Skip to content

Commit

Permalink
X509: algorithmidentifier parameters could get incorrectly set
Browse files Browse the repository at this point in the history
  • Loading branch information
terrafrost committed Dec 4, 2024
1 parent 2914a15 commit 7b43ea0
Showing 1 changed file with 4 additions and 6 deletions.
10 changes: 4 additions & 6 deletions phpseclib/File/X509.php
Original file line number Diff line number Diff line change
Expand Up @@ -519,11 +519,6 @@ public function saveX509(array $cert, $format = self::FORMAT_PEM)
);
}

if ($algorithm == 'rsaEncryption') {
$cert['signatureAlgorithm']['parameters'] = null;
$cert['tbsCertificate']['signature']['parameters'] = null;
}

$filters = [];
$type_utf8_string = ['type' => ASN1::TYPE_UTF8_STRING];
$filters['tbsCertificate']['signature']['parameters'] = $type_utf8_string;
Expand Down Expand Up @@ -2994,7 +2989,10 @@ private static function identifySignatureAlgorithm(PrivateKey $key)
case 'sha256':
case 'sha384':
case 'sha512':
return ['algorithm' => $key->getHash() . 'WithRSAEncryption'];
return [
'algorithm' => $key->getHash() . 'WithRSAEncryption',
'parameters' => null
];
}
throw new UnsupportedAlgorithmException('The only supported hash algorithms for RSA are: md2, md5, sha1, sha224, sha256, sha384, sha512');
}
Expand Down

0 comments on commit 7b43ea0

Please sign in to comment.