ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
EncryptedAssertion.php
Go to the documentation of this file.
1 <?php
2 
3 namespace SAML2;
4 
7 
14 {
20  private $encryptedData;
21 
28  public function __construct(\DOMElement $xml = null)
29  {
30  if ($xml === null) {
31  return;
32  }
33 
34  $data = Utils::xpQuery($xml, './xenc:EncryptedData');
35  if (count($data) === 0) {
36  throw new \Exception('Missing encrypted data in <saml:EncryptedAssertion>.');
37  } elseif (count($data) > 1) {
38  throw new \Exception('More than one encrypted data element in <saml:EncryptedAssertion>.');
39  }
40  $this->encryptedData = $data[0];
41  }
42 
50  public function setAssertion(Assertion $assertion, XMLSecurityKey $key)
51  {
52  $xml = $assertion->toXML();
53 
54  Utils::getContainer()->debugMessage($xml, 'encrypt');
55 
56  $enc = new XMLSecEnc();
57  $enc->setNode($xml);
58  $enc->type = XMLSecEnc::Element;
59 
60  switch ($key->type) {
61  case XMLSecurityKey::TRIPLEDES_CBC:
62  case XMLSecurityKey::AES128_CBC:
63  case XMLSecurityKey::AES192_CBC:
64  case XMLSecurityKey::AES256_CBC:
65  $symmetricKey = $key;
66  break;
67 
68  case XMLSecurityKey::RSA_1_5:
69  case XMLSecurityKey::RSA_OAEP_MGF1P:
70  $symmetricKey = new XMLSecurityKey(XMLSecurityKey::AES128_CBC);
71  $symmetricKey->generateSessionKey();
72 
73  $enc->encryptKey($key, $symmetricKey);
74 
75  break;
76 
77  default:
78  throw new \Exception('Unknown key type for encryption: ' . $key->type);
79  }
80 
81  $this->encryptedData = $enc->encryptNode($symmetricKey);
82  }
83 
91  public function getAssertion(XMLSecurityKey $inputKey, array $blacklist = array())
92  {
93  $assertionXML = Utils::decryptElement($this->encryptedData, $inputKey, $blacklist);
94 
95  Utils::getContainer()->debugMessage($assertionXML, 'decrypt');
96 
97  return new Assertion($assertionXML);
98  }
99 
106  public function toXML(\DOMNode $parentElement = null)
107  {
108  if ($parentElement === null) {
109  $document = DOMDocumentFactory::create();
110  $parentElement = $document;
111  } else {
112  $document = $parentElement->ownerDocument;
113  }
114 
115  $root = $document->createElementNS(Constants::NS_SAML, 'saml:' . 'EncryptedAssertion');
116  $parentElement->appendChild($root);
117 
118  $root->appendChild($document->importNode($this->encryptedData, true));
119 
120  return $root;
121  }
122 }
__construct(\DOMElement $xml=null)
Constructor for SAML 2 encrypted assertions.
toXML(\DOMNode $parentElement=null)
Convert this encrypted assertion to an XML element.
getAssertion(XMLSecurityKey $inputKey, array $blacklist=array())
Retrieve the assertion.
toXML(\DOMNode $parentElement=null)
Convert this assertion to an XML element.
Definition: Assertion.php:1362
$root
Definition: sabredav.php:45
setAssertion(Assertion $assertion, XMLSecurityKey $key)
Set the assertion.
$key
Definition: croninfo.php:18
$data
Definition: bench.php:6