diff --git a/src/C14N.php b/src/C14N.php new file mode 100644 index 00000000..c1e2a049 --- /dev/null +++ b/src/C14N.php @@ -0,0 +1,67 @@ + true, + default => false, + }; + } + + + /** + * @return bool + */ + public function withoutComments(): bool + { + return match($this) + { + C14N::INCLUSIVE_WITHOUT_COMMENTS, C14N::EXCLUSIVE_WITHOUT_COMMENTS => true, + default => false, + }; + } + + + /** + * @return bool + */ + public function exclusive(): bool + { + return match($this) + { + C14N::EXCLUSIVE_WITH_COMMENTS, C14N::EXCLUSIVE_WITHOUT_COMMENTS => true, + default => false, + }; + } + + + /** + * @return bool + */ + public function inclusive(): bool + { + return match($this) + { + C14N::INCLUSIVE_WITH_COMMENTS, C14N::INCLUSIVE_WITHOUT_COMMENTS => true, + default => false, + }; + } +} diff --git a/src/Constants.php b/src/Constants.php index 55d5711d..19d807c3 100644 --- a/src/Constants.php +++ b/src/Constants.php @@ -90,14 +90,6 @@ class Constants extends \SimpleSAML\XML\Constants self::KEY_TRANSPORT_OAEP_MGF1P, ]; - /** - * Canonicalization algorithms - */ - public const C14N_INCLUSIVE_WITH_COMMENTS = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments'; - public const C14N_INCLUSIVE_WITHOUT_COMMENTS = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; - public const C14N_EXCLUSIVE_WITH_COMMENTS = 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments'; - public const C14N_EXCLUSIVE_WITHOUT_COMMENTS = 'http://www.w3.org/2001/10/xml-exc-c14n#'; - /** * Signature algorithms */ @@ -147,4 +139,5 @@ class Constants extends \SimpleSAML\XML\Constants public const XMLENC_EXI = 'http://www.w3.org/2009/xmlenc11#EXI'; public const XPATH_URI = 'http://www.w3.org/TR/1999/REC-xpath-19991116'; + public const NS_EC = 'http://www.w3.org/2001/10/xml-exc-c14n#'; } diff --git a/src/TestUtils/SignedElementTestTrait.php b/src/TestUtils/SignedElementTestTrait.php index ccecdc30..f63734ac 100644 --- a/src/TestUtils/SignedElementTestTrait.php +++ b/src/TestUtils/SignedElementTestTrait.php @@ -7,6 +7,7 @@ use DOMDocument; use Exception; use SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmFactory; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\Exception\InvalidArgumentException; use SimpleSAML\XMLSecurity\Exception\NoSignatureFoundException; @@ -95,7 +96,7 @@ public function testSignatures(): void ]); $unsigned = self::$testedClass::fromXML(self::$xmlRepresentation->documentElement); - $unsigned->sign($signer, C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, $keyInfo); + $unsigned->sign($signer, C14N::EXCLUSIVE_WITHOUT_COMMENTS, $keyInfo); $signed = self::$testedClass::fromXML($unsigned->toXML()); $this->assertEquals( $algorithm, @@ -128,7 +129,7 @@ public function testSignatures(): void // // sign without certificates // - $unsigned->sign($signer, C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, null); + $unsigned->sign($signer, C14N::EXCLUSIVE_WITHOUT_COMMENTS, null); $signed = self::$testedClass::fromXML($unsigned->toXML()); // verify signature @@ -156,7 +157,7 @@ public function testSignatures(): void $algorithm, PEMCertificatesMock::getPrivateKey(PEMCertificatesMock::OTHER_PRIVATE_KEY), ); - $unsigned->sign($signer, C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, null); + $unsigned->sign($signer, C14N::EXCLUSIVE_WITHOUT_COMMENTS, null); $signed = self::$testedClass::fromXML($unsigned->toXML()); // verify signature diff --git a/src/Utils/XML.php b/src/Utils/XML.php index 08f9b236..b95e53e9 100644 --- a/src/Utils/XML.php +++ b/src/Utils/XML.php @@ -5,6 +5,7 @@ namespace SimpleSAML\XMLSecurity\Utils; use DOMElement; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\XML\ds\Transforms; @@ -22,7 +23,7 @@ class XML * Canonicalize any given node. * * @param \DOMElement $element The DOM element that needs canonicalization. - * @param string $c14nMethod The identifier of the canonicalization algorithm to use. + * @param \SimpleSAML\XMLSecurity\C14N $c14nMethod The identifier of the canonicalization algorithm to use. * See \SimpleSAML\XMLSecurity\Constants. * @param array|null $xpaths An array of xpaths to filter the nodes by. Defaults to null (no filters). * @param array|null $prefixes An array of namespace prefixes to filter the nodes by. Defaults to null (no filters). @@ -31,18 +32,12 @@ class XML */ public static function canonicalizeData( DOMElement $element, - string $c14nMethod, + C14N $c14nMethod, array $xpaths = null, array $prefixes = null, ): string { - $withComments = match ($c14nMethod) { - C::C14N_EXCLUSIVE_WITH_COMMENTS, C::C14N_INCLUSIVE_WITH_COMMENTS => true, - default => false, - }; - $exclusive = match ($c14nMethod) { - C::C14N_EXCLUSIVE_WITH_COMMENTS, C::C14N_EXCLUSIVE_WITHOUT_COMMENTS => true, - default => false, - }; + $withComments = $c14nMethod->withComments(); + $exclusive = $c14nMethod->exclusive(); if ( is_null($xpaths) @@ -85,14 +80,14 @@ public static function processTransforms( Transforms $transforms, DOMElement $data, ): string { - $canonicalMethod = C::C14N_EXCLUSIVE_WITHOUT_COMMENTS; + $canonicalMethod = C14N::EXCLUSIVE_WITHOUT_COMMENTS; $arXPath = null; $prefixList = null; foreach ($transforms->getTransform() as $transform) { $canonicalMethod = $transform->getAlgorithm(); switch ($canonicalMethod) { - case C::C14N_EXCLUSIVE_WITHOUT_COMMENTS: - case C::C14N_EXCLUSIVE_WITH_COMMENTS: + case C14N::EXCLUSIVE_WITHOUT_COMMENTS: + case C14N::EXCLUSIVE_WITH_COMMENTS: $inclusiveNamespaces = $transform->getInclusiveNamespaces(); if ($inclusiveNamespaces !== null) { $prefixes = $inclusiveNamespaces->getPrefixes(); diff --git a/src/XML/CanonicalizableElementInterface.php b/src/XML/CanonicalizableElementInterface.php index d539cd2c..fe1e899c 100644 --- a/src/XML/CanonicalizableElementInterface.php +++ b/src/XML/CanonicalizableElementInterface.php @@ -5,6 +5,7 @@ namespace SimpleSAML\XMLSecurity\XML; use SimpleSAML\XML\ElementInterface; +use SimpleSAML\XMLSecurity\C14N; /** * An interface for objects that can be canonicalized. @@ -26,11 +27,11 @@ interface CanonicalizableElementInterface extends ElementInterface * Note that if this object was created using fromXML(), it might be necessary to keep the original DOM * representation of the object. * - * @param string $method The canonicalization method to use. + * @param \SimpleSAML\XMLSecurity\C14N $method The canonicalization method to use. * @param string[]|null $xpaths An array of XPaths to filter the nodes by. Defaults to null (no filters). * @param string[]|null $prefixes An array of namespace prefixes to filter the nodes by. Defaults to null (no * filters). * @return string */ - public function canonicalize(string $method, ?array $xpaths = null, ?array $prefixes = null): string; + public function canonicalize(C14N $method, ?array $xpaths = null, ?array $prefixes = null): string; } diff --git a/src/XML/CanonicalizableElementTrait.php b/src/XML/CanonicalizableElementTrait.php index 69c3f725..249f5434 100644 --- a/src/XML/CanonicalizableElementTrait.php +++ b/src/XML/CanonicalizableElementTrait.php @@ -5,6 +5,7 @@ namespace SimpleSAML\XMLSecurity\XML; use DOMElement; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Utils\XML; /** @@ -33,13 +34,13 @@ abstract protected function getOriginalXML(): DOMElement; * Note that if this object was created using fromXML(), it might be necessary to keep the original DOM * representation of the object. * - * @param string $method The canonicalization method to use. + * @param \SimpleSAML\XMLSecurity\C14N $method The canonicalization method to use. * @param string[]|null $xpaths An array of XPaths to filter the nodes by. Defaults to null (no filters). * @param string[]|null $prefixes An array of namespace prefixes to filter the nodes by. Defaults to null (no * filters). * @return string */ - public function canonicalize(string $method, ?array $xpaths = null, ?array $prefixes = null): string + public function canonicalize(C14N $method, ?array $xpaths = null, ?array $prefixes = null): string { return XML::canonicalizeData($this->getOriginalXML(), $method, $xpaths, $prefixes); } diff --git a/src/XML/SignableElementInterface.php b/src/XML/SignableElementInterface.php index c2cea1fd..a8610463 100644 --- a/src/XML/SignableElementInterface.php +++ b/src/XML/SignableElementInterface.php @@ -5,6 +5,7 @@ namespace SimpleSAML\XMLSecurity\XML; use SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmInterface; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\XML\ds\KeyInfo; /** @@ -31,12 +32,12 @@ public function getId(): ?string; * * @param \SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmInterface $signer The actual signer implementation * to use. - * @param string $canonicalizationAlg The identifier of the canonicalization algorithm to use. + * @param \SimpleSAML\XMLSecurity\C14N $canonicalizationAlg The identifier of the canonicalization algorithm to use. * @param \SimpleSAML\XMLSecurity\XML\ds\KeyInfo|null $keyInfo A KeyInfo object to add to the signature. */ public function sign( SignatureAlgorithmInterface $signer, - string $canonicalizationAlg, + C14N $canonicalizationAlg, ?KeyInfo $keyInfo = null ): void; } diff --git a/src/XML/SignableElementTrait.php b/src/XML/SignableElementTrait.php index f9b36323..dfd11893 100644 --- a/src/XML/SignableElementTrait.php +++ b/src/XML/SignableElementTrait.php @@ -8,6 +8,7 @@ use SimpleSAML\Assert\Assert; use SimpleSAML\XML\DOMDocumentFactory; use SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmInterface; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\Exception\InvalidArgumentException; use SimpleSAML\XMLSecurity\Exception\RuntimeException; @@ -40,8 +41,8 @@ trait SignableElementTrait /** @var \SimpleSAML\XMLSecurity\XML\ds\Signature|null */ protected ?Signature $signature = null; - /** @var string */ - private string $c14nAlg = C::C14N_EXCLUSIVE_WITHOUT_COMMENTS; + /** @var \SimpleSAML\XMLSecurity\C14N */ + private C14N $c14nAlg = C14N::EXCLUSIVE_WITHOUT_COMMENTS; /** @var \SimpleSAML\XMLSecurity\XML\ds\KeyInfo|null */ private ?KeyInfo $keyInfo = null; @@ -67,24 +68,19 @@ abstract public function getId(): ?string; * * @param \SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmInterface $signer The actual signer implementation * to use. - * @param string $canonicalizationAlg The identifier of the canonicalization algorithm to use. + * @param \SimpleSAML\XMLSecurity\C14N $canonicalizationAlg The identifier of the canonicalization algorithm to use. * @param \SimpleSAML\XMLSecurity\XML\ds\KeyInfo|null $keyInfo A KeyInfo object to add to the signature. */ public function sign( SignatureAlgorithmInterface $signer, - string $canonicalizationAlg = C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, + C14N $canonicalizationAlg = C14N::EXCLUSIVE_WITHOUT_COMMENTS, ?KeyInfo $keyInfo = null ): void { $this->signer = $signer; $this->keyInfo = $keyInfo; Assert::oneOf( $canonicalizationAlg, - [ - C::C14N_INCLUSIVE_WITH_COMMENTS, - C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, - C::C14N_EXCLUSIVE_WITH_COMMENTS, - C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, - ], + C14N::cases(), 