mirror of
https://github.com/danog/phpseclib.git
synced 2024-12-11 16:49:42 +01:00
Merge branch 'bcrypt2' into bcrypt3
This commit is contained in:
commit
450a961785
@ -11,6 +11,87 @@
|
||||
*
|
||||
* - {@link http://en.wikipedia.org/wiki/Blowfish_(cipher) Wikipedia description of Blowfish}
|
||||
*
|
||||
* # An overview of bcrypt vs Blowfish
|
||||
*
|
||||
* OpenSSH private keys use a customized version of bcrypt. Specifically, instead of
|
||||
* encrypting OrpheanBeholderScryDoubt 64 times OpenSSH's bcrypt variant encrypts
|
||||
* OxychromaticBlowfishSwatDynamite 64 times. so we can't use crypt().
|
||||
*
|
||||
* bcrypt is basically Blowfish but instead of performing the key expansion once it performs
|
||||
* the expansion 129 times for each round, with the first key expansion interleaving the salt
|
||||
* and password. This renders OpenSSL unusable and forces us to use a pure-PHP implementation
|
||||
* of blowfish.
|
||||
*
|
||||
* # phpseclib's four different _encryptBlock() implementations
|
||||
*
|
||||
* When using Blowfish as an encryption algorithm, _encryptBlock() is called 9 + 512 +
|
||||
* (the number of blocks in the plaintext) times.
|
||||
*
|
||||
* Each of the first 9 calls to _encryptBlock() modify the P-array. Each of the next 512
|
||||
* calls modify the S-boxes. The remaining _encryptBlock() calls operate on the plaintext to
|
||||
* produce the ciphertext. In the pure-PHP implementation of Blowfish these remaining
|
||||
* _encryptBlock() calls are highly optimized through the use of eval(). Among other things,
|
||||
* P-array lookups are eliminated by hard-coding the key-dependent P-array values, and thus we
|
||||
* have explained 2 of the 4 different _encryptBlock() implementations.
|
||||
*
|
||||
* With bcrypt things are a bit different. _encryptBlock() is called 1,079,296 times,
|
||||
* assuming 16 rounds (which is what OpenSSH's bcrypt defaults to). The eval()-optimized
|
||||
* _encryptBlock() isn't as beneficial because the P-array values are not constant. Well, they
|
||||
* are constant, but only for, at most, 777 _encryptBlock() calls, which is equivalent to ~6KB
|
||||
* of data. The average length of back to back _encryptBlock() calls with a fixed P-array is
|
||||
* 514.12, which is ~4KB of data. Creating an eval()-optimized _encryptBlock() has an upfront
|
||||
* cost, which is CPU dependent and is probably not going to be worth it for just ~4KB of
|
||||
* data. Conseqeuently, bcrypt does not benefit from the eval()-optimized _encryptBlock().
|
||||
*
|
||||
* The regular _encryptBlock() does unpack() and pack() on every call, as well, and that can
|
||||
* begin to add up after one million function calls.
|
||||
*
|
||||
* In theory, one might think that it might be beneficial to rewrite all block ciphers so
|
||||
* that, instead of passing strings to _encryptBlock(), you convert the string to an array of
|
||||
* integers and then pass successive subarrays of that array to _encryptBlock. This, however,
|
||||
* kills PHP's memory use. Like let's say you have a 1MB long string. After doing
|
||||
* $in = str_repeat('a', 1024 * 1024); PHP's memory utilization jumps up by ~1MB. After doing
|
||||
* $blocks = str_split($in, 4); it jumps up by an additional ~16MB. After
|
||||
* $blocks = array_map(fn($x) => unpack('N*', $x), $blocks); it jumps up by an additional
|
||||
* ~90MB, yielding a 106x increase in memory usage. Consequently, it bcrypt calls a different
|
||||
* _encryptBlock() then the regular Blowfish does. That said, the Blowfish _encryptBlock() is
|
||||
* basically just a thin wrapper around the bcrypt _encryptBlock(), so there's that.
|
||||
*
|
||||
* This explains 3 of the 4 _encryptBlock() implementations. the last _encryptBlock()
|
||||
* implementation can best be understood by doing Ctrl + F and searching for where
|
||||
* CRYPT_BASE_USE_SAFE_INTVAL is defined.
|
||||
*
|
||||
* # phpseclib's three different _setupKey() implementations
|
||||
*
|
||||
* Every bcrypt round is the equivalent of encrypting 512KB of data. Since OpenSSH uses 16
|
||||
* rounds by default that's ~8MB of data that's essentially being encrypted whenever
|
||||
* you use bcrypt. That's a lot of data, however, bcrypt operates within tighter constraints
|
||||
* than regular Blowfish, so we can use that to our advantage. In particular, whereas Blowfish
|
||||
* supports variable length keys, in bcrypt, the initial "key" is the sha512 hash of the
|
||||
* password. sha512 hashes are 512 bits or 64 bytes long and thus the bcrypt keys are of a
|
||||
* fixed length whereas Blowfish keys are not of a fixed length.
|
||||
*
|
||||
* bcrypt actually has two different key expansion steps. The first one (expandstate) is
|
||||
* constantly XOR'ing every _encryptBlock() parameter against the salt prior _encryptBlock()'s
|
||||
* being called. The second one (expand0state) is more similar to Blowfish's _setupKey()
|
||||
* but it can still use the fixed length key optimization discussed above and can do away with
|
||||
* the pack() / unpack() calls.
