octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-11-14 09:24:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into Upgrade_to_Php_7.0

Browse Source 
# Conflicts:
#	phpseclib/Crypt/EC/BaseCurves/Prime.php
#	phpseclib/Crypt/EC/Formats/Keys/XML.php
#	phpseclib/Crypt/RSA/PrivateKey.php
#	phpseclib/File/ANSI.php
#	phpseclib/File/ASN1.php
#	phpseclib/File/X509.php
#	phpseclib/Net/SFTP.php
#	phpseclib/Net/SFTP/Stream.php
#	phpseclib/Net/SSH2.php
#	phpseclib/System/SSH/Agent.php
#	phpseclib/System/SSH/Agent/Identity.php
#	tests/Unit/Math/BigInteger/TestCase.php
This commit is contained in:
Jack Worman 2022-07-03 07:48:16 -05:00
commit 81ffdbc4ef
13 changed files with 89 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
View File

@ -327,12 +327,15 @@ abstract class PKCS8 extends PKCS
$meta['meta']['algorithm'] = $algorithm; $meta['meta']['algorithm'] = $algorithm;
$temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']);
if (!$temp) {
throw new \RuntimeException('Unable to decode BER');
}
extract(ASN1::asn1map($temp[0], Maps\PBEParameter::MAP)); extract(ASN1::asn1map($temp[0], Maps\PBEParameter::MAP));
$iterationCount = (int) $iterationCount->toString(); $iterationCount = (int) $iterationCount->toString();
$cipher->setPassword($password, $kdf, $hash, $salt, $iterationCount); $cipher->setPassword($password, $kdf, $hash, $salt, $iterationCount);
$key = $cipher->decrypt($decrypted['encryptedData']); $key = $cipher->decrypt($decrypted['encryptedData']);
$decoded = ASN1::decodeBER($key); $decoded = ASN1::decodeBER($key);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER 2'); throw new \RuntimeException('Unable to decode BER 2');
} }
@ -341,6 +344,9 @@ abstract class PKCS8 extends PKCS
$meta['meta']['algorithm'] = $algorithm; $meta['meta']['algorithm'] = $algorithm;
$temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']);
if (!$temp) {
throw new \RuntimeException('Unable to decode BER');
}
$temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP);
extract($temp); extract($temp);
@ -348,6 +354,9 @@ abstract class PKCS8 extends PKCS
$meta['meta']['cipher'] = $encryptionScheme['algorithm']; $meta['meta']['cipher'] = $encryptionScheme['algorithm'];
$temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']);
if (!$temp) {
throw new \RuntimeException('Unable to decode BER');
}
$temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP);
extract($temp); extract($temp);
@ -355,6 +364,9 @@ abstract class PKCS8 extends PKCS
$cipher->setIV($encryptionScheme['parameters']['octetString']); $cipher->setIV($encryptionScheme['parameters']['octetString']);
} else { } else {
$temp = ASN1::decodeBER($encryptionScheme['parameters']); $temp = ASN1::decodeBER($encryptionScheme['parameters']);
if (!$temp) {
throw new \RuntimeException('Unable to decode BER');
}
extract(ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP)); extract(ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP));
$effectiveKeyLength = (int) $rc2ParametersVersion->toString(); $effectiveKeyLength = (int) $rc2ParametersVersion->toString();
switch ($effectiveKeyLength) { switch ($effectiveKeyLength) {
@ -377,6 +389,9 @@ abstract class PKCS8 extends PKCS
switch ($keyDerivationFunc['algorithm']) { switch ($keyDerivationFunc['algorithm']) {
case 'id-PBKDF2': case 'id-PBKDF2':
$temp = ASN1::decodeBER($keyDerivationFunc['parameters']); $temp = ASN1::decodeBER($keyDerivationFunc['parameters']);
if (!$temp) {
throw new \RuntimeException('Unable to decode BER');
}
$prf = ['algorithm' => 'id-hmacWithSHA1']; $prf = ['algorithm' => 'id-hmacWithSHA1'];
$params = ASN1::asn1map($temp[0], Maps\PBKDF2params::MAP); $params = ASN1::asn1map($temp[0], Maps\PBKDF2params::MAP);
extract($params); extract($params);
@ -395,7 +410,7 @@ abstract class PKCS8 extends PKCS
$cipher->setPassword(...$params); $cipher->setPassword(...$params);
$key = $cipher->decrypt($decrypted['encryptedData']); $key = $cipher->decrypt($decrypted['encryptedData']);
$decoded = ASN1::decodeBER($key); $decoded = ASN1::decodeBER($key);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER 3'); throw new \RuntimeException('Unable to decode BER 3');
} }
break; break;
@ -619,7 +634,7 @@ abstract class PKCS8 extends PKCS
} }
$decoded = ASN1::decodeBER($key); $decoded = ASN1::decodeBER($key);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER'); throw new \RuntimeException('Unable to decode BER');
} }
@ -640,12 +655,18 @@ abstract class PKCS8 extends PKCS
if ($r['encryptionAlgorithm']['algorithm'] == 'id-PBES2') { if ($r['encryptionAlgorithm']['algorithm'] == 'id-PBES2') {
$decoded = ASN1::decodeBER($r['encryptionAlgorithm']['parameters']->element); $decoded = ASN1::decodeBER($r['encryptionAlgorithm']['parameters']->element);
if (!$decoded) {
throw new \RuntimeException('Unable to decode BER');
}
$r['encryptionAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], ASN1\Maps\PBES2params::MAP); $r['encryptionAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], ASN1\Maps\PBES2params::MAP);
$kdf = &$r['encryptionAlgorithm']['parameters']['keyDerivationFunc']; $kdf = &$r['encryptionAlgorithm']['parameters']['keyDerivationFunc'];
switch ($kdf['algorithm']) { switch ($kdf['algorithm']) {
case 'id-PBKDF2': case 'id-PBKDF2':
$decoded = ASN1::decodeBER($kdf['parameters']->element); $decoded = ASN1::decodeBER($kdf['parameters']->element);
if (!$decoded) {
throw new \RuntimeException('Unable to decode BER');
}
$kdf['parameters'] = ASN1::asn1map($decoded[0], Maps\PBKDF2params::MAP); $kdf['parameters'] = ASN1::asn1map($decoded[0], Maps\PBKDF2params::MAP);
} }
} }

