mirror of
https://github.com/danog/phpseclib.git
synced 2024-12-04 18:48:24 +01:00
Merge branch 'master' of https://github.com/phpseclib/phpseclib
This commit is contained in:
commit
8b4ead6aef
@ -6,7 +6,7 @@
|
||||
- Random: fix issues with serialize() (#932)
|
||||
- RC2: fix issue with decrypting
|
||||
- RC4: fix issue with key not being truncated correctly
|
||||
- SFTP: nlist() on a non-existant directory resulted in error
|
||||
- SFTP: nlist() on a non-existent directory resulted in error
|
||||
- SFTP: add is_writable, is_writeable, is_readable
|
||||
- X509: add IPv6 support for subjectaltname extension (#936)
|
||||
|
||||
@ -36,9 +36,9 @@
|
||||
- Random: fix issues with serialize() (#932)
|
||||
- RC2: fix issue with decrypting
|
||||
- RC4: fix issue with key not being truncated correctly
|
||||
- SFTP: nlist() on a non-existant directory resulted in error
|
||||
- SFTP: nlist() on a non-existent directory resulted in error
|
||||
- SFTP: add is_writable, is_writeable, is_readable
|
||||
- RSA: fix PHP4 compatability issue
|
||||
- RSA: fix PHP4 compatibility issue
|
||||
|
||||
## 1.0.1 - 2016-01-18
|
||||
|
||||
@ -115,7 +115,7 @@
|
||||
- truncate
|
||||
- improved file type detection
|
||||
- put() can write to te middle of a file
|
||||
- mkdir accepts the same paramters that PHP's mkdir does
|
||||
- mkdir accepts the same parameters that PHP's mkdir does
|
||||
- the ability to upload/download 2GB files
|
||||
- across-the-board speedups for the various encryption algorithms
|
||||
- multi-factor authentication support for Net_SSH2
|
||||
|
@ -1308,7 +1308,7 @@ abstract class Base
|
||||
* PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream
|
||||
* for CTR is the same for both encrypting and decrypting this function is re-used by both Base::encrypt()
|
||||
* and Base::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this
|
||||
* function will emulate CTR with ECB when necesary.
|
||||
* function will emulate CTR with ECB when necessary.
|
||||
*
|
||||
* @see self::encrypt()
|
||||
* @see self::decrypt()
|
||||
@ -2537,7 +2537,7 @@ abstract class Base
|
||||
* is stored, classwide (!), here for reusing.
|
||||
*
|
||||
* The string-based index of $function is a classwide
|
||||
* uniqe value representing, at least, the $mode of
|
||||
* unique value representing, at least, the $mode of
|
||||
* operation (or more... depends of the optimizing level)
|
||||
* for which $mode the lambda function was created.
|
||||
*
|
||||
|
@ -1312,7 +1312,7 @@ class DES extends Base
|
||||
// After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one
|
||||
$gen_hi_opt_code = (bool)( count($lambda_functions) < 10 );
|
||||
|
||||
// Generation of a uniqe hash for our generated code
|
||||
// Generation of a unique hash for our generated code
|
||||
$code_hash = "Crypt_DES, $des_rounds, {$this->mode}";
|
||||
if ($gen_hi_opt_code) {
|
||||
// For hi-optimized code, we create for each combination of
|
||||
|
@ -581,7 +581,7 @@ class RC2 extends Base
|
||||
// (Currently, for Crypt_RC2, one generated $lambda_function cost on php5.5@32bit ~60kb unfreeable mem and ~100kb on php5.5@64bit)
|
||||
$gen_hi_opt_code = (bool)(count($lambda_functions) < 10);
|
||||
|
||||
// Generation of a uniqe hash for our generated code
|
||||
// Generation of a unique hash for our generated code
|
||||
$code_hash = "Crypt_RC2, {$this->mode}";
|
||||
if ($gen_hi_opt_code) {
|
||||
$code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key);
|
||||
|
@ -88,7 +88,7 @@ class RSA
|
||||
*/
|
||||
const PADDING_NONE = 3;
|
||||
/**
|
||||
* Use PKCS#1 padding with PKCS1 v1.5 compatability
|
||||
* Use PKCS#1 padding with PKCS1 v1.5 compatibility
|
||||
*
|
||||
* A PKCS1 v2.1 encrypted message may not successfully decrypt with a PKCS1 v1.5 implementation (such as OpenSSL).
|
||||
*/
|
||||
|
@ -711,7 +711,7 @@ class Twofish extends Base
|
||||
// (Currently, for Crypt_Twofish, one generated $lambda_function cost on php5.5@32bit ~140kb unfreeable mem and ~240kb on php5.5@64bit)
|
||||
$gen_hi_opt_code = (bool)(count($lambda_functions) < 10);
|
||||
|
||||
// Generation of a uniqe hash for our generated code
|
||||
// Generation of a unique hash for our generated code
|
||||
$code_hash = "Crypt_Twofish, {$this->mode}";
|
||||
if ($gen_hi_opt_code) {
|
||||
$code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key);
|
||||
|
@ -247,7 +247,7 @@ class X509
|
||||
/**
|
||||
* The signature subject
|
||||
*
|
||||
* There's no guarantee \phpseclib\File\X509 is going to reencode an X.509 cert in the same way it was originally
|
||||
* There's no guarantee \phpseclib\File\X509 is going to re-encode an X.509 cert in the same way it was originally
|
||||
* encoded so we take save the portion of the original cert that the signature would have made for.
