public function testAuthorizeStuff()
{
$DS = new TOGoS_RSAUtil_DataStore();
$key1 = TOGoS_RSAUtil_KeyPair::generate(array('size' => 2048), $DS);
$key2 = TOGoS_RSAUtil_KeyPair::generate(array('size' => 2048), $DS);
$SA = new TOGoS_RSAUtil_SimpleAuthorizer(array($key1->getPublicKeyUri()), $DS);
$msg = "Hello, worlde!";
$sig1 = TOGoS_RSAUtil::sign($msg, $key1);
$sig2 = TOGoS_RSAUtil::sign($msg, $key2);
$this->assertTrue($SA->isAuthorized($sig1));
$this->assertFalse($SA->isAuthorized($sig2));
}
public function testVerifyValidSignature()
{
$keyPair = TOGoS_RSAUtil_KeyPair::generate(array('size' => 1024));
// For faster unit testing
$DS = new TOGoS_RSAUtil_DataStore();
$pubKeyUri = $DS->store($keyPair->getPublicKeyDer());
// I guess we're also testing generateKeyPair, then.
$this->assertEquals($pubKeyUri, $keyPair->getPublicKeyUri());
$data = "Hello, world!";
$sig = TOGoS_RSAUtil::sign($data, $keyPair);
$this->assertTrue(TOGoS_RSAUtil::verif($sig, $DS), "Signature should have verified!");
// Change the data and make sure the signature's no longer valid!
$badSig = new TOGoS_RSAUtil_Signature($sig->getPublicKeyUri(), Nife_Util::blob($data . '; drop all tables'), $sig->getAlgorithmName(), $sig->getSignatureBytes());
$this->assertFalse(TOGoS_RSAUtil::verif($badSig, $DS), "Signature should have verified!");
}
/**
* Returns a Signature object
*/
public static function sign($data, TOGoS_RSAUtil_KeyPair $keyPair, $sslAlgo = OPENSSL_ALGO_SHA1)
{
openssl_sign((string) $data, $sigBytes, $keyPair->getPrivateKeyPem(), $sslAlgo);
return new TOGoS_RSAUtil_Signature($keyPair->getPublicKeyUri(), Nife_Util::blob($data), TOGoS_RSAUtil_Util::rsaAlgoNameFromId($sslAlgo), $sigBytes);
}