2
phpseclib/Crypt/DH/Formats/Keys/PKCS1.php
View File

@ -46,7 +46,7 @@ abstract class PKCS1 extends Progenitor
$key = parent::load($key, $password); $key = parent::load($key, $password);
$decoded = ASN1::decodeBER($key); $decoded = ASN1::decodeBER($key);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER'); throw new \RuntimeException('Unable to decode BER');
} }

3
phpseclib/Crypt/DH/Formats/Keys/PKCS8.php
View File

@ -91,8 +91,7 @@ abstract class PKCS8 extends Progenitor
$decoded = ASN1::decodeBER($key[$type]); $decoded = ASN1::decodeBER($key[$type]);
switch (true) { switch (true) {
case empty($decoded): case !isset($decoded):
case !is_array($decoded):
case !isset($decoded[0]['content']): case !isset($decoded[0]['content']):
case !$decoded[0]['content'] instanceof BigInteger: case !$decoded[0]['content'] instanceof BigInteger:
throw new \RuntimeException('Unable to decode BER of parameters'); throw new \RuntimeException('Unable to decode BER of parameters');

2
phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php
View File

@ -53,7 +53,7 @@ abstract class PKCS1 extends Progenitor
$key = parent::load($key, $password); $key = parent::load($key, $password);
$decoded = ASN1::decodeBER($key); $decoded = ASN1::decodeBER($key);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER'); throw new \RuntimeException('Unable to decode BER');
} }

