当前位置: 首页>>代码示例>>PHP>>正文


PHP XMLSecurityKey::getAlgorith方法代码示例

本文整理汇总了PHP中XMLSecurityKey::getAlgorith方法的典型用法代码示例。如果您正苦于以下问题:PHP XMLSecurityKey::getAlgorith方法的具体用法?PHP XMLSecurityKey::getAlgorith怎么用?PHP XMLSecurityKey::getAlgorith使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在XMLSecurityKey的用法示例。


在下文中一共展示了XMLSecurityKey::getAlgorith方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: encryptNode

 /**
  * Encrypt the selected node with the given key.
  *
  * @param XMLSecurityKey $objKey  The encryption key and algorithm.
  * @param bool           $replace Whether the encrypted node should be replaced in the original tree. Default is TRUE.
  * @throws Exception
  * @return DOMElement  The <xenc:EncryptedData>-element.
  */
 public function encryptNode($objKey, $replace = TRUE)
 {
     $data = '';
     if (empty($this->rawNode)) {
         throw new Exception('Node to encrypt has not been set');
     }
     if (!$objKey instanceof XMLSecurityKey) {
         throw new Exception('Invalid Key');
     }
     $doc = $this->rawNode->ownerDocument;
     $xPath = new DOMXPath($this->encdoc);
     $objList = $xPath->query('/xenc:EncryptedData/xenc:CipherData/xenc:CipherValue');
     $cipherValue = $objList->item(0);
     if ($cipherValue == NULL) {
         throw new Exception('Error locating CipherValue element within template');
     }
     switch ($this->type) {
         case DBSeller_Helper_Xml_Security_XMLSecEnc::Element:
             $data = $doc->saveXML($this->rawNode);
             $this->encdoc->documentElement->setAttribute('Type', DBSeller_Helper_Xml_Security_XMLSecEnc::Element);
             break;
         case DBSeller_Helper_Xml_Security_XMLSecEnc::Content:
             $children = $this->rawNode->childNodes;
             foreach ($children as $child) {
                 $data .= $doc->saveXML($child);
             }
             $this->encdoc->documentElement->setAttribute('Type', DBSeller_Helper_Xml_Security_XMLSecEnc::Content);
             break;
         default:
             throw new Exception('Type is currently not supported');
             return;
     }
     $encMethod = $this->encdoc->documentElement->appendChild($this->encdoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecEnc::XMLENCNS, 'xenc:EncryptionMethod'));
     $encMethod->setAttribute('Algorithm', $objKey->getAlgorith());
     $cipherValue->parentNode->parentNode->insertBefore($encMethod, $cipherValue->parentNode->parentNode->firstChild);
     $strEncrypt = base64_encode($objKey->encryptData($data));
     $value = $this->encdoc->createTextNode($strEncrypt);
     $cipherValue->appendChild($value);
     if ($replace) {
         switch ($this->type) {
             case DBSeller_Helper_Xml_Security_XMLSecEnc::Element:
                 if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) {
                     return $this->encdoc;
                 }
                 $importEnc = $this->rawNode->ownerDocument->importNode($this->encdoc->documentElement, TRUE);
                 $this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode);
                 return $importEnc;
                 break;
             case DBSeller_Helper_Xml_Security_XMLSecEnc::Content:
                 $importEnc = $this->rawNode->ownerDocument->importNode($this->encdoc->documentElement, TRUE);
                 while ($this->rawNode->firstChild) {
                     $this->rawNode->removeChild($this->rawNode->firstChild);
                 }
                 $this->rawNode->appendChild($importEnc);
                 return $importEnc;
                 break;
         }
     } else {
         return $this->encdoc->documentElement;
     }
 }
开发者ID:arendasistemasintegrados,项目名称:mateusleme,代码行数:69,代码来源:XMLSecEnc.php

