mirror of https://github.com/MISP/MISP
fix: [UI] Do not log exception for invalid key
parent
5ccab0d157
commit
611f75026f
|
@ -24,7 +24,8 @@ class CryptographicKey extends AppModel
|
|||
|
||||
const ERROR_MALFORMED_SIGNATURE = 'Malformed signature',
|
||||
ERROR_INVALID_SIGNATURE = 'Invalid signature',
|
||||
ERROR_WRONG_KEY = 'Wrong key';
|
||||
ERROR_WRONG_KEY = 'Wrong key',
|
||||
ERROR_INVALID_KEY = 'Invalid key';
|
||||
|
||||
public $validTypes = [
|
||||
'pgp'
|
||||
|
@ -135,25 +136,29 @@ class CryptographicKey extends AppModel
|
|||
{
|
||||
$this->error = false;
|
||||
$fingerprint = $this->__extractPGPKeyData($key);
|
||||
if ($fingerprint === false) {
|
||||
$this->error = self::ERROR_INVALID_KEY;
|
||||
return false;
|
||||
}
|
||||
$data = preg_replace("/\s+/", "", $data);
|
||||
try {
|
||||
$verifiedSignature = $this->gpg->verify($data, $signature);
|
||||
} catch (Exception $e) {
|
||||
$this->error = $this::ERROR_WRONG_KEY;
|
||||
$this->error = self::ERROR_WRONG_KEY;
|
||||
return false;
|
||||
}
|
||||
if (empty($verifiedSignature)) {
|
||||
$this->error = $this::ERROR_MALFORMED_SIGNATURE;
|
||||
$this->error = self::ERROR_MALFORMED_SIGNATURE;
|
||||
return false;
|
||||
}
|
||||
if (!$verifiedSignature[0]->isValid()) {
|
||||
$this->error = $this::ERROR_INVALID_SIGNATURE;
|
||||
$this->error = self::ERROR_INVALID_SIGNATURE;
|
||||
return false;
|
||||
}
|
||||
if ($verifiedSignature[0]->getKeyFingerprint() === $fingerprint) {
|
||||
return true;
|
||||
} else {
|
||||
$this->error = $this::ERROR_WRONG_KEY;
|
||||
$this->error = self::ERROR_WRONG_KEY;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
@ -168,19 +173,22 @@ class CryptographicKey extends AppModel
|
|||
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $data
|
||||
* @return string|false Primary key fingerprint or false of key is invalid
|
||||
*/
|
||||
private function __extractPGPKeyData($data)
|
||||
{
|
||||
try {
|
||||
$gpgTool = new GpgTool($this->gpg);
|
||||
} catch (Exception $e) {
|
||||
$this->logException("GPG couldn't be initialized, GPG encryption and signing will be not available.", $e, LOG_NOTICE);
|
||||
return '';
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
return $gpgTool->validateGpgKey($data);
|
||||
} catch (Exception $e) {
|
||||
$this->logException("Could not validate PGP key.", $e, LOG_NOTICE);
|
||||
return '';
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue