deon/openpgp-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

If session decryption fails, return NULL

Browse Source 
Otherwise it returns false, we try to unpack that, and generally bad
things happen.
This commit is contained in:
Stephen Paul Weber
2018-07-25 09:57:33 -05:00
parent 413741fa84
commit 498e60602b
2 changed files with 20 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/openpgp_crypt_rsa.php
View File

@@ -208,7 +208,8 @@ class OpenPGP_Crypt_RSA {
static function try_decrypt_session($key, $edata) {
$key->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$data = $key->decrypt($edata);
$data = @$key->decrypt($edata);
if(!$data) return NULL;
$sk = substr($data, 1, strlen($data)-3);
$chk = unpack('n', substr($data, -2));
$chk = reset($chk);