mirror of
https://github.com/phpseclib/phpseclib.git
synced 2025-01-16 03:22:17 +00:00
add second $options parameter to toString method for public keys
This commit is contained in:
parent
8017c74429
commit
b226c3d882
@ -40,17 +40,14 @@ trait Fingerprint
|
|||||||
*/
|
*/
|
||||||
public function getFingerprint($algorithm = 'md5')
|
public function getFingerprint($algorithm = 'md5')
|
||||||
{
|
{
|
||||||
$type = self::validatePlugin('Keys', 'OpenSSH', 'getBinaryOutput');
|
$type = self::validatePlugin('Keys', 'OpenSSH', 'savePublicKey');
|
||||||
if ($type === false) {
|
if ($type === false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$status = $type::getBinaryOutput();
|
$key = $this->toString('OpenSSH', ['binary' => true]);
|
||||||
$type::setBinaryOutput(true);
|
|
||||||
$key = $this->toString('OpenSSH');
|
|
||||||
if ($key === false) {
|
if ($key === false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$type::setBinaryOutput($status);
|
|
||||||
switch ($algorithm) {
|
switch ($algorithm) {
|
||||||
case 'sha256':
|
case 'sha256':
|
||||||
$hash = new Hash('sha256');
|
$hash = new Hash('sha256');
|
||||||
|
@ -125,15 +125,4 @@ abstract class OpenSSH
|
|||||||
{
|
{
|
||||||
self::$binary = $enabled;
|
self::$binary = $enabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns the current binary output value
|
|
||||||
*
|
|
||||||
* @access public
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public static function getBinaryOutput()
|
|
||||||
{
|
|
||||||
return (bool) self::$binary;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
@ -179,9 +179,10 @@ abstract class PKCS1 extends PKCS
|
|||||||
* @param string $key
|
* @param string $key
|
||||||
* @param string $type
|
* @param string $type
|
||||||
* @param string $password
|
* @param string $password
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
protected static function wrapPrivateKey($key, $type, $password)
|
protected static function wrapPrivateKey($key, $type, $password, $options = [])
|
||||||
{
|
{
|
||||||
if (empty($password) || !is_string($password)) {
|
if (empty($password) || !is_string($password)) {
|
||||||
return "-----BEGIN $type PRIVATE KEY-----\r\n" .
|
return "-----BEGIN $type PRIVATE KEY-----\r\n" .
|
||||||
@ -189,14 +190,16 @@ abstract class PKCS1 extends PKCS
|
|||||||
"-----END $type PRIVATE KEY-----";
|
"-----END $type PRIVATE KEY-----";
|
||||||
}
|
}
|
||||||
|
|
||||||
$cipher = self::getEncryptionObject(self::$defaultEncryptionAlgorithm);
|
$encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm;
|
||||||
|
|
||||||
|
$cipher = self::getEncryptionObject($encryptionAlgorithm);
|
||||||
$iv = Random::string($cipher->getBlockLength() >> 3);
|
$iv = Random::string($cipher->getBlockLength() >> 3);
|
||||||
$cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3));
|
$cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3));
|
||||||
$cipher->setIV($iv);
|
$cipher->setIV($iv);
|
||||||
$iv = strtoupper(Hex::encode($iv));
|
$iv = strtoupper(Hex::encode($iv));
|
||||||
return "-----BEGIN $type PRIVATE KEY-----\r\n" .
|
return "-----BEGIN $type PRIVATE KEY-----\r\n" .
|
||||||
"Proc-Type: 4,ENCRYPTED\r\n" .
|
"Proc-Type: 4,ENCRYPTED\r\n" .
|
||||||
"DEK-Info: " . self::$defaultEncryptionAlgorithm . ",$iv\r\n" .
|
"DEK-Info: " . $encryptionAlgorithm. ",$iv\r\n" .
|
||||||
"\r\n" .
|
"\r\n" .
|
||||||
chunk_split(Base64::encode($cipher->encrypt($key)), 64) .
|
chunk_split(Base64::encode($cipher->encrypt($key)), 64) .
