From 167718a046e7812cfa33a0350baf1e694a87aa23 Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:11:44 +0200 Subject: [PATCH 01/23] Set of PHPDOC fixes --- phpseclib/Crypt/DSA/Keys/OpenSSH.php | 2 +- phpseclib/Crypt/DSA/Keys/PKCS1.php | 2 +- phpseclib/Crypt/DSA/Keys/PKCS8.php | 2 +- phpseclib/Crypt/DSA/Keys/PuTTY.php | 2 +- phpseclib/Crypt/DSA/Keys/Raw.php | 2 +- phpseclib/Crypt/DSA/Keys/XML.php | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/phpseclib/Crypt/DSA/Keys/OpenSSH.php b/phpseclib/Crypt/DSA/Keys/OpenSSH.php index 6458ba35..0b5d47b4 100644 --- a/phpseclib/Crypt/DSA/Keys/OpenSSH.php +++ b/phpseclib/Crypt/DSA/Keys/OpenSSH.php @@ -37,7 +37,7 @@ abstract class OpenSSH extends Progenitor * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/DSA/Keys/PKCS1.php b/phpseclib/Crypt/DSA/Keys/PKCS1.php index 7a3920ba..fefe3117 100644 --- a/phpseclib/Crypt/DSA/Keys/PKCS1.php +++ b/phpseclib/Crypt/DSA/Keys/PKCS1.php @@ -46,7 +46,7 @@ abstract class PKCS1 extends Progenitor * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/DSA/Keys/PKCS8.php b/phpseclib/Crypt/DSA/Keys/PKCS8.php index 1415175a..4a94a861 100644 --- a/phpseclib/Crypt/DSA/Keys/PKCS8.php +++ b/phpseclib/Crypt/DSA/Keys/PKCS8.php @@ -69,7 +69,7 @@ abstract class PKCS8 extends Progenitor * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/DSA/Keys/PuTTY.php b/phpseclib/Crypt/DSA/Keys/PuTTY.php index 7b297631..af7a7ea4 100644 --- a/phpseclib/Crypt/DSA/Keys/PuTTY.php +++ b/phpseclib/Crypt/DSA/Keys/PuTTY.php @@ -55,7 +55,7 @@ abstract class PuTTY extends Progenitor * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/DSA/Keys/Raw.php b/phpseclib/Crypt/DSA/Keys/Raw.php index 18d0b03a..ab6085fa 100644 --- a/phpseclib/Crypt/DSA/Keys/Raw.php +++ b/phpseclib/Crypt/DSA/Keys/Raw.php @@ -34,7 +34,7 @@ abstract class Raw * @access public * @param array $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/DSA/Keys/XML.php b/phpseclib/Crypt/DSA/Keys/XML.php index 02644b7d..0741ae5f 100644 --- a/phpseclib/Crypt/DSA/Keys/XML.php +++ b/phpseclib/Crypt/DSA/Keys/XML.php @@ -39,7 +39,7 @@ abstract class XML * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { From 5fe61b325d345f5781bdedfab8cac2fdf336a17f Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:12:07 +0200 Subject: [PATCH 02/23] PHPDOC fix --- phpseclib/Crypt/DSA/Signature/PKCS.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Crypt/DSA/Signature/PKCS.php b/phpseclib/Crypt/DSA/Signature/PKCS.php index fa09e54a..eeb97755 100644 --- a/phpseclib/Crypt/DSA/Signature/PKCS.php +++ b/phpseclib/Crypt/DSA/Signature/PKCS.php @@ -36,7 +36,7 @@ abstract class PKCS * * @access public * @param array $key - * @return array + * @return array|bool */ public static function load($sig) { From 0c6d8607ce39d625c78b8748b115b2806baaeb3b Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:12:56 +0200 Subject: [PATCH 03/23] added missing use statement PHPDOC fix --- phpseclib/File/ASN1.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index 295a2b72..57cd79cd 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -26,6 +26,7 @@ namespace phpseclib\File; use ParagonIE\ConstantTime\Base64; use phpseclib\File\ASN1\Element; use phpseclib\Math\BigInteger; +use phpseclib\Common\Functions\Strings; /** * Pure-PHP ASN.1 Parser @@ -248,7 +249,7 @@ abstract class ASN1 * @param string $encoded * @param int $start * @param int $encoded_pos - * @return array + * @return array|bool * @access private */ private static function decode_ber($encoded, $start = 0, $encoded_pos = 0) @@ -513,7 +514,7 @@ abstract class ASN1 * @param array $decoded * @param array $mapping * @param array $special - * @return array + * @return array|bool|Element * @access public */ public static function asn1map($decoded, $mapping, $special = []) @@ -826,7 +827,7 @@ abstract class ASN1 * ASN.1 Encode (Helper function) * * @param string $source - * @param string $mapping + * @param array $mapping * @param int $idx * @return string * @throws \RuntimeException if the input has an error in it From f48995ac96bc5ea0097256870a40e5d5f66419b6 Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:13:44 +0200 Subject: [PATCH 04/23] Wrong class name fix PHPDOC fixes --- phpseclib/File/X509.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index a95784b5..8ed58c4e 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -36,6 +36,7 @@ use phpseclib\File\ASN1\Element; use phpseclib\Math\BigInteger; use phpseclib\File\ASN1\Maps; + /** * Pure-PHP X.509 Parser * @@ -1564,7 +1565,7 @@ class X509 * @param mixed $format optional * @param array $dn optional * @access public - * @return bool + * @return array|bool */ public function getDN($format = self::DN_ARRAY, $dn = null) { @@ -2796,7 +2797,7 @@ class X509 */ if (strtolower($date) == 'lifetime') { $temp = '99991231235959Z'; - $temp = chr(ASN1::TYPE_GENERALIZED_TIME) . Functions::encodeLength(strlen($temp)) . $temp; + $temp = chr(ASN1::TYPE_GENERALIZED_TIME) . ASN1::encodeLength(strlen($temp)) . $temp; $this->endDate = new Element($temp); } else { $this->endDate = @date('D, d M Y H:i:s O', @strtotime($date)); @@ -3117,12 +3118,13 @@ class X509 * * @param string $id * @param array $cert optional + * @param string $path * @access public * @return mixed */ - public function getExtension($id, $cert = null) + public function getExtension($id, $cert = null, $path) { - return $this->getExtensionHelper($id, $cert); + return $this->getExtensionHelper($id, $cert, $path); } /** @@ -3430,7 +3432,7 @@ class X509 * Format a public key as appropriate * * @access private - * @return array + * @return array|bool */ private function formatSubjectPublicKey() { @@ -3602,7 +3604,7 @@ class X509 * * @param array $crl optional * @access public - * @return array + * @return array|bool */ public function listRevoked($crl = null) { @@ -3676,7 +3678,7 @@ class X509 * @param string $serial * @param array $crl optional * @access