mirror of
https://github.com/phpseclib/phpseclib.git
synced 2025-01-15 19:16:55 +00:00
Math/BinaryField: fix for excessively large degrees
This commit is contained in:
parent
9bfd136259
commit
964d78101a
@ -48,6 +48,15 @@ class BinaryField extends FiniteField
|
|||||||
public function __construct(...$indices)
|
public function __construct(...$indices)
|
||||||
{
|
{
|
||||||
$m = array_shift($indices);
|
$m = array_shift($indices);
|
||||||
|
if ($m > 571) {
|
||||||
|
/* sect571r1 and sect571k1 are the largest binary curves that https://www.secg.org/sec2-v2.pdf defines
|
||||||
|
altho theoretically there may be legit reasons to use binary finite fields with larger degrees
|
||||||
|
imposing a limit on the maximum size is both reasonable and precedented. in particular,
|
||||||
|
http://tools.ietf.org/html/rfc4253#section-6.1 (The Secure Shell (SSH) Transport Layer Protocol) says
|
||||||
|
"implementations SHOULD check that the packet length is reasonable in order for the implementation to
|
||||||
|
avoid denial of service and/or buffer overflow attacks" */
|
||||||
|
throw new \OutOfBoundsException('Degrees larger than 571 are not supported');
|
||||||
|
}
|
||||||
$val = str_repeat('0', $m) . '1';
|
$val = str_repeat('0', $m) . '1';
|
||||||
foreach ($indices as $index) {
|
foreach ($indices as $index) {
|
||||||
$val[$index] = '1';
|
$val[$index] = '1';
|
||||||
|
@ -704,4 +704,20 @@ cN6W+k8UvGf+Y/lDWNbFitQocabsDUvSN0edHH3UKP5QPTz4cOlyIPMrXQ==
|
|||||||
|
|
||||||
$this->assertTrue($key->verify('hello world!', $signature));
|
$this->assertTrue($key->verify('hello world!', $signature));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testExcessivelyLargeBinaryField()
|
||||||
|
{
|
||||||
|
$this->expectException('\OutOfBoundsException');
|
||||||
|
|
||||||
|
$key = '-----BEGIN PUBLIC KEY-----
|
||||||
|
MIIBDDCB0wYHKoZIzj0CATCBxwIBATAgBgcqhkjOPQECMBUCBH////8GCSqGSM49
|
||||||
|
AQIDAgICAMEwTQQZABeFj+t6mJdRaeFx93tAh94JisipEd97AQQZAP37Sb/mw6if
|
||||||
|
rK2qeh5bvHzBwuXYMUeIFAMVABA/rsdNaW5naHVhUXV3f8Wxke8wBDMEAfSBvF8P
|
||||||
|
+Ep0rWzfb970v2F5YlNy2MDF4QAl45nykDcSzPPqnjoa0X+wsyAbavfOGwUCGQEA
|
||||||
|
AAAAAAAAAAAAAADH80p3j0Q6zJIOukkCAQIDNAAEAE2mUTAwdPK952h3G8ZinK8B
|
||||||
|
z9DYTLdGkQDqox3AtEs9nn6kE1O/vHE4bqMegjj4gbA=
|
||||||
|
-----END PUBLIC KEY-----';
|
||||||
|
$key = EC::loadFormat('PKCS8', $key);
|
||||||
|
$this->assertInstanceOf(PublicKey::class, $key);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user