1
0
mirror of https://github.com/danog/tgseclib.git synced 2024-12-02 17:48:00 +01:00

Merge branch 'master' into php5

* master:
  RSA: slight adjustment to CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW format
This commit is contained in:
Andreas Fischer 2014-06-11 08:05:49 +02:00
commit 76ac2a863d
2 changed files with 25 additions and 7 deletions

View File

@ -218,6 +218,12 @@ define('CRYPT_RSA_PUBLIC_FORMAT_RAW', 3);
* PKCS#1 formatted public key (raw)
*
* Used by File/X509.php
*
* Has the following header:
*
* -----BEGIN RSA PUBLIC KEY-----
*
* Analogous to ssh-keygen's pem format (as specified by -m)
*/
define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW', 4);
/**
@ -234,6 +240,14 @@ define('CRYPT_RSA_PUBLIC_FORMAT_OPENSSH', 6);
* PKCS#1 formatted public key (encapsulated)
*
* Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set)
*
* Has the following header:
*
* -----BEGIN PUBLIC KEY-----
*
* Analogous to ssh-keygen's pkcs8 format (as specified by -m)
* (the applicability of PKCS8 is dubious since PKCS8 is talking about
* private keys but whatever)
*/
define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 7);
/**#@-*/
@ -904,7 +918,11 @@ class Crypt_RSA
$components['modulus'], $components['publicExponent']
);
if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1) {
if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW) {
$RSAPublicKey = "-----BEGIN RSA PUBLIC KEY-----\r\n" .
chunk_split(base64_encode($RSAPublicKey), 64) .
'-----END RSA PUBLIC KEY-----';
} else {
// sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption.
$rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA
$RSAPublicKey = chr(0) . $RSAPublicKey;
@ -913,11 +931,11 @@ class Crypt_RSA
$RSAPublicKey = pack('Ca*a*',
CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey
);
}
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
chunk_split(base64_encode($RSAPublicKey), 64) .
'-----END PUBLIC KEY-----';
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
chunk_split(base64_encode($RSAPublicKey), 64) .
'-----END PUBLIC KEY-----';
}
return $RSAPublicKey;
}

View File

@ -2171,12 +2171,12 @@ class File_X509
switch ($algorithm) {
case 'rsaEncryption':
return
"-----BEGIN PUBLIC KEY-----\r\n" .
"-----BEGIN RSA PUBLIC KEY-----\r\n" .
// subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits
// in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox
// uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do.
chunk_split(base64_encode(substr(base64_decode($key), 1)), 64) .
'-----END PUBLIC KEY-----';
'-----END RSA PUBLIC KEY-----';
default:
return $key;
}