1
0
mirror of https://github.com/danog/phpseclib.git synced 2024-11-27 04:46:26 +01:00

ECDSA: make it so hash can't be changed for Ed25519 / Ed448

This commit is contained in:
terrafrost 2018-11-29 10:05:28 -06:00
parent d234297819
commit 2c1994805b
2 changed files with 61 additions and 5 deletions

View File

@ -151,6 +151,14 @@ abstract class AsymmetricKey
*/
private $hmac;
/**
* Hash manually set?
*
* @var bool
* @access private
*/
protected $hashManuallySet = false;
/**
* Available Engines
*
@ -284,6 +292,12 @@ abstract class AsymmetricKey
*/
protected function load($key, $type)
{
if ($key instanceof self) {
$this->hmac = $key->hmac;
return;
}
$components = false;
if ($type === false) {
foreach (self::$plugins[static::ALGORITHM]['Keys'] as $format) {
@ -594,6 +608,8 @@ abstract class AsymmetricKey
{
$this->hash = new Hash($hash);
$this->hmac = new Hash($hash);
$this->hashManuallySet = true;
}
/**

View File

@ -37,6 +37,7 @@ use phpseclib\File\ASN1;
use phpseclib\File\ASN1\Maps\ECParameters;
use phpseclib\Crypt\ECDSA\BaseCurves\TwistedEdwards as TwistedEdwardsCurve;
use phpseclib\Crypt\ECDSA\Curves\Ed25519;
use phpseclib\Crypt\ECDSA\Curves\Ed448;
use phpseclib\Crypt\ECDSA\Keys\PKCS1;
use phpseclib\Crypt\ECDSA\Keys\PKCS8;
use phpseclib\Crypt\ECDSA\Signature\ASN1 as ASN1Signature;
@ -198,20 +199,28 @@ class ECDSA extends AsymmetricKey
$this->QA = $key->QA;
$this->curve = $key->curve;
$this->parametersFormat = $key->parametersFormat;
$this->hash = $key->hash;
parent::load($key, false);
return true;
}
$components = parent::load($key, $type);
if ($components === false) {
$this->format = null;
$this->dA = null;
$this->QA = null;
$this->curve = null;
$this->clearKey();
return false;
}
if ($components['curve'] instanceof Ed25519 && $this->hashManuallySet && $this->hash->getHash() != 'sha512') {
$this->clearKey();
throw new \RuntimeException('Ed25519 only supports sha512 as a hash');
}
if ($components['curve'] instanceof Ed448 && $this->hashManuallySet && $this->hash->getHash() != 'shake256-912') {
$this->clearKey();
throw new \RuntimeException('Ed448 only supports shake256 with a length of 114 bytes');
}
$this->curve = $components['curve'];
$this->QA = $components['QA'];
$this->dA = isset($components['dA']) ? $components['dA'] : null;
@ -219,6 +228,19 @@ class ECDSA extends AsymmetricKey
return true;
}
/**
* Removes a key
*
* @access private
*/
private function clearKey()
{
$this->format = null;
$this->dA = null;
$this->QA = null;
$this->curve = null;
}
/**
* Returns the curve
*
@ -439,6 +461,24 @@ class ECDSA extends AsymmetricKey
$this->context = $context;
}
/**
* Determines which hashing function should be used
*
* @access public
* @param string $hash
*/
public function setHash($hash)
{
if ($this->curve instanceof Ed25519 && $this->hash != 'sha512') {
throw new \RuntimeException('Ed25519 only supports sha512 as a hash');
}
if ($this->curve instanceof Ed448 && $this->hash != 'shake256-912') {
throw new \RuntimeException('Ed448 only supports shake256 with a length of 114 bytes');
}
parent::setHash($hash);
}
/**
* Create a signature
*