SSH2: ssh-ed25519 keys didn't work

This commit is contained in:
terrafrost 2019-11-23 00:58:12 -06:00
parent 4f7992a9ca
commit ea27295c8f
4 changed files with 24 additions and 11 deletions

View File

@ -153,7 +153,7 @@ abstract class OpenSSH extends Progenitor
if ($curve instanceof Ed25519) {
$key = Strings::packSSH2('ss', 'ssh-ed25519', $curve->encodePoint($publicKey));
if (self::$binary) {
if (isset($options['binary']) ? $options['binary'] : self::$binary) {
return $key;
}

View File

@ -24,6 +24,7 @@ use phpseclib\Crypt\EC\Curves\Curve25519;
use phpseclib\Crypt\EC\Formats\Keys\PKCS1;
use phpseclib\Crypt\Common;
use phpseclib\Exception\UnsupportedOperationException;
use phpseclib\Common\Functions\Strings;
/**
* EC Private Key
@ -98,9 +99,16 @@ class PrivateKey extends EC implements Common\PrivateKey
$order = $this->curve->getOrder();
$shortFormat = $this->shortFormat;
$format = $this->format;
if ($format === false) {
return false;
}
if ($this->curve instanceof TwistedEdwardsCurve) {
if ($this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context)) {
return sodium_crypto_sign_detached($message, $this->toString('libsodium'));
$result = sodium_crypto_sign_detached($message, $this->toString('libsodium'));
return $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $result) : $result;
}
// contexts (Ed25519ctx) are supported but prehashing (Ed25519ph) is not.
@ -133,13 +141,7 @@ class PrivateKey extends EC implements Common\PrivateKey
$S = $k->multiply($dA)->add($r);
list(, $S) = $S->divide($order);
$S = str_pad(strrev($S->toBytes()), $curve::SIZE, "\0");
return $R . $S;
}
$shortFormat = $this->shortFormat;
$format = $this->format;
if ($format === false) {
return false;
return $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $R . $S) : $R . $S;
}
if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) {

View File

@ -23,6 +23,7 @@ use phpseclib\Crypt\EC\Curves\Ed25519;
use phpseclib\Crypt\EC\Formats\Keys\PKCS1;
use phpseclib\Crypt\Common;
use phpseclib\Exception\UnsupportedOperationException;
use phpseclib\Common\Functions\Strings;
/**
* EC Public Key
@ -50,9 +51,19 @@ class PublicKey extends EC implements Common\PublicKey
throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures');
}
$shortFormat = $this->shortFormat;
$format = $this->format;
if ($format === false) {
return false;
}
$order = $this->curve->getOrder();
if ($this->curve instanceof TwistedEdwardsCurve) {
if ($shortFormat == 'SSH2') {
list(, $signature) = Strings::unpackSSH2('ss', $signature);
}
if ($this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context)) {
return sodium_crypto_sign_verify_detached($signature, $message, $this->toString('libsodium'));
}
@ -105,8 +116,6 @@ class PublicKey extends EC implements Common\PublicKey
return $lhs[0]->equals($rhs[0]) && $lhs[1]->equals($rhs[1]);
}
$format = $this->format;
$params = $format::load($signature);
if ($params === false || count($params) != 2) {
return false;

View File

@ -480,10 +480,12 @@ lEIq93iMVzIArjGaKrFDAAAADHJvb3RAdmFncmFudAE=
$key = PublicKeyLoader::load($key);
$sig = $key->sign('zzz');
$sig2 = $key->withSignatureFormat('SSH2')->sign('zzz');
$key = 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKGEJnCqQiHjcB9RE86BvJh5lEIq93iMVzIArjGaKrFD root@vagrant';
$key = PublicKeyLoader::load($key);
$this->assertTrue($key->verify('zzz', $sig));
$this->assertTrue($key->withSignatureFormat('SSH2')->verify('zzz', $sig2));
}
}