From 9d4fd201eea28032b46e8c2649a93a02d8f688df Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 10 Aug 2010 11:26:12 +0000
Subject: [PATCH] Configuration: Add getPublicKeys.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2506 44740490-163a-0410-bde0-09ae8108e29a
---
lib/SimpleSAML/Configuration.php | 77 +++++++++++++++++++++++++++++++-
1 file changed, 75 insertions(+), 2 deletions(-)
diff --git a/lib/SimpleSAML/Configuration.php b/lib/SimpleSAML/Configuration.php
index 973cc54fb..d091d6038 100644
--- a/lib/SimpleSAML/Configuration.php
+++ b/lib/SimpleSAML/Configuration.php
@@ -1021,6 +1021,79 @@ class SimpleSAML_Configuration {
return $ret;
}
-}
+ /**
+ * Get public key from metadata.
+ *
+ * @param string|NULL $use The purpose this key can be used for. (encryption or signing).
+ * @param bool $required Whether the public key is required. If this is TRUE, a
+ * missing key will cause an exception. Default is FALSE.
+ * @param string $prefix The prefix which should be used when reading from the metadata
+ * array. Defaults to ''.
+ * @return array|NULL Public key data, or NULL if no public key or was found.
+ */
+ public function getPublicKeys($use = NULL, $required = FALSE, $prefix = '') {
+ assert('is_bool($required)');
+ assert('is_string($prefix)');
+
+ if ($this->hasValue($prefix . 'keys')) {
+ $ret = array();
+ foreach ($this->getArray($prefix . 'keys') as $key) {
+ if ($use !== NULL && isset($key[$use]) && !$key[$use]) {
+ continue;
+ }
+ if (isset($key['X509Certificate'])) {
+ /* Strip whitespace from key. */
+ $key['X509Certificate'] = preg_replace('/\s+/', '', $key['X509Certificate']);
+ }
+ $ret[] = $key;
+
+ }
+ }
+
+ if ($this->hasValue($prefix . 'certData')) {
+ $certData = $this->getString($prefix . 'certData');
+ $certData = preg_replace('/\s+/', '', $certData);
+ return array(
+ array(
+ 'encryption' => TRUE,
+ 'signing' => TRUE,
+ 'type' => 'X509Certificate',
+ 'X509Certificate' => $certData,
+ ),
+ );
+ }
-?>
\ No newline at end of file
+ if ($this->hasValue($prefix . 'certificate')) {
+ $file = $this->getString($prefix . 'certificate');
+ $file = SimpleSAML_Utilities::resolveCert($file);
+ $data = @file_get_contents($file);
+
+ if ($data === FALSE) {
+ throw new Exception($this->location . ': Unable to load certificate/public key from file "' . $file . '".');
+ }
+
+ /* Extract certificate data (if this is a certificate). */
+ $pattern = '/^-----BEGIN CERTIFICATE-----([^-]*)^-----END CERTIFICATE-----/m';
+ if (!preg_match($pattern, $data, $matches)) {
+ throw new SimpleSAML_Error_Exception($this->location . ': Could not find PEM encoded certificate in "' . $file . '".');
+ }
+ $certData = preg_replace('/\s+/', '', $matches[1]);
+
+ return array(
+ array(
+ 'encryption' => TRUE,
+ 'signing' => TRUE,
+ 'type' => 'X509Certificate',
+ 'X509Certificate' => $certData,
+ ),
+ );
+ }
+
+ if ($required) {
+ throw new SimpleSAML_Error_Exception($this->location . ': Missing certificate in metadata.');
+ } else {
+ return NULL;
+ }
+ }
+
+}
--
GitLab