示例2: decryptElement

 /**
  * Decrypts an encrypted element.
  *
  * @param DOMElement     $encryptedData The encrypted data.
  * @param XMLSecurityKey $inputKey      The decryption key.
  *
  * @return DOMElement  The decrypted element.
  */
 public static function decryptElement(DOMElement $encryptedData, XMLSecurityKey $inputKey)
 {
     $enc = new XMLSecEnc();
     $enc->setNode($encryptedData);
     $enc->type = $encryptedData->getAttribute("Type");
     $symmetricKey = $enc->locateKey($encryptedData);
     if (!$symmetricKey) {
         throw new Exception('Could not locate key algorithm in encrypted data.');
     }
     $symmetricKeyInfo = $enc->locateKeyInfo($symmetricKey);
     if (!$symmetricKeyInfo) {
         throw new Exception('Could not locate <dsig:KeyInfo> for the encrypted key.');
     }
     $inputKeyAlgo = $inputKey->getAlgorith();
     if ($symmetricKeyInfo->isEncrypted) {
         $symKeyInfoAlgo = $symmetricKeyInfo->getAlgorith();
         if ($symKeyInfoAlgo === XMLSecurityKey::RSA_OAEP_MGF1P && $inputKeyAlgo === XMLSecurityKey::RSA_1_5) {
             $inputKeyAlgo = XMLSecurityKey::RSA_OAEP_MGF1P;
         }
         if ($inputKeyAlgo !== $symKeyInfoAlgo) {
             throw new Exception('Algorithm mismatch between input key and key used to encrypt ' . ' the symmetric key for the message. Key was: ' . var_export($inputKeyAlgo, true) . '; message was: ' . var_export($symKeyInfoAlgo, true));
         }
         $encKey = $symmetricKeyInfo->encryptedCtx;
         $symmetricKeyInfo->key = $inputKey->key;
         $keySize = $symmetricKey->getSymmetricKeySize();
         if ($keySize === null) {
             // To protect against "key oracle" attacks
             throw new Exception('Unknown key size for encryption algorithm: ' . var_export($symmetricKey->type, true));
         }
         $key = $encKey->decryptKey($symmetricKeyInfo);
         if (strlen($key) != $keySize) {
             $encryptedKey = $encKey->getCipherValue();
             $pkey = openssl_pkey_get_details($symmetricKeyInfo->key);
             $pkey = sha1(serialize($pkey), true);
             $key = sha1($encryptedKey . $pkey, true);
             /* Make sure that the key has the correct length. */
             if (strlen($key) > $keySize) {
                 $key = substr($key, 0, $keySize);
             } elseif (strlen($key) < $keySize) {
                 $key = str_pad($key, $keySize);
             }
         }
         $symmetricKey->loadkey($key);
     } else {
         $symKeyAlgo = $symmetricKey->getAlgorith();
         if ($inputKeyAlgo !== $symKeyAlgo) {
             throw new Exception('Algorithm mismatch between input key and key in message. ' . 'Key was: ' . var_export($inputKeyAlgo, true) . '; message was: ' . var_export($symKeyAlgo, true));
         }
         $symmetricKey = $inputKey;
     }
     $decrypted = $enc->decryptNode($symmetricKey, false);
     $xml = '<root xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">' . $decrypted . '</root>';
     $newDoc = new DOMDocument();
     $newDoc->preserveWhiteSpace = false;
     $newDoc->formatOutput = true;
     $newDoc = self::loadXML($newDoc, $xml);
     if (!$newDoc) {
         throw new Exception('Failed to parse decrypted XML.');
     }
     $decryptedElement = $newDoc->firstChild->firstChild;
     if ($decryptedElement === null) {
         throw new Exception('Missing encrypted element.');
     }
     return $decryptedElement;
 }
开发者ID:faxe-kommune,项目名称:OS2loop,代码行数:73,代码来源:Utils.php

