当前位置: 首页>>代码示例>>PHP>>正文


PHP XMLSecurityDSig类代码示例

本文整理汇总了PHP中XMLSecurityDSig的典型用法代码示例。如果您正苦于以下问题:PHP XMLSecurityDSig类的具体用法?PHP XMLSecurityDSig怎么用?PHP XMLSecurityDSig使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了XMLSecurityDSig类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: isValid

 /**
  * @return bool
  * @throws Exception
  */
 public function isValid()
 {
     $singleAssertion = $this->validateNumAssertions();
     if (!$singleAssertion) {
         throw new Exception('Multiple assertions are not supported');
     }
     $validTimestamps = $this->validateTimestamps();
     if (!$validTimestamps) {
         throw new Exception('Timing issues (please check your clock settings)');
     }
     $objXMLSecDSig = new XMLSecurityDSig();
     $objDSig = $objXMLSecDSig->locateSignature($this->_document);
     if (!$objDSig) {
         throw new Exception('Cannot locate Signature Node');
     }
     $objXMLSecDSig->canonicalizeSignedInfo();
     $objXMLSecDSig->idKeys = array('ID');
     $objKey = $objXMLSecDSig->locateKey();
     if (!$objKey) {
         throw new Exception('We have no idea about the key');
     }
     try {
         $retVal = $objXMLSecDSig->validateReference();
     } catch (Exception $e) {
         throw new Exception('Reference Validation Failed');
     }
     XMLSecEnc::staticLocateKeyInfo($objKey, $objDSig);
     $objKey->loadKey($this->_settings->idpPublicCertificate, false, true);
     return $objXMLSecDSig->verify($objKey) === 1;
 }
开发者ID:maestrano,项目名称:maestrano-php,代码行数:34,代码来源:XmlSec.php

示例2: getXml

 /**
  * @param \DOMNode $parent
  * @param \AerialShip\LightSaml\Meta\SerializationContext $context
  * @return \DOMNode
  */
 function getXml(\DOMNode $parent, SerializationContext $context)
 {
     $objXMLSecDSig = new \XMLSecurityDSig();
     $objXMLSecDSig->setCanonicalMethod($this->getCanonicalMethod());
     $key = $this->getXmlSecurityKey();
     switch ($key->type) {
         case \XMLSecurityKey::RSA_SHA256:
             $type = \XMLSecurityDSig::SHA256;
             break;
         case \XMLSecurityKey::RSA_SHA384:
             $type = \XMLSecurityDSig::SHA384;
             break;
         case \XMLSecurityKey::RSA_SHA512:
             $type = \XMLSecurityDSig::SHA512;
             break;
         default:
             $type = \XMLSecurityDSig::SHA1;
     }
     $objXMLSecDSig->addReferenceList(array($parent), $type, array(Protocol::XMLSEC_TRANSFORM_ALGORITHM_ENVELOPED_SIGNATURE, \XMLSecurityDSig::EXC_C14N), array('id_name' => $this->getIDName(), 'overwrite' => FALSE));
     $objXMLSecDSig->sign($key);
     $objXMLSecDSig->add509Cert($this->getCertificate()->getData(), false, false);
     $firstChild = $parent->hasChildNodes() ? $parent->firstChild : null;
     if ($firstChild && $firstChild->localName == 'Issuer') {
         // The signature node should come after the issuer node
         $firstChild = $firstChild->nextSibling;
     }
     $objXMLSecDSig->insertSignature($parent, $firstChild);
 }
开发者ID:LearnerNation,项目名称:lightsaml,代码行数:33,代码来源:SignatureCreator.php

