Add ds:SPKIData element

simplesamlphp · Dec 3, 2024 · b5fed62 · b5fed62
1 parent 47ff576
commit b5fed62
Show file tree

Hide file tree

Showing 15 changed files with 289 additions and 7 deletions.
diff --git a/src/XML/ds/AbstractKeyInfoType.php b/src/XML/ds/AbstractKeyInfoType.php
@@ -36,6 +36,7 @@ abstract class AbstractKeyInfoType extends AbstractDsElement
      *     \SimpleSAML\XMLSecurity\XML\ds\RetrievalMethod|
      *     \SimpleSAML\XMLSecurity\XML\ds\X509Data|
      *     \SimpleSAML\XMLSecurity\XML\ds\PGPData|
+     *     \SimpleSAML\XMLSecurity\XML\ds\SPKIData|
      *     \SimpleSAML\XMLSecurity\XML\ds\MgmtData|
      *     \SimpleSAML\XML\SerializableElementInterface
      * )[] $info
@@ -72,7 +73,7 @@ final public function __construct(
                         RetrievalMethod::class,
                         X509Data::class,
                         PGPData::class,
-                        // SPKIData::class,
+                        SPKIData::class,
                         MgmtData::class,
                     ],
                     SchemaViolationException::class,

diff --git a/src/XML/ds/AbstractSPKIDataType.php b/src/XML/ds/AbstractSPKIDataType.php
@@ -0,0 +1,115 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\XMLSecurity\XML\ds;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\Registry\ElementRegistry;
+use SimpleSAML\XML\SerializableElementInterface;
+use SimpleSAML\XML\XsNamespace as NS;
+use SimpleSAML\XMLSecurity\XML\ds\AbstractDsElement;
+
+/**
+ * Abstract class representing the SPKIDataType.
+ *
+ * @package simplesamlphp/xml-security
+ */
+abstract class AbstractSPKIDataType extends AbstractDsElement
+{
+    /**
+     * Initialize a SPKIData element.
+     *
+     * @param array<\SimpleSAML\XMLSecurity\XML\ds\SPKISexp, SimpleSAML\XML\SerializableElementInterface|null> $tuples
+     */
+    final public function __construct(
+        protected array $tuples,
+    ) {
+        Assert::allIsArray($tuples, SchemaViolationException::class);
+        Assert::allCount($tuples, 2);
+
+        foreach ($tuples as $tuple) {
+            list($spkisExp, $other) = $tuple;
+            Assert::isInstanceOf($spkisExp, SPKISexp::class, SchemaViolationException::class);
+            Assert::nullOrIsInstanceOf($other, SerializableElementInterface::class, SchemaViolationException::class);
+        }
+    }
+
+
+    /**
+     * Collect the value of the SPKISexp-property
+     *
+     * @return array<\SimpleSAML\XMLSecurity\XML\ds\SPKISexp, SimpleSAML\XML\SerializableElementInterface|null>
+     */
+    public function getTuples(): array
+    {
+        return $this->tuples;
+    }
+
+
+    /**
+     * Convert XML into a SPKIData
+     *
+     * @param \DOMElement $xml The XML element we should load
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   If the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        Assert::same($xml->localName, static::getLocalName(), InvalidDOMElementException::class);
+        Assert::same($xml->namespaceURI, static::NS, InvalidDOMElementException::class);
+
+        $registry = ElementRegistry::getInstance();
+        $tuples = [];
+        $tuple = [null, null];
+        foreach ($xml->childNodes as $node) {
+            if ($node instanceof DOMElement) {
+                if ($node->namespaceURI === static::NS && $node->localName === 'SPKISexp') {
+                    if ($tuple[0] !== null) {
+                        $tuples[] = $tuple;
+                    }
+                    $tuple = [SPKISexp::fromXML($node), null];
+                } elseif ($node->namespaceURI !== static::NS && $tuple[0] !== null) {
+                    $handler = $registry->getElementHandler($node->namespaceURI, $node->localName);
+                    $tuple[1] = ($handler === null) ? Chunk::fromXML($node) : $handler::fromXML($node);
+                    $tuples[] = $tuple;
+                    $tuple = [null, null];
+                }
+            }
+        }
+
+        if ($tuple[0] !== null) {
+            $tuples[] = $tuple;
+        }
+
+        return new static($tuples);
+    }
+
+
+    /**
+     * Convert this SPKIData to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this SPKIData to.
+     * @return \DOMElement
+     */
+    public function toXML(?DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        foreach ($this->getTuples() as $tuple) {
+            list($spkisExp, $other) = $tuple;
+
+            $spkisExp->toXML($e);
+            $other?->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/ds/KeyInfo.php b/src/XML/ds/KeyInfo.php
@@ -38,7 +38,7 @@ public static function fromXML(DOMElement $xml): static
         $retrievalMethod = RetrievalMethod::getChildrenOfClass($xml);
         $x509Data = X509Data::getChildrenOfClass($xml);
         $pgpData = PGPData::getChildrenOfClass($xml);
-        //$spkiData = SPKIData::getChildrenOfClass($xml);
+        $spkiData = SPKIData::getChildrenOfClass($xml);
         $mgmtData = MgmtData::getChildrenOfClass($xml);
         $other = self::getChildElementsFromXML($xml);
 
@@ -48,7 +48,7 @@ public static function fromXML(DOMElement $xml): static
             $retrievalMethod,
             $x509Data,
             $pgpData,
-            //$spkiData,
+            $spkiData,
             $mgmtData,
             $other,
         );

diff --git a/src/XML/ds/SPKIData.php b/src/XML/ds/SPKIData.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\XMLSecurity\XML\ds;
+
+/**
+ * Class representing a ds:SPKIData element.
+ *
+ * @package simplesaml/xml-security
+ */
+final class SPKIData extends AbstractSPKIDataType
+{
+}
diff --git a/src/XML/xenc/OriginatorKeyInfo.php b/src/XML/xenc/OriginatorKeyInfo.php
@@ -14,6 +14,7 @@
 use SimpleSAML\XMLSecurity\XML\ds\MgmtData;
 use SimpleSAML\XMLSecurity\XML\ds\PGPData;
 use SimpleSAML\XMLSecurity\XML\ds\RetrievalMethod;
+use SimpleSAML\XMLSecurity\XML\ds\SPKIData;
 use SimpleSAML\XMLSecurity\XML\ds\X509Data;
 
 use function array_merge;
@@ -53,7 +54,7 @@ public static function fromXML(DOMElement $xml): static
         $retrievalMethod = RetrievalMethod::getChildrenOfClass($xml);
         $x509Data = X509Data::getChildrenOfClass($xml);
         $pgpData = PGPData::getChildrenOfClass($xml);
-        //$spkiData = SPKIData::getChildrenOfClass($xml);
+        $spkiData = SPKIData::getChildrenOfClass($xml);
         $mgmtData = MgmtData::getChildrenOfClass($xml);
         $other = self::getChildElementsFromXML($xml);
 
@@ -63,7 +64,7 @@ public static function fromXML(DOMElement $xml): static
             $retrievalMethod,
             $x509Data,
             $pgpData,
-            //$spkiData,
+            $spkiData,
             $mgmtData,
             $other,
         );

diff --git a/src/XML/xenc/RecipientKeyInfo.php b/src/XML/xenc/RecipientKeyInfo.php
@@ -14,6 +14,7 @@
 use SimpleSAML\XMLSecurity\XML\ds\MgmtData;
 use SimpleSAML\XMLSecurity\XML\ds\PGPData;
 use SimpleSAML\XMLSecurity\XML\ds\RetrievalMethod;
+use SimpleSAML\XMLSecurity\XML\ds\SPKIData;
 use SimpleSAML\XMLSecurity\XML\ds\X509Data;
 
