mirror of
https://github.com/danog/tgseclib.git
synced 2025-01-22 05:51:20 +01:00
Make PEM lines be 64 bytes long instead of 72
Also, add more notes to Crypt_Random's comments
This commit is contained in:
parent
7f5e9f404a
commit
e4ccaef7bf
@ -813,11 +813,11 @@ class Crypt_RSA {
|
||||
"Proc-Type: 4,ENCRYPTED\r\n" .
|
||||
"DEK-Info: DES-EDE3-CBC,$iv\r\n" .
|
||||
"\r\n" .
|
||||
chunk_split(base64_encode($des->encrypt($RSAPrivateKey))) .
|
||||
chunk_split(base64_encode($des->encrypt($RSAPrivateKey)), 64) .
|
||||
'-----END RSA PRIVATE KEY-----';
|
||||
} else {
|
||||
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
|
||||
chunk_split(base64_encode($RSAPrivateKey)) .
|
||||
chunk_split(base64_encode($RSAPrivateKey), 64) .
|
||||
'-----END RSA PRIVATE KEY-----';
|
||||
}
|
||||
|
||||
@ -884,7 +884,7 @@ class Crypt_RSA {
|
||||
}
|
||||
|
||||
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
|
||||
chunk_split(base64_encode($RSAPublicKey)) .
|
||||
chunk_split(base64_encode($RSAPublicKey), 64) .
|
||||
'-----END PUBLIC KEY-----';
|
||||
|
||||
return $RSAPublicKey;
|
||||
|
@ -117,7 +117,9 @@ function crypt_random_string($length) {
|
||||
// on the data sent by all users. one user requests the page and a hash of their info is saved.
|
||||
// another user visits the page and the serialization of their data is utilized along with the
|
||||
// server envirnment stuff and a hash of the previous http request data (which itself utilizes
|
||||
// a hash of the session data before that).
|
||||
// a hash of the session data before that). certainly an attacker should be assumed to have
|
||||
// full control over his own http requests. he, however, is not going to have control over
|
||||
// everyone's http requests.
|
||||
static $crypto = false, $v;
|
||||
if ($crypto === false) {
|
||||
// save old session data
|
||||
|
@ -1524,7 +1524,7 @@ class File_X509 {
|
||||
return $cert;
|
||||
// case FILE_X509_FORMAT_PEM:
|
||||
default:
|
||||
return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(base64_encode($cert)) . '-----END CERTIFICATE-----';
|
||||
return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(base64_encode($cert), 64) . '-----END CERTIFICATE-----';
|
||||
}
|
||||
}
|
||||
|
||||
@ -2150,7 +2150,7 @@ class File_X509 {
|
||||
// subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits
|
||||
// in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox
|
||||
// uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do.
|
||||
chunk_split(base64_encode(substr(base64_decode($key), 1))) .
|
||||
chunk_split(base64_encode(substr(base64_decode($key), 1)), 64) .
|
||||
'-----END PUBLIC KEY-----';
|
||||
default:
|
||||
return $key;
|
||||
@ -2877,7 +2877,7 @@ class File_X509 {
|
||||
return $csr;
|
||||
// case FILE_X509_FORMAT_PEM:
|
||||
default:
|
||||
return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(base64_encode($csr)) . '-----END CERTIFICATE REQUEST-----';
|
||||
return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(base64_encode($csr), 64) . '-----END CERTIFICATE REQUEST-----';
|
||||
}
|
||||
}
|
||||
|
||||
@ -2991,7 +2991,7 @@ class File_X509 {
|
||||
return $crl;
|
||||
// case FILE_X509_FORMAT_PEM:
|
||||
default:
|
||||
return "-----BEGIN X509 CRL-----\r\n" . chunk_split(base64_encode($crl)) . '-----END X509 CRL-----';
|
||||
return "-----BEGIN X509 CRL-----\r\n" . chunk_split(base64_encode($crl), 64) . '-----END X509 CRL-----';
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user