danog/phpseclib
1
0
Fork 0
mirror of https://github.com/danog/phpseclib.git synced 2024-12-02 09:38:06 +01:00
Code Issues Projects Releases Wiki Activity

RSA: setting sig padding broke enc padding and vice versa

Browse Source
This commit is contained in:
terrafrost 2023-06-02 10:09:47 -05:00
parent 841267aafa
commit f418be845b
2 changed files with 27 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
phpseclib/Crypt/RSA.php
View File

@ -841,15 +841,15 @@ abstract class RSA extends AsymmetricKey
self::ENCRYPTION_PKCS1, self::ENCRYPTION_PKCS1,
self::ENCRYPTION_NONE self::ENCRYPTION_NONE
]; ];
$numSelected = 0; $encryptedCount = 0;
$selected = 0; $selected = 0;
foreach ($masks as $mask) { foreach ($masks as $mask) {
if ($padding & $mask) { if ($padding & $mask) {
$selected = $mask; $selected = $mask;
$numSelected++; $encryptedCount++;
} }
} }
if ($numSelected > 1) { if ($encryptedCount > 1) {
throw new InconsistentSetupException('Multiple encryption padding modes have been selected; at most only one should be selected'); throw new InconsistentSetupException('Multiple encryption padding modes have been selected; at most only one should be selected');
} }
$encryptionPadding = $selected; $encryptionPadding = $selected;
@ -859,22 +859,26 @@ abstract class RSA extends AsymmetricKey
self::SIGNATURE_RELAXED_PKCS1, self::SIGNATURE_RELAXED_PKCS1,
self::SIGNATURE_PKCS1 self::SIGNATURE_PKCS1
]; ];
$numSelected = 0; $signatureCount = 0;
$selected = 0; $selected = 0;
foreach ($masks as $mask) { foreach ($masks as $mask) {
if ($padding & $mask) { if ($padding & $mask) {
$selected = $mask; $selected = $mask;
$numSelected++; $signatureCount++;
} }
} }
if ($numSelected > 1) { if ($signatureCount > 1) {
throw new InconsistentSetupException('Multiple signature padding modes have been selected; at most only one should be selected'); throw new InconsistentSetupException('Multiple signature padding modes have been selected; at most only one should be selected');
} }
$signaturePadding = $selected; $signaturePadding = $selected;
$new = clone $this; $new = clone $this;
$new->encryptionPadding = $encryptionPadding; if ($encryptedCount) {
$new->signaturePadding = $signaturePadding; $new->encryptionPadding = $encryptionPadding;
}
if ($signatureCount) {
$new->signaturePadding = $signaturePadding;
}
return $new; return $new;
} }

15
tests/Unit/Crypt/RSA/ModeTest.php
View File

@ -254,4 +254,19 @@ zUlir0ACPypC1Q==
$this->assertSame($data, $decrypted); $this->assertSame($data, $decrypted);
} }
public function testSettingOnePadding()
{
$pub = <<<HERE
-----BEGIN PUBLIC KEY-----
MF0wDQYJKoZIhvcNAQEBBQADTAAwSQJCAmdYuOvii3I6ya3q/zSeZFoJprgF9fIq
k12yS6pCS3c+1wZ9cYFVtgfpSL4XpylLe9EnRT2GRVYCqUkR4AUeTuvnAgMBAAE=
-----END PUBLIC KEY-----
HERE;
$rsa = PublicKeyLoader::load($pub);
$this->assertTrue((bool) ($rsa->getPadding() & RSA::SIGNATURE_PSS));
$rsa = $rsa->withPadding(RSA::ENCRYPTION_NONE);
$this->assertTrue((bool) ($rsa->getPadding() & RSA::SIGNATURE_PSS));
}
} }