From 5919a9cd567319a432436b2518e5bffe36d6f5c6 Mon Sep 17 00:00:00 2001 From: Michael M Slusarz Date: Fri, 19 Mar 2010 00:45:28 -0600 Subject: [PATCH] Refactor Horde_Secret. Remove Horde_Cipher - simply more maintenance for a class that doesn't do anything better than can already be done with a PEAR equivalent. Horde now requires Crypt_Blowfish instead. Crypt_Blowfish has built-in support for mcrypt, so that optimization still applies. However, blowfish is an efficient algorithm so the PHP-version is most likely fine for the vast majority of users (trying to reduce install complexity). Horde_Secret:: now has an OO-interface and no longer relies on Horde_Core. --- folks/edit/password.php | 10 +- framework/Auth/lib/Horde/Auth.php | 16 +- framework/Cipher/lib/Horde/Cipher.php | 123 ------ framework/Cipher/lib/Horde/Cipher/BlockMode.php | 79 ---- .../Cipher/lib/Horde/Cipher/BlockMode/Cbc.php | 78 ---- .../Cipher/lib/Horde/Cipher/BlockMode/Cfb64.php | 82 ---- .../Cipher/lib/Horde/Cipher/BlockMode/Ecb.php | 71 ---- .../Cipher/lib/Horde/Cipher/BlockMode/Ofb64.php | 75 ---- framework/Cipher/lib/Horde/Cipher/Des.php | 419 --------------------- framework/Cipher/lib/Horde/Cipher/Rc2.php | 181 --------- framework/Cipher/lib/Horde/Cipher/Rc4.php | 85 ----- framework/Cipher/package.xml | 100 ----- framework/Cipher/test/Horde/Cipher/Cipher1.phpt | 66 ---- framework/Cipher/test/Horde/Cipher/Cipher2.phpt | 87 ----- framework/Cipher/test/Horde/Cipher/Cipher3.phpt | 62 --- framework/Cipher/test/Horde/Cipher/Cipher4.phpt | 50 --- .../Cipher/test/Horde/Cipher/cipher_functions.php | 48 --- framework/Core/lib/Horde/Core/Binder/Secret.php | 21 ++ framework/Core/lib/Horde/Registry.php | 8 +- framework/Core/package.xml | 2 + .../Imap_Client/lib/Horde/Imap/Client/Base.php | 6 +- .../Kolab_Filter/lib/Horde/Kolab/Resource.php | 7 +- framework/Secret/lib/Horde/Secret.php | 184 +++++---- framework/Secret/lib/Horde/Secret/Exception.php | 16 + framework/Secret/package.xml | 55 ++- framework/Secret/test/Horde/Secret/AllTests.php | 36 ++ framework/Secret/test/Horde/Secret/Autoload.php | 29 ++ .../Secret/test/Horde/Secret/Class/SecretTest.php | 64 ++++ framework/Secret/test/Horde/Secret/phpunit.xml | 8 + gollem/lib/Auth.php | 6 +- gollem/lib/Gollem.php | 3 +- horde/docs/INSTALL | 81 ++-- horde/lib/Test.php | 3 + horde/login.php | 2 +- imp/lib/Application.php | 9 +- imp/lib/Auth.php | 3 +- imp/lib/Crypt/Pgp.php | 12 +- imp/lib/Crypt/Smime.php | 7 +- imp/lib/Imap.php | 2 +- imp/lib/Quota.php | 3 +- kronolith/calendars/remote_edit.php | 5 +- kronolith/lib/Forms/EditRemoteCalendar.php | 5 +- kronolith/lib/Kronolith.php | 10 +- 43 files changed, 430 insertions(+), 1789 deletions(-) delete mode 100644 framework/Cipher/lib/Horde/Cipher.php delete mode 100644 framework/Cipher/lib/Horde/Cipher/BlockMode.php delete mode 100644 framework/Cipher/lib/Horde/Cipher/BlockMode/Cbc.php delete mode 100644 framework/Cipher/lib/Horde/Cipher/BlockMode/Cfb64.php delete mode 100644 framework/Cipher/lib/Horde/Cipher/BlockMode/Ecb.php delete mode 100644 framework/Cipher/lib/Horde/Cipher/BlockMode/Ofb64.php delete mode 100644 framework/Cipher/lib/Horde/Cipher/Des.php delete mode 100644 framework/Cipher/lib/Horde/Cipher/Rc2.php delete mode 100644 framework/Cipher/lib/Horde/Cipher/Rc4.php delete mode 100644 framework/Cipher/package.xml delete mode 100644 framework/Cipher/test/Horde/Cipher/Cipher1.phpt delete mode 100644 framework/Cipher/test/Horde/Cipher/Cipher2.phpt delete mode 100644 framework/Cipher/test/Horde/Cipher/Cipher3.phpt delete mode 100644 framework/Cipher/test/Horde/Cipher/Cipher4.phpt delete mode 100644 framework/Cipher/test/Horde/Cipher/cipher_functions.php create mode 100644 framework/Core/lib/Horde/Core/Binder/Secret.php create mode 100644 framework/Secret/lib/Horde/Secret/Exception.php create mode 100644 framework/Secret/test/Horde/Secret/AllTests.php create mode 100644 framework/Secret/test/Horde/Secret/Autoload.php create mode 100644 framework/Secret/test/Horde/Secret/Class/SecretTest.php create mode 100644 framework/Secret/test/Horde/Secret/phpunit.xml diff --git a/folks/edit/password.php b/folks/edit/password.php index 354d82d59..e56893eea 100644 --- a/folks/edit/password.php +++ b/folks/edit/password.php @@ -161,12 +161,10 @@ do { // reset credentials so user is not forced to relogin if (Horde_Auth::getCredential('password') == $info['old']) { Horde_Auth::setCredential('password', $info['new']); - if (Horde_Auth::getProvider() == 'imp' || !empty($_SESSION['imp']['pass'])) { - $_SESSION['imp']['pass'] = Horde_Secret::write(Horde_Secret::getKey('imp'), - $info['new']); - } elseif (Horde_Auth::getProvider() == 'mimp' || !empty($_SESSION['mimp']['pass'])) { - $_SESSION['mimp']['pass'] = Horde_Secret::write(Horde_Secret::getKey('mimp'), - $info['new']); + $secret = $injector->getInstance('Horde_Secret'); + if (Horde_Auth::getProvider() == 'imp' || + !empty($_SESSION['imp']['pass'])) { + $_SESSION['imp']['pass'] = $secret->write($secret->getKey('imp'), $info['new']); } } diff --git a/framework/Auth/lib/Horde/Auth.php b/framework/Auth/lib/Horde/Auth.php index da722c850..c60b364a5 100644 --- a/framework/Auth/lib/Horde/Auth.php +++ b/framework/Auth/lib/Horde/Auth.php @@ -658,7 +658,8 @@ class Horde_Auth $credentials = array($credential => $value); } - $_SESSION['horde_auth']['app'][$app] = Horde_Secret::write(Horde_Secret::getKey('auth'), serialize($credentials)); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $_SESSION['horde_auth']['app'][$app] = $secret->write($secret->getKey('auth'), serialize($credentials)); } } } @@ -676,9 +677,12 @@ class Horde_Auth $app = $_SESSION['horde_auth']['credentials']; } - return isset($_SESSION['horde_auth']['app']) - ? @unserialize(Horde_Secret::read(Horde_Secret::getKey('auth'), $_SESSION['horde_auth']['app'][$app])) - : false; + if (!isset($_SESSION['horde_auth']['app'])) { + return false; + } + + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + return @unserialize($secret->read($secret->getKey('auth'), $_SESSION['horde_auth']['app'][$app])); } /** @@ -721,7 +725,9 @@ class Horde_Auth $app_array = $is_auth ? $_SESSION['horde_auth']['app'] : array(); - $app_array[$app] = Horde_Secret::write(Horde_Secret::getKey('auth'), serialize($credentials)); + + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $app_array[$app] = $secret->write($secret->getKey('auth'), serialize($credentials)); if ($is_auth) { /* Store app credentials. */ diff --git a/framework/Cipher/lib/Horde/Cipher.php b/framework/Cipher/lib/Horde/Cipher.php deleted file mode 100644 index 171a04de3..000000000 --- a/framework/Cipher/lib/Horde/Cipher.php +++ /dev/null @@ -1,123 +0,0 @@ - - * @package Horde_Cipher - */ -class Horde_Cipher -{ - /** - * The block mode for the cipher chaining - * - * @var string - */ - protected $_blockMode = 'cbc'; - - /** - * The block size. - * - * @var integer - */ - protected $_blockSize = 8; - - /** - * The initialization vector - * - * @var string - */ - protected $_iv = null; - - /** - * Attempts to return a concrete Horde_Cipher instance. - * - * @param string $cipher The type of concrete Horde_Cipher subclass to - * return. - * @param array $params A hash containing any additional parameters a - * subclass might need. - * - * @return Horde_Cipher The newly created concrete Horde_Cipher instance. - * @throws Horde_Exception - */ - static public function factory($driver, $params = null) - { - $class = 'Horde_Cipher_' . Horde_String::ucfirst(basename($driver)); - if (!class_exists($class)) { - throw new Horde_Exception('Driver ' . $driver . ' not found'); - } - return new $class($params); - } - - /** - * Set the block mode for cipher chaining. - * - * @param string $blockMode The new blockmode. - */ - public function setBlockMode($blockMode) - { - $this->_blockMode = $blockMode; - } - - /** - * Return the size of the blocks that this cipher needs. - * - * @return integer The number of characters per block. - */ - public function getBlockSize() - { - return $this->_blockSize; - } - - /** - * Set the IV. - * - * @param string $iv The new IV. - */ - public function setIV($iv) - { - $this->_iv = $iv; - } - - /** - * Encrypt a string. - * - * @param string $plaintext The data to encrypt. - * - * @return string The encrypted data. - */ - public function encrypt($plaintext) - { - $blockMode = Horde_Cipher_BlockMode::factory($this->_blockMode); - - if (!is_null($this->_iv)) { - $blockMode->setIV($this->_iv); - } - - return $blockMode->encrypt($this, $plaintext); - } - - /** - * Decrypt a string. - * - * @param string $ciphertext The data to decrypt. - * - * @return string The decrypted data. - */ - public function decrypt($ciphertext) - { - $blockMode = Horde_Cipher_BlockMode::factory($this->_blockMode); - - if (!is_null($this->_iv)) { - $blockMode->setIV($this->_iv); - } - - return $blockMode->decrypt($this, $ciphertext); - } - -} diff --git a/framework/Cipher/lib/Horde/Cipher/BlockMode.php b/framework/Cipher/lib/Horde/Cipher/BlockMode.php deleted file mode 100644 index 3bb43e399..000000000 --- a/framework/Cipher/lib/Horde/Cipher/BlockMode.php +++ /dev/null @@ -1,79 +0,0 @@ - - * @package Horde_Cipher - */ -class Horde_Cipher_BlockMode -{ - /** - * The initialization vector. - * - * @var string - */ - protected $_iv = "\0\0\0\0\0\0\0\0"; - - /** - * Attempts to return a concrete instance based on $mode. - * - * @param string $mode The type of concrete subclass to return. - * subclass to return. - * @param array $params A hash containing any additional parameters a - * subclass might need. - * - * @return Horde_Cipher_BlockMode The newly created concrete instance. - * @throws Horde_Exception - */ - static public function factory($driver, $params = null) - { - $class = 'Horde_Cipher_BlockMode_' . Horde_String::ucfirst(basename($driver)); - if (!class_exists($class)) { - throw new Horde_Exception('Driver ' . $driver . ' not found'); - } - return new $class($params); - } - - /** - * Set the IV. - * - * @param string $iv The new IV. - */ - public function setIV($iv) - { - $this->_iv = $iv; - } - - /** - * Encrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for encryption. - * @param string $plaintext The data to encrypt. - * - * @return string The encrypted data. - */ - public function encrypt($cipher, $plaintext) - { - return $plaintext; - } - - /** - * Decrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for decryption. - * @param string $ciphertext The data to decrypt. - * - * @return string The decrypted data. - */ - public function decrypt($cipher, $ciphertext) - { - return $ciphertext; - } - -} diff --git a/framework/Cipher/lib/Horde/Cipher/BlockMode/Cbc.php b/framework/Cipher/lib/Horde/Cipher/BlockMode/Cbc.php deleted file mode 100644 index 65f5d23ca..000000000 --- a/framework/Cipher/lib/Horde/Cipher/BlockMode/Cbc.php +++ /dev/null @@ -1,78 +0,0 @@ - - * @package Horde_Cipher - */ -class Horde_Cipher_BlockMode_Cbc extends Horde_Cipher_BlockMode -{ - /** - * Encrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for encryption. - * @param string $plaintext The data to encrypt. - * - * @return string The encrypted data. - */ - public function encrypt($cipher, $plaintext) - { - $encrypted = ''; - - $blocksize = $cipher->getBlockSize(); - $previousCipher = $this->_iv; - - $jMax = strlen($plaintext); - for ($j = 0; $j < $jMax; $j += $blocksize) { - $plain = substr($plaintext, $j, $blocksize); - - if (strlen($plain) < $blocksize) { - // pad the block with \0's if it's not long enough - $plain = str_pad($plain, 8, "\0"); - } - - $plain = $plain ^ $previousCipher; - $previousCipher = $cipher->encryptBlock($plain); - $encrypted .= $previousCipher; - } - - return $encrypted; - } - - /** - * Decrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for decryption. - * @param string $ciphertext The data to decrypt. - * - * @return string The decrypted data. - */ - public function decrypt($cipher, $ciphertext) - { - $decrypted = ''; - - $blocksize = $cipher->getBlockSize(); - $previousCipher = $this->_iv; - - $jMax = strlen($ciphertext); - for ($j = 0; $j < $jMax; $j += $blocksize) { - $plain = substr($ciphertext, $j, $blocksize); - $decrypted .= $cipher->decryptBlock($plain) ^ $previousCipher; - $previousCipher = $plain; - } - - // Remove trailing \0's used to pad the last block. - while (substr($decrypted, -1, 1) == "\0") { - $decrypted = substr($decrypted, 0, -1); - } - - return $decrypted; - } - -} diff --git a/framework/Cipher/lib/Horde/Cipher/BlockMode/Cfb64.php b/framework/Cipher/lib/Horde/Cipher/BlockMode/Cfb64.php deleted file mode 100644 index 257f37dc1..000000000 --- a/framework/Cipher/lib/Horde/Cipher/BlockMode/Cfb64.php +++ /dev/null @@ -1,82 +0,0 @@ - - * @package Horde_Cipher - */ -class Horde_Cipher_BlockMode_Cfb64 extends Horde_Cipher_BlockMode -{ - /** - * Encrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for encryption. - * @param string $plaintext The data to encrypt. - * - * @return string The encrypted data. - */ - public function encrypt($cipher, $plaintext) - { - $encrypted = ''; - - $n = 0; - $jMax = strlen($plaintext); - for ($j = 0; $j < $jMax; ++$j) { - if ($n == 0) { - $this->_iv = $cipher->encryptBlock($this->_iv); - } - - $c = $plaintext[$j] ^ $this->_iv[$n]; - $this->_iv = substr($this->_iv, 0, $n) . $c . substr($this->_iv, $n + 1); - $encrypted .= $c; - - $n = (++$n) & 0x07; - } - - return $encrypted; - } - - /** - * Decrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for decryption. - * @param string $ciphertext The data to decrypt. - * - * @return string The decrypted data. - */ - public function decrypt($cipher, $ciphertext) - { - $decrypted = ''; - - $n = 0; - $jMax = strlen($ciphertext); - for ($j = 0; $j < $jMax; ++$j) { - if ($n == 0) { - $this->_iv = $cipher->encryptBlock($this->_iv); - } - - $c = $ciphertext[$j] ^ $this->_iv[$n]; - $this->_iv = substr($this->_iv, 0, $n) . substr($ciphertext, $j, 1) . substr($this->_iv, $n + 1); - $decrypted .= $c; - - $n = (++$n) & 0x07; - } - - // Remove trailing \0's used to pad the last block. - while (substr($decrypted, -1, 1) == "\0") { - $decrypted = substr($decrypted, 0, -1); - } - - return $decrypted; - } - -} diff --git a/framework/Cipher/lib/Horde/Cipher/BlockMode/Ecb.php b/framework/Cipher/lib/Horde/Cipher/BlockMode/Ecb.php deleted file mode 100644 index 41c02fa17..000000000 --- a/framework/Cipher/lib/Horde/Cipher/BlockMode/Ecb.php +++ /dev/null @@ -1,71 +0,0 @@ - - * @package Horde_Cipher - */ -class Horde_Cipher_BlockMode_Ecb extends Horde_Cipher_BlockMode -{ - /** - * Encrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for encryption. - * @param string $plaintext The data to encrypt. - * - * @return string The encrypted data. - */ - public function encrypt($cipher, $plaintext) - { - $encrypted = ''; - $blocksize = $cipher->getBlockSize(); - - $jMax = strlen($plaintext); - for ($j = 0; $j < $jMax; $j += $blocksize) { - $plain = substr($plaintext, $j, $blocksize); - - if (strlen($plain) < $blocksize) { - // pad the block with \0's if it's not long enough - $plain = str_pad($plain, 8, "\0"); - } - - $encrypted .= $cipher->encryptBlock($plain); - } - - return $encrypted; - } - - /** - * Decrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for decryption. - * @param string $ciphertext The data to decrypt. - * - * @return string The decrypted data. - */ - public function decrypt($cipher, $ciphertext) - { - $decrypted = ''; - $blocksize = $cipher->getBlockSize(); - - $jMax = strlen($ciphertext); - for ($j = 0; $j < $jMax; $j += $blocksize) { - $plain = substr($ciphertext, $j, $blocksize); - $decrypted .= $cipher->decryptBlock($plain); - } - - // Remove trailing \0's used to pad the last block. - while (substr($decrypted, -1, 1) == "\0") { - $decrypted = substr($decrypted, 0, -1); - } - - return $decrypted; - } - -} diff --git a/framework/Cipher/lib/Horde/Cipher/BlockMode/Ofb64.php b/framework/Cipher/lib/Horde/Cipher/BlockMode/Ofb64.php deleted file mode 100644 index 36aec1b2f..000000000 --- a/framework/Cipher/lib/Horde/Cipher/BlockMode/Ofb64.php +++ /dev/null @@ -1,75 +0,0 @@ - - * @package Horde_Cipher - */ -class Horde_Cipher_BlockMode_Ofb64 extends Horde_Cipher_BlockMode -{ - /** - * Encrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for encryption. - * @param string $plaintext The data to encrypt. - * - * @return string The encrypted data. - */ - public function encrypt($cipher, $plaintext) - { - $encrypted = ''; - - $n = 0; - $jMax = strlen($plaintext); - for ($j = 0; $j < $jMax; ++$j) { - if ($n == 0) { - $this->_iv = $cipher->encryptBlock($this->_iv); - } - - $c = $plaintext[$j] ^ $this->_iv[$n]; - $encrypted .= $c; - - $n = (++$n) & 0x07; - } - - return $encrypted; - } - - /** - * Decrypt a string. - * - * @param Horde_Cipher $cipher Cipher algorithm to use for decryption. - * @param string $ciphertext The data to decrypt. - * - * @return string The decrypted data. - */ - public function decrypt($cipher, $ciphertext) - { - $decrypted = ''; - - $n = 0; - $jMax = strlen($ciphertext); - for ($j = 0; $j < $jMax; ++$j) { - if ($n == 0) { - $this->_iv = $cipher->encryptBlock($this->_iv); - } - - $c = $ciphertext[$j] ^ $this->_iv[$n]; - $decrypted .= $c; - - $n = (++$n) & 0x07; - } - - return $decrypted; - } - -} diff --git a/framework/Cipher/lib/Horde/Cipher/Des.php b/framework/Cipher/lib/Horde/Cipher/Des.php deleted file mode 100644 index d725a8680..000000000 --- a/framework/Cipher/lib/Horde/Cipher/Des.php +++ /dev/null @@ -1,419 +0,0 @@ - - * @package Horde_Cipher - */ -class Horde_Cipher_Des extends Horde_Cipher -{ - /** - * Initial Permutation. - * - * @var array - */ - protected $_ip = array( - 58, 50, 42, 34, 26, 18, 10, 2, - 60, 52, 44, 36, 28, 20, 12, 4, - 62, 54, 46, 38, 30, 22, 14, 6, - 64, 56, 48, 40, 32, 24, 16, 8, - 57, 49, 41, 33, 25, 17, 9, 1, - 59, 51, 43, 35, 27, 19, 11, 3, - 61, 53, 45, 37, 29, 21, 13, 5, - 63, 55, 47, 39, 31, 23, 15, 7 - ); - - /** - * Final Permutation IP^-1. - * - * @var array - */ - protected $_fp = array( - 40, 8, 48, 16, 56, 24, 64, 32, - 39, 7, 47, 15, 55, 23, 63, 31, - 38, 6, 46, 14, 54, 22, 62, 30, - 37, 5, 45, 13, 53, 21, 61, 29, - 36, 4, 44, 12, 52, 20, 60, 28, - 35, 3, 43, 11, 51, 19, 59, 27, - 34, 2, 42, 10, 50, 18, 58, 26, - 33, 1, 41, 9, 49, 17, 57, 25 - ); - - /** - * E Bit Selection Table. - * - * @var array - */ - protected $_e = array( - 32, 1, 2, 3, 4, 5, - 4, 5, 6, 7, 8, 9, - 8, 9, 10, 11, 12, 13, - 12, 13, 14, 15, 16, 17, - 16, 17, 18, 19, 20, 21, - 20, 21, 22, 23, 24, 25, - 24, 25, 26, 27, 28, 29, - 28, 29, 30, 31, 32, 1 - ); - - /** - * S boxes. - * - * @var array - */ - protected $_s = array( - /* S1 */ - 1 => array( - 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, - 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, - 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, - 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 - ), - - /* S2 */ - 2 => array( - 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, - 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, - 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, - 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9, - ), - - /* S3 */ - 3 => array( - 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, - 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, - 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, - 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12, - ), - - /* S4 */ - 4 => array( - 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, - 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, - 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, - 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14, - ), - - /* S5 */ - 5 => array( - 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9, - 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6, - 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14, - 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3, - ), - - /* S6 */ - 6 => array( - 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11, - 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8, - 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6, - 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13, - ), - - /* S7 */ - 7 => array( - 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1, - 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6, - 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2, - 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12, - ), - - /* S8 */ - 8 => array( - 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7, - 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2, - 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8, - 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 - ) - ); - - /** - * Primitive function. - * - * @var array - */ - protected $_p = array( - 16, 7, 20, 21, - 29, 12, 28, 17, - 1, 15, 23, 26, - 5, 18, 31, 10, - 2, 8, 24, 14, - 32, 27, 3, 9, - 19, 13, 30, 6, - 22, 11, 4, 25 - ); - - /** - * Permuted Choice Table. - * - * @var array - */ - protected $_pc1 = array( - 57, 49, 41, 33, 25, 17, 9, - 1, 58, 50, 42, 34, 26, 18, - 10, 2, 59, 51, 43, 35, 27, - 19, 11, 3, 60, 52, 44, 36, - - 63, 55, 47, 39, 31, 23, 15, - 7, 62, 54, 46, 38, 30, 22, - 14, 6, 61, 53, 45, 37, 29, - 21, 13, 5, 28, 20, 12, 4 - ); - - /** - * Number left rotations of pc1. - * - * @var array - */ - protected $_shifts = array( - 1, 1, 2, 2, 2, 2, 2, 2, - 1, 2, 2, 2, 2, 2, 2, 1 - ); - - /** - * Permuted Choice Table 2. - * - * @var array - */ - protected $_pc2 = array( - 14, 17, 11, 24, 1, 5, - 3, 28, 15, 6, 21, 10, - 23, 19, 12, 4, 26, 8, - 16, 7, 27, 20, 13, 2, - 41, 52, 31, 37, 47, 55, - 30, 40, 51, 45, 33, 48, - 44, 49, 39, 56, 34, 53, - 46, 42, 50, 36, 29, 32 - ); - - /** - * Key Schedule. - * - * @var array - */ - protected $_ks = array(); - - /** - * Set the key to be used for en/decryption. - * - * @param string $key The key to use. - */ - public function setKey($key) - { - if (!is_null($key)) { - $this->_ks = $this->_keySchedule($key); - } - } - - /** - * Encrypt a block of data. - * - * @param string $block The data to encrypt. - * @param string $key The key to use. - * - * @return string The encrypted output. - */ - public function encryptBlock($block, $key = null) - { - $this->setKey($key); - - $block = $this->_initialPerm($block); - - $L = substr($block, 0, 4); - $R = substr($block, 4, 4); - - for ($i = 1; $i <= 16; ++$i) { - $R_prev = $R; - $L_prev = $L; - - $L = $R; - $R = $L_prev ^ $this->_f($R_prev, $i); - } - - $block = $R . $L; - $block = $this->_finalPerm($block); - - return $block; - } - - /** - * Decrypt a block of data. - * - * @param string $block The data to decrypt. - * @param string $key The key to use. - * - * @return string The decrypted output. - */ - public function decryptBlock($block, $key = null) - { - $block = $this->_initialPerm($block); - - $this->setKey($key); - - $L = substr($block, 0, 4); - $R = substr($block, 4, 4); - - for ($i = 16; $i >= 1; --$i) { - $R_prev = $R; - $L_prev = $L; - - $L = $R_prev; - $R = $L_prev ^ $this->_f($R_prev, $i); - } - - $block = $R . $L; - $block = $this->_finalPerm($block); - - return $block; - } - - /** - * Put an input string through an initial permutation - * - * @param string $input Input string. - * - * @return string Permutated string. - */ - protected function _initialPerm($input) - { - // TODO: Some stylie bitwise thing instead. - - $input_bin = $output = $output_bin = ''; - - for ($i = 0; $i < 8; ++$i) { - $input_bin .= str_pad(decbin(ord($input[$i])), 8, '0', STR_PAD_LEFT); - } - - foreach ($this->_ip as $offset) { - $output_bin .= $input_bin[$offset - 1]; - } - - for ($i = 0; $i < 8; $i++) { - $output .= chr(bindec(substr($output_bin, 8 * $i, 8))); - } - - return $output; - } - - /** - * Put an input string through a final permutation. - * - * @param string $input Input string. - * - * @return string Permutated string. - */ - protected function _finalPerm($input) - { - // TODO: Some stylie bitwise thing instead. - - $input_bin = $output = $output_bin = ''; - - for ($i = 0; $i < 8; ++$i) { - $input_bin .= str_pad(decbin(ord($input[$i])), 8, '0', STR_PAD_LEFT); - } - - foreach ($this->_fp as $offset) { - $output_bin .= $input_bin[$offset - 1]; - } - - for ($i = 0; $i < 8; ++$i) { - $output .= chr(bindec(substr($output_bin, 8 * $i, 8))); - } - - return $output; - } - - - /** - * The permutation function. - * - * @param string $input Input string. - * @param integer $round The round. - * - * @return string The output string. - */ - protected function _f($input, $round) - { - // TODO: Some stylie bitwise thing instead. - $key = $this->_ks[$round]; - - $combined_bin = $expanded_bin = $input_bin = $output_bin = $output = ''; - $expanded = array(); - - for ($i = 0; $i < 4; ++$i) { - $input_bin .= str_pad(decbin(ord($input[$i])), 8, '0', STR_PAD_LEFT); - } - - foreach ($this->_e as $offset) { - $expanded_bin .= $input_bin[$offset - 1]; - } - - for ($i = 0; $i < 8; ++$i) { - $expanded[$i] = bindec('00' . substr($expanded_bin, $i * 6, 6)) ^ $key[$i]; - } - - for ($i = 0; $i < 8; ++$i) { - $s_index = (($expanded[$i] & 0x20) >> 4) | ($expanded[$i] & 0x01); - $s_index = 16 * $s_index + (($expanded[$i] & 0x1E) >> 1); - $val = $this->_s[$i + 1][$s_index]; - $combined_bin .= str_pad(decbin($val), 4, '0', STR_PAD_LEFT); - } - - foreach ($this->_p as $offset) { - $output_bin .= $combined_bin[$offset - 1]; - } - - for ($i = 0; $i < 4; ++$i) { - $output .= chr(bindec(substr($output_bin, $i * 8, 8))); - } - - return $output; - } - - /** - * Create the complete key schedule. - * - * @param string $key The key to use. - * - * @return array Key schedule. - */ - protected function _keySchedule($key) - { - $key = str_pad($key, 8, "\0"); - $c = $d = $key_bin = ''; - $ks = array(); - - for ($i = 0; $i < 8; ++$i) { - $key_bin .= str_pad(decbin(ord($key[$i])), 8, '0', STR_PAD_LEFT); - } - - for ($i = 0; $i < 28; ++$i) { - $c .= $key_bin[$this->_pc1[$i] - 1]; - $d .= $key_bin[$this->_pc1[28 + $i] - 1]; - } - - for ($i = 0; $i < 16; ++$i) { - $c = substr($c, $this->_shifts[$i]) . substr($c, 0, $this->_shifts[$i]); - $d = substr($d, $this->_shifts[$i]) . substr($d, 0, $this->_shifts[$i]); - - $cd = $c . $d; - - $permutated_bin = ''; - foreach ($this->_pc2 as $offset) { - $permutated_bin .