/** * @group certificate * * @test */ public function assert_that_key_usage_check_works_correctly() { $key = new SAML2_Certificate_Key(array(SAML2_Certificate_Key::USAGE_SIGNING => true)); $this->assertTrue($key->canBeUsedFor(SAML2_Certificate_Key::USAGE_SIGNING)); $this->assertFalse($key->canBeUsedFor(SAML2_Certificate_Key::USAGE_ENCRYPTION)); $key[SAML2_Certificate_Key::USAGE_ENCRYPTION] = false; $this->assertFalse($key->canBeUsedFor(SAML2_Certificate_Key::USAGE_ENCRYPTION)); }
/** * Loads the keys given, optionally excluding keys when a usage is given and they * are not configured to be used with the usage given * * @param array $configuredKeys * @param $usage */ public function loadKeys(array $configuredKeys, $usage) { foreach ($configuredKeys as $keyData) { if (isset($key['X509Certificate'])) { $key = new SAML2_Certificate_X509($keyData); } else { $key = new SAML2_Certificate_Key($keyData); } if ($usage && !$key->canBeUsedFor($usage)) { continue; } $this->loadedKeys->add($key); } }