chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Code style improvements to SEPE plugin

Browse Source
remotes/angel/1.11.x
Yannick Warnier 8 years ago
parent fb698c853d
commit 14d85f2200
6 changed files with 106 additions and 108 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      plugin/sepe/src/sepe.lib.php
  2. 4
      plugin/sepe/src/wsse/soap-server-wsse.php
  3. 12
      plugin/sepe/src/wsse/soap-wsa.php
  4. 51
      plugin/sepe/src/wsse/soap-wsse.php
  5. 133
      plugin/sepe/src/wsse/xmlseclibs.php
  6. 2
      plugin/sepe/ws/Sepe.php

12
plugin/sepe/src/sepe.lib.php
Unescape View File

@ -89,7 +89,7 @@ function getActionInfo($id)
global $tableSepeActions; global $tableSepeActions;
$sql = "SELECT * FROM $tableSepeActions WHERE id = $id"; $sql = "SELECT * FROM $tableSepeActions WHERE id = $id";
$res = Database::query($sql); $res = Database::query($sql);
$aux = array(); $row = false;
if (Database::num_rows($res) > 0) { if (Database::num_rows($res) > 0) {
$row['action_origin'] = Security::remove_XSS(stripslashes($row['action_origin'])); $row['action_origin'] = Security::remove_XSS(stripslashes($row['action_origin']));
$row['action_code'] = Security::remove_XSS(stripslashes($row['action_code'])); $row['action_code'] = Security::remove_XSS(stripslashes($row['action_code']));
@ -105,8 +105,6 @@ function getActionInfo($id)
$row['requirements'] = Security::remove_XSS(stripslashes($row['requirements'])); $row['requirements'] = Security::remove_XSS(stripslashes($row['requirements']));
$row['contact_action'] = Security::remove_XSS(stripslashes($row['contact_action'])); $row['contact_action'] = Security::remove_XSS(stripslashes($row['contact_action']));
$row = Database::fetch_assoc($res); $row = Database::fetch_assoc($res);
} else {
$row = false;
} }
return $row; return $row;
} }
@ -116,7 +114,7 @@ function getSpecialtActionInfo($specialtyId)
global $tableSepeSpecialty; global $tableSepeSpecialty;
$sql = "SELECT * FROM $tableSepeSpecialty WHERE id = $specialtyId"; $sql = "SELECT * FROM $tableSepeSpecialty WHERE id = $specialtyId";
$res = Database::query($sql); $res = Database::query($sql);
$aux = array(); $row = false;
if (Database::num_rows($res) > 0) { if (Database::num_rows($res) > 0) {
$row['specialty_origin'] = Security::remove_XSS(stripslashes($row['specialty_origin'])); $row['specialty_origin'] = Security::remove_XSS(stripslashes($row['specialty_origin']));
$row['professional_area'] = Security::remove_XSS(stripslashes($row['professional_area'])); $row['professional_area'] = Security::remove_XSS(stripslashes($row['professional_area']));
@ -125,8 +123,6 @@ function getSpecialtActionInfo($specialtyId)
$row['center_code'] = Security::remove_XSS(stripslashes($row['center_code'])); $row['center_code'] = Security::remove_XSS(stripslashes($row['center_code']));
$row['modality_impartition'] = Security::remove_XSS(stripslashes($row['modality_impartition'])); $row['modality_impartition'] = Security::remove_XSS(stripslashes($row['modality_impartition']));
$row = Database::fetch_assoc($res); $row = Database::fetch_assoc($res);
} else {
$row = false;
} }
return $row; return $row;
} }
@ -139,13 +135,11 @@ function getInfoSpecialtyClassroom($classroomId)
FROM $tableSepeSpecialtyClassroom a LEFT JOIN $tableCenters b ON a.center_id = b.id FROM $tableSepeSpecialtyClassroom a LEFT JOIN $tableCenters b ON a.center_id = b.id
WHERE a.id = $classroomId"; WHERE a.id = $classroomId";
$res = Database::query($sql); $res = Database::query($sql);
$aux = array(); $row = false;
if (Database::num_rows($res) > 0) { if (Database::num_rows($res) > 0) {
$row['center_origin'] = Security::remove_XSS(stripslashes($row['center_origin'])); $row['center_origin'] = Security::remove_XSS(stripslashes($row['center_origin']));
$row['center_code'] = Security::remove_XSS(stripslashes($row['center_code'])); $row['center_code'] = Security::remove_XSS(stripslashes($row['center_code']));
$row = Database::fetch_assoc($res); $row = Database::fetch_assoc($res);
} else {
$row = false;
} }
return $row; return $row;
} }

4
plugin/sepe/src/wsse/soap-server-wsse.php
Unescape View File

@ -91,7 +91,7 @@ class WSSESoapServer {
$this->SOAPXPath = new DOMXPath($doc); $this->SOAPXPath = new DOMXPath($doc);
$this->SOAPXPath->registerNamespace('wssoap', $this->soapNS); $this->SOAPXPath->registerNamespace('wssoap', $this->soapNS);
$this->SOAPXPath->registerNamespace('wswsu', WSSESoapServer::WSUNS); $this->SOAPXPath->registerNamespace('wswsu', self::WSUNS);
$wsNamespace = $this->locateSecurityHeader(); $wsNamespace = $this->locateSecurityHeader();
if (!empty($wsNamespace)) { if (!empty($wsNamespace)) {
$this->SOAPXPath->registerNamespace('wswsse', $wsNamespace); $this->SOAPXPath->registerNamespace('wswsse', $wsNamespace);
@ -102,7 +102,7 @@ class WSSESoapServer {
{ {
$objXMLSecDSig = new XMLSecurityDSig(); $objXMLSecDSig = new XMLSecurityDSig();
$objXMLSecDSig->idKeys[] = 'wswsu:Id'; $objXMLSecDSig->idKeys[] = 'wswsu:Id';
$objXMLSecDSig->idNS['wswsu'] = WSSESoapServer::WSUNS; $objXMLSecDSig->idNS['wswsu'] = self::WSUNS;
$objXMLSecDSig->sigNode = $refNode; $objXMLSecDSig->sigNode = $refNode;
/* Canonicalize the signed info */ /* Canonicalize the signed info */

12
plugin/sepe/src/wsse/soap-wsa.php
Unescape View File

@ -70,9 +70,9 @@ class WSASoap {
$this->soapPFX = $this->envelope->prefix; $this->soapPFX = $this->envelope->prefix;
$this->SOAPXPath = new DOMXPath($doc); $this->SOAPXPath = new DOMXPath($doc);
$this->SOAPXPath->registerNamespace('wssoap', $this->soapNS); $this->SOAPXPath->registerNamespace('wssoap', $this->soapNS);
$this->SOAPXPath->registerNamespace('wswsa', WSASoap::WSANS); $this->SOAPXPath->registerNamespace('wswsa', self::WSANS);
$this->envelope->setAttributeNS("http://www.w3.org/2000/xmlns/", 'xmlns:'.WSASoap::WSAPFX, WSASoap::WSANS); $this->envelope->setAttributeNS("http://www.w3.org/2000/xmlns/", 'xmlns:'.self::WSAPFX, self::WSANS);
$this->locateHeader(); $this->locateHeader();
} }
@ -80,7 +80,7 @@ class WSASoap {