示例3: processDocument

function processDocument()
{
    global $src_file, $target_file, $user_pubkey_file_path, $user_cert_file_path;
    require dirname(__FILE__) . '/xmlseclibs.php';
    if (file_exists($target_file)) {
        unlink($target_file);
    }
    $doc = new DOMDocument();
    $doc->load($src_file);
    $objDSig = new XMLSecurityDSig();
    $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
    $objDSig->addReference($doc, XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'));
    /* gako pribatu bat behar dugu prozesua burutzeko. orain edozein erabiliko dugu. gero txartelekoarekin ordezkatzeko */
    $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
    /* if key has Passphrase, set it using $objKey->passphrase = <passphrase> " */
    $objKey->loadKey(dirname(__FILE__) . '/privkey.pem', TRUE);
    $objDSig->sign($objKey);
    /* Add associated public key */
    // $objDSig->add509Cert(file_get_contents(dirname(__FILE__) . '/mycert.pem'));
    // $objDSig->add509Cert(file_get_contents($user_cert_file_path));
    if (!file_exists($user_cert_file_path)) {
        debug('File not found', $user_cert_file_path);
    } else {
        $objDSig->add509Cert($user_cert_file_path);
    }
    $objDSig->appendSignature($doc->documentElement);
    $doc->save($target_file);
}
开发者ID:Esleelkartea,项目名称:legedia-ESLE,代码行数:28,代码来源:index.php

示例4: is_valid

 public function is_valid()
 {
     $objXMLSecDSig = new XMLSecurityDSig();
     $objDSig = $objXMLSecDSig->locateSignature($this->document);
     if (!$objDSig) {
         throw new Exception("Cannot locate Signature Node");
     }
     $objXMLSecDSig->canonicalizeSignedInfo();
     $objXMLSecDSig->idKeys = array('ID');
     $retVal = $objXMLSecDSig->validateReference();
     if (!$retVal) {
         throw new Exception("Reference Validation Failed");
     }
     $objKey = $objXMLSecDSig->locateKey();
     if (!$objKey) {
         throw new Exception("We have no idea about the key");
     }
     $key = null;
     $singleAssertion = $this->validateNumAssertions();
     if (!$singleAssertion) {
         throw new Exception("Only one SAMLAssertion allowed");
     }
     $validTimestamps = $this->validateTimestamps();
     if (!$validTimestamps) {
         throw new Exception("SAMLAssertion conditions not met");
     }
     $objKeyInfo = XMLSecEnc::staticLocateKeyInfo($objKey, $objDSig);
     $objKey->loadKey($this->settings->x509certificate, false, true);
     $result = $objXMLSecDSig->verify($objKey);
     return $result;
 }
开发者ID:jan-tee,项目名称:dokuwiki-plugin-adfs,代码行数:31,代码来源:xmlsec.php

示例5: ADFS_SignResponse

function ADFS_SignResponse($response, $key, $cert)
{
    $objXMLSecDSig = new XMLSecurityDSig();
    $objXMLSecDSig->idKeys = array('AssertionID');
    $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
    $responsedom = new DOMDocument();
    $responsedom->loadXML(str_replace("\r", "", $response));
    $firstassertionroot = $responsedom->getElementsByTagName('Assertion')->item(0);
    $objXMLSecDSig->addReferenceList(array($firstassertionroot), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('id_name' => 'AssertionID'));
    $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
    $objKey->loadKey($key, TRUE);
    $objXMLSecDSig->sign($objKey);
    if ($cert) {
        $public_cert = file_get_contents($cert);
        $objXMLSecDSig->add509Cert($public_cert, TRUE);
    }
    $newSig = $responsedom->importNode($objXMLSecDSig->sigNode, TRUE);
    $firstassertionroot->appendChild($newSig);
    return $responsedom->saveXML();
}
开发者ID:hukumonline,项目名称:yii,代码行数:20,代码来源:prp.php

示例6: addReference

 public function addReference($name, $node, $type)
 {
     if (!$node instanceof \DOMNode) {
         throw new \Exception('$node is not of type \\DOMNode');
     }
     $curencdoc = $this->encdoc;
     $this->_resetTemplate();
     $encdoc = $this->encdoc;
     $this->encdoc = $curencdoc;
     $refuri = XMLSecurityDSig::generate_GUID();
     $element = $encdoc->documentElement;
     $element->setAttribute("Id", $refuri);
     $this->references[$name] = array("node" => $node, "type" => $type, "encnode" => $encdoc, "refuri" => $refuri);
 }
开发者ID:BGCX067,项目名称:face-proveedor-cliente-php-git,代码行数:14,代码来源:XMLSecEnc.php

