From 78329fbae34c9b25ba25882604e960f506d7c0e7 Mon Sep 17 00:00:00 2001
From: Chris Barth <chrisjbarth@hotmail.com>
Date: Sun, 18 Jun 2023 07:33:41 -0400
Subject: [PATCH] Rename `signingCert` -> `publicCert` and `signingKey` ->
 `privateKey` (#315)

---
 README.md                           | 26 ++++++------
 example/example.js                  |  4 +-
 index.d.ts                          |  8 ++--
 lib/signed-xml.js                   | 26 ++++++------
 test/document-test.js               |  4 +-
 test/hmac-tests.js                  |  8 ++--
 test/key-info-tests.js              |  8 ++--
 test/saml-response-test.js          | 10 ++---
 test/signature-integration-tests.js | 14 +++----
 test/signature-unit-tests.js        | 62 ++++++++++++++---------------
 test/wsfed-metadata-test.js         |  2 +-
 11 files changed, 86 insertions(+), 86 deletions(-)

diff --git a/README.md b/README.md
index bcd9e77c..08fd8af4 100644
--- a/README.md
+++ b/README.md
@@ -67,7 +67,7 @@ _Signature Algorithm:_ RSA-SHA1 http://www.w3.org/2000/09/xmldsig#rsa-sha1
 
 When signing a xml document you can specify the following properties on a `SignedXml` instance to customize the signature process:
 
-- `sign.signingKey` - **[required]** a `Buffer` or pem encoded `String` containing your private key
+- `sign.privateKey` - **[required]** a `Buffer` or pem encoded `String` containing your private key
 - `sign.signatureAlgorithm` - **[optional]** one of the supported [signature algorithms](#signature-algorithms). Ex: `sign.signatureAlgorithm = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"`
 - `sign.canonicalizationAlgorithm` - **[optional]** one of the supported [canonicalization algorithms](#canonicalization-and-transformation-algorithms). Ex: `sign.canonicalizationAlgorithm = "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"`
 
@@ -81,7 +81,7 @@ var xml = "<library>" + "<book>" + "<name>Harry Potter</name>" + "</book>" + "</
 
 var sig = new SignedXml();
 sig.addReference("//*[local-name(.)='book']");
-sig.signingKey = fs.readFileSync("client.pem");
+sig.privateKey = fs.readFileSync("client.pem");
 sig.computeSignature(xml);
 fs.writeFileSync("signed.xml", sig.getSignedXml());
 ```
@@ -118,9 +118,9 @@ To generate a `<X509Data></X509Data>` element in the signature you must provide
 
 When verifying a xml document you must specify the following properties on a ``SignedXml` instance:
 
-- `sign.signingCert` - **[optional]** your certificate as a string, a string of multiple certs in PEM format, or a Buffer, see [customizing algorithms](#customizing-algorithms) for an implementation example
+- `sign.publicCert` - **[optional]** your certificate as a string, a string of multiple certs in PEM format, or a Buffer, see [customizing algorithms](#customizing-algorithms) for an implementation example
 
-The certificate that will be used to check the signature will first be determined by calling `.getCertFromKeyInfo()`, which function you can customize as you see fit. If that returns `null`, then `.signingCert` is used. If that is `null`, then `.signingKey` is used (for symmetrical signing applications).
+The certificate that will be used to check the signature will first be determined by calling `.getCertFromKeyInfo()`, which function you can customize as you see fit. If that returns `null`, then `.publicCert` is used. If that is `null`, then `.privateKey` is used (for symmetrical signing applications).
 
 You can use any dom parser you want in your code (or none, depending on your usage). This sample uses [xmldom](https://github.com/jindw/xmldom) so you should install it first:
 
@@ -144,7 +144,7 @@ var signature = select(
   "//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']"
 )[0];
 var sig = new SignedXml();
-sig.signingCert = new FileKeyInfo("client_public.pem");
+sig.publicCert = new FileKeyInfo("client_public.pem");
 sig.loadSignature(signature);
 var res = sig.checkSignature(xml);
 if (!res) console.log(sig.validationErrors);
@@ -179,7 +179,7 @@ If you keep failing verification, it is worth trying to guess such a hidden tran
 ```javascript
 var option = { implicitTransforms: ["http://www.w3.org/TR/2001/REC-xml-c14n-20010315"] };
 var sig = new SignedXml(null, option);
-sig.signingCert = new FileKeyInfo("client_public.pem");
+sig.publicCert = new FileKeyInfo("client_public.pem");
 sig.loadSignature(signature);
 var res = sig.checkSignature(xml);
 ```
@@ -272,7 +272,7 @@ A custom signing algorithm. The default is RSA-SHA1.
