octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-11-11 16:15:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '1.0' into 2.0

Browse Source
This commit is contained in:
terrafrost 2019-09-07 19:39:28 -05:00
commit 43dd05d4c2
1 changed files with 394 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

545
phpseclib/Net/SSH2.php
View File

@ -209,6 +209,15 @@ class SSH2
*/ */
var $kex_algorithms = false; var $kex_algorithms = false;
/**
* Key Exchange Algorithm
*
* @see self::getMethodsNegotiated()
* @var string|false
* @access private
*/
var $kex_algorithm = false;
/** /**
* Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods * Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
* *
@ -317,6 +326,15 @@ class SSH2
*/ */
var $languages_client_to_server = false; var $languages_client_to_server = false;
/**
* Preferred Algorithms
*
* @see self::setPreferredAlgorithms()
* @var array
* @access private
*/
var $preferred = array();
/** /**
* Block Size for Server to Client Encryption * Block Size for Server to Client Encryption
* *
@ -898,14 +916,6 @@ class SSH2
*/ */
var $bad_key_size_fix = false; var $bad_key_size_fix = false;
/**
* The selected decryption algorithm
*
* @var string
* @access private
*/
var $decrypt_algorithm = '';
/** /**
* Should we try to re-connect to re-establish keys? * Should we try to re-connect to re-establish keys?
* *
@ -1311,141 +1321,59 @@ class SSH2
*/ */
function _key_exchange($kexinit_payload_server = false) function _key_exchange($kexinit_payload_server = false)
{ {
$kex_algorithms = array( $preferred = $this->preferred;
// Elliptic Curve Diffie-Hellman Key Agreement (ECDH) using
// Curve25519. See doc/curve25519-sha256@libssh.org.txt in the
// libssh repository for more information.
'curve25519-sha256@libssh.org',
// Diffie-Hellman Key Agreement (DH) using integer modulo prime $kex_algorithms = isset($preferred['kex']) ?
// groups. $preferred['kex'] :
'diffie-hellman-group1-sha1', // REQUIRED $this->getSupportedKEXAlgorithms();
'diffie-hellman-group14-sha1', // REQUIRED $server_host_key_algorithms = isset($preferred['hostkey']) ?
'diffie-hellman-group-exchange-sha1', // RFC 4419 $preferred['hostkey'] :
'diffie-hellman-group-exchange-sha256', // RFC 4419 $this->getSupportedHostKeyAlgorithms();
); $s2c_encryption_algorithms = isset($preferred['server_to_client']['crypt']) ?
if (!function_exists('\\Sodium\\library_version_major')) { $preferred['server_to_client']['crypt'] :
$kex_algorithms = array_diff( $this->getSupportedEncryptionAlgorithms();
$kex_algorithms, $c2s_encryption_algorithms = isset($preferred['client_to_server']['crypt']) ?
array('curve25519-sha256@libssh.org') $preferred['client_to_server']['crypt'] :
); $this->getSupportedEncryptionAlgorithms();
} $s2c_mac_algorithms = isset($preferred['server_to_client']['mac']) ?
$preferred['server_to_client']['mac'] :
$server_host_key_algorithms = array( $this->getSupportedMACAlgorithms();
'rsa-sha2-256', // RFC 8332 $c2s_mac_algorithms = isset($preferred['client_to_server']['mac']) ?
'rsa-sha2-512', // RFC 8332 $preferred['client_to_server']['mac'] :
'ssh-rsa', // RECOMMENDED sign Raw RSA Key $this->getSupportedMACAlgorithms();
'ssh-dss' // REQUIRED sign Raw DSS Key $s2c_compression_algorithms = isset($preferred['server_to_client']['comp']) ?
); $preferred['server_to_client']['comp'] :
$this->getSupportedCompressionAlgorithms();
$encryption_algorithms = array( $c2s_compression_algorithms = isset($preferred['client_to_server']['comp']) ?
