aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/phpseclib
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2022-05-19 08:18:15 +0000
committerMario <mario@mariovavti.com>2022-05-19 08:18:15 +0000
commit55d833a9c86ad9356e76bf47d0f48dd40552944a (patch)
tree4c5921be76eb249ec623aa576e2d2528537308cf /vendor/phpseclib
parent8ba47450970bab036664f03a558917c13d8c1574 (diff)
downloadvolse-hubzilla-55d833a9c86ad9356e76bf47d0f48dd40552944a.tar.gz
volse-hubzilla-55d833a9c86ad9356e76bf47d0f48dd40552944a.tar.bz2
volse-hubzilla-55d833a9c86ad9356e76bf47d0f48dd40552944a.zip
update composer libs
Diffstat (limited to 'vendor/phpseclib')
-rw-r--r--vendor/phpseclib/phpseclib/BACKERS.md1
-rw-r--r--vendor/phpseclib/phpseclib/README.md3
-rw-r--r--vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php14
-rw-r--r--vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php63
-rw-r--r--vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php3
5 files changed, 65 insertions, 19 deletions
diff --git a/vendor/phpseclib/phpseclib/BACKERS.md b/vendor/phpseclib/phpseclib/BACKERS.md
index 87e3fd2bd..558293b55 100644
--- a/vendor/phpseclib/phpseclib/BACKERS.md
+++ b/vendor/phpseclib/phpseclib/BACKERS.md
@@ -5,6 +5,7 @@ phpseclib ongoing development is made possible by [Tidelift](https://tidelift.co
## Backers
- Allan Simon
+- [ChargeOver](https://chargeover.com/)
- Raghu Veer Dendukuri
- Zane Hooper
- [Setasign](https://www.setasign.com/)
diff --git a/vendor/phpseclib/phpseclib/README.md b/vendor/phpseclib/phpseclib/README.md
index 61cc09907..9be5517e6 100644
--- a/vendor/phpseclib/phpseclib/README.md
+++ b/vendor/phpseclib/phpseclib/README.md
@@ -68,9 +68,10 @@ Need Support?
## Special Thanks
-Special Thanks to our Patreon sponsors!:
+Special Thanks to our $50+ sponsors!:
- Allan Simon
+- [ChargeOver](https://chargeover.com/)
## Contributing
diff --git a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php
index 6335a2484..2c143940b 100644
--- a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php
+++ b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php
@@ -156,7 +156,7 @@ abstract class Base
* @var string
* @access private
*/
- var $iv;
+ var $iv = '';
/**
* A "sliding" Initialization Vector
@@ -779,6 +779,7 @@ abstract class Base
}
return $ciphertext;
case self::MODE_OFB8:
+ // OpenSSL has built in support for cfb8 but not ofb8
$ciphertext = '';
$len = strlen($plaintext);
$iv = $this->encryptIV;
@@ -795,8 +796,6 @@ abstract class Base
break;
case self::MODE_OFB:
return $this->_openssl_ofb_process($plaintext, $this->encryptIV, $this->enbuffer);
- case self::MODE_OFB8:
- // OpenSSL has built in support for cfb8 but not ofb8
}
}
@@ -918,8 +917,8 @@ abstract class Base
$block = substr($plaintext, $i, $block_size);
if (strlen($block) > strlen($buffer['ciphertext'])) {
$buffer['ciphertext'].= $this->_encryptBlock($xor);
+ $this->_increment_str($xor);
}
- $this->_increment_str($xor);
$key = $this->_string_shift($buffer['ciphertext'], $block_size);
$ciphertext.= $block ^ $key;
}
@@ -2079,6 +2078,13 @@ abstract class Base
*/
function _increment_str(&$var)
{
+ if (function_exists('sodium_increment')) {
+ $var = strrev($var);
+ sodium_increment($var);
+ $var = strrev($var);
+ return;
+ }
+
for ($i = 4; $i <= strlen($var); $i+= 4) {
$temp = substr($var, -$i, 4);
switch ($temp) {
diff --git a/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php b/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php
index 59999d706..122d281a8 100644
--- a/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php
+++ b/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php
@@ -1405,11 +1405,18 @@ class RSA
