octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-12-27 03:42:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Three fixes

Browse Source 
- Ingore white space in keys
- Handle negative numbers in the same way OpenSSL seems to handle them
- Fix signature verification (thanks Richard Odekerken!)
This commit is contained in:
terrafrost 2012-09-29 14:32:27 -05:00
parent 076050cc19
commit ee25c73a44
1 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
phpseclib/Crypt/RSA.php
View File

@ -943,7 +943,7 @@ class Crypt_RSA {
$iv = pack('H*', trim($matches[2])); $iv = pack('H*', trim($matches[2]));
$symkey = pack('H*', md5($this->password . substr($iv, 0, 8))); // symkey is short for symmetric key $symkey = pack('H*', md5($this->password . substr($iv, 0, 8))); // symkey is short for symmetric key
$symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8); $symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
$ciphertext = preg_replace('#.+(\r|\n|\r\n)\1|[\r\n]|-.+-#s', '', $key); $ciphertext = preg_replace('#.+(\r|\n|\r\n)\1|[\r\n]|-.+-| #s', '', $key);
$ciphertext = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $ciphertext) ? base64_decode($ciphertext) : false; $ciphertext = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $ciphertext) ? base64_decode($ciphertext) : false;
if ($ciphertext === false) { if ($ciphertext === false) {
$ciphertext = $key; $ciphertext = $key;
@ -981,7 +981,7 @@ class Crypt_RSA {
$crypto->setIV($iv); $crypto->setIV($iv);
$decoded = $crypto->decrypt($ciphertext); $decoded = $crypto->decrypt($ciphertext);
} else { } else {
$decoded = preg_replace('#-.+-|[\r\n]#', '', $key); $decoded = preg_replace('#-.+-|[\r\n]| #', '', $key);
$decoded = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $decoded) ? base64_decode($decoded) : false; $decoded = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $decoded) ? base64_decode($decoded) : false;
} }
@ -1045,10 +1045,10 @@ class Crypt_RSA {
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$temp = $this->_string_shift($key, $length); $temp = $this->_string_shift($key, $length);
if (strlen($temp) != 1 || ord($temp) > 2) { if (strlen($temp) != 1 || ord($temp) > 2) {
$components['modulus'] = new Math_BigInteger($temp, -256); $components['modulus'] = new Math_BigInteger($temp, 256);
$this->_string_shift($key); // skip over CRYPT_RSA_ASN1_INTEGER $this->_string_shift($key); // skip over CRYPT_RSA_ASN1_INTEGER
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components[$type == CRYPT_RSA_PUBLIC_FORMAT_PKCS1 ? 'publicExponent' : 'privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), -256); $components[$type == CRYPT_RSA_PUBLIC_FORMAT_PKCS1 ? 'publicExponent' : 'privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256);
return $components; return $components;
} }
@ -1056,28 +1056,28 @@ class Crypt_RSA {
return false; return false;
} }
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['modulus'] = new Math_BigInteger($this->_string_shift($key, $length), -256); $components['modulus'] = new Math_BigInteger($this->_string_shift($key, $length), 256);
$this->_string_shift($key); $this->_string_shift($key);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['publicExponent'] = new Math_BigInteger($this->_string_shift($key, $length), -256); $components['publicExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256);
$this->_string_shift($key); $this->_string_shift($key);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), -256); $components['privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256);
$this->_string_shift($key); $this->_string_shift($key);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), -256)); $components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), 256));
$this->_string_shift($key); $this->_string_shift($key);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), -256); $components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
$this->_string_shift($key); $this->_string_shift($key);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['exponents'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), -256)); $components['exponents'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), 256));
$this->_string_shift($key); $this->_string_shift($key);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), -256); $components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
$this->_string_shift($key); $this->_string_shift($key);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($key, $length), -256)); $components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($key, $length), 256));
if (!empty($key)) { if (!empty($key)) {
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) { if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
@ -1091,13 +1091,13 @@ class Crypt_RSA {
$this->_decodeLength($key); $this->_decodeLength($key);
$key = substr($key, 1); $key = substr($key, 1);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), -256); $components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
$this->_string_shift($key); $this->_string_shift($key);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), -256); $components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
$this->_string_shift($key); $this->_string_shift($key);
$length = $this->_decodeLength($key); $length = $this->_decodeLength($key);
$components['coefficients'][] = new Math_BigInteger($this->_string_shift($key, $length), -256); $components['coefficients'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
} }
} }
@ -1875,7 +1875,7 @@ class Crypt_RSA {
$result = 0; $result = 0;
for ($i = 0; $i < strlen($x); $i++) { for ($i = 0; $i < strlen($x); $i++) {
$result |= $x[$i] ^ $y[$i]; $result |= ord($x[$i]) ^ ord($y[$i]);
} }
return $result == 0; return $result == 0;