// from <http://tools.ietf.org/html/rfc4345#section-4>: $preferred['client_to_server']['comp'] :
'arcfour256', $this->getSupportedCompressionAlgorithms();
'arcfour128',
//'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key
// CTR modes from <http://tools.ietf.org/html/rfc4344#section-4>:
'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key
'aes192-ctr', // RECOMMENDED AES with 192-bit key
'aes256-ctr', // RECOMMENDED AES with 256-bit key
'twofish128-ctr', // OPTIONAL Twofish in SDCTR mode, with 128-bit key
'twofish192-ctr', // OPTIONAL Twofish with 192-bit key
'twofish256-ctr', // OPTIONAL Twofish with 256-bit key
'aes128-cbc', // RECOMMENDED AES with a 128-bit key
'aes192-cbc', // OPTIONAL AES with a 192-bit key
'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key
'twofish128-cbc', // OPTIONAL Twofish with a 128-bit key
'twofish192-cbc', // OPTIONAL Twofish with a 192-bit key
'twofish256-cbc',
'twofish-cbc', // OPTIONAL alias for "twofish256-cbc"
// (this is being retained for historical reasons)
'blowfish-ctr', // OPTIONAL Blowfish in SDCTR mode
'blowfish-cbc', // OPTIONAL Blowfish in CBC mode
'3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode
'3des-cbc', // REQUIRED three-key 3DES in CBC mode
//'none' // OPTIONAL no encryption; NOT RECOMMENDED
);
if (extension_loaded('openssl') && !extension_loaded('mcrypt')) {
// OpenSSL does not support arcfour256 in any capacity and arcfour128 / arcfour support is limited to
// instances that do not use continuous buffers
$encryption_algorithms = array_diff(
$encryption_algorithms,
array('arcfour256', 'arcfour128', 'arcfour')
);
}
if (class_exists('\phpseclib\Crypt\RC4') === false) {
$encryption_algorithms = array_diff(
$encryption_algorithms,
array('arcfour256', 'arcfour128', 'arcfour')
);
}
if (class_exists('\phpseclib\Crypt\Rijndael') === false) {
$encryption_algorithms = array_diff(
$encryption_algorithms,
array('aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', 'aes192-cbc', 'aes256-cbc')
);
}
if (class_exists('\phpseclib\Crypt\Twofish') === false) {
$encryption_algorithms = array_diff(
$encryption_algorithms,
array('twofish128-ctr', 'twofish192-ctr', 'twofish256-ctr', 'twofish128-cbc', 'twofish192-cbc', 'twofish256-cbc', 'twofish-cbc')
);
}
if (class_exists('\phpseclib\Crypt\Blowfish') === false) {
$encryption_algorithms = array_diff(
$encryption_algorithms,
array('blowfish-ctr', 'blowfish-cbc')
);
}
if (class_exists('\phpseclib\Crypt\TripleDES') === false) {
$encryption_algorithms = array_diff(
$encryption_algorithms,
array('3des-ctr', '3des-cbc')
);
}
$encryption_algorithms = array_values($encryption_algorithms);
$mac_algorithms = array(
// from <http://www.ietf.org/rfc/rfc6668.txt>:
'hmac-sha2-256',// RECOMMENDED HMAC-SHA256 (digest length = key length = 32)
'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20)
'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20)
'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16)
'hmac-md5', // OPTIONAL HMAC-MD5 (digest length = key length = 16)
//'none' // OPTIONAL no MAC; NOT RECOMMENDED
);
$compression_algorithms = array(
'none' // REQUIRED no compression
//'zlib' // OPTIONAL ZLIB (LZ77) compression
);
// some SSH servers have buggy implementations of some of the above algorithms // some SSH servers have buggy implementations of some of the above algorithms
switch (true) { switch (true) {
case $this->server_identifier == 'SSH-2.0-SSHD': case $this->server_identifier == 'SSH-2.0-SSHD':
case substr($this->server_identifier, 0, 13) == 'SSH-2.0-DLINK': case substr($this->server_identifier, 0, 13) == 'SSH-2.0-DLINK':
$mac_algorithms = array_values(array_diff( if (!isset($preferred['server_to_client']['mac'])) {
$mac_algorithms, $s2c_mac_algorithms = array_values(array_diff(
array('hmac-sha1-96', 'hmac-md5-96') $s2c_mac_algorithms,
)); array('hmac-sha1-96', 'hmac-md5-96')
));
}
if (!isset($preferred['client_to_server']['mac'])) {
