Code style improvements to SEPE plugin

remotes/angel/1.11.x
Yannick Warnier 8 years ago
parent fb698c853d
commit 14d85f2200
  1. 12
      plugin/sepe/src/sepe.lib.php
  2. 4
      plugin/sepe/src/wsse/soap-server-wsse.php
  3. 12
      plugin/sepe/src/wsse/soap-wsa.php
  4. 51
      plugin/sepe/src/wsse/soap-wsse.php
  5. 133
      plugin/sepe/src/wsse/xmlseclibs.php
  6. 2
      plugin/sepe/ws/Sepe.php

@ -89,7 +89,7 @@ function getActionInfo($id)
global $tableSepeActions; global $tableSepeActions;
$sql = "SELECT * FROM $tableSepeActions WHERE id = $id"; $sql = "SELECT * FROM $tableSepeActions WHERE id = $id";
$res = Database::query($sql); $res = Database::query($sql);
$aux = array(); $row = false;
if (Database::num_rows($res) > 0) { if (Database::num_rows($res) > 0) {
$row['action_origin'] = Security::remove_XSS(stripslashes($row['action_origin'])); $row['action_origin'] = Security::remove_XSS(stripslashes($row['action_origin']));
$row['action_code'] = Security::remove_XSS(stripslashes($row['action_code'])); $row['action_code'] = Security::remove_XSS(stripslashes($row['action_code']));
@ -105,8 +105,6 @@ function getActionInfo($id)
$row['requirements'] = Security::remove_XSS(stripslashes($row['requirements'])); $row['requirements'] = Security::remove_XSS(stripslashes($row['requirements']));
$row['contact_action'] = Security::remove_XSS(stripslashes($row['contact_action'])); $row['contact_action'] = Security::remove_XSS(stripslashes($row['contact_action']));
$row = Database::fetch_assoc($res); $row = Database::fetch_assoc($res);
} else {
$row = false;
} }
return $row; return $row;
} }
@ -116,7 +114,7 @@ function getSpecialtActionInfo($specialtyId)
global $tableSepeSpecialty; global $tableSepeSpecialty;
$sql = "SELECT * FROM $tableSepeSpecialty WHERE id = $specialtyId"; $sql = "SELECT * FROM $tableSepeSpecialty WHERE id = $specialtyId";
$res = Database::query($sql); $res = Database::query($sql);
$aux = array(); $row = false;
if (Database::num_rows($res) > 0) { if (Database::num_rows($res) > 0) {
$row['specialty_origin'] = Security::remove_XSS(stripslashes($row['specialty_origin'])); $row['specialty_origin'] = Security::remove_XSS(stripslashes($row['specialty_origin']));
$row['professional_area'] = Security::remove_XSS(stripslashes($row['professional_area'])); $row['professional_area'] = Security::remove_XSS(stripslashes($row['professional_area']));
@ -125,8 +123,6 @@ function getSpecialtActionInfo($specialtyId)
$row['center_code'] = Security::remove_XSS(stripslashes($row['center_code'])); $row['center_code'] = Security::remove_XSS(stripslashes($row['center_code']));
$row['modality_impartition'] = Security::remove_XSS(stripslashes($row['modality_impartition'])); $row['modality_impartition'] = Security::remove_XSS(stripslashes($row['modality_impartition']));
$row = Database::fetch_assoc($res); $row = Database::fetch_assoc($res);
} else {
$row = false;
} }
return $row; return $row;
} }
@ -139,13 +135,11 @@ function getInfoSpecialtyClassroom($classroomId)
FROM $tableSepeSpecialtyClassroom a LEFT JOIN $tableCenters b ON a.center_id = b.id FROM $tableSepeSpecialtyClassroom a LEFT JOIN $tableCenters b ON a.center_id = b.id
WHERE a.id = $classroomId"; WHERE a.id = $classroomId";
$res = Database::query($sql); $res = Database::query($sql);
$aux = array(); $row = false;
if (Database::num_rows($res) > 0) { if (Database::num_rows($res) > 0) {
$row['center_origin'] = Security::remove_XSS(stripslashes($row['center_origin'])); $row['center_origin'] = Security::remove_XSS(stripslashes($row['center_origin']));
$row['center_code'] = Security::remove_XSS(stripslashes($row['center_code'])); $row['center_code'] = Security::remove_XSS(stripslashes($row['center_code']));
$row = Database::fetch_assoc($res); $row = Database::fetch_assoc($res);
} else {
$row = false;
} }
return $row; return $row;
} }

@ -91,7 +91,7 @@ class WSSESoapServer {
$this->SOAPXPath = new DOMXPath($doc); $this->SOAPXPath = new DOMXPath($doc);
$this->SOAPXPath->registerNamespace('wssoap', $this->soapNS); $this->SOAPXPath->registerNamespace('wssoap', $this->soapNS);
$this->SOAPXPath->registerNamespace('wswsu', WSSESoapServer::WSUNS); $this->SOAPXPath->registerNamespace('wswsu', self::WSUNS);
$wsNamespace = $this->locateSecurityHeader(); $wsNamespace = $this->locateSecurityHeader();
if (!empty($wsNamespace)) { if (!empty($wsNamespace)) {
$this->SOAPXPath->registerNamespace('wswsse', $wsNamespace); $this->SOAPXPath->registerNamespace('wswsse', $wsNamespace);
@ -102,7 +102,7 @@ class WSSESoapServer {
{ {
$objXMLSecDSig = new XMLSecurityDSig(); $objXMLSecDSig = new XMLSecurityDSig();
$objXMLSecDSig->idKeys[] = 'wswsu:Id'; $objXMLSecDSig->idKeys[] = 'wswsu:Id';
$objXMLSecDSig->idNS['wswsu'] = WSSESoapServer::WSUNS; $objXMLSecDSig->idNS['wswsu'] = self::WSUNS;
$objXMLSecDSig->sigNode = $refNode; $objXMLSecDSig->sigNode = $refNode;
/* Canonicalize the signed info */ /* Canonicalize the signed info */

@ -70,9 +70,9 @@ class WSASoap {
$this->soapPFX = $this->envelope->prefix; $this->soapPFX = $this->envelope->prefix;
$this->SOAPXPath = new DOMXPath($doc); $this->SOAPXPath = new DOMXPath($doc);
$this->SOAPXPath->registerNamespace('wssoap', $this->soapNS); $this->SOAPXPath->registerNamespace('wssoap', $this->soapNS);
$this->SOAPXPath->registerNamespace('wswsa', WSASoap::WSANS); $this->SOAPXPath->registerNamespace('wswsa', self::WSANS);
$this->envelope->setAttributeNS("http://www.w3.org/2000/xmlns/", 'xmlns:'.WSASoap::WSAPFX, WSASoap::WSANS); $this->envelope->setAttributeNS("http://www.w3.org/2000/xmlns/", 'xmlns:'.self::WSAPFX, self::WSANS);
$this->locateHeader(); $this->locateHeader();
} }
@ -80,7 +80,7 @@ class WSASoap {
/* Add the WSA Action */ /* Add the WSA Action */
$header = $this->locateHeader(); $header = $this->locateHeader();
