diff --git a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
index 7d9329be1f05078356130bc02223b1ea56258406..bd6cff3a742d4f805a552de35115ba7738cb8754 100644
--- a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
+++ b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
@@ -30,7 +30,7 @@ class SimpleSAML_Bindings_Shib13_HTTPPost {
SimpleSAML_Utilities::validateXMLDocument($response, 'saml11');
- $privatekey = SimpleSAML_Utilities::loadPrivateKey($idpmd->toArray(), TRUE);
+ $privatekey = SimpleSAML_Utilities::loadPrivateKey($idpmd, TRUE);
$publickey = SimpleSAML_Utilities::loadPublicKey($idpmd, TRUE);
$responsedom = new DOMDocument();
diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index cf907119026fbf447902865e3a7b16fe407be63a..d5a5affd8c99f94b4a8e6bc6ec8f8f9f2df7c5c0 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -1595,19 +1595,19 @@ class SimpleSAML_Utilities {
* 'PEM' Data for the private key, in PEM-format
* 'password' Password for the private key.
*
- * @param array $metadata The metadata array the private key should be loaded from.
+ * @param SimpleSAML_Configuration $metadata The metadata array the private key should be loaded from.
* @param bool $required Whether the private key is required. If this is TRUE, a
* missing key will cause an exception. Default is FALSE.
* @param string $prefix The prefix which should be used when reading from the metadata
* array. Defaults to ''.
* @return array|NULL Extracted private key, or NULL if no private key is present.
*/
- public static function loadPrivateKey($metadata, $required = FALSE, $prefix = '') {
- assert('is_array($metadata)');
+ public static function loadPrivateKey(SimpleSAML_Configuration $metadata, $required = FALSE, $prefix = '') {
assert('is_bool($required)');
assert('is_string($prefix)');
- if (!array_key_exists($prefix . 'privatekey', $metadata)) {
+ $file = $metadata->getString($prefix . 'privatekey', NULL);
+ if ($file === NULL) {
/* No private key found. */
if ($required) {
throw new Exception('No private key found in metadata.');
@@ -1616,7 +1616,7 @@ class SimpleSAML_Utilities {
}
}
- $file = SimpleSAML_Utilities::resolveCert($metadata[$prefix . 'privatekey']);
+ $file = SimpleSAML_Utilities::resolveCert($file);
$data = @file_get_contents($file);
if ($data === FALSE) {
throw new Exception('Unable to load private key from file "' . $file . '"');
@@ -1626,8 +1626,8 @@ class SimpleSAML_Utilities {
'PEM' => $data,
);
- if (array_key_exists($prefix . 'privatekey_pass', $metadata)) {
- $ret['password'] = $metadata[$prefix . 'privatekey_pass'];
+ if ($metadata->hasValue($prefix . 'privatekey_pass')) {
+ $ret['password'] = $metadata->getString($prefix . 'privatekey_pass');
}
return $ret;
diff --git a/modules/saml2/lib/Message.php b/modules/saml2/lib/Message.php
index f82c43e68ddb524bfb6adb40fd3de2f73d264095..918cbe626ca769e0bd18317543055ac94599bb64 100644
--- a/modules/saml2/lib/Message.php
+++ b/modules/saml2/lib/Message.php
@@ -39,7 +39,7 @@ class sspmod_saml2_Message {
*/
public static function addSign(SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata, SAML2_SignedElement $element) {
- $keyArray = SimpleSAML_Utilities::loadPrivateKey($srcMetadata->toArray(), TRUE);
+ $keyArray = SimpleSAML_Utilities::loadPrivateKey($srcMetadata, TRUE);
$certArray = SimpleSAML_Utilities::loadPublicKey($srcMetadata, FALSE);
$privateKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
@@ -235,7 +235,7 @@ class sspmod_saml2_Message {
$key->loadKey($sharedKey);
} else {
/* Find the private key we should use to decrypt messages to this SP. */
- $keyArray = SimpleSAML_Utilities::loadPrivateKey($dstMetadata->toArray(), TRUE);
+ $keyArray = SimpleSAML_Utilities::loadPrivateKey($dstMetadata, TRUE);
if (!array_key_exists('PEM', $keyArray)) {
throw new Exception('Unable to locate key we should use to decrypt the message.');
}