mirror of
https://github.com/phpseclib/phpseclib.git
synced 2025-01-27 00:58:25 +00:00
RSA: error out when encrypting strings that are too long
This commit is contained in:
parent
dbf3b7fe1c
commit
5d85d5eca1
@ -1667,9 +1667,14 @@ class RSA
|
|||||||
* @access private
|
* @access private
|
||||||
* @param string $m
|
* @param string $m
|
||||||
* @return bool|string
|
* @return bool|string
|
||||||
|
* @throws \OutOfBoundsException if strlen($m) > $this->k
|
||||||
*/
|
*/
|
||||||
function _raw_encrypt($m)
|
function _raw_encrypt($m)
|
||||||
{
|
{
|
||||||
|
if (strlen($m) > $this->k) {
|
||||||
|
throw new \OutOfBoundsException('Message too long');
|
||||||
|
}
|
||||||
|
|
||||||
$temp = $this->_os2ip($m);
|
$temp = $this->_os2ip($m);
|
||||||
$temp = $this->_rsaep($temp);
|
$temp = $this->_rsaep($temp);
|
||||||
return $this->_i2osp($temp, $this->k);
|
return $this->_i2osp($temp, $this->k);
|
||||||
@ -2167,50 +2172,13 @@ class RSA
|
|||||||
{
|
{
|
||||||
switch ($padding) {
|
switch ($padding) {
|
||||||
case self::PADDING_NONE:
|
case self::PADDING_NONE:
|
||||||
$plaintext = str_split($plaintext, $this->k);
|
return $this->_raw_encrypt($plaintext);
|
||||||
$ciphertext = '';
|
|
||||||
foreach ($plaintext as $m) {
|
|
||||||
$temp = $this->_raw_encrypt($m);
|
|
||||||
if ($temp === false) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$ciphertext.= $temp;
|
|
||||||
}
|
|
||||||
return $ciphertext;
|
|
||||||
case self::PADDING_PKCS15_COMPAT:
|
case self::PADDING_PKCS15_COMPAT:
|
||||||
case self::PADDING_PKCS1:
|
case self::PADDING_PKCS1:
|
||||||
$length = $this->k - 11;
|
return $this->_rsaes_pkcs1_v1_5_encrypt($plaintext, $padding == self::PADDING_PKCS15_COMPAT);
|
||||||
if ($length <= 0) {
|
|
||||||
throw new \LengthException('RSA modulus too short (' . $this->k . ' bytes long; should be more than 11 bytes with PKCS1)');
|
|
||||||
}
|
|
||||||
|
|
||||||
$plaintext = str_split($plaintext, $length);
|
|
||||||
$ciphertext = '';
|
|
||||||
foreach ($plaintext as $m) {
|
|
||||||
$temp = $this->_rsaes_pkcs1_v1_5_encrypt($m, $padding == self::PADDING_PKCS15_COMPAT);
|
|
||||||
if ($temp === false) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$ciphertext.= $temp;
|
|
||||||
}
|
|
||||||
return $ciphertext;
|
|
||||||
//case self::PADDING_OAEP:
|
//case self::PADDING_OAEP:
|
||||||
default:
|
default:
|
||||||
$length = $this->k - 2 * $this->hLen - 2;
|
return $this->_rsaes_oaep_encrypt($plaintext);
|
||||||
if ($length <= 0) {
|
|
||||||
throw new \LengthException('RSA modulus too short (' . $this->k . ' bytes long; should be more than ' . (2 * $this->hLen + 2) . ' bytes with OAEP / ' . $this->hashName . ')');
|
|
||||||
}
|
|
||||||
|
|
||||||
$plaintext = str_split($plaintext, $length);
|
|
||||||
$ciphertext = '';
|
|
||||||
foreach ($plaintext as $m) {
|
|
||||||
$temp = $this->_rsaes_oaep_encrypt($m);
|
|
||||||
if ($temp === false) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$ciphertext.= $temp;
|
|
||||||
}
|
|
||||||
return $ciphertext;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2225,36 +2193,15 @@ class RSA
|
|||||||
*/
|
*/
|
||||||
function decrypt($ciphertext, $padding = self::PADDING_OAEP)
|
function decrypt($ciphertext, $padding = self::PADDING_OAEP)
|
||||||
{
|
{
|
||||||
if ($this->k <= 0) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$ciphertext = str_split($ciphertext, $this->k);
|
|
||||||
$ciphertext[count($ciphertext) - 1] = str_pad($ciphertext[count($ciphertext) - 1], $this->k, chr(0), STR_PAD_LEFT);
|
|
||||||
|
|
||||||
$plaintext = '';
|
|
||||||
|
|
||||||
switch ($padding) {
|
switch ($padding) {
|
||||||
case self::PADDING_NONE:
|
case self::PADDING_NONE:
|
||||||
$decrypt = '_raw_encrypt';
|
return $this->_raw_encrypt($ciphertext);
|
||||||
break;
|
|
||||||
case self::PADDING_PKCS1:
|
case self::PADDING_PKCS1:
|
||||||
$decrypt = '_rsaes_pkcs1_v1_5_decrypt';
|
return $this->_rsaes_pkcs1_v1_5_decrypt($ciphertext);
|
||||||
break;
|
|
||||||
//case self::PADDING_OAEP:
|
//case self::PADDING_OAEP:
|
||||||
default:
|
default:
|
||||||
$decrypt = '_rsaes_oaep_decrypt';
|
return $this->_rsaes_oaep_decrypt($ciphertext);
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($ciphertext as $c) {
|
|
||||||
$temp = $this->$decrypt($c);
|
|
||||||
if ($temp === false) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$plaintext.= $temp;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $plaintext;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -67,7 +67,7 @@ p0GbMJDyR4e9T04ZZwIDAQAB
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @expectedException \LengthException
|
* @expectedException \OutOfBoundsException
|
||||||
*/
|
*/
|
||||||
public function testSmallModulo()
|
public function testSmallModulo()
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user