 ```javascript
 function MySignatureAlgorithm() {
   /*sign the given SignedInfo using the key. return base64 signature value*/
-  this.getSignature = function (signedInfo, signingKey) {
+  this.getSignature = function (signedInfo, privateKey) {
     return "signature of signedInfo as base64...";
   };
 
@@ -333,7 +333,7 @@ function signXml(xml, xpath, key, dest) {
 
   /*configure the signature object to use the custom algorithms*/
   sig.signatureAlgorithm = "http://mySignatureAlgorithm";
-  sig.signingCert = fs.readFileSync("my_public_cert.pem", "latin1");
+  sig.publicCert = fs.readFileSync("my_public_cert.pem", "latin1");
   sig.canonicalizationAlgorithm = "http://MyCanonicalization";
   sig.addReference(
     "//*[local-name(.)='x']",
@@ -341,7 +341,7 @@ function signXml(xml, xpath, key, dest) {
     "http://myDigestAlgorithm"
   );
 
-  sig.signingKey = fs.readFileSync(key);
+  sig.privateKey = fs.readFileSync(key);
   sig.addReference(xpath);
   sig.computeSignature(xml);
   fs.writeFileSync(dest, sig.getSignedXml());
@@ -361,10 +361,10 @@ If the private key is not stored locally and you wish to use a signing server or
 
 ```javascript
 function AsyncSignatureAlgorithm() {
-  this.getSignature = function (signedInfo, signingKey, callback) {
+  this.getSignature = function (signedInfo, privateKey, callback) {
     var signer = crypto.createSign("RSA-SHA1");
     signer.update(signedInfo);
-    var res = signer.sign(signingKey, "base64");
+    var res = signer.sign(privateKey, "base64");
     //Do some asynchronous things here
     callback(null, res);
   };
@@ -427,7 +427,7 @@ var xml = "<library>" + "<book>" + "<name>Harry Potter</name>" + "</book>" + "</
 
 var sig = new SignedXml();
 sig.addReference("//*[local-name(.)='book']");
-sig.signingKey = fs.readFileSync("client.pem");
+sig.privateKey = fs.readFileSync("client.pem");
 sig.computeSignature(xml, {
   prefix: "ds",
 });
@@ -451,7 +451,7 @@ var xml = "<library>" + "<book>" + "<name>Harry Potter</name>" + "</book>" + "</
 
 var sig = new SignedXml();
 sig.addReference("//*[local-name(.)='book']");
-sig.signingKey = fs.readFileSync("client.pem");
+sig.privateKey = fs.readFileSync("client.pem");
 sig.computeSignature(xml, {
   location: { reference: "//*[local-name(.)='book']", action: "after" }, //This will place the signature after the book element
 });
diff --git a/example/example.js b/example/example.js
index ae539ba4..5fa94c68 100644
--- a/example/example.js
+++ b/example/example.js
@@ -7,7 +7,7 @@ const fs = require("fs");
 
 function signXml(xml, xpath, key, dest) {
   const sig = new SignedXml();
-  sig.signingKey = fs.readFileSync(key);
+  sig.privateKey = fs.readFileSync(key);
   sig.addReference(xpath);
   sig.computeSignature(xml);
   fs.writeFileSync(dest, sig.getSignedXml());
@@ -20,7 +20,7 @@ function validateXml(xml, key) {
     doc
   )[0];
   const sig = new SignedXml();
-  sig.signingCert = key;
+  sig.publicCert = key;
   sig.loadSignature(signature.toString());
   const res = sig.checkSignature(xml);
   if (!res) {
diff --git a/index.d.ts b/index.d.ts
index 32861375..b202d217 100644
--- a/index.d.ts
+++ b/index.d.ts
@@ -97,7 +97,7 @@ export interface HashAlgorithm {
 export interface SignatureAlgorithm {
   getAlgorithmName(): SignatureAlgorithmType;
 
-  getSignature(signedInfo: Node, signingKey: Buffer): string;
+  getSignature(signedInfo: Node, privateKey: Buffer): string;
 }
 
 /** Implement this to create a new TransformAlgorithm */
@@ -110,8 +110,8 @@ export interface TransformAlgorithm {
 /**
  * ### Sign
  * #### Properties
- * - {@link SignedXml#signingKey} [required]
- * - {@link SignedXml#keyInfoProvider} [optional]
+ * - {@link SignedXml#privateKey} [required]
+ * - {@link SignedXml#publicCert} [optional]
  * - {@link SignedXml#signatureAlgorithm} [optional]
  * - {@link SignedXml#canonicalizationAlgorithm} [optional]
  * #### Api
@@ -123,7 +123,7 @@ export interface TransformAlgorithm {
  *
  * ### Verify
  * #### Properties
- * -  {@link SignedXml#keyInfoProvider} [required]
+ * -  {@link SignedXml#publicCert} [optional]
  * #### Api
  *  - {@link SignedXml#loadSignature}
  *  - {@link SignedXml#checkSignature}
diff --git a/lib/signed-xml.js b/lib/signed-xml.js
index 158e8c44..6bda2d4e 100644
