From 98cf41e514be7e25e33310694575d613da0573f9 Mon Sep 17 00:00:00 2001 From: Alexander Erm Date: Sat, 7 Nov 2015 03:07:15 -0500 Subject: [PATCH] Applied fixes from StyleCI --- src/XmlSecLibs/XMLSecEnc.php | 183 ++++++------ src/XmlSecLibs/XMLSecurityDSig.php | 365 +++++++++++------------ src/XmlSecLibs/XMLSecurityKey.php | 206 +++++++------ tests/XmlSecLibs/XMLSecurityKeyTest.php | 29 +- tests/XmlSecLibs/XmlSecEncTest.php | 114 ++++--- tests/XmlSecLibs/XmlSecurityDsigTest.php | 114 ++++--- tests/bootstrap.php | 7 +- 7 files changed, 492 insertions(+), 526 deletions(-) diff --git a/src/XmlSecLibs/XMLSecEnc.php b/src/XmlSecLibs/XMLSecEnc.php index 7b52ccb3..0f3162ea 100644 --- a/src/XmlSecLibs/XMLSecEnc.php +++ b/src/XmlSecLibs/XMLSecEnc.php @@ -1,6 +1,6 @@ . * All rights reserved. @@ -37,9 +37,9 @@ * @author Robert Richards * @copyright 2007-2013 Robert Richards * @license http://www.opensource.org/licenses/bsd-license.php BSD License + * * @version 1.3.2-dev */ - namespace XmlSecLibs; use DOMDocument; @@ -48,10 +48,8 @@ use DOMXPath; use Exception; - /** - * Class XMLSecEnc - * @package XmlSecLibs + * Class XMLSecEnc. */ class XMLSecEnc { @@ -100,8 +98,7 @@ class XMLSecEnc /** * @var array */ - private $references = array(); - + private $references = []; public function __construct() { @@ -114,7 +111,7 @@ public function __construct() private function _resetTemplate() { $this->encdoc = new DOMDocument(); - $this->encdoc->loadXML(XMLSecEnc::template); + $this->encdoc->loadXML(self::template); } /** @@ -126,7 +123,7 @@ private function _resetTemplate() */ public function addReference($name, DOMNode $node, $type) { - if (!$node instanceOf DOMNode) { + if (!$node instanceof DOMNode) { throw new Exception('$node is not of type DOMNode'); } $curencdoc = $this->encdoc; @@ -135,8 +132,8 @@ public function addReference($name, DOMNode $node, $type) $this->encdoc = $curencdoc; $refuri = XMLSecurityDSig::generate_GUID(); $element = $encdoc->documentElement; - $element->setAttribute("Id", $refuri); - $this->references[ $name ] = array("node" => $node, "type" => $type, "encnode" => $encdoc, "refuri" => $refuri); + $element->setAttribute('Id', $refuri); + $this->references[ $name ] = ['node' => $node, 'type' => $type, 'encnode' => $encdoc, 'refuri' => $refuri]; } /** @@ -150,16 +147,17 @@ public function setNode(DOMElement $node) /** * Encrypt the selected node with the given key. * - * @param XMLSecurityKey $objKey The encryption key and algorithm. - * @param bool $replace Whether the encrypted node should be replaced in the original tree. Default is TRUE. + * @param XMLSecurityKey $objKey The encryption key and algorithm. + * @param bool $replace Whether the encrypted node should be replaced in the original tree. Default is TRUE. * - * @return DOMElement The -element. * @throws Exception + * + * @return DOMElement The -element. */ public function encryptNode(XMLSecurityKey $objKey, $replace = true) { $data = ''; - if (empty( $this->rawNode )) { + if (empty($this->rawNode)) { throw new Exception('Node to encrypt has not been set'); } if (!$objKey instanceof XMLSecurityKey) { @@ -173,22 +171,22 @@ public function encryptNode(XMLSecurityKey $objKey, $replace = true) throw new Exception('Error locating CipherValue element within template'); } switch ($this->type) { - case ( XMLSecEnc::Element ): + case (self::Element): $data = $doc->saveXML($this->rawNode); - $this->encdoc->documentElement->setAttribute('Type', XMLSecEnc::Element); + $this->encdoc->documentElement->setAttribute('Type', self::Element); break; - case ( XMLSecEnc::Content ): + case (self::Content): $children = $this->rawNode->childNodes; - foreach ($children AS $child) { + foreach ($children as $child) { $data .= $doc->saveXML($child); } - $this->encdoc->documentElement->setAttribute('Type', XMLSecEnc::Content); + $this->encdoc->documentElement->setAttribute('Type', self::Content); break; default: throw new Exception('Type is currently not supported'); } /** @var DOMElement $encMethod */ - $encMethod = $this->encdoc->documentElement->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:EncryptionMethod')); + $encMethod = $this->encdoc->documentElement->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptionMethod')); $encMethod->setAttribute('Algorithm', $objKey->getAlgorith()); $cipherValue->parentNode->parentNode->insertBefore($encMethod, $cipherValue->parentNode->parentNode->firstChild); @@ -198,7 +196,7 @@ public function encryptNode(XMLSecurityKey $objKey, $replace = true) if ($replace) { switch ($this->type) { - case ( XMLSecEnc::Element ): + case (self::Element): if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { return $this->encdoc; } @@ -206,7 +204,7 @@ public function encryptNode(XMLSecurityKey $objKey, $replace = true) $this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode); return $importEnc; - case ( XMLSecEnc::Content ): + case (self::Content): $importEnc = $this->rawNode->ownerDocument->importNode($this->encdoc->documentElement, true); while ($this->rawNode->firstChild) { $this->rawNode->removeChild($this->rawNode->firstChild); @@ -229,13 +227,13 @@ public function encryptReferences($objKey) { $curRawNode = $this->rawNode; $curType = $this->type; - foreach ($this->references AS $name => $reference) { - $this->encdoc = $reference["encnode"]; - $this->rawNode = $reference["node"]; - $this->type = $reference["type"]; + foreach ($this->references as $name => $reference) { + $this->encdoc = $reference['encnode']; + $this->rawNode = $reference['node']; + $this->type = $reference['type']; try { $encNode = $this->encryptNode($objKey); - $this->references[ $name ]["encnode"] = $encNode; + $this->references[ $name ]['encnode'] = $encNode; } catch (Exception $e) { $this->rawNode = $curRawNode; $this->type = $curType; @@ -248,25 +246,27 @@ public function encryptReferences($objKey) /** * Retrieve the CipherValue text from this encrypted node. - * @return string|NULL The Ciphervalue text, or NULL if no CipherValue is found. + * * @throws Exception + * + * @return string|null The Ciphervalue text, or NULL if no CipherValue is found. */ public function getCipherValue() { - if (empty( $this->rawNode )) { + if (empty($this->rawNode)) { throw new Exception('Node to decrypt has not been set'); } $doc = $this->rawNode->ownerDocument; $xPath = new DOMXPath($doc); - $xPath->registerNamespace('xmlencr', XMLSecEnc::XMLENCNS); + $xPath->registerNamespace('xmlencr', self::XMLENCNS); /* Only handles embedded content right now and not a reference */ - $query = "./xmlencr:CipherData/xmlencr:CipherValue"; + $query = './xmlencr:CipherData/xmlencr:CipherValue'; $nodeset = $xPath->query($query, $this->rawNode); $node = $nodeset->item(0); if (!$node) { - return null; + return; } return base64_decode($node->nodeValue); @@ -286,8 +286,9 @@ public function getCipherValue() * @param $objKey * @param bool $replace * - * @return DOMElement|string The decrypted data. * @throws Exception + * + * @return DOMElement|string The decrypted data. */ public function decryptNode(XMLSecurityKey $objKey, $replace = true) { @@ -300,7 +301,7 @@ public function decryptNode(XMLSecurityKey $objKey, $replace = true) $decrypted = $objKey->decryptData($encryptedData); if ($replace) { switch ($this->type) { - case ( XMLSecEnc::Element ): + case (self::Element): $newdoc = new DOMDocument(); $newdoc->loadXML($decrypted); if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { @@ -311,11 +312,10 @@ public function decryptNode(XMLSecurityKey $objKey, $replace = true) return $importEnc; break; - case ( XMLSecEnc::Content ): + case (self::Content): if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { $doc = $this->rawNode; - } - else { + } else { $doc = $this->rawNode->ownerDocument; } $newFrag = $doc->createDocumentFragment(); @@ -328,13 +328,11 @@ public function decryptNode(XMLSecurityKey $objKey, $replace = true) default: return $decrypted; } - } - else { + } else { return $decrypted; } - } - else { - throw new \Exception("Cannot locate encrypted data"); + } else { + throw new \Exception('Cannot locate encrypted data'); } } @@ -347,35 +345,34 @@ public function decryptNode(XMLSecurityKey $objKey, $replace = true) */ public function encryptKey($srcKey, $rawKey, $append = true) { - if (( !$srcKey instanceof XMLSecurityKey ) || ( !$rawKey instanceof XMLSecurityKey )) { + if ((!$srcKey instanceof XMLSecurityKey) || (!$rawKey instanceof XMLSecurityKey)) { throw new Exception('Invalid Key'); } $strEncKey = base64_encode($srcKey->encryptData($rawKey->key)); $root = $this->encdoc->documentElement; - $encKey = $this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:EncryptedKey'); + $encKey = $this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptedKey'); if ($append) { $keyInfo = $root->insertBefore($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'), $root->firstChild); $keyInfo->appendChild($encKey); - } - else { + } else { $this->encKey = $encKey; } /** @var DOMElement $encMethod */ - $encMethod = $encKey->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:EncryptionMethod')); + $encMethod = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptionMethod')); $encMethod->setAttribute('Algorithm', $srcKey->getAlgorith()); - if (!empty( $srcKey->name )) { + if (!empty($srcKey->name)) { $keyInfo = $encKey->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo')); $keyInfo->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyName', $srcKey->name)); } - $cipherData = $encKey->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:CipherData')); - $cipherData->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:CipherValue', $strEncKey)); + $cipherData = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:CipherData')); + $cipherData->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:CipherValue', $strEncKey)); if (is_array($this->references) && count($this->references) > 0) { - $refList = $encKey->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:ReferenceList')); - foreach ($this->references AS $name => $reference) { - $refuri = $reference["refuri"]; + $refList = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:ReferenceList')); + foreach ($this->references as $name => $reference) { + $refuri = $reference['refuri']; /** @var DOMElement $dataRef */ - $dataRef = $refList->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:DataReference')); - $dataRef->setAttribute("URI", '#' . $refuri); + $dataRef = $refList->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:DataReference')); + $dataRef->setAttribute('URI', '#'.