Issues in AbstractSigner.php (master) - Issues in master - simplesamlphp/xml-security - Measure and Improve Code Quality continuously with Scrutinizer

Issues (311)

src/Alg/Signature/AbstractSigner.php (1 issue)

Labels

Bug 1

Severity

Major 1

<?php

declare(strict_types=1);

namespace SimpleSAML\XMLSecurity\Alg\Signature;

use SimpleSAML\Assert\Assert;
use SimpleSAML\XMLSecurity\Backend;
use SimpleSAML\XMLSecurity\Backend\SignatureBackend;
use SimpleSAML\XMLSecurity\Exception\UnsupportedAlgorithmException;
use SimpleSAML\XMLSecurity\Key\KeyInterface;

/**
 * An abstract class that implements a generic digital signature algorithm.
 *
 * @package simplesamlphp/xml-security
 */
abstract class AbstractSigner implements SignatureAlgorithmInterface
{
    protected const string DEFAULT_BACKEND = Backend\OpenSSL::class;



    /** @var \SimpleSAML\XMLSecurity\Backend\SignatureBackend */
    protected SignatureBackend $backend;


    /**
     * Build a signature algorithm.
     *
     * Extend this class to implement your own signers.
     *
     * WARNING: remember to adjust the type of the key to the one that works with your algorithm!
     *
     * @param \SimpleSAML\XMLSecurity\Key\KeyInterface $key The signing key.
     * @param string $algId The identifier of this algorithm.
     * @param string $digest The identifier of the digest algorithm to use.
     */
    public function __construct(
        #[\SensitiveParameter]
        private KeyInterface $key,
        protected string $algId,
        protected string $digest,
    ) {
        Assert::oneOf(
            $algId,
            static::getSupportedAlgorithms(),
            sprintf('Unsupported algorithm for %s', static::class),
            UnsupportedAlgorithmException::class,
        );

        /** @var \SimpleSAML\XMLSecurity\Backend\SignatureBackend $backend */
        $backend = new (static::DEFAULT_BACKEND)();
        $this->setBackend($backend);
        $this->backend->setDigestAlg($digest);
    }


    /**
     */
    public function getAlgorithmId(): string
    {
        return $this->algId;
    }


    /**
     */
    public function getDigest(): string
    {
        return $this->digest;
    }


    /**
     * @return \SimpleSAML\XMLSecurity\Key\KeyInterface
     */
    public function getKey(): KeyInterface
    {
        return $this->key;
    }


    /**
     * @inheritDoc
     */
    public function setBackend(?SignatureBackend $backend): void
    {
        if ($backend === null) {
            return;
        }

        $this->backend = $backend;
        $this->backend->setDigestAlg($this->digest);
    }


    /**
     * Sign a given plaintext with the current algorithm and key.
     *
     * @param string $plaintext The plaintext to sign.
     *
     * @return string The (binary) signature corresponding to the given plaintext.
     */
    final public function sign(string $plaintext): string
    {
        return $this->backend->sign($this->key, $plaintext);
    }


    /**
     * Verify a signature with the current algorithm and key.
     *
     * @param string $plaintext The original signed text.
     * @param string $signature The (binary) signature to verify.
     *
     * @return boolean True if the signature can be verified, false otherwise.
     */
    final public function verify(string $plaintext, string $signature): bool
    {
        return $this->backend->verify($this->key, $plaintext, $signature);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SimpleSAML\XMLSecurity\Alg\Signature;
6
7			use SimpleSAML\Assert\Assert;
8			use SimpleSAML\XMLSecurity\Backend;
9			use SimpleSAML\XMLSecurity\Backend\SignatureBackend;
10			use SimpleSAML\XMLSecurity\Exception\UnsupportedAlgorithmException;
11			use SimpleSAML\XMLSecurity\Key\KeyInterface;
12
13			/**
14			* An abstract class that implements a generic digital signature algorithm.
15			*
16			* @package simplesamlphp/xml-security
17			*/
18			abstract class AbstractSigner implements SignatureAlgorithmInterface
19			{
20			protected const string DEFAULT_BACKEND = Backend\OpenSSL::class;
			0 ignored issues – show Bug introduced 2025-12-17 10:10 UTC by Report Bug Copy Issue Report Show Similar Issues like this A parse error occurred: Syntax error, unexpected T_STRING, expecting '=' on line 20 at column 27 Loading history...
21
22
23			/** @var \SimpleSAML\XMLSecurity\Backend\SignatureBackend */
24			protected SignatureBackend $backend;
25
26
27			/**
28			* Build a signature algorithm.
29			*
30			* Extend this class to implement your own signers.
31			*
32			* WARNING: remember to adjust the type of the key to the one that works with your algorithm!
33			*
34			* @param \SimpleSAML\XMLSecurity\Key\KeyInterface $key The signing key.
35			* @param string $algId The identifier of this algorithm.
36			* @param string $digest The identifier of the digest algorithm to use.
37			*/
38			public function __construct(
39			#[\SensitiveParameter]
40			private KeyInterface $key,
41			protected string $algId,
42			protected string $digest,
43			) {
44			Assert::oneOf(
45			$algId,
46			static::getSupportedAlgorithms(),
47			sprintf('Unsupported algorithm for %s', static::class),
48			UnsupportedAlgorithmException::class,
49			);
50
51			/** @var \SimpleSAML\XMLSecurity\Backend\SignatureBackend $backend */
52			$backend = new (static::DEFAULT_BACKEND)();
53			$this->setBackend($backend);
54			$this->backend->setDigestAlg($digest);
55			}
56
57
58			/**
59			*/
60			public function getAlgorithmId(): string
61			{
62			return $this->algId;
63			}
64
65
66			/**
67			*/
68			public function getDigest(): string
69			{
70			return $this->digest;
71			}
72
73
74			/**
75			* @return \SimpleSAML\XMLSecurity\Key\KeyInterface
76			*/
77			public function getKey(): KeyInterface
78			{
79			return $this->key;
80			}
81
82
83			/**
84			* @inheritDoc
85			*/
86			public function setBackend(?SignatureBackend $backend): void
87			{
88			if ($backend === null) {
89			return;
90			}
91
92			$this->backend = $backend;
93			$this->backend->setDigestAlg($this->digest);
94			}
95
96
97			/**
98			* Sign a given plaintext with the current algorithm and key.
99			*
100			* @param string $plaintext The plaintext to sign.
101			*
102			* @return string The (binary) signature corresponding to the given plaintext.
103			*/
104			final public function sign(string $plaintext): string
105			{
106			return $this->backend->sign($this->key, $plaintext);
107			}
108
109
110			/**
111			* Verify a signature with the current algorithm and key.
112			*
113			* @param string $plaintext The original signed text.
114			* @param string $signature The (binary) signature to verify.
115			*
116			* @return boolean True if the signature can be verified, false otherwise.
117			*/
118			final public function verify(string $plaintext, string $signature): bool
119			{
120			return $this->backend->verify($this->key, $plaintext, $signature);
121			}
122			}
123

simplesamlphp / xml-security

Issues (311)

src/Alg/Signature/AbstractSigner.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like