public - * @return array + * @return array|bool */ public function getRevokedCertificateExtensions($serial, $crl = null) { From a3b252150bdd16c959b9ec2ffc350ec92d97a838 Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:14:32 +0200 Subject: [PATCH 05/23] Set of PHPDOC fixes --- phpseclib/Crypt/RSA/Keys/MSBLOB.php | 2 +- phpseclib/Crypt/RSA/Keys/OpenSSH.php | 2 +- phpseclib/Crypt/RSA/Keys/PKCS1.php | 2 +- phpseclib/Crypt/RSA/Keys/PKCS8.php | 2 +- phpseclib/Crypt/RSA/Keys/PuTTY.php | 2 +- phpseclib/Crypt/RSA/Keys/Raw.php | 4 ++-- phpseclib/Crypt/RSA/Keys/XML.php | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/phpseclib/Crypt/RSA/Keys/MSBLOB.php b/phpseclib/Crypt/RSA/Keys/MSBLOB.php index 8ac478e0..33500fe7 100644 --- a/phpseclib/Crypt/RSA/Keys/MSBLOB.php +++ b/phpseclib/Crypt/RSA/Keys/MSBLOB.php @@ -71,7 +71,7 @@ abstract class MSBLOB * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/RSA/Keys/OpenSSH.php b/phpseclib/Crypt/RSA/Keys/OpenSSH.php index 40f20330..b8ba1bb5 100644 --- a/phpseclib/Crypt/RSA/Keys/OpenSSH.php +++ b/phpseclib/Crypt/RSA/Keys/OpenSSH.php @@ -37,7 +37,7 @@ abstract class OpenSSH extends Progenitor * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/RSA/Keys/PKCS1.php b/phpseclib/Crypt/RSA/Keys/PKCS1.php index 125927ce..6c73d65d 100644 --- a/phpseclib/Crypt/RSA/Keys/PKCS1.php +++ b/phpseclib/Crypt/RSA/Keys/PKCS1.php @@ -44,7 +44,7 @@ abstract class PKCS1 extends Progenitor * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/RSA/Keys/PKCS8.php b/phpseclib/Crypt/RSA/Keys/PKCS8.php index 382fb2b7..40888020 100644 --- a/phpseclib/Crypt/RSA/Keys/PKCS8.php +++ b/phpseclib/Crypt/RSA/Keys/PKCS8.php @@ -70,7 +70,7 @@ abstract class PKCS8 extends Progenitor * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/RSA/Keys/PuTTY.php b/phpseclib/Crypt/RSA/Keys/PuTTY.php index 4353fd02..ca9195d0 100644 --- a/phpseclib/Crypt/RSA/Keys/PuTTY.php +++ b/phpseclib/Crypt/RSA/Keys/PuTTY.php @@ -50,7 +50,7 @@ abstract class PuTTY extends Progenitor * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { diff --git a/phpseclib/Crypt/RSA/Keys/Raw.php b/phpseclib/Crypt/RSA/Keys/Raw.php index e2bd636c..fe3c4c62 100644 --- a/phpseclib/Crypt/RSA/Keys/Raw.php +++ b/phpseclib/Crypt/RSA/Keys/Raw.php @@ -42,7 +42,7 @@ abstract class Raw * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { @@ -95,7 +95,7 @@ abstract class Raw * @access public * @param \phpseclib\Math\BigInteger $n * @param \phpseclib\Math\BigInteger $e - * @return string + * @return array */ public static function savePublicKey(BigInteger $n, BigInteger $e) { diff --git a/phpseclib/Crypt/RSA/Keys/XML.php b/phpseclib/Crypt/RSA/Keys/XML.php index a31a4be0..07549026 100644 --- a/phpseclib/Crypt/RSA/Keys/XML.php +++ b/phpseclib/Crypt/RSA/Keys/XML.php @@ -40,7 +40,7 @@ abstract class XML * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ public static function load($key, $password = '') { From 558370304081510cee6c60445967eb3723f7e7ef Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:15:16 +0200 Subject: [PATCH 06/23] Set of PHPDOC fixes --- phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php | 2 +- .../Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php b/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php index 7237c5ac..f858ce17 100644 --- a/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php +++ b/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php @@ -61,7 +61,7 @@ abstract class Barrett extends Base * * @param string $n * @param string $m - * @return array + * @return array|string */ protected static function reduce($n, $m) { diff --git a/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php b/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php index 2ab676e6..58374b3d 100644 --- a/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php +++ b/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php @@ -55,7 +55,7 @@ abstract class EvalBarrett extends Base * * @param array $m * @param string $class - * @return callable + * @return callable|void */ protected static function generateCustomReduction(BCMath $m, $class) { From 6181b2bfbd2a5b7b3e3f6c40c47df30c6883efdc Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:16:16 +0200 Subject: [PATCH 07/23] Set of PHPDOC fixes --- phpseclib/Crypt/Common/AsymmetricKey.php | 4 ++-- phpseclib/Crypt/Common/Keys/OpenSSH.php | 2 +- phpseclib/Crypt/Common/Keys/PKCS1.php | 2 +- phpseclib/Crypt/Common/Keys/PKCS8.php | 2 +- phpseclib/Crypt/Common/Keys/PuTTY.php | 2 +- phpseclib/Crypt/Common/Signature/Raw.php | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/phpseclib/Crypt/Common/AsymmetricKey.php b/phpseclib/Crypt/Common/AsymmetricKey.php index 08124730..6cc92471 100644 --- a/phpseclib/Crypt/Common/AsymmetricKey.php +++ b/phpseclib/Crypt/Common/AsymmetricKey.php @@ -299,7 +299,7 @@ abstract class AsymmetricKey * @access private * @param string $key * @param string $type - * @return array + * @return array|bool */ protected function load($key, $type) { @@ -339,7 +339,7 @@ abstract class AsymmetricKey * @access private * @param string $key * @param string $type - * @return array + * @return array|bool */ protected function setPublicKey($key, $type) { diff --git a/phpseclib/Crypt/Common/Keys/OpenSSH.php b/phpseclib/Crypt/Common/Keys/OpenSSH.php index eb1ba7a3..fc7fc822 100644 --- a/phpseclib/Crypt/Common/Keys/OpenSSH.php +++ b/phpseclib/Crypt/Common/Keys/OpenSSH.php @@ -64,7 +64,7 @@ abstract class OpenSSH * @access public * @param string $key * @param string $type - * @return array + * @return array|bool */ public static function load($key, $type) { diff --git a/phpseclib/Crypt/Common/Keys/PKCS1.php b/phpseclib/Crypt/Common/Keys/PKCS1.php index afa9ad15..6ae8588d 100644 --- a/phpseclib/Crypt/Common/Keys/PKCS1.php +++ b/phpseclib/Crypt/Common/Keys/PKCS1.php @@ -122,7 +122,7 @@ abstract class PKCS1 extends PKCS * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ protected static function load($key, $password) { diff --git a/phpseclib/Crypt/Common/Keys/PKCS8.php b/phpseclib/Crypt/Common/Keys/PKCS8.php index 74222ab5..e4002fe7 100644 --- a/phpseclib/Crypt/Common/Keys/PKCS8.php +++ b/phpseclib/Crypt/Common/Keys/PKCS8.php @@ -320,7 +320,7 @@ abstract class PKCS8 extends PKCS * @access public * @param string $key * @param string $password optional - * @return array + * @return array|bool */ protected static function load($key, $password = '') { diff --git a/phpseclib/Crypt/Common/Keys/PuTTY.php b/phpseclib/Crypt/Common/Keys/PuTTY.php index 12e4377a..44224510 100644 --- a/phpseclib/Crypt/Common/Keys/PuTTY.php +++ b/phpseclib/Crypt/Common/Keys/PuTTY.php @@ -77,7 +77,7 @@ abstract class PuTTY * @param string $publicHandler * @param string $type * @param string $password - * @return array + * @return array|bool */ protected static function load($key, $password) { diff --git a/phpseclib/Crypt/Common/Signature/Raw.php b/phpseclib/Crypt/Common/Signature/Raw.php index 73aeee8a..7977417c 100644 --- a/phpseclib/Crypt/Common/Signature/Raw.php +++ b/phpseclib/Crypt/Common/Signature/Raw.php @@ -33,7 +33,7 @@ abstract class Raw * * @access public * @param array $sig - * @return array + * @return array|bool */ public static function load($sig) { From ccfb6c92bf0ebdb04e889ced81310a1e370bbfd5 Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:16:37 +0200 Subject: [PATCH 08/23] Set of PHPDOC fixes --- phpseclib/Crypt/DSA.php | 4 ++-- phpseclib/Crypt/Hash.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/phpseclib/Crypt/DSA.php b/phpseclib/Crypt/DSA.php index 9cbee43e..19b0bae2 100644 --- a/phpseclib/Crypt/DSA.php +++ b/phpseclib/Crypt/DSA.php @@ -109,7 +109,7 @@ class DSA extends AsymmetricKey * @access public * @param int $L * @param int $N - * @return \phpseclib\Crypt\DSA + * @return \phpseclib\Crypt\DSA|bool */ static function createParameters($L = 2048, $N = 224) { @@ -183,7 +183,7 @@ class DSA extends AsymmetricKey * - 'publickey': The public key. * * @access public - * @return \phpseclib\Crypt\DSA + * @return array|DSA */ static function createKey() { diff --git a/phpseclib/Crypt/Hash.php b/phpseclib/Crypt/Hash.php index e5af7b48..2b4f7b83 100644 --- a/phpseclib/Crypt/Hash.php +++ b/phpseclib/Crypt/Hash.php @@ -134,7 +134,7 @@ class Hash * Keys can be of any length. * * @access public - * @param string $key + * @param string|bool $key */ public function setKey($key = false) { From 0fd58aeb7e327b50874d3d1f824741227db9aedf Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:19:11 +0200 Subject: [PATCH 09/23] Set of PHPDOC fixes Fixed methods visibility --- phpseclib/Net/SFTP.php | 4 ++-- phpseclib/Net/SSH1.php | 2 +- phpseclib/Net/SSH2.php | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index 4397586e..63496e69 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -3024,7 +3024,7 @@ class SFTP extends SSH2 * Returns a string if NET_SFTP_LOGGING == self::LOG_COMPLEX, an array if NET_SFTP_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SFTP_LOGGING') * * @access public - * @return string or Array + * @return array|string */ public function getSFTPLog() { @@ -3086,7 +3086,7 @@ class SFTP extends SSH2 * @return bool * @access private */ - private function disconnect_helper($reason) + protected function disconnect_helper($reason) { $this->pwd = false; parent::disconnect_helper($reason); diff --git a/phpseclib/Net/SSH1.php b/phpseclib/Net/SSH1.php index 973b13f6..8cb3c625 100644 --- a/phpseclib/Net/SSH1.php +++ b/phpseclib/Net/SSH1.php @@ -1079,7 +1079,7 @@ class SSH1 * http://www.securiteam.com/securitynews/5LP042K3FY.html * * @see self::_send_binary_packet() - * @return array + * @return array|bool * @access private */ private function get_binary_packet() diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 49653416..332b324b 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -652,7 +652,7 @@ class SSH2 * @see self::_get_channel_packet() * @access private */ - private $curTimeout; + protected $curTimeout; /** * Real-time log file pointer @@ -890,7 +890,7 @@ class SSH2 * @param int $port * @param int $timeout * @see self::login() - * @return \phpseclib\Net\SSH2 + * @return SSH2|void * @access public */ public function __construct($host, $port = 22, $timeout = 10) @@ -3829,7 +3829,7 @@ class SSH2 * @return bool * @access private */ - private function disconnect_helper($reason) + protected function disconnect_helper($reason) { if ($this->bitmap & self::MASK_CONNECTED) { $data = pack('CNNa*Na*', NET_SSH2_MSG_DISCONNECT, $reason, 0, '', 0, ''); From f314f9795f2a5c43fc680cd6fee2beaf3e192239 Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:20:05 +0200 Subject: [PATCH 10/23] Fixed methods visibility --- phpseclib/Math/BigInteger/Engines/PHP/Base.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Math/BigInteger/Engines/PHP/Base.php b/phpseclib/Math/BigInteger/Engines/PHP/Base.php index 640d17c6..3529906e 100644 --- a/phpseclib/Math/BigInteger/Engines/PHP/Base.php +++ b/phpseclib/Math/BigInteger/Engines/PHP/Base.php @@ -80,7 +80,7 @@ abstract class Base extends PHP * @param string $class * @return \phpseclib\Math\BigInteger\Engines\PHP */ - protected static function powModHelper(PHP $x, PHP $e, PHP $n, $class) + public static function powModHelper(PHP $x, PHP $e, PHP $n, $class) { if (empty($e->value)) { $temp = new $class(); From d13f429b77a494c340378619a4ff142bb0d68f60 Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:20:17 +0200 Subject: [PATCH 11/23] PHPDOC fixes --- phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php b/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php index 8bffb1ca..cdbf23a1 100644 --- a/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php +++ b/phpseclib/Math/BigInteger/Engines/PHP/Montgomery.php @@ -46,7 +46,7 @@ abstract class Montgomery extends Base * @param \phpseclib\Math\BigInteger\Engine $e * @param \phpseclib\Math\BigInteger\Engine $n * @param string $class - * @return \phpseclib\Math\BigInteger\Engine + * @return \phpseclib\Math\BigInteger\Engine|Engine */ protected static function slidingWindow(Engine $x, Engine $e, Engine $n, $class) { From 6f36c49baafc8af2821c18088ebec99e4a53a62d Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:20:33 +0200 Subject: [PATCH 12/23] Fixed methods visibility --- phpseclib/Math/BigInteger/Engines/BCMath/Base.