Issues in Crl.php (master) - Issues in master - madwizard-org/webauthn-server - Measure and Improve Code Quality continuously with Scrutinizer

Issues (19)

src/Pki/Crl.php (1 issue)

Severity

Unknown 1

<?php

namespace MadWizard\WebAuthn\Pki;

use DateTimeImmutable;
use DateTimeZone;
use MadWizard\WebAuthn\Exception\ParseException;
use MadWizard\WebAuthn\Exception\VerificationException;
use phpseclib3\File\X509;

/**
 * @experimental
 */
final class Crl
{
    /**
     * @var X509
     */
    private $crl;

    /**
     * @var DateTimeImmutable|null
     */
    private $nextUpdate;

    /**
     * @param string $crlData CRL data as PEM or DER
     *
     * @throws ParseException        When CRL or issuer certificate could not be parsed.
     * @throws VerificationException When CRL signature is invalid
     */
    public function __construct(string $crlData, X509Certificate ...$caCertificates)
    {
        $crl = new X509();
        foreach ($caCertificates as $ca) {
            if ($crl->loadCA($ca->asDer()) === false) {
                throw new ParseException('Failed to load CA certificate for CRL.');
            }
        }

        $crlInfo = $crl->loadCRL($crlData);
        if ($crlInfo === false) {

            throw new ParseException('Failed to load CRL data.');
        }

        $nextUpdate = $crlInfo['tbsCertList']['nextUpdate']['utcTime'] ?? null;
        if ($nextUpdate !== null) {
            $this->nextUpdate = new DateTimeImmutable($nextUpdate, new DateTimeZone('UTC'));
        }

        if (true !== $crl->validateSignature()) {
            throw new VerificationException('Failed to verify CRL signature.');
        }
        $this->crl = $crl;
    }

    public function isRevoked(string $serial): bool
    {
        return $this->crl->getRevoked($serial) !== false;
    }

    public function getNextUpdate(): ?DateTimeImmutable
    {
        return $this->nextUpdate;
    }
}


1			<?php
2
3			namespace MadWizard\WebAuthn\Pki;
4
5			use DateTimeImmutable;
6			use DateTimeZone;
7			use MadWizard\WebAuthn\Exception\ParseException;
8			use MadWizard\WebAuthn\Exception\VerificationException;
9			use phpseclib3\File\X509;
10
11			/**
12			* @experimental
13			*/
14			final class Crl
15			{
16			/**
17			* @var X509
18			*/
19			private $crl;
20
21			/**
22			* @var DateTimeImmutable\|null
23			*/
24			private $nextUpdate;
25
26			/**
27			* @param string $crlData CRL data as PEM or DER
28			*
29			* @throws ParseException When CRL or issuer certificate could not be parsed.
30			* @throws VerificationException When CRL signature is invalid
31			*/
32			public function __construct(string $crlData, X509Certificate ...$caCertificates)
33			{
34			$crl = new X509();
35			foreach ($caCertificates as $ca) {
36			if ($crl->loadCA($ca->asDer()) === false) {
37			throw new ParseException('Failed to load CA certificate for CRL.');
38			}
39			}
40
41			$crlInfo = $crl->loadCRL($crlData);
42			if ($crlInfo === false) {
			0 ignored issues – show introduced 2020-11-07 19:22 UTC by Report Bug Copy Issue Report Show Similar Issues like this The condition `$crlInfo === false` is always `true`. Loading history...
43			throw new ParseException('Failed to load CRL data.');
44			}
45
46			$nextUpdate = $crlInfo['tbsCertList']['nextUpdate']['utcTime'] ?? null;
47			if ($nextUpdate !== null) {
48			$this->nextUpdate = new DateTimeImmutable($nextUpdate, new DateTimeZone('UTC'));
49			}
50
51			if (true !== $crl->validateSignature()) {
52			throw new VerificationException('Failed to verify CRL signature.');
53			}
54			$this->crl = $crl;
55			}
56
57			public function isRevoked(string $serial): bool
58			{
59			return $this->crl->getRevoked($serial) !== false;
60			}
61
62			public function getNextUpdate(): ?DateTimeImmutable
63			{
64			return $this->nextUpdate;
65			}
66			}
67

madwizard-org / webauthn-server

Issues (19)

src/Pki/Crl.php (1 issue)

Severity

Introduced By

Duplication Side-by-Side

Filter issues like