$refuri); } } @@ -385,16 +382,17 @@ public function encryptKey($srcKey, $rawKey, $append = true) /** * @param $encKey * - * @return DOMElement|string * @throws Exception + * + * @return DOMElement|string */ public function decryptKey($encKey) { if (!$encKey->isEncrypted) { - throw new Exception("Key is not Encrypted"); + throw new Exception('Key is not Encrypted'); } - if (empty( $encKey->key )) { - throw new Exception("Key is missing data to perform the decryption"); + if (empty($encKey->key)) { + throw new Exception('Key is missing data to perform the decryption'); } return $this->decryptNode($encKey, false); @@ -409,19 +407,18 @@ public function locateEncryptedData($element) { if ($element instanceof DOMDocument) { $doc = $element; - } - else { + } else { $doc = $element->ownerDocument; } if ($doc) { $xpath = new DOMXPath($doc); - $query = "//*[local-name()='EncryptedData' and namespace-uri()='" . XMLSecEnc::XMLENCNS . "']"; + $query = "//*[local-name()='EncryptedData' and namespace-uri()='".self::XMLENCNS."']"; $nodeset = $xpath->query($query); return $nodeset->item(0); } - return null; + return; } /** @@ -431,54 +428,55 @@ public function locateEncryptedData($element) */ public function locateKey($node = null) { - if (empty( $node )) { + if (empty($node)) { $node = $this->rawNode; } if (!$node instanceof DOMNode) { - return null; + return; } if ($doc = $node->ownerDocument) { $xpath = new DOMXPath($doc); - $xpath->registerNamespace('xmlsecenc', XMLSecEnc::XMLENCNS); - $query = ".//xmlsecenc:EncryptionMethod"; + $xpath->registerNamespace('xmlsecenc', self::XMLENCNS); + $query = './/xmlsecenc:EncryptionMethod'; $nodeset = $xpath->query($query, $node); /** @var DOMElement $encmeth */ if ($encmeth = $nodeset->item(0)) { - $attrAlgorithm = $encmeth->getAttribute("Algorithm"); + $attrAlgorithm = $encmeth->getAttribute('Algorithm'); try { - $objKey = new XMLSecurityKey($attrAlgorithm, array('type' => 'private')); + $objKey = new XMLSecurityKey($attrAlgorithm, ['type' => 'private']); } catch (Exception $e) { - return null; + return; } return $objKey; } } - return null; + return; } /** * @param XMLSecurityKey|null $objBaseKey - * @param DOMNode|null $node + * @param DOMNode|null $node * - * @return null|XMLSecurityKey * @throws Exception + * + * @return null|XMLSecurityKey */ - static function staticLocateKeyInfo(XMLSecurityKey $objBaseKey = null, DOMNode $node = null) + public static function staticLocateKeyInfo(XMLSecurityKey $objBaseKey = null, DOMNode $node = null) { - if (empty( $node ) || ( !$node instanceof DOMNode )) { - return null; + if (empty($node) || (!$node instanceof DOMNode)) { + return; } $doc = $node->ownerDocument; if (!$doc) { - return null; + return; } $xpath = new DOMXPath($doc); - $xpath->registerNamespace('xmlsecenc', XMLSecEnc::XMLENCNS); + $xpath->registerNamespace('xmlsecenc', self::XMLENCNS); $xpath->registerNamespace('xmlsecdsig', XMLSecurityDSig::XMLDSIGNS); - $query = "./xmlsecdsig:KeyInfo"; + $query = './xmlsecdsig:KeyInfo'; $nodeset = $xpath->query($query, $node); $encmeth = $nodeset->item(0); if (!$encmeth) { @@ -486,19 +484,19 @@ static function staticLocateKeyInfo(XMLSecurityKey $objBaseKey = null, DOMNode $ return $objBaseKey; } /** @var DOMElement $child */ - foreach ($encmeth->childNodes AS $child) { + foreach ($encmeth->childNodes as $child) { switch ($child->localName) { case 'KeyName': - if (!empty( $objBaseKey )) { + if (!empty($objBaseKey)) { $objBaseKey->name = $child->nodeValue; } break; case 'KeyValue': /** @var DOMElement $keyval */ - foreach ($child->childNodes AS $keyval) { + foreach ($child->childNodes as $keyval) { switch ($keyval->localName) { case 'DSAKeyValue': - throw new Exception("DSAKeyValue currently not supported"); + throw new Exception('DSAKeyValue currently not supported'); break; case 'RSAKeyValue': $modulus = null; @@ -509,8 +507,8 @@ static function staticLocateKeyInfo(XMLSecurityKey $objBaseKey = null, DOMNode $ if ($exponentNode = $keyval->getElementsByTagName('Exponent')->item(0)) { $exponent = base64_decode($exponentNode->nodeValue); } - if (empty( $modulus ) || empty( $exponent )) { - throw new Exception("Missing Modulus or Exponent"); + if (empty($modulus) || empty($exponent)) { + throw new Exception('Missing Modulus or Exponent'); } $publicKey = XMLSecurityKey::convertRSA($modulus, $exponent); $objBaseKey->loadKey($publicKey); @@ -545,8 +543,8 @@ static function staticLocateKeyInfo(XMLSecurityKey $objBaseKey = null, DOMNode $ if ($x509certNodes = $child->getElementsByTagName('X509Certificate')) { if ($x509certNodes->length > 0) { $x509cert = $x509certNodes->item(0)->textContent; - $x509cert = str_replace(array("\r", "\n"), "", $x509cert); - $x509cert = "-----BEGIN CERTIFICATE-----\n" . chunk_split($x509cert, 64, "\n") . "-----END CERTIFICATE-----\n"; + $x509cert = str_replace(["\r", "\n"], '', $x509cert); + $x509cert = "-----BEGIN CERTIFICATE-----\n".chunk_split($x509cert, 64, "\n")."-----END CERTIFICATE-----\n"; $objBaseKey->loadKey($x509cert, false, true); } } @@ -561,15 +559,16 @@ static function staticLocateKeyInfo(XMLSecurityKey $objBaseKey = null, DOMNode $ * @param null $objBaseKey * @param null $node * - * @return null|XMLSecurityKey * @throws Exception + * + * @return null|XMLSecurityKey */ public function locateKeyInfo($objBaseKey = null, $node = null) { - if (empty( $node )) { + if (empty($node)) { $node = $this->rawNode; } - return XMLSecEnc::staticLocateKeyInfo($objBaseKey, $node); + return self::staticLocateKeyInfo($objBaseKey, $node); } -} \ No newline at end of file +} diff --git a/src/XmlSecLibs/XMLSecurityDSig.php b/src/XmlSecLibs/XMLSecurityDSig.php index d932125e..17cf5318 100644 --- a/src/XmlSecLibs/XMLSecurityDSig.php +++ b/src/XmlSecLibs/XMLSecurityDSig.php @@ -1,6 +1,6 @@ . * All rights reserved. @@ -37,9 +37,9 @@ * @author Robert Richards * @copyright 2007-2015 Robert Richards * @license http://www.opensource.org/licenses/bsd-license.php BSD License + * * @version 1.3.2-dev */ - namespace XmlSecLibs; use DOMDocument; @@ -49,22 +49,21 @@ use Exception; /** - * Class XMLSecurityDSig - * @package XmlSecLibs + * Class XMLSecurityDSig. */ class XMLSecurityDSig { - const XMLDSIGNS = 'http://www.w3.org/2000/09/xmldsig#'; - const SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1'; - const SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#sha384'; - const SHA256 = 'http://www.w3.org/2001/04/xmlenc#sha256'; - const SHA512 = 'http://www.w3.org/2001/04/xmlenc#sha512'; - const RIPEMD160 = 'http://www.w3.org/2001/04/xmlenc#ripemd160'; - const C14N = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; - const C14N_COMMENTS = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments'; - const EXC_C14N = 'http://www.w3.org/2001/10/xml-exc-c14n#'; + const XMLDSIGNS = 'http://www.w3.org/2000/09/xmldsig#'; + const SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1'; + const SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#sha384'; + const SHA256 = 'http://www.w3.org/2001/04/xmlenc#sha256'; + const SHA512 = 'http://www.w3.org/2001/04/xmlenc#sha512'; + const RIPEMD160 = 'http://www.w3.org/2001/04/xmlenc#ripemd160'; + const C14N = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; + const C14N_COMMENTS = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments'; + const EXC_C14N = 'http://www.w3.org/2001/10/xml-exc-c14n#'; const EXC_C14N_COMMENTS = 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments'; - const template = ' + const template = ' @@ -77,11 +76,11 @@ class XMLSecurityDSig /** * @var array */ - public $idKeys = array(); + public $idKeys = []; /** * @var array */ - public $idNS = array(); + public $idNS = []; /** * @var null */ @@ -115,11 +114,10 @@ class XMLSecurityDSig public function __construct() { $sigdoc = new DOMDocument(); - $sigdoc->loadXML(XMLSecurityDSig::template); + $sigdoc->loadXML(self::template); $this->sigNode = $sigdoc->documentElement; } - /** * */ @@ -133,9 +131,9 @@ private function resetXPathObj() */ private function getXPathObj() { - if (empty( $this->xPathCtx ) && !empty( $this->sigNode )) { + if (empty($this->xPathCtx) && !empty($this->sigNode)) { $xpath = new DOMXPath($this->sigNode->ownerDocument); - $xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); + $xpath->registerNamespace('secdsig', self::XMLDSIGNS); $this->xPathCtx = $xpath; } @@ -147,13 +145,13 @@ private function getXPathObj() * * @return string */ - static function generate_GUID($prefix = 'pfx') + public static function generate_GUID($prefix = 'pfx') { $uuid = md5(uniqid(rand(), true)); - $guid = $prefix . substr($uuid, 0, 8) . "-" . - substr($uuid, 8, 4) . "-" . - substr($uuid, 12, 4) . "-" . - substr($uuid, 16, 4) . "-" . + $guid = $prefix.substr($uuid, 0, 8).'-'. + substr($uuid, 8, 4).'-'. + substr($uuid, 12, 4).'-'. + substr($uuid, 16, 4).'-'. substr($uuid, 20, 12); return $guid; @@ -168,21 +166,20 @@ public function locateSignature($objDoc) { if ($objDoc instanceof DOMDocument) { $doc = $objDoc; - } - else { + } else { $doc = $objDoc->ownerDocument; } if ($doc) { $xpath = new DOMXPath($doc); - $xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); - $query = ".//secdsig:Signature"; + $xpath->registerNamespace('secdsig', self::XMLDSIGNS); + $query = './/secdsig:Signature'; $nodeset = $xpath->query($query, $objDoc); $this->sigNode = $nodeset->item(0); return $this->sigNode; } - return null; + return; } /** @@ -195,10 +192,9 @@ public function createNewSignNode($name, $value = null) { $doc = $this->sigNode->ownerDocument; if (!is_null($value)) { - $node = $doc->createElementNS(XMLSecurityDSig::XMLDSIGNS, $this->prefix . ':' . $name, $value); - } - else { - $node = $doc->createElementNS(XMLSecurityDSig::XMLDSIGNS, $this->prefix . ':' . $name); + $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.':'.$name, $value); + } else { + $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.':'.$name); } return $node; @@ -222,12 +218,12 @@ public function setCanonicalMethod($method) throw new Exception('Invalid Canonical Method'); } if ($xpath = $this->getXPathObj()) { - $query = './' . $this->searchpfx . ':SignedInfo'; + $query = './'.$this->searchpfx.':SignedInfo'; $nodeset = $xpath->query($query, $this->sigNode); if ($sinfo = $nodeset->item(0)) { - $query = './' . $this->searchpfx . 'CanonicalizationMethod'; + $query = './'.$this->searchpfx.'CanonicalizationMethod'; $nodeset = $xpath->query($query, $sinfo); - if (!( $canonNode = $nodeset->item(0) )) { + if (!