mirror of https://github.com/MISP/MISP
fix: [UI] Do not log exception for invalid key
Jakub Onderka
parent
5ccab0d157
commit
611f75026f
|
|
@ -24,7 +24,8 @@ class CryptographicKey extends AppModel
|
||||||
|
|
||||||
const ERROR_MALFORMED_SIGNATURE = 'Malformed signature',
|
const ERROR_MALFORMED_SIGNATURE = 'Malformed signature',
|
||||||
ERROR_INVALID_SIGNATURE = 'Invalid signature',
|
ERROR_INVALID_SIGNATURE = 'Invalid signature',
|
||||||
ERROR_WRONG_KEY = 'Wrong key';
|
ERROR_WRONG_KEY = 'Wrong key',
|
||||||
|
ERROR_INVALID_KEY = 'Invalid key';
|
||||||
|
|
||||||
public $validTypes = [
|
public $validTypes = [
|
||||||
'pgp'
|
'pgp'
|
||||||
|
|
@ -135,25 +136,29 @@ class CryptographicKey extends AppModel
|
||||||
{
|
{
|
||||||
$this->error = false;
|
$this->error = false;
|
||||||
$fingerprint = $this->__extractPGPKeyData($key);
|
$fingerprint = $this->__extractPGPKeyData($key);
|
||||||
|
if ($fingerprint === false) {
|
||||||
|
$this->error = self::ERROR_INVALID_KEY;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$data = preg_replace("/\s+/", "", $data);
|
$data = preg_replace("/\s+/", "", $data);
|
||||||
try {
|
try {
|
||||||
$verifiedSignature = $this->gpg->verify($data, $signature);
|
$verifiedSignature = $this->gpg->verify($data, $signature);
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
$this->error = $this::ERROR_WRONG_KEY;
|
$this->error = self::ERROR_WRONG_KEY;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (empty($verifiedSignature)) {
|
if (empty($verifiedSignature)) {
|
||||||
$this->error = $this::ERROR_MALFORMED_SIGNATURE;
|
$this->error = self::ERROR_MALFORMED_SIGNATURE;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (!$verifiedSignature[0]->isValid()) {
|
if (!$verifiedSignature[0]->isValid()) {
|
||||||
$this->error = $this::ERROR_INVALID_SIGNATURE;
|
$this->error = self::ERROR_INVALID_SIGNATURE;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if ($verifiedSignature[0]->getKeyFingerprint() === $fingerprint) {
|
if ($verifiedSignature[0]->getKeyFingerprint() === $fingerprint) {
|
||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
$this->error = $this::ERROR_WRONG_KEY;
|
$this->error = self::ERROR_WRONG_KEY;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -168,19 +173,22 @@ class CryptographicKey extends AppModel
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $data
|
||||||
|
* @return string|false Primary key fingerprint or false of key is invalid
|
||||||
|
*/
|
||||||
private function __extractPGPKeyData($data)
|
private function __extractPGPKeyData($data)
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
$gpgTool = new GpgTool($this->gpg);
|
$gpgTool = new GpgTool($this->gpg);
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
$this->logException("GPG couldn't be initialized, GPG encryption and signing will be not available.", $e, LOG_NOTICE);
|
$this->logException("GPG couldn't be initialized, GPG encryption and signing will be not available.", $e, LOG_NOTICE);
|
||||||
return '';
|
return false;
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
return $gpgTool->validateGpgKey($data);
|
return $gpgTool->validateGpgKey($data);
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
$this->logException("Could not validate PGP key.", $e, LOG_NOTICE);
|
return false;
|
||||||
return '';
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue