ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Private Attributes
SimpleSAML\XML\Signer Class Reference
+ Collaboration diagram for SimpleSAML\XML\Signer:

Public Member Functions

 __construct ($options=array())
 Constructor for the metadata signer. More...
 
 loadPrivateKeyArray ($privatekey)
 Set the private key from an array. More...
 
 loadPrivateKey ($file, $pass=null, $full_path=false)
 Set the private key. More...
 
 loadPublicKeyArray ($publickey)
 Set the public key / certificate we should include in the signature. More...
 
 loadCertificate ($file, $full_path=false)
 Set the certificate we should include in the signature. More...
 
 setIDAttribute ($idAttrName)
 Set the attribute name for the ID value. More...
 
 addCertificate ($file, $full_path=false)
 Add an extra certificate to the certificate chain in the signature. More...
 

Private Attributes

 $idAttrName = ''
 
 $privateKey = false
 
 $certificate = ''
 
 $extraCertificates = array()
 

Detailed Description

Definition at line 21 of file Signer.php.

Constructor & Destructor Documentation

◆ __construct()

SimpleSAML\XML\Signer::__construct (   $options = array())

Constructor for the metadata signer.

You can pass an list of options as key-value pairs in the array. This allows you to initialize a metadata signer in one call.

The following keys are recognized:

  • privatekey The file with the private key, relative to the cert-directory.
  • privatekey_pass The passphrase for the private key.
  • certificate The file with the certificate, relative to the cert-directory.
  • privatekey_array The private key, as an array returned from SimpleSAML_Utilities::loadPrivateKey.
  • publickey_array The public key, as an array returned from SimpleSAML_Utilities::loadPublicKey.
  • id The name of the ID attribute.
Parameters
array$optionsAssociative array with options for the constructor. Defaults to an empty array.

Definition at line 61 of file Signer.php.

References PHPMailer\PHPMailer\$options, $pass, SimpleSAML\XML\Signer\loadCertificate(), SimpleSAML\XML\Signer\loadPrivateKey(), SimpleSAML\XML\Signer\loadPrivateKeyArray(), and SimpleSAML\XML\Signer\loadPublicKeyArray().

62  {
63  assert(is_array($options));
64 
65  if (array_key_exists('privatekey', $options)) {
66  $pass = null;
67  if (array_key_exists('privatekey_pass', $options)) {
68  $pass = $options['privatekey_pass'];
69  }
70 
71  $this->loadPrivateKey($options['privatekey'], $pass);
72  }
73 
74  if (array_key_exists('certificate', $options)) {
75  $this->loadCertificate($options['certificate']);
76  }
77 
78  if (array_key_exists('privatekey_array', $options)) {
79  $this->loadPrivateKeyArray($options['privatekey_array']);
80  }
81 
82  if (array_key_exists('publickey_array', $options)) {
83  $this->loadPublicKeyArray($options['publickey_array']);
84  }
85 
86  if (array_key_exists('id', $options)) {
87  $this->setIdAttribute($options['id']);
88  }
89  }
SimpleSAML\XML\Signer\loadPublicKeyArray
loadPublicKeyArray($publickey)
Set the public key / certificate we should include in the signature.
Definition: Signer.php:163
SimpleSAML\XML\Signer\loadPrivateKey
loadPrivateKey($file, $pass=null, $full_path=false)
Set the private key.
Definition: Signer.php:126
SimpleSAML\XML\Signer\loadCertificate
loadCertificate($file, $full_path=false)
Set the certificate we should include in the signature.
Definition: Signer.php:189
SimpleSAML\XML\Signer\loadPrivateKeyArray
loadPrivateKeyArray($privatekey)
Set the private key from an array.
Definition: Signer.php:100
+ Here is the call graph for this function:

Member Function Documentation

◆ addCertificate()

SimpleSAML\XML\Signer::addCertificate (   $file,
  $full_path = false 
)

Add an extra certificate to the certificate chain in the signature.

