mirror of
https://github.com/nextcloud/server.git
synced 2026-06-12 18:21:40 -04:00
Merge pull request #22111 from owncloud/use-intermediate-certificate
Use intermediate root authority + sign other release channels
This commit is contained in:
Thomas Müller
commit
1619968a03
7 changed files with 135 additions and 81 deletions
|
|
@ -59,7 +59,8 @@ class SignCore extends Command {
|
|||
->setName('integrity:sign-core')
|
||||
->setDescription('Sign core using a private key.')
|
||||
->addOption('privateKey', null, InputOption::VALUE_REQUIRED, 'Path to private key to use for signing')
|
||||
->addOption('certificate', null, InputOption::VALUE_REQUIRED, 'Path to certificate to use for signing');
|
||||
->addOption('certificate', null, InputOption::VALUE_REQUIRED, 'Path to certificate to use for signing')
|
||||
->addOption('path', null, InputOption::VALUE_REQUIRED, 'Path of core to sign');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -68,8 +69,9 @@ class SignCore extends Command {
|
|||
protected function execute(InputInterface $input, OutputInterface $output) {
|
||||
$privateKeyPath = $input->getOption('privateKey');
|
||||
$keyBundlePath = $input->getOption('certificate');
|
||||
if(is_null($privateKeyPath) || is_null($keyBundlePath)) {
|
||||
$output->writeln('--privateKey and --certificate are required.');
|
||||
$path = $input->getOption('path');
|
||||
if(is_null($privateKeyPath) || is_null($keyBundlePath) || is_null($path)) {
|
||||
$output->writeln('--privateKey, --certificate and --path are required.');
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
@ -91,7 +93,7 @@ class SignCore extends Command {
|
|||
$x509 = new X509();
|
||||
$x509->loadX509($keyBundle);
|
||||
$x509->setPrivateKey($rsa);
|
||||
$this->checker->writeCoreSignature($x509, $rsa);
|
||||
$this->checker->writeCoreSignature($x509, $rsa, $path);
|
||||
|
||||
$output->writeln('Successfully signed "core"');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -90,6 +90,8 @@ class Checker {
|
|||
// FIXME: Once the signing server is instructed to sign daily, beta and
|
||||
// RCs as well these need to be included also.
|
||||
$signedChannels = [
|
||||
'daily',
|
||||
'testing',
|
||||
'stable',
|
||||
];
|
||||
if(!in_array($this->environmentHelper->getChannel(), $signedChannels, true)) {
|
||||
|
|
@ -113,16 +115,22 @@ class Checker {
|
|||
* Enumerates all files belonging to the folder. Sensible defaults are excluded.
|
||||
*
|
||||
* @param string $folderToIterate
|
||||
* @param string $root
|
||||
* @return \RecursiveIteratorIterator
|
||||
* @throws \Exception
|
||||
*/
|
||||
private function getFolderIterator($folderToIterate) {
|
||||
private function getFolderIterator($folderToIterate, $root = '') {
|
||||
$dirItr = new \RecursiveDirectoryIterator(
|
||||
$folderToIterate,
|
||||
\RecursiveDirectoryIterator::SKIP_DOTS
|
||||
);
|
||||
if($root === '') {
|
||||
$root = \OC::$SERVERROOT;
|
||||
}
|
||||
$root = rtrim($root, '/');
|
||||
|
||||
$excludeGenericFilesIterator = new ExcludeFileByNameFilterIterator($dirItr);
|
||||
$excludeFoldersIterator = new ExcludeFoldersByPathFilterIterator($excludeGenericFilesIterator);
|
||||
$excludeFoldersIterator = new ExcludeFoldersByPathFilterIterator($excludeGenericFilesIterator, $root);
|
||||
|
||||
return new \RecursiveIteratorIterator(
|
||||
$excludeFoldersIterator,
|
||||
|
|
@ -234,14 +242,16 @@ class Checker {
|
|||
*
|
||||
* @param X509 $certificate
|
||||
* @param RSA $rsa
|
||||
* @param string $path
|
||||
*/
|
||||
public function writeCoreSignature(X509 $certificate,
|
||||
RSA $rsa) {
|
||||
$iterator = $this->getFolderIterator($this->environmentHelper->getServerRoot());
|
||||
$hashes = $this->generateHashes($iterator, $this->environmentHelper->getServerRoot());
|
||||
RSA $rsa,
|
||||
$path) {
|
||||
$iterator = $this->getFolderIterator($path, $path);
|
||||
$hashes = $this->generateHashes($iterator, $path);
|
||||
$signatureData = $this->createSignatureData($hashes, $certificate, $rsa);
|
||||
$this->fileAccessHelper->file_put_contents(
|
||||
$this->environmentHelper->getServerRoot() . '/core/signature.json',
|
||||
$path . '/core/signature.json',
|
||||
json_encode($signatureData, JSON_PRETTY_PRINT)
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ namespace OC\IntegrityCheck\Iterator;
|
|||
class ExcludeFoldersByPathFilterIterator extends \RecursiveFilterIterator {
|
||||
private $excludedFolders = [];
|
||||
|
||||
public function __construct(\RecursiveIterator $iterator) {
|
||||
public function __construct(\RecursiveIterator $iterator, $root = '') {
|
||||
parent::__construct($iterator);
|
||||
|
||||
$appFolders = \OC::$APPSROOTS;
|
||||
|
|
@ -33,9 +33,10 @@ class ExcludeFoldersByPathFilterIterator extends \RecursiveFilterIterator {
|
|||
}
|
||||
|
||||
$this->excludedFolders = array_merge([
|
||||
rtrim(\OC::$server->getConfig()->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data'), '/'),
|
||||
rtrim(\OC::$SERVERROOT.'/themes', '/'),
|
||||
rtrim(\OC::$SERVERROOT.'/config', '/'),
|
||||
rtrim($root . '/data', '/'),
|
||||
rtrim($root .'/themes', '/'),
|
||||
rtrim($root.'/config', '/'),
