Make PEM lines be 64 bytes long instead of 72

Also, add more notes to Crypt_Random's comments
This commit is contained in:
terrafrost 2012-12-18 07:11:24 -06:00
parent 7f5e9f404a
commit e4ccaef7bf
3 changed files with 10 additions and 8 deletions

View File

@ -813,11 +813,11 @@ class Crypt_RSA {
"Proc-Type: 4,ENCRYPTED\r\n" . "Proc-Type: 4,ENCRYPTED\r\n" .
"DEK-Info: DES-EDE3-CBC,$iv\r\n" . "DEK-Info: DES-EDE3-CBC,$iv\r\n" .
"\r\n" . "\r\n" .
chunk_split(base64_encode($des->encrypt($RSAPrivateKey))) . chunk_split(base64_encode($des->encrypt($RSAPrivateKey)), 64) .
'-----END RSA PRIVATE KEY-----'; '-----END RSA PRIVATE KEY-----';
} else { } else {
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
chunk_split(base64_encode($RSAPrivateKey)) . chunk_split(base64_encode($RSAPrivateKey), 64) .
'-----END RSA PRIVATE KEY-----'; '-----END RSA PRIVATE KEY-----';
} }
@ -884,7 +884,7 @@ class Crypt_RSA {
} }
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
chunk_split(base64_encode($RSAPublicKey)) . chunk_split(base64_encode($RSAPublicKey), 64) .
'-----END PUBLIC KEY-----'; '-----END PUBLIC KEY-----';
return $RSAPublicKey; return $RSAPublicKey;

View File

@ -117,7 +117,9 @@ function crypt_random_string($length) {
// on the data sent by all users. one user requests the page and a hash of their info is saved. // on the data sent by all users. one user requests the page and a hash of their info is saved.
// another user visits the page and the serialization of their data is utilized along with the // another user visits the page and the serialization of their data is utilized along with the
// server envirnment stuff and a hash of the previous http request data (which itself utilizes // server envirnment stuff and a hash of the previous http request data (which itself utilizes
// a hash of the session data before that). // a hash of the session data before that). certainly an attacker should be assumed to have
// full control over his own http requests. he, however, is not going to have control over
// everyone's http requests.
static $crypto = false, $v; static $crypto = false, $v;
if ($crypto === false) { if ($crypto === false) {
// save old session data // save old session data

View File

@ -1524,7 +1524,7 @@ class File_X509 {
return $cert; return $cert;
// case FILE_X509_FORMAT_PEM: // case FILE_X509_FORMAT_PEM:
default: default:
return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(base64_encode($cert)) . '-----END CERTIFICATE-----'; return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(base64_encode($cert), 64) . '-----END CERTIFICATE-----';
} }
} }
@ -2150,7 +2150,7 @@ class File_X509 {
// subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits // subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits
// in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox // in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox
// uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do. // uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do.
chunk_split(base64_encode(substr(base64_decode($key), 1))) . chunk_split(base64_encode(substr(base64_decode($key), 1)), 64) .
'-----END PUBLIC KEY-----'; '-----END PUBLIC KEY-----';
default: default:
return $key; return $key;
@ -2877,7 +2877,7 @@ class File_X509 {
return $csr; return $csr;
// case FILE_X509_FORMAT_PEM: // case FILE_X509_FORMAT_PEM:
default: default:
return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(base64_encode($csr)) . '-----END CERTIFICATE REQUEST-----'; return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(base64_encode($csr), 64) . '-----END CERTIFICATE REQUEST-----';
} }
} }
@ -2991,7 +2991,7 @@ class File_X509 {
return $crl; return $crl;
// case FILE_X509_FORMAT_PEM: // case FILE_X509_FORMAT_PEM:
default: default:
return "-----BEGIN X509 CRL-----\r\n" . chunk_split(base64_encode($crl)) . '-----END X509 CRL-----'; return "-----BEGIN X509 CRL-----\r\n" . chunk_split(base64_encode($crl), 64) . '-----END X509 CRL-----';
} }
} }