formatFingerPrint() 공개 정적인 메소드

Formates a fingerprint.
public static formatFingerPrint ( string $fingerprint ) : string
$fingerprint string fingerprint
리턴 string Formatted fingerprint
예제 #1
0
 /**
  * Tests the formatFingerPrint method of the OneLogin_Saml2_Utils
  *
  * @covers OneLogin_Saml2_Utils::formatFingerPrint
  */
 public function testFormatFingerPrint()
 {
     $fingerPrint1 = 'AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9';
     $this->assertEquals('afe71c28ef740bc87425be13a2263d37971da1f9', OneLogin_Saml2_Utils::formatFingerPrint($fingerPrint1));
     $fingerPrint2 = 'afe71c28ef740bc87425be13a2263d37971da1f9';
     $this->assertEquals('afe71c28ef740bc87425be13a2263d37971da1f9', OneLogin_Saml2_Utils::formatFingerPrint($fingerPrint2));
 }
예제 #2
0
 /**
  * Validates a signature (Message or Assertion).
  *
  * @param string|DomDocument $xml         The element we should validate
  * @param string|null        $cert        The pubic cert
  * @param string|null        $fingerprint The fingerprint of the public cert
  */
 public static function validateSign($xml, $cert = null, $fingerprint = null)
 {
     if ($xml instanceof DOMDocument) {
         $dom = clone $xml;
     } else {
         if ($xml instanceof DOMElement) {
             $dom = clone $xml->ownerDocument;
         } else {
             $dom = new DOMDocument();
             $dom = self::loadXML($dom, $xml);
         }
     }
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->idKeys = array('ID');
     $objDSig = $objXMLSecDSig->locateSignature($dom);
     if (!$objDSig) {
         throw new Exception('Cannot locate Signature Node');
     }
     $objKey = $objXMLSecDSig->locateKey();
     if (!$objKey) {
         throw new Exception('We have no idea about the key');
     }
     $objXMLSecDSig->canonicalizeSignedInfo();
     try {
         $retVal = $objXMLSecDSig->validateReference();
     } catch (Exception $e) {
         throw $e;
     }
     XMLSecEnc::staticLocateKeyInfo($objKey, $objDSig);
     if (!empty($cert)) {
         $objKey->loadKey($cert, false, true);
         return $objXMLSecDSig->verify($objKey) === 1;
     } else {
         $domCert = $objKey->getX509Certificate();
         $domCertFingerprint = OneLogin_Saml2_Utils::calculateX509Fingerprint($domCert);
         if (OneLogin_Saml2_Utils::formatFingerPrint($fingerprint) !== $domCertFingerprint) {
             return false;
         } else {
             $objKey->loadKey($domCert, false, true);
             return $objXMLSecDSig->verify($objKey) === 1;
         }
     }
 }
예제 #3
0
 /**
  * Validates a signature (Message or Assertion).
  *
  * @param string|DomDocument $xml            The element we should validate
  * @param string|null        $cert           The pubic cert
  * @param string|null        $fingerprint    The fingerprint of the public cert
  * @param string|null        $fingerprintalg The algorithm used to get the fingerprint
  */
 public static function validateSign($xml, $cert = null, $fingerprint = null, $fingerprintalg = 'sha1')
 {
     if ($xml instanceof DOMDocument) {
         $dom = clone $xml;
     } else {
         if ($xml instanceof DOMElement) {
             $dom = clone $xml->ownerDocument;
         } else {
             $dom = new DOMDocument();
             $dom = self::loadXML($dom, $xml);
         }
     }
     # Check if Reference URI is empty
     try {
         $signatureElems = $dom->getElementsByTagName('Signature');
         foreach ($signatureElems as $signatureElem) {
             $referenceElems = $dom->getElementsByTagName('Reference');
             if (count($referenceElems) > 0) {
                 $referenceElem = $referenceElems->item(0);
                 if ($referenceElem->getAttribute('URI') == '') {
                     $referenceElem->setAttribute('URI', '#' . $signatureElem->parentNode->getAttribute('ID'));
                 }
             }
         }
     } catch (Exception $e) {
         continue;
     }
     $objXMLSecDSig = new XMLSecurityDSig();
     $objXMLSecDSig->idKeys = array('ID');
     $objDSig = $objXMLSecDSig->locateSignature($dom);
     if (!$objDSig) {
         throw new Exception('Cannot locate Signature Node');
     }
     $objKey = $objXMLSecDSig->locateKey();
     if (!$objKey) {
         throw new Exception('We have no idea about the key');
     }
     $objXMLSecDSig->canonicalizeSignedInfo();
     try {
         $retVal = $objXMLSecDSig->validateReference();
     } catch (Exception $e) {
         throw $e;
     }
     XMLSecEnc::staticLocateKeyInfo($objKey, $objDSig);
     if (!empty($cert)) {
         $objKey->loadKey($cert, false, true);
         return $objXMLSecDSig->verify($objKey) === 1;
     } else {
         $domCert = $objKey->getX509Certificate();
         $domCertFingerprint = OneLogin_Saml2_Utils::calculateX509Fingerprint($domCert, $fingerprintalg);
         if (OneLogin_Saml2_Utils::formatFingerPrint($fingerprint) !== $domCertFingerprint) {
             return false;
         } else {
             $objKey->loadKey($domCert, false, true);
             return $objXMLSecDSig->verify($objKey) === 1;
         }
     }
 }