示例7: __construct

 /**
  * This function initializes the validator.
  *
  * @param $xmlNode  The XML node which contains the Signature element.
  * @param $idAttribute  The ID attribute which is used in node references. If this attribute is
  *                      NULL (the default), then we will use whatever is the default ID.
  */
 public function __construct($xmlNode, $idAttribute = NULL, $publickey = FALSE)
 {
     assert('$xmlNode instanceof DOMNode');
     /* Create an XML security object. */
     $objXMLSecDSig = new XMLSecurityDSig();
     /* Add the id attribute if the user passed in an id attribute. */
     if ($idAttribute !== NULL) {
         assert('is_string($idAttribute)');
         $objXMLSecDSig->idKeys[] = $idAttribute;
     }
     /* Locate the XMLDSig Signature element to be used. */
     $signatureElement = $objXMLSecDSig->locateSignature($xmlNode);
     if (!$signatureElement) {
         throw new Exception('Could not locate XML Signature element.');
     }
     /* Canonicalize the XMLDSig SignedInfo element in the message. */
     $objXMLSecDSig->canonicalizeSignedInfo();
     /* Validate referenced xml nodes. */
     if (!$objXMLSecDSig->validateReference()) {
         throw new Exception('XMLsec: digest validation failed');
     }
     /* Find the key used to sign the document. */
     $objKey = $objXMLSecDSig->locateKey();
     if (empty($objKey)) {
         throw new Exception('Error loading key to handle XML signature');
     }
     /* Load the key data. */
     if ($publickey) {
         $objKey->loadKey($publickey);
     } else {
         if (!XMLSecEnc::staticLocateKeyInfo($objKey, $signatureElement)) {
             throw new Exception('Error finding key data for XML signature validation.');
         }
     }
     /* Check the signature. */
     if (!$objXMLSecDSig->verify($objKey)) {
         throw new Exception("Unable to validate Signature");
     }
     /* Extract the certificate fingerprint. */
     $this->x509Fingerprint = $objKey->getX509Fingerprint();
     /* Find the list of validated nodes. */
     $this->validNodes = $objXMLSecDSig->getValidatedNodes();
 }
开发者ID:stefanotirati,项目名称:moodle-google-apps,代码行数:50,代码来源:Validator.php

示例8: is_valid

 function is_valid()
 {
     $objXMLSecDSig = new XMLSecurityDSig();
     $objDSig = $objXMLSecDSig->locateSignature($this->doc);
     if (!$objDSig) {
         throw new Exception("Cannot locate Signature Node");
         //, 'error', FALSE
         return false;
     }
     $objXMLSecDSig->canonicalizeSignedInfo();
     $objXMLSecDSig->idKeys = array('ID');
     $retVal = $objXMLSecDSig->validateReference();
     if (!$retVal) {
         throw new Exception("SAML Assertion Error: Reference Validation Failed");
         //, 'error', FALSE
         return false;
         // throw new Exception("Reference Validation Failed");
     }
     $objKey = $objXMLSecDSig->locateKey();
     if (!$objKey) {
         throw new Exception("SAML Assertion Error: We have no idea about the key");
         //, 'error', FALSE
         return false;
         // throw new Exception("We have no idea about the key");
     }
     $key = NULL;
     $singleAssertion = $this->validateNumAssertions();
     if (!$singleAssertion) {
         throw new Exception("SAML Assertion Error: Only ONE SAML Assertion Allowed");
         //, 'error', FALSE
         return false;
         // throw new Exception("Only ONE SamlAssertion allowed");
     }
     $validTimestamps = $this->validateTimestamps();
     if (!$validTimestamps) {
         throw new Exception("SAML Assertion Error: Check your timestamp conditions");
         //, 'error', FALSE
         return false;
         // throw new Exception("Check your timestamp conditions");
     }
     $objKeyInfo = XMLSecEnc::staticLocateKeyInfo($objKey, $objDSig);
     $objKey->loadKey($this->x509certificate, FALSE, true);
     $result = $objXMLSecDSig->verify($objKey);
     return $result;
 }
开发者ID:stefanotirati,项目名称:moodle-google-apps,代码行数:45,代码来源:xmlsec.php