/* Add the WSA Action */ /* Add the WSA Action */
$header = $this->locateHeader(); $header = $this->locateHeader();
$nodeAction = $this->soapDoc->createElementNS(WSASoap::WSANS, WSASoap::WSAPFX.':Action', $action); $nodeAction = $this->soapDoc->createElementNS(self::WSANS, self::SAPFX.':Action', $action);
$header->appendChild($nodeAction); $header->appendChild($nodeAction);
} }
@ -114,7 +114,7 @@ class WSASoap {
$header = $this->locateHeader(); $header = $this->locateHeader();
$nodeID = $this->soapDoc->createElementNS(WSASoap::WSANS, WSASoap::WSAPFX.':MessageID', $id); $nodeID = $this->soapDoc->createElementNS(self::WSANS, self::WSAPFX.':MessageID', $id);
$header->appendChild($nodeID); $header->appendChild($nodeID);
$this->messageID = $id; $this->messageID = $id;
} }
@ -127,13 +127,13 @@ class WSASoap {
/* Add the WSA ReplyTo */ /* Add the WSA ReplyTo */
$header = $this->locateHeader(); $header = $this->locateHeader();
$nodeReply = $this->soapDoc->createElementNS(WSASoap::WSANS, WSASoap::WSAPFX.':ReplyTo'); $nodeReply = $this->soapDoc->createElementNS(self::WSANS, self::WSAPFX.':ReplyTo');
$header->appendChild($nodeReply); $header->appendChild($nodeReply);
if (empty($address)) { if (empty($address)) {
$address = 'http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous'; $address = 'http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous';
} }
$nodeAddress = $this->soapDoc->createElementNS(WSASoap::WSANS, WSASoap::WSAPFX.':Address', $address); $nodeAddress = $this->soapDoc->createElementNS(self::WSANS, self::WSAPFX.':Address', $address);
$nodeReply->appendChild($nodeAddress); $nodeReply->appendChild($nodeAddress);
} }

51
plugin/sepe/src/wsse/soap-wsse.php
Unescape View File

@ -73,7 +73,7 @@ class WSSESoap {
} }
} }
if (! $secnode) { if (! $secnode) {
$secnode = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Security'); $secnode = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Security');
///if (isset($secnode) && !empty($secnode)) { ///if (isset($secnode) && !empty($secnode)) {
$header->appendChild($secnode); $header->appendChild($secnode);
//} //}
@ -100,7 +100,7 @@ class WSSESoap {
$this->soapPFX = $this->envelope->prefix; $this->soapPFX = $this->envelope->prefix;
$this->SOAPXPath = new DOMXPath($doc); $this->SOAPXPath = new DOMXPath($doc);
$this->SOAPXPath->registerNamespace('wssoap', $this->soapNS); $this->SOAPXPath->registerNamespace('wssoap', $this->soapNS);
$this->SOAPXPath->registerNamespace('wswsse', WSSESoap::WSSENS); $this->SOAPXPath->registerNamespace('wswsse', self::WSSENS);
$this->locateSecurityHeader($bMustUnderstand, $setActor); $this->locateSecurityHeader($bMustUnderstand, $setActor);
} }
@ -108,13 +108,13 @@ class WSSESoap {
/* Add the WSU timestamps */ /* Add the WSU timestamps */
$security = $this->locateSecurityHeader(); $security = $this->locateSecurityHeader();
$timestamp = $this->soapDoc->createElementNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Timestamp'); $timestamp = $this->soapDoc->createElementNS(self::WSUNS, self::WSUPFX.':Timestamp');
$security->insertBefore($timestamp, $security->firstChild); $security->insertBefore($timestamp, $security->firstChild);
$currentTime = time(); $currentTime = time();
$created = $this->soapDoc->createElementNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Created', gmdate("Y-m-d\TH:i:s", $currentTime).'Z'); $created = $this->soapDoc->createElementNS(self::WSUNS, self::WSUPFX.':Created', gmdate("Y-m-d\TH:i:s", $currentTime).'Z');
$timestamp->appendChild($created); $timestamp->appendChild($created);
if (! is_null($secondsToExpire)) { if (! is_null($secondsToExpire)) {
$expire = $this->soapDoc->createElementNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Expires', gmdate("Y-m-d\TH:i:s", $currentTime + $secondsToExpire).'Z'); $expire = $this->soapDoc->createElementNS(self::WSUNS, self::WSUPFX.':Expires', gmdate("Y-m-d\TH:i:s", $currentTime + $secondsToExpire).'Z');
$timestamp->appendChild($expire); $timestamp->appendChild($expire);
} }
} }
@ -126,10 +126,10 @@ class WSSESoap {
$security = $this->locateSecurityHeader(); $security = $this->locateSecurityHeader();
$token = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':UsernameToken'); $token = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':UsernameToken');
$security->insertBefore($token, $security->firstChild); $security->insertBefore($token, $security->firstChild);
$username = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Username', $userName); $username = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Username', $userName);
$token->appendChild($username); $token->appendChild($username);
/* Generate nonce - create a 256 bit session key to be used */ /* Generate nonce - create a 256 bit session key to be used */
@ -139,20 +139,20 @@ class WSSESoap {
$createdate = gmdate("Y-m-d\TH:i:s").'Z'; $createdate = gmdate("Y-m-d\TH:i:s").'Z';
if ($password) { if ($password) {
$passType = WSSESoap::WSUNAME.'#PasswordText'; $passType = self::WSUNAME.'#PasswordText';
if ($passwordDigest) { if ($passwordDigest) {
$password = base64_encode(sha1($nonce.$createdate. $password, true)); $password = base64_encode(sha1($nonce.$createdate. $password, true));
$passType = WSSESoap::WSUNAME.'#PasswordDigest'; $passType = self::WSUNAME.'#PasswordDigest';
} }
$passwordNode = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Password', $password); $passwordNode = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Password', $password);
$token->appendChild($passwordNode); $token->appendChild($passwordNode);
$passwordNode->setAttribute('Type', $passType); $passwordNode->setAttribute('Type', $passType);
} }
$nonceNode = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Nonce', base64_encode($nonce)); $nonceNode = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Nonce', base64_encode($nonce));
$token->appendChild($nonceNode); $token->appendChild($nonceNode);
