updates for phpseclib 3.0

Author: terrafrost

.travis.yml

@@ -2,8 +2,6 @@ language: php
 
 matrix:
   include:
-    - php: 5.6
-      dist: xenial
     - php: 7.0
       dist: xenial
     - php: 7.1

lib/mcrypt.php

@@ -41,6 +41,7 @@
 use phpseclib3\Crypt\Random;
 use phpseclib3\Crypt\Common\SymmetricKey as Base;
 use phpseclib3\Common\Functions\Strings;
+use phpseclib3\Exception\InsufficientSetupException;
 
 if (!defined('MCRYPT_MODE_ECB')) {
     /**#@+
@@ -338,8 +339,6 @@ function phpseclib_mcrypt_module_open($algorithm, $algorithm_directory, $mode, $
 
         $cipher->disablePadding();
 
-        $cipher->key = null;
-
         return $cipher;
     }
 
@@ -696,15 +695,6 @@ function phpseclib_mcrypt_generic_init(Base $td, $key, $iv)
      */
     function phpseclib_mcrypt_generic_helper(Base $td, &$data, $op)
     {
-        // in the orig mcrypt, if mcrypt_generic_init() was called and an empty key was provided you'd get the following error:
-        // Warning: mcrypt_generic(): supplied resource is not a valid MCrypt resource
-        // that error doesn't really make a lot of sense in this context since $td is not a resource nor should it be one.
-        // in light of that we'll just display the same error that you get when you don't call mcrypt_generic_init() at all
-        if (!isset($td->key)) {
-            trigger_error('m' . $op . '_generic(): Operation disallowed prior to mcrypt_generic_init().', E_USER_WARNING);
-            return false;
-        }
-
         // phpseclib does not currently provide a way to retrieve the mode once it has been set via "public" methods
         if (phpseclib_mcrypt_enc_is_block_mode($td)) {
             $block_length = phpseclib_mcrypt_enc_get_iv_size($td);
@@ -714,7 +704,16 @@ function phpseclib_mcrypt_generic_helper(Base $td, &$data, $op)
             }
         }
 
-        return $op == 'crypt' ? $td->encrypt($data) : $td->decrypt($data);
+        try {
+            return $op == 'crypt' ? $td->encrypt($data) : $td->decrypt($data);
+        } catch (InsufficientSetupException $e) {
+            // in the orig mcrypt, if mcrypt_generic_init() was called and an empty key was provided you'd get the following error:
+            // Warning: mcrypt_generic(): supplied resource is not a valid MCrypt resource
+            // that error doesn't really make a lot of sense in this context since $td is not a resource nor should it be one.
+            // in light of that we'll just display the same error that you get when you don't call mcrypt_generic_init() at all
+            trigger_error('m' . $op . '_generic(): Operation disallowed prior to mcrypt_generic_init().', E_USER_WARNING);
+            return false;
+        }
     }
 
     /**
@@ -774,15 +773,18 @@ function phpseclib_mdecrypt_generic(Base $td, $data)
      * @return bool
      * @access public
      */
-    function phpseclib_mcrypt_generic_deinit(Base $td)
+    function phpseclib_mcrypt_generic_deinit(Base &$td)
     {
-        if (!isset($td->key)) {
+        $reflectionObject = new \ReflectionObject($td);
+        $reflectionProperty = $reflectionObject->getProperty('key');
+        $reflectionProperty->setAccessible(true); // can be dropped in PHP 8.1.0+
+        if (!strlen($reflectionProperty->getValue($td))) {
             trigger_error('mcrypt_generic_deinit(): Could not terminate encryption specifier', E_USER_WARNING);
             return false;
         }
 
-        $td->disableContinuousBuffer();
-        $td->key = null;
+        $class = get_class($td);
+        $td = new $class($td->getMode());
         return true;
     }
 
@@ -797,7 +799,7 @@ function phpseclib_mcrypt_generic_deinit(Base $td)
      */
     function phpseclib_mcrypt_module_close(Base $td)
     {
-        $td->key = null;
+        //$td->key = null;
         return true;
     }
 
@@ -1300,7 +1302,7 @@ function mcrypt_generic(Base $td, $data)
         return phpseclib_mcrypt_generic($td, $data);
     }
 
-    function mcrypt_generic_deinit(Base $td)
+    function mcrypt_generic_deinit(Base &$td)
     {
         return phpseclib_mcrypt_generic_deinit($td);
     }

tests/MCryptCompatTest.php

@@ -240,7 +240,6 @@ public function testMcryptGenericHelperWithException()
         $data = 'data';
         $op = 'operation';
         $td = phpseclib_mcrypt_module_open('blowfish', '', 'cbc', '');
-        unset($td->mcrypt_polyfill_init);
         $result = phpseclib_mcrypt_generic_helper($td, $data, $op);
     }
 
@@ -249,7 +248,6 @@ public function testMcryptGenericDeinitWithException()
         $this->setExpectedException('PHPUnit_Framework_Error_Warning');
 
         $td = phpseclib_mcrypt_module_open('blowfish', '', 'cbc', '');
-        unset($td->mcrypt_polyfill_init);
         $result = phpseclib_mcrypt_generic_deinit($td);
     }
 
@@ -483,7 +481,7 @@ public function ncfbHelper($prefix)
             $v1.= call_user_func($prefix . 'mdecrypt_generic', $td, str_repeat('c', $block));
             $v2.= str_repeat('c', $block);
         }
-        call_user_func($prefix . 'mcrypt_generic_deinit', $td);
+        ($prefix . 'mcrypt_generic_deinit')($td);
         call_user_func($prefix . 'mcrypt_generic_init', $td, str_repeat('a', 16), str_repeat('a', 16));
         $v2 = call_user_func($prefix . 'mdecrypt_generic', $td, $v2);
 
@@ -1029,6 +1027,19 @@ public function testModuleOpenWithoutInit()
         $result = phpseclib_mcrypt_generic($td, 'zzz');
     }
 
+    public function testDeInit()
+    {
+        $key = str_repeat('x', 16);
+        $iv = str_repeat('x', 16);
+
+        $this->setExpectedException('PHPUnit_Framework_Error_Warning');
+
+        $td = phpseclib_mcrypt_module_open('rijndael-128', '', 'cbc', '');
+        phpseclib_mcrypt_generic_init($td, $key, $iv);
+        phpseclib_mcrypt_generic_deinit($td);
+        $result = phpseclib_mcrypt_generic($td, 'zzz');
+    }
+
     public function mcryptModuleNameProvider()
     {
         return array(