unset($xml);
return isset($this->components['modulus']) && isset($this->components['publicExponent']) ? $this->components : false;
- // from PuTTY's SSHPUBK.C
+ // see PuTTY's SSHPUBK.C and https://tartarus.org/~simon/putty-snapshots/htmldoc/AppendixC.html
case self::PRIVATE_FORMAT_PUTTY:
$components = array();
$key = preg_split('#\r\n|\r|\n#', $key);
- $type = trim(preg_replace('#PuTTY-User-Key-File-2: (.+)#', '$1', $key[0]));
+ if ($this->_string_shift($key[0], strlen('PuTTY-User-Key-File-')) != 'PuTTY-User-Key-File-') {
+ return false;
+ }
+ $version = (int) $this->_string_shift($key[0], 3); // should be either "2: " or "3: 0" prior to int casting
+ if ($version != 2 && $version != 3) {
+ return false;
+ }
+ $type = rtrim($key[0]);
if ($type != 'ssh-rsa') {
return false;
}
@@ -1424,23 +1431,55 @@ class RSA
extract(unpack('Nlength', $this->_string_shift($public, 4)));
$components['modulus'] = new BigInteger($this->_string_shift($public, $length), -256);
- $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4]));
- $private = base64_decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength))));
-
+ $offset = $publicLength + 4;
switch ($encryption) {
case 'aes256-cbc':
- $symkey = '';
- $sequence = 0;
- while (strlen($symkey) < 32) {
- $temp = pack('Na*', $sequence++, $this->password);
- $symkey.= pack('H*', sha1($temp));
- }
- $symkey = substr($symkey, 0, 32);
$crypto = new AES();
+ switch ($version) {
+ case 3:
+ if (!function_exists('sodium_crypto_pwhash')) {
+ return false;
+ }
+ $flavour = trim(preg_replace('#Key-Derivation: (.*)#', '$1', $key[$offset++]));
+ switch ($flavour) {
+ case 'Argon2i':
+ $flavour = SODIUM_CRYPTO_PWHASH_ALG_ARGON2I13;
+ break;
+ case 'Argon2id':
+ $flavour = SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13;
+ break;
+ default:
+ return false;
+ }
+ $memory = trim(preg_replace('#Argon2-Memory: (\d+)#', '$1', $key[$offset++]));
+ $passes = trim(preg_replace('#Argon2-Passes: (\d+)#', '$1', $key[$offset++]));
+ $parallelism = trim(preg_replace('#Argon2-Parallelism: (\d+)#', '$1', $key[$offset++]));
+ $salt = pack('H*', trim(preg_replace('#Argon2-Salt: ([0-9a-f]+)#', '$1', $key[$offset++])));
+
+ $length = 80; // keylen + ivlen + mac_keylen
+ $temp = sodium_crypto_pwhash($length, $this->password, $salt, $passes, $memory << 10, $flavour);
+
+ $symkey = substr($temp, 0, 32);
+ $symiv = substr($temp, 32, 16);
+ break;
+ case 2:
+ $symkey = '';
+ $sequence = 0;
+ while (strlen($symkey) < 32) {
+ $temp = pack('Na*', $sequence++, $this->password);
+ $symkey.= pack('H*', sha1($temp));
+ }
+ $symkey = substr($symkey, 0, 32);
+ $symiv = str_repeat("\0", 16);
+ }
}
+ $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$offset++]));
+ $private = base64_decode(implode('', array_map('trim', array_slice($key, $offset, $privateLength))));
+
if ($encryption != 'none') {
$crypto->setKey($symkey);
+ $crypto->setIV($symiv);
$crypto->disablePadding();
$private = $crypto->decrypt($private);
if ($private === false) {
diff --git a/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php b/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php
index 2b25250bd..f65b587cb 100644
--- a/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php
+++ b/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php
@@ -234,11 +234,10 @@ class Agent
* Signal that agent forwarding should
* be requested when a channel is opened
*
- * @param Net_SSH2 $ssh
* @return bool
* @access public
*/
- function startSSHForwarding($ssh)
+ function startSSHForwarding()
{
if ($this->forward_status == self::FORWARD_NONE) {
$this->forward_status = self::FORWARD_REQUEST;