--- a/lib/signed-xml.js
+++ b/lib/signed-xml.js
@@ -58,10 +58,10 @@ function RSASHA1() {
    * Sign the given string using the given key
    *
    */
-  this.getSignature = function (signedInfo, signingKey, callback) {
+  this.getSignature = function (signedInfo, privateKey, callback) {
     const signer = crypto.createSign("RSA-SHA1");
     signer.update(signedInfo);
-    const res = signer.sign(signingKey, "base64");
+    const res = signer.sign(privateKey, "base64");
     if (callback) {
       callback(null, res);
     }
@@ -96,10 +96,10 @@ function RSASHA256() {
    * Sign the given string using the given key
    *
    */
-  this.getSignature = function (signedInfo, signingKey, callback) {
+  this.getSignature = function (signedInfo, privateKey, callback) {
     const signer = crypto.createSign("RSA-SHA256");
     signer.update(signedInfo);
-    const res = signer.sign(signingKey, "base64");
+    const res = signer.sign(privateKey, "base64");
     if (callback) {
       callback(null, res);
     }
@@ -134,10 +134,10 @@ function RSASHA512() {
    * Sign the given string using the given key
    *
    */
-  this.getSignature = function (signedInfo, signingKey, callback) {
+  this.getSignature = function (signedInfo, privateKey, callback) {
     const signer = crypto.createSign("RSA-SHA512");
     signer.update(signedInfo);
-    const res = signer.sign(signingKey, "base64");
+    const res = signer.sign(privateKey, "base64");
     if (callback) {
       callback(null, res);
     }
@@ -175,8 +175,8 @@ function HMACSHA1() {
     return "http://www.w3.org/2000/09/xmldsig#hmac-sha1";
   };
 
-  this.getSignature = function (signedInfo, signingKey) {
-    const verifier = crypto.createHmac("SHA1", signingKey);
+  this.getSignature = function (signedInfo, privateKey) {
+    const verifier = crypto.createHmac("SHA1", privateKey);
     verifier.update(signedInfo);
     const res = verifier.digest("base64");
     return res;
@@ -311,8 +311,8 @@ function SignedXml(idMode, options) {
   this.idMode = idMode;
   this.references = [];
   this.id = 0;
-  this.signingKey = null;
-  this.signingCert = null;
+  this.privateKey = null;
+  this.publicCert = null;
   this.signatureAlgorithm =
     this.options.signatureAlgorithm || "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
   this.canonicalizationAlgorithm =
@@ -504,7 +504,7 @@ SignedXml.prototype.validateSignatureValue = function (doc, callback) {
   const signer = this.findSignatureAlgorithm(this.signatureAlgorithm);
   const res = signer.verifySignature(
     signedInfoCanon,
-    this.getCertFromKeyInfo(this.keyInfo) || this.signingCert || this.signingKey,
+    this.getCertFromKeyInfo(this.keyInfo) || this.publicCert || this.privateKey,
     this.signatureValue,
     callback
   );
@@ -519,7 +519,7 @@ SignedXml.prototype.validateSignatureValue = function (doc, callback) {
 SignedXml.prototype.calculateSignatureValue = function (doc, callback) {
   const signedInfoCanon = this.getCanonSignedInfoXml(doc);
   const signer = this.findSignatureAlgorithm(this.signatureAlgorithm);
-  this.signatureValue = signer.getSignature(signedInfoCanon, this.signingKey, callback);
+  this.signatureValue = signer.getSignature(signedInfoCanon, this.privateKey, callback);
 };
 
 SignedXml.prototype.findSignatureAlgorithm = function (name) {
@@ -954,7 +954,7 @@ SignedXml.prototype.getKeyInfo = function (prefix) {
       keyInfoAttrs += " " + name + '="' + this.keyInfoAttributes[name] + '"';
     });
   }
-  const keyInfoContent = this.getKeyInfoContent({ publicCert: this.signingCert, prefix });
+  const keyInfoContent = this.getKeyInfoContent({ publicCert: this.publicCert, prefix });
   if (keyInfoAttrs !== "" || keyInfoContent != null) {
     res += "<" + currentPrefix + "KeyInfo" + keyInfoAttrs + ">";
     res += keyInfoContent;
diff --git a/test/document-test.js b/test/document-test.js
index bade7613..47d27d61 100644
--- a/test/document-test.js
+++ b/test/document-test.js
@@ -17,7 +17,7 @@ describe("Document tests", function () {
         .toString()
     );
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/feide_public.pem");
+    sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
@@ -37,7 +37,7 @@ describe("Document tests", function () {
     );
