diff --git a/phpseclib/Crypt/Common/Fingerprint.php b/phpseclib/Crypt/Common/Fingerprint.php index 4a81ee9d..0a87d07e 100644 --- a/phpseclib/Crypt/Common/Fingerprint.php +++ b/phpseclib/Crypt/Common/Fingerprint.php @@ -40,17 +40,14 @@ trait Fingerprint */ public function getFingerprint($algorithm = 'md5') { - $type = self::validatePlugin('Keys', 'OpenSSH', 'getBinaryOutput'); + $type = self::validatePlugin('Keys', 'OpenSSH', 'savePublicKey'); if ($type === false) { return false; } - $status = $type::getBinaryOutput(); - $type::setBinaryOutput(true); - $key = $this->toString('OpenSSH'); + $key = $this->toString('OpenSSH', ['binary' => true]); if ($key === false) { return false; } - $type::setBinaryOutput($status); switch ($algorithm) { case 'sha256': $hash = new Hash('sha256'); diff --git a/phpseclib/Crypt/Common/Keys/OpenSSH.php b/phpseclib/Crypt/Common/Keys/OpenSSH.php index b66beab8..c1b43fa3 100644 --- a/phpseclib/Crypt/Common/Keys/OpenSSH.php +++ b/phpseclib/Crypt/Common/Keys/OpenSSH.php @@ -125,15 +125,4 @@ abstract class OpenSSH { self::$binary = $enabled; } - - /** - * Returns the current binary output value - * - * @access public - * @return bool - */ - public static function getBinaryOutput() - { - return (bool) self::$binary; - } } diff --git a/phpseclib/Crypt/Common/Keys/PKCS1.php b/phpseclib/Crypt/Common/Keys/PKCS1.php index 297f1c85..7a16f8bd 100644 --- a/phpseclib/Crypt/Common/Keys/PKCS1.php +++ b/phpseclib/Crypt/Common/Keys/PKCS1.php @@ -179,9 +179,10 @@ abstract class PKCS1 extends PKCS * @param string $key * @param string $type * @param string $password + * @param array $options optional * @return string */ - protected static function wrapPrivateKey($key, $type, $password) + protected static function wrapPrivateKey($key, $type, $password, $options = []) { if (empty($password) || !is_string($password)) { return "-----BEGIN $type PRIVATE KEY-----\r\n" . @@ -189,14 +190,16 @@ abstract class PKCS1 extends PKCS "-----END $type PRIVATE KEY-----"; } - $cipher = self::getEncryptionObject(self::$defaultEncryptionAlgorithm); + $encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm; + + $cipher = self::getEncryptionObject($encryptionAlgorithm); $iv = Random::string($cipher->getBlockLength() >> 3); $cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3)); $cipher->setIV($iv); $iv = strtoupper(Hex::encode($iv)); return "-----BEGIN $type PRIVATE KEY-----\r\n" . "Proc-Type: 4,ENCRYPTED\r\n" . - "DEK-Info: " . self::$defaultEncryptionAlgorithm . ",$iv\r\n" . + "DEK-Info: " . $encryptionAlgorithm. ",$iv\r\n" . "\r\n" . chunk_split(Base64::encode($cipher->encrypt($key)), 64) . "-----END $type PRIVATE KEY-----"; diff --git a/phpseclib/Crypt/Common/Keys/PKCS8.php b/phpseclib/Crypt/Common/Keys/PKCS8.php index f350ca6d..8b3921a7 100644 --- a/phpseclib/Crypt/Common/Keys/PKCS8.php +++ b/phpseclib/Crypt/Common/Keys/PKCS8.php @@ -526,9 +526,10 @@ abstract class PKCS8 extends PKCS * @param string $password * @param string $oid optional * @param string $publicKey optional + * @param array $options optional * @return string */ - protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = null, $publicKey = '') + protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = null, $publicKey = '', $options = []) { self::initialize_static_variables(); @@ -550,18 +551,22 @@ abstract class PKCS8 extends PKCS $key = ASN1::encodeDER($key, Maps\OneAsymmetricKey::MAP); if (!empty($password) && is_string($password)) { $salt = Random::string(8); - $iterationCount = self::$defaultIterationCount; - if (self::$defaultEncryptionAlgorithm == 'id-PBES2') { - $crypto = self::getPBES2EncryptionObject(self::$defaultEncryptionScheme); - $hash = str_replace('-', '/', substr(self::$defaultPRF, 11)); + $iterationCount = isset($options['iterationCount']) ? $options['iterationCount'] : self::$defaultIterationCount; + $encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm; + $encryptionScheme = isset($options['encryptionScheme']) ? $options['encryptionScheme'] : self::$defaultEncryptionScheme; + $prf = isset($options['PRF']) ? $options['PRF'] : self::$defaultPRF; + + if ($encryptionAlgorithm == 'id-PBES2') { + $crypto = self::getPBES2EncryptionObject($encryptionScheme); + $hash = str_replace('-', '/', substr($prf, 11)); $kdf = 'pbkdf2'; $iv = Random::string($crypto->getBlockLength() >> 3); $PBKDF2params = [ 'salt' => $salt, 'iterationCount' => $iterationCount, - 'prf' => ['algorithm' => self::$defaultPRF, 'parameters' => null] + 'prf' => ['algorithm' => $prf, 'parameters' => null] ]; $PBKDF2params = ASN1::encodeDER($PBKDF2params, Maps\PBKDF2params::MAP); @@ -582,7 +587,7 @@ abstract class PKCS8 extends PKCS 'parameters' => new ASN1\Element($PBKDF2params) ], 'encryptionScheme' => [ - 'algorithm' => self::$defaultEncryptionScheme, + 'algorithm' => $encryptionScheme, 'parameters' => $params ] ]; @@ -590,9 +595,9 @@ abstract class PKCS8 extends PKCS $crypto->setIV($iv); } else { - $crypto = self::getPBES1EncryptionObject(self::$defaultEncryptionAlgorithm); - $hash = self::getPBES1Hash(self::$defaultEncryptionAlgorithm); - $kdf = self::getPBES1KDF(self::$defaultEncryptionAlgorithm); + $crypto = self::getPBES1EncryptionObject($encryptionAlgorithm); + $hash = self::getPBES1Hash($encryptionAlgorithm); + $kdf = self::getPBES1KDF($encryptionAlgorithm); $params = [ 'salt' => $salt, @@ -605,7 +610,7 @@ abstract class PKCS8 extends PKCS $key = [ 'encryptionAlgorithm' => [ - 'algorithm' => self::$defaultEncryptionAlgorithm, + 'algorithm' => $encryptionAlgorithm, 'parameters' => new ASN1\Element($params) ], 'encryptedData' => $key diff --git a/phpseclib/Crypt/Common/Keys/PuTTY.php b/phpseclib/Crypt/Common/Keys/PuTTY.php index 0371552c..11159bba 100644 --- a/phpseclib/Crypt/Common/Keys/PuTTY.php +++ b/phpseclib/Crypt/Common/Keys/PuTTY.php @@ -172,9 +172,10 @@ abstract class PuTTY * @param string $private * @param string $type * @param string $password + * @param array $options optional * @return string */ - protected static function wrapPrivateKey($public, $private, $type, $password) + protected static function wrapPrivateKey($public, $private, $type, $password, $options = []) { $key = "PuTTY-User-Key-File-2: " . $type . "\r\nEncryption: "; $encryption = (!empty($password) || is_string($password)) ? 'aes256-cbc' : 'none'; @@ -183,7 +184,8 @@ abstract class PuTTY $public = Strings::packSSH2('s', $type) . $public; - $source = Strings::packSSH2('ssss', $type, $encryption, self::$comment, $public); + $comment = isset($options['comment']) ? $options['comment'] : self::$comment; + $source = Strings::packSSH2('ssss', $type, $encryption, $comment, $public); $public = Base64::encode($public); $key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n"; diff --git a/phpseclib/Crypt/DSA/Keys/OpenSSH.php b/phpseclib/Crypt/DSA/Keys/OpenSSH.php index 4b4163c8..65a9c417 100644 --- a/phpseclib/Crypt/DSA/Keys/OpenSSH.php +++ b/phpseclib/Crypt/DSA/Keys/OpenSSH.php @@ -62,9 +62,10 @@ abstract class OpenSSH extends Progenitor * @param \phpseclib\Math\BigInteger $q * @param \phpseclib\Math\BigInteger $g * @param \phpseclib\Math\BigInteger $y + * @param array $options optional * @return string */ - public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) + public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, $options = []) { if ($q->getLength() != 160) { throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160'); @@ -78,11 +79,12 @@ abstract class OpenSSH extends Progenitor // mpint y $DSAPublicKey = Strings::packSSH2('siiii', 'ssh-dss', $p, $q, $g, $y); - if (self::$binary) { + if (isset($options['binary']) ? $options['binary'] : self::$binary) { return $DSAPublicKey; } - $DSAPublicKey = 'ssh-dss ' . Base64::encode($DSAPublicKey) . ' ' . self::$comment; + $comment = isset($options['comment']) ? $options['comment'] : self::$comment; + $DSAPublicKey = 'ssh-dss ' . Base64::encode($DSAPublicKey) . ' ' . $comment; return $DSAPublicKey; } diff --git a/phpseclib/Crypt/DSA/Keys/PKCS1.php b/phpseclib/Crypt/DSA/Keys/PKCS1.php index 7d569409..54e08208 100644 --- a/phpseclib/Crypt/DSA/Keys/PKCS1.php +++ b/phpseclib/Crypt/DSA/Keys/PKCS1.php @@ -113,9 +113,10 @@ abstract class PKCS1 extends Progenitor * @param \phpseclib\Math\BigInteger $x * @param \phpseclib\Math\BigInteger $y * @param string $password optional + * @param array $options optional * @return string */ - public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '') + public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', $options = []) { $key = [ 'version' => 0, @@ -128,7 +129,7 @@ abstract class PKCS1 extends Progenitor $key = ASN1::encodeDER($key, Maps\DSAPrivateKey::MAP); - return self::wrapPrivateKey($key, 'DSA', $password); + return self::wrapPrivateKey($key, 'DSA', $password, $options); } /** diff --git a/phpseclib/Crypt/DSA/Keys/PKCS8.php b/phpseclib/Crypt/DSA/Keys/PKCS8.php index f5447b46..661b723c 100644 --- a/phpseclib/Crypt/DSA/Keys/PKCS8.php +++ b/phpseclib/Crypt/DSA/Keys/PKCS8.php @@ -127,9 +127,10 @@ abstract class PKCS8 extends Progenitor * @param \phpseclib\Math\BigInteger $x * @param \phpseclib\Math\BigInteger $y * @param string $password optional + * @param array $options optional * @return string */ - public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '') + public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', $options = []) { $params = [ 'p' => $p, @@ -139,7 +140,7 @@ abstract class PKCS8 extends Progenitor $params = ASN1::encodeDER($params, Maps\DSAParams::MAP); $params = new ASN1\Element($params); $key = ASN1::encodeDER($x, Maps\DSAPublicKey::MAP); - return self::wrapPrivateKey($key, [], $params, $password); + return self::wrapPrivateKey($key, [], $params, $password, $options); } /** @@ -150,9 +151,10 @@ abstract class PKCS8 extends Progenitor * @param \phpseclib\Math\BigInteger $q * @param \phpseclib\Math\BigInteger $g * @param \phpseclib\Math\BigInteger $y + * @param array $options optional * @return string */ - public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) + public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, $options = []) { $params = [ 'p' => $p, diff --git a/phpseclib/Crypt/DSA/Keys/PuTTY.php b/phpseclib/Crypt/DSA/Keys/PuTTY.php index 2f85fcfe..03031fb6 100644 --- a/phpseclib/Crypt/DSA/Keys/PuTTY.php +++ b/phpseclib/Crypt/DSA/Keys/PuTTY.php @@ -91,9 +91,10 @@ abstract class PuTTY extends Progenitor * @param \phpseclib\Math\BigInteger $y * @param \phpseclib\Math\BigInteger $x * @param string $password optional + * @param array $options optional * @return string */ - public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = false) + public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = false, $options = []) { if ($q->getLength() != 160) { throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160'); @@ -102,7 +103,7 @@ abstract class PuTTY extends Progenitor $public = Strings::packSSH2('iiii', $p, $q, $g, $y); $private = Strings::packSSH2('i', $x); - return self::wrapPrivateKey($public, $private, 'ssh-dsa', $password); + return self::wrapPrivateKey($public, $private, 'ssh-dsa', $password, $options); } /** diff --git a/phpseclib/Crypt/DSA/Parameters.php b/phpseclib/Crypt/DSA/Parameters.php index 7a26b29a..b97c1dfe 100644 --- a/phpseclib/Crypt/DSA/Parameters.php +++ b/phpseclib/Crypt/DSA/Parameters.php @@ -25,15 +25,16 @@ use phpseclib\Crypt\DSA; class Parameters extends DSA { /** - * Returns the public key + * Returns the parameters * * @param string $type + * @param array $options optional * @return string */ - public function toString($type = 'PKCS1') + public function toString($type = 'PKCS1', $options = []) { $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); - return $type::saveParameters($this->p, $this->q, $this->g); + return $type::saveParameters($this->p, $this->q, $this->g, $options); } } diff --git a/phpseclib/Crypt/DSA/PrivateKey.php b/phpseclib/Crypt/DSA/PrivateKey.php index 7434ca9e..32e9fbda 100644 --- a/phpseclib/Crypt/DSA/PrivateKey.php +++ b/phpseclib/Crypt/DSA/PrivateKey.php @@ -144,9 +144,10 @@ class PrivateKey extends DSA implements Common\PrivateKey * Returns the private key * * @param string $type + * @param array $options optional * @return string */ - public function toString($type) + public function toString($type, $options = []) { $type = self::validatePlugin('Keys', $type, 'savePrivateKey'); @@ -154,6 +155,6 @@ class PrivateKey extends DSA implements Common\PrivateKey $this->y = $this->g->powMod($this->x, $this->p); } - return $type::savePrivateKey($this->p, $this->q, $this->g, $this->y, $this->x, $this->password); + return $type::savePrivateKey($this->p, $this->q, $this->g, $this->y, $this->x, $this->password, $options); } } diff --git a/phpseclib/Crypt/DSA/PublicKey.php b/phpseclib/Crypt/DSA/PublicKey.php index e8aca903..72ff5025 100644 --- a/phpseclib/Crypt/DSA/PublicKey.php +++ b/phpseclib/Crypt/DSA/PublicKey.php @@ -80,12 +80,13 @@ class PublicKey extends DSA implements Common\PublicKey * Returns the public key * * @param string $type + * @param array $options optional * @return string */ - public function toString($type) + public function toString($type, $options = []) { $type = self::validatePlugin('Keys', $type, 'savePublicKey'); - return $type::savePublicKey($this->p, $this->q, $this->g, $this->y); + return $type::savePublicKey($this->p, $this->q, $this->g, $this->y, $options); } } diff --git a/phpseclib/Crypt/ECDSA/Keys/OpenSSH.php b/phpseclib/Crypt/ECDSA/Keys/OpenSSH.php index 1ebeb270..c4b07341 100644 --- a/phpseclib/Crypt/ECDSA/Keys/OpenSSH.php +++ b/phpseclib/Crypt/ECDSA/Keys/OpenSSH.php @@ -186,10 +186,13 @@ abstract class OpenSSH extends Progenitor * @access public * @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve * @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey + * @param array $options optional * @return string */ - public static function savePublicKey(BaseCurve $curve, array $publicKey) + public static function savePublicKey(BaseCurve $curve, array $publicKey, $options = []) { + $comment = isset($options['comment']) ? $options['comment'] : self::$comment; + if ($curve instanceof Ed25519) { $key = Strings::packSSH2('ss', 'ssh-ed25519', $curve->encodePoint($publicKey)); @@ -197,7 +200,7 @@ abstract class OpenSSH extends Progenitor return $key; } - $key = 'ssh-ed25519 ' . Base64::encode($key) . ' ' . self::$comment; + $key = 'ssh-ed25519 ' . Base64::encode($key) . ' ' . $comment; return $key; } @@ -226,11 +229,11 @@ abstract class OpenSSH extends Progenitor $points = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); $key = Strings::packSSH2('sss', 'ecdsa-sha2-' . $alias, $alias, $points); - if (self::$binary) { + if (isset($options['binary']) ? $options['binary'] : self::$binary) { return $key; } - $key = 'ecdsa-sha2-' . $alias . ' ' . Base64::encode($key) . ' ' . self::$comment; + $key = 'ecdsa-sha2-' . $alias . ' ' . Base64::encode($key) . ' ' . $comment; return $key; } diff --git a/phpseclib/Crypt/ECDSA/Keys/PKCS1.php b/phpseclib/Crypt/ECDSA/Keys/PKCS1.php index aebc84eb..c9007b88 100644 --- a/phpseclib/Crypt/ECDSA/Keys/PKCS1.php +++ b/phpseclib/Crypt/ECDSA/Keys/PKCS1.php @@ -115,9 +115,10 @@ abstract class PKCS1 extends Progenitor * @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve * @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey * @param string $password optional + * @param array $options optional * @return string */ - public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = '') + public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = '', $options = []) { self::initialize_static_variables(); @@ -136,6 +137,6 @@ abstract class PKCS1 extends Progenitor $key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP); - return self::wrapPrivateKey($key, 'EC', $password); + return self::wrapPrivateKey($key, 'EC', $password, $options); } } diff --git a/phpseclib/Crypt/ECDSA/Keys/PKCS8.php b/phpseclib/Crypt/ECDSA/Keys/PKCS8.php index 3306e066..78b056f5 100644 --- a/phpseclib/Crypt/ECDSA/Keys/PKCS8.php +++ b/phpseclib/Crypt/ECDSA/Keys/PKCS8.php @@ -198,9 +198,10 @@ abstract class PKCS8 extends Progenitor * @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve * @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey * @param string $password optional + * @param array $options optional * @return string */ - public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = '') + public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = '', $options = []) { self::initialize_static_variables(); @@ -228,6 +229,6 @@ abstract class PKCS8 extends Progenitor $key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP); - return self::wrapPrivateKey($key, [], $params, $password, 'id-ecPublicKey'); + return self::wrapPrivateKey($key, [], $params, $password, 'id-ecPublicKey', $options); } } diff --git a/phpseclib/Crypt/ECDSA/Keys/PuTTY.php b/phpseclib/Crypt/ECDSA/Keys/PuTTY.php index ce4eb563..eedcc8db 100644 --- a/phpseclib/Crypt/ECDSA/Keys/PuTTY.php +++ b/phpseclib/Crypt/ECDSA/Keys/PuTTY.php @@ -96,9 +96,10 @@ abstract class PuTTY extends Progenitor * @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve * @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey * @param string $password optional + * @param array $options optional * @return string */ - public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = false) + public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = false, $options = []) { self::initialize_static_variables(); @@ -121,7 +122,7 @@ abstract class PuTTY extends Progenitor Strings::packSSH2('s', $privateKey->secret) : Strings::packSSH2('s', $private); - return self::wrapPrivateKey($public, $private, $name, $password); + return self::wrapPrivateKey($public, $private, $name, $password, $options); } /** diff --git a/phpseclib/Crypt/ECDSA/Parameters.php b/phpseclib/Crypt/ECDSA/Parameters.php index 040633ca..03d30261 100644 --- a/phpseclib/Crypt/ECDSA/Parameters.php +++ b/phpseclib/Crypt/ECDSA/Parameters.php @@ -25,15 +25,16 @@ use phpseclib\Crypt\ECDSA; class Parameters extends ECDSA { /** - * Returns the public key + * Returns the parameters * * @param string $type + * @param array $options optional * @return string */ - public function toString($type = 'PKCS1') + public function toString($type = 'PKCS1', $options = []) { $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters'); - return $type::saveParameters($this->curve); + return $type::saveParameters($this->curve, $options); } } diff --git a/phpseclib/Crypt/ECDSA/PrivateKey.php b/phpseclib/Crypt/ECDSA/PrivateKey.php index f79dabdb..82fdf015 100644 --- a/phpseclib/Crypt/ECDSA/PrivateKey.php +++ b/phpseclib/Crypt/ECDSA/PrivateKey.php @@ -182,13 +182,14 @@ class PrivateKey extends ECDSA implements Common\PrivateKey * Returns the private key * * @param string $type + * @param array $options optional * @return string */ - public function toString($type) + public