From 1a25aefa59ae58c4b0210f3a4f2273804db3c7c2 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Thu, 4 Aug 2016 00:55:21 -0500 Subject: [PATCH 1/3] cherry-picking last commit added new file --- phpseclib/System/SSH/Agent/Identity.php | 170 ------------------------ 1 file changed, 170 deletions(-) delete mode 100644 phpseclib/System/SSH/Agent/Identity.php diff --git a/phpseclib/System/SSH/Agent/Identity.php b/phpseclib/System/SSH/Agent/Identity.php deleted file mode 100644 index 95e091db..00000000 --- a/phpseclib/System/SSH/Agent/Identity.php +++ /dev/null @@ -1,170 +0,0 @@ - - * @copyright 2009 Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net - * @internal See http://api.libssh.org/rfc/PROTOCOL.agent - */ - -namespace phpseclib\System\SSH\Agent; - -use phpseclib\Crypt\RSA; -use phpseclib\Exception\UnsupportedAlgorithmException; -use phpseclib\System\SSH\Agent; - -/** - * Pure-PHP ssh-agent client identity object - * - * Instantiation should only be performed by \phpseclib\System\SSH\Agent class. - * This could be thought of as implementing an interface that phpseclib\Crypt\RSA - * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. - * The methods in this interface would be getPublicKey and sign since those are the - * methods phpseclib looks for to perform public key authentication. - * - * @package SSH\Agent - * @author Jim Wigginton - * @access internal - */ -class Identity -{ - /** - * Key Object - * - * @var \phpseclib\Crypt\RSA - * @access private - * @see self::getPublicKey() - */ - var $key; - - /** - * Key Blob - * - * @var string - * @access private - * @see self::sign() - */ - var $key_blob; - - /** - * Socket Resource - * - * @var resource - * @access private - * @see self::sign() - */ - var $fsock; - - /** - * Default Constructor. - * - * @param resource $fsock - * @return \phpseclib\System\SSH\Agent\Identity - * @access private - */ - function __construct($fsock) - { - $this->fsock = $fsock; - } - - /** - * Set Public Key - * - * Called by \phpseclib\System\SSH\Agent::requestIdentities() - * - * @param \phpseclib\Crypt\RSA $key - * @access private - */ - function setPublicKey($key) - { - $this->key = $key; - $this->key->setPublicKey(); - } - - /** - * Set Public Key - * - * Called by \phpseclib\System\SSH\Agent::requestIdentities(). The key blob could be extracted from $this->key - * but this saves a small amount of computation. - * - * @param string $key_blob - * @access private - */ - function setPublicKeyBlob($key_blob) - { - $this->key_blob = $key_blob; - } - - /** - * Get Public Key - * - * Wrapper for $this->key->getPublicKey() - * - * @param int $type optional - * @return mixed - * @access public - */ - function getPublicKey($type = 'PKCS8') - { - return $this->key->getPublicKey($type); - } - - /** - * Sets the hash - * - * ssh-agent only supports signatures with sha1 hashes but to maintain BC with RSA.php this function exists - * - * @param string $hash optional - * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported - * @access public - */ - function setHash($hash = 'sha1') - { - if ($hash != 'sha1') { - throw new UnsupportedAlgorithmException('ssh-agent can only be used with the sha1 hash'); - } - } - - /** - * Create a signature - * - * See "2.6.2 Protocol 2 private key signature request" - * - * @param string $message - * @param int $padding optional - * @return string - * @throws \RuntimeException on connection errors - * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported - * @access public - */ - function sign($message, $padding = RSA::PADDING_PKCS1) - { - if ($padding != RSA::PADDING_PKCS1 && $padding != RSA::PADDING_RELAXED_PKCS1) { - throw new UnsupportedAlgorithmException('ssh-agent can only create PKCS1 signatures'); - } - - // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE - $packet = pack('CNa*Na*N', Agent::SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0); - $packet = pack('Na*', strlen($packet), $packet); - if (strlen($packet) != fputs($this->fsock, $packet)) { - throw new \RuntimeException('Connection closed during signing'); - } - - $length = current(unpack('N', fread($this->fsock, 4))); - $type = ord(fread($this->fsock, 1)); - if ($type != Agent::SSH_AGENT_SIGN_RESPONSE) { - throw new \RuntimeException('Unable to retrieve signature'); - } - - $signature_blob = fread($this->fsock, $length - 1); - // the only other signature format defined - ssh-dss - is the same length as ssh-rsa - // the + 12 is for the other various SSH added length fields - return substr($signature_blob, strlen('ssh-rsa') + 12); - } -} From 676c1982c77b3ce57dd82fe886a4304a92309d76 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Thu, 4 Aug 2016 00:59:07 -0500 Subject: [PATCH 2/3] fix bad merge --- phpseclib/Crypt/RSA.php | 4 ++-- phpseclib/File/X509.php | 6 +----- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/phpseclib/Crypt/RSA.php b/phpseclib/Crypt/RSA.php index 0428b6ce..ef508a43 100644 --- a/phpseclib/Crypt/RSA.php +++ b/phpseclib/Crypt/RSA.php @@ -245,7 +245,7 @@ class RSA /** * Precomputed Zero * - * @var array + * @var \phpseclib\Math\BigInteger * @access private */ var $zero; @@ -253,7 +253,7 @@ class RSA /** * Precomputed One * - * @var array + * @var \phpseclib\Math\BigInteger * @access private */ var $one; diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index c19ade04..863d9e99 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -244,11 +244,7 @@ class X509 /** * The signature subject * -<<<<<<< HEAD - * There's no guarantee \phpseclib\File\X509 is going to reencode an X.509 cert in the same way it was originally -======= - * There's no guarantee File_X509 is going to re-encode an X.509 cert in the same way it was originally ->>>>>>> 1.0 + * There's no guarantee \phpseclib\File\X509 is going to re-encode an X.509 cert in the same way it was originally * encoded so we take save the portion of the original cert that the signature would have made for. * * @var string From 12f70270cdcf69610d1b816ed10d6bab2645e17d Mon Sep 17 00:00:00 2001 From: terrafrost Date: Thu, 4 Aug 2016 01:06:52 -0500 Subject: [PATCH 3/3] fix bad cherry pick --- phpseclib/Crypt/RSA.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/phpseclib/Crypt/RSA.php b/phpseclib/Crypt/RSA.php index 4ce9d62e..23ba0d07 100644 --- a/phpseclib/Crypt/RSA.php +++ b/phpseclib/Crypt/RSA.php @@ -138,6 +138,7 @@ define('CRYPT_RSA_SIGNATURE_PSS', 1); * compatibility with protocols (like SSH-2) written before PSS's introduction. */ define('CRYPT_RSA_SIGNATURE_PKCS1', 2); +/**#@-*/ /**#@+ * @access private @@ -281,7 +282,7 @@ class Crypt_RSA /** * Precomputed Zero * - * @var array + * @var Math_BigInteger * @access private */ var $zero; @@ -289,7 +290,7 @@ class Crypt_RSA /** * Precomputed One * - * @var array + * @var Math_BigInteger * @access private */ var $one;