danog/phpseclib
1
0
Fork 0
mirror of https://github.com/danog/phpseclib.git synced 2024-12-03 10:08:04 +01:00
Code Issues Projects Releases Wiki Activity

Make validateSignature() behave more intuitively

Browse Source
This commit is contained in:
terrafrost 2012-11-19 21:10:22 -06:00
parent 126c396a51
commit 7e120a0f30
1 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
phpseclib/File/X509.php
View File

@ -1809,9 +1809,7 @@ class File_X509 {
* Validate a signature * Validate a signature
* *
* Works on X.509 certs, CSR's and CRL's. * Works on X.509 certs, CSR's and CRL's.
* Returns 1 if the signature is verified, 0 if it is not correct or -1 on error * Returns true if the signature is verified, false if it is not correct or NULL on error
*
* To know if a signature is valid one should do validateSignature() === 1
* *
* The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}. * The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}.
* *
@ -1861,10 +1859,10 @@ class File_X509 {
} }
} }
if (count($this->CAs) == $i && ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) { if (count($this->CAs) == $i && ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
return 0; return false;
} }
} elseif (!isset($signingCert) || ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) { } elseif (!isset($signingCert) || ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
return 0; return false;
} }
return $this->_validateSignature( return $this->_validateSignature(
$signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
@ -1898,7 +1896,7 @@ class File_X509 {
} }
} }
if (!isset($signingCert)) { if (!isset($signingCert)) {
return 0; return false;
} }
return $this->_validateSignature( return $this->_validateSignature(
$signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
@ -1908,14 +1906,14 @@ class File_X509 {
$this->signatureSubject $this->signatureSubject
); );
default: default:
return 0; return false;
} }
} }
/** /**
* Validates a signature * Validates a signature
* *
* Returns 1 if the signature is verified, 0 if it is not correct or -1 on error * Returns true if the signature is verified, false if it is not correct or NULL on error
* *
* @param String $publicKeyAlgorithm * @param String $publicKeyAlgorithm
* @param String $publicKey * @param String $publicKey
@ -1947,18 +1945,18 @@ class File_X509 {
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
if (!@$rsa->verify($signatureSubject, $signature)) { if (!@$rsa->verify($signatureSubject, $signature)) {
return 0; return false;
} }
break; break;
default: default:
return -1; return NULL;
} }
break; break;
default: default:
return -1; return NULL;
} }
return 1; return true;
} }
/** /**