当前位置: 首页>>代码示例>>PHP>>正文


PHP XMLSecurityDSig::setCanonicalMethod方法代码示例

本文整理汇总了PHP中XMLSecurityDSig::setCanonicalMethod方法的典型用法代码示例。如果您正苦于以下问题:PHP XMLSecurityDSig::setCanonicalMethod方法的具体用法?PHP XMLSecurityDSig::setCanonicalMethod怎么用?PHP XMLSecurityDSig::setCanonicalMethod使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在XMLSecurityDSig的用法示例。


在下文中一共展示了XMLSecurityDSig::setCanonicalMethod方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: processDocument

function processDocument()
{
    global $src_file, $target_file, $user_pubkey_file_path, $user_cert_file_path;
    require dirname(__FILE__) . '/xmlseclibs.php';
    if (file_exists($target_file)) {
        unlink($target_file);
    }
    $doc = new DOMDocument();
    $doc->load($src_file);
    $objDSig = new XMLSecurityDSig();
    $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
    $objDSig->addReference($doc, XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'));
    /* gako pribatu bat behar dugu prozesua burutzeko. orain edozein erabiliko dugu. gero txartelekoarekin ordezkatzeko */
    $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
    /* if key has Passphrase, set it using $objKey->passphrase = <passphrase> " */
    $objKey->loadKey(dirname(__FILE__) . '/privkey.pem', TRUE);
    $objDSig->sign($objKey);
    /* Add associated public key */
    // $objDSig->add509Cert(file_get_contents(dirname(__FILE__) . '/mycert.pem'));
    // $objDSig->add509Cert(file_get_contents($user_cert_file_path));
    if (!file_exists($user_cert_file_path)) {
        debug('File not found', $user_cert_file_path);
    } else {
        $objDSig->add509Cert($user_cert_file_path);
    }
    $objDSig->appendSignature($doc->documentElement);
    $doc->save($target_file);
}
开发者ID:Esleelkartea,项目名称:legedia-ESLE,代码行数:28,代码来源:index.php

示例2: getXml

 /**
  * @param \DOMNode $parent
  * @param \AerialShip\LightSaml\Meta\SerializationContext $context
  * @return \DOMNode
  */
 function getXml(\DOMNode $parent, SerializationContext $context)
 {
     $objXMLSecDSig = new \XMLSecurityDSig();
     $objXMLSecDSig->setCanonicalMethod($this->getCanonicalMethod());
     $key = $this->getXmlSecurityKey();
     switch ($key->type) {
         case \XMLSecurityKey::RSA_SHA256:
             $type = \XMLSecurityDSig::SHA256;
             break;
         case \XMLSecurityKey::RSA_SHA384:
             $type = \XMLSecurityDSig::SHA384;
             break;
         case \XMLSecurityKey::RSA_SHA512:
             $type = \XMLSecurityDSig::SHA512;
             break;
         default:
             $type = \XMLSecurityDSig::SHA1;
     }
     $objXMLSecDSig->addReferenceList(array($parent), $type, array(Protocol::XMLSEC_TRANSFORM_ALGORITHM_ENVELOPED_SIGNATURE, \XMLSecurityDSig::EXC_C14N), array('id_name' => $this->getIDName(), 'overwrite' => FALSE));
     $objXMLSecDSig->sign($key);
     $objXMLSecDSig->add509Cert($this->getCertificate()->getData(), false, false);
     $firstChild = $parent->hasChildNodes() ? $parent->firstChild : null;
     if ($firstChild && $firstChild->localName == 'Issuer') {
         // The signature node should come after the issuer node
         $firstChild = $firstChild->nextSibling;
     }
     $objXMLSecDSig->insertSignature($parent, $firstChild);
 }
开发者ID:LearnerNation,项目名称:lightsaml,代码行数:33,代码来源:SignatureCreator.php

示例3: signXML

function signXML($token, $privkey)
{
    $sigdoc = new DOMDocument();
    if (!$sigdoc->loadXML($token)) {
        throw new Exception("Invalid XML!");
    }
    $sigNode = $sigdoc->firstChild;
    $enc = new XMLSecurityDSig();
    $enc->idKeys[] = 'ID';
    $enc->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
    $enc->addReference($sigNode, XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N));
    $key = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private', 'library' => 'openssl'));
    $key->loadKey($privkey, false, false);
    $enc->sign($key);
    $enc->appendSignature($sigNode);
    return $sigdoc->saveXML();
}
开发者ID:GajendraNaidu,项目名称:openam,代码行数:17,代码来源:saml-lib.php

示例4: ADFS_SignResponse

function ADFS_SignResponse($response, $key, $cert)
{
    $objXMLSecDSig = new XMLSecurityDSig();
    $objXMLSecDSig->idKeys = array('AssertionID');
    $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
    $responsedom = new DOMDocument();
    $responsedom->loadXML(str_replace("\r", "", $response));
    $firstassertionroot = $responsedom->getElementsByTagName('Assertion')->item(0);
    $objXMLSecDSig->addReferenceList(array($firstassertionroot), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('id_name' => 'AssertionID'));
    $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
    $objKey->loadKey($key, TRUE);
    $objXMLSecDSig->sign($objKey);
    if ($cert) {
        $public_cert = file_get_contents($cert);
        $objXMLSecDSig->add509Cert($public_cert, TRUE);
    }
    $newSig = $responsedom->importNode($objXMLSecDSig->sigNode, TRUE);
    $firstassertionroot->appendChild($newSig);
    return $responsedom->saveXML();
}
开发者ID:hukumonline,项目名称:yii,代码行数:20,代码来源:prp.php

示例5: signSoapDoc

 public function signSoapDoc($objKey)
 {
     $objDSig = new XMLSecurityDSig();
     $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $arNodes = array();
     foreach ($this->secNode->childNodes as $node) {
         if ($node->nodeType == XML_ELEMENT_NODE) {
             $arNodes[] = $node;
         }
     }
     if ($this->signAllHeaders) {
         foreach ($this->secNode->parentNode->childNodes as $node) {
             if ($node->nodeType == XML_ELEMENT_NODE && $node->namespaceURI != WSSESoap::WSSENS) {
                 $arNodes[] = $node;
             }
         }
     }
     foreach ($this->envelope->childNodes as $node) {
         if ($node->namespaceURI == $this->soapNS && $node->localName == 'Body') {
             $arNodes[] = $node;
             break;
         }
     }
     $arOptions = array('prefix' => WSSESoap::WSUPFX, 'prefix_ns' => WSSESoap::WSUNS);
     $objDSig->addReferenceList($arNodes, XMLSecurityDSig::SHA1, NULL, $arOptions);
     $objDSig->sign($objKey);
     $objDSig->appendSignature($this->secNode, TRUE);
 }
开发者ID:aenetworks,项目名称:exacttarget,代码行数:28,代码来源:soap-wsse.php

示例6: insertSignature

 /**
  * Insert a Signature-node.
  *
  * @param XMLSecurityKey $key           The key we should use to sign the message.
  * @param array          $certificates  The certificates we should add to the signature node.
  * @param DOMElement     $root          The XML node we should sign.
  * @param DOMNode        $insertBefore  The XML element we should insert the signature element before.
  */
 public static function insertSignature(XMLSecurityKey $key, array $certificates, DOMElement $root, DOMNode $insertBefore = NULL)
 {
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     switch ($key->type) {
         case XMLSecurityKey::RSA_SHA256:
             $type = XMLSecurityDSig::SHA256;
             break;
         case XMLSecurityKey::RSA_SHA384:
             $type = XMLSecurityDSig::SHA384;
             break;
         case XMLSecurityKey::RSA_SHA512:
             $type = XMLSecurityDSig::SHA512;
             break;
         default:
             $type = XMLSecurityDSig::SHA1;
     }
     $objXMLSecDSig->addReferenceList(array($root), $type, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('id_name' => 'ID', 'overwrite' => FALSE));
     $objXMLSecDSig->sign($key);
     foreach ($certificates as $certificate) {
         $objXMLSecDSig->add509Cert($certificate, TRUE);
     }
     $objXMLSecDSig->insertSignature($root, $insertBefore);
 }
开发者ID:dutchbridge,项目名称:saml2,代码行数:32,代码来源:Utils.php

