public function encryptBody($siteKey, $objKey, $token) { $enc = new XMLSecEnc(); foreach ($this->envelope->childNodes as $node) { if ($node->namespaceURI == $this->soapNS && $node->localName == 'Body') { break; } } $enc->setNode($node); /* encrypt the symmetric key */ $enc->encryptKey($siteKey, $objKey, false); $enc->type = XMLSecEnc::CONTENT; /* Using the symmetric key to actually encrypt the data */ $encNode = $enc->encryptNode($objKey); $guid = XMLSecurityDSig::generateGUID(); $encNode->setAttribute('Id', $guid); $refNode = $encNode->firstChild; while ($refNode && $refNode->nodeType != XML_ELEMENT_NODE) { $refNode = $refNode->nextSibling; } if ($refNode) { $refNode = $refNode->nextSibling; } if ($this->addEncryptedKey($enc, $token)) { $this->addReference($enc->encKey, $guid); } }
public static function staticLocateKeyInfo($objBaseKey = null, $node = null) { if (empty($node) || !$node instanceof DOMNode) { return; } if ($doc = $node->ownerDocument) { $xpath = new DOMXPath($doc); $xpath->registerNamespace('xmlsecenc', XMLSecEnc::XMLENCNS); $xpath->registerNamespace('xmlsecdsig', XMLSecurityDSig::XMLDSIGNS); $query = "./xmlsecdsig:KeyInfo"; $nodeset = $xpath->query($query, $node); if ($encmeth = $nodeset->item(0)) { foreach ($encmeth->childNodes as $child) { switch ($child->localName) { case 'KeyName': if (!empty($objBaseKey)) { $objBaseKey->name = $child->nodeValue; } break; case 'KeyValue': foreach ($child->childNodes as $keyval) { switch ($keyval->localName) { case 'DSAKeyValue': throw new Exception("DSAKeyValue currently not supported"); break; case 'RSAKeyValue': $modulus = null; $exponent = null; if ($modulusNode = $keyval->getElementsByTagName('Modulus')->item(0)) { $modulus = base64_decode($modulusNode->nodeValue); } if ($exponentNode = $keyval->getElementsByTagName('Exponent')->item(0)) { $exponent = base64_decode($exponentNode->nodeValue); } if (empty($modulus) || empty($exponent)) { throw new Exception("Missing Modulus or Exponent"); } $publicKey = XMLSecurityKey::convertRSA($modulus, $exponent); $objBaseKey->loadKey($publicKey); break; } } break; case 'RetrievalMethod': /* Not currently supported */ break; case 'EncryptedKey': $objenc = new XMLSecEnc(); $objenc->setNode($child); if (!($objKey = $objenc->locateKey())) { throw new Exception("Unable to locate algorithm for this Encrypted Key"); } $objKey->isEncrypted = true; $objKey->encryptedCtx = $objenc; XMLSecEnc::staticLocateKeyInfo($objKey, $child); return $objKey; break; case 'X509Data': if ($x509certNodes = $child->getElementsByTagName('X509Certificate')) { if ($x509certNodes->length > 0) { $x509cert = $x509certNodes->item(0)->textContent; $x509cert = str_replace(array("\r", "\n"), "", $x509cert); $x509cert = "-----BEGIN CERTIFICATE-----\n" . chunk_split($x509cert, 64, "\n") . "-----END CERTIFICATE-----\n"; $objBaseKey->loadKey($x509cert); } } break; } } } return $objBaseKey; } return; }