From 2f241644b657ca49a0389497b385ffd5710ce7ec Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 2 Jul 2019 06:42:17 -0500 Subject: [PATCH 01/19] update copyright years on license --- LICENSE | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/LICENSE b/LICENSE index a8ec8ebd..e7214ebb 100644 --- a/LICENSE +++ b/LICENSE @@ -1,5 +1,4 @@ -Copyright 2007-2016 TerraFrost and other contributors -http://phpseclib.sourceforge.net/ +Copyright (c) 2011-2019 TerraFrost and other contributors Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -18,4 +17,4 @@ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file From e942f9b1c3921fa0f7bc89d642f0c73f6d2a8b3a Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 2 Jul 2019 07:03:46 -0500 Subject: [PATCH 02/19] README: misc updates --- README.md | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index da5ce561..bdcc7322 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,14 @@ [![Build Status](https://travis-ci.org/phpseclib/phpseclib.svg?branch=1.0)](https://travis-ci.org/phpseclib/phpseclib) +## Supporting phpseclib + +- [Become a backer or sponsor on Patreon](https://www.patreon.com/phpseclib) +- [One-time donation via PayPal or crypto-currencies](http://sourceforge.net/donate/index.php?group_id=198487) +- [Subscribe to Tidelift](https://tidelift.com/subscription/pkg/packagist-phpseclib-phpseclib?utm_source=packagist-phpseclib-phpseclib&utm_medium=referral&utm_campaign=readme) + +## Introduction + MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS#1 (v2.1) compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509 @@ -28,17 +36,21 @@ AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509 * Modernized version of 1.0 * Minimum PHP version: 5.3.3 * PSR-4 autoloading with namespace rooted at `\phpseclib` -* Install via Composer: `composer require phpseclib/phpseclib ~2.0` +* Install via Composer: `composer require phpseclib/phpseclib:~2.0` ### 1.0 * Long term support (LTS) release * PHP4 compatible * Composer compatible (PSR-0 autoloading) -* Install using Composer: `composer require phpseclib/phpseclib ~1.0` +* Install using Composer: `composer require phpseclib/phpseclib:~1.0` * Install using PEAR: See [phpseclib PEAR Channel Documentation](http://phpseclib.sourceforge.net/pear.htm) * [Download 1.0.16 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.16.zip/download) +## Security contact information + +To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security). Tidelift will coordinate the fix and disclosure. + ## Support Need Support? From 338eb2e4d33b4a7477b3f4e56fdc03dc9553a872 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 2 Jul 2019 07:26:30 -0500 Subject: [PATCH 03/19] create FUNDING.yml --- .github/FUNDING.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .github/FUNDING.yml diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 00000000..62edd7ec --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,12 @@ +# These are supported funding model platforms + +github: terrafrost +patreon: phpseclib +open_collective: # Replace with a single Open Collective username +ko_fi: # Replace with a single Ko-fi username +tidelift: phpseclib/phpseclib +community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry +liberapay: # Replace with a single Liberapay username +issuehunt: # Replace with a single IssueHunt username +otechie: # Replace with a single Otechie username +custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] From 53c249a9b5724f4635ebe497dffe91427622b64d Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 2 Jul 2019 07:29:56 -0500 Subject: [PATCH 04/19] FUNDING: i am not yet approved as a GitHub Sponsor --- .github/FUNDING.