonicalize the Server-Side Path Name * * SFTP doesn't provide a mechanism by which the current working directory can be changed, so we'll emulate it. Returns * the absolute (canonicalized) path. * * If canonicalize_paths has been disabled using disablePathCanonicalization(), $path is returned as-is. * * @see self::chdir() * @see self::disablePathCanonicalization() * @param string $path * @return mixed * @access private / function _realpath($path) { if (!$this->canonicalize_paths) { return $path; } if ($this->pwd === false) { // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.9 if (!$this->_send_sftp_packet(NET_SFTP_REALPATH, pack('Na', strlen($path), $path))) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_NAME: // although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following // should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks // at is the first part and that part is defined the same in SFTP versions 3 through 6. $this->_string_shift($response, 4); // skip over the count - it should be 1, anyway if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); return $this->_string_shift($response, $length); case NET_SFTP_STATUS: $this->_logError($response); return false; default: user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); return false; } } if ($path[0] != '/') { $path = $this->pwd . '/' . $path; } $path = explode('/', $path); $new = array(); foreach ($path as $dir) { if (!strlen($dir)) { continue; } switch ($dir) { case '..': array_pop($new); case '.': break; default: $new[] = $dir; } } return '/' . implode('/', $new); } /** * Changes the current directory * * @param string $dir * @return bool * @access public / function chdir($dir) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } // assume current dir if $dir is empty if ($dir === '') { $dir = './'; // suffix a slash if needed } elseif ($dir[strlen($dir) - 1] != '/') { $dir.= '/'; } $dir = $this->_realpath($dir); // confirm that $dir is, in fact, a valid directory if ($this->use_stat_cache && is_array($this->_query_stat_cache($dir))) { $this->pwd = $dir; return true; } // we could do a stat on the alleged $dir to see if it's a directory but that doesn't tell us // the currently logged in user has the appropriate permissions or not. maybe you could see if // the file's uid / gid match the currently logged in user's uid / gid but how there's no easy // way to get those with SFTP if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na', strlen($dir), $dir))) { return false; } // see Net_SFTP::nlist() for a more thorough explanation of the following $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: $handle = substr($response, 4); break; case NET_SFTP_STATUS: $this->_logError($response); return false; default: user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); return false; } if (!$this->_close_handle($handle)) { return false; } $this->_update_stat_cache($dir, array()); $this->pwd = $dir; return true; } /** * Returns a list of files in the given directory * * @param string $dir * @param bool $recursive * @return mixed * @access public / function nlist($dir = '.', $recursive = false) { return $this->_nlist_helper($dir, $recursive, ''); } /* * Helper method for nlist * * @param string $dir * @param bool $recursive * @param string $relativeDir * @return mixed * @access private / function _nlist_helper($dir, $recursive, $relativeDir) { $files = $this->_list($dir, false); if (!$recursive \|\| $files === false) { return $files; } $result = array(); foreach ($files as $value) { if ($value == '.' \|\| $value == '..') { if ($relativeDir == '') { $result[] = $value; } continue; } if (is_array($this->_query_stat_cache($this->_realpath($dir . '/' . $value)))) { $temp = $this->_nlist_helper($dir . '/' . $value, true, $relativeDir . $value . '/'); $temp = is_array($temp) ? $temp : array(); $result = array_merge($result, $temp); } else { $result[] = $relativeDir . $value; } } return $result; } /* * Returns a detailed list of files in the given directory * * @param string $dir * @param bool $recursive * @return mixed * @access public / function rawlist($dir = '.', $recursive = false) { $files = $this->_list($dir, true); if (!$recursive \|\| $files === false) { return $files; } static $depth = 0; foreach ($files as $key => $value) { if ($depth != 0 && $key == '..') { unset($files[$key]); continue; } $is_directory = false; if ($key != '.' && $key != '..') { if ($this->use_stat_cache) { $is_directory = is_array($this->_query_stat_cache($this->_realpath($dir . '/' . $key))); } else { $stat = $this->lstat($dir . '/' . $key); $is_directory = $stat && $stat['type'] === NET_SFTP_TYPE_DIRECTORY; } } if ($is_directory) { $depth++; $files[$key] = $this->rawlist($dir . '/' . $key, true); $depth--; } else { $files[$key] = (object) $value; } } return $files; } /* * Reads a list, be it detailed or not, of files in the given directory * * @param string $dir * @param bool $raw * @return mixed * @access private / function _list($dir, $raw = true) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $dir = $this->_realpath($dir . '/'); if ($dir === false) { return false; } // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.2 if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na', strlen($dir), $dir))) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.2 // since 'handle' is the last field in the SSH_FXP_HANDLE packet, we'll just remove the first four bytes that // represent the length of the string and leave it at that $handle = substr($response, 4); break; case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED $this->_logError($response); return false; default: user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); return false; } $this->_update_stat_cache($dir, array()); $contents = array(); while (true) { // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.2 // why multiple SSH_FXP_READDIR packets would be sent when the response to a single one can span arbitrarily many // SSH_MSG_CHANNEL_DATA messages is not known to me. if (!$this->_send_sftp_packet(NET_SFTP_READDIR, pack('Na', strlen($handle), $handle))) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_NAME: if (strlen($response) < 4) { return false; } extract(unpack('Ncount', $this->_string_shift($response, 4))); for ($i = 0; $i < $count; $i++) { if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $shortname = $this->_string_shift($response, $length); if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $longname = $this->_string_shift($response, $length); $attributes = $this->_parseAttributes($response); if (!isset($attributes['type'])) { $fileType = $this->_parseLongname($longname); if ($fileType) { $attributes['type'] = $fileType; } } $contents[$shortname] = $attributes + array('filename' => $shortname); if (isset($attributes['type']) && $attributes['type'] == NET_SFTP_TYPE_DIRECTORY && ($shortname != '.' && $shortname != '..')) { $this->_update_stat_cache($dir . '/' . $shortname, array()); } else { if ($shortname == '..') { $temp = $this->_realpath($dir . '/..') . '/.'; } else { $temp = $dir . '/' . $shortname; } $this->_update_stat_cache($temp, (object) array('lstat' => $attributes)); } // SFTPv6 has an optional boolean end-of-list field, but we'll ignore that, since the // final SSH_FXP_STATUS packet should tell us that, already. } break; case NET_SFTP_STATUS: if (strlen($response) < 4) { return false; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_EOF) { $this->_logError($response, $status); return false; } break 2; default: user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); return false; } } if (!$this->_close_handle($handle)) { return false; } if (count($this->sortOptions)) { uasort($contents, array(&$this, '_comparator')); } return $raw ? $contents : array_keys($contents); } /* * Compares two rawlist entries using parameters set by setListOrder() * * Intended for use with uasort() * * @param array $a * @param array $b * @return int * @access private / function _comparator($a, $b) { switch (true) { case $a['filename'] === '.' \|\| $b['filename'] === '.': if ($a['filename'] === $b['filename']) { return 0; } return $a['filename'] === '.' ? -1 : 1; case $a['filename'] === '..' \|\| $b['filename'] === '..': if ($a['filename'] === $b['filename']) { return 0; } return $a['filename'] === '..' ? -1 : 1; case isset($a['type']) && $a['type'] === NET_SFTP_TYPE_DIRECTORY: if (!isset($b['type'])) { return 1; } if ($b['type'] !== $a['type']) { return -1; } break; case isset($b['type']) && $b['type'] === NET_SFTP_TYPE_DIRECTORY: return 1; } foreach ($this->sortOptions as $sort => $order) { if (!isset($a[$sort]) \|\| !isset($b[$sort])) { if (isset($a[$sort])) { return -1; } if (isset($b[$sort])) { return 1; } return 0; } switch ($sort) { case 'filename': $result = strcasecmp($a['filename'], $b['filename']); if ($result) { return $order === SORT_DESC ? -$result : $result; } break; case 'permissions': case 'mode': $a[$sort]&= 07777; $b[$sort]&= 07777; default: if ($a[$sort] === $b[$sort]) { break; } return $order === SORT_ASC ? $a[$sort] - $b[$sort] : $b[$sort] - $a[$sort]; } } } /* * Defines how nlist() and rawlist() will be sorted - if at all. * * If sorting is enabled directories and files will be sorted independently with * directories appearing before files in the resultant array that is returned. * * Any parameter returned by stat is a valid sort parameter for this function. * Filename comparisons are case insensitive. * * Examples: * * $sftp->setListOrder('filename', SORT_ASC); * $sftp->setListOrder('size', SORT_DESC, 'filename', SORT_ASC); * $sftp->setListOrder(true); * Separates directories from files but doesn't do any sorting beyond that * $sftp->setListOrder(); * Don't do any sort of sorting * * @access public / function setListOrder() { $this->sortOptions = array(); $args = func_get_args(); if (empty($args)) { return; } $len = count($args) & 0x7FFFFFFE; for ($i = 0; $i < $len; $i+=2) { $this->sortOptions[$args[$i]] = $args[$i + 1]; } if (!count($this->sortOptions)) { $this->sortOptions = array('bogus' => true); } } /* * Returns the file size, in bytes, or false, on failure * * Files larger than 4GB will show up as being exactly 4GB. * * @param string $filename * @return mixed * @access public / function size($filename) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $result = $this->stat($filename); if ($result === false) { return false; } return isset($result['size']) ? $result['size'] : -1; } /* * Save files / directories to cache * * @param string $path * @param mixed $value * @access private / function _update_stat_cache($path, $value) { if ($this->use_stat_cache === false) { return; } // preg_replace('#^/\|/(?=/)\|/$#', '', $dir) == str_replace('//', '/', trim($path, '/')) $dirs = explode('/', preg_replace('#^/\|/(?=/)\|/$#', '', $path)); $temp = &$this->stat_cache; $max = count($dirs) - 1; foreach ($dirs as $i => $dir) { // if $temp is an object that means one of two things. // 1. a file was deleted and changed to a directory behind phpseclib's back // 2. it's a symlink. when lstat is done it's unclear what it's a symlink to if (is_object($temp)) { $temp = array(); } if (!isset($temp[$dir])) { $temp[$dir] = array(); } if ($i === $max) { if (is_object($temp[$dir]) && is_object($value)) { if (!isset($value->stat) && isset($temp[$dir]->stat)) { $value->stat = $temp[$dir]->stat; } if (!isset($value->lstat) && isset($temp[$dir]->lstat)) { $value->lstat = $temp[$dir]->lstat; } } $temp[$dir] = $value; break; } $temp = &$temp[$dir]; } } /* * Remove files / directories from cache * * @param string $path * @return bool * @access private / function _remove_from_stat_cache($path) { $dirs = explode('/', preg_replace('#^/\|/(?=/)\|/$#', '', $path)); $temp = &$this->stat_cache; $max = count($dirs) - 1; foreach ($dirs as $i => $dir) { if ($i === $max) { unset($temp[$dir]); return true; } if (!isset($temp[$dir])) { return false; } $temp = &$temp[$dir]; } } /* * Checks cache for path * * Mainly used by file_exists * * @param string $dir * @return mixed * @access private / function _query_stat_cache($path) { $dirs = explode('/', preg_replace('#^/\|/(?=/)\|/$#', '', $path)); $temp = &$this->stat_cache; foreach ($dirs as $dir) { if (!isset($temp[$dir])) { return null; } $temp = &$temp[$dir]; } return $temp; } /* * Returns general information about a file. * * Returns an array on success and false otherwise. * * @param string $filename * @return mixed * @access public / function stat($filename) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $filename = $this->_realpath($filename); if ($filename === false) { return false; } if ($this->use_stat_cache) { $result = $this->_query_stat_cache($filename); if (is_array($result) && isset($result['.']) && isset($result['.']->stat)) { return $result['.']->stat; } if (is_object($result) && isset($result->stat)) { return $result->stat; } } $stat = $this->_stat($filename, NET_SFTP_STAT); if ($stat === false) { $this->_remove_from_stat_cache($filename); return false; } if (isset($stat['type'])) { if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { $filename.= '/.'; } $this->_update_stat_cache($filename, (object) array('stat' => $stat)); return $stat; } $pwd = $this->pwd; $stat['type'] = $this->chdir($filename) ? NET_SFTP_TYPE_DIRECTORY : NET_SFTP_TYPE_REGULAR; $this->pwd = $pwd; if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { $filename.= '/.'; } $this->_update_stat_cache($filename, (object) array('stat' => $stat)); return $stat; } /* * Returns general information about a file or symbolic link. * * Returns an array on success and false otherwise. * * @param string $filename * @return mixed * @access public / function lstat($filename) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $filename = $this->_realpath($filename); if ($filename === false) { return false; } if ($this->use_stat_cache) { $result = $this->_query_stat_cache($filename); if (is_array($result) && isset($result['.']) && isset($result['.']->lstat)) { return $result['.']->lstat; } if (is_object($result) && isset($result->lstat)) { return $result->lstat; } } $lstat = $this->_stat($filename, NET_SFTP_LSTAT); if ($lstat === false) { $this->_remove_from_stat_cache($filename); return false; } if (isset($lstat['type'])) { if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { $filename.= '/.'; } $this->_update_stat_cache($filename, (object) array('lstat' => $lstat)); return $lstat; } $stat = $this->_stat($filename, NET_SFTP_STAT); if ($lstat != $stat) { $lstat = array_merge($lstat, array('type' => NET_SFTP_TYPE_SYMLINK)); $this->_update_stat_cache($filename, (object) array('lstat' => $lstat)); return $stat; } $pwd = $this->pwd; $lstat['type'] = $this->chdir($filename) ? NET_SFTP_TYPE_DIRECTORY : NET_SFTP_TYPE_REGULAR; $this->pwd = $pwd; if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { $filename.= '/.'; } $this->_update_stat_cache($filename, (object) array('lstat' => $lstat)); return $lstat; } /* * Returns general information about a file or symbolic link * * Determines information without calling Net_SFTP::realpath(). * The second parameter can be either NET_SFTP_STAT or NET_SFTP_LSTAT. * * @param string $filename * @param int $type * @return mixed * @access private / function _stat($filename, $type) { // SFTPv4+ adds an additional 32-bit integer field - flags - to the following: $packet = pack('Na', strlen($filename), $filename); if (!$this->_send_sftp_packet($type, $packet)) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_ATTRS: return $this->_parseAttributes($response); case NET_SFTP_STATUS: $this->_logError($response); return false; } user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS'); return false; } /** * Truncates a file to a given length * * @param string $filename * @param int $new_size * @return bool * @access public / function truncate($filename, $new_size) { $attr = pack('N3', NET_SFTP_ATTR_SIZE, $new_size / 4294967296, $new_size); // 4294967296 == 0x100000000 == 1<<32 return $this->_setstat($filename, $attr, false); } /* * Sets access and modification time of file. * * If the file does not exist, it will be created. * * @param string $filename * @param int $time * @param int $atime * @return bool * @access public / function touch($filename, $time = null, $atime = null) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $filename = $this->_realpath($filename); if ($filename === false) { return false; } if (!isset($time)) { $time = time(); } if (!isset($atime)) { $atime = $time; } $flags = NET_SFTP_OPEN_WRITE \| NET_SFTP_OPEN_CREATE \| NET_SFTP_OPEN_EXCL; $attr = pack('N3', NET_SFTP_ATTR_ACCESSTIME, $time, $atime); $packet = pack('NaNa', strlen($filename), $filename, $flags, $attr); if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: return $this->_close_handle(substr($response, 4)); case NET_SFTP_STATUS: $this->_logError($response); break; default: user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); return false; } return $this->_setstat($filename, $attr, false); } /* * Changes file or directory owner * * Returns true on success or false on error. * * @param string $filename * @param int $uid * @param bool $recursive * @return bool * @access public / function chown($filename, $uid, $recursive = false) { // quoting from <http://www.kernel.org/doc/man-pages/online/pages/man2/chown.2.html>, // "if the owner or group is specified as -1, then that ID is not changed" $attr = pack('N3', NET_SFTP_ATTR_UIDGID, $uid, -1); return $this->_setstat($filename, $attr, $recursive); } /* * Changes file or directory group * * Returns true on success or false on error. * * @param string $filename * @param int $gid * @param bool $recursive * @return bool * @access public / function chgrp($filename, $gid, $recursive = false) { $attr = pack('N3', NET_SFTP_ATTR_UIDGID, -1, $gid); return $this->_setstat($filename, $attr, $recursive); } /* * Set permissions on a file. * * Returns the new file permissions on success or false on error. * If $recursive is true than this just returns true or false. * * @param int $mode * @param string $filename * @param bool $recursive * @return mixed * @access public / function chmod($mode, $filename, $recursive = false) { if (is_string($mode) && is_int($filename)) { $temp = $mode; $mode = $filename; $filename = $temp; } $attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777); if (!$this->_setstat($filename, $attr, $recursive)) { return false; } if ($recursive) { return true; } $filename = $this->realpath($filename); // rather than return what the permissions should* be, we'll return what they actually are. this will also // tell us if the file actually exists. // incidentally, SFTPv4+ adds an additional 32-bit integer field - flags - to the following: $packet = pack('Na', strlen($filename), $filename); if (!$this->_send_sftp_packet(NET_SFTP_STAT, $packet)) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_ATTRS: $attrs = $this->_parseAttributes($response); return $attrs['permissions']; case NET_SFTP_STATUS: $this->_logError($response); return false; } user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS'); return false; } /* * Sets information about a file * * @param string $filename * @param string $attr * @param bool $recursive * @return bool * @access private / function _setstat($filename, $attr, $recursive) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $filename = $this->_realpath($filename); if ($filename === false) { return false; } $this->_remove_from_stat_cache($filename); if ($recursive) { $i = 0; $result = $this->_setstat_recursive($filename, $attr, $i); $this->_read_put_responses($i); return $result; } // SFTPv4+ has an additional byte field - type - that would need to be sent, as well. setting it to // SSH_FILEXFER_TYPE_UNKNOWN might work. if not, we'd have to do an SSH_FXP_STAT before doing an SSH_FXP_SETSTAT. if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Naa', strlen($filename), $filename, $attr))) { return false; } / "Because some systems must use separate system calls to set various attributes, it is possible that a failure response will be returned, but yet some of the attributes may be have been successfully modified. If possible, servers SHOULD avoid this situation; however, clients MUST be aware that this is possible." -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.6 / $response = $this->_get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { user_error('Expected SSH_FXP_STATUS'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); return false; } return true; } /* * Recursively sets information on directories on the SFTP server * * Minimizes directory lookups and SSH_FXP_STATUS requests for speed. * * @param string $path * @param string $attr * @param int $i * @return bool * @access private / function _setstat_recursive($path, $attr, &$i) { if (!$this->_read_put_responses($i)) { return false; } $i = 0; $entries = $this->_list($path, true); if ($entries === false) { return $this->_setstat($path, $attr, false); } // normally $entries would have at least . and .. but it might not if the directories // permissions didn't allow reading if (empty($entries)) { return false; } unset($entries['.'], $entries['..']); foreach ($entries as $filename => $props) { if (!isset($props['type'])) { return false; } $temp = $path . '/' . $filename; if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { if (!$this->_setstat_recursive($temp, $attr, $i)) { return false; } } else { if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Naa', strlen($temp), $temp, $attr))) { return false; } $i++; if ($i >= NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { return false; } $i = 0; } } } if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Naa', strlen($path), $path, $attr))) { return false; } $i++; if ($i >= NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { return false; } $i = 0; } return true; } /* * Return the target of a symbolic link * * @param string $link * @return mixed * @access public / function readlink($link) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $link = $this->_realpath($link); if (!$this->_send_sftp_packet(NET_SFTP_READLINK, pack('Na', strlen($link), $link))) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_NAME: break; case NET_SFTP_STATUS: $this->_logError($response); return false; default: user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('Ncount', $this->_string_shift($response, 4))); // the file isn't a symlink if (!$count) { return false; } if (strlen($response) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($response, 4))); return $this->_string_shift($response, $length); } /** * Create a symlink * * symlink() creates a symbolic link to the existing target with the specified name link. * * @param string $target * @param string $link * @return bool * @access public / function symlink($target, $link) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } //$target = $this->_realpath($target); $link = $this->_realpath($link); $packet = pack('NaNa', strlen($target), $target, strlen($link), $link); if (!$this->_send_sftp_packet(NET_SFTP_SYMLINK, $packet)) { return false; } $response = $this->_get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { user_error('Expected SSH_FXP_STATUS'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); return false; } return true; } /* * Creates a directory. * * @param string $dir * @return bool * @access public / function mkdir($dir, $mode = -1, $recursive = false) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $dir = $this->_realpath($dir); // by not providing any permissions, hopefully the server will use the logged in users umask - their // default permissions. $attr = $mode == -1 ? "\0\0\0\0" : pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777); if ($recursive) { $dirs = explode('/', preg_replace('#/(?=/)\|/$#', '', $dir)); if (empty($dirs[0])) { array_shift($dirs); $dirs[0] = '/' . $dirs[0]; } for ($i = 0; $i < count($dirs); $i++) { $temp = array_slice($dirs, 0, $i + 1); $temp = implode('/', $temp); $result = $this->_mkdir_helper($temp, $attr); } return $result; } return $this->_mkdir_helper($dir, $attr); } /* * Helper function for directory creation * * @param string $dir * @return bool * @access private / function _mkdir_helper($dir, $attr) { if (!$this->_send_sftp_packet(NET_SFTP_MKDIR, pack('Naa', strlen($dir), $dir, $attr))) { return false; } $response = $this->_get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { user_error('Expected SSH_FXP_STATUS'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); return false; } return true; } /* * Removes a directory. * * @param string $dir * @return bool * @access public / function rmdir($dir) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $dir = $this->_realpath($dir); if ($dir === false) { return false; } if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na', strlen($dir), $dir))) { return false; } $response = $this->_get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { user_error('Expected SSH_FXP_STATUS'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED? $this->_logError($response, $status); return false; } $this->_remove_from_stat_cache($dir); // the following will do a soft delete, which would be useful if you deleted a file // and then tried to do a stat on the deleted file. the above, in contrast, does // a hard delete //$this->_update_stat_cache($dir, false); return true; } /** * Uploads a file to the SFTP server. * * By default, Net_SFTP::put() does not read from the local filesystem. $data is dumped directly into $remote_file. * So, for example, if you set $data to 'filename.ext' and then do Net_SFTP::get(), you will get a file, twelve bytes * long, containing 'filename.ext' as its contents. * * Setting $mode to NET_SFTP_LOCAL_FILE will change the above behavior. With NET_SFTP_LOCAL_FILE, $remote_file will * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how * large $remote_file will be, as well. * * If $data is a resource then it'll be used as a resource instead. * * * Setting $mode to NET_SFTP_CALLBACK will use $data as callback function, which gets only one parameter -- number * of bytes to return, and returns a string if there is some data or null if there is no more data * * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take * care of that, yourself. * * $mode can take an additional two parameters - NET_SFTP_RESUME and NET_SFTP_RESUME_START. These are bitwise AND'd with * $mode. So if you want to resume upload of a 300mb file on the local file system you'd set $mode to the following: * * NET_SFTP_LOCAL_FILE \| NET_SFTP_RESUME * * If you wanted to simply append the full contents of a local file to the full contents of a remote file you'd replace * NET_SFTP_RESUME with NET_SFTP_RESUME_START. * * If $mode & (NET_SFTP_RESUME \| NET_SFTP_RESUME_START) then NET_SFTP_RESUME_START will be assumed. * * $start and $local_start give you more fine grained control over this process and take precident over NET_SFTP_RESUME * when they're non-negative. ie. $start could let you write at the end of a file (like NET_SFTP_RESUME) or in the middle * of one. $local_start could let you start your reading from the end of a file (like NET_SFTP_RESUME_START) or in the * middle of one. * * Setting $local_start to > 0 or $mode \| NET_SFTP_RESUME_START doesn't do anything unless $mode \| NET_SFTP_LOCAL_FILE. * * @param string $remote_file * @param string\|resource $data * @param int $mode * @param int $start * @param int $local_start * @param callable\|null $progressCallback * @return bool * @access public * @internal ASCII mode for SFTPv4/5/6 can be supported by adding a new function - Net_SFTP::setMode(). / function put($remote_file, $data, $mode = NET_SFTP_STRING, $start = -1, $local_start = -1, $progressCallback = null) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $remote_file = $this->_realpath($remote_file); if ($remote_file === false) { return false; } $this->_remove_from_stat_cache($remote_file); $flags = NET_SFTP_OPEN_WRITE \| NET_SFTP_OPEN_CREATE; // according to the SFTP specs, NET_SFTP_OPEN_APPEND should "force all writes to append data at the end of the file." // in practice, it doesn't seem to do that. //$flags\|= ($mode & NET_SFTP_RESUME) ? NET_SFTP_OPEN_APPEND : NET_SFTP_OPEN_TRUNCATE; if ($start >= 0) { $offset = $start; } elseif ($mode & NET_SFTP_RESUME) { // if NET_SFTP_OPEN_APPEND worked as it should _size() wouldn't need to be called $size = $this->size($remote_file); $offset = $size !== false ? $size : 0; } else { $offset = 0; $flags\|= NET_SFTP_OPEN_TRUNCATE; } $packet = pack('NaN2', strlen($remote_file), $remote_file, $flags, 0); if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: $handle = substr($response, 4); break; case NET_SFTP_STATUS: $this->_logError($response); return false; default: user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); return false; } // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.3 $dataCallback = false; switch (true) { case $mode & NET_SFTP_CALLBACK: if (!is_callable($data)) { user_error("\$data should be is_callable if you set NET_SFTP_CALLBACK flag"); } $dataCallback = $data; // do nothing break; case is_resource($data): $mode = $mode & ~NET_SFTP_LOCAL_FILE; $info = stream_get_meta_data($data); if ($info['wrapper_type'] == 'PHP' && $info['stream_type'] == 'Input') { $fp = fopen('php://memory', 'w+'); stream_copy_to_stream($data, $fp); rewind($fp); } else { $fp = $data; } break; case $mode & NET_SFTP_LOCAL_FILE: if (!is_file($data)) { user_error("$data is not a valid file"); return false; } $fp = @fopen($data, 'rb'); if (!$fp) { return false; } } if (isset($fp)) { $stat = fstat($fp); $size = !empty($stat) ? $stat['size'] : 0; if ($local_start >= 0) { fseek($fp, $local_start); $size-= $local_start; } } elseif ($dataCallback) { $size = 0; } else { $size = strlen($data); } $sent = 0; $size = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size; $sftp_packet_size = 4096; // PuTTY uses 4096 // make the SFTP packet be exactly 4096 bytes by including the bytes in the NET_SFTP_WRITE packets "header" $sftp_packet_size-= strlen($handle) + 25; $i = 0; while ($dataCallback \|\| ($size === 0 \|\| $sent < $size)) { if ($dataCallback) { $temp = call_user_func($dataCallback, $sftp_packet_size); if (is_null($temp)) { break; } } else { $temp = isset($fp) ? fread($fp, $sftp_packet_size) : substr($data, $sent, $sftp_packet_size); if ($temp === false \|\| $temp === '') { break; } } $subtemp = $offset + $sent; $packet = pack('NaN3a', strlen($handle), $handle, $subtemp / 4294967296, $subtemp, strlen($temp), $temp); if (!$this->_send_sftp_packet(NET_SFTP_WRITE, $packet)) { if ($mode & NET_SFTP_LOCAL_FILE) { fclose($fp); } return false; } $sent+= strlen($temp); if (is_callable($progressCallback)) { call_user_func($progressCallback, $sent); } $i++; if ($i == NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { $i = 0; break; } $i = 0; } } if (!$this->_read_put_responses($i)) { if ($mode & NET_SFTP_LOCAL_FILE) { fclose($fp); } $this->_close_handle($handle); return false; } if ($mode & NET_SFTP_LOCAL_FILE) { fclose($fp); } return $this->_close_handle($handle); } /** * Reads multiple successive SSH_FXP_WRITE responses * * Sending an SSH_FXP_WRITE packet and immediately reading its response isn't as efficient as blindly sending out $i * SSH_FXP_WRITEs, in succession, and then reading $i responses. * * @param int $i * @return bool * @access private / function _read_put_responses($i) { while ($i--) { $response = $this->_get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { user_error('Expected SSH_FXP_STATUS'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); break; } } return $i < 0; } /* * Close handle * * @param string $handle * @return bool * @access private / function _close_handle($handle) { if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na', strlen($handle), $handle))) { return false; } // "The client MUST release all resources associated with the handle regardless of the status." // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3 $response = $this->_get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { user_error('Expected SSH_FXP_STATUS'); return false; } if (strlen($response) < 4) { return false; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); return false; } return true; } /** * Downloads a file from the SFTP server. * * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the * operation. * * $offset and $length can be used to download files in chunks. * * @param string $remote_file * @param string $local_file * @param int $offset * @param int $length * @param callable\|null $progressCallback * @return mixed * @access public / function get($remote_file, $local_file = false, $offset = 0, $length = -1, $progressCallback = null) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $remote_file = $this->_realpath($remote_file); if ($remote_file === false) { return false; } $packet = pack('NaN2', strlen($remote_file), $remote_file, NET_SFTP_OPEN_READ, 0); if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: $handle = substr($response, 4); break; case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED $this->_logError($response); return false; default: user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); return false; } if (is_resource($local_file)) { $fp = $local_file; $stat = fstat($fp); $res_offset = $stat['size']; } else { $res_offset = 0; if ($local_file !== false) { $fp = fopen($local_file, 'wb'); if (!$fp) { return false; } } else { $content = ''; } } $fclose_check = $local_file !== false && !is_resource($local_file); $start = $offset; $read = 0; while (true) { $i = 0; while ($i < NET_SFTP_QUEUE_SIZE && ($length < 0 \|\| $read < $length)) { $tempoffset = $start + $read; $packet_size = $length > 0 ? min($this->max_sftp_packet, $length - $read) : $this->max_sftp_packet; $packet = pack('NaN3', strlen($handle), $handle, $tempoffset / 4294967296, $tempoffset, $packet_size); if (!$this->_send_sftp_packet(NET_SFTP_READ, $packet, $i)) { if ($fclose_check) { fclose($fp); } return false; } $packet = null; $read+= $packet_size; if (is_callable($progressCallback)) { call_user_func($progressCallback, $read); } $i++; } if (!$i) { break; } $packets_sent = $i - 1; $clear_responses = false; while ($i > 0) { $i--; if ($clear_responses) { $this->_get_sftp_packet($packets_sent - $i); continue; } else { $response = $this->_get_sftp_packet($packets_sent - $i); } switch ($this->packet_type) { case NET_SFTP_DATA: $temp = substr($response, 4); $offset+= strlen($temp); if ($local_file === false) { $content.= $temp; } else { fputs($fp, $temp); } $temp = null; break; case NET_SFTP_STATUS: // could, in theory, return false if !strlen($content) but we'll hold off for the time being $this->_logError($response); $clear_responses = true; // don't break out of the loop yet, so we can read the remaining responses break; default: if ($fclose_check) { fclose($fp); } user_error('Expected SSH_FX_DATA or SSH_FXP_STATUS'); } $response = null; } if ($clear_responses) { break; } } if ($length > 0 && $length <= $offset - $start) { if ($local_file === false) { $content = substr($content, 0, $length); } else { ftruncate($fp, $length + $res_offset); } } if ($fclose_check) { fclose($fp); } if (!$this->_close_handle($handle)) { return false; } // if $content isn't set that means a file was written to return isset($content) ? $content : true; } /* * Deletes a file on the SFTP server. * * @param string $path * @param bool $recursive * @return bool * @access public / function delete($path, $recursive = true) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } if (is_object($path)) { // It's an object. Cast it as string before we check anything else. $path = (string) $path; } if (!is_string($path) \|\| $path == '') { return false; } $path = $this->_realpath($path); if ($path === false) { return false; } // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na', strlen($path), $path))) { return false; } $response = $this->_get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { user_error('Expected SSH_FXP_STATUS'); return false; } // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED if (strlen($response) < 4) { return false; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); if (!$recursive) { return false; } $i = 0; $result = $this->_delete_recursive($path, $i); $this->_read_put_responses($i); return $result; } $this->_remove_from_stat_cache($path); return true; } /** * Recursively deletes directories on the SFTP server * * Minimizes directory lookups and SSH_FXP_STATUS requests for speed. * * @param string $path * @param int $i * @return bool * @access private / function _delete_recursive($path, &$i) { if (!$this->_read_put_responses($i)) { return false; } $i = 0; $entries = $this->_list($path, true); // normally $entries would have at least . and .. but it might not if the directories // permissions didn't allow reading if (empty($entries)) { return false; } unset($entries['.'], $entries['..']); foreach ($entries as $filename => $props) { if (!isset($props['type'])) { return false; } $temp = $path . '/' . $filename; if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { if (!$this->_delete_recursive($temp, $i)) { return false; } } else { if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na', strlen($temp), $temp))) { return false; } $this->_remove_from_stat_cache($temp); $i++; if ($i >= NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { return false; } $i = 0; } } } if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na', strlen($path), $path))) { return false; } $this->_remove_from_stat_cache($path); $i++; if ($i >= NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { return false; } $i = 0; } return true; } /* * Checks whether a file or directory exists * * @param string $path * @return bool * @access public / function file_exists($path) { if ($this->use_stat_cache) { $path = $this->_realpath($path); $result = $this->_query_stat_cache($path); if (isset($result)) { // return true if $result is an array or if it's an stdClass object return $result !== false; } } return $this->stat($path) !== false; } /* * Tells whether the filename is a directory * * @param string $path * @return bool * @access public / function is_dir($path) { $result = $this->_get_stat_cache_prop($path, 'type'); if ($result === false) { return false; } return $result === NET_SFTP_TYPE_DIRECTORY; } /* * Tells whether the filename is a regular file * * @param string $path * @return bool * @access public / function is_file($path) { $result = $this->_get_stat_cache_prop($path, 'type'); if ($result === false) { return false; } return $result === NET_SFTP_TYPE_REGULAR; } /* * Tells whether the filename is a symbolic link * * @param string $path * @return bool * @access public / function is_link($path) { $result = $this->_get_lstat_cache_prop($path, 'type'); if ($result === false) { return false; } return $result === NET_SFTP_TYPE_SYMLINK; } /* * Tells whether a file exists and is readable * * @param string $path * @return bool * @access public / function is_readable($path) { $path = $this->_realpath($path); $packet = pack('NaN2', strlen($path), $path, NET_SFTP_OPEN_READ, 0); if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: return true; case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED return false; default: user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); return false; } } /** * Tells whether the filename is writable * * @param string $path * @return bool * @access public / function is_writable($path) { $path = $this->_realpath($path); $packet = pack('NaN2', strlen($path), $path, NET_SFTP_OPEN_WRITE, 0); if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { return false; } $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: return true; case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED return false; default: user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); return false; } } /** * Tells whether the filename is writeable * * Alias of is_writable * * @param string $path * @return bool * @access public / function is_writeable($path) { return $this->is_writable($path); } /* * Gets last access time of file * * @param string $path * @return mixed * @access public / function fileatime($path) { return $this->_get_stat_cache_prop($path, 'atime'); } /* * Gets file modification time * * @param string $path * @return mixed * @access public / function filemtime($path) { return $this->_get_stat_cache_prop($path, 'mtime'); } /* * Gets file permissions * * @param string $path * @return mixed * @access public / function fileperms($path) { return $this->_get_stat_cache_prop($path, 'permissions'); } /* * Gets file owner * * @param string $path * @return mixed * @access public / function fileowner($path) { return $this->_get_stat_cache_prop($path, 'uid'); } /* * Gets file group * * @param string $path * @return mixed * @access public / function filegroup($path) { return $this->_get_stat_cache_prop($path, 'gid'); } /* * Gets file size * * @param string $path * @return mixed * @access public / function filesize($path) { return $this->_get_stat_cache_prop($path, 'size'); } /* * Gets file type * * @param string $path * @return mixed * @access public / function filetype($path) { $type = $this->_get_stat_cache_prop($path, 'type'); if ($type === false) { return false; } switch ($type) { case NET_SFTP_TYPE_BLOCK_DEVICE: return 'block'; case NET_SFTP_TYPE_CHAR_DEVICE: return 'char'; case NET_SFTP_TYPE_DIRECTORY: return 'dir'; case NET_SFTP_TYPE_FIFO: return 'fifo'; case NET_SFTP_TYPE_REGULAR: return 'file'; case NET_SFTP_TYPE_SYMLINK: return 'link'; default: return false; } } /* * Return a stat properity * * Uses cache if appropriate. * * @param string $path * @param string $prop * @return mixed * @access private / function _get_stat_cache_prop($path, $prop) { return $this->_get_xstat_cache_prop($path, $prop, 'stat'); } /* * Return an lstat properity * * Uses cache if appropriate. * * @param string $path * @param string $prop * @return mixed * @access private / function _get_lstat_cache_prop($path, $prop) { return $this->_get_xstat_cache_prop($path, $prop, 'lstat'); } /* * Return a stat or lstat properity * * Uses cache if appropriate. * * @param string $path * @param string $prop * @return mixed * @access private / function _get_xstat_cache_prop($path, $prop, $type) { if ($this->use_stat_cache) { $path = $this->_realpath($path); $result = $this->_query_stat_cache($path); if (is_object($result) && isset($result->$type)) { return $result->{$type}[$prop]; } } $result = $this->$type($path); if ($result === false \|\| !isset($result[$prop])) { return false; } return $result[$prop]; } /* * Renames a file or a directory on the SFTP server * * @param string $oldname * @param string $newname * @return bool * @access public / function rename($oldname, $newname) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; } $oldname = $this->_realpath($oldname); $newname = $this->_realpath($newname); if ($oldname === false \|\| $newname === false) { return false; } // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 $packet = pack('NaNa', strlen($oldname), $oldname, strlen($newname), $newname); if (!$this->_send_sftp_packet(NET_SFTP_RENAME, $packet)) { return false; } $response = $this->_get_sftp_packet(); if ($this->packet_type != NET_SFTP_STATUS) { user_error('Expected SSH_FXP_STATUS'); return false; } // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED if (strlen($response) < 4) { return false; } extract(unpack('Nstatus', $this->_string_shift($response, 4))); if ($status != NET_SFTP_STATUS_OK) { $this->_logError($response, $status); return false; } // don't move the stat cache entry over since this operation could very well change the // atime and mtime attributes //$this->_update_stat_cache($newname, $this->_query_stat_cache($oldname)); $this->_remove_from_stat_cache($oldname); $this->_remove_from_stat_cache($newname); return true; } /* * Parse Attributes * * See '7. File Attributes' of draft-ietf-secsh-filexfer-13 for more info. * * @param string $response * @return array * @access private / function _parseAttributes(&$response) { $attr = array(); if (strlen($response) < 4) { user_error('Malformed file attributes'); return array(); } extract(unpack('Nflags', $this->_string_shift($response, 4))); // SFTPv4+ have a type field (a byte) that follows the above flag field foreach ($this->attributes as $key => $value) { switch ($flags & $key) { case NET_SFTP_ATTR_SIZE: // 0x00000001 // The size attribute is defined as an unsigned 64-bit integer. // The following will use floats on 32-bit platforms, if necessary. // As can be seen in the BigInteger class, floats are generally // IEEE 754 binary64 "double precision" on such platforms and // as such can represent integers of at least 2^50 without loss // of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB. $attr['size'] = hexdec(bin2hex($this->_string_shift($response, 8))); break; case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only) if (strlen($response) < 8) { user_error('Malformed file attributes'); return $attr; } $attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8)); break; case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004 if (strlen($response) < 4) { user_error('Malformed file attributes'); return $attr; } $attr+= unpack('Npermissions', $this->_string_shift($response, 4)); // mode == permissions; permissions was the original array key and is retained for bc purposes. // mode was added because that's the more industry standard terminology $attr+= array('mode' => $attr['permissions']); $fileType = $this->_parseMode($attr['permissions']); if ($fileType !== false) { $attr+= array('type' => $fileType); } break; case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008 if (strlen($response) < 8) { user_error('Malformed file attributes'); return $attr; } $attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8)); break; case NET_SFTP_ATTR_EXTENDED: // 0x80000000 if (strlen($response) < 4) { user_error('Malformed file attributes'); return $attr; } extract(unpack('Ncount', $this->_string_shift($response, 4))); for ($i = 0; $i < $count; $i++) { if (strlen($response) < 4) { user_error('Malformed file attributes'); return $attr; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $key = $this->_string_shift($response, $length); if (strlen($response) < 4) { user_error('Malformed file attributes'); return $attr; } extract(unpack('Nlength', $this->_string_shift($response, 4))); $attr[$key] = $this->_string_shift($response, $length); } } } return $attr; } /* * Attempt to identify the file type * * Quoting the SFTP RFC, "Implementations MUST NOT send bits that are not defined" but they seem to anyway * * @param int $mode * @return int * @access private / function _parseMode($mode) { // values come from http://lxr.free-electrons.com/source/include/uapi/linux/stat.h#L12 // see, also, http://linux.die.net/man/2/stat switch ($mode & 0170000) {// ie. 1111 0000 0000 0000 case 0000000: // no file type specified - figure out the file type using alternative means return false; case 0040000: return NET_SFTP_TYPE_DIRECTORY; case 0100000: return NET_SFTP_TYPE_REGULAR; case 0120000: return NET_SFTP_TYPE_SYMLINK; // new types introduced in SFTPv5+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-05#section-5.2 case 0010000: // named pipe (fifo) return NET_SFTP_TYPE_FIFO; case 0020000: // character special return NET_SFTP_TYPE_CHAR_DEVICE; case 0060000: // block special return NET_SFTP_TYPE_BLOCK_DEVICE; case 0140000: // socket return NET_SFTP_TYPE_SOCKET; case 0160000: // whiteout // "SPECIAL should be used for files that are of // a known type which cannot be expressed in the protocol" return NET_SFTP_TYPE_SPECIAL; default: return NET_SFTP_TYPE_UNKNOWN; } } /* * Parse Longname * * SFTPv3 doesn't provide any easy way of identifying a file type. You could try to open * a file as a directory and see if an error is returned or you could try to parse the * SFTPv3-specific longname field of the SSH_FXP_NAME packet. That's what this function does. * The result is returned using the * {@link http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2 SFTPv4 type constants}. * * If the longname is in an unrecognized format bool(false) is returned. * * @param string $longname * @return mixed * @access private / function _parseLongname($longname) { // http://en.wikipedia.org/wiki/Unix_file_types // http://en.wikipedia.org/wiki/Filesystem_permissions#Notation_of_traditional_Unix_permissions if (preg_match('#^[^/]([r-][w-][xstST-]){3}#', $longname)) { switch ($longname[0]) { case '-': return NET_SFTP_TYPE_REGULAR; case 'd': return NET_SFTP_TYPE_DIRECTORY; case 'l': return NET_SFTP_TYPE_SYMLINK; default: return NET_SFTP_TYPE_SPECIAL; } } return false; } /* * Sends SFTP Packets * * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info. * * @param int $type * @param string $data * @see self::_get_sftp_packet() * @see Net_SSH2::_send_channel_packet() * @return bool * @access private / function _send_sftp_packet($type, $data, $request_id = 1) { $packet = $this->use_request_id ? pack('NCNa', strlen($data) + 5, $type, $request_id, $data) : pack('NCa', strlen($data) + 1, $type, $data); $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 $result = $this->_send_channel_packet(NET_SFTP_CHANNEL, $packet); $stop = strtok(microtime(), ' ') + strtok(''); if (defined('NET_SFTP_LOGGING')) { $packet_type = '-> ' . $this->packet_types[$type] . ' (' . round($stop - $start, 4) . 's)'; if (NET_SFTP_LOGGING == NET_SFTP_LOG_REALTIME) { echo "<pre>\r\n" . $this->_format_log(array($data), array($packet_type)) . "\r\n</pre>\r\n"; flush(); ob_flush(); } else { $this->packet_type_log[] = $packet_type; if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) { $this->packet_log[] = $data; } } } return $result; } /* * Resets a connection for re-use * * @param int $reason * @access private / function _reset_connection($reason) { parent::_reset_connection($reason); $this->use_request_id = false; $this->pwd = false; $this->requestBuffer = array(); } /* * Receives SFTP Packets * * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info. * * Incidentally, the number of SSH_MSG_CHANNEL_DATA messages has no bearing on the number of SFTP packets present. * There can be one SSH_MSG_CHANNEL_DATA messages containing two SFTP packets or there can be two SSH_MSG_CHANNEL_DATA * messages containing one SFTP packet. * * @see self::_send_sftp_packet() * @return string * @access private / function _get_sftp_packet($request_id = null) { if (isset($request_id) && isset($this->requestBuffer[$request_id])) { $this->packet_type = $this->requestBuffer[$request_id]['packet_type']; $temp = $this->requestBuffer[$request_id]['packet']; unset($this->requestBuffer[$request_id]); return $temp; } // in SSH2.php the timeout is cumulative per function call. eg. exec() will // timeout after 10s. but for SFTP.php it's cumulative per packet $this->curTimeout = $this->timeout; $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 // SFTP packet length while (strlen($this->packet_buffer) < 4) { $temp = $this->_get_channel_packet(NET_SFTP_CHANNEL, true); if (is_bool($temp)) { $this->packet_type = false; $this->packet_buffer = ''; return false; } $this->packet_buffer.= $temp; } if (strlen($this->packet_buffer) < 4) { return false; } extract(unpack('Nlength', $this->_string_shift($this->packet_buffer, 4))); $tempLength = $length; $tempLength-= strlen($this->packet_buffer); // 256 1024 is what SFTP_MAX_MSG_LENGTH is set to in OpenSSH's sftp-common.h if ($tempLength > 256 * 1024) { user_error('Invalid SFTP packet size'); return false; } // SFTP packet type and data payload while ($tempLength > 0) { $temp = $this->_get_channel_packet(NET_SFTP_CHANNEL, true); if (is_bool($temp)) { $this->packet_type = false; $this->packet_buffer = ''; return false; } $this->packet_buffer.= $temp; $tempLength-= strlen($temp); } $stop = strtok(microtime(), ' ') + strtok(''); $this->packet_type = ord($this->_string_shift($this->packet_buffer)); if ($this->use_request_id) { extract(unpack('Npacket_id', $this->_string_shift($this->packet_buffer, 4))); // remove the request id $length-= 5; // account for the request id and the packet type } else { $length-= 1; // account for the packet type } $packet = $this->_string_shift($this->packet_buffer, $length); if (defined('NET_SFTP_LOGGING')) { $packet_type = '<- ' . $this->packet_types[$this->packet_type] . ' (' . round($stop - $start, 4) . 's)'; if (NET_SFTP_LOGGING == NET_SFTP_LOG_REALTIME) { echo "<pre>\r\n" . $this->_format_log(array($packet), array($packet_type)) . "\r\n</pre>\r\n"; flush(); ob_flush(); } else { $this->packet_type_log[] = $packet_type; if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) { $this->packet_log[] = $packet; } } } if (isset($request_id) && $this->use_request_id && $packet_id != $request_id) { $this->requestBuffer[$packet_id] = array( 'packet_type' => $this->packet_type, 'packet' => $packet ); return $this->_get_sftp_packet($request_id); } return $packet; } /** * Returns a log of the packets that have been sent and received. * * Returns a string if NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX, an array if NET_SFTP_LOGGING == NET_SFTP_LOG_SIMPLE and false if !defined('NET_SFTP_LOGGING') * * @access public * @return string or Array / function getSFTPLog() { if (!defined('NET_SFTP_LOGGING')) { return false; } switch (NET_SFTP_LOGGING) { case NET_SFTP_LOG_COMPLEX: return $this->_format_log($this->packet_log, $this->packet_type_log); break; //case NET_SFTP_LOG_SIMPLE: default: return $this->packet_type_log; } } /* * Returns all errors * * @return array * @access public / function getSFTPErrors() { return $this->sftp_errors; } /* * Returns the last error * * @return string * @access public / function getLastSFTPError() { return count($this->sftp_errors) ? $this->sftp_errors[count($this->sftp_errors) - 1] : ''; } /* * Get supported SFTP versions * * @return array * @access public / function getSupportedVersions() { $temp = array('version' => $this->version); if (isset($this->extensions['versions'])) { $temp['extensions'] = $this->extensions['versions']; } return $temp; } /* * Disconnect * * @param int $reason * @return bool * @access private / function _disconnect($reason) { $this->pwd = false; parent::_disconnect($reason); } } ��phpseclib/Math/BigInteger.php��0000644��00000407020�15104540706�0012143 0��ustar�00��<?php /* * Pure-PHP arbitrary precision integer arithmetic library. * * Supports base-2, base-10, base-16, and base-256 numbers. Uses the GMP or BCMath extensions, if available, * and an internal implementation, otherwise. * * PHP versions 4 and 5 * * {@internal (all DocBlock comments regarding implementation - such as the one that follows - refer to the * {@link MATH_BIGINTEGER_MODE_INTERNAL MATH_BIGINTEGER_MODE_INTERNAL} mode) * * Math_BigInteger uses base-2*26 to perform operations such as multiplication and division and base-252 (ie. two base 226 digits) to perform addition and subtraction. Because the largest possible * value when multiplying two base-226 numbers together is a base-252 number, double precision floating * point numbers - numbers that should be supported on most hardware and whose significand is 53 bits - are * used. As a consequence, bitwise operators such as >> and << cannot be used, nor can the modulo operator %, * which only supports integers. Although this fact will slow this library down, the fact that such a high * base is being used should more than compensate. * * Numbers are stored in {@link http://en.wikipedia.org/wiki/Endianness little endian} format. ie. * (new Math_BigInteger(pow(2, 26)))->value = array(0, 1) * * Useful resources are as follows: * * - {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf Handbook of Applied Cryptography (HAC)} * - {@link http://math.libtomcrypt.com/files/tommath.pdf Multi-Precision Math (MPM)} * - Java's BigInteger classes. See /j2se/src/share/classes/java/math in jdk-1_5_0-src-jrl.zip * * Here's an example of how to use this library: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger(2); * $b = new Math_BigInteger(3); * * $c = $a->add($b); * * echo $c->toString(); // outputs 5 * ?> * </code> * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category Math * @package Math_BigInteger * @author Jim Wigginton <terrafrost@php.net> * @copyright 2006 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License / /#@+ Reduction constants * * @access private * @see self::_reduce() / /* * @see self::_montgomery() * @see self::_prepMontgomery() / define('MATH_BIGINTEGER_MONTGOMERY', 0); /* * @see self::_barrett() / define('MATH_BIGINTEGER_BARRETT', 1); /* * @see self::_mod2() / define('MATH_BIGINTEGER_POWEROF2', 2); /* * @see self::_remainder() / define('MATH_BIGINTEGER_CLASSIC', 3); /* * @see self::__clone() / define('MATH_BIGINTEGER_NONE', 4); /#@-/ /*#@+ Array constants * * Rather than create a thousands and thousands of new Math_BigInteger objects in repeated function calls to add() and * multiply() or whatever, we'll just work directly on arrays, taking them in as parameters and returning them. * * @access private / /* * $result[MATH_BIGINTEGER_VALUE] contains the value. / define('MATH_BIGINTEGER_VALUE', 0); /* * $result[MATH_BIGINTEGER_SIGN] contains the sign. / define('MATH_BIGINTEGER_SIGN', 1); /#@-/ /*#@+ @access private * @see self::_montgomery() * @see self::_barrett() / /* * Cache constants * * $cache[MATH_BIGINTEGER_VARIABLE] tells us whether or not the cached data is still valid. / define('MATH_BIGINTEGER_VARIABLE', 0); /* * $cache[MATH_BIGINTEGER_DATA] contains the cached data. / define('MATH_BIGINTEGER_DATA', 1); /#@-/ /*#@+ Mode constants. * * @access private * @see self::Math_BigInteger() / /* * To use the pure-PHP implementation / define('MATH_BIGINTEGER_MODE_INTERNAL', 1); /* * To use the BCMath library * * (if enabled; otherwise, the internal implementation will be used) / define('MATH_BIGINTEGER_MODE_BCMATH', 2); /* * To use the GMP library * * (if present; otherwise, either the BCMath or the internal implementation will be used) / define('MATH_BIGINTEGER_MODE_GMP', 3); /#@-/ /** * Karatsuba Cutoff * * At what point do we switch between Karatsuba multiplication and schoolbook long multiplication? * * @access private / define('MATH_BIGINTEGER_KARATSUBA_CUTOFF', 25); /* * Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256 * numbers. * * @package Math_BigInteger * @author Jim Wigginton <terrafrost@php.net> * @access public / class Math_BigInteger { /* * Holds the BigInteger's value. * * @var array * @access private / var $value; /* * Holds the BigInteger's magnitude. * * @var bool * @access private / var $is_negative = false; /* * Precision * * @see self::setPrecision() * @access private / var $precision = -1; /* * Precision Bitmask * * @see self::setPrecision() * @access private / var $bitmask = false; /* * Mode independent value used for serialization. * * If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for * a variable that'll be serializable regardless of whether or not extensions are being used. Unlike $this->value, * however, $this->hex is only calculated when $this->__sleep() is called. * * @see self::__sleep() * @see self::__wakeup() * @var string * @access private / var $hex; /* * Converts base-2, base-10, base-16, and binary strings (base-256) to BigIntegers. * * If the second parameter - $base - is negative, then it will be assumed that the number's are encoded using * two's compliment. The sole exception to this is -10, which is treated the same as 10 is. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('0x32', 16); // 50 in base-16 * * echo $a->toString(); // outputs 50 * ?> * </code> * * @param $x base-10 number or base-$base number if $base set. * @param int $base * @return Math_BigInteger * @access public / function __construct($x = 0, $base = 10) { if (!defined('MATH_BIGINTEGER_MODE')) { switch (true) { case extension_loaded('gmp'): define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_GMP); break; case extension_loaded('bcmath'): define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_BCMATH); break; default: define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_INTERNAL); } } if (extension_loaded('openssl') && !defined('MATH_BIGINTEGER_OPENSSL_DISABLE') && !defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) { // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work ob_start(); @phpinfo(); $content = ob_get_contents(); ob_end_clean(); preg_match_all('#OpenSSL (Header\|Library) Version(.)#im', $content, $matches); $versions = array(); if (!empty($matches[1])) { for ($i = 0; $i < count($matches[1]); $i++) { $fullVersion = trim(str_replace('=>', '', strip_tags($matches[2][$i]))); // Remove letter part in OpenSSL version if (!preg_match('/(\d+\.\d+\.\d+)/i', $fullVersion, $m)) { $versions[$matches[1][$i]] = $fullVersion; } else { $versions[$matches[1][$i]] = $m[0]; } } } // it doesn't appear that OpenSSL versions were reported upon until PHP 5.3+ switch (true) { case !isset($versions['Header']): case !isset($versions['Library']): case $versions['Header'] == $versions['Library']: case version_compare($versions['Header'], '1.0.0') >= 0 && version_compare($versions['Library'], '1.0.0') >= 0: define('MATH_BIGINTEGER_OPENSSL_ENABLED', true); break; default: define('MATH_BIGINTEGER_OPENSSL_DISABLE', true); } } if (!defined('PHP_INT_SIZE')) { define('PHP_INT_SIZE', 4); } if (!defined('MATH_BIGINTEGER_BASE') && MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_INTERNAL) { switch (PHP_INT_SIZE) { case 8: // use 64-bit integers if int size is 8 bytes define('MATH_BIGINTEGER_BASE', 31); define('MATH_BIGINTEGER_BASE_FULL', 0x80000000); define('MATH_BIGINTEGER_MAX_DIGIT', 0x7FFFFFFF); define('MATH_BIGINTEGER_MSB', 0x40000000); // 109 is the closest we can get to 231 without passing it define('MATH_BIGINTEGER_MAX10', 1000000000); define('MATH_BIGINTEGER_MAX10_LEN', 9); // the largest digit that may be used in addition / subtraction define('MATH_BIGINTEGER_MAX_DIGIT2', pow(2, 62)); break; //case 4: // use 64-bit floats if int size is 4 bytes default: define('MATH_BIGINTEGER_BASE', 26); define('MATH_BIGINTEGER_BASE_FULL', 0x4000000); define('MATH_BIGINTEGER_MAX_DIGIT', 0x3FFFFFF); define('MATH_BIGINTEGER_MSB', 0x2000000); // 107 is the closest to 226 without passing it define('MATH_BIGINTEGER_MAX10', 10000000); define('MATH_BIGINTEGER_MAX10_LEN', 7); // the largest digit that may be used in addition / subtraction // we do pow(2, 52) instead of using 4503599627370496 directly because some // PHP installations will truncate 4503599627370496. define('MATH_BIGINTEGER_MAX_DIGIT2', pow(2, 52)); } } switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: switch (true) { case is_resource($x) && get_resource_type($x) == 'GMP integer': // PHP 5.6 switched GMP from using resources to objects case is_object($x) && get_class($x) == 'GMP': $this->value = $x; return; } $this->value = gmp_init(0); break; case MATH_BIGINTEGER_MODE_BCMATH: $this->value = '0'; break; default: $this->value = array(); } // '0' counts as empty() but when the base is 256 '0' is equal to ord('0') or 48 // '0' is the only value like this per http://php.net/empty if (empty($x) && (abs($base) != 256 \|\| $x !== '0')) { return; } switch ($base) { case -256: if (ord($x[0]) & 0x80) { $x = ~$x; $this->is_negative = true; } case 256: switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $this->value = function_exists('gmp_import') ? gmp_import($x) : gmp_init('0x' . bin2hex($x)); if ($this->is_negative) { $this->value = gmp_neg($this->value); } break; case MATH_BIGINTEGER_MODE_BCMATH: // round $len to the nearest 4 (thanks, DavidMJ!) $len = (strlen($x) + 3) & 0xFFFFFFFC; $x = str_pad($x, $len, chr(0), STR_PAD_LEFT); for ($i = 0; $i < $len; $i+= 4) { $this->value = bcmul($this->value, '4294967296', 0); // 4294967296 == 2*32 $this->value = bcadd($this->value, 0x1000000 ord($x[$i]) + ((ord($x[$i + 1]) << 16) \| (ord($x[$i + 2]) << 8) \| ord($x[$i + 3])), 0); } if ($this->is_negative) { $this->value = '-' . $this->value; } break; // converts a base-28 (big endian / msb) number to base-226 (little endian / lsb) default: while (strlen($x)) { $this->value[] = $this->_bytes2int($this->_base256_rshift($x, MATH_BIGINTEGER_BASE)); } } if ($this->is_negative) { if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) { $this->is_negative = false; } $temp = $this->add(new Math_BigInteger('-1')); $this->value = $temp->value; } break; case 16: case -16: if ($base > 0 && $x[0] == '-') { $this->is_negative = true; $x = substr($x, 1); } $x = preg_replace('#^(?:0x)?([A-Fa-f0-9]).#', '$1', $x); $is_negative = false; if ($base < 0 && hexdec($x[0]) >= 8) { $this->is_negative = $is_negative = true; $x = bin2hex(~pack('H', $x)); } switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $temp = $this->is_negative ? '-0x' . $x : '0x' . $x; $this->value = gmp_init($temp); $this->is_negative = false; break; case MATH_BIGINTEGER_MODE_BCMATH: $x = (strlen($x) & 1) ? '0' . $x : $x; $temp = new Math_BigInteger(pack('H', $x), 256); $this->value = $this->is_negative ? '-' . $temp->value : $temp->value; $this->is_negative = false; break; default: $x = (strlen($x) & 1) ? '0' . $x : $x; $temp = new Math_BigInteger(pack('H', $x), 256); $this->value = $temp->value; } if ($is_negative) { $temp = $this->add(new Math_BigInteger('-1')); $this->value = $temp->value; } break; case 10: case -10: // (?<!^)(?:-).: find any -'s that aren't at the beginning and then any characters that follow that // (?<=^\|-)0: find any 0's that are preceded by the start of the string or by a - (ie. octals) // [^-0-9].: find any non-numeric characters and then any characters that follow that $x = preg_replace('#(?<!^)(?:-).\|(?<=^\|-)0\|[^-0-9].#', '', $x); if (!strlen($x) \|\| $x == '-') { $x = '0'; } switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $this->value = gmp_init($x); break; case MATH_BIGINTEGER_MODE_BCMATH: // explicitly casting $x to a string is necessary, here, since doing $x[0] on -1 yields different // results then doing it on '-1' does (modInverse does $x[0]) $this->value = $x === '-' ? '0' : (string) $x; break; default: $temp = new Math_BigInteger(); $multiplier = new Math_BigInteger(); $multiplier->value = array(MATH_BIGINTEGER_MAX10); if ($x[0] == '-') { $this->is_negative = true; $x = substr($x, 1); } $x = str_pad($x, strlen($x) + ((MATH_BIGINTEGER_MAX10_LEN - 1) strlen($x)) % MATH_BIGINTEGER_MAX10_LEN, 0, STR_PAD_LEFT); while (strlen($x)) { $temp = $temp->multiply($multiplier); $temp = $temp->add(new Math_BigInteger($this->_int2bytes(substr($x, 0, MATH_BIGINTEGER_MAX10_LEN)), 256)); $x = substr($x, MATH_BIGINTEGER_MAX10_LEN); } $this->value = $temp->value; } break; case 2: // base-2 support originally implemented by Lluis Pamies - thanks! case -2: if ($base > 0 && $x[0] == '-') { $this->is_negative = true; $x = substr($x, 1); } $x = preg_replace('#^([01]).#', '$1', $x); $x = str_pad($x, strlen($x) + (3 * strlen($x)) % 4, 0, STR_PAD_LEFT); $str = '0x'; while (strlen($x)) { $part = substr($x, 0, 4); $str.= dechex(bindec($part)); $x = substr($x, 4); } if ($this->is_negative) { $str = '-' . $str; } $temp = new Math_BigInteger($str, 8 * $base); // ie. either -16 or +16 $this->value = $temp->value; $this->is_negative = $temp->is_negative; break; default: // base not supported, so we'll let $this == 0 } } /** * PHP4 compatible Default Constructor. * * @see self::__construct() * @param $x base-10 number or base-$base number if $base set. * @param int $base * @access public / function Math_BigInteger($x = 0, $base = 10) { $this->__construct($x, $base); } /* * Converts a BigInteger to a byte string (eg. base-256). * * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're * saved as two's compliment. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('65'); * * echo $a->toBytes(); // outputs chr(65) * ?> * </code> * * @param bool $twos_compliment * @return string * @access public * @internal Converts a base-226 number to base-28 / function toBytes($twos_compliment = false) { if ($twos_compliment) { $comparison = $this->compare(new Math_BigInteger()); if ($comparison == 0) { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } $temp = $comparison < 0 ? $this->add(new Math_BigInteger(1)) : $this->copy(); $bytes = $temp->toBytes(); if (!strlen($bytes)) { // eg. if the number we're trying to convert is -1 $bytes = chr(0); } if ($this->precision <= 0 && (ord($bytes[0]) & 0x80)) { $bytes = chr(0) . $bytes; } return $comparison < 0 ? ~$bytes : $bytes; } switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: if (gmp_cmp($this->value, gmp_init(0)) == 0) { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } if (function_exists('gmp_export')) { $temp = gmp_export($this->value); } else { $temp = gmp_strval(gmp_abs($this->value), 16); $temp = (strlen($temp) & 1) ? '0' . $temp : $temp; $temp = pack('H', $temp); } return $this->precision > 0 ? substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : ltrim($temp, chr(0)); case MATH_BIGINTEGER_MODE_BCMATH: if ($this->value === '0') { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } $value = ''; $current = $this->value; if ($current[0] == '-') { $current = substr($current, 1); } while (bccomp($current, '0', 0) > 0) { $temp = bcmod($current, '16777216'); $value = chr($temp >> 16) . chr($temp >> 8) . chr($temp) . $value; $current = bcdiv($current, '16777216', 0); } return $this->precision > 0 ? substr(str_pad($value, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : ltrim($value, chr(0)); } if (!count($this->value)) { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } $result = $this->_int2bytes($this->value[count($this->value) - 1]); $temp = $this->copy(); for ($i = count($temp->value) - 2; $i >= 0; --$i) { $temp->_base256_lshift($result, MATH_BIGINTEGER_BASE); $result = $result \| str_pad($temp->_int2bytes($temp->value[$i]), strlen($result), chr(0), STR_PAD_LEFT); } return $this->precision > 0 ? str_pad(substr($result, -(($this->precision + 7) >> 3)), ($this->precision + 7) >> 3, chr(0), STR_PAD_LEFT) : $result; } /** * Converts a BigInteger to a hex string (eg. base-16)). * * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're * saved as two's compliment. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('65'); * * echo $a->toHex(); // outputs '41' * ?> * </code> * * @param bool $twos_compliment * @return string * @access public * @internal Converts a base-226 number to base-28 / function toHex($twos_compliment = false) { return bin2hex($this->toBytes($twos_compliment)); } /* * Converts a BigInteger to a bit string (eg. base-2). * * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're * saved as two's compliment. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('65'); * * echo $a->toBits(); // outputs '1000001' * ?> * </code> * * @param bool $twos_compliment * @return string * @access public * @internal Converts a base-226 number to base-22 / function toBits($twos_compliment = false) { $hex = $this->toHex($twos_compliment); $bits = ''; for ($i = strlen($hex) - 8, $start = strlen($hex) & 7; $i >= $start; $i-=8) { $bits = str_pad(decbin(hexdec(substr($hex, $i, 8))), 32, '0', STR_PAD_LEFT) . $bits; } if ($start) { // hexdec('') == 0 $bits = str_pad(decbin(hexdec(substr($hex, 0, $start))), 8, '0', STR_PAD_LEFT) . $bits; } $result = $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0'); if ($twos_compliment && $this->compare(new Math_BigInteger()) > 0 && $this->precision <= 0) { return '0' . $result; } return $result; } /* * Converts a BigInteger to a base-10 number. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('50'); * * echo $a->toString(); // outputs 50 * ?> * </code> * * @return string * @access public * @internal Converts a base-226 number to base-107 (which is pretty much base-10) / function toString() { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: return gmp_strval($this->value); case MATH_BIGINTEGER_MODE_BCMATH: if ($this->value === '0') { return '0'; } return ltrim($this->value, '0'); } if (!count($this->value)) { return '0'; } $temp = $this->copy(); $temp->bitmask = false; $temp->is_negative = false; $divisor = new Math_BigInteger(); $divisor->value = array(MATH_BIGINTEGER_MAX10); $result = ''; while (count($temp->value)) { list($temp, $mod) = $temp->divide($divisor); $result = str_pad(isset($mod->value[0]) ? $mod->value[0] : '', MATH_BIGINTEGER_MAX10_LEN, '0', STR_PAD_LEFT) . $result; } $result = ltrim($result, '0'); if (empty($result)) { $result = '0'; } if ($this->is_negative) { $result = '-' . $result; } return $result; } /* * Copy an object * * PHP5 passes objects by reference while PHP4 passes by value. As such, we need a function to guarantee * that all objects are passed by value, when appropriate. More information can be found here: * * {@link http://php.net/language.oop5.basic#51624} * * @access public * @see self::__clone() * @return Math_BigInteger / function copy() { $temp = new Math_BigInteger(); $temp->value = $this->value; $temp->is_negative = $this->is_negative; $temp->precision = $this->precision; $temp->bitmask = $this->bitmask; return $temp; } /* * __toString() magic method * * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call * toString(). * * @access public * @internal Implemented per a suggestion by Techie-Michael - thanks! / function __toString() { return $this->toString(); } /* * __clone() magic method * * Although you can call Math_BigInteger::__toString() directly in PHP5, you cannot call Math_BigInteger::__clone() * directly in PHP5. You can in PHP4 since it's not a magic method, but in PHP5, you have to call it by using the PHP5 * only syntax of $y = clone $x. As such, if you're trying to write an application that works on both PHP4 and PHP5, * call Math_BigInteger::copy(), instead. * * @access public * @see self::copy() * @return Math_BigInteger / function __clone() { return $this->copy(); } /* * __sleep() magic method * * Will be called, automatically, when serialize() is called on a Math_BigInteger object. * * @see self::__wakeup() * @access public / function __sleep() { $this->hex = $this->toHex(true); $vars = array('hex'); if ($this->precision > 0) { $vars[] = 'precision'; } return $vars; } /* * __wakeup() magic method * * Will be called, automatically, when unserialize() is called on a Math_BigInteger object. * * @see self::__sleep() * @access public / function __wakeup() { $temp = new Math_BigInteger($this->hex, -16); $this->value = $temp->value; $this->is_negative = $temp->is_negative; if ($this->precision > 0) { // recalculate $this->bitmask $this->setPrecision($this->precision); } } /* * __debugInfo() magic method * * Will be called, automatically, when print_r() or var_dump() are called * * @access public / function __debugInfo() { $opts = array(); switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $engine = 'gmp'; break; case MATH_BIGINTEGER_MODE_BCMATH: $engine = 'bcmath'; break; case MATH_BIGINTEGER_MODE_INTERNAL: $engine = 'internal'; $opts[] = PHP_INT_SIZE == 8 ? '64-bit' : '32-bit'; } if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_GMP && defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) { $opts[] = 'OpenSSL'; } if (!empty($opts)) { $engine.= ' (' . implode('.', $opts) . ')'; } return array( 'value' => '0x' . $this->toHex(true), 'engine' => $engine ); } /* * Adds two BigIntegers. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * * $c = $a->add($b); * * echo $c->toString(); // outputs 30 * ?> * </code> * * @param Math_BigInteger $y * @return Math_BigInteger * @access public * @internal Performs base-2*52 addition / function add($y) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_add($this->value, $y->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $temp = new Math_BigInteger(); $temp->value = bcadd($this->value, $y->value, 0); return $this->_normalize($temp); } $temp = $this->_add($this->value, $this->is_negative, $y->value, $y->is_negative); $result = new Math_BigInteger(); $result->value = $temp[MATH_BIGINTEGER_VALUE]; $result->is_negative = $temp[MATH_BIGINTEGER_SIGN]; return $this->_normalize($result); } /** * Performs addition. * * @param array $x_value * @param bool $x_negative * @param array $y_value * @param bool $y_negative * @return array * @access private / function _add($x_value, $x_negative, $y_value, $y_negative) { $x_size = count($x_value); $y_size = count($y_value); if ($x_size == 0) { return array( MATH_BIGINTEGER_VALUE => $y_value, MATH_BIGINTEGER_SIGN => $y_negative ); } elseif ($y_size == 0) { return array( MATH_BIGINTEGER_VALUE => $x_value, MATH_BIGINTEGER_SIGN => $x_negative ); } // subtract, if appropriate if ($x_negative != $y_negative) { if ($x_value == $y_value) { return array( MATH_BIGINTEGER_VALUE => array(), MATH_BIGINTEGER_SIGN => false ); } $temp = $this->_subtract($x_value, false, $y_value, false); $temp[MATH_BIGINTEGER_SIGN] = $this->_compare($x_value, false, $y_value, false) > 0 ? $x_negative : $y_negative; return $temp; } if ($x_size < $y_size) { $size = $x_size; $value = $y_value; } else { $size = $y_size; $value = $x_value; } $value[count($value)] = 0; // just in case the carry adds an extra digit $carry = 0; for ($i = 0, $j = 1; $j < $size; $i+=2, $j+=2) { $sum = $x_value[$j] MATH_BIGINTEGER_BASE_FULL + $x_value[$i] + $y_value[$j] * MATH_BIGINTEGER_BASE_FULL + $y_value[$i] + $carry; $carry = $sum >= MATH_BIGINTEGER_MAX_DIGIT2; // eg. floor($sum / 2*52); only possible values (in any base) are 0 and 1 $sum = $carry ? $sum - MATH_BIGINTEGER_MAX_DIGIT2 : $sum; $temp = MATH_BIGINTEGER_BASE === 26 ? intval($sum / 0x4000000) : ($sum >> 31); $value[$i] = (int) ($sum - MATH_BIGINTEGER_BASE_FULL $temp); // eg. a faster alternative to fmod($sum, 0x4000000) $value[$j] = $temp; } if ($j == $size) { // ie. if $y_size is odd $sum = $x_value[$i] + $y_value[$i] + $carry; $carry = $sum >= MATH_BIGINTEGER_BASE_FULL; $value[$i] = $carry ? $sum - MATH_BIGINTEGER_BASE_FULL : $sum; ++$i; // ie. let $i = $j since we've just done $value[$i] } if ($carry) { for (; $value[$i] == MATH_BIGINTEGER_MAX_DIGIT; ++$i) { $value[$i] = 0; } ++$value[$i]; } return array( MATH_BIGINTEGER_VALUE => $this->_trim($value), MATH_BIGINTEGER_SIGN => $x_negative ); } /** * Subtracts two BigIntegers. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * * $c = $a->subtract($b); * * echo $c->toString(); // outputs -10 * ?> * </code> * * @param Math_BigInteger $y * @return Math_BigInteger * @access public * @internal Performs base-2*52 subtraction / function subtract($y) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_sub($this->value, $y->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $temp = new Math_BigInteger(); $temp->value = bcsub($this->value, $y->value, 0); return $this->_normalize($temp); } $temp = $this->_subtract($this->value, $this->is_negative, $y->value, $y->is_negative); $result = new Math_BigInteger(); $result->value = $temp[MATH_BIGINTEGER_VALUE]; $result->is_negative = $temp[MATH_BIGINTEGER_SIGN]; return $this->_normalize($result); } /** * Performs subtraction. * * @param array $x_value * @param bool $x_negative * @param array $y_value * @param bool $y_negative * @return array * @access private / function _subtract($x_value, $x_negative, $y_value, $y_negative) { $x_size = count($x_value); $y_size = count($y_value); if ($x_size == 0) { return array( MATH_BIGINTEGER_VALUE => $y_value, MATH_BIGINTEGER_SIGN => !$y_negative ); } elseif ($y_size == 0) { return array( MATH_BIGINTEGER_VALUE => $x_value, MATH_BIGINTEGER_SIGN => $x_negative ); } // add, if appropriate (ie. -$x - +$y or +$x - -$y) if ($x_negative != $y_negative) { $temp = $this->_add($x_value, false, $y_value, false); $temp[MATH_BIGINTEGER_SIGN] = $x_negative; return $temp; } $diff = $this->_compare($x_value, $x_negative, $y_value, $y_negative); if (!$diff) { return array( MATH_BIGINTEGER_VALUE => array(), MATH_BIGINTEGER_SIGN => false ); } // switch $x and $y around, if appropriate. if ((!$x_negative && $diff < 0) \|\| ($x_negative && $diff > 0)) { $temp = $x_value; $x_value = $y_value; $y_value = $temp; $x_negative = !$x_negative; $x_size = count($x_value); $y_size = count($y_value); } // at this point, $x_value should be at least as big as - if not bigger than - $y_value $carry = 0; for ($i = 0, $j = 1; $j < $y_size; $i+=2, $j+=2) { $sum = $x_value[$j] MATH_BIGINTEGER_BASE_FULL + $x_value[$i] - $y_value[$j] * MATH_BIGINTEGER_BASE_FULL - $y_value[$i] - $carry; $carry = $sum < 0; // eg. floor($sum / 2*52); only possible values (in any base) are 0 and 1 $sum = $carry ? $sum + MATH_BIGINTEGER_MAX_DIGIT2 : $sum; $temp = MATH_BIGINTEGER_BASE === 26 ? intval($sum / 0x4000000) : ($sum >> 31); $x_value[$i] = (int) ($sum - MATH_BIGINTEGER_BASE_FULL $temp); $x_value[$j] = $temp; } if ($j == $y_size) { // ie. if $y_size is odd $sum = $x_value[$i] - $y_value[$i] - $carry; $carry = $sum < 0; $x_value[$i] = $carry ? $sum + MATH_BIGINTEGER_BASE_FULL : $sum; ++$i; } if ($carry) { for (; !$x_value[$i]; ++$i) { $x_value[$i] = MATH_BIGINTEGER_MAX_DIGIT; } --$x_value[$i]; } return array( MATH_BIGINTEGER_VALUE => $this->_trim($x_value), MATH_BIGINTEGER_SIGN => $x_negative ); } /** * Multiplies two BigIntegers * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * * $c = $a->multiply($b); * * echo $c->toString(); // outputs 200 * ?> * </code> * * @param Math_BigInteger $x * @return Math_BigInteger * @access public / function multiply($x) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_mul($this->value, $x->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $temp = new Math_BigInteger(); $temp->value = bcmul($this->value, $x->value, 0); return $this->_normalize($temp); } $temp = $this->_multiply($this->value, $this->is_negative, $x->value, $x->is_negative); $product = new Math_BigInteger(); $product->value = $temp[MATH_BIGINTEGER_VALUE]; $product->is_negative = $temp[MATH_BIGINTEGER_SIGN]; return $this->_normalize($product); } /* * Performs multiplication. * * @param array $x_value * @param bool $x_negative * @param array $y_value * @param bool $y_negative * @return array * @access private / function _multiply($x_value, $x_negative, $y_value, $y_negative) { //if ( $x_value == $y_value ) { // return array( // MATH_BIGINTEGER_VALUE => $this->_square($x_value), // MATH_BIGINTEGER_SIGN => $x_sign != $y_value // ); //} $x_length = count($x_value); $y_length = count($y_value); if (!$x_length \|\| !$y_length) { // a 0 is being multiplied return array( MATH_BIGINTEGER_VALUE => array(), MATH_BIGINTEGER_SIGN => false ); } return array( MATH_BIGINTEGER_VALUE => min($x_length, $y_length) < 2 MATH_BIGINTEGER_KARATSUBA_CUTOFF ? $this->_trim($this->_regularMultiply($x_value, $y_value)) : $this->_trim($this->_karatsuba($x_value, $y_value)), MATH_BIGINTEGER_SIGN => $x_negative != $y_negative ); } /** * Performs long multiplication on two BigIntegers * * Modeled after 'multiply' in MutableBigInteger.java. * * @param array $x_value * @param array $y_value * @return array * @access private / function _regularMultiply($x_value, $y_value) { $x_length = count($x_value); $y_length = count($y_value); if (!$x_length \|\| !$y_length) { // a 0 is being multiplied return array(); } if ($x_length < $y_length) { $temp = $x_value; $x_value = $y_value; $y_value = $temp; $x_length = count($x_value); $y_length = count($y_value); } $product_value = $this->_array_repeat(0, $x_length + $y_length); // the following for loop could be removed if the for loop following it // (the one with nested for loops) initially set $i to 0, but // doing so would also make the result in one set of unnecessary adds, // since on the outermost loops first pass, $product->value[$k] is going // to always be 0 $carry = 0; for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0 $temp = $x_value[$j] $y_value[0] + $carry; // $product_value[$k] == 0 $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $product_value[$j] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } $product_value[$j] = $carry; // the above for loop is what the previous comment was talking about. the // following for loop is the "one with nested for loops" for ($i = 1; $i < $y_length; ++$i) { $carry = 0; for ($j = 0, $k = $i; $j < $x_length; ++$j, ++$k) { $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $product_value[$k] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } $product_value[$k] = $carry; } return $product_value; } /** * Performs Karatsuba multiplication on two BigIntegers * * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=120 MPM 5.2.3}. * * @param array $x_value * @param array $y_value * @return array * @access private / function _karatsuba($x_value, $y_value) { $m = min(count($x_value) >> 1, count($y_value) >> 1); if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) { return $this->_regularMultiply($x_value, $y_value); } $x1 = array_slice($x_value, $m); $x0 = array_slice($x_value, 0, $m); $y1 = array_slice($y_value, $m); $y0 = array_slice($y_value, 0, $m); $z2 = $this->_karatsuba($x1, $y1); $z0 = $this->_karatsuba($x0, $y0); $z1 = $this->_add($x1, false, $x0, false); $temp = $this->_add($y1, false, $y0, false); $z1 = $this->_karatsuba($z1[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_VALUE]); $temp = $this->_add($z2, false, $z0, false); $z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false); $z2 = array_merge(array_fill(0, 2 $m, 0), $z2); $z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]); $xy = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]); $xy = $this->_add($xy[MATH_BIGINTEGER_VALUE], $xy[MATH_BIGINTEGER_SIGN], $z0, false); return $xy[MATH_BIGINTEGER_VALUE]; } /** * Performs squaring * * @param array $x * @return array * @access private / function _square($x = false) { return count($x) < 2 MATH_BIGINTEGER_KARATSUBA_CUTOFF ? $this->_trim($this->_baseSquare($x)) : $this->_trim($this->_karatsubaSquare($x)); } /** * Performs traditional squaring on two BigIntegers * * Squaring can be done faster than multiplying a number by itself can be. See * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=7 HAC 14.2.4} / * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=141 MPM 5.3} for more information. * * @param array $value * @return array * @access private / function _baseSquare($value) { if (empty($value)) { return array(); } $square_value = $this->_array_repeat(0, 2 count($value)); for ($i = 0, $max_index = count($value) - 1; $i <= $max_index; ++$i) { $i2 = $i << 1; $temp = $square_value[$i2] + $value[$i] * $value[$i]; $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $square_value[$i2] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); // note how we start from $i+1 instead of 0 as we do in multiplication. for ($j = $i + 1, $k = $i2 + 1; $j <= $max_index; ++$j, ++$k) { $temp = $square_value[$k] + 2 * $value[$j] * $value[$i] + $carry; $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $square_value[$k] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } // the following line can yield values larger 215. at this point, PHP should switch // over to floats. $square_value[$i + $max_index + 1] = $carry; } return $square_value; } / * Performs Karatsuba "squaring" on two BigIntegers * * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=151 MPM 5.3.4}. * * @param array $value * @return array * @access private / function _karatsubaSquare($value) { $m = count($value) >> 1; if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) { return $this->_baseSquare($value); } $x1 = array_slice($value, $m); $x0 = array_slice($value, 0, $m); $z2 = $this->_karatsubaSquare($x1); $z0 = $this->_karatsubaSquare($x0); $z1 = $this->_add($x1, false, $x0, false); $z1 = $this->_karatsubaSquare($z1[MATH_BIGINTEGER_VALUE]); $temp = $this->_add($z2, false, $z0, false); $z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false); $z2 = array_merge(array_fill(0, 2 $m, 0), $z2); $z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]); $xx = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]); $xx = $this->_add($xx[MATH_BIGINTEGER_VALUE], $xx[MATH_BIGINTEGER_SIGN], $z0, false); return $xx[MATH_BIGINTEGER_VALUE]; } /** * Divides two BigIntegers. * * Returns an array whose first element contains the quotient and whose second element contains the * "common residue". If the remainder would be positive, the "common residue" and the remainder are the * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder * and the divisor (basically, the "common residue" is the first positive modulo). * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * * list($quotient, $remainder) = $a->divide($b); * * echo $quotient->toString(); // outputs 0 * echo "\r\n"; * echo $remainder->toString(); // outputs 10 * ?> * </code> * * @param Math_BigInteger $y * @return array * @access public * @internal This function is based off of {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=9 HAC 14.20}. / function divide($y) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $quotient = new Math_BigInteger(); $remainder = new Math_BigInteger(); list($quotient->value, $remainder->value) = gmp_div_qr($this->value, $y->value); if (gmp_sign($remainder->value) < 0) { $remainder->value = gmp_add($remainder->value, gmp_abs($y->value)); } return array($this->_normalize($quotient), $this->_normalize($remainder)); case MATH_BIGINTEGER_MODE_BCMATH: $quotient = new Math_BigInteger(); $remainder = new Math_BigInteger(); $quotient->value = bcdiv($this->value, $y->value, 0); $remainder->value = bcmod($this->value, $y->value); if ($remainder->value[0] == '-') { $remainder->value = bcadd($remainder->value, $y->value[0] == '-' ? substr($y->value, 1) : $y->value, 0); } return array($this->_normalize($quotient), $this->_normalize($remainder)); } if (count($y->value) == 1) { list($q, $r) = $this->_divide_digit($this->value, $y->value[0]); $quotient = new Math_BigInteger(); $remainder = new Math_BigInteger(); $quotient->value = $q; $remainder->value = array($r); $quotient->is_negative = $this->is_negative != $y->is_negative; return array($this->_normalize($quotient), $this->_normalize($remainder)); } static $zero; if (!isset($zero)) { $zero = new Math_BigInteger(); } $x = $this->copy(); $y = $y->copy(); $x_sign = $x->is_negative; $y_sign = $y->is_negative; $x->is_negative = $y->is_negative = false; $diff = $x->compare($y); if (!$diff) { $temp = new Math_BigInteger(); $temp->value = array(1); $temp->is_negative = $x_sign != $y_sign; return array($this->_normalize($temp), $this->_normalize(new Math_BigInteger())); } if ($diff < 0) { // if $x is negative, "add" $y. if ($x_sign) { $x = $y->subtract($x); } return array($this->_normalize(new Math_BigInteger()), $this->_normalize($x)); } // normalize $x and $y as described in HAC 14.23 / 14.24 $msb = $y->value[count($y->value) - 1]; for ($shift = 0; !($msb & MATH_BIGINTEGER_MSB); ++$shift) { $msb <<= 1; } $x->_lshift($shift); $y->_lshift($shift); $y_value = &$y->value; $x_max = count($x->value) - 1; $y_max = count($y->value) - 1; $quotient = new Math_BigInteger(); $quotient_value = &$quotient->value; $quotient_value = $this->_array_repeat(0, $x_max - $y_max + 1); static $temp, $lhs, $rhs; if (!isset($temp)) { $temp = new Math_BigInteger(); $lhs = new Math_BigInteger(); $rhs = new Math_BigInteger(); } $temp_value = &$temp->value; $rhs_value = &$rhs->value; // $temp = $y << ($x_max - $y_max-1) in base 226 $temp_value = array_merge($this->_array_repeat(0, $x_max - $y_max), $y_value); while ($x->compare($temp) >= 0) { // calculate the "common residue" ++$quotient_value[$x_max - $y_max]; $x = $x->subtract($temp); $x_max = count($x->value) - 1; } for ($i = $x_max; $i >= $y_max + 1; --$i) { $x_value = &$x->value; $x_window = array( isset($x_value[$i]) ? $x_value[$i] : 0, isset($x_value[$i - 1]) ? $x_value[$i - 1] : 0, isset($x_value[$i - 2]) ? $x_value[$i - 2] : 0 ); $y_window = array( $y_value[$y_max], ($y_max > 0) ? $y_value[$y_max - 1] : 0 ); $q_index = $i - $y_max - 1; if ($x_window[0] == $y_window[0]) { $quotient_value[$q_index] = MATH_BIGINTEGER_MAX_DIGIT; } else { $quotient_value[$q_index] = $this->_safe_divide( $x_window[0] MATH_BIGINTEGER_BASE_FULL + $x_window[1], $y_window[0] ); } $temp_value = array($y_window[1], $y_window[0]); $lhs->value = array($quotient_value[$q_index]); $lhs = $lhs->multiply($temp); $rhs_value = array($x_window[2], $x_window[1], $x_window[0]); while ($lhs->compare($rhs) > 0) { --$quotient_value[$q_index]; $lhs->value = array($quotient_value[$q_index]); $lhs = $lhs->multiply($temp); } $adjust = $this->_array_repeat(0, $q_index); $temp_value = array($quotient_value[$q_index]); $temp = $temp->multiply($y); $temp_value = &$temp->value; if (count($temp_value)) { $temp_value = array_merge($adjust, $temp_value); } $x = $x->subtract($temp); if ($x->compare($zero) < 0) { $temp_value = array_merge($adjust, $y_value); $x = $x->add($temp); --$quotient_value[$q_index]; } $x_max = count($x_value) - 1; } // unnormalize the remainder $x->_rshift($shift); $quotient->is_negative = $x_sign != $y_sign; // calculate the "common residue", if appropriate if ($x_sign) { $y->_rshift($shift); $x = $y->subtract($x); } return array($this->_normalize($quotient), $this->_normalize($x)); } /** * Divides a BigInteger by a regular integer * * abc / x = a00 / x + b0 / x + c / x * * @param array $dividend * @param array $divisor * @return array * @access private / function _divide_digit($dividend, $divisor) { $carry = 0; $result = array(); for ($i = count($dividend) - 1; $i >= 0; --$i) { $temp = MATH_BIGINTEGER_BASE_FULL $carry + $dividend[$i]; $result[$i] = $this->_safe_divide($temp, $divisor); $carry = (int) ($temp - $divisor * $result[$i]); } return array($result, $carry); } /** * Performs modular exponentiation. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger('10'); * $b = new Math_BigInteger('20'); * $c = new Math_BigInteger('30'); * * $c = $a->modPow($b, $c); * * echo $c->toString(); // outputs 10 * ?> * </code> * * @param Math_BigInteger $e * @param Math_BigInteger $n * @return Math_BigInteger * @access public * @internal The most naive approach to modular exponentiation has very unreasonable requirements, and * and although the approach involving repeated squaring does vastly better, it, too, is impractical * for our purposes. The reason being that division - by far the most complicated and time-consuming * of the basic operations (eg. +,-,,/) - occurs multiple times within it. * Modular reductions resolve this issue. Although an individual modular reduction takes more time * then an individual division, when performed in succession (with the same modulo), they're a lot faster. * * The two most commonly used modular reductions are Barrett and Montgomery reduction. Montgomery reduction, * although faster, only works when the gcd of the modulo and of the base being used is 1. In RSA, when the * base is a power of two, the modulo - a product of two primes - is always going to have a gcd of 1 (because * the product of two odd numbers is odd), but what about when RSA isn't used? * * In contrast, Barrett reduction has no such constraint. As such, some bigint implementations perform a * Barrett reduction after every operation in the modpow function. Others perform Barrett reductions when the * modulo is even and Montgomery reductions when the modulo is odd. BigInteger.java's modPow method, however, * uses a trick involving the Chinese Remainder Theorem to factor the even modulo into two numbers - one odd and * the other, a power of two - and recombine them, later. This is the method that this modPow function uses. * {@link http://islab.oregonstate.edu/papers/j34monex.pdf Montgomery Reduction with Even Modulus} elaborates. / function modPow($e, $n) { $n = $this->bitmask !== false && $this->bitmask->compare($n) < 0 ? $this->bitmask : $n->abs(); if ($e->compare(new Math_BigInteger()) < 0) { $e = $e->abs(); $temp = $this->modInverse($n); if ($temp === false) { return false; } return $this->_normalize($temp->modPow($e, $n)); } if (MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP) { $temp = new Math_BigInteger(); $temp->value = gmp_powm($this->value, $e->value, $n->value); return $this->_normalize($temp); } if ($this->compare(new Math_BigInteger()) < 0 \|\| $this->compare($n) > 0) { list(, $temp) = $this->divide($n); return $temp->modPow($e, $n); } if (defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) { $components = array( 'modulus' => $n->toBytes(true), 'publicExponent' => $e->toBytes(true) ); $components = array( 'modulus' => pack('Caa', 2, $this->_encodeASN1Length(strlen($components['modulus'])), $components['modulus']), 'publicExponent' => pack('Caa', 2, $this->_encodeASN1Length(strlen($components['publicExponent'])), $components['publicExponent']) ); $RSAPublicKey = pack( 'Caaa', 48, $this->_encodeASN1Length(strlen($components['modulus']) + strlen($components['publicExponent'])), $components['modulus'], $components['publicExponent'] ); $rsaOID = pack('H', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA $RSAPublicKey = chr(0) . $RSAPublicKey; $RSAPublicKey = chr(3) . $this->_encodeASN1Length(strlen($RSAPublicKey)) . $RSAPublicKey; $encapsulated = pack( 'Caa', 48, $this->_encodeASN1Length(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey ); $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . chunk_split(base64_encode($encapsulated)) . '-----END PUBLIC KEY-----'; $plaintext = str_pad($this->toBytes(), strlen($n->toBytes(true)) - 1, "\0", STR_PAD_LEFT); if (openssl_public_encrypt($plaintext, $result, $RSAPublicKey, OPENSSL_NO_PADDING)) { return new Math_BigInteger($result, 256); } } if (MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH) { $temp = new Math_BigInteger(); $temp->value = bcpowmod($this->value, $e->value, $n->value, 0); return $this->_normalize($temp); } if (empty($e->value)) { $temp = new Math_BigInteger(); $temp->value = array(1); return $this->_normalize($temp); } if ($e->value == array(1)) { list(, $temp) = $this->divide($n); return $this->_normalize($temp); } if ($e->value == array(2)) { $temp = new Math_BigInteger(); $temp->value = $this->_square($this->value); list(, $temp) = $temp->divide($n); return $this->_normalize($temp); } return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_BARRETT)); // the following code, although not callable, can be run independently of the above code // although the above code performed better in my benchmarks the following could might // perform better under different circumstances. in lieu of deleting it it's just been // made uncallable // is the modulo odd? if ($n->value[0] & 1) { return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_MONTGOMERY)); } // if it's not, it's even // find the lowest set bit (eg. the max pow of 2 that divides $n) for ($i = 0; $i < count($n->value); ++$i) { if ($n->value[$i]) { $temp = decbin($n->value[$i]); $j = strlen($temp) - strrpos($temp, '1') - 1; $j+= 26 $i; break; } } // at this point, 2^$j * $n/(2^$j) == $n $mod1 = $n->copy(); $mod1->_rshift($j); $mod2 = new Math_BigInteger(); $mod2->value = array(1); $mod2->_lshift($j); $part1 = ($mod1->value != array(1)) ? $this->_slidingWindow($e, $mod1, MATH_BIGINTEGER_MONTGOMERY) : new Math_BigInteger(); $part2 = $this->_slidingWindow($e, $mod2, MATH_BIGINTEGER_POWEROF2); $y1 = $mod2->modInverse($mod1); $y2 = $mod1->modInverse($mod2); $result = $part1->multiply($mod2); $result = $result->multiply($y1); $temp = $part2->multiply($mod1); $temp = $temp->multiply($y2); $result = $result->add($temp); list(, $result) = $result->divide($n); return $this->_normalize($result); } /** * Performs modular exponentiation. * * Alias for Math_BigInteger::modPow() * * @param Math_BigInteger $e * @param Math_BigInteger $n * @return Math_BigInteger * @access public / function powMod($e, $n) { return $this->modPow($e, $n); } /* * Sliding Window k-ary Modular Exponentiation * * Based on {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=27 HAC 14.85} / * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=210 MPM 7.7}. In a departure from those algorithims, * however, this function performs a modular reduction after every multiplication and squaring operation. * As such, this function has the same preconditions that the reductions being used do. * * @param Math_BigInteger $e * @param Math_BigInteger $n * @param int $mode * @return Math_BigInteger * @access private / function _slidingWindow($e, $n, $mode) { static $window_ranges = array(7, 25, 81, 241, 673, 1793); // from BigInteger.java's oddModPow function //static $window_ranges = array(0, 7, 36, 140, 450, 1303, 3529); // from MPM 7.3.1 $e_value = $e->value; $e_length = count($e_value) - 1; $e_bits = decbin($e_value[$e_length]); for ($i = $e_length - 1; $i >= 0; --$i) { $e_bits.= str_pad(decbin($e_value[$i]), MATH_BIGINTEGER_BASE, '0', STR_PAD_LEFT); } $e_length = strlen($e_bits); // calculate the appropriate window size. // $window_size == 3 if $window_ranges is between 25 and 81, for example. for ($i = 0, $window_size = 1; $i < count($window_ranges) && $e_length > $window_ranges[$i]; ++$window_size, ++$i) { } $n_value = $n->value; // precompute $this^0 through $this^$window_size $powers = array(); $powers[1] = $this->_prepareReduce($this->value, $n_value, $mode); $powers[2] = $this->_squareReduce($powers[1], $n_value, $mode); // we do every other number since substr($e_bits, $i, $j+1) (see below) is supposed to end // in a 1. ie. it's supposed to be odd. $temp = 1 << ($window_size - 1); for ($i = 1; $i < $temp; ++$i) { $i2 = $i << 1; $powers[$i2 + 1] = $this->_multiplyReduce($powers[$i2 - 1], $powers[2], $n_value, $mode); } $result = array(1); $result = $this->_prepareReduce($result, $n_value, $mode); for ($i = 0; $i < $e_length;) { if (!$e_bits[$i]) { $result = $this->_squareReduce($result, $n_value, $mode); ++$i; } else { for ($j = $window_size - 1; $j > 0; --$j) { if (!empty($e_bits[$i + $j])) { break; } } // eg. the length of substr($e_bits, $i, $j + 1) for ($k = 0; $k <= $j; ++$k) { $result = $this->_squareReduce($result, $n_value, $mode); } $result = $this->_multiplyReduce($result, $powers[bindec(substr($e_bits, $i, $j + 1))], $n_value, $mode); $i += $j + 1; } } $temp = new Math_BigInteger(); $temp->value = $this->_reduce($result, $n_value, $mode); return $temp; } /* * Modular reduction * * For most $modes this will return the remainder. * * @see self::_slidingWindow() * @access private * @param array $x * @param array $n * @param int $mode * @return array / function _reduce($x, $n, $mode) { switch ($mode) { case MATH_BIGINTEGER_MONTGOMERY: return $this->_montgomery($x, $n); case MATH_BIGINTEGER_BARRETT: return $this->_barrett($x, $n); case MATH_BIGINTEGER_POWEROF2: $lhs = new Math_BigInteger(); $lhs->value = $x; $rhs = new Math_BigInteger(); $rhs->value = $n; return $x->_mod2($n); case MATH_BIGINTEGER_CLASSIC: $lhs = new Math_BigInteger(); $lhs->value = $x; $rhs = new Math_BigInteger(); $rhs->value = $n; list(, $temp) = $lhs->divide($rhs); return $temp->value; case MATH_BIGINTEGER_NONE: return $x; default: // an invalid $mode was provided } } /* * Modular reduction preperation * * @see self::_slidingWindow() * @access private * @param array $x * @param array $n * @param int $mode * @return array / function _prepareReduce($x, $n, $mode) { if ($mode == MATH_BIGINTEGER_MONTGOMERY) { return $this->_prepMontgomery($x, $n); } return $this->_reduce($x, $n, $mode); } /* * Modular multiply * * @see self::_slidingWindow() * @access private * @param array $x * @param array $y * @param array $n * @param int $mode * @return array / function _multiplyReduce($x, $y, $n, $mode) { if ($mode == MATH_BIGINTEGER_MONTGOMERY) { return $this->_montgomeryMultiply($x, $y, $n); } $temp = $this->_multiply($x, false, $y, false); return $this->_reduce($temp[MATH_BIGINTEGER_VALUE], $n, $mode); } /* * Modular square * * @see self::_slidingWindow() * @access private * @param array $x * @param array $n * @param int $mode * @return array / function _squareReduce($x, $n, $mode) { if ($mode == MATH_BIGINTEGER_MONTGOMERY) { return $this->_montgomeryMultiply($x, $x, $n); } return $this->_reduce($this->_square($x), $n, $mode); } /* * Modulos for Powers of Two * * Calculates $x%$n, where $n = 2*$e, for some $e. Since this is basically the same as doing $x & ($n-1), we'll just use this function as a wrapper for doing that. * * @see self::_slidingWindow() * @access private * @param Math_BigInteger * @return Math_BigInteger / function _mod2($n) { $temp = new Math_BigInteger(); $temp->value = array(1); return $this->bitwise_and($n->subtract($temp)); } /* * Barrett Modular Reduction * * See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=14 HAC 14.3.3} / * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=165 MPM 6.2.5} for more information. Modified slightly, * so as not to require negative numbers (initially, this script didn't support negative numbers). * * Employs "folding", as described at * {@link http://www.cosic.esat.kuleuven.be/publications/thesis-149.pdf#page=66 thesis-149.pdf#page=66}. To quote from * it, "the idea [behind folding] is to find a value x' such that x (mod m) = x' (mod m), with x' being smaller than x." * * Unfortunately, the "Barrett Reduction with Folding" algorithm described in thesis-149.pdf is not, as written, all that * usable on account of (1) its not using reasonable radix points as discussed in * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=162 MPM 6.2.2} and (2) the fact that, even with reasonable * radix points, it only works when there are an even number of digits in the denominator. The reason for (2) is that * (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line * comments for details. * * @see self::_slidingWindow() * @access private * @param array $n * @param array $m * @return array / function _barrett($n, $m) { static $cache = array( MATH_BIGINTEGER_VARIABLE => array(), MATH_BIGINTEGER_DATA => array() ); $m_length = count($m); // if ($this->_compare($n, $this->_square($m)) >= 0) { if (count($n) > 2 $m_length) { $lhs = new Math_BigInteger(); $rhs = new Math_BigInteger(); $lhs->value = $n; $rhs->value = $m; list(, $temp) = $lhs->divide($rhs); return $temp->value; } // if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced if ($m_length < 5) { return $this->_regularBarrett($n, $m); } // n = 2 * m.length if (($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false) { $key = count($cache[MATH_BIGINTEGER_VARIABLE]); $cache[MATH_BIGINTEGER_VARIABLE][] = $m; $lhs = new Math_BigInteger(); $lhs_value = &$lhs->value; $lhs_value = $this->_array_repeat(0, $m_length + ($m_length >> 1)); $lhs_value[] = 1; $rhs = new Math_BigInteger(); $rhs->value = $m; list($u, $m1) = $lhs->divide($rhs); $u = $u->value; $m1 = $m1->value; $cache[MATH_BIGINTEGER_DATA][] = array( 'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1) 'm1'=> $m1 // m.length ); } else { extract($cache[MATH_BIGINTEGER_DATA][$key]); } $cutoff = $m_length + ($m_length >> 1); $lsd = array_slice($n, 0, $cutoff); // m.length + (m.length >> 1) $msd = array_slice($n, $cutoff); // m.length >> 1 $lsd = $this->_trim($lsd); $temp = $this->_multiply($msd, false, $m1, false); $n = $this->_add($lsd, false, $temp[MATH_BIGINTEGER_VALUE], false); // m.length + (m.length >> 1) + 1 if ($m_length & 1) { return $this->_regularBarrett($n[MATH_BIGINTEGER_VALUE], $m); } // (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2 $temp = array_slice($n[MATH_BIGINTEGER_VALUE], $m_length - 1); // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2 // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1 $temp = $this->_multiply($temp, false, $u, false); // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1 // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) $temp = array_slice($temp[MATH_BIGINTEGER_VALUE], ($m_length >> 1) + 1); // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1 // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1) $temp = $this->_multiply($temp, false, $m, false); // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop // following this comment would loop a lot (hence our calling _regularBarrett() in that situation). $result = $this->_subtract($n[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false); while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false) >= 0) { $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false); } return $result[MATH_BIGINTEGER_VALUE]; } /** * (Regular) Barrett Modular Reduction * * For numbers with more than four digits Math_BigInteger::_barrett() is faster. The difference between that and this * is that this function does not fold the denominator into a smaller form. * * @see self::_slidingWindow() * @access private * @param array $x * @param array $n * @return array / function _regularBarrett($x, $n) { static $cache = array( MATH_BIGINTEGER_VARIABLE => array(), MATH_BIGINTEGER_DATA => array() ); $n_length = count($n); if (count($x) > 2 $n_length) { $lhs = new Math_BigInteger(); $rhs = new Math_BigInteger(); $lhs->value = $x; $rhs->value = $n; list(, $temp) = $lhs->divide($rhs); return $temp->value; } if (($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false) { $key = count($cache[MATH_BIGINTEGER_VARIABLE]); $cache[MATH_BIGINTEGER_VARIABLE][] = $n; $lhs = new Math_BigInteger(); $lhs_value = &$lhs->value; $lhs_value = $this->_array_repeat(0, 2 * $n_length); $lhs_value[] = 1; $rhs = new Math_BigInteger(); $rhs->value = $n; list($temp, ) = $lhs->divide($rhs); // m.length $cache[MATH_BIGINTEGER_DATA][] = $temp->value; } // 2 * m.length - (m.length - 1) = m.length + 1 $temp = array_slice($x, $n_length - 1); // (m.length + 1) + m.length = 2 * m.length + 1 $temp = $this->_multiply($temp, false, $cache[MATH_BIGINTEGER_DATA][$key], false); // (2 * m.length + 1) - (m.length - 1) = m.length + 2 $temp = array_slice($temp[MATH_BIGINTEGER_VALUE], $n_length + 1); // m.length + 1 $result = array_slice($x, 0, $n_length + 1); // m.length + 1 $temp = $this->_multiplyLower($temp, false, $n, false, $n_length + 1); // $temp == array_slice($temp->_multiply($temp, false, $n, false)->value, 0, $n_length + 1) if ($this->_compare($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]) < 0) { $corrector_value = $this->_array_repeat(0, $n_length + 1); $corrector_value[count($corrector_value)] = 1; $result = $this->_add($result, false, $corrector_value, false); $result = $result[MATH_BIGINTEGER_VALUE]; } // at this point, we're subtracting a number with m.length + 1 digits from another number with m.length + 1 digits $result = $this->_subtract($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]); while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false) > 0) { $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false); } return $result[MATH_BIGINTEGER_VALUE]; } /** * Performs long multiplication up to $stop digits * * If you're going to be doing array_slice($product->value, 0, $stop), some cycles can be saved. * * @see self::_regularBarrett() * @param array $x_value * @param bool $x_negative * @param array $y_value * @param bool $y_negative * @param int $stop * @return array * @access private / function _multiplyLower($x_value, $x_negative, $y_value, $y_negative, $stop) { $x_length = count($x_value); $y_length = count($y_value); if (!$x_length \|\| !$y_length) { // a 0 is being multiplied return array( MATH_BIGINTEGER_VALUE => array(), MATH_BIGINTEGER_SIGN => false ); } if ($x_length < $y_length) { $temp = $x_value; $x_value = $y_value; $y_value = $temp; $x_length = count($x_value); $y_length = count($y_value); } $product_value = $this->_array_repeat(0, $x_length + $y_length); // the following for loop could be removed if the for loop following it // (the one with nested for loops) initially set $i to 0, but // doing so would also make the result in one set of unnecessary adds, // since on the outermost loops first pass, $product->value[$k] is going // to always be 0 $carry = 0; for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0, $k = $i $temp = $x_value[$j] $y_value[0] + $carry; // $product_value[$k] == 0 $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $product_value[$j] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } if ($j < $stop) { $product_value[$j] = $carry; } // the above for loop is what the previous comment was talking about. the // following for loop is the "one with nested for loops" for ($i = 1; $i < $y_length; ++$i) { $carry = 0; for ($j = 0, $k = $i; $j < $x_length && $k < $stop; ++$j, ++$k) { $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $product_value[$k] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } if ($k < $stop) { $product_value[$k] = $carry; } } return array( MATH_BIGINTEGER_VALUE => $this->_trim($product_value), MATH_BIGINTEGER_SIGN => $x_negative != $y_negative ); } /** * Montgomery Modular Reduction * * ($x->_prepMontgomery($n))->_montgomery($n) yields $x % $n. * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=170 MPM 6.3} provides insights on how this can be * improved upon (basically, by using the comba method). gcd($n, 2) must be equal to one for this function * to work correctly. * * @see self::_prepMontgomery() * @see self::_slidingWindow() * @access private * @param array $x * @param array $n * @return array / function _montgomery($x, $n) { static $cache = array( MATH_BIGINTEGER_VARIABLE => array(), MATH_BIGINTEGER_DATA => array() ); if (($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false) { $key = count($cache[MATH_BIGINTEGER_VARIABLE]); $cache[MATH_BIGINTEGER_VARIABLE][] = $x; $cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($n); } $k = count($n); $result = array(MATH_BIGINTEGER_VALUE => $x); for ($i = 0; $i < $k; ++$i) { $temp = $result[MATH_BIGINTEGER_VALUE][$i] $cache[MATH_BIGINTEGER_DATA][$key]; $temp = $temp - MATH_BIGINTEGER_BASE_FULL * (MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); $temp = $this->_regularMultiply(array($temp), $n); $temp = array_merge($this->_array_repeat(0, $i), $temp); $result = $this->_add($result[MATH_BIGINTEGER_VALUE], false, $temp, false); } $result[MATH_BIGINTEGER_VALUE] = array_slice($result[MATH_BIGINTEGER_VALUE], $k); if ($this->_compare($result, false, $n, false) >= 0) { $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], false, $n, false); } return $result[MATH_BIGINTEGER_VALUE]; } /** * Montgomery Multiply * * Interleaves the montgomery reduction and long multiplication algorithms together as described in * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36} * * @see self::_prepMontgomery() * @see self::_montgomery() * @access private * @param array $x * @param array $y * @param array $m * @return array / function _montgomeryMultiply($x, $y, $m) { $temp = $this->_multiply($x, false, $y, false); return $this->_montgomery($temp[MATH_BIGINTEGER_VALUE], $m); // the following code, although not callable, can be run independently of the above code // although the above code performed better in my benchmarks the following could might // perform better under different circumstances. in lieu of deleting it it's just been // made uncallable static $cache = array( MATH_BIGINTEGER_VARIABLE => array(), MATH_BIGINTEGER_DATA => array() ); if (($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false) { $key = count($cache[MATH_BIGINTEGER_VARIABLE]); $cache[MATH_BIGINTEGER_VARIABLE][] = $m; $cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($m); } $n = max(count($x), count($y), count($m)); $x = array_pad($x, $n, 0); $y = array_pad($y, $n, 0); $m = array_pad($m, $n, 0); $a = array(MATH_BIGINTEGER_VALUE => $this->_array_repeat(0, $n + 1)); for ($i = 0; $i < $n; ++$i) { $temp = $a[MATH_BIGINTEGER_VALUE][0] + $x[$i] $y[0]; $temp = $temp - MATH_BIGINTEGER_BASE_FULL * (MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); $temp = $temp * $cache[MATH_BIGINTEGER_DATA][$key]; $temp = $temp - MATH_BIGINTEGER_BASE_FULL * (MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); $temp = $this->_add($this->_regularMultiply(array($x[$i]), $y), false, $this->_regularMultiply(array($temp), $m), false); $a = $this->_add($a[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false); $a[MATH_BIGINTEGER_VALUE] = array_slice($a[MATH_BIGINTEGER_VALUE], 1); } if ($this->_compare($a[MATH_BIGINTEGER_VALUE], false, $m, false) >= 0) { $a = $this->_subtract($a[MATH_BIGINTEGER_VALUE], false, $m, false); } return $a[MATH_BIGINTEGER_VALUE]; } /** * Prepare a number for use in Montgomery Modular Reductions * * @see self::_montgomery() * @see self::_slidingWindow() * @access private * @param array $x * @param array $n * @return array / function _prepMontgomery($x, $n) { $lhs = new Math_BigInteger(); $lhs->value = array_merge($this->_array_repeat(0, count($n)), $x); $rhs = new Math_BigInteger(); $rhs->value = $n; list(, $temp) = $lhs->divide($rhs); return $temp->value; } /* * Modular Inverse of a number mod 2*26 (eg. 67108864) * Based off of the bnpInvDigit function implemented and justified in the following URL: * * {@link http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn.js} * * The following URL provides more info: * * {@link http://groups.google.com/group/sci.crypt/msg/7a137205c1be7d85} * * As for why we do all the bitmasking... strange things can happen when converting from floats to ints. For * instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields * int(-2147483648). To avoid problems stemming from this, we use bitmasks to guarantee that ints aren't * auto-converted to floats. The outermost bitmask is present because without it, there's no guarantee that * the "residue" returned would be the so-called "common residue". We use fmod, in the last step, because the * maximum possible $x is 26 bits and the maximum $result is 16 bits. Thus, we have to be able to handle up to * 40 bits, which only 64-bit floating points will support. * * Thanks to Pedro Gimeno Fortea for input! * * @see self::_montgomery() * @access private * @param array $x * @return int / function _modInverse67108864($x) // 226 == 67,108,864 { $x = -$x[0]; $result = $x & 0x3; // x-1 mod 22 $result = ($result (2 - $x * $result)) & 0xF; // x-1 mod 24 $result = ($result * (2 - ($x & 0xFF) * $result)) & 0xFF; // x-1 mod 28 $result = ($result * ((2 - ($x & 0xFFFF) * $result) & 0xFFFF)) & 0xFFFF; // x-1 mod 216 $result = fmod($result * (2 - fmod($x * $result, MATH_BIGINTEGER_BASE_FULL)), MATH_BIGINTEGER_BASE_FULL); // x-1 mod 226 return $result & MATH_BIGINTEGER_MAX_DIGIT; } /** * Calculates modular inverses. * * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger(30); * $b = new Math_BigInteger(17); * * $c = $a->modInverse($b); * echo $c->toString(); // outputs 4 * * echo "\r\n"; * * $d = $a->multiply($c); * list(, $d) = $d->divide($b); * echo $d; // outputs 1 (as per the definition of modular inverse) * ?