     const sig = new crypto.SignedXml();
     const feidePublicCert = fs.readFileSync("./test/static/feide_public.pem");
-    sig.signingCert = feidePublicCert;
+    sig.publicCert = feidePublicCert;
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
diff --git a/test/hmac-tests.js b/test/hmac-tests.js
index f1128509..e9e711e4 100644
--- a/test/hmac-tests.js
+++ b/test/hmac-tests.js
@@ -15,7 +15,7 @@ describe("HMAC tests", function () {
     )[0];
     const sig = new crypto.SignedXml();
     sig.enableHMAC();
-    sig.signingCert = fs.readFileSync("./test/static/hmac.key");
+    sig.publicCert = fs.readFileSync("./test/static/hmac.key");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
@@ -31,7 +31,7 @@ describe("HMAC tests", function () {
     )[0];
     const sig = new crypto.SignedXml();
     sig.enableHMAC();
-    sig.signingCert = fs.readFileSync("./test/static/hmac-foobar.key");
+    sig.publicCert = fs.readFileSync("./test/static/hmac-foobar.key");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
@@ -42,7 +42,7 @@ describe("HMAC tests", function () {
     const xml = "<library>" + "<book>" + "<name>Harry Potter</name>" + "</book>" + "</library>";
     const sig = new crypto.SignedXml();
     sig.enableHMAC();
-    sig.signingKey = fs.readFileSync("./test/static/hmac.key");
+    sig.privateKey = fs.readFileSync("./test/static/hmac.key");
     sig.signatureAlgorithm = "http://www.w3.org/2000/09/xmldsig#hmac-sha1";
     sig.addReference("//*[local-name(.)='book']");
     sig.computeSignature(xml);
@@ -54,7 +54,7 @@ describe("HMAC tests", function () {
     )[0];
     const verify = new crypto.SignedXml();
     verify.enableHMAC();
-    verify.signingCert = fs.readFileSync("./test/static/hmac.key");
+    verify.publicCert = fs.readFileSync("./test/static/hmac.key");
     verify.loadSignature(signature);
     const result = verify.checkSignature(sig.getSignedXml());
 
diff --git a/test/key-info-tests.js b/test/key-info-tests.js
index 1fe58435..479df176 100644
--- a/test/key-info-tests.js
+++ b/test/key-info-tests.js
@@ -10,8 +10,8 @@ describe("KeyInfo tests", function () {
   it("adds X509Certificate element during signature", function () {
     const xml = "<root><x /></root>";
     const sig = new SignedXml();
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
-    sig.signingCert = fs.readFileSync("./test/static/client_public.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
+    sig.publicCert = fs.readFileSync("./test/static/client_public.pem");
     sig.computeSignature(xml);
     const signedXml = sig.getSignedXml();
     const doc = new xmldom.DOMParser().parseFromString(signedXml);
@@ -22,8 +22,8 @@ describe("KeyInfo tests", function () {
   it("make sure private hmac key is not leaked due to key confusion", function () {
     const xml = "<library>" + "<book>" + "<name>Harry Potter</name>" + "</book>" + "</library>";
     const sig = new crypto.SignedXml();
-    sig.signingKey = fs.readFileSync("./test/static/hmac.key");
-    sig.signingCert = fs.readFileSync("./test/static/hmac.key");
+    sig.privateKey = fs.readFileSync("./test/static/hmac.key");
+    sig.publicCert = fs.readFileSync("./test/static/hmac.key");
     sig.signatureAlgorithm = "http://www.w3.org/2000/09/xmldsig#hmac-sha1";
     sig.enableHMAC();
     sig.addReference("//*[local-name(.)='book']");
diff --git a/test/saml-response-test.js b/test/saml-response-test.js
index 1be09d8d..f80a7a79 100644
--- a/test/saml-response-test.js
+++ b/test/saml-response-test.js
@@ -13,7 +13,7 @@ describe("SAML response tests", function () {
       doc
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/feide_public.pem");
+    sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
@@ -29,7 +29,7 @@ describe("SAML response tests", function () {
       assertion
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/feide_public.pem");
+    sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
     sig.loadSignature(signature);
     expect(function () {
       sig.checkSignature(xml);
@@ -46,7 +46,7 @@ describe("SAML response tests", function () {
       doc
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/saml_external_ns.pem");
+    sig.publicCert = fs.readFileSync("./test/static/saml_external_ns.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
