Skip to content

feat(deps): Upgrade phpseclib to v3 #48183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
susnux wants to merge 4 commits into
base: master
Choose a base branch
from
Draft

feat(deps): Upgrade phpseclib to v3 #48183

susnux wants to merge 4 commits into from
+187 −120

Conversation

@susnux
Copy link
Contributor

@susnux susnux commented Sep 18, 2024
edited
Loading

Summary

TODO

  • ...

Checklist

@susnux susnux requested a review from come-nc September 18, 2024 17:58
@susnux susnux mentioned this pull request Nov 5, 2024
Closed
@susnux susnux force-pushed the fix/deps/php-seclin branch from f25ae54 to d9d7046 Compare November 5, 2024 15:16
@susnux
feat(deps): Upgrade phpseclib to v3
25d13a4 
Signed-off-by: Ferdinand Thiessen <[email protected]>
@susnux susnux force-pushed the fix/deps/php-seclin branch from d9d7046 to 25d13a4 Compare November 5, 2024 15:29
@susnux
fixup: Fix files_external tests
9ca9c89 
Signed-off-by: Ferdinand Thiessen <[email protected]>
@susnux susnux force-pushed the fix/deps/php-seclin branch from c66f090 to 9ca9c89 Compare November 5, 2024 22:46
@susnux
Copy link
Contributor Author

susnux commented Nov 5, 2024

Problem with this:
Checker::createSignatureData does create a different signature... No idea what is happening the parameters are the same.

@joshtrichards joshtrichards linked an issue Nov 8, 2024 that may be closed by this pull request
Implement ed25519 certificates support for sftp external storage #21373
Open
@joshtrichards joshtrichards mentioned this pull request Dec 17, 2024
Open
8 tasks
@susnux susnux added this to the Nextcloud 32 milestone Mar 2, 2025
@guerby guerby mentioned this pull request Mar 25, 2025
Open
This was linked to issues Jul 8, 2025
[Bug]: Uploading files larger than 2GB to SFTP external storage backend fails #49229
Open
[Bug]: External Storage sftp no matching key exchange methods found #53867
Open
@joshtrichards joshtrichards mentioned this pull request Jul 8, 2025
Open
8 tasks
@joshtrichards
Copy link
Member

joshtrichards commented Jul 8, 2025

Perhaps phpseclib2_compat as an intermediate step for v31+ (or at least v32+)?

https://phpseclib.com/docs/why#phpseclib2_compat

joshtrichards
joshtrichards reviewed Sep 26, 2025
View reviewed changes
apps/files_external/lib/Lib/Auth/PublicKey/RSAPrivateKey.php
$auth->setPassword($this->config->getSystemValue('secret', ''));
if (!$auth->loadKey($storage->getBackendOption('private_key'))) {
$auth = new RSA\PrivateKey();
$auth->withPassword($this->config->getSystemValue('secret', ''));
Copy link
Member

@joshtrichards joshtrichards Sep 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
$auth->withPassword($this->config->getSystemValue('secret', ''));
$auth = $auth->withPassword($this->config->getSystemValue('secret', ''));

v3 is immutable

joshtrichards
joshtrichards reviewed Sep 26, 2025
View reviewed changes
apps/files_external/lib/Lib/Auth/PublicKey/RSAPrivateKey.php
// Add fallback routine for a time where secret was not enforced to be exists
$auth->setPassword('');
if (!$auth->loadKey($storage->getBackendOption('private_key'))) {
$auth->withPassword('');
Copy link
Member

@joshtrichards joshtrichards Sep 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
$auth->withPassword('');
$auth = $auth->withPassword('');

joshtrichards
joshtrichards reviewed Sep 26, 2025
View reviewed changes
apps/files_external/lib/MountConfig.php
Copy link
Member

@joshtrichards joshtrichards Sep 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

L220 for v3

private static function getCipher() {
	$cipher = new AES('cbc');

@joshtrichards
fix: set PSS padding / options for RSA keys for v2->v3 consistency
b36188e 
Updated RSA key loading to use PSS padding and options.

Signed-off-by: Josh <[email protected]>
@skjnldsv skjnldsv modified the milestones: Nextcloud 32, Nextcloud 33 Sep 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joshtrichards joshtrichards joshtrichards left review comments

@come-nc come-nc Awaiting requested review from come-nc

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

2. developing Work in progress bug feature: external storage help wanted security

Projects

None yet

Milestone

Nextcloud 33

4 participants

@susnux @joshtrichards @skjnldsv