Rev 846 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 846 | Rev 874 | ||
---|---|---|---|
Line 5... | Line 5... | ||
5 | * |
5 | * |
6 | * {@internal See http://api.libssh.org/rfc/PROTOCOL.agent} |
6 | * {@internal See http://api.libssh.org/rfc/PROTOCOL.agent} |
7 | * |
7 | * |
8 | * PHP version 5 |
8 | * PHP version 5 |
9 | * |
9 | * |
- | 10 | * @category System |
|
- | 11 | * @package SSH\Agent |
|
10 | * @author Jim Wigginton <terrafrost@php.net> |
12 | * @author Jim Wigginton <terrafrost@php.net> |
11 | * @copyright 2009 Jim Wigginton |
13 | * @copyright 2009 Jim Wigginton |
12 | * @license http://www.opensource.org/licenses/mit-license.html MIT License |
14 | * @license http://www.opensource.org/licenses/mit-license.html MIT License |
13 | * @link http://phpseclib.sourceforge.net |
15 | * @link http://phpseclib.sourceforge.net |
14 | */ |
16 | */ |
Line 21... | Line 23... | ||
21 | use phpseclib3\Crypt\DSA; |
23 | use phpseclib3\Crypt\DSA; |
22 | use phpseclib3\Crypt\EC; |
24 | use phpseclib3\Crypt\EC; |
23 | use phpseclib3\Crypt\RSA; |
25 | use phpseclib3\Crypt\RSA; |
24 | use phpseclib3\Exception\UnsupportedAlgorithmException; |
26 | use phpseclib3\Exception\UnsupportedAlgorithmException; |
25 | use phpseclib3\System\SSH\Agent; |
27 | use phpseclib3\System\SSH\Agent; |
26 | use phpseclib3\System\SSH\Common\Traits\ReadBytes; |
- | |
27 | 28 | ||
28 | /** |
29 | /** |
29 | * Pure-PHP ssh-agent client identity object |
30 | * Pure-PHP ssh-agent client identity object |
30 | * |
31 | * |
31 | * Instantiation should only be performed by \phpseclib3\System\SSH\Agent class. |
32 | * Instantiation should only be performed by \phpseclib3\System\SSH\Agent class. |
32 | * This could be thought of as implementing an interface that phpseclib3\Crypt\RSA |
33 | * This could be thought of as implementing an interface that phpseclib3\Crypt\RSA |
33 | * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. |
34 | * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. |
34 | * The methods in this interface would be getPublicKey and sign since those are the |
35 | * The methods in this interface would be getPublicKey and sign since those are the |
35 | * methods phpseclib looks for to perform public key authentication. |
36 | * methods phpseclib looks for to perform public key authentication. |
36 | * |
37 | * |
- | 38 | * @package SSH\Agent |
|
37 | * @author Jim Wigginton <terrafrost@php.net> |
39 | * @author Jim Wigginton <terrafrost@php.net> |
38 | * @internal |
40 | * @access internal |
39 | */ |
41 | */ |
40 | class Identity implements PrivateKey |
42 | class Identity implements PrivateKey |
41 | { |
43 | { |
42 | use ReadBytes; |
44 | use \phpseclib3\System\SSH\Common\Traits\ReadBytes; |
43 | 45 | ||
44 | // Signature Flags |
46 | // Signature Flags |
45 | // See https://tools.ietf.org/html/draft-miller-ssh-agent-00#section-5.3 |
47 | // See https://tools.ietf.org/html/draft-miller-ssh-agent-00#section-5.3 |
46 | const SSH_AGENT_RSA2_256 = 2; |
48 | const SSH_AGENT_RSA2_256 = 2; |
47 | const SSH_AGENT_RSA2_512 = 4; |
49 | const SSH_AGENT_RSA2_512 = 4; |
48 | 50 | ||
49 | /** |
51 | /** |
50 | * Key Object |
52 | * Key Object |
51 | * |
53 | * |
52 | * @var PublicKey |
54 | * @var PublicKey |
- | 55 | * @access private |
|
53 | * @see self::getPublicKey() |
56 | * @see self::getPublicKey() |
54 | */ |
57 | */ |
55 | private $key; |
58 | private $key; |
56 | 59 | ||
57 | /** |
60 | /** |
58 | * Key Blob |
61 | * Key Blob |
59 | * |
62 | * |
60 | * @var string |
63 | * @var string |
- | 64 | * @access private |
|
61 | * @see self::sign() |
65 | * @see self::sign() |
62 | */ |
