MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [events:edit] Correctly collects saved cryptographic keys when pushing an edit

pull/8218/head
Sami Mokaddem 2022-03-17 12:38:19 +01:00
parent b92d8ddb8f
commit 9307a07760
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
app/Model/CryptographicKey.php
View File

@ -210,13 +210,19 @@ class CryptographicKey extends AppModel
public function validateProtectedEvent($raw_data, $user, $pgp_signature, $event)
{
if (empty($event['Event']['CryptographicKey'])) {
$eventCryptoGraphicKey = [];
if (!empty($event['Event']['CryptographicKey'])) { // Depending if $event comes from fetchEvent or from pushed data
$eventCryptoGraphicKey = $event['Event']['CryptographicKey'];
} else if (!empty($event['CryptographicKey'])) {
$eventCryptoGraphicKey = $event['CryptographicKey'];
}
if (empty($eventCryptoGraphicKey)) {
$message = __('No valid signatures found for validating the signature.');
$this->Log = ClassRegistry::init('Log');
$this->Log->createLogEntry($user, 'validateSig', 'Event', $event['Event']['id'], $message);
return false;
}
foreach ($event['Event']['CryptographicKey'] as $supplied_key) {
foreach ($eventCryptoGraphicKey as $supplied_key) {
if ($this->verifySignature($raw_data, base64_decode($pgp_signature), $supplied_key['key_data'])) {
return true;
}