octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-12-27 03:42:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

ECDSA/Keys/PKCS8: correctly convert private keys to public

Browse Source
This commit is contained in:
terrafrost 2019-04-29 21:45:17 -05:00
parent 227d9c45ef
commit 00b6eaf507
3 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
phpseclib/Crypt/Common/Keys/PKCS8.php
View File

@ -477,6 +477,12 @@ abstract class PKCS8 extends PKCS
throw new UnsupportedAlgorithmException('Only ' . static::OID_NAME . ' keys are supported; this is a ' . $private['privateKeyAlgorithm']['algorithm'] . ' key'); throw new UnsupportedAlgorithmException('Only ' . static::OID_NAME . ' keys are supported; this is a ' . $private['privateKeyAlgorithm']['algorithm'] . ' key');
} }
} }
if (isset($private['publicKey'])) {
if ($private['publicKey'][0] != "\0") {
throw new \UnexpectedValueException('The first byte of the public key should be null - not ' . bin2hex($val));
}
$private['publicKey'] = substr($private['publicKey'], 1);
}
return $private + $meta; return $private + $meta;
} }
@ -488,7 +494,7 @@ abstract class PKCS8 extends PKCS
if (is_array($public)) { if (is_array($public)) {
if ($public['publicKey'][0] != "\0") { if ($public['publicKey'][0] != "\0") {
throw new \UnexpectedValueException('The first byte of the public key should be null - not ' . Hex::encode($val)); throw new \UnexpectedValueException('The first byte of the public key should be null - not ' . bin2hex($val));
} }
if (is_array(static::OID_NAME)) { if (is_array(static::OID_NAME)) {
if (!in_array($public['publicKeyAlgorithm']['algorithm'], static::OID_NAME)) { if (!in_array($public['publicKeyAlgorithm']['algorithm'], static::OID_NAME)) {

2
phpseclib/Crypt/ECDSA/Keys/PKCS8.php
View File

@ -153,7 +153,7 @@ abstract class PKCS8 extends Progenitor
$components['curve'] = $key['publicKeyAlgorithm']['algorithm'] == 'id-Ed25519' ? new Ed25519() : new Ed448(); $components['curve'] = $key['publicKeyAlgorithm']['algorithm'] == 'id-Ed25519' ? new Ed25519() : new Ed448();
} }
$components['QA'] = self::extractPoint(substr($key['publicKey'], 1), $components['curve']); $components['QA'] = self::extractPoint($key['publicKey'], $components['curve']);
} }
if (isset($key['privateKey']) && !isset($components['QA'])) { if (isset($key['privateKey']) && !isset($components['QA'])) {

12
tests/Unit/Crypt/ECDSA/KeyTest.php
View File

@ -238,7 +238,7 @@ MCowBQYDK2VwAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=
// https://security.stackexchange.com/q/110330/15922 elaborates on // https://security.stackexchange.com/q/110330/15922 elaborates on
// why phpseclib is encoding the NULL as opposed to omitting it. // why phpseclib is encoding the NULL as opposed to omitting it.
$expected = '-----BEGIN PUBLIC KEY----- $expected = '-----BEGIN PUBLIC KEY-----
MCwwBwYDK2VwBQADIQC/RAlphM3+hUG6wWfcO5bIUIaqMLa2ywxcOK1wMWZhgA== MCwwBwYDK2VwBQADIQAZv0QJaYTN/oVBusFn3DuWyFCGqjC2tssMXDitcDFm4Q==
-----END PUBLIC KEY-----'; -----END PUBLIC KEY-----';
$this->assertSame($expected, $key->getPublicKey('PKCS8')); $this->assertSame($expected, $key->getPublicKey('PKCS8'));
} }
@ -459,6 +459,16 @@ pomV7r6gmoMYteGVABfgAAAAD3ZhZ3JhbnRAdmFncmFudAECAwQFBg==
$this->assertSame($expected, $actual); $this->assertSame($expected, $actual);
} }
public function testToPublicKey()
{
$key = new ECDSA;
$key->load('-----BEGIN PRIVATE KEY-----
MFICAQEwBwYDK2VwBQAEIgQgS5tTLrcNRaml4g5CgGeMvptuXuSrcrFbl+zVSxHD
H76BIDXmiVv2hLjr5MhZENlKIuz0ak1hUO8MdZ2vgY/nGcUV
-----END PRIVATE KEY-----');
$this->assertInternalType('string', (string) $key->getPublicKey());
}
public static function assertSame($expected, $actual, $message = '') public static function assertSame($expected, $actual, $message = '')
{ {
$expected = str_replace("\r\n", "\n", $expected); $expected = str_replace("\r\n", "\n", $expected);