RSA: throw an exception if the modulo is too small

2024-12-26 03:27:31 +00:00 · 2015-10-23 09:20:12 -05:00 · 2015-10-23 09:20:12 -05:00 · 7b1b7c22e2
commit 7b1b7c22e2
parent 1522e6606b
2 changed files with 19 additions and 5 deletions
--- a/phpseclib/Crypt/RSA.php
+++ b/phpseclib/Crypt/RSA.php
@ -1383,9 +1383,7 @@ class RSA
                }
            }

-            $one = new BigInteger(1);
-
-            $r = $one->random($one, $smallest->subtract($one));
+            $r = self::$one->random(self::$one, $smallest->subtract(self::$one));

            $m_i = array(
                1 => $this->_blind($x, $r, 1),
@ -2110,6 +2108,7 @@ class RSA
     * @access public
     * @param string $plaintext
     * @return string
+     * @throws \LengthException if the RSA modulus is too short
     */
    function encrypt($plaintext)
    {
@ -2124,7 +2123,7 @@ class RSA
            case self::ENCRYPTION_PKCS1:
                $length = $this->k - 11;
                if ($length <= 0) {
-                    return false;
+                    throw new \LengthException('RSA modulus too short (' . $this->k . ' bytes long; should be more than 11 bytes with PKCS1)');
                }

                $plaintext = str_split($plaintext, $length);
@ -2137,7 +2136,7 @@ class RSA
            default:
                $length = $this->k - 2 * $this->hLen - 2;
                if ($length <= 0) {
-                    return false;
+                    throw new \LengthException('RSA modulus too short (' . $this->k . ' bytes long; should be more than ' . (2 * $this->hLen - 2) . ' bytes with OAEP / ' . $this->hashName . ')');
                }

                $plaintext = str_split($plaintext, $length);
--- a/tests/Unit/Crypt/RSA/ModeTest.php
+++ b/tests/Unit/Crypt/RSA/ModeTest.php
@ -6,6 +6,7 @@
 */

 use phpseclib\Crypt\RSA;
+use phpseclib\Math\BigInteger;

 class Unit_Crypt_RSA_ModeTest extends PhpseclibTestCase
 {
@ -63,4 +64,18 @@ p0GbMJDyR4e9T04ZZwIDAQAB

        $this->assertTrue($rsa->verify('zzzz', $sig));
    }
+
+    /**
+     * @expectedException \LengthException
+     */
+    public function testSmallModulo()
+    {
+        $plaintext = 'x';
+        $n = new BigInteger(base64_decode('272435F22706FA96DE26E980D22DFF67'), 256);
+        $e = new BigInteger(base64_decode('158753FF2AF4D1E5BBAB574D5AE6B54D'), 256);
+
+        $rsa = new RSA();
+        $rsa->load(array('n' => $n, 'e' => $e));
+        $rsa->encrypt($plaintext);
+    }
 }