$c2s_mac_algorithms = array_values(array_diff(
$c2s_mac_algorithms,
array('hmac-sha1-96', 'hmac-md5-96')
));
}
} }
$str_kex_algorithms = implode(',', $kex_algorithms); $str_kex_algorithms = implode(',', $kex_algorithms);
$str_server_host_key_algorithms = implode(',', $server_host_key_algorithms); $str_server_host_key_algorithms = implode(',', $server_host_key_algorithms);
$encryption_algorithms_server_to_client = $encryption_algorithms_client_to_server = implode(',', $encryption_algorithms); $encryption_algorithms_server_to_client = implode(',', $s2c_encryption_algorithms);
$mac_algorithms_server_to_client = $mac_algorithms_client_to_server = implode(',', $mac_algorithms); $encryption_algorithms_client_to_server = implode(',', $c2s_encryption_algorithms);
$compression_algorithms_server_to_client = $compression_algorithms_client_to_server = implode(',', $compression_algorithms); $mac_algorithms_server_to_client = implode(',', $s2c_mac_algorithms);
$mac_algorithms_client_to_server = implode(',', $c2s_mac_algorithms);
$compression_algorithms_server_to_client = implode(',', $s2c_compression_algorithms);
$compression_algorithms_client_to_server = implode(',', $c2s_compression_algorithms);
$client_cookie = Random::string(16); $client_cookie = Random::string(16);
@ -1572,14 +1500,14 @@ class SSH2
// we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange // we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange
// we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the
// diffie-hellman key exchange as fast as possible // diffie-hellman key exchange as fast as possible
$decrypt = $this->_array_intersect_first($encryption_algorithms, $this->encryption_algorithms_server_to_client); $decrypt = $this->_array_intersect_first($s2c_encryption_algorithms, $this->encryption_algorithms_server_to_client);
$decryptKeyLength = $this->_encryption_algorithm_to_key_size($decrypt); $decryptKeyLength = $this->_encryption_algorithm_to_key_size($decrypt);
if ($decryptKeyLength === null) { if ($decryptKeyLength === null) {
user_error('No compatible server to client encryption algorithms found'); user_error('No compatible server to client encryption algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
} }
$encrypt = $this->_array_intersect_first($encryption_algorithms, $this->encryption_algorithms_client_to_server); $encrypt = $this->_array_intersect_first($c2s_encryption_algorithms, $this->encryption_algorithms_client_to_server);
$encryptKeyLength = $this->_encryption_algorithm_to_key_size($encrypt); $encryptKeyLength = $this->_encryption_algorithm_to_key_size($encrypt);
if ($encryptKeyLength === null) { if ($encryptKeyLength === null) {
user_error('No compatible client to server encryption algorithms found'); user_error('No compatible client to server encryption algorithms found');
@ -1587,7 +1515,7 @@ class SSH2
} }
// through diffie-hellman key exchange a symmetric key is obtained // through diffie-hellman key exchange a symmetric key is obtained
$kex_algorithm = $this->_array_intersect_first($kex_algorithms, $this->kex_algorithms); $this->kex_algorithm = $kex_algorithm = $this->_array_intersect_first($kex_algorithms, $this->kex_algorithms);
if ($kex_algorithm === false) { if ($kex_algorithm === false) {
user_error('No compatible key exchange algorithms found'); user_error('No compatible key exchange algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
@ -1859,8 +1787,6 @@ class SSH2
return false; return false;
} }
$this->decrypt_algorithm = $decrypt;
$keyBytes = pack('Na*', strlen($keyBytes), $keyBytes); $keyBytes = pack('Na*', strlen($keyBytes), $keyBytes);
$this->encrypt = $this->_encryption_algorithm_to_crypt_instance($encrypt); $this->encrypt = $this->_encryption_algorithm_to_crypt_instance($encrypt);
@ -1874,6 +1800,10 @@ class SSH2
$this->encrypt->enableContinuousBuffer(); $this->encrypt->enableContinuousBuffer();