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Math/BigInteger/Engines/BCMath/Base.php b/phpseclib/Math/BigInteger/Engines/BCMath/Base.php index 026cd86f..91efeb00 100644 --- a/phpseclib/Math/BigInteger/Engines/BCMath/Base.php +++ b/phpseclib/Math/BigInteger/Engines/BCMath/Base.php @@ -60,7 +60,7 @@ abstract class Base extends BCMath * @param string $class * @return \phpseclib\Math\BigInteger\Engines\BCMath */ - protected static function powModHelper(BCMath $x, BCMath $e, BCMath $n, $class) + public static function powModHelper(BCMath $x, BCMath $e, BCMath $n, $class) { if (empty($e->value)) { $temp = new $class(); From 7bffa6bb8f417023d866570392e3bd0559c1cea3 Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:26:09 +0200 Subject: [PATCH 13/23] Set of PHPDOC fixes --- phpseclib/Math/BigInteger/Engines/Engine.php | 18 +++++++++--------- phpseclib/Math/BigInteger/Engines/GMP.php | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/phpseclib/Math/BigInteger/Engines/Engine.php b/phpseclib/Math/BigInteger/Engines/Engine.php index 89787416..9f3dc497 100644 --- a/phpseclib/Math/BigInteger/Engines/Engine.php +++ b/phpseclib/Math/BigInteger/Engines/Engine.php @@ -396,7 +396,7 @@ abstract class Engine implements \Serializable /** * Logical Not * - * @return \phpseclib\Math\BigInteger\Engines\Engine + * @return Engine|string */ public function bitwise_not() { @@ -465,7 +465,7 @@ abstract class Engine implements \Serializable * Instead of the top x bits being dropped they're appended to the shifted bit string. * * @param int $shift - * @return \phpseclib\Math\BigInteger\Engine\Engines + * @return \phpseclib\Math\BigInteger\Engines\Engine */ public function bitwise_leftRotate($shift) { @@ -563,7 +563,7 @@ abstract class Engine implements \Serializable /** * Performs some pre-processing for powMod * - * @return \phpseclib\Math\BigInteger\Engines\Engine + * @return bool|Engine */ protected function powModOuter(Engine $e, Engine $n) { @@ -591,11 +591,11 @@ abstract class Engine implements \Serializable * however, this function performs a modular reduction after every multiplication and squaring operation. * As such, this function has the same preconditions that the reductions being used do. * - * @param \phpseclib\Math\BigInteger\Engine $x - * @param \phpseclib\Math\BigInteger\Engine $e - * @param \phpseclib\Math\BigInteger\Engine $n + * @param \phpseclib\Math\BigInteger\Engines\Engine $x + * @param \phpseclib\Math\BigInteger\Engines\Engine $e + * @param \phpseclib\Math\BigInteger\Engines\Engine $n * @param string $class - * @return \phpseclib\Math\BigInteger\Engine + * @return \phpseclib\Math\BigInteger\Engines\Engine */ protected static function slidingWindow(Engine $x, Engine $e, Engine $n, $class) { @@ -691,7 +691,7 @@ abstract class Engine implements \Serializable /** * Performs some pre-processing for randomRangePrime * - * @return \phpseclib\Math\BigInteger\Engines\Engine + * @return bool|Engine */ protected static function randomRangePrimeOuter(Engine $min, Engine $max) { @@ -781,7 +781,7 @@ abstract class Engine implements \Serializable /** * Performs some post-processing for randomRangePrime * - * @return \phpseclib\Math\BigInteger\Engine + * @return bool|Engine */ protected static function randomRangePrimeInner(Engine $x, Engine $min, Engine $max) { diff --git a/phpseclib/Math/BigInteger/Engines/GMP.php b/phpseclib/Math/BigInteger/Engines/GMP.php index 5e5a0197..9a406a27 100644 --- a/phpseclib/Math/BigInteger/Engines/GMP.php +++ b/phpseclib/Math/BigInteger/Engines/GMP.php @@ -546,7 +546,7 @@ class GMP extends Engine * * Returns the nth root of a positive biginteger, where n defaults to 2 * - * @return \phpseclib\Math\BigInteger\Engines\Engine\GMP + * @return \phpseclib\Math\BigInteger\Engines\GMP */ protected function rootInner($n) { From de2e4662b004c8ce5c83f46b5382102bba5ca441 Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 09:26:46 +0200 Subject: [PATCH 14/23] Fixed wrong use of new self(1); --- phpseclib/Math/BigInteger/Engines/PHP.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Math/BigInteger/Engines/PHP.php b/phpseclib/Math/BigInteger/Engines/PHP.php index 8e448cc0..bee28778 100644 --- a/phpseclib/Math/BigInteger/Engines/PHP.php +++ b/phpseclib/Math/BigInteger/Engines/PHP.php @@ -1314,7 +1314,7 @@ abstract class PHP extends Engine protected function powHelper(PHP $n) { if ($n->compare(static::$zero) == 0) { - return new self(1); + return new static(1); } // n^0 = 1 From eb21fb2bcb781a25c718cdf19f24bc59ea83ae2d Mon Sep 17 00:00:00 2001 From: Sokolovskyy Roman Date: Thu, 3 Aug 2017 11:25:20 +0200 Subject: [PATCH 15/23] Default value for a parameter missed --- phpseclib/File/X509.