From bfb49c06e8a2447827563807d670c565fc01ce9a Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 5 Jan 2021 08:04:40 -0600 Subject: [PATCH] RSA: throw exceptions instead of returning false --- phpseclib/Crypt/RSA.php | 2 +- phpseclib/Crypt/RSA/PrivateKey.php | 26 ++++++++++---------------- phpseclib/Crypt/RSA/PublicKey.php | 5 ++++- 3 files changed, 15 insertions(+), 18 deletions(-) diff --git a/phpseclib/Crypt/RSA.php b/phpseclib/Crypt/RSA.php index 762e0269..90e4e8df 100644 --- a/phpseclib/Crypt/RSA.php +++ b/phpseclib/Crypt/RSA.php @@ -481,7 +481,7 @@ abstract class RSA extends AsymmetricKey } $x = $x->toBytes(); if (strlen($x) > $xLen) { - return false; + throw new \OutOfRangeException('Resultant string length out of range'); } return str_pad($x, $xLen, chr(0), STR_PAD_LEFT); } diff --git a/phpseclib/Crypt/RSA/PrivateKey.php b/phpseclib/Crypt/RSA/PrivateKey.php index c1c73fa8..2830d982 100644 --- a/phpseclib/Crypt/RSA/PrivateKey.php +++ b/phpseclib/Crypt/RSA/PrivateKey.php @@ -79,7 +79,7 @@ class PrivateKey extends RSA implements Common\PrivateKey private function rsadp($c) { if ($c->compare(self::$zero) < 0 || $c->compare($this->modulus) > 0) { - return false; + throw new \OutOfRangeException('Ciphertext representative out of range'); } return $this->exponentiate($c); } @@ -96,7 +96,7 @@ class PrivateKey extends RSA implements Common\PrivateKey private function rsasp1($m) { if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { - return false; + throw new \OutOfRangeException('Signature representative out of range'); } return $this->exponentiate($m); } @@ -224,7 +224,7 @@ class PrivateKey extends RSA implements Common\PrivateKey $mHash = $this->hash->hash($m); if ($emLen < $this->hLen + $sLen + 2) { - return false; + throw new \LengthException('RSA modulus too short'); } $salt = Random::string($sLen); @@ -333,7 +333,7 @@ class PrivateKey extends RSA implements Common\PrivateKey // Length checking if (strlen($c) != $this->k) { // or if k < 11 - return false; + throw new \LengthException('Ciphertext representative too long'); } // RSA decryption @@ -341,21 +341,18 @@ class PrivateKey extends RSA implements Common\PrivateKey $c = $this->os2ip($c); $m = $this->rsadp($c); $em = $this->i2osp($m, $this->k); - if ($em === false) { - return false; - } // EME-PKCS1-v1_5 decoding if (ord($em[0]) != 0 || ord($em[1]) > 2) { - return false; + throw new \RuntimeException('Decryption error'); } $ps = substr($em, 2, strpos($em, chr(0), 2) - 2); $m = substr($em, strlen($ps) + 3); if (strlen($ps) < 8) { - return false; + throw new \RuntimeException('Decryption error'); } // Output M @@ -389,7 +386,7 @@ class PrivateKey extends RSA implements Common\PrivateKey // be output. if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) { - return false; + throw new \LengthException('Ciphertext representative too long'); } // RSA decryption @@ -397,9 +394,6 @@ class PrivateKey extends RSA implements Common\PrivateKey $c = $this->os2ip($c); $m = $this->rsadp($c); $em = $this->i2osp($m, $this->k); - if ($em === false) { - return false; - } // EME-OAEP decoding @@ -426,7 +420,7 @@ class PrivateKey extends RSA implements Common\PrivateKey // we do & instead of && to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation // to protect against timing attacks if (!$hashesMatch & !$patternMatch) { - return false; + throw new \RuntimeException('Decryption error'); } // Output the message M @@ -447,7 +441,7 @@ class PrivateKey extends RSA implements Common\PrivateKey private function raw_encrypt($m) { if (strlen($m) > $this->k) { - throw new \LengthException('Message too long'); + throw new \LengthException('Ciphertext representative too long'); } $temp = $this->os2ip($m); @@ -486,7 +480,7 @@ class PrivateKey extends RSA implements Common\PrivateKey { $type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey'); if (empty($this->modulus) || empty($this->publicExponent)) { - return false; + throw new \RuntimeException('Public key components not found'); } $key = $type::savePublicKey($this->modulus, $this->publicExponent); diff --git a/phpseclib/Crypt/RSA/PublicKey.php b/phpseclib/Crypt/RSA/PublicKey.php index c78be17b..4a080d7c 100644 --- a/phpseclib/Crypt/RSA/PublicKey.php +++ b/phpseclib/Crypt/RSA/PublicKey.php @@ -87,6 +87,9 @@ class PublicKey extends RSA implements Common\PublicKey $s = $this->os2ip($s); $m2 = $this->rsavp1($s); + if ($m2 === false) { + return false; + } $em = $this->i2osp($m2, $this->k); if ($em === false) { return false; @@ -400,7 +403,7 @@ class PublicKey extends RSA implements Common\PublicKey private function rsaep($m) { if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { - return false; + throw new \OutOfRangeException('Message representative out of range'); } return $this->exponentiate($m); }