mirror of
https://github.com/danog/phpseclib.git
synced 2024-12-03 18:18:05 +01:00
RSA: misc fixes for "without NULL" PKCS1 signature validation
This commit is contained in:
parent
a60f569126
commit
f61cce9c83
@ -660,6 +660,9 @@ abstract class RSA extends AsymmetricKey
|
||||
break;
|
||||
case 'sha512/256':
|
||||
$t = "\x30\x2f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x06\x04\x20";
|
||||
break;
|
||||
default:
|
||||
throw new UnsupportedAlgorithmException('md2 and md5 require NULLs');
|
||||
}
|
||||
$t.= $h;
|
||||
$tLen = strlen($t);
|
||||
|
@ -20,6 +20,7 @@ use phpseclib3\Common\Functions\Strings;
|
||||
use phpseclib3\Crypt\Hash;
|
||||
use phpseclib3\Exception\NoKeyLoadedException;
|
||||
use phpseclib3\Exception\UnsupportedFormatException;
|
||||
use phpseclib3\Exception\UnsupportedAlgorithmException;
|
||||
use phpseclib3\Crypt\Random;
|
||||
use phpseclib3\Crypt\Common;
|
||||
use phpseclib3\File\ASN1\Maps\DigestInfo;
|
||||
@ -103,14 +104,18 @@ class PublicKey extends RSA implements Common\PublicKey
|
||||
// too short" and stop.
|
||||
try {
|
||||
$em2 = $this->emsa_pkcs1_v1_5_encode($m, $this->k);
|
||||
$r1 = hash_equals($em, $em2);
|
||||
} catch (\LengthException $e) {
|
||||
$exception = true;
|
||||
}
|
||||
|
||||
try {
|
||||
$em3 = $this->emsa_pkcs1_v1_5_encode_witout_null($m, $this->k);
|
||||
$em3 = $this->emsa_pkcs1_v1_5_encode_without_null($m, $this->k);
|
||||
$r2 = hash_equals($em, $em3);
|
||||
} catch (\LengthException $e) {
|
||||
$exception = true;
|
||||
} catch (UnsupportedAlgorithmException $e) {
|
||||
$r2 = false;
|
||||
}
|
||||
|
||||
if ($exception) {
|
||||
@ -118,7 +123,7 @@ class PublicKey extends RSA implements Common\PublicKey
|
||||
}
|
||||
|
||||
// Compare
|
||||
return hash_equals($em, $em2) || hash_equals($em, $em3);
|
||||
return $r1 || $r2;
|
||||
}
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user