ASN1/X509: throw exceptions instead of user_errors

2025-01-21 05:22:08 +01:00 · 2015-07-30 07:33:19 -05:00 · 2015-07-30 07:33:19 -05:00 · 80d84d1009
commit 80d84d1009
parent e264a3835e
3 changed files with 43 additions and 10 deletions
--- a/phpseclib/Exception/UnsupportedAlgorithmException.php
+++ b/phpseclib/Exception/UnsupportedAlgorithmException.php
@ -0,0 +1,26 @@
+<?php
+
+/**
+ * UnsupportedAlgorithmException
+ *
+ * PHP version 5
+ *
+ * @category  Exception
+ * @package   UnsupportedAlgorithmException
+ * @author    Jim Wigginton <terrafrost@php.net>
+ * @copyright 2015 Jim Wigginton
+ * @license   http://www.opensource.org/licenses/mit-license.html  MIT License
+ * @link      http://phpseclib.sourceforge.net
+ */
+
+namespace phpseclib\Exception;
+
+/**
+ * UnsupportedAlgorithmException
+ *
+ * @package UnsupportedAlgorithmException
+ * @author  Jim Wigginton <terrafrost@php.net>
+ */
+class UnsupportedAlgorithmException extends \RuntimeException
+{
+}
--- a/phpseclib/File/ASN1.php
+++ b/phpseclib/File/ASN1.php
@ -793,6 +793,7 @@ class ASN1
     * @param String $mapping
     * @param Integer $idx
     * @return String
+     * @throws \RuntimeException if the input has an error in it
     * @access private
     */
    function _encode_der($source, $mapping, $idx = null, $special = array())
@ -985,7 +986,7 @@ class ASN1
            case self::TYPE_OBJECT_IDENTIFIER:
                $oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids);
                if ($oid === false) {
-                    user_error('Invalid OID');
+                    throw new \RuntimeException('Invalid OID');
                    return false;
                }
                $value = '';
@ -1038,7 +1039,7 @@ class ASN1
                    $filters = $filters[$part];
                }
                if ($filters === false) {
-                    user_error('No filters defined for ' . implode('/', $loc));
+                    throw new \RuntimeException('No filters defined for ' . implode('/', $loc));
                    return false;
                }
                return $this->_encode_der($source, $filters + $mapping, null, $special);
@ -1062,7 +1063,7 @@ class ASN1
                $value = $source ? "\xFF" : "\x00";
                break;
            default:
-                user_error('Mapping provides no type definition for ' . implode('/', $this->location));
+                throw new \RuntimeException('Mapping provides no type definition for ' . implode('/', $this->location));
                return false;
        }

--- a/phpseclib/File/X509.php
+++ b/phpseclib/File/X509.php
@ -31,6 +31,7 @@ use phpseclib\Crypt\RSA;
 use phpseclib\File\ASN1;
 use phpseclib\File\ASN1\Element;
 use phpseclib\Math\BigInteger;
+use phpseclib\Exception\UnsupportedAlgorithmException;

 /**
 * Pure-PHP X.509 Parser
@ -1640,7 +1641,7 @@ class X509
                $map = $this->_getMapping($id);
                if (is_bool($map)) {
                    if (!$map) {
-                        user_error($id . ' is not a currently supported extension');
+                        //user_error($id . ' is not a currently supported extension');
                        unset($extensions[$i]);
                    }
                } else {
@ -1713,7 +1714,7 @@ class X509
                $id = $attributes[$i]['type'];
                $map = $this->_getMapping($id);
                if ($map === false) {
-                    user_error($id . ' is not a currently supported attribute', E_USER_NOTICE);
+                    //user_error($id . ' is not a currently supported attribute', E_USER_NOTICE);
                    unset($attributes[$i]);
                } elseif (is_array($attributes[$i]['value'])) {
                    $values = &$attributes[$i]['value'];
@ -2106,7 +2107,8 @@ class X509
    /**
     * Validates a signature
     *
-     * Returns true if the signature is verified, false if it is not correct or null on error
+     * Returns true if the signature is verified and false if it is not correct.
+     * If the algorithms are unsupposed an exception is thrown.
     *
     * @param String $publicKeyAlgorithm
     * @param String $publicKey
@ -2114,7 +2116,8 @@ class X509
     * @param String $signature
     * @param String $signatureSubject
     * @access private
-     * @return Integer
+     * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported
+     * @return Boolean
     */
    function _validateSignature($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject)
    {
@ -2138,11 +2141,11 @@ class X509
                        }
                        break;
                    default:
-                        return null;
+                        throw new UnsupportedAlgorithmException('Signature algorithm unsupported');
                }
                break;
            default:
-                return null;
+                throw new UnsupportedAlgorithmException('Public key algorithm unsupported');
        }

        return true;
@ -3611,6 +3614,7 @@ class X509
     * @param \phpseclib\File\X509 $subject
     * @param String $signatureAlgorithm
     * @access public
+     * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported
     * @return Mixed
     */
    function _sign($key, $signatureAlgorithm)
@ -3629,10 +3633,12 @@ class X509

                    $this->currentCert['signature'] = base64_encode("\0" . $key->sign($this->signatureSubject));
                    return $this->currentCert;
+                default:
+                    throw new UnsupportedAlgorithmException('Signature algorithm unsupported');
            }
        }

-        return false;
+        throw new UnsupportedAlgorithmException('Unsupported public key algorithm');
    }

    /**