phpseclib | PHP Secure Communications Library | Cryptography library

 by   phpseclib PHP Version: 3.0.20 License: MIT

kandi X-RAY | phpseclib Summary

kandi X-RAY | phpseclib Summary

phpseclib is a PHP library typically used in Security, Cryptography applications. phpseclib has no bugs, it has a Permissive License and it has medium support. However phpseclib has 1 vulnerabilities. You can download it from GitHub.

MIT-licensed pure-PHP implementations of the following:. SSH-2, SFTP, X.509, an arbitrary-precision integer arithmetic library, Ed25519 / Ed449 / Curve25519 / Curve449, ECDSA / ECDH (with support for 66 curves), RSA (PKCS#1 v2.2 compliant), DSA / DH, DES / 3DES / RC4 / Rijndael / AES / Blowfish / Twofish / Salsa20 / ChaCha20, GCM / Poly1305.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              phpseclib has a medium active ecosystem.
              It has 5059 star(s) with 880 fork(s). There are 118 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 201 open issues and 827 have been closed. On average issues are closed in 33 days. There are 16 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of phpseclib is 3.0.20

            kandi-Quality Quality

              phpseclib has 0 bugs and 0 code smells.

            kandi-Security Security

              phpseclib has 1 vulnerability issues reported (0 critical, 1 high, 0 medium, 0 low).
              phpseclib code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              phpseclib is licensed under the MIT License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              phpseclib releases are available to install and integrate.
              Installation instructions are not available. Examples and code snippets are available.
              phpseclib saves you 15026 person hours of effort in developing the same functionality from scratch.
              It has 30859 lines of code, 1322 functions and 331 files.
              It has high code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed phpseclib and discovered the below as its top functions. This is intended to give you an instant insight into phpseclib implemented functionality, and help decide if they suit your requirements.
            • Send a key exchange .
            • Create an inline crypt function
            • Convert an array to an element .
            • Append string to string
            • Sign a certificate .
            • Encode curve parameters .
            • Put data to file .
            • Sets the hash
            • Divide two numbers
            • Generate a random string .
            Get all kandi verified functions for this library.

            phpseclib Key Features

            No Key Features are available at this moment for phpseclib.

            phpseclib Examples and Code Snippets

            No Code Snippets are available at this moment for phpseclib.

            Community Discussions

            QUESTION

            ssh-agent in bash script causes many dead processes
            Asked 2022-Feb-23 at 14:05

            I use a bash script (deploy.sh) to deploy my application to a shared host. As part of the deployment process, I clone the latest code from bitbucket using the script below:

            ...

            ANSWER

            Answered 2022-Feb-22 at 21:30

            Your script probably shouldn't start ssh-agent; it should make use of an ssh-agent that's already running. That way, the user is responsible for starting a single agent that can be used by multiple invocations of the script.

            The simplest thing you can do, though, is simply add either

            Source https://stackoverflow.com/questions/71228439

            QUESTION

            "Class name must be a valid object or a string" When Installing PHPSecLib Without Composer
            Asked 2021-Dec-17 at 05:15

            I'm trying to do RSA encryption using PHPSecLib, with a manual install (ie not using Composer).

            I'm following these manual installation instructions I found here: https://davescripts.com/manual-installation-of-phpseclib

            And trying to do this example which I located here: How to Decrypt RSA OAEP with SHA256 using openssl on PHP

            My steps I've taken so far:

            1. Visited the GitHub repository here: https://github.com/phpseclib/phpseclib/tree/3.0

            2. Under 'Code' selected 'Download ZIP'.

            3. Unzipped the files locally and uploaded the entire 'phpseclib' directory to the server.

            4. Created a test script, and troubleshooted multiple layers of includes and use that were needed to get it working.

            5. However, at the moment, I'm getting a new error - "Class name must be a valid object or a string" which I don't understand and can't seem to resolve.

            My test script is now as follows:

            ...

            ANSWER

            Answered 2021-Dec-17 at 05:15

            You're trying to install phpseclib v3 using the instructions for phpseclib v2. There are two options:

            Option 1: Use PHPSecLib V3 With Composer

            This option requires SSH access on the server.

            To install phpseclib v3 you're gonna need Composer. Once you have that installed you can do composer init and then composer require phpseclib/phpseclib:~3.0.