示例7: sign

 /**
  * Signs the given metadata if metadata signing is enabled.
  *
  * @param string $metadataString A string with the metadata.
  * @param array  $entityMetadata The metadata of the entity.
  * @param string $type A string which describes the type entity this is, e.g. 'SAML 2 IdP' or 'Shib 1.3 SP'.
  *
  * @return string The $metadataString with the signature embedded.
  * @throws Exception If the certificate or private key cannot be loaded, or the metadata doesn't parse properly.
  */
 public static function sign($metadataString, $entityMetadata, $type)
 {
     $config = SimpleSAML_Configuration::getInstance();
     // check if metadata signing is enabled
     if (!self::isMetadataSigningEnabled($config, $entityMetadata, $type)) {
         return $metadataString;
     }
     // find the key & certificate which should be used to sign the metadata
     $keyCertFiles = self::findKeyCert($config, $entityMetadata, $type);
     $keyFile = \SimpleSAML\Utils\Config::getCertPath($keyCertFiles['privatekey']);
     if (!file_exists($keyFile)) {
         throw new Exception('Could not find private key file [' . $keyFile . '], which is needed to sign the metadata');
     }
     $keyData = file_get_contents($keyFile);
     $certFile = \SimpleSAML\Utils\Config::getCertPath($keyCertFiles['certificate']);
     if (!file_exists($certFile)) {
         throw new Exception('Could not find certificate file [' . $certFile . '], which is needed to sign the metadata');
     }
     $certData = file_get_contents($certFile);
     // convert the metadata to a DOM tree
     try {
         $xml = SAML2_DOMDocumentFactory::fromString($metadataString);
     } catch (Exception $e) {
         throw new Exception('Error parsing self-generated metadata.');
     }
     // load the private key
     $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
     if (array_key_exists('privatekey_pass', $keyCertFiles)) {
         $objKey->passphrase = $keyCertFiles['privatekey_pass'];
     }
     $objKey->loadKey($keyData, false);
     // get the EntityDescriptor node we should sign
     $rootNode = $xml->firstChild;
     // sign the metadata with our private key
     if ($type == 'ADFS IdP') {
         $objXMLSecDSig = new sspmod_adfs_XMLSecurityDSig($metadataString);
     } else {
         $objXMLSecDSig = new XMLSecurityDSig();
     }
     $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $objXMLSecDSig->addReferenceList(array($rootNode), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('id_name' => 'ID'));
     $objXMLSecDSig->sign($objKey);
     // add the certificate to the signature
     $objXMLSecDSig->add509Cert($certData, true);
     // add the signature to the metadata
     $objXMLSecDSig->insertSignature($rootNode, $rootNode->firstChild);
     // return the DOM tree as a string
     return $xml->saveXML();
 }
开发者ID:PitcherAG,项目名称:simplesamlphp,代码行数:59,代码来源:Signer.php

示例8: sign_document

 /**
  * Sign the specified DOMDocument
  *
  * @see https://github.com/Maks3w/xmlseclibs/blob/v1.3.0/tests/xml-sign.phpt
  *
  * @param DOMDocument $document
  * @return DOMDocument
  */
 private function sign_document(DOMDocument $document)
 {
     $result = false;
     try {
         $dsig = new XMLSecurityDSig();
         // For canonicalization purposes the exclusive (9) algorithm must be used.
         // @see http://pronamic.nl/wp-content/uploads/2012/12/iDEAL-Merchant-Integration-Guide-ENG-v3.3.1.pdf #page 30
         $dsig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
         // For hashing purposes the SHA-256 (11) algorithm must be used.
         // @see http://pronamic.nl/wp-content/uploads/2012/12/iDEAL-Merchant-Integration-Guide-ENG-v3.3.1.pdf #page 30
         $dsig->addReference($document, XMLSecurityDSig::SHA256, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'), array('force_uri' => true));
         // For signature purposes the RSAWithSHA 256 (12) algorithm must be used.
         // @see http://pronamic.nl/wp-content/uploads/2012/12/iDEAL-Merchant-Integration-Guide-ENG-v3.3.1.pdf #page 31
         $key = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type' => 'private'));
         $key->passphrase = $this->private_key_password;
         $key->loadKey($this->private_key);
         // Test if we can get an private key object, to prefent the following errors:
         // Warning: openssl_sign() [function.openssl-sign]: supplied key param cannot be coerced into a private key
         $result = openssl_get_privatekey($this->private_key, $this->private_key_password);
         if (false !== $result) {
             // Sign
             $dsig->sign($key);
             // The public key must be referenced using a fingerprint of an X.509
             // certificate. The fingerprint must be calculated according
             // to the following formula HEX(SHA-1(DER certificate)) (13)
             // @see http://pronamic.nl/wp-content/uploads/2012/12/iDEAL-Merchant-Integration-Guide-ENG-v3.3.1.pdf #page 31
             $fingerprint = Pronamic_WP_Pay_Gateways_IDealAdvanced_Security::getShaFingerprint($this->private_certificate);
             $dsig->addKeyInfoAndName($fingerprint);
             // Add the signature
             $dsig->appendSignature($document->documentElement);
             $result = $document;
         } else {
             throw new Exception('Can not load private key');
         }
     } catch (Exception $e) {
         $this->error = new WP_Error('xml_security', $e->getMessage(), $e);
     }
     return $result;
 }
开发者ID:daanbakker1995,项目名称:vanteun,代码行数:47,代码来源:Client.php