($canonNode = $nodeset->item(0))) { $canonNode = $this->createNewSignNode('CanonicalizationMethod'); $sinfo->insertBefore($canonNode, $sinfo->firstChild); } @@ -296,10 +292,10 @@ public function canonicalizeSignedInfo() $canonicalMethod = null; if ($doc) { $xpath = $this->getXPathObj(); - $query = "./secdsig:SignedInfo"; + $query = './secdsig:SignedInfo'; $nodeset = $xpath->query($query, $this->sigNode); if ($signInfoNode = $nodeset->item(0)) { - $query = "./secdsig:CanonicalizationMethod"; + $query = './secdsig:CanonicalizationMethod'; $nodeset = $xpath->query($query, $signInfoNode); /** @var DOMElement $canonNode */ if ($canonNode = $nodeset->item(0)) { @@ -311,32 +307,33 @@ public function canonicalizeSignedInfo() } } - return null; + return; } /** * @param $digestAlgorithm * @param $data * - * @return string * @throws Exception + * + * @return string */ public function calculateDigest($digestAlgorithm, $data) { switch ($digestAlgorithm) { - case XMLSecurityDSig::SHA1: + case self::SHA1: $alg = 'sha1'; break; - case XMLSecurityDSig::SHA256: + case self::SHA256: $alg = 'sha256'; break; - case XMLSecurityDSig::SHA384: + case self::SHA384: $alg = 'sha384'; break; - case XMLSecurityDSig::SHA512: + case self::SHA512: $alg = 'sha512'; break; - case XMLSecurityDSig::RIPEMD160: + case self::RIPEMD160: $alg = 'ripemd160'; break; default: @@ -344,16 +341,13 @@ public function calculateDigest($digestAlgorithm, $data) } if (function_exists('hash')) { return base64_encode(hash($alg, $data, true)); - } - elseif (function_exists('mhash')) { - $alg = "MHASH_" . strtoupper($alg); + } elseif (function_exists('mhash')) { + $alg = 'MHASH_'.strtoupper($alg); return base64_encode(mhash(constant($alg), $data)); - } - elseif ($alg === 'sha1') { + } elseif ($alg === 'sha1') { return base64_encode(sha1($data, true)); - } - else { + } else { throw new Exception('xmlseclibs is unable to calculate a digest. Maybe you need the mhash library?'); } } @@ -362,20 +356,21 @@ public function calculateDigest($digestAlgorithm, $data) * @param $refNode * @param $data * - * @return bool * @throws Exception + * + * @return bool */ public function validateDigest($refNode, $data) { $xpath = new DOMXPath($refNode->ownerDocument); - $xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); + $xpath->registerNamespace('secdsig', self::XMLDSIGNS); $query = 'string(./secdsig:DigestMethod/@Algorithm)'; $digestAlgorithm = $xpath->evaluate($query, $refNode); $digValue = $this->calculateDigest($digestAlgorithm, $data); $query = 'string(./secdsig:DigestValue)'; $digestValue = $xpath->evaluate($query, $refNode); - return ( $digValue == $digestValue ); + return ($digValue == $digestValue); } /** @@ -389,15 +384,15 @@ public function processTransforms($refNode, $objData, $includeCommentNodes = tru { $data = $objData; $xpath = new DOMXPath($refNode->ownerDocument); - $xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); + $xpath->registerNamespace('secdsig', self::XMLDSIGNS); $query = './secdsig:Transforms/secdsig:Transform'; $nodelist = $xpath->query($query, $refNode); $canonicalMethod = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; $arXPath = null; $prefixList = null; /** @var DomElement $transform */ - foreach ($nodelist AS $transform) { - $algorithm = $transform->getAttribute("Algorithm"); + foreach ($nodelist as $transform) { + $algorithm = $transform->getAttribute('Algorithm'); switch ($algorithm) { case 'http://www.w3.org/2001/10/xml-exc-c14n#': case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments': @@ -407,8 +402,7 @@ public function processTransforms($refNode, $objData, $includeCommentNodes = tru * without comments. */ $canonicalMethod = 'http://www.w3.org/2001/10/xml-exc-c14n#'; - } - else { + } else { $canonicalMethod = $algorithm; } @@ -416,11 +410,11 @@ public function processTransforms($refNode, $objData, $includeCommentNodes = tru while ($node) { if ($node->localName == 'InclusiveNamespaces') { if ($pfx = $node->getAttribute('PrefixList')) { - $arpfx = array(); - $pfxlist = explode(" ", $pfx); - foreach ($pfxlist AS $pfx) { + $arpfx = []; + $pfxlist = explode(' ', $pfx); + foreach ($pfxlist as $pfx) { $val = trim($pfx); - if (!empty( $val )) { + if (!empty($val)) { $arpfx[] = $val; } } @@ -440,8 +434,7 @@ public function processTransforms($refNode, $objData, $includeCommentNodes = tru * without comments. */ $canonicalMethod = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; - } - else { + } else { $canonicalMethod = $algorithm; } @@ -450,12 +443,12 @@ public function processTransforms($refNode, $objData, $includeCommentNodes = tru $node = $transform->firstChild; while ($node) { if ($node->localName == 'XPath') { - $arXPath = array(); - $arXPath['query'] = '(.//. | .//@* | .//namespace::*)[' . $node->nodeValue . ']'; - $arXpath['namespaces'] = array(); + $arXPath = []; + $arXPath['query'] = '(.//. | .//@* | .//namespace::*)['.$node->nodeValue.']'; + $arXpath['namespaces'] = []; $nslist = $xpath->query('./namespace::*', $node); - foreach ($nslist AS $nsnode) { - if ($nsnode->localName != "xml") { + foreach ($nslist as $nsnode) { + if ($nsnode->localName != 'xml') { $arXPath['namespaces'][ $nsnode->localName ] = $nsnode->nodeValue; } } @@ -480,7 +473,6 @@ public function processTransforms($refNode, $objData, $includeCommentNodes = tru */ public function processRefNode(DOMElement $refNode) { - $dataObject = null; /* @@ -489,9 +481,9 @@ public function processRefNode(DOMElement $refNode) */ $includeCommentNodes = true; - if ($uri = $refNode->getAttribute("URI")) { + if ($uri = $refNode->getAttribute('URI')) { $arUrl = parse_url($uri); - if (empty( $arUrl['path'] )) { + if (empty($arUrl['path'])) { if ($identifier = $arUrl['fragment']) { /* This reference identifies a node with the given id by using @@ -501,28 +493,25 @@ public function processRefNode(DOMElement $refNode) $xPath = new DOMXPath($refNode->ownerDocument); if ($this->idNS && is_array($this->idNS)) { - foreach ($this->idNS AS $nspf => $ns) { + foreach ($this->idNS as $nspf => $ns) { $xPath->registerNamespace($nspf, $ns); } } - $iDlist = '@Id="' . $identifier . '"'; + $iDlist = '@Id="'.$identifier.'"'; if (is_array($this->idKeys)) { - foreach ($this->idKeys AS $idKey) { + foreach ($this->idKeys as $idKey) { $iDlist .= " or @$idKey='$identifier'"; } } - $query = '//*[' . $iDlist . ']'; + $query = '//*['.$iDlist.']'; $dataObject = $xPath->query($query)->item(0); - } - else { + } else { $dataObject = $refNode->ownerDocument; } - } - else { + } else { $dataObject = file_get_contents($arUrl); } - } - else { + } else { /* This reference identifies the root node with an empty URI. This should * not include comments. */ @@ -537,10 +526,9 @@ public function processRefNode(DOMElement $refNode) if ($dataObject instanceof DOMNode) { /* Add this node to the list of validated nodes. */ - if (!empty( $identifier )) { + if (!empty($identifier)) { $this->validatedNodes[ $identifier ] = $dataObject; - } - else { + } else { $this->validatedNodes[] = $dataObject; } } @@ -555,33 +543,34 @@ public function processRefNode(DOMElement $refNode) */ public function getRefNodeID(DOMElement $refNode) { - if ($uri = $refNode->getAttribute("URI")) { + if ($uri = $refNode->getAttribute('URI')) { $arUrl = parse_url($uri); - if (empty( $arUrl['path'] )) { + if (empty($arUrl['path'])) { if ($identifier = $arUrl['fragment']) { return $identifier; } } } - return null; + return; } /** - * @return array * @throws Exception + * + * @return array */ public function getRefIDs() { - $refids = array(); + $refids = []; $xpath = $this->getXPathObj(); - $query = "./secdsig:SignedInfo/secdsig:Reference"; + $query = './secdsig:SignedInfo/secdsig:Reference'; $nodeset = $xpath->query($query, $this->sigNode); if ($nodeset->length == 0) { - throw new Exception("Reference nodes not found"); + throw new Exception('Reference nodes not found'); } - foreach ($nodeset AS $refNode) { + foreach ($nodeset as $refNode) { $refids[] = $this->getRefNodeID($refNode); } @@ -589,30 +578,31 @@ public function getRefIDs() } /** - * @return bool * @throws Exception + * + * @return bool */ public function validateReference() { $docElem = $this->sigNode->ownerDocument->documentElement; - if (! $docElem->isSameNode($this->sigNode)) { + if (!$docElem->isSameNode($this->sigNode)) { $this->sigNode->parentNode->removeChild($this->sigNode); } $xpath = $this->getXPathObj(); - $query = "./secdsig:SignedInfo/secdsig:Reference"; + $query = './secdsig:SignedInfo/secdsig:Reference'; $nodeset = $xpath->query($query, $this->sigNode); if ($nodeset->length == 0) { - throw new Exception("Reference nodes not found"); + throw new Exception('Reference nodes not found'); } /* Initialize/reset the list of validated nodes. */ - $this->validatedNodes = array(); + $this->validatedNodes = []; - foreach ($nodeset AS $refNode) { + foreach ($nodeset as $refNode) { if (!$this->processRefNode($refNode)) { /* Clear the list of validated nodes. */ $this->validatedNodes = null; - throw new Exception("Reference validation failed"); + throw new Exception('Reference validation failed'); } } @@ -621,7 +611,7 @@ public function validateReference() /** * @param DOMElement $sinfoNode - * @param DOMNode $node + * @param DOMNode $node * @param $algorithm * @param null $arTransforms * @param null $options @@ -637,63 +627,60 @@ private function addRefInternal(DOMElement $sinfoNode, DOMNode $node, $algorithm $force_uri = false; if (is_array($options)) { - $prefix = empty( $options['prefix'] ) ? null : $options['prefix']; - $prefix_ns = empty( $options['prefix_ns'] ) ? null : $options['prefix_ns']; - $id_name = empty( $options['id_name'] ) ? 'Id' : $options['id_name']; - $overwrite_id = !isset( $options['overwrite'] ) ? true : (bool) $options['overwrite']; - $force_uri = !isset( $options['force_uri'] ) ? false : (bool) $options['force_uri']; + $prefix = empty($options['prefix']) ? null : $options['prefix']; + $prefix_ns = empty($options['prefix_ns']) ? null : $options['prefix_ns']; + $id_name = empty($options['id_name']) ? 'Id' : $options['id_name']; + $overwrite_id = !isset($options['overwrite']) ? true : (bool) $options['overwrite']; + $force_uri = !isset($options['force_uri']) ? false : (bool) $options['force_uri']; } $attname = $id_name; - if (!empty( $prefix )) { - $attname = $prefix . ':' . $attname; + if (!empty($prefix)) { + $attname = $prefix.':'.$attname; } $refNode = $this->createNewSignNode('Reference'); $sinfoNode->appendChild($refNode); if (!$node instanceof DOMDocument) { - /** @var DOMElement $node */ + /* @var DOMElement $node */ $uri = null; if (!