$created = $this->soapDoc->createElementNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Created', $createdate); $created = $this->soapDoc->createElementNS(self::WSUNS, self::WSUPFX.':Created', $createdate);
$token->appendChild($created); $token->appendChild($created);
} }
@ -160,11 +160,11 @@ class WSSESoap {
$security = $this->locateSecurityHeader(); $security = $this->locateSecurityHeader();
$data = XMLSecurityDSig::get509XCert($cert, $isPEMFormat); $data = XMLSecurityDSig::get509XCert($cert, $isPEMFormat);
$token = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':BinarySecurityToken', $data); $token = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':BinarySecurityToken', $data);
$security->insertBefore($token, $security->firstChild); $security->insertBefore($token, $security->firstChild);
$token->setAttribute('EncodingType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'); $token->setAttribute('EncodingType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary');
$token->setAttributeNS(WSSESoap::WSUNS, WSSESoap::WSUPFX.':Id', XMLSecurityDSig::generate_GUID()); $token->setAttributeNS(self::WSUNS, self::WSUPFX.':Id', XMLSecurityDSig::generate_GUID());
$token->setAttribute('ValueType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'); $token->setAttribute('ValueType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3');
return $token; return $token;
@ -176,7 +176,7 @@ class WSSESoap {
} }
$objXMLSecDSig = new XMLSecurityDSig(); $objXMLSecDSig = new XMLSecurityDSig();
if ($objDSig = $objXMLSecDSig->locateSignature($this->soapDoc)) { if ($objDSig = $objXMLSecDSig->locateSignature($this->soapDoc)) {
$tokenURI = '#'.$token->getAttributeNS(WSSESoap::WSUNS, "Id"); $tokenURI = '#'.$token->getAttributeNS(self::WSUNS, "Id");
$this->SOAPXPath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $this->SOAPXPath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS);
$query = "./secdsig:KeyInfo"; $query = "./secdsig:KeyInfo";
$nodeset = $this->SOAPXPath->query($query, $objDSig); $nodeset = $this->SOAPXPath->query($query, $objDSig);
@ -186,9 +186,9 @@ class WSSESoap {
$objDSig->appendChild($keyInfo); $objDSig->appendChild($keyInfo);
} }
$tokenRef = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':SecurityTokenReference'); $tokenRef = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':SecurityTokenReference');
$keyInfo->appendChild($tokenRef); $keyInfo->appendChild($tokenRef);
$reference = $this->soapDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Reference'); $reference = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Reference');
$reference->setAttribute("URI", $tokenURI); $reference->setAttribute("URI", $tokenURI);
$tokenRef->appendChild($reference); $tokenRef->appendChild($reference);
} else { } else {
@ -211,7 +211,7 @@ class WSSESoap {
if ($this->signAllHeaders) { if ($this->signAllHeaders) {
foreach ($this->secNode->parentNode->childNodes AS $node) { foreach ($this->secNode->parentNode->childNodes AS $node) {
if (($node->nodeType == XML_ELEMENT_NODE) && if (($node->nodeType == XML_ELEMENT_NODE) &&
($node->namespaceURI != WSSESoap::WSSENS)) { ($node->namespaceURI != self::WSSENS)) {
$arNodes[] = $node; $arNodes[] = $node;
} }
} }
@ -229,7 +229,7 @@ class WSSESoap {
$algorithm = $options["algorithm"]; $algorithm = $options["algorithm"];
} }
$arOptions = array('prefix'=>WSSESoap::WSUPFX, 'prefix_ns'=>WSSESoap::WSUNS); $arOptions = array('prefix'=>self::WSUPFX, 'prefix_ns'=>self::WSUNS);
$objDSig->addReferenceList($arNodes, $algorithm, NULL, $arOptions); $objDSig->addReferenceList($arNodes, $algorithm, NULL, $arOptions);
$objDSig->sign($objKey); $objDSig->sign($objKey);
@ -249,9 +249,9 @@ class WSSESoap {
$objDoc = $sigNode->ownerDocument; $objDoc = $sigNode->ownerDocument;
$keyInfo = $sigNode->ownerDocument->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo'); $keyInfo = $sigNode->ownerDocument->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo');
$sigNode->appendChild($keyInfo); $sigNode->appendChild($keyInfo);
$tokenRef = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX . ':SecurityTokenReference'); $tokenRef = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':SecurityTokenReference');
$keyInfo->appendChild($tokenRef); $keyInfo->appendChild($tokenRef);
$reference = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX . ':KeyIdentifier'); $reference = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':KeyIdentifier');
$reference->setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"); $reference->setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier");
$reference->setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"); $reference->setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
$tokenRef->appendChild($reference); $tokenRef->appendChild($reference);
@ -310,13 +310,13 @@ class WSSESoap {
$objDoc = $encKey->ownerDocument; $objDoc = $encKey->ownerDocument;
$keyInfo = $objDoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'); $keyInfo = $objDoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo');
$encKey->insertBefore($keyInfo, $encMethod); $encKey->insertBefore($keyInfo, $encMethod);
$tokenRef = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':SecurityTokenReference'); $tokenRef = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX.':SecurityTokenReference');
$keyInfo->appendChild($tokenRef); $keyInfo->appendChild($tokenRef);
/* New suff */ /* New suff */
if (is_array($options)) { if (is_array($options)) {
if (! empty($options["KeyInfo"]) ) { if (! empty($options["KeyInfo"]) ) {
if (! empty($options["KeyInfo"]["X509SubjectKeyIdentifier"])) { if (! empty($options["KeyInfo"]["X509SubjectKeyIdentifier"])) {
$reference = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX . ':KeyIdentifier'); $reference = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':KeyIdentifier');
$reference->setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"); $reference->setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier");