= $cd[$offset - 1]; - } - - for ($j = 0; $j < 8; $j++) { - $ks[$i + 1][] = bindec('00' . substr($permutated_bin, $j * 6, 6)); - } - } - - return $ks; - } - -} diff --git a/framework/Cipher/lib/Horde/Cipher/Rc2.php b/framework/Cipher/lib/Horde/Cipher/Rc2.php deleted file mode 100644 index 6e63740de..000000000 --- a/framework/Cipher/lib/Horde/Cipher/Rc2.php +++ /dev/null @@ -1,181 +0,0 @@ - - * http://www.mirrors.wiretapped.net/security/cryptography/ - * algorithms/rc2/comments/gutman-960211 - * - * Copyright 2002-2010 The Horde Project (http://www.horde.org/) - * - * See the enclosed file COPYING for license information (LGPL). If you - * did not receive this file, see http://www.fsf.org/copyleft/lgpl.html. - * - * @author Mike Cochrane - * @package Horde_Cipher - */ -class Horde_Cipher_Rc2 extends Horde_Cipher -{ - /** - * Permutations array. - * - * @var array - */ - protected $_perm = array( - 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, 0x28, 0xE9, 0xFD, - 0x79, 0x4A, 0xA0, 0xD8, 0x9D, 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, - 0x53, 0x8E, 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, 0x17, - 0x9A, 0x59, 0xF5, 0x87, 0xB3, 0x4F, 0x13, 0x61, 0x45, 0x6D, 0x8D, - 0x09, 0x81, 0x7D, 0x32, 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, - 0x0B, 0xF0, 0x95, 0x21, 0x22, 0x5C, 0x6B, 0x4E, 0x82, 0x54, 0xD6, - 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, 0x73, 0x56, 0xC0, 0x14, 0xA7, - 0x8C, 0xF1, 0xDC, 0x12, 0x75, 0xCA, 0x1F, 0x3B, 0xBE, 0xE4, 0xD1, - 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, 0x6F, 0xBF, 0x0E, - 0xDA, 0x46, 0x69, 0x07, 0x57, 0x27, 0xF2, 0x1D, 0x9B, 0xBC, 0x94, - 0x43, 0x03, 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, 0x06, - 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, 0x08, 0xE8, 0xEA, 0xDE, - 0x80, 0x52, 0xEE, 0xF7, 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, - 0x2A, 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, 0x4B, 0x9F, - 0xD0, 0x5E, 0x04, 0x18, 0xA4, 0xEC, 0xC2, 0xE0, 0x41, 0x6E, 0x0F, - 0x51, 0xCB, 0xCC, 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, - 0x99, 0x7C, 0x3A, 0x85, 0x23, 0xB8, 0xB4, 0x7A, 0xFC, 0x02, 0x36, - 0x5B, 0x25, 0x55, 0x97, 0x31, 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, - 0x92, 0xAE, 0x05, 0xDF, 0x29, 0x10, 0x67, 0x6C, 0xBA, 0xC9, 0xD3, - 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, 0x63, 0x16, 0x01, 0x3F, - 0x58, 0xE2, 0x89, 0xA9, 0x0D, 0x38, 0x34, 0x1B, 0xAB, 0x33, 0xFF, - 0xB0, 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, 0xC5, 0xF3, - 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, 0x0A, 0xA6, 0x20, 0x68, 0xFE, - 0x7F, 0xC1, 0xAD - ); - - /** - * Array to hold the key schedule. - * - * @var array - */ - protected $_keySchedule = array(); - - /** - * Set the key to be used for en/decryption. - * - * @param string $key The key to use. - */ - public function setKey($key) - { - $key = array_values(unpack('C*', $key)); - $bits = 1024; - - /* Expand input key to 128 bytes */ - $len = count($key); - $last = $key[$len - 1]; - for ($i = $len; $i < 128; ++$i) { - $last = $this->_perm[($key[$i - $len] + $last) & 0xFF]; - $key[$i] = $last; - } - - /* Phase 2 - reduce effective key size to "bits" */ - if ($len != 8) { - $len = $len * 8; - } - $key[128 - $len] = $this->_perm[$key[128 - $len] & 0xFF]; - for ($i = 127 - $len; $i >= 0; --$i) { - $key[$i] = $this->_perm[$key[$i + $len] ^ $key[$i + 1]]; - } - - /* Phase 3 - convert to 16 bit values */ - for ($i = 63; $i >= 0; --$i) { - $this->_keySchedule[$i] = ($key[$i * 2 + 1] << 8 | $key[$i * 2]) & 0xFFFF; - } - } - - /** - * Encrypt a block of data. - * - * @param string $block The data to encrypt. - * @param string $key The key to use. - * - * @return string The encrypted output. - */ - public function encryptBlock($block, $key = null) - { - if (!is_null($key)) { - $this->setKey($key); - } - - $plain = unpack('v*', $block); - - for ($i = 0; $i < 16; ++$i) { - $plain[1] += ($plain[2] & ~$plain[4]) + ($plain[3] & $plain[4]) + $this->_keySchedule[4 * $i + 0]; - $bin = str_pad(decbin(0xFFFF & $plain[1]), 32, '0', STR_PAD_LEFT); - $plain[1] = bindec($bin . substr($bin, 16, 1)); - - $plain[2] += ($plain[3] & ~$plain[1]) + ($plain[4] & $plain[1]) + $this->_keySchedule[4 * $i + 1]; - $bin = str_pad(decbin(0xFFFF & $plain[2]), 32, '0', STR_PAD_LEFT); - $plain[2] = bindec($bin . substr($bin, 16, 2)); - - $plain[3] += ($plain[4] & ~$plain[2]) + ($plain[1] & $plain[2]) + $this->_keySchedule[4 * $i + 2]; - $bin = str_pad(decbin(0xFFFF & $plain[3]), 16, '0', STR_PAD_LEFT); - $plain[3] = bindec($bin . substr($bin, 0, 3)); - - $plain[4] += ($plain[1] & ~$plain[3]) + ($plain[2] & $plain[3]) + $this->_keySchedule[4 * $i + 3]; - $bin = str_pad(decbin(0xFFFF & $plain[4]), 16, '0', STR_PAD_LEFT); - $plain[4] = bindec($bin . substr($bin, 0, 5)); - - if ($i == 4 || $i == 10) { - $plain[1] += $this->_keySchedule[$plain[4] & 0x3F]; - $plain[2] += $this->_keySchedule[$plain[1] & 0x3F]; - $plain[3] += $this->_keySchedule[$plain[2] & 0x3F]; - $plain[4] += $this->_keySchedule[$plain[3] & 0x3F]; - } - - } - - return pack("v*", $plain[1], $plain[2], $plain[3], $plain[4]); - } - - /** - * Decrypt a block of data. - * - * @param string $block The data to decrypt. - * @param string $key The key to use. - * - * @return string The decrypted output. - */ - public function decryptBlock($block, $key = null) - { - if (!is_null($key)) { - $this->setKey($key); - } - - $cipher = unpack('v*', $block); - - for ($i = 15; $i >= 0; --$i) { - $bin = str_pad(decbin(0xFFFF & $cipher[4]), 16, '0', STR_PAD_LEFT); - $cipher[4] = bindec(substr($bin, -21, 21) . substr($bin, 0, 11)); - $cipher[4] -= ($cipher[1] & ~$cipher[3]) + ($cipher[2] & $cipher[3]) + $this->_keySchedule[4 * $i + 3]; - - $bin = str_pad(decbin(0xFFFF & $cipher[3]), 16, '0', STR_PAD_LEFT); - $cipher[3] = bindec(substr($bin, -19, 19) . substr($bin, 0, 13)); - $cipher[3] -= ($cipher[4] & ~$cipher[2]) + ($cipher[1] & $cipher[2]) + $this->_keySchedule[4 * $i + 2]; - - $bin = str_pad(decbin(0xFFFF & $cipher[2]), 16, '0', STR_PAD_LEFT); - $cipher[2] = bindec(substr($bin, -18, 18) . substr($bin, 0, 14)); - $cipher[2] -= ($cipher[3] & ~$cipher[1]) + ($cipher[4] & $cipher[1]) + $this->_keySchedule[4 * $i + 1]; - - $bin = str_pad(decbin(0xFFFF & $cipher[1]), 16, '0', STR_PAD_LEFT); - $cipher[1] = bindec(substr($bin, -17, 17) . substr($bin, 0, 15)); - $cipher[1] -= ($cipher[2] & ~$cipher[4]) + ($cipher[3] & $cipher[4]) + $this->_keySchedule[4 * $i + 0]; - - if ($i == 5 || $i == 11) { - $cipher[4] -= $this->_keySchedule[$cipher[3] & 0x3F]; - $cipher[3] -= $this->_keySchedule[$cipher[2] & 0x3F]; - $cipher[2] -= $this->_keySchedule[$cipher[1] & 0x3F]; - $cipher[1] -= $this->_keySchedule[$cipher[4] & 0x3F]; - } - } - - return pack("v*", $cipher[1], $cipher[2], $cipher[3], $cipher[4]); - } - -} diff --git a/framework/Cipher/lib/Horde/Cipher/Rc4.php b/framework/Cipher/lib/Horde/Cipher/Rc4.php deleted file mode 100644 index fb0e33e26..000000000 --- a/framework/Cipher/lib/Horde/Cipher/Rc4.php +++ /dev/null @@ -1,85 +0,0 @@ - - * @package Horde_Cipher - */ -class Horde_Cipher_Rc4 extends Horde_Cipher -{ - /** - * Pointer to a PEAR Crypt_RC4 object - * - * @var Crypt_RC4 - */ - protected $_cipher; - - /** - * Constructor. - */ - public function __construct($params = null) - { - $this->_cipher = new Crypt_Rc4(); - } - - /** - * Set the key to be used for en/decryption. - * - * @param string $key The key to use. - */ - public function setKey($key) - { - $this->_cipher->setKey($key); - } - - /** - * Encrypt a block of data. - * - * @param string $block The data to encrypt. - * @param string $key The key to use. - * - * @return string The encrypted output. - */ - public function encryptBlock($block, $key = null) - { - if (!is_null($key)) { - $this->setKey($key); - } - - // Make a copy of the cipher as it destroys itself during a crypt - $cipher = $this->_cipher; - $cipher->crypt($block); - - return $block; - } - - /** - * Decrypt a block of data. - * - * @param string $block The data to decrypt. - * @param string $key The key to use. - * - * @return string The decrypted output. - */ - public function decryptBlock($block, $key = null) - { - if (!is_null($key)) { - $this->setKey($key); - } - - // Make a copy of the cipher as it destroys itself during a - // crypt. - $cipher = $this->_cipher; - $cipher->decrypt($block); - - return $block; - } - -} diff --git a/framework/Cipher/package.xml b/framework/Cipher/package.xml deleted file mode 100644 index 55fb4148f..000000000 --- a/framework/Cipher/package.xml +++ /dev/null @@ -1,100 +0,0 @@ - - - Cipher - pear.horde.org - Cipher API - This package provides a Block Mode Cipher API, supporting the following ciphers: -* DES -* RC2 -* RC4 - -And supporting the following block modes: -* CBC -* ECB -* CFB64 -* OFB64 - - - Chuck Hagenbuch - chuck - chuck@horde.org - yes - - - Jan Schneider - jan - jan@horde.org - yes - - 2009-07-05 - - 0.1.0 - 0.1.0 - - - beta - beta - - LGPL - * Removed Blowfish and Cast128 ciphers. - * Initial Horde 4 Package. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5.2.0 - - - 1.5.4 - - - - - - - - - - - - - - - - - diff --git a/framework/Cipher/test/Horde/Cipher/Cipher1.phpt b/framework/Cipher/test/Horde/Cipher/Cipher1.phpt deleted file mode 100644 index 9f1588e0b..000000000 --- a/framework/Cipher/test/Horde/Cipher/Cipher1.phpt +++ /dev/null @@ -1,66 +0,0 @@ ---TEST-- -RC4 Horde_Cipher:: Tests ---SKIPIF-- - ---FILE-- - ---EXPECT-- -RC4: ----- - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -32-bit Key -Testing Encryption: Pass -Testing Decryption: Pass diff --git a/framework/Cipher/test/Horde/Cipher/Cipher2.phpt b/framework/Cipher/test/Horde/Cipher/Cipher2.phpt deleted file mode 100644 index 965275d8f..000000000 --- a/framework/Cipher/test/Horde/Cipher/Cipher2.phpt +++ /dev/null @@ -1,87 +0,0 @@ ---TEST-- -DES Horde_Cipher:: Tests ---FILE-- - ---EXPECT-- -DES: ----- - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass diff --git a/framework/Cipher/test/Horde/Cipher/Cipher3.phpt b/framework/Cipher/test/Horde/Cipher/Cipher3.phpt deleted file mode 100644 index 20c90622b..000000000 --- a/framework/Cipher/test/Horde/Cipher/Cipher3.phpt +++ /dev/null @@ -1,62 +0,0 @@ ---TEST-- -RC2 Horde_Cipher:: Tests ---FILE-- - ---EXPECT-- -RC2: ----- - -8-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -128-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -64-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - diff --git a/framework/Cipher/test/Horde/Cipher/Cipher4.phpt b/framework/Cipher/test/Horde/Cipher/Cipher4.phpt deleted file mode 100644 index 5e8f93401..000000000 --- a/framework/Cipher/test/Horde/Cipher/Cipher4.phpt +++ /dev/null @@ -1,50 +0,0 @@ ---TEST-- -Cast128 Horde_Cipher:: Tests ---FILE-- - ---EXPECT-- -Cast 128: ---------- - -128-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -80-bit Key -Testing Encryption: Pass -Testing Decryption: Pass - -40-bit Key -Testing Encryption: Pass -Testing Decryption: Pass diff --git a/framework/Cipher/test/Horde/Cipher/cipher_functions.php b/framework/Cipher/test/Horde/Cipher/cipher_functions.php deleted file mode 100644 index 8a0bba903..000000000 --- a/framework/Cipher/test/Horde/Cipher/cipher_functions.php +++ /dev/null @@ -1,48 +0,0 @@ -setKey($key); - - echo "Testing Encryption: "; - $res = $cipher->encryptBlock($plaintext); - if ($res == $ciphertext) { - echo "Pass\n"; - } else { - echo "Fail\n"; - echo "Returned: "; - for ($i = 0; $i < strlen($res); $i++) { - echo str_pad(dechex(ord(substr($res, $i, 1))), 2, '0', STR_PAD_LEFT) . " "; - } echo "\n"; - echo "Expected: "; - for ($i = 0; $i < strlen($ciphertext); $i++) { - echo str_pad(dechex(ord(substr($ciphertext, $i, 1))), 2, '0', STR_PAD_LEFT) . " "; - } echo "\n"; - - } - echo "Testing Decryption: "; - $res = $cipher->decryptBlock($ciphertext); - if ($res == $plaintext) { - echo "Pass\n"; - } else { - echo "Fail\n"; - echo "Returned: "; - for ($i = 0; $i < strlen($res); $i++) { - echo str_pad(dechex(ord(substr($res, $i, 1))), 2, '0', STR_PAD_LEFT) . " "; - } echo "\n"; - echo "Expected: "; - for ($i = 0; $i < strlen($plaintext); $i++) { - echo str_pad(dechex(ord(substr($plaintext, $i, 1))), 2, '0', STR_PAD_LEFT) . " "; - } echo "\n"; - } - echo "\n"; - flush(); -} diff --git a/framework/Core/lib/Horde/Core/Binder/Secret.php b/framework/Core/lib/Horde/Core/Binder/Secret.php new file mode 100644 index 000000000..1dcc51447 --- /dev/null +++ b/framework/Core/lib/Horde/Core/Binder/Secret.php @@ -0,0 +1,21 @@ + $conf['cookie']['domain'], + 'cookie_expire' => $conf['session']['timeout'], + 'cookie_path' => $conf['cookie']['path'], + 'cookie_ssl' => (bool) $conf['use_ssl'], + 'session_name' => $conf['session']['name'] + )); + } + + public function equals(Horde_Injector_Binder $binder) + { + return false; + } +} diff --git a/framework/Core/lib/Horde/Registry.php b/framework/Core/lib/Horde/Registry.php index 0e493a25f..e106f0f5f 100644 --- a/framework/Core/lib/Horde/Registry.php +++ b/framework/Core/lib/Horde/Registry.php @@ -242,6 +242,7 @@ class Horde_Registry 'Horde_Memcache' => new Horde_Core_Binder_Memcache(), 'Horde_Notification' => new Horde_Core_Binder_Notification(), 'Horde_Perms' => new Horde_Core_Binder_Perms(), + 'Horde_Secret' => new Horde_Core_Binder_Secret(), 'Horde_Template' => new Horde_Core_Binder_Template(), 'Horde_Token' => new Horde_Core_Binder_Token(), 'Horde_Vfs' => new Horde_Core_Binder_Vfs(), @@ -1560,10 +1561,11 @@ class Horde_Registry /* Reset cookie timeouts, if necessary. */ if (!empty($GLOBALS['conf']['session']['timeout'])) { $app = $this->getApp(); - if (Horde_Secret::clearKey($app)) { - Horde_Secret::setKey($app); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + if ($secret->clearKey($app)) { + $secret->setKey($app); } - Horde_Secret::setKey('auth'); + $secret->setKey('auth'); } } diff --git a/framework/Core/package.xml b/framework/Core/package.xml index a4ff81071..48e504638 100644 --- a/framework/Core/package.xml +++ b/framework/Core/package.xml @@ -73,6 +73,7 @@ Application Framework. + @@ -205,6 +206,7 @@ Application Framework. + diff --git a/framework/Imap_Client/lib/Horde/Imap/Client/Base.php b/framework/Imap_Client/lib/Horde/Imap/Client/Base.php index 31c7388b9..2fbb9a214 100644 --- a/framework/Imap_Client/lib/Horde/Imap/Client/Base.php +++ b/framework/Imap_Client/lib/Horde/Imap/Client/Base.php @@ -161,7 +161,8 @@ abstract class Horde_Imap_Client_Base if (!isset($this->_params['_passencrypt'])) { $key = Horde_Imap_Client::$encryptKey; if (!is_null($key)) { - $this->_params['_passencrypt'] = Horde_Secret::write($key, $this->_params['password']); + $secret = new Horde_Secret(); + $this->_params['_passencrypt'] = $secret->write($key, $this->_params['password']); $this->_params['password'] = null; } } @@ -174,7 +175,8 @@ abstract class Horde_Imap_Client_Base { if (isset($this->_params['_passencrypt']) && !is_null(Horde_Imap_Client::$encryptKey)) { - $this->_params['password'] = Horde_Secret::read(Horde_Imap_Client::$encryptKey, $this->_params['_passencrypt']); + $secret = new Horde_Secret(); + $this->_params['password'] = $secret->read(Horde_Imap_Client::$encryptKey, $this->_params['_passencrypt']); } if (!empty($this->_params['debug'])) { diff --git a/framework/Kolab_Filter/lib/Horde/Kolab/Resource.php b/framework/Kolab_Filter/lib/Horde/Kolab/Resource.php index be51078be..44411c505 100644 --- a/framework/Kolab_Filter/lib/Horde/Kolab/Resource.php +++ b/framework/Kolab_Filter/lib/Horde/Kolab/Resource.php @@ -192,12 +192,15 @@ class Kolab_Resource OUT_LOG | EX_UNAVAILABLE); } @session_start(); + + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $_SESSION['__auth'] = array( 'authenticated' => true, 'userId' => $calendar_user, 'timestamp' => time(), - 'credentials' => Horde_Secret::write(Horde_Secret::getKey('auth'), - serialize(array('password' => $conf['kolab']['filter']['calendar_pass']))), + 'credentials' => $secret->write($secret->getKey('auth'), + serialize(array('password' => $conf['kolab']['filter']['calendar_pass']))), 'remote_addr' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : null, ); diff --git a/framework/Secret/lib/Horde/Secret.php b/framework/Secret/lib/Horde/Secret.php index 99f2ae121..72fcd164e 100644 --- a/framework/Secret/lib/Horde/Secret.php +++ b/framework/Secret/lib/Horde/Secret.php @@ -3,32 +3,61 @@ * The Horde_Secret:: class provides an API for encrypting and decrypting * small pieces of data with the use of a shared key. * - * The Horde_Secret:: functions use the Horde_Cipher:: class if mcrypt is not - * available. - * * Copyright 1999-2010 The Horde Project (http://www.horde.org/) * * See the enclosed file COPYING for license information (LGPL). If you * did not receive this file, see http://www.fsf.org/copyleft/lgpl.html. * - * @author Chuck Hagenbuch - * @package Horde_Secret + * @author Chuck Hagenbuch + * @author Michael Slusarz + * @category Horde + * @package Horde_Secret */ class Horde_Secret { /** + * Configuration parameters. + * + * @var array + */ + protected $_params = array( + 'cookie_domain' => '', + 'cookie_expire' => 0, + 'cookie_path' => '', + 'cookie_ssl' => false, + 'session_name' => 'horde_secret' + ); + + /** * Cipher cache. * * @var array */ - static protected $_cipherCache = array(); + protected $_cipherCache = array(); /** * Key cache. * * @var array */ - static protected $_keyCache = array(); + protected $_keyCache = array(); + + /** + * Constructor. + * + * @param array $params Configuration parameters: + * 
+     * 'cookie_domain' - (string) The cookie domain.
