mirror of
https://github.com/danog/phpseclib.git
synced 2024-12-11 08:39:43 +01:00
SSH2: stop using more dynamic properties in SymmetricKey
This commit is contained in:
parent
f900045772
commit
56973d40db
@ -213,9 +213,6 @@ abstract class SymmetricKey
|
|||||||
self::ENGINE_OPENSSL_GCM => 'OpenSSL (GCM)'
|
self::ENGINE_OPENSSL_GCM => 'OpenSSL (GCM)'
|
||||||
];
|
];
|
||||||
|
|
||||||
/** @var string|false */
|
|
||||||
public $fixed;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Encryption Mode
|
* The Encryption Mode
|
||||||
*
|
*
|
||||||
|
@ -427,6 +427,16 @@ class SSH2
|
|||||||
*/
|
*/
|
||||||
private $decryptInvocationCounter;
|
private $decryptInvocationCounter;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fixed Part of Nonce
|
||||||
|
*
|
||||||
|
* Used by GCM
|
||||||
|
*
|
||||||
|
* @var string|null
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
private $decryptFixedPart;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Server to Client Length Encryption Object
|
* Server to Client Length Encryption Object
|
||||||
*
|
*
|
||||||
@ -463,6 +473,16 @@ class SSH2
|
|||||||
*/
|
*/
|
||||||
private $encryptInvocationCounter;
|
private $encryptInvocationCounter;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fixed Part of Nonce
|
||||||
|
*
|
||||||
|
* Used by GCM
|
||||||
|
*
|
||||||
|
* @var string|null
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
private $encryptFixedPart;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Client to Server Length Encryption Object
|
* Client to Server Length Encryption Object
|
||||||
*
|
*
|
||||||
@ -1926,7 +1946,7 @@ class SSH2
|
|||||||
case 'aes128-gcm@openssh.com':
|
case 'aes128-gcm@openssh.com':
|
||||||
case 'aes256-gcm@openssh.com':
|
case 'aes256-gcm@openssh.com':
|
||||||
$nonce = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id);
|
$nonce = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id);
|
||||||
$this->encrypt->fixed = substr($nonce, 0, 4);
|
$this->encryptFixedPart = substr($nonce, 0, 4);
|
||||||
$this->encryptInvocationCounter = substr($nonce, 4, 8);
|
$this->encryptInvocationCounter = substr($nonce, 4, 8);
|
||||||
case 'chacha20-poly1305@openssh.com':
|
case 'chacha20-poly1305@openssh.com':
|
||||||
break;
|
break;
|
||||||
@ -1971,7 +1991,7 @@ class SSH2
|
|||||||
case 'aes256-gcm@openssh.com':
|
case 'aes256-gcm@openssh.com':
|
||||||
// see https://tools.ietf.org/html/rfc5647#section-7.1
|
// see https://tools.ietf.org/html/rfc5647#section-7.1
|
||||||
$nonce = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id);
|
$nonce = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id);
|
||||||
$this->decrypt->fixed = substr($nonce, 0, 4);
|
$this->decryptFixedPart = substr($nonce, 0, 4);
|
||||||
$this->decryptInvocationCounter = substr($nonce, 4, 8);
|
$this->decryptInvocationCounter = substr($nonce, 4, 8);
|
||||||
case 'chacha20-poly1305@openssh.com':
|
case 'chacha20-poly1305@openssh.com':
|
||||||
break;
|
break;
|
||||||
@ -3438,7 +3458,7 @@ class SSH2
|
|||||||
case 'aes128-gcm@openssh.com':
|
case 'aes128-gcm@openssh.com':
|
||||||
case 'aes256-gcm@openssh.com':
|
case 'aes256-gcm@openssh.com':
|
||||||
$this->decrypt->setNonce(
|
$this->decrypt->setNonce(
|
||||||
$this->decrypt->fixed .
|
$this->decryptFixedPart .
|
||||||
$this->decryptInvocationCounter
|
$this->decryptInvocationCounter
|
||||||
);
|
);
|
||||||
Strings::increment_str($this->decryptInvocationCounter);
|
Strings::increment_str($this->decryptInvocationCounter);
|
||||||
@ -4201,7 +4221,7 @@ class SSH2
|
|||||||
case 'aes128-gcm@openssh.com':
|
case 'aes128-gcm@openssh.com':
|
||||||
case 'aes256-gcm@openssh.com':
|
case 'aes256-gcm@openssh.com':
|
||||||
$this->encrypt->setNonce(
|
$this->encrypt->setNonce(
|
||||||
$this->encrypt->fixed .
|
$this->encryptFixedPart .
|
||||||
$this->encryptInvocationCounter
|
$this->encryptInvocationCounter
|
||||||
);
|
);
|
||||||
Strings::increment_str($this->encryptInvocationCounter);
|
Strings::increment_str($this->encryptInvocationCounter);
|
||||||
|
Loading…
Reference in New Issue
Block a user