示例3: decryptElement

 /**
  * Decrypts an encrypted element.
  *
  * @param DOMElement     $encryptedData The encrypted data.
  * @param XMLSecurityKey $inputKey      The decryption key.
  *
  * @return DOMElement  The decrypted element.
  */
 public static function decryptElement(DOMElement $encryptedData, XMLSecurityKey $inputKey)
 {
     $enc = new XMLSecEnc();
     $enc->setNode($encryptedData);
     $enc->type = $encryptedData->getAttribute("Type");
     $symmetricKey = $enc->locateKey($encryptedData);
     if (!$symmetricKey) {
         throw new Exception('Could not locate key algorithm in encrypted data.');
     }
     $symmetricKeyInfo = $enc->locateKeyInfo($symmetricKey);
     if (!$symmetricKeyInfo) {
         throw new Exception('Could not locate <dsig:KeyInfo> for the encrypted key.');
     }
     $inputKeyAlgo = $inputKey->getAlgorith();
     if ($symmetricKeyInfo->isEncrypted) {
         $symKeyInfoAlgo = $symmetricKeyInfo->getAlgorith();
         if ($symKeyInfoAlgo === XMLSecurityKey::RSA_OAEP_MGF1P && $inputKeyAlgo === XMLSecurityKey::RSA_1_5) {
             $inputKeyAlgo = XMLSecurityKey::RSA_OAEP_MGF1P;
         }
         if ($inputKeyAlgo !== $symKeyInfoAlgo) {
             throw new Exception('Algorithm mismatch between input key and key used to encrypt ' . ' the symmetric key for the message. Key was: ' . var_export($inputKeyAlgo, true) . '; message was: ' . var_export($symKeyInfoAlgo, true));
         }
         $encKey = $symmetricKeyInfo->encryptedCtx;
         $symmetricKeyInfo->key = $inputKey->key;
         $key = $encKey->decryptKey($symmetricKeyInfo);
         $symmetricKey->loadkey($key);
     } else {
         $symKeyAlgo = $symmetricKey->getAlgorith();
         if ($inputKeyAlgo !== $symKeyAlgo) {
             throw new Exception('Algorithm mismatch between input key and key in message. ' . 'Key was: ' . var_export($inputKeyAlgo, true) . '; message was: ' . var_export($symKeyAlgo, true));
         }
         $symmetricKey = $inputKey;
     }
     $decrypted = $enc->decryptNode($symmetricKey, false);
     $xml = '<root xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">' . $decrypted . '</root>';
     $newDoc = new DOMDocument();
     $newDoc = self::loadXML($newDoc, $xml);
     if (!$newDoc) {
         throw new Exception('Failed to parse decrypted XML. Maybe the wrong sharedkey was used?');
     }
     $decryptedElement = $newDoc->firstChild->firstChild;
     if ($decryptedElement === null) {
         throw new Exception('Missing encrypted element.');
     }
     return $decryptedElement;
 }
开发者ID:bloveing,项目名称:openulteo,代码行数:54,代码来源:Utils.php

