Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /** * This file is part of miniOrange SAML plugin and takes care of operations on..
Decoded Output download
<?php
/**
* This file is part of miniOrange SAML plugin and takes care of operations on the SAML Assertion.
*
* @link https://plugins.miniorange.com
* @author miniOrange
* @package miniorange-saml-20-single-sign-on
*/
include_once 'Utilities.php';
include_once 'xmlseclibs.php';
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class SAML2_Assertion
{
private $id;
private $issueInstant;
private $issuer;
private $nameId;
private $encryptedNameId;
private $encryptedAttribute;
private $encryptionKey;
private $notBefore;
private $notOnOrAfter;
private $validAudiences;
private $sessionNotOnOrAfter;
private $sessionIndex;
private $authnInstant;
private $authnContextClassRef;
private $authnContextDecl;
private $authnContextDeclRef;
private $AuthenticatingAuthority;
private $attributes;
private $nameFormat;
private $signatureKey;
private $certificates;
private $signatureData;
private $requiredEncAttributes;
private $SubjectConfirmation;
private $privateKeyUrl;
protected $wasSignedAtConstruction = FALSE;
public function __construct(DOMElement $Yu = NULL, $kk)
{
$this->id = Utilities::generateId();
$this->issueInstant = Utilities::generateTimestamp();
$this->issuer = '';
$this->authnInstant = Utilities::generateTimestamp();
$this->attributes = array();
$this->nameFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
$this->certificates = array();
$this->AuthenticatingAuthority = array();
$this->SubjectConfirmation = array();
if (!($Yu === NULL)) {
goto j6;
}
return;
j6:
if (!($Yu->localName === "EncryptedAssertion")) {
goto GA;
}
$t8 = Utilities::xpQuery($Yu, "./xenc:EncryptedData");
$nI = Utilities::xpQuery($Yu, "./xenc:EncryptedData/ds:KeyInfo/xenc:EncryptedKey");
$I5 = '';
if (empty($nI)) {
goto Qz;
}
$I5 = $nI[0]->firstChild->getAttribute("Algorithm");
goto lS;
Qz:
$nI = Utilities::xpQuery($Yu, "./xenc:EncryptedKey/xenc:EncryptionMethod");
$I5 = $nI[0]->getAttribute("Algorithm");
lS:
$uP = Utilities::getEncryptionAlgorithm($I5);
if (count($t8) === 0) {
goto Hi;
}
if (count($t8) > 1) {
goto a6;
}
goto T8;
Hi:
throw new Exception("Missing encrypted data in <saml:EncryptedAssertion>.");
goto T8;
a6:
throw new Exception("More than one encrypted data element in <saml:EncryptedAssertion>.");
T8:
$tK = new XMLSecurityKey($uP, array("type" => "private"));
$tX = get_site_option("mo_saml_current_cert_private_key");
$tK->loadKey($kk, FALSE);
$Ac = array();
$Yu = Utilities::decryptElement($t8[0], $tK, $Ac);
GA:
if ($Yu->hasAttribute("ID")) {
goto Ep;
}
throw new Exception("Missing ID attribute on SAML assertion.");
Ep:
$this->id = $Yu->getAttribute("ID");
if (!($Yu->getAttribute("Version") !== "2.0")) {
goto t2;
}
throw new Exception("Unsupported version: " . $Yu->getAttribute("Version"));
t2:
$this->issueInstant = Utilities::xsDateTimeToTimestamp($Yu->getAttribute("IssueInstant"));
$V4 = Utilities::xpQuery($Yu, "./saml_assertion:Issuer");
if (!empty($V4)) {
goto Nf;
}
throw new Exception("Missing <saml:Issuer> in assertion.");
Nf:
$this->issuer = trim($V4[0]->textContent);
$this->parseConditions($Yu);
$this->parseAuthnStatement($Yu);
$this->parseAttributes($Yu);
$this->parseEncryptedAttributes($Yu);
$this->parseSignature($Yu);
$this->parseSubject($Yu);
}
private function parseSubject(DOMElement $Yu)
{
$L2 = Utilities::xpQuery($Yu, "./saml_assertion:Subject");
if (empty($L2)) {
goto dn;
}
if (count($L2) > 1) {
goto LZ;
}
goto B7;
dn:
return;
goto B7;
LZ:
throw new Exception("More than one <saml:Subject> in <saml:Assertion>.");
B7:
$L2 = $L2[0];
$Be = Utilities::xpQuery($L2, "./saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData");
if (empty($Be)) {
goto uL;
}
if (count($Be) > 1) {
goto xg;
}
goto EH;
uL:
if ($_POST["RelayState"] == "testValidate" or $_POST["RelayState"] == "testNewCertificate") {
goto j2;
}
wp_die("We could not sign you in. Please contact your administrator");
goto Ar;
j2:
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>\xd\xa <div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Missing NameID or EncryptedID in SAML Response</p>\xd\xa <p>Please contact your administrator and report the following error:</p>
<p><strong>Possible Cause:</strong> NameID not found in SAML Response subject</p>\xd
</div>
\xa <div style="margin:3%;display:block;text-align:center;">
<div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
exit;
Ar:
goto EH;
xg:
throw new Exception("More than one <saml:NameID> or <saml:EncryptedD> in <saml:Subject>.");
EH:
$Be = $Be[0];
if ($Be->localName === "EncryptedData") {
goto Bx;
}
$this->nameId = Utilities::parseNameId($Be);
goto lb;
Bx:
$this->encryptedNameId = $Be;
lb:
}
private function parseConditions(DOMElement $Yu)
{
$Z7 = Utilities::xpQuery($Yu, "./saml_assertion:Conditions");
if (empty($Z7)) {
goto ET;
}
if (count($Z7) > 1) {
goto l3;
}
goto V2;
ET:
return;
goto V2;
l3:
throw new Exception("More than one <saml:Conditions> in <saml:Assertion>.");
V2:
$Z7 = $Z7[0];
if (!$Z7->hasAttribute("NotBefore")) {
goto R9;
}
$A9 = Utilities::xsDateTimeToTimestamp($Z7->getAttribute("NotBefore"));
if (!($this->notBefore === NULL || $this->notBefore < $A9)) {
goto Zx;
}
$this->notBefore = $A9;
Zx:
R9:
if (!$Z7->hasAttribute("NotOnOrAfter")) {
goto da;
}
$F3 = Utilities::xsDateTimeToTimestamp($Z7->getAttribute("NotOnOrAfter"));
if (!($this->notOnOrAfter === NULL || $this->notOnOrAfter > $F3)) {
goto bV;
}
$this->notOnOrAfter = $F3;
bV:
da:
$EB = $Z7->firstChild;
ln:
if (!($EB !== NULL)) {
goto Ns;
}
if (!$EB instanceof DOMText) {
goto sZ;
}
goto lk;
sZ:
if (!($EB->namespaceURI !== "urn:oasis:names:tc:SAML:2.0:assertion")) {
goto qF;
}
throw new Exception("Unknown namespace of condition: " . var_export($EB->namespaceURI, TRUE));
qF:
switch ($EB->localName) {
case "AudienceRestriction":
$T7 = Utilities::extractStrings($EB, "urn:oasis:names:tc:SAML:2.0:assertion", "Audience");
