octoleo
/
phpseclib
mirror of https://github.com/phpseclib/phpseclib.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch '3.0'

This commit is contained in:
terrafrost 2024-04-10 04:46:02 -05:00
parent 9a89226a33 901a79f0ec
commit 1d9a6bf8b0
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -1,5 +1,9 @@
# Changelog
## 3.0.37 - 2024-03-02
- SSH2: don't set stream timeout if timeout is 0 (#1986)
## 3.0.36 - 2024-02-25
- BigInteger: put guardrails on isPrime() and randomPrime() (CVE-2024-27354)

8
phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php
View File

@ -20,6 +20,7 @@ namespace phpseclib3\Crypt\Common\Formats\Keys;
use phpseclib3\Common\Functions\Strings;
use phpseclib3\Crypt\AES;
use phpseclib3\Crypt\Random;
use phpseclib3\Exception\BadDecryptionException;
use phpseclib3\Exception\RuntimeException;
use phpseclib3\Exception\UnexpectedValueException;
@ -97,7 +98,7 @@ abstract class OpenSSH
$crypto->setPassword($password, 'bcrypt', $salt, $rounds, 32);
break;
default:
throw new RuntimeException('The only supported cipherse are: none, aes256-ctr (' . $ciphername . ' is being used)');
throw new RuntimeException('The only supported ciphers are: none, aes256-ctr (' . $ciphername . ' is being used)');
}
[$publicKey, $paddedKey] = Strings::unpackSSH2('ss', $key);
@ -108,7 +109,10 @@ abstract class OpenSSH
[$checkint1, $checkint2] = Strings::unpackSSH2('NN', $paddedKey);
// any leftover bytes in $paddedKey are for padding? but they should be sequential bytes. eg. 1, 2, 3, etc.
if ($checkint1 != $checkint2) {
throw new RuntimeException('The two checkints do not match');
if (isset($crypto)) {
throw new BadDecryptionException('Unable to decrypt key - please verify the password you are using');
}
throw new RuntimeException("The two checkints do not match ($checkint1 vs. $checkint2)");
}
self::checkType($type);