Merge pull request #469 from terrafrost/rsa-xml-unsigned

RSA: make XML keys use unsigned integers * terrafrost/rsa-xml-unsigned: RSA: syntax error in unit tests RSA: make unit tests perform string comparisons sans white space chars RSA: update unit test RSA: add unit test RSA: make XML keys use unsigned integers
2024-11-09 07:10:57 +00:00 · 2014-09-09 16:41:58 +02:00 · 2014-09-09 16:41:58 +02:00 · 3f3b9b90fb
commit 3f3b9b90fb
parent f2cab55fd5 f6bd3542b3
2 changed files with 55 additions and 10 deletions
--- a/phpseclib/Crypt/RSA.php
+++ b/phpseclib/Crypt/RSA.php
@ -742,17 +742,18 @@ class Crypt_RSA
     */
    function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients)
    {
+        $signed = $this->privateKeyFormat != CRYPT_RSA_PRIVATE_FORMAT_XML;
        $num_primes = count($primes);
        $raw = array(
            'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi
-            'modulus' => $n->toBytes(true),
-            'publicExponent' => $e->toBytes(true),
-            'privateExponent' => $d->toBytes(true),
-            'prime1' => $primes[1]->toBytes(true),
-            'prime2' => $primes[2]->toBytes(true),
-            'exponent1' => $exponents[1]->toBytes(true),
-            'exponent2' => $exponents[2]->toBytes(true),
-            'coefficient' => $coefficients[2]->toBytes(true)
+            'modulus' => $n->toBytes($signed),
+            'publicExponent' => $e->toBytes($signed),
+            'privateExponent' => $d->toBytes($signed),
+            'prime1' => $primes[1]->toBytes($signed),
+            'prime2' => $primes[2]->toBytes($signed),
+            'exponent1' => $exponents[1]->toBytes($signed),
+            'exponent2' => $exponents[2]->toBytes($signed),
+            'coefficient' => $coefficients[2]->toBytes($signed)
        );

        // if the format in question does not support multi-prime rsa and multi-prime rsa was used,
@ -941,8 +942,10 @@ class Crypt_RSA
     */
    function _convertPublicKey($n, $e)
    {
-        $modulus = $n->toBytes(true);
-        $publicExponent = $e->toBytes(true);
+        $signed = $this->publicKeyFormat != CRYPT_RSA_PUBLIC_FORMAT_XML;
+
+        $modulus = $n->toBytes($signed);
+        $publicExponent = $e->toBytes($signed);

        switch ($this->publicKeyFormat) {
            case CRYPT_RSA_PUBLIC_FORMAT_RAW:
--- a/tests/Unit/Crypt/RSA/LoadKeyTest.php
+++ b/tests/Unit/Crypt/RSA/LoadKeyTest.php
@ -259,4 +259,46 @@ Ao8eayMp6FcvNucIpUndo1X8dKMv3Y26ZQIDAQAB
        $this->assertGreaterThanOrEqual(1, strlen("$rsa"));
        $this->assertFalse($rsa->getPublicKey());
    }
+
+    /**
+    * make phpseclib generated XML keys be unsigned. this may need to be reverted
+    * if it is later learned that XML keys are, in fact, supposed to be signed
+    * @group github468
+    */
+    public function testUnsignedXML()
+    {
+        $rsa = new Crypt_RSA();
+
+        $key = '<RSAKeyValue>
+  <Modulus>v5OxcEgxPUfa701NpxnScCmlRkbwSGBiTWobHkIWZEB+AlRTHaVoZg/D8l6YzR7VdQidG6gF+nuUMjY75dBXgY/XcyVq0Hccf1jTfgARuNuq4GGG3hnCJVi2QsOgcf9R7TeXn+p1RKIhjQoWCiEQeEBTotNbJhcabNcPGSEJw+s=</Modulus>
+  <Exponent>AQAB</Exponent>
+</RSAKeyValue>';
+
+        $rsa->loadKey($key);
+        $rsa->setPublicKey();
+        $newkey = $rsa->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_XML);
+
+        $this->assertSame(preg_replace('#\s#', '', $key), preg_replace('#\s#', '', $newkey));
+    }
+
+    /**
+    * @group github468
+    */
+    public function testSignedPKCS1()
+    {
+        $rsa = new Crypt_RSA();
+
+        $key = '-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/k7FwSDE9R9rvTU2nGdJwKaVG
+RvBIYGJNahseQhZkQH4CVFMdpWhmD8PyXpjNHtV1CJ0bqAX6e5QyNjvl0FeBj9dz
+JWrQdxx/WNN+ABG426rgYYbeGcIlWLZCw6Bx/1HtN5ef6nVEoiGNChYKIRB4QFOi
+01smFxps1w8ZIQnD6wIDAQAB
+-----END PUBLIC KEY-----';
+
+        $rsa->loadKey($key);
+        $rsa->setPublicKey();
+        $newkey = $rsa->getPublicKey();
+
+        $this->assertSame(preg_replace('#\s#', '', $key), preg_replace('#\s#', '', $newkey));
+    }
 }