$reference->setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"); $reference->setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
$tokenRef->appendChild($reference); $tokenRef->appendChild($reference);
@ -334,8 +334,8 @@ class WSSESoap {
} }
} }
$tokenURI = '#'.$token->getAttributeNS(WSSESoap::WSUNS, "Id"); $tokenURI = '#'.$token->getAttributeNS(self::WSUNS, "Id");
$reference = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX.':Reference'); $reference = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX.':Reference');
$reference->setAttribute("URI", $tokenURI); $reference->setAttribute("URI", $tokenURI);
$tokenRef->appendChild($reference); $tokenRef->appendChild($reference);
@ -365,6 +365,7 @@ class WSSESoap {
public function EncryptBody($siteKey, $objKey, $token) { public function EncryptBody($siteKey, $objKey, $token) {
$enc = new XMLSecEnc(); $enc = new XMLSecEnc();
$node = false;
foreach ($this->envelope->childNodes AS $node) { foreach ($this->envelope->childNodes AS $node) {
if ($node->namespaceURI == $this->soapNS && $node->localName == 'Body') { if ($node->namespaceURI == $this->soapNS && $node->localName == 'Body') {
break; break;

133
plugin/sepe/src/wsse/xmlseclibs.php
Unescape View File

@ -206,35 +206,35 @@ class XMLSecurityKey {
public function __construct($type, $params=NULL) { public function __construct($type, $params=NULL) {
srand(); srand();
switch ($type) { switch ($type) {
case (XMLSecurityKey::TRIPLEDES_CBC): case (self::TRIPLEDES_CBC):
$this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['library'] = 'mcrypt';
$this->cryptParams['cipher'] = MCRYPT_TRIPLEDES; $this->cryptParams['cipher'] = MCRYPT_TRIPLEDES;
$this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['mode'] = MCRYPT_MODE_CBC;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc';
$this->cryptParams['keysize'] = 24; $this->cryptParams['keysize'] = 24;
break; break;
case (XMLSecurityKey::AES128_CBC): case (self::AES128_CBC):
$this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['library'] = 'mcrypt';
$this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128; $this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128;
$this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['mode'] = MCRYPT_MODE_CBC;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc';
$this->cryptParams['keysize'] = 16; $this->cryptParams['keysize'] = 16;
break; break;
case (XMLSecurityKey::AES192_CBC): case (self::AES192_CBC):
$this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['library'] = 'mcrypt';
$this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128; $this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128;
$this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['mode'] = MCRYPT_MODE_CBC;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc';
$this->cryptParams['keysize'] = 24; $this->cryptParams['keysize'] = 24;
break; break;
case (XMLSecurityKey::AES256_CBC): case (self::AES256_CBC):
$this->cryptParams['library'] = 'mcrypt'; $this->cryptParams['library'] = 'mcrypt';
$this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128; $this->cryptParams['cipher'] = MCRYPT_RIJNDAEL_128;
$this->cryptParams['mode'] = MCRYPT_MODE_CBC; $this->cryptParams['mode'] = MCRYPT_MODE_CBC;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc';
$this->cryptParams['keysize'] = 32; $this->cryptParams['keysize'] = 32;
break; break;
case (XMLSecurityKey::RSA_1_5): case (self::RSA_1_5):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5';
@ -246,7 +246,7 @@ class XMLSecurityKey {
} }
throw new Exception('Certificate "type" (private/public) must be passed via parameters'); throw new Exception('Certificate "type" (private/public) must be passed via parameters');
return; return;
case (XMLSecurityKey::RSA_OAEP_MGF1P): case (self::RSA_OAEP_MGF1P):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['padding'] = OPENSSL_PKCS1_OAEP_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_OAEP_PADDING;
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p';
@ -259,7 +259,7 @@ class XMLSecurityKey {
} }
throw new Exception('Certificate "type" (private/public) must be passed via parameters'); throw new Exception('Certificate "type" (private/public) must be passed via parameters');
return; return;
case (XMLSecurityKey::RSA_SHA1): case (self::RSA_SHA1):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['method'] = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; $this->cryptParams['method'] = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
@ -271,7 +271,7 @@ class XMLSecurityKey {
} }
throw new Exception('Certificate "type" (private/public) must be passed via parameters'); throw new Exception('Certificate "type" (private/public) must be passed via parameters');
break; break;
case (XMLSecurityKey::RSA_SHA256): case (self::RSA_SHA256):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
@ -284,7 +284,7 @@ class XMLSecurityKey {
} }
throw new Exception('Certificate "type" (private/public) must be passed via parameters'); throw new Exception('Certificate "type" (private/public) must be passed via parameters');
break; break;
case (XMLSecurityKey::RSA_SHA384): case (self::RSA_SHA384):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
@ -295,7 +295,7 @@ class XMLSecurityKey {
break; break;
} }
} }
case (XMLSecurityKey::RSA_SHA512): case (self::RSA_SHA512):
$this->cryptParams['library'] = 'openssl'; $this->cryptParams['library'] = 'openssl';
$this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'; $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512';
$this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
@ -342,7 +342,7 @@ class XMLSecurityKey {
$key = mcrypt_create_iv($keysize, MCRYPT_RAND); $key = mcrypt_create_iv($keysize, MCRYPT_RAND);
} }
if ($this->type === XMLSecurityKey::TRIPLEDES_CBC) { if ($this->type === self::TRIPLEDES_CBC) {
/* Make sure that the generated key has the proper parity bits set. /* Make sure that the generated key has the proper parity bits set.
