Adds signature key and senders certificate to an element (Message or Assertion).
| public static addSign ( string | DomDocument $xml, string $key, string $cert, string $signAlgorithm = XMLSecurityKey::RSA_SHA1 ) : string | ||
| $xml | string | DomDocument | The element we should sign |
| $key | string | The private key |
| $cert | string | The public |
| $signAlgorithm | string | Signature algorithm method |
| return | string | |
/**
* Signs the metadata with the key/cert provided
*
* @param string $metadata SAML Metadata XML
* @param string $key x509 key
* @param string $cert x509 cert
*
* @return string Signed Metadata
*/
public static function signMetadata($metadata, $key, $cert)
{
return OneLogin_Saml2_Utils::addSign($metadata, $key, $cert);
}
/**
* Tests the addSign method of the OneLogin_Saml2_Utils
*
* @covers OneLogin_Saml2_Utils::addSign
*/
public function testAddSign()
{
$settingsDir = TEST_ROOT . '/settings/';
include $settingsDir . 'settings1.php';
$settings = new OneLogin_Saml2_Settings($settingsInfo);
$key = $settings->getSPkey();
$cert = $settings->getSPcert();
$xmlAuthn = base64_decode(file_get_contents(TEST_ROOT . '/data/requests/authn_request.xml.base64'));
$xmlAuthnSigned = OneLogin_Saml2_Utils::addSign($xmlAuthn, $key, $cert);
$this->assertContains('<ds:SignatureValue>', $xmlAuthnSigned);
$res = new DOMDocument();
$res->loadXML($xmlAuthnSigned);
$dsSignature = $res->firstChild->firstChild->nextSibling->nextSibling;
$this->assertContains('ds:Signature', $dsSignature->tagName);
$dom = new DOMDocument();
$dom->loadXML($xmlAuthn);
$xmlAuthnSigned2 = OneLogin_Saml2_Utils::addSign($dom, $key, $cert);
$this->assertContains('<ds:SignatureValue>', $xmlAuthnSigned2);
$res2 = new DOMDocument();
$res2->loadXML($xmlAuthnSigned2);
$dsSignature2 = $res2->firstChild->firstChild->nextSibling->nextSibling;
$this->assertContains('ds:Signature', $dsSignature2->tagName);
$xmlLogoutReq = base64_decode(file_get_contents(TEST_ROOT . '/data/logout_requests/logout_request.xml.base64'));
$xmlLogoutReqSigned = OneLogin_Saml2_Utils::addSign($xmlLogoutReq, $key, $cert);
$this->assertContains('<ds:SignatureValue>', $xmlLogoutReqSigned);
$res3 = new DOMDocument();
$res3->loadXML($xmlLogoutReqSigned);
$dsSignature3 = $res3->firstChild->firstChild->nextSibling->nextSibling;
$this->assertContains('ds:Signature', $dsSignature3->tagName);
$xmlLogoutRes = base64_decode(file_get_contents(TEST_ROOT . '/data/logout_responses/logout_response.xml.base64'));
$xmlLogoutResSigned = OneLogin_Saml2_Utils::addSign($xmlLogoutRes, $key, $cert);
$this->assertContains('<ds:SignatureValue>', $xmlLogoutResSigned);
$res4 = new DOMDocument();
$res4->loadXML($xmlLogoutResSigned);
$dsSignature4 = $res4->firstChild->firstChild->nextSibling->nextSibling;
$this->assertContains('ds:Signature', $dsSignature4->tagName);
$xmlMetadata = file_get_contents(TEST_ROOT . '/data/metadata/metadata_settings1.xml');
$xmlMetadataSigned = OneLogin_Saml2_Utils::addSign($xmlMetadata, $key, $cert);
$this->assertContains('<ds:SignatureValue>', $xmlMetadataSigned);
$res5 = new DOMDocument();
$res5->loadXML($xmlMetadataSigned);
$dsSignature5 = $res5->firstChild->firstChild;
$this->assertContains('ds:Signature', $dsSignature5->tagName);
}
/**
* Signs the metadata with the key/cert provided
*
* @param string $metadata SAML Metadata XML
* @param string $key x509 key
* @param string $cert x509 cert
*
* @return string Signed Metadata
*/
public static function signMetadata($metadata, $key, $cert, $signAlgorithm = XMLSecurityKey::RSA_SHA1)
{
return OneLogin_Saml2_Utils::addSign($metadata, $key, $cert, $signAlgorithm);
}
