/**
* Creates a new EncryptedKey node and appends it to the given node.
*
* @param string $guid Unique id/if null wrap in ds:KeyInfo
* @param Key $keyToBeEncrypted Key that should be encrypted
* @param Key $keyForEncryption Key to use for encryption
* @param DOMNode $appendTo Node where encrypted key should be appended
* @param DOMNode $insertBefore Encrypted key should be inserted before this node
* @param DOMElement $keyInfo KeyInfo element
*
* @return DOMElement
*/
public static function createEncryptedKey($guid, Key $keyToBeEncrypted, Key $keyForEncryption, DOMNode $appendTo, DOMNode $insertBefore = null, DOMElement $keyInfo = null)
{
$doc = $appendTo->ownerDocument;
$encryptedKey = $doc->createElementNS(self::NS_XMLENC, self::PFX_XMLENC . ':EncryptedKey');
if (null === $guid) {
$wrappedKeyInfo = $doc->createElementNS(DSig::NS_XMLDSIG, DSig::PFX_XMLDSIG . ':KeyInfo');
$wrappedKeyInfo->appendChild($encryptedKey);
if (!is_null($insertBefore)) {
$appendTo->insertBefore($wrappedKeyInfo, $insertBefore);
} else {
$appendTo->appendChild($wrappedKeyInfo);
}
} else {
$encryptedKey->setAttribute('Id', $guid);
if (!is_null($insertBefore)) {
$appendTo->insertBefore($encryptedKey, $insertBefore);
} else {
$appendTo->appendChild($encryptedKey);
}
}
$encryptionMethod = $doc->createElementNS(self::NS_XMLENC, self::PFX_XMLENC . ':EncryptionMethod');
$encryptionMethod->setAttribute('Algorithm', $keyForEncryption->getAlgorithm());
$encryptedKey->appendChild($encryptionMethod);
if (!is_null($keyInfo)) {
$encryptedKey->appendChild($keyInfo);
}
$cipherData = $doc->createElementNS(self::NS_XMLENC, self::PFX_XMLENC . ':CipherData');
$encryptedKey->appendChild($cipherData);
$encryptedKeyString = base64_encode($keyForEncryption->encryptData($keyToBeEncrypted->getKey()));
$cipherValue = $doc->createElementNS(self::NS_XMLENC, self::PFX_XMLENC . ':CipherValue', $encryptedKeyString);
$cipherData->appendChild($cipherValue);
return $encryptedKey;
}
