public function test__signed_serialize_deserialize() { $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../../web/sp/saml.crt'); $privateKey = KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../web/sp/saml.key', null, true); $authnRequest = new AuthnRequest(); $authnRequest->setID('_894da3368874d2dd637983b6812f66c444f100f205'); $authnRequest->setIssueInstant('2015-09-13T11:47:33Z'); $authnRequest->setDestination('https://idp.testshib.org/idp/profile/SAML2/POST/SSO'); $authnRequest->setIssuer((new Issuer())->setValue('https://mt.evo.loc/sp')->setFormat('urn:oasis:names:tc:SAML:2.0:nameid-format:entity')); $authnRequest->setSignature(new SignatureWriter($certificate, $privateKey)); $serializationContext = new SerializationContext(); $authnRequest->serialize($serializationContext->getDocument(), $serializationContext); $temporaryFilename = tempnam(sys_get_temp_dir(), 'lightsaml-'); $serializationContext->getDocument()->save($temporaryFilename); $xml = file_get_contents($temporaryFilename); $deserializationContext = new DeserializationContext(); $deserializationContext->getDocument()->loadXML($xml); $authnRequest = new AuthnRequest(); $authnRequest->deserialize($deserializationContext->getDocument()->firstChild, $deserializationContext); $signatureReader = $authnRequest->getSignature(); if ($signatureReader instanceof SignatureXmlReader) { $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../../web/sp/saml.crt'); $key = KeyHelper::createPublicKey($certificate); $ok = $signatureReader->validate($key); $this->assertTrue($ok); } else { throw new \LogicException('Expected Signature Xml Reader'); } }
public function test_private_key() { $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../resources/sample/Certificate/saml.crt'); $privateKey = KeyHelper::createPrivateKey(__DIR__ . '/../../../../../resources/sample/Certificate/saml.pem', null, true); $credential = new X509Credential($certificate, $privateKey); $this->assertSame($certificate, $credential->getCertificate()); $this->assertNotNull($credential->getPublicKey()); $this->assertEquals($certificate->toPem(), $credential->getPublicKey()->getX509Certificate()); $this->assertNotNull($credential->getPrivateKey()); }
public function test_get_info() { $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../resources/sample/Certificate/saml.crt'); $info = $certificate->getInfo(); $this->assertArrayHasKey('name', $info); $this->assertArrayHasKey('subject', $info); $this->assertArrayHasKey('serialNumber', $info); $this->assertArrayHasKey('validFrom', $info); $this->assertArrayHasKey('validTo', $info); $this->assertArrayHasKey('validFrom_time_t', $info); $this->assertArrayHasKey('validTo_time_t', $info); }
/** * @return AuthnRequest */ private function getAuthnRequest() { $authnRequest = new AuthnRequest(); $authnRequest->setIssueInstant('2014-01-01T12:00:00Z'); $authnRequest->setID('_8dcc6985f6d9f385f0bbd4562ef848ef3ae78d87d7'); $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../resources/sample/Certificate/saml.crt'); $key = KeyHelper::createPrivateKey(__DIR__ . '/../../../../../resources/sample/Certificate/saml.pem', '', true); $authnRequest->setSignature(new SignatureWriter($certificate, $key)); return $authnRequest; }
/** * @return \LightSaml\Resolver\Credential\CredentialResolverInterface */ private function getResolver() { $provider = new FixedEntityDescriptorStore(); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp2-ed.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/idp-ed.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/ed01-formatted-certificate.xml')); $provider->add(EntityDescriptor::load(__DIR__ . '/../../../../../../resources/sample/EntityDescriptor/sp-ed2.xml')); $metadataStore = new MetadataCredentialStore($provider); $certificate = new X509Certificate(); $certificate->loadFromFile(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.crt'); $credential = new X509Credential($certificate, KeyHelper::createPrivateKey(__DIR__ . '/../../../../../../resources/sample/Certificate/saml.pem', '', true)); $credential->setUsageType(UsageType::ENCRYPTION)->setEntityId('https://mt.evo.loc/sp'); $staticStore = new StaticCredentialStore(); $staticStore->add($credential); $compositeStore = new CompositeCredentialStore(); $compositeStore->add($metadataStore)->add($staticStore); $resolverFactory = new CredentialResolverFactory($compositeStore); $resolver = $resolverFactory->build(); return $resolver; }
/** * @expectedException \InvalidArgumentException * @expectedExceptionMessage File not found '/non/existing/file/123' */ public function test_error_on_invalid_load_from_file() { $certificate = new X509Certificate(); $certificate->loadFromFile('/non/existing/file/123'); }