2

I am trying to upgrade my phpseclib-based scripts to the latest, which is version 3. (Previously, I was using version 2.) I have run into a number of problems, beginning with the fact that class Crypt_RSA no longer exists. I am compelled to do this because upgrade of MacOS to Tahoe 26.x seems to have broken my remote systems' ability to connect via phpseclib.

I have been looking for documentation that tells me the steps I need to take in order to ugrade my scripts to the new phpseclib version, and having no success. Or even a "Getting Started with phpseclib V3," from which I can determine my own changes, starting from scratch.

For code details, this is where my initial problems lie. The Class Not Found error occurred at the beginning of the following code:

$privateKey = new Crypt_RSA() ;
if ($privateKey->loadKey(file_get_contents($this->privateKeyFile))) {
    $this->privateKey = $privateKey ;
} else {
    $this->privateKey = null ;
}

So pursuing a new method to do that, I found this answer. So my new code at that section now looks like this:

// added at top of code:
    use phpseclib3\Crypt\PublicKeyLoader;
    use phpseclib3\Math\BigInteger;
 

$modulus  = 'somevalue'; // From the referenced answer. Probably not what I want, but could not find any better
$exponent = 'ZZZZ'; // Probably not what I want, but ...
$modulus  = new BigInteger(base64_decode($modulus), 256);
$exponent = new BigInteger(base64_decode($exponent), 256);
$privateKey = PublicKeyLoader::load([
                'n' => $modulus,
                'e' => $exponent
            ]);
if ($privateKey->loadKey(file_get_contents($this->privateKeyFile))) {
    $this->privateKey = $privateKey ;
} else {
    $this->privateKey = null ;
}

But this leads me to additional problems. First, that I needed to install php-gmp (which I have now done) and now the referenced answer fails with an error about method PublicKeyLoader::load() needing a first parameter string rather than an array.... I am concerned about how deep this rabbit hole goes, Clearly, for this problem, brute force is the wrong approach.

Can anyone point me in the right direction so that I can move forward with the upgrade of phpseclib to V3 from V2?

Improve this question
10
  • 3
    I believe you may try phpseclib2_compat which can be found here. This package allows your existing phpseclib 2 code to internally utilize phpseclib 3, providing enhanced features like support for ECDSA, DSA, Ed25519, and Ed449 keys. installation. Commented Nov 15, 2025 at 8:10
  • 3
    "Can anyone point me in the right direction" Maybe start by reading this? Commented Nov 15, 2025 at 8:34
  • "I am compelled to do this because upgrade of MacOS to Tahoe 26.x seems to have broken my remote systems' ability to connect via phpseclib.". phpseclib should be able to run on MacOS / Tahoe 26.x. phpseclib 1.0 or 2.0 may not be able to connect to an SSH server running on MacOS / Tahoe, due to phpseclib 1.0 and 2.0 not supporting all the modern algorithms that phpseclib 3.0 supports, but it should be able to run. I say that because phpseclib 1.0 - 3.0 are unit tested on GitHub Actions all the way up to PHP 8.5. Commented Nov 19, 2025 at 23:47
  • Also, you say you're using phpseclib v2 but $privateKey = new Crypt_RSA() makes me think you're using phpseclib v1. phpseclib v2 is namespaced so in phpseclib v2 you'd be doing $privateKey = new \phpseclib\Crypt\RSA(). Commented Nov 19, 2025 at 23:49
  • 1
    @neubert looks like you are right about V1 vs. v2. And that is the true source of my problems. Thank you for pointing out the definitive factor (namespace), since that cleared a lot of questions. So I needed to upgrade from V1 to anything that works with MaCOS latest . I wound up rewriting the errant utilities that made use of phpseclib (V1). Those scripts now use v2 since I rely heavily on SCP and the author is reluctant to include SCP in V3. (Apparently I am the only one who cares. Go figure.) I have provided him a fix for issue 146 though, so maybe SCP will be reintroduced. Hope so. Commented Nov 20, 2025 at 15:33

1 Answer 1

Reset to default
1

After some back and forth with the OP it turns out that the issue was that they were using phpseclib v1 vs v2.

In phpseclib v2 you'd instantiate an instance of \phpseclib\Crypt\RSA, however, in phpseclib v1, you'd instance an instance of Crypt_RSA. phpseclib v2 made use of namespaces, which PHP didn't start supporting until PHP 5.3, whereas phpseclib v1, in theory, works on versions of PHP as low as PHP 4.4.

Because the poster was using phpseclib v1 phpseclib2_compat isn't an option - phpseclib2_compat uses phpseclib v3 to emulate phpseclib v2.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks. Sounds like V2 is a better fit for me since SCP is not currently supported in V3 and I rely on SCP for most of what I use this for.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.