示例9: PrepSAMLAssertion

 public static function PrepSAMLAssertion(&$saml_xml_request)
 {
     //
     // Gather inputs needed during assembly of SAML Assertion (e.g., keys, certs, timestamps, IDs_
     //
     $DateTimeNow = new DateTime(null, new DateTimeZone("UTC"));
     $DateTimeNowString = $DateTimeNow->format("Y-m-d\\TH:i:s.B\\Z");
     $DateTime15Min = new DateTime(null, new DateTimeZone("UTC"));
     $DateTime15Min->modify('+900 sec');
     $DateTime15MinString = $DateTime15Min->format("Y-m-d\\TH:i:s.B\\Z");
     $SAMLParams = array();
     $SAMLParams['IssueInstant'] = $DateTimeNowString;
     $SAMLParams['Issuer'] = SAML_IDENTITY_PROVIDER_ID;
     $SAMLParams['ID'] = SimpleSAML_Utilities::generateID();
     $SAMLParams['NameID'] = SAML_NAME_ID;
     $SAMLParams['NotBefore'] = $DateTimeNowString;
     $SAMLParams['NotOnOrAfter'] = $DateTime15MinString;
     $SAMLParams['AuthnInstant'] = $DateTimeNowString;
     $SAMLParams['Audience'] = SAML_IDENTITY_PROVIDER_ID;
     $SAMLParams['x509'] = file_get_contents(SAML_X509_CERT_PATH);
     $SAMLParams['private_key'] = file_get_contents(SAML_X509_PRIVATE_KEY_PATH);
     //
     // Assemble DOM containing correct SAML assertion
     //
     $xml = new DOMDocument('1.0', 'utf-8');
     // Assertion
     $assertion = $xml->createElementNS('urn:oasis:names:tc:SAML:2.0:assertion', 'saml2:Assertion');
     $assertion->setAttribute('ID', $SAMLParams['ID']);
     $assertion->setAttribute('Version', '2.0');
     $assertion->setAttribute('IssueInstant', $SAMLParams['IssueInstant']);
     $xml->appendChild($assertion);
     // Issuer
     $issuer = $xml->createElement('saml2:Issuer', $SAMLParams['Issuer']);
     $assertion->appendChild($issuer);
     // Subject + NameID + SubjectConfirmation
     $subject = $xml->createElement('saml2:Subject');
     $assertion->appendChild($subject);
     // NameID
     $nameid = $xml->createElement('saml2:NameID', $SAMLParams['NameID']);
     $nameid->setAttribute('Format', 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified');
     $subject->appendChild($nameid);
     // SubjectConfirmation
     $confirmation = $xml->createElement('saml2:SubjectConfirmation');
     $confirmation->setAttribute('Method', 'urn:oasis:names:tc:SAML:2.0:cm:bearer');
     $subject->appendChild($confirmation);
     // Conditions + AudienceRestriction + Audience
     $condition = $xml->createElement('saml2:Conditions');
     $condition->setAttribute('NotBefore', $SAMLParams['NotBefore']);
     $condition->setAttribute('NotOnOrAfter', $SAMLParams['NotOnOrAfter']);
     $assertion->appendChild($condition);
     // AudienceRestriction
     $audiencer = $xml->createElement('saml2:AudienceRestriction');
     $condition->appendChild($audiencer);
     // Audience
     $audience = $xml->createElement('saml2:Audience', $SAMLParams['Audience']);
     $audiencer->appendChild($audience);
     // AuthnStatement + AuthnContext + AuthnContextClassRef
     $authnstat = $xml->createElement('saml2:AuthnStatement');
     $authnstat->setAttribute('AuthnInstant', $SAMLParams['AuthnInstant']);
     $authnstat->setAttribute('SessionIndex', $SAMLParams['ID']);
     $assertion->appendChild($authnstat);
     // AuthnContext
     $authncontext = $xml->createElement('saml2:AuthnContext');
     $authnstat->appendChild($authncontext);
     // AuthnContextClassRef
     $authncontext_ref = $xml->createElement('saml2:AuthnContextClassRef', 'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified');
     $authncontext->appendChild($authncontext_ref);
     //Private KEY
     $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
     $objKey->loadKey($SAMLParams['private_key']);
     //Sign the Assertion
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $objXMLSecDSig->addReferenceList(array($assertion), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('URI' => 'ID', 'overwrite' => false, 'id_name' => 'ID'));
     $objXMLSecDSig->sign($objKey);
     $objXMLSecDSig->add509Cert($SAMLParams['x509']);
     $objXMLSecDSig->insertSignature($assertion, $subject);
     $saml = $xml->saveXML();
     //
     // Change Reference URI locally (considered changing 'xmlseclibs.php', but
     // that seemed inappropriate)
     //
     preg_match("/<ds:Reference URI=\"#(.+?)\">/is", $saml, $URI);
     $saml = str_replace("Id=\"" . $URI[1] . "\"", "", $saml);
     $saml = str_replace($URI[1], $SAMLParams["ID"], $saml);
     //
     // Prepare Base64-Encoded SAML Assertion request body based on DOM
     //
     $saml = str_replace('<?xml version="1.0" encoding="utf-8"?>', '', $saml);
     $saml_xml_request = base64_encode(stripslashes($saml));
 }
开发者ID:jdq22,项目名称:phpaggcat,代码行数:91,代码来源:class.aggcatauth.php

