/** * @param SAML2_SignedElement $signedElement * @param SAML2_Configuration_CertificateProvider $configuration * * @return bool */ public function hasValidSignature(SAML2_SignedElement $signedElement, SAML2_Configuration_CertificateProvider $configuration) { $logger = $this->logger; $pemCandidates = $this->configuredKeys->filter(function (SAML2_Certificate_Key $key) use($logger) { if (!$key instanceof SAML2_Certificate_X509) { $logger->debug(sprintf('Skipping unknown key type: "%s"', $key['type'])); return FALSE; } return TRUE; }); if (!count($pemCandidates)) { $this->logger->debug('No configured X509 certificate found to verify the signature with'); return FALSE; } return $this->validateElementWithKeys($signedElement, $pemCandidates); }
/** * Loads the certificate in the file given * * @param string $certificateFile the full path to the cert file. */ public function loadCertificateFile($certificateFile) { $certificate = SAML2_Utilities_File::getFileContents($certificateFile); if (!SAML2_Utilities_Certificate::hasValidStructure($certificate)) { throw new SAML2_Certificate_Exception_InvalidCertificateStructureException(sprintf('Could not find PEM encoded certificate in "%s"', $certificateFile)); } // capture the certificate contents without the delimiters preg_match(SAML2_Utilities_Certificate::CERTIFICATE_PATTERN, $certificate, $matches); $this->loadedKeys->add(SAML2_Certificate_X509::createFromCertificateData($matches[1])); }