|
||||
rtrim($root.'/apps', '/'),
|
||||
], $appFolders);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,24 +1,24 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIID/TCCAeUCAhAAMA0GCSqGSIb3DQEBCwUAMHkxFjAUBgNVBAoTDW93bkNsb3Vk
|
||||
IEluYy4xEjAQBgNVBAcTCUxleGluZ3RvbjEPMA0GA1UECBMGQm9zdG9uMQswCQYD
|
||||
VQQGEwJVUzEtMCsGA1UEAxMkb3duQ2xvdWQgQ29kZSBTaWduaW5nIFJvb3QgQXV0
|
||||
aG9yaXR5MB4XDTE2MDIwMzE3MTM0NVoXDTI2MDEzMTE3MTM0NVowDzENMAsGA1UE
|
||||
AwwEY29yZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKzP4ujnvS9l
|
||||
otPJ7zHZMD8IGgcuYVtZ40n4pWSArhJboazhMdadpfxEZAghZtzkK+AKz4V+92GV
|
||||
UOf+FgFRMcsaaBFr9INE4tdYKPVfHq19sDZVhYySfg7/z9qWc9XTMAm1lWpFyDQb
|
||||
CC0i1YFogk0JdPr5Ay2Ftgbbr+TtMduL0RshdClqoiwntLnFhu8VRZi3+/yHH2cN
|
||||
M5ANjm/MXT8Ae6KMVOzsYhBcxMLNVL08Ih1ubtu4LbKgyT5ShYzxqRnJ8U1KlmVT
|
||||
w/wsSGMvVTEJkozkQEyg88vkxwvqLLYs5bOvXY93S6YKb2gO7RAA2c/IaEDbL32t
|
||||
TJJhRoPif9cCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAiRhcef1Tc0Lj4BWIxYDV
|
||||
Fjkrd4HHe3FyZRdD1+NU4LSb/4xXknmrwu5tITrnoGqNfUGn9BlP5Ek7Iu15PMPi
|
||||
8Us8xszvgMZ7BG3x4zTMHwUseLT56/+qE76VN2vXusQBuEhOll/WN2qHvPi8BOCk
|
||||
fOL6/EIUdqfMh9FKGNKOJ5f95eKogyVVxVcUpGWoqZRQTJaNMBTdT8Zwv1aTLRgp
|
||||
Vf8JFzmxG9Atc/00w7cg4tV4lUpZafn1RYaIi4DWZhI43yR+Z8CKQBXt7iufu0QD
|
||||
VwWOqYjmK7aKB2bL3+8I2bL9pm9DUKrAPYSObdmasJQGFVNCILisWJjX5wlUC2IL
|
||||
FtMfZ4egyWZTLeQ+VQt92cJeVZYins5GECm1SqgXGnmQWv01/wNIqUhLuVFoLyVv
|
||||
aPhCYcjNcbwJm8m++kz/G6+5AhRv2JrZq3i1Cw/yRQuiotXrJE+ukIvvSEjlLJ0C
|
||||
Njm7EMy1mNfhIi1Xel/aUaf0y92GMsfnCuzI+tRG50HHupLEXHItlg2RILmNQNpo
|
||||
woqHpUZs5G5HZlE5ZnffJlZpJyqA1EpQDh1XXJqcVwV50V9o+CMvxXO8s2lUA+i6
|
||||
Kay+t3mz2dX6qflRUPLsPS4XLdB9MUiIHCOgMJfsK+9SZ+i1VymhV5UYx8rqglC7
|
||||
8crw8NpiIuOqQZW8LcZXZBU=
|
||||
-----END CERTIFICATE-----
|
||||
MIID8TCCAdkCAhAAMA0GCSqGSIb3DQEBCwUAMG0xCzAJBgNVBAYTAlVTMQ8wDQYD
|
||||
VQQIDAZCb3N0b24xFjAUBgNVBAoMDW93bkNsb3VkIEluYy4xNTAzBgNVBAMMLG93
|
||||
bkNsb3VkIENvZGUgU2lnbmluZyBJbnRlcm1lZGlhdGUgQXV0aG9yaXR5MB4XDTE2
|
||||
MDIwMzE3NTE0OVoXDTI2MDEzMTE3NTE0OVowDzENMAsGA1UEAwwEY29yZTCCASIw
|
||||
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPHdSljnHI+ueQd27UyWPO9n4Lqt
|
||||
bK0kdekiC3si7Mee7uXXJaGuqXJozHEZYB1LIFLdCU/itCxEk9hyLcyNzeT+nRT/
|
||||
zDuOYdbLgCj7/A5bX+u3jc29UlCYybSFchfMdvn7a0njCna4dE+73b4yEj16tS2h
|
||||
S1EUygSzgicWlJqMD3Z9Qc+zLEpdhq9oDdDB8HURi2NW4KzIraVncSH+zF1QduOh
|
||||
nERDnF8x48D3FLdTxGA0W/Kg4gYsq4NRvU6g3DJNdp4YfqRSFMmLFDCgzDuhan7D
|
||||
wgRlI9NAeHbnyoUPtrDBUceI7shIbC/i87xk9ptqV0AyFonkJtK6lWwZjNkCAwEA
|
||||
ATANBgkqhkiG9w0BAQsFAAOCAgEAAMgymqZE1YaHYlRGwvTE7gGDY3gmFOMaxQL4