2
phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php
View File

@ -85,7 +85,7 @@ abstract class PKCS8 extends Progenitor
} }
$decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER of parameters'); throw new \RuntimeException('Unable to decode BER of parameters');
} }
$components = ASN1::asn1map($decoded[0], Maps\DSAParams::MAP); $components = ASN1::asn1map($decoded[0], Maps\DSAParams::MAP);

6
phpseclib/Crypt/EC/Formats/Keys/PKCS1.php
View File

@ -68,7 +68,7 @@ abstract class PKCS1 extends Progenitor
preg_match('#-*BEGIN EC PRIVATE KEY-*[^-]*-*END EC PRIVATE KEY-*#s', $key, $matches); preg_match('#-*BEGIN EC PRIVATE KEY-*[^-]*-*END EC PRIVATE KEY-*#s', $key, $matches);
$decoded = parent::load($matches[0], $password); $decoded = parent::load($matches[0], $password);
$decoded = ASN1::decodeBER($decoded); $decoded = ASN1::decodeBER($decoded);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER'); throw new \RuntimeException('Unable to decode BER');
} }
@ -84,7 +84,7 @@ abstract class PKCS1 extends Progenitor
preg_match('#-*BEGIN EC PARAMETERS-*[^-]*-*END EC PARAMETERS-*#s', $key, $matches); preg_match('#-*BEGIN EC PARAMETERS-*[^-]*-*END EC PARAMETERS-*#s', $key, $matches);
$decoded = parent::load($matches[0], ''); $decoded = parent::load($matches[0], '');
$decoded = ASN1::decodeBER($decoded); $decoded = ASN1::decodeBER($decoded);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER'); throw new \RuntimeException('Unable to decode BER');
} }
$ecParams = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); $ecParams = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP);
@ -115,7 +115,7 @@ abstract class PKCS1 extends Progenitor
$key = parent::load($key, $password); $key = parent::load($key, $password);
$decoded = ASN1::decodeBER($key); $decoded = ASN1::decodeBER($key);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER'); throw new \RuntimeException('Unable to decode BER');
} }

6
phpseclib/Crypt/EC/Formats/Keys/PKCS8.php
View File

@ -100,6 +100,9 @@ abstract class PKCS8 extends Progenitor
} }
$decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element); $decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element);
if (!$decoded) {
throw new \RuntimeException('Unable to decode BER');
}
$params = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP); $params = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP);
if (!$params) { if (!$params) {
throw new \RuntimeException('Unable to decode the parameters using Maps\ECParameters'); throw new \RuntimeException('Unable to decode the parameters using Maps\ECParameters');
@ -115,6 +118,9 @@ abstract class PKCS8 extends Progenitor
} }
$decoded = ASN1::decodeBER($key['privateKey']); $decoded = ASN1::decodeBER($key['privateKey']);
if (!$decoded) {
throw new \RuntimeException('Unable to decode BER');
}
$key = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP); $key = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP);
if (isset($key['parameters']) && $params != $key['parameters']) { if (isset($key['parameters']) && $params != $key['parameters']) {
throw new \RuntimeException('The PKCS8 parameter field does not match the private key parameter field'); throw new \RuntimeException('The PKCS8 parameter field does not match the private key parameter field');

2
phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php
View File

@ -60,7 +60,7 @@ abstract class PKCS1 extends Progenitor
$key = parent::load($key, $password); $key = parent::load($key, $password);
$decoded = ASN1::decodeBER($key); $decoded = ASN1::decodeBER($key);
if (empty($decoded)) { if (!$decoded) {
throw new \RuntimeException('Unable to decode BER'); throw new \RuntimeException('Unable to decode BER');
} }

