View GitHub Repository CAT

Schedule Inspection
Subscribe
Test Setup Failed
Push — master ( 5c3ffb...0dd6e1 )
by Stefan
11:12
created
Status
Category
Toggle Patches
core/CertificationAuthorityEmbeddedRSA.php 1 patch
Spacing   +20 added lines, -20 removed lines patch added patch discarded remove patch 
@@ -16,10 +16,10 @@  discard block
 
 block discarded – undo
16 16 
 class CertificationAuthorityEmbeddedRSA extends EntityWithDBProperties implements CertificationAuthorityInterface
17 17 
 {
18 18
19 
-    private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-RSA.pem";
20 
-    private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-RSA.pem";
21 
-    private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-RSA.key";
22 
-    private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-RSA.cnf";
19 
+    private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-RSA.pem";
20 
+    private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-RSA.pem";
21 
+    private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-RSA.key";
22 
+    private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-RSA.cnf";
23 23
24 24 
     /**
25 25 
      * string with the PEM variant of the root CA
 
@@ -66,11 +66,11 @@  discard block
 
 block discarded – undo
66 66 
         parent::__construct();
67 67 
         $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA);
68 68 
         if ($this->rootPem === FALSE) {
69 
-            throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA);
69 
+            throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA);
70 70 
         }
71 71 
         $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA);
72 72 
         if ($this->issuingCertRaw === FALSE) {
73 
-            throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA);
73 
+            throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA);
74 74 
         }
75 75 
         $rootParsed = openssl_x509_read($this->rootPem);
76 76 
         $issuingCertCandidate = openssl_x509_read($this->issuingCertRaw);
 
@@ -80,15 +80,15 @@  discard block
 
 block discarded – undo
80 80 
         }
81 81 
         $this->issuingCert = $issuingCertCandidate;
82 82 
         if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY) === FALSE) {
83 
-            throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY);
83 
+            throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY);
84 84 
         }
85 
-        $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY);
85 
+        $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY);
86 86 
         if ($issuingKeyTemp === FALSE || is_resource($issuingKeyTemp)) {
87 87 
             throw new Exception("The private key did not parse correctly (or is not a PHP8 object)!");
88 88 
         }
89 89 
         $this->issuingKey = $issuingKeyTemp;
90 90 
         if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG) === FALSE) {
91 
-            throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG);
91 
+            throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG);
92 92 
         }
93 93 
         $this->conffile = CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG;
94 94 
     }
 
@@ -131,27 +131,27 @@  discard block
 
 block discarded – undo
131 131 
         // generate stub index.txt file
132 132 
         $tempdirArray = \core\common\Entity::createTemporaryDirectory("test");
133 133 
         $tempdir = $tempdirArray['dir'];
134 
-        $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z";
135 
-        $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z";
134 
+        $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z";
135 
+        $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z";
136 136 
         // serials for our CA are always integers
137 137 
         $serialHex = strtoupper(dechex((int) $cert->serial));
138 138 
         if (strlen($serialHex) % 2 == 1) {
139 
-            $serialHex = "0" . $serialHex;
139 
+            $serialHex = "0".$serialHex;
140 140 
         }
141 141
142 
-        $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n";
142 
+        $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n";
143 143 
         $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement");
144 
-        if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) {
144 
+        if (!file_put_contents($tempdir."/index.txt", $indexStatement)) {
145 145 
             $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!");
146 146 
         }
147 147 
         // index.txt.attr is dull but needs to exist
148 
-        file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n");
148 
+        file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n");
149 149 
         // call "openssl ocsp" to manufacture our own OCSP statement
150 150 
         // adding "-rmd sha1" to the following command-line makes the
151 151 
         // choice of signature algorithm for the response explicit
152 152 
         // but it's only available from openssl-1.1.0 (which we do not
153 153 
         // want to require just for that one thing).
154 
-        $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der";
154 
+        $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der";
155 155 
         $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n");
156 156 
         $output = [];
157 157 
         $return = 999;
 
@@ -159,11 +159,11 @@  discard block
 
 block discarded – undo
159 159 
         if ($return !== 0) {
160 160 
             throw new Exception("Non-zero return value from openssl ocsp!");
161 161 
         }
162 
-        $ocsp = file_get_contents($tempdir . "/$serialHex.response.der");
162 
+        $ocsp = file_get_contents($tempdir."/$serialHex.response.der");
163 163 
         // remove the temp dir!
164 
-        unlink($tempdir . "/$serialHex.response.der");
165 
-        unlink($tempdir . "/index.txt.attr");
166 
-        unlink($tempdir . "/index.txt");
164 
+        unlink($tempdir."/$serialHex.response.der");
165 
+        unlink($tempdir."/index.txt.attr");
166 
+        unlink($tempdir."/index.txt");
167 167 
         rmdir($tempdir);
168 168 
         $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial);
169 169 
         return $ocsp;
Please login to merge, or discard this patch.
web/admin/inc/filepreview.php 1 patch
Spacing   +3 added lines, -3 removed lines patch added patch discarded remove patch 
@@ -22,7 +22,7 @@  discard block
 
 block discarded – undo
22 22 
 ?>
23 23 
 <?php
24 24
25 
-require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php";
25 
+require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php";
26 26
27 27 
 $validator = new \web\lib\common\InputValidation();
28 28 
 $idRaw = $_GET["id"] ?? "";
 
@@ -37,7 +37,7 @@  discard block
 
 block discarded – undo
37 37 
         // Set data type and caching for 30 days
38 38 
         $info = new finfo();
39 39 
         $filetype = $info->buffer($finalBlob, FILEINFO_MIME_TYPE);
40 
-        header("Content-type: " . $filetype);
40 
+        header("Content-type: ".$filetype);
41 41
42 42 
         switch ($filetype) {
43 43 
             case "text/rtf": // fall-through, same treatment
 
@@ -54,7 +54,7 @@  discard block
 
 block discarded – undo
54 54 
         header("Cache-Control: must-revalidate");
55 55 
         $offset = 60 * 60 * 24 * 30;
56 56 
         // gmdate can't possibly fail, because it operates on time() and an integer offset
57 
-        $ExpStr = "Expires: " . /** @scrutinizer ignore-type */ gmdate("D, d M Y H:i:s", time() + $offset) . " GMT";
57 
+        $ExpStr = "Expires: "./** @scrutinizer ignore-type */ gmdate("D, d M Y H:i:s", time() + $offset)." GMT";
58 58 
         header($ExpStr);
59 59 
         //  Print out the image
60 60 
         echo $finalBlob;
Please login to merge, or discard this patch.