$nodeAction = $this->soapDoc->createElementNS(WSASoap::WSANS, WSASoap::WSAPFX.':Action', $action); $nodeAction = $this->soapDoc->createElementNS(self::WSANS, self::SAPFX.':Action', $action);
$header->appendChild($nodeAction); $header->appendChild($nodeAction);
} }
@ -114,7 +114,7 @@ class WSASoap {
$header = $this->locateHeader(); $header = $this->locateHeader();
$nodeID = $this->soapDoc->createElementNS(WSASoap::WSANS, WSASoap::WSAPFX.':MessageID', $id); $nodeID = $this->soapDoc->createElementNS(self::WSANS, self::WSAPFX.':MessageID', $id);
$header->appendChild($nodeID); $header->appendChild($nodeID);
$this->messageID = $id; $this->messageID = $id;
} }
@ -127,13 +127,13 @@ class WSASoap {
/* Add the WSA ReplyTo */ /* Add the WSA ReplyTo */
$header = $this->locateHeader(); $header = $this->locateHeader();
$nodeReply = $this->soapDoc->createElementNS(WSASoap::WSANS, WSASoap::WSAPFX.':ReplyTo'); $nodeReply = $this->soapDoc->createElementNS(self::WSANS, self::WSAPFX.':ReplyTo');
$header->appendChild($nodeReply); $header->appendChild($nodeReply);
if (empty($address)) { if (empty($address)) {
$address = 'http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous'; $address = 'http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous';
} }
$nodeAddress = $this->soapDoc->createElementNS(WSASoap::WSANS, WSASoap::WSAPFX.':Address', $address); $nodeAddress = $this->soapDoc->createElementNS(self::WSANS, self::WSAPFX.':Address', $address);
$nodeReply->appendChild($nodeAddress); $nodeReply->appendChild($nodeAddress);
} }

@ -73,7 +73,7 @@ class WSSESoap {
} }
} }
if (! $secnode) { if (! $secnode) {
$secnode = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Security'); $secnode = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Security');
///if (isset($secnode) && !empty($secnode)) { ///if (isset($secnode) && !empty($secnode)) {
$header->appendChild($secnode); $header->appendChild($secnode);
//} //}
@ -100,7 +100,7 @@ class WSSESoap {
$this->soapPFX = $this->envelope->prefix; $this->soapPFX = $this->envelope->prefix;
$this->SOAPXPath = new DOMXPath($doc); $this->SOAPXPath = new DOMXPath($doc);
$this->SOAPXPath->registerNamespace('wssoap', $this->soapNS); $this->SOAPXPath->registerNamespace('wssoap', $this->soapNS);
$this->SOAPXPath->registerNamespace('wswsse', WSSESoap::WSSENS); $this->SOAPXPath->registerNamespace('wswsse', self::WSSENS);
$this->locateSecurityHeader($bMustUnderstand, $setActor); $this->locateSecurityHeader($bMustUnderstand, $setActor);
} }
@ -108,13 +108,13 @@ class WSSESoap {
/* Add the WSU timestamps */ /* Add the WSU timestamps */
$security = $this->locateSecurityHeader(); $security = $this->locateSecurityHeader();
$timestamp = $this->soapDoc->createElementNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Timestamp'); $timestamp = $this->soapDoc->createElementNS(self::WSUNS, self::WSUPFX.':Timestamp');
$security->insertBefore($timestamp, $security->firstChild); $security->insertBefore($timestamp, $security->firstChild);
$currentTime = time(); $currentTime = time();
$created = $this->soapDoc->createElementNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Created', gmdate("Y-m-d\TH:i:s", $currentTime).'Z'); $created = $this->soapDoc->createElementNS(self::WSUNS, self::WSUPFX.':Created', gmdate("Y-m-d\TH:i:s", $currentTime).'Z');
$timestamp->appendChild($created); $timestamp->appendChild($created);
if (! is_null($secondsToExpire)) { if (! is_null($secondsToExpire)) {
$expire = $this->soapDoc->createElementNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Expires', gmdate("Y-m-d\TH:i:s", $currentTime + $secondsToExpire).'Z'); $expire = $this->soapDoc->createElementNS(self::WSUNS, self::WSUPFX.':Expires', gmdate("Y-m-d\TH:i:s", $currentTime + $secondsToExpire).'Z');
$timestamp->appendChild($expire); $timestamp->appendChild($expire);
} }
} }
@ -126,10 +126,10 @@ class WSSESoap {
$security = $this->locateSecurityHeader(); $security = $this->locateSecurityHeader();
$token = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':UsernameToken'); $token = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':UsernameToken');
$security->insertBefore($token, $security->firstChild); $security->insertBefore($token, $security->firstChild);
$username = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Username', $userName); $username = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Username', $userName);
$token->appendChild($username); $token->appendChild($username);
/* Generate nonce - create a 256 bit session key to be used */ /* Generate nonce - create a 256 bit session key to be used */
@ -139,20 +139,20 @@ class WSSESoap {
$createdate = gmdate("Y-m-d\TH:i:s").'Z'; $createdate = gmdate("Y-m-d\TH:i:s").'Z';
if ($password) { if ($password) {
$passType = WSSESoap::WSUNAME.'#PasswordText'; $passType = self::WSUNAME.'#PasswordText';
if ($passwordDigest) { if ($passwordDigest) {
$password = base64_encode(sha1($nonce.$createdate. $password, true)); $password = base64_encode(sha1($nonce.$createdate. $password, true));
$passType = WSSESoap::WSUNAME.'#PasswordDigest'; $passType = self::WSUNAME.'#PasswordDigest';
} }
$passwordNode = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Password', $password); $passwordNode = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Password', $password);
$token->appendChild($passwordNode); $token->appendChild($passwordNode);
$passwordNode->setAttribute('Type', $passType); $passwordNode->setAttribute('Type', $passType);
} }
$nonceNode = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Nonce', base64_encode($nonce)); $nonceNode = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Nonce', base64_encode($nonce));
$token->appendChild($nonceNode); $token->appendChild($nonceNode);
$created = $this->soapDoc->createElementNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Created', $createdate); $created = $this->soapDoc->createElementNS(self::WSUNS, self::WSUPFX.':Created', $createdate);
$token->appendChild($created); $token->appendChild($created);
} }
@ -160,11 +160,11 @@ class WSSESoap {
$security = $this->locateSecurityHeader(); $security = $this->locateSecurityHeader();
$data = XMLSecurityDSig::get509XCert($cert, $isPEMFormat); $data = XMLSecurityDSig::get509XCert($cert, $isPEMFormat);
$token = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':BinarySecurityToken', $data); $token = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':BinarySecurityToken', $data);
$security->insertBefore($token, $security->firstChild); $security->insertBefore($token, $security->firstChild);
$token->setAttribute('EncodingType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'); $token->setAttribute('EncodingType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary');
$token->setAttributeNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Id', XMLSecurityDSig::generate_GUID()); $token->setAttributeNS(self::WSUNS, self::WSUPFX.':Id', XMLSecurityDSig::generate_GUID());
$token->setAttribute('ValueType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'); $token->setAttribute('ValueType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3');
return $token; return $token;
@ -176,7 +176,7 @@ class WSSESoap {
} }
$objXMLSecDSig = new XMLSecurityDSig(); $objXMLSecDSig = new XMLSecurityDSig();
if ($objDSig = $objXMLSecDSig->locateSignature($this->soapDoc)) { if ($objDSig = $objXMLSecDSig->locateSignature($this->soapDoc)) {
$tokenURI = '#'.$token->getAttributeNS(WSSESoap::WSUNS, "Id"); $tokenURI = '#'.$token->getAttributeNS(self::WSUNS, "Id");
$this->SOAPXPath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $this->SOAPXPath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS);
$query = "./secdsig:KeyInfo"; $query = "./secdsig:KeyInfo";
$nodeset = $this->SOAPXPath->query($query, $objDSig); $nodeset = $this->SOAPXPath->query($query, $objDSig);
@ -186,9 +186,9 @@ class WSSESoap {
$objDSig->appendChild($keyInfo); $objDSig->appendChild($keyInfo);
} }
$tokenRef = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':SecurityTokenReference'); $tokenRef = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':SecurityTokenReference');
$keyInfo->appendChild($tokenRef); $keyInfo->appendChild($tokenRef);
$reference = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Reference'); $reference = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Reference');
$reference->setAttribute("URI", $tokenURI); $reference->setAttribute("URI", $tokenURI);
$tokenRef->appendChild($reference); $tokenRef->appendChild($reference);
} else { } else {
@ -211,7 +211,7 @@ class WSSESoap {
if ($this->signAllHeaders) { if ($this->signAllHeaders) {
foreach ($this->secNode->parentNode->childNodes AS $node) { foreach ($this->secNode->parentNode->childNodes AS $node) {
if (($node->nodeType == XML_ELEMENT_NODE) && if (($node->nodeType == XML_ELEMENT_NODE) &&
($node->namespaceURI != WSSESoap::WSSENS)) { ($node->namespaceURI != self::WSSENS)) {
$arNodes[] = $node; $arNodes[] = $node;
} }
} }
@ -229,7 +229,7 @@ class WSSESoap {
$algorithm = $options["algorithm"]; $algorithm = $options["algorithm"];
} }
$arOptions = array('prefix'=>WSSESoap::WSUPFX, 'prefix_ns'=>WSSESoap::WSUNS); $arOptions = array('prefix'=>self::WSUPFX, 'prefix_ns'=>self::WSUNS);
$objDSig->addReferenceList($arNodes, $algorithm, NULL, $arOptions); $objDSig->addReferenceList($arNodes, $algorithm, NULL, $arOptions);
$objDSig->sign($objKey); $objDSig->sign($objKey);
@ -249,9 +249,9 @@ class WSSESoap {
$objDoc = $sigNode->ownerDocument; $objDoc = $sigNode->ownerDocument;
$keyInfo = $sigNode->ownerDocument->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo'); $keyInfo = $sigNode->ownerDocument->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo');
$sigNode->appendChild($keyInfo); $sigNode->appendChild($keyInfo);
$tokenRef = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX . ':SecurityTokenReference'); $tokenRef = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':SecurityTokenReference');
$keyInfo->appendChild($tokenRef); $keyInfo->appendChild($tokenRef);
$reference = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX . ':KeyIdentifier'); $reference = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':KeyIdentifier');
$reference->setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"); $reference->setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier");
$reference->setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"); $reference->setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
$tokenRef->appendChild($reference); $tokenRef->appendChild($reference);
@ -310,13 +310,13 @@ class WSSESoap {
$objDoc = $encKey->ownerDocument; $objDoc = $encKey->ownerDocument;
$keyInfo = $objDoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'); $keyInfo = $objDoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo');
$encKey->insertBefore($keyInfo, $encMethod); $encKey->insertBefore($keyInfo, $encMethod);
$tokenRef = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':SecurityTokenReference'); $tokenRef = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX.':SecurityTokenReference');
$keyInfo->appendChild($tokenRef); $keyInfo->appendChild($tokenRef);
/* New suff */ /* New suff */
if (is_array($options)) { if (is_array($options)) {
if (! empty($options["KeyInfo"]) ) { if (! empty($options["KeyInfo"]) ) {
if (! empty($options["KeyInfo"]["X509SubjectKeyIdentifier"])) { if (! empty($options["KeyInfo"]["X509SubjectKeyIdentifier"])) {
$reference = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX . ':KeyIdentifier'); $reference = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':KeyIdentifier');