> * </code> * * @param Math_BigInteger $n * @return Math_BigInteger\|false * @access public * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=21 HAC 14.64} for more information. / function modInverse($n) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_invert($this->value, $n->value); return ($temp->value === false) ? false : $this->_normalize($temp); } static $zero, $one; if (!isset($zero)) { $zero = new Math_BigInteger(); $one = new Math_BigInteger(1); } // $x mod -$n == $x mod $n. $n = $n->abs(); if ($this->compare($zero) < 0) { $temp = $this->abs(); $temp = $temp->modInverse($n); return $this->_normalize($n->subtract($temp)); } extract($this->extendedGCD($n)); if (!$gcd->equals($one)) { return false; } $x = $x->compare($zero) < 0 ? $x->add($n) : $x; return $this->compare($zero) < 0 ? $this->_normalize($n->subtract($x)) : $this->_normalize($x); } /* * Calculates the greatest common divisor and Bezout's identity. * * Say you have 693 and 609. The GCD is 21. Bezout's identity states that there exist integers x and y such that * 693x + 609y == 21. In point of fact, there are actually an infinite number of x and y combinations and which * combination is returned is dependent upon which mode is in use. See * {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity Bezout's identity - Wikipedia} for more information. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger(693); * $b = new Math_BigInteger(609); * * extract($a->extendedGCD($b)); * * echo $gcd->toString() . "\r\n"; // outputs 21 * echo $a->toString() * $x->toString() + $b->toString() * $y->toString(); // outputs 21 * ?> * </code> * * @param Math_BigInteger $n * @return Math_BigInteger * @access public * @internal Calculates the GCD using the binary xGCD algorithim described in * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=19 HAC 14.61}. As the text above 14.61 notes, * the more traditional algorithim requires "relatively costly multiple-precision divisions". / function extendedGCD($n) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: extract(gmp_gcdext($this->value, $n->value)); return array( 'gcd' => $this->_normalize(new Math_BigInteger($g)), 'x' => $this->_normalize(new Math_BigInteger($s)), 'y' => $this->_normalize(new Math_BigInteger($t)) ); case MATH_BIGINTEGER_MODE_BCMATH: // it might be faster to use the binary xGCD algorithim here, as well, but (1) that algorithim works // best when the base is a power of 2 and (2) i don't think it'd make much difference, anyway. as is, // the basic extended euclidean algorithim is what we're using. $u = $this->value; $v = $n->value; $a = '1'; $b = '0'; $c = '0'; $d = '1'; while (bccomp($v, '0', 0) != 0) { $q = bcdiv($u, $v, 0); $temp = $u; $u = $v; $v = bcsub($temp, bcmul($v, $q, 0), 0); $temp = $a; $a = $c; $c = bcsub($temp, bcmul($a, $q, 0), 0); $temp = $b; $b = $d; $d = bcsub($temp, bcmul($b, $q, 0), 0); } return array( 'gcd' => $this->_normalize(new Math_BigInteger($u)), 'x' => $this->_normalize(new Math_BigInteger($a)), 'y' => $this->_normalize(new Math_BigInteger($b)) ); } $y = $n->copy(); $x = $this->copy(); $g = new Math_BigInteger(); $g->value = array(1); while (!(($x->value[0] & 1)\|\| ($y->value[0] & 1))) { $x->_rshift(1); $y->_rshift(1); $g->_lshift(1); } $u = $x->copy(); $v = $y->copy(); $a = new Math_BigInteger(); $b = new Math_BigInteger(); $c = new Math_BigInteger(); $d = new Math_BigInteger(); $a->value = $d->value = $g->value = array(1); $b->value = $c->value = array(); while (!empty($u->value)) { while (!($u->value[0] & 1)) { $u->_rshift(1); if ((!empty($a->value) && ($a->value[0] & 1)) \|\| (!empty($b->value) && ($b->value[0] & 1))) { $a = $a->add($y); $b = $b->subtract($x); } $a->_rshift(1); $b->_rshift(1); } while (!($v->value[0] & 1)) { $v->_rshift(1); if ((!empty($d->value) && ($d->value[0] & 1)) \|\| (!empty($c->value) && ($c->value[0] & 1))) { $c = $c->add($y); $d = $d->subtract($x); } $c->_rshift(1); $d->_rshift(1); } if ($u->compare($v) >= 0) { $u = $u->subtract($v); $a = $a->subtract($c); $b = $b->subtract($d); } else { $v = $v->subtract($u); $c = $c->subtract($a); $d = $d->subtract($b); } } return array( 'gcd' => $this->_normalize($g->multiply($v)), 'x' => $this->_normalize($c), 'y' => $this->_normalize($d) ); } /* * Calculates the greatest common divisor * * Say you have 693 and 609. The GCD is 21. * * Here's an example: * <code> * <?php * include 'Math/BigInteger.php'; * * $a = new Math_BigInteger(693); * $b = new Math_BigInteger(609); * * $gcd = a->extendedGCD($b); * * echo $gcd->toString() . "\r\n"; // outputs 21 * ?> * </code> * * @param Math_BigInteger $n * @return Math_BigInteger * @access public / function gcd($n) { extract($this->extendedGCD($n)); return $gcd; } /* * Absolute value. * * @return Math_BigInteger * @access public / function abs() { $temp = new Math_BigInteger(); switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $temp->value = gmp_abs($this->value); break; case MATH_BIGINTEGER_MODE_BCMATH: $temp->value = (bccomp($this->value, '0', 0) < 0) ? substr($this->value, 1) : $this->value; break; default: $temp->value = $this->value; } return $temp; } /* * Compares two numbers. * * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this is * demonstrated thusly: * * $x > $y: $x->compare($y) > 0 * $x < $y: $x->compare($y) < 0 * $x == $y: $x->compare($y) == 0 * * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). * * @param Math_BigInteger $y * @return int < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. * @access public * @see self::equals() * @internal Could return $this->subtract($x), but that's not as fast as what we do do. / function compare($y) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $r = gmp_cmp($this->value, $y->value); if ($r < -1) { $r = -1; } if ($r > 1) { $r = 1; } return $r; case MATH_BIGINTEGER_MODE_BCMATH: return bccomp($this->value, $y->value, 0); } return $this->_compare($this->value, $this->is_negative, $y->value, $y->is_negative); } /* * Compares two numbers. * * @param array $x_value * @param bool $x_negative * @param array $y_value * @param bool $y_negative * @return int * @see self::compare() * @access private / function _compare($x_value, $x_negative, $y_value, $y_negative) { if ($x_negative != $y_negative) { return (!$x_negative && $y_negative) ? 1 : -1; } $result = $x_negative ? -1 : 1; if (count($x_value) != count($y_value)) { return (count($x_value) > count($y_value)) ? $result : -$result; } $size = max(count($x_value), count($y_value)); $x_value = array_pad($x_value, $size, 0); $y_value = array_pad($y_value, $size, 0); for ($i = count($x_value) - 1; $i >= 0; --$i) { if ($x_value[$i] != $y_value[$i]) { return ($x_value[$i] > $y_value[$i]) ? $result : -$result; } } return 0; } /* * Tests the equality of two numbers. * * If you need to see if one number is greater than or less than another number, use Math_BigInteger::compare() * * @param Math_BigInteger $x * @return bool * @access public * @see self::compare() / function equals($x) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: return gmp_cmp($this->value, $x->value) == 0; default: return $this->value === $x->value && $this->is_negative == $x->is_negative; } } /* * Set Precision * * Some bitwise operations give different results depending on the precision being used. Examples include left * shift, not, and rotates. * * @param int $bits * @access public / function setPrecision($bits) { $this->precision = $bits; if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH) { $this->bitmask = new Math_BigInteger(chr((1 << ($bits & 0x7)) - 1) . str_repeat(chr(0xFF), $bits >> 3), 256); } else { $this->bitmask = new Math_BigInteger(bcpow('2', $bits, 0)); } $temp = $this->_normalize($this); $this->value = $temp->value; } /* * Logical And * * @param Math_BigInteger $x * @access public * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat> * @return Math_BigInteger / function bitwise_and($x) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_and($this->value, $x->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $left = $this->toBytes(); $right = $x->toBytes(); $length = max(strlen($left), strlen($right)); $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); return $this->_normalize(new Math_BigInteger($left & $right, 256)); } $result = $this->copy(); $length = min(count($x->value), count($this->value)); $result->value = array_slice($result->value, 0, $length); for ($i = 0; $i < $length; ++$i) { $result->value[$i]&= $x->value[$i]; } return $this->_normalize($result); } /* * Logical Or * * @param Math_BigInteger $x * @access public * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat> * @return Math_BigInteger / function bitwise_or($x) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_or($this->value, $x->value); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $left = $this->toBytes(); $right = $x->toBytes(); $length = max(strlen($left), strlen($right)); $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); return $this->_normalize(new Math_BigInteger($left \| $right, 256)); } $length = max(count($this->value), count($x->value)); $result = $this->copy(); $result->value = array_pad($result->value, $length, 0); $x->value = array_pad($x->value, $length, 0); for ($i = 0; $i < $length; ++$i) { $result->value[$i]\|= $x->value[$i]; } return $this->_normalize($result); } /* * Logical Exclusive-Or * * @param Math_BigInteger $x * @access public * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat> * @return Math_BigInteger / function bitwise_xor($x) { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: $temp = new Math_BigInteger(); $temp->value = gmp_xor(gmp_abs($this->value), gmp_abs($x->value)); return $this->_normalize($temp); case MATH_BIGINTEGER_MODE_BCMATH: $left = $this->toBytes(); $right = $x->toBytes(); $length = max(strlen($left), strlen($right)); $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); return $this->_normalize(new Math_BigInteger($left ^ $right, 256)); } $length = max(count($this->value), count($x->value)); $result = $this->copy(); $result->is_negative = false; $result->value = array_pad($result->value, $length, 0); $x->value = array_pad($x->value, $length, 0); for ($i = 0; $i < $length; ++$i) { $result->value[$i]^= $x->value[$i]; } return $this->_normalize($result); } /* * Logical Not * * @access public * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat> * @return Math_BigInteger / function bitwise_not() { // calculuate "not" without regard to $this->precision // (will always result in a smaller number. ie. ~1 isn't 1111 1110 - it's 0) $temp = $this->toBytes(); if ($temp == '') { return $this->_normalize(new Math_BigInteger()); } $pre_msb = decbin(ord($temp[0])); $temp = ~$temp; $msb = decbin(ord($temp[0])); if (strlen($msb) == 8) { $msb = substr($msb, strpos($msb, '0')); } $temp[0] = chr(bindec($msb)); // see if we need to add extra leading 1's $current_bits = strlen($pre_msb) + 8 strlen($temp) - 8; $new_bits = $this->precision - $current_bits; if ($new_bits <= 0) { return $this->_normalize(new Math_BigInteger($temp, 256)); } // generate as many leading 1's as we need to. $leading_ones = chr((1 << ($new_bits & 0x7)) - 1) . str_repeat(chr(0xFF), $new_bits >> 3); $this->_base256_lshift($leading_ones, $current_bits); $temp = str_pad($temp, strlen($leading_ones), chr(0), STR_PAD_LEFT); return $this->_normalize(new Math_BigInteger($leading_ones \| $temp, 256)); } /** * Logical Right Shift * * Shifts BigInteger's by $shift bits, effectively dividing by 2*$shift. * @param int $shift * @return Math_BigInteger * @access public * @internal The only version that yields any speed increases is the internal version. / function bitwise_rightShift($shift) { $temp = new Math_BigInteger(); switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: static $two; if (!isset($two)) { $two = gmp_init('2'); } $temp->value = gmp_div_q($this->value, gmp_pow($two, $shift)); break; case MATH_BIGINTEGER_MODE_BCMATH: $temp->value = bcdiv($this->value, bcpow('2', $shift, 0), 0); break; default: // could just replace _lshift with this, but then all _lshift() calls would need to be rewritten // and I don't want to do that... $temp->value = $this->value; $temp->_rshift($shift); } return $this->_normalize($temp); } /* * Logical Left Shift * * Shifts BigInteger's by $shift bits, effectively multiplying by 2*$shift. * @param int $shift * @return Math_BigInteger * @access public * @internal The only version that yields any speed increases is the internal version. / function bitwise_leftShift($shift) { $temp = new Math_BigInteger(); switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: static $two; if (!isset($two)) { $two = gmp_init('2'); } $temp->value = gmp_mul($this->value, gmp_pow($two, $shift)); break; case MATH_BIGINTEGER_MODE_BCMATH: $temp->value = bcmul($this->value, bcpow('2', $shift, 0), 0); break; default: // could just replace _rshift with this, but then all _lshift() calls would need to be rewritten // and I don't want to do that... $temp->value = $this->value; $temp->_lshift($shift); } return $this->_normalize($temp); } /* * Logical Left Rotate * * Instead of the top x bits being dropped they're appended to the shifted bit string. * * @param int $shift * @return Math_BigInteger * @access public / function bitwise_leftRotate($shift) { $bits = $this->toBytes(); if ($this->precision > 0) { $precision = $this->precision; if (MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH) { $mask = $this->bitmask->subtract(new Math_BigInteger(1)); $mask = $mask->toBytes(); } else { $mask = $this->bitmask->toBytes(); } } else { $temp = ord($bits[0]); for ($i = 0; $temp >> $i; ++$i) { } $precision = 8 strlen($bits) - 8 + $i; $mask = chr((1 << ($precision & 0x7)) - 1) . str_repeat(chr(0xFF), $precision >> 3); } if ($shift < 0) { $shift+= $precision; } $shift%= $precision; if (!$shift) { return $this->copy(); } $left = $this->bitwise_leftShift($shift); $left = $left->bitwise_and(new Math_BigInteger($mask, 256)); $right = $this->bitwise_rightShift($precision - $shift); $result = MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ? $left->bitwise_or($right) : $left->add($right); return $this->_normalize($result); } /** * Logical Right Rotate * * Instead of the bottom x bits being dropped they're prepended to the shifted bit string. * * @param int $shift * @return Math_BigInteger * @access public / function bitwise_rightRotate($shift) { return $this->bitwise_leftRotate(-$shift); } /* * Set random number generator function * * This function is deprecated. * * @param string $generator * @access public / function setRandomGenerator($generator) { } /* * Generates a random BigInteger * * Byte length is equal to $length. Uses crypt_random if it's loaded and mt_rand if it's not. * * @param int $length * @return Math_BigInteger * @access private / function _random_number_helper($size) { if (function_exists('crypt_random_string')) { $random = crypt_random_string($size); } else { $random = ''; if ($size & 1) { $random.= chr(mt_rand(0, 255)); } $blocks = $size >> 1; for ($i = 0; $i < $blocks; ++$i) { // mt_rand(-2147483648, 0x7FFFFFFF) always produces -2147483648 on some systems $random.= pack('n', mt_rand(0, 0xFFFF)); } } return new Math_BigInteger($random, 256); } /* * Generate a random number * * Returns a random number between $min and $max where $min and $max * can be defined using one of the two methods: * * $min->random($max) * $max->random($min) * * @param Math_BigInteger $arg1 * @param Math_BigInteger $arg2 * @return Math_BigInteger * @access public * @internal The API for creating random numbers used to be $a->random($min, $max), where $a was a Math_BigInteger object. * That method is still supported for BC purposes. / function random($arg1, $arg2 = false) { if ($arg1 === false) { return false; } if ($arg2 === false) { $max = $arg1; $min = $this; } else { $min = $arg1; $max = $arg2; } $compare = $max->compare($min); if (!$compare) { return $this->_normalize($min); } elseif ($compare < 0) { // if $min is bigger then $max, swap $min and $max $temp = $max; $max = $min; $min = $temp; } static $one; if (!isset($one)) { $one = new Math_BigInteger(1); } $max = $max->subtract($min->subtract($one)); $size = strlen(ltrim($max->toBytes(), chr(0))); / doing $random % $max doesn't work because some numbers will be more likely to occur than others. eg. if $max is 140 and $random's max is 255 then that'd mean both $random = 5 and $random = 145 would produce 5 whereas the only value of random that could produce 139 would be 139. ie. not all numbers would be equally likely. some would be more likely than others. creating a whole new random number until you find one that is within the range doesn't work because, for sufficiently small ranges, the likelihood that you'd get a number within that range would be pretty small. eg. with $random's max being 255 and if your $max being 1 the probability would be pretty high that $random would be greater than $max. phpseclib works around this using the technique described here: http://crypto.stackexchange.com/questions/5708/creating-a-small-number-from-a-cryptographically-secure-random-string / $random_max = new Math_BigInteger(chr(1) . str_repeat("\0", $size), 256); $random = $this->_random_number_helper($size); list($max_multiple) = $random_max->divide($max); $max_multiple = $max_multiple->multiply($max); while ($random->compare($max_multiple) >= 0) { $random = $random->subtract($max_multiple); $random_max = $random_max->subtract($max_multiple); $random = $random->bitwise_leftShift(8); $random = $random->add($this->_random_number_helper(1)); $random_max = $random_max->bitwise_leftShift(8); list($max_multiple) = $random_max->divide($max); $max_multiple = $max_multiple->multiply($max); } list(, $random) = $random->divide($max); return $this->_normalize($random->add($min)); } /* * Generate a random prime number. * * If there's not a prime within the given range, false will be returned. * If more than $timeout seconds have elapsed, give up and return false. * * @param Math_BigInteger $arg1 * @param Math_BigInteger $arg2 * @param int $timeout * @return Math_BigInteger\|false * @access public * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=15 HAC 4.44}. / function randomPrime($arg1, $arg2 = false, $timeout = false) { if ($arg1 === false) { return false; } if ($arg2 === false) { $max = $arg1; $min = $this; } else { $min = $arg1; $max = $arg2; } $compare = $max->compare($min); if (!$compare) { return $min->isPrime() ? $min : false; } elseif ($compare < 0) { // if $min is bigger then $max, swap $min and $max $temp = $max; $max = $min; $min = $temp; } static $one, $two; if (!isset($one)) { $one = new Math_BigInteger(1); $two = new Math_BigInteger(2); } $start = time(); $x = $this->random($min, $max); // gmp_nextprime() requires PHP 5 >= 5.2.0 per <http://php.net/gmp-nextprime>. if (MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP && extension_loaded('gmp') && version_compare(PHP_VERSION, '5.2.0', '>=')) { $p = new Math_BigInteger(); $p->value = gmp_nextprime($x->value); if ($p->compare($max) <= 0) { return $p; } if (!$min->equals($x)) { $x = $x->subtract($one); } return $x->randomPrime($min, $x); } if ($x->equals($two)) { return $x; } $x->_make_odd(); if ($x->compare($max) > 0) { // if $x > $max then $max is even and if $min == $max then no prime number exists between the specified range if ($min->equals($max)) { return false; } $x = $min->copy(); $x->_make_odd(); } $initial_x = $x->copy(); while (true) { if ($timeout !== false && time() - $start > $timeout) { return false; } if ($x->isPrime()) { return $x; } $x = $x->add($two); if ($x->compare($max) > 0) { $x = $min->copy(); if ($x->equals($two)) { return $x; } $x->_make_odd(); } if ($x->equals($initial_x)) { return false; } } } /* * Make the current number odd * * If the current number is odd it'll be unchanged. If it's even, one will be added to it. * * @see self::randomPrime() * @access private / function _make_odd() { switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: gmp_setbit($this->value, 0); break; case MATH_BIGINTEGER_MODE_BCMATH: if ($this->value[strlen($this->value) - 1] % 2 == 0) { $this->value = bcadd($this->value, '1'); } break; default: $this->value[0] \|= 1; } } /* * Checks a numer to see if it's prime * * Assuming the $t parameter is not set, this function has an error rate of 2*-80. The main motivation for the $t parameter is distributability. Math_BigInteger::randomPrime() can be distributed across multiple pageloads * on a website instead of just one. * * @param Math_BigInteger $t * @return bool * @access public * @internal Uses the * {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24}. / function isPrime($t = false) { $length = strlen($this->toBytes()); if (!$t) { // see HAC 4.49 "Note (controlling the error probability)" // @codingStandardsIgnoreStart if ($length >= 163) { $t = 2; } // floor(1300 / 8) else if ($length >= 106) { $t = 3; } // floor( 850 / 8) else if ($length >= 81 ) { $t = 4; } // floor( 650 / 8) else if ($length >= 68 ) { $t = 5; } // floor( 550 / 8) else if ($length >= 56 ) { $t = 6; } // floor( 450 / 8) else if ($length >= 50 ) { $t = 7; } // floor( 400 / 8) else if ($length >= 43 ) { $t = 8; } // floor( 350 / 8) else if ($length >= 37 ) { $t = 9; } // floor( 300 / 8) else if ($length >= 31 ) { $t = 12; } // floor( 250 / 8) else if ($length >= 25 ) { $t = 15; } // floor( 200 / 8) else if ($length >= 18 ) { $t = 18; } // floor( 150 / 8) else { $t = 27; } // @codingStandardsIgnoreEnd } // ie. gmp_testbit($this, 0) // ie. isEven() or !isOdd() switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: return gmp_prob_prime($this->value, $t) != 0; case MATH_BIGINTEGER_MODE_BCMATH: if ($this->value === '2') { return true; } if ($this->value[strlen($this->value) - 1] % 2 == 0) { return false; } break; default: if ($this->value == array(2)) { return true; } if (~$this->value[0] & 1) { return false; } } static $primes, $zero, $one, $two; if (!isset($primes)) { $primes = array( 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997 ); if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) { for ($i = 0; $i < count($primes); ++$i) { $primes[$i] = new Math_BigInteger($primes[$i]); } } $zero = new Math_BigInteger(); $one = new Math_BigInteger(1); $two = new Math_BigInteger(2); } if ($this->equals($one)) { return false; } // see HAC 4.4.1 "Random search for probable primes" if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) { foreach ($primes as $prime) { list(, $r) = $this->divide($prime); if ($r->equals($zero)) { return $this->equals($prime); } } } else { $value = $this->value; foreach ($primes as $prime) { list(, $r) = $this->_divide_digit($value, $prime); if (!$r) { return count($value) == 1 && $value[0] == $prime; } } } $n = $this->copy(); $n_1 = $n->subtract($one); $n_2 = $n->subtract($two); $r = $n_1->copy(); $r_value = $r->value; // ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); if (MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH) { $s = 0; // if $n was 1, $r would be 0 and this would be an infinite loop, hence our $this->equals($one) check earlier while ($r->value[strlen($r->value) - 1] % 2 == 0) { $r->value = bcdiv($r->value, '2', 0); ++$s; } } else { for ($i = 0, $r_length = count($r_value); $i < $r_length; ++$i) { $temp = ~$r_value[$i] & 0xFFFFFF; for ($j = 1; ($temp >> $j) & 1; ++$j) { } if ($j != 25) { break; } } $s = 26 $i + $j; $r->_rshift($s); } for ($i = 0; $i < $t; ++$i) { $a = $this->random($two, $n_2); $y = $a->modPow($r, $n); if (!$y->equals($one) && !$y->equals($n_1)) { for ($j = 1; $j < $s && !$y->equals($n_1); ++$j) { $y = $y->modPow($two, $n); if ($y->equals($one)) { return false; } } if (!$y->equals($n_1)) { return false; } } } return true; } /** * Logical Left Shift * * Shifts BigInteger's by $shift bits. * * @param int $shift * @access private / function _lshift($shift) { if ($shift == 0) { return; } $num_digits = (int) ($shift / MATH_BIGINTEGER_BASE); $shift %= MATH_BIGINTEGER_BASE; $shift = 1 << $shift; $carry = 0; for ($i = 0; $i < count($this->value); ++$i) { $temp = $this->value[$i] $shift + $carry; $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $this->value[$i] = (int) ($temp - $carry * MATH_BIGINTEGER_BASE_FULL); } if ($carry) { $this->value[count($this->value)] = $carry; } while ($num_digits--) { array_unshift($this->value, 0); } } /** * Logical Right Shift * * Shifts BigInteger's by $shift bits. * * @param int $shift * @access private / function _rshift($shift) { if ($shift == 0) { return; } $num_digits = (int) ($shift / MATH_BIGINTEGER_BASE); $shift %= MATH_BIGINTEGER_BASE; $carry_shift = MATH_BIGINTEGER_BASE - $shift; $carry_mask = (1 << $shift) - 1; if ($num_digits) { $this->value = array_slice($this->value, $num_digits); } $carry = 0; for ($i = count($this->value) - 1; $i >= 0; --$i) { $temp = $this->value[$i] >> $shift \| $carry; $carry = ($this->value[$i] & $carry_mask) << $carry_shift; $this->value[$i] = $temp; } $this->value = $this->_trim($this->value); } /* * Normalize * * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision * * @param Math_BigInteger * @return Math_BigInteger * @see self::_trim() * @access private / function _normalize($result) { $result->precision = $this->precision; $result->bitmask = $this->bitmask; switch (MATH_BIGINTEGER_MODE) { case MATH_BIGINTEGER_MODE_GMP: if ($this->bitmask !== false) { $flip = gmp_cmp($result->value, gmp_init(0)) < 0; if ($flip) { $result->value = gmp_neg($result->value); } $result->value = gmp_and($result->value, $result->bitmask->value); if ($flip) { $result->value = gmp_neg($result->value); } } return $result; case MATH_BIGINTEGER_MODE_BCMATH: if (!empty($result->bitmask->value)) { $result->value = bcmod($result->value, $result->bitmask->value); } return $result; } $value = &$result->value; if (!count($value)) { $result->is_negative = false; return $result; } $value = $this->_trim($value); if (!empty($result->bitmask->value)) { $length = min(count($value), count($this->bitmask->value)); $value = array_slice($value, 0, $length); for ($i = 0; $i < $length; ++$i) { $value[$i] = $value[$i] & $this->bitmask->value[$i]; } } return $result; } /* * Trim * * Removes leading zeros * * @param array $value * @return Math_BigInteger * @access private / function _trim($value) { for ($i = count($value) - 1; $i >= 0; --$i) { if ($value[$i]) { break; } unset($value[$i]); } return $value; } /* * Array Repeat * * @param $input Array * @param $multiplier mixed * @return array * @access private / function _array_repeat($input, $multiplier) { return ($multiplier) ? array_fill(0, $multiplier, $input) : array(); } /* * Logical Left Shift * * Shifts binary strings $shift bits, essentially multiplying by 2*$shift. * @param $x String * @param $shift Integer * @return string * @access private / function _base256_lshift(&$x, $shift) { if ($shift == 0) { return; } $num_bytes = $shift >> 3; // eg. floor($shift/8) $shift &= 7; // eg. $shift % 8 $carry = 0; for ($i = strlen($x) - 1; $i >= 0; --$i) { $temp = ord($x[$i]) << $shift \| $carry; $x[$i] = chr($temp); $carry = $temp >> 8; } $carry = ($carry != 0) ? chr($carry) : ''; $x = $carry . $x . str_repeat(chr(0), $num_bytes); } /* * Logical Right Shift * * Shifts binary strings $shift bits, essentially dividing by 2*$shift and returning the remainder. * @param $x String * @param $shift Integer * @return string * @access private / function _base256_rshift(&$x, $shift) { if ($shift == 0) { $x = ltrim($x, chr(0)); return ''; } $num_bytes = $shift >> 3; // eg. floor($shift/8) $shift &= 7; // eg. $shift % 8 $remainder = ''; if ($num_bytes) { $start = $num_bytes > strlen($x) ? -strlen($x) : -$num_bytes; $remainder = substr($x, $start); $x = substr($x, 0, -$num_bytes); } $carry = 0; $carry_shift = 8 - $shift; for ($i = 0; $i < strlen($x); ++$i) { $temp = (ord($x[$i]) >> $shift) \| $carry; $carry = (ord($x[$i]) << $carry_shift) & 0xFF; $x[$i] = chr($temp); } $x = ltrim($x, chr(0)); $remainder = chr($carry >> $carry_shift) . $remainder; return ltrim($remainder, chr(0)); } // one quirk about how the following functions are implemented is that PHP defines N to be an unsigned long // at 32-bits, while java's longs are 64-bits. /* * Converts 32-bit integers to bytes. * * @param int $x * @return string * @access private / function _int2bytes($x) { return ltrim(pack('N', $x), chr(0)); } /* * Converts bytes to 32-bit integers * * @param string $x * @return int * @access private / function _bytes2int($x) { $temp = unpack('Nint', str_pad($x, 4, chr(0), STR_PAD_LEFT)); return $temp['int']; } /* * DER-encode an integer * * The ability to DER-encode integers is needed to create RSA public keys for use with OpenSSL * * @see self::modPow() * @access private * @param int $length * @return string / function _encodeASN1Length($length) { if ($length <= 0x7F) { return chr($length); } $temp = ltrim(pack('N', $length), chr(0)); return pack('Ca', 0x80 \| strlen($temp), $temp); } /** * Single digit division * * Even if int64 is being used the division operator will return a float64 value * if the dividend is not evenly divisible by the divisor. Since a float64 doesn't * have the precision of int64 this is a problem so, when int64 is being used, * we'll guarantee that the dividend is divisible by first subtracting the remainder. * * @access private * @param int $x * @param int $y * @return int / function _safe_divide($x, $y) { if (MATH_BIGINTEGER_BASE === 26) { return (int) ($x / $y); } // MATH_BIGINTEGER_BASE === 31 return ($x - ($x % $y)) / $y; } } ��phpseclib/File/ASN1.php��0000644��00000172670�15104540706�0010626 0��ustar�00��<?php /* * Pure-PHP ASN.1 Parser * * PHP versions 4 and 5 * * ASN.1 provides the semantics for data encoded using various schemes. The most commonly * utilized scheme is DER or the "Distinguished Encoding Rules". PEM's are base64 encoded * DER blobs. * * File_ASN1 decodes and encodes DER formatted messages and places them in a semantic context. * * Uses the 1988 ASN.1 syntax. * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category File * @package File_ASN1 * @author Jim Wigginton <terrafrost@php.net> * @copyright 2012 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /#@+ Tag Classes * * @access private * @link http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=12 / define('FILE_ASN1_CLASS_UNIVERSAL', 0); define('FILE_ASN1_CLASS_APPLICATION', 1); define('FILE_ASN1_CLASS_CONTEXT_SPECIFIC', 2); define('FILE_ASN1_CLASS_PRIVATE', 3); /#@-/ /*#@+ Tag Classes * * @access private * @link http://www.obj-sys.com/asn1tutorial/node124.html / define('FILE_ASN1_TYPE_BOOLEAN', 1); define('FILE_ASN1_TYPE_INTEGER', 2); define('FILE_ASN1_TYPE_BIT_STRING', 3); define('FILE_ASN1_TYPE_OCTET_STRING', 4); define('FILE_ASN1_TYPE_NULL', 5); define('FILE_ASN1_TYPE_OBJECT_IDENTIFIER', 6); //define('FILE_ASN1_TYPE_OBJECT_DESCRIPTOR', 7); //define('FILE_ASN1_TYPE_INSTANCE_OF', 8); // EXTERNAL define('FILE_ASN1_TYPE_REAL', 9); define('FILE_ASN1_TYPE_ENUMERATED', 10); //define('FILE_ASN1_TYPE_EMBEDDED', 11); define('FILE_ASN1_TYPE_UTF8_STRING', 12); //define('FILE_ASN1_TYPE_RELATIVE_OID', 13); define('FILE_ASN1_TYPE_SEQUENCE', 16); // SEQUENCE OF define('FILE_ASN1_TYPE_SET', 17); // SET OF /#@-/ /*#@+ More Tag Classes * * @access private * @link http://www.obj-sys.com/asn1tutorial/node10.html / define('FILE_ASN1_TYPE_NUMERIC_STRING', 18); define('FILE_ASN1_TYPE_PRINTABLE_STRING', 19); define('FILE_ASN1_TYPE_TELETEX_STRING', 20); // T61String define('FILE_ASN1_TYPE_VIDEOTEX_STRING', 21); define('FILE_ASN1_TYPE_IA5_STRING', 22); define('FILE_ASN1_TYPE_UTC_TIME', 23); define('FILE_ASN1_TYPE_GENERALIZED_TIME', 24); define('FILE_ASN1_TYPE_GRAPHIC_STRING', 25); define('FILE_ASN1_TYPE_VISIBLE_STRING', 26); // ISO646String define('FILE_ASN1_TYPE_GENERAL_STRING', 27); define('FILE_ASN1_TYPE_UNIVERSAL_STRING', 28); //define('FILE_ASN1_TYPE_CHARACTER_STRING', 29); define('FILE_ASN1_TYPE_BMP_STRING', 30); /#@-/ /*#@+ Tag Aliases * * These tags are kinda place holders for other tags. * * @access private / define('FILE_ASN1_TYPE_CHOICE', -1); define('FILE_ASN1_TYPE_ANY', -2); /#@-/ /** * ASN.1 Element * * Bypass normal encoding rules in File_ASN1::encodeDER() * * @package File_ASN1 * @author Jim Wigginton <terrafrost@php.net> * @access public / class File_ASN1_Element { /* * Raw element value * * @var string * @access private / var $element; /* * Constructor * * @param string $encoded * @return File_ASN1_Element * @access public / function __construct($encoded) { $this->element = $encoded; } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @param int $mode * @access public / function File_ASN1_Element($encoded) { $this->__construct($encoded); } } /* * Pure-PHP ASN.1 Parser * * @package File_ASN1 * @author Jim Wigginton <terrafrost@php.net> * @access public / class File_ASN1 { /* * ASN.1 object identifier * * @var array * @access private * @link http://en.wikipedia.org/wiki/Object_identifier / var $oids = array(); /* * Default date format * * @var string * @access private * @link http://php.net/class.datetime / var $format = 'D, d M Y H:i:s O'; /* * Default date format * * @var array * @access private * @see self::setTimeFormat() * @see self::asn1map() * @link http://php.net/class.datetime / var $encoded; /* * Filters * * If the mapping type is FILE_ASN1_TYPE_ANY what do we actually encode it as? * * @var array * @access private * @see self::_encode_der() / var $filters; /* * Type mapping table for the ANY type. * * Structured or unknown types are mapped to a FILE_ASN1_Element. * Unambiguous types get the direct mapping (int/real/bool). * Others are mapped as a choice, with an extra indexing level. * * @var array * @access public / var $ANYmap = array( FILE_ASN1_TYPE_BOOLEAN => true, FILE_ASN1_TYPE_INTEGER => true, FILE_ASN1_TYPE_BIT_STRING => 'bitString', FILE_ASN1_TYPE_OCTET_STRING => 'octetString', FILE_ASN1_TYPE_NULL => 'null', FILE_ASN1_TYPE_OBJECT_IDENTIFIER => 'objectIdentifier', FILE_ASN1_TYPE_REAL => true, FILE_ASN1_TYPE_ENUMERATED => 'enumerated', FILE_ASN1_TYPE_UTF8_STRING => 'utf8String', FILE_ASN1_TYPE_NUMERIC_STRING => 'numericString', FILE_ASN1_TYPE_PRINTABLE_STRING => 'printableString', FILE_ASN1_TYPE_TELETEX_STRING => 'teletexString', FILE_ASN1_TYPE_VIDEOTEX_STRING => 'videotexString', FILE_ASN1_TYPE_IA5_STRING => 'ia5String', FILE_ASN1_TYPE_UTC_TIME => 'utcTime', FILE_ASN1_TYPE_GENERALIZED_TIME => 'generalTime', FILE_ASN1_TYPE_GRAPHIC_STRING => 'graphicString', FILE_ASN1_TYPE_VISIBLE_STRING => 'visibleString', FILE_ASN1_TYPE_GENERAL_STRING => 'generalString', FILE_ASN1_TYPE_UNIVERSAL_STRING => 'universalString', //FILE_ASN1_TYPE_CHARACTER_STRING => 'characterString', FILE_ASN1_TYPE_BMP_STRING => 'bmpString' ); /* * String type to character size mapping table. * * Non-convertable types are absent from this table. * size == 0 indicates variable length encoding. * * @var array * @access public / var $stringTypeSize = array( FILE_ASN1_TYPE_UTF8_STRING => 0, FILE_ASN1_TYPE_BMP_STRING => 2, FILE_ASN1_TYPE_UNIVERSAL_STRING => 4, FILE_ASN1_TYPE_PRINTABLE_STRING => 1, FILE_ASN1_TYPE_TELETEX_STRING => 1, FILE_ASN1_TYPE_IA5_STRING => 1, FILE_ASN1_TYPE_VISIBLE_STRING => 1, ); /* * Default Constructor. * * @access public / function __construct() { static $static_init = null; if (!$static_init) { $static_init = true; if (!class_exists('Math_BigInteger')) { include_once 'Math/BigInteger.php'; } } } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @access public / function File_ASN1() { $this->__construct($mode); } /* * Parse BER-encoding * * Serves a similar purpose to openssl's asn1parse * * @param string $encoded * @return array * @access public / function decodeBER($encoded) { if (is_object($encoded) && strtolower(get_class($encoded)) == 'file_asn1_element') { $encoded = $encoded->element; } $this->encoded = $encoded; // encapsulate in an array for BC with the old decodeBER return array($this->_decode_ber($encoded)); } /* * Parse BER-encoding (Helper function) * * Sometimes we want to get the BER encoding of a particular tag. $start lets us do that without having to reencode. * $encoded is passed by reference for the recursive calls done for FILE_ASN1_TYPE_BIT_STRING and * FILE_ASN1_TYPE_OCTET_STRING. In those cases, the indefinite length is used. * * @param string $encoded * @param int $start * @param int $encoded_pos * @return array * @access private / function _decode_ber($encoded, $start = 0, $encoded_pos = 0) { $current = array('start' => $start); $type = ord($encoded[$encoded_pos++]); $start++; $constructed = ($type >> 5) & 1; $tag = $type & 0x1F; if ($tag == 0x1F) { $tag = 0; // process septets (since the eighth bit is ignored, it's not an octet) do { $temp = ord($encoded[$encoded_pos++]); $loop = $temp >> 7; $tag <<= 7; $tag \|= $temp & 0x7F; $start++; } while ($loop); } // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13 $length = ord($encoded[$encoded_pos++]); $start++; if ($length == 0x80) { // indefinite length // "[A sender shall] use the indefinite form (see 8.1.3.6) if the encoding is constructed and is not all // immediately available." -- paragraph 8.1.3.2.c $length = strlen($encoded) - $encoded_pos; } elseif ($length & 0x80) { // definite length, long form // technically, the long form of the length can be represented by up to 126 octets (bytes), but we'll only // support it up to four. $length&= 0x7F; $temp = substr($encoded, $encoded_pos, $length); $encoded_pos += $length; // tags of indefinte length don't really have a header length; this length includes the tag $current+= array('headerlength' => $length + 2); $start+= $length; extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4))); } else { $current+= array('headerlength' => 2); } if ($length > (strlen($encoded) - $encoded_pos)) { return false; } $content = substr($encoded, $encoded_pos, $length); $content_pos = 0; // at this point $length can be overwritten. it's only accurate for definite length things as is / Class is UNIVERSAL, APPLICATION, PRIVATE, or CONTEXT-SPECIFIC. The UNIVERSAL class is restricted to the ASN.1 built-in types. It defines an application-independent data type that must be distinguishable from all other data types. The other three classes are user defined. The APPLICATION class distinguishes data types that have a wide, scattered use within a particular presentation context. PRIVATE distinguishes data types within a particular organization or country. CONTEXT-SPECIFIC distinguishes members of a sequence or set, the alternatives of a CHOICE, or universally tagged set members. Only the class number appears in braces for this data type; the term CONTEXT-SPECIFIC does not appear. -- http://www.obj-sys.com/asn1tutorial/node12.html / $class = ($type >> 6) & 3; switch ($class) { case FILE_ASN1_CLASS_APPLICATION: case FILE_ASN1_CLASS_PRIVATE: case FILE_ASN1_CLASS_CONTEXT_SPECIFIC: if (!$constructed) { return array( 'type' => $class, 'constant' => $tag, 'content' => $content, 'length' => $length + $start - $current['start'] ); } $newcontent = array(); $remainingLength = $length; while ($remainingLength > 0) { $temp = $this->_decode_ber($content, $start, $content_pos); if ($temp === false) { break; } $length = $temp['length']; // end-of-content octets - see paragraph 8.1.5 if (substr($content, $content_pos + $length, 2) == "\0\0") { $length+= 2; $start+= $length; $newcontent[] = $temp; break; } $start+= $length; $remainingLength-= $length; $newcontent[] = $temp; $content_pos += $length; } return array( 'type' => $class, 'constant' => $tag, // the array encapsulation is for BC with the old format 'content' => $newcontent, // the only time when $content['headerlength'] isn't defined is when the length is indefinite. // the absence of $content['headerlength'] is how we know if something is indefinite or not. // technically, it could be defined to be 2 and then another indicator could be used but whatever. 'length' => $start - $current['start'] ) + $current; } $current+= array('type' => $tag); // decode UNIVERSAL tags switch ($tag) { case FILE_ASN1_TYPE_BOOLEAN: // "The contents octets shall consist of a single octet." -- paragraph 8.2.1 //if (strlen($content) != 1) { // return false; //} $current['content'] = (bool) ord($content[$content_pos]); break; case FILE_ASN1_TYPE_INTEGER: case FILE_ASN1_TYPE_ENUMERATED: $current['content'] = new Math_BigInteger(substr($content, $content_pos), -256); break; case FILE_ASN1_TYPE_REAL: // not currently supported return false; case FILE_ASN1_TYPE_BIT_STRING: // The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, // the number of unused bits in the final subsequent octet. The number shall be in the range zero to // seven. if (!$constructed) { $current['content'] = substr($content, $content_pos); } else { $temp = $this->_decode_ber($content, $start, $content_pos); if ($temp === false) { return false; } $length-= (strlen($content) - $content_pos); $last = count($temp) - 1; for ($i = 0; $i < $last; $i++) { // all subtags should be bit strings //if ($temp[$i]['type'] != FILE_ASN1_TYPE_BIT_STRING) { // return false; //} $current['content'].= substr($temp[$i]['content'], 1); } // all subtags should be bit strings //if ($temp[$last]['type'] != FILE_ASN1_TYPE_BIT_STRING) { // return false; //} $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1); } break; case FILE_ASN1_TYPE_OCTET_STRING: if (!$constructed) { $current['content'] = substr($content, $content_pos); } else { $current['content'] = ''; $length = 0; while (substr($content, $content_pos, 2) != "\0\0") { $temp = $this->_decode_ber($content, $length + $start, $content_pos); if ($temp === false) { return false; } $content_pos += $temp['length']; // all subtags should be octet strings //if ($temp['type'] != FILE_ASN1_TYPE_OCTET_STRING) { // return false; //} $current['content'].= $temp['content']; $length+= $temp['length']; } if (substr($content, $content_pos, 2) == "\0\0") { $length+= 2; // +2 for the EOC } } break; case FILE_ASN1_TYPE_NULL: // "The contents octets shall not contain any octets." -- paragraph 8.8.2 //if (strlen($content)) { // return false; //} break; case FILE_ASN1_TYPE_SEQUENCE: case FILE_ASN1_TYPE_SET: $offset = 0; $current['content'] = array(); $content_len = strlen($content); while ($content_pos < $content_len) { // if indefinite length construction was used and we have an end-of-content string next // see paragraphs 8.1.1.3, 8.1.3.2, 8.1.3.6, 8.1.5, and (for an example) 8.6.4.2 if (!isset($current['headerlength']) && substr($content, $content_pos, 2) == "\0\0") { $length = $offset + 2; // +2 for the EOC break 2; } $temp = $this->_decode_ber($content, $start + $offset, $content_pos); if ($temp === false) { return false; } $content_pos += $temp['length']; $current['content'][] = $temp; $offset+= $temp['length']; } break; case FILE_ASN1_TYPE_OBJECT_IDENTIFIER: $current['content'] = $this->_decodeOID(substr($content, $content_pos)); break; / Each character string type shall be encoded as if it had been declared: [UNIVERSAL x] IMPLICIT OCTET STRING -- X.690-0207.pdf#page=23 (paragraph 8.21.3) Per that, we're not going to do any validation. If there are any illegal characters in the string, we don't really care / case FILE_ASN1_TYPE_NUMERIC_STRING: // 0,1,2,3,4,5,6,7,8,9, and space case FILE_ASN1_TYPE_PRINTABLE_STRING: // Upper and lower case letters, digits, space, apostrophe, left/right parenthesis, plus sign, comma, // hyphen, full stop, solidus, colon, equal sign, question mark case FILE_ASN1_TYPE_TELETEX_STRING: // The Teletex character set in CCITT's T61, space, and delete // see http://en.wikipedia.org/wiki/Teletex#Character_sets case FILE_ASN1_TYPE_VIDEOTEX_STRING: // The Videotex character set in CCITT's T.100 and T.101, space, and delete case FILE_ASN1_TYPE_VISIBLE_STRING: // Printing character sets of international ASCII, and space case FILE_ASN1_TYPE_IA5_STRING: // International Alphabet 5 (International ASCII) case FILE_ASN1_TYPE_GRAPHIC_STRING: // All registered G sets, and space case FILE_ASN1_TYPE_GENERAL_STRING: // All registered C and G sets, space and delete case FILE_ASN1_TYPE_UTF8_STRING: // ???? case FILE_ASN1_TYPE_BMP_STRING: $current['content'] = substr($content, $content_pos); break; case FILE_ASN1_TYPE_UTC_TIME: case FILE_ASN1_TYPE_GENERALIZED_TIME: $current['content'] = class_exists('DateTime') ? $this->_decodeDateTime(substr($content, $content_pos), $tag) : $this->_decodeUnixTime(substr($content, $content_pos), $tag); default: } $start+= $length; // ie. length is the length of the full TLV encoding - it's not just the length of the value return $current + array('length' => $start - $current['start']); } /* * ASN.1 Map * * Provides an ASN.1 semantic mapping ($mapping) from a parsed BER-encoding to a human readable format. * * "Special" mappings may be applied on a per tag-name basis via $special. * * @param array $decoded * @param array $mapping * @param array $special * @return array * @access public / function asn1map($decoded, $mapping, $special = array()) { if (isset($mapping['explicit']) && is_array($decoded['content'])) { $decoded = $decoded['content'][0]; } switch (true) { case $mapping['type'] == FILE_ASN1_TYPE_ANY: $intype = $decoded['type']; if (isset($decoded['constant']) \|\| !isset($this->ANYmap[$intype]) \|\| (ord($this->encoded[$decoded['start']]) & 0x20)) { return new File_ASN1_Element(substr($this->encoded, $decoded['start'], $decoded['length'])); } $inmap = $this->ANYmap[$intype]; if (is_string($inmap)) { return array($inmap => $this->asn1map($decoded, array('type' => $intype) + $mapping, $special)); } break; case $mapping['type'] == FILE_ASN1_TYPE_CHOICE: foreach ($mapping['children'] as $key => $option) { switch (true) { case isset($option['constant']) && $option['constant'] == $decoded['constant']: case !isset($option['constant']) && $option['type'] == $decoded['type']: $value = $this->asn1map($decoded, $option, $special); break; case !isset($option['constant']) && $option['type'] == FILE_ASN1_TYPE_CHOICE: $v = $this->asn1map($decoded, $option, $special); if (isset($v)) { $value = $v; } } if (isset($value)) { if (isset($special[$key])) { $value = call_user_func($special[$key], $value); } return array($key => $value); } } return null; case isset($mapping['implicit']): case isset($mapping['explicit']): case $decoded['type'] == $mapping['type']: break; default: // if $decoded['type'] and $mapping['type'] are both strings, but different types of strings, // let it through switch (true) { case $decoded['type'] < 18: // FILE_ASN1_TYPE_NUMERIC_STRING == 18 case $decoded['type'] > 30: // FILE_ASN1_TYPE_BMP_STRING == 30 case $mapping['type'] < 18: case $mapping['type'] > 30: return null; } } if (isset($mapping['implicit'])) { $decoded['type'] = $mapping['type']; } switch ($decoded['type']) { case FILE_ASN1_TYPE_SEQUENCE: $map = array(); // ignore the min and max if (isset($mapping['min']) && isset($mapping['max'])) { $child = $mapping['children']; foreach ($decoded['content'] as $content) { if (($map[] = $this->asn1map($content, $child, $special)) === null) { return null; } } return $map; } $n = count($decoded['content']); $i = 0; foreach ($mapping['children'] as $key => $child) { $maymatch = $i < $n; // Match only existing input. if ($maymatch) { $temp = $decoded['content'][$i]; if ($child['type'] != FILE_ASN1_TYPE_CHOICE) { // Get the mapping and input class & constant. $childClass = $tempClass = FILE_ASN1_CLASS_UNIVERSAL; $constant = null; if (isset($temp['constant'])) { $tempClass = $temp['type']; } if (isset($child['class'])) { $childClass = $child['class']; $constant = $child['cast']; } elseif (isset($child['constant'])) { $childClass = FILE_ASN1_CLASS_CONTEXT_SPECIFIC; $constant = $child['constant']; } if (isset($constant) && isset($temp['constant'])) { // Can only match if constants and class match. $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; } else { // Can only match if no constant expected and type matches or is generic. $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], FILE_ASN1_TYPE_ANY, FILE_ASN1_TYPE_CHOICE)) !== false; } } } if ($maymatch) { // Attempt submapping. $candidate = $this->asn1map($temp, $child, $special); $maymatch = $candidate !== null; } if ($maymatch) { // Got the match: use it. if (isset($special[$key])) { $candidate = call_user_func($special[$key], $candidate); } $map[$key] = $candidate; $i++; } elseif (isset($child['default'])) { $map[$key] = $child['default']; // Use default. } elseif (!isset($child['optional'])) { return null; // Syntax error. } } // Fail mapping if all input items have not been consumed. return $i < $n ? null: $map; // the main diff between sets and sequences is the encapsulation of the foreach in another for loop case FILE_ASN1_TYPE_SET: $map = array(); // ignore the min and max if (isset($mapping['min']) && isset($mapping['max'])) { $child = $mapping['children']; foreach ($decoded['content'] as $content) { if (($map[] = $this->asn1map($content, $child, $special)) === null) { return null; } } return $map; } for ($i = 0; $i < count($decoded['content']); $i++) { $temp = $decoded['content'][$i]; $tempClass = FILE_ASN1_CLASS_UNIVERSAL; if (isset($temp['constant'])) { $tempClass = $temp['type']; } foreach ($mapping['children'] as $key => $child) { if (isset($map[$key])) { continue; } $maymatch = true; if ($child['type'] != FILE_ASN1_TYPE_CHOICE) { $childClass = FILE_ASN1_CLASS_UNIVERSAL; $constant = null; if (isset($child['class'])) { $childClass = $child['class']; $constant = $child['cast']; } elseif (isset($child['constant'])) { $childClass = FILE_ASN1_CLASS_CONTEXT_SPECIFIC; $constant = $child['constant']; } if (isset($constant) && isset($temp['constant'])) { // Can only match if constants and class match. $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; } else { // Can only match if no constant expected and type matches or is generic. $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], FILE_ASN1_TYPE_ANY, FILE_ASN1_TYPE_CHOICE)) !== false; } } if ($maymatch) { // Attempt submapping. $candidate = $this->asn1map($temp, $child, $special); $maymatch = $candidate !== null; } if (!$maymatch) { break; } // Got the match: use it. if (isset($special[$key])) { $candidate = call_user_func($special[$key], $candidate); } $map[$key] = $candidate; break; } } foreach ($mapping['children'] as $key => $child) { if (!isset($map[$key])) { if (isset($child['default'])) { $map[$key] = $child['default']; } elseif (!isset($child['optional'])) { return null; } } } return $map; case FILE_ASN1_TYPE_OBJECT_IDENTIFIER: return isset($this->oids[$decoded['content']]) ? $this->oids[$decoded['content']] : $decoded['content']; case FILE_ASN1_TYPE_UTC_TIME: case FILE_ASN1_TYPE_GENERALIZED_TIME: if (class_exists('DateTime')) { // for explicitly tagged optional stuff if (is_array($decoded['content'])) { $decoded['content'] = $decoded['content'][0]['content']; } // for implicitly tagged optional stuff // in theory, doing isset($mapping['implicit']) would work but malformed certs do exist // in the wild that OpenSSL decodes without issue so we'll support them as well if (!is_object($decoded['content'])) { $decoded['content'] = $this->_decodeDateTime($decoded['content'], $decoded['type']); } if (!$decoded['content']) { return false; } return $decoded['content']->format($this->format); } else { if (is_array($decoded['content'])) { $decoded['content'] = $decoded['content'][0]['content']; } if (!is_int($decoded['content'])) { $decoded['content'] = $this->_decodeUnixTime($decoded['content'], $decoded['type']); } return @date($this->format, $decoded['content']); } case FILE_ASN1_TYPE_BIT_STRING: if (isset($mapping['mapping'])) { $offset = ord($decoded['content'][0]); $size = (strlen($decoded['content']) - 1) 8 - $offset; /* From X.680-0207.pdf#page=46 (21.7): "When a "NamedBitList" is used in defining a bitstring type ASN.1 encoding rules are free to add (or remove) arbitrarily any trailing 0 bits to (or from) values that are being encoded or decoded. Application designers should therefore ensure that different semantics are not associated with such values which differ only in the number of trailing 0 bits." / $bits = count($mapping['mapping']) == $size ? array() : array_fill(0, count($mapping['mapping']) - $size, false); for ($i = strlen($decoded['content']) - 1; $i > 0; $i--) { $current = ord($decoded['content'][$i]); for ($j = $offset; $j < 8; $j++) { $bits[] = (bool) ($current & (1 << $j)); } $offset = 0; } $values = array(); $map = array_reverse($mapping['mapping']); foreach ($map as $i => $value) { if ($bits[$i]) { $values[] = $value; } } return $values; } case FILE_ASN1_TYPE_OCTET_STRING: return base64_encode($decoded['content']); case FILE_ASN1_TYPE_NULL: return ''; case FILE_ASN1_TYPE_BOOLEAN: return $decoded['content']; case FILE_ASN1_TYPE_NUMERIC_STRING: case FILE_ASN1_TYPE_PRINTABLE_STRING: case FILE_ASN1_TYPE_TELETEX_STRING: case FILE_ASN1_TYPE_VIDEOTEX_STRING: case FILE_ASN1_TYPE_IA5_STRING: case FILE_ASN1_TYPE_GRAPHIC_STRING: case FILE_ASN1_TYPE_VISIBLE_STRING: case FILE_ASN1_TYPE_GENERAL_STRING: case FILE_ASN1_TYPE_UNIVERSAL_STRING: case FILE_ASN1_TYPE_UTF8_STRING: case FILE_ASN1_TYPE_BMP_STRING: return $decoded['content']; case FILE_ASN1_TYPE_INTEGER: case FILE_ASN1_TYPE_ENUMERATED: $temp = $decoded['content']; if (isset($mapping['implicit'])) { $temp = new Math_BigInteger($decoded['content'], -256); } if (isset($mapping['mapping'])) { $temp = (int) $temp->toString(); return isset($mapping['mapping'][$temp]) ? $mapping['mapping'][$temp] : false; } return $temp; } } /* * ASN.1 Encode * * DER-encodes an ASN.1 semantic mapping ($mapping). Some libraries would probably call this function * an ASN.1 compiler. * * "Special" mappings can be applied via $special. * * @param string $source * @param string $mapping * @param int $idx * @return string * @access public / function encodeDER($source, $mapping, $special = array()) { $this->location = array(); return $this->_encode_der($source, $mapping, null, $special); } /* * ASN.1 Encode (Helper function) * * @param string $source * @param string $mapping * @param int $idx * @return string * @access private / function _encode_der($source, $mapping, $idx = null, $special = array()) { if (is_object($source) && strtolower(get_class($source)) == 'file_asn1_element') { return $source->element; } // do not encode (implicitly optional) fields with value set to default if (isset($mapping['default']) && $source === $mapping['default']) { return ''; } if (isset($idx)) { if (isset($special[$idx])) { $source = call_user_func($special[$idx], $source); } $this->location[] = $idx; } $tag = $mapping['type']; switch ($tag) { case FILE_ASN1_TYPE_SET: // Children order is not important, thus process in sequence. case FILE_ASN1_TYPE_SEQUENCE: $tag\|= 0x20; // set the constructed bit // ignore the min and max if (isset($mapping['min']) && isset($mapping['max'])) { $value = array(); $child = $mapping['children']; foreach ($source as $content) { $temp = $this->_encode_der($content, $child, null, $special); if ($temp === false) { return false; } $value[]= $temp; } / "The encodings of the component values of a set-of value shall appear in ascending order, the encodings being compared as octet strings with the shorter components being padded at their trailing end with 0-octets. NOTE - The padding octets are for comparison purposes only and do not appear in the encodings." -- sec 11.6 of http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf / if ($mapping['type'] == FILE_ASN1_TYPE_SET) { sort($value); } $value = implode('', $value); break; } $value = ''; foreach ($mapping['children'] as $key => $child) { if (!array_key_exists($key, $source)) { if (!isset($child['optional'])) { return false; } continue; } $temp = $this->_encode_der($source[$key], $child, $key, $special); if ($temp === false) { return false; } // An empty child encoding means it has been optimized out. // Else we should have at least one tag byte. if ($temp === '') { continue; } // if isset($child['constant']) is true then isset($child['optional']) should be true as well if (isset($child['constant'])) { / From X.680-0207.pdf#page=58 (30.6): "The tagging construction specifies explicit tagging if any of the following holds: ... c) the "Tag Type" alternative is used and the value of "TagDefault" for the module is IMPLICIT TAGS or AUTOMATIC TAGS, but the type defined by "Type" is an untagged choice type, an untagged open type, or an untagged "DummyReference" (see ITU-T Rec. X.683 \| ISO/IEC 8824-4, 8.3)." / if (isset($child['explicit']) \|\| $child['type'] == FILE_ASN1_TYPE_CHOICE) { $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) \| 0x20 \| $child['constant']); $temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp; } else { $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) \| (ord($temp[0]) & 0x20) \| $child['constant']); $temp = $subtag . substr($temp, 1); } } $value.= $temp; } break; case FILE_ASN1_TYPE_CHOICE: $temp = false; foreach ($mapping['children'] as $key => $child) { if (!isset($source[$key])) { continue; } $temp = $this->_encode_der($source[$key], $child, $key, $special); if ($temp === false) { return false; } // An empty child encoding means it has been optimized out. // Else we should have at least one tag byte. if ($temp === '') { continue; } $tag = ord($temp[0]); // if isset($child['constant']) is true then isset($child['optional']) should be true as well if (isset($child['constant'])) { if (isset($child['explicit']) \|\| $child['type'] == FILE_ASN1_TYPE_CHOICE) { $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) \| 0x20 \| $child['constant']); $temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp; } else { $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) \| (ord($temp[0]) & 0x20) \| $child['constant']); $temp = $subtag . substr($temp, 1); } } } if (isset($idx)) { array_pop($this->location); } if ($temp && isset($mapping['cast'])) { $temp[0] = chr(($mapping['class'] << 6) \| ($tag & 0x20) \| $mapping['cast']); } return $temp; case FILE_ASN1_TYPE_INTEGER: case FILE_ASN1_TYPE_ENUMERATED: if (!isset($mapping['mapping'])) { if (is_numeric($source)) { $source = new Math_BigInteger($source); } $value = $source->toBytes(true); } else { $value = array_search($source, $mapping['mapping']); if ($value === false) { return false; } $value = new Math_BigInteger($value); $value = $value->toBytes(true); } if (!strlen($value)) { $value = chr(0); } break; case FILE_ASN1_TYPE_UTC_TIME: case FILE_ASN1_TYPE_GENERALIZED_TIME: $format = $mapping['type'] == FILE_ASN1_TYPE_UTC_TIME ? 'y' : 'Y'; $format.= 'mdHis'; if (!class_exists('DateTime')) { $value = @gmdate($format, strtotime($source)) . 'Z'; } else { $date = new DateTime($source, new DateTimeZone('GMT')); $value = $date->format($format) . 'Z'; } break; case FILE_ASN1_TYPE_BIT_STRING: if (isset($mapping['mapping'])) { $bits = array_fill(0, count($mapping['mapping']), 0); $size = 0; for ($i = 0; $i < count($mapping['mapping']); $i++) { if (in_array($mapping['mapping'][$i], $source)) { $bits[$i] = 1; $size = $i; } } if (isset($mapping['min']) && $mapping['min'] >= 1 && $size < $mapping['min']) { $size = $mapping['min'] - 1; } $offset = 8 - (($size + 1) & 7); $offset = $offset !== 8 ? $offset : 0; $value = chr($offset); for ($i = $size + 1; $i < count($mapping['mapping']); $i++) { unset($bits[$i]); } $bits = implode('', array_pad($bits, $size + $offset + 1, 0)); $bytes = explode(' ', rtrim(chunk_split($bits, 8, ' '))); foreach ($bytes as $byte) { $value.= chr(bindec($byte)); } break; } case FILE_ASN1_TYPE_OCTET_STRING: / The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, the number of unused bits in the final subsequent octet. The number shall be in the range zero to seven. -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=16 / $value = base64_decode($source); break; case FILE_ASN1_TYPE_OBJECT_IDENTIFIER: $value = $this->_encodeOID($source); break; case FILE_ASN1_TYPE_ANY: $loc = $this->location; if (isset($idx)) { array_pop($this->location); } switch (true) { case !isset($source): return $this->_encode_der(null, array('type' => FILE_ASN1_TYPE_NULL) + $mapping, null, $special); case is_int($source): case is_object($source) && strtolower(get_class($source)) == 'math_biginteger': return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_INTEGER) + $mapping, null, $special); case is_float($source): return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_REAL) + $mapping, null, $special); case is_bool($source): return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_BOOLEAN) + $mapping, null, $special); case is_array($source) && count($source) == 1: $typename = implode('', array_keys($source)); $outtype = array_search($typename, $this->ANYmap, true); if ($outtype !== false) { return $this->_encode_der($source[$typename], array('type' => $outtype) + $mapping, null, $special); } } $filters = $this->filters; foreach ($loc as $part) { if (!isset($filters[$part])) { $filters = false; break; } $filters = $filters[$part]; } if ($filters === false) { user_error('No filters defined for ' . implode('/', $loc)); return false; } return $this->_encode_der($source, $filters + $mapping, null, $special); case FILE_ASN1_TYPE_NULL: $value = ''; break; case FILE_ASN1_TYPE_NUMERIC_STRING: case FILE_ASN1_TYPE_TELETEX_STRING: case FILE_ASN1_TYPE_PRINTABLE_STRING: case FILE_ASN1_TYPE_UNIVERSAL_STRING: case FILE_ASN1_TYPE_UTF8_STRING: case FILE_ASN1_TYPE_BMP_STRING: case FILE_ASN1_TYPE_IA5_STRING: case FILE_ASN1_TYPE_VISIBLE_STRING: case FILE_ASN1_TYPE_VIDEOTEX_STRING: case FILE_ASN1_TYPE_GRAPHIC_STRING: case FILE_ASN1_TYPE_GENERAL_STRING: $value = $source; break; case FILE_ASN1_TYPE_BOOLEAN: $value = $source ? "\xFF" : "\x00"; break; default: user_error('Mapping provides no type definition for ' . implode('/', $this->location)); return false; } if (isset($idx)) { array_pop($this->location); } if (isset($mapping['cast'])) { if (isset($mapping['explicit']) \|\| $mapping['type'] == FILE_ASN1_TYPE_CHOICE) { $value = chr($tag) . $this->_encodeLength(strlen($value)) . $value; $tag = ($mapping['class'] << 6) \| 0x20 \| $mapping['cast']; } else { $tag = ($mapping['class'] << 6) \| (ord($temp[0]) & 0x20) \| $mapping['cast']; } } return chr($tag) . $this->_encodeLength(strlen($value)) . $value; } /* * DER-encode the length * * DER supports lengths up to (28)127, however, we'll only support lengths up to (28)4. See * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. * * @access private * @param int $length * @return string / function _encodeLength($length) { if ($length <= 0x7F) { return chr($length); } $temp = ltrim(pack('N', $length), chr(0)); return pack('Ca', 0x80 \| strlen($temp), $temp); } /** * BER-decode the OID * * Called by _decode_ber() * * @access private * @param string $content * @return string / function _decodeOID($content) { static $eighty; if (!$eighty) { $eighty = new Math_BigInteger(80); } $oid = array(); $pos = 0; $len = strlen($content); $n = new Math_BigInteger(); while ($pos < $len) { $temp = ord($content[$pos++]); $n = $n->bitwise_leftShift(7); $n = $n->bitwise_or(new Math_BigInteger($temp & 0x7F)); if (~$temp & 0x80) { $oid[] = $n; $n = new Math_BigInteger(); } } $part1 = array_shift($oid); $first = floor(ord($content[0]) / 40); / "This packing of the first two object identifier components recognizes that only three values are allocated from the root node, and at most 39 subsequent values from nodes reached by X = 0 and X = 1." -- https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=22 / if ($first <= 2) { // ie. 0 <= ord($content[0]) < 120 (0x78) array_unshift($oid, ord($content[0]) % 40); array_unshift($oid, $first); } else { array_unshift($oid, $part1->subtract($eighty)); array_unshift($oid, 2); } return implode('.', $oid); } /* * DER-encode the OID * * Called by _encode_der() * * @access private * @param string $content * @return string / function _encodeOID($source) { static $mask, $zero, $forty; if (!$mask) { $mask = new Math_BigInteger(0x7F); $zero = new Math_BigInteger(); $forty = new Math_BigInteger(40); } $oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids); if ($oid === false) { user_error('Invalid OID'); return false; } $parts = explode('.', $oid); $part1 = array_shift($parts); $part2 = array_shift($parts); $first = new Math_BigInteger($part1); $first = $first->multiply($forty); $first = $first->add(new Math_BigInteger($part2)); array_unshift($parts, $first->toString()); $value = ''; foreach ($parts as $part) { if (!$part) { $temp = "\0"; } else { $temp = ''; $part = new Math_BigInteger($part); while (!$part->equals($zero)) { $submask = $part->bitwise_and($mask); $submask->setPrecision(8); $temp = (chr(0x80) \| $submask->toBytes()) . $temp; $part = $part->bitwise_rightShift(7); } $temp[strlen($temp) - 1] = $temp[strlen($temp) - 1] & chr(0x7F); } $value.= $temp; } return $value; } /* * BER-decode the time (using UNIX time) * * Called by _decode_ber() and in the case of implicit tags asn1map(). * * @access private * @param string $content * @param int $tag * @return string / function _decodeUnixTime($content, $tag) { / UTCTime: http://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 http://www.obj-sys.com/asn1tutorial/node15.html GeneralizedTime: http://tools.ietf.org/html/rfc5280#section-4.1.2.5.2 http://www.obj-sys.com/asn1tutorial/node14.html / $pattern = $tag == FILE_ASN1_TYPE_UTC_TIME ? '#^(..)(..)(..)(..)(..)(..)?(.)$#' : '#(....)(..)(..)(..)(..)(..).([Z+-].)$#'; preg_match($pattern, $content, $matches); list(, $year, $month, $day, $hour, $minute, $second, $timezone) = $matches; if ($tag == FILE_ASN1_TYPE_UTC_TIME) { $year = $year >= 50 ? "19$year" : "20$year"; } if ($timezone == 'Z') { $mktime = 'gmmktime'; $timezone = 0; } elseif (preg_match('#([+-])(\d\d)(\d\d)#', $timezone, $matches)) { $mktime = 'gmmktime'; $timezone = 60 * $matches[3] + 3600 * $matches[2]; if ($matches[1] == '-') { $timezone = -$timezone; } } else { $mktime = 'mktime'; $timezone = 0; } return @$mktime((int)$hour, (int)$minute, (int)$second, (int)$month, (int)$day, (int)$year) + $timezone; } /** * BER-decode the time (using DateTime) * * Called by _decode_ber() and in the case of implicit tags asn1map(). * * @access private * @param string $content * @param int $tag * @return string / function _decodeDateTime($content, $tag) { / UTCTime: http://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 http://www.obj-sys.com/asn1tutorial/node15.html GeneralizedTime: http://tools.ietf.org/html/rfc5280#section-4.1.2.5.2 http://www.obj-sys.com/asn1tutorial/node14.html / $format = 'YmdHis'; if ($tag == FILE_ASN1_TYPE_UTC_TIME) { // https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=28 says "the seconds // element shall always be present" but none-the-less I've seen X509 certs where it isn't and if the // browsers parse it phpseclib ought to too if (preg_match('#^(\d{10})(Z\|[+-]\d{4})$#', $content, $matches)) { $content = $matches[1] . '00' . $matches[2]; } $prefix = substr($content, 0, 2) >= 50 ? '19' : '20'; $content = $prefix . $content; } elseif (strpos($content, '.') !== false) { $format.= '.u'; } if ($content[strlen($content) - 1] == 'Z') { $content = substr($content, 0, -1) . '+0000'; } if (strpos($content, '-') !== false \|\| strpos($content, '+') !== false) { $format.= 'O'; } // error supression isn't necessary as of PHP 7.0: // http://php.net/manual/en/migration70.other-changes.php return @DateTime::createFromFormat($format, $content); } /* * Set the time format * * Sets the time / date format for asn1map(). * * @access public * @param string $format / function setTimeFormat($format) { $this->format = $format; } /* * Load OIDs * * Load the relevant OIDs for a particular ASN.1 semantic mapping. * * @access public * @param array $oids / function loadOIDs($oids) { $this->oids = $oids; } /* * Load filters * * See File_X509, etc, for an example. * * @access public * @param array $filters / function loadFilters($filters) { $this->filters = $filters; } /* * String Shift * * Inspired by array_shift * * @param string $string * @param int $index * @return string * @access private / function _string_shift(&$string, $index = 1) { $substr = substr($string, 0, $index); $string = substr($string, $index); return $substr; } /* * String type conversion * * This is a lazy conversion, dealing only with character size. * No real conversion table is used. * * @param string $in * @param int $from * @param int $to * @return string * @access public / function convert($in, $from = FILE_ASN1_TYPE_UTF8_STRING, $to = FILE_ASN1_TYPE_UTF8_STRING) { if (!isset($this->stringTypeSize[$from]) \|\| !isset($this->stringTypeSize[$to])) { return false; } $insize = $this->stringTypeSize[$from]; $outsize = $this->stringTypeSize[$to]; $inlength = strlen($in); $out = ''; for ($i = 0; $i < $inlength;) { if ($inlength - $i < $insize) { return false; } // Get an input character as a 32-bit value. $c = ord($in[$i++]); switch (true) { case $insize == 4: $c = ($c << 8) \| ord($in[$i++]); $c = ($c << 8) \| ord($in[$i++]); case $insize == 2: $c = ($c << 8) \| ord($in[$i++]); case $insize == 1: break; case ($c & 0x80) == 0x00: break; case ($c & 0x40) == 0x00: return false; default: $bit = 6; do { if ($bit > 25 \|\| $i >= $inlength \|\| (ord($in[$i]) & 0xC0) != 0x80) { return false; } $c = ($c << 6) \| (ord($in[$i++]) & 0x3F); $bit += 5; $mask = 1 << $bit; } while ($c & $bit); $c &= $mask - 1; break; } // Convert and append the character to output string. $v = ''; switch (true) { case $outsize == 4: $v .= chr($c & 0xFF); $c >>= 8; $v .= chr($c & 0xFF); $c >>= 8; case $outsize == 2: $v .= chr($c & 0xFF); $c >>= 8; case $outsize == 1: $v .= chr($c & 0xFF); $c >>= 8; if ($c) { return false; } break; case ($c & 0x80000000) != 0: return false; case $c >= 0x04000000: $v .= chr(0x80 \| ($c & 0x3F)); $c = ($c >> 6) \| 0x04000000; case $c >= 0x00200000: $v .= chr(0x80 \| ($c & 0x3F)); $c = ($c >> 6) \| 0x00200000; case $c >= 0x00010000: $v .= chr(0x80 \| ($c & 0x3F)); $c = ($c >> 6) \| 0x00010000; case $c >= 0x00000800: $v .= chr(0x80 \| ($c & 0x3F)); $c = ($c >> 6) \| 0x00000800; case $c >= 0x00000080: $v .= chr(0x80 \| ($c & 0x3F)); $c = ($c >> 6) \| 0x000000C0; default: $v .= chr($c); break; } $out .= strrev($v); } return $out; } } ��phpseclib/File/X509.php��0000644��00000602310�15104540706�0010556 0��ustar�00��<?php /* * Pure-PHP X.509 Parser * * PHP versions 4 and 5 * * Encode and decode X.509 certificates. * * The extensions are from {@link http://tools.ietf.org/html/rfc5280 RFC5280} and * {@link http://web.archive.org/web/19961027104704/http://www3.netscape.com/eng/security/cert-exts.html Netscape Certificate Extensions}. * * Note that loading an X.509 certificate and resaving it may invalidate the signature. The reason being that the signature is based on a * portion of the certificate that contains optional parameters with default values. ie. if the parameter isn't there the default value is * used. Problem is, if the parameter is there and it just so happens to have the default value there are two ways that that parameter can * be encoded. It can be encoded explicitly or left out all together. This would effect the signature value and thus may invalidate the * the certificate all together unless the certificate is re-signed. * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category File * @package File_X509 * @author Jim Wigginton <terrafrost@php.net> * @copyright 2012 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Include File_ASN1 / if (!class_exists('File_ASN1')) { include_once 'ASN1.php'; } /* * Flag to only accept signatures signed by certificate authorities * * Not really used anymore but retained all the same to suppress E_NOTICEs from old installs * * @access public / define('FILE_X509_VALIDATE_SIGNATURE_BY_CA', 1); /#@+ @access public * @see self::getDN() / /* * Return internal array representation / define('FILE_X509_DN_ARRAY', 0); /* * Return string / define('FILE_X509_DN_STRING', 1); /* * Return ASN.1 name string / define('FILE_X509_DN_ASN1', 2); /* * Return OpenSSL compatible array / define('FILE_X509_DN_OPENSSL', 3); /* * Return canonical ASN.1 RDNs string / define('FILE_X509_DN_CANON', 4); /* * Return name hash for file indexing / define('FILE_X509_DN_HASH', 5); /#@-/ /*#@+ @access public * @see self::saveX509() * @see self::saveCSR() * @see self::saveCRL() / /* * Save as PEM * * ie. a base64-encoded PEM with a header and a footer / define('FILE_X509_FORMAT_PEM', 0); /* * Save as DER / define('FILE_X509_FORMAT_DER', 1); /* * Save as a SPKAC * * Only works on CSRs. Not currently supported. / define('FILE_X509_FORMAT_SPKAC', 2); /* * Auto-detect the format * * Used only by the load() functions / define('FILE_X509_FORMAT_AUTO_DETECT', 3); /*#@-/ /** * Attribute value disposition. * If disposition is >= 0, this is the index of the target value. / define('FILE_X509_ATTR_ALL', -1); // All attribute values (array). define('FILE_X509_ATTR_APPEND', -2); // Add a value. define('FILE_X509_ATTR_REPLACE', -3); // Clear first, then add a value. /* * Pure-PHP X.509 Parser * * @package File_X509 * @author Jim Wigginton <terrafrost@php.net> * @access public / class File_X509 { /* * ASN.1 syntax for X.509 certificates * * @var array * @access private / var $Certificate; /#@+ ASN.1 syntax for various extensions * * @access private / var $DirectoryString; var $PKCS9String; var $AttributeValue; var $Extensions; var $KeyUsage; var $ExtKeyUsageSyntax; var $BasicConstraints; var $KeyIdentifier; var $CRLDistributionPoints; var $AuthorityKeyIdentifier; var $CertificatePolicies; var $AuthorityInfoAccessSyntax; var $SubjectAltName; var $SubjectDirectoryAttributes; var $PrivateKeyUsagePeriod; var $IssuerAltName; var $PolicyMappings; var $NameConstraints; var $CPSuri; var $UserNotice; var $netscape_cert_type; var $netscape_comment; var $netscape_ca_policy_url; var $Name; var $RelativeDistinguishedName; var $CRLNumber; var $CRLReason; var $IssuingDistributionPoint; var $InvalidityDate; var $CertificateIssuer; var $HoldInstructionCode; var $SignedPublicKeyAndChallenge; /#@-/ /*#@+ ASN.1 syntax for various DN attributes * * @access private / var $PostalAddress; /#@-/ /** * ASN.1 syntax for Certificate Signing Requests (RFC2986) * * @var array * @access private / var $CertificationRequest; /* * ASN.1 syntax for Certificate Revocation Lists (RFC5280) * * @var array * @access private / var $CertificateList; /* * Distinguished Name * * @var array * @access private / var $dn; /* * Public key * * @var string * @access private / var $publicKey; /* * Private key * * @var string * @access private / var $privateKey; /* * Object identifiers for X.509 certificates * * @var array * @access private * @link http://en.wikipedia.org/wiki/Object_identifier / var $oids; /* * The certificate authorities * * @var array * @access private / var $CAs; /* * The currently loaded certificate * * @var array * @access private / var $currentCert; /* * The signature subject * * There's no guarantee File_X509 is going to re-encode an X.509 cert in the same way it was originally * encoded so we take save the portion of the original cert that the signature would have made for. * * @var string * @access private / var $signatureSubject; /* * Certificate Start Date * * @var string * @access private / var $startDate; /* * Certificate End Date * * @var string * @access private / var $endDate; /* * Serial Number * * @var string * @access private / var $serialNumber; /* * Key Identifier * * See {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.1 RFC5280#section-4.2.1.1} and * {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.2 RFC5280#section-4.2.1.2}. * * @var string * @access private / var $currentKeyIdentifier; /* * CA Flag * * @var bool * @access private / var $caFlag = false; /* * SPKAC Challenge * * @var string * @access private / var $challenge; /* * Recursion Limit * * @var int * @access private / var $recur_limit = 5; /* * URL fetch flag * * @var bool * @access private / var $disable_url_fetch = false; /* * Default Constructor. * * @return File_X509 * @access public / function __construct() { if (!class_exists('Math_BigInteger')) { include_once 'Math/BigInteger.php'; } // Explicitly Tagged Module, 1988 Syntax // http://tools.ietf.org/html/rfc5280#appendix-A.1 $this->DirectoryString = array( 'type' => FILE_ASN1_TYPE_CHOICE, 'children' => array( 'teletexString' => array('type' => FILE_ASN1_TYPE_TELETEX_STRING), 'printableString' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING), 'universalString' => array('type' => FILE_ASN1_TYPE_UNIVERSAL_STRING), 'utf8String' => array('type' => FILE_ASN1_TYPE_UTF8_STRING), 'bmpString' => array('type' => FILE_ASN1_TYPE_BMP_STRING) ) ); $this->PKCS9String = array( 'type' => FILE_ASN1_TYPE_CHOICE, 'children' => array( 'ia5String' => array('type' => FILE_ASN1_TYPE_IA5_STRING), 'directoryString' => $this->DirectoryString ) ); $this->AttributeValue = array('type' => FILE_ASN1_TYPE_ANY); $AttributeType = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); $AttributeTypeAndValue = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'type' => $AttributeType, 'value'=> $this->AttributeValue ) ); / In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare, but they can be useful at times when either there is no unique attribute in the entry or you want to ensure that the entry's DN contains some useful identifying information. - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName / $this->RelativeDistinguishedName = array( 'type' => FILE_ASN1_TYPE_SET, 'min' => 1, 'max' => -1, 'children' => $AttributeTypeAndValue ); // http://tools.ietf.org/html/rfc5280#section-4.1.2.4 $RDNSequence = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, // RDNSequence does not define a min or a max, which means it doesn't have one 'min' => 0, 'max' => -1, 'children' => $this->RelativeDistinguishedName ); $this->Name = array( 'type' => FILE_ASN1_TYPE_CHOICE, 'children' => array( 'rdnSequence' => $RDNSequence ) ); // http://tools.ietf.org/html/rfc5280#section-4.1.1.2 $AlgorithmIdentifier = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'algorithm' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER), 'parameters' => array( 'type' => FILE_ASN1_TYPE_ANY, 'optional' => true ) ) ); / A certificate using system MUST reject the certificate if it encounters a critical extension it does not recognize; however, a non-critical extension may be ignored if it is not recognized. http://tools.ietf.org/html/rfc5280#section-4.2 / $Extension = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'extnId' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER), 'critical' => array( 'type' => FILE_ASN1_TYPE_BOOLEAN, 'optional' => true, 'default' => false ), 'extnValue' => array('type' => FILE_ASN1_TYPE_OCTET_STRING) ) ); $this->Extensions = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, // technically, it's MAX, but we'll assume anything < 0 is MAX 'max' => -1, // if 'children' isn't an array then 'min' and 'max' must be defined 'children' => $Extension ); $SubjectPublicKeyInfo = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'algorithm' => $AlgorithmIdentifier, 'subjectPublicKey' => array('type' => FILE_ASN1_TYPE_BIT_STRING) ) ); $UniqueIdentifier = array('type' => FILE_ASN1_TYPE_BIT_STRING); $Time = array( 'type' => FILE_ASN1_TYPE_CHOICE, 'children' => array( 'utcTime' => array('type' => FILE_ASN1_TYPE_UTC_TIME), 'generalTime' => array('type' => FILE_ASN1_TYPE_GENERALIZED_TIME) ) ); // http://tools.ietf.org/html/rfc5280#section-4.1.2.5 $Validity = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'notBefore' => $Time, 'notAfter' => $Time ) ); $CertificateSerialNumber = array('type' => FILE_ASN1_TYPE_INTEGER); $Version = array( 'type' => FILE_ASN1_TYPE_INTEGER, 'mapping' => array('v1', 'v2', 'v3') ); // assert($TBSCertificate['children']['signature'] == $Certificate['children']['signatureAlgorithm']) $TBSCertificate = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( // technically, default implies optional, but we'll define it as being optional, none-the-less, just to // reenforce that fact 'version' => array( 'constant' => 0, 'optional' => true, 'explicit' => true, 'default' => 'v1' ) + $Version, 'serialNumber' => $CertificateSerialNumber, 'signature' => $AlgorithmIdentifier, 'issuer' => $this->Name, 'validity' => $Validity, 'subject' => $this->Name, 'subjectPublicKeyInfo' => $SubjectPublicKeyInfo, // implicit means that the T in the TLV structure is to be rewritten, regardless of the type 'issuerUniqueID' => array( 'constant' => 1, 'optional' => true, 'implicit' => true ) + $UniqueIdentifier, 'subjectUniqueID' => array( 'constant' => 2, 'optional' => true, 'implicit' => true ) + $UniqueIdentifier, // <http://tools.ietf.org/html/rfc2459#page-74> doesn't use the EXPLICIT keyword but if // it's not IMPLICIT, it's EXPLICIT 'extensions' => array( 'constant' => 3, 'optional' => true, 'explicit' => true ) + $this->Extensions ) ); $this->Certificate = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'tbsCertificate' => $TBSCertificate, 'signatureAlgorithm' => $AlgorithmIdentifier, 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING) ) ); $this->KeyUsage = array( 'type' => FILE_ASN1_TYPE_BIT_STRING, 'mapping' => array( 'digitalSignature', 'nonRepudiation', 'keyEncipherment', 'dataEncipherment', 'keyAgreement', 'keyCertSign', 'cRLSign', 'encipherOnly', 'decipherOnly' ) ); $this->BasicConstraints = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'cA' => array( 'type' => FILE_ASN1_TYPE_BOOLEAN, 'optional' => true, 'default' => false ), 'pathLenConstraint' => array( 'type' => FILE_ASN1_TYPE_INTEGER, 'optional' => true ) ) ); $this->KeyIdentifier = array('type' => FILE_ASN1_TYPE_OCTET_STRING); $OrganizationalUnitNames = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => 4, // ub-organizational-units 'children' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) ); $PersonalName = array( 'type' => FILE_ASN1_TYPE_SET, 'children' => array( 'surname' => array( 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, 'constant' => 0, 'optional' => true, 'implicit' => true ), 'given-name' => array( 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, 'constant' => 1, 'optional' => true, 'implicit' => true ), 'initials' => array( 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, 'constant' => 2, 'optional' => true, 'implicit' => true ), 'generation-qualifier' => array( 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, 'constant' => 3, 'optional' => true, 'implicit' => true ) ) ); $NumericUserIdentifier = array('type' => FILE_ASN1_TYPE_NUMERIC_STRING); $OrganizationName = array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING); $PrivateDomainName = array( 'type' => FILE_ASN1_TYPE_CHOICE, 'children' => array( 'numeric' => array('type' => FILE_ASN1_TYPE_NUMERIC_STRING), 'printable' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) ) ); $TerminalIdentifier = array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING); $NetworkAddress = array('type' => FILE_ASN1_TYPE_NUMERIC_STRING); $AdministrationDomainName = array( 'type' => FILE_ASN1_TYPE_CHOICE, // if class isn't present it's assumed to be FILE_ASN1_CLASS_UNIVERSAL or // (if constant is present) FILE_ASN1_CLASS_CONTEXT_SPECIFIC 'class' => FILE_ASN1_CLASS_APPLICATION, 'cast' => 2, 'children' => array( 'numeric' => array('type' => FILE_ASN1_TYPE_NUMERIC_STRING), 'printable' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) ) ); $CountryName = array( 'type' => FILE_ASN1_TYPE_CHOICE, // if class isn't present it's assumed to be FILE_ASN1_CLASS_UNIVERSAL or // (if constant is present) FILE_ASN1_CLASS_CONTEXT_SPECIFIC 'class' => FILE_ASN1_CLASS_APPLICATION, 'cast' => 1, 'children' => array( 'x121-dcc-code' => array('type' => FILE_ASN1_TYPE_NUMERIC_STRING), 'iso-3166-alpha2-code' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) ) ); $AnotherName = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'type-id' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER), 'value' => array( 'type' => FILE_ASN1_TYPE_ANY, 'constant' => 0, 'optional' => true, 'explicit' => true ) ) ); $ExtensionAttribute = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'extension-attribute-type' => array( 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, 'constant' => 0, 'optional' => true, 'implicit' => true ), 'extension-attribute-value' => array( 'type' => FILE_ASN1_TYPE_ANY, 'constant' => 1, 'optional' => true, 'explicit' => true ) ) ); $ExtensionAttributes = array( 'type' => FILE_ASN1_TYPE_SET, 'min' => 1, 'max' => 256, // ub-extension-attributes 'children' => $ExtensionAttribute ); $BuiltInDomainDefinedAttribute = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'type' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING), 'value' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) ) ); $BuiltInDomainDefinedAttributes = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => 4, // ub-domain-defined-attributes 'children' => $BuiltInDomainDefinedAttribute ); $BuiltInStandardAttributes = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'country-name' => array('optional' => true) + $CountryName, 'administration-domain-name' => array('optional' => true) + $AdministrationDomainName, 'network-address' => array( 'constant' => 0, 'optional' => true, 'implicit' => true ) + $NetworkAddress, 'terminal-identifier' => array( 'constant' => 1, 'optional' => true, 'implicit' => true ) + $TerminalIdentifier, 'private-domain-name' => array( 'constant' => 2, 'optional' => true, 'explicit' => true ) + $PrivateDomainName, 'organization-name' => array( 'constant' => 3, 'optional' => true, 'implicit' => true ) + $OrganizationName, 'numeric-user-identifier' => array( 'constant' => 4, 'optional' => true, 'implicit' => true ) + $NumericUserIdentifier, 'personal-name' => array( 'constant' => 5, 'optional' => true, 'implicit' => true ) + $PersonalName, 'organizational-unit-names' => array( 'constant' => 6, 'optional' => true, 'implicit' => true ) + $OrganizationalUnitNames ) ); $ORAddress = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'built-in-standard-attributes' => $BuiltInStandardAttributes, 'built-in-domain-defined-attributes' => array('optional' => true) + $BuiltInDomainDefinedAttributes, 'extension-attributes' => array('optional' => true) + $ExtensionAttributes ) ); $EDIPartyName = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'nameAssigner' => array( 'constant' => 0, 'optional' => true, 'implicit' => true ) + $this->DirectoryString, // partyName is technically required but File_ASN1 doesn't currently support non-optional constants and // setting it to optional gets the job done in any event. 'partyName' => array( 'constant' => 1, 'optional' => true, 'implicit' => true ) + $this->DirectoryString ) ); $GeneralName = array( 'type' => FILE_ASN1_TYPE_CHOICE, 'children' => array( 'otherName' => array( 'constant' => 0, 'optional' => true, 'implicit' => true ) + $AnotherName, 'rfc822Name' => array( 'type' => FILE_ASN1_TYPE_IA5_STRING, 'constant' => 1, 'optional' => true, 'implicit' => true ), 'dNSName' => array( 'type' => FILE_ASN1_TYPE_IA5_STRING, 'constant' => 2, 'optional' => true, 'implicit' => true ), 'x400Address' => array( 'constant' => 3, 'optional' => true, 'implicit' => true ) + $ORAddress, 'directoryName' => array( 'constant' => 4, 'optional' => true, 'explicit' => true ) + $this->Name, 'ediPartyName' => array( 'constant' => 5, 'optional' => true, 'implicit' => true ) + $EDIPartyName, 'uniformResourceIdentifier' => array( 'type' => FILE_ASN1_TYPE_IA5_STRING, 'constant' => 6, 'optional' => true, 'implicit' => true ), 'iPAddress' => array( 'type' => FILE_ASN1_TYPE_OCTET_STRING, 'constant' => 7, 'optional' => true, 'implicit' => true ), 'registeredID' => array( 'type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER, 'constant' => 8, 'optional' => true, 'implicit' => true ) ) ); $GeneralNames = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $GeneralName ); $this->IssuerAltName = $GeneralNames; $ReasonFlags = array( 'type' => FILE_ASN1_TYPE_BIT_STRING, 'mapping' => array( 'unused', 'keyCompromise', 'cACompromise', 'affiliationChanged', 'superseded', 'cessationOfOperation', 'certificateHold', 'privilegeWithdrawn', 'aACompromise' ) ); $DistributionPointName = array( 'type' => FILE_ASN1_TYPE_CHOICE, 'children' => array( 'fullName' => array( 'constant' => 0, 'optional' => true, 'implicit' => true ) + $GeneralNames, 'nameRelativeToCRLIssuer' => array( 'constant' => 1, 'optional' => true, 'implicit' => true ) + $this->RelativeDistinguishedName ) ); $DistributionPoint = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'distributionPoint' => array( 'constant' => 0, 'optional' => true, 'explicit' => true ) + $DistributionPointName, 'reasons' => array( 'constant' => 1, 'optional' => true, 'implicit' => true ) + $ReasonFlags, 'cRLIssuer' => array( 'constant' => 2, 'optional' => true, 'implicit' => true ) + $GeneralNames ) ); $this->CRLDistributionPoints = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $DistributionPoint ); $this->AuthorityKeyIdentifier = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'keyIdentifier' => array( 'constant' => 0, 'optional' => true, 'implicit' => true ) + $this->KeyIdentifier, 'authorityCertIssuer' => array( 'constant' => 1, 'optional' => true, 'implicit' => true ) + $GeneralNames, 'authorityCertSerialNumber' => array( 'constant' => 2, 'optional' => true, 'implicit' => true ) + $CertificateSerialNumber ) ); $PolicyQualifierId = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); $PolicyQualifierInfo = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'policyQualifierId' => $PolicyQualifierId, 'qualifier' => array('type' => FILE_ASN1_TYPE_ANY) ) ); $CertPolicyId = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); $PolicyInformation = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'policyIdentifier' => $CertPolicyId, 'policyQualifiers' => array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 0, 'max' => -1, 'optional' => true, 'children' => $PolicyQualifierInfo ) ) ); $this->CertificatePolicies = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $PolicyInformation ); $this->PolicyMappings = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'issuerDomainPolicy' => $CertPolicyId, 'subjectDomainPolicy' => $CertPolicyId ) ) ); $KeyPurposeId = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); $this->ExtKeyUsageSyntax = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $KeyPurposeId ); $AccessDescription = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'accessMethod' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER), 'accessLocation' => $GeneralName ) ); $this->AuthorityInfoAccessSyntax = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $AccessDescription ); $this->SubjectInfoAccessSyntax = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $AccessDescription ); $this->SubjectAltName = $GeneralNames; $this->PrivateKeyUsagePeriod = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'notBefore' => array( 'constant' => 0, 'optional' => true, 'implicit' => true, 'type' => FILE_ASN1_TYPE_GENERALIZED_TIME), 'notAfter' => array( 'constant' => 1, 'optional' => true, 'implicit' => true, 'type' => FILE_ASN1_TYPE_GENERALIZED_TIME) ) ); $BaseDistance = array('type' => FILE_ASN1_TYPE_INTEGER); $GeneralSubtree = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'base' => $GeneralName, 'minimum' => array( 'constant' => 0, 'optional' => true, 'implicit' => true, 'default' => new Math_BigInteger(0) ) + $BaseDistance, 'maximum' => array( 'constant' => 1, 'optional' => true, 'implicit' => true, ) + $BaseDistance ) ); $GeneralSubtrees = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $GeneralSubtree ); $this->NameConstraints = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'permittedSubtrees' => array( 'constant' => 0, 'optional' => true, 'implicit' => true ) + $GeneralSubtrees, 'excludedSubtrees' => array( 'constant' => 1, 'optional' => true, 'implicit' => true ) + $GeneralSubtrees ) ); $this->CPSuri = array('type' => FILE_ASN1_TYPE_IA5_STRING); $DisplayText = array( 'type' => FILE_ASN1_TYPE_CHOICE, 'children' => array( 'ia5String' => array('type' => FILE_ASN1_TYPE_IA5_STRING), 'visibleString' => array('type' => FILE_ASN1_TYPE_VISIBLE_STRING), 'bmpString' => array('type' => FILE_ASN1_TYPE_BMP_STRING), 'utf8String' => array('type' => FILE_ASN1_TYPE_UTF8_STRING) ) ); $NoticeReference = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'organization' => $DisplayText, 'noticeNumbers' => array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => 200, 'children' => array('type' => FILE_ASN1_TYPE_INTEGER) ) ) ); $this->UserNotice = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'noticeRef' => array( 'optional' => true, 'implicit' => true ) + $NoticeReference, 'explicitText' => array( 'optional' => true, 'implicit' => true ) + $DisplayText ) ); // mapping is from <http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html> $this->netscape_cert_type = array( 'type' => FILE_ASN1_TYPE_BIT_STRING, 'mapping' => array( 'SSLClient', 'SSLServer', 'Email', 'ObjectSigning', 'Reserved', 'SSLCA', 'EmailCA', 'ObjectSigningCA' ) ); $this->netscape_comment = array('type' => FILE_ASN1_TYPE_IA5_STRING); $this->netscape_ca_policy_url = array('type' => FILE_ASN1_TYPE_IA5_STRING); // attribute is used in RFC2986 but we're using the RFC5280 definition $Attribute = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'type' => $AttributeType, 'value'=> array( 'type' => FILE_ASN1_TYPE_SET, 'min' => 1, 'max' => -1, 'children' => $this->AttributeValue ) ) ); $this->SubjectDirectoryAttributes = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $Attribute ); // adapted from <http://tools.ietf.org/html/rfc2986> $Attributes = array( 'type' => FILE_ASN1_TYPE_SET, 'min' => 1, 'max' => -1, 'children' => $Attribute ); $CertificationRequestInfo = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'version' => array( 'type' => FILE_ASN1_TYPE_INTEGER, 'mapping' => array('v1') ), 'subject' => $this->Name, 'subjectPKInfo' => $SubjectPublicKeyInfo, 'attributes' => array( 'constant' => 0, 'optional' => true, 'implicit' => true ) + $Attributes, ) ); $this->CertificationRequest = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'certificationRequestInfo' => $CertificationRequestInfo, 'signatureAlgorithm' => $AlgorithmIdentifier, 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING) ) ); $RevokedCertificate = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'userCertificate' => $CertificateSerialNumber, 'revocationDate' => $Time, 'crlEntryExtensions' => array( 'optional' => true ) + $this->Extensions ) ); $TBSCertList = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'version' => array( 'optional' => true, 'default' => 'v1' ) + $Version, 'signature' => $AlgorithmIdentifier, 'issuer' => $this->Name, 'thisUpdate' => $Time, 'nextUpdate' => array( 'optional' => true ) + $Time, 'revokedCertificates' => array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'optional' => true, 'min' => 0, 'max' => -1, 'children' => $RevokedCertificate ), 'crlExtensions' => array( 'constant' => 0, 'optional' => true, 'explicit' => true ) + $this->Extensions ) ); $this->CertificateList = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'tbsCertList' => $TBSCertList, 'signatureAlgorithm' => $AlgorithmIdentifier, 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING) ) ); $this->CRLNumber = array('type' => FILE_ASN1_TYPE_INTEGER); $this->CRLReason = array('type' => FILE_ASN1_TYPE_ENUMERATED, 'mapping' => array( 'unspecified', 'keyCompromise', 'cACompromise', 'affiliationChanged', 'superseded', 'cessationOfOperation', 'certificateHold', // Value 7 is not used. 8 => 'removeFromCRL', 'privilegeWithdrawn', 'aACompromise' ) ); $this->IssuingDistributionPoint = array('type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'distributionPoint' => array( 'constant' => 0, 'optional' => true, 'explicit' => true ) + $DistributionPointName, 'onlyContainsUserCerts' => array( 'type' => FILE_ASN1_TYPE_BOOLEAN, 'constant' => 1, 'optional' => true, 'default' => false, 'implicit' => true ), 'onlyContainsCACerts' => array( 'type' => FILE_ASN1_TYPE_BOOLEAN, 'constant' => 2, 'optional' => true, 'default' => false, 'implicit' => true ), 'onlySomeReasons' => array( 'constant' => 3, 'optional' => true, 'implicit' => true ) + $ReasonFlags, 'indirectCRL' => array( 'type' => FILE_ASN1_TYPE_BOOLEAN, 'constant' => 4, 'optional' => true, 'default' => false, 'implicit' => true ), 'onlyContainsAttributeCerts' => array( 'type' => FILE_ASN1_TYPE_BOOLEAN, 'constant' => 5, 'optional' => true, 'default' => false, 'implicit' => true ) ) ); $this->InvalidityDate = array('type' => FILE_ASN1_TYPE_GENERALIZED_TIME); $this->CertificateIssuer = $GeneralNames; $this->HoldInstructionCode = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); $PublicKeyAndChallenge = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'spki' => $SubjectPublicKeyInfo, 'challenge' => array('type' => FILE_ASN1_TYPE_IA5_STRING) ) ); $this->SignedPublicKeyAndChallenge = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'children' => array( 'publicKeyAndChallenge' => $PublicKeyAndChallenge, 'signatureAlgorithm' => $AlgorithmIdentifier, 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING) ) ); $this->PostalAddress = array( 'type' => FILE_ASN1_TYPE_SEQUENCE, 'optional' => true, 'min' => 1, 'max' => -1, 'children' => $this->DirectoryString ); // OIDs from RFC5280 and those RFCs mentioned in RFC5280#section-4.1.1.2 $this->oids = array( '1.3.6.1.5.5.7' => 'id-pkix', '1.3.6.1.5.5.7.1' => 'id-pe', '1.3.6.1.5.5.7.2' => 'id-qt', '1.3.6.1.5.5.7.3' => 'id-kp', '1.3.6.1.5.5.7.48' => 'id-ad', '1.3.6.1.5.5.7.2.1' => 'id-qt-cps', '1.3.6.1.5.5.7.2.2' => 'id-qt-unotice', '1.3.6.1.5.5.7.48.1' =>'id-ad-ocsp', '1.3.6.1.5.5.7.48.2' => 'id-ad-caIssuers', '1.3.6.1.5.5.7.48.3' => 'id-ad-timeStamping', '1.3.6.1.5.5.7.48.5' => 'id-ad-caRepository', '2.5.4' => 'id-at', '2.5.4.41' => 'id-at-name', '2.5.4.4' => 'id-at-surname', '2.5.4.42' => 'id-at-givenName', '2.5.4.43' => 'id-at-initials', '2.5.4.44' => 'id-at-generationQualifier', '2.5.4.3' => 'id-at-commonName', '2.5.4.7' => 'id-at-localityName', '2.5.4.8' => 'id-at-stateOrProvinceName', '2.5.4.10' => 'id-at-organizationName', '2.5.4.11' => 'id-at-organizationalUnitName', '2.5.4.12' => 'id-at-title', '2.5.4.13' => 'id-at-description', '2.5.4.46' => 'id-at-dnQualifier', '2.5.4.6' => 'id-at-countryName', '2.5.4.5' => 'id-at-serialNumber', '2.5.4.65' => 'id-at-pseudonym', '2.5.4.17' => 'id-at-postalCode', '2.5.4.9' => 'id-at-streetAddress', '2.5.4.45' => 'id-at-uniqueIdentifier', '2.5.4.72' => 'id-at-role', '2.5.4.16' => 'id-at-postalAddress', '0.9.2342.19200300.100.1.25' => 'id-domainComponent', '1.2.840.113549.1.9' => 'pkcs-9', '1.2.840.113549.1.9.1' => 'pkcs-9-at-emailAddress', '2.5.29' => 'id-ce', '2.5.29.35' => 'id-ce-authorityKeyIdentifier', '2.5.29.14' => 'id-ce-subjectKeyIdentifier', '2.5.29.15' => 'id-ce-keyUsage', '2.5.29.16' => 'id-ce-privateKeyUsagePeriod', '2.5.29.32' => 'id-ce-certificatePolicies', '2.5.29.32.0' => 'anyPolicy', '2.5.29.33' => 'id-ce-policyMappings', '2.5.29.17' => 'id-ce-subjectAltName', '2.5.29.18' => 'id-ce-issuerAltName', '2.5.29.9' => 'id-ce-subjectDirectoryAttributes', '2.5.29.19' => 'id-ce-basicConstraints', '2.5.29.30' => 'id-ce-nameConstraints', '2.5.29.36' => 'id-ce-policyConstraints', '2.5.29.31' => 'id-ce-cRLDistributionPoints', '2.5.29.37' => 'id-ce-extKeyUsage', '2.5.29.37.0' => 'anyExtendedKeyUsage', '1.3.6.1.5.5.7.3.1' => 'id-kp-serverAuth', '1.3.6.1.5.5.7.3.2' => 'id-kp-clientAuth', '1.3.6.1.5.5.7.3.3' => 'id-kp-codeSigning', '1.3.6.1.5.5.7.3.4' => 'id-kp-emailProtection', '1.3.6.1.5.5.7.3.8' => 'id-kp-timeStamping', '1.3.6.1.5.5.7.3.9' => 'id-kp-OCSPSigning', '2.5.29.54' => 'id-ce-inhibitAnyPolicy', '2.5.29.46' => 'id-ce-freshestCRL', '1.3.6.1.5.5.7.1.1' => 'id-pe-authorityInfoAccess', '1.3.6.1.5.5.7.1.11' => 'id-pe-subjectInfoAccess', '2.5.29.20' => 'id-ce-cRLNumber', '2.5.29.28' => 'id-ce-issuingDistributionPoint', '2.5.29.27' => 'id-ce-deltaCRLIndicator', '2.5.29.21' => 'id-ce-cRLReasons', '2.5.29.29' => 'id-ce-certificateIssuer', '2.5.29.23' => 'id-ce-holdInstructionCode', '1.2.840.10040.2' => 'holdInstruction', '1.2.840.10040.2.1' => 'id-holdinstruction-none', '1.2.840.10040.2.2' => 'id-holdinstruction-callissuer', '1.2.840.10040.2.3' => 'id-holdinstruction-reject', '2.5.29.24' => 'id-ce-invalidityDate', '1.2.840.113549.2.2' => 'md2', '1.2.840.113549.2.5' => 'md5', '1.3.14.3.2.26' => 'id-sha1', '1.2.840.10040.4.1' => 'id-dsa', '1.2.840.10040.4.3' => 'id-dsa-with-sha1', '1.2.840.113549.1.1' => 'pkcs-1', '1.2.840.113549.1.1.1' => 'rsaEncryption', '1.2.840.113549.1.1.2' => 'md2WithRSAEncryption', '1.2.840.113549.1.1.4' => 'md5WithRSAEncryption', '1.2.840.113549.1.1.5' => 'sha1WithRSAEncryption', '1.2.840.10046.2.1' => 'dhpublicnumber', '2.16.840.1.101.2.1.1.22' => 'id-keyExchangeAlgorithm', '1.2.840.10045' => 'ansi-X9-62', '1.2.840.10045.4' => 'id-ecSigType', '1.2.840.10045.4.1' => 'ecdsa-with-SHA1', '1.2.840.10045.1' => 'id-fieldType', '1.2.840.10045.1.1' => 'prime-field', '1.2.840.10045.1.2' => 'characteristic-two-field', '1.2.840.10045.1.2.3' => 'id-characteristic-two-basis', '1.2.840.10045.1.2.3.1' => 'gnBasis', '1.2.840.10045.1.2.3.2' => 'tpBasis', '1.2.840.10045.1.2.3.3' => 'ppBasis', '1.2.840.10045.2' => 'id-publicKeyType', '1.2.840.10045.2.1' => 'id-ecPublicKey', '1.2.840.10045.3' => 'ellipticCurve', '1.2.840.10045.3.0' => 'c-TwoCurve', '1.2.840.10045.3.0.1' => 'c2pnb163v1', '1.2.840.10045.3.0.2' => 'c2pnb163v2', '1.2.840.10045.3.0.3' => 'c2pnb163v3', '1.2.840.10045.3.0.4' => 'c2pnb176w1', '1.2.840.10045.3.0.5' => 'c2pnb191v1', '1.2.840.10045.3.0.6' => 'c2pnb191v2', '1.2.840.10045.3.0.7' => 'c2pnb191v3', '1.2.840.10045.3.0.8' => 'c2pnb191v4', '1.2.840.10045.3.0.9' => 'c2pnb191v5', '1.2.840.10045.3.0.10' => 'c2pnb208w1', '1.2.840.10045.3.0.11' => 'c2pnb239v1', '1.2.840.10045.3.0.12' => 'c2pnb239v2', '1.2.840.10045.3.0.13' => 'c2pnb239v3', '1.2.840.10045.3.0.14' => 'c2pnb239v4', '1.2.840.10045.3.0.15' => 'c2pnb239v5', '1.2.840.10045.3.0.16' => 'c2pnb272w1', '1.2.840.10045.3.0.17' => 'c2pnb304w1', '1.2.840.10045.3.0.18' => 'c2pnb359v1', '1.2.840.10045.3.0.19' => 'c2pnb368w1', '1.2.840.10045.3.0.20' => 'c2pnb431r1', '1.2.840.10045.3.1' => 'primeCurve', '1.2.840.10045.3.1.1' => 'prime192v1', '1.2.840.10045.3.1.2' => 'prime192v2', '1.2.840.10045.3.1.3' => 'prime192v3', '1.2.840.10045.3.1.4' => 'prime239v1', '1.2.840.10045.3.1.5' => 'prime239v2', '1.2.840.10045.3.1.6' => 'prime239v3', '1.2.840.10045.3.1.7' => 'prime256v1', '1.2.840.113549.1.1.7' => 'id-RSAES-OAEP', '1.2.840.113549.1.1.9' => 'id-pSpecified', '1.2.840.113549.1.1.10' => 'id-RSASSA-PSS', '1.2.840.113549.1.1.8' => 'id-mgf1', '1.2.840.113549.1.1.14' => 'sha224WithRSAEncryption', '1.2.840.113549.1.1.11' => 'sha256WithRSAEncryption', '1.2.840.113549.1.1.12' => 'sha384WithRSAEncryption', '1.2.840.113549.1.1.13' => 'sha512WithRSAEncryption', '2.16.840.1.101.3.4.2.4' => 'id-sha224', '2.16.840.1.101.3.4.2.1' => 'id-sha256', '2.16.840.1.101.3.4.2.2' => 'id-sha384', '2.16.840.1.101.3.4.2.3' => 'id-sha512', '1.2.643.2.2.4' => 'id-GostR3411-94-with-GostR3410-94', '1.2.643.2.2.3' => 'id-GostR3411-94-with-GostR3410-2001', '1.2.643.2.2.20' => 'id-GostR3410-2001', '1.2.643.2.2.19' => 'id-GostR3410-94', // Netscape Object Identifiers from "Netscape Certificate Extensions" '2.16.840.1.113730' => 'netscape', '2.16.840.1.113730.1' => 'netscape-cert-extension', '2.16.840.1.113730.1.1' => 'netscape-cert-type', '2.16.840.1.113730.1.13' => 'netscape-comment', '2.16.840.1.113730.1.8' => 'netscape-ca-policy-url', // the following are X.509 extensions not supported by phpseclib '1.3.6.1.5.5.7.1.12' => 'id-pe-logotype', '1.2.840.113533.7.65.0' => 'entrustVersInfo', '2.16.840.1.113733.1.6.9' => 'verisignPrivate', // for Certificate Signing Requests // see http://tools.ietf.org/html/rfc2985 '1.2.840.113549.1.9.2' => 'pkcs-9-at-unstructuredName', // PKCS #9 unstructured name '1.2.840.113549.1.9.7' => 'pkcs-9-at-challengePassword', // Challenge password for certificate revocations '1.2.840.113549.1.9.14' => 'pkcs-9-at-extensionRequest' // Certificate extension request ); } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @access public / function File_X509() { $this->__construct(); } /* * Load X.509 certificate * * Returns an associative array describing the X.509 cert or a false if the cert failed to load * * @param string $cert * @param int $mode * @access public * @return mixed / function loadX509($cert, $mode = FILE_X509_FORMAT_AUTO_DETECT) { if (is_array($cert) && isset($cert['tbsCertificate'])) { unset($this->currentCert); unset($this->currentKeyIdentifier); $this->dn = $cert['tbsCertificate']['subject']; if (!isset($this->dn)) { return false; } $this->currentCert = $cert; $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; unset($this->signatureSubject); return $cert; } $asn1 = new File_ASN1(); if ($mode != FILE_X509_FORMAT_DER) { $newcert = $this->_extractBER($cert); if ($mode == FILE_X509_FORMAT_PEM && $cert == $newcert) { return false; } $cert = $newcert; } if ($cert === false) { $this->currentCert = false; return false; } $asn1->loadOIDs($this->oids); $decoded = $asn1->decodeBER($cert); if (!empty($decoded)) { $x509 = $asn1->asn1map($decoded[0], $this->Certificate); } if (!isset($x509) \|\| $x509 === false) { $this->currentCert = false; return false; } $this->signatureSubject = substr($cert, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); if ($this->_isSubArrayValid($x509, 'tbsCertificate/extensions')) { $this->_mapInExtensions($x509, 'tbsCertificate/extensions', $asn1); } $this->_mapInDNs($x509, 'tbsCertificate/issuer/rdnSequence', $asn1); $this->_mapInDNs($x509, 'tbsCertificate/subject/rdnSequence', $asn1); $key = &$x509['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']; $key = $this->_reformatKey($x509['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], $key); $this->currentCert = $x509; $this->dn = $x509['tbsCertificate']['subject']; $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; return $x509; } /* * Save X.509 certificate * * @param array $cert * @param int $format optional * @access public * @return string / function saveX509($cert, $format = FILE_X509_FORMAT_PEM) { if (!is_array($cert) \|\| !isset($cert['tbsCertificate'])) { return false; } switch (true) { // "case !$a: case !$b: break; default: whatever();" is the same thing as "if ($a && $b) whatever()" case !($algorithm = $this->_subArray($cert, 'tbsCertificate/subjectPublicKeyInfo/algorithm/algorithm')): case is_object($cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']): break; default: switch ($algorithm) { case 'rsaEncryption': $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] = base64_encode("\0" . base64_decode(preg_replace('#-.+-\|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']))); / "[For RSA keys] the parameters field MUST have ASN.1 type NULL for this algorithm identifier." -- https://tools.ietf.org/html/rfc3279#section-2.3.1 given that and the fact that RSA keys appear ot be the only key type for which the parameters field can be blank, it seems like perhaps the ASN.1 description ought not say the parameters field is OPTIONAL, but whatever. / $cert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] = null; // https://tools.ietf.org/html/rfc3279#section-2.2.1 $cert['signatureAlgorithm']['parameters'] = null; $cert['tbsCertificate']['signature']['parameters'] = null; } } $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $filters = array(); $type_utf8_string = array('type' => FILE_ASN1_TYPE_UTF8_STRING); $filters['tbsCertificate']['signature']['parameters'] = $type_utf8_string; $filters['tbsCertificate']['signature']['issuer']['rdnSequence']['value'] = $type_utf8_string; $filters['tbsCertificate']['issuer']['rdnSequence']['value'] = $type_utf8_string; $filters['tbsCertificate']['subject']['rdnSequence']['value'] = $type_utf8_string; $filters['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] = $type_utf8_string; $filters['signatureAlgorithm']['parameters'] = $type_utf8_string; $filters['authorityCertIssuer']['directoryName']['rdnSequence']['value'] = $type_utf8_string; //$filters['policyQualifiers']['qualifier'] = $type_utf8_string; $filters['distributionPoint']['fullName']['directoryName']['rdnSequence']['value'] = $type_utf8_string; $filters['directoryName']['rdnSequence']['value'] = $type_utf8_string; / in the case of policyQualifiers/qualifier, the type has to be FILE_ASN1_TYPE_IA5_STRING. FILE_ASN1_TYPE_PRINTABLE_STRING will cause OpenSSL's X.509 parser to spit out random characters. / $filters['policyQualifiers']['qualifier'] = array('type' => FILE_ASN1_TYPE_IA5_STRING); $asn1->loadFilters($filters); $this->_mapOutExtensions($cert, 'tbsCertificate/extensions', $asn1); $this->_mapOutDNs($cert, 'tbsCertificate/issuer/rdnSequence', $asn1); $this->_mapOutDNs($cert, 'tbsCertificate/subject/rdnSequence', $asn1); $cert = $asn1->encodeDER($cert, $this->Certificate); switch ($format) { case FILE_X509_FORMAT_DER: return $cert; // case FILE_X509_FORMAT_PEM: default: return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(base64_encode($cert), 64) . '-----END CERTIFICATE-----'; } } /* * Map extension values from octet string to extension-specific internal * format. * * @param array ref $root * @param string $path * @param object $asn1 * @access private / function _mapInExtensions(&$root, $path, $asn1) { $extensions = &$this->_subArrayUnchecked($root, $path); if ($extensions) { for ($i = 0; $i < count($extensions); $i++) { $id = $extensions[$i]['extnId']; $value = &$extensions[$i]['extnValue']; $value = base64_decode($value); $decoded = $asn1->decodeBER($value); / [extnValue] contains the DER encoding of an ASN.1 value corresponding to the extension type identified by extnID / $map = $this->_getMapping($id); if (!is_bool($map)) { $decoder = $id == 'id-ce-nameConstraints' ? array($this, '_decodeNameConstraintIP') : array($this, '_decodeIP'); $mapped = $asn1->asn1map($decoded[0], $map, array('iPAddress' => $decoder)); $value = $mapped === false ? $decoded[0] : $mapped; if ($id == 'id-ce-certificatePolicies') { for ($j = 0; $j < count($value); $j++) { if (!isset($value[$j]['policyQualifiers'])) { continue; } for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) { $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId']; $map = $this->_getMapping($subid); $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; if ($map !== false) { $decoded = $asn1->decodeBER($subvalue); $mapped = $asn1->asn1map($decoded[0], $map); $subvalue = $mapped === false ? $decoded[0] : $mapped; } } } } } else { $value = base64_encode($value); } } } } /* * Map extension values from extension-specific internal format to * octet string. * * @param array ref $root * @param string $path * @param object $asn1 * @access private / function _mapOutExtensions(&$root, $path, $asn1) { $extensions = &$this->_subArray($root, $path); if (is_array($extensions)) { $size = count($extensions); for ($i = 0; $i < $size; $i++) { if (is_object($extensions[$i]) && strtolower(get_class($extensions[$i])) == 'file_asn1_element') { continue; } $id = $extensions[$i]['extnId']; $value = &$extensions[$i]['extnValue']; switch ($id) { case 'id-ce-certificatePolicies': for ($j = 0; $j < count($value); $j++) { if (!isset($value[$j]['policyQualifiers'])) { continue; } for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) { $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId']; $map = $this->_getMapping($subid); $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; if ($map !== false) { // by default File_ASN1 will try to render qualifier as a FILE_ASN1_TYPE_IA5_STRING since it's // actual type is FILE_ASN1_TYPE_ANY $subvalue = new File_ASN1_Element($asn1->encodeDER($subvalue, $map)); } } } break; case 'id-ce-authorityKeyIdentifier': // use 00 as the serial number instead of an empty string if (isset($value['authorityCertSerialNumber'])) { if ($value['authorityCertSerialNumber']->toBytes() == '') { $temp = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) \| 2) . "\1\0"; $value['authorityCertSerialNumber'] = new File_ASN1_Element($temp); } } } / [extnValue] contains the DER encoding of an ASN.1 value corresponding to the extension type identified by extnID / $map = $this->_getMapping($id); if (is_bool($map)) { if (!$map) { user_error($id . ' is not a currently supported extension'); unset($extensions[$i]); } } else { $temp = $asn1->encodeDER($value, $map, array('iPAddress' => array($this, '_encodeIP'))); $value = base64_encode($temp); } } } } /* * Map attribute values from ANY type to attribute-specific internal * format. * * @param array ref $root * @param string $path * @param object $asn1 * @access private / function _mapInAttributes(&$root, $path, $asn1) { $attributes = &$this->_subArray($root, $path); if (is_array($attributes)) { for ($i = 0; $i < count($attributes); $i++) { $id = $attributes[$i]['type']; / $value contains the DER encoding of an ASN.1 value corresponding to the attribute type identified by type / $map = $this->_getMapping($id); if (is_array($attributes[$i]['value'])) { $values = &$attributes[$i]['value']; for ($j = 0; $j < count($values); $j++) { $value = $asn1->encodeDER($values[$j], $this->AttributeValue); $decoded = $asn1->decodeBER($value); if (!is_bool($map)) { $mapped = $asn1->asn1map($decoded[0], $map); if ($mapped !== false) { $values[$j] = $mapped; } if ($id == 'pkcs-9-at-extensionRequest' && $this->_isSubArrayValid($values, $j)) { $this->_mapInExtensions($values, $j, $asn1); } } elseif ($map) { $values[$j] = base64_encode($value); } } } } } } /* * Map attribute values from attribute-specific internal format to * ANY type. * * @param array ref $root * @param string $path * @param object $asn1 * @access private / function _mapOutAttributes(&$root, $path, $asn1) { $attributes = &$this->_subArray($root, $path); if (is_array($attributes)) { $size = count($attributes); for ($i = 0; $i < $size; $i++) { / [value] contains the DER encoding of an ASN.1 value corresponding to the attribute type identified by type / $id = $attributes[$i]['type']; $map = $this->_getMapping($id); if ($map === false) { user_error($id . ' is not a currently supported attribute', E_USER_NOTICE); unset($attributes[$i]); } elseif (is_array($attributes[$i]['value'])) { $values = &$attributes[$i]['value']; for ($j = 0; $j < count($values); $j++) { switch ($id) { case 'pkcs-9-at-extensionRequest': $this->_mapOutExtensions($values, $j, $asn1); break; } if (!is_bool($map)) { $temp = $asn1->encodeDER($values[$j], $map); $decoded = $asn1->decodeBER($temp); $values[$j] = $asn1->asn1map($decoded[0], $this->AttributeValue); } } } } } } /* * Map DN values from ANY type to DN-specific internal * format. * * @param array ref $root * @param string $path * @param object $asn1 * @access private / function _mapInDNs(&$root, $path, $asn1) { $dns = &$this->_subArray($root, $path); if (is_array($dns)) { for ($i = 0; $i < count($dns); $i++) { for ($j = 0; $j < count($dns[$i]); $j++) { $type = $dns[$i][$j]['type']; $value = &$dns[$i][$j]['value']; if (is_object($value) && strtolower(get_class($value)) == 'file_asn1_element') { $map = $this->_getMapping($type); if (!is_bool($map)) { $decoded = $asn1->decodeBER($value); $value = $asn1->asn1map($decoded[0], $map); } } } } } } /* * Map DN values from DN-specific internal format to * ANY type. * * @param array ref $root * @param string $path * @param object $asn1 * @access private / function _mapOutDNs(&$root, $path, $asn1) { $dns = &$this->_subArray($root, $path); if (is_array($dns)) { $size = count($dns); for ($i = 0; $i < $size; $i++) { for ($j = 0; $j < count($dns[$i]); $j++) { $type = $dns[$i][$j]['type']; $value = &$dns[$i][$j]['value']; if (is_object($value) && strtolower(get_class($value)) == 'file_asn1_element') { continue; } $map = $this->_getMapping($type); if (!is_bool($map)) { $value = new File_ASN1_Element($asn1->encodeDER($value, $map)); } } } } } /* * Associate an extension ID to an extension mapping * * @param string $extnId * @access private * @return mixed / function _getMapping($extnId) { if (!is_string($extnId)) { // eg. if it's a File_ASN1_Element object return true; } switch ($extnId) { case 'id-ce-keyUsage': return $this->KeyUsage; case 'id-ce-basicConstraints': return $this->BasicConstraints; case 'id-ce-subjectKeyIdentifier': return $this->KeyIdentifier; case 'id-ce-cRLDistributionPoints': return $this->CRLDistributionPoints; case 'id-ce-authorityKeyIdentifier': return $this->AuthorityKeyIdentifier; case 'id-ce-certificatePolicies': return $this->CertificatePolicies; case 'id-ce-extKeyUsage': return $this->ExtKeyUsageSyntax; case 'id-pe-authorityInfoAccess': return $this->AuthorityInfoAccessSyntax; case 'id-pe-subjectInfoAccess': return $this->SubjectInfoAccessSyntax; case 'id-ce-subjectAltName': return $this->SubjectAltName; case 'id-ce-subjectDirectoryAttributes': return $this->SubjectDirectoryAttributes; case 'id-ce-privateKeyUsagePeriod': return $this->PrivateKeyUsagePeriod; case 'id-ce-issuerAltName': return $this->IssuerAltName; case 'id-ce-policyMappings': return $this->PolicyMappings; case 'id-ce-nameConstraints': return $this->NameConstraints; case 'netscape-cert-type': return $this->netscape_cert_type; case 'netscape-comment': return $this->netscape_comment; case 'netscape-ca-policy-url': return $this->netscape_ca_policy_url; // since id-qt-cps isn't a constructed type it will have already been decoded as a string by the time it gets // back around to asn1map() and we don't want it decoded again. //case 'id-qt-cps': // return $this->CPSuri; case 'id-qt-unotice': return $this->UserNotice; // the following OIDs are unsupported but we don't want them to give notices when calling saveX509(). case 'id-pe-logotype': // http://www.ietf.org/rfc/rfc3709.txt case 'entrustVersInfo': // http://support.microsoft.com/kb/287547 case '1.3.6.1.4.1.311.20.2': // szOID_ENROLL_CERTTYPE_EXTENSION case '1.3.6.1.4.1.311.21.1': // szOID_CERTSRV_CA_VERSION // "SET Secure Electronic Transaction Specification" // http://www.maithean.com/docs/set_bk3.pdf case '2.23.42.7.0': // id-set-hashedRootKey // "Certificate Transparency" // https://tools.ietf.org/html/rfc6962 case '1.3.6.1.4.1.11129.2.4.2': // "Qualified Certificate statements" // https://tools.ietf.org/html/rfc3739#section-3.2.6 case '1.3.6.1.5.5.7.1.3': return true; // CSR attributes case 'pkcs-9-at-unstructuredName': return $this->PKCS9String; case 'pkcs-9-at-challengePassword': return $this->DirectoryString; case 'pkcs-9-at-extensionRequest': return $this->Extensions; // CRL extensions. case 'id-ce-cRLNumber': return $this->CRLNumber; case 'id-ce-deltaCRLIndicator': return $this->CRLNumber; case 'id-ce-issuingDistributionPoint': return $this->IssuingDistributionPoint; case 'id-ce-freshestCRL': return $this->CRLDistributionPoints; case 'id-ce-cRLReasons': return $this->CRLReason; case 'id-ce-invalidityDate': return $this->InvalidityDate; case 'id-ce-certificateIssuer': return $this->CertificateIssuer; case 'id-ce-holdInstructionCode': return $this->HoldInstructionCode; case 'id-at-postalAddress': return $this->PostalAddress; } return false; } /* * Load an X.509 certificate as a certificate authority * * @param string $cert * @access public * @return bool / function loadCA($cert) { $olddn = $this->dn; $oldcert = $this->currentCert; $oldsigsubj = $this->signatureSubject; $oldkeyid = $this->currentKeyIdentifier; $cert = $this->loadX509($cert); if (!$cert) { $this->dn = $olddn; $this->currentCert = $oldcert; $this->signatureSubject = $oldsigsubj; $this->currentKeyIdentifier = $oldkeyid; return false; } / From RFC5280 "PKIX Certificate and CRL Profile": If the keyUsage extension is present, then the subject public key MUST NOT be used to verify signatures on certificates or CRLs unless the corresponding keyCertSign or cRLSign bit is set. / //$keyUsage = $this->getExtension('id-ce-keyUsage'); //if ($keyUsage && !in_array('keyCertSign', $keyUsage)) { // return false; //} / From RFC5280 "PKIX Certificate and CRL Profile": The cA boolean indicates whether the certified public key may be used to verify certificate signatures. If the cA boolean is not asserted, then the keyCertSign bit in the key usage extension MUST NOT be asserted. If the basic constraints extension is not present in a version 3 certificate, or the extension is present but the cA boolean is not asserted, then the certified public key MUST NOT be used to verify certificate signatures. / //$basicConstraints = $this->getExtension('id-ce-basicConstraints'); //if (!$basicConstraints \|\| !$basicConstraints['cA']) { // return false; //} $this->CAs[] = $cert; $this->dn = $olddn; $this->currentCert = $oldcert; $this->signatureSubject = $oldsigsubj; return true; } /* * Validate an X.509 certificate against a URL * * From RFC2818 "HTTP over TLS": * * Matching is performed using the matching rules specified by * [RFC2459]. If more than one identity of a given type is present in * the certificate (e.g., more than one dNSName name, a match in any one * of the set is considered acceptable.) Names may contain the wildcard * character * which is considered to match any single domain name * component or component fragment. E.g., .a.com matches foo.a.com but not bar.foo.a.com. f.com matches foo.com but not bar.com. * @param string $url * @access public * @return bool / function validateURL($url) { if (!is_array($this->currentCert) \|\| !isset($this->currentCert['tbsCertificate'])) { return false; } $components = parse_url($url); if (!isset($components['host'])) { return false; } if ($names = $this->getExtension('id-ce-subjectAltName')) { foreach ($names as $name) { foreach ($name as $key => $value) { $value = str_replace(array('.', ''), array('\.', '[^.]'), $value); switch ($key) { case 'dNSName': / From RFC2818 "HTTP over TLS": If a subjectAltName extension of type dNSName is present, that MUST be used as the identity. Otherwise, the (most specific) Common Name field in the Subject field of the certificate MUST be used. Although the use of the Common Name is existing practice, it is deprecated and Certification Authorities are encouraged to use the dNSName instead. / if (preg_match('#^' . $value . '$#', $components['host'])) { return true; } break; case 'iPAddress': / From RFC2818 "HTTP over TLS": In some cases, the URI is specified as an IP address rather than a hostname. In this case, the iPAddress subjectAltName must be present in the certificate and must exactly match the IP in the URI. / if (preg_match('#(?:\d{1-3}\.){4}#', $components['host'] . '.') && preg_match('#^' . $value . '$#', $components['host'])) { return true; } } } } return false; } if ($value = $this->getDNProp('id-at-commonName')) { $value = str_replace(array('.', ''), array('\.', '[^.]'), $value[0]); return preg_match('#^' . $value . '$#', $components['host']); } return false; } /* * Validate a date * * If $date isn't defined it is assumed to be the current date. * * @param \DateTime\|int\|string $date optional * @access public / function validateDate($date = null) { if (!is_array($this->currentCert) \|\| !isset($this->currentCert['tbsCertificate'])) { return false; } if (!isset($date)) { $date = class_exists('DateTime') ? new DateTime(null, new DateTimeZone(@date_default_timezone_get())) : time(); } $notBefore = $this->currentCert['tbsCertificate']['validity']['notBefore']; $notBefore = isset($notBefore['generalTime']) ? $notBefore['generalTime'] : $notBefore['utcTime']; $notAfter = $this->currentCert['tbsCertificate']['validity']['notAfter']; $notAfter = isset($notAfter['generalTime']) ? $notAfter['generalTime'] : $notAfter['utcTime']; switch (true) { case is_string($date) && class_exists('DateTime'): $date = new DateTime($date, new DateTimeZone(@date_default_timezone_get())); case is_object($date) && strtolower(get_class($date)) == 'datetime': $notBefore = new DateTime($notBefore, new DateTimeZone(@date_default_timezone_get())); $notAfter = new DateTime($notAfter, new DateTimeZone(@date_default_timezone_get())); break; case is_string($date): $date = @strtotime($date); default: $notBefore = @strtotime($notBefore); $notAfter = @strtotime($notAfter); } switch (true) { case $date < $notBefore: case $date > $notAfter: return false; } return true; } /* * Fetches a URL * * @param string $url * @access private * @return bool\|string / function _fetchURL($url) { if ($this->disable_url_fetch) { return false; } $parts = parse_url($url); $data = ''; switch ($parts['scheme']) { case 'http': $fsock = @fsockopen($parts['host'], isset($parts['port']) ? $parts['port'] : 80); if (!$fsock) { return false; } fputs($fsock, "GET $parts[path] HTTP/1.0\r\n"); fputs($fsock, "Host: $parts[host]\r\n\r\n"); $line = fgets($fsock, 1024); if (strlen($line) < 3) { return false; } preg_match('#HTTP/1.\d (\d{3})#', $line, $temp); if ($temp[1] != '200') { return false; } // skip the rest of the headers in the http response while (!feof($fsock) && fgets($fsock, 1024) != "\r\n") { } while (!feof($fsock)) { $data.= fread($fsock, 1024); } break; //case 'ftp': //case 'ldap': //default: } return $data; } /* * Validates an intermediate cert as identified via authority info access extension * * See https://tools.ietf.org/html/rfc4325 for more info * * @param bool $caonly * @param int $count * @access private * @return bool / function _testForIntermediate($caonly, $count) { $opts = $this->getExtension('id-pe-authorityInfoAccess'); if (!is_array($opts)) { return false; } foreach ($opts as $opt) { if ($opt['accessMethod'] == 'id-ad-caIssuers') { // accessLocation is a GeneralName. GeneralName fields support stuff like email addresses, IP addresses, LDAP, // etc, but we're only supporting URI's. URI's and LDAP are the only thing https://tools.ietf.org/html/rfc4325 // discusses if (isset($opt['accessLocation']['uniformResourceIdentifier'])) { $url = $opt['accessLocation']['uniformResourceIdentifier']; break; } } } if (!isset($url)) { return false; } $cert = $this->_fetchURL($url); if (!is_string($cert)) { return false; } $parent = new static(); $parent->CAs = $this->CAs; / "Conforming applications that support HTTP or FTP for accessing certificates MUST be able to accept .cer files and SHOULD be able to accept .p7c files." -- https://tools.ietf.org/html/rfc4325 A .p7c file is 'a "certs-only" CMS message as specified in RFC 2797" These are currently unsupported / if (!is_array($parent->loadX509($cert))) { return false; } if (!$parent->_validateSignatureCountable($caonly, ++$count)) { return false; } $this->CAs[] = $parent->currentCert; //$this->loadCA($cert); return true; } /* * Validate a signature * * Works on X.509 certs, CSR's and CRL's. * Returns true if the signature is verified, false if it is not correct or null on error * * By default returns false for self-signed certs. Call validateSignature(false) to make this support * self-signed. * * The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}. * * @param bool $caonly optional * @access public * @return mixed / function validateSignature($caonly = true) { return $this->_validateSignatureCountable($caonly, 0); } /* * Validate a signature * * Performs said validation whilst keeping track of how many times validation method is called * * @param bool $caonly * @param int $count * @access private * @return mixed / function _validateSignatureCountable($caonly, $count) { if (!is_array($this->currentCert) \|\| !isset($this->signatureSubject)) { return null; } if ($count == $this->recur_limit) { return false; } / TODO: "emailAddress attribute values are not case-sensitive (e.g., "subscriber@example.com" is the same as "SUBSCRIBER@EXAMPLE.COM")." -- http://tools.ietf.org/html/rfc5280#section-4.1.2.6 implement pathLenConstraint in the id-ce-basicConstraints extension / switch (true) { case isset($this->currentCert['tbsCertificate']): // self-signed cert switch (true) { case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertificate']['issuer'] === $this->currentCert['tbsCertificate']['subject']: case defined('FILE_X509_IGNORE_TYPE') && $this->getIssuerDN(FILE_X509_DN_STRING) === $this->getDN(FILE_X509_DN_STRING): $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier'); switch (true) { case !is_array($authorityKey): case !$subjectKeyID: case isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: $signingCert = $this->currentCert; // working cert } } if (!empty($this->CAs)) { for ($i = 0; $i < count($this->CAs); $i++) { // even if the cert is a self-signed one we still want to see if it's a CA; // if not, we'll conditionally return an error $ca = $this->CAs[$i]; switch (true) { case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']: case defined('FILE_X509_IGNORE_TYPE') && $this->getDN(FILE_X509_DN_STRING, $this->currentCert['tbsCertificate']['issuer']) === $this->getDN(FILE_X509_DN_STRING, $ca['tbsCertificate']['subject']): $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); switch (true) { case !is_array($authorityKey): case !$subjectKeyID: case isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: if (is_array($authorityKey) && isset($authorityKey['authorityCertSerialNumber']) && !$authorityKey['authorityCertSerialNumber']->equals($ca['tbsCertificate']['serialNumber'])) { break 2; // serial mismatch - check other ca } $signingCert = $ca; // working cert break 3; } } } if (count($this->CAs) == $i && $caonly) { return $this->_testForIntermediate($caonly, $count) && $this->validateSignature($caonly); } } elseif (!isset($signingCert) \|\| $caonly) { return $this->_testForIntermediate($caonly, $count) && $this->validateSignature($caonly); } return $this->_validateSignature( $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], $this->currentCert['signatureAlgorithm']['algorithm'], substr(base64_decode($this->currentCert['signature']), 1), $this->signatureSubject ); case isset($this->currentCert['certificationRequestInfo']): return $this->_validateSignature( $this->currentCert['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm'], $this->currentCert['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], $this->currentCert['signatureAlgorithm']['algorithm'], substr(base64_decode($this->currentCert['signature']), 1), $this->signatureSubject ); case isset($this->currentCert['publicKeyAndChallenge']): return $this->_validateSignature( $this->currentCert['publicKeyAndChallenge']['spki']['algorithm']['algorithm'], $this->currentCert['publicKeyAndChallenge']['spki']['subjectPublicKey'], $this->currentCert['signatureAlgorithm']['algorithm'], substr(base64_decode($this->currentCert['signature']), 1), $this->signatureSubject ); case isset($this->currentCert['tbsCertList']): if (!empty($this->CAs)) { for ($i = 0; $i < count($this->CAs); $i++) { $ca = $this->CAs[$i]; switch (true) { case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertList']['issuer'] === $ca['tbsCertificate']['subject']: case defined('FILE_X509_IGNORE_TYPE') && $this->getDN(FILE_X509_DN_STRING, $this->currentCert['tbsCertList']['issuer']) === $this->getDN(FILE_X509_DN_STRING, $ca['tbsCertificate']['subject']): $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); switch (true) { case !is_array($authorityKey): case !$subjectKeyID: case isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: if (is_array($authorityKey) && isset($authorityKey['authorityCertSerialNumber']) && !$authorityKey['authorityCertSerialNumber']->equals($ca['tbsCertificate']['serialNumber'])) { break 2; // serial mismatch - check other ca } $signingCert = $ca; // working cert break 3; } } } } if (!isset($signingCert)) { return false; } return $this->_validateSignature( $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], $this->currentCert['signatureAlgorithm']['algorithm'], substr(base64_decode($this->currentCert['signature']), 1), $this->signatureSubject ); default: return false; } } /* * Validates a signature * * Returns true if the signature is verified, false if it is not correct or null on error * * @param string $publicKeyAlgorithm * @param string $publicKey * @param string $signatureAlgorithm * @param string $signature * @param string $signatureSubject * @access private * @return int / function _validateSignature($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject) { switch ($publicKeyAlgorithm) { case 'rsaEncryption': if (!class_exists('Crypt_RSA')) { include_once 'Crypt/RSA.php'; } $rsa = new Crypt_RSA(); $rsa->loadKey($publicKey); switch ($signatureAlgorithm) { case 'md2WithRSAEncryption': case 'md5WithRSAEncryption': case 'sha1WithRSAEncryption': case 'sha224WithRSAEncryption': case 'sha256WithRSAEncryption': case 'sha384WithRSAEncryption': case 'sha512WithRSAEncryption': $rsa->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm)); $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); if (!@$rsa->verify($signatureSubject, $signature)) { return false; } break; default: return null; } break; default: return null; } return true; } /* * Sets the recursion limit * * When validating a signature it may be necessary to download intermediate certs from URI's. * An intermediate cert that linked to itself would result in an infinite loop so to prevent * that we set a recursion limit. A negative number means that there is no recursion limit. * * @param int $count * @access public / function setRecurLimit($count) { $this->recur_limit = $count; } /* * Prevents URIs from being automatically retrieved * * @access public / function disableURLFetch() { $this->disable_url_fetch = true; } /* * Allows URIs to be automatically retrieved * * @access public / function enableURLFetch() { $this->disable_url_fetch = false; } /* * Reformat public keys * * Reformats a public key to a format supported by phpseclib (if applicable) * * @param string $algorithm * @param string $key * @access private * @return string / function _reformatKey($algorithm, $key) { switch ($algorithm) { case 'rsaEncryption': return "-----BEGIN RSA PUBLIC KEY-----\r\n" . // subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits // in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox // uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do. chunk_split(base64_encode(substr(base64_decode($key), 1)), 64) . '-----END RSA PUBLIC KEY-----'; default: return $key; } } /* * Decodes an IP address * * Takes in a base64 encoded "blob" and returns a human readable IP address * * @param string $ip * @access private * @return string / function _decodeIP($ip) { $ip = base64_decode($ip); list(, $ip) = unpack('N', $ip); return long2ip($ip); } /* * Decodes an IP address in a name constraints extension * * Takes in a base64 encoded "blob" and returns a human readable IP address / mask * * @param string $ip * @access private * @return array / function _decodeNameConstraintIP($ip) { $ip = base64_decode($ip); list(, $ip, $mask) = unpack('N2', $ip); return [long2ip($ip), long2ip($mask)]; } /* * Encodes an IP address * * Takes a human readable IP address into a base64-encoded "blob" * * @param string\|array $ip * @access private * @return string / function _encodeIP($ip) { return is_string($ip) ? base64_encode(pack('N', ip2long($ip))) : base64_encode(pack('NN', ip2long($ip[0]), ip2long($ip[1]))); } /* * "Normalizes" a Distinguished Name property * * @param string $propName * @access private * @return mixed / function _translateDNProp($propName) { switch (strtolower($propName)) { case 'id-at-countryname': case 'countryname': case 'c': return 'id-at-countryName'; case 'id-at-organizationname': case 'organizationname': case 'o': return 'id-at-organizationName'; case 'id-at-dnqualifier': case 'dnqualifier': return 'id-at-dnQualifier'; case 'id-at-commonname': case 'commonname': case 'cn': return 'id-at-commonName'; case 'id-at-stateorprovincename': case 'stateorprovincename': case 'state': case 'province': case 'provincename': case 'st': return 'id-at-stateOrProvinceName'; case 'id-at-localityname': case 'localityname': case 'l': return 'id-at-localityName'; case 'id-emailaddress': case 'emailaddress': return 'pkcs-9-at-emailAddress'; case 'id-at-serialnumber': case 'serialnumber': return 'id-at-serialNumber'; case 'id-at-postalcode': case 'postalcode': return 'id-at-postalCode'; case 'id-at-streetaddress': case 'streetaddress': return 'id-at-streetAddress'; case 'id-at-name': case 'name': return 'id-at-name'; case 'id-at-givenname': case 'givenname': return 'id-at-givenName'; case 'id-at-surname': case 'surname': case 'sn': return 'id-at-surname'; case 'id-at-initials': case 'initials': return 'id-at-initials'; case 'id-at-generationqualifier': case 'generationqualifier': return 'id-at-generationQualifier'; case 'id-at-organizationalunitname': case 'organizationalunitname': case 'ou': return 'id-at-organizationalUnitName'; case 'id-at-pseudonym': case 'pseudonym': return 'id-at-pseudonym'; case 'id-at-title': case 'title': return 'id-at-title'; case 'id-at-description': case 'description': return 'id-at-description'; case 'id-at-role': case 'role': return 'id-at-role'; case 'id-at-uniqueidentifier': case 'uniqueidentifier': case 'x500uniqueidentifier': return 'id-at-uniqueIdentifier'; case 'postaladdress': case 'id-at-postaladdress': return 'id-at-postalAddress'; default: return false; } } /* * Set a Distinguished Name property * * @param string $propName * @param mixed $propValue * @param string $type optional * @access public * @return bool / function setDNProp($propName, $propValue, $type = 'utf8String') { if (empty($this->dn)) { $this->dn = array('rdnSequence' => array()); } if (($propName = $this->_translateDNProp($propName)) === false) { return false; } foreach ((array) $propValue as $v) { if (!is_array($v) && isset($type)) { $v = array($type => $v); } $this->dn['rdnSequence'][] = array( array( 'type' => $propName, 'value'=> $v ) ); } return true; } /* * Remove Distinguished Name properties * * @param string $propName * @access public / function removeDNProp($propName) { if (empty($this->dn)) { return; } if (($propName = $this->_translateDNProp($propName)) === false) { return; } $dn = &$this->dn['rdnSequence']; $size = count($dn); for ($i = 0; $i < $size; $i++) { if ($dn[$i][0]['type'] == $propName) { unset($dn[$i]); } } $dn = array_values($dn); // fix for https://bugs.php.net/75433 affecting PHP 7.2 if (!isset($dn[0])) { $dn = array_splice($dn, 0, 0); } } /* * Get Distinguished Name properties * * @param string $propName * @param array $dn optional * @param bool $withType optional * @return mixed * @access public / function getDNProp($propName, $dn = null, $withType = false) { if (!isset($dn)) { $dn = $this->dn; } if (empty($dn)) { return false; } if (($propName = $this->_translateDNProp($propName)) === false) { return false; } $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $filters = array(); $filters['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); $asn1->loadFilters($filters); $this->_mapOutDNs($dn, 'rdnSequence', $asn1); $dn = $dn['rdnSequence']; $result = array(); for ($i = 0; $i < count($dn); $i++) { if ($dn[$i][0]['type'] == $propName) { $v = $dn[$i][0]['value']; if (!$withType) { if (is_array($v)) { foreach ($v as $type => $s) { $type = array_search($type, $asn1->ANYmap, true); if ($type !== false && isset($asn1->stringTypeSize[$type])) { $s = $asn1->convert($s, $type); if ($s !== false) { $v = $s; break; } } } if (is_array($v)) { $v = array_pop($v); // Always strip data type. } } elseif (is_object($v) && strtolower(get_class($v)) == 'file_asn1_element') { $map = $this->_getMapping($propName); if (!is_bool($map)) { $decoded = $asn1->decodeBER($v); $v = $asn1->asn1map($decoded[0], $map); } } } $result[] = $v; } } return $result; } /* * Set a Distinguished Name * * @param mixed $dn * @param bool $merge optional * @param string $type optional * @access public * @return bool / function setDN($dn, $merge = false, $type = 'utf8String') { if (!$merge) { $this->dn = null; } if (is_array($dn)) { if (isset($dn['rdnSequence'])) { $this->dn = $dn; // No merge here. return true; } // handles stuff generated by openssl_x509_parse() foreach ($dn as $prop => $value) { if (!$this->setDNProp($prop, $value, $type)) { return false; } } return true; } // handles everything else $results = preg_split('#((?:^\|, \|/)(?:C=\|O=\|OU=\|CN=\|L=\|ST=\|SN=\|postalCode=\|streetAddress=\|emailAddress=\|serialNumber=\|organizationalUnitName=\|title=\|description=\|role=\|x500UniqueIdentifier=\|postalAddress=))#', $dn, -1, PREG_SPLIT_DELIM_CAPTURE); for ($i = 1; $i < count($results); $i+=2) { $prop = trim($results[$i], ', =/'); $value = $results[$i + 1]; if (!$this->setDNProp($prop, $value, $type)) { return false; } } return true; } /** * Get the Distinguished Name for a certificates subject * * @param mixed $format optional * @param array $dn optional * @access public * @return bool / function getDN($format = FILE_X509_DN_ARRAY, $dn = null) { if (!isset($dn)) { $dn = isset($this->currentCert['tbsCertList']) ? $this->currentCert['tbsCertList']['issuer'] : $this->dn; } switch ((int) $format) { case FILE_X509_DN_ARRAY: return $dn; case FILE_X509_DN_ASN1: $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $filters = array(); $filters['rdnSequence']['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); $asn1->loadFilters($filters); $this->_mapOutDNs($dn, 'rdnSequence', $asn1); return $asn1->encodeDER($dn, $this->Name); case FILE_X509_DN_CANON: // No SEQUENCE around RDNs and all string values normalized as // trimmed lowercase UTF-8 with all spacing as one blank. // constructed RDNs will not be canonicalized $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $filters = array(); $filters['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); $asn1->loadFilters($filters); $result = ''; $this->_mapOutDNs($dn, 'rdnSequence', $asn1); foreach ($dn['rdnSequence'] as $rdn) { foreach ($rdn as $i => $attr) { $attr = &$rdn[$i]; if (is_array($attr['value'])) { foreach ($attr['value'] as $type => $v) { $type = array_search($type, $asn1->ANYmap, true); if ($type !== false && isset($asn1->stringTypeSize[$type])) { $v = $asn1->convert($v, $type); if ($v !== false) { $v = preg_replace('/\s+/', ' ', $v); $attr['value'] = strtolower(trim($v)); break; } } } } } $result .= $asn1->encodeDER($rdn, $this->RelativeDistinguishedName); } return $result; case FILE_X509_DN_HASH: $dn = $this->getDN(FILE_X509_DN_CANON, $dn); if (!class_exists('Crypt_Hash')) { include_once 'Crypt/Hash.php'; } $hash = new Crypt_Hash('sha1'); $hash = $hash->hash($dn); extract(unpack('Vhash', $hash)); return strtolower(bin2hex(pack('N', $hash))); } // Default is to return a string. $start = true; $output = ''; $result = array(); $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $filters = array(); $filters['rdnSequence']['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); $asn1->loadFilters($filters); $this->_mapOutDNs($dn, 'rdnSequence', $asn1); foreach ($dn['rdnSequence'] as $field) { $prop = $field[0]['type']; $value = $field[0]['value']; $delim = ', '; switch ($prop) { case 'id-at-countryName': $desc = 'C'; break; case 'id-at-stateOrProvinceName': $desc = 'ST'; break; case 'id-at-organizationName': $desc = 'O'; break; case 'id-at-organizationalUnitName': $desc = 'OU'; break; case 'id-at-commonName': $desc = 'CN'; break; case 'id-at-localityName': $desc = 'L'; break; case 'id-at-surname': $desc = 'SN'; break; case 'id-at-uniqueIdentifier': $delim = '/'; $desc = 'x500UniqueIdentifier'; break; case 'id-at-postalAddress': $delim = '/'; $desc = 'postalAddress'; break; default: $delim = '/'; $desc = preg_replace('#.+-([^-]+)$#', '$1', $prop); } if (!$start) { $output.= $delim; } if (is_array($value)) { foreach ($value as $type => $v) { $type = array_search($type, $asn1->ANYmap, true); if ($type !== false && isset($asn1->stringTypeSize[$type])) { $v = $asn1->convert($v, $type); if ($v !== false) { $value = $v; break; } } } if (is_array($value)) { $value = array_pop($value); // Always strip data type. } } elseif (is_object($value) && strtolower(get_class($value)) == 'file_asn1_element') { // @codingStandardsIgnoreStart $callback = version_compare(PHP_VERSION, '5.3.0') >= 0 ? function ($x) { return "\x" . bin2hex($x[0]); } : create_function('$x', 'return "\x" . bin2hex($x[0]);'); // @codingStandardsIgnoreEnd $value = strtoupper(preg_replace_callback('#[^\x20-\x7E]#', $callback, $value->element)); } $output.= $desc . '=' . $value; $result[$desc] = isset($result[$desc]) ? array_merge((array) $result[$desc], array($value)) : $value; $start = false; } return $format == FILE_X509_DN_OPENSSL ? $result : $output; } /* * Get the Distinguished Name for a certificate/crl issuer * * @param int $format optional * @access public * @return mixed / function getIssuerDN($format = FILE_X509_DN_ARRAY) { switch (true) { case !isset($this->currentCert) \|\| !is_array($this->currentCert): break; case isset($this->currentCert['tbsCertificate']): return $this->getDN($format, $this->currentCert['tbsCertificate']['issuer']); case isset($this->currentCert['tbsCertList']): return $this->getDN($format, $this->currentCert['tbsCertList']['issuer']); } return false; } /* * Get the Distinguished Name for a certificate/csr subject * Alias of getDN() * * @param int $format optional * @access public * @return mixed / function getSubjectDN($format = FILE_X509_DN_ARRAY) { switch (true) { case !empty($this->dn): return $this->getDN($format); case !isset($this->currentCert) \|\| !is_array($this->currentCert): break; case isset($this->currentCert['tbsCertificate']): return $this->getDN($format, $this->currentCert['tbsCertificate']['subject']); case isset($this->currentCert['certificationRequestInfo']): return $this->getDN($format, $this->currentCert['certificationRequestInfo']['subject']); } return false; } /* * Get an individual Distinguished Name property for a certificate/crl issuer * * @param string $propName * @param bool $withType optional * @access public * @return mixed / function getIssuerDNProp($propName, $withType = false) { switch (true) { case !isset($this->currentCert) \|\| !is_array($this->currentCert): break; case isset($this->currentCert['tbsCertificate']): return $this->getDNProp($propName, $this->currentCert['tbsCertificate']['issuer'], $withType); case isset($this->currentCert['tbsCertList']): return $this->getDNProp($propName, $this->currentCert['tbsCertList']['issuer'], $withType); } return false; } /* * Get an individual Distinguished Name property for a certificate/csr subject * * @param string $propName * @param bool $withType optional * @access public * @return mixed / function getSubjectDNProp($propName, $withType = false) { switch (true) { case !empty($this->dn): return $this->getDNProp($propName, null, $withType); case !isset($this->currentCert) \|\| !is_array($this->currentCert): break; case isset($this->currentCert['tbsCertificate']): return $this->getDNProp($propName, $this->currentCert['tbsCertificate']['subject'], $withType); case isset($this->currentCert['certificationRequestInfo']): return $this->getDNProp($propName, $this->currentCert['certificationRequestInfo']['subject'], $withType); } return false; } /* * Get the certificate chain for the current cert * * @access public * @return mixed / function getChain() { $chain = array($this->currentCert); if (!is_array($this->currentCert) \|\| !isset($this->currentCert['tbsCertificate'])) { return false; } if (empty($this->CAs)) { return $chain; } while (true) { $currentCert = $chain[count($chain) - 1]; for ($i = 0; $i < count($this->CAs); $i++) { $ca = $this->CAs[$i]; if ($currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']) { $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier', $currentCert); $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); switch (true) { case !is_array($authorityKey): case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: if ($currentCert === $ca) { break 3; } $chain[] = $ca; break 2; } } } if ($i == count($this->CAs)) { break; } } foreach ($chain as $key => $value) { $chain[$key] = new File_X509(); $chain[$key]->loadX509($value); } return $chain; } /* * Set public key * * Key needs to be a Crypt_RSA object * * @param object $key * @access public * @return bool / function setPublicKey($key) { $key->setPublicKey(); $this->publicKey = $key; } /* * Set private key * * Key needs to be a Crypt_RSA object * * @param object $key * @access public / function setPrivateKey($key) { $this->privateKey = $key; } /* * Set challenge * * Used for SPKAC CSR's * * @param string $challenge * @access public / function setChallenge($challenge) { $this->challenge = $challenge; } /* * Gets the public key * * Returns a Crypt_RSA object or a false. * * @access public * @return mixed / function getPublicKey() { if (isset($this->publicKey)) { return $this->publicKey; } if (isset($this->currentCert) && is_array($this->currentCert)) { foreach (array('tbsCertificate/subjectPublicKeyInfo', 'certificationRequestInfo/subjectPKInfo') as $path) { $keyinfo = $this->_subArray($this->currentCert, $path); if (!empty($keyinfo)) { break; } } } if (empty($keyinfo)) { return false; } $key = $keyinfo['subjectPublicKey']; switch ($keyinfo['algorithm']['algorithm']) { case 'rsaEncryption': if (!class_exists('Crypt_RSA')) { include_once 'Crypt/RSA.php'; } $publicKey = new Crypt_RSA(); $publicKey->loadKey($key); $publicKey->setPublicKey(); break; default: return false; } return $publicKey; } /* * Load a Certificate Signing Request * * @param string $csr * @access public * @return mixed / function loadCSR($csr, $mode = FILE_X509_FORMAT_AUTO_DETECT) { if (is_array($csr) && isset($csr['certificationRequestInfo'])) { unset($this->currentCert); unset($this->currentKeyIdentifier); unset($this->signatureSubject); $this->dn = $csr['certificationRequestInfo']['subject']; if (!isset($this->dn)) { return false; } $this->currentCert = $csr; return $csr; } // see http://tools.ietf.org/html/rfc2986 $asn1 = new File_ASN1(); if ($mode != FILE_X509_FORMAT_DER) { $newcsr = $this->_extractBER($csr); if ($mode == FILE_X509_FORMAT_PEM && $csr == $newcsr) { return false; } $csr = $newcsr; } $orig = $csr; if ($csr === false) { $this->currentCert = false; return false; } $asn1->loadOIDs($this->oids); $decoded = $asn1->decodeBER($csr); if (empty($decoded)) { $this->currentCert = false; return false; } $csr = $asn1->asn1map($decoded[0], $this->CertificationRequest); if (!isset($csr) \|\| $csr === false) { $this->currentCert = false; return false; } $this->_mapInAttributes($csr, 'certificationRequestInfo/attributes', $asn1); $this->_mapInDNs($csr, 'certificationRequestInfo/subject/rdnSequence', $asn1); $this->dn = $csr['certificationRequestInfo']['subject']; $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); $algorithm = &$csr['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm']; $key = &$csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']; $key = $this->_reformatKey($algorithm, $key); switch ($algorithm) { case 'rsaEncryption': if (!class_exists('Crypt_RSA')) { include_once 'Crypt/RSA.php'; } $this->publicKey = new Crypt_RSA(); $this->publicKey->loadKey($key); $this->publicKey->setPublicKey(); break; default: $this->publicKey = null; } $this->currentKeyIdentifier = null; $this->currentCert = $csr; return $csr; } /* * Save CSR request * * @param array $csr * @param int $format optional * @access public * @return string / function saveCSR($csr, $format = FILE_X509_FORMAT_PEM) { if (!is_array($csr) \|\| !isset($csr['certificationRequestInfo'])) { return false; } switch (true) { case !($algorithm = $this->_subArray($csr, 'certificationRequestInfo/subjectPKInfo/algorithm/algorithm')): case is_object($csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']): break; default: switch ($algorithm) { case 'rsaEncryption': $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'] = base64_encode("\0" . base64_decode(preg_replace('#-.+-\|[\r\n]#', '', $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']))); $csr['certificationRequestInfo']['subjectPKInfo']['algorithm']['parameters'] = null; $csr['signatureAlgorithm']['parameters'] = null; $csr['certificationRequestInfo']['signature']['parameters'] = null; } } $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $filters = array(); $filters['certificationRequestInfo']['subject']['rdnSequence']['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); $asn1->loadFilters($filters); $this->_mapOutDNs($csr, 'certificationRequestInfo/subject/rdnSequence', $asn1); $this->_mapOutAttributes($csr, 'certificationRequestInfo/attributes', $asn1); $csr = $asn1->encodeDER($csr, $this->CertificationRequest); switch ($format) { case FILE_X509_FORMAT_DER: return $csr; // case FILE_X509_FORMAT_PEM: default: return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(base64_encode($csr), 64) . '-----END CERTIFICATE REQUEST-----'; } } /* * Load a SPKAC CSR * * SPKAC's are produced by the HTML5 keygen element: * * https://developer.mozilla.org/en-US/docs/HTML/Element/keygen * * @param string $csr * @access public * @return mixed / function loadSPKAC($spkac) { if (is_array($spkac) && isset($spkac['publicKeyAndChallenge'])) { unset($this->currentCert); unset($this->currentKeyIdentifier); unset($this->signatureSubject); $this->currentCert = $spkac; return $spkac; } // see http://www.w3.org/html/wg/drafts/html/master/forms.html#signedpublickeyandchallenge $asn1 = new File_ASN1(); // OpenSSL produces SPKAC's that are preceded by the string SPKAC= $temp = preg_replace('#(?:SPKAC=)\|[ \r\n\\\]#', '', $spkac); $temp = preg_match('#^[a-zA-Z\d/+]={0,2}$#', $temp) ? base64_decode($temp) : false; if ($temp != false) { $spkac = $temp; } $orig = $spkac; if ($spkac === false) { $this->currentCert = false; return false; } $asn1->loadOIDs($this->oids); $decoded = $asn1->decodeBER($spkac); if (empty($decoded)) { $this->currentCert = false; return false; } $spkac = $asn1->asn1map($decoded[0], $this->SignedPublicKeyAndChallenge); if (!isset($spkac) \|\| $spkac === false) { $this->currentCert = false; return false; } $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); $algorithm = &$spkac['publicKeyAndChallenge']['spki']['algorithm']['algorithm']; $key = &$spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']; $key = $this->_reformatKey($algorithm, $key); switch ($algorithm) { case 'rsaEncryption': if (!class_exists('Crypt_RSA')) { include_once 'Crypt/RSA.php'; } $this->publicKey = new Crypt_RSA(); $this->publicKey->loadKey($key); $this->publicKey->setPublicKey(); break; default: $this->publicKey = null; } $this->currentKeyIdentifier = null; $this->currentCert = $spkac; return $spkac; } /** * Save a SPKAC CSR request * * @param array $csr * @param int $format optional * @access public * @return string / function saveSPKAC($spkac, $format = FILE_X509_FORMAT_PEM) { if (!is_array($spkac) \|\| !isset($spkac['publicKeyAndChallenge'])) { return false; } $algorithm = $this->_subArray($spkac, 'publicKeyAndChallenge/spki/algorithm/algorithm'); switch (true) { case !$algorithm: case is_object($spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']): break; default: switch ($algorithm) { case 'rsaEncryption': $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey'] = base64_encode("\0" . base64_decode(preg_replace('#-.+-\|[\r\n]#', '', $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']))); } } $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $spkac = $asn1->encodeDER($spkac, $this->SignedPublicKeyAndChallenge); switch ($format) { case FILE_X509_FORMAT_DER: return $spkac; // case FILE_X509_FORMAT_PEM: default: // OpenSSL's implementation of SPKAC requires the SPKAC be preceded by SPKAC= and since there are pretty much // no other SPKAC decoders phpseclib will use that same format return 'SPKAC=' . base64_encode($spkac); } } /* * Load a Certificate Revocation List * * @param string $crl * @access public * @return mixed / function loadCRL($crl, $mode = FILE_X509_FORMAT_AUTO_DETECT) { if (is_array($crl) && isset($crl['tbsCertList'])) { $this->currentCert = $crl; unset($this->signatureSubject); return $crl; } $asn1 = new File_ASN1(); if ($mode != FILE_X509_FORMAT_DER) { $newcrl = $this->_extractBER($crl); if ($mode == FILE_X509_FORMAT_PEM && $crl == $newcrl) { return false; } $crl = $newcrl; } $orig = $crl; if ($crl === false) { $this->currentCert = false; return false; } $asn1->loadOIDs($this->oids); $decoded = $asn1->decodeBER($crl); if (empty($decoded)) { $this->currentCert = false; return false; } $crl = $asn1->asn1map($decoded[0], $this->CertificateList); if (!isset($crl) \|\| $crl === false) { $this->currentCert = false; return false; } $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); $this->_mapInDNs($crl, 'tbsCertList/issuer/rdnSequence', $asn1); if ($this->_isSubArrayValid($crl, 'tbsCertList/crlExtensions')) { $this->_mapInExtensions($crl, 'tbsCertList/crlExtensions', $asn1); } if ($this->_isSubArrayValid($crl, 'tbsCertList/revokedCertificates')) { $rclist_ref = &$this->_subArrayUnchecked($crl, 'tbsCertList/revokedCertificates'); if ($rclist_ref) { $rclist = $crl['tbsCertList']['revokedCertificates']; foreach ($rclist as $i => $extension) { if ($this->_isSubArrayValid($rclist, "$i/crlEntryExtensions", $asn1)) { $this->_mapInExtensions($rclist_ref, "$i/crlEntryExtensions", $asn1); } } } } $this->currentKeyIdentifier = null; $this->currentCert = $crl; return $crl; } /* * Save Certificate Revocation List. * * @param array $crl * @param int $format optional * @access public * @return string / function saveCRL($crl, $format = FILE_X509_FORMAT_PEM) { if (!is_array($crl) \|\| !isset($crl['tbsCertList'])) { return false; } $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $filters = array(); $filters['tbsCertList']['issuer']['rdnSequence']['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); $filters['tbsCertList']['signature']['parameters'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); $filters['signatureAlgorithm']['parameters'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); if (empty($crl['tbsCertList']['signature']['parameters'])) { $filters['tbsCertList']['signature']['parameters'] = array('type' => FILE_ASN1_TYPE_NULL); } if (empty($crl['signatureAlgorithm']['parameters'])) { $filters['signatureAlgorithm']['parameters'] = array('type' => FILE_ASN1_TYPE_NULL); } $asn1->loadFilters($filters); $this->_mapOutDNs($crl, 'tbsCertList/issuer/rdnSequence', $asn1); $this->_mapOutExtensions($crl, 'tbsCertList/crlExtensions', $asn1); $rclist = &$this->_subArray($crl, 'tbsCertList/revokedCertificates'); if (is_array($rclist)) { foreach ($rclist as $i => $extension) { $this->_mapOutExtensions($rclist, "$i/crlEntryExtensions", $asn1); } } $crl = $asn1->encodeDER($crl, $this->CertificateList); switch ($format) { case FILE_X509_FORMAT_DER: return $crl; // case FILE_X509_FORMAT_PEM: default: return "-----BEGIN X509 CRL-----\r\n" . chunk_split(base64_encode($crl), 64) . '-----END X509 CRL-----'; } } /* * Helper function to build a time field according to RFC 3280 section * - 4.1.2.5 Validity * - 5.1.2.4 This Update * - 5.1.2.5 Next Update * - 5.1.2.6 Revoked Certificates * by choosing utcTime iff year of date given is before 2050 and generalTime else. * * @param string $date in format date('D, d M Y H:i:s O') * @access private * @return array / function _timeField($date) { if (is_object($date) && strtolower(get_class($date)) == 'file_asn1_element') { return $date; } if (!class_exists('DateTime')) { $year = @gmdate("Y", @strtotime($date)); // the same way ASN1.php parses this } else { $dateObj = new DateTime($date, new DateTimeZone('GMT')); $year = $dateObj->format('Y'); } if ($year < 2050) { return array('utcTime' => $date); } else { return array('generalTime' => $date); } } /* * Sign an X.509 certificate * * $issuer's private key needs to be loaded. * $subject can be either an existing X.509 cert (if you want to resign it), * a CSR or something with the DN and public key explicitly set. * * @param File_X509 $issuer * @param File_X509 $subject * @param string $signatureAlgorithm optional * @access public * @return mixed / function sign($issuer, $subject, $signatureAlgorithm = 'sha1WithRSAEncryption') { if (!is_object($issuer->privateKey) \|\| empty($issuer->dn)) { return false; } if (isset($subject->publicKey) && !($subjectPublicKey = $subject->_formatSubjectPublicKey())) { return false; } $currentCert = isset($this->currentCert) ? $this->currentCert : null; $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: null; if (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertificate'])) { $this->currentCert = $subject->currentCert; $this->currentCert['tbsCertificate']['signature']['algorithm'] = $signatureAlgorithm; $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; if (!empty($this->startDate)) { $this->currentCert['tbsCertificate']['validity']['notBefore'] = $this->_timeField($this->startDate); } if (!empty($this->endDate)) { $this->currentCert['tbsCertificate']['validity']['notAfter'] = $this->_timeField($this->endDate); } if (!empty($this->serialNumber)) { $this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber; } if (!empty($subject->dn)) { $this->currentCert['tbsCertificate']['subject'] = $subject->dn; } if (!empty($subject->publicKey)) { $this->currentCert['tbsCertificate']['subjectPublicKeyInfo'] = $subjectPublicKey; } $this->removeExtension('id-ce-authorityKeyIdentifier'); if (isset($subject->domains)) { $this->removeExtension('id-ce-subjectAltName'); } } elseif (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertList'])) { return false; } else { if (!isset($subject->publicKey)) { return false; } if (!class_exists('DateTime')) { $startDate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O'); $endDate = !empty($this->endDate) ? $this->endDate : @date('D, d M Y H:i:s O', strtotime('+1 year')); } else { $startDate = new DateTime('now', new DateTimeZone(@date_default_timezone_get())); $startDate = !empty($this->startDate) ? $this->startDate : $startDate->format('D, d M Y H:i:s O'); $endDate = new DateTime('+1 year', new DateTimeZone(@date_default_timezone_get())); $endDate = !empty($this->endDate) ? $this->endDate : $endDate->format('D, d M Y H:i:s O'); } if (!empty($this->serialNumber)) { $serialNumber = $this->serialNumber; } else { if (!function_exists('crypt_random_string')) { include_once 'Crypt/Random.php'; } / "The serial number MUST be a positive integer" "Conforming CAs MUST NOT use serialNumber values longer than 20 octets." -- https://tools.ietf.org/html/rfc5280#section-4.1.2.2 for the integer to be positive the leading bit needs to be 0 hence the application of a bitmap / $serialNumber = new Math_BigInteger(crypt_random_string(20) & ("\x7F" . str_repeat("\xFF", 19)), 256); } $this->currentCert = array( 'tbsCertificate' => array( 'version' => 'v3', 'serialNumber' => $serialNumber, // $this->setSerialNumber() 'signature' => array('algorithm' => $signatureAlgorithm), 'issuer' => false, // this is going to be overwritten later 'validity' => array( 'notBefore' => $this->_timeField($startDate), // $this->setStartDate() 'notAfter' => $this->_timeField($endDate) // $this->setEndDate() ), 'subject' => $subject->dn, 'subjectPublicKeyInfo' => $subjectPublicKey ), 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), 'signature' => false // this is going to be overwritten later ); // Copy extensions from CSR. $csrexts = $subject->getAttribute('pkcs-9-at-extensionRequest', 0); if (!empty($csrexts)) { $this->currentCert['tbsCertificate']['extensions'] = $csrexts; } } $this->currentCert['tbsCertificate']['issuer'] = $issuer->dn; if (isset($issuer->currentKeyIdentifier)) { $this->setExtension('id-ce-authorityKeyIdentifier', array( //'authorityCertIssuer' => array( // array( // 'directoryName' => $issuer->dn // ) //), 'keyIdentifier' => $issuer->currentKeyIdentifier )); //$extensions = &$this->currentCert['tbsCertificate']['extensions']; //if (isset($issuer->serialNumber)) { // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber; //} //unset($extensions); } if (isset($subject->currentKeyIdentifier)) { $this->setExtension('id-ce-subjectKeyIdentifier', $subject->currentKeyIdentifier); } $altName = array(); if (isset($subject->domains) && count($subject->domains)) { $altName = array_map(array('File_X509', '_dnsName'), $subject->domains); } if (isset($subject->ipAddresses) && count($subject->ipAddresses)) { // should an IP address appear as the CN if no domain name is specified? idk //$ips = count($subject->domains) ? $subject->ipAddresses : array_slice($subject->ipAddresses, 1); $ipAddresses = array(); foreach ($subject->ipAddresses as $ipAddress) { $encoded = $subject->_ipAddress($ipAddress); if ($encoded !== false) { $ipAddresses[] = $encoded; } } if (count($ipAddresses)) { $altName = array_merge($altName, $ipAddresses); } } if (!empty($altName)) { $this->setExtension('id-ce-subjectAltName', $altName); } if ($this->caFlag) { $keyUsage = $this->getExtension('id-ce-keyUsage'); if (!$keyUsage) { $keyUsage = array(); } $this->setExtension( 'id-ce-keyUsage', array_values(array_unique(array_merge($keyUsage, array('cRLSign', 'keyCertSign')))) ); $basicConstraints = $this->getExtension('id-ce-basicConstraints'); if (!$basicConstraints) { $basicConstraints = array(); } $this->setExtension( 'id-ce-basicConstraints', array_unique(array_merge(array('cA' => true), $basicConstraints)), true ); if (!isset($subject->currentKeyIdentifier)) { $this->setExtension('id-ce-subjectKeyIdentifier', base64_encode($this->computeKeyIdentifier($this->currentCert)), false, false); } } // resync $this->signatureSubject // save $tbsCertificate in case there are any File_ASN1_Element objects in it $tbsCertificate = $this->currentCert['tbsCertificate']; $this->loadX509($this->saveX509($this->currentCert)); $result = $this->_sign($issuer->privateKey, $signatureAlgorithm); $result['tbsCertificate'] = $tbsCertificate; $this->currentCert = $currentCert; $this->signatureSubject = $signatureSubject; return $result; } /* * Sign a CSR * * @access public * @return mixed / function signCSR($signatureAlgorithm = 'sha1WithRSAEncryption') { if (!is_object($this->privateKey) \|\| empty($this->dn)) { return false; } $origPublicKey = $this->publicKey; $class = get_class($this->privateKey); $this->publicKey = new $class(); $this->publicKey->loadKey($this->privateKey->getPublicKey()); $this->publicKey->setPublicKey(); if (!($publicKey = $this->_formatSubjectPublicKey())) { return false; } $this->publicKey = $origPublicKey; $currentCert = isset($this->currentCert) ? $this->currentCert : null; $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: null; if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['certificationRequestInfo'])) { $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; if (!empty($this->dn)) { $this->currentCert['certificationRequestInfo']['subject'] = $this->dn; } $this->currentCert['certificationRequestInfo']['subjectPKInfo'] = $publicKey; } else { $this->currentCert = array( 'certificationRequestInfo' => array( 'version' => 'v1', 'subject' => $this->dn, 'subjectPKInfo' => $publicKey ), 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), 'signature' => false // this is going to be overwritten later ); } // resync $this->signatureSubject // save $certificationRequestInfo in case there are any File_ASN1_Element objects in it $certificationRequestInfo = $this->currentCert['certificationRequestInfo']; $this->loadCSR($this->saveCSR($this->currentCert)); $result = $this->_sign($this->privateKey, $signatureAlgorithm); $result['certificationRequestInfo'] = $certificationRequestInfo; $this->currentCert = $currentCert; $this->signatureSubject = $signatureSubject; return $result; } /* * Sign a SPKAC * * @access public * @return mixed / function signSPKAC($signatureAlgorithm = 'sha1WithRSAEncryption') { if (!is_object($this->privateKey)) { return false; } $origPublicKey = $this->publicKey; $class = get_class($this->privateKey); $this->publicKey = new $class(); $this->publicKey->loadKey($this->privateKey->getPublicKey()); $this->publicKey->setPublicKey(); $publicKey = $this->_formatSubjectPublicKey(); if (!$publicKey) { return false; } $this->publicKey = $origPublicKey; $currentCert = isset($this->currentCert) ? $this->currentCert : null; $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: null; // re-signing a SPKAC seems silly but since everything else supports re-signing why not? if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['publicKeyAndChallenge'])) { $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; $this->currentCert['publicKeyAndChallenge']['spki'] = $publicKey; if (!empty($this->challenge)) { // the bitwise AND ensures that the output is a valid IA5String $this->currentCert['publicKeyAndChallenge']['challenge'] = $this->challenge & str_repeat("\x7F", strlen($this->challenge)); } } else { $this->currentCert = array( 'publicKeyAndChallenge' => array( 'spki' => $publicKey, // quoting <https://developer.mozilla.org/en-US/docs/Web/HTML/Element/keygen>, // "A challenge string that is submitted along with the public key. Defaults to an empty string if not specified." // both Firefox and OpenSSL ("openssl spkac -key private.key") behave this way // we could alternatively do this instead if we ignored the specs: // crypt_random_string(8) & str_repeat("\x7F", 8) 'challenge' => !empty($this->challenge) ? $this->challenge : '' ), 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), 'signature' => false // this is going to be overwritten later ); } // resync $this->signatureSubject // save $publicKeyAndChallenge in case there are any File_ASN1_Element objects in it $publicKeyAndChallenge = $this->currentCert['publicKeyAndChallenge']; $this->loadSPKAC($this->saveSPKAC($this->currentCert)); $result = $this->_sign($this->privateKey, $signatureAlgorithm); $result['publicKeyAndChallenge'] = $publicKeyAndChallenge; $this->currentCert = $currentCert; $this->signatureSubject = $signatureSubject; return $result; } /* * Sign a CRL * * $issuer's private key needs to be loaded. * * @param File_X509 $issuer * @param File_X509 $crl * @param string $signatureAlgorithm optional * @access public * @return mixed / function signCRL($issuer, $crl, $signatureAlgorithm = 'sha1WithRSAEncryption') { if (!is_object($issuer->privateKey) \|\| empty($issuer->dn)) { return false; } $currentCert = isset($this->currentCert) ? $this->currentCert : null; $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; if (!class_exists('DateTime')) { $thisUpdate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O'); } else { $thisUpdate = new DateTime('now', new DateTimeZone(@date_default_timezone_get())); $thisUpdate = !empty($this->startDate) ? $this->startDate : $thisUpdate->format('D, d M Y H:i:s O'); } if (isset($crl->currentCert) && is_array($crl->currentCert) && isset($crl->currentCert['tbsCertList'])) { $this->currentCert = $crl->currentCert; $this->currentCert['tbsCertList']['signature']['algorithm'] = $signatureAlgorithm; $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; } else { $this->currentCert = array( 'tbsCertList' => array( 'version' => 'v2', 'signature' => array('algorithm' => $signatureAlgorithm), 'issuer' => false, // this is going to be overwritten later 'thisUpdate' => $this->_timeField($thisUpdate) // $this->setStartDate() ), 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), 'signature' => false // this is going to be overwritten later ); } $tbsCertList = &$this->currentCert['tbsCertList']; $tbsCertList['issuer'] = $issuer->dn; $tbsCertList['thisUpdate'] = $this->_timeField($thisUpdate); if (!empty($this->endDate)) { $tbsCertList['nextUpdate'] = $this->_timeField($this->endDate); // $this->setEndDate() } else { unset($tbsCertList['nextUpdate']); } if (!empty($this->serialNumber)) { $crlNumber = $this->serialNumber; } else { $crlNumber = $this->getExtension('id-ce-cRLNumber'); // "The CRL number is a non-critical CRL extension that conveys a // monotonically increasing sequence number for a given CRL scope and // CRL issuer. This extension allows users to easily determine when a // particular CRL supersedes another CRL." // -- https://tools.ietf.org/html/rfc5280#section-5.2.3 $crlNumber = $crlNumber !== false ? $crlNumber->add(new Math_BigInteger(1)) : null; } $this->removeExtension('id-ce-authorityKeyIdentifier'); $this->removeExtension('id-ce-issuerAltName'); // Be sure version >= v2 if some extension found. $version = isset($tbsCertList['version']) ? $tbsCertList['version'] : 0; if (!$version) { if (!empty($tbsCertList['crlExtensions'])) { $version = 1; // v2. } elseif (!empty($tbsCertList['revokedCertificates'])) { foreach ($tbsCertList['revokedCertificates'] as $cert) { if (!empty($cert['crlEntryExtensions'])) { $version = 1; // v2. } } } if ($version) { $tbsCertList['version'] = $version; } } // Store additional extensions. if (!empty($tbsCertList['version'])) { // At least v2. if (!empty($crlNumber)) { $this->setExtension('id-ce-cRLNumber', $crlNumber); } if (isset($issuer->currentKeyIdentifier)) { $this->setExtension('id-ce-authorityKeyIdentifier', array( //'authorityCertIssuer' => array( // array( // 'directoryName' => $issuer->dn // ) //), 'keyIdentifier' => $issuer->currentKeyIdentifier )); //$extensions = &$tbsCertList['crlExtensions']; //if (isset($issuer->serialNumber)) { // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber; //} //unset($extensions); } $issuerAltName = $this->getExtension('id-ce-subjectAltName', $issuer->currentCert); if ($issuerAltName !== false) { $this->setExtension('id-ce-issuerAltName', $issuerAltName); } } if (empty($tbsCertList['revokedCertificates'])) { unset($tbsCertList['revokedCertificates']); } unset($tbsCertList); // resync $this->signatureSubject // save $tbsCertList in case there are any File_ASN1_Element objects in it $tbsCertList = $this->currentCert['tbsCertList']; $this->loadCRL($this->saveCRL($this->currentCert)); $result = $this->_sign($issuer->privateKey, $signatureAlgorithm); $result['tbsCertList'] = $tbsCertList; $this->currentCert = $currentCert; $this->signatureSubject = $signatureSubject; return $result; } /* * X.509 certificate signing helper function. * * @param object $key * @param File_X509 $subject * @param string $signatureAlgorithm * @access public * @return mixed / function _sign($key, $signatureAlgorithm) { switch (strtolower(get_class($key))) { case 'crypt_rsa': switch ($signatureAlgorithm) { case 'md2WithRSAEncryption': case 'md5WithRSAEncryption': case 'sha1WithRSAEncryption': case 'sha224WithRSAEncryption': case 'sha256WithRSAEncryption': case 'sha384WithRSAEncryption': case 'sha512WithRSAEncryption': $key->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm)); $key->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); $this->currentCert['signature'] = base64_encode("\0" . $key->sign($this->signatureSubject)); return $this->currentCert; } default: return false; } } /* * Set certificate start date * * @param string $date * @access public / function setStartDate($date) { if (class_exists('DateTime')) { $date = new DateTime($date, new DateTimeZone(@date_default_timezone_get())); $this->startDate = $date->format('D, d M Y H:i:s O'); } else { $this->startDate = @date('D, d M Y H:i:s O', @strtotime($date)); } } /* * Set certificate end date * * @param string $date * @access public / function setEndDate($date) { / To indicate that a certificate has no well-defined expiration date, the notAfter SHOULD be assigned the GeneralizedTime value of 99991231235959Z. -- http://tools.ietf.org/html/rfc5280#section-4.1.2.5 / if (strtolower($date) == 'lifetime') { $temp = '99991231235959Z'; $asn1 = new File_ASN1(); $temp = chr(FILE_ASN1_TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp; $this->endDate = new File_ASN1_Element($temp); } else { if (class_exists('DateTime')) { $date = new DateTime($date, new DateTimeZone(@date_default_timezone_get())); $this->endDate = $date->format('D, d M Y H:i:s O'); } else { $this->endDate = @date('D, d M Y H:i:s O', @strtotime($date)); } } } /* * Set Serial Number * * @param string $serial * @param $base optional * @access public / function setSerialNumber($serial, $base = -256) { $this->serialNumber = new Math_BigInteger($serial, $base); } /* * Turns the certificate into a certificate authority * * @access public / function makeCA() { $this->caFlag = true; } /* * Check for validity of subarray * * This is intended for use in conjunction with _subArrayUnchecked(), * implementing the checks included in _subArray() but without copying * a potentially large array by passing its reference by-value to is_array(). * * @param array $root * @param string $path * @return boolean * @access private / function _isSubArrayValid($root, $path) { if (!is_array($root)) { return false; } foreach (explode('/', $path) as $i) { if (!is_array($root)) { return false; } if (!isset($root[$i])) { return true; } $root = $root[$i]; } return true; } /* * Get a reference to a subarray * * This variant of _subArray() does no is_array() checking, * so $root should be checked with _isSubArrayValid() first. * * This is here for performance reasons: * Passing a reference (i.e. $root) by-value (i.e. to is_array()) * creates a copy. If $root is an especially large array, this is expensive. * * @param array $root * @param string $path absolute path with / as component separator * @param bool $create optional * @access private * @return array\|false / function &_subArrayUnchecked(&$root, $path, $create = false) { $false = false; foreach (explode('/', $path) as $i) { if (!isset($root[$i])) { if (!$create) { return $false; } $root[$i] = array(); } $root = &$root[$i]; } return $root; } /* * Get a reference to a subarray * * @param array $root * @param string $path absolute path with / as component separator * @param bool $create optional * @access private * @return array\|false / function &_subArray(&$root, $path, $create = false) { $false = false; if (!is_array($root)) { return $false; } foreach (explode('/', $path) as $i) { if (!is_array($root)) { return $false; } if (!isset($root[$i])) { if (!$create) { return $false; } $root[$i] = array(); } $root = &$root[$i]; } return $root; } /* * Get a reference to an extension subarray * * @param array $root * @param string $path optional absolute path with / as component separator * @param bool $create optional * @access private * @return array\|false / function &_extensions(&$root, $path = null, $create = false) { if (!isset($root)) { $root = $this->currentCert; } switch (true) { case !empty($path): case !is_array($root): break; case isset($root['tbsCertificate']): $path = 'tbsCertificate/extensions'; break; case isset($root['tbsCertList']): $path = 'tbsCertList/crlExtensions'; break; case isset($root['certificationRequestInfo']): $pth = 'certificationRequestInfo/attributes'; $attributes = &$this->_subArray($root, $pth, $create); if (is_array($attributes)) { foreach ($attributes as $key => $value) { if ($value['type'] == 'pkcs-9-at-extensionRequest') { $path = "$pth/$key/value/0"; break 2; } } if ($create) { $key = count($attributes); $attributes[] = array('type' => 'pkcs-9-at-extensionRequest', 'value' => array()); $path = "$pth/$key/value/0"; } } break; } $extensions = &$this->_subArray($root, $path, $create); if (!is_array($extensions)) { $false = false; return $false; } return $extensions; } /* * Remove an Extension * * @param string $id * @param string $path optional * @access private * @return bool / function _removeExtension($id, $path = null) { $extensions = &$this->_extensions($this->currentCert, $path); if (!is_array($extensions)) { return false; } $result = false; foreach ($extensions as $key => $value) { if ($value['extnId'] == $id) { unset($extensions[$key]); $result = true; } } $extensions = array_values($extensions); // fix for https://bugs.php.net/75433 affecting PHP 7.2 if (!isset($extensions[0])) { $extensions = array_splice($extensions, 0, 0); } return $result; } /* * Get an Extension * * Returns the extension if it exists and false if not * * @param string $id * @param array $cert optional * @param string $path optional * @access private * @return mixed / function _getExtension($id, $cert = null, $path = null) { $extensions = $this->_extensions($cert, $path); if (!is_array($extensions)) { return false; } foreach ($extensions as $key => $value) { if ($value['extnId'] == $id) { return $value['extnValue']; } } return false; } /* * Returns a list of all extensions in use * * @param array $cert optional * @param string $path optional * @access private * @return array / function _getExtensions($cert = null, $path = null) { $exts = $this->_extensions($cert, $path); $extensions = array(); if (is_array($exts)) { foreach ($exts as $extension) { $extensions[] = $extension['extnId']; } } return $extensions; } /* * Set an Extension * * @param string $id * @param mixed $value * @param bool $critical optional * @param bool $replace optional * @param string $path optional * @access private * @return bool / function _setExtension($id, $value, $critical = false, $replace = true, $path = null) { $extensions = &$this->_extensions($this->currentCert, $path, true); if (!is_array($extensions)) { return false; } $newext = array('extnId' => $id, 'critical' => $critical, 'extnValue' => $value); foreach ($extensions as $key => $value) { if ($value['extnId'] == $id) { if (!$replace) { return false; } $extensions[$key] = $newext; return true; } } $extensions[] = $newext; return true; } /* * Remove a certificate, CSR or CRL Extension * * @param string $id * @access public * @return bool / function removeExtension($id) { return $this->_removeExtension($id); } /* * Get a certificate, CSR or CRL Extension * * Returns the extension if it exists and false if not * * @param string $id * @param array $cert optional * @access public * @return mixed / function getExtension($id, $cert = null) { return $this->_getExtension($id, $cert); } /* * Returns a list of all extensions in use in certificate, CSR or CRL * * @param array $cert optional * @access public * @return array / function getExtensions($cert = null) { return $this->_getExtensions($cert); } /* * Set a certificate, CSR or CRL Extension * * @param string $id * @param mixed $value * @param bool $critical optional * @param bool $replace optional * @access public * @return bool / function setExtension($id, $value, $critical = false, $replace = true) { return $this->_setExtension($id, $value, $critical, $replace); } /* * Remove a CSR attribute. * * @param string $id * @param int $disposition optional * @access public * @return bool / function removeAttribute($id, $disposition = FILE_X509_ATTR_ALL) { $attributes = &$this->_subArray($this->currentCert, 'certificationRequestInfo/attributes'); if (!is_array($attributes)) { return false; } $result = false; foreach ($attributes as $key => $attribute) { if ($attribute['type'] == $id) { $n = count($attribute['value']); switch (true) { case $disposition == FILE_X509_ATTR_APPEND: case $disposition == FILE_X509_ATTR_REPLACE: return false; case $disposition >= $n: $disposition -= $n; break; case $disposition == FILE_X509_ATTR_ALL: case $n == 1: unset($attributes[$key]); $result = true; break; default: unset($attributes[$key]['value'][$disposition]); $attributes[$key]['value'] = array_values($attributes[$key]['value']); $result = true; break; } if ($result && $disposition != FILE_X509_ATTR_ALL) { break; } } } $attributes = array_values($attributes); return $result; } /* * Get a CSR attribute * * Returns the attribute if it exists and false if not * * @param string $id * @param int $disposition optional * @param array $csr optional * @access public * @return mixed / function getAttribute($id, $disposition = FILE_X509_ATTR_ALL, $csr = null) { if (empty($csr)) { $csr = $this->currentCert; } $attributes = $this->_subArray($csr, 'certificationRequestInfo/attributes'); if (!is_array($attributes)) { return false; } foreach ($attributes as $key => $attribute) { if ($attribute['type'] == $id) { $n = count($attribute['value']); switch (true) { case $disposition == FILE_X509_ATTR_APPEND: case $disposition == FILE_X509_ATTR_REPLACE: return false; case $disposition == FILE_X509_ATTR_ALL: return $attribute['value']; case $disposition >= $n: $disposition -= $n; break; default: return $attribute['value'][$disposition]; } } } return false; } /* * Returns a list of all CSR attributes in use * * @param array $csr optional * @access public * @return array / function getAttributes($csr = null) { if (empty($csr)) { $csr = $this->currentCert; } $attributes = $this->_subArray($csr, 'certificationRequestInfo/attributes'); $attrs = array(); if (is_array($attributes)) { foreach ($attributes as $attribute) { $attrs[] = $attribute['type']; } } return $attrs; } /* * Set a CSR attribute * * @param string $id * @param mixed $value * @param bool $disposition optional * @access public * @return bool / function setAttribute($id, $value, $disposition = FILE_X509_ATTR_ALL) { $attributes = &$this->_subArray($this->currentCert, 'certificationRequestInfo/attributes', true); if (!is_array($attributes)) { return false; } switch ($disposition) { case FILE_X509_ATTR_REPLACE: $disposition = FILE_X509_ATTR_APPEND; case FILE_X509_ATTR_ALL: $this->removeAttribute($id); break; } foreach ($attributes as $key => $attribute) { if ($attribute['type'] == $id) { $n = count($attribute['value']); switch (true) { case $disposition == FILE_X509_ATTR_APPEND: $last = $key; break; case $disposition >= $n: $disposition -= $n; break; default: $attributes[$key]['value'][$disposition] = $value; return true; } } } switch (true) { case $disposition >= 0: return false; case isset($last): $attributes[$last]['value'][] = $value; break; default: $attributes[] = array('type' => $id, 'value' => $disposition == FILE_X509_ATTR_ALL ? $value: array($value)); break; } return true; } /* * Sets the subject key identifier * * This is used by the id-ce-authorityKeyIdentifier and the id-ce-subjectKeyIdentifier extensions. * * @param string $value * @access public / function setKeyIdentifier($value) { if (empty($value)) { unset($this->currentKeyIdentifier); } else { $this->currentKeyIdentifier = base64_encode($value); } } /* * Compute a public key identifier. * * Although key identifiers may be set to any unique value, this function * computes key identifiers from public key according to the two * recommended methods (4.2.1.2 RFC 3280). * Highly polymorphic: try to accept all possible forms of key: * - Key object * - File_X509 object with public or private key defined * - Certificate or CSR array * - File_ASN1_Element object * - PEM or DER string * * @param mixed $key optional * @param int $method optional * @access public * @return string binary key identifier / function computeKeyIdentifier($key = null, $method = 1) { if (is_null($key)) { $key = $this; } switch (true) { case is_string($key): break; case is_array($key) && isset($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']): return $this->computeKeyIdentifier($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], $method); case is_array($key) && isset($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']): return $this->computeKeyIdentifier($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], $method); case !is_object($key): return false; case strtolower(get_class($key)) == 'file_asn1_element': // Assume the element is a bitstring-packed key. $asn1 = new File_ASN1(); $decoded = $asn1->decodeBER($key->element); if (empty($decoded)) { return false; } $raw = $asn1->asn1map($decoded[0], array('type' => FILE_ASN1_TYPE_BIT_STRING)); if (empty($raw)) { return false; } $raw = base64_decode($raw); // If the key is private, compute identifier from its corresponding public key. if (!class_exists('Crypt_RSA')) { include_once 'Crypt/RSA.php'; } $key = new Crypt_RSA(); if (!$key->loadKey($raw)) { return false; // Not an unencrypted RSA key. } if ($key->getPrivateKey() !== false) { // If private. return $this->computeKeyIdentifier($key, $method); } $key = $raw; // Is a public key. break; case strtolower(get_class($key)) == 'file_x509': if (isset($key->publicKey)) { return $this->computeKeyIdentifier($key->publicKey, $method); } if (isset($key->privateKey)) { return $this->computeKeyIdentifier($key->privateKey, $method); } if (isset($key->currentCert['tbsCertificate']) \|\| isset($key->currentCert['certificationRequestInfo'])) { return $this->computeKeyIdentifier($key->currentCert, $method); } return false; default: // Should be a key object (i.e.: Crypt_RSA). $key = $key->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_PKCS1); break; } // If in PEM format, convert to binary. $key = $this->_extractBER($key); // Now we have the key string: compute its sha-1 sum. if (!class_exists('Crypt_Hash')) { include_once 'Crypt/Hash.php'; } $hash = new Crypt_Hash('sha1'); $hash = $hash->hash($key); if ($method == 2) { $hash = substr($hash, -8); $hash[0] = chr((ord($hash[0]) & 0x0F) \| 0x40); } return $hash; } /* * Format a public key as appropriate * * @access private * @return array / function _formatSubjectPublicKey() { if (!isset($this->publicKey) \|\| !is_object($this->publicKey)) { return false; } switch (strtolower(get_class($this->publicKey))) { case 'crypt_rsa': // the following two return statements do the same thing. i dunno.. i just prefer the later for some reason. // the former is a good example of how to do fuzzing on the public key //return new File_ASN1_Element(base64_decode(preg_replace('#-.+-\|[\r\n]#', '', $this->publicKey->getPublicKey()))); return array( 'algorithm' => array('algorithm' => 'rsaEncryption'), 'subjectPublicKey' => $this->publicKey->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_PKCS1) ); default: return false; } } /* * Set the domain name's which the cert is to be valid for * * @access public * @return array / function setDomain() { $this->domains = func_get_args(); $this->removeDNProp('id-at-commonName'); $this->setDNProp('id-at-commonName', $this->domains[0]); } /* * Set the IP Addresses's which the cert is to be valid for * * @access public * @param string $ipAddress optional / function setIPAddress() { $this->ipAddresses = func_get_args(); / if (!isset($this->domains)) { $this->removeDNProp('id-at-commonName'); $this->setDNProp('id-at-commonName', $this->ipAddresses[0]); } / } /* * Helper function to build domain array * * @access private * @param string $domain * @return array / function _dnsName($domain) { return array('dNSName' => $domain); } /* * Helper function to build IP Address array * * (IPv6 is not currently supported) * * @access private * @param string $address * @return array / function _iPAddress($address) { return array('iPAddress' => $address); } /* * Get the index of a revoked certificate. * * @param array $rclist * @param string $serial * @param bool $create optional * @access private * @return int\|false / function _revokedCertificate(&$rclist, $serial, $create = false) { $serial = new Math_BigInteger($serial); foreach ($rclist as $i => $rc) { if (!($serial->compare($rc['userCertificate']))) { return $i; } } if (!$create) { return false; } if (!class_exists('DateTime')) { $revocationDate = @date('D, d M Y H:i:s O'); } else { $revocationDate = new DateTime('now', new DateTimeZone(@date_default_timezone_get())); $revocationDate = $revocationDate->format('D, d M Y H:i:s O'); } $i = count($rclist); $rclist[] = array('userCertificate' => $serial, 'revocationDate' => $this->_timeField($revocationDate)); return $i; } /* * Revoke a certificate. * * @param string $serial * @param string $date optional * @access public * @return bool / function revoke($serial, $date = null) { if (isset($this->currentCert['tbsCertList'])) { if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) { if ($this->_revokedCertificate($rclist, $serial) === false) { // If not yet revoked if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) { if (!empty($date)) { $rclist[$i]['revocationDate'] = $this->_timeField($date); } return true; } } } } return false; } /* * Unrevoke a certificate. * * @param string $serial * @access public * @return bool / function unrevoke($serial) { if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { unset($rclist[$i]); $rclist = array_values($rclist); return true; } } return false; } /* * Get a revoked certificate. * * @param string $serial * @access public * @return mixed / function getRevoked($serial) { if (is_array($rclist = $this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { return $rclist[$i]; } } return false; } /* * List revoked certificates * * @param array $crl optional * @access public * @return array / function listRevoked($crl = null) { if (!isset($crl)) { $crl = $this->currentCert; } if (!isset($crl['tbsCertList'])) { return false; } $result = array(); if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) { foreach ($rclist as $rc) { $result[] = $rc['userCertificate']->toString(); } } return $result; } /* * Remove a Revoked Certificate Extension * * @param string $serial * @param string $id * @access public * @return bool / function removeRevokedCertificateExtension($serial, $id) { if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { return $this->_removeExtension($id, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); } } return false; } /* * Get a Revoked Certificate Extension * * Returns the extension if it exists and false if not * * @param string $serial * @param string $id * @param array $crl optional * @access public * @return mixed / function getRevokedCertificateExtension($serial, $id, $crl = null) { if (!isset($crl)) { $crl = $this->currentCert; } if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) { if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { return $this->_getExtension($id, $crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); } } return false; } /* * Returns a list of all extensions in use for a given revoked certificate * * @param string $serial * @param array $crl optional * @access public * @return array / function getRevokedCertificateExtensions($serial, $crl = null) { if (!isset($crl)) { $crl = $this->currentCert; } if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) { if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { return $this->_getExtensions($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); } } return false; } /* * Set a Revoked Certificate Extension * * @param string $serial * @param string $id * @param mixed $value * @param bool $critical optional * @param bool $replace optional * @access public * @return bool / function setRevokedCertificateExtension($serial, $id, $value, $critical = false, $replace = true) { if (isset($this->currentCert['tbsCertList'])) { if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) { if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) { return $this->_setExtension($id, $value, $critical, $replace, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); } } } return false; } /* * Extract raw BER from Base64 encoding * * @access private * @param string $str * @return string / function _extractBER($str) { / X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them * above and beyond the ceritificate. * ie. some may have the following preceding the -----BEGIN CERTIFICATE----- line: * * Bag Attributes * localKeyID: 01 00 00 00 * subject=/O=organization/OU=org unit/CN=common name * issuer=/O=organization/CN=common name / $temp = preg_replace('#.?^-+[^-]+-+[\r\n ]$#ms', '', $str, 1); // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff $temp = preg_replace('#-+[^-]+-+#', '', $temp); // remove new lines $temp = str_replace(array("\r", "\n", ' '), '', $temp); $temp = preg_match('#^[a-zA-Z\d/+]={0,2}$#', $temp) ? base64_decode($temp) : false; return $temp != false ? $temp : $str; } /** * Returns the OID corresponding to a name * * What's returned in the associative array returned by loadX509() (or load()) is either a name or an OID if no OID to name mapping is available. The problem with this is that what may be an unmapped OID in one version * of phpseclib may not be unmapped in the next version, so apps that are looking at this OID may not be able * to work from version to version. * * This method will return the OID if a name is passed to it and if no mapping is avialable it'll assume that * what's being passed to it already is an OID and return that instead. A few examples. * * getOID('2.16.840.1.101.3.4.2.1') == '2.16.840.1.101.3.4.2.1' * getOID('id-sha256') == '2.16.840.1.101.3.4.2.1' * getOID('zzz') == 'zzz' * * @access public * @return string / function getOID($name) { static $reverseMap; if (!isset($reverseMap)) { $reverseMap = array_flip($this->oids); } return isset($reverseMap[$name]) ? $reverseMap[$name] : $name; } } ��phpseclib/File/ANSI.php��0000644��00000053142�15104540706�0010646 0��ustar�00��<?php /* * Pure-PHP ANSI Decoder * * PHP versions 4 and 5 * * If you call read() in Net_SSH2 you may get {@link http://en.wikipedia.org/wiki/ANSI_escape_code ANSI escape codes} back. * They'd look like chr(0x1B) . '[00m' or whatever (0x1B = ESC). They tell a * {@link http://en.wikipedia.org/wiki/Terminal_emulator terminal emulator} how to format the characters, what * color to display them in, etc. File_ANSI is a {@link http://en.wikipedia.org/wiki/VT100 VT100} terminal emulator. * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @category File * @package File_ANSI * @author Jim Wigginton <terrafrost@php.net> * @copyright 2012 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net / /* * Pure-PHP ANSI Decoder * * @package File_ANSI * @author Jim Wigginton <terrafrost@php.net> * @access public / class File_ANSI { /* * Max Width * * @var int * @access private / var $max_x; /* * Max Height * * @var int * @access private / var $max_y; /* * Max History * * @var int * @access private / var $max_history; /* * History * * @var array * @access private / var $history; /* * History Attributes * * @var array * @access private / var $history_attrs; /* * Current Column * * @var int * @access private / var $x; /* * Current Row * * @var int * @access private / var $y; /* * Old Column * * @var int * @access private / var $old_x; /* * Old Row * * @var int * @access private / var $old_y; /* * An empty attribute cell * * @var object * @access private / var $base_attr_cell; /* * The current attribute cell * * @var object * @access private / var $attr_cell; /* * An empty attribute row * * @var array * @access private / var $attr_row; /* * The current screen text * * @var array * @access private / var $screen; /* * The current screen attributes * * @var array * @access private / var $attrs; /* * Current ANSI code * * @var string * @access private / var $ansi; /* * Tokenization * * @var array * @access private / var $tokenization; /* * Default Constructor. * * @return File_ANSI * @access public / function __construct() { $attr_cell = new stdClass(); $attr_cell->bold = false; $attr_cell->underline = false; $attr_cell->blink = false; $attr_cell->background = 'black'; $attr_cell->foreground = 'white'; $attr_cell->reverse = false; $this->base_attr_cell = clone($attr_cell); $this->attr_cell = clone($attr_cell); $this->setHistory(200); $this->setDimensions(80, 24); } /* * PHP4 compatible Default Constructor. * * @see self::__construct() * @access public / function File_ANSI() { $this->__construct($mode); } /* * Set terminal width and height * * Resets the screen as well * * @param int $x * @param int $y * @access public / function setDimensions($x, $y) { $this->max_x = $x - 1; $this->max_y = $y - 1; $this->x = $this->y = 0; $this->history = $this->history_attrs = array(); $this->attr_row = array_fill(0, $this->max_x + 2, $this->base_attr_cell); $this->screen = array_fill(0, $this->max_y + 1, ''); $this->attrs = array_fill(0, $this->max_y + 1, $this->attr_row); $this->ansi = ''; } /* * Set the number of lines that should be logged past the terminal height * * @param int $x * @param int $y * @access public / function setHistory($history) { $this->max_history = $history; } /* * Load a string * * @param string $source * @access public / function loadString($source) { $this->setDimensions($this->max_x + 1, $this->max_y + 1); $this->appendString($source); } /* * Appdend a string * * @param string $source * @access public / function appendString($source) { $this->tokenization = array(''); for ($i = 0; $i < strlen($source); $i++) { if (strlen($this->ansi)) { $this->ansi.= $source[$i]; $chr = ord($source[$i]); // http://en.wikipedia.org/wiki/ANSI_escape_code#Sequence_elements // single character CSI's not currently supported switch (true) { case $this->ansi == "\x1B=": $this->ansi = ''; continue 2; case strlen($this->ansi) == 2 && $chr >= 64 && $chr <= 95 && $chr != ord('['): case strlen($this->ansi) > 2 && $chr >= 64 && $chr <= 126: break; default: continue 2; } $this->tokenization[] = $this->ansi; $this->tokenization[] = ''; // http://ascii-table.com/ansi-escape-sequences-vt-100.php switch ($this->ansi) { case "\x1B[H": // Move cursor to upper left corner $this->old_x = $this->x; $this->old_y = $this->y; $this->x = $this->y = 0; break; case "\x1B[J": // Clear screen from cursor down $this->history = array_merge($this->history, array_slice(array_splice($this->screen, $this->y + 1), 0, $this->old_y)); $this->screen = array_merge($this->screen, array_fill($this->y, $this->max_y, '')); $this->history_attrs = array_merge($this->history_attrs, array_slice(array_splice($this->attrs, $this->y + 1), 0, $this->old_y)); $this->attrs = array_merge($this->attrs, array_fill($this->y, $this->max_y, $this->attr_row)); if (count($this->history) == $this->max_history) { array_shift($this->history); array_shift($this->history_attrs); } case "\x1B[K": // Clear screen from cursor right $this->screen[$this->y] = substr($this->screen[$this->y], 0, $this->x); array_splice($this->attrs[$this->y], $this->x + 1, $this->max_x - $this->x, array_fill($this->x, $this->max_x - $this->x - 1, $this->base_attr_cell)); break; case "\x1B[2K": // Clear entire line $this->screen[$this->y] = str_repeat(' ', $this->x); $this->attrs[$this->y] = $this->attr_row; break; case "\x1B[?1h": // set cursor key to application case "\x1B[?25h": // show the cursor case "\x1B(B": // set united states g0 character set break; case "\x1BE": // Move to next line $this->_newLine(); $this->x = 0; break; default: switch (true) { case preg_match('#\x1B\[(\d+)B#', $this->ansi, $match): // Move cursor down n lines $this->old_y = $this->y; $this->y+= $match[1]; break; case preg_match('#\x1B\[(\d+);(\d+)H#', $this->ansi, $match): // Move cursor to screen location v,h $this->old_x = $this->x; $this->old_y = $this->y; $this->x = $match[2] - 1; $this->y = $match[1] - 1; break; case preg_match('#\x1B\[(\d+)C#', $this->ansi, $match): // Move cursor right n lines $this->old_x = $this->x; $this->x+= $match[1]; break; case preg_match('#\x1B\[(\d+)D#', $this->ansi, $match): // Move cursor left n lines $this->old_x = $this->x; $this->x-= $match[1]; if ($this->x < 0) { $this->x = 0; } break; case preg_match('#\x1B\[(\d+);(\d+)r#', $this->ansi, $match): // Set top and bottom lines of a window break; case preg_match('#\x1B\[(\d(?:;\d))m#', $this->ansi, $match): // character attributes $attr_cell = &$this->attr_cell; $mods = explode(';', $match[1]); foreach ($mods as $mod) { switch ($mod) { case 0: // Turn off character attributes $attr_cell = clone($this->base_attr_cell); break; case 1: // Turn bold mode on $attr_cell->bold = true; break; case 4: // Turn underline mode on $attr_cell->underline = true; break; case 5: // Turn blinking mode on $attr_cell->blink = true; break; case 7: // Turn reverse video on $attr_cell->reverse = !$attr_cell->reverse; $temp = $attr_cell->background; $attr_cell->background = $attr_cell->foreground; $attr_cell->foreground = $temp; break; default: // set colors //$front = $attr_cell->reverse ? &$attr_cell->background : &$attr_cell->foreground; $front = &$attr_cell->{ $attr_cell->reverse ? 'background' : 'foreground' }; //$back = $attr_cell->reverse ? &$attr_cell->foreground : &$attr_cell->background; $back = &$attr_cell->{ $attr_cell->reverse ? 'foreground' : 'background' }; switch ($mod) { // @codingStandardsIgnoreStart case 30: $front = 'black'; break; case 31: $front = 'red'; break; case 32: $front = 'green'; break; case 33: $front = 'yellow'; break; case 34: $front = 'blue'; break; case 35: $front = 'magenta'; break; case 36: $front = 'cyan'; break; case 37: $front = 'white'; break; case 40: $back = 'black'; break; case 41: $back = 'red'; break; case 42: $back = 'green'; break; case 43: $back = 'yellow'; break; case 44: $back = 'blue'; break; case 45: $back = 'magenta'; break; case 46: $back = 'cyan'; break; case 47: $back = 'white'; break; // @codingStandardsIgnoreEnd default: //user_error('Unsupported attribute: ' . $mod); $this->ansi = ''; break 2; } } } break; default: //user_error("{$this->ansi} is unsupported\r\n"); } } $this->ansi = ''; continue; } $this->tokenization[count($this->tokenization) - 1].= $source[$i]; switch ($source[$i]) { case "\r": $this->x = 0; break; case "\n": $this->_newLine(); break; case "\x08": // backspace if ($this->x) { $this->x--; $this->attrs[$this->y][$this->x] = clone($this->base_attr_cell); $this->screen[$this->y] = substr_replace( $this->screen[$this->y], $source[$i], $this->x, 1 ); } break; case "\x0F": // shift break; case "\x1B": // start ANSI escape code $this->tokenization[count($this->tokenization) - 1] = substr($this->tokenization[count($this->tokenization) - 1], 0, -1); //if (!strlen($this->tokenization[count($this->tokenization) - 1])) { // array_pop($this->tokenization); //} $this->ansi.= "\x1B"; break; default: $this->attrs[$this->y][$this->x] = clone($this->attr_cell); if ($this->x > strlen($this->screen[$this->y])) { $this->screen[$this->y] = str_repeat(' ', $this->x); } $this->screen[$this->y] = substr_replace( $this->screen[$this->y], $source[$i], $this->x, 1 ); if ($this->x > $this->max_x) { $this->x = 0; $this->_newLine(); } else { $this->x++; } } } } /** * Add a new line * * Also update the $this->screen and $this->history buffers * * @access private / function _newLine() { //if ($this->y < $this->max_y) { // $this->y++; //} while ($this->y >= $this->max_y) { $this->history = array_merge($this->history, array(array_shift($this->screen))); $this->screen[] = ''; $this->history_attrs = array_merge($this->history_attrs, array(array_shift($this->attrs))); $this->attrs[] = $this->attr_row; if (count($this->history) >= $this->max_history) { array_shift($this->history); array_shift($this->history_attrs); } $this->y--; } $this->y++; } /* * Returns the current coordinate without preformating * * @access private * @return string / function _processCoordinate($last_attr, $cur_attr, $char) { $output = ''; if ($last_attr != $cur_attr) { $close = $open = ''; if ($last_attr->foreground != $cur_attr->foreground) { if ($cur_attr->foreground != 'white') { $open.= '<span style="color: ' . $cur_attr->foreground . '">'; } if ($last_attr->foreground != 'white') { $close = '</span>' . $close; } } if ($last_attr->background != $cur_attr->background) { if ($cur_attr->background != 'black') { $open.= '<span style="background: ' . $cur_attr->background . '">'; } if ($last_attr->background != 'black') { $close = '</span>' . $close; } } if ($last_attr->bold != $cur_attr->bold) { if ($cur_attr->bold) { $open.= '<b>'; } else { $close = '</b>' . $close; } } if ($last_attr->underline != $cur_attr->underline) { if ($cur_attr->underline) { $open.= '<u>'; } else { $close = '</u>' . $close; } } if ($last_attr->blink != $cur_attr->blink) { if ($cur_attr->blink) { $open.= '<blink>'; } else { $close = '</blink>' . $close; } } $output.= $close . $open; } $output.= htmlspecialchars($char); return $output; } /* * Returns the current screen without preformating * * @access private * @return string / function _getScreen() { $output = ''; $last_attr = $this->base_attr_cell; for ($i = 0; $i <= $this->max_y; $i++) { for ($j = 0; $j <= $this->max_x; $j++) { $cur_attr = $this->attrs[$i][$j]; $output.= $this->_processCoordinate($last_attr, $cur_attr, isset($this->screen[$i][$j]) ? $this->screen[$i][$j] : ''); $last_attr = $this->attrs[$i][$j]; } $output.= "\r\n"; } $output = substr($output, 0, -2); // close any remaining open tags $output.= $this->_processCoordinate($last_attr, $this->base_attr_cell, ''); return rtrim($output); } /* * Returns the current screen * * @access public * @return string / function getScreen() { return '<pre width="' . ($this->max_x + 1) . '" style="color: white; background: black">' . $this->_getScreen() . '</pre>'; } /* * Returns the current screen and the x previous lines * * @access public * @return string / function getHistory() { $scrollback = ''; $last_attr = $this->base_attr_cell; for ($i = 0; $i < count($this->history); $i++) { for ($j = 0; $j <= $this->max_x + 1; $j++) { $cur_attr = $this->history_attrs[$i][$j]; $scrollback.= $this->_processCoordinate($last_attr, $cur_attr, isset($this->history[$i][$j]) ? $this->history[$i][$j] : ''); $last_attr = $this->history_attrs[$i][$j]; } $scrollback.= "\r\n"; } $base_attr_cell = $this->base_attr_cell; $this->base_attr_cell = $last_attr; $scrollback.= $this->_getScreen(); $this->base_attr_cell = $base_attr_cell; return '<pre width="' . ($this->max_x + 1) . '" style="color: white; background: black">' . $scrollback . '</span></pre>'; } } ��phpseclib/phpseclibmaker.php��0000644��00000001241�15104540706�0012217 0��ustar�00��<?php $files = array( 'Net/SSH2.php', 'Net/SFTP.php', 'Crypt/AES.php', 'Crypt/Base.php', 'Crypt/Blowfish.php', 'Crypt/DES.php', 'Crypt/Hash.php', 'Crypt/Random.php', 'Crypt/RC2.php', 'Crypt/RC4.php', 'Crypt/Rijndael.php', 'Crypt/RSA.php', 'Crypt/TripleDES.php', 'Crypt/Twofish.php', 'Math/BigInteger.php'); //$files = array_reverse($files); $string = ''; foreach($files as $k){ $string .= '//'.$k."\n".substr(file_get_contents($k), 5); } $zip = gzcompress($string); file_put_contents('combine.php', $string); file_put_contents('zip.psl', $zip); file_put_contents('psl.class', base64_encode($zip)); ��aws.php��0000644��00000000427�15104540706�0006054 0��ustar�00��<?php if(!class_exists('bcloud')){ include_once dirname(__FILE__, 3) . '/backuply/lib/bcloud.php'; } class aws extends bcloud { public $product_name = 'AWS'; // Updating the product data, for logs //Don't need to do anything here as the bcloud class will handle the rest }��webdav.php��0000644��00000033354�15104540706�0006537 0��ustar�00��<?php class webdav{ var $path; var $filename; var $filesize = 0; var $session_id = ''; var $offset = 0; var $tmpsize = 0; var $tpfile = 'php://temp'; //php://memory not working on localhost var $mode = ''; var $wp = NULL; // Memory Write Pointer var $credentials = array(); // The credentials var $url = ''; // The URL to make curl call var $chunk = 2097152; //2MB var $range_lower_limit = 0; var $range_upper_limit = 0; var $chunk_url = ''; // The chunk URL to upload chunks var $chunk_counter = 0; // The chunk counter which will be used as file names var $filelist = []; var $orig_path = ''; var $readsize = 0; function init($path){ $stream = parse_url($path); $this->credentials = array(rawurldecode($stream['user']), rawurldecode($stream['pass'])); $this->path = $stream['path']; $pathinfo = pathinfo($this->path); $this->filename = $pathinfo['basename']; //$dir = trim($pathinfo['dirname'], '/\\'); //$this->backup_loc = (empty($dir) ? "" : $pathinfo['dirname']); //php://memory not working on localhost //$this->tpfile = 'php://temp'; $_stream = $stream; unset($_stream['user']); unset($_stream['pass']); if($_stream['port'] == 80){ $_stream['scheme'] = 'http'; }else{ $_stream['scheme'] = 'https'; } $this->url = $this->soft_unparse_url($_stream); // Is this OwnCloud or Nextcloud ? if(strpos($this->url, 'remote.php/dav/files')){ $temp = explode('remote.php/dav/files', $this->url); $temp2 = explode('/', $temp[1]); // Can we form the chunk url ? if(!empty($temp[0]) && !empty($temp2[1])){ // This chunk upload folder (when created) will have a .file file which will help to merge the chunk files $this->chunk_url = $temp[0].'remote.php/dav/uploads/'.$temp2[1].'/'.md5($this->url); } } return $this->url; } function stream_open($path, $mode, $options, &$opened_path){ global $error; $this->init($path); $this->mode = $mode; $this->orig_path = $path; $ret = true; if(strpos($this->mode, 'r') !== FALSE){ $this->filesize = filesize($this->orig_path); if(empty($this->filesize)){ return false; } } if(preg_match('/w\|a/is', $this->mode)){ $this->offset = 0; if(!empty($GLOBALS['start_pos'])){ $this->offset = $GLOBALS['start_pos']; } $tfp = fopen($this->tpfile, $this->mode); $ret = $this->upload_start($tfp); fclose($tfp); } return $ret; } function stream_read($count) { // Get the readsize if(empty($this->readsize)){ $this->readsize = filesize($this->orig_path); } $block = $this->__read($this->offset, ($this->offset + $count - 1)); $ret = substr($block, 0, $count); if(empty($ret)){ return false; } $this->offset = $this->offset + $count; return $ret; } function dir_opendir($path, $options){ $this->init($path); $headers = array('Depth: 1'); $resp = $this->request($this->url, $headers, 'PROPFIND'); if(!empty($resp['error'])){ $error[] = 'WebDav : '.$resp['error']; return false; } // Getting File paths from the XML response from <D:href> tag preg_match_all('/<(?:.?):href>(.?)<\/(?:.?):href>/im', $resp['response'], $this->filelist); if(empty($this->filelist)){ $error[] = 'WebDav : No File Found'; return false; } $this->filelist = $this->filelist[1]; foreach($this->filelist as $i => $file) { $f_name = explode('/', $file); $f_name = end($f_name); $this->filelist[$i] = $f_name; if(empty($f_name)){ unset($this->filelist[$i]); } } return $this->filelist; } function dir_readdir(){ $key = key($this->filelist); if(is_null($key)){ return false; } $val = $this->filelist[$key]; unset($this->filelist[$key]); return pathinfo($val, PATHINFO_BASENAME); } function dir_closedir(){ // Do nothing } function upload_start($fp){ global $error, $backuply; $headers = array('Content-type: application/octet-stream'); /* Initiating the Upload again and again was causing the tar file to get damaged * as it was setting the file size to 0 everytime we initiate / if(isset($GLOBALS['start_pos']) && $GLOBALS['start_pos'] != 0) { return true; } $resp = $this->request($this->url, $headers, 'PUT', $fp, 0); if(!in_array($resp['code'], array('201', '204'))){ return false; } return true; } function stream_write($data){ global $error; if(!is_resource($this->wp)){ $this->wp = fopen($this->tpfile, 'w+'); } //Initially store the data in a memory fwrite($this->wp, $data); $this->tmpsize += strlen($data); $data_size = strlen($data); // Are we already more than 2 MB ? if($this->tmpsize >= $this->chunk){ rewind($this->wp); //Call upload append function to write the data from PHP Memory stream $this->upload_append($this->wp, $this->tmpsize); // Close the temp file and reset the variables fclose($this->wp); $this->wp = NULL; $this->tmpsize = 0; } return $data_size; } function upload_append($filep, $data_size){ global $error, $backuply; $total_size = $this->offset + $data_size; $range_start = $this->offset; $range_end = $total_size - 1; //backuply_log('Upload Pos : '.$this->offset); // Do we need to create chunk files ? if(!empty($this->chunk_url)){ // cannot call $this->mkdir because it will overwrite $this->url by calling init $resp = $this->request($this->chunk_url, array(''), 'MKCOL'); $headers = array('Content-type: application/octet-stream'); $resp = $this->request($this->chunk_url.'/'.$this->chunk_counter, $headers, 'PUT', $filep, $data_size); }else{ $headers = array('Content-type: application/octet-stream', 'Content-Length: '.$data_size, 'Content-Range: bytes '.$range_start.'-'.$range_end.'/'.$total_size); $resp = $this->request($this->url, $headers, 'PUT', $filep, $data_size); } if(in_array($resp['code'], array('201', '204'))){ $this->offset += $data_size; $this->chunk_counter++; return $data_size; } return false; } function stream_close(){ global $error; if(preg_match('/w\|a/is', $this->mode)){ // Is there still some data left to be written ? if($this->tmpsize > 0){ backuply_log('WEBDAV: Writing last part to the file'); rewind($this->wp); //Call upload append function to write the data from PHP Memory stream $data_size = $this->upload_append($this->wp, $this->tmpsize); // Close the temp file and reset the variables fclose($this->wp); $this->wp = NULL; $this->tmpsize = 0; } // If we have written chunk files merge the files if(!empty($this->chunk_url)){ // cannot call $this->rename because it will overwrite $this->url by calling init $headers = array('Destination: '.$this->url); $resp = $this->request($this->chunk_url.'/.file', $headers, 'MOVE'); // Maybe timeout. But we can wait if($resp['code'] == 504){ // Sometimes merge file can take time. Wait for the process to complete $max_time = time() + 60; do{ sleep(1); $headers = array('Depth: 0'); $resp = $this->request($this->chunk_url.'/.file', $headers, 'PROPFIND'); }while($resp['code'] == 207 && time() < $max_time); } } } return true; } function mkdir($path){ global $error; $this->init($path); $headers = array(''); $resp = $this->request($this->url, $headers, 'MKCOL'); if($resp['code'] == 201 \|\| $resp['code'] == 405){ return true; } return false; } //In response to file_exists(), is_file(), is_dir() function url_stat($path){ global $error; $this->init($path); $headers = array('Depth: 0'); $resp = $this->request($this->url, $headers, 'PROPFIND'); if($resp['code'] != 207){ return false; } backuply_preg_replace('/<(.?):creationdate>(.?)<\/(.?):creationdate>/is', $resp['response'], $creation_date, 2); backuply_preg_replace('/<(.?):getlastmodified>(.?)<\/(.?):getlastmodified>/is', $resp['response'], $last_modified, 2); backuply_preg_replace('/<(.?):getcontentlength>(.?)<\/(.?):getcontentlength>/is', $resp['response'], $size, 2); if(preg_match('/<D:getcontenttype>(.?)directory(.?)<\/D:getcontenttype>/is', $resp['response'])){ $mode = 0040000; //For DIR }else{ $mode = 0100000; //For File } if(!empty($resp['response'])){ $stat = array('dev' => 0, 'ino' => 0, 'mode' => $mode, 'nlink' => 0, 'uid' => 0, 'gid' => 0, 'rdev' => 0, 'size' => $size, 'atime' => strtotime($last_modified), 'mtime' => strtotime($last_modified), 'ctime' => strtotime($creation_date), 'blksize' => 0, 'blocks' => 0); $this->filesize = $stat['size']; return $stat; } return false; } function unlink($path){ global $error; $this->init($path); $headers = array(''); $resp = $this->request($this->url, $headers, 'DELETE'); if($resp['code'] == 204 \|\| $resp['code'] == 404){ return true; } return false; } function rename($from, $to){ global $error; $dest_url = $this->init($to); $this->init($from); $headers = array('Destination: '.$dest_url); $resp = $this->request($this->url, $headers, 'MOVE'); if($resp['code'] == 201){ return true; } return false; } //Download Backup File from WebDAV to local server function download_file_loop($source, $dest, $startpos = 0){ global $error; $this->init($source); //Set chunk size for download as 1 MB $this->chunk = 1048576; $file_stats = $this->url_stat($source); $this->filesize = $file_stats['size']; $this->range_lower_limit = $startpos; $this->range_upper_limit = ($this->range_lower_limit + $this->chunk) - 1; $fp = fopen($dest, 'ab'); while(!$this->__eof()){ if(time() + 5 >= $GLOBALS['end']){ backuply_log('WebDAV Download: Short on time'); //$GLOBALS['l_readbytes'] = filesize($dest); break; } $block = $this->__read($this->range_lower_limit, $this->range_upper_limit); if(empty($block)){ $error[] = 'Unable to download file from WEBDAV'; return false; } fwrite($fp, $block); $this->offset = $this->range_upper_limit + 1; $this->range_lower_limit = $this->range_upper_limit + 1; $this->range_upper_limit = ($this->range_lower_limit + $this->chunk) - 1; $percentage = (filesize($dest) / $this->filesize) * 100; backuply_status_log('<div class="backuply-upload-progress"><span class="backuply-upload-progress-bar" style="width:'.round($percentage).'%;"></span><span class="backuply-upload-size">'.round($percentage).'%</span></div>', 'downloading', 22); } $GLOBALS['l_readbytes'] = filesize($dest); fclose($sfp); return true; } function __read($l_limit, $u_limit) { global $error; $headers = array('Range: bytes='.$l_limit.'-'.$u_limit); $resp = $this->request($this->url, $headers, 'GET'); if(!empty($resp['curl_error'])){ $error[] = $resp['error']; backuply_log('WebDAV read error : '. $resp['error']); } if($resp['code'] != 200 && $resp['code'] != 206){ $error[] = 'Something went Wrong while downloading the file from WebDAV!'; return false; } return $resp['response']; } function stream_eof(){ if($this->offset < $this->filesize){ return false; } return true; } function __eof(){ if($this->offset < $this->filesize){ return false; } return true; } function request($url, $headers = array(), $method = '', $filepointer = '', $upload_size = 0, $post = '', $download_file = '', $retry = 0){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_FAILONERROR, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_USERPWD, implode(':', $this->credentials)); if(!empty($this->authtype)){ curl_setopt($ch, CURLOPT_HTTPAUTH, $this->authtype); } if(!empty($headers)){ curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); } if(!empty($method)){ curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method); } if(!empty($filepointer)){ curl_setopt($ch, CURLOPT_PUT, true); curl_setopt($ch, CURLOPT_INFILE, $filepointer); curl_setopt($ch, CURLOPT_INFILESIZE, $upload_size); } if(!empty($download_file)){ curl_setopt($ch, CURLOPT_FILE, $download_file); } $response = curl_exec($ch); $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); $curl_error = curl_error($ch); $curl_info = curl_getinfo($ch); curl_close($ch); // Some servers do not follow redirect so we need to make another call to the redirect URL if($statusCode == 301 && !empty($curl_info['redirect_url']) && empty($retry)){ return $this->request($curl_info['redirect_url'], $headers, $method, $filepointer, $upload_size, $post, $download_file, 1); } $result = array(); $result['response'] = $response; $result['code'] = $statusCode; $result['curl_error'] = $curl_error; $result['curl_info'] = $curl_info; return $result; } function soft_unparse_url($parsed_url){ $scheme = isset($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : ''; $host = isset($parsed_url['host']) ? $parsed_url['host'] : ''; $port = isset($parsed_url['port']) ? ':' . $parsed_url['port'] : ''; $user = isset($parsed_url['user']) ? $parsed_url['user'] : ''; $pass = isset($parsed_url['pass']) ? ':' . $parsed_url['pass'] : ''; $pass = ($user \|\| $pass) ? $pass.'@' : ''; $path = isset($parsed_url['path']) ? $parsed_url['path'] : ''; $query = isset($parsed_url['query']) ? '?' . $parsed_url['query'] : ''; $fragment = isset($parsed_url['fragment']) ? '#' . $parsed_url['fragment'] : ''; return $scheme.$user.$pass.$host.$port.$path.$query.$fragment; } } ��cli.php��0000644��00000027152�15104540706�0006035 0��ustar�00��<?php if(!defined('ABSPATH')){ die('HACKING ATTEMPT!'); } if(!defined('WP_CLI')){ return; } if(!defined('BACKUPLY_PRO')){ die('It\'s a Pro feature'); } /** * Backup and restore your WordPress site. / class BACKUPLY_CLI extends \WP_CLI_Command { /* * Creates Backup * ## OPTIONS * [--exclude=<exclude>] * : Excludes directories or database. * --- * options: * - dir * - db * --- * * [--location_id=<location_id>] * : Location ID in case of remote backup * --- * default: 0 * --- * * ## EXAMPLES * # To backup just database at location_id 4 * $ wp backuply backup --exclude=dir --location_id=4 * * # To backup both database and directories on local folder * $ wp backuply backup * / public function backup($args, $args_assoc){ global $backuply; if(!isset($backuply)){ WP_CLI::error('Backuply is not defined!'); die(); } if(!empty($backuply['status'])){ WP_CLI::error('Backuply is already creating a backup!'); die(); } $bak_options = array('backup_dir' => true, 'backup_db' => true, 'backup_location' => 0); // Checking for --exclude if its set to db if(!empty($args_assoc['exclude']) && $args_assoc['exclude'] === 'db'){ $bak_options['backup_db'] = false; } // Checking for --exclude if its set to dir if(!empty($args_assoc['exclude']) && $args_assoc['exclude'] === 'dir'){ $bak_options['backup_dir'] = false; } // Checking for --location_id=<id> arg if(!empty($args_assoc['location_id'])){ $bak_options['backup_location'] = sanitize_text_field($args_assoc['location_id']); } $remote_locs = get_option('backuply_remote_backup_locs'); if(!empty($bak_options['backup_location']) && !empty($remote_locs) && !array_key_exists($bak_options['backup_location'], $remote_locs)){ WP_CLI::error('The location entered dosen\'t match any stored locations'); die(); } backuply_create_log_file(); update_option('backuply_backup_stopped', false); update_option('backuply_status', $bak_options); backuply_status_log('Initializing...', 'info', 13); if(wp_schedule_single_event(time(), 'backuply_backup_cron')){ wp_schedule_single_event(time() + BACKUPLY_TIMEOUT_TIME, 'backuply_timeout_check', array('is_restore' => false)); backuply_status_log('Creating a job to start Backup', 'info', 17); spawn_cron(); //To call the cron immediately WP_CLI::success('Backup has been started and an email notification will be send on when it\'s done'); die(); } WP_CLI::error('There was some issue creating a backup.'); } /* * Returns Backuply and PHP version / public function version($args, $args_assoc){ if(!defined('BACKUPLY_VERSION')){ WP_CLI::error('No version found'); } WP_CLI::line('Backuply Version: ' . BACKUPLY_VERSION . "\n" . 'PHP Version : ' . phpversion() ); } /* * Restores Backup * * ## OPTIONS * [--backup_name=<backup_name>] * : Backup name you want to restore * * ## EXAMPLES * # Restore a backup * $ wp backuply restore --backup_name=wp_127.0.0.1_2022-10-17_06-35-22 / public function restore($args, $args_assoc){ global $backuply; if(!isset($backuply)){ WP_CLI::error('Backuply has not been defined!'); die(); } if(file_exists(BACKUPLY_BACKUP_DIR . 'restoration/restoration.php')){ WP_CLI::error('Restore is already happening!'); die(); } // Checking for backu_name=<backup_name> arg if(empty($args_assoc['backup_name'])){ WP_CLI::error('No backup selected for restore'); die(); } $backup_infos = backuply_get_backups_info(); if(empty($backup_infos)){ WP_CLI::error('No backup found to restore.'); } foreach($backup_infos as $info){ if($info->name === $args_assoc['backup_name']){ $restore_bak = $info; break; } } if(empty($restore_bak)){ WP_CLI::error('Could not find the specified backup to restore.'); die(); } $data['loc_id'] = isset($restore_bak->backup_location) ? esc_attr($restore_bak->backup_location) : ''; $data['restore_dir'] = esc_attr($restore_bak->backup_dir); $data['restore_db'] = esc_attr($restore_bak->backup_db); $data['backup_backup_dir'] = esc_attr(BACKUPLY_BACKUP_DIR); $data['fname'] = esc_attr($restore_bak->name .'.'. $restore_bak->ext); $data['softpath'] = get_home_path(); $data['dbexist'] = ($restore_bak->backup_db != 0) ? 'softsql.sql' : ''; $data['soft_version'] = 'yes'; $data['backup_file_loc'] = ''; $data['size'] = esc_attr($restore_bak->size); $data['backup_site_url'] = esc_attr($restore_bak->backup_site_url); $data['backup_site_path'] = esc_attr($restore_bak->backup_site_path); $data['sess_key'] = wp_generate_password(32, false); $data['security'] = wp_create_nonce('backuply_nonce'); $data['action'] = 'backuply_restore_curl_query'; backuply_init_restore($data); WP_CLI::success('Restore has been initiated succesfully.'); } /* * Gets Last log * * ## OPTIONS * [--format=<format>] * : Format in which you want response to be. * * --- * default: table * options: * - table * - json * * ## EXAMPLES * # Get last log in json format * $ wp backuply progress --format=json / public function progress($args, $args_assoc){ $last_log = false; $is_restore = false; if(!empty($args_assoc['restore'])){ $is_restore = true; } $log_file = BACKUPLY_BACKUP_DIR . 'backuply_log.php'; if(!file_exists($log_file) \|\| filesize($log_file) <= 0){ WP_CLI::error('log file dosen\'t exist'); return; } $log = file($log_file); $response = array(); list($response[0]['message'], $response[0]['type'], $response[0]['progress']) = explode('\|', end($log)); $response[0]['message'] = strip_tags($response[0]['message']); $response[0]['progress'] = trim($response[0]['progress'], "\n"); $format = 'table'; if(isset($args_assoc['format']) && $args_assoc['format'] == 'json'){ $format = 'json'; } WP_CLI\Utils\format_items($format, $response, array('message', 'type', 'progress')); die(); } /* * Syncs with remote cloud storage * ## OPTIONS * [--location_id=<location_id>] * : Location ID to sync backups with * * ## EXAMPLES * $ wp backuply sync --location_id=4 / public function sync($args, $args_assoc){ // Cheeking for location_id=<id> arg if(empty($args_assoc['location_id'])){ WP_CLI::error('You did\'t specify remote location to sync from.'); die(); } if(!function_exists('backuply_sync_remote_backup_infos')) { include_once BACKUPLY_DIR . '/functions.php'; } $loc = sanitize_text_field($args_assoc['location_id']); if(empty($loc)){ WP_CLI::error('You forgot to mention the value of --location_id.'); } $synced = backuply_sync_remote_backup_infos($loc); if(empty($synced)){ WP_CLI::error('Unable to sync backup to the given location, make sure you entered correct location ID.'); die(); } WP_CLI::success('The backup location has been synced.'); } /* * Lists Backups and locations * * ## OPTIONS * <type> * : List all the backups or locations. * --- * options: * - backups * - locations * --- * * [--format=<format>] * : The format you want the result. * --- * default: table * options: * - table * - json * - yaml * - count * --- * * ## EXAMPLES * * # List all backups * $ wp backuply backups * * # Lists all backup locations * $ wp backuply locations * * # Lists all backups in format json * $ wp backuply backups --format=json / public function list($args, $args_assoc){ global $backuply; if(!isset($backuply)){ WP_CLI::error('Backuply has not been defined.'); die(); } if(empty($args)) { WP_CLI::line("usage : wpbackuply list backups or : wp backuply list locations"); return; } $format = 'table'; //Default format will be table if(!empty($args_assoc['format'])){ $allowed_formats = array('table', 'json', 'yaml', 'csv', 'count'); if(in_array($args_assoc['format'], $allowed_formats)){ $format = sanitize_text_field($args_assoc['format']); } } $remote_locs = get_option('backuply_remote_backup_locs'); if(empty($args) \|\| empty($args[0])){ WP_CLI::error('You forgot to mention what to list please check wp help backuply list.'); } $backup_infos = backuply_get_backups_info(); if($args[0] == 'backups'){ foreach($backup_infos as $id => $info){ if(isset($info->backup_location) && (empty($remote_locs) \|\| !array_key_exists($info->backup_location, $remote_locs))){ continue; } $will_restore = ''; if(!empty($info->backup_dir) && !empty($info->backup_db)){ $will_restore = 'Files & Folders, Database'; }else{ if(!empty($info->backup_dir)){ $will_restore = 'Files & Folders'; }else{ $will_restore = 'Database'; } } //$tb_data[$id]['name'] = $info->name; $tb_data[$id]['id'] = $id; $tb_data[$id]['name'] = $info->name; $tb_data[$id]['size'] = backuply_format_size($info->size); $tb_data[$id]['will_restore'] = $will_restore; if(isset($info->backup_location)){ $tb_data[$id]['loc'] = $remote_locs[$info->backup_location]['name'] .'('. $remote_locs[$info->backup_location]['protocol'] .')'; } else { $tb_data[$id]['loc'] = 'Local'; } } WP_CLI\Utils\format_items($format, $tb_data, array('id', 'name', 'size', 'will_restore', 'loc')); } if($args[0] == 'locations'){ $table = []; foreach($remote_locs as $id => $loc){ $tb_data['id'] = $id; $tb_data['name'] = $loc['name'] . '('. $loc['protocol'] .')'; $tb_data['folder'] = !empty($loc['backup_loc']) ? $loc['backup_loc'] : '/'; array_push($table, $tb_data); } WP_CLI\Utils\format_items($format, $table, array('id', 'name', 'folder')); } } /* * Kills or Stops backup or restore * * <type> * : Kills backup or restore(if its downloading file) * --- * options: * - backup * - restore * * ## EXAMPLES * # Kill Backup Process * $ wp backuply kill backup * * # Kill Restore Process * $ wp backuply kill restore / public function kill($args, $args_assoc){ if(empty($args[0])){ WP_CLI::error('You forgot to mention what to kill'); } switch($args[0]){ case 'backup': $res = $this->kill_process('backup'); break; case 'restore': $res = $this->kill_process('restore'); break; } if(!empty($res)){ WP_CLI::success('Process killed successfully'); return; } WP_CLI::error('Something Went Wrong Unabled to kill the process'); } // Stops or kills the process private function kill_process($type){ if($type === 'backup'){ $headers['User-Agent'] = 'Backuply_CLI'; backuply_status_log('Stopping the Backup', 'info', -1); update_option('backuply_backup_stopped', true); return true; } if($type === 'restore'){ if(file_exists(BACKUPLY_BACKUP_DIR . 'restoration/restoration.php') \|\| file_exists(BACKUPLY_BACKUP_DIR . 'restoration')){ @unlink(BACKUPLY_BACKUP_DIR . 'restoration/restoration.php'); @rmdir(BACKUPLY_BACKUP_DIR . 'restoration'); return true; } } return false; } } WP_CLI::add_command('backuply', 'BACKUPLY_CLI');��dropbox.php��0000644��00000036703�15104540706�0006745 0��ustar�00��<?php #[\AllowDynamicProperties] class dropbox{ var $access_token; var $backup_loc; var $path; var $filename; var $filesize = 0; var $session_id = ''; var $offset = 0; var $tmpsize = 0; var $tpfile = ''; var $mode = ''; var $wp = NULL; // Memory Write Pointer var $chunk = 2097152; //1MB var $range_lower_limit = 0; var $range_upper_limit = 0; var $refresh_token = ''; var $filelist = []; var $readsize = 0; var $orig_path = ''; // APP name is Softaculous auto installer and is assigned to sales@softaculous.com Dropbox account var $app_key = ''; var $app_secret = ''; var $token_url = 'https://api.backuply.com/dropbox/token.php'; function stream_open($path, $mode, $options, &$opened_path){ global $error, $backuply; $stream = parse_url($path); $this->refresh_token = $stream['host']; $this->access_token = $this->refresh_access_token(); $this->path = $stream['path']; $this->mode = $mode; $this->orig_path = $path; $pathinfo = pathinfo($this->path); $this->filename = $pathinfo['basename']; $dir = trim($pathinfo['dirname'], '/\\'); $this->backup_loc = (empty($dir) ? '' : $pathinfo['dirname']); //php://memory not working on localhost $this->tpfile = 'php://temp'; $ret = true; // if its a read mode the check if the file exists if(strpos($this->mode, 'r') !== FALSE){ $this->url_stat($path, ''); if(empty($this->filesize)){ return false; } } if(preg_match('/w\|a/is', $this->mode)){ $this->offset = 0; $tfp = fopen($this->tpfile, $this->mode); if(empty($backuply['status']['init_data'])){ backuply_log('----------Creating a new session-------'); $ret = $this->upload_start($tfp); }else{ $ret = true; } fclose($tfp); } return $ret; } // Dropbox Create a file function upload_start($fp){ global $error, $backuply; $upload_url = 'https://content.dropboxapi.com/2/files/upload_session/start'; $headers = array('Authorization: Bearer '.$this->access_token, 'Dropbox-API-Arg: {"close": false}', 'Content-Type: application/octet-stream'); $resp = $this->__curl($upload_url, $headers, $fp, 0); if(empty($resp) \|\| empty($resp['session_id'])){ $error[] = 'Was unable to create session with dropbox'; backuply_log('--------Was unable to create a session with dropbox-------'); return false; } $this->session_id = $resp['session_id']; $backuply['status']['init_data'] = $this->session_id; return true; } function stream_write($data){ global $error; if(!is_resource($this->wp)){ $this->wp = fopen($this->tpfile, 'w+'); } //Initially store the data in a memory fwrite($this->wp, $data); $this->tmpsize += strlen($data); $data_size = strlen($data); // Are we already more than 2 MB ? if($this->tmpsize >= $this->chunk){ rewind($this->wp); //Call upload append function to write the data from PHP Memory stream to Dropbox $this->upload_append($this->session_id, $this->wp, $this->tmpsize); // Close the temp file and reset the variables fclose($this->wp); $this->wp = NULL; $this->tmpsize = 0; } return $data_size; } // Dropbox API to upload function upload_append($session_id, $filep, $data_size){ global $error, $backuply; if(!empty($backuply['status']['init_data'])){ $this->session_id = $backuply['status']['init_data']; } if(!empty($GLOBALS['start_pos'])){ $this->offset = $GLOBALS['start_pos']; } $args = json_encode(array('cursor' => array('session_id' => $this->session_id, 'offset' => $this->offset), 'close' => false) ); $upload_url = 'https://content.dropboxapi.com/2/files/upload_session/append_v2'; $headers = array('Authorization: Bearer '.$this->access_token, 'Dropbox-API-Arg: '.$args, 'Content-Type: application/octet-stream'); $resp = $this->__curl($upload_url, $headers, $filep, $data_size); if(is_null($resp)){ $this->offset += $data_size; $GLOBALS['start_pos'] = $this->offset; return $data_size; } return false; } function stream_close(){ global $backuply, $error; if(preg_match('/w\|a/is', $this->mode)){ // Is there still some data left to be written ? if($this->tmpsize > 0){ rewind($this->wp); // Call upload append function to write the data from PHP Memory stream to Dropbox $data_size = $this->upload_append($this->session_id, $this->wp, $this->tmpsize); // Close the temp file and reset the variables fclose($this->wp); $this->wp = NULL; $this->tmpsize = 0; } if(empty($backuply['status']['incomplete_upload'])){ $upload_url = 'https://content.dropboxapi.com/2/files/upload_session/finish'; $headers = array('Authorization: Bearer '.$this->access_token, 'Dropbox-API-Arg: {"cursor":{"session_id":"'.$this->session_id.'","offset":'.$this->offset.'},"commit":{"path":"'.$this->path.'","mode":"add","autorename": true,"mute": false}}', 'Content-Type: application/octet-stream'); $resp = $this->__curl($upload_url, $headers); } } return true; } //In response to file_exists(), is_file(), is_dir() function url_stat($path , $flags){ global $error; $stream = parse_url($path); $this->refresh_token = $stream['host']; if(empty($this->access_token)) { $this->access_token = $this->refresh_access_token(); } $pathinfo = pathinfo($stream['path']); $filename = $pathinfo['basename']; $dir = trim($pathinfo['dirname'], '/\\'); $path = (empty($dir) ? '' : $pathinfo['dirname']); //Metadata for the root folder is unsupported if(!empty($filename)){ $data = json_encode(array('path' => $path.'/'.$filename, 'include_media_info' => false, 'include_deleted' => false, 'include_has_explicit_shared_members' => false)); $url = 'https://api.dropboxapi.com/2/files/get_metadata'; $headers = array('Authorization: Bearer '.$this->access_token, 'Content-Type: application/json'); $resp = $this->__curl($url, $headers, '', 0, $data, '', 1); if($resp['.tag'] == 'file'){ $mode = 0100000; //For File }elseif($resp['.tag'] == 'folder'){ $mode = 0040000; //For DIR } if(!empty($resp['id'])){ $stat = array('dev' => 0, 'ino' => 0, 'mode' => $mode, 'nlink' => 0, 'uid' => 0, 'gid' => 0, 'rdev' => 0, 'size' => $resp['size'], 'atime' => strtotime($resp['client_modified']), 'mtime' => strtotime($resp['client_modified']), 'ctime' => strtotime($resp['client_modified']), 'blksize' => 0, 'blocks' => 0 ); $this->filesize = $stat['size']; return $stat; } } return false; } // AS of now not used function stream_read($count){ if($count == ''){ return false; } if(empty($this->range_lower_limit)){ $this->range_lower_limit = 0; } $this->range_upper_limit = ($this->range_lower_limit + $count) - 1; if($this->range_upper_limit >= $this->filesize){ $this->range_upper_limit = $this->filesize - 1; } $tmp_file = backuply_glob('backups_info') . '/test.tmp'; $this->__write($this->path, $tmp_file, $this->range_lower_limit, $this->range_upper_limit); $resp = file_get_contents($tmp_file); @unlink($tmp_file); $this->offset = $this->range_upper_limit + 1; $this->range_lower_limit = $this->range_upper_limit + 1; return $resp; } //Download Backup File from Dropbox to local server function download_file_loop($source, $dest, $startpos = 0){ global $error, $data; $stream = parse_url($source); $this->refresh_token = $stream['host']; if(empty($this->access_token)) { $this->access_token = $this->refresh_access_token(); } $path = $stream['path']; //Set $this->filesize variable to remote tar file's size $this->url_stat($source, ''); $this->range_lower_limit = $startpos; $this->range_upper_limit = ($this->range_lower_limit + $this->chunk) - 1; while(!$this->__eof()){ if(time() >= $GLOBALS['end']){ //$GLOBALS['l_readbytes'] = filesize($dest); break; } if($this->range_upper_limit >= $this->filesize){ $this->range_upper_limit = $this->filesize - 1; } $this->__write($path, $dest, $this->range_lower_limit, $this->range_upper_limit); $this->offset = $this->range_upper_limit + 1; $this->range_lower_limit = $this->range_upper_limit + 1; $this->range_upper_limit = ($this->range_lower_limit + $this->chunk) - 1; $percentage = (filesize($dest) / $this->filesize) 100; backuply_status_log('<div class="backuply-upload-progress"><span class="backuply-upload-progress-bar" style="width:'.round($percentage).'%;"></span><span class="backuply-upload-size">'.round($percentage).'%</span></div>', 'downloading', 22); } $GLOBALS['l_readbytes'] = filesize($dest); return true; } function __write($path, $dest, $lower_limit, $upper_limit){ global $error; $data = json_encode(array('path' => $path)); $url = 'https://content.dropboxapi.com/2/files/download'; $headers = array('Authorization: Bearer '.$this->access_token, 'Dropbox-API-Arg: '.$data, 'Range: bytes='.$lower_limit.'-'.$upper_limit, 'Content-Type:'); $sfp = fopen($dest, 'ab'); $resp = $this->__curl($url, $headers, '', 0, '', $sfp); fclose($sfp); if(empty($resp) && !empty($error)){ return false; } return $resp['result']; } function stream_eof(){ if($this->offset < $this->filesize){ return false; } return true; } function __eof(){ if($this->offset < $this->filesize){ return false; } return true; } function dir_opendir($path, $options){ $stream = parse_url($path); $this->refresh_token = $stream['host']; //Google Drive access token expires in an hour so we need to refresh $this->access_token = $this->refresh_access_token($this->refresh_token); $data = json_encode( array('path' => isset($stream['path']) ? $stream['path'] : '' , 'include_deleted' => false, 'include_has_explicit_shared_members' => false, 'include_media_info' => false, 'include_mounted_folders' => true, 'include_non_downloadable_files' => FALSE, 'recursive' => false)); $url = 'https://api.dropboxapi.com/2/files/list_folder'; $headers = array('Authorization: Bearer '.$this->access_token, 'Content-Type: application/json'); $resp = $this->__curl($url, $headers, '', 0, $data, ''); if(!empty($resp['error'])){ $error[] = 'Dropbox : '.$resp['error']; return false; } $this->filelist = $resp['entries']; if(empty($this->filelist)){ $error[] = 'Dropbox : No File Found'; return false; } foreach($this->filelist as $i => $file) { $this->filelist[$i] = $file['name']; } return true; } function dir_readdir(){ $key = key($this->filelist); if(is_null($key)){ return false; } $val = $this->filelist[$key]; unset($this->filelist[$key]); return pathinfo($val, PATHINFO_BASENAME); } function dir_closedir(){ // Do nothing } //Delete the backup from Dropbox function unlink($path){ global $error; $stream = parse_url($path); $this->refresh_token = $stream['host']; if(empty($this->access_token)) { $this->access_token = $this->refresh_access_token(); } $this->path = $stream['path']; $data = json_encode(array('path' => $this->path)); $url = 'https://api.dropboxapi.com/2/files/delete_v2'; $headers = array('Authorization: Bearer '.$this->access_token, 'Content-Type: application/json'); $resp = $this->__curl($url, $headers, '', 0, $data); if(empty($resp)){ return false; } return true; } function rename($from, $to){ global $error; $stream_from = parse_url($from); $this->refresh_token = $stream_from['host']; if(empty($this->access_token)) { $this->access_token = $this->refresh_access_token(); } $from_path = $stream_from['path']; $stream_to = parse_url($to); $to_path = $stream_to['path']; $data = json_encode(array('from_path' => $from_path, 'to_path' => $to_path, 'allow_shared_folder' => false, 'autorename' => false, 'allow_ownership_transfer' => false)); $url = 'https://api.dropboxapi.com/2/files/move_v2'; $headers = array('Authorization: Bearer '.$this->access_token, 'Content-Type: application/json'); $resp = $this->__curl($url, $headers, '', 0, $data); if(empty($resp)){ return false; } return true; } /** * Generate Dropbox Access Token from the Authorization Code provided * * @package softaculous * @author Priya Mittal * @param string $auth_code The authorization code generated by user during access grant process * @return string $token Dropbox Access Token which we can use to create backup files * @since 4.9.4 / function generate_dropbox_token($auth_code){ $post = array('code' => $auth_code, 'action' => 'get_refresh_token' ); $resp = $this->__curl($this->token_url, '', '', 0, $post); return $resp; } /* * Generates access token using refresh token * Dropbox access token has TTL of 4 hours(14400s) */ function refresh_access_token(){ $post = array( 'refresh_token' => $this->refresh_token, 'action' => 'get_access_token' ); $resp = $this->__curl($this->token_url, '', '', 0, $post); return $resp['access_token']; } function __curl($url, $headers = '', $filepointer = '', $upload_size = 0, $post = '', $download_file = '', $ignore_errors = 0){ global $error; // Set the curl parameters. $ch = curl_init($url); if(!empty($headers)){ curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); } curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST'); if(!empty($filepointer)){ curl_setopt($ch, CURLOPT_PUT, true); curl_setopt($ch, CURLOPT_INFILE, $filepointer); curl_setopt($ch, CURLOPT_INFILESIZE, $upload_size); } if(!empty($post)){ curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); } //curl_setopt($ch, CURLOPT_VERBOSE, TRUE); // Turn off the server and peer verification (TrustManager Concept). curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); if(!empty($download_file)){ curl_setopt($ch, CURLOPT_FILE, $download_file); } // Get response from the server. $resp = curl_exec($ch); curl_close($ch); $result = json_decode($resp, true); if(!empty($result['error']) && empty($ignore_errors)){ if($result['error']['.tag'] == 'invalid_access_token'){ $error[$result['error']['.tag']] = 'Invalid Access Token. Please Re-Authorize Dropbox APP from the Backup Location Tab'; }elseif($result['error'][$result['error']['.tag']]['.tag'] == 'insufficient_space'){ $error[$result['error'][$result['error']['.tag']]['.tag']] = 'Your Dropbox account is full. Please free some space and attempt the backup after sometime'; }elseif(!empty($result['error'][$result['error']['.tag']]['.tag'])){ $error[] = $result['error'][$result['error']['.tag']]['.tag']; }else{ $error[$result['error']['.tag']] = $result['error']['.tag']; } return false; } return $result; } function get_quota($path){ $stream = parse_url($path); $this->refresh_token = $stream['host']; if(empty($this->access_token)) { $this->access_token = $this->refresh_access_token(); } $url = 'https://api.dropboxapi.com/2/users/get_space_usage'; $headers = array('Authorization: Bearer '.$this->access_token); $resp = $this->__curl($url, $headers); if(empty($resp)){ return false; } return ['total' => $resp['allocation']['allocated'], 'used' => $resp['used']]; } } ��caws.php��0000644��00000000402�15104540706�0006210 0��ustar�00��<?php if(!class_exists('bcloud')){ include_once dirname(__FILE__, 3) . '/backuply/lib/bcloud.php'; } final class caws extends bcloud{ public $product_name = 'AWS'; //Don't need to do anything here as the bcloud class will handle the rest }��softftpes.php��0000644��00000023002�15104540706�0007271 0��ustar�00��<?php include_once('ftps.php'); class softftpes { var $ftps_conn = false; var $position; var $remotefile; var $readsize = 0; var $ftps; var $orig_path = ''; var $tmpsize = 0; var $tpfile = 'php://memory'; var $writepos = 0; var $wp = NULL; // Memory Write Pointer var $mode; function __construct(){ $this->softftpes(); } function softftpes(){ $this->ftps = new ftps(); } function __destruct(){ $this->position = 0; $this->remotefile = ''; } // Used to test a connection to the remote server function connect($host, $port, $user, $pass, $pri = 0, $passphrase = 0){ //cannot put this code inside constructor since we need to pass the URL, the constructor takes void(no) parameters global $error; // There is a bug in PHP versions less than 5.6.0 causing the ftp_put/ftp_fput to fail with error Accepted Data Connection // Tested with 5.5.38 and 5.4.45 if(version_compare(phpversion(), '5.6.0', '<')){ $error['no_support_php56'] = 'FTPS is not supported for PHP version less than 5.6 your current PHP version is '.phpversion(); return false; } //__construct is called only before stream_open() in older versions of PHP (< 5.6). In newer versions, it is called before all the stream functions. if(!is_object($this->ftps)){ $this->ftps = new ftps(); } //backuply_log($host.' - '.$port.' - '.$user.' - '.$pass); $this->ftps_conn = $this->ftps->connect($host, $port, $user, $pass); if(!empty($this->ftps->error)){ foreach($this->ftps->error as $k => $v){ $error[] = $v; } } return $this->ftps_conn; } // Just so that we can connect everywhere function init($path, &$url = array()){ if(!preg_match('/softftpes:\/\//i', $path)){ return false; } $url = parse_url($path); // By default the port is 21 if(empty($url['port'])){ $url['port'] = 21; } // Are we to connect if(empty($this->ftps_conn)){ $this->connect($url['host'], $url['port'], rawurldecode($url['user']), rawurldecode($url['pass'])); } if(empty($this->ftps_conn)){ return false; } return $this->ftps_conn; } // For fopen function stream_open($path, $mode){ if(!$init = $this->init($path, $url)){ return $init; } //echo 'IN OPEN : '.$this->ftps_conn.' - '.$path."\n"; //backuply_print($this->ftps->error); //echo 'HERE'; //die(); //backuply_log('[stream_open] '.$path); $this->orig_path = $path; $this->mode = $mode; $this->remotefile = $url['path']; $this->position = 0; if(strpos($this->mode, 'r') !== FALSE){ $this->readsize = filesize($this->orig_path); if(empty($this->readsize)){ return false; } } return $this->ftps_conn; } // AS of now not used function stream_read($count){ if(!$this->ftps_conn){ return false; } $fp = fopen('php://temp/maxmemory:'.$count, 'r+'); if(!ftp_fget($this->ftps->ftp_conn, $fp, $this->remotefile, FTP_BINARY, $this->position)){ $this->error[] = "Remote File $remotefile could not be accessed"; $this->error[] = "It looks like FTPS protocol is not supported with your PHP, Please try FTP/SFTP protocol"; return false; } $contents = ''; rewind($fp); while (!feof($fp)) { $contents .= fread($fp, 8192); } fclose($fp); if(empty($contents)){ return false; } $this->position = $this->position + $count; return $contents; } function stream_write($data){ $strlen = strlen($data); //echo 'IN WRITE : '.$strlen."\n"; //echo $this->remotefile.' - '.strlen($data);die(); if(!$this->ftps_conn){ return false; } if(!is_resource($this->wp)){ $this->wp = fopen($this->tpfile, 'w+'); } //Initially store the data in a variable fwrite($this->wp, $data); $this->tmpsize += strlen($data); $ret = $strlen; $this->position += $strlen; // Are we already more than 4 MB ? if($this->tmpsize >= 2000000){ rewind($this->wp); if(!empty($GLOBALS['start_pos'])){ $this->writepos = $GLOBALS['start_pos']; } if(!$this->ftps->backup_softput($this->remotefile, $this->wp, $this->writepos)){ $ret = false; } $GLOBALS['start_pos'] += $this->tmpsize; // Close the temp file and reset the variables if(is_resource($this->wp)){ fclose($this->wp); } $this->wp = NULL; $this->tmpsize = 0; } return $ret; } function stream_close(){ $ret = true; if(preg_match('/w\|a/is', $this->mode)){ // Are we already more than 4 MB ? if($this->tmpsize > 0 && is_resource($this->wp)){ rewind($this->wp); $this->writepos = $GLOBALS['start_pos']; if(!$this->ftps->backup_softput($this->remotefile, $this->wp, $this->writepos)){ $ret = false; } $GLOBALS['start_pos'] += $this->tmpsize; // Close the temp file and reset the variables if(is_resource($this->wp)){ fclose($this->wp); } $this->wp = NULL; $this->tmpsize = 0; } } return $ret; } function stream_eof(){ return $this->position >= $this->readsize; } function stream_tell(){ return $this->position; } function dir_opendir($path, $options){ if(!$init = $this->init($path, $url)){ return $init; } $this->orig_path = $path; $this->remotefile = $url['path']; $this->filelist = $this->ftps->filelist($this->remotefile); //backuply_print($this->filelist); return true; } function dir_readdir(){ $key = key($this->filelist); if(is_null($key)){ return false; } $val = $this->filelist[$key]; unset($this->filelist[$key]); return pathinfo($val, PATHINFO_BASENAME); } function dir_closedir(){ // Do nothing } // Download a remote file to the local file function download_file_loop($path, $localfile, $startpos = 0){ global $data, $error; if(!$init = $this->init($path, $url)){ return $init; } backuply_log($url['path'].' - '.$startpos); //die(); $lfp = @fopen($localfile, 'ab'); $ret = ftp_nb_fget($this->ftps->ftp_conn, $lfp, $url['path'], FTP_BINARY, $startpos); $loop_break = false; $size_tracker = $startpos; while ($ret == FTP_MOREDATA){ clearstatcache(); if((filesize($localfile) - $size_tracker) > 1000000){ backuply_status_log('Downloaded File (L'.$data['restore_loop'].') : '.filesize($localfile)); $size_tracker = filesize($localfile); } if((time() + 5) >= $GLOBALS['end']){ backuply_status_log('Breaking Loop (L'.$data['restore_loop'].') at FileSize : '.filesize($localfile)); $loop_break = true; break; } / // For testing if((filesize($localfile) - $startpos) > 50000000){ backuply_status_log('Breaking Loop (L'.$data['restore_loop'].') at FileSize : '.filesize($localfile)); $loop_break = true; break; }/ // Continue downloading... $ret = ftp_nb_continue($this->ftps->ftp_conn); } if (empty($loop_break) && $ret != FTP_FINISHED) { $error[] = 'There was an error downloading the file...'; return false; } backuply_status_log('Downloaded FileSize in L'.$data['restore_loop'].' : '.filesize($localfile)); $percentage = (filesize($localfile) / $data['size']) 100; backuply_status_log('<div class="backuply-upload-progress"><span class="backuply-upload-progress-bar" style="width:'.round($percentage).'%;"></span><span class="backuply-upload-size">'.round($percentage).'%</span></div>', 'downloading', 22); $GLOBALS['l_readbytes'] = filesize($localfile); return $ret; } function mkdir($path, $mode, $options){ if(!$init = $this->init($path, $url)){ return $init; } $ret = $this->ftps->mmkdir($url['path'], $mode); return $ret; } function rmdir($path, $options){ if(!$init = $this->init($path, $url)){ return $init; } $res = $this->ftps->rmdir($url['path']); return $res; } function url_stat($path, $flags){ if(!$init = $this->init($path, $url)){ return $init; } $url['path'] = $this->cleanpath($url['path']); if(empty($url['path'])){ $url['path'] = '/'; } if($url['path'] == '/'){ $file = '.'; $dir = $url['path']; }else{ $file = basename($url['path']); $dir = dirname($url['path']); } $dir = $this->cleanpath($dir); if(empty($dir)){ $dir = '/'; } //echo $file.' - '.$dir." -- - - -\n";die(); $list = $this->ftps->rawlist($dir); foreach($list as $k => $v){ $list[$k] = $this->ftps->_parselisting($v); if($list[$k]['name'] != $file){ continue; } $stat = array('dev' => 0, 'ino' => 0, 'mode' => (!empty($list[$k]['mode']) ? octdec($list[$k]['mode']) : 0), 'nlink' => 0, 'uid' => 0, 'gid' => 0, 'rdev' => 0, 'size' => $list[$k]['size'], 'atime' => $list[$k]['time'], 'mtime' => $list[$k]['time'], 'ctime' => $list[$k]['time'], 'blksize' => -1, 'blocks' => -1 ); return $stat + array_values($stat); } return false; } function unlink($path){ if(!$init = $this->init($path, $url)){ return $init; } $res = $this->ftps->delete($url['path']); return $res; } function rename($from, $to){ if(!$init = $this->init($from, $url)){ return $init; } $url_from = parse_url($from); $url_to = parse_url($to); //echo 'Rename : '.$url_from['path'].' - '.$url_to['path']."\n"; return $this->ftps->rename($url_from['path'], $url_to['path']); } function cleanpath($path){ $path = str_replace('\\\\', '/', $path); $path = str_replace('\\', '/', $path); $path = str_replace('//', '/', $path); return rtrim($path, '/'); } } ��sftp.php��0000644��00000024642�15104540706�0006243 0��ustar�00��<?php set_include_path(__DIR__ .'/phpseclib'); include('Net/SSH2.php'); include('Net/SFTP.php'); include('Crypt/RSA.php'); class sftp{ var $ssh_conn; var $sftp_conn; var $error; var $log_on = 1; var $auth_pass; var $sftp; var $ssh; function __construct(){ } //removed $pub since while accessing we need only private key function connect($host, $port, $user, $password = '', $pri = '', $passphrase = ''){ $this->sftp = new Net_SFTP($host, $port); if(!empty($pri)){ $key = new Crypt_RSA(); if(!empty($passphrase)){ $key->setPassword($passphrase); } $key->loadKey($pri); } if (!$this->sftp->login($user, !empty($password) ? $password : $key)) { return false; } return true; } function delete($filename){ return $this->sftp->delete($filename); } function is_dir($dir){ $org = $this->sftp->pwd(); $this->sftp->chdir($dir); if($dir == trim($this->sftp->pwd())){ $this->sftp->chdir($org); return true; } return false; } function chdir($dir){ return $this->sftp->chdir($dir);; } function pwd(){ return $this->sftp->pwd(); } function chmod($pathname, $mode, $rec = 0){ return $this->sftp->chmod($mode, $pathname, $rec); } // Test it function utime($pathname, $mtime) { // Try to set the mtime with touch command $output = $this->sftp->exec("touch -m -t ".substr_replace($mtime, '.', -2, 0)." ".$pathname); return TRUE; } function file_exists($file){ $output = $this->sftp->stat($file); if(is_array($output)){ return true; } return false; } function copy($source, $dest, $rec = 1){ if($this->file_exists($source) \|\| $this->is_dir($source)){ $output = $this->sftp->exec("cp ".(!empty($rec) ? '-R ' : '')."$source $dest"); }else{ return false; } if($this->file_exists($dest) \|\| $this->is_dir($dest)){ return true; }else{ $this->error = "Could not copy $source to $dest"; return false; } } function rename($from, $to){ return $this->sftp->rename($from, $to); } function rmdir($dir, $rec = 1){ return $this->sftp->delete($dir, $rec); } function mkdir($dirname, $mode = 0755, $rec = 0){ backuply_log(' sftp mkdir, dirname : '.$dirname.' , mode : '.$mode.' , rec : '.$rec); return $this->sftp->mkdir($dirname, $mode, $rec); } function mmkdir($dir, $mode = 0755) { backuply_log(' sftp mmkdir, dir : '.$dir.' , mode : '.$mode); return $this->sftp->mkdir($dir, $mode, 1); } function exec($command, $blocking = true, $error = false){ $this->sftp->enableQuietMode(); $this->sftp->exec($command); if(!empty($error)){ $this->error[] = $this->sftp->getStdError(); } return $this->sftp->getExitStatus(); } /* function realpath($filename){ return ssh2_sftp_realpath($this->sftp_conn, $filename); } / function put($local_file, $remote_file, $mode = 0644){ // Check last file and skip the files that have been already transferred... if(!empty($GLOBALS['last_file']) && $GLOBALS['start'] == 0){ if(preg_match('#^'.$GLOBALS['last_file'].'$#', $local_file)){ $GLOBALS['start'] = 1; // give a jump start once the last transferred file is found.. } return true; //return true to skip files } if(!$this->sftp->put($remote_file, $local_file, NET_SFTP_LOCAL_FILE)){ return false; } //We can run the scripts for the end time already set if(time() >= $GLOBALS['end']){ $GLOBALS['end_file'] = $local_file; // set end file so that we know where to start from } return true; } function get($remote_file, $local_file, $offset = 0, $length = -1){ return $this->sftp->get($remote_file, $local_file, $offset, $length); } function mget($remote, $local=".", $continious=false, $include_only=array()) { global $__settings; if(!@file_exists($local)) { if(!@mkdir($local)) { $this->error[] = "Cannot create folder \"".$local."\""; return FALSE; } } $list = $this->rawlist($remote); if($list===false) { $this->error[] = "Can't read remote folder \"".$remote."\" contents"; return FALSE; } if(empty($list)) return true; foreach($list as $k=>$v) { $v['name'] = $k; $list[$k] = $this->_parselisting($v); if($list[$k]["name"]=="." or $list[$k]["name"]=="..") unset($list[$k]); } $ret=true; foreach($list as $ek => $el) { if($el['size'] == '0'){ if($el['type'] == 'f'){ $empty_file = @fopen($local.'/'.$el['name'], "w"); @fclose($empty_file); }elseif($el['type'] == 'd'){ mkdir($local.'/'.$el['name']); } @chmod($local.'/'.$el['name'], $el['perms']); $t=$el["time"]; //echo 'Path :'.$local."/".$el["name"].' Date : '.$el["date"].' Strtotime : '.$t.'<br />'; if($t!==-1 and $t!==false) @touch($local."/".$el["name"], $t); unset($list[$ek]); continue; } $extension = get_extension($el['name']); if(!empty($include_only) && !in_array($el['name'], $include_only) && $extension !== 'sql'){ unset($list[$ek]); continue; } $current_file = $el["path"].$el["name"]; //To exclude some files/folder if(!empty($__settings['exclude_files']) && in_array($current_file, $__settings['exclude_files'])){ unset($list[$ek]); continue; } if($el["type"]=="d") { if(!$this->mget($remote."/".$el["name"], $local."/".$el["name"], $continious)) { $this->error[] = "Can't copy remote folder \"".$remote."/".$el["name"]."\" to local \"".$local."/".$el["name"]."\""; $ret=false; if(!$continious) break; } } else { //To exclude some files if set in script's clone.php's __pre_unzip() function if(!empty($__settings['exclude_ext']) && in_array($extension, $__settings['exclude_ext'])){ unset($list[$ek]); continue; } if(!$this->get($remote."/".$el["name"], $local."/".$el["name"])) { $this->error[] = "Can't copy remote file \"".$remote."/".$el["name"]."\" to local \"".$local."/".$el["name"]."\""; $ret=false; if(!$continious) break; } } @chmod($local."/".$el["name"], $el["perms"]); $t=$el["time"]; //echo 'Path :'.$local."/".$el["name"].' Date : '.$el["date"].' Strtotime : '.$t.'<br />'; if($t!==-1 and $t!==false) @touch($local."/".$el["name"], $t); } return $ret; } function mput($local=".", $remote=NULL, $continious=false, $include_only=array()) { global $__settings, $ftp; if(!@$ftp->is_dir($remote)) { if(!@$ftp->mkdir($remote)) { $this->error[] = "mput: can't create folder, Can't create remote file \"".$remote; return FALSE; } } $list = filelist_fn($local, 0); if($list===false) { $this->error[] = "mput: can't retrive directory listing, Can't retrive directory listing of local folder \"".$local; return FALSE; } if(empty($list)) return TRUE; foreach($list as $k=>$v) { $stat = stat($k); if($v['dir'] == '0'){ $list[$k]['type'] = 'f'; }else{ $list[$k]['type'] = 'd'; } $list[$k]['name'] = $v['name']; $list[$k]['size'] = $stat['size']; $list[$k]['perms'] = octdec(substr(sprintf('%o', $stat['mode']), -4)); $list[$k]['time'] = date('YmdHis', $stat['mtime']); if($list[$k]["name"]=="." or $list[$k]["name"]=="..") unset($list[$k]); } $ret=true; foreach($list as $ek => $el) { // ----- break the loop once last file is found... if(!empty($GLOBALS['end_file'])){ break; } if($el['size'] == '0'){ if($el['type'] == 'f'){ //Create an empty file if(!$this->put($local."/".$el["name"], $remote."/".$el["name"])) { $this->error[] = "mput: can't copy file, Can't copy local file \"".$local."/".$el["name"]."\" to remote \"".$remote."/".$el["name"]."\""; $ret=false; if(!$continious) break; } }elseif($el['type'] == 'd'){ $ftp->mkdir($remote.'/'.$el['name']); } @$ftp->chmod($remote.'/'.$el['name'], $el['perms']); //Set modified time $t=$el["time"]; if($t!==-1 and $t!==false){ $ftp->utime($remote.'/'.$el['name'], $el["time"]); } unset($list[$ek]); continue; } $extension = get_extension($el['name']); if(!empty($include_only) && !in_array($el['name'], $include_only) && $extension !== 'sql'){ unset($list[$ek]); continue; } $current_file = $el["path"].$el["name"]; //To exclude some files/folder if(!empty($__settings['exclude_files']) && in_array($current_file, $__settings['exclude_files'])){ unset($list[$ek]); continue; } if($el["type"]=="d") { if(!$this->mput($local."/".$el["name"], $remote."/".$el["name"], $continious)){ $this->error[] = "mput: can't copy folder, Can't copy local folder \"".$local."/".$el["name"]."\" to remote \"".$remote."/".$el["name"]."\""; $ret=false; if(!$continious) break; } }else{ //To exclude some files if set in script's clone.php's __pre_unzip() function if(!empty($__settings['exclude_ext']) && in_array($extension, $__settings['exclude_ext'])){ unset($list[$ek]); continue; } if(!$this->put($local."/".$el["name"], $remote."/".$el["name"])) { $this->error[] = "mput: can't copy file, Can't copy local file \"".$local."/".$el["name"]."\" to remote \"".$remote."/".$el["name"]."\""; $ret=false; if(!$continious) break; } } @$ftp->chmod($remote."/".$el["name"], $el["perms"]); //Set modified time $t=$el["time"]; if($t!==-1 and $t!==false){ $ftp->utime($remote.'/'.$el['name'], $el["time"]); } } return $ret; } function rawlist($pathname="", $arg=""){ return $this->sftp->rawlist($pathname); } function is_exists($file){ if($this->file_exists($file)){ return true; } return false; } // Takes the DATA rather than the LOCAL file name function softput($remotefile=NULL, $softdata, $rest=0) { return $this->sftp->put($remotefile, $softdata); } // Returns the Data function softget($remotefile=NULL) { return $this->sftp->get($remotefile); } function nlist($dir = '.'){ return $this->sftp->nlist($dir); } function _parselisting($line) { $b = array(); if($line['type'] == 2){ $b['isdir'] = 1; $b['type'] = 'd'; }elseif($line['type'] == 3){ $b['islink'] = 1; $b['type'] = 'l'; }else{ $b['type'] = 'f'; } $b['perms'] = $line['permissions'] & 0777; $b['size'] = $line['size']; $b['time'] = $line['mtime']; $b['name'] = $line['name']; return $b; } // For remote backup SFTP function backup_softput($remotefile=NULL, $softdata){ $ret = $this->sftp->put($remotefile, $softdata, NET_SFTP_RESUME); return $ret; } } ��php72compat.php��0000644��00000134363�15105241005�0007424 0��ustar�00��<?php require_once dirname(dirname(__FILE__)) . '/autoload.php'; /* * This file will monkey patch the pure-PHP implementation in place of the * PECL functions and constants, but only if they do not already exist. * * Thus, the functions or constants just proxy to the appropriate * ParagonIE_Sodium_Compat method or class constant, respectively. / foreach (array( 'BASE64_VARIANT_ORIGINAL', 'BASE64_VARIANT_ORIGINAL_NO_PADDING', 'BASE64_VARIANT_URLSAFE', 'BASE64_VARIANT_URLSAFE_NO_PADDING', 'CRYPTO_AEAD_AES256GCM_KEYBYTES', 'CRYPTO_AEAD_AES256GCM_NSECBYTES', 'CRYPTO_AEAD_AES256GCM_NPUBBYTES', 'CRYPTO_AEAD_AES256GCM_ABYTES', 'CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES', 'CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES', 'CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES', 'CRYPTO_AEAD_CHACHA20POLY1305_ABYTES', 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES', 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_NSECBYTES', 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES', 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_ABYTES', 'CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES', 'CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NSECBYTES', 'CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES', 'CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES', 'CRYPTO_AUTH_BYTES', 'CRYPTO_AUTH_KEYBYTES', 'CRYPTO_BOX_SEALBYTES', 'CRYPTO_BOX_SECRETKEYBYTES', 'CRYPTO_BOX_PUBLICKEYBYTES', 'CRYPTO_BOX_KEYPAIRBYTES', 'CRYPTO_BOX_MACBYTES', 'CRYPTO_BOX_NONCEBYTES', 'CRYPTO_BOX_SEEDBYTES', 'CRYPTO_KDF_BYTES_MIN', 'CRYPTO_KDF_BYTES_MAX', 'CRYPTO_KDF_CONTEXTBYTES', 'CRYPTO_KDF_KEYBYTES', 'CRYPTO_KX_BYTES', 'CRYPTO_KX_KEYPAIRBYTES', 'CRYPTO_KX_PRIMITIVE', 'CRYPTO_KX_SEEDBYTES', 'CRYPTO_KX_PUBLICKEYBYTES', 'CRYPTO_KX_SECRETKEYBYTES', 'CRYPTO_KX_SESSIONKEYBYTES', 'CRYPTO_GENERICHASH_BYTES', 'CRYPTO_GENERICHASH_BYTES_MIN', 'CRYPTO_GENERICHASH_BYTES_MAX', 'CRYPTO_GENERICHASH_KEYBYTES', 'CRYPTO_GENERICHASH_KEYBYTES_MIN', 'CRYPTO_GENERICHASH_KEYBYTES_MAX', 'CRYPTO_PWHASH_SALTBYTES', 'CRYPTO_PWHASH_STRPREFIX', 'CRYPTO_PWHASH_ALG_ARGON2I13', 'CRYPTO_PWHASH_ALG_ARGON2ID13', 'CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE', 'CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE', 'CRYPTO_PWHASH_MEMLIMIT_MODERATE', 'CRYPTO_PWHASH_OPSLIMIT_MODERATE', 'CRYPTO_PWHASH_MEMLIMIT_SENSITIVE', 'CRYPTO_PWHASH_OPSLIMIT_SENSITIVE', 'CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES', 'CRYPTO_PWHASH_SCRYPTSALSA208SHA256_STRPREFIX', 'CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE', 'CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE', 'CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_SENSITIVE', 'CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_SENSITIVE', 'CRYPTO_SCALARMULT_BYTES', 'CRYPTO_SCALARMULT_SCALARBYTES', 'CRYPTO_SHORTHASH_BYTES', 'CRYPTO_SHORTHASH_KEYBYTES', 'CRYPTO_SECRETBOX_KEYBYTES', 'CRYPTO_SECRETBOX_MACBYTES', 'CRYPTO_SECRETBOX_NONCEBYTES', 'CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES', 'CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES', 'CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_KEYBYTES', 'CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_PUSH', 'CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_PULL', 'CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY', 'CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_FINAL', 'CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX', 'CRYPTO_SIGN_BYTES', 'CRYPTO_SIGN_SEEDBYTES', 'CRYPTO_SIGN_PUBLICKEYBYTES', 'CRYPTO_SIGN_SECRETKEYBYTES', 'CRYPTO_SIGN_KEYPAIRBYTES', 'CRYPTO_STREAM_KEYBYTES', 'CRYPTO_STREAM_NONCEBYTES', 'CRYPTO_STREAM_XCHACHA20_KEYBYTES', 'CRYPTO_STREAM_XCHACHA20_NONCEBYTES', 'LIBRARY_MAJOR_VERSION', 'LIBRARY_MINOR_VERSION', 'LIBRARY_VERSION_MAJOR', 'LIBRARY_VERSION_MINOR', 'VERSION_STRING' ) as $constant ) { if (!defined("SODIUM_$constant") && defined("ParagonIE_Sodium_Compat::$constant")) { define("SODIUM_$constant", constant("ParagonIE_Sodium_Compat::$constant")); } } if (!is_callable('sodium_add')) { /* * @see ParagonIE_Sodium_Compat::add() * @param string $string1 * @param string $string2 * @return void * @throws SodiumException / function sodium_add( #[\SensitiveParameter] &$string1, #[\SensitiveParameter] $string2 ) { ParagonIE_Sodium_Compat::add($string1, $string2); } } if (!is_callable('sodium_base642bin')) { /* * @see ParagonIE_Sodium_Compat::bin2base64() * @param string $string * @param int $variant * @param string $ignore * @return string * @throws SodiumException * @throws TypeError / function sodium_base642bin( #[\SensitiveParameter] $string, $variant, $ignore ='' ) { return ParagonIE_Sodium_Compat::base642bin($string, $variant, $ignore); } } if (!is_callable('sodium_bin2base64')) { /* * @see ParagonIE_Sodium_Compat::bin2base64() * @param string $string * @param int $variant * @return string * @throws SodiumException * @throws TypeError / function sodium_bin2base64( #[\SensitiveParameter] $string, $variant ) { return ParagonIE_Sodium_Compat::bin2base64($string, $variant); } } if (!is_callable('sodium_bin2hex')) { /* * @see ParagonIE_Sodium_Compat::hex2bin() * @param string $string * @return string * @throws SodiumException * @throws TypeError / function sodium_bin2hex( #[\SensitiveParameter] $string ) { return ParagonIE_Sodium_Compat::bin2hex($string); } } if (!is_callable('sodium_compare')) { /* * @see ParagonIE_Sodium_Compat::compare() * @param string $string1 * @param string $string2 * @return int * @throws SodiumException * @throws TypeError / function sodium_compare( #[\SensitiveParameter] $string1, #[\SensitiveParameter] $string2 ) { return ParagonIE_Sodium_Compat::compare($string1, $string2); } } if (!is_callable('sodium_crypto_aead_aes256gcm_decrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_decrypt() * @param string $ciphertext * @param string $additional_data * @param string $nonce * @param string $key * @return string\|bool / function sodium_crypto_aead_aes256gcm_decrypt( $ciphertext, $additional_data, $nonce, #[\SensitiveParameter] $key ) { try { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_decrypt( $ciphertext, $additional_data, $nonce, $key ); } catch (Error $ex) { return false; } catch (Exception $ex) { if (($ex instanceof SodiumException) && ($ex->getMessage() === 'AES-256-GCM is not available')) { throw $ex; } return false; } } } if (!is_callable('sodium_crypto_aead_aes256gcm_encrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt() * @param string $message * @param string $additional_data * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_aead_aes256gcm_encrypt( #[\SensitiveParameter] $message, $additional_data, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt($message, $additional_data, $nonce, $key); } } if (!is_callable('sodium_crypto_aead_aes256gcm_is_available')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_is_available() * @return bool / function sodium_crypto_aead_aes256gcm_is_available() { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_is_available(); } } if (!is_callable('sodium_crypto_aead_chacha20poly1305_decrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt() * @param string $ciphertext * @param string $additional_data * @param string $nonce * @param string $key * @return string\|bool / function sodium_crypto_aead_chacha20poly1305_decrypt( $ciphertext, $additional_data, $nonce, #[\SensitiveParameter] $key ) { try { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt( $ciphertext, $additional_data, $nonce, $key ); } catch (Error $ex) { return false; } catch (Exception $ex) { return false; } } } if (!is_callable('sodium_crypto_aead_chacha20poly1305_encrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt() * @param string $message * @param string $additional_data * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_aead_chacha20poly1305_encrypt( #[\SensitiveParameter] $message, $additional_data, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt( $message, $additional_data, $nonce, $key ); } } if (!is_callable('sodium_crypto_aead_chacha20poly1305_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_keygen() * @return string * @throws Exception / function sodium_crypto_aead_chacha20poly1305_keygen() { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_keygen(); } } if (!is_callable('sodium_crypto_aead_chacha20poly1305_ietf_decrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt() * @param string $message * @param string $additional_data * @param string $nonce * @param string $key * @return string\|bool / function sodium_crypto_aead_chacha20poly1305_ietf_decrypt( $message, $additional_data, $nonce, #[\SensitiveParameter] $key ) { try { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt( $message, $additional_data, $nonce, $key ); } catch (Error $ex) { return false; } catch (Exception $ex) { return false; } } } if (!is_callable('sodium_crypto_aead_chacha20poly1305_ietf_encrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt() * @param string $message * @param string $additional_data * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_aead_chacha20poly1305_ietf_encrypt( #[\SensitiveParameter] $message, $additional_data, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt( $message, $additional_data, $nonce, $key ); } } if (!is_callable('sodium_crypto_aead_chacha20poly1305_ietf_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_keygen() * @return string * @throws Exception / function sodium_crypto_aead_chacha20poly1305_ietf_keygen() { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_keygen(); } } if (!is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_decrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt() * @param string $ciphertext * @param string $additional_data * @param string $nonce * @param string $key * @return string\|bool / function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt( $ciphertext, $additional_data, $nonce, #[\SensitiveParameter] $key ) { try { return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt( $ciphertext, $additional_data, $nonce, $key, true ); } catch (Error $ex) { return false; } catch (Exception $ex) { return false; } } } if (!is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_encrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt() * @param string $message * @param string $additional_data * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt( #[\SensitiveParameter] $message, $additional_data, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt( $message, $additional_data, $nonce, $key, true ); } } if (!is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_keygen() * @return string * @throws Exception / function sodium_crypto_aead_xchacha20poly1305_ietf_keygen() { return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_keygen(); } } if (!is_callable('sodium_crypto_auth')) { /* * @see ParagonIE_Sodium_Compat::crypto_auth() * @param string $message * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_auth( $message, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_auth($message, $key); } } if (!is_callable('sodium_crypto_auth_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_auth_keygen() * @return string * @throws Exception / function sodium_crypto_auth_keygen() { return ParagonIE_Sodium_Compat::crypto_auth_keygen(); } } if (!is_callable('sodium_crypto_auth_verify')) { /* * @see ParagonIE_Sodium_Compat::crypto_auth_verify() * @param string $mac * @param string $message * @param string $key * @return bool * @throws SodiumException * @throws TypeError / function sodium_crypto_auth_verify( $mac, $message, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); } } if (!is_callable('sodium_crypto_box')) { /* * @see ParagonIE_Sodium_Compat::crypto_box() * @param string $message * @param string $nonce * @param string $key_pair * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_box( #[\SensitiveParameter] $message, $nonce, #[\SensitiveParameter] $key_pair ) { return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $key_pair); } } if (!is_callable('sodium_crypto_box_keypair')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_keypair() * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_box_keypair() { return ParagonIE_Sodium_Compat::crypto_box_keypair(); } } if (!is_callable('sodium_crypto_box_keypair_from_secretkey_and_publickey')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey() * @param string $secret_key * @param string $public_key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_box_keypair_from_secretkey_and_publickey( #[\SensitiveParameter] $secret_key, $public_key ) { return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($secret_key, $public_key); } } if (!is_callable('sodium_crypto_box_open')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_open() * @param string $ciphertext * @param string $nonce * @param string $key_pair * @return string\|bool / function sodium_crypto_box_open( $ciphertext, $nonce, #[\SensitiveParameter] $key_pair ) { try { return ParagonIE_Sodium_Compat::crypto_box_open($ciphertext, $nonce, $key_pair); } catch (Error $ex) { return false; } catch (Exception $ex) { return false; } } } if (!is_callable('sodium_crypto_box_publickey')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_publickey() * @param string $key_pair * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_box_publickey( #[\SensitiveParameter] $key_pair ) { return ParagonIE_Sodium_Compat::crypto_box_publickey($key_pair); } } if (!is_callable('sodium_crypto_box_publickey_from_secretkey')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey() * @param string $secret_key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_box_publickey_from_secretkey( #[\SensitiveParameter] $secret_key ) { return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($secret_key); } } if (!is_callable('sodium_crypto_box_seal')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_seal() * @param string $message * @param string $public_key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_box_seal( #[\SensitiveParameter] $message, $public_key ) { return ParagonIE_Sodium_Compat::crypto_box_seal($message, $public_key); } } if (!is_callable('sodium_crypto_box_seal_open')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_seal_open() * @param string $message * @param string $key_pair * @return string\|bool * @throws SodiumException / function sodium_crypto_box_seal_open( $message, #[\SensitiveParameter] $key_pair ) { try { return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $key_pair); } catch (SodiumException $ex) { if ($ex->getMessage() === 'Argument 2 must be CRYPTO_BOX_KEYPAIRBYTES long.') { throw $ex; } return false; } } } if (!is_callable('sodium_crypto_box_secretkey')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_secretkey() * @param string $key_pair * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_box_secretkey( #[\SensitiveParameter] $key_pair ) { return ParagonIE_Sodium_Compat::crypto_box_secretkey($key_pair); } } if (!is_callable('sodium_crypto_box_seed_keypair')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_seed_keypair() * @param string $seed * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_box_seed_keypair( #[\SensitiveParameter] $seed ) { return ParagonIE_Sodium_Compat::crypto_box_seed_keypair($seed); } } if (!is_callable('sodium_crypto_generichash')) { /* * @see ParagonIE_Sodium_Compat::crypto_generichash() * @param string $message * @param string\|null $key * @param int $length * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_generichash( $message, #[\SensitiveParameter] $key = null, $length = 32 ) { return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $length); } } if (!is_callable('sodium_crypto_generichash_final')) { /* * @see ParagonIE_Sodium_Compat::crypto_generichash_final() * @param string\|null $state * @param int $outputLength * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_generichash_final(&$state, $outputLength = 32) { return ParagonIE_Sodium_Compat::crypto_generichash_final($state, $outputLength); } } if (!is_callable('sodium_crypto_generichash_init')) { /* * @see ParagonIE_Sodium_Compat::crypto_generichash_init() * @param string\|null $key * @param int $length * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_generichash_init( #[\SensitiveParameter] $key = null, $length = 32 ) { return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $length); } } if (!is_callable('sodium_crypto_generichash_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_generichash_keygen() * @return string * @throws Exception / function sodium_crypto_generichash_keygen() { return ParagonIE_Sodium_Compat::crypto_generichash_keygen(); } } if (!is_callable('sodium_crypto_generichash_update')) { /* * @see ParagonIE_Sodium_Compat::crypto_generichash_update() * @param string\|null $state * @param string $message * @return void * @throws SodiumException * @throws TypeError / function sodium_crypto_generichash_update( #[\SensitiveParameter] &$state, $message = '' ) { ParagonIE_Sodium_Compat::crypto_generichash_update($state, $message); } } if (!is_callable('sodium_crypto_kdf_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_kdf_keygen() * @return string * @throws Exception / function sodium_crypto_kdf_keygen() { return ParagonIE_Sodium_Compat::crypto_kdf_keygen(); } } if (!is_callable('sodium_crypto_kdf_derive_from_key')) { /* * @see ParagonIE_Sodium_Compat::crypto_kdf_derive_from_key() * @param int $subkey_length * @param int $subkey_id * @param string $context * @param string $key * @return string * @throws Exception / function sodium_crypto_kdf_derive_from_key( $subkey_length, $subkey_id, $context, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_kdf_derive_from_key( $subkey_length, $subkey_id, $context, $key ); } } if (!is_callable('sodium_crypto_kx')) { /* * @see ParagonIE_Sodium_Compat::crypto_kx() * @param string $my_secret * @param string $their_public * @param string $client_public * @param string $server_public * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_kx( #[\SensitiveParameter] $my_secret, $their_public, $client_public, $server_public ) { return ParagonIE_Sodium_Compat::crypto_kx( $my_secret, $their_public, $client_public, $server_public ); } } if (!is_callable('sodium_crypto_kx_seed_keypair')) { /* * @param string $seed * @return string * @throws Exception / function sodium_crypto_kx_seed_keypair( #[\SensitiveParameter] $seed ) { return ParagonIE_Sodium_Compat::crypto_kx_seed_keypair($seed); } } if (!is_callable('sodium_crypto_kx_keypair')) { /* * @return string * @throws Exception / function sodium_crypto_kx_keypair() { return ParagonIE_Sodium_Compat::crypto_kx_keypair(); } } if (!is_callable('sodium_crypto_kx_client_session_keys')) { /* * @param string $client_key_pair * @param string $server_key * @return array{0: string, 1: string} * @throws SodiumException / function sodium_crypto_kx_client_session_keys( #[\SensitiveParameter] $client_key_pair, $server_key ) { return ParagonIE_Sodium_Compat::crypto_kx_client_session_keys($client_key_pair, $server_key); } } if (!is_callable('sodium_crypto_kx_server_session_keys')) { /* * @param string $server_key_pair * @param string $client_key * @return array{0: string, 1: string} * @throws SodiumException / function sodium_crypto_kx_server_session_keys( #[\SensitiveParameter] $server_key_pair, $client_key ) { return ParagonIE_Sodium_Compat::crypto_kx_server_session_keys($server_key_pair, $client_key); } } if (!is_callable('sodium_crypto_kx_secretkey')) { /* * @param string $key_pair * @return string * @throws Exception / function sodium_crypto_kx_secretkey( #[\SensitiveParameter] $key_pair ) { return ParagonIE_Sodium_Compat::crypto_kx_secretkey($key_pair); } } if (!is_callable('sodium_crypto_kx_publickey')) { /* * @param string $key_pair * @return string * @throws Exception / function sodium_crypto_kx_publickey( #[\SensitiveParameter] $key_pair ) { return ParagonIE_Sodium_Compat::crypto_kx_publickey($key_pair); } } if (!is_callable('sodium_crypto_pwhash')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash() * @param int $length * @param string $passwd * @param string $salt * @param int $opslimit * @param int $memlimit * @param int\|null $algo * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_pwhash( $length, #[\SensitiveParameter] $passwd, $salt, $opslimit, $memlimit, $algo = null ) { return ParagonIE_Sodium_Compat::crypto_pwhash($length, $passwd, $salt, $opslimit, $memlimit, $algo); } } if (!is_callable('sodium_crypto_pwhash_str')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_str() * @param string $passwd * @param int $opslimit * @param int $memlimit * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_pwhash_str( #[\SensitiveParameter] $passwd, $opslimit, $memlimit ) { return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); } } if (!is_callable('sodium_crypto_pwhash_str_needs_rehash')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_str_needs_rehash() * @param string $hash * @param int $opslimit * @param int $memlimit * @return bool * * @throws SodiumException / function sodium_crypto_pwhash_str_needs_rehash( #[\SensitiveParameter] $hash, $opslimit, $memlimit ) { return ParagonIE_Sodium_Compat::crypto_pwhash_str_needs_rehash($hash, $opslimit, $memlimit); } } if (!is_callable('sodium_crypto_pwhash_str_verify')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_str_verify() * @param string $passwd * @param string $hash * @return bool * @throws SodiumException * @throws TypeError / function sodium_crypto_pwhash_str_verify( #[\SensitiveParameter] $passwd, #[\SensitiveParameter] $hash ) { return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); } } if (!is_callable('sodium_crypto_pwhash_scryptsalsa208sha256')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256() * @param int $length * @param string $passwd * @param string $salt * @param int $opslimit * @param int $memlimit * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_pwhash_scryptsalsa208sha256( $length, #[\SensitiveParameter] $passwd, $salt, $opslimit, $memlimit ) { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256( $length, $passwd, $salt, $opslimit, $memlimit ); } } if (!is_callable('sodium_crypto_pwhash_scryptsalsa208sha256_str')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str() * @param string $passwd * @param int $opslimit * @param int $memlimit * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_pwhash_scryptsalsa208sha256_str( #[\SensitiveParameter] $passwd, $opslimit, $memlimit ) { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); } } if (!is_callable('sodium_crypto_pwhash_scryptsalsa208sha256_str_verify')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify() * @param string $passwd * @param string $hash * @return bool * @throws SodiumException * @throws TypeError / function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify( #[\SensitiveParameter] $passwd, #[\SensitiveParameter] $hash ) { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); } } if (!is_callable('sodium_crypto_scalarmult')) { /* * @see ParagonIE_Sodium_Compat::crypto_scalarmult() * @param string $n * @param string $p * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_scalarmult( #[\SensitiveParameter] $n, $p ) { return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); } } if (!is_callable('sodium_crypto_scalarmult_base')) { /* * @see ParagonIE_Sodium_Compat::crypto_scalarmult_base() * @param string $n * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_scalarmult_base( #[\SensitiveParameter] $n ) { return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); } } if (!is_callable('sodium_crypto_secretbox')) { /* * @see ParagonIE_Sodium_Compat::crypto_secretbox() * @param string $message * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_secretbox( #[\SensitiveParameter] $message, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); } } if (!is_callable('sodium_crypto_secretbox_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_secretbox_keygen() * @return string * @throws Exception / function sodium_crypto_secretbox_keygen() { return ParagonIE_Sodium_Compat::crypto_secretbox_keygen(); } } if (!is_callable('sodium_crypto_secretbox_open')) { /* * @see ParagonIE_Sodium_Compat::crypto_secretbox_open() * @param string $ciphertext * @param string $nonce * @param string $key * @return string\|bool / function sodium_crypto_secretbox_open( $ciphertext, $nonce, #[\SensitiveParameter] $key ) { try { return ParagonIE_Sodium_Compat::crypto_secretbox_open($ciphertext, $nonce, $key); } catch (Error $ex) { return false; } catch (Exception $ex) { return false; } } } if (!is_callable('sodium_crypto_secretstream_xchacha20poly1305_init_push')) { /* * @param string $key * @return array<int, string> * @throws SodiumException / function sodium_crypto_secretstream_xchacha20poly1305_init_push( #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_init_push($key); } } if (!is_callable('sodium_crypto_secretstream_xchacha20poly1305_push')) { /* * @param string $state * @param string $message * @param string $additional_data * @param int $tag * @return string * @throws SodiumException / function sodium_crypto_secretstream_xchacha20poly1305_push( #[\SensitiveParameter] &$state, #[\SensitiveParameter] $message, $additional_data = '', $tag = 0 ) { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_push( $state, $message, $additional_data, $tag ); } } if (!is_callable('sodium_crypto_secretstream_xchacha20poly1305_init_pull')) { /* * @param string $header * @param string $key * @return string * @throws Exception / function sodium_crypto_secretstream_xchacha20poly1305_init_pull( $header, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_init_pull($header, $key); } } if (!is_callable('sodium_crypto_secretstream_xchacha20poly1305_pull')) { /* * @param string $state * @param string $ciphertext * @param string $additional_data * @return bool\|array{0: string, 1: int} * @throws SodiumException / function sodium_crypto_secretstream_xchacha20poly1305_pull( #[\SensitiveParameter] &$state, $ciphertext, $additional_data = '' ) { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_pull( $state, $ciphertext, $additional_data ); } } if (!is_callable('sodium_crypto_secretstream_xchacha20poly1305_rekey')) { /* * @param string $state * @return void * @throws SodiumException / function sodium_crypto_secretstream_xchacha20poly1305_rekey( #[\SensitiveParameter] &$state ) { ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_rekey($state); } } if (!is_callable('sodium_crypto_secretstream_xchacha20poly1305_keygen')) { /* * @return string * @throws Exception / function sodium_crypto_secretstream_xchacha20poly1305_keygen() { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_keygen(); } } if (!is_callable('sodium_crypto_shorthash')) { /* * @see ParagonIE_Sodium_Compat::crypto_shorthash() * @param string $message * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_shorthash( $message, #[\SensitiveParameter] $key = '' ) { return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); } } if (!is_callable('sodium_crypto_shorthash_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_shorthash_keygen() * @return string * @throws Exception / function sodium_crypto_shorthash_keygen() { return ParagonIE_Sodium_Compat::crypto_shorthash_keygen(); } } if (!is_callable('sodium_crypto_sign')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign() * @param string $message * @param string $secret_key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign( $message, #[\SensitiveParameter] $secret_key ) { return ParagonIE_Sodium_Compat::crypto_sign($message, $secret_key); } } if (!is_callable('sodium_crypto_sign_detached')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_detached() * @param string $message * @param string $secret_key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_detached( $message, #[\SensitiveParameter] $secret_key ) { return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $secret_key); } } if (!is_callable('sodium_crypto_sign_keypair_from_secretkey_and_publickey')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_keypair_from_secretkey_and_publickey() * @param string $secret_key * @param string $public_key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_keypair_from_secretkey_and_publickey( #[\SensitiveParameter] $secret_key, $public_key ) { return ParagonIE_Sodium_Compat::crypto_sign_keypair_from_secretkey_and_publickey($secret_key, $public_key); } } if (!is_callable('sodium_crypto_sign_keypair')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_keypair() * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_keypair() { return ParagonIE_Sodium_Compat::crypto_sign_keypair(); } } if (!is_callable('sodium_crypto_sign_open')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_open() * @param string $signedMessage * @param string $public_key * @return string\|bool / function sodium_crypto_sign_open($signedMessage, $public_key) { try { return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $public_key); } catch (Error $ex) { return false; } catch (Exception $ex) { return false; } } } if (!is_callable('sodium_crypto_sign_publickey')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_publickey() * @param string $key_pair * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_publickey( #[\SensitiveParameter] $key_pair ) { return ParagonIE_Sodium_Compat::crypto_sign_publickey($key_pair); } } if (!is_callable('sodium_crypto_sign_publickey_from_secretkey')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey() * @param string $secret_key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_publickey_from_secretkey( #[\SensitiveParameter] $secret_key ) { return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($secret_key); } } if (!is_callable('sodium_crypto_sign_secretkey')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_secretkey() * @param string $key_pair * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_secretkey( #[\SensitiveParameter] $key_pair ) { return ParagonIE_Sodium_Compat::crypto_sign_secretkey($key_pair); } } if (!is_callable('sodium_crypto_sign_seed_keypair')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_seed_keypair() * @param string $seed * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_seed_keypair( #[\SensitiveParameter] $seed ) { return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); } } if (!is_callable('sodium_crypto_sign_verify_detached')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_verify_detached() * @param string $signature * @param string $message * @param string $public_key * @return bool * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_verify_detached($signature, $message, $public_key) { return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $public_key); } } if (!is_callable('sodium_crypto_sign_ed25519_pk_to_curve25519')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_ed25519_pk_to_curve25519() * @param string $public_key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_ed25519_pk_to_curve25519($public_key) { return ParagonIE_Sodium_Compat::crypto_sign_ed25519_pk_to_curve25519($public_key); } } if (!is_callable('sodium_crypto_sign_ed25519_sk_to_curve25519')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519() * @param string $secret_key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_sign_ed25519_sk_to_curve25519( #[\SensitiveParameter] $secret_key ) { return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($secret_key); } } if (!is_callable('sodium_crypto_stream')) { /* * @see ParagonIE_Sodium_Compat::crypto_stream() * @param int $length * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_stream( $length, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_stream($length, $nonce, $key); } } if (!is_callable('sodium_crypto_stream_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_stream_keygen() * @return string * @throws Exception / function sodium_crypto_stream_keygen() { return ParagonIE_Sodium_Compat::crypto_stream_keygen(); } } if (!is_callable('sodium_crypto_stream_xor')) { /* * @see ParagonIE_Sodium_Compat::crypto_stream_xor() * @param string $message * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_stream_xor( #[\SensitiveParameter] $message, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); } } require_once dirname(__FILE__) . '/stream-xchacha20.php'; if (!is_callable('sodium_hex2bin')) { /* * @see ParagonIE_Sodium_Compat::hex2bin() * @param string $string * @param string $ignore * @return string * @throws SodiumException * @throws TypeError / function sodium_hex2bin( #[\SensitiveParameter] $string, $ignore = '' ) { return ParagonIE_Sodium_Compat::hex2bin($string, $ignore); } } if (!is_callable('sodium_increment')) { /* * @see ParagonIE_Sodium_Compat::increment() * @param string $string * @return void * @throws SodiumException * @throws TypeError / function sodium_increment( #[\SensitiveParameter] &$string ) { ParagonIE_Sodium_Compat::increment($string); } } if (!is_callable('sodium_library_version_major')) { /* * @see ParagonIE_Sodium_Compat::library_version_major() * @return int / function sodium_library_version_major() { return ParagonIE_Sodium_Compat::library_version_major(); } } if (!is_callable('sodium_library_version_minor')) { /* * @see ParagonIE_Sodium_Compat::library_version_minor() * @return int / function sodium_library_version_minor() { return ParagonIE_Sodium_Compat::library_version_minor(); } } if (!is_callable('sodium_version_string')) { /* * @see ParagonIE_Sodium_Compat::version_string() * @return string / function sodium_version_string() { return ParagonIE_Sodium_Compat::version_string(); } } if (!is_callable('sodium_memcmp')) { /* * @see ParagonIE_Sodium_Compat::memcmp() * @param string $string1 * @param string $string2 * @return int * @throws SodiumException * @throws TypeError / function sodium_memcmp( #[\SensitiveParameter] $string1, #[\SensitiveParameter] $string2 ) { return ParagonIE_Sodium_Compat::memcmp($string1, $string2); } } if (!is_callable('sodium_memzero')) { /* * @see ParagonIE_Sodium_Compat::memzero() * @param string $string * @return void * @throws SodiumException * @throws TypeError * * @psalm-suppress ReferenceConstraintViolation / function sodium_memzero( #[\SensitiveParameter] &$string ) { ParagonIE_Sodium_Compat::memzero($string); } } if (!is_callable('sodium_pad')) { /* * @see ParagonIE_Sodium_Compat::pad() * @param string $unpadded * @param int $block_size * @return string * @throws SodiumException * @throws TypeError / function sodium_pad( #[\SensitiveParameter] $unpadded, $block_size ) { return ParagonIE_Sodium_Compat::pad($unpadded, $block_size, true); } } if (!is_callable('sodium_unpad')) { /* * @see ParagonIE_Sodium_Compat::pad() * @param string $padded * @param int $block_size * @return string * @throws SodiumException * @throws TypeError / function sodium_unpad( #[\SensitiveParameter] $padded, $block_size ) { return ParagonIE_Sodium_Compat::unpad($padded, $block_size, true); } } if (!is_callable('sodium_randombytes_buf')) { /* * @see ParagonIE_Sodium_Compat::randombytes_buf() * @param int $amount * @return string * @throws Exception / function sodium_randombytes_buf($amount) { return ParagonIE_Sodium_Compat::randombytes_buf($amount); } } if (!is_callable('sodium_randombytes_uniform')) { /* * @see ParagonIE_Sodium_Compat::randombytes_uniform() * @param int $upperLimit * @return int * @throws Exception / function sodium_randombytes_uniform($upperLimit) { return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); } } if (!is_callable('sodium_randombytes_random16')) { /* * @see ParagonIE_Sodium_Compat::randombytes_random16() * @return int * @throws Exception / function sodium_randombytes_random16() { return ParagonIE_Sodium_Compat::randombytes_random16(); } } ��constants.php��0000644��00000010101�15105241005�0007253 0��ustar�00��<?php namespace Sodium; require_once dirname(dirname(__FILE__)) . '/autoload.php'; use ParagonIE_Sodium_Compat; const CRYPTO_AEAD_AES256GCM_KEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_AES256GCM_KEYBYTES; const CRYPTO_AEAD_AES256GCM_NSECBYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_AES256GCM_NSECBYTES; const CRYPTO_AEAD_AES256GCM_NPUBBYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_AES256GCM_NPUBBYTES; const CRYPTO_AEAD_AES256GCM_ABYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_AES256GCM_ABYTES; const CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES; const CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES; const CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES; const CRYPTO_AEAD_CHACHA20POLY1305_ABYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_CHACHA20POLY1305_ABYTES; const CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES; const CRYPTO_AEAD_CHACHA20POLY1305_IETF_NSECBYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NSECBYTES; const CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES; const CRYPTO_AEAD_CHACHA20POLY1305_IETF_ABYTES = ParagonIE_Sodium_Compat::CRYPTO_AEAD_CHACHA20POLY1305_IETF_ABYTES; const CRYPTO_AUTH_BYTES = ParagonIE_Sodium_Compat::CRYPTO_AUTH_BYTES; const CRYPTO_AUTH_KEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_AUTH_KEYBYTES; const CRYPTO_BOX_SEALBYTES = ParagonIE_Sodium_Compat::CRYPTO_BOX_SEALBYTES; const CRYPTO_BOX_SECRETKEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES; const CRYPTO_BOX_PUBLICKEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES; const CRYPTO_BOX_KEYPAIRBYTES = ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES; const CRYPTO_BOX_MACBYTES = ParagonIE_Sodium_Compat::CRYPTO_BOX_MACBYTES; const CRYPTO_BOX_NONCEBYTES = ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES; const CRYPTO_BOX_SEEDBYTES = ParagonIE_Sodium_Compat::CRYPTO_BOX_SEEDBYTES; const CRYPTO_KX_BYTES = ParagonIE_Sodium_Compat::CRYPTO_KX_BYTES; const CRYPTO_KX_SEEDBYTES = ParagonIE_Sodium_Compat::CRYPTO_KX_SEEDBYTES; const CRYPTO_KX_PUBLICKEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_KX_PUBLICKEYBYTES; const CRYPTO_KX_SECRETKEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_KX_SECRETKEYBYTES; const CRYPTO_GENERICHASH_BYTES = ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES; const CRYPTO_GENERICHASH_BYTES_MIN = ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MIN; const CRYPTO_GENERICHASH_BYTES_MAX = ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MAX; const CRYPTO_GENERICHASH_KEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES; const CRYPTO_GENERICHASH_KEYBYTES_MIN = ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MIN; const CRYPTO_GENERICHASH_KEYBYTES_MAX = ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MAX; const CRYPTO_SCALARMULT_BYTES = ParagonIE_Sodium_Compat::CRYPTO_SCALARMULT_BYTES; const CRYPTO_SCALARMULT_SCALARBYTES = ParagonIE_Sodium_Compat::CRYPTO_SCALARMULT_SCALARBYTES; const CRYPTO_SHORTHASH_BYTES = ParagonIE_Sodium_Compat::CRYPTO_SHORTHASH_BYTES; const CRYPTO_SHORTHASH_KEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_SHORTHASH_KEYBYTES; const CRYPTO_SECRETBOX_KEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES; const CRYPTO_SECRETBOX_MACBYTES = ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES; const CRYPTO_SECRETBOX_NONCEBYTES = ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES; const CRYPTO_SIGN_BYTES = ParagonIE_Sodium_Compat::CRYPTO_SIGN_BYTES; const CRYPTO_SIGN_SEEDBYTES = ParagonIE_Sodium_Compat::CRYPTO_SIGN_SEEDBYTES; const CRYPTO_SIGN_PUBLICKEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_SIGN_PUBLICKEYBYTES; const CRYPTO_SIGN_SECRETKEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES; const CRYPTO_SIGN_KEYPAIRBYTES = ParagonIE_Sodium_Compat::CRYPTO_SIGN_KEYPAIRBYTES; const CRYPTO_STREAM_KEYBYTES = ParagonIE_Sodium_Compat::CRYPTO_STREAM_KEYBYTES; const CRYPTO_STREAM_NONCEBYTES = ParagonIE_Sodium_Compat::CRYPTO_STREAM_NONCEBYTES; ��php84compat_const.php��0000644��00000000621�15105241005�0010622 0��ustar�00��<?php const SODIUM_CRYPTO_AEAD_AEGIS128L_KEYBYTES = 16; const SODIUM_CRYPTO_AEAD_AEGIS128L_NSECBYTES = 0; const SODIUM_CRYPTO_AEAD_AEGIS128L_NPUBBYTES = 32; const SODIUM_CRYPTO_AEAD_AEGIS128L_ABYTES = 32; const SODIUM_CRYPTO_AEAD_AEGIS256_KEYBYTES = 32; const SODIUM_CRYPTO_AEAD_AEGIS256_NSECBYTES = 0; const SODIUM_CRYPTO_AEAD_AEGIS256_NPUBBYTES = 32; const SODIUM_CRYPTO_AEAD_AEGIS256_ABYTES = 32; ��php72compat_const.php��0000644��00000010765�15105241005�0010631 0��ustar�00��<?php const SODIUM_LIBRARY_MAJOR_VERSION = 9; const SODIUM_LIBRARY_MINOR_VERSION = 1; const SODIUM_LIBRARY_VERSION = '1.0.8'; const SODIUM_BASE64_VARIANT_ORIGINAL = 1; const SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING = 3; const SODIUM_BASE64_VARIANT_URLSAFE = 5; const SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING = 7; const SODIUM_CRYPTO_AEAD_AES256GCM_KEYBYTES = 32; const SODIUM_CRYPTO_AEAD_AES256GCM_NSECBYTES = 0; const SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES = 12; const SODIUM_CRYPTO_AEAD_AES256GCM_ABYTES = 16; const SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES = 32; const SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES = 0; const SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES = 8; const SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_ABYTES = 16; const SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES = 32; const SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_NSECBYTES = 0; const SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES = 12; const SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_ABYTES = 16; const SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES = 32; const SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NSECBYTES = 0; const SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES = 24; const SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES = 16; const SODIUM_CRYPTO_AUTH_BYTES = 32; const SODIUM_CRYPTO_AUTH_KEYBYTES = 32; const SODIUM_CRYPTO_BOX_SEALBYTES = 16; const SODIUM_CRYPTO_BOX_SECRETKEYBYTES = 32; const SODIUM_CRYPTO_BOX_PUBLICKEYBYTES = 32; const SODIUM_CRYPTO_BOX_KEYPAIRBYTES = 64; const SODIUM_CRYPTO_BOX_MACBYTES = 16; const SODIUM_CRYPTO_BOX_NONCEBYTES = 24; const SODIUM_CRYPTO_BOX_SEEDBYTES = 32; const SODIUM_CRYPTO_KDF_BYTES_MIN = 16; const SODIUM_CRYPTO_KDF_BYTES_MAX = 64; const SODIUM_CRYPTO_KDF_CONTEXTBYTES = 8; const SODIUM_CRYPTO_KDF_KEYBYTES = 32; const SODIUM_CRYPTO_KX_BYTES = 32; const SODIUM_CRYPTO_KX_PRIMITIVE = 'x25519blake2b'; const SODIUM_CRYPTO_KX_SEEDBYTES = 32; const SODIUM_CRYPTO_KX_KEYPAIRBYTES = 64; const SODIUM_CRYPTO_KX_PUBLICKEYBYTES = 32; const SODIUM_CRYPTO_KX_SECRETKEYBYTES = 32; const SODIUM_CRYPTO_KX_SESSIONKEYBYTES = 32; const SODIUM_CRYPTO_GENERICHASH_BYTES = 32; const SODIUM_CRYPTO_GENERICHASH_BYTES_MIN = 16; const SODIUM_CRYPTO_GENERICHASH_BYTES_MAX = 64; const SODIUM_CRYPTO_GENERICHASH_KEYBYTES = 32; const SODIUM_CRYPTO_GENERICHASH_KEYBYTES_MIN = 16; const SODIUM_CRYPTO_GENERICHASH_KEYBYTES_MAX = 64; const SODIUM_CRYPTO_PWHASH_SALTBYTES = 16; const SODIUM_CRYPTO_PWHASH_STRPREFIX = '$argon2id$'; const SODIUM_CRYPTO_PWHASH_ALG_ARGON2I13 = 1; const SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13 = 2; const SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE = 33554432; const SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE = 4; const SODIUM_CRYPTO_PWHASH_MEMLIMIT_MODERATE = 134217728; const SODIUM_CRYPTO_PWHASH_OPSLIMIT_MODERATE = 6; const SODIUM_CRYPTO_PWHASH_MEMLIMIT_SENSITIVE = 536870912; const SODIUM_CRYPTO_PWHASH_OPSLIMIT_SENSITIVE = 8; const SODIUM_CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES = 32; const SODIUM_CRYPTO_PWHASH_SCRYPTSALSA208SHA256_STRPREFIX = '$7$'; const SODIUM_CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE = 534288; const SODIUM_CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE = 16777216; const SODIUM_CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_SENSITIVE = 33554432; const SODIUM_CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_SENSITIVE = 1073741824; const SODIUM_CRYPTO_SCALARMULT_BYTES = 32; const SODIUM_CRYPTO_SCALARMULT_SCALARBYTES = 32; const SODIUM_CRYPTO_SHORTHASH_BYTES = 8; const SODIUM_CRYPTO_SHORTHASH_KEYBYTES = 16; const SODIUM_CRYPTO_SECRETBOX_KEYBYTES = 32; const SODIUM_CRYPTO_SECRETBOX_MACBYTES = 16; const SODIUM_CRYPTO_SECRETBOX_NONCEBYTES = 24; const SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES = 17; const SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES = 24; const SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_KEYBYTES = 32; const SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_PUSH = 0; const SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_PULL = 1; const SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY = 2; const SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_FINAL = 3; const SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX = 0x3fffffff80; const SODIUM_CRYPTO_SIGN_BYTES = 64; const SODIUM_CRYPTO_SIGN_SEEDBYTES = 32; const SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES = 32; const SODIUM_CRYPTO_SIGN_SECRETKEYBYTES = 64; const SODIUM_CRYPTO_SIGN_KEYPAIRBYTES = 96; const SODIUM_CRYPTO_STREAM_KEYBYTES = 32; const SODIUM_CRYPTO_STREAM_NONCEBYTES = 24; const SODIUM_CRYPTO_STREAM_XCHACHA20_KEYBYTES = 32; const SODIUM_CRYPTO_STREAM_XCHACHA20_NONCEBYTES = 24; ��sodium_compat.php��0000644��00000065466�15105241005�0010132 0��ustar�00��<?php namespace Sodium; require_once dirname(dirname(__FILE__)) . '/autoload.php'; use ParagonIE_Sodium_Compat; /* * This file will monkey patch the pure-PHP implementation in place of the * PECL functions, but only if they do not already exist. * * Thus, the functions just proxy to the appropriate ParagonIE_Sodium_Compat * method. / if (!is_callable('\\Sodium\\bin2hex')) { /* * @see ParagonIE_Sodium_Compat::bin2hex() * @param string $string * @return string * @throws \SodiumException * @throws \TypeError / function bin2hex( #[\SensitiveParameter] $string ) { return ParagonIE_Sodium_Compat::bin2hex($string); } } if (!is_callable('\\Sodium\\compare')) { /* * @see ParagonIE_Sodium_Compat::compare() * @param string $a * @param string $b * @return int * @throws \SodiumException * @throws \TypeError / function compare( #[\SensitiveParameter] $a, #[\SensitiveParameter] $b ) { return ParagonIE_Sodium_Compat::compare($a, $b); } } if (!is_callable('\\Sodium\\crypto_aead_aes256gcm_decrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_decrypt() * @param string $message * @param string $assocData * @param string $nonce * @param string $key * @return string\|bool / function crypto_aead_aes256gcm_decrypt( $message, $assocData, $nonce, #[\SensitiveParameter] $key ) { try { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_decrypt($message, $assocData, $nonce, $key); } catch (\TypeError $ex) { return false; } catch (\SodiumException $ex) { return false; } } } if (!is_callable('\\Sodium\\crypto_aead_aes256gcm_encrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt() * @param string $message * @param string $assocData * @param string $nonce * @param string $key * @return string * @throws \SodiumException * @throws \TypeError / function crypto_aead_aes256gcm_encrypt( #[\SensitiveParameter] $message, $assocData, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt($message, $assocData, $nonce, $key); } } if (!is_callable('\\Sodium\\crypto_aead_aes256gcm_is_available')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_is_available() * @return bool / function crypto_aead_aes256gcm_is_available() { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_is_available(); } } if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_decrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt() * @param string $message * @param string $assocData * @param string $nonce * @param string $key * @return string\|bool / function crypto_aead_chacha20poly1305_decrypt( $message, $assocData, $nonce, #[\SensitiveParameter] $key ) { try { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); } catch (\TypeError $ex) { return false; } catch (\SodiumException $ex) { return false; } } } if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_encrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt() * @param string $message * @param string $assocData * @param string $nonce * @param string $key * @return string * @throws \SodiumException * @throws \TypeError / function crypto_aead_chacha20poly1305_encrypt( #[\SensitiveParameter] $message, $assocData, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); } } if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_ietf_decrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt() * @param string $message * @param string $assocData * @param string $nonce * @param string $key * @return string\|bool / function crypto_aead_chacha20poly1305_ietf_decrypt( $message, $assocData, $nonce, #[\SensitiveParameter] $key ) { try { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); } catch (\TypeError $ex) { return false; } catch (\SodiumException $ex) { return false; } } } if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_ietf_encrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt() * @param string $message * @param string $assocData * @param string $nonce * @param string $key * @return string * @throws \SodiumException * @throws \TypeError / function crypto_aead_chacha20poly1305_ietf_encrypt( #[\SensitiveParameter] $message, $assocData, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); } } if (!is_callable('\\Sodium\\crypto_auth')) { /* * @see ParagonIE_Sodium_Compat::crypto_auth() * @param string $message * @param string $key * @return string * @throws \SodiumException * @throws \TypeError / function crypto_auth( $message, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_auth($message, $key); } } if (!is_callable('\\Sodium\\crypto_auth_verify')) { /* * @see ParagonIE_Sodium_Compat::crypto_auth_verify() * @param string $mac * @param string $message * @param string $key * @return bool * @throws \SodiumException * @throws \TypeError / function crypto_auth_verify( $mac, $message, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); } } if (!is_callable('\\Sodium\\crypto_box')) { /* * @see ParagonIE_Sodium_Compat::crypto_box() * @param string $message * @param string $nonce * @param string $kp * @return string * @throws \SodiumException * @throws \TypeError / function crypto_box( #[\SensitiveParameter] $message, $nonce, #[\SensitiveParameter] $kp ) { return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); } } if (!is_callable('\\Sodium\\crypto_box_keypair')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_keypair() * @return string * @throws \SodiumException * @throws \TypeError / function crypto_box_keypair() { return ParagonIE_Sodium_Compat::crypto_box_keypair(); } } if (!is_callable('\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey() * @param string $sk * @param string $pk * @return string * @throws \SodiumException * @throws \TypeError / function crypto_box_keypair_from_secretkey_and_publickey( #[\SensitiveParameter] $sk, $pk ) { return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); } } if (!is_callable('\\Sodium\\crypto_box_open')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_open() * @param string $message * @param string $nonce * @param string $kp * @return string\|bool / function crypto_box_open( #[\SensitiveParameter] $message, $nonce, #[\SensitiveParameter] $kp ) { try { return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); } catch (\TypeError $ex) { return false; } catch (\SodiumException $ex) { return false; } } } if (!is_callable('\\Sodium\\crypto_box_publickey')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_publickey() * @param string $keypair * @return string * @throws \SodiumException * @throws \TypeError / function crypto_box_publickey( #[\SensitiveParameter] $keypair ) { return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); } } if (!is_callable('\\Sodium\\crypto_box_publickey_from_secretkey')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey() * @param string $sk * @return string * @throws \SodiumException * @throws \TypeError / function crypto_box_publickey_from_secretkey( #[\SensitiveParameter] $sk ) { return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); } } if (!is_callable('\\Sodium\\crypto_box_seal')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_seal_open() * @param string $message * @param string $publicKey * @return string * @throws \SodiumException * @throws \TypeError / function crypto_box_seal( #[\SensitiveParameter] $message, $publicKey ) { return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); } } if (!is_callable('\\Sodium\\crypto_box_seal_open')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_seal_open() * @param string $message * @param string $kp * @return string\|bool / function crypto_box_seal_open( $message, #[\SensitiveParameter] $kp ) { try { return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); } catch (\TypeError $ex) { return false; } catch (\SodiumException $ex) { return false; } } } if (!is_callable('\\Sodium\\crypto_box_secretkey')) { /* * @see ParagonIE_Sodium_Compat::crypto_box_secretkey() * @param string $keypair * @return string * @throws \SodiumException * @throws \TypeError / function crypto_box_secretkey( #[\SensitiveParameter] $keypair ) { return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); } } if (!is_callable('\\Sodium\\crypto_generichash')) { /* * @see ParagonIE_Sodium_Compat::crypto_generichash() * @param string $message * @param string\|null $key * @param int $outLen * @return string * @throws \SodiumException * @throws \TypeError / function crypto_generichash( $message, #[\SensitiveParameter] $key = null, $outLen = 32 ) { return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); } } if (!is_callable('\\Sodium\\crypto_generichash_final')) { /* * @see ParagonIE_Sodium_Compat::crypto_generichash_final() * @param string\|null $ctx * @param int $outputLength * @return string * @throws \SodiumException * @throws \TypeError / function crypto_generichash_final( #[\SensitiveParameter] &$ctx, $outputLength = 32 ) { return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); } } if (!is_callable('\\Sodium\\crypto_generichash_init')) { /* * @see ParagonIE_Sodium_Compat::crypto_generichash_init() * @param string\|null $key * @param int $outLen * @return string * @throws \SodiumException * @throws \TypeError / function crypto_generichash_init( #[\SensitiveParameter] $key = null, $outLen = 32 ) { return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); } } if (!is_callable('\\Sodium\\crypto_generichash_update')) { /* * @see ParagonIE_Sodium_Compat::crypto_generichash_update() * @param string\|null $ctx * @param string $message * @return void * @throws \SodiumException * @throws \TypeError / function crypto_generichash_update( #[\SensitiveParameter] &$ctx, $message = '' ) { ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); } } if (!is_callable('\\Sodium\\crypto_kx')) { /* * @see ParagonIE_Sodium_Compat::crypto_kx() * @param string $my_secret * @param string $their_public * @param string $client_public * @param string $server_public * @return string * @throws \SodiumException * @throws \TypeError / function crypto_kx( #[\SensitiveParameter] $my_secret, $their_public, $client_public, $server_public ) { return ParagonIE_Sodium_Compat::crypto_kx( $my_secret, $their_public, $client_public, $server_public, true ); } } if (!is_callable('\\Sodium\\crypto_pwhash')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash() * @param int $outlen * @param string $passwd * @param string $salt * @param int $opslimit * @param int $memlimit * @return string * @throws \SodiumException * @throws \TypeError / function crypto_pwhash( $outlen, #[\SensitiveParameter] $passwd, $salt, $opslimit, $memlimit ) { return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); } } if (!is_callable('\\Sodium\\crypto_pwhash_str')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_str() * @param string $passwd * @param int $opslimit * @param int $memlimit * @return string * @throws \SodiumException * @throws \TypeError / function crypto_pwhash_str( #[\SensitiveParameter] $passwd, $opslimit, $memlimit ) { return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); } } if (!is_callable('\\Sodium\\crypto_pwhash_str_verify')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_str_verify() * @param string $passwd * @param string $hash * @return bool * @throws \SodiumException * @throws \TypeError / function crypto_pwhash_str_verify( #[\SensitiveParameter] $passwd, #[\SensitiveParameter] $hash ) { return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); } } if (!is_callable('\\Sodium\\crypto_pwhash_scryptsalsa208sha256')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256() * @param int $outlen * @param string $passwd * @param string $salt * @param int $opslimit * @param int $memlimit * @return string * @throws \SodiumException * @throws \TypeError / function crypto_pwhash_scryptsalsa208sha256( $outlen, #[\SensitiveParameter] $passwd, #[\SensitiveParameter] $salt, $opslimit, $memlimit ) { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); } } if (!is_callable('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str() * @param string $passwd * @param int $opslimit * @param int $memlimit * @return string * @throws \SodiumException * @throws \TypeError / function crypto_pwhash_scryptsalsa208sha256_str( #[\SensitiveParameter] $passwd, $opslimit, $memlimit ) { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); } } if (!is_callable('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str_verify')) { /* * @see ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify() * @param string $passwd * @param string $hash * @return bool * @throws \SodiumException * @throws \TypeError / function crypto_pwhash_scryptsalsa208sha256_str_verify( #[\SensitiveParameter] $passwd, #[\SensitiveParameter] $hash ) { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); } } if (!is_callable('\\Sodium\\crypto_scalarmult')) { /* * @see ParagonIE_Sodium_Compat::crypto_scalarmult() * @param string $n * @param string $p * @return string * @throws \SodiumException * @throws \TypeError / function crypto_scalarmult( #[\SensitiveParameter] $n, $p ) { return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); } } if (!is_callable('\\Sodium\\crypto_scalarmult_base')) { /* * @see ParagonIE_Sodium_Compat::crypto_scalarmult_base() * @param string $n * @return string * @throws \SodiumException * @throws \TypeError / function crypto_scalarmult_base( #[\SensitiveParameter] $n ) { return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); } } if (!is_callable('\\Sodium\\crypto_secretbox')) { /* * @see ParagonIE_Sodium_Compat::crypto_secretbox() * @param string $message * @param string $nonce * @param string $key * @return string * @throws \SodiumException * @throws \TypeError / function crypto_secretbox( #[\SensitiveParameter] $message, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); } } if (!is_callable('\\Sodium\\crypto_secretbox_open')) { /* * @see ParagonIE_Sodium_Compat::crypto_secretbox_open() * @param string $message * @param string $nonce * @param string $key * @return string\|bool / function crypto_secretbox_open( $message, $nonce, #[\SensitiveParameter] $key ) { try { return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); } catch (\TypeError $ex) { return false; } catch (\SodiumException $ex) { return false; } } } if (!is_callable('\\Sodium\\crypto_shorthash')) { /* * @see ParagonIE_Sodium_Compat::crypto_shorthash() * @param string $message * @param string $key * @return string * @throws \SodiumException * @throws \TypeError / function crypto_shorthash( $message, #[\SensitiveParameter] $key = '' ) { return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); } } if (!is_callable('\\Sodium\\crypto_sign')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign() * @param string $message * @param string $sk * @return string * @throws \SodiumException * @throws \TypeError / function crypto_sign( $message, #[\SensitiveParameter] $sk ) { return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); } } if (!is_callable('\\Sodium\\crypto_sign_detached')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_detached() * @param string $message * @param string $sk * @return string * @throws \SodiumException * @throws \TypeError / function crypto_sign_detached( $message, #[\SensitiveParameter] $sk ) { return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); } } if (!is_callable('\\Sodium\\crypto_sign_keypair')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_keypair() * @return string * @throws \SodiumException * @throws \TypeError / function crypto_sign_keypair() { return ParagonIE_Sodium_Compat::crypto_sign_keypair(); } } if (!is_callable('\\Sodium\\crypto_sign_open')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_open() * @param string $signedMessage * @param string $pk * @return string\|bool / function crypto_sign_open($signedMessage, $pk) { try { return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); } catch (\TypeError $ex) { return false; } catch (\SodiumException $ex) { return false; } } } if (!is_callable('\\Sodium\\crypto_sign_publickey')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_publickey() * @param string $keypair * @return string * @throws \SodiumException * @throws \TypeError / function crypto_sign_publickey( #[\SensitiveParameter] $keypair ) { return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); } } if (!is_callable('\\Sodium\\crypto_sign_publickey_from_secretkey')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey() * @param string $sk * @return string * @throws \SodiumException * @throws \TypeError / function crypto_sign_publickey_from_secretkey( #[\SensitiveParameter] $sk ) { return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); } } if (!is_callable('\\Sodium\\crypto_sign_secretkey')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_secretkey() * @param string $keypair * @return string * @throws \SodiumException * @throws \TypeError / function crypto_sign_secretkey( #[\SensitiveParameter] $keypair ) { return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); } } if (!is_callable('\\Sodium\\crypto_sign_seed_keypair')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_seed_keypair() * @param string $seed * @return string * @throws \SodiumException * @throws \TypeError / function crypto_sign_seed_keypair( #[\SensitiveParameter] $seed ) { return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); } } if (!is_callable('\\Sodium\\crypto_sign_verify_detached')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_verify_detached() * @param string $signature * @param string $message * @param string $pk * @return bool * @throws \SodiumException * @throws \TypeError / function crypto_sign_verify_detached($signature, $message, $pk) { return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); } } if (!is_callable('\\Sodium\\crypto_sign_ed25519_pk_to_curve25519')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_ed25519_pk_to_curve25519() * @param string $pk * @return string * @throws \SodiumException * @throws \TypeError / function crypto_sign_ed25519_pk_to_curve25519($pk) { return ParagonIE_Sodium_Compat::crypto_sign_ed25519_pk_to_curve25519($pk); } } if (!is_callable('\\Sodium\\crypto_sign_ed25519_sk_to_curve25519')) { /* * @see ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519() * @param string $sk * @return string * @throws \SodiumException * @throws \TypeError / function crypto_sign_ed25519_sk_to_curve25519( #[\SensitiveParameter] $sk ) { return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($sk); } } if (!is_callable('\\Sodium\\crypto_stream')) { /* * @see ParagonIE_Sodium_Compat::crypto_stream() * @param int $len * @param string $nonce * @param string $key * @return string * @throws \SodiumException * @throws \TypeError / function crypto_stream( $len, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); } } if (!is_callable('\\Sodium\\crypto_stream_xor')) { /* * @see ParagonIE_Sodium_Compat::crypto_stream_xor() * @param string $message * @param string $nonce * @param string $key * @return string * @throws \SodiumException * @throws \TypeError / function crypto_stream_xor( #[\SensitiveParameter] $message, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); } } if (!is_callable('\\Sodium\\hex2bin')) { /* * @see ParagonIE_Sodium_Compat::hex2bin() * @param string $string * @return string * @throws \SodiumException * @throws \TypeError / function hex2bin( #[\SensitiveParameter] $string ) { return ParagonIE_Sodium_Compat::hex2bin($string); } } if (!is_callable('\\Sodium\\memcmp')) { /* * @see ParagonIE_Sodium_Compat::memcmp() * @param string $a * @param string $b * @return int * @throws \SodiumException * @throws \TypeError / function memcmp( #[\SensitiveParameter] $a, #[\SensitiveParameter] $b ) { return ParagonIE_Sodium_Compat::memcmp($a, $b); } } if (!is_callable('\\Sodium\\memzero')) { /* * @see ParagonIE_Sodium_Compat::memzero() * @param string $str * @return void * @throws \SodiumException * @throws \TypeError * * @psalm-suppress MissingParamType * @psalm-suppress MissingReturnType * @psalm-suppress ReferenceConstraintViolation / function memzero( #[\SensitiveParameter] &$str ) { ParagonIE_Sodium_Compat::memzero($str); } } if (!is_callable('\\Sodium\\randombytes_buf')) { /* * @see ParagonIE_Sodium_Compat::randombytes_buf() * @param int $amount * @return string * @throws \TypeError / function randombytes_buf($amount) { return ParagonIE_Sodium_Compat::randombytes_buf($amount); } } if (!is_callable('\\Sodium\\randombytes_uniform')) { /* * @see ParagonIE_Sodium_Compat::randombytes_uniform() * @param int $upperLimit * @return int * @throws \SodiumException * @throws \Error / function randombytes_uniform($upperLimit) { return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); } } if (!is_callable('\\Sodium\\randombytes_random16')) { /* * @see ParagonIE_Sodium_Compat::randombytes_random16() * @return int / function randombytes_random16() { return ParagonIE_Sodium_Compat::randombytes_random16(); } } if (!defined('\\Sodium\\CRYPTO_AUTH_BYTES')) { require_once dirname(__FILE__) . '/constants.php'; } ��php84compat.php��0000644��00000007110�15105241005�0007414 0��ustar�00��<?php require_once dirname(dirname(__FILE__)) . '/autoload.php'; /* * This file will monkey patch the pure-PHP implementation in place of the * PECL functions and constants, but only if they do not already exist. * * Thus, the functions or constants just proxy to the appropriate * ParagonIE_Sodium_Compat method or class constant, respectively. / foreach (array( 'CRYPTO_AEAD_AESGIS128L_KEYBYTES', 'CRYPTO_AEAD_AESGIS128L_NSECBYTES', 'CRYPTO_AEAD_AESGIS128L_NPUBBYTES', 'CRYPTO_AEAD_AESGIS128L_ABYTES', 'CRYPTO_AEAD_AESGIS256_KEYBYTES', 'CRYPTO_AEAD_AESGIS256_NSECBYTES', 'CRYPTO_AEAD_AESGIS256_NPUBBYTES', 'CRYPTO_AEAD_AESGIS256_ABYTES', ) as $constant ) { if (!defined("SODIUM_$constant") && defined("ParagonIE_Sodium_Compat::$constant")) { define("SODIUM_$constant", constant("ParagonIE_Sodium_Compat::$constant")); } } if (!is_callable('sodium_crypto_aead_aegis128l_decrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aegis128l_decrypt() * @param string $ciphertext * @param string $additional_data * @param string $nonce * @param string $key * @return string * @throws SodiumException / function sodium_crypto_aead_aegis128l_decrypt( $ciphertext, $additional_data, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_aegis128l_decrypt( $ciphertext, $additional_data, $nonce, $key ); } } if (!is_callable('sodium_crypto_aead_aegis128l_encrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aegis128l_encrypt() * @param string $message * @param string $additional_data * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_aead_aegis128l_encrypt( #[\SensitiveParameter] $message, $additional_data, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_aegis128l_encrypt( $message, $additional_data, $nonce, $key ); } } if (!is_callable('sodium_crypto_aead_aegis256_decrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aegis256_encrypt() * @param string $ciphertext * @param string $additional_data * @param string $nonce * @param string $key * @return string * @throws SodiumException / function sodium_crypto_aead_aegis256_decrypt( $ciphertext, $additional_data, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_aegis256_decrypt( $ciphertext, $additional_data, $nonce, $key ); } } if (!is_callable('sodium_crypto_aead_aegis256_encrypt')) { /* * @see ParagonIE_Sodium_Compat::crypto_aead_aegis256_encrypt() * @param string $message * @param string $additional_data * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_aead_aegis256_encrypt( #[\SensitiveParameter] $message, $additional_data, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_aead_aegis256_encrypt( $message, $additional_data, $nonce, $key ); } } ��stream-xchacha20.php��0000644��00000004033�15105241005�0010300 0��ustar�00��<?php if (!is_callable('sodium_crypto_stream_xchacha20')) { /* * @see ParagonIE_Sodium_Compat::crypto_stream_xchacha20() * @param int $len * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_stream_xchacha20( $len, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_stream_xchacha20($len, $nonce, $key, true); } } if (!is_callable('sodium_crypto_stream_xchacha20_keygen')) { /* * @see ParagonIE_Sodium_Compat::crypto_stream_xchacha20_keygen() * @return string * @throws Exception / function sodium_crypto_stream_xchacha20_keygen() { return ParagonIE_Sodium_Compat::crypto_stream_xchacha20_keygen(); } } if (!is_callable('sodium_crypto_stream_xchacha20_xor')) { /* * @see ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor() * @param string $message * @param string $nonce * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_stream_xchacha20_xor( #[\SensitiveParameter] $message, $nonce, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor($message, $nonce, $key, true); } } if (!is_callable('sodium_crypto_stream_xchacha20_xor_ic')) { /* * @see ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor_ic() * @param string $message * @param string $nonce * @param int $counter * @param string $key * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_stream_xchacha20_xor_ic( #[\SensitiveParameter] $message, $nonce, $counter, #[\SensitiveParameter] $key ) { return ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key, true); } } ��ristretto255.php��0000644��00000017451�15105241005�0007551 0��ustar�00��<?php if (!defined('SODIUM_CRYPTO_CORE_RISTRETTO255_BYTES')) { define( 'SODIUM_CRYPTO_CORE_RISTRETTO255_BYTES', ParagonIE_Sodium_Compat::CRYPTO_CORE_RISTRETTO255_BYTES ); define('SODIUM_COMPAT_POLYFILLED_RISTRETTO255', true); } if (!defined('SODIUM_CRYPTO_CORE_RISTRETTO255_HASHBYTES')) { define( 'SODIUM_CRYPTO_CORE_RISTRETTO255_HASHBYTES', ParagonIE_Sodium_Compat::CRYPTO_CORE_RISTRETTO255_HASHBYTES ); } if (!defined('SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES')) { define( 'SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES', ParagonIE_Sodium_Compat::CRYPTO_CORE_RISTRETTO255_SCALARBYTES ); } if (!defined('SODIUM_CRYPTO_CORE_RISTRETTO255_NONREDUCEDSCALARBYTES')) { define( 'SODIUM_CRYPTO_CORE_RISTRETTO255_NONREDUCEDSCALARBYTES', ParagonIE_Sodium_Compat::CRYPTO_CORE_RISTRETTO255_NONREDUCEDSCALARBYTES ); } if (!defined('SODIUM_CRYPTO_SCALARMULT_RISTRETTO255_SCALARBYTES')) { define( 'SODIUM_CRYPTO_SCALARMULT_RISTRETTO255_SCALARBYTES', ParagonIE_Sodium_Compat::CRYPTO_SCALARMULT_RISTRETTO255_SCALARBYTES ); } if (!defined('SODIUM_CRYPTO_SCALARMULT_RISTRETTO255_BYTES')) { define( 'SODIUM_CRYPTO_SCALARMULT_RISTRETTO255_BYTES', ParagonIE_Sodium_Compat::CRYPTO_SCALARMULT_RISTRETTO255_BYTES ); } if (!is_callable('sodium_crypto_core_ristretto255_add')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_add() * * @param string $p * @param string $q * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_add( #[\SensitiveParameter] $p, #[\SensitiveParameter] $q ) { return ParagonIE_Sodium_Compat::ristretto255_add($p, $q, true); } } if (!is_callable('sodium_crypto_core_ristretto255_from_hash')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_from_hash() * * @param string $s * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_from_hash( #[\SensitiveParameter] $s ) { return ParagonIE_Sodium_Compat::ristretto255_from_hash($s, true); } } if (!is_callable('sodium_crypto_core_ristretto255_is_valid_point')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_is_valid_point() * * @param string $s * @return bool * @throws SodiumException / function sodium_crypto_core_ristretto255_is_valid_point( #[\SensitiveParameter] $s ) { return ParagonIE_Sodium_Compat::ristretto255_is_valid_point($s, true); } } if (!is_callable('sodium_crypto_core_ristretto255_random')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_random() * * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_random() { return ParagonIE_Sodium_Compat::ristretto255_random(true); } } if (!is_callable('sodium_crypto_core_ristretto255_scalar_add')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_scalar_add() * * @param string $x * @param string $y * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_scalar_add( #[\SensitiveParameter] $x, #[\SensitiveParameter] $y ) { return ParagonIE_Sodium_Compat::ristretto255_scalar_add($x, $y, true); } } if (!is_callable('sodium_crypto_core_ristretto255_scalar_complement')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_scalar_complement() * * @param string $s * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_scalar_complement( #[\SensitiveParameter] $s ) { return ParagonIE_Sodium_Compat::ristretto255_scalar_complement($s, true); } } if (!is_callable('sodium_crypto_core_ristretto255_scalar_invert')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_scalar_invert() * * @param string $p * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_scalar_invert( #[\SensitiveParameter] $p ) { return ParagonIE_Sodium_Compat::ristretto255_scalar_invert($p, true); } } if (!is_callable('sodium_crypto_core_ristretto255_scalar_mul')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_scalar_mul() * * @param string $x * @param string $y * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_scalar_mul( #[\SensitiveParameter] $x, #[\SensitiveParameter] $y ) { return ParagonIE_Sodium_Compat::ristretto255_scalar_mul($x, $y, true); } } if (!is_callable('sodium_crypto_core_ristretto255_scalar_negate')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_scalar_negate() * * @param string $s * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_scalar_negate( #[\SensitiveParameter] $s ) { return ParagonIE_Sodium_Compat::ristretto255_scalar_negate($s, true); } } if (!is_callable('sodium_crypto_core_ristretto255_scalar_random')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_scalar_random() * * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_scalar_random() { return ParagonIE_Sodium_Compat::ristretto255_scalar_random(true); } } if (!is_callable('sodium_crypto_core_ristretto255_scalar_reduce')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_scalar_reduce() * * @param string $s * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_scalar_reduce( #[\SensitiveParameter] $s ) { return ParagonIE_Sodium_Compat::ristretto255_scalar_reduce($s, true); } } if (!is_callable('sodium_crypto_core_ristretto255_scalar_sub')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_scalar_sub() * * @param string $x * @param string $y * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_scalar_sub( #[\SensitiveParameter] $x, #[\SensitiveParameter] $y ) { return ParagonIE_Sodium_Compat::ristretto255_scalar_sub($x, $y, true); } } if (!is_callable('sodium_crypto_core_ristretto255_sub')) { /* * @see ParagonIE_Sodium_Compat::ristretto255_sub() * * @param string $p * @param string $q * @return string * @throws SodiumException / function sodium_crypto_core_ristretto255_sub( #[\SensitiveParameter] $p, #[\SensitiveParameter] $q ) { return ParagonIE_Sodium_Compat::ristretto255_sub($p, $q, true); } } if (!is_callable('sodium_crypto_scalarmult_ristretto255')) { /* * @see ParagonIE_Sodium_Compat::crypto_scalarmult_ristretto255() * @param string $n * @param string $p * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_scalarmult_ristretto255( #[\SensitiveParameter] $n, #[\SensitiveParameter] $p ) { return ParagonIE_Sodium_Compat::scalarmult_ristretto255($n, $p, true); } } if (!is_callable('sodium_crypto_scalarmult_ristretto255_base')) { /* * @see ParagonIE_Sodium_Compat::crypto_scalarmult_ristretto255_base() * @param string $n * @return string * @throws SodiumException * @throws TypeError / function sodium_crypto_scalarmult_ristretto255_base( #[\SensitiveParameter] $n ) { return ParagonIE_Sodium_Compat::scalarmult_ristretto255_base($n, true); } }��namespaced.php��0000644��00000002501�15105241005�0007344 0��ustar�00��<?php require_once dirname(dirname(__FILE__)) . '/autoload.php'; if (PHP_VERSION_ID < 50300) { return; } / * This file is just for convenience, to allow developers to reduce verbosity when * they add this project to their libraries. * * Replace this: * * $x = ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_encrypt(...$args); * * with this: * * use ParagonIE\Sodium\Compat; * * $x = Compat::crypto_aead_xchacha20poly1305_encrypt(...$args); / spl_autoload_register(function ($class) { if ($class[0] === '\\') { $class = substr($class, 1); } $namespace = 'ParagonIE\\Sodium'; // Does the class use the namespace prefix? $len = strlen($namespace); if (strncmp($namespace, $class, $len) !== 0) { // no, move to the next registered autoloader return false; } // Get the relative class name $relative_class = substr($class, $len); // Replace the namespace prefix with the base directory, replace namespace // separators with directory separators in the relative class name, append // with .php $file = dirname(dirname(__FILE__)) . '/namespaced/' . str_replace('\\', '/', $relative_class) . '.php'; // if the file exists, require it if (file_exists($file)) { require_once $file; return true; } return false; }); ��hybridauth/Provider/Google.php��0000644��00000013247�15105600516�0012434 0��ustar�00��<?php /! * Hybridauth * https://hybridauth.github.io \| https://github.com/hybridauth/hybridauth * (c) 2017 Hybridauth authors \| https://hybridauth.github.io/license.html / namespace Hybridauth\Provider; use Hybridauth\Adapter\OAuth2; use Hybridauth\Exception\UnexpectedApiResponseException; use Hybridauth\Data; use Hybridauth\User; /* * Google OAuth2 provider adapter. * * Example: * * $config = [ * 'callback' => Hybridauth\HttpClient\Util::getCurrentUrl(), * 'keys' => ['id' => '', 'secret' => ''], * 'scope' => 'https://www.googleapis.com/auth/userinfo.profile', * * // google's custom auth url params * 'authorize_url_parameters' => [ * 'approval_prompt' => 'force', // to pass only when you need to acquire a new refresh token. * 'access_type' => .., // is set to 'offline' by default * 'hd' => .., * 'state' => .., * // etc. * ] * ]; * * $adapter = new Hybridauth\Provider\Goog

| ver. 1.4 | Github| . | PHP 8.1.33 | Generation time: 0.91 | proxy | phpinfo | Settings