RSA: throw exceptions instead of returning false

This commit is contained in:
terrafrost 2021-01-05 08:04:40 -06:00
parent 7b7d254a6c
commit bfb49c06e8
3 changed files with 15 additions and 18 deletions

View File

@ -481,7 +481,7 @@ abstract class RSA extends AsymmetricKey
} }
$x = $x->toBytes(); $x = $x->toBytes();
if (strlen($x) > $xLen) { if (strlen($x) > $xLen) {
return false; throw new \OutOfRangeException('Resultant string length out of range');
} }
return str_pad($x, $xLen, chr(0), STR_PAD_LEFT); return str_pad($x, $xLen, chr(0), STR_PAD_LEFT);
} }

View File

@ -79,7 +79,7 @@ class PrivateKey extends RSA implements Common\PrivateKey
private function rsadp($c) private function rsadp($c)
{ {
if ($c->compare(self::$zero) < 0 || $c->compare($this->modulus) > 0) { if ($c->compare(self::$zero) < 0 || $c->compare($this->modulus) > 0) {
return false; throw new \OutOfRangeException('Ciphertext representative out of range');
} }
return $this->exponentiate($c); return $this->exponentiate($c);
} }
@ -96,7 +96,7 @@ class PrivateKey extends RSA implements Common\PrivateKey
private function rsasp1($m) private function rsasp1($m)
{ {
if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) {
return false; throw new \OutOfRangeException('Signature representative out of range');
} }
return $this->exponentiate($m); return $this->exponentiate($m);
} }
@ -224,7 +224,7 @@ class PrivateKey extends RSA implements Common\PrivateKey
$mHash = $this->hash->hash($m); $mHash = $this->hash->hash($m);
if ($emLen < $this->hLen + $sLen + 2) { if ($emLen < $this->hLen + $sLen + 2) {
return false; throw new \LengthException('RSA modulus too short');
} }
$salt = Random::string($sLen); $salt = Random::string($sLen);
@ -333,7 +333,7 @@ class PrivateKey extends RSA implements Common\PrivateKey
// Length checking // Length checking
if (strlen($c) != $this->k) { // or if k < 11 if (strlen($c) != $this->k) { // or if k < 11
return false; throw new \LengthException('Ciphertext representative too long');
} }
// RSA decryption // RSA decryption
@ -341,21 +341,18 @@ class PrivateKey extends RSA implements Common\PrivateKey
$c = $this->os2ip($c); $c = $this->os2ip($c);
$m = $this->rsadp($c); $m = $this->rsadp($c);
$em = $this->i2osp($m, $this->k); $em = $this->i2osp($m, $this->k);
if ($em === false) {
return false;
}
// EME-PKCS1-v1_5 decoding // EME-PKCS1-v1_5 decoding
if (ord($em[0]) != 0 || ord($em[1]) > 2) { if (ord($em[0]) != 0 || ord($em[1]) > 2) {
return false; throw new \RuntimeException('Decryption error');
} }
$ps = substr($em, 2, strpos($em, chr(0), 2) - 2); $ps = substr($em, 2, strpos($em, chr(0), 2) - 2);
$m = substr($em, strlen($ps) + 3); $m = substr($em, strlen($ps) + 3);
if (strlen($ps) < 8) { if (strlen($ps) < 8) {
return false; throw new \RuntimeException('Decryption error');
} }
// Output M // Output M
@ -389,7 +386,7 @@ class PrivateKey extends RSA implements Common\PrivateKey
// be output. // be output.
if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) { if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) {
return false; throw new \LengthException('Ciphertext representative too long');
} }
// RSA decryption // RSA decryption
@ -397,9 +394,6 @@ class PrivateKey extends RSA implements Common\PrivateKey
$c = $this->os2ip($c); $c = $this->os2ip($c);
$m = $this->rsadp($c); $m = $this->rsadp($c);
$em = $this->i2osp($m, $this->k); $em = $this->i2osp($m, $this->k);
if ($em === false) {
return false;
}
// EME-OAEP decoding // EME-OAEP decoding
@ -426,7 +420,7 @@ class PrivateKey extends RSA implements Common\PrivateKey
// we do & instead of && to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation // we do & instead of && to avoid https://en.wikipedia.org/wiki/Short-circuit_evaluation
// to protect against timing attacks // to protect against timing attacks
if (!$hashesMatch & !$patternMatch) { if (!$hashesMatch & !$patternMatch) {
return false; throw new \RuntimeException('Decryption error');
} }
// Output the message M // Output the message M
@ -447,7 +441,7 @@ class PrivateKey extends RSA implements Common\PrivateKey
private function raw_encrypt($m) private function raw_encrypt($m)
{ {
if (strlen($m) > $this->k) { if (strlen($m) > $this->k) {
throw new \LengthException('Message too long'); throw new \LengthException('Ciphertext representative too long');
} }
$temp = $this->os2ip($m); $temp = $this->os2ip($m);
@ -486,7 +480,7 @@ class PrivateKey extends RSA implements Common\PrivateKey
{ {
$type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey'); $type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey');
if (empty($this->modulus) || empty($this->publicExponent)) { if (empty($this->modulus) || empty($this->publicExponent)) {
return false; throw new \RuntimeException('Public key components not found');
} }
$key = $type::savePublicKey($this->modulus, $this->publicExponent); $key = $type::savePublicKey($this->modulus, $this->publicExponent);

View File

@ -87,6 +87,9 @@ class PublicKey extends RSA implements Common\PublicKey
$s = $this->os2ip($s); $s = $this->os2ip($s);
$m2 = $this->rsavp1($s); $m2 = $this->rsavp1($s);
if ($m2 === false) {
return false;
}
$em = $this->i2osp($m2, $this->k); $em = $this->i2osp($m2, $this->k);
if ($em === false) { if ($em === false) {
return false; return false;
@ -400,7 +403,7 @@ class PublicKey extends RSA implements Common\PublicKey
private function rsaep($m) private function rsaep($m)
{ {
if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) {
return false; throw new \OutOfRangeException('Message representative out of range');
} }
return $this->exponentiate($m); return $this->exponentiate($m);
} }