$reference->setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"); $reference->setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier");
$reference->setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"); $reference->setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
$tokenRef->appendChild($reference); $tokenRef->appendChild($reference);
@ -334,8 +334,8 @@ class WSSESoap {
} }
} }
$tokenURI = '#'.$token->getAttributeNS(WSSESoap::WSUNS, "Id"); $tokenURI = '#'.$token->getAttributeNS(self::WSUNS, "Id");
$reference = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Reference'); $reference = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Reference');
$reference->setAttribute("URI", $tokenURI); $reference->setAttribute("URI", $tokenURI);
$tokenRef->appendChild($reference); $tokenRef->appendChild($reference);
@ -365,6 +365,7 @@ class WSSESoap {
public function EncryptBody($siteKey, $objKey, $token) { public function EncryptBody($siteKey, $objKey, $token) {
$enc = new XMLSecEnc(); $enc = new XMLSecEnc();
$node = false;
foreach ($this->envelope->childNodes AS $node) { foreach ($this->envelope->childNodes AS $node) {
if ($node->namespaceURI == $this->soapNS && $node->localName == 'Body') { if ($node->namespaceURI == $this->soapNS && $node->localName == 'Body') {
break; break;

@ -206,35 +206,35 @@ class XMLSecurityKey {
public function __construct($type, $params=NULL) { public function __construct($type, $params=NULL) {
srand(); srand();
switch ($type) { switch ($type) {
case (XMLSecurityKey::TRIPLEDES_CBC): case (self::TRIPLEDES_CBC):
$this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['library'] = 'mcrypt';
$this->cryptParams['cipher'] = MCRYPT_TRIPLEDES; $this->cryptParams['cipher'] = MCRYPT_TRIPLEDES;
$this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['mode'] = MCRYPT_MODE_CBC;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc';
$this->cryptParams['keysize'] = 24; $this->cryptParams['keysize'] = 24;
break; break;
case (XMLSecurityKey::AES128_CBC): case (self::AES128_CBC):
$this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['library'] = 'mcrypt';
$this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128; $this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128;
$this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['mode'] = MCRYPT_MODE_CBC;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc';
$this->cryptParams['keysize'] = 16; $this->cryptParams['keysize'] = 16;
break; break;
case (XMLSecurityKey::AES192_CBC): case (self::AES192_CBC):
$this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['library'] = 'mcrypt';
$this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128; $this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128;
$this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['mode'] = MCRYPT_MODE_CBC;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc';
$this->cryptParams['keysize'] = 24; $this->cryptParams['keysize'] = 24;
break; break;
case (XMLSecurityKey::AES256_CBC): case (self::AES256_CBC):
$this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['library'] = 'mcrypt';
$this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128; $this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128;
$this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['mode'] = MCRYPT_MODE_CBC;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc';
$this->cryptParams['keysize'] = 32; $this->cryptParams['keysize'] = 32;
break; break;
case (XMLSecurityKey::RSA_1_5): case (self::RSA_1_5):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5';
@ -246,7 +246,7 @@ class XMLSecurityKey {
} }
throw new Exception('Certificate "type" (private/public) must be passed via parameters'); throw new Exception('Certificate "type" (private/public) must be passed via parameters');
return; return;
case (XMLSecurityKey::RSA_OAEP_MGF1P): case (self::RSA_OAEP_MGF1P):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['padding'] = OPENSSL_PKCS1_OAEP_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_OAEP_PADDING;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p';
@ -259,7 +259,7 @@ class XMLSecurityKey {
} }
throw new Exception('Certificate "type" (private/public) must be passed via parameters'); throw new Exception('Certificate "type" (private/public) must be passed via parameters');
return; return;
case (XMLSecurityKey::RSA_SHA1): case (self::RSA_SHA1):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['method'] = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; $this->cryptParams['method'] = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
@ -271,7 +271,7 @@ class XMLSecurityKey {
} }
throw new Exception('Certificate "type" (private/public) must be passed via parameters'); throw new Exception('Certificate "type" (private/public) must be passed via parameters');
break; break;
case (XMLSecurityKey::RSA_SHA256): case (self::RSA_SHA256):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
@ -284,7 +284,7 @@ class XMLSecurityKey {
} }
throw new Exception('Certificate "type" (private/public) must be passed via parameters'); throw new Exception('Certificate "type" (private/public) must be passed via parameters');
break; break;
case (XMLSecurityKey::RSA_SHA384): case (self::RSA_SHA384):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
@ -295,7 +295,7 @@ class XMLSecurityKey {
break; break;
} }
} }
case (XMLSecurityKey::RSA_SHA512): case (self::RSA_SHA512):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
@ -342,7 +342,7 @@ class XMLSecurityKey {
$key = mcrypt_create_iv($keysize, MCRYPT_RAND); $key = mcrypt_create_iv($keysize, MCRYPT_RAND);
} }
if ($this->type === XMLSecurityKey::TRIPLEDES_CBC) { if ($this->type === self::TRIPLEDES_CBC) {
/* Make sure that the generated key has the proper parity bits set. /* Make sure that the generated key has the proper parity bits set.
* Mcrypt doesn't care about the parity bits, but others may care. * Mcrypt doesn't care about the parity bits, but others may care.
*/ */
@ -416,12 +416,12 @@ class XMLSecurityKey {
} else if ($this->cryptParams['cipher'] == MCRYPT_RIJNDAEL_128) { } else if ($this->cryptParams['cipher'] == MCRYPT_RIJNDAEL_128) {
/* Check key length */ /* Check key length */
switch ($this->type) { switch ($this->type) {
case (XMLSecurityKey::AES256_CBC): case (self::AES256_CBC):
if (strlen($this->key) < 25) { if (strlen($this->key) < 25) {
throw new Exception('Key must contain at least 25 characters for this cipher'); throw new Exception('Key must contain at least 25 characters for this cipher');
} }
break; break;
case (XMLSecurityKey::AES192_CBC): case (self::AES192_CBC):
if (strlen($this->key) < 17) { if (strlen($this->key) < 17) {
throw new Exception('Key must contain at least 17 characters for this cipher'); throw new Exception('Key must contain at least 17 characters for this cipher');
} }
@ -586,12 +586,12 @@ class XMLSecurityKey {
/* Modulus and Exponent must already be base64 decoded */ /* Modulus and Exponent must already be base64 decoded */
static function convertRSA($modulus, $exponent) { static function convertRSA($modulus, $exponent) {
/* make an ASN publicKeyInfo */ /* make an ASN publicKeyInfo */
$exponentEncoding = XMLSecurityKey::makeAsnSegment(0x02, $exponent); $exponentEncoding = self::makeAsnSegment(0x02, $exponent);
$modulusEncoding = XMLSecurityKey::makeAsnSegment(0x02, $modulus); $modulusEncoding = self::makeAsnSegment(0x02, $modulus);
$sequenceEncoding = XMLSecurityKey:: makeAsnSegment(0x30, $modulusEncoding.$exponentEncoding); $sequenceEncoding = self:: makeAsnSegment(0x30, $modulusEncoding.$exponentEncoding);
$bitstringEncoding = XMLSecurityKey::makeAsnSegment(0x03, $sequenceEncoding); $bitstringEncoding = self::makeAsnSegment(0x03, $sequenceEncoding);
$rsaAlgorithmIdentifier = pack("H*", "300D06092A864886F70D0101010500"); $rsaAlgorithmIdentifier = pack("H*", "300D06092A864886F70D0101010500");
$publicKeyInfo = XMLSecurityKey::makeAsnSegment (0x30, $rsaAlgorithmIdentifier.$bitstringEncoding); $publicKeyInfo = self::makeAsnSegment (0x30, $rsaAlgorithmIdentifier.$bitstringEncoding);
/* encode the publicKeyInfo in base64 and add PEM brackets */ /* encode the publicKeyInfo in base64 and add PEM brackets */
$publicKeyInfoBase64 = base64_encode($publicKeyInfo); $publicKeyInfoBase64 = base64_encode($publicKeyInfo);
@ -638,6 +638,7 @@ class XMLSecurityKey {
* *
* @param DOMElement $element The EncryptedKey-element. * @param DOMElement $element The EncryptedKey-element.
* @return XMLSecurityKey The new key. * @return XMLSecurityKey The new key.
* @throws Exception
*/ */
public static function fromEncryptedKeyElement(DOMElement $element) { public static function fromEncryptedKeyElement(DOMElement $element) {
@ -687,7 +688,7 @@ class XMLSecurityDSig {
public function __construct() { public function __construct() {
$sigdoc = new DOMDocument(); $sigdoc = new DOMDocument();
$sigdoc->loadXML(XMLSecurityDSig::template); $sigdoc->loadXML(self::template);
$this->sigNode = $sigdoc->documentElement; $this->sigNode = $sigdoc->documentElement;
} }
@ -698,7 +699,7 @@ class XMLSecurityDSig {
private function getXPathObj() { private function getXPathObj() {
if (empty($this->xPathCtx) && ! empty($this->sigNode)) { if (empty($this->xPathCtx) && ! empty($this->sigNode)) {
$xpath = new DOMXPath($this->sigNode->ownerDocument); $xpath = new DOMXPath($this->sigNode->ownerDocument);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$this->xPathCtx = $xpath; $this->xPathCtx = $xpath;
} }
return $this->xPathCtx; return $this->xPathCtx;
@ -722,7 +723,7 @@ class XMLSecurityDSig {
} }
if ($doc) { if ($doc) {
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = ".//secdsig:Signature"; $query = ".//secdsig:Signature";
$nodeset = $xpath->query($query, $objDoc); $nodeset = $xpath->query($query, $objDoc);
$this->sigNode = $nodeset->item(0); $this->sigNode = $nodeset->item(0);
@ -734,9 +735,9 @@ class XMLSecurityDSig {
public function createNewSignNode($name, $value=NULL) { public function createNewSignNode($name, $value=NULL) {
$doc = $this->sigNode->ownerDocument; $doc = $this->sigNode->ownerDocument;
if (! is_null($value)) { if (! is_null($value)) {
$node = $doc->createElementNS(XMLSecurityDSig::XMLDSIGNS, $this->prefix.':'.$name, $value); $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.':'.$name, $value);
} else { } else {
$node = $doc->createElementNS(XMLSecurityDSig::XMLDSIGNS, $this->prefix.':'.$name); $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.':'.$name);
} }
return $node; return $node;
} }
@ -820,19 +821,19 @@ class XMLSecurityDSig {
public function calculateDigest ($digestAlgorithm, $data) { public function calculateDigest ($digestAlgorithm, $data) {
switch ($digestAlgorithm) { switch ($digestAlgorithm) {
case XMLSecurityDSig::SHA1: case self::SHA1:
$alg = 'sha1'; $alg = 'sha1';
break; break;
case XMLSecurityDSig::SHA256: case self::SHA256:
$alg = 'sha256'; $alg = 'sha256';
break; break;
case XMLSecurityDSig::SHA384: case self::SHA384:
$alg = 'sha384'; $alg = 'sha384';
break; break;
case XMLSecurityDSig::SHA512: case self::SHA512:
$alg = 'sha512'; $alg = 'sha512';
break; break;
case XMLSecurityDSig::RIPEMD160: case self::RIPEMD160:
$alg = 'ripemd160'; $alg = 'ripemd160';
break; break;
default: default:
@ -852,7 +853,7 @@ class XMLSecurityDSig {
public function validateDigest($refNode, $data) { public function validateDigest($refNode, $data) {
$xpath = new DOMXPath($refNode->ownerDocument); $xpath = new DOMXPath($refNode->ownerDocument);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = 'string(./secdsig:DigestMethod/@Algorithm)'; $query = 'string(./secdsig:DigestMethod/@Algorithm)';
$digestAlgorithm = $xpath->evaluate($query, $refNode); $digestAlgorithm = $xpath->evaluate($query, $refNode);
$digValue = $this->calculateDigest($digestAlgorithm, $data); $digValue = $this->calculateDigest($digestAlgorithm, $data);
@ -864,7 +865,7 @@ class XMLSecurityDSig {
public function processTransforms($refNode, $objData, $includeCommentNodes = TRUE) { public function processTransforms($refNode, $objData, $includeCommentNodes = TRUE) {
$data = $objData; $data = $objData;
$xpath = new DOMXPath($refNode->ownerDocument); $xpath = new DOMXPath($refNode->ownerDocument);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = './secdsig:Transforms/secdsig:Transform'; $query = './secdsig:Transforms/secdsig:Transform';
$nodelist = $xpath->query($query, $refNode); $nodelist = $xpath->query($query, $refNode);
$canonicalMethod = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; $canonicalMethod = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315';
@ -874,8 +875,8 @@ class XMLSecurityDSig {
$algorithm = $transform->getAttribute("Algorithm"); $algorithm = $transform->getAttribute("Algorithm");
switch ($algorithm) { switch ($algorithm) {
case 'http://www.w3.org/2001/10/xml-exc-c14n#': case 'http://www.w3.org/2001/10/xml-exc-c14n#':
// no break
case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments': case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments':
if(!$includeCommentNodes) { if(!$includeCommentNodes) {
/* We remove comment nodes by forcing it to use a canonicalization /* We remove comment nodes by forcing it to use a canonicalization
* without comments. * without comments.
@ -1090,7 +1091,7 @@ class XMLSecurityDSig {
$uri = $node->getAttributeNS($prefix_ns, $id_name); $uri = $node->getAttributeNS($prefix_ns, $id_name);
} }
if (empty($uri)) { if (empty($uri)) {
$uri = XMLSecurityDSig::generate_GUID(); $uri = self::generate_GUID();
$node->setAttributeNS($prefix_ns, $attname, $uri); $node->setAttributeNS($prefix_ns, $attname, $uri);
} }
$refNode->setAttribute("URI", '#'.$uri); $refNode->setAttribute("URI", '#'.$uri);
@ -1188,7 +1189,7 @@ class XMLSecurityDSig {
} }
if ($doc = $node->ownerDocument) { if ($doc = $node->ownerDocument) {
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = "string(./secdsig:SignedInfo/secdsig:SignatureMethod/@Algorithm)"; $query = "string(./secdsig:SignedInfo/secdsig:SignatureMethod/@Algorithm)";
$algorithm = $xpath->evaluate($query, $node); $algorithm = $xpath->evaluate($query, $node);
if ($algorithm) { if ($algorithm) {
@ -1206,7 +1207,7 @@ class XMLSecurityDSig {
public function verify($objKey) { public function verify($objKey) {
$doc = $this->sigNode->ownerDocument; $doc = $this->sigNode->ownerDocument;
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = "string(./secdsig:SignatureValue)"; $query = "string(./secdsig:SignatureValue)";
$sigValue = $xpath->evaluate($query, $this->sigNode); $sigValue = $xpath->evaluate($query, $this->sigNode);
@ -1290,7 +1291,7 @@ class XMLSecurityDSig {
} }
static function get509XCert($cert, $isPEMFormat=TRUE) { static function get509XCert($cert, $isPEMFormat=TRUE) {
$certs = XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat); $certs = self::staticGet509XCerts($cert, $isPEMFormat);
if (! empty($certs)) { if (! empty($certs)) {
return $certs[0]; return $certs[0];
} }
@ -1335,7 +1336,7 @@ class XMLSecurityDSig {
if (empty($xpath)) { if (empty($xpath)) {
$xpath = new DOMXPath($parentRef->ownerDocument); $xpath = new DOMXPath($parentRef->ownerDocument);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
} }
$query = "./secdsig:KeyInfo"; $query = "./secdsig:KeyInfo";
@ -1343,7 +1344,7 @@ class XMLSecurityDSig {
$keyInfo = $nodeset->item(0); $keyInfo = $nodeset->item(0);
if (! $keyInfo) { if (! $keyInfo) {
$inserted = FALSE; $inserted = FALSE;
$keyInfo = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo'); $keyInfo = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:KeyInfo');
$query = "./secdsig:Object"; $query = "./secdsig:Object";
$nodeset = $xpath->query($query, $parentRef); $nodeset = $xpath->query($query, $parentRef);
@ -1358,10 +1359,10 @@ class XMLSecurityDSig {
} }
// Add all certs if there are more than one // Add all certs if there are more than one
$certs = XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat); $certs = self::staticGet509XCerts($cert, $isPEMFormat);
// Attach X509 data node // Attach X509 data node
$x509DataNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509Data'); $x509DataNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509Data');
$keyInfo->appendChild($x509DataNode); $keyInfo->appendChild($x509DataNode);
$issuerSerial = FALSE; $issuerSerial = FALSE;
@ -1380,25 +1381,25 @@ class XMLSecurityDSig {
if (is_array($certData['issuer'])) { if (is_array($certData['issuer'])) {
$parts = array(); $parts = array();
foreach ($certData['issuer'] AS $key => $value) { foreach ($certData['issuer'] AS $key => $value) {
array_unshift($parts, "$key=$value" . $issuer); array_unshift($parts, "$key=$value");
} }
$issuerName = implode(',', $parts); $issuerName = implode(',', $parts);
} else { } else {
$issuerName = $certData['issuer']; $issuerName = $certData['issuer'];
} }
$x509IssuerNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509IssuerSerial'); $x509IssuerNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509IssuerSerial');
