function testOne() { $doc = new \DOMDocument(); $doc->load(__DIR__ . '/../../../../../../../resources/sample/Response/response01.xml'); $xpath = new \DOMXPath($doc); $xpath->registerNamespace('samlp', Protocol::SAML2); $xpath->registerNamespace('ds', Protocol::NS_XMLDSIG); $xpath->registerNamespace('a', Protocol::NS_ASSERTION); $list = $xpath->query('/samlp:Response/a:Assertion/ds:Signature'); $this->assertEquals(1, $list->length); /** @var $signatureNode \DOMElement */ $signatureNode = $list->item(0); $signatureValidator = new SignatureXmlValidator(); $signatureValidator->loadFromXml($signatureNode); $list = $xpath->query('./ds:KeyInfo/ds:X509Data/ds:X509Certificate', $signatureNode); $this->assertEquals(1, $list->length); /** @var $signatureNode \DOMElement */ $certificateDataNode = $list->item(0); $certData = $certificateDataNode->textContent; $certificate = new X509Certificate(); $certificate->setData($certData); $key = KeyHelper::createPublicKey($certificate); $ok = $signatureValidator->validate($key); $this->assertTrue($ok); }
/** * @param \DOMElement $xml * @throws \AerialShip\LightSaml\Error\InvalidXmlException */ public function loadFromXml(\DOMElement $xml) { if ($xml->localName != 'KeyDescriptor' || $xml->namespaceURI != Protocol::NS_METADATA) { throw new InvalidXmlException('Expected KeyDescriptor element and ' . Protocol::NS_METADATA . ' namespace but got ' . $xml->localName); } $this->setUse($xml->getAttribute('use')); $xpath = new \DOMXPath($xml instanceof \DOMDocument ? $xml : $xml->ownerDocument); $xpath->registerNamespace('ds', \XMLSecurityDSig::XMLDSIGNS); $list = $xpath->query('./ds:KeyInfo/ds:X509Data/ds:X509Certificate', $xml); if ($list->length != 1) { throw new InvalidXmlException("Missing X509Certificate node"); } /** @var $x509CertificateNode \DOMElement */ $x509CertificateNode = $list->item(0); $certificateData = trim($x509CertificateNode->nodeValue); if (!$certificateData) { throw new InvalidXmlException("Missing certificate data"); } $this->certificate = new X509Certificate(); $this->certificate->setData($certificateData); }
/** * @test */ public function shouldCreatePublicKeyWithFormattedData() { $cert = new X509Certificate(); $cert->setData($this->getData()); KeyHelper::createPublicKey($cert); }