mirror of
https://github.com/phpseclib/phpseclib.git
synced 2025-01-14 18:59:51 +00:00
Merge branch '3.0'
This commit is contained in:
commit
1d9a6bf8b0
@ -1,5 +1,9 @@
|
|||||||
# Changelog
|
# Changelog
|
||||||
|
|
||||||
|
## 3.0.37 - 2024-03-02
|
||||||
|
|
||||||
|
- SSH2: don't set stream timeout if timeout is 0 (#1986)
|
||||||
|
|
||||||
## 3.0.36 - 2024-02-25
|
## 3.0.36 - 2024-02-25
|
||||||
|
|
||||||
- BigInteger: put guardrails on isPrime() and randomPrime() (CVE-2024-27354)
|
- BigInteger: put guardrails on isPrime() and randomPrime() (CVE-2024-27354)
|
||||||
|
@ -20,6 +20,7 @@ namespace phpseclib3\Crypt\Common\Formats\Keys;
|
|||||||
use phpseclib3\Common\Functions\Strings;
|
use phpseclib3\Common\Functions\Strings;
|
||||||
use phpseclib3\Crypt\AES;
|
use phpseclib3\Crypt\AES;
|
||||||
use phpseclib3\Crypt\Random;
|
use phpseclib3\Crypt\Random;
|
||||||
|
use phpseclib3\Exception\BadDecryptionException;
|
||||||
use phpseclib3\Exception\RuntimeException;
|
use phpseclib3\Exception\RuntimeException;
|
||||||
use phpseclib3\Exception\UnexpectedValueException;
|
use phpseclib3\Exception\UnexpectedValueException;
|
||||||
|
|
||||||
@ -97,7 +98,7 @@ abstract class OpenSSH
|
|||||||
$crypto->setPassword($password, 'bcrypt', $salt, $rounds, 32);
|
$crypto->setPassword($password, 'bcrypt', $salt, $rounds, 32);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
throw new RuntimeException('The only supported cipherse are: none, aes256-ctr (' . $ciphername . ' is being used)');
|
throw new RuntimeException('The only supported ciphers are: none, aes256-ctr (' . $ciphername . ' is being used)');
|
||||||
}
|
}
|
||||||
|
|
||||||
[$publicKey, $paddedKey] = Strings::unpackSSH2('ss', $key);
|
[$publicKey, $paddedKey] = Strings::unpackSSH2('ss', $key);
|
||||||
@ -108,7 +109,10 @@ abstract class OpenSSH
|
|||||||
[$checkint1, $checkint2] = Strings::unpackSSH2('NN', $paddedKey);
|
[$checkint1, $checkint2] = Strings::unpackSSH2('NN', $paddedKey);
|
||||||
// any leftover bytes in $paddedKey are for padding? but they should be sequential bytes. eg. 1, 2, 3, etc.
|
// any leftover bytes in $paddedKey are for padding? but they should be sequential bytes. eg. 1, 2, 3, etc.
|
||||||
if ($checkint1 != $checkint2) {
|
if ($checkint1 != $checkint2) {
|
||||||
throw new RuntimeException('The two checkints do not match');
|
if (isset($crypto)) {
|
||||||
|
throw new BadDecryptionException('Unable to decrypt key - please verify the password you are using');
|
||||||
|
}
|
||||||
|
throw new RuntimeException("The two checkints do not match ($checkint1 vs. $checkint2)");
|
||||||
}
|
}
|
||||||
self::checkType($type);
|
self::checkType($type);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user