16
phpseclib/File/ASN1.php
View File

@ -194,7 +194,7 @@ abstract class ASN1
* *
* @param Element|string $encoded * @param Element|string $encoded
*/ */
public static function decodeBER($encoded): array public static function decodeBER($encoded): ?array
{ {
if ($encoded instanceof Element) { if ($encoded instanceof Element) {
$encoded = $encoded->element; $encoded = $encoded->element;
@ -202,10 +202,12 @@ abstract class ASN1
self::$encoded = $encoded; self::$encoded = $encoded;
$decoded = [self::decode_ber($encoded)]; $decoded = self::decode_ber($encoded);
if ($decoded === false) {
return null;
}
// encapsulate in an array for BC with the old decodeBER return [self::decode_ber($encoded)];
return $decoded;
} }
/** /**
@ -512,12 +514,8 @@ abstract class ASN1
* @param array|bool $decoded * @param array|bool $decoded
* @return array|bool|Element|string|null * @return array|bool|Element|string|null
*/ */
public static function asn1map($decoded, array $mapping, array $special = []) public static function asn1map(array $decoded, array $mapping, array $special = [])
{ {
if (!is_array($decoded)) {
return false;
}
if (isset($mapping['explicit']) && is_array($decoded['content'])) { if (isset($mapping['explicit']) && is_array($decoded['content'])) {
$decoded = $decoded['content'][0]; $decoded = $decoded['content'][0];
} }