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index 62edd7ec..c441a02d 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,6 +1,6 @@ # These are supported funding model platforms -github: terrafrost +github: #terrafrost patreon: phpseclib open_collective: # Replace with a single Open Collective username ko_fi: # Replace with a single Ko-fi username From e743d900b4aa619b03ef51ab46272e99760c704d Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 2 Jul 2019 07:31:12 -0500 Subject: [PATCH 05/19] FUNDING: update for tidelift --- .github/FUNDING.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index c441a02d..ffdda8f7 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -4,7 +4,7 @@ github: #terrafrost patreon: phpseclib open_collective: # Replace with a single Open Collective username ko_fi: # Replace with a single Ko-fi username -tidelift: phpseclib/phpseclib +tidelift: "packagist/phpseclib/phpseclib" community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry liberapay: # Replace with a single Liberapay username issuehunt: # Replace with a single IssueHunt username From d9b42c16174f494686782fa6577abfcadb1cc298 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Thu, 4 Jul 2019 21:34:07 -0500 Subject: [PATCH 06/19] update FUNDING.yml --- .github/FUNDING.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index ffdda8f7..f11859e8 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -4,7 +4,7 @@ github: #terrafrost patreon: phpseclib open_collective: # Replace with a single Open Collective username ko_fi: # Replace with a single Ko-fi username -tidelift: "packagist/phpseclib/phpseclib" +tidelift: "packagist/phpseclib/mcrypt_compat" community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry liberapay: # Replace with a single Liberapay username issuehunt: # Replace with a single IssueHunt username From b6e5b81a26d5c3d0a941526144ba2d750bac2c6e Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 9 Jul 2019 08:18:28 -0500 Subject: [PATCH 07/19] FUNDING.yml: another update --- .github/FUNDING.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index f11859e8..ffdda8f7 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -4,7 +4,7 @@ github: #terrafrost patreon: phpseclib open_collective: # Replace with a single Open Collective username ko_fi: # Replace with a single Ko-fi username -tidelift: "packagist/phpseclib/mcrypt_compat" +tidelift: "packagist/phpseclib/phpseclib" community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry liberapay: # Replace with a single Liberapay username issuehunt: # Replace with a single IssueHunt username From 9015d987f7d9fbd9d307fce89504d91dc89a8dca Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 12 Jul 2019 07:36:12 -0500 Subject: [PATCH 08/19] only auto close the channel for exec() timeouts --- phpseclib/Net/SSH2.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 04e25426..fdc1da40 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -3815,7 +3815,9 @@ class Net_SSH2 // on windows this returns a "Warning: Invalid CRT parameters detected" error if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { $this->is_timeout = true; - $this->_close_channel($client_channel); + if ($client_channel == NET_SSH2_CHANNEL_EXEC && !