Fix bank response verifying

.gitignore

@@ -2,3 +2,4 @@
 .DS_Store
 vendor
 test.php
+prod-certs

src/Responses/AbstractResponse.php

@@ -41,13 +41,13 @@ abstract protected function parse(\SimpleXMLElement $xml);
      */
     public function verify()
     {
-        $data = strrev(
-            (string)$this->xml->bank_sign
+        $signature = strrev(
+            base64_decode((string)$this->xml->bank_sign, true)
         );
 
-        $signature = sha1($this->xml->bank->saveXML());
+        $data = $this->xml->bank->saveXML();
 
-        return $this->certManager->verify($data, $signature);
+        return $this->certManager->verify($data, $signature, true);
     }
 
     /**

src/SSL/CertManager.php

@@ -8,14 +8,14 @@ class CertManager
     protected $publicKeyPath;
     protected $privateKeyPath;
     protected $privateKeyPassword;
-    protected $bankKeyPath;
+    protected $bankPublicKeyPath;
 
     public function __construct(array $params)
     {
         $this->publicKeyPath = $params['PUBLIC_KEY_FN'];
         $this->privateKeyPath = $params['PRIVATE_KEY_FN'];
         $this->privateKeyPassword = $params['PRIVATE_KEY_PASS'] ?? false;
-        $this->bankKeyPath = $params['BANK_KEY_FN'] ?? false;
+        $this->bankPublicKeyPath = $params['BANK_PUBLIC_KEY_FN'];
     }
 
     public function sign($data)
@@ -29,11 +29,11 @@ public function sign($data)
         return $result;
     }
 
-    public function verify($data, $signature)
+    public function verify($data, $signature, $bank = false)
     {
-        $publicKey = $this->loadPublicKey();
+        $publicKey = $bank ? $this->loadBankPublicKey() : $this->loadPublicKey();
 
-        return openssl_verify($data, $signature, $publicKey);
+        return (bool)openssl_verify($data, $signature, $publicKey);
     }
 
     private function loadPrivateKey() {
@@ -51,14 +51,14 @@ private function loadPrivateKey() {
     }
 
     private function loadPublicKey() {
-        return openssl_pkey_get_public(
+        return openssl_get_publickey(
             file_get_contents($this->publicKeyPath)
         );
     }
 
     private function loadBankPublicKey() {
-        return openssl_pkey_get_public(
-            file_get_contents($this->bankKeyPath)
+        return openssl_get_publickey(
+            file_get_contents($this->bankPublicKeyPath)
         );
     }
 }

test-certs/config.ini

@@ -3,4 +3,5 @@ MERCHANT_NAME = "Test shop 3"
 MERCHANT_ID = "92061103"
 PRIVATE_KEY_FN = "./test-certs/cert.prv"
 PRIVATE_KEY_PASS = "1q2w3e4r"
-PUBLIC_KEY_FN = "./test-certs/cert.pub"
+PUBLIC_KEY_FN = "./test-certs/cert.pub"
+BANK_PUBLIC_KEY_FN = "./test-certs/kkbca_test.pub"

test-certs/kkbca_test.pub

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdjCCAl6gAwIBAgIFAMGD1pAwDQYJKoZIhvcNAQEEBQAwUzELMAkGA1UEBhMC
+S1oxDDAKBgNVBAoTA0tLQjELMAkGA1UECxMCQ0ExDzANBgNVBAMTBktLQiBDQTEY
+MBYGCSqGSIb3DQEJARYJY2FAa2tiLmt6MB4XDTE1MDgyNzEzMjAwMVoXDTIwMDgy
+NTEzMjAwMVowcTELMAkGA1UEBhMCS1oxDzANBgNVBAcTBkFsbWF0eTETMBEGA1UE
+ChMKa2tiY2FfdGVzdDELMAkGA1UECxMCQVQxEzARBgNVBAMTCmtrYmNhX3Rlc3Qx
+GjAYBgkqhkiG9w0BCQEWC2VwYXlAa2tiLmt6MIGeMA0GCSqGSIb3DQEBAQUAA4GM
+ADCBiAKBgHubvjO36p31yokU3D6I8UEjSoypp9XwDx2BTRH1IpaagcHhIpM89N6D
+IKR5+epfGa38JHoJOP63gtyWBMGeOAfpUa067rXzOeJu5cQDoJP5LGMzGmFGMxmA
+1O+do0vzO5LnMpPxwgQhdY9PeS09DMzFyX6rVtmBdUWe2q0vIk6ZAgMBAAGjgbcw
+gbQwHQYDVR0OBBYEFC6fvGjFXPR7vleUibg0uzC4eNkXMB8GA1UdIwQYMBaAFO9d
+p2Mor8bzfndC253ghJUGfXJTMAwGA1UdEwQFMAMBAQAwDgYDVR0PAQH/BAQDAgTw
+MDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly93d3cua2tiLmt6L2NlcnRyb290L2tr
+YmNhLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcN
+AQEEBQADggEBAAn2TBxC2ojyerV/rfFCId4Ef/+tbXGq36G2aJzqjd4ptEIrv8Vv
+TEOa8n8cvZ19cFM5V0rF6yu8We5nwGHNoReA6c9sxk0d7g9tsCEeXEn1DCyccQPV
+ptmUvg/l6pHKT6E3yNOyBFCAaXNiRatFzEeiCIFCway9vr4JgkVpCSfWzkTswLX4
+rePQFs/tHR3W4r9GntB5m5GEdLq6tv4ZwMweVOdfHWYT0kdp3/NWFovz81E40/FF
+TpZFCTyetMv89ffH/MzEPuSYsj8A++RvVUBqjiVEyLSz1ir6sNvsQDLc3mACg1HB
+w+lJunGmquzFWUE1vo42Q1m9nLCOSfwAmRI=
+-----END CERTIFICATE-----