protected static function retrieveMetadata($mdspec)
{
$type = 'public';
$format = 'xml';
if (is_array($mdspec)) {
$type = 'private';
$format = 'array';
} elseif (preg_match("/^(private|public|remote):(xml|php|json|array):(.*)/", $mdspec, $dollar)) {
list($dummy, $type, $format, $source) = $dollar;
}
print "Importing {$mdspec}\n";
switch ($format) {
case 'xml':
$res = Corto_XmlToArray::xml2array(file_get_contents($source), true);
break;
case 'php':
// the included file must return an array
$res = (include $source);
break;
case 'json':
$res = json_decode(file_get_contents($source), 1);
break;
case 'array':
$res = $mdspec;
break;
}
return array($type, $res);
}
/**
* Handle sending response by artifact
*
* @return void
*/
public function artifactResolutionService()
{
$postData = Corto_XmlToArray::xml2array(file_get_contents("php://input"));
$artifact = $postData['SOAP-ENV:Body']['samlp:ArtifactResolve']['saml:Artifact']['__v'];
$this->_server->restartSession(sha1($artifact), 'artifact');
$message = $_SESSION['message'];
session_destroy();
$element = $message['__t'];
$artifactResponse = array('samlp:ArtifactResponse' => array('xmlns:samlp' => 'urn:oasis:names:tc:SAML:2.0:protocol', 'xmlns:saml' => 'urn:oasis:names:tc:SAML:2.0:assertion', 'ID' => $this->_server->getNewId(), 'Version' => '2.0', 'IssueInstant' => $this->_server->timeStamp(), 'InResponseTo' => $postData['SOAP-ENV:Body']['samlp:ArtifactResolve']['_ID'], 'saml:Issuer' => array('__v' => $this->_server->getCurrentMD('entityID')), $element => $message));
$this->_server->getBindingsModule()->_soapResponse($artifactResponse);
}
<?php
/**
* Created by PhpStorm.
* User: freek
* Date: Nov 24, 2010
* Time: 5:05:45 PM
* To change this template use File | Settings | File Templates.
*/
include "../library/Corto/XmlToArray.php";
if ($xml = $_POST['msg']) {
$xml = stripslashes($xml);
$element = Corto_XmlToArray::xml2array($xml);
print "<pre>";
print_r($element);
$signatureValue = base64_decode($element['ds:Signature']['ds:SignatureValue']['__v']);
$digestValue = $element['ds:Signature']['ds:SignedInfo']['ds:Reference'][0]['ds:DigestValue']['__v'];
$certificate = $element['ds:Signature']['ds:KeyInfo']['ds:X509Data']['ds:X509Certificate']['__v'];
$publicKey = "-----BEGIN CERTIFICATE-----\n" . chunk_split($certificate, 64) . "-----END CERTIFICATE-----";
#print_r($publicKey);
$document = DOMDocument::loadXML($xml);
$xp = new DomXPath($document);
$xp->registerNamespace('ds', 'http://www.w3.org/2000/09/xmldsig#');
$id = $element['_ID'];
$signedElement = $xp->query("//*[@ID = '{$id}']")->item(0);
$signature = $xp->query(".//ds:Signature", $signedElement)->item(0);
$signedInfo = $xp->query(".//ds:SignedInfo", $signature)->item(0)->C14N(true, false);
$signature->parentNode->removeChild($signature);
$canonicalXml = $signedElement->C14N(true, false);
print_r(htmlspecialchars($xml));
print "\n";
/**
* Send a soap request and return the resulting response without
* the enclosing soap envelope.
*
* @param $soapServiceUrl
* @param $body
* @return
*/
protected function _soapRequest($soapServiceUrl, $body)
{
$soapEnvelope = array('__t' => 'SOAP-ENV:Envelope', '_xmlns:SOAP-ENV' => "http://schemas.xmlsoap.org/soap/envelope/", 'SOAP-ENV:Body' => array($body['__t'] => $body));
$curlOptions = array(CURLOPT_URL => $soapServiceUrl, CURLOPT_HTTPHEADER => array('SOAPAction: ""'), CURLOPT_RETURNTRANSFER => 1, CURLOPT_SSL_VERIFYPEER => FALSE, CURLOPT_POSTFIELDS => Corto_XmlToArray::array2xml($soapEnvelope), CURLOPT_HEADER => 0);
$curlHandler = curl_init();
curl_setopt_array($curlHandler, $curlOptions);
$curlResult = curl_exec($curlHandler);
$soapResponse = Corto_XmlToArray::xml2array($curlResult);
return $soapResponse['SOAP-ENV:Body'];
}
/**
* Decrypt an xml fragment.
*
* @param resource $privateKey OpenSSL private key for Corto to get the symmetric key.
* @param array $element Array representation of an xml fragment
* @param Bool $returnAsXML If true, the method returns an xml string.
* If false (default), it returns an array
* representation of the xml fragment.
* @return String|Array The decrypted element (as an array or string
* depending on the returnAsXml parameter.
*/
protected function _decryptElement($privateKey, $element, $returnAsXML = false)
{
if (!isset($element['xenc:EncryptedData']['ds:KeyInfo']['xenc:EncryptedKey'][0]['xenc:CipherData'][0]['xenc:CipherValue'][0]['__v'])) {
throw new Corto_Module_Bindings_Exception("XML Encryption: No encrypted key found?");
}
if (!isset($element['xenc:EncryptedData']['xenc:CipherData'][0]['xenc:CipherValue'][0]['__v'])) {
throw new Corto_Module_Bindings_Exception("XML Encryption: No encrypted data found?");
}
$encryptedKey = base64_decode($element['xenc:EncryptedData']['ds:KeyInfo']['xenc:EncryptedKey'][0]['xenc:CipherData'][0]['xenc:CipherValue'][0]['__v']);
$encryptedData = base64_decode($element['xenc:EncryptedData']['xenc:CipherData'][0]['xenc:CipherValue'][0]['__v']);
$sessionKey = null;
if (!openssl_private_decrypt($encryptedKey, $sessionKey, $privateKey, OPENSSL_PKCS1_PADDING)) {
throw new Corto_Module_Bindings_Exception("XML Encryption: Unable to decrypt symmetric key using private key");
}
openssl_free_key($privateKey);
$cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
$ivSize = mcrypt_enc_get_iv_size($cipher);
$iv = substr($encryptedData, 0, $ivSize);
mcrypt_generic_init($cipher, $sessionKey, $iv);
$decryptedData = mdecrypt_generic($cipher, substr($encryptedData, $ivSize));
// Remove the CBC block padding
$dataLen = strlen($decryptedData);
$paddingLength = substr($decryptedData, $dataLen - 1, 1);
$decryptedData = substr($decryptedData, 0, $dataLen - ord($paddingLength));
mcrypt_generic_deinit($cipher);
mcrypt_module_close($cipher);
if ($returnAsXML) {
return $decryptedData;
} else {
$newElement = Corto_XmlToArray::xml2array($decryptedData);
$newElement['__']['Raw'] = $decryptedData;
return $newElement;
}
}
