From 3d4767301c8089da319a71e8cfdf6f6125e8d19f Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 25 Jan 2021 12:17:36 -0600 Subject: [PATCH 1/4] X509: fix niche issue with computeKeyIdentifier --- phpseclib/File/X509.php | 10 ++++------ tests/Unit/File/X509/X509Test.php | 14 ++++++++++++++ 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 639a0233..16118029 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -43,6 +43,7 @@ use phpseclib3\Exception\UnsupportedAlgorithmException; use phpseclib3\File\ASN1\Element; use phpseclib3\File\ASN1\Maps; use phpseclib3\Math\BigInteger; +use phpseclib3\Crypt\PublicKeyLoader; /** * Pure-PHP X.509 Parser @@ -3690,14 +3691,11 @@ class X509 return false; } // If the key is private, compute identifier from its corresponding public key. - $key = new RSA(); - if (!$key->load($raw)) { - return false; // Not an unencrypted RSA key. - } - if ($key->getPrivateKey() !== false) { // If private. + $key = PublicKeyLoader::load($raw); + if ($key instanceof PrivateKey) { // If private. return $this->computeKeyIdentifier($key, $method); } - $key = $raw; // Is a public key. + $key = $raw; // Is a public key. break; case $key instanceof X509: if (isset($key->publicKey)) { diff --git a/tests/Unit/File/X509/X509Test.php b/tests/Unit/File/X509/X509Test.php index d8b51313..51b8cb1a 100644 --- a/tests/Unit/File/X509/X509Test.php +++ b/tests/Unit/File/X509/X509Test.php @@ -1176,4 +1176,18 @@ qzFkAKWjJj4KjfrbZX4C0Spfxw== $this->assertIsArray($r); } + + /** + * @group github1586 + */ + public function testComputeKeyIdentifier() + { + $key = RSA::createKey(512); + $key = ASN1::extractBER("$key"); + $key = ASN1::encodeDER($key, ['type' => ASN1::TYPE_BIT_STRING]); + $key = new Element($key); + + $x509 = new X509; + $this->assertIsString($x509->computeKeyIdentifier($key)); + } } From 1795b5df6a172952cfc4d67177646709152c9367 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 25 Jan 2021 12:21:14 -0600 Subject: [PATCH 2/4] SSH/Agent: EC keys didn't work with agent --- phpseclib/System/SSH/Agent/Identity.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/System/SSH/Agent/Identity.php b/phpseclib/System/SSH/Agent/Identity.php index 9ef02dfa..20b0a958 100644 --- a/phpseclib/System/SSH/Agent/Identity.php +++ b/phpseclib/System/SSH/Agent/Identity.php @@ -119,7 +119,7 @@ class Identity implements PrivateKey */ public function withPublicKey($key) { - if ($key instanceof ECDSA) { + if ($key instanceof EC) { if (is_array($key->getCurve()) || !isset(self::$curveAliases[$key->getCurve()])) { throw new UnsupportedAlgorithmException('The only supported curves are nistp256, nistp384, nistp512 and Ed25519'); } From bdb6c08c3507c3aeb47a1bc5a198ee9bdb3618f7 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 25 Jan 2021 12:36:02 -0600 Subject: [PATCH 3/4] misc docblock adjustments --- phpseclib/Crypt/EC/BaseCurves/Binary.php | 2 +- phpseclib/Crypt/EC/BaseCurves/Montgomery.php | 2 +- phpseclib/Math/BigInteger/Engines/Engine.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/phpseclib/Crypt/EC/BaseCurves/Binary.php b/phpseclib/Crypt/EC/BaseCurves/Binary.php index f35c01d2..d984ba4b 100644 --- a/phpseclib/Crypt/EC/BaseCurves/Binary.php +++ b/phpseclib/Crypt/EC/BaseCurves/Binary.php @@ -40,7 +40,7 @@ class Binary extends Base /** * Binary Field Integer factory * - * @var \phpseclib3\Math\BinaryFields + * @var \phpseclib3\Math\BinaryField */ protected $factory; diff --git a/phpseclib/Crypt/EC/BaseCurves/Montgomery.php b/phpseclib/Crypt/EC/BaseCurves/Montgomery.php index 5f5fdf0e..b4bba650 100644 --- a/phpseclib/Crypt/EC/BaseCurves/Montgomery.php +++ b/phpseclib/Crypt/EC/BaseCurves/Montgomery.php @@ -45,7 +45,7 @@ class Montgomery extends Base /** * Prime Field Integer factory * - * @var \phpseclib3\Math\PrimeFields + * @var \phpseclib3\Math\PrimeField */ protected $factory; diff --git a/phpseclib/Math/BigInteger/Engines/Engine.php b/phpseclib/Math/BigInteger/Engines/Engine.php index 05d97431..10dd994b 100644 --- a/phpseclib/Math/BigInteger/Engines/Engine.php +++ b/phpseclib/Math/BigInteger/Engines/Engine.php @@ -1139,7 +1139,7 @@ abstract class Engine implements \Serializable * Splits BigInteger's into chunks of $split bits * * @param int $split - * @return \phpseclib3\Math\BigInteger\Engine[] + * @return \phpseclib3\Math\BigInteger\Engines\Engine[] */ public function bitwise_split($split) { From 845a2275e886ba9fb386c8f59cb383dd9c8963e9 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 25 Jan 2021 13:02:05 -0600 Subject: [PATCH 4/4] X509: CS adjustments --- phpseclib/File/X509.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 16118029..eb122b6b 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -304,6 +304,18 @@ class X509 */ private static $extensions = []; + /** + * @var ?array + * @access private + */ + private $ipAddresses = null; + + /** + * @var ?array + * @access private + */ + private $domains = null; + /** * Default Constructor. *