     expect(result).to.be.true;
@@ -61,7 +61,7 @@ describe("SAML response tests", function () {
       assertion
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/feide_public.pem");
+    sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
     sig.loadSignature(signature);
     expect(function () {
       sig.checkSignature(xml);
@@ -76,7 +76,7 @@ describe("SAML response tests", function () {
       doc
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/feide_public.pem");
+    sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
     // This doesn't matter, just want to make sure that we don't fail due to unknown algorithm
diff --git a/test/signature-integration-tests.js b/test/signature-integration-tests.js
index 80d77bc5..ed02ebba 100644
--- a/test/signature-integration-tests.js
+++ b/test/signature-integration-tests.js
@@ -8,7 +8,7 @@ const expect = require("chai").expect;
 describe("Signature integration tests", function () {
   function verifySignature(xml, expected, xpath) {
     const sig = new SignedXml();
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.keyInfo = null;
 
     xpath.map(function (n) {
@@ -87,7 +87,7 @@ describe("Signature integration tests", function () {
       "</Signature>";
 
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/client_public.pem");
+    sig.publicCert = fs.readFileSync("./test/static/client_public.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
@@ -111,7 +111,7 @@ describe("Signature integration tests", function () {
       doc
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/windows_store_certificate.pem");
+    sig.publicCert = fs.readFileSync("./test/static/windows_store_certificate.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
@@ -128,7 +128,7 @@ describe("Signature integration tests", function () {
       doc
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/signature_with_inclusivenamespaces.pem");
+    sig.publicCert = fs.readFileSync("./test/static/signature_with_inclusivenamespaces.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
@@ -148,7 +148,7 @@ describe("Signature integration tests", function () {
       doc
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/signature_with_inclusivenamespaces.pem");
+    sig.publicCert = fs.readFileSync("./test/static/signature_with_inclusivenamespaces.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
@@ -168,7 +168,7 @@ describe("Signature integration tests", function () {
       doc
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/signature_with_inclusivenamespaces.pem");
+    sig.publicCert = fs.readFileSync("./test/static/signature_with_inclusivenamespaces.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);
 
@@ -180,7 +180,7 @@ describe("Signature integration tests", function () {
 
     const sig = new SignedXml();
     sig.addReference("//*[local-name(.)='book']");
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.computeSignature(xml);
 
     const signed = sig.getSignedXml();
diff --git a/test/signature-unit-tests.js b/test/signature-unit-tests.js
index f1190729..2d52fdcf 100644
--- a/test/signature-unit-tests.js
+++ b/test/signature-unit-tests.js
@@ -14,7 +14,7 @@ describe("Signature unit tests", function () {
     )[0];
 
     const sig = new SignedXml(mode);
-    sig.signingCert = fs.readFileSync("./test/static/client_public.pem");
+    sig.publicCert = fs.readFileSync("./test/static/client_public.pem");
     sig.loadSignature(node);
     try {
       const res = sig.checkSignature(xml);
@@ -93,7 +93,7 @@ describe("Signature unit tests", function () {
       prefix +
       "Id='_1'></x>";
     const sig = new SignedXml(mode);
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.addReference("//*[local-name(.)='x']");
     sig.computeSignature(xml);
     const signedXml = sig.getOriginalXmlWithIds();
@@ -113,7 +113,7 @@ describe("Signature unit tests", function () {
   function verifyAddsId(mode, nsMode) {
     const xml = '<root><x xmlns="ns"></x><y attr="value"></y><z><w></w></z></root>';
     const sig = new SignedXml(mode);
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
 
     sig.addReference("//*[local-name(.)='x']");
     sig.addReference("//*[local-name(.)='y']");
