1
0
mirror of https://github.com/danog/phpseclib.git synced 2024-12-02 17:52:59 +01:00

RSA: misc fixes for "without NULL" PKCS1 signature validation

This commit is contained in:
terrafrost 2021-04-03 17:50:28 -05:00
parent a60f569126
commit f61cce9c83
2 changed files with 10 additions and 2 deletions

View File

@ -660,6 +660,9 @@ abstract class RSA extends AsymmetricKey
break;
case 'sha512/256':
$t = "\x30\x2f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x06\x04\x20";
break;
default:
throw new UnsupportedAlgorithmException('md2 and md5 require NULLs');
}
$t.= $h;
$tLen = strlen($t);

View File

@ -20,6 +20,7 @@ use phpseclib3\Common\Functions\Strings;
use phpseclib3\Crypt\Hash;
use phpseclib3\Exception\NoKeyLoadedException;
use phpseclib3\Exception\UnsupportedFormatException;
use phpseclib3\Exception\UnsupportedAlgorithmException;
use phpseclib3\Crypt\Random;
use phpseclib3\Crypt\Common;
use phpseclib3\File\ASN1\Maps\DigestInfo;
@ -103,14 +104,18 @@ class PublicKey extends RSA implements Common\PublicKey
// too short" and stop.
try {
$em2 = $this->emsa_pkcs1_v1_5_encode($m, $this->k);
$r1 = hash_equals($em, $em2);
} catch (\LengthException $e) {
$exception = true;
}
try {
$em3 = $this->emsa_pkcs1_v1_5_encode_witout_null($m, $this->k);
$em3 = $this->emsa_pkcs1_v1_5_encode_without_null($m, $this->k);
$r2 = hash_equals($em, $em3);
} catch (\LengthException $e) {
$exception = true;
} catch (UnsupportedAlgorithmException $e) {
$r2 = false;
}
if ($exception) {
@ -118,7 +123,7 @@ class PublicKey extends RSA implements Common\PublicKey
}
// Compare
return hash_equals($em, $em2) || hash_equals($em, $em3);
return $r1 || $r2;
}
/**