X509: fix niche issue with computeKeyIdentifier

phpseclib · Jan 25, 2021 · 3d47673 · 3d47673 · terrafrost · Jan 25, 2021
1 parent e8b4e4d
commit 3d47673
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 6 deletions.
diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php
@@ -43,6 +43,7 @@
 use phpseclib3\File\ASN1\Element;
 use phpseclib3\File\ASN1\Maps;
 use phpseclib3\Math\BigInteger;
+use phpseclib3\Crypt\PublicKeyLoader;
 
 /**
  * Pure-PHP X.509 Parser
@@ -3690,14 +3691,11 @@ public function computeKeyIdentifier($key = null, $method = 1)
                     return false;
                 }
                 // If the key is private, compute identifier from its corresponding public key.
-                $key = new RSA();
-                if (!$key->load($raw)) {
-                    return false;   // Not an unencrypted RSA key.
-                }
-                if ($key->getPrivateKey() !== false) {  // If private.
+                $key = PublicKeyLoader::load($raw);
+                if ($key instanceof PrivateKey) {  // If private.
                     return $this->computeKeyIdentifier($key, $method);
                 }
-                $key = $raw;    // Is a public key.
+                $key = $raw; // Is a public key.
                 break;
             case $key instanceof X509:
                 if (isset($key->publicKey)) {

diff --git a/tests/Unit/File/X509/X509Test.php b/tests/Unit/File/X509/X509Test.php
@@ -1176,4 +1176,18 @@ public function testMultiCertPEM()
 
         $this->assertIsArray($r);
     }
+
+    /**
+     * @group github1586
+     */
+    public function testComputeKeyIdentifier()
+    {
+        $key = RSA::createKey(512);
+        $key = ASN1::extractBER("$key");
+        $key = ASN1::encodeDER($key, ['type' => ASN1::TYPE_BIT_STRING]);
+        $key = new Element($key);
+
+        $x509 = new X509;
+        $this->assertIsString($x509->computeKeyIdentifier($key));
+    }
 }