Skip to content

Commit

Permalink
Merge pull request #6 from darkwebdesign/ISSUE-3
Browse files Browse the repository at this point in the history 
ISSUE-3: ProcessFailedException not thrown in case OpenSSL commands fail
  • Loading branch information
@raymondschouten
raymondschouten authored Aug 23, 2017
2 parents 0c81806 + ba8d801 commit 56df859
Show file tree
Hide file tree
Showing 9 changed files with 572 additions and 289 deletions.
154 changes: 77 additions & 77 deletions File/KeystoreFile.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,9 +44,7 @@ protected function validate()
{
$in = escapeshellarg($this->getPathname());

$command = "openssl pkcs12 -in $in -passin pass: -noout";

$process = new Process($command);
$process = new Process("openssl pkcs12 -in $in -passin pass: -noout");
$process->run();

$invalidPassword = false !== strpos($process->getErrorOutput(), 'invalid password');
Expand Down Expand Up @@ -85,18 +83,17 @@ public static function create($path, $passPhrase, PublicKeyFile $publicKeyFile,
$privateKeyInForm = escapeshellarg($privateKeyFile->getFormat());
$privateKeyPass = escapeshellarg($privateKeyPassPhrase);

$command = "
{
openssl rsa -in $privateKeyIn -inform $privateKeyInForm -passin pass:$privateKeyPass -passout pass:pipe -des3
openssl x509 -in $publicKeyIn -inform $publicKeyInForm
} |
openssl pkcs12 -passin pass:pipe -out $out~ -passout pass:$pass -export &&
mv --force $out~ $out ||
rm --force $out~";
$process1 = new Process("openssl rsa -in $privateKeyIn -inform $privateKeyInForm -passin pass:$privateKeyPass -passout pass:pipe -des3");
$process1->mustRun();

$process2 = new Process("openssl x509 -in $publicKeyIn -inform $publicKeyInForm");
$process2->mustRun();

$process = new Process($command);
$process->mustRun();
$process3 = new Process("openssl pkcs12 -passin pass:pipe -passout pass:$pass -export");
$process3->setInput($process1->getOutput() . $process2->getOutput());
$process3->mustRun();

@file_put_contents($path, $process3->getOutput());
@chmod($path, 0666 & ~umask());

return new self($path);
Expand Down Expand Up @@ -125,19 +122,21 @@ public function getPem($path, $passPhrase)
$rsaPassOut = '';
}

$command = "
{
openssl pkcs12 -in $in -passin pass:$pass -nokeys |
openssl x509
openssl pkcs12 -in $in -passin pass:$pass -nocerts -passout pass:pipe |
openssl rsa -passin pass:pipe $rsaPassOut
} > $out~ &&
mv --force $out~ $out ||
rm --force $out~";
$process1 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nokeys");
$process1->mustRun();

$process2 = new Process("openssl x509");
$process2->setInput($process1->getOutput());
$process2->mustRun();

$process3 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nocerts -passout pass:pipe");
$process3->mustRun();

$process = new Process($command);
$process->mustRun();
$process4 = new Process("openssl rsa -passin pass:pipe $rsaPassOut");
$process4->setInput($process3->getOutput());
$process4->mustRun();

@file_put_contents($path, $process2->getOutput() . $process4->getOutput());
@chmod($path, 0666 & ~umask());

return new PemFile($path);
Expand All @@ -159,15 +158,14 @@ public function getPublicKey($path, $passPhrase)
$out = escapeshellarg($path);
$pass = escapeshellarg($passPhrase);

$command = "
openssl pkcs12 -in $in -passin pass:$pass -nokeys |
openssl x509 -out $out~ &&
mv --force $out~ $out ||
rm --force $out~";
$process1 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nokeys");
$process1->mustRun();

$process = new Process($command);
$process->mustRun();
$process2 = new Process("openssl x509");
$process2->setInput($process1->getOutput());
$process2->mustRun();

@file_put_contents($path, $process2->getOutput());
@chmod($path, 0666 & ~umask());

return new PublicKeyFile($path);
Expand Down Expand Up @@ -199,15 +197,14 @@ public function getPrivateKey($path, $passPhrase)
$rsaPassOut = '';
}

$command = "
openssl pkcs12 -in $in -passin pass:$pass -nocerts -passout pass:pipe |
openssl rsa -passin pass:pipe -out $out~ $rsaPassOut &&
mv --force $out~ $out ||
rm --force $out~";
$process1 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nocerts -passout pass:pipe");
$process1->mustRun();

$process = new Process($command);
$process->mustRun();
$process2 = new Process("openssl rsa -passin pass:pipe $rsaPassOut");
$process2->setInput($process1->getOutput());
$process2->mustRun();

@file_put_contents($path, $process2->getOutput());
@chmod($path, 0666 & ~umask());

return new PrivateKeyFile($path);
Expand All @@ -227,14 +224,14 @@ public function getSubject($passPhrase)
$in = escapeshellarg($this->getPathname());
$pass = escapeshellarg($passPhrase);