|
||||
E5m0CnkBz4BdIPRsQFFdOv3l/MIWkw5ED3vUB925VpQZYFSiEuv5NbnlPaHZlIMI
|
||||
n8AV/sTP5jue3LhtAN4EM63xNBhudAT6wVsvGwOuQOx9Xv+ptO8Po7sTuNYP0CMH
|
||||
EOQN+/q8tYlSm2VW+dAlaJ+zVZwZldhVjL+lSH4E9ktWn3PmgNQeKfcnJISUbus6
|
||||
ZtsYDF/X96/Z2ZQvMXOKksgvU6XlvIxllcyebC9Bxe/h0D63GCO2tqN5CWQzIIqn
|
||||
apUynPX8BlLaaExqYGERwlUi/yOGaUVPUjEPVehviOQYgAqxlrkJk1dWeCrwUori
|
||||
CXpi+IUYkidfgiJ9F88M3ElpwqIaXp7G3/4oHBuE2u6M+L+1/vqPJeTCAWUxxpJE
|
||||
yYmM+db6D4TySFpQPENNzPS8bpR6T8w2hRumkldC42HrnyJJbpjOieTXhXzjdPvZ
|
||||
IEP9JGtkhB2du6nBF2MNAq2TqRXpcfQrQEbnQ13aV9bl+roTwwO+SOWK/wgvdOMI
|
||||
STQ0Xk0sTGlmQjPYPkibVceaWMR3sX4cNt5c33YhJys5jxHoAh42km4nN9tfykR5
|
||||
crl5lBlKjXh2GP0+omSO3x1jX4+iQPCW2TWoyKkUdLu/hGHG2w8RrTeme+kATECH
|
||||
YSu356M=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
|||
|
|
@ -1,36 +1,66 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIGVDCCBDygAwIBAgIJAJGMJhEr5q3dMA0GCSqGSIb3DQEBCwUAMHkxFjAUBgNV
|
||||
BAoTDW93bkNsb3VkIEluYy4xEjAQBgNVBAcTCUxleGluZ3RvbjEPMA0GA1UECBMG
|
||||
Qm9zdG9uMQswCQYDVQQGEwJVUzEtMCsGA1UEAxMkb3duQ2xvdWQgQ29kZSBTaWdu
|
||||
aW5nIFJvb3QgQXV0aG9yaXR5MB4XDTE2MDIwMzE3MDYyOVoXDTI2MDEzMTE3MDYy
|
||||
OVoweTEWMBQGA1UEChMNb3duQ2xvdWQgSW5jLjESMBAGA1UEBxMJTGV4aW5ndG9u
|
||||
MQ8wDQYDVQQIEwZCb3N0b24xCzAJBgNVBAYTAlVTMS0wKwYDVQQDEyRvd25DbG91
|
||||
ZCBDb2RlIFNpZ25pbmcgUm9vdCBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
|
||||
A4ICDwAwggIKAoICAQDGAqfV+pZuKD9rKsny6PxQWYV35bJYo2xdYxFpd8oI/Fco
|
||||
Ygjv5iZc9U4/iY0mN3wSDjYXJtMQnO96qthSI/bqsxrD9wutRKXYo/VEZALWL8vR
|
||||
F+cRpgmCrq98tF7fNEhEX2PdVlmwEWV8c7wL+QAd+qXrVz+MyJyw6jlh5JzEEqAR
|
||||
kNNRFm2d5+FPgWZeBNE0tbj7XxBTFTn/OMAOndhLo2dwhTXu6t2Caq15IZt6YoPM
|
||||
Ibn/Y3c2E76vpfWCznB4uEsEx4C4Hkdmzu5BwjPjcnPoFGobHaURMnwrEOI1s0cn
|
||||
V7kl2120I2Dr29NTL4vgnxRM2SQp3253NVmy9EbabszwfHy9bGH5G6IKQyTLyJHG
|
||||
AIAN3QHfr86N3t/ELekNb8bbh+2OBzuytMbTPlauKny7isVfciGUfnJgU54mMbIc
|
||||
1XBiYEgKjdkq/IEiYkjtOToS29AvCnDkH82piEeW0TMmcNN7/Vq79S1YR4ceZ4PQ
|
||||
d0Qm0y59nXPVZMso5em39TJH1PRwe93RPDN8NM434sfbdjqMqDi+3E+urG01AzwT
|
||||
BZj8lUvD/FvDB1no2p4/JKeHmlR/AQmfWFA0c6dv5DlzeIldwar4paDER9McGXvy
|
||||
GSTDVEhdEJrbK8pQh2pIkHZ6WkuMyTXDMTvyRtuPwlk68MVmYic/AHUSLrGT0wID
|
||||
AQABo4HeMIHbMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFM2KMEEv31J4fR3ufEH6
|
||||
yiLvmRPmMIGrBgNVHSMEgaMwgaCAFM2KMEEv31J4fR3ufEH6yiLvmRPmoX2kezB5
|
||||
MRYwFAYDVQQKEw1vd25DbG91ZCBJbmMuMRIwEAYDVQQHEwlMZXhpbmd0b24xDzAN
|
||||
BgNVBAgTBkJvc3RvbjELMAkGA1UEBhMCVVMxLTArBgNVBAMTJG93bkNsb3VkIENv
|
||||
ZGUgU2lnbmluZyBSb290IEF1dGhvcml0eYIJAJGMJhEr5q3dMA0GCSqGSIb3DQEB
|
