From 0ac8b5d5ed5daa4df6dce787ddb5d6d93258db99 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 6 Aug 2017 10:30:29 -0500 Subject: [PATCH 1/4] ASN1: rm unused method (decodeLength) --- phpseclib/File/ASN1.php | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index 295a2b72..9594580e 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -1348,27 +1348,6 @@ abstract class ASN1 return $temp != false ? $temp : $str; } - /** - * DER-decode the length - * - * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See - * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. - * - * @access public - * @param string $string - * @return int - */ - public static function decodeLength(&$string) - { - $length = ord(Strings::shift($string)); - if ($length & 0x80) { // definite length, long form - $length&= 0x7F; - $temp = Strings::shift($string, $length); - list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)); - } - return $length; - } - /** * DER-encode the length * From 135a4decf1509055649065e523598e05fcd193f2 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 6 Aug 2017 10:49:03 -0500 Subject: [PATCH 2/4] Tests/X509: add setEndDate --- tests/Unit/File/X509/X509Test.php | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/Unit/File/X509/X509Test.php b/tests/Unit/File/X509/X509Test.php index 41258b21..773e2c41 100644 --- a/tests/Unit/File/X509/X509Test.php +++ b/tests/Unit/File/X509/X509Test.php @@ -181,6 +181,7 @@ aBtsWpliLSex/HHhtRW9AkBGcq67zKmEpJ9kXcYLEjJii3flFS+Ct/rNm+Hhm1l7 $issuer->setDN($subject->getDN()); $x509 = new X509(); + $x509->setEndDate('lifetime'); $result = $x509->sign($issuer, $subject); $cert = $x509->saveX509($result); From bd489a16dc73d9e7dcc44a0b7544fd3e656e118d Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 6 Aug 2017 12:35:52 -0500 Subject: [PATCH 3/4] Tests/X509: add CRL test --- tests/Unit/File/X509/CRLTest.php | 24 ++++++++++++++++++++++++ tests/Unit/File/X509/crl.bin | Bin 0 -> 5540 bytes 2 files changed, 24 insertions(+) create mode 100644 tests/Unit/File/X509/CRLTest.php create mode 100644 tests/Unit/File/X509/crl.bin diff --git a/tests/Unit/File/X509/CRLTest.php b/tests/Unit/File/X509/CRLTest.php new file mode 100644 index 00000000..8c08ee60 --- /dev/null +++ b/tests/Unit/File/X509/CRLTest.php @@ -0,0 +1,24 @@ + + * @copyright 2017 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + */ + +use phpseclib\File\X509; + +class Unit_File_X509_CRLTest extends PhpseclibTestCase +{ + public function testLoadCRL() + { + $test = file_get_contents('crl.bin'); + + $x509 = new X509(); + + $x509->loadCRL($test); + + $reason = $x509->getRevokedCertificateExtension('9048354325167497831898969642461237543', 'id-ce-cRLReasons'); + + $this->assertSame('unspecified', $reason); + } +} diff --git a/tests/Unit/File/X509/crl.bin b/tests/Unit/File/X509/crl.bin new file mode 100644 index 0000000000000000000000000000000000000000..ef6d3ee192c8cfbf4b1a9356137750ed436aa551 GIT binary patch literal 5540 zcmai&d0b3;AIF=SnrXJCwAYP@B;uSi=ggv%h@#ZhqO_pBv>*|Z7WBAj6E_rV%uA)K6Ewm`)Ms!s#>G{p#K0VL#yQcr9Gw=ESzQ5o1`}ux;2T9T_K$0|ekx3+k zO{JSA+a-TtlSoQR3P>o*MCeqCn<7=6?B;@MBI@D~40V=GXmIHKz^G`$MUnofE}|{| zH&b0TCMITP0C?mN9?kS$6M>o_#^Og5^$C9ycA>!`hSuxXZ;0}Z^ba&#u*`72wHd0- zMllpc1SlUt2-H*h5hcVQ5yTToQZGklkyS|%f~H|xr@-nNm`7?-Un=+-f}()Lxk5l8 zEQA5V8E7g}7$gNTKz53xkh2o6%kxB^H7#`qnc%yh+3<4-EVx@&TEV!$cH-wZ8 zWO+#d9)cqvZ4`$9$_GUzNB5*17Yvh{oVu=Dl>#Ua#R&p|Es0|vt>=G%osyH)@|?tc z+9U(`U{m=B9}_gi zPI-=L?*+UxNK54+`(>xFQZB$meaiBVE%3Yd+_}EJ2!