示例10: sign

 /**
  * Signs the given metadata if metadata signing is enabled.
  *
  * @param $metadataString  A string with the metadata.
  * @param $entityMetadata  The metadata of the entity.
  * @param $type A string which describes the type entity this is, e.g. 'SAML 2 IdP' or 'Shib 1.3 SP'.
  * @return The $metadataString with the signature embedded.
  */
 public static function sign($metadataString, $entityMetadata, $type)
 {
     $config = SimpleSAML_Configuration::getInstance();
     /* Check if metadata signing is enabled. */
     if (!self::isMetadataSigningEnabled($config, $entityMetadata, $type)) {
         return $metadataString;
     }
     /* Find the key & certificate which should be used to sign the metadata. */
     $keyCertFiles = self::findKeyCert($config, $entityMetadata, $type);
     $keyFile = $config->getPathValue('certdir', 'cert/') . $keyCertFiles['privatekey'];
     if (!file_exists($keyFile)) {
         throw new Exception('Could not find private key file [' . $keyFile . '], which is needed to sign the metadata');
     }
     $keyData = file_get_contents($keyFile);
     $certFile = $config->getPathValue('certdir', 'cert/') . $keyCertFiles['certificate'];
     if (!file_exists($certFile)) {
         throw new Exception('Could not find certificate file [' . $certFile . '], which is needed to sign the metadata');
     }
     $certData = file_get_contents($certFile);
     /* Convert the metadata to a DOM tree. */
     $xml = new DOMDocument();
     if (!$xml->loadXML($metadataString)) {
         throw new Exception('Error parsing self-generated metadata.');
     }
     /* Load the private key. */
     $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
     if (array_key_exists('privatekey_pass', $keyCertFiles)) {
         $objKey->passphrase = $keyCertFiles['privatekey_pass'];
     }
     $objKey->loadKey($keyData, FALSE);
     /* Get the EntityDescriptor node we should sign. */
     $rootNode = $xml->firstChild;
     /* Sign the metadata with our private key. */
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $objXMLSecDSig->addReferenceList(array($rootNode), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('id_name' => 'ID'));
     $objXMLSecDSig->sign($objKey);
     /* Add the certificate to the signature. */
     $objXMLSecDSig->add509Cert($certData, true);
     /* Add the signature to the metadata. */
     $objXMLSecDSig->insertSignature($rootNode, $rootNode->firstChild);
     /* Return the DOM tree as a string. */
     return $xml->saveXML();
 }
开发者ID:hukumonline,项目名称:yii,代码行数:52,代码来源:Signer.php