||||
CwUAA4ICAQBDLisFDvjYv8nbAAfqU9A8q9nTtA5XAmRPBE4zoawesFnyYRPD5xf8
|
||||
+/L9p3z7c5V4ui3yERd6PeNpMKW3NsY0TL6k3rYONQRwkNWE5eLcTelhVbqUBWoQ
|
||||
vTPJqQzP6HvOuErHv2yDBhO8graQiw8S3OOhQycrcPtSzGnenhvcYSJgJscx1EcE
|
||||
DAbTxfrTIyPgX4ouyoQPpPufUFYqYL/rNf9Ca03Gekyn9WFe9WGR7PzaKjn0dOQq
|
||||
wA9cPNitvwG//0emWZeH9naE4NPerzhwITyMDJUmQgZ/hW+lTTaZfISPQmMi24za
|
||||
00PbfeMYRNrkw21VkwkqLHqj9l7ud3hmyoTjKHdO8zOfeVyv3OfJmRLubv+x+wDE
|
||||
JSJNSyvgtMIlQ4WsM3mXUesN//3NsSGt/QUy9ARD7Nf8u1igchdxJLavXCJmnwYa
|
||||
jxxnGk16q1R5OJqDN9IbSbxRiS/WWKTJkhMBVQtsHMD2MK4Gtbw/J2n/4M/zioiS
|
||||
iZW1Eg1kI163oD/obEa5KzxJz+RXBGZef07q37Um8RTQ2kjI65sr/9oZ9tHdF9Zb
|
||||
vPGFcj/viac6O8Z9fDovTCfMHiGKwgDhrsQFkQz1/BEl2P1FIzNQeDBfyI7bI82x
|
||||
GIt/Th0uI+YIkhA0kLlq4cCoBjl0fL6hCy5DADdAMWFOwmUzG8EJWA==
|
||||
MIIFtDCCA5ygAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwZTELMAkGA1UEBhMCVVMx
|
||||
DzANBgNVBAgMBkJvc3RvbjEWMBQGA1UECgwNb3duQ2xvdWQgSW5jLjEtMCsGA1UE
|
||||
Awwkb3duQ2xvdWQgQ29kZSBTaWduaW5nIFJvb3QgQXV0aG9yaXR5MB4XDTE2MDIw
|
||||
MzE3NDMyNVoXDTI2MDEzMTE3NDMyNVowbTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
|
||||
BkJvc3RvbjEWMBQGA1UECgwNb3duQ2xvdWQgSW5jLjE1MDMGA1UEAwwsb3duQ2xv
|
||||
dWQgQ29kZSBTaWduaW5nIEludGVybWVkaWF0ZSBBdXRob3JpdHkwggIiMA0GCSqG
|
||||
SIb3DQEBAQUAA4ICDwAwggIKAoICAQDKMul4pWev6vtgzB73CLQPMy8nDZGbvqII
|
||||
IgukQluMeLCW0P09I+J/mCiDd99mQTtWO+/LcpOChHYJ59qQz+g9TzKlVSuFDg47
|
||||
pc+jUvTLGGEDf9cAWtzsXYXlb9z7sTln/8JAvy8ghmaR/4JWU4hM/nmgDCpeXLLJ
|
||||
NFrxKDbzPLYj53iHN+XyE9GT6sDYoQd1BIWhTsMdvMqg870Jw2yN4hKw3V7/KoI/
|
||||
Z5CAA9dP4tAmltBpMz79dmLCciqXOD8mWEWl2tSZU+/WVyPxiE19IHoJETOhSg4c
|
||||
eud4DDdFt9Ohm4owvpxxRDbvV+Ic6sWb1gJBrM7/XJDmaUObpowjx8Daof1MuoHs
|
||||
FKh6/Y7RBdVlrp/ig3htxfm9BBMqnXIxgFWDiSbjCMk0Ygvx49gKMnVoRhZ/7pla
|
||||
j5nTRdbhsjS50E9zfc53EltM27YSwNZu62QKsU4yumg8UOhOYPRLHcySvNyyMZXS
|
||||
o+Kst27oGSgurHytFS7FVG1M3UUn67zkMpnnMYhfx8dz7+tupY9e0l0kDciwvNAO
|
||||
YrnvHoEiIbJmoyYOhL2j9WErUhAb3JKTSdYC0MmjaZZPv0HwCemx+rnApcoszmFG
|
||||
woZTRAa6Q64WGxlmFq0vsgmcTNsTzlYY20Kv+ZpZOiVYonyHFkorKWdsXKZQcnYq
|
||||
dcMqYxQE6wIDAQABo2YwZDAdBgNVHQ4EFgQUfZoNPRneQ1pk9SZT9A2lpG4Hw7Mw
|
||||
HwYDVR0jBBgwFoAUcZdiBiGr+Y+OH2DrlNwK03zWH+YwEgYDVR0TAQH/BAgwBgEB
|
||||
/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAA2hoAEdbdM9
|
||||
+ZA/q7UppF4BiKrSQNAQHLDwodutRY+gBYQsWpo8wLqdLvRVhlwDn3KmJEMfaDQm
|
||||
5YM+/snBkew9olCIyYw+t7xYtNhoW1et/nNNDL+Qq7uyH6g+uOMp4m3c+BMv4x5H
|
||||
EP3z7PY1qrPOVvzZu8o2iL8qpC0sXTKZy+xG/9VTYGnxCcG+V/Ua5aHOyetUttoN
|
||||
bxEcEQHHe07V+JlCPuI53hPsiGgzHv+nz/1sJV95mn9w88SHY0JO9bHp9w+mq92K
|
||||