{Ak#R_;|8a_W)+LX<}cP$2}M-&`2pGorP7MD3(*)iY%) z3BU&}grEX~2Ln_^2tXz%^4Bu*}%7*z43U$nfF;W?VvIJrV)3?Rf|+sbI$ z9{%C>tczti`I%qck0{FpSid&#wC^Vwk9f6=7S`z<{||s67%XWPXKitA=3tJ|*07aZ zX2%QU0xG&D%S;{)>_2guF|R4+rKSuZP#(_b5|CY@K20AkR?Ry;LzKOCwT<0L86dzg z0!SDHVD~y4YMNK>)n1=^Co&S9b)8UYi4mJ<@Nj#KV^ToPvy%+a{+ba?XYL}>#F#Hs;A0Jg1+_sV?5 z$@U=(`dV{S=LbAVgdYJaQzo5l461IbDPG!~==dp33ILT9>po1#6x-Y;#Jvjcw68<7 zl#}ZCe*-*(3+)HG`Yf)ZU)4a|vaRuNML$V%5TXQvp%@p|Kq_C~t4&;Vdc$CLsN(E% zIpZY}000IGU?2xaF`A(>v3m>q+2fFtXZOwfCIf^hpFj~<4wROutQp}hj9QP6nQtrS z)=2>{>jVVKg`ER6^3&+xR29F6Ck%2$)weFn01PEC0T*@-WNNorm`@FTdD=%#5O>dK z86ZRjI1hsrpQ7sZ%IfJZzOnU__AjnEKU*%q)bG96d!;Wj^<_rH!s7Hqxd18FZr}|4 zPSUERd;=5n`paSfMGzjC#g~54A~xNRWfcQ+<2qP ziY4o$0I&{xAOgUW{GZogwir5SlsQM_3j;E|rs!Re0ic?=Tnwff$~zA3+n$^*%)WK$ z>;1_qoFxE?2vH$d2(=DOYdw!O_SE?e=hp{~)9<6o1*ko70msg+?EE;Pr*^$lY>E^> zffoSv3fm=C%BuUj7Zn6L;-W43U%jt?2S5%u21}Y;b0vu3&Mkkef4as$`@HGj04Q$^ zHg;)NUfAky8Pk2H{eDQa`I?bjfLYVsTNZN3csf}>wy3V?hFn02Wjiv2b24+|gAOm< zGbHhRp!|5^j)N{qC06}N$EJ+~DNUlbSvO3@u2TH>&j2;TI;&9E*L}{u>GOvYsv@NT z#se)1+7wb6Y>OMF#`Y`Bjt&PXT`o<$BNw0?Ebls;eCJyEDW3)hzbt8KU_d4jlz=vn za(-XajM0d?O9O+OL&i>qyVtFynh&3 za4yiL78HqV3D_85)xpSu`=xkGTqC->B(LX9W2l?ndkMfrxIp{Bpo0`2 zb*Ce?Ke6rH0o*KrYT#u)2Ed_L8uIyT^xdiV56)$!>YRBn8Z85OV89Uw%p`I&r&gTa zZj|X0a7<*h=Z4r|fw}{A1b&}@$vxYwrnJn}mA3qefpNxZO_mfuaa6!1aA*!|rs*80 zuXucD>1ItvElI3=Ac7Qt`c~R~wepYsi{I7clyrwaRoFEK;6clqVXoivnF@Nw0ZC>9PfDgT8 zDJEyz(w#$Vb&>>q7PN;xG647n&_J*V^p)ccImxx!ck2GtxlgN_DFuKoiSG}v8An+r z@_QQ{TDWqMPmUpx_lyOgeu;gf?T`K)Cudn(Wmx$-XWjk|fMP|U_J8ej~+fqE;Tmeuo@fC>VZpIaslO?0hVl9 zh*g+dm1(Poi`Z*m;x`)N90=G1V&H!s$fcb!p1fzB(Jw8plH>z#8%Evs$J=@KS=BH1 zP+le%phbnX9H!K%1)h9ST6~YLHU{89tpnZch9fiEv1`AZTIJp>PXAZ{s!K{&w|h+Y zo5q{evE}aWr`|WE0LU3A6SVl~8}oj~V@`Tcz3HjZ(z>liF2E{r+r?qKHC1Gz$-z+r zkL3cSV)y0g553H5MlQT!ld~5{00CH#00S)tDL%%Bm7my}NlgpN3ysqjmx*5&VW1bl zd=MWX1YlP_7+Lk}^&`1gns>(V7DF%)gSC_MXOsHG`ME{K1+TNZ5T^JG8j6Z!vQpyzyo97Akw^-hS51k_@4nWa8gK1A z>q(eS^)c-&Hm=RlGhe=6N-yj*G1~8KVSi59%H>wKPxI}xILitJ^2E#A4sGZ^=&rZ^ z%g)l?=+??0t!0nQcFuIzl%6@+?wjXQQU1W zm|uKKsM<$#EdRC9c1K~m_iOZ6@?@jMk#C3f5+=3YE)pbV?{F5Rb<7`c6*}=#g>M1o zbuJ^KJ7!1Q!jycqXYOxA@18tj%`G@=tGSTXmiHi{w4tZN+gxpS2t~)C*ygi!@0vgx wlPc}}XW^bEoUP;)Hm_6j8JV5w>895<_<1+oyR>A!AF9171XWmjD0& literal 0 HcmV?d00001 From 9f540a82e672c48851f9517c0b9265cb88024c4f Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 6 Aug 2017 17:29:30 -0500 Subject: [PATCH 4/4] minor fixes to X509 and SSH2 --- phpseclib/File/X509.php | 7 ++++--- phpseclib/Net/SSH2.php | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index a95784b5..8d3f50df 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -3129,12 +3129,13 @@ class X509 * Returns a list of all extensions in use in certificate, CSR or CRL * * @param array $cert optional + * @param string $path optional * @access public * @return array */ - public function getExtensions($cert = null) + public function getExtensions($cert = null, $path = null) { - return $this->getExtensionsHelper($cert); + return $this->getExtensionsHelper($cert, $path); } /** @@ -3686,7 +3687,7 @@ class X509 if (is_array($rclist = $this->subArray($crl, 'tbsCertList/revokedCertificates'))) { if (($i = $this->revokedCertificate($rclist, $serial)) !== false) { - return $this->getExtensionsHelper($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + return $this->getExtensions($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); } } diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 49653416..6ed3884d 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -4236,7 +4236,7 @@ class SSH2 case $r->compare($q) >= 0: case $s->equals($zero): case $s->compare($q) >= 0: - $this->disconnectHepler(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new \RuntimeException('Invalid signature'); }