mirror of
https://github.com/danog/tgseclib.git
synced 2024-12-02 17:48:00 +01:00
Merge branch 'master' into php5
* master: RSA: slight adjustment to CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW format
This commit is contained in:
commit
76ac2a863d
@ -218,6 +218,12 @@ define('CRYPT_RSA_PUBLIC_FORMAT_RAW', 3);
|
||||
* PKCS#1 formatted public key (raw)
|
||||
*
|
||||
* Used by File/X509.php
|
||||
*
|
||||
* Has the following header:
|
||||
*
|
||||
* -----BEGIN RSA PUBLIC KEY-----
|
||||
*
|
||||
* Analogous to ssh-keygen's pem format (as specified by -m)
|
||||
*/
|
||||
define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW', 4);
|
||||
/**
|
||||
@ -234,6 +240,14 @@ define('CRYPT_RSA_PUBLIC_FORMAT_OPENSSH', 6);
|
||||
* PKCS#1 formatted public key (encapsulated)
|
||||
*
|
||||
* Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set)
|
||||
*
|
||||
* Has the following header:
|
||||
*
|
||||
* -----BEGIN PUBLIC KEY-----
|
||||
*
|
||||
* Analogous to ssh-keygen's pkcs8 format (as specified by -m)
|
||||
* (the applicability of PKCS8 is dubious since PKCS8 is talking about
|
||||
* private keys but whatever)
|
||||
*/
|
||||
define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 7);
|
||||
/**#@-*/
|
||||
@ -904,7 +918,11 @@ class Crypt_RSA
|
||||
$components['modulus'], $components['publicExponent']
|
||||
);
|
||||
|
||||
if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1) {
|
||||
if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW) {
|
||||
$RSAPublicKey = "-----BEGIN RSA PUBLIC KEY-----\r\n" .
|
||||
chunk_split(base64_encode($RSAPublicKey), 64) .
|
||||
'-----END RSA PUBLIC KEY-----';
|
||||
} else {
|
||||
// sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption.
|
||||
$rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA
|
||||
$RSAPublicKey = chr(0) . $RSAPublicKey;
|
||||
@ -913,11 +931,11 @@ class Crypt_RSA
|
||||
$RSAPublicKey = pack('Ca*a*',
|
||||
CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey
|
||||
);
|
||||
}
|
||||
|
||||
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
|
||||
chunk_split(base64_encode($RSAPublicKey), 64) .
|
||||
'-----END PUBLIC KEY-----';
|
||||
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
|
||||
chunk_split(base64_encode($RSAPublicKey), 64) .
|
||||
'-----END PUBLIC KEY-----';
|
||||
}
|
||||
|
||||
return $RSAPublicKey;
|
||||
}
|
||||
|
@ -2171,12 +2171,12 @@ class File_X509
|
||||
switch ($algorithm) {
|
||||
case 'rsaEncryption':
|
||||
return
|
||||
"-----BEGIN PUBLIC KEY-----\r\n" .
|
||||
"-----BEGIN RSA PUBLIC KEY-----\r\n" .
|
||||
// subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits
|
||||
// in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox
|
||||
// uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do.
|
||||
chunk_split(base64_encode(substr(base64_decode($key), 1)), 64) .
|
||||
'-----END PUBLIC KEY-----';
|
||||
'-----END RSA PUBLIC KEY-----';
|
||||
default:
|
||||
return $key;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user