* Mcrypt doesn't care about the parity bits, but others may care. * Mcrypt doesn't care about the parity bits, but others may care.
*/ */
@ -416,12 +416,12 @@ class XMLSecurityKey {
} else if ($this->cryptParams['cipher'] == MCRYPT_RIJNDAEL_128) { } else if ($this->cryptParams['cipher'] == MCRYPT_RIJNDAEL_128) {
/* Check key length */ /* Check key length */
switch ($this->type) { switch ($this->type) {
case (XMLSecurityKey::AES256_CBC): case (self::AES256_CBC):
if (strlen($this->key) < 25) { if (strlen($this->key) < 25) {
throw new Exception('Key must contain at least 25 characters for this cipher'); throw new Exception('Key must contain at least 25 characters for this cipher');
} }
break; break;
case (XMLSecurityKey::AES192_CBC): case (self::AES192_CBC):
if (strlen($this->key) < 17) { if (strlen($this->key) < 17) {
throw new Exception('Key must contain at least 17 characters for this cipher'); throw new Exception('Key must contain at least 17 characters for this cipher');
} }
@ -586,12 +586,12 @@ class XMLSecurityKey {
/* Modulus and Exponent must already be base64 decoded */ /* Modulus and Exponent must already be base64 decoded */
static function convertRSA($modulus, $exponent) { static function convertRSA($modulus, $exponent) {
/* make an ASN publicKeyInfo */ /* make an ASN publicKeyInfo */
$exponentEncoding = XMLSecurityKey::makeAsnSegment(0x02, $exponent); $exponentEncoding = self::makeAsnSegment(0x02, $exponent);
$modulusEncoding = XMLSecurityKey::makeAsnSegment(0x02, $modulus); $modulusEncoding = self::makeAsnSegment(0x02, $modulus);
$sequenceEncoding = XMLSecurityKey:: makeAsnSegment(0x30, $modulusEncoding.$exponentEncoding); $sequenceEncoding = self:: makeAsnSegment(0x30, $modulusEncoding.$exponentEncoding);
$bitstringEncoding = XMLSecurityKey::makeAsnSegment(0x03, $sequenceEncoding); $bitstringEncoding = self::makeAsnSegment(0x03, $sequenceEncoding);
$rsaAlgorithmIdentifier = pack("H*", "300D06092A864886F70D0101010500"); $rsaAlgorithmIdentifier = pack("H*", "300D06092A864886F70D0101010500");
$publicKeyInfo = XMLSecurityKey::makeAsnSegment (0x30, $rsaAlgorithmIdentifier.$bitstringEncoding); $publicKeyInfo = self::makeAsnSegment (0x30, $rsaAlgorithmIdentifier.$bitstringEncoding);
/* encode the publicKeyInfo in base64 and add PEM brackets */ /* encode the publicKeyInfo in base64 and add PEM brackets */
$publicKeyInfoBase64 = base64_encode($publicKeyInfo); $publicKeyInfoBase64 = base64_encode($publicKeyInfo);
@ -638,6 +638,7 @@ class XMLSecurityKey {
* *
* @param DOMElement $element The EncryptedKey-element. * @param DOMElement $element The EncryptedKey-element.
* @return XMLSecurityKey The new key. * @return XMLSecurityKey The new key.
* @throws Exception
*/ */
public static function fromEncryptedKeyElement(DOMElement $element) { public static function fromEncryptedKeyElement(DOMElement $element) {
@ -687,7 +688,7 @@ class XMLSecurityDSig {
public function __construct() { public function __construct() {
$sigdoc = new DOMDocument(); $sigdoc = new DOMDocument();
$sigdoc->loadXML(XMLSecurityDSig::template); $sigdoc->loadXML(self::template);
$this->sigNode = $sigdoc->documentElement; $this->sigNode = $sigdoc->documentElement;
} }
@ -698,7 +699,7 @@ class XMLSecurityDSig {
private function getXPathObj() { private function getXPathObj() {
if (empty($this->xPathCtx) && ! empty($this->sigNode)) { if (empty($this->xPathCtx) && ! empty($this->sigNode)) {
$xpath = new DOMXPath($this->sigNode->ownerDocument); $xpath = new DOMXPath($this->sigNode->ownerDocument);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$this->xPathCtx = $xpath; $this->xPathCtx = $xpath;
} }
return $this->xPathCtx; return $this->xPathCtx;
@ -722,7 +723,7 @@ class XMLSecurityDSig {
} }
if ($doc) { if ($doc) {
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = ".//secdsig:Signature"; $query = ".//secdsig:Signature";
$nodeset = $xpath->query($query, $objDoc); $nodeset = $xpath->query($query, $objDoc);
$this->sigNode = $nodeset->item(0); $this->sigNode = $nodeset->item(0);
@ -734,9 +735,9 @@ class XMLSecurityDSig {
public function createNewSignNode($name, $value=NULL) { public function createNewSignNode($name, $value=NULL) {
$doc = $this->sigNode->ownerDocument; $doc = $this->sigNode->ownerDocument;
if (! is_null($value)) { if (! is_null($value)) {
$node = $doc->createElementNS(XMLSecurityDSig::XMLDSIGNS, $this->prefix.':'.$name, $value); $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.':'.$name, $value);
} else { } else {
$node = $doc->createElementNS(XMLSecurityDSig::XMLDSIGNS, $this->prefix.':'.$name); $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.':'.$name);
} }
return $node; return $node;
} }
@ -820,19 +821,19 @@ class XMLSecurityDSig {
public function calculateDigest ($digestAlgorithm, $data) { public function calculateDigest ($digestAlgorithm, $data) {
switch ($digestAlgorithm) { switch ($digestAlgorithm) {
case XMLSecurityDSig::SHA1: case self::SHA1:
$alg = 'sha1'; $alg = 'sha1';
break; break;
case XMLSecurityDSig::SHA256: case self::SHA256:
$alg = 'sha256'; $alg = 'sha256';
break; break;
case XMLSecurityDSig::SHA384: case self::SHA384:
$alg = 'sha384'; $alg = 'sha384';
break; break;
case XMLSecurityDSig::SHA512: case self::SHA512:
$alg = 'sha512'; $alg = 'sha512';
break; break;
case XMLSecurityDSig::RIPEMD160: case self::RIPEMD160:
$alg = 'ripemd160'; $alg = 'ripemd160';
break; break;
default: default:
@ -852,7 +853,7 @@ class XMLSecurityDSig {
public function validateDigest($refNode, $data) { public function validateDigest($refNode, $data) {