$overwrite_id) { $uri = $node->getAttributeNS($prefix_ns, $id_name); } - if (empty( $uri )) { - $uri = XMLSecurityDSig::generate_GUID(); + if (empty($uri)) { + $uri = self::generate_GUID(); $node->setAttributeNS($prefix_ns, $attname, $uri); } - $refNode->setAttribute("URI", '#' . $uri); - } - elseif ($force_uri) { - $refNode->setAttribute("URI", ''); + $refNode->setAttribute('URI', '#'.$uri); + } elseif ($force_uri) { + $refNode->setAttribute('URI', ''); } $transNodes = $this->createNewSignNode('Transforms'); $refNode->appendChild($transNodes); if (is_array($arTransforms)) { - foreach ($arTransforms AS $transform) { + foreach ($arTransforms as $transform) { $transNode = $this->createNewSignNode('Transform'); $transNodes->appendChild($transNode); if (is_array($transform) && - ( !empty( $transform['http://www.w3.org/TR/1999/REC-xpath-19991116'] ) ) && - ( !empty( $transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['query'] ) ) + (!empty($transform['http://www.w3.org/TR/1999/REC-xpath-19991116'])) && + (!empty($transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['query'])) ) { $transNode->setAttribute('Algorithm', 'http://www.w3.org/TR/1999/REC-xpath-19991116'); $XPathNode = $this->createNewSignNode('XPath', $transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['query']); $transNode->appendChild($XPathNode); - if (!empty( $transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['namespaces'] )) { - foreach ($transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['namespaces'] AS $prefix => $namespace) { - $XPathNode->setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:$prefix", $namespace); + if (!empty($transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['namespaces'])) { + foreach ($transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['namespaces'] as $prefix => $namespace) { + $XPathNode->setAttributeNS('http://www.w3.org/2000/xmlns/', "xmlns:$prefix", $namespace); } } - } - else { + } else { $transNode->setAttribute('Algorithm', $transform); } } - } - elseif (!empty( $this->canonicalMethod )) { + } elseif (!empty($this->canonicalMethod)) { $transNode = $this->createNewSignNode('Transform'); $transNodes->appendChild($transNode); $transNode->setAttribute('Algorithm', $this->canonicalMethod); @@ -719,7 +706,7 @@ private function addRefInternal(DOMElement $sinfoNode, DOMNode $node, $algorithm public function addReference(DOMDocument $node, $algorithm, $arTransforms = null, $options = null) { if ($xpath = $this->getXPathObj()) { - $query = "./secdsig:SignedInfo"; + $query = './secdsig:SignedInfo'; $nodeset = $xpath->query($query, $this->sigNode); /** @var DOMElement $sInfo */ if ($sInfo = $nodeset->item(0)) { @@ -737,11 +724,11 @@ public function addReference(DOMDocument $node, $algorithm, $arTransforms = null public function addReferenceList($arNodes, $algorithm, $arTransforms = null, $options = null) { if ($xpath = $this->getXPathObj()) { - $query = "./secdsig:SignedInfo"; + $query = './secdsig:SignedInfo'; $nodeset = $xpath->query($query, $this->sigNode); /** @var DOMElement $sInfo */ if ($sInfo = $nodeset->item(0)) { - foreach ($arNodes AS $node) { + foreach ($arNodes as $node) { $this->addRefInternal($sInfo, $node, $algorithm, $arTransforms, $options); } } @@ -759,17 +746,16 @@ public function addObject($data, $mimetype = null, $encoding = null) { $objNode = $this->createNewSignNode('Object'); $this->sigNode->appendChild($objNode); - if (!empty( $mimetype )) { + if (!empty($mimetype)) { $objNode->setAttribute('MimeType', $mimetype); } - if (!empty( $encoding )) { + if (!empty($encoding)) { $objNode->setAttribute('Encoding', $encoding); } if ($data instanceof DOMElement) { $newData = $this->sigNode->ownerDocument->importNode($data, true); - } - else { + } else { $newData = $this->sigNode->ownerDocument->createTextNode($data); } $objNode->appendChild($newData); @@ -784,46 +770,47 @@ public function addObject($data, $mimetype = null, $encoding = null) */ public function locateKey($node = null) { - if (empty( $node )) { + if (empty($node)) { $node = $this->sigNode; } if (!$node instanceof DOMNode) { - return null; + return; } if ($doc = $node->ownerDocument) { $xpath = new DOMXPath($doc); - $xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); - $query = "string(./secdsig:SignedInfo/secdsig:SignatureMethod/@Algorithm)"; + $xpath->registerNamespace('secdsig', self::XMLDSIGNS); + $query = 'string(./secdsig:SignedInfo/secdsig:SignatureMethod/@Algorithm)'; $algorithm = $xpath->evaluate($query, $node); if ($algorithm) { try { - $objKey = new XMLSecurityKey($algorithm, array('type' => 'public')); + $objKey = new XMLSecurityKey($algorithm, ['type' => 'public']); } catch (Exception $e) { - return null; + return; } return $objKey; } } - return null; + return; } /** * @param XMLSecurityKey $objKey * - * @return int * @throws Exception + * + * @return int */ public function verify(XMLSecurityKey $objKey) { $doc = $this->sigNode->ownerDocument; $xpath = new DOMXPath($doc); - $xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); - $query = "string(./secdsig:SignatureValue)"; + $xpath->registerNamespace('secdsig', self::XMLDSIGNS); + $query = 'string(./secdsig:SignatureValue)'; $sigValue = $xpath->evaluate($query, $this->sigNode); - if (empty( $sigValue )) { - throw new Exception("Unable to locate SignatureValue"); + if (empty($sigValue)) { + throw new Exception('Unable to locate SignatureValue'); } return $objKey->verifySignature($this->signedInfo, base64_decode($sigValue)); @@ -833,8 +820,9 @@ public function verify(XMLSecurityKey $objKey) * @param XMLSecurityKey $objKey * @param $data * - * @return mixed * @throws Exception + * + * @return mixed */ public function signData(XMLSecurityKey $objKey, $data) { @@ -843,7 +831,7 @@ public function signData(XMLSecurityKey $objKey, $data) /** * @param XMLSecurityKey $objKey - * @param DOMElement $appendToNode + * @param DOMElement $appendToNode */ public function sign(XMLSecurityKey $objKey, DOMElement $appendToNode = null) { @@ -854,10 +842,10 @@ public function sign(XMLSecurityKey $objKey, DOMElement $appendToNode = null) $this->sigNode = $appendToNode->lastChild; } if ($xpath = $this->getXPathObj()) { - $query = "./secdsig:SignedInfo"; + $query = './secdsig:SignedInfo'; $nodeset = $xpath->query($query, $this->sigNode); if ($sInfo = $nodeset->item(0)) { - $query = "./secdsig:SignatureMethod"; + $query = './secdsig:SignatureMethod'; $nodeset = $xpath->query($query, $sInfo); /** @var DOMElement $sMethod */ $sMethod = $nodeset->item(0); @@ -867,8 +855,7 @@ public function sign(XMLSecurityKey $objKey, DOMElement $appendToNode = null) $sigValueNode = $this->createNewSignNode('SignatureValue', $sigValue); if ($infoSibling = $sInfo->nextSibling) { $infoSibling->parentNode->insertBefore($sigValueNode, $infoSibling); - } - else { + } else { $this->sigNode->appendChild($sigValueNode); } } @@ -877,21 +864,20 @@ public function sign(XMLSecurityKey $objKey, DOMElement $appendToNode = null) /** * @param XMLSecurityKey $objKey - * @param null $parent + * @param null $parent */ public function appendKey(XMLSecurityKey $objKey, $parent = null) { $objKey->serializeKey($parent); } - /** * This function inserts the signature element. * * The signature element will be appended to the element, unless $beforeNode is specified. If $beforeNode * is specified, the signature element will be inserted as the last element before $beforeNode. * - * @param DOMElement $node The node the signature element should be inserted into. + * @param DOMElement $node The node the signature element should be inserted into. * @param DOMElement $beforeNode The node the signature element should be located before. * * @return DOMNode The signature element node @@ -903,15 +889,14 @@ public function insertSignature(DOMElement $node, DOMElement $beforeNode = null) if ($beforeNode == null) { return $node->insertBefore($signatureElement); - } - else { + } else { return $node->insertBefore($signatureElement, $beforeNode); } } /** * @param DOMElement $parentNode - * @param bool $insertBefore + * @param bool $insertBefore * * @return DOMNode */ @@ -928,10 +913,10 @@ public function appendSignature(DOMElement $parentNode, $insertBefore = false) * * @return string */ - static function get509XCert($cert, $isPEMFormat = true) + public static function get509XCert($cert, $isPEMFormat = true) { - $certs = XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat); - if (!empty( $certs )) { + $certs = self::staticGet509XCerts($cert, $isPEMFormat); + if (!empty($certs)) { return $certs[0]; } @@ -944,20 +929,19 @@ static function get509XCert($cert, $isPEMFormat = true) * * @return array */ - static function staticGet509XCerts($certs, $isPEMFormat = true) + public static function staticGet509XCerts($certs, $isPEMFormat = true) { if ($isPEMFormat) { $data = ''; - $certlist = array(); + $certlist = []; $arCert = explode("\n", $certs); $inData = false; - foreach ($arCert AS $curData) { + foreach ($arCert as $curData) { if (!$inData) { if (strncmp($curData, '-----BEGIN CERTIFICATE', 22) == 0) { $inData = true; } - } - else { + } else { if (strncmp($curData, '-----END CERTIFICATE', 20) == 0) { $inData = false; $certlist[] = $data; @@ -969,9 +953,8 @@ static function staticGet509XCerts($certs, $isPEMFormat = true) } return $certlist; - } - else { - return array($certs); + } else { + return [$certs]; } } @@ -985,7 +968,7 @@ static function staticGet509XCerts($certs, $isPEMFormat = true) * * @throws Exception */ - static function staticAdd509Cert($parentRef, $cert, $isPEMFormat = true, $isURL = false, $xpath = null, $options = null) + public static function staticAdd509Cert($parentRef, $cert, $isPEMFormat = true, $isURL = false, $xpath = null, $options = null) { if ($isURL) { $cert = file_get_contents($cert); @@ -995,19 +978,19 @@ static function staticAdd509Cert($parentRef, $cert, $isPEMFormat = true, $isURL } $baseDoc = $parentRef->ownerDocument; - if (empty( $xpath )) { + if (empty($xpath)) { $xpath = new DOMXPath($parentRef->ownerDocument); - $xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); + $xpath->registerNamespace('secdsig', self::XMLDSIGNS); } - $query = "./secdsig:KeyInfo"; + $query = './secdsig:KeyInfo'; $nodeset = $xpath->query($query, $parentRef); $keyInfo = $nodeset->item(0); if (!