Merge branch 'master' into php5

* master: RSA: slight adjustment to CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW format
2024-11-09 15:20:58 +00:00 · 2014-06-11 08:05:49 +02:00 · 2014-06-11 08:05:49 +02:00 · 76ac2a863d
commit 76ac2a863d
parent 14ba37c539 90bc07e292
2 changed files with 25 additions and 7 deletions
--- a/phpseclib/Crypt/RSA.php
+++ b/phpseclib/Crypt/RSA.php
@ -218,6 +218,12 @@ define('CRYPT_RSA_PUBLIC_FORMAT_RAW', 3);
 * PKCS#1 formatted public key (raw)
 *
 * Used by File/X509.php
+ *
+ * Has the following header:
+ *
+ * -----BEGIN RSA PUBLIC KEY-----
+ *
+ * Analogous to ssh-keygen's pem format (as specified by -m)
 */
 define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW', 4);
 /**
@ -234,6 +240,14 @@ define('CRYPT_RSA_PUBLIC_FORMAT_OPENSSH', 6);
 * PKCS#1 formatted public key (encapsulated)
 *
 * Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set)
+ *
+ * Has the following header:
+ *
+ * -----BEGIN PUBLIC KEY-----
+ *
+ * Analogous to ssh-keygen's pkcs8 format (as specified by -m)
+ * (the applicability of PKCS8 is dubious since PKCS8 is talking about
+ *  private keys but whatever)
 */
 define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 7);
 /**#@-*/
@ -904,7 +918,11 @@ class Crypt_RSA
                    $components['modulus'], $components['publicExponent']
                );

-                if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1) {
+                if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW) {
+                    $RSAPublicKey = "-----BEGIN RSA PUBLIC KEY-----\r\n" .
+                                    chunk_split(base64_encode($RSAPublicKey), 64) .
+                                    '-----END RSA PUBLIC KEY-----';
+                } else {
                    // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption.
                    $rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA
                    $RSAPublicKey = chr(0) . $RSAPublicKey;
@ -913,11 +931,11 @@ class Crypt_RSA
                    $RSAPublicKey = pack('Ca*a*',
                        CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey
                    );
-                }

-                $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
-                                 chunk_split(base64_encode($RSAPublicKey), 64) .
-                                 '-----END PUBLIC KEY-----';
+                    $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
+                                     chunk_split(base64_encode($RSAPublicKey), 64) .
+                                     '-----END PUBLIC KEY-----';
+                }

                return $RSAPublicKey;
        }
--- a/phpseclib/File/X509.php
+++ b/phpseclib/File/X509.php
@ -2171,12 +2171,12 @@ class File_X509
        switch ($algorithm) {
            case 'rsaEncryption':
                return
-                    "-----BEGIN PUBLIC KEY-----\r\n" .
+                    "-----BEGIN RSA PUBLIC KEY-----\r\n" .
                    // subjectPublicKey is stored as a bit string in X.509 certs.  the first byte of a bit string represents how many bits
                    // in the last byte should be ignored.  the following only supports non-zero stuff but as none of the X.509 certs Firefox
                    // uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do.
                    chunk_split(base64_encode(substr(base64_decode($key), 1)), 64) .
-                    '-----END PUBLIC KEY-----';
+                    '-----END RSA PUBLIC KEY-----';
            default:
                return $key;
        }