SimpleSAML_Metadata_SAMLParser::validateSignature PHP Method

SimpleSAML_Metadata_SAMLParser Class Documentation Show file Open project: simplesamlphp/simplesamlphp

validateSignature() public method

If this EntityDescriptor was signed this function use the public key to check the signature.

public validateSignature ( array $certificates ) : boolean
$certificates	array	One ore more certificates with the public key. This makes it possible to do a key rollover.
return	boolean	True if it is possible to check the signature with the certificate, false otherwise.

    public function validateSignature($certificates)
    {
        foreach ($certificates as $cert) {
            assert('is_string($cert)');
            $certFile = \SimpleSAML\Utils\Config::getCertPath($cert);
            if (!file_exists($certFile)) {
                throw new Exception('Could not find certificate file [' . $certFile . '], which is needed to validate signature');
            }
            $certData = file_get_contents($certFile);
            foreach ($this->validators as $validator) {
                $key = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'public'));
                $key->loadKey($certData);
                try {
                    if ($validator->validate($key)) {
                        return true;
                    }
                } catch (Exception $e) {
                    // this certificate did not sign this element, skip
                }
            }
        }
        SimpleSAML\Logger::debug('Could not validate signature');
        return false;
    }

SimpleSAML_Metadata_SAMLParser

__construct

addExtensions

extractEndpoints

findEntityDescriptor

getAttributeAuthorities

getEntityId

getExpireTime

getIdPDescriptors

getMetadata1xIdP

getMetadata1xSP

getMetadata20IdP