Merge branch '3.0'

2024-12-15 10:26:59 +01:00 · 2020-04-19 15:39:51 -05:00 · 2020-04-19 15:39:51 -05:00 · 08fc9615e3
commit 08fc9615e3
parent 8724c077e4 0b231cc53b
3 changed files with 2 additions and 28 deletions
--- a/phpseclib/Crypt/RSA.php
+++ b/phpseclib/Crypt/RSA.php
@ -109,12 +109,6 @@ abstract class RSA extends AsymmetricKey
     * stuff, if you're trying to diagnose why an encrypted message isn't decrypting, etc.
     */
    const ENCRYPTION_NONE = 4;
-    /**
-     * Use PKCS#1 padding with PKCS1 v1.5 compatibility
-     *
-     * A PKCS1 v2.1 encrypted message may not successfully decrypt with a PKCS1 v1.5 implementation (such as OpenSSL).
-     */
-    const ENCRYPTION_PKCS15_COMPAT = 8;
    /**#@-*/

    /**#@+
@ -747,8 +741,7 @@ abstract class RSA extends AsymmetricKey
        $masks = [
            self::ENCRYPTION_OAEP,
            self::ENCRYPTION_PKCS1,
-            self::ENCRYPTION_NONE,
-            self::ENCRYPTION_PKCS15_COMPAT
+            self::ENCRYPTION_NONE
        ];
        $numSelected = 0;
        $selected = 0;
--- a/phpseclib/Crypt/RSA/PrivateKey.php
+++ b/phpseclib/Crypt/RSA/PrivateKey.php
@ -324,17 +324,6 @@ class PrivateKey extends RSA implements Common\PrivateKey
     *
     * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}.
     *
-     * For compatibility purposes, this function departs slightly from the description given in RFC3447.
-     * The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the
-     * private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the
-     * public key should have the second byte set to 2.  In RFC3447 (PKCS#1 v2.1), the second byte is supposed
-     * to be 2 regardless of which key is used.  For compatibility purposes, we'll just check to make sure the
-     * second byte is 2 or less.  If it is, we'll accept the decrypted string as valid.
-     *
-     * As a consequence of this, a private key encrypted ciphertext produced with \phpseclib3\Crypt\RSA may not decrypt
-     * with a strictly PKCS#1 v1.5 compliant RSA implementation.  Public key encrypted ciphertext's should but
-     * not private key encrypted ciphertext's.
-     *
     * @access private
     * @param string $c
     * @return bool|string
--- a/phpseclib/Crypt/RSA/PublicKey.php
+++ b/phpseclib/Crypt/RSA/PublicKey.php
@ -329,12 +329,6 @@ class PublicKey extends RSA implements Common\PublicKey
            $ps.= $temp;
        }
        $type = 2;
-        // see the comments of _rsaes_pkcs1_v1_5_decrypt() to understand why this is being done
-        if ($pkcs15_compat && (!isset($this->publicExponent) || $this->exponent !== $this->publicExponent)) {
-            $type = 1;
-            // "The padding string PS shall consist of k-3-||D|| octets. ... for block type 01, they shall have value FF"
-            $ps = str_repeat("\xFF", $psLen);
-        }
        $em = chr(0) . chr($type) . $ps . chr(0) . $m;

        // RSA encryption
@ -450,10 +444,8 @@ class PublicKey extends RSA implements Common\PublicKey
        switch ($this->encryptionPadding) {
            case self::ENCRYPTION_NONE:
                return $this->raw_encrypt($plaintext);
-            case self::ENCRYPTION_PKCS15_COMPAT:
            case self::ENCRYPTION_PKCS1:
-                $pkcs15_compat = $this->encryptionPadding & self::ENCRYPTION_PKCS15_COMPAT;
-                return $this->rsaes_pkcs1_v1_5_encrypt($plaintext, $pkcs15_compat);
+                return $this->rsaes_pkcs1_v1_5_encrypt($plaintext);
            //case self::ENCRYPTION_OAEP:
            default:
                return $this->rsaes_oaep_encrypt($plaintext);