public function canValidate(SAML2_SignedElement $signedElement, SAML2_Configuration_CertificateProvider $configuration)
 {
     if ($configuration->getCertificateFingerprints() === NULL) {
         $this->logger->debug('Configuration does not have "certFingerprint" value, cannot validate signature with fingerprint');
         return FALSE;
     }
     // use internal cache to prevent doing certificate extraction twice.
     $this->certificates = $signedElement->getCertificates();
     if (empty($this->certificates)) {
         $this->logger->debug('Signed element does not have certificates, cannot validate signature with fingerprint');
         return FALSE;
     }
     return TRUE;
 }
 /**
  * Loads the fingerprints from a configurationValue
  *
  * @param SAML2_Configuration_CertificateProvider $configuration
  *
  * @return SAML2_Certificate_FingerprintCollection
  */
 public function loadFingerprints(SAML2_Configuration_CertificateProvider $configuration)
 {
     $fingerprints = $configuration->getCertificateFingerprints();
     if (!is_array($fingerprints) && !$fingerprints instanceof \Traversable) {
         throw SAML2_Exception_InvalidArgumentException::invalidType('array or instanceof \\Traversable', $fingerprints);
     }
     $collection = new SAML2_Certificate_FingerprintCollection();
     foreach ($fingerprints as $fingerprint) {
         if (!is_string($fingerprint) && !(is_object($fingerprint) && method_exists($fingerprint, '__toString'))) {
             throw SAML2_Exception_InvalidArgumentException::invalidType('fingerprint as string or object that can be casted to string', $fingerprint);
         }
         $collection->add(new SAML2_Certificate_Fingerprint((string) $fingerprint));
     }
     return $collection;
 }
Exemple #3
0
 /**
  * @param SAML2_Configuration_CertificateProvider $config
  * @param NULL|string                             $usage
  * @param bool                                    $required
  *
  * @return SAML2_Certificate_KeyCollection
  */
 public function loadKeysFromConfiguration(SAML2_Configuration_CertificateProvider $config, $usage = NULL, $required = FALSE)
 {
     $keys = $config->getKeys();
     $certificateData = $config->getCertificateData();
     $certificateFile = $config->getCertificateFile();
     if ($keys) {
         $this->loadKeys($keys, $usage);
     } elseif ($certificateData) {
         $this->loadCertificateData($certificateData);
     } elseif ($certificateFile) {
         $this->loadCertificateFile($certificateFile);
     }
     if ($required && !$this->hasKeys()) {
         throw new SAML2_Certificate_Exception_NoKeysFoundException('No keys found in configured metadata, please ensure that either the "keys", "certData" or ' . '"certificate" entries is available.');
     }
     return $this->getKeys();
 }