function toString($type, $options = []) { $type = self::validatePlugin('Keys', $type, 'savePrivateKey'); - return $type::savePrivateKey($this->dA, $this->curve, $this->QA, $this->password); + return $type::savePrivateKey($this->dA, $this->curve, $this->QA, $this->password, $options); } /** diff --git a/phpseclib/Crypt/ECDSA/PublicKey.php b/phpseclib/Crypt/ECDSA/PublicKey.php index ef09a97e..459c468f 100644 --- a/phpseclib/Crypt/ECDSA/PublicKey.php +++ b/phpseclib/Crypt/ECDSA/PublicKey.php @@ -159,12 +159,13 @@ class PublicKey extends ECDSA implements Common\PublicKey * Returns the public key * * @param string $type + * @param array $options optional * @return string */ - public function toString($type) + public function toString($type, $options = []) { $type = self::validatePlugin('Keys', $type, 'savePublicKey'); - return $type::savePublicKey($this->curve, $this->QA); + return $type::savePublicKey($this->curve, $this->QA, $options); } } diff --git a/phpseclib/Crypt/RSA/Keys/OpenSSH.php b/phpseclib/Crypt/RSA/Keys/OpenSSH.php index 77545d25..5df9696e 100644 --- a/phpseclib/Crypt/RSA/Keys/OpenSSH.php +++ b/phpseclib/Crypt/RSA/Keys/OpenSSH.php @@ -63,17 +63,19 @@ abstract class OpenSSH extends Progenitor * @access public * @param \phpseclib\Math\BigInteger $n * @param \phpseclib\Math\BigInteger $e + * @param array $options optional * @return string */ - public static function savePublicKey(BigInteger $n, BigInteger $e) + public static function savePublicKey(BigInteger $n, BigInteger $e, $options = []) { $RSAPublicKey = Strings::packSSH2('sii', 'ssh-rsa', $e, $n); - if (self::$binary) { + if (isset($options['binary']) ? $options['binary'] : self::$binary) { return $RSAPublicKey; } - $RSAPublicKey = 'ssh-rsa ' . Base64::encode($RSAPublicKey) . ' ' . self::$comment; + $comment = isset($options['comment']) ? $options['comment'] : self::$comment; + $RSAPublicKey = 'ssh-rsa ' . Base64::encode($RSAPublicKey) . ' ' . $comment; return $RSAPublicKey; } diff --git a/phpseclib/Crypt/RSA/Keys/PKCS1.php b/phpseclib/Crypt/RSA/Keys/PKCS1.php index 6dbb46f4..e5152cc1 100644 --- a/phpseclib/Crypt/RSA/Keys/PKCS1.php +++ b/phpseclib/Crypt/RSA/Keys/PKCS1.php @@ -101,9 +101,10 @@ abstract class PKCS1 extends Progenitor * @param array $exponents * @param array $coefficients * @param string $password optional + * @param array $options optional * @return string */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '', $options = []) { $num_primes = count($primes); $key = [ @@ -127,7 +128,7 @@ abstract class PKCS1 extends Progenitor $key = ASN1::encodeDER($key, Maps\RSAPrivateKey::MAP); - return self::wrapPrivateKey($key, 'RSA', $password); + return self::wrapPrivateKey($key, 'RSA', $password, $options); } /** diff --git a/phpseclib/Crypt/RSA/Keys/PKCS8.php b/phpseclib/Crypt/RSA/Keys/PKCS8.php index 7b998c97..1178e93d 100644 --- a/phpseclib/Crypt/RSA/Keys/PKCS8.php +++ b/phpseclib/Crypt/RSA/Keys/PKCS8.php @@ -104,13 +104,14 @@ abstract class PKCS8 extends Progenitor * @param array $exponents * @param array $coefficients * @param string $password optional + * @param array $options optional * @return string */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '', $options = []) { $key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients); $key = ASN1::extractBER($key); - return self::wrapPrivateKey($key, [], null, $password); + return self::wrapPrivateKey($key, [], null, $password, $options); } /** @@ -119,9 +120,10 @@ abstract class PKCS8 extends Progenitor * @access public * @param \phpseclib\Math\BigInteger $n * @param \phpseclib\Math\BigInteger $e + * @param array $options optional * @return string */ - public static function savePublicKey(BigInteger $n, BigInteger $e) + public static function savePublicKey(BigInteger $n, BigInteger $e, $options = []) { $key = PKCS1::savePublicKey($n, $e); $key = ASN1::extractBER($key); diff --git a/phpseclib/Crypt/RSA/Keys/PuTTY.php b/phpseclib/Crypt/RSA/Keys/PuTTY.php index ea8d61b5..0fa54704 100644 --- a/phpseclib/Crypt/RSA/Keys/PuTTY.php +++ b/phpseclib/Crypt/RSA/Keys/PuTTY.php @@ -100,9 +100,10 @@ abstract class PuTTY extends Progenitor * @param array $exponents * @param array $coefficients * @param string $password optional + * @param array $options optional * @return string */ - public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '', $options = []) { if (count($primes) != 2) { throw new \InvalidArgumentException('PuTTY does not support multi-prime RSA keys'); @@ -111,7 +112,7 @@ abstract class PuTTY extends Progenitor $public = Strings::packSSH2('ii', $e, $n); $private = Strings::packSSH2('iiii', $d, $primes[1], $primes[2], $coefficients[2]); - return self::wrapPrivateKey($public, $private, 'ssh-rsa', $password); + return self::wrapPrivateKey($public, $private, 'ssh-rsa', $password, $options); } /** diff --git a/phpseclib/Crypt/RSA/PrivateKey.php b/phpseclib/Crypt/RSA/PrivateKey.php index 526fedf6..177ef9b9 100644 --- a/phpseclib/Crypt/RSA/PrivateKey.php +++ b/phpseclib/Crypt/RSA/PrivateKey.php @@ -514,9 +514,10 @@ class PrivateKey extends RSA implements Common\PrivateKey * Returns the private key * * @param string $type + * @param array $options optional * @return string */ - public function toString($type) + public function toString($type, $options = []) { $type = self::validatePlugin( 'Keys', @@ -528,10 +529,10 @@ class PrivateKey extends RSA implements Common\PrivateKey return $type::savePublicKey($this->modulus, $this->exponent); } - return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password); + return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password, $options); /* - $key = $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password); + $key = $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password, $options); if ($key !== false || count($this->primes) == 2) { return $key; } @@ -555,7 +556,7 @@ class PrivateKey extends RSA implements Common\PrivateKey $exponents[$i] = $this->modulus->modInverse($temp); } - return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $primes, $exponents, $coefficients, $this->password); + return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $primes, $exponents, $coefficients, $this->password, $options); */ } } diff --git a/phpseclib/Crypt/RSA/PublicKey.php b/phpseclib/Crypt/RSA/PublicKey.php index f602c346..66cc091e 100644 --- a/phpseclib/Crypt/RSA/PublicKey.php +++ b/phpseclib/Crypt/RSA/PublicKey.php @@ -465,13 +465,14 @@ class PublicKey extends RSA implements Common\PublicKey * function won't return it since this library, for the most part, doesn't distinguish between public and private keys. * * @param string $type + * @param array $options optional * @return mixed */ - public function toString($type) + public function toString($type, $options = []) { $type = self::validatePlugin('Keys', $type, 'savePublicKey'); - return $type::savePublicKey($this->modulus, $this->publicExponent); + return $type::savePublicKey($this->modulus, $this->publicExponent, $options); } /** diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index bd1eaa66..be95a0af 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -2447,10 +2447,7 @@ class SSH2 throw new UnsupportedAlgorithmException('Please use either an RSA key, an ECDSA one or a DSA key'); } - $status = OpenSSH::getBinaryOutput(); - OpenSSH::setBinaryOutput(true); - $publickeyStr = $publickey->toString('OpenSSH'); - OpenSSH::setBinaryOutput($status); + $publickeyStr = $publickey->toString('OpenSSH', ['binary' => true]); $part1 = Strings::packSSH2( 'Csss',