$x509DataNode->appendChild($x509IssuerNode); $x509DataNode->appendChild($x509IssuerNode);
$x509Node = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509IssuerName', $issuerName); $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509IssuerName', $issuerName);
$x509IssuerNode->appendChild($x509Node); $x509IssuerNode->appendChild($x509Node);
$x509Node = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509SerialNumber', $certData['serialNumber']); $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509SerialNumber', $certData['serialNumber']);
$x509IssuerNode->appendChild($x509Node); $x509IssuerNode->appendChild($x509Node);
} }
} }
} }
$x509CertNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509Certificate', $X509Cert); $x509CertNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509Certificate', $X509Cert);
$x509DataNode->appendChild($x509CertNode); $x509DataNode->appendChild($x509CertNode);
} }
} }
@ -1446,7 +1447,7 @@ class XMLSecEnc {
private function _resetTemplate(){ private function _resetTemplate(){
$this->encdoc = new DOMDocument(); $this->encdoc = new DOMDocument();
$this->encdoc->loadXML(XMLSecEnc::template); $this->encdoc->loadXML(self::template);
} }
public function addReference($name, $node, $type) { public function addReference($name, $node, $type) {
@ -1490,23 +1491,23 @@ class XMLSecEnc {
throw new Exception('Error locating CipherValue element within template'); throw new Exception('Error locating CipherValue element within template');
} }
switch ($this->type) { switch ($this->type) {
case (XMLSecEnc::Element): case (self::Element):
$data = $doc->saveXML($this->rawNode); $data = $doc->saveXML($this->rawNode);
$this->encdoc->documentElement->setAttribute('Type', XMLSecEnc::Element); $this->encdoc->documentElement->setAttribute('Type', self::Element);
break; break;
case (XMLSecEnc::Content): case (self::Content):
$children = $this->rawNode->childNodes; $children = $this->rawNode->childNodes;
foreach ($children AS $child) { foreach ($children AS $child) {
$data .= $doc->saveXML($child); $data .= $doc->saveXML($child);
} }
$this->encdoc->documentElement->setAttribute('Type', XMLSecEnc::Content); $this->encdoc->documentElement->setAttribute('Type', self::Content);
break; break;
default: default:
throw new Exception('Type is currently not supported'); throw new Exception('Type is currently not supported');
return; return;
} }
$encMethod = $this->encdoc->documentElement->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:EncryptionMethod')); $encMethod = $this->encdoc->documentElement->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptionMethod'));
$encMethod->setAttribute('Algorithm', $objKey->getAlgorith()); $encMethod->setAttribute('Algorithm', $objKey->getAlgorith());
$cipherValue->parentNode->parentNode->insertBefore($encMethod, $cipherValue->parentNode->parentNode->firstChild); $cipherValue->parentNode->parentNode->insertBefore($encMethod, $cipherValue->parentNode->parentNode->firstChild);
@ -1516,7 +1517,7 @@ class XMLSecEnc {
if ($replace) { if ($replace) {
switch ($this->type) { switch ($this->type) {
case (XMLSecEnc::Element): case (self::Element):
if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) {
return $this->encdoc; return $this->encdoc;
} }
@ -1524,7 +1525,7 @@ class XMLSecEnc {
$this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode); $this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode);
return $importEnc; return $importEnc;
break; break;
case (XMLSecEnc::Content): case (self::Content):
$importEnc = $this->rawNode->ownerDocument->importNode($this->encdoc->documentElement, TRUE); $importEnc = $this->rawNode->ownerDocument->importNode($this->encdoc->documentElement, TRUE);
while($this->rawNode->firstChild) { while($this->rawNode->firstChild) {
$this->rawNode->removeChild($this->rawNode->firstChild); $this->rawNode->removeChild($this->rawNode->firstChild);
@ -1562,6 +1563,7 @@ class XMLSecEnc {
* Retrieve the CipherValue text from this encrypted node. * Retrieve the CipherValue text from this encrypted node.
* *
* @return string|NULL The Ciphervalue text, or NULL if no CipherValue is found. * @return string|NULL The Ciphervalue text, or NULL if no CipherValue is found.
* @throws Exception
*/ */
public function getCipherValue() { public function getCipherValue() {
if (empty($this->rawNode)) { if (empty($this->rawNode)) {
@ -1570,7 +1572,7 @@ class XMLSecEnc {
$doc = $this->rawNode->ownerDocument; $doc = $this->rawNode->ownerDocument;
$xPath = new DOMXPath($doc); $xPath = new DOMXPath($doc);
$xPath->registerNamespace('xmlencr', XMLSecEnc::XMLENCNS); $xPath->registerNamespace('xmlencr', self::XMLENCNS);
/* Only handles embedded content right now and not a reference */ /* Only handles embedded content right now and not a reference */
$query = "./xmlencr:CipherData/xmlencr:CipherValue"; $query = "./xmlencr:CipherData/xmlencr:CipherValue";
$nodeset = $xPath->query($query, $this->rawNode); $nodeset = $xPath->query($query, $this->rawNode);
@ -1594,6 +1596,7 @@ class XMLSecEnc {
* @params XMLSecurityKey $objKey The decryption key that should be used when decrypting the node. * @params XMLSecurityKey $objKey The decryption key that should be used when decrypting the node.
* @params boolean $replace Whether we should replace the encrypted node in the XML document with the decrypted data. The default is TRUE. * @params boolean $replace Whether we should replace the encrypted node in the XML document with the decrypted data. The default is TRUE.
