public static function getDecryptionKeys(SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata)
{
$sharedKey = $srcMetadata->getString('sharedkey', NULL);
if ($sharedKey !== NULL) {
$key = new XMLSecurityKey(XMLSecurityKey::AES128_CBC);
$key->loadKey($sharedKey);
return array($key);
}
$keys = array();
/* Load the new private key if it exists. */
$keyArray = SimpleSAML\Utils\Crypto::loadPrivateKey($dstMetadata, FALSE, 'new_');
if ($keyArray !== NULL) {
assert('isset($keyArray["PEM"])');
$key = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type' => 'private'));
if (array_key_exists('password', $keyArray)) {
$key->passphrase = $keyArray['password'];
}
$key->loadKey($keyArray['PEM']);
$keys[] = $key;
}
/* Find the existing private key. */
$keyArray = SimpleSAML\Utils\Crypto::loadPrivateKey($dstMetadata, TRUE);
assert('isset($keyArray["PEM"])');
$key = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type' => 'private'));
if (array_key_exists('password', $keyArray)) {
$key->passphrase = $keyArray['password'];
}
$key->loadKey($keyArray['PEM']);
$keys[] = $key;
return $keys;
}