Verify names of certificates

2 files changed, 11 insertions, 4 deletions

diff --git a/apps/files_external/ajax/removeRootCertificate.php b/apps/files_external/ajax/removeRootCertificate.php
index e6795800e03..0931138ad4b 100644
--- a/apps/files_external/ajax/removeRootCertificate.php
+++ b/apps/files_external/ajax/removeRootCertificate.php
@@ -6,6 +6,4 @@ OCP\JSON::callCheck();
 
 $name = $_POST['cert'];
 $certificateManager = \OC::$server->getCertificateManager();
-if (\OC\Files\Filesystem::isValidPath($name)) {
-	$certificateManager->removeCertificate($name);
-}
+$certificateManager->removeCertificate($name);
diff --git a/lib/private/certificatemanager.php b/lib/private/certificatemanager.php
index 72e0541fa40..e07413c127f 100644
--- a/lib/private/certificatemanager.php
+++ b/lib/private/certificatemanager.php
@@ -8,10 +8,12 @@
 
 namespace OC;
 
+use OCP\ICertificateManager;
+
 /**
  * Manage trusted certificates for users
  */
-class CertificateManager {
+class CertificateManager implements ICertificateManager {
 	/**
 	 * @var \OCP\IUser
 	 */
@@ -76,6 +78,9 @@ class CertificateManager {
 	 * @return bool
 	 */
 	public function addCertificate($certificate, $name) {
+		if (!\OC\Files\Filesystem::isValidPath($name)) {
+			return false;
+		}
 		$isValid = openssl_pkey_get_public($certificate);
 
 		if (!$isValid) {
@@ -96,8 +101,12 @@ class CertificateManager {
 
 	/**
 	 * @param string $name
+	 * @return bool
 	 */
 	public function removeCertificate($name) {
+		if (!\OC\Files\Filesystem::isValidPath($name)) {
+			return false;
+		}
 		$path = $this->user->getHome() . '/files_external/uploads/';
 		if (file_exists($path . $name)) {
 			unlink($path . $name);