/**
* @param \SAML2\SignedElement $signedElement
* @param \SAML2\Configuration\CertificateProvider $configuration
*
* @return bool
*/
public function hasValidSignature(SignedElement $signedElement, CertificateProvider $configuration)
{
$logger = $this->logger;
$pemCandidates = $this->configuredKeys->filter(function (Key $key) use($logger) {
if (!$key instanceof X509) {
$logger->debug(sprintf('Skipping unknown key type: "%s"', $key['type']));
return false;
}
return true;
});
if (!count($pemCandidates)) {
$this->logger->debug('No configured X509 certificate found to verify the signature with');
return false;
}
return $this->validateElementWithKeys($signedElement, $pemCandidates);
}
/**
* Loads the certificate in the file given
*
* @param string $certificateFile the full path to the cert file.
*/
public function loadCertificateFile($certificateFile)
{
$certificate = File::getFileContents($certificateFile);
if (!Certificate::hasValidStructure($certificate)) {
throw new InvalidCertificateStructureException(sprintf('Could not find PEM encoded certificate in "%s"', $certificateFile));
}
// capture the certificate contents without the delimiters
preg_match(Certificate::CERTIFICATE_PATTERN, $certificate, $matches);
$this->loadedKeys->add(X509::createFromCertificateData($matches[1]));
}