php - Phpseclib "Invalid HMAC" on Windows, Works on LAMP/MAMP

Question

Trying to get a simple SFTP file transfer working in PHP with phpseclib. Here's the code:

<?php
    ini_set('display_errors', '1');
    error_reporting(E_ALL);
    include_once ('Net/SFTP.php');
    define('NET_SSH2_LOGGING', NET_SSH2_LOG_COMPLEX);

    $sftp = new Net_SFTP("foo.example.com");
    if (!$sftp->login("username", "password")) {
        echo($sftp->getLog());
        exit('Login Failed');
    }
    echo($sftp->getLog());
    $sftp->get("remotefile.txt", "localfile.txt");
?>

It works perfectly everywhere but on the Windows/Apache machine that it needs to. On Windows it dies at the incoming NET_SSH2_MSG_SERVICE_REQUEST. No errors are returned, but login fails. Everyone is running Apache 2.2 and PHP 5.3. Here's the log:

<br />
<b>Notice</b>:  Invalid HMAC in <b>[...]NetSSH2.php</b> on line <b>3037</b><br />
<br />
<b>Notice</b>:  Connection closed by server in <b>[...]NetSSH2.php</b> on line <b>2015</b><br />
<-
00000000  53:53:48:2d:32:2e:30:2d:31:2e:38:32:20:73:73:68  SSH-2.0-1.82 ssh
00000010  6c:69:62:3a:20:73:73:68:6c:69:62:53:72:53:73:68  lib: sshlibSrSsh
00000020  53:65:72:76:65:72:20:31:2e:30:30:0d:0a           Server 1.00..

->
00000000  53:53:48:2d:32:2e:30:2d:70:68:70:73:65:63:6c:69  SSH-2.0-phpsecli
00000010  62:5f:30:2e:33:20:28:6f:70:65:6e:73:73:6c:2c:20  b_0.3 (openssl, 
00000020  62:63:6d:61:74:68:29:0d:0a                       bcmath)..

<- NET_SSH2_MSG_KEXINIT (since last: 1.545, network: 0.084s)
00000000  de:e7:02:d1:3c:35:5e:4d:71:88:af:d3:2b:66:fe:c4  .....5^Mq...+f..
00000010  00:00:00:59:64:69:66:66:69:65:2d:68:65:6c:6c:6d  ...Ydiffie-hellm
00000020  61:6e:2d:67:72:6f:75:70:31:34:2d:73:68:61:31:2c  an-group14-sha1,
00000030  64:69:66:66:69:65:2d:68:65:6c:6c:6d:61:6e:2d:67  diffie-hellman-g
00000040  72:6f:75:70:2d:65:78:63:68:61:6e:67:65:2d:73:68  roup-exchange-sh
00000050  61:31:2c:64:69:66:66:69:65:2d:68:65:6c:6c:6d:61  a1,diffie-hellma
00000060  6e:2d:67:72:6f:75:70:31:2d:73:68:61:31:00:00:00  n-group1-sha1...
00000070  07:73:73:68:2d:72:73:61:00:00:00:69:61:65:73:32  .ssh-rsa...iaes2
00000080  35:36:2d:63:62:63:2c:74:77:6f:66:69:73:68:32:35  56-cbc,twofish25
00000090  36:2d:63:62:63:2c:74:77:6f:66:69:73:68:2d:63:62  6-cbc,twofish-cb
000000a0  63:2c:61:65:73:31:32:38:2d:63:62:63:2c:74:77:6f  c,aes128-cbc,two
000000b0  66:69:73:68:31:32:38:2d:63:62:63:2c:62:6c:6f:77  fish128-cbc,blow
000000c0  66:69:73:68:2d:63:62:63:2c:33:64:65:73:2d:63:62  fish-cbc,3des-cb
000000d0  63:2c:61:72:63:66:6f:75:72:2c:63:61:73:74:31:32  c,arcfour,cast12
000000e0  38:2d:63:62:63:00:00:00:69:61:65:73:32:35:36:2d  8-cbc...iaes256-
000000f0  63:62:63:2c:74:77:6f:66:69:73:68:32:35:36:2d:63  cbc,twofish256-c
00000100  62:63:2c:74:77:6f:66:69:73:68:2d:63:62:63:2c:61  bc,twofish-cbc,a
00000110  65:73:31:32:38:2d:63:62:63:2c:74:77:6f:66:69:73  es128-cbc,twofis
00000120  68:31:32:38:2d:63:62:63:2c:62:6c:6f:77:66:69:73  h128-cbc,blowfis
00000130  68:2d:63:62:63:2c:33:64:65:73:2d:63:62:63:2c:61  h-cbc,3des-cbc,a
00000140  72:63:66:6f:75:72:2c:63:61:73:74:31:32:38:2d:63  rcfour,cast128-c
00000150  62:63:00:00:00:2b:68:6d:61:63:2d:73:68:61:31:2c  bc...+hmac-sha1,
00000160  68:6d:61:63:2d:6d:64:35:2c:68:6d:61:63:2d:73:68  hmac-md5,hmac-sh
00000170  61:31:2d:39:36:2c:68:6d:61:63:2d:6d:64:35:2d:39  a1-96,hmac-md5-9
00000180  36:00:00:00:2b:68:6d:61:63:2d:73:68:61:31:2c:68  6...+hmac-sha1,h
00000190  6d:61:63:2d:6d:64:35:2c:68:6d:61:63:2d:73:68:61  mac-md5,hmac-sha
000001a0  31:2d:39:36:2c:68:6d:61:63:2d:6d:64:35:2d:39:36  1-96,hmac-md5-96
000001b0  00:00:00:09:7a:6c:69:62:2c:6e:6f:6e:65:00:00:00  ....zlib,none...
000001c0  09:7a:6c:69:62:2c:6e:6f:6e:65:00:00:00:00:00:00  .zlib,none......
000001d0  00:00:00:00:00:00:00                             .......

