wsgi: Catch JSON payload decoding errors.

362a3f7a · Vincent Pelletier · d1fbca1f · 362a3f7a · 362a3f7a · 362a3f7a
Commit 362a3f7a authored Oct 21, 2017 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 3 deletions

caucase/exceptions.py caucase/exceptions.py +4 -0

caucase/test.py caucase/test.py +7 -0

caucase/utils.py caucase/utils.py +12 -3

caucase/wsgi.py caucase/wsgi.py +2 -0

No files found.
--- a/caucase/exceptions.py
+++ b/caucase/exceptions.py
@@ -42,3 +42,7 @@ class CertificateVerificationError(CertificateAuthorityException):
 class NotACertificateSigningRequest(CertificateAuthorityException):
  """Provided value is not a certificate signing request"""
  pass
+
+class NotJSON(CertificateAuthorityException):
+  """Provided value does not decode properly as JSON"""
+  pass
--- a/caucase/test.py
+++ b/caucase/test.py
@@ -1175,6 +1175,7 @@ class CaucaseTest(unittest.TestCase):
      """
      Mock CAU.
      """
+      digest_list = ['sha256']
      def getCACertificateList(self):
        """
        Return cau ca list.
@@ -1319,6 +1320,12 @@ class CaucaseTest(unittest.TestCase):
      'CONTENT_TYPE': 'application/json',
      'wsgi.input': StringIO('{"digest": null}'),
    })[0], UNAUTHORISED_STATUS)
+    self.assertEqual(request({
+      'PATH_INFO': '/cau/crt/revoke',
+      'REQUEST_METHOD': 'PUT',
+      'CONTENT_TYPE': 'application/json',
+      'wsgi.input': StringIO('{"digest":"sha256","payload":""}'),
+    })[0], 400)
    self.assertEqual(request({
      'PATH_INFO': '/cau/crt/revoke',
      'REQUEST_METHOD': 'PUT',

--- a/caucase/utils.py
+++ b/caucase/utils.py
@@ -33,7 +33,10 @@ from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography.hazmat.primitives.asymmetric import padding
 import cryptography.exceptions
 import pem
-from .exceptions import CertificateVerificationError
+from .exceptions import (
+  CertificateVerificationError,
+  NotJSON,
+)

 DEFAULT_DIGEST_LIST = ('sha256', 'sha384', 'sha512')
 DEFAULT_DIGEST = DEFAULT_DIGEST_LIST[0]
@@ -262,7 +265,10 @@ def unwrap(wrapped, getCertificate, digest_list):
      '%r is not in allowed digest list',
    )
  hash_class = getattr(hashes, digest.upper())
-  payload = json.loads(wrapped['payload'])
+  try:
+    payload = json.loads(wrapped['payload'])
+  except ValueError:
+    raise NotJSON
  x509.load_pem_x509_certificate(
    getCertificate(payload).encode('ascii'),
    _cryptography_backend,
@@ -283,7 +289,10 @@ def nullUnwrap(wrapped):
  an authenticated user (and hence over a secure channel, HTTPS).
  """
  assert wrapped['digest'] is None
-  return json.loads(wrapped['payload'])
+  try:
+    return json.loads(wrapped['payload'])
+  except ValueError:
+    raise NotJSON

 def load_ca_certificate(data):
  """

--- a/caucase/wsgi.py
+++ b/caucase/wsgi.py
@@ -169,6 +169,8 @@ class Application(object):
        raise Conflict
      except exceptions.NoStorage:
        raise InsufficientStorage
+      except exceptions.NotJSON:
+        raise BadRequest('Invalid json payload')
      except exceptions.CertificateAuthorityException, e:
        raise BadRequest(str(e))
      except Exception: