mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-11-19 11:45:10 +00:00
RSA: more updates per Joey3000
This commit is contained in:
terrafrost
parent
d5a359b41e
commit
c85b356b18
@ -10,7 +10,7 @@
|
|||||||
* <?php
|
* <?php
|
||||||
* include 'vendor/autoload.php';
|
* include 'vendor/autoload.php';
|
||||||
*
|
*
|
||||||
* extract(\phpseclib\Crypt\RSA::::createKey());
|
* extract(\phpseclib\Crypt\RSA::createKey());
|
||||||
*
|
*
|
||||||
* $plaintext = 'terrafrost';
|
* $plaintext = 'terrafrost';
|
||||||
*
|
*
|
||||||
@ -1219,7 +1219,7 @@ class RSA
|
|||||||
* Determines which hashing function should be used
|
* Determines which hashing function should be used
|
||||||
*
|
*
|
||||||
* Used with signature production / verification and (if the encryption mode is self::PADDING_OAEP) encryption and
|
* Used with signature production / verification and (if the encryption mode is self::PADDING_OAEP) encryption and
|
||||||
* decryption. If $hash isn't supported, sha1 is used.
|
* decryption. If $hash isn't supported, sha256 is used.
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @param string $hash
|
* @param string $hash
|
||||||
@ -1266,7 +1266,7 @@ class RSA
|
|||||||
$this->mgfHash = new Hash($hash);
|
$this->mgfHash = new Hash($hash);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
$this->mgfHash = new Hash('sha1');
|
$this->mgfHash = new Hash('sha256');
|
||||||
}
|
}
|
||||||
$this->mgfHLen = $this->mgfHash->getLength();
|
$this->mgfHLen = $this->mgfHash->getLength();
|
||||||
}
|
}
|
||||||
@ -1293,12 +1293,15 @@ class RSA
|
|||||||
* See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}.
|
* See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}.
|
||||||
*
|
*
|
||||||
* @access private
|
* @access private
|
||||||
* @param \phpseclib\Math\BigInteger $x
|
* @param bool|\phpseclib\Math\BigInteger $x
|
||||||
* @param int $xLen
|
* @param int $xLen
|
||||||
* @return bool|string
|
* @return bool|string
|
||||||
*/
|
*/
|
||||||
function _i2osp($x, $xLen)
|
function _i2osp($x, $xLen)
|
||||||
{
|
{
|
||||||
|
if ($x === false) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$x = $x->toBytes();
|
$x = $x->toBytes();
|
||||||
if (strlen($x) > $xLen) {
|
if (strlen($x) > $xLen) {
|
||||||
return false;
|
return false;
|
||||||
@ -1628,10 +1631,10 @@ class RSA
|
|||||||
|
|
||||||
$c = $this->_os2ip($c);
|
$c = $this->_os2ip($c);
|
||||||
$m = $this->_rsadp($c);
|
$m = $this->_rsadp($c);
|
||||||
if ($m === false) {
|
$em = $this->_i2osp($m, $this->k);
|
||||||
|
if ($em === false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$em = $this->_i2osp($m, $this->k);
|
|
||||||
|
|
||||||
// EME-OAEP decoding
|
// EME-OAEP decoding
|
||||||
|
|
||||||
@ -1665,7 +1668,7 @@ class RSA
|
|||||||
*
|
*
|
||||||
* @access private
|
* @access private
|
||||||
* @param string $m
|
* @param string $m
|
||||||
* @return string
|
* @return bool|string
|
||||||
*/
|
*/
|
||||||
function _raw_encrypt($m)
|
function _raw_encrypt($m)
|
||||||
{
|
{
|
||||||
@ -1683,7 +1686,7 @@ class RSA
|
|||||||
* @param string $m
|
* @param string $m
|
||||||
* @param bool $pkcs15_compat optional
|
* @param bool $pkcs15_compat optional
|
||||||
* @throws \OutOfBoundsException if strlen($m) > $this->k - 11
|
* @throws \OutOfBoundsException if strlen($m) > $this->k - 11
|
||||||
* @return string
|
* @return bool|string
|
||||||
*/
|
*/
|
||||||
function _rsaes_pkcs1_v1_5_encrypt($m, $pkcs15_compat = false)
|
function _rsaes_pkcs1_v1_5_encrypt($m, $pkcs15_compat = false)
|
||||||
{
|
{
|
||||||
@ -1755,11 +1758,10 @@ class RSA
|
|||||||
|
|
||||||
$c = $this->_os2ip($c);
|
$c = $this->_os2ip($c);
|
||||||
$m = $this->_rsadp($c);
|
$m = $this->_rsadp($c);
|
||||||
|
