/** * @param PaymentRequestBuf $request * @return PaymentRequestBuf * @throws \Exception */ public function apply(PaymentRequestBuf $request) { $request->setPkiType($this->type); $request->setSignature(''); if ($this->type !== 'none') { $request->setPkiData($this->certificates->serialize()); $data = $request->serialize(); $signature = ''; $result = openssl_sign($data, $signature, $this->privateKey, $this->algoConst); if ($signature === false || $result === false) { throw new \Exception('Error during signing: Unable to create signature'); } $request->setSignature($signature); } return $request; }
/** * @return bool */ public function verifySignature() { if ($this->request->getPkiType() === 'none') { return true; } $algorithm = $this->request->getPkiType() === 'x509+sha256' ? OPENSSL_ALGO_SHA256 : OPENSSL_ALGO_SHA1; $signature = $this->request->getSignature(); $clone = clone $this->request; $clone->setSignature(''); $data = $clone->serialize(); // Parse the public key $certificates = new X509CertificatesBuf(); $certificates->parse($clone->getPkiData()); $certificate = $this->der2pem($certificates->getCertificate(0)); $pubkeyid = openssl_pkey_get_public($certificate); return 1 === openssl_verify($data, $signature, $pubkeyid, $algorithm); }
/** * Applies the configured signature algorithm, adding values to * the protobuf: 'pkiType', 'signature', 'pkiData' * * @param PaymentRequestBuf $request * @return PaymentRequestBuf * @throws \Exception */ public function apply(PaymentRequestBuf $request) { $request->setPkiType($this->type); $request->setSignature(''); if ($this->type !== 'none') { // PkiData must be captured in signature, and signature must be empty! $request->setPkiData($this->certificates->serialize()); $signature = $this->signData($request->serialize()); $request->setSignature($signature); } return $request; }