@@ -145,7 +145,7 @@ describe("Signature unit tests", function () {
       xmlns: "http://custom-xmlns#",
     };
 
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
 
     sig.addReference("//*[local-name(.)='name']");
 
@@ -179,7 +179,7 @@ describe("Signature unit tests", function () {
       '<root xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><name wsu:Id="_1">xml-crypto</name><repository wsu:Id="_2">github</repository></root>';
     const sig = new SignedXml("wssecurity");
 
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
 
     sig.addReference("//*[@wsu:Id]");
 
@@ -217,7 +217,7 @@ describe("Signature unit tests", function () {
     const xml = "<root><name>xml-crypto</name><repository>github</repository></root>";
     const sig = new SignedXml();
 
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.addReference("//*[local-name(.)='name']");
     sig.computeSignature(xml);
 
@@ -233,7 +233,7 @@ describe("Signature unit tests", function () {
     const xml = "<root><name>xml-crypto</name><repository>github</repository></root>";
     const sig = new SignedXml();
 
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.addReference("//*[local-name(.)='repository']");
 
     sig.computeSignature(xml, {
@@ -256,7 +256,7 @@ describe("Signature unit tests", function () {
     const xml = "<root><name>xml-crypto</name><repository>github</repository></root>";
     const sig = new SignedXml();
 
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.addReference("//*[local-name(.)='repository']");
 
     sig.computeSignature(xml, {
@@ -279,7 +279,7 @@ describe("Signature unit tests", function () {
     const xml = "<root><name>xml-crypto</name><repository>github</repository></root>";
     const sig = new SignedXml();
 
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.addReference("//*[local-name(.)='repository']");
 
     sig.computeSignature(xml, {
@@ -302,7 +302,7 @@ describe("Signature unit tests", function () {
     const xml = "<root><name>xml-crypto</name><repository>github</repository></root>";
     const sig = new SignedXml();
 
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.addReference("//*[local-name(.)='repository']");
 
     sig.computeSignature(xml, {
@@ -632,8 +632,8 @@ describe("Signature unit tests", function () {
     const xml =
       '<root><x xmlns="ns" Id="_0"></x><y attr="value" Id="_1"></y><z><w Id="_2"></w></z></root>';
     const sig = new SignedXml();
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
-    sig.signingCert = null;
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
+    sig.publicCert = null;
 
     sig.addReference("//*[local-name(.)='x']");
     sig.addReference("//*[local-name(.)='y']");
@@ -677,10 +677,10 @@ describe("Signature unit tests", function () {
 
   it("signer creates correct signature values using async callback", function () {
     function DummySignatureAlgorithm() {
-      this.getSignature = function (signedInfo, signingKey, callback) {
+      this.getSignature = function (signedInfo, privateKey, callback) {
         const signer = crypto.createSign("RSA-SHA1");
         signer.update(signedInfo);
-        const res = signer.sign(signingKey, "base64");
+        const res = signer.sign(privateKey, "base64");
         //Do some asynchronous things here
         callback(null, res);
       };
@@ -694,8 +694,8 @@ describe("Signature unit tests", function () {
     const sig = new SignedXml();
     sig.SignatureAlgorithms["http://dummySignatureAlgorithmAsync"] = DummySignatureAlgorithm;
     sig.signatureAlgorithm = "http://dummySignatureAlgorithmAsync";
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
-    sig.signingCert = null;
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
+    sig.publicCert = null;
 
     sig.addReference("//*[local-name(.)='x']");
     sig.addReference("//*[local-name(.)='y']");
@@ -777,8 +777,8 @@ describe("Signature unit tests", function () {
   it("allow empty reference uri when signing", function () {
     const xml = "<root><x /></root>";
     const sig = new SignedXml();
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
-    sig.signingCert = null;
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
+    sig.publicCert = null;
 
     sig.addReference(
       "//*[local-name(.)='root']",