$em = $this->_i2osp($m, $this->k);
|
||||||
if ($m === false) {
|
if ($em === false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$em = $this->_i2osp($m, $this->k);
|
|
||||||
|
|
||||||
// EME-PKCS1-v1_5 decoding
|
// EME-PKCS1-v1_5 decoding
|
||||||
|
|
||||||
@ -1896,7 +1898,7 @@ class RSA
|
|||||||
* @access private
|
* @access private
|
||||||
* @param string $m
|
* @param string $m
|
||||||
* @param string $s
|
* @param string $s
|
||||||
* @return string
|
* @return bool|string
|
||||||
*/
|
*/
|
||||||
function _rsassa_pss_verify($m, $s)
|
function _rsassa_pss_verify($m, $s)
|
||||||
{
|
{
|
||||||
@ -1912,9 +1914,6 @@ class RSA
|
|||||||
|
|
||||||
$s2 = $this->_os2ip($s);
|
$s2 = $this->_os2ip($s);
|
||||||
$m2 = $this->_rsavp1($s2);
|
$m2 = $this->_rsavp1($s2);
|
||||||
if ($m2 === false) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$em = $this->_i2osp($m2, $modBits >> 3);
|
$em = $this->_i2osp($m2, $modBits >> 3);
|
||||||
if ($em === false) {
|
if ($em === false) {
|
||||||
return false;
|
return false;
|
||||||
@ -2030,9 +2029,6 @@ class RSA
|
|||||||
|
|
||||||
$s = $this->_os2ip($s);
|
$s = $this->_os2ip($s);
|
||||||
$m2 = $this->_rsavp1($s);
|
$m2 = $this->_rsavp1($s);
|
||||||
if ($m2 === false) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$em = $this->_i2osp($m2, $this->k);
|
$em = $this->_i2osp($m2, $this->k);
|
||||||
if ($em === false) {
|
if ($em === false) {
|
||||||
return false;
|
return false;
|
||||||
@ -2227,7 +2223,7 @@ class RSA
|
|||||||
* @access public
|
* @access public
|
||||||
* @param string $plaintext
|
* @param string $plaintext
|
||||||
* @param int $padding optional
|
* @param int $padding optional
|
||||||
* @return string
|
* @return bool|string
|
||||||
*/
|
*/
|
||||||
function decrypt($ciphertext, $padding = self::PADDING_OAEP)
|
function decrypt($ciphertext, $padding = self::PADDING_OAEP)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -106,13 +106,13 @@ class Identity
|
|||||||
*
|
*
|
||||||
* Wrapper for $this->key->getPublicKey()
|
* Wrapper for $this->key->getPublicKey()
|
||||||
*
|
*
|
||||||
* @param int $format optional
|
* @param int $type optional
|
||||||
* @return mixed
|
* @return mixed
|
||||||
* @access public
|
* @access public
|
||||||
*/
|
*/
|
||||||
function getPublicKey($format = null)
|
function getPublicKey($type = 'PKCS8')
|
||||||
{
|
{
|
||||||
return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format);
|
return $this->key->getPublicKey($type);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -121,13 +121,13 @@ class Identity
|
|||||||
* See "2.6.2 Protocol 2 private key signature request"
|
* See "2.6.2 Protocol 2 private key signature request"
|
||||||
*
|
*
|
||||||
* @param string $message
|
* @param string $message
|
||||||
* @param int|bool $padding
|
* @param int $padding optional
|
||||||
* @return string
|
* @return string
|
||||||
* @throws \RuntimeException on connection errors
|
* @throws \RuntimeException on connection errors
|
||||||
* @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported
|
* @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported
|
||||||
* @access public
|
* @access public
|
||||||
*/
|
*/
|
||||||
function sign($message, $padding = RSA::PADDING_PSS)
|
function sign($message, $padding = RSA::PADDING_PKCS1)
|
||||||
{
|
{
|
||||||
if ($padding != RSA::PADDING_PKCS1 && $padding != RSA::PADDING_RELAXED_PKCS1) {
|
if ($padding != RSA::PADDING_PKCS1 && $padding != RSA::PADDING_RELAXED_PKCS1) {
|
||||||
throw new \UnsupportedAlgorithmException('ssh-agent can only create PKCS1 signatures');
|
throw new \UnsupportedAlgorithmException('ssh-agent can only create PKCS1 signatures');
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user