protected static function retrieveMetadata($mdspec)
 {
     $type = 'public';
     $format = 'xml';
     if (is_array($mdspec)) {
         $type = 'private';
         $format = 'array';
     } elseif (preg_match("/^(private|public|remote):(xml|php|json|array):(.*)/", $mdspec, $dollar)) {
         list($dummy, $type, $format, $source) = $dollar;
     }
     print "Importing {$mdspec}\n";
     switch ($format) {
         case 'xml':
             $res = Corto_XmlToArray::xml2array(file_get_contents($source), true);
             break;
         case 'php':
             // the included file must return an array
             $res = (include $source);
             break;
         case 'json':
             $res = json_decode(file_get_contents($source), 1);
             break;
         case 'array':
             $res = $mdspec;
             break;
     }
     return array($type, $res);
 }
 /**
  * Handle sending response by artifact
  *
  * @return void
  */
 public function artifactResolutionService()
 {
     $postData = Corto_XmlToArray::xml2array(file_get_contents("php://input"));
     $artifact = $postData['SOAP-ENV:Body']['samlp:ArtifactResolve']['saml:Artifact']['__v'];
     $this->_server->restartSession(sha1($artifact), 'artifact');
     $message = $_SESSION['message'];
     session_destroy();
     $element = $message['__t'];
     $artifactResponse = array('samlp:ArtifactResponse' => array('xmlns:samlp' => 'urn:oasis:names:tc:SAML:2.0:protocol', 'xmlns:saml' => 'urn:oasis:names:tc:SAML:2.0:assertion', 'ID' => $this->_server->getNewId(), 'Version' => '2.0', 'IssueInstant' => $this->_server->timeStamp(), 'InResponseTo' => $postData['SOAP-ENV:Body']['samlp:ArtifactResolve']['_ID'], 'saml:Issuer' => array('__v' => $this->_server->getCurrentMD('entityID')), $element => $message));
     $this->_server->getBindingsModule()->_soapResponse($artifactResponse);
 }
<?php

/**
 * Created by PhpStorm.
 * User: freek
 * Date: Nov 24, 2010
 * Time: 5:05:45 PM
 * To change this template use File | Settings | File Templates.
 */
include "../library/Corto/XmlToArray.php";
if ($xml = $_POST['msg']) {
    $xml = stripslashes($xml);
    $element = Corto_XmlToArray::xml2array($xml);
    print "<pre>";
    print_r($element);
    $signatureValue = base64_decode($element['ds:Signature']['ds:SignatureValue']['__v']);
    $digestValue = $element['ds:Signature']['ds:SignedInfo']['ds:Reference'][0]['ds:DigestValue']['__v'];
    $certificate = $element['ds:Signature']['ds:KeyInfo']['ds:X509Data']['ds:X509Certificate']['__v'];
    $publicKey = "-----BEGIN CERTIFICATE-----\n" . chunk_split($certificate, 64) . "-----END CERTIFICATE-----";
    #print_r($publicKey);
    $document = DOMDocument::loadXML($xml);
    $xp = new DomXPath($document);
    $xp->registerNamespace('ds', 'http://www.w3.org/2000/09/xmldsig#');
    $id = $element['_ID'];
    $signedElement = $xp->query("//*[@ID = '{$id}']")->item(0);
    $signature = $xp->query(".//ds:Signature", $signedElement)->item(0);
    $signedInfo = $xp->query(".//ds:SignedInfo", $signature)->item(0)->C14N(true, false);
    $signature->parentNode->removeChild($signature);
    $canonicalXml = $signedElement->C14N(true, false);
    print_r(htmlspecialchars($xml));
    print "\n";
 /**
  * Send a soap request and return the resulting response without
  * the enclosing soap envelope.
  *
  * @param  $soapServiceUrl
  * @param  $body
  * @return
  */
 protected function _soapRequest($soapServiceUrl, $body)
 {
     $soapEnvelope = array('__t' => 'SOAP-ENV:Envelope', '_xmlns:SOAP-ENV' => "http://schemas.xmlsoap.org/soap/envelope/", 'SOAP-ENV:Body' => array($body['__t'] => $body));
     $curlOptions = array(CURLOPT_URL => $soapServiceUrl, CURLOPT_HTTPHEADER => array('SOAPAction: ""'), CURLOPT_RETURNTRANSFER => 1, CURLOPT_SSL_VERIFYPEER => FALSE, CURLOPT_POSTFIELDS => Corto_XmlToArray::array2xml($soapEnvelope), CURLOPT_HEADER => 0);
     $curlHandler = curl_init();
     curl_setopt_array($curlHandler, $curlOptions);
     $curlResult = curl_exec($curlHandler);
     $soapResponse = Corto_XmlToArray::xml2array($curlResult);
     return $soapResponse['SOAP-ENV:Body'];
 }
 /**
  * Decrypt an xml fragment.
  *
  * @param resource $privateKey OpenSSL private key for Corto to get the symmetric key.
  * @param array $element Array representation of an xml fragment
  * @param Bool $returnAsXML If true, the method returns an xml string.
  *                          If false (default), it returns an array 
  *                          representation of the xml fragment.
  * @return String|Array The decrypted element (as an array or string 
  *                      depending on the returnAsXml parameter.
  */
 protected function _decryptElement($privateKey, $element, $returnAsXML = false)
 {
     if (!isset($element['xenc:EncryptedData']['ds:KeyInfo']['xenc:EncryptedKey'][0]['xenc:CipherData'][0]['xenc:CipherValue'][0]['__v'])) {
         throw new Corto_Module_Bindings_Exception("XML Encryption: No encrypted key found?");
     }
     if (!isset($element['xenc:EncryptedData']['xenc:CipherData'][0]['xenc:CipherValue'][0]['__v'])) {
         throw new Corto_Module_Bindings_Exception("XML Encryption: No encrypted data found?");
     }
     $encryptedKey = base64_decode($element['xenc:EncryptedData']['ds:KeyInfo']['xenc:EncryptedKey'][0]['xenc:CipherData'][0]['xenc:CipherValue'][0]['__v']);
     $encryptedData = base64_decode($element['xenc:EncryptedData']['xenc:CipherData'][0]['xenc:CipherValue'][0]['__v']);
     $sessionKey = null;
     if (!openssl_private_decrypt($encryptedKey, $sessionKey, $privateKey, OPENSSL_PKCS1_PADDING)) {
         throw new Corto_Module_Bindings_Exception("XML Encryption: Unable to decrypt symmetric key using private key");
     }
     openssl_free_key($privateKey);
     $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
     $ivSize = mcrypt_enc_get_iv_size($cipher);
     $iv = substr($encryptedData, 0, $ivSize);
     mcrypt_generic_init($cipher, $sessionKey, $iv);
     $decryptedData = mdecrypt_generic($cipher, substr($encryptedData, $ivSize));
     // Remove the CBC block padding
     $dataLen = strlen($decryptedData);
     $paddingLength = substr($decryptedData, $dataLen - 1, 1);
     $decryptedData = substr($decryptedData, 0, $dataLen - ord($paddingLength));
     mcrypt_generic_deinit($cipher);
     mcrypt_module_close($cipher);
     if ($returnAsXML) {
         return $decryptedData;
     } else {
         $newElement = Corto_XmlToArray::xml2array($decryptedData);
         $newElement['__']['Raw'] = $decryptedData;
         return $newElement;
     }
 }