$this->encrypt->disablePadding(); $this->encrypt->disablePadding();
if ($this->encrypt->getBlockLength()) {
$this->encrypt_block_size = $this->encrypt->getBlockLength() >> 3;
}
$iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id); $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id);
while ($this->encrypt_block_size > strlen($iv)) { while ($this->encrypt_block_size > strlen($iv)) {
$iv.= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); $iv.= $kexHash->hash($keyBytes . $this->exchange_hash . $iv);
@ -1885,6 +1815,8 @@ class SSH2
$key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key);
} }
$this->encrypt->setKey(substr($key, 0, $encryptKeyLength)); $this->encrypt->setKey(substr($key, 0, $encryptKeyLength));
$this->encrypt->name = $decrypt;
} }
$this->decrypt = $this->_encryption_algorithm_to_crypt_instance($decrypt); $this->decrypt = $this->_encryption_algorithm_to_crypt_instance($decrypt);
@ -1898,6 +1830,10 @@ class SSH2
$this->decrypt->enableContinuousBuffer(); $this->decrypt->enableContinuousBuffer();
$this->decrypt->disablePadding(); $this->decrypt->disablePadding();
if ($this->decrypt->getBlockLength()) {
$this->decrypt_block_size = $this->decrypt->getBlockLength() >> 3;
}
$iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id); $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id);
while ($this->decrypt_block_size > strlen($iv)) { while ($this->decrypt_block_size > strlen($iv)) {
$iv.= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); $iv.= $kexHash->hash($keyBytes . $this->exchange_hash . $iv);
@ -1909,6 +1845,8 @@ class SSH2
$key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key);
} }
$this->decrypt->setKey(substr($key, 0, $decryptKeyLength)); $this->decrypt->setKey(substr($key, 0, $decryptKeyLength));
$this->decrypt->name = $decrypt;
} }
/* The "arcfour128" algorithm is the RC4 cipher, as described in /* The "arcfour128" algorithm is the RC4 cipher, as described in
@ -1925,7 +1863,7 @@ class SSH2
$this->decrypt->decrypt(str_repeat("\0", 1536)); $this->decrypt->decrypt(str_repeat("\0", 1536));
} }
$mac_algorithm = $this->_array_intersect_first($mac_algorithms, $this->mac_algorithms_client_to_server); $mac_algorithm = $this->_array_intersect_first($c2s_mac_algorithms, $this->mac_algorithms_client_to_server);
if ($mac_algorithm === false) { if ($mac_algorithm === false) {
user_error('No compatible client to server message authentication algorithms found'); user_error('No compatible client to server message authentication algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
@ -1953,8 +1891,9 @@ class SSH2
$this->hmac_create = new Hash('md5-96'); $this->hmac_create = new Hash('md5-96');
$createKeyLength = 16; $createKeyLength = 16;
} }
$this->hmac_create->name = $mac_algorithm;
$mac_algorithm = $this->_array_intersect_first($mac_algorithms, $this->mac_algorithms_server_to_client); $mac_algorithm = $this->_array_intersect_first($s2c_mac_algorithms, $this->mac_algorithms_server_to_client);
if ($mac_algorithm === false) { if ($mac_algorithm === false) {
user_error('No compatible server to client message authentication algorithms found'); user_error('No compatible server to client message authentication algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
@ -1988,6 +1927,7 @@ class SSH2
$checkKeyLength = 16; $checkKeyLength = 16;
$this->hmac_size = 12; $this->hmac_size = 12;
} }
$this->hmac_check->name = $mac_algorithm;
$key = $kexHash->hash($keyBytes . $this->exchange_hash . 'E' . $this->session_id); $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'E' . $this->session_id);
while ($createKeyLength > strlen($key)) { while ($createKeyLength > strlen($key)) {
@ -2001,19 +1941,19 @@ class SSH2
} }
$this->hmac_check->setKey(substr($key, 0, $checkKeyLength)); $this->hmac_check->setKey(substr($key, 0, $checkKeyLength));