示例4: doDecryptElement

 /**
  * Decrypt an encrypted element.
  *
  * This is an internal helper function.
  *
  * @param  DOMElement     $encryptedData The encrypted data.
  * @param  XMLSecurityKey $inputKey      The decryption key.
  * @param  array          &$blacklist    Blacklisted decryption algorithms.
  * @return DOMElement     The decrypted element.
  * @throws Exception
  */
 private static function doDecryptElement(DOMElement $encryptedData, XMLSecurityKey $inputKey, array &$blacklist)
 {
     $enc = new XMLSecEnc();
     $enc->setNode($encryptedData);
     $enc->type = $encryptedData->getAttribute("Type");
     $symmetricKey = $enc->locateKey($encryptedData);
     if (!$symmetricKey) {
         throw new Exception('Could not locate key algorithm in encrypted data.');
     }
     $symmetricKeyInfo = $enc->locateKeyInfo($symmetricKey);
     if (!$symmetricKeyInfo) {
         throw new Exception('Could not locate <dsig:KeyInfo> for the encrypted key.');
     }
     $inputKeyAlgo = $inputKey->getAlgorith();
     if ($symmetricKeyInfo->isEncrypted) {
         $symKeyInfoAlgo = $symmetricKeyInfo->getAlgorith();
         if (in_array($symKeyInfoAlgo, $blacklist, TRUE)) {
             throw new Exception('Algorithm disabled: ' . var_export($symKeyInfoAlgo, TRUE));
         }
         if ($symKeyInfoAlgo === XMLSecurityKey::RSA_OAEP_MGF1P && $inputKeyAlgo === XMLSecurityKey::RSA_1_5) {
             /*
              * The RSA key formats are equal, so loading an RSA_1_5 key
              * into an RSA_OAEP_MGF1P key can be done without problems.
              * We therefore pretend that the input key is an
              * RSA_OAEP_MGF1P key.
              */
             $inputKeyAlgo = XMLSecurityKey::RSA_OAEP_MGF1P;
         }
         /* Make sure that the input key format is the same as the one used to encrypt the key. */
         if ($inputKeyAlgo !== $symKeyInfoAlgo) {
             throw new Exception('Algorithm mismatch between input key and key used to encrypt ' . ' the symmetric key for the message. Key was: ' . var_export($inputKeyAlgo, TRUE) . '; message was: ' . var_export($symKeyInfoAlgo, TRUE));
         }
         /** @var XMLSecEnc $encKey */
         $encKey = $symmetricKeyInfo->encryptedCtx;
         $symmetricKeyInfo->key = $inputKey->key;
         $keySize = $symmetricKey->getSymmetricKeySize();
         if ($keySize === NULL) {
             /* To protect against "key oracle" attacks, we need to be able to create a
              * symmetric key, and for that we need to know the key size.
              */
             throw new Exception('Unknown key size for encryption algorithm: ' . var_export($symmetricKey->type, TRUE));
         }
         try {
             $key = $encKey->decryptKey($symmetricKeyInfo);
             if (strlen($key) != $keySize) {
                 throw new Exception('Unexpected key size (' . strlen($key) * 8 . 'bits) for encryption algorithm: ' . var_export($symmetricKey->type, TRUE));
             }
         } catch (Exception $e) {
             /* We failed to decrypt this key. Log it, and substitute a "random" key. */
             SAML2_Utils::getContainer()->getLogger()->error('Failed to decrypt symmetric key: ' . $e->getMessage());
             /* Create a replacement key, so that it looks like we fail in the same way as if the key was correctly padded. */
             /* We base the symmetric key on the encrypted key and private key, so that we always behave the
              * same way for a given input key.
              */
             $encryptedKey = $encKey->getCipherValue();
             $pkey = openssl_pkey_get_details($symmetricKeyInfo->key);
             $pkey = sha1(serialize($pkey), TRUE);
             $key = sha1($encryptedKey . $pkey, TRUE);
             /* Make sure that the key has the correct length. */
             if (strlen($key) > $keySize) {
                 $key = substr($key, 0, $keySize);
             } elseif (strlen($key) < $keySize) {
                 $key = str_pad($key, $keySize);
             }
         }
         $symmetricKey->loadkey($key);
     } else {
         $symKeyAlgo = $symmetricKey->getAlgorith();
         /* Make sure that the input key has the correct format. */
         if ($inputKeyAlgo !== $symKeyAlgo) {
             throw new Exception('Algorithm mismatch between input key and key in message. ' . 'Key was: ' . var_export($inputKeyAlgo, TRUE) . '; message was: ' . var_export($symKeyAlgo, TRUE));
         }
         $symmetricKey = $inputKey;
     }
     $algorithm = $symmetricKey->getAlgorith();
     if (in_array($algorithm, $blacklist, TRUE)) {
         throw new Exception('Algorithm disabled: ' . var_export($algorithm, TRUE));
     }
     /** @var string $decrypted */
     $decrypted = $enc->decryptNode($symmetricKey, FALSE);
     /*
      * This is a workaround for the case where only a subset of the XML
      * tree was serialized for encryption. In that case, we may miss the
      * namespaces needed to parse the XML.
      */
     $xml = '<root xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ' . 'xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">' . $decrypted . '</root>';
     $newDoc = new DOMDocument();
     if (!@$newDoc->loadXML($xml)) {
         throw new Exception('Failed to parse decrypted XML. Maybe the wrong sharedkey was used?');
//.........这里部分代码省略.........
开发者ID:dutchbridge,项目名称:saml2,代码行数:101,代码来源:Utils.php

