From 9f61cf60d49367726bc9b147993dab39eafa0c7b Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 15 Apr 2015 13:33:37 +0200 Subject: [PATCH] Verify if returned object is an array The error has to be thrown at this point as otherwise errors and notices are thrown since the time cannot be parsed in L60 and L61 --- lib/private/security/certificate.php | 20 ++++++------- tests/lib/security/certificate.php | 42 ++++++++++++++++++---------- 2 files changed, 38 insertions(+), 24 deletions(-) diff --git a/lib/private/security/certificate.php b/lib/private/security/certificate.php index 468427d0702..0d7fcc4148d 100644 --- a/lib/private/security/certificate.php +++ b/lib/private/security/certificate.php @@ -49,18 +49,18 @@ class Certificate implements ICertificate { */ public function __construct($data, $name) { $this->name = $name; - try { - $gmt = new \DateTimeZone('GMT'); - $info = openssl_x509_parse($data); - $this->commonName = isset($info['subject']['CN']) ? $info['subject']['CN'] : null; - $this->organization = isset($info['subject']['O']) ? $info['subject']['O'] : null; - $this->issueDate = new \DateTime('@' . $info['validFrom_time_t'], $gmt); - $this->expireDate = new \DateTime('@' . $info['validTo_time_t'], $gmt); - $this->issuerName = isset($info['issuer']['CN']) ? $info['issuer']['CN'] : null; - $this->issuerOrganization = isset($info['issuer']['O']) ? $info['issuer']['O'] : null; - } catch (\Exception $e) { + $gmt = new \DateTimeZone('GMT'); + $info = openssl_x509_parse($data); + if(!is_array($info)) { throw new \Exception('Certificate could not get parsed.'); } + + $this->commonName = isset($info['subject']['CN']) ? $info['subject']['CN'] : null; + $this->organization = isset($info['subject']['O']) ? $info['subject']['O'] : null; + $this->issueDate = new \DateTime('@' . $info['validFrom_time_t'], $gmt); + $this->expireDate = new \DateTime('@' . $info['validTo_time_t'], $gmt); + $this->issuerName = isset($info['issuer']['CN']) ? $info['issuer']['CN'] : null; + $this->issuerOrganization = isset($info['issuer']['O']) ? $info['issuer']['O'] : null; } /** diff --git a/tests/lib/security/certificate.php b/tests/lib/security/certificate.php index 361f2f8c38d..7fc8bbbdf25 100644 --- a/tests/lib/security/certificate.php +++ b/tests/lib/security/certificate.php @@ -1,9 +1,22 @@ - * This file is licensed under the Affero General Public License version 3 or - * later. - * See the COPYING-README file. + * @author Lukas Reschke + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * */ use \OC\Security\Certificate; @@ -32,33 +45,34 @@ class CertificateTest extends \Test\TestCase { * @expectedException \Exception * @expectedExceptionMessage Certificate could not get parsed. */ - function testBogusData() { - new Certificate('foo', 'bar'); + public function testBogusData() { + $certificate = new Certificate('foo', 'bar'); + $certificate->getIssueDate(); } - function testGetName() { + public function testGetName() { $this->assertSame('GoodCertificate', $this->goodCertificate->getName()); $this->assertSame('BadCertificate', $this->invalidCertificate->getName()); } - function testGetCommonName() { + public function testGetCommonName() { $this->assertSame('security.owncloud.com', $this->goodCertificate->getCommonName()); $this->assertSame(null, $this->invalidCertificate->getCommonName()); } - function testGetOrganization() { + public function testGetOrganization() { $this->assertSame('ownCloud Inc.', $this->goodCertificate->getOrganization()); $this->assertSame('Internet Widgits Pty Ltd', $this->invalidCertificate->getOrganization()); } - function testGetIssueDate() { + public function testGetIssueDate() { $expected = new DateTime('2014-08-27 08:45:52 GMT'); $this->assertEquals($expected->getTimestamp(), $this->goodCertificate->getIssueDate()->getTimestamp()); $expected = new DateTime('2014-08-27 08:48:51 GMT'); $this->assertEquals($expected->getTimestamp(), $this->invalidCertificate->getIssueDate()->getTimestamp()); } - function testGetExpireDate() { + public function testGetExpireDate() { $expected = new DateTime('2015-08-27 08:45:52 GMT'); $this->assertEquals($expected->getTimestamp(), $this->goodCertificate->getExpireDate()->getTimestamp()); $expected = new DateTime('2015-08-27 08:48:51 GMT'); @@ -70,19 +84,19 @@ class CertificateTest extends \Test\TestCase { /** * Obviously the following test case might fail after 2015-08-27, just create a new certificate with longer validity then */ - function testIsExpired() { + public function testIsExpired() { $this->assertSame(false, $this->goodCertificate->isExpired()); $this->assertSame(false, $this->invalidCertificate->isExpired()); $this->assertSame(true, $this->expiredCertificate->isExpired()); } - function testGetIssuerName() { + public function testGetIssuerName() { $this->assertSame('security.owncloud.com', $this->goodCertificate->getIssuerName()); $this->assertSame(null, $this->invalidCertificate->getIssuerName()); $this->assertSame(null, $this->expiredCertificate->getIssuerName()); } - function testGetIssuerOrganization() { + public function testGetIssuerOrganization() { $this->assertSame('ownCloud Inc.', $this->goodCertificate->getIssuerOrganization()); $this->assertSame('Internet Widgits Pty Ltd', $this->invalidCertificate->getIssuerOrganization()); $this->assertSame('Internet Widgits Pty Ltd', $this->expiredCertificate->getIssuerOrganization()); -- 2.39.5