Exemplo n.º 1
0
 /**
  * Add a signature validator based on a SSL context.
  *
  * @param SAML2_Message $msg  The message we should add a validator to.
  * @param resource $context  The stream context.
  */
 private static function addSSLValidator(SAML2_Message $msg, $context)
 {
     $options = stream_context_get_options($context);
     if (!isset($options['ssl']['peer_certificate'])) {
         return;
     }
     //$out = '';
     //openssl_x509_export($options['ssl']['peer_certificate'], $out);
     $key = openssl_pkey_get_public($options['ssl']['peer_certificate']);
     if ($key === FALSE) {
         SimpleSAML_Logger::warning('Unable to get public key from peer certificate.');
         return;
     }
     $keyInfo = openssl_pkey_get_details($key);
     if ($keyInfo === FALSE) {
         SimpleSAML_Logger::warning('Unable to get key details from public key.');
         return;
     }
     if (!isset($keyInfo['key'])) {
         SimpleSAML_Logger::warning('Missing key in public key details.');
         return;
     }
     $msg->addValidator(array('SAML2_SOAPClient', 'validateSSL'), $keyInfo['key']);
 }