if ($this->validAudiences === NULL) {
goto OH;
}
$this->validAudiences = array_intersect($this->validAudiences, $T7);
goto nk;
OH:
$this->validAudiences = $T7;
nk:
goto A7;
case "OneTimeUse":
goto A7;
case "ProxyRestriction":
goto A7;
default:
throw new Exception("Unknown condition: " . var_export($EB->localName, TRUE));
}
RA:
A7:
lk:
$EB = $EB->nextSibling;
goto ln;
Ns:
}
private function parseAuthnStatement(DOMElement $Yu)
{
$LH = Utilities::xpQuery($Yu, "./saml_assertion:AuthnStatement");
if (empty($LH)) {
goto aD;
}
if (count($LH) > 1) {
goto GO;
}
goto z3;
aD:
$this->authnInstant = NULL;
return;
goto z3;
GO:
throw new Exception("More that one <saml:AuthnStatement> in <saml:Assertion> not supported.");
z3:
$Dm = $LH[0];
if ($Dm->hasAttribute("AuthnInstant")) {
goto RZ;
}
throw new Exception("Missing required AuthnInstant attribute on <saml:AuthnStatement>.");
RZ:
$this->authnInstant = Utilities::xsDateTimeToTimestamp($Dm->getAttribute("AuthnInstant"));
if (!$Dm->hasAttribute("SessionNotOnOrAfter")) {
goto Qj;
}
$this->sessionNotOnOrAfter = Utilities::xsDateTimeToTimestamp($Dm->getAttribute("SessionNotOnOrAfter"));
Qj:
if (!$Dm->hasAttribute("SessionIndex")) {
goto q5;
}
$this->sessionIndex = $Dm->getAttribute("SessionIndex");
q5:
$this->parseAuthnContext($Dm);
}
private function parseAuthnContext(DOMElement $gR)
{
$N3 = Utilities::xpQuery($gR, "./saml_assertion:AuthnContext");
if (count($N3) > 1) {
goto zD;
}
if (empty($N3)) {
goto SH;
}
goto il;
zD:
throw new Exception("More than one <saml:AuthnContext> in <saml:AuthnStatement>.");
goto il;
SH:
throw new Exception("Missing required <saml:AuthnContext> in <saml:AuthnStatement>.");
il:
$Zy = $N3[0];
$qx = Utilities::xpQuery($Zy, "./saml_assertion:AuthnContextDeclRef");
if (count($qx) > 1) {
goto pl;
}
if (count($qx) === 1) {
goto yT;
}
goto CM;
pl:
throw new Exception("More than one <saml:AuthnContextDeclRef> found?");
goto CM;
yT:
$this->setAuthnContextDeclRef(trim($qx[0]->textContent));
CM:
$Db = Utilities::xpQuery($Zy, "./saml_assertion:AuthnContextDecl");
if (count($Db) > 1) {
goto uo;
}
if (count($Db) === 1) {
goto RR;
}
goto D8;
uo:
throw new Exception("More than one <saml:AuthnContextDecl> found?");
goto D8;
RR:
$this->setAuthnContextDecl(new SAML2_XML_Chunk($Db[0]));
D8:
$DZ = Utilities::xpQuery($Zy, "./saml_assertion:AuthnContextClassRef");
if (count($DZ) > 1) {
goto dt;
}
if (count($DZ) === 1) {
goto jp;
}
goto SE;
dt:
throw new Exception("More than one <saml:AuthnContextClassRef> in <saml:AuthnContext>.");
goto SE;
jp:
$this->setAuthnContextClassRef(trim($DZ[0]->textContent));
SE:
if (!(empty($this->authnContextClassRef) && empty($this->authnContextDecl) && empty($this->authnContextDeclRef))) {
goto lj;
}
throw new Exception("Missing either <saml:AuthnContextClassRef> or <saml:AuthnContextDeclRef> or <saml:AuthnContextDecl>");
lj:
$this->AuthenticatingAuthority = Utilities::extractStrings($Zy, "urn:oasis:names:tc:SAML:2.0:assertion", "AuthenticatingAuthority");
}
private function parseAttributes(DOMElement $Yu)
{
$VP = TRUE;
$ww = Utilities::xpQuery($Yu, "./saml_assertion:AttributeStatement/saml_assertion:Attribute");
foreach ($ww as $Oo) {
if ($Oo->hasAttribute("Name")) {
goto VR;
}
throw new Exception("Missing name on <saml:Attribute> element.");
VR:
$lZ = $Oo->getAttribute("Name");
if ($Oo->hasAttribute("NameFormat")) {
goto sz;
}
$wU = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
goto Kn;
sz:
$wU = $Oo->getAttribute("NameFormat");
Kn:
if ($VP) {
goto t4;
}
if (!($this->nameFormat !== $wU)) {
goto wP;
}
$this->nameFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
wP:
goto ag;
t4:
$this->nameFormat = $wU;
$VP = FALSE;
ag:
if (!empty($this->attributes[$lZ])) {
goto Xd;
}
$this->attributes[$lZ] = array();
Xd:
$El = Utilities::xpQuery($Oo, "./saml_assertion:AttributeValue");
foreach ($El as $Cd) {
$this->attributes[$lZ][] = trim($Cd->textContent);
mW:
}
C4:
au:
}
Fl:
}
private function parseEncryptedAttributes(DOMElement $Yu)
{
$this->encryptedAttribute = Utilities::xpQuery($Yu, "./saml_assertion:AttributeStatement/saml_assertion:EncryptedAttribute");
}
private function parseSignature(DOMElement $Yu)
{
$xQ = Utilities::validateElement($Yu);
if (!($xQ !== FALSE)) {
goto N_;
}
$this->wasSignedAtConstruction = TRUE;
$this->certificates = $xQ["Certificates"];
$this->signatureData = $xQ;
N_:
}
public function validate(XMLSecurityKey $tK)
{
if (!($this->signatureData === NULL)) {
goto k1;
}
return FALSE;
k1:
Utilities::validateSignature($this->signatureData, $tK);
return TRUE;
}
public function getId()
{
return $this->id;
}
public function setId($ga)
{
$this->id = $ga;
}
public function getIssueInstant()
{
return $this->issueInstant;
}
public function setIssueInstant($tA)
{
$this->issueInstant = $tA;
}
public function getIssuer()
{
return $this->issuer;
}
public function setIssuer($V4)
{
$this->issuer = $V4;
}
public function getNameId()
{
if (!($this->encryptedNameId !== NULL)) {
goto sb;
}
throw new Exception("Attempted to retrieve encrypted NameID without decrypting it first.");
sb:
return $this->nameId;
}
public function setNameId($Be)
{
$this->nameId = $Be;
}
public function isNameIdEncrypted()
{
if (!($this->encryptedNameId !== NULL)) {
goto oa;
}
return TRUE;
oa:
return FALSE;
}
public function encryptNameId(XMLSecurityKey $tK)
{
$Wq = new DOMDocument();
$zH = $Wq->createElement("root");
$Wq->appendChild($zH);
Utilities::addNameId($zH, $this->nameId);
$Be = $zH->firstChild;
Utilities::getContainer()->debugMessage($Be, "encrypt");
$to = new XMLSecEnc();
$to->setNode($Be);
$to->type = XMLSecEnc::Element;
$cn = new XMLSecurityKey(XMLSecurityKey::AES128_CBC);
$cn->generateSessionKey();
$to->encryptKey($tK, $cn);
$this->encryptedNameId = $to->encryptNode($cn);
$this->nameId = NULL;
}
public function decryptNameId(XMLSecurityKey $tK, array $Ac = array())
{
if (!($this->encryptedNameId === NULL)) {
goto WZ;
}
return;
WZ:
$Be = Utilities::decryptElement($this->encryptedNameId, $tK, $Ac);
Utilities::getContainer()->debugMessage($Be, "decrypt");
$this->nameId = Utilities::parseNameId($Be);
$this->encryptedNameId = NULL;
}
public function decryptAttributes(XMLSecurityKey $tK, array $Ac = array())
{
if (!($this->encryptedAttribute === NULL)) {
goto v1;
}
return;
v1:
$VP = TRUE;
$ww = $this->encryptedAttribute;
foreach ($ww as $As) {
$Oo = Utilities::decryptElement($As->getElementsByTagName("EncryptedData")->item(0), $tK, $Ac);
if ($Oo->hasAttribute("Name")) {
goto ng;
}
throw new Exception("Missing name on <saml:Attribute> element.");
ng:
$lZ = $Oo->getAttribute("Name");
if ($Oo->hasAttribute("NameFormat")) {
goto Vd;
}
$wU = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
goto MW;
Vd:
$wU = $Oo->getAttribute("NameFormat");
MW:
if ($VP) {
goto P9;
}
if (!($this->nameFormat !== $wU)) {
goto Ip;
}
$this->nameFormat = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
Ip:
goto Nr;
P9:
$this->nameFormat = $wU;
$VP = FALSE;
Nr:
if (!empty($this->attributes[$lZ])) {
goto PY;
}
$this->attributes[$lZ] = array();
PY:
$El = Utilities::xpQuery($Oo, "./saml_assertion:AttributeValue");
foreach ($El as $Cd) {
$this->attributes[$lZ][] = trim($Cd->textContent);
qc:
}
Ds:
qK:
}
eo:
}
public function getNotBefore()
{
return $this->notBefore;
}
public function setNotBefore($A9)
{
$this->notBefore = $A9;
}
public function getNotOnOrAfter()
{
return $this->notOnOrAfter;
}
public function setNotOnOrAfter($F3)
{
$this->notOnOrAfter = $F3;
}
public function setEncryptedAttributes($PE)
{
$this->requiredEncAttributes = $PE;
}
public function getValidAudiences()
{
return $this->validAudiences;
}
public function setValidAudiences(array $hb = NULL)
{
$this->validAudiences = $hb;
}
public function getAuthnInstant()
{
return $this->authnInstant;
}
public function setAuthnInstant($Zv)
{
$this->authnInstant = $Zv;
}
public function getSessionNotOnOrAfter()
{
return $this->sessionNotOnOrAfter;
}
public function setSessionNotOnOrAfter($mt)
{
$this->sessionNotOnOrAfter = $mt;
}
public function getSessionIndex()
{
return $this->sessionIndex;
}
public function setSessionIndex($fC)
{
$this->sessionIndex = $fC;
}
public function getAuthnContext()
{
if (empty($this->authnContextClassRef)) {
goto rp;
}
return $this->authnContextClassRef;
rp:
if (empty($this->authnContextDeclRef)) {
goto BG;
}
return $this->authnContextDeclRef;
BG:
return NULL;
}
public function setAuthnContext($LN)
{
$this->setAuthnContextClassRef($LN);
}
public function getAuthnContextClassRef()
{
return $this->authnContextClassRef;
}
public function setAuthnContextClassRef($zW)
{
$this->authnContextClassRef = $zW;
}
public function setAuthnContextDecl(SAML2_XML_Chunk $pT)
{
if (empty($this->authnContextDeclRef)) {
goto Eb;
}
throw new Exception("AuthnContextDeclRef is already registered! May only have either a Decl or a DeclRef, not both!");
Eb:
$this->authnContextDecl = $pT;
}
public function getAuthnContextDecl()
{
return $this->authnContextDecl;
}
public function setAuthnContextDeclRef($NL)
{
if (empty($this->authnContextDecl)) {
goto Lz;
}
throw new Exception("AuthnContextDecl is already registered! May only have either a Decl or a DeclRef, not both!");
Lz:
$this->authnContextDeclRef = $NL;
}
public function getAuthnContextDeclRef()
{
return $this->authnContextDeclRef;
}
public function getAuthenticatingAuthority()
{
return $this->AuthenticatingAuthority;
}
public function setAuthenticatingAuthority($Gq)
{
$this->AuthenticatingAuthority = $Gq;
}
public function getAttributes()
{
return $this->attributes;
}
public function setAttributes(array $ww)
{
$this->attributes = $ww;
}
public function getAttributeNameFormat()
{
return $this->nameFormat;
}
public function setAttributeNameFormat($wU)
{
$this->nameFormat = $wU;
}
public function getSubjectConfirmation()
{
return $this->SubjectConfirmation;
}
public function setSubjectConfirmation(array $JW)
{
$this->SubjectConfirmation = $JW;
}
public function getSignatureKey()
{
return $this->signatureKey;
}
public function setSignatureKey(XMLsecurityKey $M5 = NULL)
{
$this->signatureKey = $M5;
}
public function getEncryptionKey()
{
return $this->encryptionKey;
}
public function setEncryptionKey(XMLSecurityKey $OZ = NULL)
{
$this->encryptionKey = $OZ;
}
public function setCertificates(array $kh)
{
$this->certificates = $kh;
}
public function getCertificates()
{
return $this->certificates;
}
public function getSignatureData()
{
return $this->signatureData;
}
public function getWasSignedAtConstruction()
{
return $this->wasSignedAtConstruction;
}
public function toXML(DOMNode $Mt = NULL)
{
if ($Mt === NULL) {
goto Dh;
}
$Hr = $Mt->ownerDocument;
goto cS;
Dh:
$Hr = new DOMDocument();
$Mt = $Hr;
cS:
$zH = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:" . "Assertion");
$Mt->appendChild($zH);
$zH->setAttributeNS("urn:oasis:names:tc:SAML:2.0:protocol", "samlp:tmp", "tmp");
$zH->removeAttributeNS("urn:oasis:names:tc:SAML:2.0:protocol", "tmp");
$zH->setAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:tmp", "tmp");
$zH->removeAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "tmp");
$zH->setAttributeNS("http://www.w3.org/2001/XMLSchema", "xs:tmp", "tmp");
$zH->removeAttributeNS("http://www.w3.org/2001/XMLSchema", "tmp");
$zH->setAttribute("ID", $this->id);
$zH->setAttribute("Version", "2.0");
$zH->setAttribute("IssueInstant", gmdate("Y-m-d\TH:i:s\Z", $this->issueInstant));
$V4 = Utilities::addString($zH, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:Issuer", $this->issuer);
$this->addSubject($zH);
$this->addConditions($zH);
$this->addAuthnStatement($zH);
if ($this->requiredEncAttributes == FALSE) {
goto tk;
}
$this->addEncryptedAttributeStatement($zH);
goto V3;
tk:
$this->addAttributeStatement($zH);
V3:
if (!($this->signatureKey !== NULL)) {
goto Ef;
}
Utilities::insertSignature($this->signatureKey, $this->certificates, $zH, $V4->nextSibling);
Ef:
return $zH;
}
private function addSubject(DOMElement $zH)
{
if (!($this->nameId === NULL && $this->encryptedNameId === NULL)) {
goto x2;
}
return;