|
||||
*
|
||||
* I suppose _setupKey() could be made to be a thin wrapper around expandstate() but idk it's
|
||||
* just a lot of work for very marginal benefits as _setupKey() is only called once for
|
||||
* regular Blowfish vs the 128 times it's called --per round-- with bcrypt.
|
||||
*
|
||||
* # blowfish + bcrypt in the same class
|
||||
*
|
||||
* Altho there's a lot of Blowfish code that bcrypt doesn't re-use, bcrypt does re-use the
|
||||
* initial S-boxes, the initial P-array and the int-only _encryptBlock() implementation.
|
||||
*
|
||||
* # Credit
|
||||
*
|
||||
* phpseclib's bcrypt implementation is based losely off of OpenSSH's implementation:
|
||||
*
|
||||
* https://github.com/openssh/openssh-portable/blob/master/openbsd-compat/bcrypt_pbkdf.c
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
@ -69,6 +150,15 @@ class Blowfish extends BlockCipher
|
||||
*/
|
||||
protected $cfb_init_len = 500;
|
||||
|
||||
/**
|
||||
* SHA512 Object
|
||||
*
|
||||
* @see self::bcrypt_pbkdf
|
||||
* @var object
|
||||
* @access private
|
||||
*/
|
||||
var $sha512;
|
||||
|
||||
/**
|
||||
* The fixed subkeys boxes ($sbox0 - $sbox3) with 256 entries each
|
||||
*
|
||||
@ -355,6 +445,7 @@ class Blowfish extends BlockCipher
|
||||
// unpack binary string in unsigned chars
|
||||
$key = array_values(unpack('C*', $this->key));
|
||||
$keyl = count($key);
|
||||
// with bcrypt $keyl will always be 16 (because the key is the sha512 of the key you provide)
|
||||
for ($j = 0, $i = 0; $i < 18; ++$i) {
|
||||
// xor P1 with the first 32-bits of the key, xor P2 with the second 32-bits ...
|
||||
for ($data = 0, $k = 0; $k < 4; ++$k) {
|
||||
@ -383,6 +474,223 @@ class Blowfish extends BlockCipher
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* bcrypt
|
||||
*
|
||||
* @param string $sha2pass
|
||||
* @param string $sha2salt
|
||||
* @access private
|
||||
* @return string
|
||||
*/
|
||||
private static function bcrypt_hash($sha2pass, $sha2salt)
|
||||
{
|
||||
$p = self::$parray;
|
||||
$sbox0 = self::$sbox0;
|
||||
$sbox1 = self::$sbox1;
|
||||
$sbox2 = self::$sbox2;
|
||||
$sbox3 = self::$sbox3;
|
||||
|
||||
$cdata = array_values(unpack('N*', 'OxychromaticBlowfishSwatDynamite'));
|
||||
$sha2pass = array_values(unpack('N*', $sha2pass));
|
||||
$sha2salt = array_values(unpack('N*', $sha2salt));
|
||||
|
||||
self::expandstate($sha2salt, $sha2pass, $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
for ($i = 0; $i < 64; $i++) {
|
||||
self::expand0state($sha2salt, $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
self::expand0state($sha2pass, $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
|
||||
for ($i = 0; $i < 64; $i++) {
|
||||
for ($j = 0; $j < 8; $j+= 2) { // count($cdata) == 8
|
||||
list($cdata[$j], $cdata[$j + 1]) = self::encryptBlockHelperFast($cdata[$j], $cdata[$j + 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
}
|
||||
|
||||
return pack('L*', ...$cdata);
|
||||
}
|
||||
|
||||
/**
|
||||
* Performs OpenSSH-style bcrypt
|
||||
*
|
||||
* @param string $pass
|
||||
* @param string $salt
|
||||
* @param int $keylen
|
||||
* @param int $rounds
|
||||
* @access public
|
||||
* @return string
|
||||
*/
|
||||
public static function bcrypt_pbkdf($pass, $salt, $keylen, $rounds)
|
||||
{
|
||||
self::initialize_static_variables();
|
||||
|
||||
if (!self::$use_reg_intval) {
|
||||
throw new \RuntimeException('ARM-32 systems require a workaround that slows bcrypt down too much');
|
||||
}
|
||||
|
||||
$sha2pass = hash('sha512', $pass, true);
|
||||
$results = [];
|
||||
$count = 1;
|
||||
while (32 * count($results) < $keylen) {
|
||||
$countsalt = $salt . pack('N', $count++);
|
||||
$sha2salt = hash('sha512', $countsalt, true);
|
||||
$out = $tmpout = self::bcrypt_hash($sha2pass, $sha2salt);
|
||||
for ($i = 1; $i < $rounds; $i++) {
|
||||
$sha2salt = hash('sha512', $tmpout, true);
|
||||
$tmpout = self::bcrypt_hash($sha2pass, $sha2salt);
|
||||
$out^= $tmpout;
|
||||
}
|
||||
$results[] = $out;
|
||||
}
|
||||