r0Nv6Wctf7vNVmIOdRFHWOFie4+D3TpBSnB5PPQRbtf6IVEhjmcnWYBWcRGhH6cR
|
||||
4dqpuqzwVFopIFLYMeaeKGu8wZHi2YRrkFcrnqqmFI9RtBbt3eyfUQcKH7b9P4Ri
|
||||
qamb/h9sVjDM4wSQ6n+Qa2dgV28O0il35roa3qwvqySgn1wXS5CsAaeB1VWAS6/S
|
||||
v1WFt93n9LrraV4EUuu1BGXp525aVn6v+B71zN4JzYnHVE4yAb0EdOpKrlfmCCm/
|
||||
9Z90+BF2uK3QnpkyrH+LEOQoHrlAt80RZYd2Tl/K1WWNrPUlnCGXdxjVYakVRnfy
|
||||
Ud0KV4RsD93mNw/t2gU5U+SyYWU2fTJUE9qdJ4Ndw7B2DZ/5dcsu0rDV4sXkUoDY
|
||||
+Dr25NoOcuqjCWRw2T3SBPSXBxjlhRTQ
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFsDCCA5igAwIBAgIJALFuk51OGp2KMA0GCSqGSIb3DQEBCwUAMGUxCzAJBgNV
|
||||
BAYTAlVTMQ8wDQYDVQQIDAZCb3N0b24xFjAUBgNVBAoMDW93bkNsb3VkIEluYy4x
|
||||
LTArBgNVBAMMJG93bkNsb3VkIENvZGUgU2lnbmluZyBSb290IEF1dGhvcml0eTAe
|
||||
Fw0xNjAyMDMxNzM5NThaFw0yNjAxMzExNzM5NThaMGUxCzAJBgNVBAYTAlVTMQ8w
|
||||
DQYDVQQIDAZCb3N0b24xFjAUBgNVBAoMDW93bkNsb3VkIEluYy4xLTArBgNVBAMM
|
||||
JG93bkNsb3VkIENvZGUgU2lnbmluZyBSb290IEF1dGhvcml0eTCCAiIwDQYJKoZI
|
||||
hvcNAQEBBQADggIPADCCAgoCggIBAJmTnGtGaB0cDtQPxWr2r5FyXFzJ6GIkm4Lb
|
||||
7iY/DYpIEarbRFwqDCDZ00V+PWsTBBF6qXW5W7eZ+fOOdIEGoNaDuGtIlGVjj3Dz
|
||||
TZtmcFg0euimfLNYVvYZlPPh4kS3zDRZs30AgAdgq4RHWC4qjElWcVKTwERNQ2ln
|
||||
gRFRQEv+i2DI7sEK9ZpK7B1SfJ1o1fm/kPL7bVfiYda+QKp0vOxBecDnGV+rfz4t
|
||||
DT6mBOgwAiZnwojuiigfUJxSisv3roWri+0O+0TiXglV+oUtkIRrs0etkQGWAlgn
|
||||
H4CC+sZ5N2TiGPH1hksLkXP4mymlio8/x7ax0WfcxeTZu3ok9eK5fwIQVWam6dd9
|
||||
klCqZVttKodZYspvdFfwqMlf4lPEIY+r2PIdGjUhKu4FsDhORaGj8WMYRJUR44ls
|
||||
/r2ktCB/TOsh8DW2Pi9HAgxI4mrdmvL0WMSOBFZRcSC/nTz977oi1iiB2T+s7V0Z
|
||||
Y0AHMQYiIn83MFB7rb+mVlEoLID/evVSTfUaUaO8DqcfeQN/OFM/zcJY9YHv8AlJ
|
||||
3b8CPdeX9edMnyZWNdrhOSawjAbOBIna3o66RXdeC3oWg7FuckJmy7JLtRCJ2Owu
|
||||
losRAxe0z5mQmjFzMczxCYJQ4A+4U5UZwbd/MQJg508StcOumroYqruDic/Wbc3C
|
||||
v6DupG8dAgMBAAGjYzBhMB0GA1UdDgQWBBRxl2IGIav5j44fYOuU3ArTfNYf5jAf
|
||||
BgNVHSMEGDAWgBRxl2IGIav5j44fYOuU3ArTfNYf5jAPBgNVHRMBAf8EBTADAQH/
|
||||
MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAR6IZBOBw3KzRxvUP
|
||||
+46RZYayMrdLyAgMzbDvQe7WCaeuA2UoPVL8jN7X2Lvw12Mz84+EKs1voR0OBxlY
|
||||
6muuyl0SETa2k4UtklVscMvcokG+m5aVNJ7/HHGFmKsTyJDMxSzDA/r3KRPXZOwV
|
||||
CLUVTkr5fQbIaVljA89U2p3pN/X7gNq89xi/XiszNCEIvvSscRmBGlRmx4XbjXHK
|
||||
XKO74+HiM/ahqUI792ae97jlsy9jG4OIelse3+e1KBWNsGtU90asnUHgyMXVL8gp
|
||||
ocznGvWceAhkcogUCUCXq1Rh/mKcGQdi2z0g/X+MGzfA9Ij4NQZLnNPh2UjgxCtG
|
||||
KWPUzs0t/xoCtJh1WpwqTrOUcYqFAaBa282sD/O8tX4t076aGKdbhfo6tvaOFwDU
|
||||
iRPgdMol++BFnfCld53Yivg2+S6+xo1wzuPkNjVFXHjx9vMyiov/HHKqJoBsuCwU
|
||||
7VegzM/6Cvh32lSZfUHsfynCab/7vv923KyaANWxb0QsHZSSt+mmOK3ZmC96vCEa
|
||||
55IGNckOvOGW9yCIz3Q0kEj2hoJs1bw0SkwGWs7N1TkugQjM/S7/Im1LJUxdtqQK