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 8ed58c4e..e2f98817 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -3122,7 +3122,7 @@ class X509 * @access public * @return mixed */ - public function getExtension($id, $cert = null, $path) + public function getExtension($id, $cert = null, $path=null) { return $this->getExtensionHelper($id, $cert, $path); } From 0ac8b5d5ed5daa4df6dce787ddb5d6d93258db99 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 6 Aug 2017 10:30:29 -0500 Subject: [PATCH 16/23] ASN1: rm unused method (decodeLength) --- phpseclib/File/ASN1.php | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index 295a2b72..9594580e 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -1348,27 +1348,6 @@ abstract class ASN1 return $temp != false ? $temp : $str; } - /** - * DER-decode the length - * - * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See - * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. - * - * @access public - * @param string $string - * @return int - */ - public static function decodeLength(&$string) - { - $length = ord(Strings::shift($string)); - if ($length & 0x80) { // definite length, long form - $length&= 0x7F; - $temp = Strings::shift($string, $length); - list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)); - } - return $length; - } - /** * DER-encode the length * From 135a4decf1509055649065e523598e05fcd193f2 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 6 Aug 2017 10:49:03 -0500 Subject: [PATCH 17/23] Tests/X509: add setEndDate --- tests/Unit/File/X509/X509Test.php | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/Unit/File/X509/X509Test.php b/tests/Unit/File/X509/X509Test.php index 41258b21..773e2c41 100644 --- a/tests/Unit/File/X509/X509Test.php +++ b/tests/Unit/File/X509/X509Test.php @@ -181,6 +181,7 @@ aBtsWpliLSex/HHhtRW9AkBGcq67zKmEpJ9kXcYLEjJii3flFS+Ct/rNm+Hhm1l7 $issuer->setDN($subject->getDN()); $x509 = new X509(); + $x509->setEndDate('lifetime'); $result = $x509->sign($issuer, $subject); $cert = $x509->saveX509($result); From bd489a16dc73d9e7dcc44a0b7544fd3e656e118d Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 6 Aug 2017 12:35:52 -0500 Subject: [PATCH 18/23] Tests/X509: add CRL test --- tests/Unit/File/X509/CRLTest.php | 24 ++++++++++++++++++++++++ tests/Unit/File/X509/crl.bin | Bin 0 -> 5540 bytes 2 files changed, 24 insertions(+) create mode 100644 tests/Unit/File/X509/CRLTest.php create mode 100644 tests/Unit/File/X509/crl.bin diff --git a/tests/Unit/File/X509/CRLTest.php b/tests/Unit/File/X509/CRLTest.php new file mode 100644 index 00000000..8c08ee60 --- /dev/null +++ b/tests/Unit/File/X509/CRLTest.php @@ -0,0 +1,24 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +use phpseclib\File\X509; + +class Unit_File_X509_CRLTest extends PhpseclibTestCase +{ + public function testLoadCRL() + { + $test = file_get_contents('crl.bin'); + + $x509 = new X509(); + + $x509->loadCRL($test); + + $reason = $x509->getRevokedCertificateExtension('9048354325167497831898969642461237543', 'id-ce-cRLReasons'); + + $this->assertSame('unspecified', $reason); + } +} diff --git a/tests/Unit/File/X509/crl.bin b/tests/Unit/File/X509/crl.bin new file mode 100644 index 0000000000000000000000000000000000000000..ef6d3ee192c8cfbf4b1a9356137750ed436aa551 GIT binary patch literal 5540 zcmai&d0b3;AIF=SnrXJCwAYP@B;uSi=ggv%h@#ZhqO_pBv>*|Z7WBAj6E_rV%uA)K6Ewm`)Ms!s#>G{p#K0VL#yQcr9Gw=ESzQ5o1`}ux;2T9T_K$0|ekx3+k zO{JSA+a-TtlSoQR3P>o*MCeqCn<7=6?B;@MBI@D~40V=GXmIHKz^G`$MUnofE}|{| zH&b0TCMITP0C?mN9?kS$6M>o_#^Og5^$C9ycA>!`hSuxXZ;0}Z^ba&#u*`72wHd0- zMllpc1SlUt2-H*h5hcVQ5yTToQZGklkyS|%f~H|xr@-nNm`7?-Un=+-f}()Lxk5l8 zEQA5V8E7g}7$gNTKz53xkh2o6%kxB^H7#`qnc%yh+3<4-EVx@&TEV!$cH-wZ8 zWO+#d9)cqvZ4`$9$_GUzNB5*17Yvh{oVu=Dl>#Ua#R&p|Es0|vt>=G%osyH)@|?tc z+9U(`U{m=B9}_gi zPI-=L?*+UxNK54+`(>xFQZB$meaiBVE%3Yd+_}EJ2!{Ak#R_;|8a_W)+LX<}cP$2}M-&`2pGorP7MD3(*)iY%) z3BU&}grEX~2Ln_^2tXz%^4Bu*}%7*z43U$nfF;W?VvIJrV)3?Rf|+sbI$ z9{%C>tczti`I%qck0{FpSid&#wC^Vwk9f6=7S`z<{||s67%XWPXKitA=3tJ|*07aZ zX2%QU0xG&D%S;{)>_2guF|R4+rKSuZP#(_b5|CY@K20AkR?Ry;LzKOCwT<0L86dzg z0!SDHVD~y4YMNK>)n1=^Co&S9b)8UYi4mJ<@Nj#KV^ToPvy%+a{+ba?XYL}>#F#Hs;A0Jg1+_sV?5 z$@U=(`dV{S=LbAVgdYJaQzo5l461IbDPG!~==dp33ILT9>po1#6x-Y;#Jvjcw68<7 zl#}ZCe*-*(3+)HG`Yf)ZU)4a|vaRuNML$V%5TXQvp%@p|Kq_C~t4&;Vdc$CLsN(E% zIpZY}000IGU?2xaF`A(>v3m>q+2fFtXZOwfCIf^hpFj~<4wROutQp}hj9QP6nQtrS z)=2>{>jVVKg`ER6^3&+xR29F6Ck%2$)weFn01PEC0T*@-WNNorm`@FTdD=%#5O>dK z86ZRjI1hsrpQ7sZ%IfJZzOnU__AjnEKU*%q)bG96d!;Wj^<_rH!s7Hqxd18FZr}|4 zPSUERd;=5n`paSfMGzjC#g~54A~xNRWfcQ+<2qP ziY4o$0I&{xAOgUW{GZogwir5SlsQM_3j;E|rs!Re0ic?=Tnwff$~zA3+n$^*%)WK$ z>;1_qoFxE?2vH$d2(=DOYdw!O_SE?e=hp{~)9<6o1*ko70msg+?EE;Pr*^$lY>E^> zffoSv3fm=C%BuUj7Zn6L;-W43U%jt?2S5%u21}Y;b0vu3&Mkkef4as$`@HGj04Q$^ zHg;)NUfAky8Pk2H{eDQa`I?bjfLYVsTNZN3csf}>wy3V?hFn02Wjiv2b24+|gAOm< zGbHhRp!|5^j)N{qC06}N$EJ+~DNUlbSvO3@u2TH>&j2;TI;&9E*L}{u>GOvYsv@NT z#se)1+7wb6Y>OMF#`Y`Bjt&PXT`o<$BNw0?Ebls;eCJyEDW3)hzbt8KU_d4jlz=vn za(-XajM0d?O9O+OL&i>qyVtFynh&3 za4yiL78HqV3D_85)xpSu`=xkGTqC->B(LX9W2l?ndkMfrxIp{Bpo0`2 zb*Ce?Ke6rH0o*KrYT#u)2Ed_L8uIyT^xdiV56)$!>YRBn8Z85OV89Uw%p`I&r&gTa zZj|X0a7<*h=Z4r|fw}{A1b&}@$vxYwrnJn}mA3qefpNxZO_mfuaa6!1aA*!|rs*80 zuXucD>1ItvElI3=Ac7Qt`c~R~wepYsi{I7clyrwaRoFEK;6clqVXoivnF@Nw0ZC>9PfDgT8 zDJEyz(w#$Vb&>>q7PN;xG647n&_J*V^p)ccImxx!ck2GtxlgN_DFuKoiSG}v8An+r z@_QQ{TDWqMPmUpx_lyOgeu;gf?T`K)Cudn(Wmx$-XWjk|fMP|U_J8ej~+fqE;Tmeuo@fC>VZpIaslO?0hVl9 zh*g+dm1(Poi`Z*m;x`)N90=G1V&H!s$fcb!p1fzB(Jw8plH>z#8%Evs$J=@KS=BH1 zP+le%phbnX9H!K%1)h9ST6~YLHU{89tpnZch9fiEv1`AZTIJp>PXAZ{s!K{&w|h+Y zo5q{evE}aWr`|WE0LU3A6SVl~8}oj~V@`Tcz3HjZ(z>liF2E{r+r?qKHC1Gz$-z+r zkL3cSV)y0g553H5MlQT!ld~5{00CH#00S)tDL%%Bm7my}NlgpN3ysqjmx*5&VW1bl zd=MWX1YlP_7+Lk}^&`1gns>(V7DF%)gSC_MXOsHG`ME{K1+TNZ5T^JG8j6Z!vQpyzyo97Akw^-hS51k_@4nWa8gK1A z>q(eS^)c-&Hm=RlGhe=6N-yj*G1~8KVSi59%H>wKPxI}xILitJ^2E#A4sGZ^=&rZ^ z%g)l?=+??0t!0nQcFuIzl%6@+?wjXQQU1W zm|uKKsM<$#EdRC9c1K~m_iOZ6@?@jMk#C3f5+=3YE)pbV?{F5Rb<7`c6*}=#g>M1o zbuJ^KJ7!1Q!jycqXYOxA@18tj%`G@=tGSTXmiHi{w4tZN+gxpS2t~)C*ygi!