|
||||||
"-----END $type PRIVATE KEY-----";
|
"-----END $type PRIVATE KEY-----";
|
||||||
|
@ -526,9 +526,10 @@ abstract class PKCS8 extends PKCS
|
|||||||
* @param string $password
|
* @param string $password
|
||||||
* @param string $oid optional
|
* @param string $oid optional
|
||||||
* @param string $publicKey optional
|
* @param string $publicKey optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = null, $publicKey = '')
|
protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = null, $publicKey = '', $options = [])
|
||||||
{
|
{
|
||||||
self::initialize_static_variables();
|
self::initialize_static_variables();
|
||||||
|
|
||||||
@ -550,18 +551,22 @@ abstract class PKCS8 extends PKCS
|
|||||||
$key = ASN1::encodeDER($key, Maps\OneAsymmetricKey::MAP);
|
$key = ASN1::encodeDER($key, Maps\OneAsymmetricKey::MAP);
|
||||||
if (!empty($password) && is_string($password)) {
|
if (!empty($password) && is_string($password)) {
|
||||||
$salt = Random::string(8);
|
$salt = Random::string(8);
|
||||||
$iterationCount = self::$defaultIterationCount;
|
|
||||||
|
|
||||||
if (self::$defaultEncryptionAlgorithm == 'id-PBES2') {
|
$iterationCount = isset($options['iterationCount']) ? $options['iterationCount'] : self::$defaultIterationCount;
|
||||||
$crypto = self::getPBES2EncryptionObject(self::$defaultEncryptionScheme);
|
$encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm;
|
||||||
$hash = str_replace('-', '/', substr(self::$defaultPRF, 11));
|
$encryptionScheme = isset($options['encryptionScheme']) ? $options['encryptionScheme'] : self::$defaultEncryptionScheme;
|
||||||
|
$prf = isset($options['PRF']) ? $options['PRF'] : self::$defaultPRF;
|
||||||
|
|
||||||
|
if ($encryptionAlgorithm == 'id-PBES2') {
|
||||||
|
$crypto = self::getPBES2EncryptionObject($encryptionScheme);
|
||||||
|
$hash = str_replace('-', '/', substr($prf, 11));
|
||||||
$kdf = 'pbkdf2';
|
$kdf = 'pbkdf2';
|
||||||
$iv = Random::string($crypto->getBlockLength() >> 3);
|
$iv = Random::string($crypto->getBlockLength() >> 3);
|
||||||
|
|
||||||
$PBKDF2params = [
|
$PBKDF2params = [
|
||||||
'salt' => $salt,
|
'salt' => $salt,
|
||||||
'iterationCount' => $iterationCount,
|
'iterationCount' => $iterationCount,
|
||||||
'prf' => ['algorithm' => self::$defaultPRF, 'parameters' => null]
|
'prf' => ['algorithm' => $prf, 'parameters' => null]
|
||||||
];
|
];
|
||||||
$PBKDF2params = ASN1::encodeDER($PBKDF2params, Maps\PBKDF2params::MAP);
|
$PBKDF2params = ASN1::encodeDER($PBKDF2params, Maps\PBKDF2params::MAP);
|
||||||
|
|
||||||
@ -582,7 +587,7 @@ abstract class PKCS8 extends PKCS
|
|||||||
'parameters' => new ASN1\Element($PBKDF2params)
|
'parameters' => new ASN1\Element($PBKDF2params)
|
||||||
],
|
],
|
||||||
'encryptionScheme' => [
|
'encryptionScheme' => [
|
||||||
'algorithm' => self::$defaultEncryptionScheme,
|
'algorithm' => $encryptionScheme,
|
||||||
'parameters' => $params
|
'parameters' => $params
|
||||||
]
|
]
|
||||||
];
|
];
|
||||||
@ -590,9 +595,9 @@ abstract class PKCS8 extends PKCS
|
|||||||
|
|
||||||
$crypto->setIV($iv);
|
$crypto->setIV($iv);
|
||||||
} else {
|
} else {
|
||||||
$crypto = self::getPBES1EncryptionObject(self::$defaultEncryptionAlgorithm);
|
$crypto = self::getPBES1EncryptionObject($encryptionAlgorithm);
|
||||||
$hash = self::getPBES1Hash(self::$defaultEncryptionAlgorithm);
|
$hash = self::getPBES1Hash($encryptionAlgorithm);
|
||||||
$kdf = self::getPBES1KDF(self::$defaultEncryptionAlgorithm);
|
$kdf = self::getPBES1KDF($encryptionAlgorithm);
|
||||||
|
|
||||||
$params = [
|
$params = [
|
||||||
'salt' => $salt,
|
'salt' => $salt,
|
||||||
@ -605,7 +610,7 @@ abstract class PKCS8 extends PKCS
|
|||||||
|
|
||||||
$key = [
|
$key = [
|
||||||
'encryptionAlgorithm' => [
|
'encryptionAlgorithm' => [
|
||||||
'algorithm' => self::$defaultEncryptionAlgorithm,
|
'algorithm' => $encryptionAlgorithm,
|
||||||
'parameters' => new ASN1\Element($params)
|
'parameters' => new ASN1\Element($params)
|
||||||
],
|
],
|
||||||
'encryptedData' => $key
|
'encryptedData' => $key
|
||||||
|
@ -172,9 +172,10 @@ abstract class PuTTY
|
|||||||
* @param string $private
|
* @param string $private
|
||||||
* @param string $type
|
* @param string $type
|
||||||
* @param string $password
|
* @param string $password
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
protected static function wrapPrivateKey($public, $private, $type, $password)
|
protected static function wrapPrivateKey($public, $private, $type, $password, $options = [])
|
||||||
{
|
{
|
||||||
$key = "PuTTY-User-Key-File-2: " . $type . "\r\nEncryption: ";
|
$key = "PuTTY-User-Key-File-2: " . $type . "\r\nEncryption: ";
|
||||||
$encryption = (!empty($password) || is_string($password)) ? 'aes256-cbc' : 'none';
|
$encryption = (!empty($password) || is_string($password)) ? 'aes256-cbc' : 'none';
|
||||||
@ -183,7 +184,8 @@ abstract class PuTTY
|
|||||||
|
|
||||||
$public = Strings::packSSH2('s', $type) . $public;
|
$public = Strings::packSSH2('s', $type) . $public;
|
||||||
|
|
||||||
$source = Strings::packSSH2('ssss', $type, $encryption, self::$comment, $public);
|
$comment = isset($options['comment']) ? $options['comment'] : self::$comment;
|
||||||
|
$source = Strings::packSSH2('ssss', $type, $encryption, $comment, $public);
|
||||||
|
|
||||||
$public = Base64::encode($public);
|
$public = Base64::encode($public);
|
||||||
$key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n";
|
$key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n";
|
||||||
|
@ -62,9 +62,10 @@ abstract class OpenSSH extends Progenitor
|
|||||||
* @param \phpseclib\Math\BigInteger $q
|
* @param \phpseclib\Math\BigInteger $q
|
||||||
* @param \phpseclib\Math\BigInteger $g
|
* @param \phpseclib\Math\BigInteger $g
|
||||||
* @param \phpseclib\Math\BigInteger $y
|
* @param \phpseclib\Math\BigInteger $y
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
|
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, $options = [])
|
||||||
{
|
{
|
||||||
if ($q->getLength() != 160) {
|
if ($q->getLength() != 160) {
|
||||||
throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
|
throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
|
||||||
@ -78,11 +79,12 @@ abstract class OpenSSH extends Progenitor
|
|||||||
// mpint y
|
// mpint y
|
||||||
$DSAPublicKey = Strings::packSSH2('siiii', 'ssh-dss', $p, $q, $g, $y);
|
$DSAPublicKey = Strings::packSSH2('siiii', 'ssh-dss', $p, $q, $g, $y);
|
||||||
|
|
||||||
if (self::$binary) {
|
if (isset($options['binary']) ? $options['binary'] : self::$binary) {
|
||||||
return $DSAPublicKey;
|
return $DSAPublicKey;
|
||||||
}
|
}
|
||||||
|
|
||||||
$DSAPublicKey = 'ssh-dss ' . Base64::encode($DSAPublicKey) . ' ' . self::$comment;
|
$comment = isset($options['comment']) ? $options['comment'] : self::$comment;
|
||||||
|
$DSAPublicKey = 'ssh-dss ' . Base64::encode($DSAPublicKey) . ' ' . $comment;
|
||||||
|
|
||||||
return $DSAPublicKey;
|
return $DSAPublicKey;
|
||||||
}
|
}
|
||||||
|
@ -113,9 +113,10 @@ abstract class PKCS1 extends Progenitor
|
|||||||
* @param \phpseclib\Math\BigInteger $x
|
* @param \phpseclib\Math\BigInteger $x
|
||||||
* @param \phpseclib\Math\BigInteger $y
|
* @param \phpseclib\Math\BigInteger $y
|
||||||
* @param string $password optional
|
* @param string $password optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '')
|
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', $options = [])
|
||||||
{
|
{
|
||||||
$key = [
|
$key = [
|
||||||
'version' => 0,
|
'version' => 0,
|
||||||
@ -128,7 +129,7 @@ abstract class PKCS1 extends Progenitor
|
|||||||
|
|
||||||
$key = ASN1::encodeDER($key, Maps\DSAPrivateKey::MAP);
|
$key = ASN1::encodeDER($key, Maps\DSAPrivateKey::MAP);
|
||||||
|
|
||||||
return self::wrapPrivateKey($key, 'DSA', $password);
|
return self::wrapPrivateKey($key, 'DSA', $password, $options);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -127,9 +127,10 @@ abstract class PKCS8 extends Progenitor
|
|||||||
* @param \phpseclib\Math\BigInteger $x
|
* @param \phpseclib\Math\BigInteger $x
|
||||||
* @param \phpseclib\Math\BigInteger $y
|
* @param \phpseclib\Math\BigInteger $y
|
||||||
* @param string $password optional
|
* @param string $password optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '')
|
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', $options = [])
|
||||||
{
|
{
|
||||||
$params = [
|
$params = [
|
||||||
'p' => $p,
|
'p' => $p,
|
||||||
@ -139,7 +140,7 @@ abstract class PKCS8 extends Progenitor
|
|||||||
$params = ASN1::encodeDER($params, Maps\DSAParams::MAP);
|
$params = ASN1::encodeDER($params, Maps\DSAParams::MAP);
|
||||||
$params = new ASN1\Element($params);
|
$params = new ASN1\Element($params);
|
||||||
$key = ASN1::encodeDER($x, Maps\DSAPublicKey::MAP);
|
$key = ASN1::encodeDER($x, Maps\DSAPublicKey::MAP);
|
||||||
return self::wrapPrivateKey($key, [], $params, $password);
|
return self::wrapPrivateKey($key, [], $params, $password, $options);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -150,9 +151,10 @@ abstract class PKCS8 extends Progenitor
|
|||||||
* @param \phpseclib\Math\BigInteger $q
|
* @param \phpseclib\Math\BigInteger $q
|
||||||
* @param \phpseclib\Math\BigInteger $g
|
* @param \phpseclib\Math\BigInteger $g
|
||||||
* @param \phpseclib\Math\BigInteger $y
|
* @param \phpseclib\Math\BigInteger $y
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
|
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, $options = [])
|
||||||
{
|
{
|
||||||
$params = [
|
$params = [
|
||||||
'p' => $p,
|
'p' => $p,
|
||||||
|
@ -91,9 +91,10 @@ abstract class PuTTY extends Progenitor
|
|||||||
* @param \phpseclib\Math\BigInteger $y
|
* @param \phpseclib\Math\BigInteger $y
|
||||||
* @param \phpseclib\Math\BigInteger $x
|
* @param \phpseclib\Math\BigInteger $x
|
||||||
* @param string $password optional
|
* @param string $password optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = false)
|
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = false, $options = [])
|
||||||
{
|
{
|
||||||
if ($q->getLength() != 160) {
|
if ($q->getLength() != 160) {
|
||||||
throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
|
throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
|
||||||
@ -102,7 +103,7 @@ abstract class PuTTY extends Progenitor
|
|||||||
$public = Strings::packSSH2('iiii', $p, $q, $g, $y);
|
$public = Strings::packSSH2('iiii', $p, $q, $g, $y);
|
||||||
$private = Strings::packSSH2('i', $x);
|
$private = Strings::packSSH2('i', $x);
|
||||||
|
|
||||||
return self::wrapPrivateKey($public, $private, 'ssh-dsa', $password);
|
return self::wrapPrivateKey($public, $private, 'ssh-dsa', $password, $options);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -25,15 +25,16 @@ use phpseclib\Crypt\DSA;
|
|||||||
class Parameters extends DSA
|
class Parameters extends DSA
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* Returns the public key
|
* Returns the parameters
|
||||||
*
|
*
|
||||||
* @param string $type
|
* @param string $type
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function toString($type = 'PKCS1')
|
public function toString($type = 'PKCS1', $options = [])
|
||||||
{
|
{
|
||||||
$type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters');
|
$type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters');
|
||||||
|
|
||||||
return $type::saveParameters($this->p, $this->q, $this->g);
|
return $type::saveParameters($this->p, $this->q, $this->g, $options);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -144,9 +144,10 @@ class PrivateKey extends DSA implements Common\PrivateKey
|
|||||||
* Returns the private key
|
* Returns the private key
|
||||||
*
|
*
|
||||||
* @param string $type
|
* @param string $type
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function toString($type)
|
public function toString($type, $options = [])
|
||||||
{
|
{
|
||||||
$type = self::validatePlugin('Keys', $type, 'savePrivateKey');
|
$type = self::validatePlugin('Keys', $type, 'savePrivateKey');
|
||||||
|
|
||||||
@ -154,6 +155,6 @@ class PrivateKey extends DSA implements Common\PrivateKey
|
|||||||
$this->y = $this->g->powMod($this->x, $this->p);
|
$this->y = $this->g->powMod($this->x, $this->p);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $type::savePrivateKey($this->p, $this->q, $this->g, $this->y, $this->x, $this->password);
|
return $type::savePrivateKey($this->p, $this->q, $this->g, $this->y, $this->x, $this->password, $options);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -80,12 +80,13 @@ class PublicKey extends DSA implements Common\PublicKey
|
|||||||
* Returns the public key
|
* Returns the public key
|
||||||
*
|
*
|
||||||
* @param string $type
|
* @param string $type
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function toString($type)
|
public function toString($type, $options = [])
|
||||||
{
|
{
|
||||||
$type = self::validatePlugin('Keys', $type, 'savePublicKey');
|
$type = self::validatePlugin('Keys', $type, 'savePublicKey');
|
||||||
|
|
||||||
return $type::savePublicKey($this->p, $this->q, $this->g, $this->y);
|
return $type::savePublicKey($this->p, $this->q, $this->g, $this->y, $options);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -186,10 +186,13 @@ abstract class OpenSSH extends Progenitor
|
|||||||
* @access public
|
* @access public
|
||||||
* @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve
|
* @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve
|
||||||
* @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey
|
* @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePublicKey(BaseCurve $curve, array $publicKey)
|
public static function savePublicKey(BaseCurve $curve, array $publicKey, $options = [])
|
||||||
{
|
{
|
||||||
|
$comment = isset($options['comment']) ? $options['comment'] : self::$comment;
|
||||||
|
|
||||||
if ($curve instanceof Ed25519) {
|
if ($curve instanceof Ed25519) {
|
||||||
$key = Strings::packSSH2('ss', 'ssh-ed25519', $curve->encodePoint($publicKey));
|
$key = Strings::packSSH2('ss', 'ssh-ed25519', $curve->encodePoint($publicKey));
|
||||||
|
|
||||||
@ -197,7 +200,7 @@ abstract class OpenSSH extends Progenitor
|
|||||||
return $key;
|
return $key;
|
||||||
}
|
}
|
||||||
|
|
||||||
$key = 'ssh-ed25519 ' . Base64::encode($key) . ' ' . self::$comment;
|
$key = 'ssh-ed25519 ' . Base64::encode($key) . ' ' . $comment;
|
||||||
return $key;
|
return $key;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -226,11 +229,11 @@ abstract class OpenSSH extends Progenitor
|
|||||||
$points = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes();
|
$points = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes();
|
||||||
$key = Strings::packSSH2('sss', 'ecdsa-sha2-' . $alias, $alias, $points);
|
$key = Strings::packSSH2('sss', 'ecdsa-sha2-' . $alias, $alias, $points);
|
||||||
|
|
||||||
if (self::$binary) {
|
if (isset($options['binary']) ? $options['binary'] : self::$binary) {
|
||||||
return $key;
|
return $key;
|
||||||
}
|
}
|
||||||
|
|
||||||
$key = 'ecdsa-sha2-' . $alias . ' ' . Base64::encode($key) . ' ' . self::$comment;
|
$key = 'ecdsa-sha2-' . $alias . ' ' . Base64::encode($key) . ' ' . $comment;
|
||||||
|
|
||||||
return $key;
|
return $key;
|
||||||
}
|
}
|
||||||
|
@ -115,9 +115,10 @@ abstract class PKCS1 extends Progenitor
|
|||||||
* @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve
|
* @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve
|
||||||
* @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey
|
* @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey
|
||||||
* @param string $password optional
|
* @param string $password optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = '')
|
public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = '', $options = [])
|
||||||
{
|
{
|
||||||
self::initialize_static_variables();
|
self::initialize_static_variables();
|
||||||
|
|
||||||
@ -136,6 +137,6 @@ abstract class PKCS1 extends Progenitor
|
|||||||
|
|
||||||
$key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP);
|
$key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP);
|
||||||
|
|
||||||
return self::wrapPrivateKey($key, 'EC', $password);
|
return self::wrapPrivateKey($key, 'EC', $password, $options);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -198,9 +198,10 @@ abstract class PKCS8 extends Progenitor
|
|||||||
* @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve
|
* @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve
|
||||||
* @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey
|
* @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey
|
||||||
* @param string $password optional
|
* @param string $password optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = '')
|
public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = '', $options = [])
|
||||||
{
|
{
|
||||||
self::initialize_static_variables();
|
self::initialize_static_variables();
|
||||||
|
|
||||||
@ -228,6 +229,6 @@ abstract class PKCS8 extends Progenitor
|
|||||||
|
|
||||||
$key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP);
|
$key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP);
|
||||||
|
|
||||||
return self::wrapPrivateKey($key, [], $params, $password, 'id-ecPublicKey');
|
return self::wrapPrivateKey($key, [], $params, $password, 'id-ecPublicKey', $options);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -96,9 +96,10 @@ abstract class PuTTY extends Progenitor
|
|||||||
* @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve
|
* @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve
|
||||||
* @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey
|
* @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey
|
||||||
* @param string $password optional
|
* @param string $password optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = false)
|
public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = false, $options = [])
|
||||||
{
|
{
|
||||||
self::initialize_static_variables();
|
self::initialize_static_variables();
|
||||||
|
|
||||||
@ -121,7 +122,7 @@ abstract class PuTTY extends Progenitor
|
|||||||
Strings::packSSH2('s', $privateKey->secret) :
|
Strings::packSSH2('s', $privateKey->secret) :
|
||||||
Strings::packSSH2('s', $private);
|
Strings::packSSH2('s', $private);
|
||||||
|
|
||||||
return self::wrapPrivateKey($public, $private, $name, $password);
|
return self::wrapPrivateKey($public, $private, $name, $password, $options);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -25,15 +25,16 @@ use phpseclib\Crypt\ECDSA;
|
|||||||
class Parameters extends ECDSA
|
class Parameters extends ECDSA
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* Returns the public key
|
* Returns the parameters
|
||||||
*
|
*
|
||||||
* @param string $type
|
* @param string $type
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function toString($type = 'PKCS1')
|
public function toString($type = 'PKCS1', $options = [])
|
||||||
{
|
{
|
||||||
$type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters');
|
$type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters');
|
||||||
|
|
||||||
return $type::saveParameters($this->curve);
|
return $type::saveParameters($this->curve, $options);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -182,13 +182,14 @@ class PrivateKey extends ECDSA implements Common\PrivateKey
|
|||||||
* Returns the private key
|
* Returns the private key
|
||||||
*
|
*
|
||||||
* @param string $type
|
* @param string $type
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function toString($type)
|
public function toString($type, $options = [])
|
||||||
{
|
{
|
||||||
$type = self::validatePlugin('Keys', $type, 'savePrivateKey');
|
$type = self::validatePlugin('Keys', $type, 'savePrivateKey');
|
||||||
|
|
||||||
return $type::savePrivateKey($this->dA, $this->curve, $this->QA, $this->password);
|
return $type::savePrivateKey($this->dA, $this->curve, $this->QA, $this->password, $options);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -159,12 +159,13 @@ class PublicKey extends ECDSA implements Common\PublicKey
|
|||||||
* Returns the public key
|
* Returns the public key
|
||||||
*
|
*
|
||||||
* @param string $type
|
* @param string $type
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function toString($type)
|
public function toString($type, $options = [])
|
||||||
{
|
{
|
||||||
$type = self::validatePlugin('Keys', $type, 'savePublicKey');
|
$type = self::validatePlugin('Keys', $type, 'savePublicKey');
|
||||||
|
|
||||||
return $type::savePublicKey($this->curve, $this->QA);
|