* @return string|DOMElement The decrypted data. * @return string|DOMElement The decrypted data.
* @throws Exception
*/ */
public function decryptNode($objKey, $replace=TRUE) { public function decryptNode($objKey, $replace=TRUE) {
if (! $objKey instanceof XMLSecurityKey) { if (! $objKey instanceof XMLSecurityKey) {
@ -1605,7 +1608,7 @@ class XMLSecEnc {
$decrypted = $objKey->decryptData($encryptedData); $decrypted = $objKey->decryptData($encryptedData);
if ($replace) { if ($replace) {
switch ($this->type) { switch ($this->type) {
case (XMLSecEnc::Element): case (self::Element):
$newdoc = new DOMDocument(); $newdoc = new DOMDocument();
$newdoc->loadXML($decrypted); $newdoc->loadXML($decrypted);
if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) {
@ -1615,7 +1618,7 @@ class XMLSecEnc {
$this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode); $this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode);
return $importEnc; return $importEnc;
break; break;
case (XMLSecEnc::Content): case (self::Content):
if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) {
$doc = $this->rawNode; $doc = $this->rawNode;
} else { } else {
@ -1644,26 +1647,26 @@ class XMLSecEnc {
} }
$strEncKey = base64_encode($srcKey->encryptData($rawKey->key)); $strEncKey = base64_encode($srcKey->encryptData($rawKey->key));
$root = $this->encdoc->documentElement; $root = $this->encdoc->documentElement;
$encKey = $this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:EncryptedKey'); $encKey = $this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptedKey');
if ($append) { if ($append) {
$keyInfo = $root->insertBefore($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'), $root->firstChild); $keyInfo = $root->insertBefore($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'), $root->firstChild);
$keyInfo->appendChild($encKey); $keyInfo->appendChild($encKey);
} else { } else {
$this->encKey = $encKey; $this->encKey = $encKey;
} }
$encMethod = $encKey->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:EncryptionMethod')); $encMethod = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptionMethod'));
$encMethod->setAttribute('Algorithm', $srcKey->getAlgorith()); $encMethod->setAttribute('Algorithm', $srcKey->getAlgorith());
if (! empty($srcKey->name)) { if (! empty($srcKey->name)) {
$keyInfo = $encKey->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo')); $keyInfo = $encKey->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'));
$keyInfo->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyName', $srcKey->name)); $keyInfo->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyName', $srcKey->name));
} }
$cipherData = $encKey->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:CipherData')); $cipherData = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:CipherData'));
$cipherData->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:CipherValue', $strEncKey)); $cipherData->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:CipherValue', $strEncKey));
if (is_array($this->references) && count($this->references) > 0) { if (is_array($this->references) && count($this->references) > 0) {
$refList = $encKey->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:ReferenceList')); $refList = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:ReferenceList'));
foreach ($this->references AS $name=>$reference) { foreach ($this->references AS $name=>$reference) {
$refuri = $reference["refuri"]; $refuri = $reference["refuri"];
$dataRef = $refList->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:DataReference')); $dataRef = $refList->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:DataReference'));
$dataRef->setAttribute("URI", '#' . $refuri); $dataRef->setAttribute("URI", '#' . $refuri);
} }
} }
@ -1688,7 +1691,7 @@ class XMLSecEnc {
} }
if ($doc) { if ($doc) {
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$query = "//*[local-name()='EncryptedData' and namespace-uri()='".XMLSecEnc::XMLENCNS."']"; $query = "//*[local-name()='EncryptedData' and namespace-uri()='".self::XMLENCNS."']";
$nodeset = $xpath->query($query); $nodeset = $xpath->query($query);
return $nodeset->item(0); return $nodeset->item(0);
} }
@ -1704,7 +1707,7 @@ class XMLSecEnc {
} }
if ($doc = $node->ownerDocument) { if ($doc = $node->ownerDocument) {
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('xmlsecenc', XMLSecEnc::XMLENCNS); $xpath->registerNamespace('xmlsecenc', self::XMLENCNS);
$query = ".//xmlsecenc:EncryptionMethod"; $query = ".//xmlsecenc:EncryptionMethod";
$nodeset = $xpath->query($query, $node); $nodeset = $xpath->query($query, $node);
if ($encmeth = $nodeset->item(0)) { if ($encmeth = $nodeset->item(0)) {
@ -1730,7 +1733,7 @@ class XMLSecEnc {
} }
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('xmlsecenc', XMLSecEnc::XMLENCNS); $xpath->registerNamespace('xmlsecenc', self::XMLENCNS);
$xpath->registerNamespace('xmlsecdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('xmlsecdsig', XMLSecurityDSig::XMLDSIGNS);
$query = "./xmlsecdsig:KeyInfo"; $query = "./xmlsecdsig:KeyInfo";
$nodeset = $xpath->query($query, $node); $nodeset = $xpath->query($query, $node);
@ -1812,6 +1815,6 @@ class XMLSecEnc {
if (empty($node)) { if (empty($node)) {
$node = $this->rawNode; $node = $this->rawNode;
} }
return XMLSecEnc::staticLocateKeyInfo($objBaseKey, $node); return self::staticLocateKeyInfo($objBaseKey, $node);
} }
} }

@ -750,7 +750,7 @@ class Sepe
$sql = "SELECT * FROM $classRoomTable $sql = "SELECT * FROM $classRoomTable
WHERE specialty_id='" . $specialtyId . "'"; WHERE specialty_id='" . $specialtyId . "'";
$resultClassroom = Database::query($sql); $resultClassroom = Database::query($sql);
if (Database::num_rows($resultClassroom) == false) { if (Database::num_rows($resultClassroom) === 0) {
return array( return array(
"RESPUESTA_OBT_ACCION" => array( "RESPUESTA_OBT_ACCION" => array(
"CODIGO_RETORNO" => "-1", "CODIGO_RETORNO" => "-1",

Loading…
Cancel
Save