1
0
mirror of https://github.com/danog/tgseclib.git synced 2024-12-13 17:47:33 +01:00
tgseclib/phpseclib/System/SSH/Agent/Identity.php

160 lines
4.2 KiB
PHP
Raw Normal View History

<?php
/**
2014-12-03 17:59:01 +01:00
* Pure-PHP ssh-agent client.
*
2015-04-02 12:57:52 +02:00
* PHP version 5
2014-12-03 17:59:01 +01:00
*
* @category System
2014-12-15 18:25:46 +01:00
* @package SSH\Agent
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2009 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
*/
2014-12-15 18:25:46 +01:00
namespace phpseclib\System\SSH\Agent;
use phpseclib\System\SSH\Agent;
/**
* Pure-PHP ssh-agent client identity object
*
2014-12-15 18:25:46 +01:00
* Instantiation should only be performed by \phpseclib\System\SSH\Agent class.
2014-12-17 01:16:54 +01:00
* This could be thought of as implementing an interface that phpseclib\Crypt\RSA
* implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something.
* The methods in this interface would be getPublicKey, setSignatureMode
* and sign since those are the methods phpseclib looks for to perform
* public key authentication.
*
2014-12-15 18:25:46 +01:00
* @package SSH\Agent
* @author Jim Wigginton <terrafrost@php.net>
* @access internal
*/
2014-12-15 18:25:46 +01:00
class Identity
{
/**
* Key Object
*
2014-12-17 01:16:54 +01:00
* @var \phpseclib\Crypt\RSA
* @access private
2014-12-15 18:25:46 +01:00
* @see \phpseclib\System\SSH\Agent\Identity::getPublicKey()
*/
var $key;
/**
* Key Blob
*
* @var String
* @access private
2014-12-15 18:25:46 +01:00
* @see \phpseclib\System\SSH\Agent\Identity::sign()
*/
var $key_blob;
/**
* Socket Resource
*
* @var Resource
* @access private
2014-12-15 18:25:46 +01:00
* @see \phpseclib\System\SSH\Agent\Identity::sign()
*/
var $fsock;
/**
* Default Constructor.
*
* @param Resource $fsock
2014-12-15 18:25:46 +01:00
* @return \phpseclib\System\SSH\Agent\Identity
* @access private
*/
function __construct($fsock)
{
$this->fsock = $fsock;
}
/**
* Set Public Key
*
2014-12-15 18:25:46 +01:00
* Called by \phpseclib\System\SSH\Agent::requestIdentities()
*
2014-12-17 01:16:54 +01:00
* @param \phpseclib\Crypt\RSA $key
* @access private
*/
function setPublicKey($key)
{
$this->key = $key;
$this->key->setPublicKey();
}
/**
* Set Public Key
*
2014-12-15 18:25:46 +01:00
* Called by \phpseclib\System\SSH\Agent::requestIdentities(). The key blob could be extracted from $this->key
* but this saves a small amount of computation.
*
* @param String $key_blob
* @access private
*/
function setPublicKeyBlob($key_blob)
{
$this->key_blob = $key_blob;
}
/**
* Get Public Key
*
* Wrapper for $this->key->getPublicKey()
*
* @param Integer $format optional
* @return Mixed
* @access public
*/
function getPublicKey($format = null)
{
return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format);
}
/**
* Set Signature Mode
*
* Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie.
2014-12-17 01:16:54 +01:00
* ssh-agent's only supported mode is \phpseclib\Crypt\RSA::SIGNATURE_PKCS1
*
* @param Integer $mode
* @access public
*/
function setSignatureMode($mode)
{
}
/**
* Create a signature
*
* See "2.6.2 Protocol 2 private key signature request"
*
* @param String $message
* @return String
* @access public
*/
function sign($message)
{
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
2014-12-15 18:25:46 +01:00
$packet = pack('CNa*Na*N', Agent::SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0);
$packet = pack('Na*', strlen($packet), $packet);
if (strlen($packet) != fputs($this->fsock, $packet)) {
user_error('Connection closed during signing');
}
$length = current(unpack('N', fread($this->fsock, 4)));
$type = ord(fread($this->fsock, 1));
2014-12-15 18:25:46 +01:00
if ($type != Agent::SSH_AGENT_SIGN_RESPONSE) {
user_error('Unable to retreive signature');
}
$signature_blob = fread($this->fsock, $length - 1);
// the only other signature format defined - ssh-dss - is the same length as ssh-rsa
// the + 12 is for the other various SSH added length fields
return substr($signature_blob, strlen('ssh-rsa') + 12);
}
}