|
||||
Zjn+8U6U3TR1aKLYEdqHCGcVoRXKDG/S40FHxyeV/9buTI7SSvhzZfj+qasmJe1L
|
||||
Kd08UdS/im8RwbVSS1mih5hbAHg=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -63,7 +63,7 @@ class SignCoreTest extends TestCase {
|
|||
$outputInterface
|
||||
->expects($this->at(0))
|
||||
->method('writeln')
|
||||
->with('--privateKey and --certificate are required.');
|
||||
->with('--privateKey, --certificate and --path are required.');
|
||||
|
||||
$this->invokePrivate($this->signCore, 'execute', [$inputInterface, $outputInterface]);
|
||||
}
|
||||
|
|
@ -86,7 +86,7 @@ class SignCoreTest extends TestCase {
|
|||
$outputInterface
|
||||
->expects($this->at(0))
|
||||
->method('writeln')
|
||||
->with('--privateKey and --certificate are required.');
|
||||
->with('--privateKey, --certificate and --path are required.');
|
||||
|
||||
$this->invokePrivate($this->signCore, 'execute', [$inputInterface, $outputInterface]);
|
||||
}
|
||||
|
|
@ -105,6 +105,11 @@ class SignCoreTest extends TestCase {
|
|||
->method('getOption')
|
||||
->with('certificate')
|
||||
->will($this->returnValue('certificate'));
|
||||
$inputInterface
|
||||
->expects($this->at(2))
|
||||
->method('getOption')
|
||||
->with('path')
|
||||
->will($this->returnValue('certificate'));
|
||||
|
||||
$this->fileAccessHelper
|
||||
->expects($this->at(0))
|
||||
|
|
@ -134,6 +139,11 @@ class SignCoreTest extends TestCase {
|
|||
->method('getOption')
|
||||
->with('certificate')
|
||||
->will($this->returnValue('certificate'));
|
||||
$inputInterface
|
||||
->expects($this->at(2))
|
||||
->method('getOption')
|
||||
->with('path')
|
||||
->will($this->returnValue('certificate'));
|
||||
|
||||
$this->fileAccessHelper
|
||||
->expects($this->at(0))
|
||||
|
|
@ -168,6 +178,11 @@ class SignCoreTest extends TestCase {
|
|||
->method('getOption')
|
||||
->with('certificate')
|
||||
->will($this->returnValue('certificate'));
|
||||
$inputInterface
|
||||
->expects($this->at(2))
|
||||
->method('getOption')
|
||||
->with('path')
|
||||
->will($this->returnValue('certificate'));
|
||||
|
||||
$this->fileAccessHelper
|
||||
->expects($this->at(0))
|
||||
|
|
|
|||
|
|
@ -465,7 +465,7 @@ class CheckerTest extends TestCase {
|
|||
$rsa->loadKey($rsaPrivateKey);
|
||||
$x509 = new X509();
|
||||
$x509->loadX509($keyBundle);
|
||||
$this->checker->writeCoreSignature($x509, $rsa);
|
||||
$this->checker->writeCoreSignature($x509, $rsa, \OC::$SERVERROOT . '/tests/data/integritycheck/app/');
|
||||
}
|
||||
|
||||
public function testWriteCoreSignatureWithUnmodifiedHtaccess() {
