mirror of
https://github.com/danog/phpseclib.git
synced 2024-11-27 12:55:58 +01:00
commit
12bd06210c
@ -493,7 +493,7 @@ abstract class SymmetricKey
|
||||
public function __construct($mode)
|
||||
{
|
||||
$mode = strtolower($mode);
|
||||
// necessary because of 5.6 compatability; we can't do isset(self::MODE_MAP[$mode]) in 5.6
|
||||
// necessary because of 5.6 compatibility; we can't do isset(self::MODE_MAP[$mode]) in 5.6
|
||||
$map = self::MODE_MAP;
|
||||
if (!isset($map[$mode])) {
|
||||
throw new \InvalidArgumentException('No valid mode has been specified');
|
||||
@ -1504,7 +1504,7 @@ abstract class SymmetricKey
|
||||
* PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream
|
||||
* for CTR is the same for both encrypting and decrypting this function is re-used by both SymmetricKey::encrypt()
|
||||
* and SymmetricKey::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this
|
||||
* function will emulate CTR with ECB when necesary.
|
||||
* function will emulate CTR with ECB when necessary.
|
||||
*
|
||||
* @see self::encrypt()
|
||||
* @see self::decrypt()
|
||||
@ -2187,7 +2187,7 @@ abstract class SymmetricKey
|
||||
*
|
||||
* This ensures that _setupInlineCrypt() has always a
|
||||
* full ready2go initializated internal cipher $engine state
|
||||
* where, for example, the keys allready expanded,
|
||||
* where, for example, the keys already expanded,
|
||||
* keys/block_size calculated and such.
|
||||
*
|
||||
* It is, each time if called, the responsibility of _setupInlineCrypt():
|
||||
|
@ -613,7 +613,7 @@ class RSA extends AsymmetricKey
|
||||
/**
|
||||
* Returns a minimalistic private key
|
||||
*
|
||||
* Returns the private key without the prime number constituants. Structurally identical to a public key that
|
||||
* Returns the private key without the prime number constituents. Structurally identical to a public key that
|
||||
* hasn't been set as the public key
|
||||
*
|
||||
* @see self::getPrivateKey()
|
||||
|
@ -73,11 +73,11 @@ abstract class Random
|
||||
// PHP isn't low level to be able to use those as sources and on a web server there's not likely
|
||||
// going to be a ton of keyboard or mouse action. web servers do have one thing that we can use
|
||||
// however, a ton of people visiting the website. obviously you don't want to base your seeding
|
||||
// soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled
|
||||
// solely on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled
|
||||
// by the user and (2) this isn't just looking at the data sent by the current user - it's based
|
||||
// on the data sent by all users. one user requests the page and a hash of their info is saved.
|
||||
// another user visits the page and the serialization of their data is utilized along with the
|
||||
// server envirnment stuff and a hash of the previous http request data (which itself utilizes
|
||||
// server environment stuff and a hash of the previous http request data (which itself utilizes
|
||||
// a hash of the session data before that). certainly an attacker should be assumed to have
|
||||
// full control over his own http requests. he, however, is not going to have control over
|
||||
// everyone's http requests.
|
||||
|
@ -538,7 +538,7 @@ class X509
|
||||
/* "[For RSA keys] the parameters field MUST have ASN.1 type NULL for this algorithm identifier."
|
||||
-- https://tools.ietf.org/html/rfc3279#section-2.3.1
|
||||
|
||||
given that and the fact that RSA keys appear ot be the only key type for which the parameters field can be blank,
|
||||
given that and the fact that RSA keys appear to be the only key type for which the parameters field can be blank,
|
||||
it seems like perhaps the ASN.1 description ought not say the parameters field is OPTIONAL, but whatever.