$this->request_pty) { + $this->_close_channel($client_channel); + } return true; } $elapsed = strtok(microtime(), ' ') + strtok('') - $start; From 9f1287e68b3f283339a9f98f67515dd619e5bf9d Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 12 Jul 2019 07:53:49 -0500 Subject: [PATCH 09/19] SSH2: update constant for last commit --- phpseclib/Net/SSH2.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index bcb25cde..817fa165 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -3712,7 +3712,7 @@ class SSH2 // on windows this returns a "Warning: Invalid CRT parameters detected" error if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { $this->is_timeout = true; - if ($client_channel == NET_SSH2_CHANNEL_EXEC && !$this->request_pty) { + if ($client_channel == self::CHANNEL_EXEC && !$this->request_pty) { $this->_close_channel($client_channel); } return true; @@ -3762,7 +3762,7 @@ class SSH2 switch ($type) { case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: /* - if ($client_channel == NET_SSH2_CHANNEL_EXEC) { + if ($client_channel == self::CHANNEL_EXEC) { $this->_send_channel_packet($client_channel, chr(0)); } */ From d448dba5a1d72f5e6f8b1fb158b4b0beb260b429 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 14 Jul 2019 10:52:24 -0500 Subject: [PATCH 10/19] Travis: allow failures on 7.4snapshot --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 293619f2..1f19d644 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,6 +20,7 @@ before_install: true matrix: allow_failures: - php: nightly + - 7.4snapshot install: - wget http://ftp.gnu.org/gnu/parallel/parallel-20170822.tar.bz2 From eb36430ff1335299b77ddd94df60dba9564c730a Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 14 Jul 2019 12:02:10 -0500 Subject: [PATCH 11/19] another update to .travis.yml --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 1f19d644..02f1955a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,7 +20,7 @@ before_install: true matrix: allow_failures: - php: nightly - - 7.4snapshot + - php: 7.4snapshot install: - wget http://ftp.gnu.org/gnu/parallel/parallel-20170822.tar.bz2 From bba31ebe205a6497acb7349a76b26c10f1671845 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Mon, 15 Jul 2019 00:21:54 -0500 Subject: [PATCH 12/19] Changelog: add 2.0.21 entry --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 59cd22c3..c0da52af 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 2.0.21 - 2019-07-14 + +- SSH2: only auto close the channel for exec() timeouts (#1384) + ## 2.0.20 - 2019-06-23 - BigInteger: lower PHP req back down to PHP 5.3.3 (#1382) From 19ad5d27daf5a54b862f01967b284f84bcd237e0 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 30 Jul 2019 07:15:48 -0500 Subject: [PATCH 13/19] X509: ips in nameconstraints ext include netmask --- phpseclib/File/X509.php | 27 +++++++++++++++++--- tests/Unit/File/X509/X509Test.php | 42 +++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+), 3 deletions(-) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 3d4b1fcf..3a694f29 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -1650,7 +1650,10 @@ class File_X509 corresponding to the extension type identified by extnID */ $map = $this->_getMapping($id); if (!is_bool($map)) { - $mapped = $asn1->asn1map($decoded[0], $map, array('iPAddress' => array($this, '_decodeIP'))); + $decoder = $id == 'id-ce-nameConstraints' ? + array($this, '_decodeNameConstraintIP') : + array($this, '_decodeIP'); + $mapped = $asn1->asn1map($decoded[0], $map, array('iPAddress' => $decoder)); $value = $mapped === false ? $decoded[0] : $mapped; if ($id == 'id-ce-certificatePolicies') { @@ -2555,18 +2558,36 @@ class File_X509 return long2ip($ip); } + /** + * Decodes an IP address in a name constraints extension + * + * Takes in a base64 encoded "blob" and returns a human readable IP address / mask + * + * @param string $ip + * @access private + * @return array + */ + function _decodeNameConstraintIP($ip) + { + $ip = base64_decode($ip); + list(, $ip, $mask) = unpack('N2', $ip); + return [long2ip($ip), long2ip($mask)]; + } + /** * Encodes an IP address * * Takes a human readable IP address into a base64-encoded "blob" * - * @param string $ip + * @param string|array $ip * @access private * @return string */ function _encodeIP($ip) { - return base64_encode(pack('N', ip2long($ip))); + return is_string($ip) ? + base64_encode(pack('N', ip2long($ip))) : + base64_encode(pack('NN', ip2long($ip[0]), ip2long($ip[1]))); } /** diff --git a/tests/Unit/File/X509/X509Test.php b/tests/Unit/File/X509/X509Test.php index 60509a68..d8641834 100644 --- a/tests/Unit/File/X509/X509Test.php +++ b/tests/Unit/File/X509/X509Test.php @@ -691,4 +691,46 @@ A9bhRA0cVk7bAEU2c44CYg== $this->assertFalse($r); } + + /** + * @group github1387 + */ + public function testNameConstraintIP() + { + $x509 = new File_X509(); + $r = $x509->loadX509('-----BEGIN CERTIFICATE----- +MIIGcDCCBVigAwIBAgIQRUgJC4ec7yFWcqzT3mwbWzANBgkqhkiG9w0BAQwFADB1MQswCQYDVQQG +EwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEoMCYGA1UEAwwfRUUgQ2Vy +dGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYGCSqGSIb3DQEJARYJcGtpQHNrLmVlMCAXDTE1 +MTIxNzEyMzg0M1oYDzIwMzAxMjE3MjM1OTU5WjBjMQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMg +U2VydGlmaXRzZWVyaW1pc2tlc2t1czEXMBUGA1UEYQwOTlRSRUUtMTA3NDcwMTMxFzAVBgNVBAMM +DkVTVEVJRC1TSyAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0oH61NDxbdW9 +k8nLA1qGaL4B7vydod2Ewp/STBZB3wEtIJCLdkpEsS8pXfFiRqwDVsgGGbu+Q99trlb5LI7yi7rI +kRov5NftBdSNPSU5rAhYPQhvZZQgOwRaHa5Ey+BaLJHmLqYQS9hQvQsCYyws+xVvNFUpK0pGD64i +ycqdMuBl/nWq3fLuZppwBh0VFltm4nhr/1S0R9TRJpqFUGbGr4OK/DwebQ5PjhdS40gCUNwmC7fP +Q4vIH+x+TCk2aG+u3MoAz0IrpVWqiwzG/vxreuPPAkgXeFCeYf6fXLsGz4WivsZFbph2pMjELu6s +ltlBXfAG3fGv43t91VXicyzR/eT5dsB+zFsW1sHV+1ONPr+qzgDxCH2cmuqoZNfIIq+buob3eA8e +e+XpJKJQr+1qGrmhggjvAhc7m6cU4x/QfxwRYhIVNhJf+sKVThkQhbJ9XxuKk3c18wymwL1mpDD0 +PIGJqlssMeiuJ4IzagFbgESGNDUd4icm0hQT8CmQeUm1GbWeBYseqPhMQX97QFBLXJLVy2SCyoAz +7Bq1qA43++EcibN+yBc1nQs2Zoq8ck9MK0bCxDMeUkQUz6VeQGp69ImOQrsw46qTz0mtdQrMSbnk +XCuLan5dPm284J9HmaqiYi6j6KLcZ2NkUnDQFesBVlMEm+fHa2iR6lnAFYZ06UECAwEAAaOCAgow +ggIGMB8GA1UdIwQYMBaAFBLyWj7qVhy/zQas8fElyalL1BSZMB0GA1UdDgQWBBSzq4i8mdVipIUq +CM20HXI7g3JHUTAOBgNVHQ8BAf8EBAMCAQYwdwYDVR0gBHAwbjAIBgYEAI96AQIwCQYHBACL7EAB +AjAwBgkrBgEEAc4fAQEwIzAhBggrBgEFBQcCARYVaHR0cHM6Ly93d3cuc2suZWUvQ1BTMAsGCSsG +AQQBzh8BAjALBgkrBgEEAc4fAQMwCwYJKwYBBAHOHwEEMBIGA1UdEwEB/wQIMAYBAf8CAQAwQQYD +VR0eBDowOKE2MASCAiIiMAqHCAAAAAAAAAAAMCKHIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAMCcGA1UdJQQgMB4GCCsGAQUFBwMJBggrBgEFBQcDAgYIKwYBBQUHAwQwfAYIKwYBBQUH +AQEEcDBuMCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcC5zay5lZS9DQTBKBggrBgEFBQcwAoY+aHR0 +cDovL3d3dy5zay5lZS9jZXJ0cy9FRV9DZXJ0aWZpY2F0aW9uX0NlbnRyZV9Sb290X0NBLmRlci5j +cnQwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL3d3dy5zay5lZS9yZXBvc2l0b3J5L2NybHMvZWVj +Y3JjYS5jcmwwDQYJKoZIhvcNAQEMBQADggEBAHRWDGI3P00r2sOnlvLHKk9eE7X93eT+4e5TeaQs +OpE5zQRUTtshxN8Bnx2ToQ9rgi18q+MwXm2f0mrGakYYG0bix7ZgDQvCMD/kuRYmwLGdfsTXwh8K +uL6uSHF+U/ZTss6qG7mxCHG9YvebkN5Yj/rYRvZ9/uJ9rieByxw4wo7b19p22PXkAkXP5y3+qK/O +et98lqwI97kJhiS2zxFYRk+dXbazmoVHnozYKmsZaSUvoYNNH19tpS7BLdsgi9KpbvQLb5ywIMq9 +ut3+b2Xvzq8yzmHMFtLIJ6Afu1jJpqD82BUAFcvi5vhnP8M7b974R18WCOpgNQvXDI+2/8ZINeU= +-----END CERTIFICATE-----'); + $r = $x509->saveX509($r); + $r = $x509->loadX509($r); + $this->assertSame($r['tbsCertificate']['extensions'][5]['extnValue']['excludedSubtrees'][1]['base']['iPAddress'], ['0.0.0.0', '0.0.0.0']); + } } From 511f55de3d1d504e4686f9d558a3c10709b413f8 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 2 Aug 2019 21:51:06 -0500 Subject: [PATCH 14/19] X509: fix issue with explicit time tags whose maps expect implicit --- phpseclib/File/ASN1.php | 14 ++++++++++++-- phpseclib/File/X509.php | 9 +++++++++ tests/Unit/File/ASN1Test.php | 29 +++++++++++++++++++++++++++++ 3 files changed, 50 insertions(+), 2 deletions(-) diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index abab574a..1a79173d 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -787,7 +787,14 @@ class File_ASN1 case FILE_ASN1_TYPE_UTC_TIME: case FILE_ASN1_TYPE_GENERALIZED_TIME: if (class_exists('DateTime')) { - if (isset($mapping['implicit'])) { + // for explicitly tagged optional stuff + if (is_array($decoded['content'])) { + $decoded['content'] = $decoded['content'][0]['content']; + } + // for implicitly tagged optional stuff + // in theory, doing isset($mapping['implicit']) would work but malformed certs do exist + // in the wild that OpenSSL decodes without issue so we'll support them as well + if (!is_object($decoded['content'])) { $decoded['content'] = $this->_decodeDateTime($decoded['content'], $decoded['type']); } if (!$decoded['content']) { @@ -795,7 +802,10 @@ class File_ASN1 } return $decoded['content']->format($this->format); } else { - if (isset($mapping['implicit'])) { + if (is_array($decoded['content'])) { + $decoded['content'] = $decoded['content'][0]['content']; + } + if (!is_int($decoded['content'])) { $decoded['content'] = $this->_decodeUnixTime($decoded['content'], $decoded['type']); } return @date($this->format, $decoded['content']); diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 3a694f29..ccf964f5 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -982,6 +982,13 @@ class File_X509 'children' => $AccessDescription ); + $this->SubjectInfoAccessSyntax = array( + 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => $AccessDescription + ); + $this->SubjectAltName = $GeneralNames; $this->PrivateKeyUsagePeriod = array( @@ -1922,6 +1929,8 @@ class File_X509 return $this->ExtKeyUsageSyntax; case 'id-pe-authorityInfoAccess': return $this->AuthorityInfoAccessSyntax; + case 'id-pe-subjectInfoAccess': + return $this->SubjectInfoAccessSyntax; case 'id-ce-subjectAltName': return $this->SubjectAltName; case 'id-ce-subjectDirectoryAttributes': diff --git a/tests/Unit/File/ASN1Test.php b/tests/Unit/File/ASN1Test.php index 1a84035d..2f1131d5 100644 --- a/tests/Unit/File/ASN1Test.php +++ b/tests/Unit/File/ASN1Test.php @@ -363,4 +363,33 @@ class Unit_File_ASN1Test extends PhpseclibTestCase $this->assertSame(pack('H*', '6983f09da7ebcfdee0c7a1a7b2c0948cc8f9d776'), $new); $this->assertSame($orig, $asn1->_decodeOID($new)); } + + /** + * @group github1388 + */ + public function testExplicitImplicitDate() + { + $map = [ + 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'children' => [ + 'notBefore' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true, + 'type' => FILE_ASN1_TYPE_GENERALIZED_TIME], + 'notAfter' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true, + 'type' => FILE_ASN1_TYPE_GENERALIZED_TIME] + ] + ]; + + $asn1 = new File_ASN1(); + $a = pack('H*', '3026a011180f32303137303432313039303535305aa111180f32303138303432313230353935395a'); + $a = $asn1->decodeBER($a); + $a = $asn1->asn1map($a[0], $map); + + $this->assertInternalType('array', $a); + } } From e473078703c533a2291cecb2c87f6c9cbcb86b4c Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 3 Aug 2019 07:27:26 -0500 Subject: [PATCH 15/19] ASN1: fix PHP 7.4 deprecation --- phpseclib/File/ASN1.