Adds signature key and senders certificate to an element (Message or Assertion).
public static addSign ( string | DomDocument $xml, string $key, string $cert, string $signAlgorithm = XMLSecurityKey::RSA_SHA1 ) : string | ||
$xml | string | DomDocument | The element we should sign |
$key | string | The private key |
$cert | string | The public |
$signAlgorithm | string | Signature algorithm method |
return | string |
/** * Signs the metadata with the key/cert provided * * @param string $metadata SAML Metadata XML * @param string $key x509 key * @param string $cert x509 cert * * @return string Signed Metadata */ public static function signMetadata($metadata, $key, $cert) { return OneLogin_Saml2_Utils::addSign($metadata, $key, $cert); }
/** * Tests the addSign method of the OneLogin_Saml2_Utils * * @covers OneLogin_Saml2_Utils::addSign */ public function testAddSign() { $settingsDir = TEST_ROOT . '/settings/'; include $settingsDir . 'settings1.php'; $settings = new OneLogin_Saml2_Settings($settingsInfo); $key = $settings->getSPkey(); $cert = $settings->getSPcert(); $xmlAuthn = base64_decode(file_get_contents(TEST_ROOT . '/data/requests/authn_request.xml.base64')); $xmlAuthnSigned = OneLogin_Saml2_Utils::addSign($xmlAuthn, $key, $cert); $this->assertContains('<ds:SignatureValue>', $xmlAuthnSigned); $res = new DOMDocument(); $res->loadXML($xmlAuthnSigned); $dsSignature = $res->firstChild->firstChild->nextSibling->nextSibling; $this->assertContains('ds:Signature', $dsSignature->tagName); $dom = new DOMDocument(); $dom->loadXML($xmlAuthn); $xmlAuthnSigned2 = OneLogin_Saml2_Utils::addSign($dom, $key, $cert); $this->assertContains('<ds:SignatureValue>', $xmlAuthnSigned2); $res2 = new DOMDocument(); $res2->loadXML($xmlAuthnSigned2); $dsSignature2 = $res2->firstChild->firstChild->nextSibling->nextSibling; $this->assertContains('ds:Signature', $dsSignature2->tagName); $xmlLogoutReq = base64_decode(file_get_contents(TEST_ROOT . '/data/logout_requests/logout_request.xml.base64')); $xmlLogoutReqSigned = OneLogin_Saml2_Utils::addSign($xmlLogoutReq, $key, $cert); $this->assertContains('<ds:SignatureValue>', $xmlLogoutReqSigned); $res3 = new DOMDocument(); $res3->loadXML($xmlLogoutReqSigned); $dsSignature3 = $res3->firstChild->firstChild->nextSibling->nextSibling; $this->assertContains('ds:Signature', $dsSignature3->tagName); $xmlLogoutRes = base64_decode(file_get_contents(TEST_ROOT . '/data/logout_responses/logout_response.xml.base64')); $xmlLogoutResSigned = OneLogin_Saml2_Utils::addSign($xmlLogoutRes, $key, $cert); $this->assertContains('<ds:SignatureValue>', $xmlLogoutResSigned); $res4 = new DOMDocument(); $res4->loadXML($xmlLogoutResSigned); $dsSignature4 = $res4->firstChild->firstChild->nextSibling->nextSibling; $this->assertContains('ds:Signature', $dsSignature4->tagName); $xmlMetadata = file_get_contents(TEST_ROOT . '/data/metadata/metadata_settings1.xml'); $xmlMetadataSigned = OneLogin_Saml2_Utils::addSign($xmlMetadata, $key, $cert); $this->assertContains('<ds:SignatureValue>', $xmlMetadataSigned); $res5 = new DOMDocument(); $res5->loadXML($xmlMetadataSigned); $dsSignature5 = $res5->firstChild->firstChild; $this->assertContains('ds:Signature', $dsSignature5->tagName); }
/** * Signs the metadata with the key/cert provided * * @param string $metadata SAML Metadata XML * @param string $key x509 key * @param string $cert x509 cert * * @return string Signed Metadata */ public static function signMetadata($metadata, $key, $cert, $signAlgorithm = XMLSecurityKey::RSA_SHA1) { return OneLogin_Saml2_Utils::addSign($metadata, $key, $cert, $signAlgorithm); }