RSA: rm ENCRYPTION_PKCS15_COMPAT mode

This commit is contained in:
terrafrost 2020-04-19 15:10:38 -05:00
parent 881fbd78ee
commit 0b231cc53b
3 changed files with 2 additions and 28 deletions

View File

@ -109,12 +109,6 @@ abstract class RSA extends AsymmetricKey
* stuff, if you're trying to diagnose why an encrypted message isn't decrypting, etc.
*/
const ENCRYPTION_NONE = 4;
/**
* Use PKCS#1 padding with PKCS1 v1.5 compatibility
*
* A PKCS1 v2.1 encrypted message may not successfully decrypt with a PKCS1 v1.5 implementation (such as OpenSSL).
*/
const ENCRYPTION_PKCS15_COMPAT = 8;
/**#@-*/
/**#@+
@ -747,8 +741,7 @@ abstract class RSA extends AsymmetricKey
$masks = [
self::ENCRYPTION_OAEP,
self::ENCRYPTION_PKCS1,
self::ENCRYPTION_NONE,
self::ENCRYPTION_PKCS15_COMPAT
self::ENCRYPTION_NONE
];
$numSelected = 0;
$selected = 0;

View File

@ -324,17 +324,6 @@ class PrivateKey extends RSA implements Common\PrivateKey
*
* See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}.
*
* For compatibility purposes, this function departs slightly from the description given in RFC3447.
* The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the
* private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the
* public key should have the second byte set to 2. In RFC3447 (PKCS#1 v2.1), the second byte is supposed
* to be 2 regardless of which key is used. For compatibility purposes, we'll just check to make sure the
* second byte is 2 or less. If it is, we'll accept the decrypted string as valid.
*
* As a consequence of this, a private key encrypted ciphertext produced with \phpseclib3\Crypt\RSA may not decrypt
* with a strictly PKCS#1 v1.5 compliant RSA implementation. Public key encrypted ciphertext's should but
* not private key encrypted ciphertext's.
*
* @access private
* @param string $c
* @return bool|string

View File

@ -329,12 +329,6 @@ class PublicKey extends RSA implements Common\PublicKey
$ps.= $temp;
}
$type = 2;
// see the comments of _rsaes_pkcs1_v1_5_decrypt() to understand why this is being done
if ($pkcs15_compat && (!isset($this->publicExponent) || $this->exponent !== $this->publicExponent)) {
$type = 1;
// "The padding string PS shall consist of k-3-||D|| octets. ... for block type 01, they shall have value FF"
$ps = str_repeat("\xFF", $psLen);
}
$em = chr(0) . chr($type) . $ps . chr(0) . $m;
// RSA encryption
@ -450,10 +444,8 @@ class PublicKey extends RSA implements Common\PublicKey
switch ($this->encryptionPadding) {
case self::ENCRYPTION_NONE:
return $this->raw_encrypt($plaintext);
case self::ENCRYPTION_PKCS15_COMPAT:
case self::ENCRYPTION_PKCS1:
$pkcs15_compat = $this->encryptionPadding & self::ENCRYPTION_PKCS15_COMPAT;
return $this->rsaes_pkcs1_v1_5_encrypt($plaintext, $pkcs15_compat);
return $this->rsaes_pkcs1_v1_5_encrypt($plaintext);
//case self::ENCRYPTION_OAEP:
default:
return $this->rsaes_oaep_encrypt($plaintext);