SAML2\SignedElementHelper Class Reference

Inheritance diagram for SAML2\SignedElementHelper:

Collaboration diagram for SAML2\SignedElementHelper:

Public Member Functions
	addValidator ($function, $data)
	Add a method for validating this element. More...
	validate (XMLSecurityKey $key)
	Validate this element against a public key. More...
	getSignatureKey ()
	Retrieve the private key we should use to sign the message. More...
	setSignatureKey (XMLSecurityKey $signatureKey=null)
	Set the private key we should use to sign the message. More...
	setCertificates (array $certificates)
	Set the certificates that should be included in the message. More...
	getCertificates ()
	Retrieve the certificates that are included in the message. More...
	getValidatingCertificates ()
	Retrieve certificates that sign this element. More...

Protected Member Functions
	__construct (\DOMElement $xml=null)
	Initialize the helper class. More...
	signElement (\DOMElement $root, \DOMElement $insertBefore=null)
	Sign the given XML element. More...

Private Attributes
	$signatureKey
	$certificates
	$validators

Detailed Description

Definition at line 14 of file SignedElementHelper.php.

Constructor & Destructor Documentation

__construct()

SAML2\SignedElementHelper::__construct ( \DOMElement  $xml = null )

protected

Initialize the helper class.

Parameters

\DOMElement | null

$xml

The XML element which may be signed.

Definition at line 44 of file SignedElementHelper.php.

References $xml, and array.

    {
        $this->certificates = array();
        $this->validators = array();

        if ($xml === null) {
            return;
        }

        /* Validate the signature element of the message. */
        try {
            $sig = Utils::validateElement($xml);

            if ($sig !== false) {
                $this->certificates = $sig['Certificates'];
                $this->validators[] = array(
                    'Function' => array('\SAML2\Utils', 'validateSignature'),
                    'Data' => $sig,
                );
            }
        } catch (\Exception $e) {
            /* Ignore signature validation errors. */
        }
    }

Member Function Documentation

addValidator()

SAML2\SignedElementHelper::addValidator	(		$function,
			$data
	)

Add a method for validating this element.

This function is used for custom validation extensions

Parameters

callback	$function	The function which should be called.
mixed	$data	The data that should be included as the first parameter to the function.

Definition at line 77 of file SignedElementHelper.php.

References $data, $function, and array.

    {
        assert(is_callable($function));

        $this->validators[] = array(
            'Function' => $function,
            'Data' => $data,
        );
    }

getCertificates()

SAML2\SignedElementHelper::getCertificates

(

)

Retrieve the certificates that are included in the message.

Returns

array An array of certificates.

Implements SAML2\SignedElement.

Definition at line 163 of file SignedElementHelper.php.

References $certificates.

    {
        return $this->certificates;
    }

getSignatureKey()

SAML2\SignedElementHelper::getSignatureKey

(

)

Retrieve the private key we should use to sign the message.

Returns

XMLSecurityKey|null The key, or NULL if no key is specified.

Implements SAML2\SignedElement.

Definition at line 129 of file SignedElementHelper.php.

    {
        return $this->signatureKey;
    }

getValidatingCertificates()

SAML2\SignedElementHelper::getValidatingCertificates

(

)

Retrieve certificates that sign this element.

Returns

array Array with certificates.

Definition at line 173 of file SignedElementHelper.php.

References $key, $ret, and array.

    {
        $ret = array();
        foreach ($this->certificates as $cert) {

            /* Construct a PEM formatted certificate */
            $pemCert = "-----BEGIN CERTIFICATE-----\n" .
                chunk_split($cert, 64) .
                "-----END CERTIFICATE-----\n";

            /* Extract the public key from the certificate for validation. */
            $key = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'public'));
            $key->loadKey($pemCert);

            try {
                /* Check the signature. */
                if ($this->validate($key)) {
                    $ret[] = $cert;
                }
            } catch (\Exception $e) {
                /* This certificate does not sign this element. */
            }
        }

        return $ret;
    }

setCertificates()

SAML2\SignedElementHelper::setCertificates

(

array

$certificates

)

Set the certificates that should be included in the message.

The certificates should be strings with the PEM encoded data.

Parameters

array

$certificates

An array of certificates.

Implements SAML2\SignedElement.

Definition at line 153 of file SignedElementHelper.php.

References $certificates.

    {
        $this->certificates = $certificates;
    }

setSignatureKey()

SAML2\SignedElementHelper::setSignatureKey

(

XMLSecurityKey

$signatureKey = null

)

Set the private key we should use to sign the message.

If the key is null, the message will be sent unsigned.

Parameters

XMLSecurityKey | null

$signatureKey

Implements SAML2\SignedElement.

Definition at line 141 of file SignedElementHelper.php.

    {
        $this->signatureKey = $signatureKey;
    }

signElement()

SAML2\SignedElementHelper::signElement ( \DOMElement  $root, \DOMElement  $insertBefore = null  )

protected

Sign the given XML element.

Parameters

\DOMElement	$root	The element we should sign.
\DOMElement | null	$insertBefore	The element we should insert the signature node before.

Returns

|null

Definition at line 207 of file SignedElementHelper.php.

Referenced by SAML2\XML\md\EntitiesDescriptor\__construct(), SAML2\XML\md\EntityDescriptor\__construct(), and SAML2\XML\md\AffiliationDescriptor\toXML().

    {
        if ($this->signatureKey === null) {
            /* We cannot sign this element. */

            return null;
        }

        Utils::insertSignature($this->signatureKey, $this->certificates, $root, $insertBefore);

        return $root;
    }

Here is the caller graph for this function:

validate()

SAML2\SignedElementHelper::validate

(

XMLSecurityKey

$key

)

Validate this element against a public key.

true is returned on success, false is returned if we don't have any signature we can validate. An exception is thrown if the signature validation fails.

Parameters

XMLSecurityKey

$key

The key we should check against.

Returns

boolean true on success, false when we don't have a signature.

Exceptions

Implements SAML2\SignedElement.

Definition at line 98 of file SignedElementHelper.php.

References $data, $exceptions, $function, and array.

    {
        if (count($this->validators) === 0) {
            return false;
        }

        $exceptions = array();

        foreach ($this->validators as $validator) {
            $function = $validator['Function'];
            $data = $validator['Data'];

            try {
                call_user_func($function, $data, $key);
                /* We were able to validate the message with this validator. */

                return true;
            } catch (\Exception $e) {
                $exceptions[] = $e;
            }
        }

        /* No validators were able to validate the message. */
        throw $exceptions[0];
    }

Field Documentation

$certificates

SAML2\SignedElementHelper::$certificates

private

Definition at line 30 of file SignedElementHelper.php.

$signatureKey

SAML2\SignedElementHelper::$signatureKey

private

Definition at line 23 of file SignedElementHelper.php.

$validators

SAML2\SignedElementHelper::$validators

private

Definition at line 37 of file SignedElementHelper.php.

---

The documentation for this class was generated from the following file:

• libs/composer/vendor/simplesamlphp/saml2/src/SAML2/SignedElementHelper.php