58
phpseclib/File/X509.php
View File

@ -426,7 +426,7 @@ class X509
* *
* Returns an associative array describing the X.509 cert or a false if the cert failed to load * Returns an associative array describing the X.509 cert or a false if the cert failed to load
* *
* @param string|array $cert * @param array|string $cert
*/ */
public function loadX509($cert, int $mode = self::FORMAT_AUTO_DETECT) public function loadX509($cert, int $mode = self::FORMAT_AUTO_DETECT)
{ {
@ -462,7 +462,7 @@ class X509
$decoded = ASN1::decodeBER($cert); $decoded = ASN1::decodeBER($cert);
if (!empty($decoded)) { if ($decoded) {
$x509 = ASN1::asn1map($decoded[0], Maps\Certificate::MAP); $x509 = ASN1::asn1map($decoded[0], Maps\Certificate::MAP);
} }
if (!isset($x509) || $x509 === false) { if (!isset($x509) || $x509 === false) {
@ -497,8 +497,7 @@ class X509
/** /**
* Save X.509 certificate * Save X.509 certificate
* *
* @param int $format optional * @return string|false
* @return string
*/ */
public function saveX509(array $cert, int $format = self::FORMAT_PEM) public function saveX509(array $cert, int $format = self::FORMAT_PEM)
{ {
@ -566,8 +565,6 @@ class X509
/** /**
* Map extension values from octet string to extension-specific internal * Map extension values from octet string to extension-specific internal
* format. * format.
*
* @param array $root (by reference)
*/ */
private function mapInExtensions(array &$root, string $path): void private function mapInExtensions(array &$root, string $path): void
{ {
@ -585,6 +582,9 @@ class X509
[static::class, 'decodeNameConstraintIP'] : [static::class, 'decodeNameConstraintIP'] :
[static::class, 'decodeIP']; [static::class, 'decodeIP'];
$decoded = ASN1::decodeBER($value); $decoded = ASN1::decodeBER($value);
if (!$decoded) {
continue;
}
$mapped = ASN1::asn1map($decoded[0], $map, ['iPAddress' => $decoder]); $mapped = ASN1::asn1map($decoded[0], $map, ['iPAddress' => $decoder]);
$value = $mapped === false ? $decoded[0] : $mapped; $value = $mapped === false ? $decoded[0] : $mapped;
@ -599,6 +599,9 @@ class X509
$subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier'];
if ($map !== false) { if ($map !== false) {
$decoded = ASN1::decodeBER($subvalue); $decoded = ASN1::decodeBER($subvalue);
if (!$decoded) {
continue;
}
$mapped = ASN1::asn1map($decoded[0], $map); $mapped = ASN1::asn1map($decoded[0], $map);
$subvalue = $mapped === false ? $decoded[0] : $mapped; $subvalue = $mapped === false ? $decoded[0] : $mapped;
} }
@ -613,8 +616,6 @@ class X509
/** /**
* Map extension values from extension-specific internal format to * Map extension values from extension-specific internal format to
* octet string. * octet string.
*
* @param array $root (by reference)
*/ */
private function mapOutExtensions(array &$root, string $path): void private function mapOutExtensions(array &$root, string $path): void
{ {
@ -712,6 +713,9 @@ class X509
$value = ASN1::encodeDER($values[$j], Maps\AttributeValue::MAP); $value = ASN1::encodeDER($values[$j], Maps\AttributeValue::MAP);
$decoded = ASN1::decodeBER($value); $decoded = ASN1::decodeBER($value);
if (!is_bool($map)) { if (!is_bool($map)) {
if (!$decoded) {
continue;
}
$mapped = ASN1::asn1map($decoded[0], $map); $mapped = ASN1::asn1map($decoded[0], $map);
if ($mapped !== false) { if ($mapped !== false) {
$values[$j] = $mapped; $values[$j] = $mapped;
@ -760,6 +764,9 @@ class X509
if (!is_bool($map)) { if (!is_bool($map)) {
$temp = ASN1::encodeDER($values[$j], $map); $temp = ASN1::encodeDER($values[$j], $map);
$decoded = ASN1::decodeBER($temp); $decoded = ASN1::decodeBER($temp);
if (!$decoded) {
continue;
}
$values[$j] = ASN1::asn1map($decoded[0], Maps\AttributeValue::MAP); $values[$j] = ASN1::asn1map($decoded[0], Maps\AttributeValue::MAP);
} }
} }
@ -771,8 +778,6 @@ class X509
/** /**
* Map DN values from ANY type to DN-specific internal * Map DN values from ANY type to DN-specific internal
* format. * format.
*
* @param array $root (by reference)
*/ */
private function mapInDNs(array &$root, string $path): void private function mapInDNs(array &$root, string $path): void
{ {
@ -787,6 +792,9 @@ class X509
$map = $this->getMapping($type); $map = $this->getMapping($type);
if (!is_bool($map)) { if (!is_bool($map)) {
$decoded = ASN1::decodeBER($value); $decoded = ASN1::decodeBER($value);
if (!$decoded) {
continue;
}
$value = ASN1::asn1map($decoded[0], $map); $value = ASN1::asn1map($decoded[0], $map);
} }
} }
@ -1615,9 +1623,6 @@ class X509
/** /**