|
||||
*
|
||||
* @var string
|
||||
@ -3105,7 +3105,7 @@ class X509
|
||||
|
||||
$asn1 = new ASN1();
|
||||
|
||||
// OpenSSL produces SPKAC's that are preceeded by the string SPKAC=
|
||||
// OpenSSL produces SPKAC's that are preceded by the string SPKAC=
|
||||
$temp = preg_replace('#(?:SPKAC=)|[ \r\n\\\]#', '', $spkac);
|
||||
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Base64::decode($temp) : false;
|
||||
if ($temp != false) {
|
||||
@ -3192,7 +3192,7 @@ class X509
|
||||
return $spkac;
|
||||
// case self::FORMAT_PEM:
|
||||
default:
|
||||
// OpenSSL's implementation of SPKAC requires the SPKAC be preceeded by SPKAC= and since there are pretty much
|
||||
// OpenSSL's implementation of SPKAC requires the SPKAC be preceded by SPKAC= and since there are pretty much
|
||||
// no other SPKAC decoders phpseclib will use that same format
|
||||
return 'SPKAC=' . Base64::encode($spkac);
|
||||
}
|
||||
|
@ -2405,7 +2405,7 @@ class BigInteger
|
||||
*
|
||||
* Say you have 693 and 609. The GCD is 21. Bezout's identity states that there exist integers x and y such that
|
||||
* 693*x + 609*y == 21. In point of fact, there are actually an infinite number of x and y combinations and which
|
||||
* combination is returned is dependant upon which mode is in use. See
|
||||
* combination is returned is dependent upon which mode is in use. See
|
||||
* {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity Bezout's identity - Wikipedia} for more information.
|
||||
*
|
||||
* Here's an example:
|
||||
|
@ -342,7 +342,7 @@ class SFTP extends SSH2
|
||||
);
|
||||
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3
|
||||
// the flag definitions change somewhat in SFTPv5+. if SFTPv5+ support is added to this library, maybe name
|
||||
// the array for that $this->open5_flags and similarily alter the constant names.
|
||||
// the array for that $this->open5_flags and similarly alter the constant names.
|
||||
$this->open_flags = array(
|
||||
0x00000001 => 'NET_SFTP_OPEN_READ',
|
||||
0x00000002 => 'NET_SFTP_OPEN_WRITE',
|
||||
|
@ -397,7 +397,7 @@ class SSH2
|
||||
var $server_public_host_key;
|
||||
|
||||
/**
|
||||
* Session identifer
|
||||
* Session identifier
|
||||
*
|
||||
* "The exchange hash H from the first key exchange is additionally
|
||||
* used as the session identifier, which is a unique identifier for
|
||||
@ -1071,10 +1071,20 @@ class SSH2
|
||||
}
|
||||
|
||||
$line.= "$temp\n";
|
||||
if (substr($line, -2) == "\r\n") {
|
||||
break;
|
||||
}
|
||||
|
||||
// quoting RFC4253, "Implementers who wish to maintain
|
||||
// compatibility with older, undocumented versions of this protocol may
|
||||
// want to process the identification string without expecting the
|
||||
// presence of the carriage return character for reasons described in
|
||||
// Section 5 of this document."
|
||||
|
||||
//if (substr($line, -2) == "\r\n") {
|
||||
// break;
|
||||
//}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
$data.= $line;
|
||||
}
|
||||
|
||||
@ -2395,7 +2405,7 @@ class SSH2
|
||||
|
||||
// RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to
|
||||
// be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but,
|
||||
// honestly, if you're transfering more than 2GB, you probably shouldn't be using phpseclib, anyway.
|
||||
// honestly, if you're transferring more than 2GB, you probably shouldn't be using phpseclib, anyway.
|
||||
// see http://tools.ietf.org/html/rfc4254#section-5.2 for more info
|
||||
$this->window_size_server_to_client[self::CHANNEL_EXEC] = $this->window_size;
|
||||
// 0x8000 is the maximum max packet size, per http://tools.ietf.org/html/rfc4253#section-6.1, although since PuTTy
|
||||
|
@ -159,7 +159,7 @@ class Identity
|
||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||
$type = ord(fread($this->fsock, 1));
|
||||
if ($type != Agent::SSH_AGENT_SIGN_RESPONSE) {
|
||||
throw new \RuntimeException('Unable to retreive signature');
|
||||
throw new \RuntimeException('Unable to retrieve signature');
|
||||
}
|
||||
|
||||
$signature_blob = fread($this->fsock, $length - 1);
|
||||
|
@ -71,7 +71,7 @@ class Unit_Crypt_RC2Test extends PhpseclibTestCase
|
||||
|
||||
// now, to OpenSSL's credit, null padding is internally consistent with OpenSSL. OpenSSL only supports fixed length keys. For rc2, rc4 and
|
||||
// bf (blowfish), all keys are 128 bits (or are null padded / truncated accordingly). to use 40-bit or 64-bit keys with RC4 with OpenSSL you
|
||||
// don't use the rc4 algorithm - you use the rc4-40 or rc4-64 algorithm. and similarily, it's not aes-cbc that you use - it's either aes-128-cbc
|
||||
// don't use the rc4 algorithm - you use the rc4-40 or rc4-64 algorithm. and similarly, it's not aes-cbc that you use - it's either aes-128-cbc
|
||||
// or aes-192-cbc or aes-256-cbc. this is in contrast to mcrypt, which (with the exception of RC2) actually supports variable and arbitrary
|
||||
// length keys.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user