diff --git a/lib/openpgp_crypt_aes_tripledes.php b/lib/openpgp_crypt_aes_tripledes.php index cf1de66..9ba22a4 100644 --- a/lib/openpgp_crypt_aes_tripledes.php +++ b/lib/openpgp_crypt_aes_tripledes.php @@ -37,10 +37,10 @@ class OpenPGP_Crypt_AES_TripleDES { if(strlen($p->encrypted_data) < 1) { if($epacket instanceof OpenPGP_IntegrityProtectedDataPacket) { - $data = substr($cipher->decrypt($epacket->data . str_repeat("\0", $padAmount)), 0, strlen($epacket->data)); - $prefix = substr($data, 0, $key_block_bytes + 2); - $mdc = substr(substr($data, -22, 22), 2); - $data = substr($data, $key_block_bytes + 2, -22); + $data = substr($cipher->decrypt($epacket->data . str_repeat("\0", $padAmount)), 0, strlen($epacket->data)); + $prefix = substr($data, 0, $key_block_bytes + 2); + $mdc = substr(substr($data, -22, 22), 2); + $data = substr($data, $key_block_bytes + 2, -22); $mkMDC = hash("sha1", $prefix . $data . "\xD3\x14", true); if($mkMDC !== $mdc) return false; @@ -50,7 +50,17 @@ class OpenPGP_Crypt_AES_TripleDES { } catch (Exception $ex) { $msg = NULL; } if($msg) return $msg; /* Otherwise keep trying */ } else { - // TODO (resync) + // No MDC mean decrypt with resync + $iv = substr($epacket->data, 2, $key_block_bytes); + $edata = substr($epacket->data, $key_block_bytes + 2); + + $cipher->setIV($iv); + $data = substr($cipher->decrypt($edata . str_repeat("\0", $padAmount)), 0, strlen($edata)); + + try { + $msg = OpenPGP_Message::parse($data); + } catch (Exception $ex) { $msg = NULL; } + if($msg) return $msg; /* Otherwise keep trying */ } } else { // TODO diff --git a/tests/phpseclib_suite.php b/tests/phpseclib_suite.php index 9501268..c5c0e8d 100644 --- a/tests/phpseclib_suite.php +++ b/tests/phpseclib_suite.php @@ -88,9 +88,9 @@ class Decryption extends PHPUnit_Framework_TestCase { public function testDecryptSessionKey() { $this->oneSymmetric("hello", "PGP\n", "symmetric-with-session-key.gpg"); } +*/ public function testDecryptNoMDC() { $this->oneSymmetric("hello", "PGP\n", "symmetric-no-mdc.gpg"); } -*/ }