Skip to content

Commit 5e10295

Browse files
JanSlabonJanSlabon
committed
Update Module.php
- Enabled processing of ECC signatures.
1 parent 3ee2880 commit 5e10295

1 file changed

Lines changed: 15 additions & 12 deletions

File tree

src/Module.php

Lines changed: 15 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -148,21 +148,24 @@ public static function updateCmsForPssPadding(
148148

149149
public static function fixEccSignatures(string $signatureValue): string
150150
{
151-
throw new NotImplementedException(
152-
'EC signatures were not tested yet. Please contact support@setasign.com with details of your CSC API.'
153-
);
154151
// Let's ensure that the ECDSA-Sig-Value is DER encoded.
155152
// Some other services (e.g. KMS systems) return the signature value as raw concatenated "r+s" value.
156153
// Maybe this also happens by a CSC API? The signature encoding is sadly not defined.
157-
// try {
158-
// Asn1Element::parse($signatureValue);
159-
//
160-
// } catch (Asn1Exception $e) {
154+
try {
155+
// we would catch this raw structure here
156+
Asn1Element::parse($signatureValue);
157+
158+
} catch (Asn1Exception $e) {
159+
// as we only have a good service found, we still throw an exception for further investigation
160+
throw new NotImplementedException(
161+
'Faulty EC signatures were not tested yet. Please contact support@setasign.com with details of your CSC API.'
162+
);
163+
161164
// /* According to RFC5753 2.1.1:
162165
// * - signature MUST contain the DER encoding (as an octet string) of a value of the ASN.1 type
163166
// * ECDSA-Sig-Value (see Section 7.2).
164167
// */
165-
// $len = strlen($signatureValue);
168+
// $len = \strlen($signatureValue);
166169
//
167170
// $s = \substr($signatureValue, 0, $len / 2);
168171
// if (\ord($s[0]) & 0x80) { // ensure positive integers
@@ -173,17 +176,17 @@ public static function fixEccSignatures(string $signatureValue): string
173176
// $r = "\0" . $r;
174177
// }
175178
//
176-
// $signatureValue = new Asn1Element(
179+
// $signatureValue = (string)new Asn1Element(
177180
// Asn1Element::SEQUENCE | Asn1Element::IS_CONSTRUCTED,
178181
// '',
179182
// [
180183
// new Asn1Element(Asn1Element::INTEGER, $s),
181184
// new Asn1Element(Asn1Element::INTEGER, $r),
182185
// ]
183186
// );
184-
// }
185-
//
186-
// return $signatureValue;
187+
}
188+
189+
return $signatureValue;
187190
}
188191

189192
/**

0 commit comments

Comments
 (0)