x2:
$L2 = $zH->ownerDocument->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:Subject");
$zH->appendChild($L2);
if ($this->encryptedNameId === NULL) {
goto ok;
}
$PZ = $L2->ownerDocument->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:" . "EncryptedID");
$L2->appendChild($PZ);
$PZ->appendChild($L2->ownerDocument->importNode($this->encryptedNameId, TRUE));
goto rN;
ok:
Utilities::addNameId($L2, $this->nameId);
rN:
foreach ($this->SubjectConfirmation as $mS) {
$mS->toXML($L2);
P0:
}
mg:
}
private function addConditions(DOMElement $zH)
{
$Hr = $zH->ownerDocument;
$Z7 = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:Conditions");
$zH->appendChild($Z7);
if (!($this->notBefore !== NULL)) {
goto zt;
}
$Z7->setAttribute("NotBefore", gmdate("Y-m-d\TH:i:s\Z", $this->notBefore));
zt:
if (!($this->notOnOrAfter !== NULL)) {
goto Zh;
}
$Z7->setAttribute("NotOnOrAfter", gmdate("Y-m-d\TH:i:s\Z", $this->notOnOrAfter));
Zh:
if (!($this->validAudiences !== NULL)) {
goto HS;
}
$iS = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AudienceRestriction");
$Z7->appendChild($iS);
Utilities::addStrings($iS, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:Audience", FALSE, $this->validAudiences);
HS:
}
private function addAuthnStatement(DOMElement $zH)
{
if (!($this->authnInstant === NULL || $this->authnContextClassRef === NULL && $this->authnContextDecl === NULL && $this->authnContextDeclRef === NULL)) {
goto BW;
}
return;
BW:
$Hr = $zH->ownerDocument;
$gR = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthnStatement");
$zH->appendChild($gR);
$gR->setAttribute("AuthnInstant", gmdate("Y-m-d\TH:i:s\Z", $this->authnInstant));
if (!($this->sessionNotOnOrAfter !== NULL)) {
goto A_;
}
$gR->setAttribute("SessionNotOnOrAfter", gmdate("Y-m-d\TH:i:s\Z", $this->sessionNotOnOrAfter));
A_:
if (!($this->sessionIndex !== NULL)) {
goto kK;
}
$gR->setAttribute("SessionIndex", $this->sessionIndex);
kK:
$Zy = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthnContext");
$gR->appendChild($Zy);
if (empty($this->authnContextClassRef)) {
goto N2;
}
Utilities::addString($Zy, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthnContextClassRef", $this->authnContextClassRef);
N2:
if (empty($this->authnContextDecl)) {
goto wM;
}
$this->authnContextDecl->toXML($Zy);
wM:
if (empty($this->authnContextDeclRef)) {
goto Da;
}
Utilities::addString($Zy, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthnContextDeclRef", $this->authnContextDeclRef);
Da:
Utilities::addStrings($Zy, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthenticatingAuthority", FALSE, $this->AuthenticatingAuthority);
}
private function addAttributeStatement(DOMElement $zH)
{
if (!empty($this->attributes)) {
goto hq;
}
return;
hq:
$Hr = $zH->ownerDocument;
$wx = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AttributeStatement");
$zH->appendChild($wx);
foreach ($this->attributes as $lZ => $El) {
$Oo = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:Attribute");
$wx->appendChild($Oo);
$Oo->setAttribute("Name", $lZ);
if (!($this->nameFormat !== "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified")) {
goto gX;
}
$Oo->setAttribute("NameFormat", $this->nameFormat);
gX:
foreach ($El as $Cd) {
if (is_string($Cd)) {
goto Dy;
}
if (is_int($Cd)) {
goto Km;
}
$Ks = NULL;
goto ux;
Dy:
$Ks = "xs:string";
goto ux;
Km:
$Ks = "xs:integer";
ux:
$E7 = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AttributeValue");
$Oo->appendChild($E7);
if (!($Ks !== NULL)) {
goto eu;
}
$E7->setAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:type", $Ks);
eu:
if (!is_null($Cd)) {
goto Ry;
}
$E7->setAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:nil", "true");
Ry:
if ($Cd instanceof DOMNodeList) {
goto ME;
}
$E7->appendChild($Hr->createTextNode($Cd));
goto Ld;
ME:
$fN = 0;
Vr:
if (!($fN < $Cd->length)) {
goto o_;
}
$EB = $Hr->importNode($Cd->item($fN), TRUE);
$E7->appendChild($EB);
bK:
$fN++;
goto Vr;
o_:
Ld:
vF:
}
QZ:
wv:
}
qj:
}
private function addEncryptedAttributeStatement(DOMElement $zH)
{
if (!($this->requiredEncAttributes == FALSE)) {
goto up;
}
return;
up:
$Hr = $zH->ownerDocument;
$wx = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AttributeStatement");
$zH->appendChild($wx);
foreach ($this->attributes as $lZ => $El) {
$lj = new DOMDocument();
$Oo = $lj->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:Attribute");
$Oo->setAttribute("Name", $lZ);
$lj->appendChild($Oo);
if (!($this->nameFormat !== "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified")) {
goto ql;
}
$Oo->setAttribute("NameFormat", $this->nameFormat);
ql:
foreach ($El as $Cd) {
if (is_string($Cd)) {
goto Kt;
}
if (is_int($Cd)) {
goto nB;
}
$Ks = NULL;
goto YL;
Kt:
$Ks = "xs:string";
goto YL;
nB:
$Ks = "xs:integer";
YL:
$E7 = $lj->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AttributeValue");
$Oo->appendChild($E7);
if (!($Ks !== NULL)) {
goto uR;
}
$E7->setAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:type", $Ks);
uR:
if ($Cd instanceof DOMNodeList) {
goto kY;
}
$E7->appendChild($lj->createTextNode($Cd));
goto Ui;
kY:
$fN = 0;
am:
if (!($fN < $Cd->length)) {
goto Go;
}
$EB = $lj->importNode($Cd->item($fN), TRUE);
$E7->appendChild($EB);
Ap:
$fN++;
goto am;
Go:
Ui:
C7:
}
gh:
$aq = new XMLSecEnc();
$aq->setNode($lj->documentElement);
$aq->type = "http://www.w3.org/2001/04/xmlenc#Element";
$cn = new XMLSecurityKey(XMLSecurityKey::AES256_CBC);
$cn->generateSessionKey();
$aq->encryptKey($this->encryptionKey, $cn);
$r5 = $aq->encryptNode($cn);
$HT = $Hr->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:EncryptedAttribute");
$wx->appendChild($HT);
$sp = $Hr->importNode($r5, TRUE);
$HT->appendChild($sp);
QJ:
}
DL:
}
public function getPrivateKeyUrl()
{
return $this->privateKeyUrl;
}
public function setPrivateKeyUrl($kk)
{
$this->privateKeyUrl = $kk;
}
}
?>
Did this file decode correctly?
Original Code
<?php
/**
* This file is part of miniOrange SAML plugin and takes care of operations on the SAML Assertion.
