From b32c05b64e8a7949fc1eeaa9cc4e7650dcb02995 Mon Sep 17 00:00:00 2001 From: Clint Nelissen Date: Mon, 1 Dec 2014 19:18:58 -0800 Subject: [PATCH] Split System_SSH_Agent and System_SSH_Agent_Identity into separate files --- phpseclib/System/SSH/Agent.php | 141 +------------------ phpseclib/System/SSH/Agent/Identity.php | 173 ++++++++++++++++++++++++ 2 files changed, 175 insertions(+), 139 deletions(-) create mode 100644 phpseclib/System/SSH/Agent/Identity.php diff --git a/phpseclib/System/SSH/Agent.php b/phpseclib/System/SSH/Agent.php index d4555111..33e450bc 100644 --- a/phpseclib/System/SSH/Agent.php +++ b/phpseclib/System/SSH/Agent.php @@ -65,145 +65,8 @@ define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13); define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14); /**#@-*/ -/** - * Pure-PHP ssh-agent client identity object - * - * Instantiation should only be performed by System_SSH_Agent class. - * This could be thought of as implementing an interface that Crypt_RSA - * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. - * The methods in this interface would be getPublicKey, setSignatureMode - * and sign since those are the methods phpseclib looks for to perform - * public key authentication. - * - * @package System_SSH_Agent - * @author Jim Wigginton - * @access internal - */ -class System_SSH_Agent_Identity -{ - /** - * Key Object - * - * @var Crypt_RSA - * @access private - * @see System_SSH_Agent_Identity::getPublicKey() - */ - var $key; - - /** - * Key Blob - * - * @var String - * @access private - * @see System_SSH_Agent_Identity::sign() - */ - var $key_blob; - - /** - * Socket Resource - * - * @var Resource - * @access private - * @see System_SSH_Agent_Identity::sign() - */ - var $fsock; - - /** - * Default Constructor. - * - * @param Resource $fsock - * @return System_SSH_Agent_Identity - * @access private - */ - function __construct($fsock) - { - $this->fsock = $fsock; - } - - /** - * Set Public Key - * - * Called by System_SSH_Agent::requestIdentities() - * - * @param Crypt_RSA $key - * @access private - */ - function setPublicKey($key) - { - $this->key = $key; - $this->key->setPublicKey(); - } - - /** - * Set Public Key - * - * Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key - * but this saves a small amount of computation. - * - * @param String $key_blob - * @access private - */ - function setPublicKeyBlob($key_blob) - { - $this->key_blob = $key_blob; - } - - /** - * Get Public Key - * - * Wrapper for $this->key->getPublicKey() - * - * @param Integer $format optional - * @return Mixed - * @access public - */ - function getPublicKey($format = null) - { - return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format); - } - - /** - * Set Signature Mode - * - * Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie. - * ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1 - * - * @param Integer $mode - * @access public - */ - function setSignatureMode($mode) - { - } - - /** - * Create a signature - * - * See "2.6.2 Protocol 2 private key signature request" - * - * @param String $message - * @return String - * @access public - */ - function sign($message) - { - // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE - $packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0); - $packet = pack('Na*', strlen($packet), $packet); - if (strlen($packet) != fputs($this->fsock, $packet)) { - user_error('Connection closed during signing'); - } - - $length = current(unpack('N', fread($this->fsock, 4))); - $type = ord(fread($this->fsock, 1)); - if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) { - user_error('Unable to retreive signature'); - } - - $signature_blob = fread($this->fsock, $length - 1); - // the only other signature format defined - ssh-dss - is the same length as ssh-rsa - // the + 12 is for the other various SSH added length fields - return substr($signature_blob, strlen('ssh-rsa') + 12); - } +if (!class_exists('System_SSH_Agent_Identity')) { + include_once 'Agent/Identity.php'; } /** diff --git a/phpseclib/System/SSH/Agent/Identity.php b/phpseclib/System/SSH/Agent/Identity.php new file mode 100644 index 00000000..91a29282 --- /dev/null +++ b/phpseclib/System/SSH/Agent/Identity.php @@ -0,0 +1,173 @@ + + * @copyright MMXIV Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + * @internal See http://api.libssh.org/rfc/PROTOCOL.agent + */ + +/** + * Pure-PHP ssh-agent client identity object + * + * Instantiation should only be performed by System_SSH_Agent class. + * This could be thought of as implementing an interface that Crypt_RSA + * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. + * The methods in this interface would be getPublicKey, setSignatureMode + * and sign since those are the methods phpseclib looks for to perform + * public key authentication. + * + * @package System_SSH_Agent + * @author Jim Wigginton + * @access internal + */ +class System_SSH_Agent_Identity +{ + /** + * Key Object + * + * @var Crypt_RSA + * @access private + * @see System_SSH_Agent_Identity::getPublicKey() + */ + var $key; + + /** + * Key Blob + * + * @var String + * @access private + * @see System_SSH_Agent_Identity::sign() + */ + var $key_blob; + + /** + * Socket Resource + * + * @var Resource + * @access private + * @see System_SSH_Agent_Identity::sign() + */ + var $fsock; + + /** + * Default Constructor. + * + * @param Resource $fsock + * @return System_SSH_Agent_Identity + * @access private + */ + function __construct($fsock) + { + $this->fsock = $fsock; + } + + /** + * Set Public Key + * + * Called by System_SSH_Agent::requestIdentities() + * + * @param Crypt_RSA $key + * @access private + */ + function setPublicKey($key) + { + $this->key = $key; + $this->key->setPublicKey(); + } + + /** + * Set Public Key + * + * Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key + * but this saves a small amount of computation. + * + * @param String $key_blob + * @access private + */ + function setPublicKeyBlob($key_blob) + { + $this->key_blob = $key_blob; + } + + /** + * Get Public Key + * + * Wrapper for $this->key->getPublicKey() + * + * @param Integer $format optional + * @return Mixed + * @access public + */ + function getPublicKey($format = null) + { + return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format); + } + + /** + * Set Signature Mode + * + * Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie. + * ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1 + * + * @param Integer $mode + * @access public + */ + function setSignatureMode($mode) + { + } + + /** + * Create a signature + * + * See "2.6.2 Protocol 2 private key signature request" + * + * @param String $message + * @return String + * @access public + */ + function sign($message) + { + // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE + $packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0); + $packet = pack('Na*', strlen($packet), $packet); + if (strlen($packet) != fputs($this->fsock, $packet)) { + user_error('Connection closed during signing'); + } + + $length = current(unpack('N', fread($this->fsock, 4))); + $type = ord(fread($this->fsock, 1)); + if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) { + user_error('Unable to retreive signature'); + } + + $signature_blob = fread($this->fsock, $length - 1); + // the only other signature format defined - ssh-dss - is the same length as ssh-rsa + // the + 12 is for the other various SSH added length fields + return substr($signature_blob, strlen('ssh-rsa') + 12); + } +}