示例9: testGetValidatingCertificates

    /**
     * Test that signatures contain the corresponding public keys.
     */
    public function testGetValidatingCertificates()
    {
        $certData = XMLSecurityDSig::staticGet509XCerts(SAML2_CertificatesMock::PUBLIC_KEY_PEM);
        $certData = $certData[0];
        $signedMockElementCopy = SAML2_Utils::copyElement($this->signedMockElement);
        $signedMockElementCopy->ownerDocument->appendChild($signedMockElementCopy);
        $tmp = new SAML2_SignedElementHelperMock($signedMockElementCopy);
        $certs = $tmp->getValidatingCertificates();
        $this->assertCount(1, $certs);
        $this->assertEquals($certData, $certs[0]);
        // Test with two certificates.
        $tmpCert = '-----BEGIN CERTIFICATE-----
MIICsDCCAhmgAwIBAgIJALU2mjA9ULI2MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMTAwODAzMDYzNTQ4WhcNMjAwODAyMDYzNTQ4WjBF
MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDG6q53nl3Gn/9JE+ZiCgEB+EPcGbvzi0NrBDkKz9SKBNflxKQ+De/OAVQ9RQZO
tEm/j0hoSCGO7maemOm1PVNtDuMchSroPs0L4szLhh6m1uMhw9RXqq34C+Cr7Wee
ZNPQTFnQhBYqnYM03/e3SeUawiZ7rGeAMJ/8BSk0CB1GAQIDAQABo4GnMIGkMB0G
A1UdDgQWBBRnHHPiQ/pV/xDZg3EBmU3ik64ORDB1BgNVHSMEbjBsgBRnHHPiQ/pV
/xDZg3EBmU3ik64ORKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJALU2mjA9
ULI2MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAScv7ee6QajoSM4c4
+fX+eYdjHFsvtqHD0ng987viS8eGjIrRfKAMHVzzs1jSU0TxMM7WUFDf6FpjW+Do
r+X+X2Al/n6aDn7qAxXbl0RZuB+saxn+yFR6HFKggwkR1L2pimCuD0gTr6LlrNgf
edF1YfJgq35hcMMLY9RE/0C0bCI=
-----END CERTIFICATE-----';
        $mock = new SAML2_SignedElementHelperMock();
        $mock->setSignatureKey(SAML2_CertificatesMock::getPrivateKey());
        $mock->setCertificates(array($tmpCert, SAML2_CertificatesMock::PUBLIC_KEY_PEM));
        $this->signedMockElement = $mock->toSignedXML();
        $tmp = new SAML2_SignedElementHelperMock($this->signedMockElement);
        $certs = $tmp->getValidatingCertificates();
        $this->assertCount(1, $certs);
        $this->assertEquals($certData, $certs[0]);
    }
开发者ID:Stony-Brook-University,项目名称:doitsbu,代码行数:40,代码来源:SignedElementHelperTest.php

示例10: is_valid

 function is_valid()
 {
     $objXMLSecDSig = new XMLSecurityDSig();
     $objDSig = $objXMLSecDSig->locateSignature($this->doc);
     if (!$objDSig) {
         throw new Exception("Cannot locate Signature Node");
     }
     $objXMLSecDSig->canonicalizeSignedInfo();
     $objXMLSecDSig->idKeys = array('ID');
     $retVal = $objXMLSecDSig->validateReference();
     if (!$retVal) {
         throw new Exception("Reference Validation Failed");
     }
     $objKey = $objXMLSecDSig->locateKey();
     if (!$objKey) {
         throw new Exception("We have no idea about the key");
     }
     $key = NULL;
     $objKeyInfo = XMLSecEnc::staticLocateKeyInfo($objKey, $objDSig);
     $objKey->loadKey($this->x509certificate, FALSE, true);
     $result = $objXMLSecDSig->verify($objKey);
     return $result;
 }
开发者ID:sysraj86,项目名称:carnivalcrm,代码行数:23,代码来源:xmlsec.php