$output = '';
|
||||
for ($i = 0; $i < 32; $i++) {
|
||||
foreach ($results as $result) {
|
||||
$output.= $result[$i];
|
||||
}
|
||||
}
|
||||
return substr($output, 0, $keylen);
|
||||
}
|
||||
|
||||
/**
|
||||
* Key expansion without salt
|
||||
*
|
||||
* @access private
|
||||
* @param int[] $key
|
||||
* @param int[] $sbox0
|
||||
* @param int[] $sbox1
|
||||
* @param int[] $sbox2
|
||||
* @param int[] $sbox3
|
||||
* @param int[] $p
|
||||
* @see self::_bcrypt_hash()
|
||||
*/
|
||||
private static function expand0state($key, array &$sbox0, array &$sbox1, array &$sbox2, array &$sbox3, &$p)
|
||||
{
|
||||
// expand0state is basically the same thing as this:
|
||||
//return self::expandstate(array_fill(0, 16, 0), $key);
|
||||
// but this separate function eliminates a bunch of XORs and array lookups
|
||||
|
||||
$p = [
|
||||
$p[0] ^ $key[0],
|
||||
$p[1] ^ $key[1],
|
||||
$p[2] ^ $key[2],
|
||||
$p[3] ^ $key[3],
|
||||
$p[4] ^ $key[4],
|
||||
$p[5] ^ $key[5],
|
||||
$p[6] ^ $key[6],
|
||||
$p[7] ^ $key[7],
|
||||
$p[8] ^ $key[8],
|
||||
$p[9] ^ $key[9],
|
||||
$p[10] ^ $key[10],
|
||||
$p[11] ^ $key[11],
|
||||
$p[12] ^ $key[12],
|
||||
$p[13] ^ $key[13],
|
||||
$p[14] ^ $key[14],
|
||||
$p[15] ^ $key[15],
|
||||
$p[16] ^ $key[0],
|
||||
$p[17] ^ $key[1]
|
||||
];
|
||||
|
||||
// @codingStandardsIgnoreStart
|
||||
list( $p[0], $p[1]) = self::encryptBlockHelperFast( 0, 0, $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list( $p[2], $p[3]) = self::encryptBlockHelperFast($p[ 0], $p[ 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list( $p[4], $p[5]) = self::encryptBlockHelperFast($p[ 2], $p[ 3], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list( $p[6], $p[7]) = self::encryptBlockHelperFast($p[ 4], $p[ 5], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list( $p[8], $p[9]) = self::encryptBlockHelperFast($p[ 6], $p[ 7], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list($p[10], $p[11]) = self::encryptBlockHelperFast($p[ 8], $p[ 9], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list($p[12], $p[13]) = self::encryptBlockHelperFast($p[10], $p[11], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list($p[14], $p[15]) = self::encryptBlockHelperFast($p[12], $p[13], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list($p[16], $p[17]) = self::encryptBlockHelperFast($p[14], $p[15], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
// @codingStandardsIgnoreEnd
|
||||
|
||||
list($sbox0[0], $sbox0[1]) = self::encryptBlockHelperFast($p[16], $p[17], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
for ($i = 2; $i < 256; $i+= 2) {
|
||||
list($sbox0[$i], $sbox0[$i + 1]) = self::encryptBlockHelperFast($sbox0[$i - 2], $sbox0[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
|
||||
list($sbox1[0], $sbox1[1]) = self::encryptBlockHelperFast($sbox0[254], $sbox0[255], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
for ($i = 2; $i < 256; $i+= 2) {
|
||||
list($sbox1[$i], $sbox1[$i + 1]) = self::encryptBlockHelperFast($sbox1[$i - 2], $sbox1[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
|
||||
list($sbox2[0], $sbox2[1]) = self::encryptBlockHelperFast($sbox1[254], $sbox1[255], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
for ($i = 2; $i < 256; $i+= 2) {
|
||||
list($sbox2[$i], $sbox2[$i + 1]) = self::encryptBlockHelperFast($sbox2[$i - 2], $sbox2[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
|
||||
list($sbox3[0], $sbox3[1]) = self::encryptBlockHelperFast($sbox2[254], $sbox2[255], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
for ($i = 2; $i < 256; $i+= 2) {
|
||||
list($sbox3[$i], $sbox3[$i + 1]) = self::encryptBlockHelperFast($sbox3[$i - 2], $sbox3[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Key expansion with salt
|
||||
*
|
||||
* @access private
|
||||
* @param int[] $data
|
||||
* @param int[] $key
|
||||
* @param int[] $sbox0
|
||||
* @param int[] $sbox1
|
||||
* @param int[] $sbox2
|
||||
* @param int[] $sbox3
|
||||
* @param int[] $p
|
||||
* @see self::_bcrypt_hash()
|
||||