$compression_algorithm = $this->_array_intersect_first($compression_algorithms, $this->compression_algorithms_server_to_client); $compression_algorithm = $this->_array_intersect_first($c2s_compression_algorithms, $this->compression_algorithms_client_to_server);
if ($compression_algorithm === false) {
user_error('No compatible server to client compression algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
$this->decompress = $compression_algorithm == 'zlib';
$compression_algorithm = $this->_array_intersect_first($compression_algorithms, $this->compression_algorithms_client_to_server);
if ($compression_algorithm === false) { if ($compression_algorithm === false) {
user_error('No compatible client to server compression algorithms found'); user_error('No compatible client to server compression algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
} }
$this->compress = $compression_algorithm == 'zlib'; //$this->decompress = $compression_algorithm == 'zlib';
$compression_algorithm = $this->_array_intersect_first($s2c_compression_algorithms, $this->compression_algorithms_client_to_server);
if ($compression_algorithm === false) {
user_error('No compatible server to client compression algorithms found');
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
}
//$this->compress = $compression_algorithm == 'zlib';
return true; return true;
} }
@ -2105,7 +2045,7 @@ class SSH2
return null; return null;
} }
/* /**
* Tests whether or not proposed algorithm has a potential for issues * Tests whether or not proposed algorithm has a potential for issues
* *
* @link https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-openssh.html * @link https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-openssh.html
@ -3376,7 +3316,7 @@ class SSH2
// "implementations SHOULD check that the packet length is reasonable" // "implementations SHOULD check that the packet length is reasonable"
// PuTTY uses 0x9000 as the actual max packet size and so to shall we // PuTTY uses 0x9000 as the actual max packet size and so to shall we
if ($remaining_length < -$this->decrypt_block_size || $remaining_length > 0x9000 || $remaining_length % $this->decrypt_block_size != 0) { if ($remaining_length < -$this->decrypt_block_size || $remaining_length > 0x9000 || $remaining_length % $this->decrypt_block_size != 0) {
if (!$this->bad_key_size_fix && $this->_bad_algorithm_candidate($this->decrypt_algorithm) && !($this->bitmap & SSH2::MASK_LOGIN)) { if (!$this->bad_key_size_fix && $this->_bad_algorithm_candidate($this->decrypt->name) && !($this->bitmap & SSH2::MASK_LOGIN)) {
$this->bad_key_size_fix = true; $this->bad_key_size_fix = true;
$this->_reset_connection(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); $this->_reset_connection(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
return false; return false;
@ -4497,6 +4437,309 @@ class SSH2
return $this->languages_client_to_server; return $this->languages_client_to_server;
} }
/**
* Returns a list of algorithms the server supports
*
* @return array
* @access public
*/
public function getServerAlgorithms()
{
$this->_connect();
return array(
'kex' => $this->kex_algorithms,
'hostkey' => $this->server_host_key_algorithms,
'client_to_server' => array(
'crypt' => $this->encryption_algorithms_client_to_server,
'mac' => $this->mac_algorithms_client_to_server,
'comp' => $this->compression_algorithms_client_to_server,
'lang' => $this->languages_client_to_server
),
'server_to_client' => array(
'crypt' => $this->encryption_algorithms_server_to_client,
'mac' => $this->mac_algorithms_server_to_client,
'comp' => $this->compression_algorithms_server_to_client,
'lang' => $this->languages_server_to_client
)
);
}
/**
* Returns a list of KEX algorithms that phpseclib supports
*
* @return array
* @access public
*/
function getSupportedKEXAlgorithms()
{
$kex_algorithms = array(
// Elliptic Curve Diffie-Hellman Key Agreement (ECDH) using
// Curve25519. See doc/curve25519-sha256@libssh.org.txt in the
// libssh repository for more information.
