Inheritance diagram for SAML2\SignedElementHelper:

Collaboration diagram for SAML2\SignedElementHelper:

Public Member Functions
	addValidator ($function, $data)
	Add a method for validating this element. More...

	validate (XMLSecurityKey $key)
	Validate this element against a public key. More...

	getSignatureKey ()
	Retrieve the private key we should use to sign the message. More...

	setSignatureKey (XMLSecurityKey $signatureKey=null)
	Set the private key we should use to sign the message. More...

	setCertificates (array $certificates)
	Set the certificates that should be included in the message. More...

	getCertificates ()
	Retrieve the certificates that are included in the message. More...

	getValidatingCertificates ()
	Retrieve certificates that sign this element. More...

	validate (XMLSecurityKey $key)
	Validate this element against a public key. More...

	setCertificates (array $certificates)
	Set the certificates that should be included in the element. More...

	getCertificates ()
	Retrieve the certificates that are included in the element (if any). More...

	getSignatureKey ()
	Retrieve the private key we should use to sign the element. More...

	setSignatureKey (XMLSecurityKey $signatureKey=null)
	Set the private key we should use to sign the element. More...

Protected Member Functions
	__construct (\DOMElement $xml=null)
	Initialize the helper class. More...

	signElement (\DOMElement $root, \DOMElement $insertBefore=null)
	Sign the given XML element. More...

Private Attributes
	$signatureKey

	$certificates

	$validators

Detailed Description

Definition at line 14 of file SignedElementHelper.php.

Constructor & Destructor Documentation

◆ __construct()

SAML2\SignedElementHelper::__construct ( \DOMElement $xml = null )

protected

Initialize the helper class.

Parameters

\DOMElement | null $xml The XML element which may be signed.

Reimplemented in SAML2\XML\md\UnknownRoleDescriptor, SAML2\XML\md\AffiliationDescriptor, SAML2\XML\md\AttributeAuthorityDescriptor, SAML2\XML\md\AuthnAuthorityDescriptor, SAML2\XML\md\EntitiesDescriptor, SAML2\XML\md\EntityDescriptor, SAML2\XML\md\IDPSSODescriptor, SAML2\XML\md\PDPDescriptor, and SAML2\XML\md\SPSSODescriptor.

Definition at line 44 of file SignedElementHelper.php.

    {
        $this->certificates = array();
        $this->validators = array();
 
        if ($xml === null) {
            return;
        }
 
        /* Validate the signature element of the message. */
        try {
            $sig = Utils::validateElement($xml);
 
            if ($sig !== false) {
                $this->certificates = $sig['Certificates'];
                $this->validators[] = array(
                    'Function' => array('\SAML2\Utils', 'validateSignature'),
                    'Data' => $sig,
                );
            }
        } catch (\Exception $e) {
            /* Ignore signature validation errors. */
        }
    }

References $xml.

Member Function Documentation

◆ addValidator()

SAML2\SignedElementHelper::addValidator	(	$function,
		$data
	)

Add a method for validating this element.

This function is used for custom validation extensions

Parameters

callback	$function	The function which should be called.
mixed	$data	The data that should be included as the first parameter to the function.

Definition at line 77 of file SignedElementHelper.php.

    {
        assert(is_callable($function));
 
        $this->validators[] = array(
            'Function' => $function,
            'Data' => $data,
        );
    }

References $data.

◆ getCertificates()

SAML2\SignedElementHelper::getCertificates ( )

Retrieve the certificates that are included in the message.

Returns: array An array of certificates.

Implements SAML2\SignedElement.

Definition at line 163 of file SignedElementHelper.php.

    {
        return $this->certificates;
    }

References $certificates.

◆ getSignatureKey()

SAML2\SignedElementHelper::getSignatureKey ( )

Retrieve the private key we should use to sign the message.

Returns: XMLSecurityKey|null The key, or NULL if no key is specified.

Implements SAML2\SignedElement.

Definition at line 129 of file SignedElementHelper.php.

    {
        return $this->signatureKey;
    }

◆ getValidatingCertificates()

SAML2\SignedElementHelper::getValidatingCertificates ( )

Retrieve certificates that sign this element.

Returns: array Array with certificates.

Definition at line 173 of file SignedElementHelper.php.

    {
        $ret = array();
        foreach ($this->certificates as $cert) {
 
            /* Construct a PEM formatted certificate */
            $pemCert = "-----BEGIN CERTIFICATE-----\n" .
                chunk_split($cert, 64) .
                "-----END CERTIFICATE-----\n";
 
            /* Extract the public key from the certificate for validation. */
            $key = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type'=>'public'));
            $key->loadKey($pemCert);
 
            try {
                /* Check the signature. */
                if ($this->validate($key)) {
                    $ret[] = $cert;
                }
            } catch (\Exception $e) {
                /* This certificate does not sign this element. */
            }
        }
 
        return $ret;
    }

References $key, and $ret.

◆ setCertificates()

SAML2\SignedElementHelper::setCertificates ( array $certificates )

Set the certificates that should be included in the message.

The certificates should be strings with the PEM encoded data.

Parameters

array $certificates An array of certificates.

Implements SAML2\SignedElement.

Definition at line 153 of file SignedElementHelper.php.

    {
        $this->certificates = $certificates;
    }

References $certificates.

◆ setSignatureKey()

SAML2\SignedElementHelper::setSignatureKey ( XMLSecurityKey $signatureKey = null )

Set the private key we should use to sign the message.

If the key is null, the message will be sent unsigned.

Parameters

XMLSecurityKey | null $signatureKey

Implements SAML2\SignedElement.

Definition at line 141 of file SignedElementHelper.php.

    {
        $this->signatureKey = $signatureKey;
    }

◆ signElement()

SAML2\SignedElementHelper::signElement	(	\DOMElement	$root,
		\DOMElement	$insertBefore = `null`
	)

protected

Sign the given XML element.

Parameters

\DOMElement	$root	The element we should sign.
\DOMElement \| null	$insertBefore	The element we should insert the signature node before.

Returns: \DOMElement|null

Definition at line 207 of file SignedElementHelper.php.

    {
        if ($this->signatureKey === null) {
            /* We cannot sign this element. */
 
            return null;
        }
 
        Utils::insertSignature($this->signatureKey, $this->certificates, $root, $insertBefore);
 
        return $root;
    }

References $root.

Referenced by SAML2\XML\md\AffiliationDescriptor\toXML().

Here is the caller graph for this function:

◆ validate()

SAML2\SignedElementHelper::validate ( XMLSecurityKey $key )

Validate this element against a public key.

true is returned on success, false is returned if we don't have any signature we can validate. An exception is thrown if the signature validation fails.

Parameters

XMLSecurityKey $key The key we should check against.

Returns: boolean true on success, false when we don't have a signature.

Exceptions

Exception

Implements SAML2\SignedElement.

Definition at line 98 of file SignedElementHelper.php.

    {
        if (count($this->validators) === 0) {
            return false;
        }
 
        $exceptions = array();
 
        foreach ($this->validators as $validator) {
            $function = $validator['Function'];
            $data = $validator['Data'];
 
            try {
                call_user_func($function, $data, $key);
                /* We were able to validate the message with this validator. */
 
                return true;
            } catch (\Exception $e) {
                $exceptions[] = $e;
            }
        }
 
        /* No validators were able to validate the message. */
        throw $exceptions[0];
    }

References $data, $exceptions, and $key.

Field Documentation

◆ $certificates

SAML2\SignedElementHelper::$certificates

private

Definition at line 30 of file SignedElementHelper.php.

◆ $signatureKey

SAML2\SignedElementHelper::$signatureKey

private

Definition at line 23 of file SignedElementHelper.php.

◆ $validators

SAML2\SignedElementHelper::$validators

private

Definition at line 37 of file SignedElementHelper.php.

The documentation for this class was generated from the following file:

libs/composer/vendor/simplesamlphp/saml2/src/SAML2/SignedElementHelper.php

Public Member Functions

Protected Member Functions

Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ addValidator()

◆ getCertificates()

◆ getSignatureKey()

◆ getValidatingCertificates()

◆ setCertificates()

◆ setSignatureKey()

◆ signElement()

◆ validate()

Field Documentation

◆ $certificates

◆ $signatureKey

◆ $validators