示例11: staticAdd509Cert

 static function staticAdd509Cert($parentRef, $cert, $isPEMFormat = TRUE, $isURL = False, $xpath = NULL)
 {
     if ($isURL) {
         $cert = file_get_contents($cert);
     }
     if (!$parentRef instanceof DOMElement) {
         throw new Exception('Invalid parent Node parameter');
     }
     $baseDoc = $parentRef->ownerDocument;
     if (empty($xpath)) {
         $xpath = new DOMXPath($parentRef->ownerDocument);
         $xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS);
     }
     $query = "./secdsig:KeyInfo";
     $nodeset = $xpath->query($query, $parentRef);
     $keyInfo = $nodeset->item(0);
     if (!$keyInfo) {
         $inserted = FALSE;
         $keyInfo = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo');
         $query = "./secdsig:Object";
         $nodeset = $xpath->query($query, $parentRef);
         if ($sObject = $nodeset->item(0)) {
             $sObject->parentNode->insertBefore($keyInfo, $sObject);
             $inserted = TRUE;
         }
         if (!$inserted) {
             $parentRef->appendChild($keyInfo);
         }
     }
     // Add all certs if there are more than one
     $certs = XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat);
     // Atach X509 data node
     $x509DataNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509Data');
     $keyInfo->appendChild($x509DataNode);
     // Atach all certificate nodes
     foreach ($certs as $X509Cert) {
         $x509CertNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:X509Certificate', $X509Cert);
         $x509DataNode->appendChild($x509CertNode);
     }
 }
开发者ID:MexinaD,项目名称:SuiteCRM,代码行数:40,代码来源:xmlseclibs.php

示例12: __construct

 /**
  * This function initializes the validator.
  *
  * This function accepts an optional parameter $publickey, which is the public key
  * or certificate which should be used to validate the signature. This parameter can
  * take the following values:
  * - NULL/FALSE: No validation will be performed. This is the default.
  * - A string: Assumed to be a PEM-encoded certificate / public key.
  * - An array: Assumed to be an array returned by SimpleSAML_Utilities::loadPublicKey.
  *
  * @param DOMNode $xmlNode  The XML node which contains the Signature element.
  * @param string|array $idAttribute  The ID attribute which is used in node references. If
  *          this attribute is NULL (the default), then we will use whatever is the default
  *          ID. Can be eigther a string with one value, or an array with multiple ID
  *          attrbute names.
  * @param array $publickey  The public key / certificate which should be used to validate the XML node.
  */
 public function __construct($xmlNode, $idAttribute = NULL, $publickey = FALSE)
 {
     assert('$xmlNode instanceof DOMNode');
     if ($publickey === NULL) {
         $publickey = FALSE;
     } elseif (is_string($publickey)) {
         $publickey = array('PEM' => $publickey);
     } else {
         assert('$publickey === FALSE || is_array($publickey)');
     }
     /* Create an XML security object. */
     $objXMLSecDSig = new XMLSecurityDSig();
     /* Add the id attribute if the user passed in an id attribute. */
     if ($idAttribute !== NULL) {
         if (is_string($idAttribute)) {
             $objXMLSecDSig->idKeys[] = $idAttribute;
         } elseif (is_array($idAttribute)) {
             foreach ($idAttribute as $ida) {
                 $objXMLSecDSig->idKeys[] = $ida;
             }
         }
     }
     /* Locate the XMLDSig Signature element to be used. */
     $signatureElement = $objXMLSecDSig->locateSignature($xmlNode);
     if (!$signatureElement) {
         throw new Exception('Could not locate XML Signature element.');
     }
     /* Canonicalize the XMLDSig SignedInfo element in the message. */
     $objXMLSecDSig->canonicalizeSignedInfo();
     /* Validate referenced xml nodes. */
     if (!$objXMLSecDSig->validateReference()) {
         throw new Exception('XMLsec: digest validation failed');
     }
     /* Find the key used to sign the document. */
     $objKey = $objXMLSecDSig->locateKey();
     if (empty($objKey)) {
         throw new Exception('Error loading key to handle XML signature');
     }
     /* Load the key data. */
     if ($publickey !== FALSE && array_key_exists('PEM', $publickey)) {
         /* We have PEM data for the public key / certificate. */
         $objKey->loadKey($publickey['PEM']);
     } else {
         /* No PEM data. Search for key in signature. */
         if (!XMLSecEnc::staticLocateKeyInfo($objKey, $signatureElement)) {
             throw new Exception('Error finding key data for XML signature validation.');
         }
         if ($publickey !== FALSE) {
             /* $publickey is set, and should therefore contain one or more fingerprints.
              * Check that the response contains a certificate with a matching
              * fingerprint.
              */
             assert('is_array($publickey["certFingerprint"])');
             $certificate = $objKey->getX509Certificate();
             if ($certificate === NULL) {
                 /* Wasn't signed with an X509 certificate. */
                 throw new Exception('Message wasn\'t signed with an X509 certificate,' . ' and no public key was provided in the metadata.');
             }
             self::validateCertificateFingerprint($certificate, $publickey['certFingerprint']);
             /* Key OK. */
         }
     }
     /* Check the signature. */
     if (!$objXMLSecDSig->verify($objKey)) {
         throw new Exception("Unable to validate Signature");
     }
     /* Extract the certificate. */
     $this->x509Certificate = $objKey->getX509Certificate();
     /* Find the list of validated nodes. */
     $this->validNodes = $objXMLSecDSig->getValidatedNodes();
 }
开发者ID:danielkjfrog,项目名称:docker,代码行数:88,代码来源:Validator.php

