Add support for custom RSA key comments.

Add ivar and set/getComment() instead of constant. Also parse comment from applicable formats in loadKey().
2024-11-09 23:31:00 +00:00 · 2013-05-05 19:38:34 -04:00 · 2013-05-05 19:38:34 -04:00 · c1244805cf
commit c1244805cf
parent a83166fe48
1 changed files with 46 additions and 10 deletions
--- a/phpseclib/Crypt/RSA.php
+++ b/phpseclib/Crypt/RSA.php
@ -449,6 +449,14 @@ class Crypt_RSA {
     */
    var $configFile;

+    /**
+     * Public key comment field.
+     *
+     * @var String
+     * @access private
+     */
+    var $comment = 'phpseclib-generated-key';
+
    /**
     * The constructor
     *
@ -473,10 +481,6 @@ class Crypt_RSA {
            }
        }

-        if (!defined('CRYPT_RSA_COMMENT')) {
-            define('CRYPT_RSA_COMMENT', 'phpseclib-generated-key');
-        }
-
        $this->zero = new Math_BigInteger();
        $this->one = new Math_BigInteger(1);

@ -720,13 +724,13 @@ class Crypt_RSA {
                $key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: ";
                $encryption = (!empty($this->password) || is_string($this->password)) ? 'aes256-cbc' : 'none';
                $key.= $encryption;
-                $key.= "\r\nComment: " . CRYPT_RSA_COMMENT . "\r\n";
+                $key.= "\r\nComment: " . $this->comment . "\r\n";
                $public = pack('Na*Na*Na*',
                    strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus']
                );
                $source = pack('Na*Na*Na*Na*',
                              strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption,
-                              strlen(CRYPT_RSA_COMMENT), CRYPT_RSA_COMMENT, strlen($public), $public
+                              strlen($this->comment), $this->comment, strlen($public), $public
                );
                $public = base64_encode($public);
                $key.= "Public-Lines: " . ((strlen($public) + 32) >> 6) . "\r\n";
@ -853,7 +857,7 @@ class Crypt_RSA {
                // mpint     e
                // mpint     n
                $RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus);
-                $RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . CRYPT_RSA_COMMENT;
+                $RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . $this->comment;

                return $RSAPublicKey;
            default: // eg. CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW or CRYPT_RSA_PUBLIC_FORMAT_PKCS1
@ -1128,11 +1132,15 @@ class Crypt_RSA {

                return $components;
            case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH:
-                $key = base64_decode(preg_replace('#^ssh-rsa | .+$#', '', $key));
+                $parts = explode(' ', $key, 3);
+
+                $key = isset($parts[1]) ? base64_decode($parts[1]) : false;
                if ($key === false) {
                    return false;
                }

+                $comment = isset($parts[2]) ? $parts[2] : false;
+
                $cleanup = substr($key, 0, 11) == "\0\0\0\7ssh-rsa";

                if (strlen($key) <= 4) {
@ -1154,12 +1162,14 @@ class Crypt_RSA {
                    $realModulus = new Math_BigInteger($this->_string_shift($key, $length), -256);
                    return strlen($key) ? false : array(
                        'modulus' => $realModulus,
-                        'publicExponent' => $modulus
+                        'publicExponent' => $modulus,
+                        'comment' => $comment
                    );
                } else {
                    return strlen($key) ? false : array(
                        'modulus' => $modulus,
-                        'publicExponent' => $publicExponent
+                        'publicExponent' => $publicExponent,
+                        'comment' => $comment
                    );
                }
            // http://www.w3.org/TR/xmldsig-core/#sec-RSAKeyValue
@ -1187,6 +1197,7 @@ class Crypt_RSA {
                    return false;
                }
                $encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1]));
+                $comment = trim(preg_replace('#Comment: (.+)#', '$1', $key[2]));

                $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3]));
                $public = base64_decode(implode('', array_map('trim', array_slice($key, 4, $publicLength))));
@ -1380,6 +1391,9 @@ class Crypt_RSA {
            return false;
        }

+        if (isset($components['comment']) && $components['comment'] !== false) {
+            $this->comment = $components['comment'];
+        }
        $this->modulus = $components['modulus'];
        $this->k = strlen($this->modulus->toBytes());
        $this->exponent = isset($components['privateExponent']) ? $components['privateExponent'] : $components['publicExponent'];
@ -2530,6 +2544,28 @@ class Crypt_RSA {
        $this->signatureMode = $mode;
    }

+    /**
+     * Set public key comment.
+     *
+     * @access public
+     * @param String $comment
+     */
+    function setComment($comment)
+    {
+        $this->comment = $comment;
+    }
+
+    /**
+     * Get public key comment.
+     *
+     * @access public
+     * @return String
+     */
+    function getComment()
+    {
+        return $this->comment;
+    }
+
    /**
     * Encryption
     *