1
0
mirror of https://github.com/danog/tgseclib.git synced 2024-11-30 04:39:02 +01:00

- compatability adjustments for interoperability with strictly PKCS#1 v1.5 compliant RSA implementations

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@102 21d32557-59b3-4da0-833f-c5933fad653e
This commit is contained in:
Jim Wigginton 2010-04-10 15:57:02 +00:00
parent 868bcbd159
commit 7fd48f8e72

View File

@ -62,7 +62,7 @@
* @author Jim Wigginton <terrafrost@php.net>
* @copyright MMIX Jim Wigginton
* @license http://www.gnu.org/licenses/lgpl.txt
* @version $Id: RSA.php,v 1.14 2010-03-01 17:28:19 terrafrost Exp $
* @version $Id: RSA.php,v 1.15 2010-04-10 15:57:02 terrafrost Exp $
* @link http://phpseclib.sourceforge.net
*/
@ -1634,6 +1634,17 @@ class Crypt_RSA {
*
* See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}.
*
* For compatability purposes, this function departs slightly from the description given in RFC3447.
* The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the
* private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the
* public key should have the second byte set to 2. In RFC3447 (PKCS#1 v2.1), the second byte is supposed
* to be 2 regardless of which key is used. for compatability purposes, we'll just check to make sure the
* second byte is 2 or less. If it is, we'll accept the decrypted string as valid.
*
* As a consequence of this, a private key encrypted ciphertext produced with Crypt_RSA may not decrypt
* with a strictly PKCS#1 v1.5 compliant RSA implementation. Public key encrypted ciphertext's should but
* not private key encrypted ciphertext's.
*
* @access private
* @param String $c
* @return String
@ -1659,7 +1670,7 @@ class Crypt_RSA {
// EME-PKCS1-v1_5 decoding
if (ord($em[0]) != 0 || ord($em[1]) != 2) {
if (ord($em[0]) != 0 || ord($em[1]) > 2) {
user_error('Decryption error', E_USER_NOTICE);
return false;
}