-> NET_SSH2_MSG_KEXINIT (since last: 0.001, network: 0s)
00000000  80:76:aa:0f:87:22:c1:df:73:35:eb:39:41:b2:c1:0c  .v..."..s5.9A...
00000010  00:00:00:7e:64:69:66:66:69:65:2d:68:65:6c:6c:6d  ...~diffie-hellm
00000020  61:6e:2d:67:72:6f:75:70:31:2d:73:68:61:31:2c:64  an-group1-sha1,d
00000030  69:66:66:69:65:2d:68:65:6c:6c:6d:61:6e:2d:67:72  iffie-hellman-gr
00000040  6f:75:70:31:34:2d:73:68:61:31:2c:64:69:66:66:69  oup14-sha1,diffi
00000050  65:2d:68:65:6c:6c:6d:61:6e:2d:67:72:6f:75:70:2d  e-hellman-group-
00000060  65:78:63:68:61:6e:67:65:2d:73:68:61:31:2c:64:69  exchange-sha1,di
00000070  66:66:69:65:2d:68:65:6c:6c:6d:61:6e:2d:67:72:6f  ffie-hellman-gro
00000080  75:70:2d:65:78:63:68:61:6e:67:65:2d:73:68:61:32  up-exchange-sha2
00000090  35:36:00:00:00:0f:73:73:68:2d:72:73:61:2c:73:73  56....ssh-rsa,ss
000000a0  68:2d:64:73:73:00:00:00:e9:61:72:63:66:6f:75:72  h-dss....arcfour
000000b0  32:35:36:2c:61:72:63:66:6f:75:72:31:32:38:2c:61  256,arcfour128,a
000000c0  65:73:31:32:38:2d:63:74:72:2c:61:65:73:31:39:32  es128-ctr,aes192
000000d0  2d:63:74:72:2c:61:65:73:32:35:36:2d:63:74:72:2c  -ctr,aes256-ctr,
000000e0  74:77:6f:66:69:73:68:31:32:38:2d:63:74:72:2c:74  twofish128-ctr,t
000000f0  77:6f:66:69:73:68:31:39:32:2d:63:74:72:2c:74:77  wofish192-ctr,tw
00000100  6f:66:69:73:68:32:35:36:2d:63:74:72:2c:61:65:73  ofish256-ctr,aes
00000110  31:32:38:2d:63:62:63:2c:61:65:73:31:39:32:2d:63  128-cbc,aes192-c
00000120  62:63:2c:61:65:73:32:35:36:2d:63:62:63:2c:74:77  bc,aes256-cbc,tw
00000130  6f:66:69:73:68:31:32:38:2d:63:62:63:2c:74:77:6f  ofish128-cbc,two
00000140  66:69:73:68:31:39:32:2d:63:62:63:2c:74:77:6f:66  fish192-cbc,twof
00000150  69:73:68:32:35:36:2d:63:62:63:2c:74:77:6f:66:69  ish256-cbc,twofi
00000160  73:68:2d:63:62:63:2c:62:6c:6f:77:66:69:73:68:2d  sh-cbc,blowfish-
00000170  63:74:72:2c:62:6c:6f:77:66:69:73:68:2d:63:62:63  ctr,blowfish-cbc
00000180  2c:33:64:65:73:2d:63:74:72:2c:33:64:65:73:2d:63  ,3des-ctr,3des-c
00000190  62:63:00:00:00:e9:61:72:63:66:6f:75:72:32:35:36  bc....arcfour256
000001a0  2c:61:72:63:66:6f:75:72:31:32:38:2c:61:65:73:31  ,arcfour128,aes1
000001b0  32:38:2d:63:74:72:2c:61:65:73:31:39:32:2d:63:74  28-ctr,aes192-ct
000001c0  72:2c:61:65:73:32:35:36:2d:63:74:72:2c:74:77:6f  r,aes256-ctr,two
000001d0  66:69:73:68:31:32:38:2d:63:74:72:2c:74:77:6f:66  fish128-ctr,twof
000001e0  69:73:68:31:39:32:2d:63:74:72:2c:74:77:6f:66:69  ish192-ctr,twofi
000001f0  73:68:32:35:36:2d:63:74:72:2c:61:65:73:31:32:38  sh256-ctr,aes128
00000200  2d:63:62:63:2c:61:65:73:31:39:32:2d:63:62:63:2c  -cbc,aes192-cbc,
00000210  61:65:73:32:35:36:2d:63:62:63:2c:74:77:6f:66:69  aes256-cbc,twofi
00000220  73:68:31:32:38:2d:63:62:63:2c:74:77:6f:66:69:73  sh128-cbc,twofis
00000230  68:31:39:32:2d:63:62:63:2c:74:77:6f:66:69:73:68  h192-cbc,twofish
00000240  32:35:36:2d:63:62:63:2c:74:77:6f:66:69:73:68:2d  256-cbc,twofish-
00000250  63:62:63:2c:62:6c:6f:77:66:69:73:68:2d:63:74:72  cbc,blowfish-ctr
00000260  2c:62:6c:6f:77:66:69:73:68:2d:63:62:63:2c:33:64  ,blowfish-cbc,3d
00000270  65:73:2d:63:74:72:2c:33:64:65:73:2d:63:62:63:00  es-ctr,3des-cbc.
00000280  00:00:39:68:6d:61:63:2d:73:68:61:32:2d:32:35:36  ..9hmac-sha2-256
00000290  2c:68:6d:61:63:2d:73:68:61:31:2d:39:36:2c:68:6d  ,hmac-sha1-96,hm
000002a0  61:63:2d:73:68:61:31:2c:68:6d:61:63:2d:6d:64:35  ac-sha1,hmac-md5
000002b0  2d:39:36:2c:68:6d:61:63:2d:6d:64:35:00:00:00:39  -96,hmac-md5...9
000002c0  68:6d:61:63:2d:73:68:61:32:2d:32:35:36:2c:68:6d  hmac-sha2-256,hm
000002d0  61:63:2d:73:68:61:31:2d:39:36:2c:68:6d:61:63:2d  ac-sha1-96,hmac-
000002e0  73:68:61:31:2c:68:6d:61:63:2d:6d:64:35:2d:39:36  sha1,hmac-md5-96
000002f0  2c:68:6d:61:63:2d:6d:64:35:00:00:00:04:6e:6f:6e  ,hmac-md5....non
00000300  65:00:00:00:04:6e:6f:6e:65:00:00:00:00:00:00:00  e....none.......
00000310  00:00:00:00:00:00                                ......