            By doing that you can replace this:

            Source https://stackoverflow.com/questions/70344205

            QUESTION

            Decrypt - PHPSECLIB
            Asked 2021-Dec-08 at 04:49

            I'm trying to decrypt a string using phpseclib.

            My hashed string is being generated from a javascript library called jsencrypt. The result of the encryption is saved in a database.

            Afterwards I'm using phpseclib3 to try and decrypt the string using this:

            ...

            ANSWER

            Answered 2021-Dec-08 at 04:49

            You need to use PKCS1 padding. eg.

            Source https://stackoverflow.com/questions/70265665

            QUESTION

            Sign in phpseclib and Verify in C#
            Asked 2021-Dec-01 at 01:09

            I am trying to verify the authenticity of a message across PHP (phpseclib) and C#.

            However, there seem to be some issues with the verification on the C# side.

            What I have tried :

            1. Provide the public key to C# but make C# compute the hash and the signature then verify (Output: True)
            2. Change the hash to the one computed in PHP but make C# compute the signature then verify (Output: True)
            3. Make C# use PHP's computed hash and signature then verify (Output: False)

            PHP Code :

            ...

            ANSWER

            Answered 2021-Nov-20 at 14:41

            There are issues in both codes:

            • By default phpseclib uses PSS as padding (here and in the following v3 assumed). Padding is explicitly set to PKCS#1 v1.5 though, but it is not used because the return value is not applied. For the padding change to take effect, the return value must be considered.
              By the way, SHA256 is the default here. And RSA::ENCRYPTION_PKCS1 is ignored in the context of signing/verifying and can be removed as well.

            • phpseclib hashes the data implicitly when signing. Since in the current phpseclib code the hash is additionally generated explicitly, double hashing is done. This double hashing is not necessary and can be removed.

            • The double Base64 encoding at the end is also unnecessary and can be removed as well.

              Overall:

            Source https://stackoverflow.com/questions/70041715

            QUESTION

            Verify webhook from signature using PHP with gree/jose library
            Asked 2021-Oct-26 at 09:02

            I'm trying to follow the 3rd party documentation for verifying a webhook body using the Signature header -- the 3rd party will be referred to as 3P going forward).

            3P offered a sample Kotlin implementation using a java library. I am using PHP and decided to try gree/jose as my library.

            As a sanity check, I've copied their sample data into my implementation, but I am still getting a false outcome.

            ...

            ANSWER

            Answered 2021-Oct-26 at 09:02

            QUESTION

            Library for PKCS 1.5 RSA Encryption in PHP 7
            Asked 2021-Aug-07 at 13:49

            Is anyone knows a way to do PKCS 1.5 RSA encryption using a public key in PHP 7 ?. Every PHP library that I tried to that, looks like replaced that encryption padding with OAEP padding because PKCS 1.5 encryption is not secure anymore. (Phpseclib equivalent to Java RSA Encryption) . Given below is PHP code I tried so far. What I am doing wrong here ?. Is there any way to accomplish this task in PHP?. I am using CodeIgniter 3 PHP framework.

            ...

            ANSWER

            Answered 2021-Aug-07 at 13:49

            The posted Python (PyCryptodome) and JavaScript (JSEncrypt) reference codes do the following:

            • Generation of a timestamp (number of milliseconds elapsed since January 1, 1970 00:00:00 UTC).
            • Concatenation of timestamp and token in the format +.
            • Encryption with RSA and PKCS#1 v1.5 padding (RSAES-PKCS1-v1_5)
            • Base64 encoding and subsequent URL encoding

            The posted PHP code uses different libraries for encryption: phpseclib (V3 and V1) and OpenSSL. The only difference from the reference code turned out to be that the timestamp is determined in seconds (instead of milliseconds), which was eventually identified as the cause of the problem.

            The rest is consistent with the reference code, including the encryption with RSA and PKCS#1 v1.5 padding originally suspected as the cause of the bug, as could be easily verified by using a valid key pair and decrypting the ciphertext generated with the PHP code with a second independent application (e.g. online).

            Note that phpseclib V3 specifies PKCS#1 v1.5 padding in the context of encryption with RSA::ENCRYPTION_PKCS1.

            Source https://stackoverflow.com/questions/68676112

            QUESTION

            C# RSA Encrpytion -> Laravel phpseclib decrypt()
            Asked 2021-Jul-24 at 14:49

            I'm using a key pair generated by phpseclib and then I use it to encrypt in C# a message and decrypt in PHP.