 use function array_merge;
@@ -53,7 +54,7 @@ public static function fromXML(DOMElement $xml): static
         $retrievalMethod = RetrievalMethod::getChildrenOfClass($xml);
         $x509Data = X509Data::getChildrenOfClass($xml);
         $pgpData = PGPData::getChildrenOfClass($xml);
-        //$spkiData = SPKIData::getChildrenOfClass($xml);
+        $spkiData = SPKIData::getChildrenOfClass($xml);
         $mgmtData = MgmtData::getChildrenOfClass($xml);
         $other = self::getChildElementsFromXML($xml);
 
@@ -63,7 +64,7 @@ public static function fromXML(DOMElement $xml): static
             $retrievalMethod,
             $x509Data,
             $pgpData,
-            //$spkiData,
+            $spkiData,
             $mgmtData,
             $other,
         );

diff --git a/tests/XML/ds/KeyInfoTest.php b/tests/XML/ds/KeyInfoTest.php
@@ -20,10 +20,14 @@
 use SimpleSAML\XMLSecurity\XML\ds\PGPData;
 use SimpleSAML\XMLSecurity\XML\ds\PGPKeyID;
 use SimpleSAML\XMLSecurity\XML\ds\PGPKeyPacket;
+use SimpleSAML\XMLSecurity\XML\ds\SPKIData;
+use SimpleSAML\XMLSecurity\XML\ds\SPKISexp;
 use SimpleSAML\XMLSecurity\XML\ds\X509Certificate;
 use SimpleSAML\XMLSecurity\XML\ds\X509Data;
 use SimpleSAML\XMLSecurity\XML\ds\X509SubjectName;
+use SimpleSAML\XMLSecurity\XML\xenc\CarriedKeyName;
 use SimpleSAML\XMLSecurity\XML\xenc\P;
+use SimpleSAML\XMLSecurity\XML\xenc\Seed;
 
 use function dirname;
 use function openssl_x509_parse;
@@ -92,6 +96,12 @@ public function setUp(): void
      */
     public function testMarshalling(): void
     {
+        $SPKISexp1 = new SPKISexp('GpM6');
+        $seed = new Seed('/CTj03d1DB5e2t7CTo9BEzCf5S9NRzwnBgZRlm32REI=');
+        $SPKISexp2 = new SPKISexp('GpM7');
+        $SPKISexp3 = new SPKISexp('GpM8');
+        $carriedKeyName = new CarriedKeyName('Some label');
+
         $keyInfo = new KeyInfo(
             [
                 new KeyName('testkey'),
@@ -106,6 +116,11 @@ public function testMarshalling(): void
                     new PGPKeyPacket('GpM8'),
                     [new P('/CTj03d1DB5e2t7CTo9BEzCf5S9NRzwnBgZRlm32REI=')],
                 ),
+                new SPKIData([
+                    [$SPKISexp1, $seed],
+                    [$SPKISexp2, null],
+                    [$SPKISexp3, $carriedKeyName],
+                ]),
                 new MgmtData('ManagementData'),
                 new Chunk(DOMDocumentFactory::fromString(
                     '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>',

