Issues in AbstractSigner.php (master) - Issues in master - simplesamlphp/xml-security - Measure and Improve Code Quality continuously with Scrutinizer

Issues (88)

src/Alg/Signature/AbstractSigner.php (1 issue)

Labels

Bug 1

Severity

Major 1

<?php

declare(strict_types=1);

namespace SimpleSAML\XMLSecurity\Alg\Signature;

use SimpleSAML\Assert\Assert;
use SimpleSAML\XMLSecurity\Backend;
use SimpleSAML\XMLSecurity\Backend\SignatureBackend;
use SimpleSAML\XMLSecurity\Exception\UnsupportedAlgorithmException;
use SimpleSAML\XMLSecurity\Key\KeyInterface;

/**
 * An abstract class that implements a generic digital signature algorithm.
 *
 * @package simplesamlphp/xml-security
 */
abstract class AbstractSigner implements SignatureAlgorithmInterface
{
    /** @var string */
    protected const DEFAULT_BACKEND = Backend\OpenSSL::class;

    /** @var \SimpleSAML\XMLSecurity\Backend\SignatureBackend */
    protected SignatureBackend $backend;


    /**
     * Build a signature algorithm.
     *
     * Extend this class to implement your own signers.
     *
     * WARNING: remember to adjust the type of the key to the one that works with your algorithm!
     *
     * @param \SimpleSAML\XMLSecurity\Key\KeyInterface $key The signing key.
     * @param string $algId The identifier of this algorithm.
     * @param string $digest The identifier of the digest algorithm to use.
     */
    public function __construct(
        #[\SensitiveParameter]
        private KeyInterface $key,
        protected string $algId,
        protected string $digest,
    ) {
        Assert::oneOf(
            $algId,
            static::getSupportedAlgorithms(),
            sprintf('Unsupported algorithm for %s', static::class),
            UnsupportedAlgorithmException::class,
        );

        /** @var \SimpleSAML\XMLSecurity\Backend\SignatureBackend $backend */
        $backend = new (static::DEFAULT_BACKEND)();

        $this->setBackend($backend);
        $this->backend->setDigestAlg($digest);
    }


    /**
     * @return string
     */
    public function getAlgorithmId(): string
    {
        return $this->algId;
    }


    /**
     * @return string
     */
    public function getDigest(): string
    {
        return $this->digest;
    }


    /**
     * @return \SimpleSAML\XMLSecurity\Key\KeyInterface
     */
    public function getKey(): KeyInterface
    {
        return $this->key;
    }


    /**
     * @inheritDoc
     */
    public function setBackend(?SignatureBackend $backend): void
    {
        if ($backend === null) {
            return;
        }

        $this->backend = $backend;
        $this->backend->setDigestAlg($this->digest);
    }


    /**
     * Sign a given plaintext with the current algorithm and key.
     *
     * @param string $plaintext The plaintext to sign.
     *
     * @return string The (binary) signature corresponding to the given plaintext.
     */
    final public function sign(string $plaintext): string
    {
        return $this->backend->sign($this->key, $plaintext);
    }


    /**
     * Verify a signature with the current algorithm and key.
     *
     * @param string $plaintext The original signed text.
     * @param string $signature The (binary) signature to verify.
     *
     * @return boolean True if the signature can be verified, false otherwise.
     */
    final public function verify(string $plaintext, string $signature): bool
    {
        return $this->backend->verify($this->key, $plaintext, $signature);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SimpleSAML\XMLSecurity\Alg\Signature;
6
7			use SimpleSAML\Assert\Assert;
8			use SimpleSAML\XMLSecurity\Backend;
9			use SimpleSAML\XMLSecurity\Backend\SignatureBackend;
10			use SimpleSAML\XMLSecurity\Exception\UnsupportedAlgorithmException;
11			use SimpleSAML\XMLSecurity\Key\KeyInterface;
12
13			/**
14			* An abstract class that implements a generic digital signature algorithm.
15			*
16			* @package simplesamlphp/xml-security
17			*/
18			abstract class AbstractSigner implements SignatureAlgorithmInterface
19			{
20			/** @var string */
21			protected const DEFAULT_BACKEND = Backend\OpenSSL::class;
22
23			/** @var \SimpleSAML\XMLSecurity\Backend\SignatureBackend */
24			protected SignatureBackend $backend;
25
26
27			/**
28			* Build a signature algorithm.
29			*
30			* Extend this class to implement your own signers.
31			*
32			* WARNING: remember to adjust the type of the key to the one that works with your algorithm!
33			*
34			* @param \SimpleSAML\XMLSecurity\Key\KeyInterface $key The signing key.
35			* @param string $algId The identifier of this algorithm.
36			* @param string $digest The identifier of the digest algorithm to use.
37			*/
38			public function __construct(
39			#[\SensitiveParameter]
40			private KeyInterface $key,
41			protected string $algId,
42			protected string $digest,
43			) {
44			Assert::oneOf(
45			$algId,
46			static::getSupportedAlgorithms(),
47			sprintf('Unsupported algorithm for %s', static::class),
48			UnsupportedAlgorithmException::class,
49			);
50
51			/** @var \SimpleSAML\XMLSecurity\Backend\SignatureBackend $backend */
52			$backend = new (static::DEFAULT_BACKEND)();
			0 ignored issues – show Bug introduced 2024-05-30 20:54 UTC by Report Bug Copy Issue Report Show Similar Issues like this A parse error occurred: Syntax error, unexpected '(' on line 52 at column 23 Loading history...
53			$this->setBackend($backend);
54			$this->backend->setDigestAlg($digest);
55			}
56
57
58			/**
59			* @return string
60			*/
61			public function getAlgorithmId(): string
62			{
63			return $this->algId;
64			}
65
66
67			/**
68			* @return string
69			*/
70			public function getDigest(): string
71			{
72			return $this->digest;
73			}
74
75
76			/**
77			* @return \SimpleSAML\XMLSecurity\Key\KeyInterface
78			*/
79			public function getKey(): KeyInterface
80			{
81			return $this->key;
82			}
83
84
85			/**
86			* @inheritDoc
87			*/
88			public function setBackend(?SignatureBackend $backend): void
89			{
90			if ($backend === null) {
91			return;
92			}
93
94			$this->backend = $backend;
95			$this->backend->setDigestAlg($this->digest);
96			}
97
98
99			/**
100			* Sign a given plaintext with the current algorithm and key.
101			*
102			* @param string $plaintext The plaintext to sign.
103			*
104			* @return string The (binary) signature corresponding to the given plaintext.
105			*/
106			final public function sign(string $plaintext): string
107			{
108			return $this->backend->sign($this->key, $plaintext);
109			}
110
111
112			/**
113			* Verify a signature with the current algorithm and key.
114			*
115			* @param string $plaintext The original signed text.
116			* @param string $signature The (binary) signature to verify.
117			*
118			* @return boolean True if the signature can be verified, false otherwise.
119			*/
120			final public function verify(string $plaintext, string $signature): bool
121			{
122			return $this->backend->verify($this->key, $plaintext, $signature);
123			}
124			}
125

simplesamlphp / xml-security

Issues (88)

src/Alg/Signature/AbstractSigner.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like