* Get Distinguished Name properties * Get Distinguished Name properties
*
* @param array|null $dn optional
* @param bool $withType optional
*/ */
public function getDNProp(string $propName, array $dn = null, bool $withType = false) public function getDNProp(string $propName, array $dn = null, bool $withType = false)
{ {
@ -1661,6 +1666,9 @@ class X509
$map = $this->getMapping($propName); $map = $this->getMapping($propName);
if (!is_bool($map)) { if (!is_bool($map)) {
$decoded = ASN1::decodeBER($v); $decoded = ASN1::decodeBER($v);
if (!$decoded) {
return false;
}
$v = ASN1::asn1map($decoded[0], $map); $v = ASN1::asn1map($decoded[0], $map);
} }
} }
@ -2099,7 +2107,7 @@ class X509
$decoded = ASN1::decodeBER($csr); $decoded = ASN1::decodeBER($csr);
if (empty($decoded)) { if (!$decoded) {
$this->currentCert = false; $this->currentCert = false;
return false; return false;
} }
@ -2136,8 +2144,7 @@ class X509
/** /**
* Save CSR request * Save CSR request
* *
* @param int $format optional * @return string|false
* @return string
*/ */
public function saveCSR(array $csr, int $format = self::FORMAT_PEM) public function saveCSR(array $csr, int $format = self::FORMAT_PEM)
{ {
@ -2208,7 +2215,7 @@ class X509
$decoded = ASN1::decodeBER($spkac); $decoded = ASN1::decodeBER($spkac);
if (empty($decoded)) { if (!$decoded) {
$this->currentCert = false; $this->currentCert = false;
return false; return false;
} }
@ -2242,7 +2249,7 @@ class X509
* Save a SPKAC CSR request * Save a SPKAC CSR request
* *
* @param int $format optional * @param int $format optional
* @return string * @return string|false
*/ */
public function saveSPKAC(array $spkac, int $format = self::FORMAT_PEM) public function saveSPKAC(array $spkac, int $format = self::FORMAT_PEM)
{ {
@ -2301,7 +2308,7 @@ class X509
$decoded = ASN1::decodeBER($crl); $decoded = ASN1::decodeBER($crl);
if (empty($decoded)) { if (!$decoded) {
$this->currentCert = false; $this->currentCert = false;
return false; return false;
} }
@ -2420,8 +2427,7 @@ class X509
* $subject can be either an existing X.509 cert (if you want to resign it), * $subject can be either an existing X.509 cert (if you want to resign it),
* a CSR or something with the DN and public key explicitly set. * a CSR or something with the DN and public key explicitly set.
* *
* @param \phpseclib3\File\X509 $issuer * @return mixed
* @param \phpseclib3\File\X509 $subject
*/ */
public function sign(X509 $issuer, X509 $subject) public function sign(X509 $issuer, X509 $subject)
{ {
@ -2725,8 +2731,7 @@ class X509
* *
* $issuer's private key needs to be loaded. * $issuer's private key needs to be loaded.
* *
* @param \phpseclib3\File\X509 $issuer * @return mixed
* @param \phpseclib3\File\X509 $crl
*/ */
public function signCRL(X509 $issuer, X509 $crl) public function signCRL(X509 $issuer, X509 $crl)
{ {
@ -2971,8 +2976,6 @@ class X509
* This is intended for use in conjunction with _subArrayUnchecked(), * This is intended for use in conjunction with _subArrayUnchecked(),
* implementing the checks included in _subArray() but without copying * implementing the checks included in _subArray() but without copying
* a potentially large array by passing its reference by-value to is_array(). * a potentially large array by passing its reference by-value to is_array().
*
* @return boolean
*/ */
private function isSubArrayValid(array $root, string $path): bool private function isSubArrayValid(array $root, string $path): bool
{ {
@ -3474,7 +3477,7 @@ class X509
case $key instanceof Element: case $key instanceof Element:
// Assume the element is a bitstring-packed key. // Assume the element is a bitstring-packed key.
$decoded = ASN1::decodeBER($key->element); $decoded = ASN1::decodeBER($key->element);
if (empty($decoded)) { if (!$decoded) {
return false; return false;
} }
$raw = ASN1::asn1map($decoded[0], ['type' => ASN1::TYPE_BIT_STRING]); $raw = ASN1::asn1map($decoded[0], ['type' => ASN1::TYPE_BIT_STRING]);
@ -3533,6 +3536,9 @@ class X509
$publicKey = base64_decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->toString($format))); $publicKey = base64_decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->toString($format)));
$decoded = ASN1::decodeBER($publicKey); $decoded = ASN1::decodeBER($publicKey);
if (!$decoded) {
return false;
}
$mapped = ASN1::asn1map($decoded[0], Maps\SubjectPublicKeyInfo::MAP); $mapped = ASN1::asn1map($decoded[0], Maps\SubjectPublicKeyInfo::MAP);
if (!is_array($mapped)) { if (!is_array($mapped)) {
return false; return false;