-> NET_SSH2_MSG_KEXDH_INIT (since last: 0.012, network: 0s)
00000000  00:00:00:80:69:2e:eb:cd:aa:4f:eb:b2:0f:ab:3a:5c  ....i....O....:
00000010  ad:43:bb:51:7e:7e:c1:90:58:13:98:aa:3d:e3:d2:7b  .C.Q~~..X...=..{
00000020  b7:2b:ab:b0:ec:18:9a:d1:87:c0:99:26:82:ef:8e:a3  .+.........&....
00000030  18:81:69:91:2a:8f:ed:73:4a:29:c0:2e:85:b2:50:d2  ..i.*..sJ)....P.
00000040  f8:8b:6f:a7:60:8e:d4:7b:97:e9:da:a3:80:9d:93:7a  ..o.`..{.......z
00000050  30:a5:aa:31:bc:83:33:f4:2d:8c:18:c6:4d:bc:58:f4  0..1..3.-...M.X.
00000060  5f:0c:03:57:b6:8d:72:cd:a0:cd:1a:56:55:fd:82:d6  _..W..r....VU...
00000070  5f:21:e8:77:34:65:79:eb:87:03:80:a9:c4:04:a2:6d  _!.w4ey........m
00000080  a1:b6:e8:11                                      ....