return $type::savePublicKey($this->curve, $this->QA, $options);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -63,17 +63,19 @@ abstract class OpenSSH extends Progenitor
|
|||||||
* @access public
|
* @access public
|
||||||
* @param \phpseclib\Math\BigInteger $n
|
* @param \phpseclib\Math\BigInteger $n
|
||||||
* @param \phpseclib\Math\BigInteger $e
|
* @param \phpseclib\Math\BigInteger $e
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePublicKey(BigInteger $n, BigInteger $e)
|
public static function savePublicKey(BigInteger $n, BigInteger $e, $options = [])
|
||||||
{
|
{
|
||||||
$RSAPublicKey = Strings::packSSH2('sii', 'ssh-rsa', $e, $n);
|
$RSAPublicKey = Strings::packSSH2('sii', 'ssh-rsa', $e, $n);
|
||||||
|
|
||||||
if (self::$binary) {
|
if (isset($options['binary']) ? $options['binary'] : self::$binary) {
|
||||||
return $RSAPublicKey;
|
return $RSAPublicKey;
|
||||||
}
|
}
|
||||||
|
|
||||||
$RSAPublicKey = 'ssh-rsa ' . Base64::encode($RSAPublicKey) . ' ' . self::$comment;
|
$comment = isset($options['comment']) ? $options['comment'] : self::$comment;
|
||||||
|
$RSAPublicKey = 'ssh-rsa ' . Base64::encode($RSAPublicKey) . ' ' . $comment;
|
||||||
|
|
||||||
return $RSAPublicKey;
|
return $RSAPublicKey;
|
||||||
}
|
}
|
||||||
|
@ -101,9 +101,10 @@ abstract class PKCS1 extends Progenitor
|
|||||||
* @param array $exponents
|
* @param array $exponents
|
||||||
* @param array $coefficients
|
* @param array $coefficients
|
||||||
* @param string $password optional
|
* @param string $password optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '')
|
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '', $options = [])
|
||||||
{
|
{
|
||||||
$num_primes = count($primes);
|
$num_primes = count($primes);
|
||||||
$key = [
|
$key = [
|
||||||
@ -127,7 +128,7 @@ abstract class PKCS1 extends Progenitor
|
|||||||
|
|
||||||
$key = ASN1::encodeDER($key, Maps\RSAPrivateKey::MAP);
|
$key = ASN1::encodeDER($key, Maps\RSAPrivateKey::MAP);
|
||||||
|
|
||||||
return self::wrapPrivateKey($key, 'RSA', $password);
|
return self::wrapPrivateKey($key, 'RSA', $password, $options);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -104,13 +104,14 @@ abstract class PKCS8 extends Progenitor
|
|||||||
* @param array $exponents
|
* @param array $exponents
|
||||||
* @param array $coefficients
|
* @param array $coefficients
|
||||||
* @param string $password optional
|
* @param string $password optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '')
|
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '', $options = [])
|
||||||
{
|
{
|
||||||
$key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients);
|
$key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients);
|
||||||
$key = ASN1::extractBER($key);
|
$key = ASN1::extractBER($key);
|
||||||
return self::wrapPrivateKey($key, [], null, $password);
|
return self::wrapPrivateKey($key, [], null, $password, $options);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -119,9 +120,10 @@ abstract class PKCS8 extends Progenitor
|
|||||||
* @access public
|
* @access public
|
||||||
* @param \phpseclib\Math\BigInteger $n
|
* @param \phpseclib\Math\BigInteger $n
|
||||||
* @param \phpseclib\Math\BigInteger $e
|
* @param \phpseclib\Math\BigInteger $e
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePublicKey(BigInteger $n, BigInteger $e)
|
public static function savePublicKey(BigInteger $n, BigInteger $e, $options = [])
|
||||||
{
|
{
|
||||||
$key = PKCS1::savePublicKey($n, $e);
|
$key = PKCS1::savePublicKey($n, $e);
|
||||||
$key = ASN1::extractBER($key);
|
$key = ASN1::extractBER($key);
|
||||||
|
@ -100,9 +100,10 @@ abstract class PuTTY extends Progenitor
|
|||||||
* @param array $exponents
|
* @param array $exponents
|
||||||
* @param array $coefficients
|
* @param array $coefficients
|
||||||
* @param string $password optional
|
* @param string $password optional
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '')
|
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '', $options = [])
|
||||||
{
|
{
|
||||||
if (count($primes) != 2) {
|
if (count($primes) != 2) {
|