'Unsupported canonicalization algorithm: %s', UnsupportedAlgorithmException::class, ); @@ -118,10 +114,10 @@ private function getReference( 'Please give your object an identifier.', RuntimeException::class, ); - if (in_array($this->c14nAlg, [C::C14N_INCLUSIVE_WITH_COMMENTS, C::C14N_EXCLUSIVE_WITH_COMMENTS])) { + if ($this->c14nAlg->withComments()){ $uri = '#xpointer(/)'; } - } elseif (in_array($this->c14nAlg, [C::C14N_INCLUSIVE_WITH_COMMENTS, C::C14N_EXCLUSIVE_WITH_COMMENTS])) { + } elseif ($this->c14nAlg->withComments()) { // regular reference, but must retain comments $uri = '#xpointer(id(' . $id . '))'; } else { // regular reference, can ignore comments diff --git a/src/XML/SignedElementTrait.php b/src/XML/SignedElementTrait.php index c595a1e7..988a7bcc 100644 --- a/src/XML/SignedElementTrait.php +++ b/src/XML/SignedElementTrait.php @@ -10,7 +10,7 @@ use SimpleSAML\XML\Exception\TooManyElementsException; use SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmFactory; use SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmInterface; -use SimpleSAML\XMLSecurity\Constants as C; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\CryptoEncoding\PEM; use SimpleSAML\XMLSecurity\Exception\InvalidArgumentException; use SimpleSAML\XMLSecurity\Exception\NoSignatureFoundException; @@ -87,8 +87,8 @@ private function validateReferenceUri(Reference $reference, DOMElement $xml): vo in_array( $this->signature->getSignedInfo()->getCanonicalizationMethod()->getAlgorithm(), [ - C::C14N_INCLUSIVE_WITH_COMMENTS, - C::C14N_EXCLUSIVE_WITH_COMMENTS, + C14N::INCLUSIVE_WITH_COMMENTS, + C14N::EXCLUSIVE_WITH_COMMENTS, ], ) && !$reference->isXPointer() diff --git a/src/XML/ds/CanonicalizationMethod.php b/src/XML/ds/CanonicalizationMethod.php index f7844a3f..17bf2e8c 100644 --- a/src/XML/ds/CanonicalizationMethod.php +++ b/src/XML/ds/CanonicalizationMethod.php @@ -8,7 +8,7 @@ use SimpleSAML\Assert\Assert; use SimpleSAML\XML\Exception\InvalidDOMElementException; use SimpleSAML\XML\Exception\SchemaViolationException; -use SimpleSAML\XMLSecurity\Constants as C; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Exception\InvalidArgumentException; /** @@ -21,20 +21,14 @@ final class CanonicalizationMethod extends AbstractDsElement /** * Initialize a CanonicalizationMethod element. * - * @param string $Algorithm + * @param \SimpleSAML\XMLSecurity\C14N $Algorithm */ public function __construct( - protected string $Algorithm, + protected C14N $Algorithm, ) { - Assert::validURI($Algorithm, SchemaViolationException::class); Assert::oneOf( $Algorithm, - [ - C::C14N_EXCLUSIVE_WITH_COMMENTS, - C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, - C::C14N_INCLUSIVE_WITH_COMMENTS, - C::C14N_INCLUSIVE_WITHOUT_COMMENTS, - ], + C14N::cases(), 'Invalid canonicalization method: %s', InvalidArgumentException::class, ); @@ -44,9 +38,9 @@ public function __construct( /** * Collect the value of the Algorithm-property * - * @return string + * @return \SimpleSAML\XMLSecurity\C14N */ - public function getAlgorithm(): string + public function getAlgorithm(): C14N { return $this->Algorithm; } @@ -66,7 +60,7 @@ public static function fromXML(DOMElement $xml): static Assert::same($xml->localName, 'CanonicalizationMethod', InvalidDOMElementException::class); Assert::same($xml->namespaceURI, CanonicalizationMethod::NS, InvalidDOMElementException::class); - $Algorithm = CanonicalizationMethod::getAttribute($xml, 'Algorithm'); + $Algorithm = C14N::from(self::getAttribute($xml, 'Algorithm')); return new static($Algorithm); } @@ -81,7 +75,7 @@ public static function fromXML(DOMElement $xml): static public function toXML(DOMElement $parent = null): DOMElement { $e = $this->instantiateParentElement($parent); - $e->setAttribute('Algorithm', $this->getAlgorithm()); + $e->setAttribute('Algorithm', $this->getAlgorithm()->value); return $e; } diff --git a/src/XML/ds/Transform.php b/src/XML/ds/Transform.php index 746a7f82..d2c226c7 100644 --- a/src/XML/ds/Transform.php +++ b/src/XML/ds/Transform.php @@ -9,6 +9,7 @@ use SimpleSAML\XML\Exception\InvalidDOMElementException; use SimpleSAML\XML\Exception\SchemaViolationException; use SimpleSAML\XML\Exception\TooManyElementsException; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\XML\ec\InclusiveNamespaces; @@ -24,19 +25,18 @@ class Transform extends AbstractDsElement /** * Initialize the Transform element. * - * @param string $algorithm + * @param \SimpleSAML\XMLSecurity\C14N|string $algorithm * @param \SimpleSAML\XMLSecurity\XML\ds\XPath|null $xpath * @param \SimpleSAML\XMLSecurity\XML\ec\InclusiveNamespaces|null $prefixes */ final public function __construct( - protected string $algorithm, + protected C14N|string $algorithm, protected ?XPath $xpath = null, protected ?InclusiveNamespaces $inclusiveNamespaces = null, ) { - Assert::validURI($algorithm, SchemaViolationException::class); - if ($xpath !== null) { - Assert::nullOrEq( + Assert::validURI($algorithm, SchemaViolationException::class); + Assert::same( $this->algorithm, C::XPATH_URI, sprintf('Transform algorithm "%s" required if XPath provided.', C::XPATH_URI), @@ -47,13 +47,13 @@ final public function __construct( Assert::oneOf( $this->algorithm, [ - C::C14N_INCLUSIVE_WITH_COMMENTS, - C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, + C14N::INCLUSIVE_WITH_COMMENTS, + C14N::EXCLUSIVE_WITHOUT_COMMENTS, ], sprintf( 'Transform algorithm "%s" or "%s" required if InclusiveNamespaces provided.', - C::C14N_EXCLUSIVE_WITH_COMMENTS, - C::C14N_EXCLUSIVE_WITHOUT_COMMENTS + C14N::EXCLUSIVE_WITH_COMMENTS->value, + C14N::EXCLUSIVE_WITHOUT_COMMENTS->value, ), ); } @@ -63,9 +63,9 @@ final public function __construct( /** * Get the algorithm associated with this transform. * - * @return string + * @return \SimpleSAML\XMLSecurity\C14N|string */ - public function getAlgorithm(): string + public function getAlgorithm(): C14N|string { return $this->algorithm; } @@ -105,6 +105,7 @@ public static function fromXML(DOMElement $xml): static Assert::same($xml->namespaceURI, Transform::NS, InvalidDOMElementException::class); $alg = self::getAttribute($xml, 'Algorithm'); + $alg = C14N::tryFrom($alg) ?? $alg; $xpath = XPath::getChildrenOfClass($xml); Assert::maxCount($xpath, 1, 'Only one XPath element supported per Transform.', TooManyElementsException::class); @@ -132,14 +133,14 @@ public function toXML(DOMElement $parent = null): DOMElement $e = $this->instantiateParentElement($parent); $algorithm = $this->getAlgorithm(); - $e->setAttribute('Algorithm', $algorithm); + $e->setAttribute('Algorithm', is_string($algorithm) ? $algorithm : $algorithm->value); switch ($algorithm) { case C::XPATH_URI: $this->getXpath()?->toXML($e); break; - case C::C14N_EXCLUSIVE_WITH_COMMENTS: - case C::C14N_EXCLUSIVE_WITHOUT_COMMENTS: + case C14N::EXCLUSIVE_WITH_COMMENTS: + case C14N::EXCLUSIVE_WITHOUT_COMMENTS: $this->getInclusiveNamespaces()?->toXML($e); break; } diff --git a/src/XML/ec/AbstractEcElement.php b/src/XML/ec/AbstractEcElement.php index 8509dd21..d717e62e 100644 --- a/src/XML/ec/AbstractEcElement.php +++ b/src/XML/ec/AbstractEcElement.php @@ -15,7 +15,7 @@ abstract class AbstractEcElement extends AbstractElement { /** @var string */ - public const NS = C::C14N_EXCLUSIVE_WITHOUT_COMMENTS; + public const NS = C::NS_EC; /** @var string */ public const NS_PREFIX = 'ec'; diff --git a/tests/XML/SignableElementTest.php b/tests/XML/SignableElementTest.php index 9c17cb11..be238df8 100644 --- a/tests/XML/SignableElementTest.php +++ b/tests/XML/SignableElementTest.php @@ -9,6 +9,7 @@ use SimpleSAML\XML\DOMDocumentFactory; use SimpleSAML\XML\TestUtils\SerializableElementTestTrait; use SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmFactory; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\Exception\RuntimeException; use SimpleSAML\XMLSecurity\Key\PrivateKey; @@ -90,7 +91,7 @@ public function testMarshalling(): void ]), ]); - $customSignable->sign($signer, C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, $keyInfo); + $customSignable->sign($signer, C14N::EXCLUSIVE_WITHOUT_COMMENTS, $keyInfo); $this->assertEquals( self::$signed->saveXML(self::$signed->documentElement), @@ -122,7 +123,7 @@ public function testSigningElement(): void ]), ]); - $customSignable->sign($signer, C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, $keyInfo); + $customSignable->sign($signer, C14N::EXCLUSIVE_WITHOUT_COMMENTS, $keyInfo); $signed = DOMDocumentFactory::fromFile( dirname(__FILE__, 2) . '/resources/xml/custom_CustomSignableSignedWithId.xml', ); @@ -158,7 +159,7 @@ public function testSigningDocumentWithComments(): void ]), ]); - $customSignable->sign($signer, C::C14N_EXCLUSIVE_WITH_COMMENTS, $keyInfo); + $customSignable->sign($signer, C14N::EXCLUSIVE_WITH_COMMENTS, $keyInfo); $signed = DOMDocumentFactory::fromFile( dirname(__FILE__, 2) . '/resources/xml/custom_CustomSignableSignedWithComments.xml', ); @@ -194,7 +195,7 @@ public function testSigningElementWithIdAndComments(): void ]), ]); - $customSignable->sign($signer, C::C14N_EXCLUSIVE_WITH_COMMENTS, $keyInfo); + $customSignable->sign($signer, C14N::EXCLUSIVE_WITH_COMMENTS, $keyInfo); $signed = DOMDocumentFactory::fromFile( dirname(__FILE__, 2) . '/resources/xml/custom_CustomSignableSignedWithCommentsAndId.xml' ); diff --git a/tests/XML/ds/CanonicalizationMethodTest.php b/tests/XML/ds/CanonicalizationMethodTest.php index 32deca75..6559221f 100644 --- a/tests/XML/ds/CanonicalizationMethodTest.php +++ b/tests/XML/ds/CanonicalizationMethodTest.php @@ -9,7 +9,7 @@ use SimpleSAML\XML\DOMDocumentFactory; use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait; use SimpleSAML\XML\TestUtils\SerializableElementTestTrait; -use SimpleSAML\XMLSecurity\Constants as C; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\XML\ds\CanonicalizationMethod; use function dirname; @@ -45,7 +45,7 @@ public static function setUpBeforeClass(): void */ public function testMarshalling(): void { - $canonicalizationMethod = new CanonicalizationMethod(C::C14N_EXCLUSIVE_WITHOUT_COMMENTS); + $canonicalizationMethod = new CanonicalizationMethod(C14N::EXCLUSIVE_WITHOUT_COMMENTS); $this->assertEquals( self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement), @@ -60,6 +60,6 @@ public function testUnmarshalling(): void { $canonicalizationMethod = CanonicalizationMethod::fromXML(self::$xmlRepresentation->documentElement); - $this->assertEquals(C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, $canonicalizationMethod->getAlgorithm()); + $this->assertEquals(C14N::EXCLUSIVE_WITHOUT_COMMENTS, $canonicalizationMethod->getAlgorithm()); } } diff --git a/tests/XML/ds/ManifestTest.php b/tests/XML/ds/ManifestTest.php index 7b3051e9..777d08a3 100644 --- a/tests/XML/ds/ManifestTest.php +++ b/tests/XML/ds/ManifestTest.php @@ -8,6 +8,7 @@ use SimpleSAML\XML\DOMDocumentFactory; use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait; use