@0vgx wlPc}}XW^bEoUP;)Hm_6j8JV5w>895<_<1+oyR>A!AF9171XWmjD0& literal 0 HcmV?d00001 From 9f540a82e672c48851f9517c0b9265cb88024c4f Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 6 Aug 2017 17:29:30 -0500 Subject: [PATCH 19/23] minor fixes to X509 and SSH2 --- phpseclib/File/X509.php | 7 ++++--- phpseclib/Net/SSH2.php | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index a95784b5..8d3f50df 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -3129,12 +3129,13 @@ class X509 * Returns a list of all extensions in use in certificate, CSR or CRL * * @param array $cert optional + * @param string $path optional * @access public * @return array */ - public function getExtensions($cert = null) + public function getExtensions($cert = null, $path = null) { - return $this->getExtensionsHelper($cert); + return $this->getExtensionsHelper($cert, $path); } /** @@ -3686,7 +3687,7 @@ class X509 if (is_array($rclist = $this->subArray($crl, 'tbsCertList/revokedCertificates'))) { if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { - return $this->getExtensionsHelper($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + return $this->getExtensions($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); } } diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 49653416..6ed3884d 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -4236,7 +4236,7 @@ class SSH2 case $r->compare($q) >= 0: case $s->equals($zero): case $s->compare($q) >= 0: - $this->disconnectHepler(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new \RuntimeException('Invalid signature'); } From 7ccb0d0b021884971a4265eff109edebe16a6565 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 7 Aug 2017 00:15:50 -0500 Subject: [PATCH 20/23] SSH2: send KEXINIT packet and identification string first or last --- phpseclib/Net/SSH2.php | 185 +++++++++++++++++++++++++++++++---------- 1 file changed, 142 insertions(+), 43 deletions(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 0e2333af..c54b57aa 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -875,6 +875,22 @@ class Net_SSH2 */ var $agent; + /** + * Send the identification string first? + * + * @var bool + * @access private + */ + var $send_id_string_first = true; + + /** + * Send the key exchange initiation packet first? + * + * @var bool + * @access private + */ + var $send_kex_first = true; + /** * Default Constructor. * @@ -1017,13 +1033,69 @@ class Net_SSH2 * CRYPT_MODE_INTERNAL, CRYPT_MODE_MCRYPT * * @param int $engine - * @access private + * @access public */ function setCryptoEngine($engine) { $this->crypto_engine = $engine; } + /** + * Send Identification String First + * + * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, + * both sides MUST send an identification string". It does not say which side sends it first. In + * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy + * + * @access public + */ + function sendIdentificationStringFirst() + { + $this->send_id_string_first = true; + } + + /** + * Send Identification String Last + * + * https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, + * both sides MUST send an identification string". It does not say which side sends it first. In + * theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy + * + * @access public + */ + function sendIdentificationStringLast() + { + $this->send_id_string_first = false; + } + + /** + * Send SSH_MSG_KEXINIT First + * + * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending + * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory + * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy + * + * @access public + */ + function sendKEXINITFirst() + { + $this->send_kex_first = true; + } + + /** + * Send SSH_MSG_KEXINIT Last + * + * https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending + * sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory + * it shouldn't matter but it is a fact of life that some SSH servers are simply buggy + * + * @access public + */ + function sendKEXINITLast() + { + $this->send_kex_first = false; + } + /** * Connect to an SSHv2 server * @@ -1065,7 +1137,9 @@ class Net_SSH2 $this->identifier = $this->_generate_identifier(); - fputs($this->fsock, $this->identifier . "\r\n"); + if ($this->send_id_string_first) { + fputs($this->fsock, $this->identifier . "\r\n"); + } /* According to the SSH2 specs, @@ -1125,18 +1199,28 @@ class Net_SSH2 return false; } - $response = $this->_get_binary_packet(); - if ($response === false) { - user_error('Connection closed by server'); - return false; + if (!$this->send_id_string_first) { + fputs($this->fsock, $this->identifier . "\r\n"); } - if (!strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) { - user_error('Expected SSH_MSG_KEXINIT'); - return false; + if (!$this->send_kex_first) { + $response = $this->_get_binary_packet(); + if ($response === false) { + user_error('Connection closed by server'); + return false; + } + + if (!strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) { + user_error('Expected SSH_MSG_KEXINIT'); + return false; + } + + if (!$this->_key_exchange($response)) { + return false; + } } - if (!$this->_key_exchange($response)) { + if ($this->send_kex_first && !$this->_key_exchange()) { return false; } @@ -1180,10 +1264,10 @@ class Net_SSH2 /** * Key Exchange * - * @param string $kexinit_payload_server + * @param string $kexinit_payload_server optional * @access private */ - function _key_exchange($kexinit_payload_server) + function _key_exchange($kexinit_payload_server = false) { static $kex_algorithms = array( 'diffie-hellman-group1-sha1', // REQUIRED @@ -1317,6 +1401,51 @@ class Net_SSH2 $client_cookie = crypt_random_string(16); + $kexinit_payload_client = pack( + 'Ca*Na*Na*Na*Na*Na*Na*Na*Na*Na*Na*CN', + NET_SSH2_MSG_KEXINIT, + $client_cookie, + strlen($str_kex_algorithms), + $str_kex_algorithms, + strlen($str_server_host_key_algorithms), + $str_server_host_key_algorithms, + strlen($encryption_algorithms_client_to_server), + $encryption_algorithms_client_to_server, + strlen($encryption_algorithms_server_to_client), + $encryption_algorithms_server_to_client, + strlen($mac_algorithms_client_to_server), + $mac_algorithms_client_to_server, + strlen($mac_algorithms_server_to_client), + $mac_algorithms_server_to_client, + strlen($compression_algorithms_client_to_server), + $compression_algorithms_client_to_server, + strlen($compression_algorithms_server_to_client), + $compression_algorithms_server_to_client, + 0, + '', + 0, + '', + 0, + 0 + ); + + if ($this->send_kex_first) { + if (!