'curve25519-sha256@libssh.org',
'diffie-hellman-group-exchange-sha256',// RFC 4419
'diffie-hellman-group-exchange-sha1', // RFC 4419
// Diffie-Hellman Key Agreement (DH) using integer modulo prime
// groups.
'diffie-hellman-group14-sha1', // REQUIRED
'diffie-hellman-group1-sha1', // REQUIRED
);
if (!function_exists('\\Sodium\\library_version_major')) {
$kex_algorithms = array_diff(
$kex_algorithms,
array('curve25519-sha256@libssh.org')
);
}
return $kex_algorithms;
}
/**
* Returns a list of host key algorithms that phpseclib supports
*
* @return array
* @access public
*/
function getSupportedHostKeyAlgorithms()
{
return array(
'rsa-sha2-256', // RFC 8332
'rsa-sha2-512', // RFC 8332
'ssh-rsa', // RECOMMENDED sign Raw RSA Key
'ssh-dss' // REQUIRED sign Raw DSS Key
);
}
/**
* Returns a list of symmetric key algorithms that phpseclib supports
*
* @return array
* @access public
*/
function getSupportedEncryptionAlgorithms()
{
$algos = array(
// from <http://tools.ietf.org/html/rfc4345#section-4>:
'arcfour256',
'arcfour128',
//'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key
// CTR modes from <http://tools.ietf.org/html/rfc4344#section-4>:
'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key
'aes192-ctr', // RECOMMENDED AES with 192-bit key
'aes256-ctr', // RECOMMENDED AES with 256-bit key
'twofish128-ctr', // OPTIONAL Twofish in SDCTR mode, with 128-bit key
'twofish192-ctr', // OPTIONAL Twofish with 192-bit key
'twofish256-ctr', // OPTIONAL Twofish with 256-bit key
'aes128-cbc', // RECOMMENDED AES with a 128-bit key
'aes192-cbc', // OPTIONAL AES with a 192-bit key
'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key
'twofish128-cbc', // OPTIONAL Twofish with a 128-bit key
'twofish192-cbc', // OPTIONAL Twofish with a 192-bit key
'twofish256-cbc',
'twofish-cbc', // OPTIONAL alias for "twofish256-cbc"
// (this is being retained for historical reasons)
'blowfish-ctr', // OPTIONAL Blowfish in SDCTR mode
'blowfish-cbc', // OPTIONAL Blowfish in CBC mode
'3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode
'3des-cbc', // REQUIRED three-key 3DES in CBC mode
//'none' // OPTIONAL no encryption; NOT RECOMMENDED
);
$engines = array(
CRYPT_ENGINE_OPENSSL,
CRYPT_ENGINE_MCRYPT,
CRYPT_ENGINE_INTERNAL
);
$ciphers = array();
foreach ($engines as $engine) {
foreach ($algos as $algo) {
$obj = $this->_encryption_algorithm_to_crypt_instance($algo);
if (strtolower(get_class($obj)) == 'crypt_rijndael') {
$obj->setKeyLength(preg_replace('#[^\d]#', '', $algo));
}
switch ($algo) {
case 'arcfour128':
case 'arcfour256':
if ($engine == CRYPT_ENGINE_INTERNAL) {
$algos = array_diff($algos, array($algo));
$ciphers[] = $algo;
} else {
continue 2;
}
}
if ($obj->isValidEngine($engine)) {
$algos = array_diff($algos, array($algo));
$ciphers[] = $algo;
}
}
}
return $ciphers;
}
/**
* Returns a list of MAC algorithms that phpseclib supports
*
* @return array
* @access public
*/
function getSupportedMACAlgorithms()
