Use setter, so we can use that to enforce SAML-specifics upstream

simplesamlphp · Jul 22, 2024 · fc0b03b · fc0b03b
1 parent 13219e5
commit fc0b03b
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/src/XML/SignableElementTrait.php b/src/XML/SignableElementTrait.php
@@ -182,7 +182,7 @@ protected function doSign(DOMElement $xml): DOMElement
         $signingData = $signedInfo->canonicalize($this->c14nAlg);
         $signedData = base64_encode($this->signer->sign($signingData));
 
-        $this->signature = new Signature($signedInfo, new SignatureValue($signedData), $this->keyInfo);
+        $this->setSignature(new Signature($signedInfo, new SignatureValue($signedData), $this->keyInfo));
         return DOMDocumentFactory::fromString($canonicalDocument)->documentElement;
     }
 

diff --git a/src/XML/SignedElementTrait.php b/src/XML/SignedElementTrait.php
@@ -86,7 +86,7 @@ private function validateReferenceUri(Reference $reference, DOMElement $xml): vo
     {
         if (
             in_array(
-                $this->signature->getSignedInfo()->getCanonicalizationMethod()->getAlgorithm(),
+                $this->getSignature()->getSignedInfo()->getCanonicalizationMethod()->getAlgorithm(),
                 [
                     C::C14N_INCLUSIVE_WITH_COMMENTS,
                     C::C14N_EXCLUSIVE_WITH_COMMENTS,
@@ -183,7 +183,7 @@ private function validateReference(SignedInfo $signedInfo): SignedElementInterfa
     private function verifyInternal(SignatureAlgorithmInterface $verifier): SignedElementInterface
     {
         /** @var \SimpleSAML\XMLSecurity\XML\ds\Signature $this->signature */
-        $signedInfo = $this->signature->getSignedInfo();
+        $signedInfo = $this->getSignature()->getSignedInfo();
         $c14nAlg = $signedInfo->getCanonicalizationMethod()->getAlgorithm();
 
         // the canonicalized ds:SignedInfo element (plaintext)
@@ -195,7 +195,7 @@ private function verifyInternal(SignatureAlgorithmInterface $verifier): SignedEl
         if (
             $verifier?->verify(
                 $c14nSignedInfo, // the canonicalized ds:SignedInfo element (plaintext)
-                base64_decode($this->signature->getSignatureValue()->getRawContent(), true), // the actual signature
+                base64_decode($this->getSignature()->getSignatureValue()->getRawContent(), true), // the actual signature
             )
         ) {
             /*