From 80d84d10091091196bed72dff127185a48dee469 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Thu, 30 Jul 2015 07:33:19 -0500 Subject: [PATCH] ASN1/X509: throw exceptions instead of user_errors --- .../UnsupportedAlgorithmException.php | 26 +++++++++++++++++++ phpseclib/File/ASN1.php | 7 ++--- phpseclib/File/X509.php | 20 +++++++++----- 3 files changed, 43 insertions(+), 10 deletions(-) create mode 100644 phpseclib/Exception/UnsupportedAlgorithmException.php diff --git a/phpseclib/Exception/UnsupportedAlgorithmException.php b/phpseclib/Exception/UnsupportedAlgorithmException.php new file mode 100644 index 00000000..47cc41d4 --- /dev/null +++ b/phpseclib/Exception/UnsupportedAlgorithmException.php @@ -0,0 +1,26 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Exception; + +/** + * UnsupportedAlgorithmException + * + * @package UnsupportedAlgorithmException + * @author Jim Wigginton + */ +class UnsupportedAlgorithmException extends \RuntimeException +{ +} diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index 6fb59a7c..acfa5be8 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -793,6 +793,7 @@ class ASN1 * @param String $mapping * @param Integer $idx * @return String + * @throws \RuntimeException if the input has an error in it * @access private */ function _encode_der($source, $mapping, $idx = null, $special = array()) @@ -985,7 +986,7 @@ class ASN1 case self::TYPE_OBJECT_IDENTIFIER: $oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids); if ($oid === false) { - user_error('Invalid OID'); + throw new \RuntimeException('Invalid OID'); return false; } $value = ''; @@ -1038,7 +1039,7 @@ class ASN1 $filters = $filters[$part]; } if ($filters === false) { - user_error('No filters defined for ' . implode('/', $loc)); + throw new \RuntimeException('No filters defined for ' . implode('/', $loc)); return false; } return $this->_encode_der($source, $filters + $mapping, null, $special); @@ -1062,7 +1063,7 @@ class ASN1 $value = $source ? "\xFF" : "\x00"; break; default: - user_error('Mapping provides no type definition for ' . implode('/', $this->location)); + throw new \RuntimeException('Mapping provides no type definition for ' . implode('/', $this->location)); return false; } diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index af46790f..b50e7247 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -31,6 +31,7 @@ use phpseclib\Crypt\RSA; use phpseclib\File\ASN1; use phpseclib\File\ASN1\Element; use phpseclib\Math\BigInteger; +use phpseclib\Exception\UnsupportedAlgorithmException; /** * Pure-PHP X.509 Parser @@ -1640,7 +1641,7 @@ class X509 $map = $this->_getMapping($id); if (is_bool($map)) { if (!$map) { - user_error($id . ' is not a currently supported extension'); + //user_error($id . ' is not a currently supported extension'); unset($extensions[$i]); } } else { @@ -1713,7 +1714,7 @@ class X509 $id = $attributes[$i]['type']; $map = $this->_getMapping($id); if ($map === false) { - user_error($id . ' is not a currently supported attribute', E_USER_NOTICE); + //user_error($id . ' is not a currently supported attribute', E_USER_NOTICE); unset($attributes[$i]); } elseif (is_array($attributes[$i]['value'])) { $values = &$attributes[$i]['value']; @@ -2106,7 +2107,8 @@ class X509 /** * Validates a signature * - * Returns true if the signature is verified, false if it is not correct or null on error + * Returns true if the signature is verified and false if it is not correct. + * If the algorithms are unsupposed an exception is thrown. * * @param String $publicKeyAlgorithm * @param String $publicKey @@ -2114,7 +2116,8 @@ class X509 * @param String $signature * @param String $signatureSubject * @access private - * @return Integer + * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @return Boolean */ function _validateSignature($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject) { @@ -2138,11 +2141,11 @@ class X509 } break; default: - return null; + throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); } break; default: - return null; + throw new UnsupportedAlgorithmException('Public key algorithm unsupported'); } return true; @@ -3611,6 +3614,7 @@ class X509 * @param \phpseclib\File\X509 $subject * @param String $signatureAlgorithm * @access public + * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported * @return Mixed */ function _sign($key, $signatureAlgorithm) @@ -3629,10 +3633,12 @@ class X509 $this->currentCert['signature'] = base64_encode("\0" . $key->sign($this->signatureSubject)); return $this->currentCert; + default: + throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); } } - return false; + throw new UnsupportedAlgorithmException('Unsupported public key algorithm'); } /**