|
||||
*/
|
||||
$cert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] = null;
|
||||
|
@ -500,7 +500,7 @@ class BigInteger implements \Serializable
|
||||
}
|
||||
|
||||
/**
|
||||
* Logical Exlusive Or
|
||||
* Logical Exclusive Or
|
||||
*
|
||||
* @param BigInteger $x
|
||||
* @return BigInteger
|
||||
|
@ -399,7 +399,7 @@ class BCMath extends Engine
|
||||
}
|
||||
|
||||
/**
|
||||
* Logical Exlusive Or
|
||||
* Logical Exclusive Or
|
||||
*
|
||||
* @param BCMath $x
|
||||
* @return BCMath
|
||||
|
@ -77,7 +77,7 @@ abstract class Base extends BCMath
|
||||
}
|
||||
|
||||
/**
|
||||
* Modular reduction preperation
|
||||
* Modular reduction preparation
|
||||
*
|
||||
* @param string $x
|
||||
* @param string $n
|
||||
|
@ -929,7 +929,7 @@ abstract class PHP extends Engine
|
||||
}
|
||||
|
||||
/**
|
||||
* Logical Exlusive Or
|
||||
* Logical Exclusive Or
|
||||
*
|
||||
* @param PHP $x
|
||||
* @return PHP
|
||||
|
@ -104,7 +104,7 @@ abstract class Base extends PHP
|
||||
}
|
||||
|
||||
/**
|
||||
* Modular reduction preperation
|
||||
* Modular reduction preparation
|
||||
*
|
||||
* @param array $x
|
||||
* @param array $n
|
||||
|
@ -419,7 +419,7 @@ abstract class EvalBarrett extends Base
|
||||
/**
|
||||
* Inline Comparison
|
||||
*
|
||||
* If $uknown >= $known then loop
|
||||
* If $unknown >= $known then loop
|
||||
*
|
||||
* @param array $known
|
||||
* @param string $unknown
|
||||
|
@ -218,7 +218,7 @@ class PHP32 extends PHP
|
||||
}
|
||||
|
||||
/**
|
||||
* Logical Exlusive Or
|
||||
* Logical Exclusive Or
|
||||
*
|
||||
* @param PHP32 $x
|
||||
* @return PHP32
|
||||
|
@ -218,7 +218,7 @@ class PHP64 extends PHP
|
||||
}
|
||||
|
||||
/**
|
||||
* Logical Exlusive Or
|
||||
* Logical Exclusive Or
|
||||
*
|
||||
* @param PHP64 $x
|
||||
* @return PHP64
|
||||
|
@ -374,7 +374,7 @@ class SFTP extends SSH2
|
||||
3 => 'NET_SFTP_TYPE_SYMLINK',
|
||||
4 => 'NET_SFTP_TYPE_SPECIAL',
|
||||
5 => 'NET_SFTP_TYPE_UNKNOWN',
|
||||
// the followin types were first defined for use in SFTPv5+
|
||||
// the following types were first defined for use in SFTPv5+
|
||||
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-05#section-5.2
|
||||
6 => 'NET_SFTP_TYPE_SOCKET',
|
||||
7 => 'NET_SFTP_TYPE_CHAR_DEVICE',
|
||||
|
@ -98,7 +98,7 @@ class Stream
|
||||
/**
|
||||
* Context resource
|
||||
*
|
||||
* Technically this needs to be publically accessible so PHP can set it directly
|
||||
* Technically this needs to be publicly accessible so PHP can set it directly
|
||||
*
|
||||
* @var resource
|
||||
* @access public
|
||||
|
@ -1336,7 +1336,7 @@ class SSH1
|
||||
// to be encrypted in the least significant bytes, the last byte of the
|
||||
// data in the least significant byte.
|
||||
|
||||
// Presumably the part of PKCS#1 they're refering to is "Section 7.2.1 Encryption Operation",
|
||||
// Presumably the part of PKCS#1 they're referring to is "Section 7.2.1 Encryption Operation",
|
||||
// under "7.2 RSAES-PKCS1-v1.5" and "7 Encryption schemes" of the following URL:
|
||||
// ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
|
||||
$modulus = $key[1]->toBytes();
|
||||
|
@ -93,8 +93,8 @@ class SSH2
|
||||
* RFC4254 refers not to client and server channels but rather to sender and recipient channels. we don't refer
|
||||
* to them in that way because RFC4254 toggles the meaning. the client sends a SSH_MSG_CHANNEL_OPEN message with
|
||||
* a sender channel and the server sends a SSH_MSG_CHANNEL_OPEN_CONFIRMATION in response, with a sender and a
|
||||
* recepient channel. at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel
|
||||
* would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snipet:
|
||||
* recipient channel. at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel
|
||||
* would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snippet:
|
||||
* The 'recipient channel' is the channel number given in the original
|
||||
* open request, and 'sender channel' is the channel number allocated by
|
||||
* the other side.
|
||||
|
@ -608,7 +608,7 @@ class Functional_Net_SFTPUserStoryTest extends PhpseclibFunctionalTestCase
|
||||
$this->assertInternalType(
|
||||
'array',
|
||||
$sftp->stat(self::$scratchDir),
|
||||
'Failed asserting that stat on an existant empty directory returns an array'
|
||||
'Failed asserting that stat on an existent empty directory returns an array'
|
||||
);
|
||||
$this->assertTrue(
|
||||
$sftp->delete(self::$scratchDir),
|
||||
|
Loading…
Reference in New Issue
Block a user