*
* @link https://plugins.miniorange.com
* @author miniOrange
* @package miniorange-saml-20-single-sign-on
*/
include_once 'Utilities.php';
include_once 'xmlseclibs.php';
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class SAML2_Assertion
{
private $id;
private $issueInstant;
private $issuer;
private $nameId;
private $encryptedNameId;
private $encryptedAttribute;
private $encryptionKey;
private $notBefore;
private $notOnOrAfter;
private $validAudiences;
private $sessionNotOnOrAfter;
private $sessionIndex;
private $authnInstant;
private $authnContextClassRef;
private $authnContextDecl;
private $authnContextDeclRef;
private $AuthenticatingAuthority;
private $attributes;
private $nameFormat;
private $signatureKey;
private $certificates;
private $signatureData;
private $requiredEncAttributes;
private $SubjectConfirmation;
private $privateKeyUrl;
protected $wasSignedAtConstruction = FALSE;
public function __construct(DOMElement $Yu = NULL, $kk)
{
$this->id = Utilities::generateId();
$this->issueInstant = Utilities::generateTimestamp();
$this->issuer = '';
$this->authnInstant = Utilities::generateTimestamp();
$this->attributes = array();
$this->nameFormat = "\165\162\156\72\x6f\141\163\x69\x73\72\156\141\155\x65\x73\72\x74\x63\x3a\123\x41\115\x4c\72\x31\56\x31\x3a\156\x61\155\145\x69\x64\55\146\157\162\x6d\141\164\x3a\x75\156\163\x70\145\143\x69\146\x69\145\x64";
$this->certificates = array();
$this->AuthenticatingAuthority = array();
$this->SubjectConfirmation = array();
if (!($Yu === NULL)) {
goto j6;
}
return;
j6:
if (!($Yu->localName === "\105\x6e\x63\x72\171\160\164\x65\x64\x41\163\163\x65\x72\x74\x69\x6f\x6e")) {
goto GA;
}
$t8 = Utilities::xpQuery($Yu, "\56\x2f\x78\145\156\143\72\105\156\x63\x72\x79\x70\x74\145\144\104\141\x74\141");
$nI = Utilities::xpQuery($Yu, "\56\x2f\170\145\156\x63\72\105\x6e\143\162\x79\160\164\x65\144\x44\x61\x74\141\x2f\x64\163\x3a\x4b\x65\171\111\x6e\x66\157\57\x78\x65\156\143\x3a\105\x6e\x63\x72\x79\x70\164\145\144\113\145\x79");
$I5 = '';
if (empty($nI)) {
goto Qz;
}
$I5 = $nI[0]->firstChild->getAttribute("\x41\x6c\x67\157\162\151\x74\x68\x6d");
goto lS;
Qz:
$nI = Utilities::xpQuery($Yu, "\56\57\x78\x65\x6e\x63\72\105\x6e\143\x72\x79\x70\164\145\144\x4b\x65\171\x2f\170\145\x6e\143\72\x45\x6e\x63\162\171\x70\x74\x69\157\156\x4d\145\x74\x68\157\144");
$I5 = $nI[0]->getAttribute("\x41\154\147\x6f\162\x69\164\x68\155");
lS:
$uP = Utilities::getEncryptionAlgorithm($I5);
if (count($t8) === 0) {
goto Hi;
}
if (count($t8) > 1) {
goto a6;
}
goto T8;
Hi:
throw new Exception("\x4d\151\163\163\x69\x6e\x67\x20\x65\156\143\x72\x79\x70\164\x65\x64\40\x64\x61\164\x61\x20\151\x6e\40\x3c\x73\x61\155\154\x3a\x45\156\143\162\x79\x70\164\145\x64\x41\163\163\145\162\164\151\157\x6e\76\56");
goto T8;
a6:
throw new Exception("\115\x6f\x72\145\x20\x74\150\x61\156\x20\157\156\x65\x20\x65\156\x63\162\x79\160\x74\x65\x64\40\144\141\x74\141\x20\x65\154\145\x6d\x65\156\164\40\151\156\40\x3c\x73\141\155\154\72\105\156\143\x72\171\160\164\x65\144\x41\x73\163\145\162\164\151\x6f\x6e\x3e\x2e");
T8:
$tK = new XMLSecurityKey($uP, array("\164\171\x70\145" => "\x70\x72\x69\x76\141\x74\145"));
$tX = get_site_option("\155\x6f\x5f\x73\141\155\x6c\137\x63\x75\162\162\x65\156\164\137\x63\145\x72\164\137\x70\162\151\166\141\x74\145\137\x6b\145\171");
$tK->loadKey($kk, FALSE);
$Ac = array();
$Yu = Utilities::decryptElement($t8[0], $tK, $Ac);
GA:
if ($Yu->hasAttribute("\111\x44")) {
goto Ep;
}
throw new Exception("\x4d\151\x73\x73\x69\156\147\40\x49\104\40\x61\164\164\x72\151\x62\165\164\x65\x20\157\156\40\x53\101\115\114\40\141\163\x73\145\x72\164\x69\157\x6e\56");
Ep:
$this->id = $Yu->getAttribute("\111\x44");
if (!($Yu->getAttribute("\x56\x65\x72\163\x69\157\156") !== "\62\56\60")) {
goto t2;
}
throw new Exception("\125\156\163\165\160\x70\157\162\x74\x65\x64\40\166\x65\x72\x73\151\157\x6e\72\x20" . $Yu->getAttribute("\126\145\x72\x73\x69\x6f\156"));
t2:
$this->issueInstant = Utilities::xsDateTimeToTimestamp($Yu->getAttribute("\111\163\x73\x75\145\x49\156\x73\164\x61\x6e\x74"));
$V4 = Utilities::xpQuery($Yu, "\x2e\57\x73\141\155\154\137\x61\163\163\x65\x72\x74\151\x6f\156\x3a\111\163\163\165\145\162");
if (!empty($V4)) {
goto Nf;
}
throw new Exception("\x4d\x69\x73\163\x69\x6e\x67\40\74\x73\x61\155\154\x3a\111\163\x73\x75\x65\x72\x3e\40\151\x6e\40\x61\x73\163\x65\x72\x74\x69\157\156\x2e");
Nf:
$this->issuer = trim($V4[0]->textContent);
$this->parseConditions($Yu);
$this->parseAuthnStatement($Yu);
$this->parseAttributes($Yu);
$this->parseEncryptedAttributes($Yu);
$this->parseSignature($Yu);
$this->parseSubject($Yu);
}
private function parseSubject(DOMElement $Yu)
{
$L2 = Utilities::xpQuery($Yu, "\56\x2f\163\x61\x6d\x6c\x5f\141\163\163\145\162\x74\x69\157\x6e\72\x53\x75\142\x6a\145\143\x74");
if (empty($L2)) {
goto dn;
}