66 | */ |
63 | private $key_blob; |
67 | private $key_blob; |
64 | 68 | ||
65 | /** |
69 | /** |
66 | * Socket Resource |
70 | * Socket Resource |
67 | * |
71 | * |
68 | * @var resource |
72 | * @var resource |
- | 73 | * @access private |
|
69 | * @see self::sign() |
74 | * @see self::sign() |
70 | */ |
75 | */ |
71 | private $fsock; |
76 | private $fsock; |
72 | 77 | ||
73 | /** |
78 | /** |
74 | * Signature flags |
79 | * Signature flags |
75 | * |
80 | * |
76 | * @var int |
81 | * @var int |
- | 82 | * @access private |
|
77 | * @see self::sign() |
83 | * @see self::sign() |
78 | * @see self::setHash() |
84 | * @see self::setHash() |
79 | */ |
85 | */ |
80 | private $flags = 0; |
86 | private $flags = 0; |
81 | 87 | ||
82 | /** |
88 | /** |
83 | * Curve Aliases |
89 | * Curve Aliases |
84 | * |
90 | * |
85 | * @var array |
91 | * @var array |
- | 92 | * @access private |
|
86 | */ |
93 | */ |
87 | private static $curveAliases = [ |
94 | private static $curveAliases = [ |
88 | 'secp256r1' => 'nistp256', |
95 | 'secp256r1' => 'nistp256', |
89 | 'secp384r1' => 'nistp384', |
96 | 'secp384r1' => 'nistp384', |
90 | 'secp521r1' => 'nistp521', |
97 | 'secp521r1' => 'nistp521', |
Line 93... | Line 100... | ||
93 | 100 | ||
94 | /** |
101 | /** |
95 | * Default Constructor. |
102 | * Default Constructor. |
96 | * |
103 | * |
97 | * @param resource $fsock |
104 | * @param resource $fsock |
- | 105 | * @access private |
|
98 | */ |
106 | */ |
99 | public function __construct($fsock) |
107 | public function __construct($fsock) |
100 | { |
108 | { |
101 | $this->fsock = $fsock; |
109 | $this->fsock = $fsock; |
102 | } |
110 | } |
Line 105... | Line 113... | ||
105 | * Set Public Key |
113 | * Set Public Key |
106 | * |
114 | * |
107 | * Called by \phpseclib3\System\SSH\Agent::requestIdentities() |
115 | * Called by \phpseclib3\System\SSH\Agent::requestIdentities() |
108 | * |
116 | * |
109 | * @param \phpseclib3\Crypt\Common\PublicKey $key |
117 | * @param \phpseclib3\Crypt\Common\PublicKey $key |
- | 118 | * @access private |
|
110 | */ |
119 | */ |
111 | public function withPublicKey($key) |
120 | public function withPublicKey($key) |
112 | { |
121 | { |
113 | if ($key instanceof EC) { |
122 | if ($key instanceof EC) { |
114 | if (is_array($key->getCurve()) || !isset(self::$curveAliases[$key->getCurve()])) { |
123 | if (is_array($key->getCurve()) || !isset(self::$curveAliases[$key->getCurve()])) { |
Line 126... | Line 135... | ||
126 | * |
135 | * |
127 | * Called by \phpseclib3\System\SSH\Agent::requestIdentities(). The key blob could be extracted from $this->key |
136 | * Called by \phpseclib3\System\SSH\Agent::requestIdentities(). The key blob could be extracted from $this->key |
128 | * but this saves a small amount of computation. |
137 | * but this saves a small amount of computation. |
129 | * |
138 | * |
130 | * @param string $key_blob |
139 | * @param string $key_blob |
- | 140 | * @access private |
|
131 | */ |
141 | */ |
132 | public function withPublicKeyBlob($key_blob) |
142 | public function withPublicKeyBlob($key_blob) |
133 | { |
143 | { |
134 | $new = clone $this; |
144 | $new = clone $this; |
135 | $new->key_blob = $key_blob; |
145 | $new->key_blob = $key_blob; |
Line 141... | Line 151... | ||
141 | * |
151 | * |
142 | * Wrapper for $this->key->getPublicKey() |
152 | * Wrapper for $this->key->getPublicKey() |
143 | * |
153 | * |
144 | * @param string $type optional |
154 | * @param string $type optional |
145 | * @return mixed |
155 | * @return mixed |
- | 156 | * @access public |
|
146 | */ |
157 | */ |
147 | public function getPublicKey($type = 'PKCS8') |