            The public key is:

            ...

            ANSWER

            Answered 2021-Jul-24 at 14:49

            In the C# code PKCS#1 v1.5 padding is applied (2nd parameter of Encrypt() is false), phpseclib uses OAEPadding by default (here).

            Decryption works if PKCS#1 v1.5 padding is explicitly specified in the PHP code:

            Source https://stackoverflow.com/questions/68510248

            QUESTION

            How to convert AES Decrypt from Javascript to php
            Asked 2021-Jun-02 at 19:15

            I am using the below script: -

            ...

            ANSWER

            Answered 2021-Jun-02 at 17:24

            The error message seems fairly straight-forward to me: the key size you used isn't supported by that library. In fact, you appear to have only pasted part of the message, which goes on to list the key sizes which are supported: https://github.com/phpseclib/phpseclib/blob/7e38313802b62606cf27ddf573a7c47e88b5d33f/phpseclib/Crypt/AES.php#L118

            'Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'

            So your problem is not understanding what the PHP can do, but understanding what the JS is doing with your input.

            The clue to that is in the CryptoJS docs:

            CryptoJS supports AES-128, AES-192, and AES-256. It will pick the variant by the size of the key you pass in. If you use a passphrase, then it will generate a 256-bit key.

            So the library agrees that there are three valid key lengths, but supports passing in a "passphrase" instead which will be used to generate a key. The exact algorithm it uses to do that isn't documented; presumably it uses some Key Derivation Function with fixed parameters, so that the same passphrase will always produce the same key. If you really need to emulate it, you'll need to trace through the source code.

            If you just need code that's compatible with both libraries, generate a random key of one of the supported lengths, and use that in both places.

            Source https://stackoverflow.com/questions/67809175

            QUESTION

            PHP Arrays: How to get this hexadecimal value from array
            Asked 2021-May-26 at 08:53

            I have retrieved an array like this:

            echo "

            ...

            ANSWER

            Answered 2021-May-26 at 08:53

            The BigInteger class has a toHex() method. So you can get the hex value like this:

            Source https://stackoverflow.com/questions/67605446

            QUESTION

            Docker cli use older logging?
            Asked 2021-Mar-04 at 20:55

            I just installed docker desktop on my windows box, but I uses the new output style, i'd like to switch back to the old style, having trouble finding the exact command or profile part to change.

            What I have

            ...

            ANSWER

            Answered 2021-Mar-04 at 20:55

            The new logging style comes from the BuildKit features.

            You can disable this in the Docker Desktop GUI:

            1. select the Docker Engine tab
            2. set "features"{ "buildkit" : false }

            Then if you want to use the logging features again, you can run with DOCKER_BUILDKIT=1. I believe you can run with DOCKER_BUILDKIT=0 if you want to selectively disable but haven't tested that yet.

            Of course, be aware that you'll lose out on the following features that BuildKit adds to Docker:

            • Docker images created with BuildKit can be pushed to Docker Hub just like Docker images created with legacy build
            • the Dockerfile format that works on legacy build will also work with BuildKit builds
            • The new --secret command line option allows the user to pass secret information for building new images with a specified Dockerfile

            Source https://stackoverflow.com/questions/66482438

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install phpseclib

            You can download it from GitHub.
            PHP requires the Visual C runtime (CRT). The Microsoft Visual C++ Redistributable for Visual Studio 2019 is suitable for all these PHP versions, see visualstudio.microsoft.com. You MUST download the x86 CRT for PHP x86 builds and the x64 CRT for PHP x64 builds. The CRT installer supports the /quiet and /norestart command-line switches, so you can also script it.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/phpseclib/phpseclib.git

          • CLI

            gh repo clone phpseclib/phpseclib

          • sshUrl

            git@github.com:phpseclib/phpseclib.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Cryptography Libraries

            dogecoin

            by dogecoin

            tink

            by google

            crypto-js

            by brix

            Ciphey

            by Ciphey

            libsodium

            by jedisct1

            Try Top Libraries by phpseclib

            mcrypt_compat

            by phpseclibPHP

            bcmath_compat

            by phpseclibPHP

            docs

            by phpseclibHTML

            phpseclib-php5

            by phpseclibPHP