ASN1/X509: throw exceptions instead of user_errors

phpseclib/Exception/UnsupportedAlgorithmException.php

@@ -0,0 +1,26 @@
+<?php
+
+/**
+ * UnsupportedAlgorithmException
+ *
+ * PHP version 5
+ *
+ * @category  Exception
+ * @package   UnsupportedAlgorithmException
+ * @author    Jim Wigginton <terrafrost@php.net>
+ * @copyright 2015 Jim Wigginton
+ * @license   http://www.opensource.org/licenses/mit-license.html  MIT License
+ * @link      http://phpseclib.sourceforge.net
+ */
+
+namespace phpseclib\Exception;
+
+/**
+ * UnsupportedAlgorithmException
+ *
+ * @package UnsupportedAlgorithmException
+ * @author  Jim Wigginton <terrafrost@php.net>
+ */
+class UnsupportedAlgorithmException extends \RuntimeException
+{
+}

phpseclib/File/ASN1.php

@@ -793,6 +793,7 @@ class ASN1
      * @param String $mapping
      * @param Integer $idx
      * @return String
+     * @throws \RuntimeException if the input has an error in it
      * @access private
      */
     function _encode_der($source, $mapping, $idx = null, $special = array())
@@ -985,7 +986,7 @@ class ASN1
             case self::TYPE_OBJECT_IDENTIFIER:
                 $oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids);
                 if ($oid === false) {
-                    user_error('Invalid OID');
+                    throw new \RuntimeException('Invalid OID');
                     return false;
                 }
                 $value = '';
@@ -1038,7 +1039,7 @@ class ASN1
                     $filters = $filters[$part];
                 }
                 if ($filters === false) {
-                    user_error('No filters defined for ' . implode('/', $loc));
+                    throw new \RuntimeException('No filters defined for ' . implode('/', $loc));
                     return false;
                 }
                 return $this->_encode_der($source, $filters + $mapping, null, $special);
@@ -1062,7 +1063,7 @@ class ASN1
                 $value = $source ? "\xFF" : "\x00";
                 break;
             default:
-                user_error('Mapping provides no type definition for ' . implode('/', $this->location));
+                throw new \RuntimeException('Mapping provides no type definition for ' . implode('/', $this->location));
                 return false;
         }
 

phpseclib/File/X509.php

@@ -31,6 +31,7 @@ use phpseclib\Crypt\RSA;
 use phpseclib\File\ASN1;
 use phpseclib\File\ASN1\Element;
 use phpseclib\Math\BigInteger;
+use phpseclib\Exception\UnsupportedAlgorithmException;
 
 /**
  * Pure-PHP X.509 Parser
@@ -1640,7 +1641,7 @@ class X509
                 $map = $this->_getMapping($id);
                 if (is_bool($map)) {
                     if (!$map) {
-                        user_error($id . ' is not a currently supported extension');
+                        //user_error($id . ' is not a currently supported extension');
                         unset($extensions[$i]);
                     }
                 } else {
@@ -1713,7 +1714,7 @@ class X509
                 $id = $attributes[$i]['type'];
                 $map = $this->_getMapping($id);
                 if ($map === false) {
-                    user_error($id . ' is not a currently supported attribute', E_USER_NOTICE);
+                    //user_error($id . ' is not a currently supported attribute', E_USER_NOTICE);
                     unset($attributes[$i]);
                 } elseif (is_array($attributes[$i]['value'])) {
                     $values = &$attributes[$i]['value'];
@@ -2106,7 +2107,8 @@ class X509
     /**
      * Validates a signature
      *
-     * Returns true if the signature is verified, false if it is not correct or null on error
+     * Returns true if the signature is verified and false if it is not correct.
+     * If the algorithms are unsupposed an exception is thrown.
      *
      * @param String $publicKeyAlgorithm
      * @param String $publicKey
@@ -2114,7 +2116,8 @@ class X509
      * @param String $signature
      * @param String $signatureSubject
      * @access private
-     * @return Integer
+     * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported
+     * @return Boolean
      */
     function _validateSignature($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject)
     {
@@ -2138,11 +2141,11 @@ class X509
                         }
                         break;
                     default:
-                        return null;
+                        throw new UnsupportedAlgorithmException('Signature algorithm unsupported');
                 }
                 break;
             default:
-                return null;
+                throw new UnsupportedAlgorithmException('Public key algorithm unsupported');
         }
 
         return true;
@@ -3611,6 +3614,7 @@ class X509
      * @param \phpseclib\File\X509 $subject
      * @param String $signatureAlgorithm
      * @access public
+     * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported
      * @return Mixed
      */
     function _sign($key, $signatureAlgorithm)
@@ -3629,10 +3633,12 @@ class X509
 
                     $this->currentCert['signature'] = base64_encode("\0" . $key->sign($this->signatureSubject));
                     return $this->currentCert;
+                default:
+                    throw new UnsupportedAlgorithmException('Signature algorithm unsupported');
             }
         }
 
-        return false;
+        throw new UnsupportedAlgorithmException('Unsupported public key algorithm');
     }
 
     /**