3 * Pure-PHP ssh-agent client.
9 * @author Jim Wigginton <terrafrost@php.net>
10 * @copyright 2009 Jim Wigginton
11 * @license http://www.opensource.org/licenses/mit-license.html MIT License
12 * @link http://phpseclib.sourceforge.net
13 * @internal See http://api.libssh.org/rfc/PROTOCOL.agent
16 namespace phpseclib\System\SSH\Agent;
18 use phpseclib\System\SSH\Agent;
21 * Pure-PHP ssh-agent client identity object
23 * Instantiation should only be performed by \phpseclib\System\SSH\Agent class.
24 * This could be thought of as implementing an interface that phpseclib\Crypt\RSA
25 * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something.
26 * The methods in this interface would be getPublicKey and sign since those are the
27 * methods phpseclib looks for to perform public key authentication.
30 * @author Jim Wigginton <terrafrost@php.net>
38 * @var \phpseclib\Crypt\RSA
40 * @see self::getPublicKey()
63 * Default Constructor.
65 * @param resource $fsock
66 * @return \phpseclib\System\SSH\Agent\Identity
69 function __construct($fsock)
71 $this->fsock = $fsock;
77 * Called by \phpseclib\System\SSH\Agent::requestIdentities()
79 * @param \phpseclib\Crypt\RSA $key
82 function setPublicKey($key)
85 $this->key->setPublicKey();
91 * Called by \phpseclib\System\SSH\Agent::requestIdentities(). The key blob could be extracted from $this->key
92 * but this saves a small amount of computation.
94 * @param string $key_blob
97 function setPublicKeyBlob($key_blob)
99 $this->key_blob = $key_blob;
105 * Wrapper for $this->key->getPublicKey()
107 * @param int $format optional
111 function getPublicKey($format = null)
113 return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format);
119 * Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie.
120 * ssh-agent's only supported mode is \phpseclib\Crypt\RSA::SIGNATURE_PKCS1
125 function setSignatureMode($mode)
132 * See "2.6.2 Protocol 2 private key signature request"
134 * @param string $message
138 function sign($message)
140 // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
141 $packet = pack('CNa*Na*N', Agent::SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0);
142 $packet = pack('Na*', strlen($packet), $packet);
143 if (strlen($packet) != fputs($this->fsock, $packet)) {
144 user_error('Connection closed during signing');
147 $length = current(unpack('N', fread($this->fsock, 4)));
148 $type = ord(fread($this->fsock, 1));
149 if ($type != Agent::SSH_AGENT_SIGN_RESPONSE) {
150 user_error('Unable to retrieve signature');
153 $signature_blob = fread($this->fsock, $length - 1);
154 // the only other signature format defined - ssh-dss - is the same length as ssh-rsa
155 // the + 12 is for the other various SSH added length fields
156 return substr($signature_blob, strlen('ssh-rsa') + 12);