if (count($L2) > 1) {
goto LZ;
}
goto B7;
dn:
return;
goto B7;
LZ:
throw new Exception("\115\157\x72\145\40\164\150\141\156\40\x6f\156\145\x20\74\163\x61\155\154\72\x53\165\x62\x6a\x65\143\164\76\x20\151\156\40\x3c\x73\x61\155\154\x3a\101\x73\163\145\162\164\151\x6f\156\x3e\x2e");
B7:
$L2 = $L2[0];
$Be = Utilities::xpQuery($L2, "\x2e\x2f\163\141\x6d\154\x5f\x61\163\x73\145\162\x74\151\157\x6e\72\116\x61\155\145\111\x44\x20\174\x20\x2e\x2f\163\x61\x6d\x6c\137\x61\163\163\x65\x72\x74\x69\157\156\x3a\105\x6e\x63\162\171\160\164\145\144\x49\104\57\x78\145\x6e\143\72\105\x6e\x63\162\171\x70\164\145\x64\x44\141\x74\141");
if (empty($Be)) {
goto uL;
}
if (count($Be) > 1) {
goto xg;
}
goto EH;
uL:
if ($_POST["\122\145\154\x61\x79\123\x74\141\x74\x65"] == "\x74\145\x73\164\x56\x61\154\x69\x64\x61\164\x65" or $_POST["\122\145\x6c\x61\171\123\164\x61\x74\x65"] == "\164\145\x73\164\x4e\145\x77\x43\145\x72\x74\151\146\151\x63\141\x74\145") {
goto j2;
}
wp_die("\127\x65\40\x63\157\165\154\144\40\x6e\x6f\x74\40\163\x69\x67\x6e\40\171\157\165\x20\151\x6e\x2e\40\120\154\x65\141\x73\145\x20\143\x6f\x6e\x74\x61\x63\x74\x20\171\157\165\x72\x20\x61\144\x6d\x69\x6e\x69\163\x74\x72\141\x74\157\x72");
goto Ar;
j2:
echo "\74\x64\x69\x76\x20\163\164\x79\154\x65\x3d\42\146\157\x6e\x74\55\146\141\x6d\151\154\171\x3a\103\x61\154\151\x62\162\x69\73\x70\x61\144\144\151\156\147\72\x30\x20\63\45\73\42\76";
echo "\x3c\x64\151\x76\40\163\x74\171\x6c\x65\75\42\143\x6f\154\157\x72\x3a\40\x23\141\71\64\x34\64\62\73\142\x61\143\x6b\147\x72\x6f\165\156\x64\55\x63\x6f\x6c\157\162\72\40\x23\x66\x32\x64\x65\144\145\x3b\x70\141\144\x64\151\156\147\72\x20\61\x35\x70\x78\73\x6d\141\162\x67\x69\156\55\x62\x6f\x74\x74\x6f\155\x3a\40\62\x30\160\x78\x3b\164\x65\x78\x74\55\x61\x6c\x69\147\x6e\72\143\x65\156\x74\145\x72\73\142\x6f\162\x64\x65\162\x3a\x31\160\170\40\x73\157\x6c\x69\144\40\43\105\66\x42\x33\x42\x32\x3b\146\157\x6e\164\x2d\163\151\x7a\145\72\x31\70\160\164\73\x22\76\40\x45\x52\x52\117\122\74\57\144\x69\166\x3e\xd\xa\x20\x20\40\x20\x20\40\x20\x20\40\40\40\74\144\x69\166\x20\x73\164\x79\x6c\x65\75\x22\x63\x6f\x6c\157\x72\72\40\x23\141\71\64\64\64\62\x3b\x66\x6f\x6e\x74\55\163\x69\x7a\145\72\x31\x34\160\x74\73\40\x6d\141\x72\x67\151\156\55\x62\157\x74\x74\157\155\72\x32\60\160\170\x3b\42\x3e\74\160\76\x3c\x73\164\162\157\x6e\147\76\105\x72\x72\x6f\x72\72\40\x3c\x2f\x73\x74\162\x6f\x6e\x67\x3e\115\151\x73\x73\x69\156\147\40\x20\x4e\x61\x6d\x65\111\104\40\157\162\40\x45\156\143\162\171\x70\164\145\144\x49\x44\40\x69\x6e\x20\123\x41\x4d\x4c\x20\x52\x65\163\160\157\156\x73\x65\74\57\160\x3e\xd\xa\40\x20\x20\x20\x20\40\x20\x20\x20\40\x20\40\40\40\40\x20\x3c\160\76\x50\154\145\141\x73\x65\40\x63\157\x6e\x74\x61\143\x74\x20\171\x6f\165\x72\40\x61\x64\x6d\x69\156\x69\x73\164\162\141\x74\157\162\x20\141\x6e\x64\40\162\145\x70\x6f\x72\164\x20\x74\150\145\40\x66\157\154\x6c\x6f\x77\151\x6e\147\40\145\162\x72\x6f\x72\72\74\x2f\160\76\15\12\x20\x20\x20\40\40\40\40\x20\x20\40\40\40\40\40\40\40\74\x70\x3e\74\x73\164\162\157\156\x67\x3e\120\x6f\163\163\x69\142\x6c\145\x20\x43\141\165\163\145\72\74\x2f\163\x74\x72\157\156\147\76\40\x4e\x61\x6d\x65\111\104\40\156\157\164\40\x66\x6f\165\156\x64\40\151\156\x20\123\101\115\x4c\40\122\145\163\x70\x6f\x6e\x73\x65\40\163\x75\142\152\145\x63\x74\74\57\x70\76\xd\12\40\40\x20\x20\40\40\x20\x20\40\x20\x20\x20\40\40\40\x20\x3c\57\144\151\x76\x3e\15\xa\x20\x20\x20\40\x20\x20\x20\40\x20\40\40\x20\40\40\40\40\74\144\x69\x76\x20\163\x74\x79\154\x65\75\x22\155\x61\x72\147\x69\x6e\72\x33\x25\73\144\x69\163\160\154\x61\x79\72\142\154\x6f\x63\153\x3b\164\145\170\x74\x2d\x61\154\151\147\156\x3a\x63\x65\x6e\x74\145\162\73\42\x3e\15\12\x20\x20\x20\40\x20\x20\x20\40\40\x20\40\40\x20\x20\40\x20\74\144\x69\166\x20\163\x74\171\x6c\145\75\42\x6d\141\x72\147\151\156\72\63\x25\73\144\x69\x73\x70\154\x61\171\72\x62\x6c\x6f\143\x6b\73\x74\x65\170\x74\55\x61\154\x69\147\156\72\x63\145\156\x74\x65\x72\x3b\x22\76\x3c\x69\156\x70\x75\x74\40\x73\x74\x79\x6c\145\75\x22\160\x61\x64\x64\x69\156\147\x3a\61\x25\73\167\x69\x64\164\150\72\61\60\60\x70\x78\73\x62\x61\143\x6b\x67\x72\157\165\156\144\72\x20\x23\60\60\x39\x31\x43\104\40\156\x6f\x6e\145\x20\162\x65\x70\145\141\x74\40\163\x63\162\157\x6c\154\40\60\45\x20\x30\45\73\x63\x75\x72\163\157\x72\72\x20\160\157\151\x6e\164\x65\x72\x3b\x66\x6f\156\x74\55\x73\151\172\x65\72\x31\x35\160\x78\x3b\142\157\162\x64\145\x72\x2d\167\x69\144\x74\150\72\40\x31\160\x78\x3b\x62\x6f\x72\x64\x65\162\x2d\x73\x74\171\x6c\x65\72\x20\163\x6f\x6c\x69\x64\x3b\142\157\162\144\x65\162\x2d\x72\x61\144\x69\x75\x73\x3a\40\x33\x70\170\73\x77\x68\x69\x74\x65\55\x73\160\141\143\x65\x3a\40\x6e\x6f\167\162\141\160\x3b\x62\x6f\170\x2d\x73\151\172\x69\x6e\x67\72\x20\142\x6f\162\144\145\x72\x2d\142\x6f\x78\x3b\142\157\162\x64\x65\x72\55\143\157\154\157\162\72\x20\x23\60\60\67\63\x41\101\x3b\x62\x6f\x78\55\163\x68\x61\x64\x6f\x77\72\40\x30\160\170\40\x31\x70\170\x20\60\x70\x78\40\162\x67\142\x61\50\61\62\x30\x2c\40\62\60\60\54\x20\x32\63\x30\54\x20\x30\56\x36\51\x20\x69\156\163\x65\x74\x3b\x63\157\x6c\157\162\72\40\43\x46\x46\x46\73\42\164\171\160\x65\75\x22\x62\x75\x74\164\157\x6e\x22\40\x76\x61\x6c\x75\145\75\42\104\157\156\145\42\x20\157\x6e\103\x6c\151\x63\153\x3d\42\163\x65\x6c\146\x2e\x63\154\157\x73\x65\x28\x29\x3b\x22\x3e\x3c\57\144\151\166\76";
exit;
Ar:
goto EH;
xg:
throw new Exception("\x4d\x6f\x72\145\x20\x74\150\x61\x6e\40\157\156\x65\40\74\163\x61\155\154\72\x4e\141\155\x65\111\104\76\x20\157\x72\x20\x3c\x73\141\155\154\x3a\x45\156\143\x72\x79\x70\164\x65\144\x44\76\x20\x69\x6e\40\x3c\163\x61\155\154\72\x53\165\x62\152\145\143\164\76\56");
EH:
$Be = $Be[0];
if ($Be->localName === "\105\156\x63\x72\x79\x70\164\145\144\x44\x61\164\x61") {
goto Bx;
}
$this->nameId = Utilities::parseNameId($Be);
goto lb;
Bx:
$this->encryptedNameId = $Be;
lb:
}
private function parseConditions(DOMElement $Yu)
{
$Z7 = Utilities::xpQuery($Yu, "\x2e\57\163\141\x6d\x6c\x5f\141\x73\x73\145\162\164\151\157\156\72\103\157\x6e\144\x69\x74\x69\x6f\156\x73");
if (empty($Z7)) {
goto ET;
}
if (count($Z7) > 1) {
goto l3;
}
goto V2;
ET:
return;
goto V2;
l3:
throw new Exception("\115\x6f\x72\145\40\x74\150\x61\x6e\x20\157\156\x65\x20\74\163\141\x6d\x6c\x3a\103\157\x6e\144\x69\x74\x69\x6f\156\163\76\x20\x69\x6e\x20\74\163\x61\155\x6c\x3a\101\x73\x73\x65\162\164\x69\x6f\x6e\76\x2e");
V2:
$Z7 = $Z7[0];
if (!$Z7->hasAttribute("\116\157\x74\102\145\x66\x6f\162\x65")) {
goto R9;
}
$A9 = Utilities::xsDateTimeToTimestamp($Z7->getAttribute("\x4e\x6f\x74\102\145\146\157\x72\145"));
if (!($this->notBefore === NULL || $this->notBefore < $A9)) {
goto Zx;
}
$this->notBefore = $A9;
Zx:
R9:
if (!$Z7->hasAttribute("\116\x6f\x74\117\156\117\162\x41\146\164\x65\162")) {
goto da;
}
$F3 = Utilities::xsDateTimeToTimestamp($Z7->getAttribute("\116\157\x74\x4f\x6e\x4f\162\x41\146\x74\145\162"));
if (!($this->notOnOrAfter === NULL || $this->notOnOrAfter > $F3)) {
goto bV;
}
$this->notOnOrAfter = $F3;
bV:
da:
$EB = $Z7->firstChild;
ln:
if (!($EB !== NULL)) {
goto Ns;
}
if (!$EB instanceof DOMText) {
goto sZ;
}
goto lk;
sZ:
if (!($EB->namespaceURI !== "\165\162\x6e\72\x6f\141\x73\x69\x73\72\156\x61\x6d\x65\163\72\x74\x63\72\x53\x41\115\x4c\x3a\x32\56\60\x3a\x61\163\x73\x65\x72\164\x69\x6f\156")) {
goto qF;
}
throw new Exception("\125\156\153\156\x6f\167\x6e\40\156\x61\155\x65\x73\160\x61\143\x65\40\x6f\x66\x20\x63\157\x6e\x64\151\x74\x69\157\x6e\x3a\40" . var_export($EB->namespaceURI, TRUE));
qF:
switch ($EB->localName) {
case "\x41\x75\144\x69\x65\156\143\145\x52\145\x73\x74\x72\151\x63\x74\151\157\x6e":
$T7 = Utilities::extractStrings($EB, "\165\162\156\x3a\x6f\x61\163\151\163\72\156\141\155\x65\x73\72\x74\143\x3a\123\101\115\114\72\62\56\60\x3a\x61\x73\x73\145\x72\164\x69\x6f\x6e", "\101\165\x64\151\145\156\x63\x65");
if ($this->validAudiences === NULL) {
goto OH;
}
$this->validAudiences = array_intersect($this->validAudiences, $T7);
goto nk;
OH:
$this->validAudiences = $T7;
nk:
goto A7;
case "\117\x6e\145\124\x69\155\x65\125\x73\x65":
goto A7;
case "\x50\162\157\170\x79\122\145\163\164\x72\151\x63\164\151\157\x6e":
goto A7;
default:
throw new Exception("\125\156\153\x6e\x6f\167\156\40\x63\x6f\156\x64\x69\x74\x69\157\156\72\40" . var_export($EB->localName, TRUE));
}
RA:
A7:
lk:
$EB = $EB->nextSibling;
goto ln;
Ns:
}
private function parseAuthnStatement(DOMElement $Yu)
{
$LH = Utilities::xpQuery($Yu, "\x2e\x2f\163\x61\x6d\154\137\x61\163\163\x65\x72\x74\x69\x6f\156\72\101\165\x74\150\x6e\123\x74\x61\x74\145\155\x65\x6e\164");
if (empty($LH)) {
goto aD;
}
if (count($LH) > 1) {
goto GO;
}
goto z3;
aD:
$this->authnInstant = NULL;
return;
goto z3;
GO:
throw new Exception("\115\x6f\162\x65\x20\x74\150\x61\x74\40\157\156\x65\40\74\163\x61\x6d\154\x3a\x41\x75\x74\150\x6e\x53\x74\x61\x74\x65\x6d\145\156\164\76\40\x69\156\40\74\163\141\155\154\72\101\163\163\145\x72\x74\151\157\156\76\40\x6e\157\x74\x20\163\165\x70\x70\x6f\x72\164\145\x64\56");
z3:
$Dm = $LH[0];
if ($Dm->hasAttribute("\101\x75\x74\150\156\111\x6e\x73\164\x61\x6e\164")) {
goto RZ;
}
throw new Exception("\x4d\151\x73\x73\x69\156\147\x20\x72\145\x71\165\x69\162\145\x64\x20\101\165\x74\x68\x6e\x49\156\163\164\x61\x6e\164\40\141\164\x74\162\151\142\x75\164\x65\x20\157\x6e\x20\74\x73\x61\155\x6c\x3a\x41\x75\164\x68\x6e\123\x74\141\x74\x65\155\145\x6e\164\x3e\x2e");
RZ:
$this->authnInstant = Utilities::xsDateTimeToTimestamp($Dm->getAttribute("\101\x75\164\x68\x6e\x49\156\163\164\141\156\164"));
if (!$Dm->hasAttribute("\x53\x65\163\x73\x69\x6f\x6e\x4e\x6f\164\117\156\x4f\x72\x41\x66\164\145\162")) {
goto Qj;
}