{
return array(
// from <http://www.ietf.org/rfc/rfc6668.txt>:
'hmac-sha2-256',// RECOMMENDED HMAC-SHA256 (digest length = key length = 32)
'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20)
'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20)
'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16)
'hmac-md5', // OPTIONAL HMAC-MD5 (digest length = key length = 16)
//'none' // OPTIONAL no MAC; NOT RECOMMENDED
);
}
/**
* Returns a list of compression algorithms that phpseclib supports
*
* @return array
* @access public
*/
function getSupportedCompressionAlgorithms()
{
return array(
'none' // REQUIRED no compression
//'zlib' // OPTIONAL ZLIB (LZ77) compression
);
}
/**
* Return list of negotiated algorithms
*
* Uses the same format as https://www.php.net/ssh2-methods-negotiated
*
* @return array
* @access public
*/
function getAlgorithmsNegotiated()
{
$this->_connect();
return array(
'kex' => $this->kex_algorithm,
'hostkey' => $this->signature_format,
'client_to_server' => array(
'crypt' => $this->encrypt->name,
'mac' => $this->hmac_create->name,
'comp' => 'none',
),
'server_to_client' => array(
'crypt' => $this->decrypt->name,
'mac' => $this->hmac_check->name,
'comp' => 'none',
)
);
}
/**
* Accepts an associative array with up to four parameters as described at
* <https://www.php.net/manual/en/function.ssh2-connect.php>
*
* @param array $methods
* @access public
*/
function setPreferredAlgorithms($methods)
{
$preferred = $methods;
if (isset($preferred['kex'])) {
$preferred['kex'] = array_intersect(
$preferred['kex'],
$this->getSupportedKEXAlgorithms()
);
}
if (isset($preferred['hostkey'])) {
$preferred['hostkey'] = array_intersect(
$preferred['hostkey'],
$this->getSupportedHostKeyAlgorithms()
);
}
$keys = array('client_to_server', 'server_to_client');
foreach ($keys as $key) {
if (isset($preferred[$key])) {
$a = &$preferred[$key];
if (isset($a['crypt'])) {
$a['crypt'] = array_intersect(
$a['crypt'],
$this->getSupportedEncryptionAlgorithms()
);
}
if (isset($a['comp'])) {
$a['comp'] = array_intersect(
$a['comp'],
$this->getSupportedCompressionAlgorithms()
);
}
if (isset($a['mac'])) {
$a['mac'] = array_intersect(
$a['mac'],
$this->getSupportedMACAlgorithms()
);
}
}
}
$keys = array(
'kex',
'hostkey',
'client_to_server/crypt',
'client_to_server/comp',
'client_to_server/mac',
'server_to_client/crypt',
'server_to_client/comp',
'server_to_client/mac',
);
foreach ($keys as $key) {
$p = $preferred;
$m = $methods;
$subkeys = explode('/', $key);
foreach ($subkeys as $subkey) {
if (!isset($p[$subkey])) {
continue 2;
}
$p = $p[$subkey];
$m = $m[$subkey];
}
if (count($p) != count($m)) {
$diff = array_diff($m, $p);
$msg = count($diff) == 1 ?
' is not a supported algorithm' :
' are not supported algorithms';
user_error(implode(', ', $diff) . $msg);
return false;
}
}
$this->preferred = $preferred;
}
/** /**
* Returns the banner message. * Returns the banner message.
* *