octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-11-15 17:57:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '3.0'

Browse Source
This commit is contained in:
terrafrost 2021-01-28 10:09:16 -06:00
commit b296d4a88b
1 changed files with 68 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
phpseclib/Crypt/RSA.php
View File

@ -250,6 +250,14 @@ abstract class RSA extends AsymmetricKey
*/ */
protected static $enableBlinding = true; protected static $enableBlinding = true;
/**
* OpenSSL configuration file name.
*
* @see self::createKey()
* @var ?string
*/
protected static $configFile;
/** /**
* Smallest Prime * Smallest Prime
* *
@ -291,6 +299,19 @@ abstract class RSA extends AsymmetricKey
self::$smallestPrime = $val; self::$smallestPrime = $val;
} }
/**
* Sets the OpenSSL config file path
*
* Set to the empty string to use the default config file
*
* @access public
* @param string $val
*/
public static function setOpenSSLConfigPath($val)
{
self::$configFile = $val;
}
/** /**
* Create a private key * Create a private key
* *
@ -304,11 +325,6 @@ abstract class RSA extends AsymmetricKey
{ {
self::initialize_static_variables(); self::initialize_static_variables();
static $e;
if (!isset($e)) {
$e = new BigInteger(self::$defaultExponent);
}
$regSize = $bits >> 1; // divide by two to see how many bits P and Q would be $regSize = $bits >> 1; // divide by two to see how many bits P and Q would be
if ($regSize > self::$smallestPrime) { if ($regSize > self::$smallestPrime) {
$num_primes = floor($bits / self::$smallestPrime); $num_primes = floor($bits / self::$smallestPrime);
@ -317,6 +333,33 @@ abstract class RSA extends AsymmetricKey
$num_primes = 2; $num_primes = 2;
} }
if ($num_primes == 2 && $bits >= 384 && self::$defaultExponent == 65537) {
if (!isset(self::$engines['PHP'])) {
self::useBestEngine();
}
// OpenSSL uses 65537 as the exponent and requires RSA keys be 384 bits minimum
if (self::$engines['OpenSSL']) {
$config = [];
if (self::$configFile) {
$config['config'] = self::$configFile;
}
$rsa = openssl_pkey_new(['private_key_bits' => $bits] + $config);
openssl_pkey_export($rsa, $privatekeystr, null, $config);
// clear the buffer of error strings stemming from a minimalistic openssl.cnf
while (openssl_error_string() !== false) {
}
return RSA::load($privatekeystr);
}
}
static $e;
if (!isset($e)) {
$e = new BigInteger(self::$defaultExponent);
}
$n = clone self::$one; $n = clone self::$one;
$exponents = $coefficients = $primes = []; $exponents = $coefficients = $primes = [];
$lcm = [ $lcm = [
@ -454,6 +497,18 @@ abstract class RSA extends AsymmetricKey
return $key; return $key;
} }
/**
* Initialize static variables
*/
protected static function initialize_static_variables()
{
if (!isset(self::$configFile)) {
self::$configFile = dirname(__FILE__) . '/../openssl.cnf';
}
parent::initialize_static_variables();
}
/** /**
* Constructor * Constructor
* *
@ -809,6 +864,11 @@ abstract class RSA extends AsymmetricKey
/** /**
* Returns the current engine being used * Returns the current engine being used
* *
* OpenSSL is only used in this class (and it's subclasses) for key generation
* Even then it depends on the parameters you're using. It's not used for
* multi-prime RSA nor is it used if the key length is outside of the range
* supported by OpenSSL
*
* @see self::useInternalEngine() * @see self::useInternalEngine()
* @see self::useBestEngine() * @see self::useBestEngine()
* @access public * @access public
@ -816,7 +876,9 @@ abstract class RSA extends AsymmetricKey
*/ */
public function getEngine() public function getEngine()
{ {
return 'PHP'; return self::$engines['OpenSSL'] && self::$defaultExponent == 65537 ?
'OpenSSL' :
'PHP';
} }
/** /**