/** * Creates a new EncryptedKey node and appends it to the given node. * * @param string $guid Unique id/if null wrap in ds:KeyInfo * @param Key $keyToBeEncrypted Key that should be encrypted * @param Key $keyForEncryption Key to use for encryption * @param DOMNode $appendTo Node where encrypted key should be appended * @param DOMNode $insertBefore Encrypted key should be inserted before this node * @param DOMElement $keyInfo KeyInfo element * * @return DOMElement */ public static function createEncryptedKey($guid, Key $keyToBeEncrypted, Key $keyForEncryption, DOMNode $appendTo, DOMNode $insertBefore = null, DOMElement $keyInfo = null) { $doc = $appendTo->ownerDocument; $encryptedKey = $doc->createElementNS(self::NS_XMLENC, self::PFX_XMLENC . ':EncryptedKey'); if (null === $guid) { $wrappedKeyInfo = $doc->createElementNS(DSig::NS_XMLDSIG, DSig::PFX_XMLDSIG . ':KeyInfo'); $wrappedKeyInfo->appendChild($encryptedKey); if (!is_null($insertBefore)) { $appendTo->insertBefore($wrappedKeyInfo, $insertBefore); } else { $appendTo->appendChild($wrappedKeyInfo); } } else { $encryptedKey->setAttribute('Id', $guid); if (!is_null($insertBefore)) { $appendTo->insertBefore($encryptedKey, $insertBefore); } else { $appendTo->appendChild($encryptedKey); } } $encryptionMethod = $doc->createElementNS(self::NS_XMLENC, self::PFX_XMLENC . ':EncryptionMethod'); $encryptionMethod->setAttribute('Algorithm', $keyForEncryption->getAlgorithm()); $encryptedKey->appendChild($encryptionMethod); if (!is_null($keyInfo)) { $encryptedKey->appendChild($keyInfo); } $cipherData = $doc->createElementNS(self::NS_XMLENC, self::PFX_XMLENC . ':CipherData'); $encryptedKey->appendChild($cipherData); $encryptedKeyString = base64_encode($keyForEncryption->encryptData($keyToBeEncrypted->getKey())); $cipherValue = $doc->createElementNS(self::NS_XMLENC, self::PFX_XMLENC . ':CipherValue', $encryptedKeyString); $cipherData->appendChild($cipherValue); return $encryptedKey; }