function testModifiedDocumentDoesntVerifySignature() { // $this->markTestSkipped('Skip RSA test for performance reasons'); $data = "this has to be signed"; $signature = $this->cryptoManager->createSignature($data, $this->privateKey); $data = "this has been modified"; $this->assertFalse($this->cryptoManager->verifySignature($data, $signature, $this->publicKey)); }
/** * Validate a command request * - Validity of session token * - Session token expiration * - Client host address * - Encrypted data signature * * @param tx_caretakerinstance_CommandRequest $commandRequest * @return boolean */ public function validateRequest(tx_caretakerinstance_CommandRequest $commandRequest) { $sessionToken = $commandRequest->getSessionToken(); $timestamp = $this->cryptoManager->verifySessionToken($sessionToken, $this->privateKey); if (time() - $timestamp > $this->sessionTokenExpiration) { // Session token expired return FALSE; } elseif (strlen($this->clientHostAddressRestriction) && $commandRequest->getClientHostAddress() != $this->clientHostAddressRestriction) { // Client IP address is not allowed return FALSE; } elseif (!$this->cryptoManager->verifySignature($commandRequest->getDataForSignature(), $commandRequest->getSignature(), $this->clientPublicKey)) { // Signature didn't verify return FALSE; } return TRUE; }