ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Private Attributes
SimpleSAML\XML\Signer Class Reference
+ Collaboration diagram for SimpleSAML\XML\Signer:

Public Member Functions

 __construct ($options=array())
 Constructor for the metadata signer. More...
 
 loadPrivateKeyArray ($privatekey)
 Set the private key from an array. More...
 
 loadPrivateKey ($file, $pass=null, $full_path=false)
 Set the private key. More...
 
 loadPublicKeyArray ($publickey)
 Set the public key / certificate we should include in the signature. More...
 
 loadCertificate ($file, $full_path=false)
 Set the certificate we should include in the signature. More...
 
 setIDAttribute ($idAttrName)
 Set the attribute name for the ID value. More...
 
 addCertificate ($file, $full_path=false)
 Add an extra certificate to the certificate chain in the signature. More...
 

Private Attributes

 $idAttrName = ''
 
 $privateKey = false
 
 $certificate = ''
 
 $extraCertificates = array()
 

Detailed Description

Definition at line 21 of file Signer.php.

Constructor & Destructor Documentation

◆ __construct()

SimpleSAML\XML\Signer::__construct (   $options = array())

Constructor for the metadata signer.

You can pass an list of options as key-value pairs in the array. This allows you to initialize a metadata signer in one call.

The following keys are recognized:

  • privatekey The file with the private key, relative to the cert-directory.
  • privatekey_pass The passphrase for the private key.
  • certificate The file with the certificate, relative to the cert-directory.
  • privatekey_array The private key, as an array returned from SimpleSAML_Utilities::loadPrivateKey.
  • publickey_array The public key, as an array returned from SimpleSAML_Utilities::loadPublicKey.
  • id The name of the ID attribute.
Parameters
array$optionsAssociative array with options for the constructor. Defaults to an empty array.

Definition at line 61 of file Signer.php.

62 {
63 assert(is_array($options));
64
65 if (array_key_exists('privatekey', $options)) {
66 $pass = null;
67 if (array_key_exists('privatekey_pass', $options)) {
68 $pass = $options['privatekey_pass'];
69 }
70
71 $this->loadPrivateKey($options['privatekey'], $pass);
72 }
73
74 if (array_key_exists('certificate', $options)) {
75 $this->loadCertificate($options['certificate']);
76 }
77
78 if (array_key_exists('privatekey_array', $options)) {
79 $this->loadPrivateKeyArray($options['privatekey_array']);
80 }
81
82 if (array_key_exists('publickey_array', $options)) {
83 $this->loadPublicKeyArray($options['publickey_array']);
84 }
85
86 if (array_key_exists('id', $options)) {
87 $this->setIdAttribute($options['id']);
88 }
89 }
SimpleSAML\XML\Signer\loadPrivateKey
loadPrivateKey($file, $pass=null, $full_path=false)
Set the private key.
Definition: Signer.php:126
SimpleSAML\XML\Signer\loadCertificate
loadCertificate($file, $full_path=false)
Set the certificate we should include in the signature.
Definition: Signer.php:189
SimpleSAML\XML\Signer\loadPublicKeyArray
loadPublicKeyArray($publickey)
Set the public key / certificate we should include in the signature.
Definition: Signer.php:163
SimpleSAML\XML\Signer\loadPrivateKeyArray
loadPrivateKeyArray($privatekey)
Set the private key from an array.
Definition: Signer.php:100

References PHPMailer\PHPMailer\$options, $pass, SimpleSAML\XML\Signer\loadCertificate(), SimpleSAML\XML\Signer\loadPrivateKey(), SimpleSAML\XML\Signer\loadPrivateKeyArray(), and SimpleSAML\XML\Signer\loadPublicKeyArray().

+ Here is the call graph for this function:

Member Function Documentation

◆ addCertificate()

SimpleSAML\XML\Signer::addCertificate (   $file,
  $full_path = false 
)

Add an extra certificate to the certificate chain in the signature.

Extra certificates will be added to the certificate chain in the order they are added.

Parameters
string$fileThe file which contains the certificate, relative to the cert-directory.
bool$full_pathWhether the filename found in the configuration contains the full path to the private key or not. Default to false.
Exceptions

Exception

Definition at line 236 of file Signer.php.

237 {
238 assert(is_string($file));
239 assert(is_bool($full_path));
240
241 if (!$full_path) {
242 $certFile = Config::getCertPath($file);
243 } else {
244 $certFile = $file;
245 }
246
247 if (!file_exists($certFile)) {
248 throw new \Exception('Could not find extra certificate file "' . $certFile . '".');
249 }
250
251 $certificate = file_get_contents($certFile);
252 if ($certificate === false) {
253 throw new \Exception('Unable to read extra certificate file "' . $certFile . '".');
254 }
255
256 $this->extraCertificates[] = $certificate;
257 }
SimpleSAML\Utils\Config\getCertPath
static getCertPath($path)
Resolves a path that may be relative to the cert-directory.
Definition: Config.php:22

References SimpleSAML\XML\Signer\$certificate, and SimpleSAML\Utils\Config\getCertPath().

+ Here is the call graph for this function:

◆ loadCertificate()

SimpleSAML\XML\Signer::loadCertificate (   $file,
  $full_path = false 
)

Set the certificate we should include in the signature.

If this function isn't called, no certificate will be included. Will throw an exception if unable to load the certificate.

Parameters
string$fileThe file which contains the certificate. The path is assumed to be relative to the cert-directory.
bool$full_pathWhether the filename found in the configuration contains the full path to the private key or not. Default to false.
Exceptions

Exception

Definition at line 189 of file Signer.php.

190 {
191 assert(is_string($file));
192 assert(is_bool($full_path));
193
194 if (!$full_path) {
195 $certFile = Config::getCertPath($file);
196 } else {
197 $certFile = $file;
198 }
199
200 if (!file_exists($certFile)) {
201 throw new \Exception('Could not find certificate file "' . $certFile . '".');
202 }
203
204 $cert = file_get_contents($certFile);
205 if ($cert === false) {
206 throw new \Exception('Unable to read certificate file "' . $certFile . '".');
207 }
208 $this->certificate = $cert;
209 }

References SimpleSAML\Utils\Config\getCertPath().

Referenced by SimpleSAML\XML\Signer\__construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ loadPrivateKey()

SimpleSAML\XML\Signer::loadPrivateKey (   $file,
  $pass = null,
  $full_path = false 
)

Set the private key.

Will throw an exception if unable to load the private key.

Parameters
string$fileThe file which contains the private key. The path is assumed to be relative to the cert-directory.
string | null$passThe passphrase on the private key. Pass no value or NULL if the private key is unencrypted.
bool$full_pathWhether the filename found in the configuration contains the full path to the private key or not. Default to false.
Exceptions

Exception

Definition at line 126 of file Signer.php.

127 {
128 assert(is_string($file));
129 assert(is_string($pass) || $pass === null);
130 assert(is_bool($full_path));
131
132 if (!$full_path) {
133 $keyFile = Config::getCertPath($file);
134 } else {
135 $keyFile = $file;
136 }
137
138 if (!file_exists($keyFile)) {
139 throw new \Exception('Could not find private key file "' . $keyFile . '".');
140 }
141 $keyData = file_get_contents($keyFile);
142 if ($keyData === false) {
143 throw new \Exception('Unable to read private key file "' . $keyFile . '".');
144 }
145
146 $privatekey = array('PEM' => $keyData);
147 if ($pass !== null) {
148 $privatekey['password'] = $pass;
149 }
150 $this->loadPrivateKeyArray($privatekey);
151 }

References $pass, SimpleSAML\Utils\Config\getCertPath(), and SimpleSAML\XML\Signer\loadPrivateKeyArray().

Referenced by SimpleSAML\XML\Signer\__construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ loadPrivateKeyArray()

SimpleSAML\XML\Signer::loadPrivateKeyArray (   $privatekey)

Set the private key from an array.

This function loads the private key from an array matching what is returned by SimpleSAML_Utilities::loadPrivateKey(...).

Parameters
array$privatekeyThe private key.

Definition at line 100 of file Signer.php.

101 {
102 assert(is_array($privatekey));
103 assert(array_key_exists('PEM', $privatekey));
104
105 $this->privateKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type' => 'private'));
106 if (array_key_exists('password', $privatekey)) {
107 $this->privateKey->passphrase = $privatekey['password'];
108 }
109 $this->privateKey->loadKey($privatekey['PEM'], false);
110 }

References RobRichards\XMLSecLibs\XMLSecurityKey\RSA_SHA256.

Referenced by SimpleSAML\XML\Signer\__construct(), and SimpleSAML\XML\Signer\loadPrivateKey().

+ Here is the caller graph for this function:

◆ loadPublicKeyArray()

SimpleSAML\XML\Signer::loadPublicKeyArray (   $publickey)

Set the public key / certificate we should include in the signature.

This function loads the public key from an array matching what is returned by SimpleSAML_Utilities::loadPublicKey(...).

Parameters
array$publickeyThe public key.
Exceptions

Exception

Definition at line 163 of file Signer.php.

164 {
165 assert(is_array($publickey));
166
167 if (!array_key_exists('PEM', $publickey)) {
168 // We have a public key with only a fingerprint
169 throw new \Exception('Tried to add a certificate fingerprint in a signature.');
170 }
171
172 // For now, we only assume that the public key is an X509 certificate
173 $this->certificate = $publickey['PEM'];
174 }

Referenced by SimpleSAML\XML\Signer\__construct().

+ Here is the caller graph for this function:

◆ setIDAttribute()

SimpleSAML\XML\Signer::setIDAttribute (   $idAttrName)

Set the attribute name for the ID value.

Parameters
string$idAttrNameThe name of the attribute which contains the id.

Definition at line 217 of file Signer.php.

218 {
219 assert(is_string($idAttrName));
220
221 $this->idAttrName = $idAttrName;
222 }

References SimpleSAML\XML\Signer\$idAttrName.

Field Documentation

◆ $certificate

SimpleSAML\XML\Signer::$certificate = ''
private

Definition at line 36 of file Signer.php.

Referenced by SimpleSAML\XML\Signer\addCertificate().

◆ $extraCertificates

SimpleSAML\XML\Signer::$extraCertificates = array()
private

Definition at line 42 of file Signer.php.

◆ $idAttrName

SimpleSAML\XML\Signer::$idAttrName = ''
private

Definition at line 26 of file Signer.php.

Referenced by SimpleSAML\XML\Signer\setIDAttribute().

◆ $privateKey

SimpleSAML\XML\Signer::$privateKey = false
private

Definition at line 31 of file Signer.php.

The documentation for this class was generated from the following file: