MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [UI] Do not log exception for invalid key

pull/8231/head
Jakub Onderka 2022-03-20 14:13:00 +01:00
parent 5ccab0d157
commit 611f75026f
1 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
app/Model/CryptographicKey.php
View File

@ -24,7 +24,8 @@ class CryptographicKey extends AppModel
const ERROR_MALFORMED_SIGNATURE = 'Malformed signature',
ERROR_INVALID_SIGNATURE = 'Invalid signature',
ERROR_WRONG_KEY = 'Wrong key';
ERROR_WRONG_KEY = 'Wrong key',
ERROR_INVALID_KEY = 'Invalid key';
public $validTypes = [
'pgp'
@ -135,25 +136,29 @@ class CryptographicKey extends AppModel
{
$this->error = false;
$fingerprint = $this->__extractPGPKeyData($key);
if ($fingerprint === false) {
$this->error = self::ERROR_INVALID_KEY;
return false;
}
$data = preg_replace("/\s+/", "", $data);
try {
$verifiedSignature = $this->gpg->verify($data, $signature);
} catch (Exception $e) {
$this->error = $this::ERROR_WRONG_KEY;
$this->error = self::ERROR_WRONG_KEY;
return false;
}
if (empty($verifiedSignature)) {
$this->error = $this::ERROR_MALFORMED_SIGNATURE;
$this->error = self::ERROR_MALFORMED_SIGNATURE;
return false;
}
if (!$verifiedSignature[0]->isValid()) {
$this->error = $this::ERROR_INVALID_SIGNATURE;
$this->error = self::ERROR_INVALID_SIGNATURE;
return false;
}
if ($verifiedSignature[0]->getKeyFingerprint() === $fingerprint) {
return true;
} else {
$this->error = $this::ERROR_WRONG_KEY;
$this->error = self::ERROR_WRONG_KEY;
return false;
}
}
@ -168,19 +173,22 @@ class CryptographicKey extends AppModel
}
/**
* @param string $data
* @return string|false Primary key fingerprint or false of key is invalid
*/
private function __extractPGPKeyData($data)
{
try {
$gpgTool = new GpgTool($this->gpg);
} catch (Exception $e) {
$this->logException("GPG couldn't be initialized, GPG encryption and signing will be not available.", $e, LOG_NOTICE);
return '';
return false;
}
try {
return $gpgTool->validateGpgKey($data);
} catch (Exception $e) {
$this->logException("Could not validate PGP key.", $e, LOG_NOTICE);
return '';
return false;
}
}