$xpath = new DOMXPath($refNode->ownerDocument); $xpath = new DOMXPath($refNode->ownerDocument);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = 'string(./secdsig:DigestMethod/@Algorithm)'; $query = 'string(./secdsig:DigestMethod/@Algorithm)';
$digestAlgorithm = $xpath->evaluate($query, $refNode); $digestAlgorithm = $xpath->evaluate($query, $refNode);
$digValue = $this->calculateDigest($digestAlgorithm, $data); $digValue = $this->calculateDigest($digestAlgorithm, $data);
@ -864,7 +865,7 @@ class XMLSecurityDSig {
public function processTransforms($refNode, $objData, $includeCommentNodes = TRUE) { public function processTransforms($refNode, $objData, $includeCommentNodes = TRUE) {
$data = $objData; $data = $objData;
$xpath = new DOMXPath($refNode->ownerDocument); $xpath = new DOMXPath($refNode->ownerDocument);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = './secdsig:Transforms/secdsig:Transform'; $query = './secdsig:Transforms/secdsig:Transform';
$nodelist = $xpath->query($query, $refNode); $nodelist = $xpath->query($query, $refNode);
$canonicalMethod = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; $canonicalMethod = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315';
@ -874,8 +875,8 @@ class XMLSecurityDSig {
$algorithm = $transform->getAttribute("Algorithm"); $algorithm = $transform->getAttribute("Algorithm");
switch ($algorithm) { switch ($algorithm) {
case 'http://www.w3.org/2001/10/xml-exc-c14n#': case 'http://www.w3.org/2001/10/xml-exc-c14n#':
// no break
case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments': case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments':
if(!$includeCommentNodes) { if(!$includeCommentNodes) {
/* We remove comment nodes by forcing it to use a canonicalization /* We remove comment nodes by forcing it to use a canonicalization
* without comments. * without comments.
@ -1090,7 +1091,7 @@ class XMLSecurityDSig {
$uri = $node->getAttributeNS($prefix_ns, $id_name); $uri = $node->getAttributeNS($prefix_ns, $id_name);
} }
if (empty($uri)) { if (empty($uri)) {
$uri = XMLSecurityDSig::generate_GUID(); $uri = self::generate_GUID();
$node->setAttributeNS($prefix_ns, $attname, $uri); $node->setAttributeNS($prefix_ns, $attname, $uri);
} }
$refNode->setAttribute("URI", '#'.$uri); $refNode->setAttribute("URI", '#'.$uri);
@ -1188,7 +1189,7 @@ class XMLSecurityDSig {
} }
if ($doc = $node->ownerDocument) { if ($doc = $node->ownerDocument) {
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = "string(./secdsig:SignedInfo/secdsig:SignatureMethod/@Algorithm)"; $query = "string(./secdsig:SignedInfo/secdsig:SignatureMethod/@Algorithm)";
$algorithm = $xpath->evaluate($query, $node); $algorithm = $xpath->evaluate($query, $node);
if ($algorithm) { if ($algorithm) {
@ -1206,7 +1207,7 @@ class XMLSecurityDSig {
public function verify($objKey) { public function verify($objKey) {
$doc = $this->sigNode->ownerDocument; $doc = $this->sigNode->ownerDocument;
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
$query = "string(./secdsig:SignatureValue)"; $query = "string(./secdsig:SignatureValue)";
$sigValue = $xpath->evaluate($query, $this->sigNode); $sigValue = $xpath->evaluate($query, $this->sigNode);
@ -1290,7 +1291,7 @@ class XMLSecurityDSig {
} }
static function get509XCert($cert, $isPEMFormat=TRUE) { static function get509XCert($cert, $isPEMFormat=TRUE) {
$certs = XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat); $certs = self::staticGet509XCerts($cert, $isPEMFormat);
if (! empty($certs)) { if (! empty($certs)) {
return $certs[0]; return $certs[0];
} }
@ -1335,7 +1336,7 @@ class XMLSecurityDSig {
if (empty($xpath)) { if (empty($xpath)) {
$xpath = new DOMXPath($parentRef->ownerDocument); $xpath = new DOMXPath($parentRef->ownerDocument);
$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('secdsig', self::XMLDSIGNS);
} }
$query = "./secdsig:KeyInfo"; $query = "./secdsig:KeyInfo";
@ -1343,7 +1344,7 @@ class XMLSecurityDSig {
$keyInfo = $nodeset->item(0); $keyInfo = $nodeset->item(0);
if (! $keyInfo) { if (! $keyInfo) {
$inserted = FALSE; $inserted = FALSE;
$keyInfo = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo'); $keyInfo = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:KeyInfo');
$query = "./secdsig:Object"; $query = "./secdsig:Object";
$nodeset = $xpath->query($query, $parentRef); $nodeset = $xpath->query($query, $parentRef);
@ -1358,10 +1359,10 @@ class XMLSecurityDSig {
} }
// Add all certs if there are more than one // Add all certs if there are more than one
$certs = XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat); $certs = self::staticGet509XCerts($cert, $isPEMFormat);
// Attach X509 data node // Attach X509 data node
$x509DataNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509Data'); $x509DataNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509Data');
$keyInfo->appendChild($x509DataNode); $keyInfo->appendChild($x509DataNode);
$issuerSerial = FALSE; $issuerSerial = FALSE;
@ -1380,25 +1381,25 @@ class XMLSecurityDSig {
if (is_array($certData['issuer'])) { if (is_array($certData['issuer'])) {
$parts = array(); $parts = array();
foreach ($certData['issuer'] AS $key => $value) { foreach ($certData['issuer'] AS $key => $value) {
array_unshift($parts, "$key=$value" . $issuer); array_unshift($parts, "$key=$value");
} }
$issuerName = implode(',', $parts); $issuerName = implode(',', $parts);
} else { } else {
$issuerName = $certData['issuer']; $issuerName = $certData['issuer'];
} }
$x509IssuerNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509IssuerSerial'); $x509IssuerNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509IssuerSerial');
$x509DataNode->appendChild($x509IssuerNode); $x509DataNode->appendChild($x509IssuerNode);
$x509Node = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509IssuerName', $issuerName); $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509IssuerName', $issuerName);
$x509IssuerNode->appendChild($x509Node); $x509IssuerNode->appendChild($x509Node);
$x509Node = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509SerialNumber', $certData['serialNumber']); $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509SerialNumber', $certData['serialNumber']);
$x509IssuerNode->appendChild($x509Node); $x509IssuerNode->appendChild($x509Node);
} }
} }
} }
$x509CertNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509Certificate', $X509Cert); $x509CertNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509Certificate', $X509Cert);
$x509DataNode->appendChild($x509CertNode); $x509DataNode->appendChild($x509CertNode);
} }
} }
@ -1446,7 +1447,7 @@ class XMLSecEnc {
private function _resetTemplate(){ private function _resetTemplate(){
$this->encdoc = new DOMDocument(); $this->encdoc = new DOMDocument();
$this->encdoc->loadXML(XMLSecEnc::template); $this->encdoc->loadXML(self::template);
} }
public function addReference($name, $node, $type) { public function addReference($name, $node, $type) {
@ -1490,23 +1491,23 @@ class XMLSecEnc {
throw new Exception('Error locating CipherValue element within template'); throw new Exception('Error locating CipherValue element within template');
} }
switch ($this->type) { switch ($this->type) {
case (XMLSecEnc::Element): case (self::Element):
$data = $doc->saveXML($this->rawNode); $data = $doc->saveXML($this->rawNode);
$this->encdoc->documentElement->setAttribute('Type', XMLSecEnc::Element); $this->encdoc->documentElement->setAttribute('Type', self::Element);
break; break;
case (XMLSecEnc::Content): case (self::Content):
$children = $this->rawNode->childNodes; $children = $this->rawNode->childNodes;
foreach ($children AS $child) { foreach ($children AS $child) {
$data .= $doc->saveXML($child); $data .= $doc->saveXML($child);
} }
$this->encdoc->documentElement->setAttribute('Type', XMLSecEnc::Content); $this->encdoc->documentElement->setAttribute('Type', self::Content);
break; break;
default: default:
throw new Exception('Type is currently not supported'); throw new Exception('Type is currently not supported');
return; return;
} }
$encMethod = $this->encdoc->documentElement->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:EncryptionMethod')); $encMethod = $this->encdoc->documentElement->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptionMethod'));
$encMethod->setAttribute('Algorithm', $objKey->getAlgorith()); $encMethod->setAttribute('Algorithm', $objKey->getAlgorith());
$cipherValue->parentNode->parentNode->insertBefore($encMethod, $cipherValue->parentNode->parentNode->firstChild); $cipherValue->parentNode->parentNode->insertBefore($encMethod, $cipherValue->parentNode->parentNode->firstChild);
@ -1516,7 +1517,7 @@ class XMLSecEnc {
if ($replace) { if ($replace) {
switch ($this->type) { switch ($this->type) {
case (XMLSecEnc::Element): case (self::Element):
if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) {
return $this->encdoc; return $this->encdoc;
} }
@ -1524,7 +1525,7 @@ class XMLSecEnc {
$this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode); $this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode);
return $importEnc; return $importEnc;
break; break;
case (XMLSecEnc::Content): case (self::Content):
$importEnc = $this->rawNode->ownerDocument->importNode($this->encdoc->documentElement, TRUE); $importEnc = $this->rawNode->ownerDocument->importNode($this->encdoc->documentElement, TRUE);
while($this->rawNode->firstChild) { while($this->rawNode->firstChild) {
$this->rawNode->removeChild($this->rawNode->firstChild); $this->rawNode->removeChild($this->rawNode->firstChild);
@ -1562,6 +1563,7 @@ class XMLSecEnc {
* Retrieve the CipherValue text from this encrypted node. * Retrieve the CipherValue text from this encrypted node.
* *
* @return string|NULL The Ciphervalue text, or NULL if no CipherValue is found. * @return string|NULL The Ciphervalue text, or NULL if no CipherValue is found.
* @throws Exception
*/ */
public function getCipherValue() { public function getCipherValue() {
if (empty($this->rawNode)) { if (empty($this->rawNode)) {
@ -1570,7 +1572,7 @@ class XMLSecEnc {
$doc = $this->rawNode->ownerDocument; $doc = $this->rawNode->ownerDocument;
$xPath = new DOMXPath($doc); $xPath = new DOMXPath($doc);
$xPath->registerNamespace('xmlencr', XMLSecEnc::XMLENCNS); $xPath->registerNamespace('xmlencr', self::XMLENCNS);
/* Only handles embedded content right now and not a reference */ /* Only handles embedded content right now and not a reference */
$query = "./xmlencr:CipherData/xmlencr:CipherValue"; $query = "./xmlencr:CipherData/xmlencr:CipherValue";
$nodeset = $xPath->query($query, $this->rawNode); $nodeset = $xPath->query($query, $this->rawNode);
@ -1594,6 +1596,7 @@ class XMLSecEnc {
* @params XMLSecurityKey $objKey The decryption key that should be used when decrypting the node. * @params XMLSecurityKey $objKey The decryption key that should be used when decrypting the node.
* @params boolean $replace Whether we should replace the encrypted node in the XML document with the decrypted data. The default is TRUE. * @params boolean $replace Whether we should replace the encrypted node in the XML document with the decrypted data. The default is TRUE.
* @return string|DOMElement The decrypted data. * @return string|DOMElement The decrypted data.
