idp_cert_multi should accept an array of PEM strings (and array of X509 objects)

[johnnyshields]

Currently idp_cert_multi allows a hashmap of certs for "signing" and "encryption". However, I don't think SAML actually supports encryption in this context--it's the SP's cert (public key) which is used for the IdP's encrypted assertions. Should we remove the concept of "IdP encryption certificates", and just make idp_cert_multi an array of signing certs?

    def get_idp_cert_multi
      return nil if idp_cert_multi.nil? || idp_cert_multi.empty?

      raise ArgumentError.new("Invalid value for idp_cert_multi") unless idp_cert_multi.is_a?(Hash)

      certs = {signing: [], encryption: [] }

      %i[signing encryption].each do |type|
        certs_for_type = idp_cert_multi[type] || idp_cert_multi[type.to_s]
        next if !certs_for_type || certs_for_type.empty?

        certs_for_type.each do |idp_cert|
          certs[type].push(RubySaml::Utils.build_cert_object(idp_cert))
        end
      end

      certs
    end