+     * 'cookie_expire' - (integer) The cookie expiration time (in seconds).
+     * 'cookie_path' - (string) The cookie path.
+     * 'cookie_ssl' - (boolean) Only transmit cookie securely?
+     * 'session_name' - (string) The cookie session name.
+     *
+ */ + public function __construct($params = array()) + { + $this->_params = array_merge($this->_params, $params); + } /** * Take a small piece of data and encrypt it with a key. @@ -37,20 +66,19 @@ class Horde_Secret * @param string $message The plaintext message. * * @return string The ciphertext message. + * @throws Horde_Secret_Exception */ - static public function write($key, $message) + public function write($key, $message) { - if (!strlen($key)) { - return false; - } + $val = strlen($key) + ? $this->_getCipherOb($key)->encrypt($message) + : false; - $ret = self::_getMcryptData($key, $message, 'encrypt'); - if ($ret !== false) { - return $ret; + if ($val instanceof PEAR_Error) { + throw new Horde_Secret_Exception($val); } - $ptr = self::_getCipherOb($key); - return $ptr->encrypt($message); + return $val; } /** @@ -60,53 +88,39 @@ class Horde_Secret * @param string $message The ciphertext message. * * @return string The plaintext message. + * @throws Horde_Secret_Exception */ - static public function read($key, $ciphertext) + public function read($key, $ciphertext) { - $ret = self::_getMcryptData($key, $ciphertext, 'decrypt'); - if ($ret !== false) { - return rtrim($ret, "\0"); - } - - $ptr = self::_getCipherOb($key); - return $ptr->decrypt($ciphertext); - } + $val = $this->_getCipherOb($key)->decrypt($ciphertext); - /** - * TODO - */ - static protected function _getMcryptData($key, $text, $type) - { - $ret = false; - - if (Horde_Util::extensionExists('mcrypt')) { - $old_error = error_reporting(0); - $td = mcrypt_module_open(MCRYPT_GOST, '', MCRYPT_MODE_ECB, ''); - if ($td) { - $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); - mcrypt_generic_init($td, $key, $iv); - $ret = ($type == 'encrypt') ? mcrypt_generic($td, $text) : mdecrypt_generic($td, $text); - mcrypt_generic_deinit($td); - } - error_reporting($old_error); + if ($val instanceof PEAR_Error) { + throw new Horde_Secret_Exception($val); } - return $ret; + return $val; } /** - * TODO + * Returns the cached crypt object. + * + * @param string $key The key to use for [de|en]cryption. + * + * @return Crypt_Blowfish The crypt object. + * @throws Horde_Secret_Exception */ - static protected function _getCipherOb($key) + protected function _getCipherOb($key) { $idx = hash('md5', $key); - if (!isset(self::$_cipherCache[$idx])) { - self::$_cipherCache[$idx] = Horde_Cipher::factory('rc2'); - self::$_cipherCache[$idx]->setKey($key); + if (!isset($this->_cipherCache[$idx])) { + if (!class_exists('Crypt_Blowfish')) { + throw new Horde_Secret_Exception('Crypt_Blowfish library not found.'); + } + $this->_cipherCache[$idx] = new Crypt_Blowfish($key); } - return self::$_cipherCache[$idx]; + return $this->_cipherCache[$idx]; } /** @@ -118,19 +132,23 @@ class Horde_Secret * * @return string The secret key that has been generated. */ - static public function setKey($keyname = 'generic') + public function setKey($keyname = 'generic') { - if (isset($_COOKIE[$GLOBALS['conf']['session']['name']])) { + $set = true; + + if (isset($_COOKIE[$this->_params['session_name']])) { if (isset($_COOKIE[$keyname . '_key'])) { $key = $_COOKIE[$keyname . '_key']; + $set = false; } else { - $key = hash('md5', mt_rand()); - $_COOKIE[$keyname . '_key'] = $key; - self::_setCookie($keyname, $key); + $key = $_COOKIE[$keyname . '_key'] = hash('md5', uniqid()); } } else { $key = session_id(); - self::_setCookie($keyname, $key); + } + + if ($set) { + $this->_setCookie($keyname, $key); } return $key; @@ -145,37 +163,20 @@ class Horde_Secret * * @return string The secret key. */ - static public function getKey($keyname = 'generic') + public function getKey($keyname = 'generic') { - if (!isset(self::$_keyCache[$keyname])) { + if (!isset($this->_keyCache[$keyname])) { if (isset($_COOKIE[$keyname . '_key'])) { - self::$_keyCache[$keyname] = $_COOKIE[$keyname . '_key']; + $key = $_COOKIE[$keyname . '_key']; } else { - self::$_keyCache[$keyname] = session_id(); - self::_setCookie($keyname, self::$_keyCache[$keyname]); + $key = session_id(); + $this->_setCookie($keyname, $key); } - } - return self::$_keyCache[$keyname]; - } - - /** - * TODO - */ - static protected function _setCookie($keyname, $key) - { - global $conf; + $this->_keyCache[$keyname] = $key; + } - $old_error = error_reporting(0); - setcookie( - $keyname . '_key', - $key, - $conf['session']['timeout'] ? time() + $conf['session']['timeout'] : 0, - $conf['cookie']['path'], - $conf['cookie']['domain'], - $conf['use_ssl'] == 1 ? 1 : 0 - ); - error_reporting($old_error); + return $this->_keyCache[$keyname]; } /** @@ -185,14 +186,33 @@ class Horde_Secret * * @return boolean True if key existed, false if not. */ - static public function clearKey($keyname = 'generic') + public function clearKey($keyname = 'generic') { - if (isset($_COOKIE[$GLOBALS['conf']['session']['name']]) && + if (isset($_COOKIE[$this->_params['session_name']]) && isset($_COOKIE[$keyname . '_key'])) { unset($_COOKIE[$keyname . '_key']); return true; } + return false; } + /** + * Sets the cookie with the given keyname/key. + * + * @param string $keyname The name of the key to set. + * @param string $key The key to use for encryption. + */ + protected function _setCookie($keyname, $key) + { + @setcookie( + $keyname . '_key', + $key, + (empty($this->_params['cookie_expire']) ? 0 : (time() + $this->_params['cookie_expire'])), + $this->_params['cookie_path'], + $this->_params['cookie_domain'], + $this->_params['cookie_ssl'] + ); + } + } diff --git a/framework/Secret/lib/Horde/Secret/Exception.php b/framework/Secret/lib/Horde/Secret/Exception.php new file mode 100644 index 000000000..acd034738 --- /dev/null +++ b/framework/Secret/lib/Horde/Secret/Exception.php @@ -0,0 +1,16 @@ + + * @category Horde + * @package Horde_Secret + */ +class Horde_Secret_Exception extends Horde_Exception_Prior +{ +} diff --git a/framework/Secret/package.xml b/framework/Secret/package.xml index efe756a57..ae9aaaf2a 100644 --- a/framework/Secret/package.xml +++ b/framework/Secret/package.xml @@ -6,7 +6,7 @@ http://pear.php.net/dtd/package-2.0.xsd"> Secret pear.horde.org Secret Encryption API - The Horde_Secret:: class provides an API for encrypting and decrypting small pieces of data with the use of a shared key. + The Horde_Secret:: package provides an API for encrypting and decrypting small pieces of data with the use of a shared key. Chuck Hagenbuch @@ -14,21 +14,34 @@ http://pear.php.net/dtd/package-2.0.xsd"> chuck@horde.org yes - 2008-12-11 + + Michael Slusarz + slusarz + slusarz@horde.org + yes + + 2010-03-19 - 0.0.3 - 0.0.2 + 0.1.0 + 0.1.0 - alpha - alpha + beta + beta LGPL - * Initial Horde 4 package. + * Remove dependency on Horde_Core. + * Throw exceptions on error. + * Convert to OO-interface. + * Use PEAR's Crypt_Blowfish to encrypt data. + + + + @@ -40,30 +53,40 @@ http://pear.php.net/dtd/package-2.0.xsd"> 5.2.0 - 1.5.0 + 1.7.0 - Horde_Cipher - pear.horde.org + Crypt_Blowfish + pear.php.net + 1.0.1 - Util + Exception pear.horde.org - - - mcrypt - - + + 2008-12-11 + + 0.0.3 + 0.0.2 + + + alpha + alpha + + LGPL + * Initial Horde 4 package. + + 2006-05-08 diff --git a/framework/Secret/test/Horde/Secret/AllTests.php b/framework/Secret/test/Horde/Secret/AllTests.php new file mode 100644 index 000000000..1d6e62d7a --- /dev/null +++ b/framework/Secret/test/Horde/Secret/AllTests.php @@ -0,0 +1,36 @@ + + * @license http://www.fsf.org/copyleft/lgpl.html LGPL + * @link http://pear.horde.org/index.php?package=Secret + */ + +/** + * Define the main method + */ +if (!defined('PHPUnit_MAIN_METHOD')) { + define('PHPUnit_MAIN_METHOD', 'Horde_Secret_AllTests::main'); +} + +/** + * Prepare the test setup. + */ +require_once 'Horde/Test/AllTests.php'; + +/** + * @package Secret + * @subpackage UnitTests + */ +class Horde_Secret_AllTests extends Horde_Test_AllTests +{ +} + +Horde_Secret_AllTests::init('Horde_Secret', __FILE__); + +if (PHPUnit_MAIN_METHOD == 'Horde_Secret_AllTests::main') { + Horde_Secret_AllTests::main(); +} diff --git a/framework/Secret/test/Horde/Secret/Autoload.php b/framework/Secret/test/Horde/Secret/Autoload.php new file mode 100644 index 000000000..b617b13ea --- /dev/null +++ b/framework/Secret/test/Horde/Secret/Autoload.php @@ -0,0 +1,29 @@ + + * @license http://www.fsf.org/copyleft/lgpl.html LGPL + * @link http://pear.horde.org/index.php?package=Secret + */ + +if (!spl_autoload_functions()) { + spl_autoload_register( + create_function( + '$class', + '$filename = str_replace(array(\'::\', \'_\'), \'/\', $class);' + . '$err_mask = E_ALL ^ E_WARNING;' + . '$oldErrorReporting = error_reporting($err_mask);' + . 'include "$filename.php";' + . 