mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-09-28 07:09:01 +00:00
Merge branch '2.0'
This commit is contained in:
commit
e006f5b326
@ -2570,7 +2570,9 @@ class SSH2
|
|||||||
$this->agent = $agent;
|
$this->agent = $agent;
|
||||||
$keys = $agent->requestIdentities();
|
$keys = $agent->requestIdentities();
|
||||||
foreach ($keys as $key) {
|
foreach ($keys as $key) {
|
||||||
|
echo "so far\n";
|
||||||
if ($this->privatekey_login($username, $key)) {
|
if ($this->privatekey_login($username, $key)) {
|
||||||
|
echo "so good!?\n";
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -2664,24 +2666,19 @@ class SSH2
|
|||||||
}
|
}
|
||||||
|
|
||||||
$packet = $part1 . chr(1) . $part2;
|
$packet = $part1 . chr(1) . $part2;
|
||||||
if ($privatekey instanceof AgentIdentity) {
|
switch ($this->signature_format) {
|
||||||
$hash = 'sha1';
|
case 'rsa-sha2-512':
|
||||||
$type = 'ssh-rsa';
|
$hash = 'sha512';
|
||||||
} else {
|
$type = 'rsa-sha2-512';
|
||||||
switch ($this->signature_format) {
|
break;
|
||||||
case 'rsa-sha2-512':
|
case 'rsa-sha2-256':
|
||||||
$hash = 'sha512';
|
$hash = 'sha256';
|
||||||
$type = 'rsa-sha2-512';
|
$type = 'rsa-sha2-256';
|
||||||
break;
|
break;
|
||||||
case 'rsa-sha2-256':
|
//case 'ssh-rsa':
|
||||||
$hash = 'sha256';
|
default:
|
||||||
$type = 'rsa-sha2-256';
|
$hash = 'sha1';
|
||||||
break;
|
$type = 'ssh-rsa';
|
||||||
//case 'ssh-rsa':
|
|
||||||
default:
|
|
||||||
$hash = 'sha1';
|
|
||||||
$type = 'ssh-rsa';
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
$privatekey->setHash($hash);
|
$privatekey->setHash($hash);
|
||||||
$signature = $privatekey->sign(pack('Na*a*', strlen($this->session_id), $this->session_id, $packet), RSA::PADDING_PKCS1);
|
$signature = $privatekey->sign(pack('Na*a*', strlen($this->session_id), $this->session_id, $packet), RSA::PADDING_PKCS1);
|
||||||
|
@ -19,6 +19,7 @@ namespace phpseclib\System\SSH\Agent;
|
|||||||
use phpseclib\Crypt\RSA;
|
use phpseclib\Crypt\RSA;
|
||||||
use phpseclib\Exception\UnsupportedAlgorithmException;
|
use phpseclib\Exception\UnsupportedAlgorithmException;
|
||||||
use phpseclib\System\SSH\Agent;
|
use phpseclib\System\SSH\Agent;
|
||||||
|
use phpseclib\Common\Functions\Strings;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Pure-PHP ssh-agent client identity object
|
* Pure-PHP ssh-agent client identity object
|
||||||
@ -35,6 +36,17 @@ use phpseclib\System\SSH\Agent;
|
|||||||
*/
|
*/
|
||||||
class Identity
|
class Identity
|
||||||
{
|
{
|
||||||
|
/**@+
|
||||||
|
* Signature Flags
|
||||||
|
*
|
||||||
|
* See https://tools.ietf.org/html/draft-miller-ssh-agent-00#section-5.3
|
||||||
|
*
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
const SSH_AGENT_RSA2_256 = 2;
|
||||||
|
const SSH_AGENT_RSA2_512 = 4;
|
||||||
|
/**#@-*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Key Object
|
* Key Object
|
||||||
*
|
*
|
||||||
@ -62,6 +74,16 @@ class Identity
|
|||||||
*/
|
*/
|
||||||
private $fsock;
|
private $fsock;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Signature flags
|
||||||
|
*
|
||||||
|
* @var int
|
||||||
|
* @access private
|
||||||
|
* @see self::sign()
|
||||||
|
* @see self::setHash()
|
||||||
|
*/
|
||||||
|
var $flags = 0;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default Constructor.
|
* Default Constructor.
|
||||||
*
|
*
|
||||||
@ -124,10 +146,20 @@ class Identity
|
|||||||
* @param string $hash optional
|
* @param string $hash optional
|
||||||
* @access public
|
* @access public
|
||||||
*/
|
*/
|
||||||
public function setHash($hash = 'sha1')
|
public function setHash($hash)
|
||||||
{
|
{
|
||||||
if ($hash != 'sha1') {
|
$this->flags = 0;
|
||||||
throw new UnsupportedAlgorithmException('ssh-agent can only be used with the sha1 hash');
|
switch ($hash) {
|
||||||
|
case 'sha1':
|
||||||
|
break;
|
||||||
|
case 'sha256':
|
||||||
|
$this->flags = self::SSH_AGENT_RSA2_256;
|
||||||
|
break;
|
||||||
|
case 'sha512':
|
||||||
|
$this->flags = self::SSH_AGENT_RSA2_512;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
throw new UnsupportedAlgorithmException('The only supported hashes for RSA are sha1, sha256 and sha512');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -150,7 +182,7 @@ class Identity
|
|||||||
}
|
}
|
||||||
|
|
||||||
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
|
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
|
||||||
$packet = pack('CNa*Na*N', Agent::SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0);
|
$packet = pack('CNa*Na*N', Agent::SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, $this->flags);
|
||||||
$packet = pack('Na*', strlen($packet), $packet);
|
$packet = pack('Na*', strlen($packet), $packet);
|
||||||
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
||||||
throw new \RuntimeException('Connection closed during signing');
|
throw new \RuntimeException('Connection closed during signing');
|
||||||
@ -163,8 +195,17 @@ class Identity
|
|||||||
}
|
}
|
||||||
|
|
||||||
$signature_blob = fread($this->fsock, $length - 1);
|
$signature_blob = fread($this->fsock, $length - 1);
|
||||||
// the only other signature format defined - ssh-dss - is the same length as ssh-rsa
|
$length = current(unpack('N', Strings::shift($signature_blob, 4)));
|
||||||
// the + 12 is for the other various SSH added length fields
|
if ($length != strlen($signature_blob)) {
|
||||||
return substr($signature_blob, strlen('ssh-rsa') + 12);
|
throw new \RuntimeException('Malformed signature blob');
|
||||||
|
}
|
||||||
|
$length = current(unpack('N', Strings::shift($signature_blob, 4)));
|
||||||
|
if ($length > strlen($signature_blob) + 4) {
|
||||||
|
throw new \RuntimeException('Malformed signature blob');
|
||||||
|
}
|
||||||
|
$type = Strings::shift($signature_blob, $length);
|
||||||
|
Strings::shift($signature_blob, 4);
|
||||||
|
|
||||||
|
return $signature_blob;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user