|
||||
|
|
@ -495,7 +495,7 @@ class CheckerTest extends TestCase {
|
|||
$rsa->loadKey($rsaPrivateKey);
|
||||
$x509 = new X509();
|
||||
$x509->loadX509($keyBundle);
|
||||
$this->checker->writeCoreSignature($x509, $rsa);
|
||||
$this->checker->writeCoreSignature($x509, $rsa, \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessUnmodified/');
|
||||
}
|
||||
|
||||
public function testWriteCoreSignatureWithInvalidModifiedHtaccess() {
|
||||
|
|
@ -506,10 +506,6 @@ class CheckerTest extends TestCase {
|
|||
"signature": "qpDddYGgAKNR3TszOgjPXRphUl2P9Ym5OQaetltocgZASGDkOun5D64+1D0QJRKb4SG2+48muxGOHyL2Ngos4NUrrSR+SIkywZacay82YQBCEdr7\/4MjW1WHRPjvboLwEJwViw0EdAjsWRpD68aPnzUGrGsy2BsCo06P5iwjk9cXcHxdjC9R39npvoC3QNvQ2jmNIbh1Lc4U97dbb+CsXEQCLU1OSa9p3q6cEFV98Easwt7uF\/DzHK+CbeZlxVZ0DwLh2\/ylT1PyGou8QC1b3vKAnPjLWMO+UsCPpCKhk3C5pV+5etQ8puGd+0x2t5tEU+qXxLzek91zWNC+rqgC\/WlqLKbwPb\/BCHs4zLGV55Q2fEQmT21x0KCUELdPs4dBnYP4Ox5tEDugtJujWFzOHzoY6gGa\/BY\/78pSZXmq9o8dWkBEtioWWvaNZ1rM0ddE83GBlBTgjigi9Ay1D++bUW\/FCBB7CMk6qyNlV81H+cBuIEODw2aymmkM9LLDD2Qbmvo8gHEPRjiQxPC5OpDlcdSNiL+zcxVxeuX4FpT+9xzz\/\/DRONhufxRpsbuCOMxd96RW7y9U2N2Uxb3Bzn\/BIqEayUUsdgZjfaGcXXYKR+chu\/LOwNYN6RlnLsgqL\/dhGKwlRVKXw1RA2\/af\/CpqyR7uVP6al1YJo\/YJ+5XJ6zE=",
|
||||
"certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----"
|
||||
}';
|
||||
$this->environmentHelper
|
||||
->expects($this->any())
|
||||
->method('getServerRoot')
|
||||
->will($this->returnValue(\OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithInvalidModifiedContent/'));
|
||||
$this->fileAccessHelper
|
||||
->expects($this->once())
|
||||
->method('file_put_contents')
|
||||
|
|
@ -524,7 +520,7 @@ class CheckerTest extends TestCase {
|
|||
$rsa->loadKey($rsaPrivateKey);
|
||||
$x509 = new X509();
|
||||
$x509->loadX509($keyBundle);
|
||||
$this->checker->writeCoreSignature($x509, $rsa);
|
||||
$this->checker->writeCoreSignature($x509, $rsa, \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithInvalidModifiedContent/');
|
||||
}
|
||||
|
||||
public function testWriteCoreSignatureWithValidModifiedHtaccess() {
|
||||
|
|
@ -554,7 +550,7 @@ class CheckerTest extends TestCase {
|
|||
$rsa->loadKey($rsaPrivateKey);
|
||||
$x509 = new X509();
|
||||
$x509->loadX509($keyBundle);
|
||||
$this->checker->writeCoreSignature($x509, $rsa);
|
||||
$this->checker->writeCoreSignature($x509, $rsa, \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent');
|
||||
}
|
||||
|
||||
public function testVerifyCoreSignatureWithoutSignatureData() {
|
||||
|
|
|
|||
Loading…
Reference in a new issue