*/
|
||||
private static function expandstate($data, $key, array &$sbox0, array &$sbox1, array &$sbox2, array &$sbox3, array &$p)
|
||||
{
|
||||
$p = [
|
||||
$p[0] ^ $key[0],
|
||||
$p[1] ^ $key[1],
|
||||
$p[2] ^ $key[2],
|
||||
$p[3] ^ $key[3],
|
||||
$p[4] ^ $key[4],
|
||||
$p[5] ^ $key[5],
|
||||
$p[6] ^ $key[6],
|
||||
$p[7] ^ $key[7],
|
||||
$p[8] ^ $key[8],
|
||||
$p[9] ^ $key[9],
|
||||
$p[10] ^ $key[10],
|
||||
$p[11] ^ $key[11],
|
||||
$p[12] ^ $key[12],
|
||||
$p[13] ^ $key[13],
|
||||
$p[14] ^ $key[14],
|
||||
$p[15] ^ $key[15],
|
||||
$p[16] ^ $key[0],
|
||||
$p[17] ^ $key[1]
|
||||
];
|
||||
|
||||
// @codingStandardsIgnoreStart
|
||||
list( $p[0], $p[1]) = self::encryptBlockHelperFast($data[ 0] , $data[ 1] , $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list( $p[2], $p[3]) = self::encryptBlockHelperFast($data[ 2] ^ $p[ 0], $data[ 3] ^ $p[ 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list( $p[4], $p[5]) = self::encryptBlockHelperFast($data[ 4] ^ $p[ 2], $data[ 5] ^ $p[ 3], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list( $p[6], $p[7]) = self::encryptBlockHelperFast($data[ 6] ^ $p[ 4], $data[ 7] ^ $p[ 5], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list( $p[8], $p[9]) = self::encryptBlockHelperFast($data[ 8] ^ $p[ 6], $data[ 9] ^ $p[ 7], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list($p[10], $p[11]) = self::encryptBlockHelperFast($data[10] ^ $p[ 8], $data[11] ^ $p[ 9], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list($p[12], $p[13]) = self::encryptBlockHelperFast($data[12] ^ $p[10], $data[13] ^ $p[11], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list($p[14], $p[15]) = self::encryptBlockHelperFast($data[14] ^ $p[12], $data[15] ^ $p[13], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
list($p[16], $p[17]) = self::encryptBlockHelperFast($data[ 0] ^ $p[14], $data[ 1] ^ $p[15], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
// @codingStandardsIgnoreEnd
|
||||
|
||||
list($sbox0[0], $sbox0[1]) = self::encryptBlockHelperFast($data[2] ^ $p[16], $data[3] ^ $p[17], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
for ($i = 2, $j = 4; $i < 256; $i+= 2, $j = ($j + 2) % 16) { // instead of 16 maybe count($data) would be better?
|
||||
list($sbox0[$i], $sbox0[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox0[$i - 2], $data[$j + 1] ^ $sbox0[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
|
||||
list($sbox1[0], $sbox1[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox0[254], $data[3] ^ $sbox0[255], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
for ($i = 2, $j = 4; $i < 256; $i+= 2, $j = ($j + 2) % 16) {
|
||||
list($sbox1[$i], $sbox1[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox1[$i - 2], $data[$j + 1] ^ $sbox1[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
|
||||
list($sbox2[0], $sbox2[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox1[254], $data[3] ^ $sbox1[255], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
for ($i = 2, $j = 4; $i < 256; $i+= 2, $j = ($j + 2) % 16) {
|
||||
list($sbox2[$i], $sbox2[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox2[$i - 2], $data[$j + 1] ^ $sbox2[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
|
||||
list($sbox3[0], $sbox3[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox2[254], $data[3] ^ $sbox2[255], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
for ($i = 2, $j = 4; $i < 256; $i+= 2, $j = ($j + 2) % 16) {
|
||||
list($sbox3[$i], $sbox3[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox3[$i - 2], $data[$j + 1] ^ $sbox3[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypts a block
|
||||
*
|
||||
@ -402,18 +710,83 @@ class Blowfish extends BlockCipher
|
||||
$l = $in[1];
|
||||
$r = $in[2];
|
||||
|
||||
for ($i = 0; $i < 16; $i += 2) {
|
||||
$l ^= $p[$i];
|
||||
$r ^= self::safe_intval((self::safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^
|
||||
$sb_2[$l >> 8 & 0xff]) +
|
||||
$sb_3[$l & 0xff]);
|
||||
list($r, $l) = CRYPT_BASE_USE_SAFE_INTVAL ?
|
||||
self::encryptBlockHelperFast($l, $r, $sb_0, $sb_1, $sb_2, $sb_3, $p) :
|
||||
self::encryptBlockHelperSlow($l, $r, $sb_0, $sb_1, $sb_2, $sb_3, $p);
|
||||
|
||||
$r ^= $p[$i + 1];
|
||||
$l ^= self::safe_intval((self::safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^
|
||||
$sb_2[$r >> 8 & 0xff]) +
|
||||
$sb_3[$r & 0xff]);
|
||||
}
|
||||
return pack('N*', $r ^ $p[17], $l ^ $p[16]);
|
||||
return pack("N*", $r, $l);
|
||||
}
|
||||
|
||||
/**
|
||||
* Fast helper function for block encryption
|
||||
*
|
||||
* @access private
|
||||
* @param int $x0
|
||||
* @param int $x1
|
||||
* @param int[] $sbox0
|
||||
* @param int[] $sbox1
|
||||
* @param int[] $sbox2
|
||||
* @param int[] $sbox3
|
||||
* @param int[] $p
|
||||
* @return int[]
|
||||
*/
|
||||
private static function encryptBlockHelperFast($x0, $x1, array $sbox0, array $sbox1, array $sbox2, array $sbox3, array $p)
|
||||
{
|
||||
$x0 ^= $p[0];
|
||||
$x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[1];
|
||||
$x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[2];
|
||||
$x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[3];
|
||||
$x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[4];
|
||||
$x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[5];
|
||||
$x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[6];
|
||||
$x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[7];
|
||||
$x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[8];
|
||||
$x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[9];
|
||||
$x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[10];
|
||||
$x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[11];
|
||||
$x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[12];
|
||||
$x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[13];
|
||||
$x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[14];
|
||||
$x1 ^= ((($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[15];
|
||||
$x0 ^= ((($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[16];
|
||||
|
||||
return [$x1 & 0xFFFFFFFF ^ $p[17], $x0 & 0xFFFFFFFF];
|
||||
}
|
||||
|
||||
/**
|
||||
* Slow helper function for block encryption
|
||||
*
|
||||
* @access private
|
||||
* @param int $x0
|
||||
* @param int $x1
|
||||
* @param int[] $sbox0
|
||||
* @param int[] $sbox1
|
||||
* @param int[] $sbox2
|
||||
* @param int[] $sbox3
|
||||
* @param int[] $p
|
||||
* @return int[]
|
||||
*/
|
||||
private static function encryptBlockHelperSlow($x0, $x1, array $sbox0, array $sbox1, array $sbox2, array $sbox3, array $p)
|
||||
{
|
||||
$x0^= $p[0];
|
||||
$x1^= $this->safe_intval(($this->safe_intval($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[1];
|
||||
$x0^= $this->safe_intval(($this->safe_intval($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[2];
|
||||
$x1^= $this->safe_intval(($this->safe_intval($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[3];
|
||||
$x0^= $this->safe_intval(($this->safe_intval($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[4];
|
||||
$x1^= $this->safe_intval(($this->safe_intval($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[5];
|
||||
$x0^= $this->safe_intval(($this->safe_intval($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[6];
|
||||
$x1^= $this->safe_intval(($this->safe_intval($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[7];
|
||||
$x0^= $this->safe_intval(($this->safe_intval($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[8];
|
||||
$x1^= $this->safe_intval(($this->safe_intval($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[9];
|
||||
$x0^= $this->safe_intval(($this->safe_intval($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[10];
|
||||
$x1^= $this->safe_intval(($this->safe_intval($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[11];
|
||||
$x0^= $this->safe_intval(($this->safe_intval($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[12];
|
||||
$x1^= $this->safe_intval(($this->safe_intval($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[13];
|
||||
$x0^= $this->safe_intval(($this->safe_intval($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[14];
|
||||
$x1^= $this->safe_intval(($this->safe_intval($sbox0[($x0 & 0xFF000000) >> 24] + $sbox1[($x0 & 0xFF0000) >> 16]) ^ $sbox2[($x0 & 0xFF00) >> 8]) + $sbox3[$x0 & 0xFF]) ^ $p[15];
|
||||
$x0^= $this->safe_intval(($this->safe_intval($sbox0[($x1 & 0xFF000000) >> 24] + $sbox1[($x1 & 0xFF0000) >> 16]) ^ $sbox2[($x1 & 0xFF00) >> 8]) + $sbox3[$x1 & 0xFF]) ^ $p[16];
|
||||
|
||||
return [$x1 & 0xFFFFFFFF ^ $p[17], $x0 & 0xFFFFFFFF];
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -17,6 +17,7 @@ namespace phpseclib3\Crypt\Common\Formats\Keys;
|
||||
|
||||
use ParagonIE\ConstantTime\Base64;
|
||||
use phpseclib3\Common\Functions\Strings;
|
||||
use phpseclib3\Crypt\AES;
|
||||
use phpseclib3\Crypt\Random;
|
||||
use phpseclib3\Exception\UnsupportedFormatException;
|
||||
|
||||
@ -83,39 +84,24 @@ abstract class OpenSSH
|
||||
// that to the appropriate key loading parser $numKey times or something
|
||||
throw new \RuntimeException('Although the OpenSSH private key format supports multiple keys phpseclib does not');
|
||||
}
|
||||
if (strlen($kdfoptions) || $kdfname != 'none' || $ciphername != 'none') {
|
||||
/*
|
||||
OpenSSH private keys use a customized version of bcrypt. specifically, instead of encrypting
|
||||
OrpheanBeholderScryDoubt 64 times OpenSSH's bcrypt variant encrypts
|
||||
OxychromaticBlowfishSwatDynamite 64 times. so we can't use crypt().
|
||||
|
||||
bcrypt is basically Blowfish with an altered key expansion. whereas Blowfish just runs the
|
||||
key through the key expansion bcrypt interleaves the key expansion with the salt and
|
||||
password. this renders openssl / mcrypt unusuable. this forces us to use a pure-PHP implementation
|
||||
of bcrypt. the problem with that is that pure-PHP is too slow to be practically useful.
|
||||
|
||||
in addition to encrypting a different string 64 times the OpenSSH implementation also performs bcrypt
|
||||
from scratch $rounds times. calling crypt() 64x with bcrypt takes 0.7s. PHP is going to be naturally
|
||||
slower. pure-PHP is 215x slower than OpenSSL for AES and pure-PHP is 43x slower for bcrypt.
|
||||
43 * 0.7 = 30s. no one wants to wait 30s to load a private key.