@@ -801,7 +801,7 @@ describe("Signature unit tests", function () {
     const xml = "<root><name>xml-crypto</name><repository>github</repository></root>";
     const sig = new SignedXml();
 
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.addReference("//*[local-name(.)='repository']");
 
     try {
@@ -843,7 +843,7 @@ describe("Signature unit tests", function () {
     const sig = new SignedXml();
     const assertionId = "_81d5fba5c807be9e9cf60c58566349b1";
     sig.getKeyInfoContent = getKeyInfoContentWithAssertionId.bind(this, { assertionId });
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.computeSignature(xml, {
       prefix: "ds",
       location: {
@@ -864,8 +864,8 @@ describe("Signature unit tests", function () {
   it("creates InclusiveNamespaces element when inclusiveNamespacesPrefixList is set on Reference", function () {
     const xml = "<root><x /></root>";
     const sig = new SignedXml();
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
-    sig.signingCert = null;
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
+    sig.publicCert = null;
 
     sig.addReference(
       "//*[local-name(.)='root']",
@@ -896,8 +896,8 @@ describe("Signature unit tests", function () {
   it("does not create InclusiveNamespaces element when inclusiveNamespacesPrefixList is not set on Reference", function () {
     const xml = "<root><x /></root>";
     const sig = new SignedXml();
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
-    sig.signingCert = null;
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
+    sig.publicCert = null;
 
     sig.addReference(
       "//*[local-name(.)='root']",
@@ -923,8 +923,8 @@ describe("Signature unit tests", function () {
   it("creates InclusiveNamespaces element inside CanonicalizationMethod when inclusiveNamespacesPrefixList is set on SignedXml options", function () {
     const xml = "<root><x /></root>";
     const sig = new SignedXml(null, { inclusiveNamespacesPrefixList: "prefix1 prefix2" });
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
-    sig.signingCert = null;
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
+    sig.publicCert = null;
 
     sig.addReference(
       "//*[local-name(.)='root']",
@@ -956,8 +956,8 @@ describe("Signature unit tests", function () {
   it("does not create InclusiveNamespaces element inside CanonicalizationMethod when inclusiveNamespacesPrefixList is not set on SignedXml options", function () {
     const xml = "<root><x /></root>";
     const sig = new SignedXml(null); // Omit inclusiveNamespacesPrefixList property
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
-    sig.signingCert = null;
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
+    sig.publicCert = null;
 
     sig.addReference(
       "//*[local-name(.)='root']",
@@ -983,7 +983,7 @@ describe("Signature unit tests", function () {
   it("adds attributes to KeyInfo element when attrs are present in keyInfoProvider", function () {
     const xml = "<root><x /></root>";
     const sig = new SignedXml();
-    sig.signingKey = fs.readFileSync("./test/static/client.pem");
+    sig.privateKey = fs.readFileSync("./test/static/client.pem");
     sig.keyInfoAttributes = {
       CustomUri: "http://www.example.com/keyinfo",
       CustomAttribute: "custom-value",
@@ -1014,8 +1014,8 @@ describe("Signature unit tests", function () {
     const xml = "<root><x /></root>";
     const sig = new SignedXml();
     const pemBuffer = fs.readFileSync("./test/static/client_bundle.pem");
-    sig.signingKey = pemBuffer;
-    sig.signingCert = pemBuffer;
+    sig.privateKey = pemBuffer;
+    sig.publicCert = pemBuffer;
     sig.computeSignature(xml);
     const signedXml = sig.getSignedXml();
 
diff --git a/test/wsfed-metadata-test.js b/test/wsfed-metadata-test.js
index 7ea0f954..4a8ca28f 100644
--- a/test/wsfed-metadata-test.js
+++ b/test/wsfed-metadata-test.js
@@ -13,7 +13,7 @@ describe("WS-Fed Metadata tests", function () {
       doc
     )[0];
     const sig = new crypto.SignedXml();
-    sig.signingCert = fs.readFileSync("./test/static/wsfederation_metadata.pem");
+    sig.publicCert = fs.readFileSync("./test/static/wsfederation_metadata.pem");
     sig.loadSignature(signature);
     const result = sig.checkSignature(xml);