$keyInfo) { $inserted = false; - $keyInfo = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo'); + $keyInfo = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:KeyInfo'); - $query = "./secdsig:Object"; + $query = './secdsig:Object'; $nodeset = $xpath->query($query, $parentRef); if ($sObject = $nodeset->item(0)) { $sObject->parentNode->insertBefore($keyInfo, $sObject); @@ -1020,15 +1003,15 @@ static function staticAdd509Cert($parentRef, $cert, $isPEMFormat = true, $isURL } // Add all certs if there are more than one - $certs = XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat); + $certs = self::staticGet509XCerts($cert, $isPEMFormat); // Attach X509 data node - $x509DataNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509Data'); + $x509DataNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509Data'); $keyInfo->appendChild($x509DataNode); $issuerSerial = false; if (is_array($options)) { - if (!empty( $options['issuerSerial'] )) { + if (!empty($options['issuerSerial'])) { $issuerSerial = true; } } @@ -1036,31 +1019,29 @@ static function staticAdd509Cert($parentRef, $cert, $isPEMFormat = true, $isURL // Attach all certificate nodes and any additional data foreach ($certs as $X509Cert) { if ($issuerSerial) { - if ($certData = openssl_x509_parse("-----BEGIN CERTIFICATE-----\n" . chunk_split($X509Cert, 64, "\n") . "-----END CERTIFICATE-----\n")) { - if ($issuerSerial && !empty( $certData['issuer'] ) && !empty( $certData['serialNumber'] )) { + if ($certData = openssl_x509_parse("-----BEGIN CERTIFICATE-----\n".chunk_split($X509Cert, 64, "\n")."-----END CERTIFICATE-----\n")) { + if ($issuerSerial && !empty($certData['issuer']) && !empty($certData['serialNumber'])) { if (is_array($certData['issuer'])) { - $parts = array(); - foreach ($certData['issuer'] AS $key => $value) { + $parts = []; + foreach ($certData['issuer'] as $key => $value) { array_unshift($parts, "$key=$value"); } $issuerName = implode(',', $parts); - } - else { + } else { $issuerName = $certData['issuer']; } - $x509IssuerNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509IssuerSerial'); + $x509IssuerNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509IssuerSerial'); $x509DataNode->appendChild($x509IssuerNode); - $x509Node = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509IssuerName', $issuerName); + $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509IssuerName', $issuerName); $x509IssuerNode->appendChild($x509Node); - $x509Node = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509SerialNumber', $certData['serialNumber']); + $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509SerialNumber', $certData['serialNumber']); $x509IssuerNode->appendChild($x509Node); } } - } - $x509CertNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509Certificate', $X509Cert); + $x509CertNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509Certificate', $X509Cert); $x509DataNode->appendChild($x509CertNode); } } @@ -1088,6 +1069,7 @@ public function add509Cert($cert, $isPEMFormat = true, $isURL = false, $options * Returns: * An associative array of validated nodes or NULL if no nodes have been validated. */ + /** * @return null */ @@ -1095,5 +1077,4 @@ public function getValidatedNodes() { return $this->validatedNodes; } - -} \ No newline at end of file +} diff --git a/src/XmlSecLibs/XMLSecurityKey.php b/src/XmlSecLibs/XMLSecurityKey.php index 5225d85a..6d3567c6 100644 --- a/src/XmlSecLibs/XMLSecurityKey.php +++ b/src/XmlSecLibs/XMLSecurityKey.php @@ -1,6 +1,6 @@ . * All rights reserved. @@ -37,9 +37,9 @@ * @author Robert Richards * @copyright 2007-2013 Robert Richards * @license http://www.opensource.org/licenses/bsd-license.php BSD License + * * @version 1.3.2-dev */ - namespace XmlSecLibs; use DOMElement; @@ -47,22 +47,22 @@ class XMLSecurityKey { - const TRIPLEDES_CBC = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'; - const AES128_CBC = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'; - const AES192_CBC = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc'; - const AES256_CBC = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'; - const RSA_1_5 = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; + const TRIPLEDES_CBC = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'; + const AES128_CBC = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'; + const AES192_CBC = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc'; + const AES256_CBC = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'; + const RSA_1_5 = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; const RSA_OAEP_MGF1P = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'; - const DSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1'; - const RSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; - const RSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'; - const RSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'; - const RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'; + const DSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1'; + const RSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; + const RSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'; + const RSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'; + const RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'; /** * @var array */ - private $cryptParams = array(); + private $cryptParams = []; /** * @var int */ @@ -74,7 +74,7 @@ class XMLSecurityKey /** * @var string */ - public $passphrase = ""; + public $passphrase = ''; /** * @var null */ @@ -122,39 +122,39 @@ public function __construct($type, $params = null) { srand(); switch ($type) { - case ( XMLSecurityKey::TRIPLEDES_CBC ): + case (self::TRIPLEDES_CBC): $this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['cipher'] = MCRYPT_TRIPLEDES; $this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'; $this->cryptParams['keysize'] = 24; break; - case ( XMLSecurityKey::AES128_CBC ): + case (self::AES128_CBC): $this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128; $this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'; $this->cryptParams['keysize'] = 16; break; - case ( XMLSecurityKey::AES192_CBC ): + case (self::AES192_CBC): $this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128; $this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc'; $this->cryptParams['keysize'] = 24; break; - case ( XMLSecurityKey::AES256_CBC ): + case (self::AES256_CBC): $this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128; $this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'; $this->cryptParams['keysize'] = 32; break; - case ( XMLSecurityKey::RSA_1_5 ): + case (self::RSA_1_5): $this->cryptParams['library'] = 'openssl'; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; - if (is_array($params) && !empty( $params['type'] )) { + if (is_array($params) && !empty($params['type'])) { if ($params['type'] == 'public' || $params['type'] == 'private') { $this->cryptParams['type'] = $params['type']; break; @@ -162,12 +162,12 @@ public function __construct($type, $params = null) } throw new Exception('Certificate "type" (private/public) must be passed via parameters'); - case ( XMLSecurityKey::RSA_OAEP_MGF1P ): + case (self::RSA_OAEP_MGF1P): $this->cryptParams['library'] = 'openssl'; $this->cryptParams['padding'] = OPENSSL_PKCS1_OAEP_PADDING; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'; $this->cryptParams['hash'] = null; - if (is_array($params) && !empty( $params['type'] )) { + if (is_array($params) && !empty($params['type'])) { if ($params['type'] == 'public' || $params['type'] == 'private') { $this->cryptParams['type'] = $params['type']; break; @@ -175,11 +175,11 @@ public function __construct($type, $params = null) } throw new Exception('Certificate "type" (private/public) must be passed via parameters'); - case ( XMLSecurityKey::RSA_SHA1 ): + case (self::RSA_SHA1): $this->cryptParams['library'] = 'openssl'; $this->cryptParams['method'] = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; - if (is_array($params) && !empty( $params['type'] )) { + if (is_array($params) && !empty($params['type'])) { if ($params['type'] == 'public' || $params['type'] == 'private') { $this->cryptParams['type'] = $params['type']; break; @@ -187,12 +187,12 @@ public function __construct($type, $params = null) } throw new Exception('Certificate "type" (private/public) must be passed via parameters'); break; - case ( XMLSecurityKey::RSA_SHA256 ): + case (self::RSA_SHA256): $this->cryptParams['library'] = 'openssl'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['digest'] = 'SHA256'; - if (is_array($params) && !empty( $params['type'] )) { + if (is_array($params) && !empty($params['type'])) { if ($params['type'] == 'public' || $params['type'] == 'private') { $this->cryptParams['type'] = $params['type']; break; @@ -200,24 +200,24 @@ public function __construct($type, $params = null) } throw new Exception('Certificate "type" (private/public) must be passed via parameters'); break; - case ( XMLSecurityKey::RSA_SHA384 ): + case (self::RSA_SHA384): $this->cryptParams['library'] = 'openssl'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['digest'] = 'SHA384'; - if (is_array($params) && !empty( $params['type'] )) { + if (is_array($params) && !empty($params['type'])) { if ($params['type'] == 'public' || $params['type'] == 'private') { $this->cryptParams['type'] = $params['type']; break; } } break; - case ( XMLSecurityKey::RSA_SHA512 ): + case (self::RSA_SHA512): $this->cryptParams['library'] = 'openssl'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['digest'] = 'SHA512'; - if (is_array($params) && !empty( $params['type'] )) { + if (is_array($params) && !empty($params['type'])) { if ($params['type'] == 'public' || $params['type'] == 'private') { $this->cryptParams['type'] = $params['type']; break; @@ -237,38 +237,38 @@ public function __construct($type, $params = null) * If the key size is unknown, or this isn't a symmetric encryption algorithm, * NULL is returned. * - * @return int|NULL The number of bytes in the key. + * @return int|null The number of bytes in the key. */ public function getSymmetricKeySize() { - if (!isset( $this->cryptParams['keysize'] )) { - return null; + if (!isset($this->cryptParams['keysize'])) { + return; } return $this->cryptParams['keysize']; } /** - * @return string * @throws Exception + * + * @return string */ public function generateSessionKey() { - if (!isset( $this->cryptParams['keysize'] )) { - throw new Exception('Unknown key size for type "' . $this->type . '".'); + if (!isset($this->cryptParams['keysize'])) { + throw new Exception('Unknown key size for type "'.$this->type.'".'); } $keysize = $this->cryptParams['keysize']; if (function_exists('openssl_random_pseudo_bytes')) { /* We have PHP >= 5.3 - use openssl to generate session key. */ $key = openssl_random_pseudo_bytes($keysize); - } - else { + } else { /* Generating random key using iv generation routines */ $key = mcrypt_create_iv($keysize, MCRYPT_RAND); } - if ($this->type === XMLSecurityKey::TRIPLEDES_CBC) { + if ($this->type === self::TRIPLEDES_CBC) { /* Make sure that the generated key has the proper parity bits set. * Mcrypt doesn't care about the parity bits, but others may care. */ @@ -276,7 +276,7 @@ public function generateSessionKey() $byte = ord($key[ $i ]) & 0xfe; $parity = 1; for ($j = 1; $j < 8; $j++) { - $parity ^= ( $byte >> $j ) & 1; + $parity ^= ($byte >> $j) & 1; } $byte |= $parity; $key[ $i ] = chr($byte); @@ -295,18 +295,16 @@ public function generateSessionKey() */ public static function getRawThumbprint($cert) { - $arCert = explode("\n", $cert); $data = ''; $inData = false; - foreach ($arCert AS $curData) { + foreach ($arCert as $curData) { if (!$inData) { if (strncmp($curData, '-----BEGIN CERTIFICATE', 22) == 0) { $inData = true; } - } - else { + } else { if (strncmp($curData, '-----END CERTIFICATE', 20) == 0) { break; } @@ -314,11 +312,11 @@ public static function getRawThumbprint($cert) } } - if (!empty( $data )) { + if (!empty($data)) { return strtolower(sha1(base64_decode($data))); } - return null; + return; } /** @@ -332,8 +330,7 @@ public function loadKey($key, $isFile = false, $isCert = false) { if ($isFile) { $this->key = file_get_contents($key); - } - else { + } else { $this->key = $key; } if ($isCert) { @@ -341,8 +338,7 @@ public function loadKey($key, $isFile = false, $isCert = false) openssl_x509_export($this->key, $str_cert); $this->x509Certificate = $str_cert; $this->key = $str_cert; - } - else { + } else { $this->x509Certificate = null; } if ($this->cryptParams['library'] == 'openssl') { @@ -352,20 +348,18 @@ public function loadKey($key, $isFile = false, $isCert = false) $this->X509Thumbprint = self::getRawThumbprint($this->key); } $this->key = openssl_get_publickey($this->key); - } - else { + } else { $this->key = openssl_get_privatekey($this->key, $this->passphrase); } - } - else if ($this->cryptParams['cipher'] == MCRYPT_RIJNDAEL_128) { + } elseif ($this->cryptParams['cipher'] == MCRYPT_RIJNDAEL_128) { /* Check key length */ switch ($this->type) { - case ( XMLSecurityKey::AES256_CBC ): + case (self::AES256_CBC): if (strlen($this->key) < 25) { throw new Exception('Key must contain at least 25 characters for this cipher'); } break; - case ( XMLSecurityKey::AES192_CBC ): + case (self::AES192_CBC): if (strlen($this->key) < 17) { throw new Exception('Key must contain at least 17 characters for this cipher'); } @@ -386,12 +380,12 @@ private function encryptMcrypt($data) mcrypt_generic_init($td, $this->key, $this->iv); if ($this->cryptParams['mode'] == MCRYPT_MODE_CBC) { $bs = mcrypt_enc_get_block_size($td); - for ($datalen0 = $datalen = strlen($data); ( ( $datalen % $bs ) != ( $bs - 1 ) ); $datalen++) { + for ($datalen0 = $datalen = strlen($data); (($datalen % $bs) != ($bs - 1)); $datalen++) { $data .= chr(rand(1, 127)); } $data .= chr($datalen - $datalen0 + 1); } - $encrypted_data = $this->iv . mcrypt_generic($td, $data); + $encrypted_data = $this->iv.mcrypt_generic($td, $data); mcrypt_generic_deinit($td); mcrypt_module_close($td); @@ -427,8 +421,9 @@ private function decryptMcrypt($data) /** * @param $data * - * @return mixed * @throws Exception + * + * @return mixed */ private function encryptOpenSSL($data) { @@ -436,8 +431,7 @@ private function encryptOpenSSL($data) if (!openssl_public_encrypt($data, $encrypted_data, $this->key, $this->cryptParams['padding'])) { throw new Exception('Failure encrypting Data'); } - } - else { + } else { if (!openssl_private_encrypt($data, $encrypted_data, $this->key, $this->cryptParams['padding'])) { throw new Exception('Failure encrypting Data'); } @@ -449,8 +443,9 @@ private function encryptOpenSSL($data) /** * @param $data * - * @return mixed * @throws Exception + * + * @return mixed */ private function decryptOpenSSL($data) { @@ -458,8 +453,7 @@ private function decryptOpenSSL($data) if (!openssl_public_decrypt($data, $decrypted, $this->key, $this->cryptParams['padding'])) { throw new Exception('Failure decrypting Data'); } - } - else { + } else { if (!openssl_private_decrypt($data, $decrypted, $this->key, $this->cryptParams['padding'])) { throw new Exception('Failure decrypting Data'); } @@ -471,17 +465,18 @@ private function decryptOpenSSL($data) /** * @param $data * - * @return mixed * @throws Exception + * + * @return mixed */ private function signOpenSSL($data) { $algo = OPENSSL_ALGO_SHA1; - if (!empty( $this->cryptParams['digest'] )) { + if (!empty($this->cryptParams['digest'])) { $algo = $this->cryptParams['digest']; } if (!openssl_sign($data, $signature, $this->key, $algo)) { - throw new Exception('Failure Signing Data: ' . openssl_error_string() . ' - ' . $algo); + throw new Exception('Failure Signing Data: '.openssl_error_string().' - '.$algo); } return $signature; @@ -496,7 +491,7 @@ private function signOpenSSL($data) private function verifyOpenSSL($data, $signature) { $algo = OPENSSL_ALGO_SHA1; - if (!empty( $this->cryptParams['digest'] )) { + if (!empty($this->cryptParams['digest'])) { $algo = $this->cryptParams['digest']; } @@ -506,8 +501,9 @@ private function verifyOpenSSL($data, $signature) /** * @param $data * - * @return mixed|string * @throws Exception + * + * @return mixed|string */ public function encryptData($data) { @@ -517,15 +513,16 @@ public function encryptData($data) case 'openssl': return $this->encryptOpenSSL($data); default: - throw new \Exception(sprintf("Encryption library %s is not supported", $this->cryptParams['library'])); + throw new \Exception(sprintf('Encryption library %s is not supported', $this->cryptParams['library'])); } } /** * @param $data * - * @return mixed|string * @throws Exception + * + * @return mixed|string */ public function decryptData($data) { @@ -535,15 +532,16 @@ public function decryptData($data) case 'openssl': return $this->decryptOpenSSL($data); default: - throw new \Exception(sprintf("Encryption library %s is not supported", $this->cryptParams['library'])); + throw new \Exception(sprintf('Encryption library %s is not supported', $this->cryptParams['library'])); } } /** * @param $data * - * @return mixed * @throws Exception + * + * @return mixed */ public function signData($data) { @@ -551,7 +549,7 @@ public function signData($data) case 'openssl': return $this->signOpenSSL($data); default: - throw new \Exception(sprintf("Encryption library %s is not supported", $this->cryptParams['library'])); + throw new \Exception(sprintf('Encryption library %s is not supported', $this->cryptParams['library'])); } } @@ -559,8 +557,9 @@ public function signData($data) * @param $data * @param $signature * - * @return int * @throws Exception + * + * @return int */ public function verifySignature($data, $signature) { @@ -568,7 +567,7 @@ public function verifySignature($data, $signature) case 'openssl': return $this->verifyOpenSSL($data, $signature); default: - throw new \Exception(sprintf("Encryption library %s is not supported", $this->cryptParams['library'])); + throw new \Exception(sprintf('Encryption library %s is not supported', $this->cryptParams['library'])); } } @@ -586,64 +585,62 @@ public function getAlgorith() * * @return null|string */ - static function makeAsnSegment($type, $string) + public static function makeAsnSegment($type, $string) { switch ($type) { case 0x02: if (ord($string) > 0x7f) { - $string = chr(0) . $string; + $string = chr(0).$string; } break; case 0x03: - $string = chr(0) . $string; + $string = chr(0).$string; break; } $length = strlen($string); if ($length < 128) { - $output = sprintf("%c%c%s", $type, $length, $string); - } - else if ($length < 0x0100) { - $output = sprintf("%c%c%c%s", $type, 0x81, $length, $string); - } - else if ($length < 0x010000) { - $output = sprintf("%c%c%c%c%s", $type, 0x82, $length / 0x0100, $length % 0x0100, $string); - } - else { + $output = sprintf('%c%c%s', $type, $length, $string); + } elseif ($length < 0x0100) { + $output = sprintf('%c%c%c%s', $type, 0x81, $length, $string); + } elseif ($length < 0x010000) { + $output = sprintf('%c%c%c%c%s', $type, 0x82, $length / 0x0100, $length % 0x0100, $string); + } else { $output = null; } - return ( $output ); + return ($output); } /* Modulus and Exponent must already be base64 decoded */ + /** * @param $modulus * @param $exponent * * @return string */ - static function convertRSA($modulus, $exponent) + public static function convertRSA($modulus, $exponent) { /* make an ASN publicKeyInfo */ - $exponentEncoding = XMLSecurityKey::makeAsnSegment(0x02, $exponent); - $modulusEncoding = XMLSecurityKey::makeAsnSegment(0x02, $modulus); - $sequenceEncoding = XMLSecurityKey:: makeAsnSegment(0x30, $modulusEncoding . $exponentEncoding); - $bitstringEncoding = XMLSecurityKey::makeAsnSegment(0x03, $sequenceEncoding); - $rsaAlgorithmIdentifier = pack("H*", "300D06092A864886F70D0101010500"); - $publicKeyInfo = XMLSecurityKey::makeAsnSegment(0x30, $rsaAlgorithmIdentifier . $bitstringEncoding); + $exponentEncoding = self::makeAsnSegment(0x02, $exponent); + $modulusEncoding = self::makeAsnSegment(0x02, $modulus); + $sequenceEncoding = self:: makeAsnSegment(0x30, $modulusEncoding.$exponentEncoding); + $bitstringEncoding = self::makeAsnSegment(0x03, $sequenceEncoding); + $rsaAlgorithmIdentifier = pack('H*', '300D06092A864886F70D0101010500'); + $publicKeyInfo = self::makeAsnSegment(0x30, $rsaAlgorithmIdentifier.$bitstringEncoding); /* encode the publicKeyInfo in base64 and add PEM brackets */ $publicKeyInfoBase64 = base64_encode($publicKeyInfo); $encoding = "-----BEGIN PUBLIC KEY-----\n"; $offset = 0; while ($segment = substr($publicKeyInfoBase64, $offset, 64)) { - $encoding = $encoding . $segment . "\n"; + $encoding = $encoding.$segment."\n"; $offset += 64; } - return $encoding . "-----END PUBLIC KEY-----\n"; + return $encoding."-----END PUBLIC KEY-----\n"; } /** @@ -651,10 +648,8 @@ static function convertRSA($modulus, $exponent) */ public function serializeKey($parent) { - } - /** * Retrieve the X509 certificate this key represents. * @@ -674,6 +669,7 @@ public function getX509Certificate() * The thumbprint as a lowercase 40-character hexadecimal number, or NULL * if this isn't a X509 certificate. */ + /** * @return null */ @@ -682,22 +678,21 @@ public function getX509Thumbprint() return $this->X509Thumbprint; } - /** * Create key from an EncryptedKey-element. * * @param DOMElement $element The EncryptedKey-element. * - * @return XMLSecurityKey The new key. * @throws Exception + * + * @return XMLSecurityKey The new key. */ public static function fromEncryptedKeyElement(DOMElement $element) { - $objenc = new XMLSecEnc(); $objenc->setNode($element); if (!$objKey = $objenc->locateKey()) { - throw new Exception("Unable to locate algorithm for this Encrypted Key"); + throw new Exception('Unable to locate algorithm for this Encrypted Key'); } $objKey->isEncrypted = true; $objKey->encryptedCtx = $objenc; @@ -705,5 +700,4 @@ public static function fromEncryptedKeyElement(DOMElement $element) return $objKey; } - -} \ No newline at end of file +} diff --git a/tests/XmlSecLibs/XMLSecurityKeyTest.php b/tests/XmlSecLibs/XMLSecurityKeyTest.php index 835c062a..4cad4aa8 100644 --- a/tests/XmlSecLibs/XMLSecurityKeyTest.php +++ b/tests/XmlSecLibs/XMLSecurityKeyTest.php @@ -1,4 +1,5 @@ generateSessionKey(); - $this->assertEquals($key->key, $k, "Return value does not match generated key."); + $this->assertEquals($key->key, $k, 'Return value does not match generated key.'); - $keysizes = array( + $keysizes = [ XMLSecurityKey::TRIPLEDES_CBC => 24, XMLSecurityKey::AES128_CBC => 16, XMLSecurityKey::AES192_CBC => 24, XMLSecurityKey::AES256_CBC => 32, - ); + ]; foreach ($keysizes as $type => $keysize) { $key = new XMLSecurityKey($type); @@ -22,7 +23,7 @@ public function testGenerateSessionKeyBasics() $this->assertEquals( $keysize, strlen($k), - sprintf("Invalid keysize for key type %s. Was %d, should have been %d.", $type, strlen($k), $keysize) + sprintf('Invalid keysize for key type %s. Was %d, should have been %d.', $type, strlen($k), $keysize) ); } } @@ -48,12 +49,12 @@ public function testGenerateSessionKeyParity() public function symmetricKeySizeProvider() { - return array( - array(XMLSecurityKey::TRIPLEDES_CBC, 24), - array(XMLSecurityKey::AES128_CBC, 16), - array(XMLSecurityKey::AES192_CBC, 24), - array(XMLSecurityKey::AES256_CBC, 32) - ); + return [ + [XMLSecurityKey::TRIPLEDES_CBC, 24], + [XMLSecurityKey::AES128_CBC, 16], + [XMLSecurityKey::AES192_CBC, 24], + [XMLSecurityKey::AES256_CBC, 32], + ]; } /** @@ -66,17 +67,17 @@ public function testGetSymmetricKeySize($keyType, $keySize) $this->assertEquals( $keySize, $size, - sprintf("Invalid keysize for key type %s. Was %d, should have been %d.", $keyType, $size, $keySize) + sprintf('Invalid keysize for key type %s. Was %d, should have been %d.', $keyType, $size, $keySize) ); } public function testThumbPrint() { - $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type' => 'public')); - $siteKey->loadKey(dirname(__FILE__) . '/../mycert.pem', true, true); + $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, ['type' => 'public']); + $siteKey->loadKey(dirname(__FILE__).'/../mycert.pem', true, true); $thumbprint = $siteKey->getX509Thumbprint(); $this->assertEquals('8b600d9155e8e8dfa3c10998f736be086e83ef3b', $thumbprint, "Thumbprint doesn't match"); $this->assertEquals('OGI2MDBkOTE1NWU4ZThkZmEzYzEwOTk4ZjczNmJlMDg2ZTgzZWYzYg==', base64_encode($thumbprint), "Base64 Thumbprint doesn't match"); } -} \ No newline at end of file +} diff --git a/tests/XmlSecLibs/XmlSecEncTest.php b/tests/XmlSecLibs/XmlSecEncTest.php index 9f3f714d..64cf5e25 100644 --- a/tests/XmlSecLibs/XmlSecEncTest.php +++ b/tests/XmlSecLibs/XmlSecEncTest.php @@ -1,9 +1,9 @@ load(dirname(__FILE__) . '/../basic-doc.xml'); + $dom->load(dirname(__FILE__).'/../basic-doc.xml'); $objKey = new XMLSecurityKey(XMLSecurityKey::AES256_CBC); $objKey->generateSessionKey(); - $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type' => 'public')); - $siteKey->loadKey(dirname(__FILE__) . '/../mycert.pem', true, true); + $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, ['type' => 'public']); + $siteKey->loadKey(dirname(__FILE__).'/../mycert.pem', true, true); $enc = new XMLSecEnc(); $enc->setNode($dom->documentElement); @@ -36,16 +36,16 @@ public function testEncryptedDataNodeOrder() $enc->type = XMLSecEnc::Content; $encNode = $enc->encryptNode($objKey); - $nodeOrder = array( + $nodeOrder = [ 'EncryptionMethod', 'KeyInfo', 'CipherData', 'EncryptionProperties', - ); + ]; $prevNode = 0; for ($node = $encNode->firstChild; $node !== null; $node = $node->nextSibling) { - if (!( $node instanceof \DOMElement )) { + if (!($node instanceof \DOMElement)) { /* Skip comment and text nodes. */ continue; } @@ -74,8 +74,7 @@ public function testEncryptedDataNodeOrder() public function testGetCipherData() { $doc = new \DOMDocument(); - $doc->load(dirname(__FILE__) . '/../oaep_sha1-res.xml'); - + $doc->load(dirname(__FILE__).'/../oaep_sha1-res.xml'); $objenc = new XMLSecEnc(); $encData = $objenc->locateEncryptedData($doc); @@ -84,7 +83,6 @@ public function testGetCipherData() $ciphervalue = $objenc->getCipherValue(); $this->assertEquals('e3b188c5a139655d14d3f7a1e6477bc3', md5($ciphervalue)); - $objKey = $objenc->locateKey(); $objKeyInfo = $objenc->locateKeyInfo($objKey); $encryptedKey = $objKeyInfo->encryptedCtx; @@ -99,14 +97,14 @@ public function testGetCipherData() public function testRetrievalMethodFindKey() { $doc = new \DOMDocument(); - $doc->load(dirname(__FILE__) . "/../retrievalmethod-findkey.xml"); + $doc->load(dirname(__FILE__).'/../retrievalmethod-findkey.xml'); $objenc = new XMLSecEnc(); $encData = $objenc->locateEncryptedData($doc); - $this->assertNotEmpty($encData, "Cannot locate Encrypted Data"); + $this->assertNotEmpty($encData, 'Cannot locate Encrypted Data'); $objenc->setNode($encData); - $objenc->type = $encData->getAttribute("Type"); + $objenc->type = $encData->getAttribute('Type'); $objKey = $objenc->locateKey(); $objKeyInfo = $objenc->locateKeyInfo($objKey); @@ -114,29 +112,28 @@ public function testRetrievalMethodFindKey() $this->assertTrue($objKeyInfo->isEncrypted, 'Expected $objKeyInfo to refer to an encrypted key by now.'); } - /** * @return array */ public function decryptFilesProvider() { - return array( - array( + return [ + [ 'AOESP_SHA1', - dirname(__FILE__) . '/../oaep_sha1-res.xml', - dirname(__FILE__) . "/../privkey.pem" - ), - array( + dirname(__FILE__).'/../oaep_sha1-res.xml', + dirname(__FILE__).'/../privkey.pem', + ], + [ 'AOESP_SHA1_CONTENT', - dirname(__FILE__) . '/../oaep_sha1-content-res.xml', - dirname(__FILE__) . "/../privkey.pem" - ) - ); + dirname(__FILE__).'/../oaep_sha1-content-res.xml', + dirname(__FILE__).'/../privkey.pem', + ], + ]; } /** - * * @@dataProvider decryptFilesProvider + * * @throws \Exception */ public function testDecrypt($testName, $testFile, $privKey) @@ -147,12 +144,12 @@ public function testDecrypt($testName, $testFile, $privKey) $objenc = new XMLSecEnc(); $encData = $objenc->locateEncryptedData($doc); - $this->assertInstanceOf('\\DOMElement', $encData, "Cannot locate Encrypted Data"); + $this->assertInstanceOf('\\DOMElement', $encData, 'Cannot locate Encrypted Data'); $objenc->setNode($encData); - $objenc->type = $encData->getAttribute("Type"); + $objenc->type = $encData->getAttribute('Type'); $objKey = $objenc->locateKey(); - $this->assertInstanceOf('\\XmlSecLibs\\XMLSecurityKey', $objKey, "We know the secret key, but not the algorithm"); + $this->assertInstanceOf('\\XmlSecLibs\\XMLSecurityKey', $objKey, 'We know the secret key, but not the algorithm'); $key = null; @@ -164,10 +161,10 @@ public function testDecrypt($testName, $testFile, $privKey) } } - if (!$objKey->key && empty( $key )) { + if (!$objKey->key && empty($key)) { $objKeyInfo->loadKey($privKey, true); } - if (empty( $objKey->key )) { + if (empty($objKey->key)) { $objKey->loadKey($key); } @@ -178,17 +175,15 @@ public function testDecrypt($testName, $testFile, $privKey) if ($decrypt instanceof \DOMNode) { if ($decrypt instanceof \DOMDocument) { $output = $decrypt->saveXML(); - } - else { + } else { $output = $decrypt->ownerDocument->saveXML(); } - } - else { + } else { $output = $decrypt; } } - $outfile = dirname(__FILE__) . "/../basic-doc.xml"; + $outfile = dirname(__FILE__).'/../basic-doc.xml'; $res = null; $this->assertFileExists($outfile); @@ -203,26 +198,25 @@ public function testDecrypt($testName, $testFile, $privKey) */ public function encryptProvider() { - return array( - array(XMLSecEnc::Element, 'EncryptedData'), - array(XMLSecEnc::Content, 'Root') - ); + return [ + [XMLSecEnc::Element, 'EncryptedData'], + [XMLSecEnc::Content, 'Root'], + ]; } /** * @dataProvider encryptProvider - * */ public function testEncrypt($encType, $rootLocalName) { $dom = new \DOMDocument(); - $dom->load(dirname(__FILE__) . '/../basic-doc.xml'); + $dom->load(dirname(__FILE__).'/../basic-doc.xml'); $objKey = new XMLSecurityKey(XMLSecurityKey::AES256_CBC); $objKey->generateSessionKey(); - $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type' => 'public')); - $siteKey->loadKey(dirname(__FILE__) . '/../mycert.pem', true, true); + $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, ['type' => 'public']); + $siteKey->loadKey(dirname(__FILE__).'/../mycert.pem', true, true); $enc = new XMLSecEnc(); $enc->setNode($dom->documentElement); @@ -232,7 +226,7 @@ public function testEncrypt($encType, $rootLocalName) $enc->encryptNode($objKey); $root = $dom->documentElement; - $this->assertEquals($rootLocalName, $root->localName, "Failed to encrypt data"); + $this->assertEquals($rootLocalName, $root->localName, 'Failed to encrypt data'); } /** @@ -241,15 +235,15 @@ public function testEncrypt($encType, $rootLocalName) public function testEncryptNoReplace() { $dom = new \DOMDocument(); - $dom->load(dirname(__FILE__) . '/../basic-doc.xml'); + $dom->load(dirname(__FILE__).'/../basic-doc.xml'); $origData = $dom->saveXML(); $objKey = new XMLSecurityKey(XMLSecurityKey::AES256_CBC); $objKey->generateSessionKey(); - $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type' => 'public')); - $siteKey->loadKey(dirname(__FILE__) . '/../mycert.pem', true, true); + $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, ['type' => 'public']); + $siteKey->loadKey(dirname(__FILE__).'/../mycert.pem', true, true); $enc = new XMLSecEnc(); $enc->setNode($dom->documentElement); @@ -259,7 +253,7 @@ public function testEncryptNoReplace() $encNode = $enc->encryptNode($objKey, false); $newData = $dom->saveXML(); - $this->assertEquals($origData, $newData, "Original data was modified"); + $this->assertEquals($origData, $newData, 'Original data was modified'); $this->assertFalse( $encNode->namespaceURI !== XMLSecEnc::XMLENCNS || $encNode->localName !