|
||||
|
||||
another way to think about this.. according to wikipedia's article on Blowfish,
|
||||
"Each new key requires pre-processing equivalent to encrypting about 4 kilobytes of text".
|
||||
key expansion is done (9+64*2)*160 times. multiply that by 4 and it turns out that Blowfish,
|
||||
OpenSSH style, is the equivalent of encrypting ~80mb of text.
|
||||
|
||||
more supporting evidence: sodium_compat does not implement Argon2 (another password hashing
|
||||
algorithm) because "It's not feasible to polyfill scrypt or Argon2 into PHP and get reasonable
|
||||
performance. Users would feel motivated to select parameters that downgrade security to avoid
|
||||
denial of service (DoS) attacks. The only winning move is not to play"
|
||||
-- https://github.com/paragonie/sodium_compat/blob/master/README.md
|
||||
*/
|
||||
throw new \RuntimeException('Encrypted OpenSSH private keys are not supported');
|
||||
//list($salt, $rounds) = Strings::unpackSSH2('sN', $kdfoptions);
|
||||
switch ($ciphername) {
|
||||
case 'none':
|
||||
break;
|
||||
case 'aes256-ctr':
|
||||
list($salt, $rounds) = Strings::unpackSSH2('sN', $kdfoptions);
|
||||
$crypto = new AES('ctr');
|
||||
//$crypto->setKeyLength(256);
|
||||
//$crypto->disablePadding();
|
||||
$crypto->setPassword($password, 'bcrypt', $salt, $rounds, 32);
|
||||
break;
|
||||
throw new \RuntimeException('The only supported cipherse are: none, aes256-ctr (' . $ciphername . ' is being used');
|
||||
}
|
||||
|
||||
list($publicKey, $paddedKey) = Strings::unpackSSH2('ss', $key);
|
||||
list($type) = Strings::unpackSSH2('s', $publicKey);
|
||||
if (isset($crypto)) {
|
||||
$paddedKey = $crypto->decrypt($paddedKey);
|
||||
}
|
||||
list($checkint1, $checkint2) = Strings::unpackSSH2('NN', $paddedKey);
|
||||
// any leftover bytes in $paddedKey are for padding? but they should be sequential bytes. eg. 1, 2, 3, etc.
|
||||
if ($checkint1 != $checkint2) {
|
||||
|
@ -35,6 +35,7 @@
|
||||
namespace phpseclib3\Crypt\Common;
|
||||
|
||||
use phpseclib3\Common\Functions\Strings;
|
||||
use phpseclib3\Crypt\Blowfish;
|
||||
use phpseclib3\Crypt\Hash;
|
||||
use phpseclib3\Exception\BadDecryptionException;
|
||||
use phpseclib3\Exception\BadModeException;
|
||||
@ -535,6 +536,14 @@ abstract class SymmetricKey
|
||||
*/
|
||||
private static $poly1305Field;
|
||||
|
||||
/**
|
||||
* Flag for using regular vs "safe" intval
|
||||
*
|
||||
* @see self::initialize_static_variables()
|
||||
* @var boolean
|
||||
*/
|
||||
protected static $use_reg_intval;
|
||||
|
||||
/**
|
||||
* Poly1305 Key
|
||||
*
|
||||
@ -638,6 +647,43 @@ abstract class SymmetricKey
|
||||
}
|
||||
|
||||
$this->mode = $mode;
|
||||
|
||||
self::initialize_static_variables();
|
||||
}
|
||||
|
||||
/**
|
||||
* Initialize static variables
|
||||
*/
|
||||
protected static function initialize_static_variables()
|
||||
{
|
||||
if (!isset(self::$use_reg_intval)) {
|
||||
switch (true) {
|
||||
// PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster
|
||||
case (PHP_OS & "\xDF\xDF\xDF") === 'WIN':
|
||||
case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM':
|
||||
case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8:
|
||||
self::$use_reg_intval = true;
|
||||
break;
|
||||
case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM':
|
||||
switch (true) {
|
||||
/* PHP 7.0.0 introduced a bug that affected 32-bit ARM processors:
|
||||
|
||||
https://github.com/php/php-src/commit/716da71446ebbd40fa6cf2cea8a4b70f504cc3cd
|
||||
|
||||
altho the changelogs make no mention of it, this bug was fixed with this commit:
|
||||
|
||||
https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8
|
||||
|
||||
affected versions of PHP are: 7.0.x, 7.1.0 - 7.1.23 and 7.2.0 - 7.2.11 */
|
||||
case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123:
|
||||
case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211:
|
||||
self::$use_reg_intval = false;
|
||||
break;
|
||||
default:
|
||||
self::$use_reg_intval = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -853,6 +899,10 @@ abstract class SymmetricKey
|
||||
* $hash, $salt, $count, $dkLen
|
||||
*
|
||||
* Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php
|
||||
* {@link https://en.wikipedia.org/wiki/Bcrypt bcypt}:
|
||||
* $salt, $rounds, $keylen
|
||||
*
|
||||
* This is a modified version of bcrypt used by OpenSSH.
|
||||
*
|
||||
* {@internal Could, but not must, extend by the child Crypt_* class}
|
||||
*
|
||||
@ -861,6 +911,7 @@ abstract class SymmetricKey
|
||||
* @param string $method
|
||||
* @param string[] ...$func_args
|
||||
* @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length
|
||||
* @throws \RuntimeException if bcrypt is being used and a salt isn't provided
|
||||
* @return bool
|
||||
*/
|
||||
public function setPassword($password, $method = 'pbkdf2', ...$func_args)
|
||||
@ -869,6 +920,22 @@ abstract class SymmetricKey
|
||||
|
||||
$method = strtolower($method);
|
||||
switch ($method) {
|
||||
case 'bcrypt':
|
||||
if (!isset($func_args[2])) {
|
||||
throw new \RuntimeException('A salt must be provided for bcrypt to work');
|
||||
}
|
||||
|
||||
$salt = $func_args[0];
|
||||
|
||||
$rounds = isset($func_args[1]) ? $func_args[1] : 16;
|
||||
$keylen = isset($func_args[2]) ? $func_args[2] : $this->key_length;
|
||||
|
||||
$key = Blowfish::bcrypt_pbkdf($password, $salt, $keylen + $this->block_size, $rounds);
|
||||
|
||||
$this->setKey(substr($key, 0, $keylen));
|
||||
$this->setIV(substr($key, $keylen));
|
||||
|
||||
return true;
|
||||
case 'pkcs12': // from https://tools.ietf.org/html/rfc7292#appendix-B.2
|
||||
case 'pbkdf1':
|
||||
case 'pbkdf2':
|
||||
@ -3140,27 +3207,8 @@ abstract class SymmetricKey
|
||||
*/
|
||||
protected static function safe_intval($x)
|
||||
{
|
||||
switch (true) {
|
||||
case is_int($x):
|
||||
case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM':
|
||||
return $x;
|
||||
case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM':
|
||||
switch (true) {
|
||||
/* PHP 7.0.0 introduced a bug that affected 32-bit ARM processors:
|
||||
|
||||
https://github.com/php/php-src/commit/716da71446ebbd40fa6cf2cea8a4b70f504cc3cd
|
||||
|
||||
altho the changelogs make no mention of it, this bug was fixed with this commit:
|
||||
|
||||
https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8
|
||||
|
||||
affected versions of PHP are: 7.0.x, 7.1.0 - 7.1.23 and 7.2.0 - 7.2.11 */
|
||||
case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123:
|
||||
case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211:
|
||||
break;
|
||||
default:
|
||||
return $x;
|
||||
}
|
||||
if ($use_reg_intval || is_int($x)) {
|
||||
return $x;
|
||||
}
|
||||
return (fmod($x, 0x80000000) & 0x7FFFFFFF) |
|
||||
((fmod(floor($x / 0x80000000), 2) & 1) << 31);
|
||||
@ -3173,24 +3221,12 @@ abstract class SymmetricKey
|
||||
*/
|
||||
protected static function safe_intval_inline()
|
||||
{
|
||||
switch (true) {
|
||||
case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8:
|
||||
case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM':
|
||||
return '%s';
|
||||
break;
|
||||
case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM':
|
||||
switch (true) {
|
||||
case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123:
|
||||
case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211:
|
||||
break;
|
||||
default:
|
||||
return '%s';
|
||||
}
|
||||
// fall-through
|
||||
default:
|
||||
$safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | ';
|
||||
return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))';
|
||||
if (self::$use_reg_intval) {
|
||||
return '%s';
|
||||
}
|
||||
|
||||
$safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | ';
|
||||
return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))';