示例13: processSignature

 public function processSignature($refNode)
 {
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->idKeys[] = 'wswsu:Id';
     $objXMLSecDSig->idNS['wswsu'] = WSSESoapServer::WSUNS;
     $objXMLSecDSig->sigNode = $refNode;
     /* Canonicalize the signed info */
     $objXMLSecDSig->canonicalizeSignedInfo();
     $retVal = $objXMLSecDSig->validateReference();
     if (!$retVal) {
         throw new Exception("Validation Failed");
     }
     $key = NULL;
     $objKey = $objXMLSecDSig->locateKey();
     if ($objKey) {
         if ($objKeyInfo = XMLSecEnc::staticLocateKeyInfo($objKey, $refNode)) {
             /* Handle any additional key processing such as encrypted keys here */
         }
     }
     if (empty($objKey)) {
         throw new Exception("Error loading key to handle Signature");
     }
     do {
         if (empty($objKey->key)) {
             $this->SOAPXPath->registerNamespace('xmlsecdsig', XMLSecurityDSig::XMLDSIGNS);
             $query = "./xmlsecdsig:KeyInfo/wswsse:SecurityTokenReference/wswsse:Reference";
             $nodeset = $this->SOAPXPath->query($query, $refNode);
             if ($encmeth = $nodeset->item(0)) {
                 if ($uri = $encmeth->getAttribute("URI")) {
                     $arUrl = parse_url($uri);
                     if (empty($arUrl['path']) && ($identifier = $arUrl['fragment'])) {
                         $query = '//wswsse:BinarySecurityToken[@wswsu:Id="' . $identifier . '"]';
                         $nodeset = $this->SOAPXPath->query($query);
                         if ($encmeth = $nodeset->item(0)) {
                             $x509cert = $encmeth->textContent;
                             $x509cert = str_replace(array("\r", "\n"), "", $x509cert);
                             $x509cert = "-----BEGIN CERTIFICATE-----\n" . chunk_split($x509cert, 64, "\n") . "-----END CERTIFICATE-----\n";
                             $objKey->loadKey($x509cert);
                             break;
                         }
                     }
                 }
             }
             throw new Exception("Error loading key to handle Signature");
         }
     } while (0);
     if (!$objXMLSecDSig->verify($objKey)) {
         throw new Exception("Unable to validate Signature");
     }
     return TRUE;
 }
开发者ID:binondord,项目名称:wse-php,代码行数:51,代码来源:soap-server-wsse.php

示例14: insertSignature

 /**
  * Insert a Signature-node.
  *
  * @param XMLSecurityKey $key  The key we should use to sign the message.
  * @param array $certificates  The certificates we should add to the signature node.
  * @param DOMElement $root  The XML node we should sign.
  * @param DomElement $insertBefore  The XML element we should insert the signature element before.
  */
 public static function insertSignature(XMLSecurityKey $key, array $certificates, DOMElement $root, DOMNode $insertBefore = NULL)
 {
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $objXMLSecDSig->addReferenceList(array($root), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('id_name' => 'ID'));
     $objXMLSecDSig->sign($key);
     foreach ($certificates as $certificate) {
         $objXMLSecDSig->add509Cert($certificate, TRUE);
     }
     $objXMLSecDSig->insertSignature($root, $insertBefore);
 }
开发者ID:filonuse,项目名称:fedlab,代码行数:19,代码来源:Utils.php

