Merge pull request #925 from terrafrost/rsa-revamp-part-3

RSA: error out when encrypting strings that are too long
This commit is contained in:
terrafrost 2016-01-21 10:20:53 -06:00
commit 977a4ebeaa
2 changed files with 12 additions and 65 deletions

View File

@ -1667,9 +1667,14 @@ class RSA
* @access private * @access private
* @param string $m * @param string $m
* @return bool|string * @return bool|string
* @throws \OutOfBoundsException if strlen($m) > $this->k
*/ */
function _raw_encrypt($m) function _raw_encrypt($m)
{ {
if (strlen($m) > $this->k) {
throw new \OutOfBoundsException('Message too long');
}
$temp = $this->_os2ip($m); $temp = $this->_os2ip($m);
$temp = $this->_rsaep($temp); $temp = $this->_rsaep($temp);
return $this->_i2osp($temp, $this->k); return $this->_i2osp($temp, $this->k);
@ -2167,50 +2172,13 @@ class RSA
{ {
switch ($padding) { switch ($padding) {
case self::PADDING_NONE: case self::PADDING_NONE:
$plaintext = str_split($plaintext, $this->k); return $this->_raw_encrypt($plaintext);
$ciphertext = '';
foreach ($plaintext as $m) {
$temp = $this->_raw_encrypt($m);
if ($temp === false) {
return false;
}
$ciphertext.= $temp;
}
return $ciphertext;
case self::PADDING_PKCS15_COMPAT: case self::PADDING_PKCS15_COMPAT:
case self::PADDING_PKCS1: case self::PADDING_PKCS1:
$length = $this->k - 11; return $this->_rsaes_pkcs1_v1_5_encrypt($plaintext, $padding == self::PADDING_PKCS15_COMPAT);
if ($length <= 0) {
throw new \LengthException('RSA modulus too short (' . $this->k . ' bytes long; should be more than 11 bytes with PKCS1)');
}
$plaintext = str_split($plaintext, $length);
$ciphertext = '';
foreach ($plaintext as $m) {
$temp = $this->_rsaes_pkcs1_v1_5_encrypt($m, $padding == self::PADDING_PKCS15_COMPAT);
if ($temp === false) {
return false;
}
$ciphertext.= $temp;
}
return $ciphertext;
//case self::PADDING_OAEP: //case self::PADDING_OAEP:
default: default:
$length = $this->k - 2 * $this->hLen - 2; return $this->_rsaes_oaep_encrypt($plaintext);
if ($length <= 0) {
throw new \LengthException('RSA modulus too short (' . $this->k . ' bytes long; should be more than ' . (2 * $this->hLen + 2) . ' bytes with OAEP / ' . $this->hashName . ')');
}
$plaintext = str_split($plaintext, $length);
$ciphertext = '';
foreach ($plaintext as $m) {
$temp = $this->_rsaes_oaep_encrypt($m);
if ($temp === false) {
return false;
}
$ciphertext.= $temp;
}
return $ciphertext;
} }
} }
@ -2225,36 +2193,15 @@ class RSA
*/ */
function decrypt($ciphertext, $padding = self::PADDING_OAEP) function decrypt($ciphertext, $padding = self::PADDING_OAEP)
{ {
if ($this->k <= 0) {
return false;
}
$ciphertext = str_split($ciphertext, $this->k);
$ciphertext[count($ciphertext) - 1] = str_pad($ciphertext[count($ciphertext) - 1], $this->k, chr(0), STR_PAD_LEFT);
$plaintext = '';
switch ($padding) { switch ($padding) {
case self::PADDING_NONE: case self::PADDING_NONE:
$decrypt = '_raw_encrypt'; return $this->_raw_encrypt($ciphertext);
break;
case self::PADDING_PKCS1: case self::PADDING_PKCS1:
$decrypt = '_rsaes_pkcs1_v1_5_decrypt'; return $this->_rsaes_pkcs1_v1_5_decrypt($ciphertext);
break;
//case self::PADDING_OAEP: //case self::PADDING_OAEP:
default: default:
$decrypt = '_rsaes_oaep_decrypt'; return $this->_rsaes_oaep_decrypt($ciphertext);
} }
foreach ($ciphertext as $c) {
$temp = $this->$decrypt($c);
if ($temp === false) {
return false;
}
$plaintext.= $temp;
}
return $plaintext;
} }
/** /**

View File

@ -67,7 +67,7 @@ p0GbMJDyR4e9T04ZZwIDAQAB
} }
/** /**
* @expectedException \LengthException * @expectedException \OutOfBoundsException
*/ */
public function testSmallModulo() public function testSmallModulo()
{ {