Extra certificates will be added to the certificate chain in the order they are added.

Parameters
string$fileThe file which contains the certificate, relative to the cert-directory.
bool$full_pathWhether the filename found in the configuration contains the full path to the private key or not. Default to false.
Exceptions

Definition at line 236 of file Signer.php.

References SimpleSAML\XML\Signer\$certificate, SimpleSAML\XML\Signer\$idAttrName, PHPMailer\PHPMailer\$options, RobRichards\XMLSecLibs\XMLSecurityDSig\EXC_C14N, SimpleSAML\Utils\Config\getCertPath(), and RobRichards\XMLSecLibs\XMLSecurityDSig\SHA256.

237  {
238  assert(is_string($file));
239  assert(is_bool($full_path));
240 
241  if (!$full_path) {
242  $certFile = Config::getCertPath($file);
243  } else {
244  $certFile = $file;
245  }
246 
247  if (!file_exists($certFile)) {
248  throw new \Exception('Could not find extra certificate file "' . $certFile . '".');
249  }
250 
251  $certificate = file_get_contents($certFile);
252  if ($certificate === false) {
253  throw new \Exception('Unable to read extra certificate file "' . $certFile . '".');
254  }
255 
256  $this->extraCertificates[] = $certificate;
257  }
SimpleSAML\Utils\Config\getCertPath
static getCertPath($path)
Resolves a path that may be relative to the cert-directory.
Definition: Config.php:22
+ Here is the call graph for this function:

◆ loadCertificate()

SimpleSAML\XML\Signer::loadCertificate (   $file,
  $full_path = false 
)

Set the certificate we should include in the signature.

If this function isn't called, no certificate will be included. Will throw an exception if unable to load the certificate.

Parameters
string$fileThe file which contains the certificate. The path is assumed to be relative to the cert-directory.
bool$full_pathWhether the filename found in the configuration contains the full path to the private key or not. Default to false.
Exceptions

Definition at line 189 of file Signer.php.

References SimpleSAML\Utils\Config\getCertPath().

Referenced by SimpleSAML\XML\Signer\__construct().

190  {
191  assert(is_string($file));
192  assert(is_bool($full_path));
193 
194  if (!$full_path) {
195  $certFile = Config::getCertPath($file);
196  } else {
197  $certFile = $file;
198  }
199 
200  if (!file_exists($certFile)) {
201  throw new \Exception('Could not find certificate file "' . $certFile . '".');
202  }
203 
204  $cert = file_get_contents($certFile);
205  if ($cert === false) {
206  throw new \Exception('Unable to read certificate file "' . $certFile . '".');
207  }
208  $this->certificate = $cert;
209  }
SimpleSAML\Utils\Config\getCertPath
static getCertPath($path)
Resolves a path that may be relative to the cert-directory.
Definition: Config.php:22
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ loadPrivateKey()

SimpleSAML\XML\Signer::loadPrivateKey (   $file,
  $pass = null,
  $full_path = false 
)

Set the private key.

Will throw an exception if unable to load the private key.

Parameters
string$fileThe file which contains the private key. The path is assumed to be relative to the cert-directory.
string | null$passThe passphrase on the private key. Pass no value or NULL if the private key is unencrypted.
bool$full_pathWhether the filename found in the configuration contains the full path to the private key or not. Default to false.
Exceptions

Definition at line 126 of file Signer.php.

References $pass, SimpleSAML\Utils\Config\getCertPath(), and SimpleSAML\XML\Signer\loadPrivateKeyArray().

Referenced by SimpleSAML\XML\Signer\__construct().