示例15: staticAddBes

 static function staticAddBes($parentRef, $cert, $isPEMFormat = TRUE, $isURL = False, $xpath = NULL, $digest = NULL)
 {
     if ($isURL) {
         $cert = file_get_contents($cert);
     }
     if (!$parentRef instanceof DOMElement) {
         throw new Exception('Invalid parent Node parameter');
     }
     $baseDoc = $parentRef->ownerDocument;
     // Add all certs if there are more than one
     $certs = XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat);
     // Attach X509 data node
     //$objectNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:Object');
     $objectNode = $baseDoc->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:Object');
     $parentRef->appendChild($objectNode);
     $qProps = $baseDoc->createElement('QualifyingProperties');
     $qProps->setAttribute('xmlns:xsi', 'http://www.w3.org/2001/XMLSchema-instance');
     $qProps->setAttribute('xmlns:xsd', 'http://www.w3.org/2001/XMLSchema');
     $qProps->setAttribute('xmlns', 'http://uri.etsi.org/01903/v1.1.1#');
     $qProps->setAttribute('Target', '#SignatureId');
     $objectNode->appendChild($qProps);
     $SignedProps = $baseDoc->createElement('SignedProperties');
     $SignedProps->setAttribute('Id', 'SignedPropertiesId');
     $qProps->appendChild($SignedProps);
     $SignedSignatureProperties = $baseDoc->createElement('SignedSignatureProperties');
     $SignedProps->appendChild($SignedSignatureProperties);
     $SigningTime = $baseDoc->createElement('SigningTime', date('c', strtotime('2014-01-27')));
     $SignedSignatureProperties->appendChild($SigningTime);
     $SigningCertificate = $baseDoc->createElement('SigningCertificate');
     $SignedSignatureProperties->appendChild($SigningCertificate);
     $Cert = $baseDoc->createElement('Cert');
     $SigningCertificate->appendChild($Cert);
     $CertDigest = $baseDoc->createElement('CertDigest');
     $Cert->appendChild($CertDigest);
     $DigestMethod = $baseDoc->createElement('DigestMethod');
     $DigestMethodAttrAlgorithm = $baseDoc->createAttribute('Algorithm');
     $DigestMethodAttrAlgorithm->value = self::SHA1;
     $DigestMethod->appendChild($DigestMethodAttrAlgorithm);
     $CertDigest->appendChild($DigestMethod);
     $DigestValue = $baseDoc->createElement('DigestValue', $digest);
     $CertDigest->appendChild($DigestValue);
     // ADD CERS
     foreach ($certs as $X509Cert) {
         if ($certData = openssl_x509_parse("-----BEGIN CERTIFICATE-----\n" . chunk_split($X509Cert, 64, "\n") . "-----END CERTIFICATE-----\n")) {
             if (!empty($certData['issuer']) && !empty($certData['serialNumber'])) {
                 if (is_array($certData['issuer'])) {
                     $parts = array();
                     foreach ($certData['issuer'] as $key => $value) {
                         array_unshift($parts, "{$key}={$value}");
                     }
                     $issuerName = implode(', ', $parts);
                 } else {
                     $issuerName = $certData['issuer'];
                 }
                 $IssuerSerial = $baseDoc->createElement('IssuerSerial');
                 $Cert->appendChild($IssuerSerial);
                 $x509Node = $baseDoc->createElement('X509IssuerName', $issuerName);
                 $x509NodeAttr = $baseDoc->createAttribute('xmlns');
                 $x509NodeAttr->value = 'http://www.w3.org/2000/09/xmldsig#';
                 $x509Node->appendChild($x509NodeAttr);
                 $IssuerSerial->appendChild($x509Node);
                 $x509Node = $baseDoc->createElement('X509SerialNumber', $certData['serialNumber']);
                 $x509NodeAttr = $baseDoc->createAttribute('xmlns');
                 $x509NodeAttr->value = 'http://www.w3.org/2000/09/xmldsig#';
                 $x509Node->appendChild($x509NodeAttr);
                 $IssuerSerial->appendChild($x509Node);
             }
         }
     }
     $SignaturePolicyIdentifier = $baseDoc->createElement('SignaturePolicyIdentifier');
     $SignedSignatureProperties->appendChild($SignaturePolicyIdentifier);
     $SignaturePolicyImplied = $baseDoc->createElement('SignaturePolicyImplied');
     $SignaturePolicyIdentifier->appendChild($SignaturePolicyImplied);
     return $SignedProps;
 }
开发者ID:malamalca,项目名称:lil-documents,代码行数:75,代码来源:xmlseclibs_bes3.php


注:本文中的XMLSecurityDSig类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。