tweet_live: web/rsln/Zend/InfoCard.php@ce146fcaddb2 (annotated)

20 7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	1	<?php
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	2	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	3	* Zend Framework
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	4	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	5	* LICENSE
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	6	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	7	* This source file is subject to the new BSD license that is bundled
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	8	* with this package in the file LICENSE.txt.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	9	* It is also available through the world-wide-web at this URL:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	10	* http://framework.zend.com/license/new-bsd
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	11	* If you did not receive a copy of the license and are unable to
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	12	* obtain it through the world-wide-web, please send an email
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	13	* to license@zend.com so we can send you a copy immediately.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	14	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	15	* @category Zend
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	16	* @package Zend_InfoCard
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	17	* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	18	* @license http://framework.zend.com/license/new-bsd New BSD License
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	19	* @version $Id: InfoCard.php 20096 2010-01-06 02:05:09Z bkarwin $
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	20	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	21
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	22	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	23	* Zend_InfoCard_Xml_EncryptedData
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	24	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	25	require_once 'Zend/InfoCard/Xml/EncryptedData.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	26
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	27	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	28	* Zend_InfoCard_Xml_Assertion
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	29	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	30	require_once 'Zend/InfoCard/Xml/Assertion.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	31
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	32	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	33	* Zend_InfoCard_Cipher
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	34	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	35	require_once 'Zend/InfoCard/Cipher.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	36
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	37	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	38	* Zend_InfoCard_Xml_Security
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	39	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	40	require_once 'Zend/InfoCard/Xml/Security.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	41
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	42	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	43	* Zend_InfoCard_Adapter_Interface
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	44	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	45	require_once 'Zend/InfoCard/Adapter/Interface.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	46
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	47	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	48	* Zend_InfoCard_Claims
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	49	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	50	require_once 'Zend/InfoCard/Claims.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	51
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	52	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	53	* @category Zend
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	54	* @package Zend_InfoCard
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	55	* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	56	* @license http://framework.zend.com/license/new-bsd New BSD License
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	57	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	58	class Zend_InfoCard
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	59	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	60	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	61	* URI for XML Digital Signature SHA1 Digests
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	62	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	63	const DIGEST_SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	64
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	65	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	66	* An array of certificate pair files and optional passwords for them to search
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	67	* when trying to determine which certificate was used to encrypt the transient key
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	68	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	69	* @var Array
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	70	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	71	protected $_keyPairs;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	72
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	73	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	74	* The instance to use to decrypt public-key encrypted data
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	75	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	76	* @var Zend_InfoCard_Cipher_Pki_Interface
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	77	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	78	protected $_pkiCipherObj;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	79
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	80	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	81	* The instance to use to decrypt symmetric encrypted data
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	82	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	83	* @var Zend_InfoCard_Cipher_Symmetric_Interface
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	84	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	85	protected $_symCipherObj;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	86
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	87	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	88	* The InfoCard Adapter to use for callbacks into the application using the component
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	89	* such as when storing assertions, etc.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	90	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	91	* @var Zend_InfoCard_Adapter_Interface
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	92	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	93	protected $_adapter;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	94
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	95
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	96	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	97	* InfoCard Constructor
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	98	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	99	* @throws Zend_InfoCard_Exception
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	100	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	101	public function __construct()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	102	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	103	$this->_keyPairs = array();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	104
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	105	if(!extension_loaded('mcrypt')) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	106	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	107	throw new Zend_InfoCard_Exception("Use of the Zend_InfoCard component requires the mcrypt extension to be enabled in PHP");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	108	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	109
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	110	if(!extension_loaded('openssl')) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	111	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	112	throw new Zend_InfoCard_Exception("Use of the Zend_InfoCard component requires the openssl extension to be enabled in PHP");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	113	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	114	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	115
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	116	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	117	* Sets the adapter uesd for callbacks into the application using the component, used
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	118	* when doing things such as storing / retrieving assertions, etc.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	119	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	120	* @param Zend_InfoCard_Adapter_Interface $a The Adapter instance
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	121	* @return Zend_InfoCard The instnace
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	122	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	123	public function setAdapter(Zend_InfoCard_Adapter_Interface $a)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	124	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	125	$this->_adapter = $a;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	126	return $this;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	127	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	128
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	129	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	130	* Retrieves the adapter used for callbacks into the application using the component.