127  {
128  assert(is_string($file));
129  assert(is_string($pass) || $pass === null);
130  assert(is_bool($full_path));
131 
132  if (!$full_path) {
133  $keyFile = Config::getCertPath($file);
134  } else {
135  $keyFile = $file;
136  }
137 
138  if (!file_exists($keyFile)) {
139  throw new \Exception('Could not find private key file "' . $keyFile . '".');
140  }
141  $keyData = file_get_contents($keyFile);
142  if ($keyData === false) {
143  throw new \Exception('Unable to read private key file "' . $keyFile . '".');
144  }
145 
146  $privatekey = array('PEM' => $keyData);
147  if ($pass !== null) {
148  $privatekey['password'] = $pass;
149  }
150  $this->loadPrivateKeyArray($privatekey);
151  }
SimpleSAML\XML\Signer\loadPrivateKeyArray
loadPrivateKeyArray($privatekey)
Set the private key from an array.
Definition: Signer.php:100
SimpleSAML\Utils\Config\getCertPath
static getCertPath($path)
Resolves a path that may be relative to the cert-directory.
Definition: Config.php:22
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ loadPrivateKeyArray()

SimpleSAML\XML\Signer::loadPrivateKeyArray (   $privatekey)

Set the private key from an array.

This function loads the private key from an array matching what is returned by SimpleSAML_Utilities::loadPrivateKey(...).

Parameters
array$privatekeyThe private key.

Definition at line 100 of file Signer.php.

References RobRichards\XMLSecLibs\XMLSecurityKey\RSA_SHA256.

Referenced by SimpleSAML\XML\Signer\__construct(), and SimpleSAML\XML\Signer\loadPrivateKey().

101  {
102  assert(is_array($privatekey));
103  assert(array_key_exists('PEM', $privatekey));
104 
105  $this->privateKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type' => 'private'));
106  if (array_key_exists('password', $privatekey)) {
107  $this->privateKey->passphrase = $privatekey['password'];
108  }
109  $this->privateKey->loadKey($privatekey['PEM'], false);
110  }
+ Here is the caller graph for this function:

◆ loadPublicKeyArray()

SimpleSAML\XML\Signer::loadPublicKeyArray (   $publickey)

Set the public key / certificate we should include in the signature.

This function loads the public key from an array matching what is returned by SimpleSAML_Utilities::loadPublicKey(...).

Parameters
array$publickeyThe public key.
Exceptions

Definition at line 163 of file Signer.php.

Referenced by SimpleSAML\XML\Signer\__construct().

164  {
165  assert(is_array($publickey));
166 
167  if (!array_key_exists('PEM', $publickey)) {
168  // We have a public key with only a fingerprint
169  throw new \Exception('Tried to add a certificate fingerprint in a signature.');
170  }
171 
172  // For now, we only assume that the public key is an X509 certificate
173  $this->certificate = $publickey['PEM'];
174  }
+ Here is the caller graph for this function:

◆ setIDAttribute()

SimpleSAML\XML\Signer::setIDAttribute (   $idAttrName)

Set the attribute name for the ID value.

Parameters
string$idAttrNameThe name of the attribute which contains the id.

Definition at line 217 of file Signer.php.

References SimpleSAML\XML\Signer\$idAttrName.

218  {
219  assert(is_string($idAttrName));
220 
221  $this->idAttrName = $idAttrName;
222  }

Field Documentation

◆ $certificate

SimpleSAML\XML\Signer::$certificate = ''
private

Definition at line 36 of file Signer.php.

Referenced by SimpleSAML\XML\Signer\addCertificate().

◆ $extraCertificates

SimpleSAML\XML\Signer::$extraCertificates = array()
private

Definition at line 42 of file Signer.php.

◆ $idAttrName

SimpleSAML\XML\Signer::$idAttrName = ''
private

Definition at line 26 of file Signer.php.

Referenced by SimpleSAML\XML\Signer\addCertificate(), and SimpleSAML\XML\Signer\setIDAttribute().

◆ $privateKey

SimpleSAML\XML\Signer::$privateKey = false
private

Definition at line 31 of file Signer.php.

The documentation for this class was generated from the following file: