octoleo
/
phpseclib
mirror of https://github.com/phpseclib/phpseclib.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch '2.0' into 3.0

This commit is contained in:
terrafrost 2021-06-12 07:58:20 -05:00
parent d1666cac50 f5c4c19880
commit 07423805ac
2 changed files with 46 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
phpseclib/Crypt/RSA/PrivateKey.php
View File

@ -417,9 +417,9 @@ class PrivateKey extends RSA implements Common\PrivateKey
$offset+= $patternMatch ? 0 : 1;
}
// we do & instead of && to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation
// we do | instead of || to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation
// to protect against timing attacks
if (!$hashesMatch & !$patternMatch) {
if (!$hashesMatch | !$patternMatch) {
throw new \RuntimeException('Decryption error');
}

44
tests/Unit/Crypt/RSA/ModeTest.php
View File

@ -203,4 +203,48 @@ E252896950917476ECE5E8FC27D5F053D6018D91B502C4787558A002B9283DA7', 16),
//$rsa = $rsa->withHash('sha256');
$this->assertTrue($rsa->verify($message, $signature));
}
/**
* @group github1669
*/
public function testOAEPWithLabel()
{
$publicKey = PublicKeyLoader::load('-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnkFHQbt801+kMnxn0VmMVljp8
XdsbLEziLul3MwwckBDHwW6UDvYjN7vzJ/OM2RTxTbzilDcXJ37Zqz4qlDvXwSNm
gIe+3dpuuRQRrJuJP6FD8zDTkRmg3QWOIIPBTzCqOtJKgWjFwMMxfCOBFEv6Ldn5
Ac0i9ARl0/aNTWjvGwIDAQAB
-----END PUBLIC KEY-----');
$privateKey = PublicKeyLoader::load('-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKeQUdBu3zTX6Qyf
GfRWYxWWOnxd2xssTOIu6XczDByQEMfBbpQO9iM3u/Mn84zZFPFNvOKUNxcnftmr
PiqUO9fBI2aAh77d2m65FBGsm4k/oUPzMNORGaDdBY4gg8FPMKo60kqBaMXAwzF8
I4EUS/ot2fkBzSL0BGXT9o1NaO8bAgMBAAECgYAO2OPW8ywF86ervaFAHDN1YzVV
db+HXdqGJB/9tuE42q8R9BrHNbgrkLGvrveOoGGRrBCzhuyGubIsuVat0SqoI6qE
nB9uahaIBfF5FZ7+bNW5OfkgerUUYP1S1MGFxUqINnUY1YHITmo6pUKHsiJtP7si
hnCT6uEx8LqVNf1quQJBANs+VCZVUDq6eMy3E/u03HiAB8cyqLVMVQ4cLyoiWmFl
nEFzZwMd20ZMjtcxICiizW3dlDvyxWYKH93irL0JyM0CQQDDp/VFsh83vKICVvM9
IZHwE/Z8vZA3eTkGbWmgnr6qaxqge3FU02kUvIHHlvLmXYIt30lTq0Rn+Lz+TGV/
jDeHAkBHYSaSiGojhLx5og1+gKbbEIv3vbWRuTVj76cnZ6HXXfaelIzwRdMzMw+6
XgMjV8XcRCzTy7ma/Cbd3cPxk/LtAkEAwkehMVexz/KrHI+icG1JMI9iDnNdJPhm
O4+hdzCqOyanBfwNiSF0Encslze4ci8f+NTjRwWlo2hGomzRzFk7OQJAPPd/o0az
kg9nF+JxLiz7hF+/6MLVZgIfw04u05ANtOSVVQP4UTmJ/tNAe3OBUQVlRQAJ1m3j
zUlir0ACPypC1Q==
-----END PRIVATE KEY-----');
$data = 'The quick brown fox jumps over the lazy dog';
$ciphertext = $publicKey->withLabel('whatever')->encrypt($data);
try {
$this->assertFalse($privateKey->decrypt($ciphertext));
$this->fail('Ciphertext should not have decrypted');
} catch (\Exception $e) {
}
$decrypted = $privateKey->withLabel('whatever')->decrypt($ciphertext);
$this->assertSame($data, $decrypted);
}
}