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	131	* If no adapter was set then an instance of Zend_InfoCard_Adapter_Default is used
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	132	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	133	* @return Zend_InfoCard_Adapter_Interface The Adapter instance
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	134	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	135	public function getAdapter()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	136	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	137	if($this->_adapter === null) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	138	require_once 'Zend/InfoCard/Adapter/Default.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	139	$this->setAdapter(new Zend_InfoCard_Adapter_Default());
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	140	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	141
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	142	return $this->_adapter;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	143	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	144
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	145	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	146	* Gets the Public Key Cipher object used in this instance
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	147	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	148	* @return Zend_InfoCard_Cipher_Pki_Interface
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	149	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	150	public function getPkiCipherObject()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	151	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	152	return $this->_pkiCipherObj;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	153	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	154
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	155	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	156	* Sets the Public Key Cipher Object used in this instance
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	157	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	158	* @param Zend_InfoCard_Cipher_Pki_Interface $cipherObj
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	159	* @return Zend_InfoCard
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	160	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	161	public function setPkiCipherObject(Zend_InfoCard_Cipher_Pki_Interface $cipherObj)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	162	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	163	$this->_pkiCipherObj = $cipherObj;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	164	return $this;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	165	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	166
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	167	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	168	* Get the Symmetric Cipher Object used in this instance
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	169	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	170	* @return Zend_InfoCard_Cipher_Symmetric_Interface
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	171	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	172	public function getSymCipherObject()
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	173	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	174	return $this->_symCipherObj;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	175	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	176
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	177	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	178	* Sets the Symmetric Cipher Object used in this instance
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	179	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	180	* @param Zend_InfoCard_Cipher_Symmetric_Interface $cipherObj
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	181	* @return Zend_InfoCard
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	182	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	183	public function setSymCipherObject($cipherObj)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	184	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	185	$this->_symCipherObj = $cipherObj;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	186	return $this;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	187	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	188
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	189	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	190	* Remove a Certificate Pair by Key ID from the search list
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	191	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	192	* @throws Zend_InfoCard_Exception
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	193	* @param string $key_id The Certificate Key ID returned from adding the certificate pair
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	194	* @return Zend_InfoCard
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	195	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	196	public function removeCertificatePair($key_id)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	197	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	198
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	199	if(!key_exists($key_id, $this->_keyPairs)) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	200	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	201	throw new Zend_InfoCard_Exception("Attempted to remove unknown key id: $key_id");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	202	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	203
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	204	unset($this->_keyPairs[$key_id]);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	205	return $this;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	206	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	207
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	208	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	209	* Add a Certificate Pair to the list of certificates searched by the component
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	210	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	211	* @throws Zend_InfoCard_Exception
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	212	* @param string $private_key_file The path to the private key file for the pair
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	213	* @param string $public_key_file The path to the certificate / public key for the pair
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	214	* @param string $type (optional) The URI for the type of key pair this is (default RSA with OAEP padding)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	215	* @param string $password (optional) The password for the private key file if necessary
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	216	* @return string A key ID representing this key pair in the component
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	217	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	218	public function addCertificatePair($private_key_file, $public_key_file, $type = Zend_InfoCard_Cipher::ENC_RSA_OAEP_MGF1P, $password = null)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	219	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	220	if(!file_exists($private_key_file) \|\|
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	221	!file_exists($public_key_file)) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	222	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	223	throw new Zend_InfoCard_Exception("Could not locate the public and private certificate pair files: $private_key_file, $public_key_file");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	224	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	225
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	226	if(!is_readable($private_key_file) \|\|
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	227	!is_readable($public_key_file)) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	228	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	229	throw new Zend_InfoCard_Exception("Could not read the public and private certificate pair files (check permissions): $private_key_file, $public_key_file");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	230	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	231
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	232	$key_id = md5($private_key_file.$public_key_file);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	233
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	234	if(key_exists($key_id, $this->_keyPairs)) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	235	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	236	throw new Zend_InfoCard_Exception("Attempted to add previously existing certificate pair: $private_key_file, $public_key_file");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	237	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	238
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	239	switch($type) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	240	case Zend_InfoCard_Cipher::ENC_RSA:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	241	case Zend_InfoCard_Cipher::ENC_RSA_OAEP_MGF1P:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	242	$this->_keyPairs[$key_id] = array('private' => $private_key_file,
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	243	'public' => $public_key_file,
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	244	'type_uri' => $type);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	245
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	246	if($password !== null) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	247	$this->_keyPairs[$key_id]['password'] = $password;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	248	} else {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	249	$this->_keyPairs[$key_id]['password'] = null;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	250	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	251
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	252	return $key_id;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	253	break;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	254	default:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	255	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	256	throw new Zend_InfoCard_Exception("Invalid Certificate Pair Type specified: $type");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	257	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	258	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	259
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	260	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	261	* Return a Certificate Pair from a key ID
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	262	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	263	* @throws Zend_InfoCard_Exception
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	264	* @param string $key_id The Key ID of the certificate pair in the component
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	265	* @return array An array containing the path to the private/public key files,
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	266	* the type URI and the password if provided
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	267	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	268	public function getCertificatePair($key_id)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	269	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	270	if(key_exists($key_id, $this->_keyPairs)) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	271	return $this->_keyPairs[$key_id];
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	272	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	273
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	274	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	275	throw new Zend_InfoCard_Exception("Invalid Certificate Pair ID provided: $key_id");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	276	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	277
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	278	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	279	* Retrieve the digest of a given public key / certificate using the provided digest
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	280	* method
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	281	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	282	* @throws Zend_InfoCard_Exception
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	283	* @param string $key_id The certificate key id in the component
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	284	* @param string $digestMethod The URI of the digest method to use (default SHA1)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	285	* @return string The digest value in binary format
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	286	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	287	protected function _getPublicKeyDigest($key_id, $digestMethod = self::DIGEST_SHA1)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	288	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	289	$certificatePair = $this->getCertificatePair($key_id);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	290
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	291	$temp = file($certificatePair['public']);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	292	unset($temp[count($temp)-1]);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	293	unset($temp[0]);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	294	$certificateData = base64_decode(implode("\n", $temp));
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	295
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	296	switch($digestMethod) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	297	case self::DIGEST_SHA1:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	298	$digest_retval = sha1($certificateData, true);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	299	break;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	300	default:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	301	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	302	throw new Zend_InfoCard_Exception("Invalid Digest Type Provided: $digestMethod");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	303	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	304
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	305	return $digest_retval;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	306	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	307
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	308	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	309	* Find a certificate pair based on a digest of its public key / certificate file
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	310	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	311	* @param string $digest The digest value of the public key wanted in binary form
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	312	* @param string $digestMethod The URI of the digest method used to calculate the digest
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	313	* @return mixed The Key ID of the matching certificate pair or false if not found
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	314	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	315	protected function _findCertifiatePairByDigest($digest, $digestMethod = self::DIGEST_SHA1)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	316	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	317
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	318	foreach($this->_keyPairs as $key_id => $certificate_data) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	319
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	320	$cert_digest = $this->_getPublicKeyDigest($key_id, $digestMethod);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	321
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	322	if($cert_digest == $digest) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	323	return $key_id;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	324	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	325	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	326
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	327	return false;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	328	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	329
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	330	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	331	* Extracts the Signed Token from an EncryptedData block
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	332	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	333	* @throws Zend_InfoCard_Exception
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	334	* @param string $strXmlToken The EncryptedData XML block
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	335	* @return string The XML of the Signed Token inside of the EncryptedData block
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	336	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	337	protected function _extractSignedToken($strXmlToken)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	338	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	339	$encryptedData = Zend_InfoCard_Xml_EncryptedData::getInstance($strXmlToken);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	340
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	341	// Determine the Encryption Method used to encrypt the token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	342
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	343	switch($encryptedData->getEncryptionMethod()) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	344	case Zend_InfoCard_Cipher::ENC_AES128CBC:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	345	case Zend_InfoCard_Cipher::ENC_AES256CBC:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	346	break;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	347	default:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	348	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	349	throw new Zend_InfoCard_Exception("Unknown Encryption Method used in the secure token");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	350	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	351
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	352	// Figure out the Key we are using to decrypt the token
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	353
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	354	$keyinfo = $encryptedData->getKeyInfo();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	355
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	356	if(!($keyinfo instanceof Zend_InfoCard_Xml_KeyInfo_XmlDSig)) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	357	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	358	throw new Zend_InfoCard_Exception("Expected a XML digital signature KeyInfo, but was not found");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	359	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	360
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	361
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	362	$encryptedKey = $keyinfo->getEncryptedKey();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	363
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	364	switch($encryptedKey->getEncryptionMethod()) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	365	case Zend_InfoCard_Cipher::ENC_RSA:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	366	case Zend_InfoCard_Cipher::ENC_RSA_OAEP_MGF1P:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	367	break;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	368	default:
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	369	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	370	throw new Zend_InfoCard_Exception("Unknown Key Encryption Method used in secure token");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	371	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	372
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	373	$securityTokenRef = $encryptedKey->getKeyInfo()->getSecurityTokenReference();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	374
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	375	$key_id = $this->_findCertifiatePairByDigest($securityTokenRef->getKeyReference());
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	376
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	377	if(!$key_id) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	378	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	379	throw new Zend_InfoCard_Exception("Unable to find key pair used to encrypt symmetric InfoCard Key");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	380	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	381
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	382	$certificate_pair = $this->getCertificatePair($key_id);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	383
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	384	// Santity Check
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	385
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	386	if($certificate_pair['type_uri'] != $encryptedKey->getEncryptionMethod()) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	387	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	388	throw new Zend_InfoCard_Exception("Certificate Pair which matches digest is not of same algorithm type as document, check addCertificate()");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	389	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	390
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	391	$PKcipher = Zend_InfoCard_Cipher::getInstanceByURI($encryptedKey->getEncryptionMethod());
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	392
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	393	$base64DecodeSupportsStrictParam = version_compare(PHP_VERSION, '5.2.0', '>=');
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	394
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	395	if ($base64DecodeSupportsStrictParam) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	396	$keyCipherValueBase64Decoded = base64_decode($encryptedKey->getCipherValue(), true);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	397	} else {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	398	$keyCipherValueBase64Decoded = base64_decode($encryptedKey->getCipherValue());
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	399	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	400
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	401	$symmetricKey = $PKcipher->decrypt(
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	402	$keyCipherValueBase64Decoded,
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	403	file_get_contents($certificate_pair['private']),
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	404	$certificate_pair['password']
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	405	);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	406
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	407	$symCipher = Zend_InfoCard_Cipher::getInstanceByURI($encryptedData->getEncryptionMethod());
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	408
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	409	if ($base64DecodeSupportsStrictParam) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	410	$dataCipherValueBase64Decoded = base64_decode($encryptedData->getCipherValue(), true);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	411	} else {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	412	$dataCipherValueBase64Decoded = base64_decode($encryptedData->getCipherValue());
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	413	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	414
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	415	$signedToken = $symCipher->decrypt($dataCipherValueBase64Decoded, $symmetricKey);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	416
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	417	return $signedToken;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	418	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	419
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	420	/**
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	421	* Process an input Infomation Card EncryptedData block sent from the client,
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	422	* validate it, and return the claims contained within it on success or an error message on error
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	423	*
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	424	* @param string $strXmlToken The XML token sent to the server from the client
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	425	* @return Zend_Infocard_Claims The Claims object containing the claims, or any errors which occurred
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	426	*/
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	427	public function process($strXmlToken)
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	428	{
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	429
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	430	$retval = new Zend_InfoCard_Claims();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	431
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	432	require_once 'Zend/InfoCard/Exception.php';
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	433	try {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	434	$signedAssertionsXml = $this->_extractSignedToken($strXmlToken);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	435	} catch(Zend_InfoCard_Exception $e) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	436	$retval->setError('Failed to extract assertion document');
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	437	$retval->setCode(Zend_InfoCard_Claims::RESULT_PROCESSING_FAILURE);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	438	return $retval;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	439	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	440
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	441	try {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	442	$assertions = Zend_InfoCard_Xml_Assertion::getInstance($signedAssertionsXml);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	443	} catch(Zend_InfoCard_Exception $e) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	444	$retval->setError('Failure processing assertion document');
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	445	$retval->setCode(Zend_InfoCard_Claims::RESULT_PROCESSING_FAILURE);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	446	return $retval;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	447	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	448
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	449	if(!($assertions instanceof Zend_InfoCard_Xml_Assertion_Interface)) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	450	throw new Zend_InfoCard_Exception("Invalid Assertion Object returned");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	451	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	452
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	453	if(!($reference_id = Zend_InfoCard_Xml_Security::validateXMLSignature($assertions->asXML()))) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	454	$retval->setError("Failure Validating the Signature of the assertion document");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	455	$retval->setCode(Zend_InfoCard_Claims::RESULT_VALIDATION_FAILURE);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	456	return $retval;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	457	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	458
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	459	// The reference id should be locally scoped as far as I know
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	460	if($reference_id[0] == '#') {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	461	$reference_id = substr($reference_id, 1);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	462	} else {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	463	$retval->setError("Reference of document signature does not reference the local document");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	464	$retval->setCode(Zend_InfoCard_Claims::RESULT_VALIDATION_FAILURE);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	465	return $retval;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	466	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	467
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	468	// Make sure the signature is in reference to the same document as the assertions
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	469	if($reference_id != $assertions->getAssertionID()) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	470	$retval->setError("Reference of document signature does not reference the local document");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	471	$retval->setCode(Zend_InfoCard_Claims::RESULT_VALIDATION_FAILURE);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	472	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	473
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	474	// Validate we haven't seen this before and the conditions are acceptable
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	475	$conditions = $this->getAdapter()->retrieveAssertion($assertions->getAssertionURI(), $assertions->getAssertionID());
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	476
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	477	if($conditions === false) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	478	$conditions = $assertions->getConditions();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	479	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	480
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	481
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	482	if(is_array($condition_error = $assertions->validateConditions($conditions))) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	483	$retval->setError("Conditions of assertion document are not met: {$condition_error[1]} ({$condition_error[0]})");
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	484	$retval->setCode(Zend_InfoCard_Claims::RESULT_VALIDATION_FAILURE);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	485	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	486
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	487	$attributes = $assertions->getAttributes();
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	488
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	489	$retval->setClaims($attributes);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	490
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	491	if($retval->getCode() == 0) {
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	492	$retval->setCode(Zend_InfoCard_Claims::RESULT_SUCCESS);
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	493	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	494
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	495	return $retval;
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	496	}
7e0a67a20e74 add new rsln page Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com> parents: diff changeset	497	}

author	Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
	Mon, 07 Feb 2011 16:28:02 +0100
changeset 43	ce146fcaddb2
parent 20	7e0a67a20e74
permissions	-rw-r--r--