== 'EncryptedData', "Encrypted node wasn't a -element" @@ -271,11 +265,11 @@ public function testEncryptNoReplace() */ public function verifyProvider() { - return array( + return [ /* [$testName, $testFile] */ - array('SIGN_TEST', dirname(__FILE__) . '/../sign-basic-test.xml'), + ['SIGN_TEST', dirname(__FILE__).'/../sign-basic-test.xml'], // ['SIGN_TEST_RSA_SHA256', dirname(__FILE__) . '/../sign-sha256-rsa-sha256-test.xml'] // There is no such file in tests folder - ); + ]; } /** @@ -292,27 +286,27 @@ public function testVerify($testName, $testFile) $objXMLSecDSig = new XMLSecurityDSig(); $objDSig = $objXMLSecDSig->locateSignature($doc); - $this->assertInstanceOf('\\DOMElement', $objDSig, "Cannot locate Signature Node"); + $this->assertInstanceOf('\\DOMElement', $objDSig, 'Cannot locate Signature Node'); $objXMLSecDSig->canonicalizeSignedInfo(); - $objXMLSecDSig->idKeys = array('wsu:Id'); - $objXMLSecDSig->idNS = array('wsu' => 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'); + $objXMLSecDSig->idKeys = ['wsu:Id']; + $objXMLSecDSig->idNS = ['wsu' => 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd']; $retVal = $objXMLSecDSig->validateReference(); - $this->assertTrue($retVal, "Reference Validation Failed"); + $this->assertTrue($retVal, 'Reference Validation Failed'); $objKey = $objXMLSecDSig->locateKey(); - $this->assertInstanceOf('\\XmlSecLibs\\XMLSecurityKey', $objKey, "We have no idea about the key"); + $this->assertInstanceOf('\\XmlSecLibs\\XMLSecurityKey', $objKey, 'We have no idea about the key'); $key = null; $objKeyInfo = XMLSecEnc::staticLocateKeyInfo($objKey, $objDSig); - if (!$objKeyInfo->key && empty( $key )) { - $objKey->loadKey(dirname(__FILE__) . '/../mycert.pem', true); + if (!$objKeyInfo->key && empty($key)) { + $objKey->loadKey(dirname(__FILE__).'/../mycert.pem', true); } $this->assertEquals(1, $objXMLSecDSig->verify($objKey), "$testName: Signature is invalid"); } -} \ No newline at end of file +} diff --git a/tests/XmlSecLibs/XmlSecurityDsigTest.php b/tests/XmlSecLibs/XmlSecurityDsigTest.php index 18fc6b72..0df12818 100644 --- a/tests/XmlSecLibs/XmlSecurityDsigTest.php +++ b/tests/XmlSecLibs/XmlSecurityDsigTest.php @@ -1,14 +1,15 @@ 12345678" - . "GetUserInfo1317032524ALL" - . "DEVELOPMENTExampleApp 0.1\b" - . "ABCDEFG"; + $xml = '12345678' + .'GetUserInfo1317032524ALL' + ."DEVELOPMENTExampleApp 0.1\b" + .'ABCDEFG'; $doc = new \DOMDocument(); $doc->formatOutput = false; @@ -19,69 +20,68 @@ public function testSignC14Comments() $objDSig->setCanonicalMethod(XMLSecurityDSig::C14N_COMMENTS); - $objDSig->addReference($doc, XMLSecurityDSig::SHA1, array( + $objDSig->addReference($doc, XMLSecurityDSig::SHA1, [ 'http://www.w3.org/2000/09/xmldsig#enveloped-signature', - XMLSecurityDSig::C14N_COMMENTS - )); + XMLSecurityDSig::C14N_COMMENTS, + ]); - $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private')); + $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, ['type' => 'private']); /* load private key */ - $objKey->loadKey(dirname(__FILE__) . '/../privkey.pem', true); + $objKey->loadKey(dirname(__FILE__).'/../privkey.pem', true); $objDSig->sign($objKey, $doc->documentElement); /* Add associated public key */ - $objDSig->add509Cert(file_get_contents(dirname(__FILE__) . '/../mycert.pem')); + $objDSig->add509Cert(file_get_contents(dirname(__FILE__).'/../mycert.pem')); $objDSig->appendSignature($doc->documentElement); $sign_output = $doc->saveXML(); - $sign_output_def = file_get_contents(dirname(__FILE__) . '/../sign-c14-comments.res'); + $sign_output_def = file_get_contents(dirname(__FILE__).'/../sign-c14-comments.res'); $this->assertEquals($sign_output_def, $sign_output, "Signature doesn't match"); } public function testSignEmptyUri() { $doc = new \DOMDocument(); - $doc->load(dirname(__FILE__) . '/../basic-doc.xml'); + $doc->load(dirname(__FILE__).'/../basic-doc.xml'); $objDSig = new XMLSecurityDSig(); $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); - $objDSig->addReference($doc, XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'), array('force_uri' => true)); + $objDSig->addReference($doc, XMLSecurityDSig::SHA1, ['http://www.w3.org/2000/09/xmldsig#enveloped-signature'], ['force_uri' => true]); - $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private')); + $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, ['type' => 'private']); /* load private key */ - $objKey->loadKey(dirname(__FILE__) . '/../privkey.pem', true); + $objKey->loadKey(dirname(__FILE__).'/../privkey.pem', true); /* if key has Passphrase, set it using $objKey->passphrase = " */ - $objDSig->sign($objKey); /* Add associated public key */ - $objDSig->add509Cert(file_get_contents(dirname(__FILE__) . '/../mycert.pem')); + $objDSig->add509Cert(file_get_contents(dirname(__FILE__).'/../mycert.pem')); $objDSig->appendSignature($doc->documentElement); $sign_output = $doc->saveXML(); - $sign_output_def = file_get_contents(dirname(__FILE__) . '/../sign-empty-uri.res'); + $sign_output_def = file_get_contents(dirname(__FILE__).'/../sign-empty-uri.res'); $this->assertEquals($sign_output_def, $sign_output, "Signature doesn't match"); } public function testWithCommentEmptyUri() { $doc = new \DOMDocument(); - $doc->load(dirname(__FILE__) . '/../withcomment-empty-uri.xml'); + $doc->load(dirname(__FILE__).'/../withcomment-empty-uri.xml'); $objXMLSecDSig = new XMLSecurityDSig(); $objDSig = $objXMLSecDSig->locateSignature($doc); - $this->assertInstanceOf('\\DomElement', $objDSig, "Cannot locate Signature Node"); + $this->assertInstanceOf('\\DomElement', $objDSig, 'Cannot locate Signature Node'); $retVal = $objXMLSecDSig->validateReference(); - $this->assertTrue($retVal, "Reference Validation Failed"); + $this->assertTrue($retVal, 'Reference Validation Failed'); /* * Since we are testing reference canonicalization, we don't need to @@ -92,15 +92,15 @@ public function testWithCommentEmptyUri() public function testWithCommentIdUri() { $doc = new \DOMDocument(); - $doc->load(dirname(__FILE__) . '/../withcomment-id-uri.xml'); + $doc->load(dirname(__FILE__).'/../withcomment-id-uri.xml'); $objXMLSecDSig = new XMLSecurityDSig(); - $objXMLSecDSig->idKeys = array('xml:id'); + $objXMLSecDSig->idKeys = ['xml:id']; $objDSig = $objXMLSecDSig->locateSignature($doc); - $this->assertInstanceOf('\\DomElement', $objDSig, "Cannot locate Signature Node"); + $this->assertInstanceOf('\\DomElement', $objDSig, 'Cannot locate Signature Node'); $retVal = $objXMLSecDSig->validateReference(); - $this->assertTrue($retVal, "Reference Validation Failed"); + $this->assertTrue($retVal, 'Reference Validation Failed'); /* * Since we are testing reference canonicalization, we don't need to @@ -111,75 +111,75 @@ public function testWithCommentIdUri() public function testWithCommentIdUriObject() { $doc = new \DOMDocument(); - $doc->load(dirname(__FILE__) . '/../withcomment-id-uri-object.xml'); - $objXMLSecDSig = new XMLSecurityDSig(); - $objXMLSecDSig->idKeys = array('xml:id'); - $objDSig = $objXMLSecDSig->locateSignature($doc); - $this->assertInstanceOf('\\DomElement', $objDSig, "Cannot locate Signature Node"); + $doc->load(dirname(__FILE__).'/../withcomment-id-uri-object.xml'); + $objXMLSecDSig = new XMLSecurityDSig(); + $objXMLSecDSig->idKeys = ['xml:id']; + $objDSig = $objXMLSecDSig->locateSignature($doc); + $this->assertInstanceOf('\\DomElement', $objDSig, 'Cannot locate Signature Node'); $retVal = $objXMLSecDSig->validateReference(); - $this->assertTrue($retVal, "Reference Validation Failed"); + $this->assertTrue($retVal, 'Reference Validation Failed'); } public function testXmlSignProvider() { - return array( - array(XMLSecurityDSig::SHA1, XMLSecurityKey::RSA_SHA1, dirname(__FILE__) . '/../sign-basic-test.res'), - array( + return [ + [XMLSecurityDSig::SHA1, XMLSecurityKey::RSA_SHA1, dirname(__FILE__).'/../sign-basic-test.res'], + [ XMLSecurityDSig::SHA256, XMLSecurityKey::RSA_SHA256, - dirname(__FILE__) . '/../sign-sha256-rsa-sha256-test.res' - ), - array( + dirname(__FILE__).'/../sign-sha256-rsa-sha256-test.res', + ], + [ XMLSecurityDSig::SHA384, XMLSecurityKey::RSA_SHA384, - dirname(__FILE__) . '/../sign-sha384-rsa-sha384-test.res' - ), - array( + dirname(__FILE__).'/../sign-sha384-rsa-sha384-test.res', + ], + [ XMLSecurityDSig::SHA512, XMLSecurityKey::RSA_SHA512, - dirname(__FILE__) . '/../sign-sha512-rsa-sha512-test.res' - ), - array( + dirname(__FILE__).'/../sign-sha512-rsa-sha512-test.res', + ], + [ XMLSecurityDSig::RIPEMD160, XMLSecurityKey::RSA_1_5, - dirname(__FILE__) . '/../sign-ripemd160-rsa-1_5-test.res' - ), - array( + dirname(__FILE__).'/../sign-ripemd160-rsa-1_5-test.res', + ], + [ XMLSecurityDSig::SHA256, XMLSecurityKey::RSA_OAEP_MGF1P, - dirname(__FILE__) . '/../sign-sha256-rsa-oaep-mgf1p-test.res' - ), + dirname(__FILE__).'/../sign-sha256-rsa-oaep-mgf1p-test.res', + ], - ); + ]; } /** * @dataProvider testXmlSignProvider + * * @throws \Exception */ public function testXmlSign($dsigAlgorithm, $keyType, $expectedFileName) { $doc = new \DOMDocument(); - $doc->load(dirname(__FILE__) . '/../basic-doc.xml'); + $doc->load(dirname(__FILE__).'/../basic-doc.xml'); $objDSig = new XMLSecurityDSig(); $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); - $objDSig->addReference($doc, $dsigAlgorithm, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature')); + $objDSig->addReference($doc, $dsigAlgorithm, ['http://www.w3.org/2000/09/xmldsig#enveloped-signature']); - $objKey = new XMLSecurityKey($keyType, array('type' => 'private')); + $objKey = new XMLSecurityKey($keyType, ['type' => 'private']); /* load private key */ - $objKey->loadKey(dirname(__FILE__) . '/../privkey.pem', true); + $objKey->loadKey(dirname(__FILE__).'/../privkey.pem', true); /* if key has Passphrase, set it using $objKey->passphrase = " */ - $objDSig->sign($objKey); /* Add associated public key */ - $objDSig->add509Cert(file_get_contents(dirname(__FILE__) . '/../mycert.pem')); + $objDSig->add509Cert(file_get_contents(dirname(__FILE__).'/../mycert.pem')); $objDSig->appendSignature($doc->documentElement); @@ -187,6 +187,4 @@ public function testXmlSign($dsigAlgorithm, $keyType, $expectedFileName) $sign_output_def = file_get_contents($expectedFileName); $this->assertEquals($sign_output_def, $sign_output, "Signature doesn't match"); } - - -} \ No newline at end of file +} diff --git a/tests/bootstrap.php b/tests/bootstrap.php index 509335ac..865b6dbd 100644 --- a/tests/bootstrap.php +++ b/tests/bootstrap.php @@ -1,9 +1,8 @@ addPsr4('XmlSecLibs\\', __DIR__.'/XmlSecLibs'); -date_default_timezone_set('UTC'); \ No newline at end of file +date_default_timezone_set('UTC');