You are here

public static function Utilities::validateSignature in SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider 8

2 calls to Utilities::validateSignature()
SAML2_Assertion::validate in src/SAML2_Assertion.php
Validate this assertion against a public key.
Utilities::checkSign in src/Utilities.php

File

src/Utilities.php, line 434

Class

Utilities
This file is part of miniOrange SAML plugin.

Namespace

Drupal\miniorange_saml

Code

public static function validateSignature(array $info, XMLSecurityKey $key) {

  /** @var XMLSecurityDSig $objXMLSecDSig */
  $objXMLSecDSig = $info['Signature'];
  $sigMethod = self::xpQuery($objXMLSecDSig->sigNode, './ds:SignedInfo/ds:SignatureMethod');
  if (empty($sigMethod)) {
    echo sprintf('Missing SignatureMethod element');

    // exit();
  }
  $sigMethod = $sigMethod[0];
  if (!$sigMethod
    ->hasAttribute('Algorithm')) {
    echo sprintf('Missing Algorithm-attribute on SignatureMethod element.');

    // exit;
  }
  $algo = $sigMethod
    ->getAttribute('Algorithm');
  if ($key->type === XMLSecurityKey::RSA_SHA1 && $algo !== $key->type) {
    $key = self::castKey($key, $algo);
  }

  /* Check the signature. */
  if (!$objXMLSecDSig
    ->verify($key)) {
    echo sprintf('Unable to validate Signature');

    // exit;
  }
}