<- NET_SSH2_MSG_KEXDH_REPLY (since last: 0.09, network: 0.09s)
00000000  00:00:00:95:00:00:00:07:73:73:68:2d:72:73:61:00  ........ssh-rsa.
00000010  00:00:01:11:00:00:00:81:00:bc:a7:d7:98:5f:d5:ce  ............._..
00000020  a4:15:2f:84:52:bf:2e:70:19:e7:85:08:24:21:e9:02  ../.R..p....$!..
00000030  29:3e:a6:6e:f8:c4:f8:6d:6f:db:a6:06:53:20:e2:02  )>.n...mo...S ..
00000040  4d:db:75:16:a3:66:1d:4f:da:1d:63:d0:46:45:b8:f4  M.u..f.O..c.FE..
00000050  5a:37:bd:e4:c1:25:6c:42:3c:44:c2:8b:47:37:3d:27  Z7...%lB.D..G7='
00000060  1a:f0:45:1e:83:fb:5c:c7:b9:36:35:5b:0d:f1:70:b5  ..E.....65[..p.
00000070  c0:0d:18:c6:39:e9:5a:29:61:8f:3e:47:5e:f1:c8:35  ....9.Z)a.>G^..5
00000080  18:09:c9:ab:08:f3:a6:35:f2:61:3e:93:d4:f8:65:0f  .......5.a>...e.
00000090  8e:83:04:28:e8:fa:f5:95:53:00:00:00:80:51:79:eb  ...(....S....Qy.
000000a0  65:26:79:1d:6c:d5:ac:09:09:81:32:1b:c9:99:d4:89  e&y.l.....2.....
000000b0  9a:59:92:63:d5:5e:e9:d2:d7:fa:ef:a1:7c:33:20:0c  .Y.c.^......|3 .
000000c0  89:0f:09:67:1f:0f:0f:2a:47:39:d7:e5:67:a5:e4:eb  ...g...*G9..g...
000000d0  12:e0:b9:6e:0f:e4:17:56:bc:ba:49:ef:f3:a1:ba:cc  ...n...V..I.....
000000e0  a3:2c:57:26:46:c9:62:0e:8c:ca:87:e5:65:10:86:e0  .,W&F.b.....e...
000000f0  fd:80:be:ce:18:a0:d3:3b:33:73:b0:07:0f:de:de:72  .......;3s.....r
00000100  33:0b:30:62:d5:b3:c8:89:b2:dd:01:0b:d8:d9:53:92  3.0b..........S.
00000110  17:3f:e2:02:6d:15:ce:1b:ab:c7:4f:8d:44:00:00:00  .?..m.....O.D...
00000120  8f:00:00:00:07:73:73:68:2d:72:73:61:00:00:00:80  .....ssh-rsa....
00000130  4f:fb:0e:44:b3:1a:b0:9c:68:6e:e4:db:39:d1:a2:bd  O..D....hn..9...
00000140  c0:54:ef:7e:50:ef:60:98:33:d4:cd:e3:b1:92:6f:6d  .T.~P.`.3.....om
00000150  39:64:78:86:01:f0:ba:20:e9:ae:a6:78:b4:d4:d4:a1  9dx.... ...x....
00000160  e6:96:7a:a6:1e:9e:04:60:04:9c:97:81:0b:a4:56:63  ..z....`......Vc
00000170  16:b4:d8:77:d0:4b:c6:d1:6c:f1:7b:df:65:8f:5d:e1  ...w.K..l.{.e.].
00000180  9e:af:6d:c1:a8:57:d6:42:7d:38:3f:96:3f:4c:3c:78  ..m..W.B}8?.?L.x
00000190  a0:fb:be:7e:51:1f:b7:b0:e6:35:79:31:46:d4:dd:42  ...~Q....5y1F..B
000001a0  c6:aa:fa:7f:09:0c:10:a5:cf:26:5f:16:0c:dd:8f:46  .........&_....F

-> NET_SSH2_MSG_NEWKEYS (since last: 0.011, network: 0s)


<- NET_SSH2_MSG_NEWKEYS (since last: 0.001, network: 0s)


-> NET_SSH2_MSG_SERVICE_REQUEST (since last: 0.003, network: 0s)
00000000  00:00:00:0c:73:73:68:2d:75:73:65:72:61:75:74:68  ....ssh-userauth

Login Failed

For comparison, here's a log from a successful login on a different server:

<-
00000000  53:53:48:2d:32:2e:30:2d:31:2e:38:32:20:73:73:68  SSH-2.0-1.82 ssh
00000010  6c:69:62:3a:20:73:73:68:6c:69:62:53:72:53:73:68  lib: sshlibSrSsh
00000020  53:65:72:76:65:72:20:31:2e:30:30:0d:0a           Server 1.00..

->
00000000  53:53:48:2d:32:2e:30:2d:70:68:70:73:65:63:6c:69  SSH-2.0-phpsecli
00000010  62:5f:30:2e:33:20:28:6f:70:65:6e:73:73:6c:2c:20  b_0.3 (openssl, 
00000020  62:63:6d:61:74:68:29:0d:0a                       bcmath)..

<- NET_SSH2_MSG_KEXINIT (since last: 1.0692, network: 0.0864s)
00000000  18:37:a9:f6:4e:9e:59:ee:e2:dc:9d:f3:0d:20:03:d3  .7..N.Y...... ..
00000010  00:00:00:59:64:69:66:66:69:65:2d:68:65:6c:6c:6d  ...Ydiffie-hellm
00000020  61:6e:2d:67:72:6f:75:70:31:34:2d:73:68:61:31:2c  an-group14-sha1,
00000030

Answer 1

The problem was in one of the algorithms it was trying to use. With both aes128-cbc and aes256-cbc available on the Windows server, it choked. Commenting them out allows the connection to complete without errors:

In Net/SSH2.php in _key_exchange():

//'aes128-cbc',     // RECOMMENDED       AES with a 128-bit key
'aes192-cbc',     // OPTIONAL          AES with a 192-bit key
//'aes256-cbc',     // OPTIONAL          AES in CBC mode, with a 256-bit key