Bug #55396
closed"Invalid RSA public key" malfunction on (backend) login
100%
Description
I don't know what exactly causes this problem, but when we upgraded to PHP 5.4, backend login to our TYPO3 installations (6.1.x, but also 6.2 beta) started failing with the (JavaScript) error message "Invalid RSA public key". Only disabling RSA authentication solved the problem (I guess that FE login would have also been affected, but I didn't investigate).
Today I tracked this down to a failing openssl_csr_new()
call in rsaauth/Classes/Backend/PhpBackend.php
. It turned out that changing
$csr = openssl_csr_new(array(), $privateKey);
to
$csr = openssl_csr_new(array( "localityName" => "foo", "organizationName" => "bar", ), $privateKey);
solves the problem. If you omit either of the two keys (the actual values don't seem to matter), login will fail and you'll get that "Invalid RSA public key" error message again. So at least in our installation context (Gentoo Linux, Kernel 3.8.3-hardened, OpenSSL 1.0.1f, PHP 5.4.24), these arguments seem to be mandatory for RSA authentication to work.
Please find attached a patch for PhpBackend.php
.
Files