fix(signatory): details on interfaces

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

2 files changed, 18 insertions, 10 deletions

diff --git a/lib/private/Security/Signature/Model/IncomingSignedRequest.php b/lib/private/Security/Signature/Model/IncomingSignedRequest.php
index d644aa8e1c1..0f7dc7cb771 100644
--- a/lib/private/Security/Signature/Model/IncomingSignedRequest.php
+++ b/lib/private/Security/Signature/Model/IncomingSignedRequest.php
@@ -9,6 +9,7 @@ declare(strict_types=1);
 namespace OC\Security\Signature\Model;
 
 use JsonSerializable;
+use NCU\Security\Signature\Enum\DigestAlgorithm;
 use NCU\Security\Signature\Enum\SignatureAlgorithm;
 use NCU\Security\Signature\Exceptions\IdentityNotFoundException;
 use NCU\Security\Signature\Exceptions\IncomingRequestException;
@@ -22,6 +23,7 @@ use NCU\Security\Signature\ISignatureManager;
 use NCU\Security\Signature\Model\Signatory;
 use OC\Security\Signature\SignatureManager;
 use OCP\IRequest;
+use ValueError;
 
 /**
  * @inheritDoc
@@ -107,6 +109,12 @@ class IncomingSignedRequest extends SignedRequest implements
 		}
 
 		// confirm digest value, based on body
+		[$algo, ] = explode('=', $digest);
+		try {
+			$this->setDigestAlgorithm(DigestAlgorithm::from($algo));
+		} catch (ValueError) {
+			throw new IncomingRequestException('unknown digest algorithm');
+		}
 		if ($digest !== $this->getDigest()) {
 			throw new IncomingRequestException('invalid value for digest in header');
 		}
@@ -188,15 +196,14 @@ class IncomingSignedRequest extends SignedRequest implements
 	}
 
 	/**
-	 * @inheritDoc
+	 * set the hostname at the source of the request,
+	 * based on the keyId defined in the signature header.
 	 *
 	 * @param string $origin
-	 * @return IIncomingSignedRequest
 	 * @since 31.0.0
 	 */
-	public function setOrigin(string $origin): IIncomingSignedRequest {
+	private function setOrigin(string $origin): void {
 		$this->origin = $origin;
-		return $this;
 	}
 
 	/**
diff --git a/lib/private/Security/Signature/Model/SignedRequest.php b/lib/private/Security/Signature/Model/SignedRequest.php
index 214e43e8cb3..f30935e83b1 100644
--- a/lib/private/Security/Signature/Model/SignedRequest.php
+++ b/lib/private/Security/Signature/Model/SignedRequest.php
@@ -44,14 +44,15 @@ class SignedRequest implements ISignedRequest, JsonSerializable {
 	}
 
 	/**
-	 * @inheritDoc
+	 * set algorithm used to generate digest
 	 *
 	 * @param DigestAlgorithm $algorithm
 	 *
 	 * @return self
 	 * @since 31.0.0
 	 */
-	public function setDigestAlgorithm(DigestAlgorithm $algorithm): self {
+	protected function setDigestAlgorithm(DigestAlgorithm $algorithm): self {
+		$this->digestAlgorithm = $algorithm;
 		return $this;
 	}
 
@@ -119,14 +120,14 @@ class SignedRequest implements ISignedRequest, JsonSerializable {
 	}
 
 	/**
-	 * @inheritDoc
+	 * store data used to generate signature
 	 *
 	 * @param array $data
 	 *
 	 * @return self
 	 * @since 31.0.0
 	 */
-	public function setSignatureData(array $data): self {
+	protected function setSignatureData(array $data): self {
 		$this->signatureData = $data;
 		return $this;
 	}
@@ -142,14 +143,14 @@ class SignedRequest implements ISignedRequest, JsonSerializable {
 	}
 
 	/**
-	 * @inheritDoc
+	 * set the signed version of the signature
 	 *
 	 * @param string $signature
 	 *
 	 * @return self
 	 * @since 31.0.0
 	 */
-	public function setSignature(string $signature): self {
+	protected function setSignature(string $signature): self {
 		$this->signature = $signature;
 		return $this;
 	}