bunq · dnl-blkv · Aug 3, 2017 · Aug 3, 2017
diff --git a/lib/Http/Handler/RequestHandlerSignature.php b/lib/Http/Handler/RequestHandlerSignature.php
@@ -22,6 +22,7 @@ class RequestHandlerSignature extends RequestHandlerBase
     const HEADER_PREFIX_START = 0;
     const HEADER_SERVER_SIGNATURE = 'X-Bunq-Server-Signature';
     const HEADER_CACHE_CONTROL = 'Cache-Control';
+    const HEADER_NEWLINE = "\n";
 
     /**
      * Signature message constants.
@@ -82,7 +83,7 @@ protected function determineRequestSignature(
         $dataToSign =
             $method . self::REQUEST_METHOD_PATH_SEPARATOR . $uri->getPath() .
             $this->determineHeaderStringForSignedRequest($headers) .
-            PHP_EOL . PHP_EOL .
+            self::HEADER_NEWLINE . self::HEADER_NEWLINE .
             $body;
 
         return $this->privateKey->sign($dataToSign);
@@ -102,15 +103,15 @@ public function determineHeaderStringForSignedRequest(array $headers)
             // Not all headers should be signed.
             // The User-Agent and Cache-Control headers need to be signed.
             if ($headerName === self::HEADER_USER_AGENT || $headerName === self::HEADER_CACHE_CONTROL) {
-                $signedDataHeaderString .= PHP_EOL;
+                $signedDataHeaderString .= self::HEADER_NEWLINE;
                 $signedDataHeaderString .= $this->determineHeaderStringLine($headerName, $headerValue);
             }
 
             // All headers with the prefix 'X-Bunq-' except 'Server-Signature' need to be signed.
             if ($headerName === self::HEADER_SERVER_SIGNATURE) {
                 // Skip this header
             } elseif (strpos($headerName, self::HEADER_PREFIX) === self::HEADER_PREFIX_START) {
-                $signedDataHeaderString .= PHP_EOL;
+                $signedDataHeaderString .= self::HEADER_NEWLINE;
                 $signedDataHeaderString .= $this->determineHeaderStringLine($headerName, $headerValue);
             }
         }

diff --git a/lib/Http/Handler/ResponseHandlerSignature.php b/lib/Http/Handler/ResponseHandlerSignature.php
@@ -22,6 +22,7 @@ class ResponseHandlerSignature extends ResponseHandlerBase
     const HEADER_PREFIX_START = 0;
     const HEADER_SEPARATOR = ', ';
     const FORMAT_HEADER = '%s: %s';
+    const HEADER_NEWLINE = "\n";
 
     /**
      * Http status constants.
@@ -64,9 +65,9 @@ public function execute(ResponseInterface $response)
             } else {
                 $toVerify =
                     $response->getStatusCode() .
-                    PHP_EOL .
+                    self::HEADER_NEWLINE .
                     $this->determineHeaderStringForSignedResponse($response->getHeaders()) .
-                    PHP_EOL . PHP_EOL .
+                    self::HEADER_NEWLINE . self::HEADER_NEWLINE .
                     $response->getBody()->getContents();
 
                 $signature = base64_decode($response->getHeaderLine(self::HEADER_SERVER_SIGNATURE));
@@ -104,7 +105,7 @@ private function determineHeaderStringForSignedResponse(array $headers)
             }
         }
 
-        return implode(PHP_EOL, $signedDataHeaders);
+        return implode(self::HEADER_NEWLINE, $signedDataHeaders);
     }
 
     /**