$command = "
openssl pkcs12 -in $in -passin pass:$pass -nokeys |
openssl x509 -noout -subject";
$process1 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nokeys");
$process1->mustRun();

$process = new Process($command);
$process->mustRun();
$process2 = new Process('openssl x509 -noout -subject');
$process2->setInput($process1->getOutput());
$process2->mustRun();

return trim(preg_replace('/^subject=/', '', $process->getOutput()));
return trim(preg_replace('/^subject=/', '', $process2->getOutput()));
}

/**
Expand All @@ -251,14 +248,14 @@ public function getIssuer($passPhrase)
$in = escapeshellarg($this->getPathname());
$pass = escapeshellarg($passPhrase);

$command = "
openssl pkcs12 -in $in -passin pass:$pass -nokeys |
openssl x509 -noout -issuer";
$process1 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nokeys");
$process1->mustRun();

$process = new Process($command);
$process->mustRun();
$process2 = new Process('openssl x509 -noout -issuer');
$process2->setInput($process1->getOutput());
$process2->mustRun();

return trim(preg_replace('/^issuer=/', '', $process->getOutput()));
return trim(preg_replace('/^issuer=/', '', $process2->getOutput()));
}

/**
Expand All @@ -275,14 +272,14 @@ public function getNotBefore($passPhrase)
$in = escapeshellarg($this->getPathname());
$pass = escapeshellarg($passPhrase);

$command = "
openssl pkcs12 -in $in -passin pass:$pass -nokeys |
openssl x509 -noout -startdate";
$process1 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nokeys");
$process1->mustRun();

$process = new Process($command);
$process->mustRun();
$process2 = new Process('openssl x509 -noout -startdate');
$process2->setInput($process1->getOutput());
$process2->mustRun();

return new \DateTime(trim(preg_replace('/^notBefore=/', '', $process->getOutput())));
return new \DateTime(trim(preg_replace('/^notBefore=/', '', $process2->getOutput())));
}

/**
Expand All @@ -299,14 +296,14 @@ public function getNotAfter($passPhrase)
$in = escapeshellarg($this->getPathname());
$pass = escapeshellarg($passPhrase);

$command = "
openssl pkcs12 -in $in -passin pass:$pass -nokeys |
openssl x509 -noout -enddate";
$process1 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nokeys");
$process1->mustRun();

$process = new Process($command);
$process->mustRun();
$process2 = new Process('openssl x509 -noout -enddate');
$process2->setInput($process1->getOutput());
$process2->mustRun();

return new \DateTime(trim(preg_replace('/^notAfter=/', '', $process->getOutput())));
return new \DateTime(trim(preg_replace('/^notAfter=/', '', $process2->getOutput())));
}

/**
Expand All @@ -321,9 +318,7 @@ public function verifyPassPhrase($passPhrase)
$in = escapeshellarg($this->getPathname());
$pass = escapeshellarg($passPhrase);

$command = "openssl pkcs12 -in $in -passin pass:$pass -noout";

$process = new Process($command);
$process = new Process("openssl pkcs12 -in $in -passin pass:$pass -noout");
$process->run();

return $process->isSuccessful();
Expand All @@ -346,20 +341,25 @@ public function changePassPhrase($passPhrase, $newPassPhrase)
$pass = escapeshellarg($passPhrase);
$newPass = escapeshellarg($newPassPhrase);

$command = "
{
openssl pkcs12 -in $in -passin pass:$pass -nocerts -passout pass:pipe |
openssl rsa -passin pass:pipe -passout pass:pipe
openssl pkcs12 -in $in -passin pass:$pass -nokeys |
openssl x509
} |
openssl pkcs12 -passin pass:pipe -out $in~ -passout pass:$newPass -export &&
mv --force $in~ $in ||
rm --force $in~";
$process1 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nocerts -passout pass:pipe");
$process1->mustRun();

$process2 = new Process("openssl rsa -passin pass:pipe -passout pass:pipe");
$process2->setInput($process1->getOutput());
$process2->mustRun();

$process3 = new Process("openssl pkcs12 -in $in -passin pass:$pass -nokeys");
$process3->mustRun();

$process4 = new Process("openssl x509");
$process4->setInput($process3->getOutput());
$process4->mustRun();

$process = new Process($command);
$process->mustRun();
$process5 = new Process("openssl pkcs12 -passin pass:pipe -passout pass:$newPass -export");
$process5->setInput($process2->getOutput() . $process4->getOutput());
$process5->mustRun();

@file_put_contents($this->getPathname(), $process5->getOutput());
@chmod($this->getPathname(), 0666 & ~umask());
clearstatcache(true, $this->getPathname());

Expand Down
Loading

0 comments on commit 56df859

Please sign in to comment.