SimpleSAML\XML\TestUtils\SerializableElementTestTrait; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\XML\ds\DigestMethod; use SimpleSAML\XMLSecurity\XML\ds\DigestValue; @@ -57,7 +58,7 @@ public function testMarshalling(): void new Transforms( [ new Transform(C::XMLDSIG_ENVELOPED), - new Transform(C::C14N_EXCLUSIVE_WITHOUT_COMMENTS), + new Transform(C14N::EXCLUSIVE_WITHOUT_COMMENTS), ], ), 'abc123', diff --git a/tests/XML/ds/ReferenceTest.php b/tests/XML/ds/ReferenceTest.php index 756209fd..632065bd 100644 --- a/tests/XML/ds/ReferenceTest.php +++ b/tests/XML/ds/ReferenceTest.php @@ -8,6 +8,7 @@ use SimpleSAML\XML\DOMDocumentFactory; use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait; use SimpleSAML\XML\TestUtils\SerializableElementTestTrait; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\XML\ds\DigestMethod; use SimpleSAML\XMLSecurity\XML\ds\DigestValue; @@ -55,7 +56,7 @@ public function testMarshalling(): void new Transforms( [ new Transform(C::XMLDSIG_ENVELOPED), - new Transform(C::C14N_EXCLUSIVE_WITHOUT_COMMENTS), + new Transform(C14N::EXCLUSIVE_WITHOUT_COMMENTS), ], ), 'ghi789', @@ -80,7 +81,7 @@ public function testMarshallingReferenceElementOrdering(): void new Transforms( [ new Transform(C::XMLDSIG_ENVELOPED), - new Transform(C::C14N_EXCLUSIVE_WITHOUT_COMMENTS), + new Transform(C14N::EXCLUSIVE_WITHOUT_COMMENTS), ] ), 'ghi789', diff --git a/tests/XML/ds/SignedInfoTest.php b/tests/XML/ds/SignedInfoTest.php index ff032b3f..93941636 100644 --- a/tests/XML/ds/SignedInfoTest.php +++ b/tests/XML/ds/SignedInfoTest.php @@ -9,6 +9,7 @@ use SimpleSAML\XML\DOMDocumentFactory; use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait; use SimpleSAML\XML\TestUtils\SerializableElementTestTrait; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\XML\ds\CanonicalizationMethod; use SimpleSAML\XMLSecurity\XML\ds\Reference; @@ -50,7 +51,7 @@ public static function setUpBeforeClass(): void public function testMarshalling(): void { $signedInfo = new SignedInfo( - new CanonicalizationMethod(C::C14N_EXCLUSIVE_WITHOUT_COMMENTS), + new CanonicalizationMethod(C14N::EXCLUSIVE_WITHOUT_COMMENTS), new SignatureMethod(C::SIG_RSA_SHA256), [ Reference::fromXML( @@ -89,19 +90,19 @@ private function canonicalization(DOMElement $xml, SignedInfo $signedInfo): void { $this->assertEquals( $xml->C14N(true, false), - $signedInfo->canonicalize(C::C14N_EXCLUSIVE_WITHOUT_COMMENTS), + $signedInfo->canonicalize(C14N::EXCLUSIVE_WITHOUT_COMMENTS), ); $this->assertEquals( $xml->C14N(false, false), - $signedInfo->canonicalize(C::C14N_INCLUSIVE_WITHOUT_COMMENTS), + $signedInfo->canonicalize(C14N::INCLUSIVE_WITHOUT_COMMENTS), ); $this->assertEquals( $xml->C14N(true, true), - $signedInfo->canonicalize(C::C14N_EXCLUSIVE_WITH_COMMENTS), + $signedInfo->canonicalize(C14N::EXCLUSIVE_WITH_COMMENTS), ); $this->assertEquals( $xml->C14N(false, true), - $signedInfo->canonicalize(C::C14N_INCLUSIVE_WITH_COMMENTS), + $signedInfo->canonicalize(C14N::INCLUSIVE_WITH_COMMENTS), ); } diff --git a/tests/XML/ds/TransformTest.php b/tests/XML/ds/TransformTest.php index 4431e7f0..d2507839 100644 --- a/tests/XML/ds/TransformTest.php +++ b/tests/XML/ds/TransformTest.php @@ -8,6 +8,7 @@ use SimpleSAML\XML\DOMDocumentFactory; use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait; use SimpleSAML\XML\TestUtils\SerializableElementTestTrait; +use SimpleSAML\XMLSecurity\C14N; use SimpleSAML\XMLSecurity\Constants as C; use SimpleSAML\XMLSecurity\XML\ds\Transform; use SimpleSAML\XMLSecurity\XML\ds\XPath; @@ -59,7 +60,7 @@ public function testMarshalling(): void ); $transform = new Transform( - C::C14N_EXCLUSIVE_WITHOUT_COMMENTS, + C14N::EXCLUSIVE_WITHOUT_COMMENTS, null, new InclusiveNamespaces(["dsig", "soap"]), );