示例11: insertSignature

 /**
  * Insert a Signature-node.
  *
  * @param XMLSecurityKey $key  The key we should use to sign the message.
  * @param array $certificates  The certificates we should add to the signature node.
  * @param DOMElement $root  The XML node we should sign.
  * @param DomElement $insertBefore  The XML element we should insert the signature element before.
  */
 public static function insertSignature(XMLSecurityKey $key, array $certificates, DOMElement $root, DOMNode $insertBefore = NULL)
 {
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $objXMLSecDSig->addReferenceList(array($root), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('id_name' => 'ID'));
     $objXMLSecDSig->sign($key);
     foreach ($certificates as $certificate) {
         $objXMLSecDSig->add509Cert($certificate, TRUE);
     }
     $objXMLSecDSig->insertSignature($root, $insertBefore);
 }
开发者ID:filonuse,项目名称:fedlab,代码行数:19,代码来源:Utils.php

示例12: sign

 /**
  * Signs the given DOMElement and inserts the signature at the given position.
  *
  * The private key must be set before calling this function.
  *
  * @param $node  The DOMElement we should generate a signature for.
  * @param $insertInto  The DOMElement we should insert the signature element into.
  * @param $insertBefore  The element we should insert the signature element before. Defaults to NULL,
  *                       in which case the signature will be appended to the element spesified in
  *                       $insertInto.
  */
 public function sign($node, $insertInto, $insertBefore = NULL)
 {
     assert('$node instanceof DOMElement');
     assert('$insertInto instanceof DOMElement');
     assert('is_null($insertBefore) || $insertBefore instanceof DOMElement ' . '|| $insertBefore instanceof DOMComment || $insertBefore instanceof DOMText');
     if ($this->privateKey === FALSE) {
         throw new Exception('Private key not set.');
     }
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $options = array();
     if ($this->idAttrName !== FALSE) {
         $options['id_name'] = $this->idAttrName;
     }
     $objXMLSecDSig->addReferenceList(array($node), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), $options);
     $objXMLSecDSig->sign($this->privateKey);
     if ($this->certificate !== FALSE) {
         // Add the certificate to the signature
         $objXMLSecDSig->add509Cert($this->certificate, TRUE);
     }
     // Add extra certificates
     foreach ($this->extraCertificates as $certificate) {
         $objXMLSecDSig->add509Cert($certificate, TRUE);
     }
     $objXMLSecDSig->insertSignature($insertInto, $insertBefore);
 }
开发者ID:palantirnet,项目名称:simplesamlphp,代码行数:37,代码来源:Signer.php