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -1230,4 +1230,51 @@ Private-MAC: d26baf87446604974287b682ed9e0c00ce54e460e1cb719953a81291147b3c59
|
||||
$key = PublicKeyLoader::load($key, 'demo');
|
||||
$this->assertInstanceOf(PrivateKey::class, $key);
|
||||
}
|
||||
|
||||
public function testOpenSSHEncrypted()
|
||||
{
|
||||
$key = '-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBN2Ff3Kw
|
||||
SIOWyzRiboPRIhAAAAEAAAAAEAAAGXAAAAB3NzaC1yc2EAAAADAQABAAABgQCpxMxDEG0S
|
||||
gf8oVUPcoPq34BQtj0WIgSGKa/y+aeNN4c38KdlluTKx53B3MWPCwCIBynfxx/IeFb8mmV
|
||||
7ojIinKp4nocR0LxWA1+B0A0lQmVOfKhUNScillxxRSNQJTi4UjKyBmj1bU9w7Fp7beNzz
|
||||
NKcHW9t3iBYZFnzGuatcTWLdkzyBitOemD3duOzI5a9CR7c/MbJdVzC2G4BFCdzRtjYOG5
|
||||
w2wuofrac4I3fI6NK9d+mePPxKJIwYDyQk5pmG89p7T7M7JdSpQSwiN2ZrkinGfxUJLKsf
|
||||
4o29rjHSfd/r18rDor2vzpfaQcuR/NFRsPWE1iOx3bPns2bRWt5QYWF5eRZAb2HwSF0w+r
|
||||
/tKqVkomYALV31K3W8fLw0bMepvyHTrRiSKvwkOTNw58Gr+DQplSpbFJuCKaktrMb3pf/t
|
||||
jXeAItJnSdBeUAnKNUKv2oxldpT74y1yEpvZPa8nsnHVtB+Xc5Hy1Lr0PMf7FBOXLTpMu5
|
||||
YNd8myLKhX57sAAAWQV9Znl6fgfCTtrMupyop0n9obvDLTTFMf7FY5NlLc+qxpz9qJ+hgD
|
||||
l+18OFgGqV85F1OY4wdfVXzkEIYMUWw9F1zDwUOW8Yfpk/IIQiqHSL4zfwXS/e4mG9Sfou
|
||||
7fzOPflmzCjWZGnVaxmYs2ybdbLEu0sRMWAKbXgWTf/H4jg8qGKxPFJT669RZEUZk3hIGG
|
||||
CcIdmkOHgMXw+XdX61GE/5/jBPv9GIyTQXLHSsUG4rlF2saBj4QLVBOf6oW7TiVjXvvCm7
|
||||
jnHFTSS3Kx5yB47GEIzAIRRJEnuPdOR1mJdASX2as96hMw7y4leQnzyJgQ1slIz8na8Z2P
|
||||
9aR7MYOlaX6/gDNRh2BQlOAxai30iieNSQi2qfuVC3SbpHXf9+yOTva8wfb55WYtm9UQ3R
|
||||
YxI6HrwjfnD/8EjiXmhbJfLlKfzkM6KDBSEUkOIWxgJBkBhkuXdacv5iSV3dCMnHk3kXOv
|
||||
2b/B7e7Uc9x6Xva8cXcp//y12rpYXdTXTVYEGnmDVz9U1ITOjI9umAAYNmZgEPoabNb6r4
|
||||
3cARBPz42hQ4LmILr0JCj5P/0cRzdMrZEumwvXkP3/BuGkj9AjFh2r9WhZ/yCaXVGxzS/b
|
||||
bySXy1LMgQRbWLwbDOmGqsPn74KpiRgO/IhtXzlOt5+RumqFS7JI8N/qUlMwFcAhO9EsCQ
|
||||
UBKWN4enVg2Y8vL/mCuFMW9SQR3pNfBL7uqdOFsdtalPC4vzMyUpkd3dUVpkJ2RYc1bEfh
|
||||
oumUZr0aM+CSscOVwHt8VwKqZ/wBV3ZtL4KL+uy2ko0Ig0ZuBHeK65m2JWETtKJR/sk+DN
|
||||
bK8MABP+FVXxHaL5UeLQAo9K80UukSwypJgRV4EyvK8fIMoNh8SDlqMi48E1xyucpC1yQX
|
||||
k+5MuzJL7WbTCudyHOtWcrlGlI6aXE3846fAoejSxp0R57GJZ8i3oocI+hzYT6HvNnsiHq
|
||||
Nm5hrEC/wNz0U0w/VniXocHwHYbp8VOb3fMfkXPi9eYJqv+WgEHm50D/3ve8Bhsxp5BYaF
|
||||
va8Wf3Tsy35Bbqx5Z9pF6ZptHHL5D1a5K8o+GfRzsxXzXOKjRz5Sgt/qDZuSJ3HhrdONGF
|
||||
3oHO+/Brbzfs3hbgJKpzhlXLAxxWsD9qdJKSTdfOXSvu+vDrHPp/V1LSBEWD/ZwIQdEMwK
|
||||
MZ17sLZqzp1PHOQQPx+ugnCt5OPokG6LR281qQAy0y3OefnYn62DsLMt3DLnbJvr2jtlWi
|
||||
GA1sAcQqQlWetiD0AszwkhuEhmUxySoGqKFRiKccgLK6DEgRSFLWGS8MiZenFwR+cJ+73L
|
||||
4WeApHfZeATEY5groZDix+yq3cHT5wY49GHlHPbaikythWMHAJ4FNGsF1tAM06sRUQfsEM
|
||||
1jXnpuzr+TLNCfP457Ffvf+zuIpQJXjYOgXAzKO2eVXmYygYWGqFGOFeFkM1FN2UXdGAKU
|
||||
ObHAmXAXUAqXAgjk4fjETG1YSnqolakKIIw2Jn+FdNnuvfgzMwdvz1Do3x84h+SIoVgqvE
|
||||
A2mgZNWUzFF+0B/1e2a/G6gxsAUXgfuMYe8zycNvhxygINHYgeBRCb4/qJxKBcq3QV1Pip
|
||||
jGpgScZvefpYEMHqbVy6hsFDIQotzqR0lIg+d4WaxxhsNWVQPXUf/2NtwZjeCJQdlrgi48
|
||||
MXKJ4PNjqCej6QXswbw7PDwx3jI2HFt/tX/V6PActZtIrpMaekMit87bIr4wAcXNTsuTo3
|
||||
4zejkH1MMkZA+LRKwhsqcOKzyzSyOvI50IVfF92ViXb1P/7zwdvMSqEghvLooHpcRLDmZB
|
||||
8t9cFMOs5N2CzmXxKrCVD1Ex45f36/jGmxI5qcKdkulVcuY3yWQra3onzfkCEODGCW5FeG
|
||||
LrIZULwMa4nI4Y+RkFftEponSYw=
|
||||
-----END OPENSSH PRIVATE KEY-----
|
||||
';
|
||||
|
||||
$key = PublicKeyLoader($key, 'test');
|
||||
$this->assertInstanceOf(PrivateKey::class, $key);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user