Skip to content
This repository has been archived by the owner on Jan 3, 2023. It is now read-only.

Kontrola existence cesty k veřejnému klíči #24

Closed
wants to merge 5 commits into from
Closed

Kontrola existence cesty k veřejnému klíči #24

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
620ee50
Extract cryptography creation to reduce DRY
jost125 Feb 25, 2017
ee398b0
Use valid public key in pkp test
jost125 Feb 25, 2017
6326084
Check key existence in cryptography constructor
jost125 Feb 25, 2017
32dc091
Extract invalid certificate path into constant
jost125 Feb 25, 2017
b0fb3d6
Verify public key format before usage
jost125 Feb 25, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions src/Cryptography/CryptographyService.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ public function getBkpCode(string $pkpCode): string

public function addWSESignature(string $request): string
{
$this->tryLoadPublicKey();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Asi bych do metody posílal už obsah souboru, nebude se muset načítat 2x.

Přejmenoval bych metodu na verifyPublicKey

$securityKey = new \RobRichards\XMLSecLibs\XMLSecurityKey(\RobRichards\XMLSecLibs\XMLSecurityKey::RSA_SHA256, ['type' => 'private']);
$document = new \DOMDocument('1.0');
$document->loadXML($request);
Expand All @@ -79,4 +80,13 @@ public function addWSESignature(string $request): string
return $wse->saveXML();
}

private function tryLoadPublicKey()
{
$publicKeyResource = openssl_get_publickey(file_get_contents($this->publicKeyFile));
if ($publicKeyResource === false) {
throw new PublicKeyFileException($this->publicKeyFile);
}
openssl_free_key($publicKeyResource);
}

}
16 changes: 16 additions & 0 deletions tests/SlevomatEET/Cryptography/CryptographyServiceTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,22 @@ public function testWSESignatureWithInvalidPrivateKeyPassword()
$crypto->addWSESignature($request);
}

public function testWSESignatureWithInvalidPublicKey()
{
$request = $this->getRequestData();
$crypto = new CryptographyService(
self::PRIVATE_KEY_WITHOUT_PASSWORD_PATH,
self::INVALID_KEY_PATH
);

try {
$crypto->addWSESignature($request);
$this->fail('Exception ' . PublicKeyFileException::class . ' expected');
} catch (PublicKeyFileException $e) {
$this->assertSame(self::INVALID_KEY_PATH, $e->getPublicKeyFile());
}
}

private function getReceiptData(): array
{
return [
Expand Down