/** * Tries to resolve a key from the given \DOMElement. * * @param \DOMElement $node Node where to resolve the key * @param string $algorithm XML security key algorithm * * @return \ass\XmlSecurity\Key|null */ public function keyInfoSecurityTokenReferenceResolver(\DOMElement $node, $algorithm) { foreach ($node->childNodes as $key) { if (Helper::NS_WSS === $key->namespaceURI) { switch ($key->localName) { case 'KeyIdentifier': return $this->serviceSecurityKey->getPublicKey(); case 'Reference': $uri = $key->getAttribute('URI'); $referencedNode = $this->getReferenceNodeForUri($node, $uri); if (XmlSecurityEnc::NS_XMLENC === $referencedNode->namespaceURI && 'EncryptedKey' == $referencedNode->localName) { $key = XmlSecurityEnc::decryptEncryptedKey($referencedNode, $this->userSecurityKey->getPrivateKey()); return XmlSecurityKey::factory($algorithm, $key, false, XmlSecurityKey::TYPE_PRIVATE); } elseif (Helper::NS_WSS === $referencedNode->namespaceURI && 'BinarySecurityToken' == $referencedNode->localName) { $key = XmlSecurityPem::formatKeyInPemFormat($referencedNode->textContent); return XmlSecurityKey::factory(XmlSecurityKey::RSA_SHA1, $key, false, XmlSecurityKey::TYPE_PUBLIC); } } } } return null; }
/** * Get the thumbprint of the X509 certificate this key represents. * * @return string */ public function getX509Thumbprint() { if ($this->keyType != self::TYPE_PUBLIC) { return null; } $certs = Pem::parseKeyFromPemFormat($this->key, Pem::PEM_TYPE_CERTIFICATE_X509); return strtolower(sha1(base64_decode($certs[0]))); }
public function testParseKeyFromPemFormat() { $keys = Pem::parseKeyFromPemFormat($this->cert, PEM::PEM_TYPE_CERTIFICATE_X509); $keyString = array_pop($keys); $this->assertEquals($keyString, $this->keyString); }