示例13: unlink

 $openssl = sfConfig::get("app_bin_openssl", "openssl");
 file_put_contents($user_cert_file_path, $_SERVER['SSL_CLIENT_CERT']);
 $output = shell_exec($openssl . ' x509 -inform pem -in ' . $user_cert_file_path . ' -pubkey -noout > ' . $user_pubkey_file_path);
 if ($yafirmado) {
     $src = file_get_contents($target_file);
     $src = preg_replace('/<ds:SignatureValue>[^<]*<\\/ds:SignatureValue>/i', '<ds:SignatureValue>' . $sinatuta . '</ds:SignatureValue>', $src);
     file_put_contents($target_file, $src);
     $xml = file_get_contents($target_file);
 } else {
     if (file_exists($target_file)) {
         unlink($target_file);
     }
     $doc = new DOMDocument();
     $doc->load($dir);
     $objDSig = new XMLSecurityDSig();
     $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $objDSig->addReference($doc, XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'));
     /* gako pribatu bat behar dugu prozesua burutzeko. orain edozein erabiliko dugu. gero txartelekoarekin ordezkatzeko */
     $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
     /* if key has Passphrase, set it using $objKey->passphrase = <passphrase> " */
     $objKey->loadKey(dirname(__FILE__) . '/privkey.pem', TRUE);
     $objDSig->sign($objKey);
     /* Add associated public key */
     // $objDSig->add509Cert(file_get_contents(dirname(__FILE__) . '/mycert.pem'));
     // $objDSig->add509Cert(file_get_contents($user_cert_file_path));
     if (!file_exists($user_cert_file_path)) {
         die('File not found : ' . $user_cert_file_path);
     } else {
         $objDSig->add509Cert($user_cert_file_path);
     }
     $objDSig->appendSignature($doc->documentElement);
开发者ID:Esleelkartea,项目名称:legedia-ESLE,代码行数:31,代码来源:enviarSuccess.php

示例14: addSign

 /**
  * Adds signature key and senders certificate to an element (Message or Assertion).
  *
  * @param string|DomDocument $xml  The element we should sign
  * @param string             $key  The private key
  * @param string             $cert The public
  */
 public static function addSign($xml, $key, $cert)
 {
     if ($xml instanceof DOMDocument) {
         $dom = $xml;
     } else {
         $dom = new DOMDocument();
         $dom = self::loadXML($dom, $xml);
         if (!$dom) {
             throw new Exception('Error parsing xml string');
         }
     }
     /* Load the private key. */
     $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
     $objKey->loadKey($key, false);
     /* Get the EntityDescriptor node we should sign. */
     $rootNode = $dom->firstChild;
     /* Sign the metadata with our private key. */
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $objXMLSecDSig->addReferenceList(array($rootNode), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('id_name' => 'ID'));
     $objXMLSecDSig->sign($objKey);
     /* Add the certificate to the signature. */
     $objXMLSecDSig->add509Cert($cert, true);
     $insertBefore = $rootNode->firstChild;
     $messageTypes = array('samlp:AuthnRequest', 'samlp:Response', 'samlp:LogoutRequest', 'samlp:LogoutResponse');
     if (in_array($rootNode->tagName, $messageTypes)) {
         $issuerNodes = self::query($dom, '/' . $rootNode->tagName . '/saml:Issuer');
         if ($issuerNodes->length == 1) {
             $insertBefore = $issuerNodes->item(0)->nextSibling;
         }
     }
     /* Add the signature. */
     $objXMLSecDSig->insertSignature($rootNode, $insertBefore);
     /* Return the DOM tree as a string. */
     $signedxml = $dom->saveXML();
     return $signedxml;
 }
开发者ID:faxe-kommune,项目名称:OS2loop,代码行数:44,代码来源:Utils.php

示例15: testXmlSign

 /**
  * @dataProvider testXmlSignProvider
  * @throws \Exception
  */
 public function testXmlSign($dsigAlgorithm, $keyType, $expectedFileName)
 {
     $doc = new \DOMDocument();
     $doc->load(dirname(__FILE__) . '/../basic-doc.xml');
     $objDSig = new XMLSecurityDSig();
     $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $objDSig->addReference($doc, $dsigAlgorithm, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'));
     $objKey = new XMLSecurityKey($keyType, array('type' => 'private'));
     /* load private key */
     $objKey->loadKey(dirname(__FILE__) . '/../privkey.pem', true);
     /* if key has Passphrase, set it using $objKey->passphrase = <passphrase> " */
     $objDSig->sign($objKey);
     /* Add associated public key */
     $objDSig->add509Cert(file_get_contents(dirname(__FILE__) . '/../mycert.pem'));
     $objDSig->appendSignature($doc->documentElement);
     $sign_output = $doc->saveXML();
     $sign_output_def = file_get_contents($expectedFileName);
     $this->assertEquals($sign_output_def, $sign_output, "Signature doesn't match");
 }
开发者ID:ddvzwzjm,项目名称:xmlseclibs,代码行数:23,代码来源:XmlSecurityDsigTest.php


注:本文中的XMLSecurityDSig::setCanonicalMethod方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。