$this->_send_binary_packet($kexinit_payload_client)) { + return false; + } + + $kexinit_payload_server = $this->_get_binary_packet(); + if ($kexinit_payload_server === false) { + user_error('Connection closed by server'); + return false; + } + + if (!strlen($kexinit_payload_server) || ord($kexinit_payload_server[0]) != NET_SSH2_MSG_KEXINIT) { + user_error('Expected SSH_MSG_KEXINIT'); + return false; + } + } + $response = $kexinit_payload_server; $this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT) $server_cookie = $this->_string_shift($response, 16); @@ -1387,39 +1516,9 @@ class Net_SSH2 extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1))); $first_kex_packet_follows = $first_kex_packet_follows != 0; - // the sending of SSH2_MSG_KEXINIT could go in one of two places. this is the second place. - $kexinit_payload_client = pack( - 'Ca*Na*Na*Na*Na*Na*Na*Na*Na*Na*Na*CN', - NET_SSH2_MSG_KEXINIT, - $client_cookie, - strlen($str_kex_algorithms), - $str_kex_algorithms, - strlen($str_server_host_key_algorithms), - $str_server_host_key_algorithms, - strlen($encryption_algorithms_client_to_server), - $encryption_algorithms_client_to_server, - strlen($encryption_algorithms_server_to_client), - $encryption_algorithms_server_to_client, - strlen($mac_algorithms_client_to_server), - $mac_algorithms_client_to_server, - strlen($mac_algorithms_server_to_client), - $mac_algorithms_server_to_client, - strlen($compression_algorithms_client_to_server), - $compression_algorithms_client_to_server, - strlen($compression_algorithms_server_to_client), - $compression_algorithms_server_to_client, - 0, - '', - 0, - '', - 0, - 0 - ); - - if (!$this->_send_binary_packet($kexinit_payload_client)) { + if (!$this->send_kex_first && !$this->_send_binary_packet($kexinit_payload_client)) { return false; } - // here ends the second place. // we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the From ce5eb7e1c956c9f4f5e2a5925dcec3b1bc0aa0b4 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 7 Aug 2017 22:35:29 -0500 Subject: [PATCH 21/23] Tests/X509/CRLTest: fix path for crl.bin --- tests/Unit/File/X509/CRLTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Unit/File/X509/CRLTest.php b/tests/Unit/File/X509/CRLTest.php index 8c08ee60..78ad5d7d 100644 --- a/tests/Unit/File/X509/CRLTest.php +++ b/tests/Unit/File/X509/CRLTest.php @@ -11,7 +11,7 @@ class Unit_File_X509_CRLTest extends PhpseclibTestCase { public function testLoadCRL() { - $test = file_get_contents('crl.bin'); + $test = file_get_contents(__DIR__ . '/crl.bin'); $x509 = new X509(); From e7e30cd2399bff86b49a4ff3a4cd3df59af64084 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 7 Aug 2017 22:38:56 -0500 Subject: [PATCH 22/23] BigInteger: undo visibility changes --- phpseclib/Math/BigInteger/Engines/BCMath/Base.php | 2 +- phpseclib/Math/BigInteger/Engines/PHP/Base.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/phpseclib/Math/BigInteger/Engines/BCMath/Base.php b/phpseclib/Math/BigInteger/Engines/BCMath/Base.php index 91efeb00..026cd86f 100644 --- a/phpseclib/Math/BigInteger/Engines/BCMath/Base.php +++ b/phpseclib/Math/BigInteger/Engines/BCMath/Base.php @@ -60,7 +60,7 @@ abstract class Base extends BCMath * @param string $class * @return \phpseclib\Math\BigInteger\Engines\BCMath */ - public static function powModHelper(BCMath $x, BCMath $e, BCMath $n, $class) + protected static function powModHelper(BCMath $x, BCMath $e, BCMath $n, $class) { if (empty($e->value)) { $temp = new $class(); diff --git a/phpseclib/Math/BigInteger/Engines/PHP/Base.php b/phpseclib/Math/BigInteger/Engines/PHP/Base.php index 3529906e..640d17c6 100644 --- a/phpseclib/Math/BigInteger/Engines/PHP/Base.php +++ b/phpseclib/Math/BigInteger/Engines/PHP/Base.php @@ -80,7 +80,7 @@ abstract class Base extends PHP * @param string $class * @return \phpseclib\Math\BigInteger\Engines\PHP */ - public static function powModHelper(PHP $x, PHP $e, PHP $n, $class) + protected static function powModHelper(PHP $x, PHP $e, PHP $n, $class) { if (empty($e->value)) { $temp = new $class(); From 9d8f014748e4787c4f54a1bb8070cc4c8bb44497 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 7 Aug 2017 23:20:23 -0500 Subject: [PATCH 23/23] SymmetricKey: isValidKey took ints instead of strings --- phpseclib/Crypt/Blowfish.php | 6 ++--- phpseclib/Crypt/Common/SymmetricKey.php | 29 ++++++++++++++++++++++--- phpseclib/Crypt/DES.php | 6 ++--- phpseclib/Crypt/RC2.php | 6 ++--- phpseclib/Crypt/RC4.php | 6 ++--- phpseclib/Crypt/Rijndael.php | 6 ++--- phpseclib/Crypt/TripleDES.php | 6 ++--- tests/Unit/Crypt/RC4Test.php | 10 ++++----- tests/Unit/Crypt/TripleDESTest.php | 2 +- 9 files changed, 50 insertions(+), 27 deletions(-) diff --git a/phpseclib/Crypt/Blowfish.php b/phpseclib/Crypt/Blowfish.php index 9c91a0e1..5cf8b7a2 100644 --- a/phpseclib/Crypt/Blowfish.php +++ b/phpseclib/Crypt/Blowfish.php @@ -327,10 +327,10 @@ class Blowfish extends BlockCipher * * @see \phpseclib\Crypt\Common\SymmetricKey::isValidEngine() * @param int $engine - * @access public + * @access protected * @return bool */ - public function isValidEngine($engine) + protected function isValidEngineHelper($engine) { if ($engine == self::ENGINE_OPENSSL) { if (version_compare(PHP_VERSION, '5.3.7') < 0 && $this->key_length != 16) { @@ -343,7 +343,7 @@ class Blowfish extends BlockCipher $this->cipher_name_openssl = 'bf-' . $this->openssl_translate_mode(); } - return parent::isValidEngine($engine); + return parent::isValidEngineHelper($engine); } /** diff --git a/phpseclib/Crypt/Common/SymmetricKey.php b/phpseclib/Crypt/Common/SymmetricKey.php index 14f73fc9..6f198cd3 100644 --- a/phpseclib/Crypt/Common/SymmetricKey.php +++ b/phpseclib/Crypt/Common/SymmetricKey.php @@ -1712,10 +1712,10 @@ abstract class SymmetricKey * * @see self::__construct() * @param int $engine - * @access public + * @access private * @return bool */ - public function isValidEngine($engine) + protected