158 | public function getPublicKey($type = 'PKCS8') |
148 | { |
159 | { |
149 | return $this->key; |
160 | return $this->key; |
150 | } |
161 | } |
151 | 162 | ||
152 | /** |
163 | /** |
153 | * Sets the hash |
164 | * Sets the hash |
154 | * |
165 | * |
155 | * @param string $hash |
166 | * @param string $hash |
- | 167 | * @access public |
|
156 | */ |
168 | */ |
157 | public function withHash($hash) |
169 | public function withHash($hash) |
158 | { |
170 | { |
159 | $new = clone $this; |
171 | $new = clone $this; |
160 | 172 | ||
Line 204... | Line 216... | ||
204 | * Sets the padding |
216 | * Sets the padding |
205 | * |
217 | * |
206 | * Only PKCS1 padding is supported |
218 | * Only PKCS1 padding is supported |
207 | * |
219 | * |
208 | * @param string $padding |
220 | * @param string $padding |
- | 221 | * @access public |
|
209 | */ |
222 | */ |
210 | public function withPadding($padding) |
223 | public function withPadding($padding) |
211 | { |
224 | { |
212 | if (!$this->key instanceof RSA) { |
225 | if (!$this->key instanceof RSA) { |
213 | throw new UnsupportedAlgorithmException('Only RSA keys support padding'); |
226 | throw new UnsupportedAlgorithmException('Only RSA keys support padding'); |
Line 221... | Line 234... | ||
221 | /** |
234 | /** |
222 | * Determines the signature padding mode |
235 | * Determines the signature padding mode |
223 | * |
236 | * |
224 | * Valid values are: ASN1, SSH2, Raw |
237 | * Valid values are: ASN1, SSH2, Raw |
225 | * |
238 | * |
- | 239 | * @access public |
|
226 | * @param string $format |
240 | * @param string $format |
227 | */ |
241 | */ |
228 | public function withSignatureFormat($format) |
242 | public function withSignatureFormat($format) |
229 | { |
243 | { |
230 | if ($this->key instanceof RSA) { |
244 | if ($this->key instanceof RSA) { |
Line 240... | Line 254... | ||
240 | /** |
254 | /** |
241 | * Returns the curve |
255 | * Returns the curve |
242 | * |
256 | * |
243 | * Returns a string if it's a named curve, an array if not |
257 | * Returns a string if it's a named curve, an array if not |
244 | * |
258 | * |
- | 259 | * @access public |
|
245 | * @return string|array |
260 | * @return string|array |
246 | */ |
261 | */ |
247 | public function getCurve() |
262 | public function getCurve() |
248 | { |
263 | { |
249 | if (!$this->key instanceof EC) { |
264 | if (!$this->key instanceof EC) { |
Line 260... | Line 275... | ||
260 | * |
275 | * |
261 | * @param string $message |
276 | * @param string $message |
262 | * @return string |
277 | * @return string |
263 | * @throws \RuntimeException on connection errors |
278 | * @throws \RuntimeException on connection errors |
264 | * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported |
279 | * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported |
- | 280 | * @access public |
|
265 | */ |
281 | */ |
266 | public function sign($message) |
282 | public function sign($message) |
267 | { |
283 | { |
268 | // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE |
284 | // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE |
269 | $packet = Strings::packSSH2( |
285 | $packet = Strings::packSSH2( |
Line 308... | Line 324... | ||
308 | } |
324 | } |
309 | 325 | ||
310 | /** |
326 | /** |
311 | * Sets the password |
327 | * Sets the password |
312 | * |
328 | * |
- | 329 | * @access public |
|
313 | * @param string|bool $password |
330 | * @param string|bool $password |
314 | * @return never |
331 | * @return never |
315 | */ |
332 | */ |
316 | public function withPassword($password = false) |
333 | public function withPassword($password = false) |
317 | { |
334 | { |