5
phpseclib/System/SSH/Agent.php
View File

@ -38,6 +38,7 @@ use phpseclib3\Common\Functions\Strings;
use phpseclib3\Crypt\PublicKeyLoader; use phpseclib3\Crypt\PublicKeyLoader;
use phpseclib3\Crypt\RSA; use phpseclib3\Crypt\RSA;
use phpseclib3\Exception\BadConfigurationException; use phpseclib3\Exception\BadConfigurationException;
use phpseclib3\Net\SSH2;
use phpseclib3\System\SSH\Agent\Identity; use phpseclib3\System\SSH\Agent\Identity;
/** /**
@ -211,7 +212,7 @@ class Agent
/** /**
* Request agent forwarding of remote server * Request agent forwarding of remote server
*/ */
private function request_forwarding(\phpseclib3\Net\SSH2 $ssh): bool private function request_forwarding(SSH2 $ssh)
{ {
if (!$ssh->requestAgentForwarding()) { if (!$ssh->requestAgentForwarding()) {
return false; return false;
@ -229,7 +230,7 @@ class Agent
* open to give the SSH Agent an opportunity * open to give the SSH Agent an opportunity
* to take further action. i.e. request agent forwarding * to take further action. i.e. request agent forwarding
*/ */
public function registerChannelOpen(\phpseclib3\Net\SSH2 $ssh): void public function registerChannelOpen(SSH2 $ssh)
{ {
if ($this->forward_status == self::FORWARD_REQUEST) { if ($this->forward_status == self::FORWARD_REQUEST) {
$this->request_forwarding($ssh); $this->request_forwarding($ssh);

18
tests/Unit/File/ASN1Test.php
View File

@ -409,47 +409,47 @@ class ASN1Test extends PhpseclibTestCase
{ {
$em = pack('H*', '3080305c0609608648016503040201054f8888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888804207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $em = pack('H*', '3080305c0609608648016503040201054f8888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888804207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9');
$decoded = ASN1::decodeBER($em); $decoded = ASN1::decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertNull($decoded);
$em = pack('H*', '3080307f0609608648016503040201057288888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888804207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca90000'); $em = pack('H*', '3080307f0609608648016503040201057288888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888804207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca90000');
$decoded = ASN1::decodeBER($em); $decoded = ASN1::decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertNull($decoded);
} }
public function testOIDGarbage(): void public function testOIDGarbage(): void
{ {
$em = pack('H*', '3080305c065860864801650304020188888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $em = pack('H*', '3080305c065860864801650304020188888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9');
$decoded = ASN1::decodeBER($em); $decoded = ASN1::decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertNull($decoded);
$em = pack('H*', '3080307f067d608648016503040201888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888804207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $em = pack('H*', '3080307f067d608648016503040201888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888804207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9');
$decoded = ASN1::decodeBER($em); $decoded = ASN1::decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertNull($decoded);
} }
public function testConstructedMismatch(): void public function testConstructedMismatch(): void
{ {
$em = pack('H*', '1031300d0609608648016503040201050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $em = pack('H*', '1031300d0609608648016503040201050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9');
$decoded = ASN1::decodeBER($em); $decoded = ASN1::decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertNull($decoded);
$em = pack('H*', '3031100d0609608648016503040201050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $em = pack('H*', '3031100d0609608648016503040201050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9');
$decoded = ASN1::decodeBER($em); $decoded = ASN1::decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertNull($decoded);
$em = pack('H*', '3031300d2609608648016503040201050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $em = pack('H*', '3031300d2609608648016503040201050004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9');
$decoded = ASN1::decodeBER($em); $decoded = ASN1::decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertNull($decoded);
$em = pack('H*', '3031300d06096086480165030402012d0004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $em = pack('H*', '3031300d06096086480165030402012d0004207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9');
$decoded = ASN1::decodeBER($em); $decoded = ASN1::decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertNull($decoded);
} }
public function testBadTagSecondOctet(): void public function testBadTagSecondOctet(): void
{ {
$em = pack('H*', '3033300f1f808080060960864801650304020104207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9'); $em = pack('H*', '3033300f1f808080060960864801650304020104207509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9');
$decoded = ASN1::decodeBER($em); $decoded = ASN1::decodeBER($em);
$this->assertFalse($decoded[0]); $this->assertNull($decoded);
} }
} }

3
tests/Unit/Math/BigInteger/TestCase.php
View File

@ -384,9 +384,6 @@ abstract class TestCase extends PhpseclibTestCase
); );
} }
/**
* @requires PHP 5.6
*/
public function testDebugInfo(): void public function testDebugInfo(): void
{ {
$num = $this->getInstance(50); $num = $this->getInstance(50);