diff --git a/tests/XML/ds/SPKIDataTest.php b/tests/XML/ds/SPKIDataTest.php
@@ -0,0 +1,70 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\XMLSecurity\Test\XML\ds;
+
+use PHPUnit\Framework\Attributes\CoversClass;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+use SimpleSAML\XMLSecurity\XML\ds\AbstractDsElement;
+use SimpleSAML\XMLSecurity\XML\ds\AbstractSPKIData;
+use SimpleSAML\XMLSecurity\XML\ds\SPKIData;
+use SimpleSAML\XMLSecurity\XML\ds\SPKISexp;
+use SimpleSAML\XMLSecurity\XML\xenc\CarriedKeyName;
+use SimpleSAML\XMLSecurity\XML\xenc\Seed;
+
+use function dirname;
+use function strval;
+
+/**
+ * Class \SimpleSAML\XMLSecurity\Test\XML\ds\SPKIDataTest
+ *
+ * @package simplesamlphp/xml-security
+ */
+#[CoversClass(AbstractDsElement::class)]
+#[CoversClass(AbstractSPKIData::class)]
+#[CoversClass(SPKIData::class)]
+final class SPKIDataTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$testedClass = SPKIData::class;
+
+        self::$schemaFile = dirname(__FILE__, 4) . '/resources/schemas/xmldsig1-schema.xsd';
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 3) . '/resources/xml/ds_SPKIData.xml',
+        );
+    }
+
+
+    /**
+     */
+    public function testMarshalling(): void
+    {
+        $SPKISexp1 = new SPKISexp('GpM6');
+        $seed = new Seed('/CTj03d1DB5e2t7CTo9BEzCf5S9NRzwnBgZRlm32REI=');
+        $SPKISexp2 = new SPKISexp('GpM7');
+        $SPKISexp3 = new SPKISexp('GpM8');
+        $carriedKeyName = new CarriedKeyName('Some label');
+
+        $SPKIData = new SPKIData([
+            [$SPKISexp1, $seed],
+            [$SPKISexp2, null],
+            [$SPKISexp3, $carriedKeyName],
+        ]);
+
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($SPKIData),
+        );
+    }
+}
diff --git a/tests/XML/xenc/OriginatorKeyInfoTest.php b/tests/XML/xenc/OriginatorKeyInfoTest.php
@@ -18,11 +18,15 @@
 use SimpleSAML\XMLSecurity\XML\ds\PGPData;
 use SimpleSAML\XMLSecurity\XML\ds\PGPKeyID;
 use SimpleSAML\XMLSecurity\XML\ds\PGPKeyPacket;
+use SimpleSAML\XMLSecurity\XML\ds\SPKIData;
+use SimpleSAML\XMLSecurity\XML\ds\SPKISexp;
 use SimpleSAML\XMLSecurity\XML\ds\X509Certificate;
 use SimpleSAML\XMLSecurity\XML\ds\X509Data;
 use SimpleSAML\XMLSecurity\XML\ds\X509SubjectName;
+use SimpleSAML\XMLSecurity\XML\xenc\CarriedKeyName;
 use SimpleSAML\XMLSecurity\XML\xenc\OriginatorKeyInfo;
 use SimpleSAML\XMLSecurity\XML\xenc\P;
+use SimpleSAML\XMLSecurity\XML\xenc\Seed;
 
 use function dirname;
 use function openssl_x509_parse;
@@ -88,6 +92,12 @@ public function setUp(): void
      */
     public function testMarshalling(): void
     {
+        $SPKISexp1 = new SPKISexp('GpM6');
+        $seed = new Seed('/CTj03d1DB5e2t7CTo9BEzCf5S9NRzwnBgZRlm32REI=');
+        $SPKISexp2 = new SPKISexp('GpM7');
+        $SPKISexp3 = new SPKISexp('GpM8');
+        $carriedKeyName = new CarriedKeyName('Some label');
+
         $originatorKeyInfo = new OriginatorKeyInfo(
             [
                 new KeyName('testkey'),
@@ -102,6 +112,11 @@ public function testMarshalling(): void
                     new PGPKeyPacket('GpM8'),
                     [new P('/CTj03d1DB5e2t7CTo9BEzCf5S9NRzwnBgZRlm32REI=')],
                 ),
+                new SPKIData([
+                    [$SPKISexp1, $seed],
+                    [$SPKISexp2, null],
+                    [$SPKISexp3, $carriedKeyName],
+                ]),
                 new MgmtData('ManagementData'),
                 new Chunk(DOMDocumentFactory::fromString(
                     '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>',