danog/phpseclib
1
0
Fork 0
mirror of https://github.com/danog/phpseclib.git synced 2024-12-02 17:52:59 +01:00
Code Issues Projects Releases Wiki Activity

Make validateSignature() behave more intuitively

Browse Source
This commit is contained in:
terrafrost 2012-11-19 21:10:22 -06:00
parent 126c396a51
commit 7e120a0f30
1 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
phpseclib/File/X509.php
View File

@ -1809,9 +1809,7 @@ class File_X509 {
* Validate a signature
*
* Works on X.509 certs, CSR's and CRL's.
* Returns 1 if the signature is verified, 0 if it is not correct or -1 on error
*
* To know if a signature is valid one should do validateSignature() === 1
* Returns true if the signature is verified, false if it is not correct or NULL on error
*
* The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}.
*
@ -1861,10 +1859,10 @@ class File_X509 {
}
}
if (count($this->CAs) == $i && ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
return 0;
return false;
}
} elseif (!isset($signingCert) || ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
return 0;
return false;
}
return $this->_validateSignature(
$signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
@ -1898,7 +1896,7 @@ class File_X509 {
}
}
if (!isset($signingCert)) {
return 0;
return false;
}
return $this->_validateSignature(
$signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
@ -1908,14 +1906,14 @@ class File_X509 {
$this->signatureSubject
);
default:
return 0;
return false;
}
}
/**
* Validates a signature
*
* Returns 1 if the signature is verified, 0 if it is not correct or -1 on error
* Returns true if the signature is verified, false if it is not correct or NULL on error
*
* @param String $publicKeyAlgorithm
* @param String $publicKey
@ -1947,18 +1945,18 @@ class File_X509 {
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
if (!@$rsa->verify($signatureSubject, $signature)) {
return 0;
return false;
}
break;
default:
return -1;
return NULL;
}
break;
default:
return -1;
return NULL;
}
return 1;
return true;
}
/**