function isValidEngineHelper($engine) { switch ($engine) { case self::ENGINE_OPENSSL: @@ -1756,6 +1756,29 @@ abstract class SymmetricKey return false; } + /** + * Test for engine validity + * + * @see self::__construct() + * @param string $engine + * @access public + * @return bool + */ + public function isValidEngine($engine) + { + static $reverseMap; + if (!isset($reverseMap)) { + $reverseMap = array_map('strtolower', self::ENGINE_MAP); + $reverseMap = array_flip($reverseMap); + } + $engine = strtolower($engine); + if (!isset($reverseMap[$engine])) { + return false; + } + + return $this->isValidEngineHelper($reverseMap[$engine]); + } + /** * Sets the preferred crypt engine * @@ -1816,7 +1839,7 @@ abstract class SymmetricKey self::ENGINE_EVAL ]; foreach ($candidateEngines as $engine) { - if ($this->isValidEngine($engine)) { + if ($this->isValidEngineHelper($engine)) { $this->engine = $engine; break; } diff --git a/phpseclib/Crypt/DES.php b/phpseclib/Crypt/DES.php index 6981cd96..b7c45ee4 100644 --- a/phpseclib/Crypt/DES.php +++ b/phpseclib/Crypt/DES.php @@ -603,10 +603,10 @@ class DES extends BlockCipher * * @see \phpseclib\Crypt\Common\SymmetricKey::isValidEngine() * @param int $engine - * @access public + * @access protected * @return bool */ - public function isValidEngine($engine) + protected function isValidEngineHelper($engine) { if ($this->key_length_max == 8) { if ($engine == self::ENGINE_OPENSSL) { @@ -615,7 +615,7 @@ class DES extends BlockCipher } } - return parent::isValidEngine($engine); + return parent::isValidEngineHelper($engine); } /** diff --git a/phpseclib/Crypt/RC2.php b/phpseclib/Crypt/RC2.php index 8854be51..013b32ec 100644 --- a/phpseclib/Crypt/RC2.php +++ b/phpseclib/Crypt/RC2.php @@ -284,10 +284,10 @@ class RC2 extends BlockCipher * * @see \phpseclib\Crypt\Common\SymmetricKey::__construct() * @param int $engine - * @access public + * @access protected * @return bool */ - public function isValidEngine($engine) + protected function isValidEngineHelper($engine) { switch ($engine) { case self::ENGINE_OPENSSL: @@ -298,7 +298,7 @@ class RC2 extends BlockCipher $this->cipher_name_openssl = 'rc2-' . $this->openssl_translate_mode(); } - return parent::isValidEngine($engine); + return parent::isValidEngineHelper($engine); } /** diff --git a/phpseclib/Crypt/RC4.php b/phpseclib/Crypt/RC4.php index 865776ff..e2d8b24e 100644 --- a/phpseclib/Crypt/RC4.php +++ b/phpseclib/Crypt/RC4.php @@ -139,10 +139,10 @@ class RC4 extends StreamCipher * * @see \phpseclib\Crypt\Common\SymmetricKey::__construct() * @param int $engine - * @access public + * @access protected * @return bool */ - public function isValidEngine($engine) + protected function isValidEngineHelper($engine) { if ($engine == self::ENGINE_OPENSSL) { if (version_compare(PHP_VERSION, '5.3.7') >= 0) { @@ -164,7 +164,7 @@ class RC4 extends StreamCipher } } - return parent::isValidEngine($engine); + return parent::isValidEngineHelper($engine); } /** diff --git a/phpseclib/Crypt/Rijndael.php b/phpseclib/Crypt/Rijndael.php index e78d578c..1553bb09 100644 --- a/phpseclib/Crypt/Rijndael.php +++ b/phpseclib/Crypt/Rijndael.php @@ -273,10 +273,10 @@ class Rijndael extends BlockCipher * * @see \phpseclib\Crypt\Common\SymmetricKey::__construct() * @param int $engine - * @access public + * @access protected * @return bool */ - public function isValidEngine($engine) + protected function isValidEngineHelper($engine) { switch ($engine) { case self::ENGINE_OPENSSL: @@ -294,7 +294,7 @@ class Rijndael extends BlockCipher } } - return parent::isValidEngine($engine); + return parent::isValidEngineHelper($engine); } /** diff --git a/phpseclib/Crypt/TripleDES.php b/phpseclib/Crypt/TripleDES.php index 9dede481..3c665f29 100644 --- a/phpseclib/Crypt/TripleDES.php +++ b/phpseclib/Crypt/TripleDES.php @@ -178,10 +178,10 @@ class TripleDES extends DES * * @see \phpseclib\Crypt\Common\SymmetricKey::__construct() * @param int $engine - * @access public + * @access protected * @return bool */ - public function isValidEngine($engine) + protected function isValidEngineHelper($engine) { if ($engine == self::ENGINE_OPENSSL) { $this->cipher_name_openssl_ecb = 'des-ede3'; @@ -189,7 +189,7 @@ class TripleDES extends DES $this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode; } - return parent::isValidEngine($engine); + return parent::isValidEngineHelper($engine); } /** diff --git a/tests/Unit/Crypt/RC4Test.php b/tests/Unit/Crypt/RC4Test.php index e7aa6e3b..872b6a48 100644 --- a/tests/Unit/Crypt/RC4Test.php +++ b/tests/Unit/Crypt/RC4Test.php @@ -215,20 +215,20 @@ class Unit_Crypt_RC4Test extends PhpseclibTestCase { $objects = $engines = array(); $temp = new RC4(RC4::MODE_CTR); - $temp->setPreferredEngine(RC4::ENGINE_INTERNAL); + $temp->setPreferredEngine('internal'); $objects[] = $temp; $engines[] = 'internal'; - if ($temp->isValidEngine(RC4::ENGINE_MCRYPT)) { + if ($temp->isValidEngine('mcrypt')) { $temp = new RC4(RC4::MODE_CTR); - $temp->setPreferredEngine(RC4::ENGINE_MCRYPT); + $temp->setPreferredEngine('mcrypt'); $objects[] = $temp; $engines[] = 'mcrypt'; } - if ($temp->isValidEngine(RC4::ENGINE_OPENSSL)) { + if ($temp->isValidEngine('openssl')) { $temp = new RC4(RC4::MODE_CTR); - $temp->setPreferredEngine(RC4::ENGINE_OPENSSL); + $temp->setPreferredEngine('openssl'); $objects[] = $temp; $engines[] = 'OpenSSL'; } diff --git a/tests/Unit/Crypt/TripleDESTest.php b/tests/Unit/Crypt/TripleDESTest.php index cd8a7ccf..64350663 100644 --- a/tests/Unit/Crypt/TripleDESTest.php +++ b/tests/Unit/Crypt/TripleDESTest.php @@ -167,7 +167,7 @@ class Unit_Crypt_TripleDESTest extends PhpseclibTestCase $des->disablePadding(); $result = $des->encrypt($plaintext); $plaintext = bin2hex($plaintext); - $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engin engine"); + $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); } public function testInnerChaining()