/** * @group certificate * * @test */ public function assert_that_key_usage_check_works_correctly() { $key = new SAML2_Certificate_Key(array(SAML2_Certificate_Key::USAGE_SIGNING => true)); $this->assertTrue($key->canBeUsedFor(SAML2_Certificate_Key::USAGE_SIGNING)); $this->assertFalse($key->canBeUsedFor(SAML2_Certificate_Key::USAGE_ENCRYPTION)); $key[SAML2_Certificate_Key::USAGE_ENCRYPTION] = false; $this->assertFalse($key->canBeUsedFor(SAML2_Certificate_Key::USAGE_ENCRYPTION)); }
/** * Loads the keys given, optionally excluding keys when a usage is given and they * are not configured to be used with the usage given * * @param array $configuredKeys * @param $usage */ public function loadKeys(array $configuredKeys, $usage) { foreach ($configuredKeys as $keyData) { if (isset($key['X509Certificate'])) { $key = new SAML2_Certificate_X509($keyData); } else { $key = new SAML2_Certificate_Key($keyData); } if ($usage && !$key->canBeUsedFor($usage)) { continue; } $this->loadedKeys->add($key); } }
/** * {@inheritdoc} Best place to ensure the logic is encapsulated in a single place */ public function offsetSet($offset, $value) { if ($offset === 'X509Certificate') { $value = preg_replace('~\\s+~', '', $value); } parent::offsetSet($offset, $value); }
/** * @param string $usage */ public function __construct($usage) { $message = sprintf('Invalid key usage given: "%s", usages "%s" allowed', is_string($usage) ? $usage : gettype($usage), implode('", "', SAML2_Certificate_Key::getValidKeyUsages())); parent::__construct($message); }