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index 1a79173d..4bd355a1 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -947,7 +947,7 @@ class File_ASN1 if ($mapping['type'] == FILE_ASN1_TYPE_SET) { sort($value); } - $value = implode($value, ''); + $value = implode('', $value); break; } From 6ae67ef79055465a8775955b25e59e67e801ccfe Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 3 Aug 2019 08:58:51 -0500 Subject: [PATCH 16/19] BigInteger: fix PHP 7.4 deprecations --- phpseclib/Math/BigInteger.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php index 179be048..25377fbc 100644 --- a/phpseclib/Math/BigInteger.php +++ b/phpseclib/Math/BigInteger.php @@ -860,7 +860,7 @@ class Math_BigInteger $opts[] = 'OpenSSL'; } if (!empty($opts)) { - $engine.= ' (' . implode($opts, ', ') . ')'; + $engine.= ' (' . implode('.', $opts) . ')'; } return array( 'value' => '0x' . $this->toHex(true), From ef6facc983b9af545f51c824652df47410c17235 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 3 Aug 2019 10:33:13 -0500 Subject: [PATCH 17/19] Travis: expand PHP support --- .travis.yml | 33 ++++++++++++++++++++++++--------- 1 file changed, 24 insertions(+), 9 deletions(-) diff --git a/.travis.yml b/.travis.yml index 2935243d..a90c4e15 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,14 +1,29 @@ language: php -php: - - 5.5.9 - - 5.5 - - 5.6 - - 7.0 - - 7.1 - - 7.2 - - 7.3 - - 7.4snapshot +matrix: + include: + - php: 5.2 + dist: precise + - php: 5.3 + dist: precise + - php: 5.4 + dist: precise + - php: 5.5.9 + dist: trusty + - php: 5.5 + dist: trusty + - php: 5.6 + dist: xenial + - php: 7.0 + dist: xenial + - php: 7.1 + dist: xenial + - php: 7.2 + dist: xenial + - php: 7.3 + dist: xenial + - php: 7.4snapshot + dist: xenial env: global: From 0b93c5bbd7433b5903fb9ff2ffa055ebc864e405 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 3 Aug 2019 10:45:12 -0500 Subject: [PATCH 18/19] Travis: don't run tests on PHP 5.2 or 5.3 --- .travis.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index a90c4e15..7fe96e74 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,10 +2,6 @@ language: php matrix: include: - - php: 5.2 - dist: precise - - php: 5.3 - dist: precise - php: 5.4 dist: precise - php: 5.5.9 From dfde088d4c6c69c31ea45054417187f189534d96 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 3 Aug 2019 16:42:40 -0500 Subject: [PATCH 19/19] visiblity adjustments for PHP 7.4 --- phpseclib/Crypt/Common/SymmetricKey.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpseclib/Crypt/Common/SymmetricKey.php b/phpseclib/Crypt/Common/SymmetricKey.php index 3feedb88..28041d3d 100644 --- a/phpseclib/Crypt/Common/SymmetricKey.php +++ b/phpseclib/Crypt/Common/SymmetricKey.php @@ -243,7 +243,7 @@ abstract class SymmetricKey * @var array * @access private */ - private $enbuffer; + protected $enbuffer; /** * Decryption buffer for CTR, OFB and CFB modes @@ -253,7 +253,7 @@ abstract class SymmetricKey * @var array * @access private */ - private $debuffer; + protected $debuffer; /** * mcrypt resource for encryption