示例5: decryptElement

 /**
  * Decrypt an encrypted element.
  *
  * @param DOMElement $encryptedData  The encrypted data.
  * @param XMLSecurityKey $inputKey  The decryption key.
  * @return DOMElement  The decrypted element.
  */
 public static function decryptElement(DOMElement $encryptedData, XMLSecurityKey $inputKey)
 {
     $enc = new XMLSecEnc();
     $enc->setNode($encryptedData);
     $enc->type = $encryptedData->getAttribute("Type");
     $symmetricKey = $enc->locateKey($encryptedData);
     if (!$symmetricKey) {
         throw new Exception('Could not locate key algorithm in encrypted data.');
     }
     $symmetricKeyInfo = $enc->locateKeyInfo($symmetricKey);
     if (!$symmetricKeyInfo) {
         throw new Exception('Could not locate <dsig:KeyInfo> for the encrypted key.');
     }
     $inputKeyAlgo = $inputKey->getAlgorith();
     if ($symmetricKeyInfo->isEncrypted) {
         $symKeyInfoAlgo = $symmetricKeyInfo->getAlgorith();
         if ($symKeyInfoAlgo === XMLSecurityKey::RSA_OAEP_MGF1P && $inputKeyAlgo === XMLSecurityKey::RSA_1_5) {
             /*
              * The RSA key formats are equal, so loading an RSA_1_5 key
              * into an RSA_OAEP_MGF1P key can be done without problems.
              * We therefore pretend that the input key is an
              * RSA_OAEP_MGF1P key.
              */
             $inputKeyAlgo = XMLSecurityKey::RSA_OAEP_MGF1P;
         }
         /* Make sure that the input key format is the same as the one used to encrypt the key. */
         if ($inputKeyAlgo !== $symKeyInfoAlgo) {
             throw new Exception('Algorithm mismatch between input key and key used to encrypt ' . ' the symmetric key for the message. Key was: ' . var_export($inputKeyAlgo, TRUE) . '; message was: ' . var_export($symKeyInfoAlgo, TRUE));
         }
         $encKey = $symmetricKeyInfo->encryptedCtx;
         $symmetricKeyInfo->key = $inputKey->key;
         $key = $encKey->decryptKey($symmetricKeyInfo);
         $symmetricKey->loadkey($key);
     } else {
         $symKeyAlgo = $symmetricKey->getAlgorith();
         /* Make sure that the input key has the correct format. */
         if ($inputKeyAlgo !== $symKeyAlgo) {
             throw new Exception('Algorithm mismatch between input key and key in message. ' . 'Key was: ' . var_export($inputKeyAlgo, TRUE) . '; message was: ' . var_export($symKeyAlgo, TRUE));
         }
         $symmetricKey = $inputKey;
     }
     $decrypted = $enc->decryptNode($symmetricKey, FALSE);
     /*
      * This is a workaround for the case where only a subset of the XML
      * tree was serialized for encryption. In that case, we may miss the
      * namespaces needed to parse the XML.
      */
     $xml = '<root xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">' . $decrypted . '</root>';
     $newDoc = new DOMDocument();
     if (!$newDoc->loadXML($xml)) {
         throw new Exception('Failed to parse decrypted XML. Maybe the wrong sharedkey was used?');
     }
     $decryptedElement = $newDoc->firstChild->firstChild;
     if ($decryptedElement === NULL) {
         throw new Exception('Missing encrypted element.');
     }
     return $decryptedElement;
 }
开发者ID:filonuse,项目名称:fedlab,代码行数:65,代码来源:Utils.php


注:本文中的XMLSecurityKey::getAlgorith方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。