* @throws Exception
*/ */
public function decryptNode($objKey, $replace=TRUE) { public function decryptNode($objKey, $replace=TRUE) {
if (! $objKey instanceof XMLSecurityKey) { if (! $objKey instanceof XMLSecurityKey) {
@ -1605,7 +1608,7 @@ class XMLSecEnc {
$decrypted = $objKey->decryptData($encryptedData); $decrypted = $objKey->decryptData($encryptedData);
if ($replace) { if ($replace) {
switch ($this->type) { switch ($this->type) {
case (XMLSecEnc::Element): case (self::Element):
$newdoc = new DOMDocument(); $newdoc = new DOMDocument();
$newdoc->loadXML($decrypted); $newdoc->loadXML($decrypted);
if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) {
@ -1615,7 +1618,7 @@ class XMLSecEnc {
$this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode); $this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode);
return $importEnc; return $importEnc;
break; break;
case (XMLSecEnc::Content): case (self::Content):
if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) {
$doc = $this->rawNode; $doc = $this->rawNode;
} else { } else {
@ -1644,26 +1647,26 @@ class XMLSecEnc {
} }
$strEncKey = base64_encode($srcKey->encryptData($rawKey->key)); $strEncKey = base64_encode($srcKey->encryptData($rawKey->key));
$root = $this->encdoc->documentElement; $root = $this->encdoc->documentElement;
$encKey = $this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:EncryptedKey'); $encKey = $this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptedKey');
if ($append) { if ($append) {
$keyInfo = $root->insertBefore($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'), $root->firstChild); $keyInfo = $root->insertBefore($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'), $root->firstChild);
$keyInfo->appendChild($encKey); $keyInfo->appendChild($encKey);
} else { } else {
$this->encKey = $encKey; $this->encKey = $encKey;
} }
$encMethod = $encKey->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:EncryptionMethod')); $encMethod = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptionMethod'));
$encMethod->setAttribute('Algorithm', $srcKey->getAlgorith()); $encMethod->setAttribute('Algorithm', $srcKey->getAlgorith());
if (! empty($srcKey->name)) { if (! empty($srcKey->name)) {
$keyInfo = $encKey->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo')); $keyInfo = $encKey->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'));
$keyInfo->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyName', $srcKey->name)); $keyInfo->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyName', $srcKey->name));
} }
$cipherData = $encKey->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:CipherData')); $cipherData = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:CipherData'));
$cipherData->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:CipherValue', $strEncKey)); $cipherData->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:CipherValue', $strEncKey));
if (is_array($this->references) && count($this->references) > 0) { if (is_array($this->references) && count($this->references) > 0) {
$refList = $encKey->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:ReferenceList')); $refList = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:ReferenceList'));
foreach ($this->references AS $name=>$reference) { foreach ($this->references AS $name=>$reference) {
$refuri = $reference["refuri"]; $refuri = $reference["refuri"];
$dataRef = $refList->appendChild($this->encdoc->createElementNS(XMLSecEnc::XMLENCNS, 'xenc:DataReference')); $dataRef = $refList->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:DataReference'));
$dataRef->setAttribute("URI", '#' . $refuri); $dataRef->setAttribute("URI", '#' . $refuri);
} }
} }
@ -1688,7 +1691,7 @@ class XMLSecEnc {
} }
if ($doc) { if ($doc) {
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$query = "//*[local-name()='EncryptedData' and namespace-uri()='".XMLSecEnc::XMLENCNS."']"; $query = "//*[local-name()='EncryptedData' and namespace-uri()='".self::XMLENCNS."']";
$nodeset = $xpath->query($query); $nodeset = $xpath->query($query);
return $nodeset->item(0); return $nodeset->item(0);
} }
@ -1704,7 +1707,7 @@ class XMLSecEnc {
} }
if ($doc = $node->ownerDocument) { if ($doc = $node->ownerDocument) {
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('xmlsecenc', XMLSecEnc::XMLENCNS); $xpath->registerNamespace('xmlsecenc', self::XMLENCNS);
$query = ".//xmlsecenc:EncryptionMethod"; $query = ".//xmlsecenc:EncryptionMethod";
$nodeset = $xpath->query($query, $node); $nodeset = $xpath->query($query, $node);
if ($encmeth = $nodeset->item(0)) { if ($encmeth = $nodeset->item(0)) {
@ -1730,7 +1733,7 @@ class XMLSecEnc {
} }
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$xpath->registerNamespace('xmlsecenc', XMLSecEnc::XMLENCNS); $xpath->registerNamespace('xmlsecenc', self::XMLENCNS);
$xpath->registerNamespace('xmlsecdsig', XMLSecurityDSig::XMLDSIGNS); $xpath->registerNamespace('xmlsecdsig', XMLSecurityDSig::XMLDSIGNS);
$query = "./xmlsecdsig:KeyInfo"; $query = "./xmlsecdsig:KeyInfo";
$nodeset = $xpath->query($query, $node); $nodeset = $xpath->query($query, $node);
@ -1812,6 +1815,6 @@ class XMLSecEnc {
if (empty($node)) { if (empty($node)) {
$node = $this->rawNode; $node = $this->rawNode;
} }
return XMLSecEnc::staticLocateKeyInfo($objBaseKey, $node); return self::staticLocateKeyInfo($objBaseKey, $node);
} }
} }

2
plugin/sepe/ws/Sepe.php
Unescape View File

@ -750,7 +750,7 @@ class Sepe
$sql = "SELECT * FROM $classRoomTable $sql = "SELECT * FROM $classRoomTable
WHERE specialty_id='" . $specialtyId . "'"; WHERE specialty_id='" . $specialtyId . "'";
$resultClassroom = Database::query($sql); $resultClassroom = Database::query($sql);
if (Database::num_rows($resultClassroom) == false) { if (Database::num_rows($resultClassroom) === 0) {
return array( return array(
"RESPUESTA_OBT_ACCION" => array( "RESPUESTA_OBT_ACCION" => array(
"CODIGO_RETORNO" => "-1", "CODIGO_RETORNO" => "-1",

Write Preview
Loading…
Cancel
Save