'error_reporting($oldErrorReporting);' + ) + ); +} + +/** Catch strict standards */ +error_reporting(E_ALL | E_STRICT); + +/** Needed for PEAR_Error. */ +@require_once 'PEAR.php'; diff --git a/framework/Secret/test/Horde/Secret/Class/SecretTest.php b/framework/Secret/test/Horde/Secret/Class/SecretTest.php new file mode 100644 index 000000000..0f99ba7bf --- /dev/null +++ b/framework/Secret/test/Horde/Secret/Class/SecretTest.php @@ -0,0 +1,64 @@ + + * @license http://www.fsf.org/copyleft/lgpl.html LGPL + * @link http://pear.horde.org/index.php?package=Secret + */ + +/** + * Prepare the test setup. + */ +require_once dirname(__FILE__) . '/../Autoload.php'; + +/** + * Test the secret class. + * + * Copyright 2009-2010 The Horde Project (http://www.horde.org/) + * + * See the enclosed file COPYING for license information (LGPL). If you + * did not receive this file, see http://www.fsf.org/copyleft/lgpl.html. + * + * @category Horde + * @package Secret + * @author Michael Slusarz + * @license http://www.fsf.org/copyleft/lgpl.html LGPL + * @link http://pear.horde.org/index.php?package=Secret + */ + +class Horde_Secret_Class_SecretTest extends PHPUnit_Framework_TestCase +{ + public function test8BitKey() + { + $secret = new Horde_Secret(); + + $key = "\x88"; + $plaintext = "\x00\x00\x00\x00\x00\x00\x00\x00"; + + $this->assertEquals($plaintext, $secret->read($key, $secret->write($key, $plaintext))); + } + + public function test64BitKey() + { + $secret = new Horde_Secret(); + + $key = "\x00\x00\x00\x00\x00\x00\x00\x00"; + $plaintext = "\x00\x00\x00\x00\x00\x00\x00\x00"; + + $this->assertEquals($plaintext, $secret->read($key, $secret->write($key, $plaintext))); + } + + public function test128BitKey() + { + $secret = new Horde_Secret(); + + $key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"; + $plaintext = "\x00\x00\x00\x00\x00\x00\x00\x00"; + + $this->assertEquals($plaintext, $secret->read($key, $secret->write($key, $plaintext))); + } + +} diff --git a/framework/Secret/test/Horde/Secret/phpunit.xml b/framework/Secret/test/Horde/Secret/phpunit.xml new file mode 100644 index 000000000..502d3c9b8 --- /dev/null +++ b/framework/Secret/test/Horde/Secret/phpunit.xml @@ -0,0 +1,8 @@ + + + + + ../../../lib + + + diff --git a/gollem/lib/Auth.php b/gollem/lib/Auth.php index c4cb2b6b8..26be2be26 100644 --- a/gollem/lib/Auth.php +++ b/gollem/lib/Auth.php @@ -59,7 +59,8 @@ class Gollem_Auth if (empty($credentials) && !empty($GLOBALS['gollem_be']['params']['password'])) { - $credentials = array('password' => Horde_Secret::read(Horde_Secret::getKey('gollem'), $GLOBALS['gollem_be']['params']['password'])); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $credentials = array('password' => $secret->read($secret->getKey('gollem'), $GLOBALS['gollem_be']['params']['password'])); } $login = ($login && (Horde_Auth::getProvider() == 'gollem')); @@ -241,7 +242,8 @@ class Gollem_Auth if ($pass === null) { $ptr['params']['password'] = null; } else { - $ptr['params']['password'] = Horde_Secret::write(Horde_Secret::getKey('gollem'), $pass); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $ptr['params']['password'] = $secret->write($secret->getKey('gollem'), $pass); } /* Try to authenticate with the given information. */ diff --git a/gollem/lib/Gollem.php b/gollem/lib/Gollem.php index 7cb37a303..501b08524 100644 --- a/gollem/lib/Gollem.php +++ b/gollem/lib/Gollem.php @@ -795,7 +795,8 @@ class Gollem if (!count($params)) { $params = $be_config['params']; if (!empty($params['password'])) { - $params['password'] = Horde_Secret::read(Horde_Secret::getKey('gollem'), $params['password']); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $params['password'] = $secret->read($secret->getKey('gollem'), $params['password']); } } diff --git a/horde/docs/INSTALL b/horde/docs/INSTALL index 41912db7f..ade64f292 100644 --- a/horde/docs/INSTALL +++ b/horde/docs/INSTALL @@ -86,8 +86,9 @@ below at Prerequisites_. 3. Install PEAR packages:: - pear install -o Mail DB Date File - pear -d preferred_state=beta install -a Services_Weather + pear install -o Crypt_Blowfish Date DB File Mail Net_DNS \ + Services_Weather + pear -d preferred_state=beta install -a HTTP_WebDAV_Server 4. Extract tarball:: @@ -231,13 +232,13 @@ The following prerequisites are **REQUIRED** for Horde to function properly. c. Mcrypt support ``--with-mcrypt`` Mcrypt is a general-purpose cryptography library which is broader and - significantly more efficient (FASTER!) than PHP's own cryptographic - code. You can obtain mcrypt from + more efficient (FASTER!) than the default encryption method. You can + obtain mcrypt from http://mcrypt.sourceforge.net/ Building PHP without mcrypt support will not stop Horde from working, - but will force it to use weaker (and much slower) encryption. + but will force it to use slower encryption. d. UTF-8 support ``--enable-mbstring`` @@ -301,7 +302,7 @@ The following prerequisites are **REQUIRED** for Horde to function properly. You will see something like:: - PEAR directory php_dir /usr/share/php + PEAR directory php_dir /usr/share/php Now open the php.ini file of your system, for example ``/etc/php.ini``, find the ``include_path`` and make sure that ``/usr/share/php`` is part of @@ -311,48 +312,42 @@ The following prerequisites are **REQUIRED** for Horde to function properly. These PEAR modules are **REQUIRED** to be installed for complete Horde functionality: - a. Mail (>= 1.2.0) + a. Crypt_Blowfish (>= 1.0.1) To install, enter the following at the command prompt:: - pear install Mail - - These PEAR modules are **RECOMMENDED** to be installed: + pear install Crypt_Blowfish - a. DB (>= 1.7.8) + b. Mail (>= 1.2.0) - **REQUIRED** as soon as you want or need to store anything in a database. To install, enter the following at the command prompt:: - pear install DB - - b. File - - **REQUIRED** only if you wish to import CSV files. - To install, enter the following at the command prompt:: + pear install Mail - pear install File + These PEAR modules are **RECOMMENDED** to be installed: - c. Date + a. Date **REQUIRED** only if you are dealing with calendar data. To install, enter the following at the command prompt:: pear install Date - d. Services_Weather (>= 1.3.1) + b. DB (>= 1.7.8) - **REQUIRED** only if you wish to use the weather.com block on the portal - page. + **REQUIRED** as soon as you want or need to store anything in a database. To install, enter the following at the command prompt:: - pear install Services_Weather + pear install DB - Additional steps are required if you want use the METAR weather block on - the portal page. See the file ``data/Services_Weather/buildMetarDB.php`` - in your PEAR directory for details. + c. File - e. HTTP_WebDAV_Server + **REQUIRED** only if you wish to import CSV files. + To install, enter the following at the command prompt:: + + pear install File + + d. HTTP_WebDAV_Server **REQUIRED** only if you want to use Horde's WebDAV interface, for example to access calendars, tasklists or files with an external client. @@ -360,7 +355,7 @@ The following prerequisites are **REQUIRED** for Horde to function properly. pear install HTTP_WebDAV_Server-beta - f. Net_DNS + e. Net_DNS If installed, it will be used instead of the built-in PHP function gethostbyaddr() for host name lookups. This has the advantage that @@ -370,24 +365,24 @@ The following prerequisites are **REQUIRED** for Horde to function properly. pear install Net_DNS - This method of installing PEAR modules requires that you have a PHP version - that has been compiled as a static binary. All versions of PHP 4.3.0+ - build both a SAPI module (Apache, CGI, etc.) and a command-line (CLI) - binary at the same time. Check if you have a php binary in - ``/usr/local/bin`` (``/usr/bin`` if if you installed from an operating - system package) before recompiling. + f. Services_Weather (>= 1.3.1) - If you receive the error ``Could not read cmd args`` you should run the pear - script this way:: + **REQUIRED** only if you wish to use the weather.com block on the portal + page. + To install, enter the following at the command prompt:: + + pear install Services_Weather - php -d register_argc_argv=1 _PEAR_ install _MODULE_ + Additional steps are required if you want use the METAR weather block on + the portal page. See the file ``data/Services_Weather/buildMetarDB.php`` + in your PEAR directory for details. - _PEAR_ is the complete path of the pear script installed by PHP during - installation (e.g. ``/usr/local/bin/pear``). Make sure the ``pear`` script - appears in your path. The default installation path for pear is - ``/usr/local/bin/pear``. - _MODULE_ is the PEAR module, listed above, which you wish to install. + This method of installing PEAR modules requires that you have a PHP version + that has been compiled as a static binary. All versions of PHP build both + both a SAPI module (Apache, CGI, etc.) and a command-line (CLI) binary. + Check if you have a php binary in ``/usr/local/bin`` (``/usr/bin`` if you + installed from an operating system package) before recompiling. For more detailed directions on installing PEAR modules, see the PEAR documentation at http://pear.php.net/manual/ diff --git a/horde/lib/Test.php b/horde/lib/Test.php index 4e68a1d37..c96fd8de6 100644 --- a/horde/lib/Test.php +++ b/horde/lib/Test.php @@ -257,6 +257,9 @@ class Horde_Test 'Cache' => array( 'error' => 'Cache is used by the Services_Weather module on the weather applet/block on the portal page.' ), + 'Crypt_Blowfish' => array( + 'error' => 'Crypt_Blowfish is required to store authentication credentials securely within the session data.' + ), 'Date' => array( 'path' => 'Date/Calc.php', 'error' => 'Horde requires the Date_Calc class for Kronolith to calculate dates.' diff --git a/horde/login.php b/horde/login.php index deba6298c..c6104e71d 100644 --- a/horde/login.php +++ b/horde/login.php @@ -89,7 +89,7 @@ $horde_login_nosidebar = false; /* Initialize the Auth credentials key. */ if (!$is_auth) { - Horde_Secret::setKey('auth'); + $GLOBALS['injector']->getInstance('Horde_Secret')->setKey('auth'); } /* Get an Auth object. */ diff --git a/imp/lib/Application.php b/imp/lib/Application.php index 3a11ae4ec..54c811bf6 100644 --- a/imp/lib/Application.php +++ b/imp/lib/Application.php @@ -360,7 +360,8 @@ class IMP_Application extends Horde_Registry_Application $params = array_merge($params, $_SESSION['imp']['imap']['admin']['params']); if (isset($params['admin_password'])) { - $params['admin_password'] = Horde_Secret::read(Horde_Secret::getKey('imp'), $params['admin_password']); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $params['admin_password'] = $secret->read($secret->getKey('imp'), $params['admin_password']); } $auth = Horde_Auth::singleton('imap', $params); $auth->addUser($userId, $credentials); @@ -382,7 +383,8 @@ class IMP_Application extends Horde_Registry_Application $params = array_merge($params, $_SESSION['imp']['imap']['admin']['params']); if (isset($params['admin_password'])) { - $params['admin_password'] = Horde_Secret::read(Horde_Secret::getKey('imp'), $params['admin_password']); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $params['admin_password'] = $secret->read($secret->getKey('imp'), $params['admin_password']); } $auth = Horde_Auth::singleton('imap', $params); $auth->removeUser($userId); @@ -403,7 +405,8 @@ class IMP_Application extends Horde_Registry_Application $params = array_merge($params, $_SESSION['imp']['imap']['admin']['params']); if (isset($params['admin_password'])) { - $params['admin_password'] = Horde_Secret::read(Horde_Secret::getKey('imp'), $params['admin_password']); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $params['admin_password'] = $secret->read($secret->getKey('imp'), $params['admin_password']); } $auth = Horde_Auth::singleton('imap', $params); return $auth->listUsers(); diff --git a/imp/lib/Auth.php b/imp/lib/Auth.php index a459c86ef..32b6fc00d 100644 --- a/imp/lib/Auth.php +++ b/imp/lib/Auth.php @@ -404,7 +404,8 @@ class IMP_Auth * these entries in the session if they exist. */ foreach (array('password', 'admin_password') as $key) { if (isset($ptr[$val]['params'][$key])) { - $sess['imap'][$val]['params'][$key] = Horde_Secret::write(Horde_Secret::getKey('imp'), $ptr[$val]['params'][$key]); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $sess['imap'][$val]['params'][$key] = $secret->write($secret->getKey('imp'), $ptr[$val]['params'][$key]); } } } diff --git a/imp/lib/Crypt/Pgp.php b/imp/lib/Crypt/Pgp.php index f359ffd01..43eeede0c 100644 --- a/imp/lib/Crypt/Pgp.php +++ b/imp/lib/Crypt/Pgp.php @@ -400,9 +400,12 @@ class IMP_Crypt_Pgp extends Horde_Crypt_Pgp $id = 'personal'; } - return isset($_SESSION['imp']['cache']['pgp'][$type][$id]) - ? Horde_Secret::read(Horde_Secret::getKey('imp'), $_SESSION['imp']['cache']['pgp'][$type][$id]) - : null; + if (!isset($_SESSION['imp']['cache']['pgp'][$type][$id])) { + return null; + } + + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + return $secret->read($secret->getKey('imp'), $_SESSION['imp']['cache']['pgp'][$type][$id]); } /** @@ -425,7 +428,8 @@ class IMP_Crypt_Pgp extends Horde_Crypt_Pgp $id = 'personal'; } - $_SESSION['imp']['cache']['pgp'][$type][$id] = Horde_Secret::write(Horde_Secret::getKey('imp'), $passphrase); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $_SESSION['imp']['cache']['pgp'][$type][$id] = $secret->write($secret->getKey('imp'), $passphrase); return true; } diff --git a/imp/lib/Crypt/Smime.php b/imp/lib/Crypt/Smime.php index 03af537ef..e42d7882f 100644 --- a/imp/lib/Crypt/Smime.php +++ b/imp/lib/Crypt/Smime.php @@ -278,7 +278,8 @@ class IMP_Crypt_Smime extends Horde_Crypt_Smime } if (isset($_SESSION['imp']['smime']['passphrase'])) { - return Horde_Secret::read(Horde_Secret::getKey('imp'), $_SESSION['imp']['smime']['passphrase']); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + return $secret->read($secret->getKey('imp'), $_SESSION['imp']['smime']['passphrase']); } elseif (isset($_SESSION['imp']['smime']['null_passphrase'])) { return ($_SESSION['imp']['smime']['null_passphrase']) ? null : false; } else { @@ -307,7 +308,9 @@ class IMP_Crypt_Smime extends Horde_Crypt_Smime if (!isset($_SESSION['imp']['smime'])) { $_SESSION['imp']['smime'] = array(); } - $_SESSION['imp']['smime']['passphrase'] = Horde_Secret::write(Horde_Secret::getKey('imp'), $passphrase); + + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $_SESSION['imp']['smime']['passphrase'] = $secret->write($secret->getKey('imp'), $passphrase); return true; } diff --git a/imp/lib/Imap.php b/imp/lib/Imap.php index fb2bff879..8c50a4e62 100644 --- a/imp/lib/Imap.php +++ b/imp/lib/Imap.php @@ -137,7 +137,7 @@ class IMP_Imap return false; } - Horde_Imap_Client::$encryptKey = Horde_Secret::getKey('imp'); + Horde_Imap_Client::$encryptKey = $GLOBALS['injector']->getInstance('Horde_Secret')->getKey('imp'); $old_error = error_reporting(0); $this->_ob = unserialize($_SESSION['imp']['imap_ob'][$_SESSION['imp']['server_key']]); diff --git a/imp/lib/Quota.php b/imp/lib/Quota.php index dd61045f1..f588a0b79 100644 --- a/imp/lib/Quota.php +++ b/imp/lib/Quota.php @@ -89,7 +89,8 @@ class IMP_Quota /* If 'password' exists in params, it has been encrypted in the * session so we need to decrypt. */ if (isset($this->_params['password'])) { - $this->_params['password'] = Horde_Secret::read(Horde_Secret::getKey('imp'), $this->_params['password']); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $this->_params['password'] = $secret->read($secret->getKey('imp'), $this->_params['password']); } } diff --git a/kronolith/calendars/remote_edit.php b/kronolith/calendars/remote_edit.php index 3ed24f98a..2c71b7102 100644 --- a/kronolith/calendars/remote_edit.php +++ b/kronolith/calendars/remote_edit.php @@ -55,8 +55,9 @@ $key = Horde_Auth::getCredential('password'); $username = $calendar['user']; $password = $calendar['password']; if ($key) { - $username = Horde_Secret::read($key, base64_decode($username)); - $password = Horde_Secret::read($key, base64_decode($password)); + $secret = $injector->getInstance('Horde_Secret'); + $username = $secret->read($key, base64_decode($username)); + $password = $secret->read($key, base64_decode($password)); } $vars->set('name', $calendar['name']); diff --git a/kronolith/lib/Forms/EditRemoteCalendar.php b/kronolith/lib/Forms/EditRemoteCalendar.php index f0c2d84b9..727a7617d 100644 --- a/kronolith/lib/Forms/EditRemoteCalendar.php +++ b/kronolith/lib/Forms/EditRemoteCalendar.php @@ -51,8 +51,9 @@ class Kronolith_EditRemoteCalendarForm extends Horde_Form if (strlen($info['username']) || strlen($info['password'])) { $key = Horde_Auth::getCredential('password'); if ($key) { - $info['username'] = base64_encode(Horde_Secret::write($key, $info['username'])); - $info['password'] = base64_encode(Horde_Secret::write($key, $info['password'])); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $info['username'] = base64_encode($secret->write($key, $info['username'])); + $info['password'] = base64_encode($secret->write($key, $info['password'])); } } diff --git a/kronolith/lib/Kronolith.php b/kronolith/lib/Kronolith.php index 26acfa537..0267f2cf7 100644 --- a/kronolith/lib/Kronolith.php +++ b/kronolith/lib/Kronolith.php @@ -1710,8 +1710,9 @@ class Kronolith if (strlen($info['username']) || strlen($info['password'])) { $key = Horde_Auth::getCredential('password'); if ($key) { - $info['username'] = base64_encode(Horde_Secret::write($key, $info['username'])); - $info['password'] = base64_encode(Horde_Secret::write($key, $info['password'])); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $info['username'] = base64_encode($secret->write($key, $info['username'])); + $info['password'] = base64_encode($secret->write($key, $info['password'])); } } @@ -2472,8 +2473,9 @@ class Kronolith $password = isset($cal['password']) ? $cal['password'] : ''; $key = Horde_Auth::getCredential('password'); if ($key && $user) { - $user = Horde_Secret::read($key, base64_decode($user)); - $password = Horde_Secret::read($key, base64_decode($password)); + $secret = $GLOBALS['injector']->getInstance('Horde_Secret'); + $user = $secret->read($key, base64_decode($user)); + $password = $secret->read($key, base64_decode($password)); } if (!empty($user)) { return array('user' => $user, 'password' => $password); -- 2.11.0