/**
* @param \SAML2\SignedElement $signedElement
* @param \SAML2\Configuration\CertificateProvider $configuration
*
* @return bool
*/
public function hasValidSignature(SignedElement $signedElement, CertificateProvider $configuration)
{
$this->certificates = array_map(function ($certificate) {
return X509::createFromCertificateData($certificate);
}, $this->certificates);
$fingerprintCollection = $this->fingerprintLoader->loadFromConfiguration($configuration);
$pemCandidates = array();
foreach ($this->certificates as $certificate) {
/** @var \SAML2\Certificate\X509 $certificate */
$certificateFingerprint = $certificate->getFingerprint();
if ($fingerprintCollection->contains($certificateFingerprint)) {
$pemCandidates[] = $certificate;
}
}
if (empty($pemCandidates)) {
$this->logger->debug('Unable to match a certificate of the SignedElement matching a configured fingerprint');
return false;
}
return $this->validateElementWithKeys($signedElement, $pemCandidates);
}