RSA: misc fixes for "without NULL" PKCS1 signature validation

phpseclib/Crypt/RSA.php

@@ -660,6 +660,9 @@ abstract class RSA extends AsymmetricKey
                 break;
             case 'sha512/256':
                 $t = "\x30\x2f\x30\x0b\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x06\x04\x20";
+                break;
+            default:
+                throw new UnsupportedAlgorithmException('md2 and md5 require NULLs');
         }
         $t.= $h;
         $tLen = strlen($t);

phpseclib/Crypt/RSA/PublicKey.php

@@ -20,6 +20,7 @@ use phpseclib3\Common\Functions\Strings;
 use phpseclib3\Crypt\Hash;
 use phpseclib3\Exception\NoKeyLoadedException;
 use phpseclib3\Exception\UnsupportedFormatException;
+use phpseclib3\Exception\UnsupportedAlgorithmException;
 use phpseclib3\Crypt\Random;
 use phpseclib3\Crypt\Common;
 use phpseclib3\File\ASN1\Maps\DigestInfo;
@@ -103,14 +104,18 @@ class PublicKey extends RSA implements Common\PublicKey
         // too short" and stop.
         try {
             $em2 = $this->emsa_pkcs1_v1_5_encode($m, $this->k);
+            $r1 = hash_equals($em, $em2);
         } catch (\LengthException $e) {
             $exception = true;
         }
 
         try {
-            $em3 = $this->emsa_pkcs1_v1_5_encode_witout_null($m, $this->k);
+            $em3 = $this->emsa_pkcs1_v1_5_encode_without_null($m, $this->k);
+            $r2 = hash_equals($em, $em3);
         } catch (\LengthException $e) {
             $exception = true;
+        } catch (UnsupportedAlgorithmException $e) {
+            $r2 = false;
         }
 
         if ($exception) {
@@ -118,7 +123,7 @@ class PublicKey extends RSA implements Common\PublicKey
         }
 
         // Compare
-        return hash_equals($em, $em2) || hash_equals($em, $em3);
+        return $r1 || $r2;
     }
 
     /**