public function testGenerateAndSign() { $key = new Key(); $key->generate(); $data_to_sign = 'The quick brown fox jumps over the lazy dog'; $signature = $key->sign($data_to_sign); $this->assertTrue($key->verify($data_to_sign, $signature)); }
public function testLoadAndSignWithText() { $public_contents = file_get_contents($this->pubkey); $private_contents = file_get_contents($this->privkey); $key = new Key(); $key->load($public_contents, $private_contents); $data_to_sign = 'The quick brown fox jumps over the lazy dog'; $signature = $key->sign($data_to_sign); $this->assertTrue($key->verify($data_to_sign, $signature)); }
/** * Construct a HMAC for a request. * * Creating a HMAC for a request requires knowledge of a key that is shared between * the client and server and should not be disclosed to any third party. * * A client generated nonce is also created and added to the request data. This * *should* (but does not have to be) checked and verified on the server. The nonce * is used to ensure that no two requests have the same data even if the endpoint * and request data are the same. * * The request data *should* (but does not have to) contain a server generated nonce. * The server generated nonce should be used exactly once -- generated on the server, * used by the client and then discarded. * * Adds the following array entities to $request_data: * * * cnonce -- the client generated nonce * * hmac -- the hmac, created with the shared key made by setSharedKey() * * Returns the HMAC * * @param array $request_data * * @return string */ public function createHMAC(array &$request_data) { // Make a nonce $request_data['cnonce'] = $this->createNonce(); // Get the data to be signed. $data_to_sign = http_build_query($request_data); // Create the key $sharedKey = new Key(); $sharedKey->setSharedKey($this->sharedKey); // Create the signature. $base64_hmac = $sharedKey->sign($data_to_sign); $request_data['hmac'] = $base64_hmac; return $base64_hmac; }