||||||
throw new \InvalidArgumentException('PuTTY does not support multi-prime RSA keys');
|
throw new \InvalidArgumentException('PuTTY does not support multi-prime RSA keys');
|
||||||
@ -111,7 +112,7 @@ abstract class PuTTY extends Progenitor
|
|||||||
$public = Strings::packSSH2('ii', $e, $n);
|
$public = Strings::packSSH2('ii', $e, $n);
|
||||||
$private = Strings::packSSH2('iiii', $d, $primes[1], $primes[2], $coefficients[2]);
|
$private = Strings::packSSH2('iiii', $d, $primes[1], $primes[2], $coefficients[2]);
|
||||||
|
|
||||||
return self::wrapPrivateKey($public, $private, 'ssh-rsa', $password);
|
return self::wrapPrivateKey($public, $private, 'ssh-rsa', $password, $options);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -514,9 +514,10 @@ class PrivateKey extends RSA implements Common\PrivateKey
|
|||||||
* Returns the private key
|
* Returns the private key
|
||||||
*
|
*
|
||||||
* @param string $type
|
* @param string $type
|
||||||
|
* @param array $options optional
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function toString($type)
|
public function toString($type, $options = [])
|
||||||
{
|
{
|
||||||
$type = self::validatePlugin(
|
$type = self::validatePlugin(
|
||||||
'Keys',
|
'Keys',
|
||||||
@ -528,10 +529,10 @@ class PrivateKey extends RSA implements Common\PrivateKey
|
|||||||
return $type::savePublicKey($this->modulus, $this->exponent);
|
return $type::savePublicKey($this->modulus, $this->exponent);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password);
|
return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password, $options);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
$key = $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password);
|
$key = $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password, $options);
|
||||||
if ($key !== false || count($this->primes) == 2) {
|
if ($key !== false || count($this->primes) == 2) {
|
||||||
return $key;
|
return $key;
|
||||||
}
|
}
|
||||||
@ -555,7 +556,7 @@ class PrivateKey extends RSA implements Common\PrivateKey
|
|||||||
$exponents[$i] = $this->modulus->modInverse($temp);
|
$exponents[$i] = $this->modulus->modInverse($temp);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $primes, $exponents, $coefficients, $this->password);
|
return $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $primes, $exponents, $coefficients, $this->password, $options);
|
||||||
*/
|
*/
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -465,13 +465,14 @@ class PublicKey extends RSA implements Common\PublicKey
|
|||||||
* function won't return it since this library, for the most part, doesn't distinguish between public and private keys.
|
* function won't return it since this library, for the most part, doesn't distinguish between public and private keys.
|
||||||
*
|
*
|
||||||
* @param string $type
|
* @param string $type
|
||||||
|
* @param array $options optional
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function toString($type)
|
public function toString($type, $options = [])
|
||||||
{
|
{
|
||||||
$type = self::validatePlugin('Keys', $type, 'savePublicKey');
|
$type = self::validatePlugin('Keys', $type, 'savePublicKey');
|
||||||
|
|
||||||
return $type::savePublicKey($this->modulus, $this->publicExponent);
|
return $type::savePublicKey($this->modulus, $this->publicExponent, $options);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -2447,10 +2447,7 @@ class SSH2
|
|||||||
throw new UnsupportedAlgorithmException('Please use either an RSA key, an ECDSA one or a DSA key');
|
throw new UnsupportedAlgorithmException('Please use either an RSA key, an ECDSA one or a DSA key');
|
||||||
}
|
}
|
||||||
|
|
||||||
$status = OpenSSH::getBinaryOutput();
|
$publickeyStr = $publickey->toString('OpenSSH', ['binary' => true]);
|
||||||
OpenSSH::setBinaryOutput(true);
|
|
||||||
$publickeyStr = $publickey->toString('OpenSSH');
|
|
||||||
OpenSSH::setBinaryOutput($status);
|
|
||||||
|
|
||||||
$part1 = Strings::packSSH2(
|
$part1 = Strings::packSSH2(
|
||||||
'Csss',
|
'Csss',
|
||||||
|
Loading…
Reference in New Issue
Block a user