$this->sessionNotOnOrAfter = Utilities::xsDateTimeToTimestamp($Dm->getAttribute("\x53\x65\x73\x73\x69\x6f\x6e\116\157\x74\x4f\x6e\117\162\x41\146\164\x65\x72"));
Qj:
if (!$Dm->hasAttribute("\x53\x65\x73\163\151\x6f\x6e\111\156\x64\x65\170")) {
goto q5;
}
$this->sessionIndex = $Dm->getAttribute("\x53\145\x73\x73\151\x6f\x6e\111\x6e\144\145\x78");
q5:
$this->parseAuthnContext($Dm);
}
private function parseAuthnContext(DOMElement $gR)
{
$N3 = Utilities::xpQuery($gR, "\56\x2f\x73\x61\x6d\x6c\137\141\x73\163\x65\162\164\151\x6f\156\72\101\165\x74\x68\156\x43\x6f\156\x74\x65\170\164");
if (count($N3) > 1) {
goto zD;
}
if (empty($N3)) {
goto SH;
}
goto il;
zD:
throw new Exception("\x4d\x6f\162\x65\40\x74\150\141\156\40\x6f\156\145\x20\74\163\x61\x6d\154\x3a\101\165\164\x68\x6e\103\x6f\156\x74\x65\170\164\x3e\x20\x69\156\x20\x3c\x73\141\155\154\x3a\x41\x75\x74\x68\x6e\x53\x74\x61\164\145\x6d\145\x6e\x74\76\x2e");
goto il;
SH:
throw new Exception("\x4d\x69\x73\x73\x69\x6e\x67\x20\162\x65\x71\165\x69\x72\145\144\40\x3c\163\141\155\154\x3a\101\165\x74\150\x6e\x43\x6f\x6e\164\x65\170\x74\x3e\40\151\156\40\x3c\163\141\155\x6c\x3a\101\x75\164\150\x6e\123\x74\x61\x74\x65\155\145\x6e\x74\76\x2e");
il:
$Zy = $N3[0];
$qx = Utilities::xpQuery($Zy, "\x2e\57\163\141\x6d\x6c\x5f\x61\x73\x73\145\162\164\x69\x6f\156\72\101\x75\x74\150\156\103\157\156\164\x65\170\164\104\145\x63\154\x52\x65\x66");
if (count($qx) > 1) {
goto pl;
}
if (count($qx) === 1) {
goto yT;
}
goto CM;
pl:
throw new Exception("\x4d\157\162\x65\x20\x74\150\141\x6e\x20\x6f\156\145\40\x3c\163\141\x6d\154\72\x41\165\164\150\x6e\x43\157\x6e\x74\x65\170\164\x44\x65\x63\x6c\x52\x65\146\x3e\40\146\x6f\165\156\x64\x3f");
goto CM;
yT:
$this->setAuthnContextDeclRef(trim($qx[0]->textContent));
CM:
$Db = Utilities::xpQuery($Zy, "\x2e\57\163\141\155\x6c\137\x61\x73\x73\145\162\x74\x69\157\156\72\101\165\164\150\x6e\103\x6f\x6e\x74\145\170\x74\104\x65\x63\x6c");
if (count($Db) > 1) {
goto uo;
}
if (count($Db) === 1) {
goto RR;
}
goto D8;
uo:
throw new Exception("\x4d\157\x72\x65\x20\164\150\141\x6e\40\x6f\x6e\145\x20\x3c\x73\141\x6d\x6c\72\101\165\164\150\156\x43\157\156\164\x65\170\164\104\145\143\154\x3e\40\x66\157\165\156\x64\x3f");
goto D8;
RR:
$this->setAuthnContextDecl(new SAML2_XML_Chunk($Db[0]));
D8:
$DZ = Utilities::xpQuery($Zy, "\56\57\x73\141\155\154\x5f\x61\163\163\145\x72\x74\151\x6f\x6e\72\x41\165\x74\x68\x6e\103\x6f\156\164\x65\170\x74\x43\x6c\x61\x73\163\122\145\x66");
if (count($DZ) > 1) {
goto dt;
}
if (count($DZ) === 1) {
goto jp;
}
goto SE;
dt:
throw new Exception("\x4d\157\x72\145\40\164\x68\x61\156\x20\x6f\x6e\x65\40\x3c\x73\141\x6d\154\x3a\101\x75\x74\x68\x6e\103\157\x6e\164\145\170\164\x43\x6c\141\x73\x73\122\145\x66\76\x20\151\x6e\x20\x3c\x73\141\x6d\154\72\101\x75\164\x68\x6e\x43\x6f\156\x74\x65\170\164\76\x2e");
goto SE;
jp:
$this->setAuthnContextClassRef(trim($DZ[0]->textContent));
SE:
if (!(empty($this->authnContextClassRef) && empty($this->authnContextDecl) && empty($this->authnContextDeclRef))) {
goto lj;
}
throw new Exception("\x4d\x69\163\163\x69\x6e\147\x20\145\151\x74\150\x65\x72\x20\x3c\x73\x61\x6d\154\72\101\x75\164\x68\156\x43\x6f\x6e\x74\145\x78\x74\x43\154\141\163\163\x52\145\x66\76\x20\x6f\x72\40\x3c\x73\x61\155\154\72\101\x75\164\150\156\x43\x6f\x6e\164\145\x78\x74\104\145\x63\x6c\122\145\x66\76\40\x6f\162\40\x3c\x73\141\155\154\72\x41\x75\164\x68\156\x43\157\x6e\164\x65\170\164\x44\145\143\154\76");
lj:
$this->AuthenticatingAuthority = Utilities::extractStrings($Zy, "\165\x72\156\x3a\157\141\163\x69\x73\72\x6e\141\x6d\x65\163\72\164\143\x3a\x53\101\x4d\114\72\62\56\60\72\x61\x73\x73\145\162\x74\x69\157\156", "\101\x75\x74\x68\x65\156\x74\151\143\141\164\151\x6e\x67\101\x75\164\150\157\162\151\x74\x79");
}
private function parseAttributes(DOMElement $Yu)
{
$VP = TRUE;
$ww = Utilities::xpQuery($Yu, "\56\57\x73\x61\155\154\137\141\x73\163\x65\x72\164\151\157\156\72\101\164\x74\162\151\142\165\164\145\x53\164\x61\164\x65\x6d\x65\156\x74\x2f\163\141\x6d\x6c\x5f\141\x73\163\145\x72\164\151\x6f\156\72\x41\164\x74\162\151\142\165\164\x65");
foreach ($ww as $Oo) {
if ($Oo->hasAttribute("\x4e\x61\155\145")) {
goto VR;
}
throw new Exception("\x4d\151\x73\163\x69\x6e\147\x20\x6e\x61\x6d\x65\40\x6f\156\x20\x3c\163\x61\x6d\x6c\72\101\164\x74\x72\151\x62\x75\x74\145\76\40\145\x6c\145\x6d\x65\x6e\164\x2e");
VR:
$lZ = $Oo->getAttribute("\116\x61\x6d\145");
if ($Oo->hasAttribute("\x4e\141\155\x65\x46\x6f\x72\155\141\164")) {
goto sz;
}
$wU = "\165\162\x6e\x3a\x6f\141\x73\151\x73\x3a\x6e\x61\x6d\x65\x73\x3a\164\x63\72\x53\x41\115\x4c\72\61\56\61\72\x6e\141\x6d\145\151\144\55\x66\157\x72\155\x61\164\x3a\165\x6e\x73\x70\145\143\151\146\x69\x65\x64";
goto Kn;
sz:
$wU = $Oo->getAttribute("\116\141\x6d\x65\106\157\162\x6d\141\164");
Kn:
if ($VP) {
goto t4;
}
if (!($this->nameFormat !== $wU)) {
goto wP;
}
$this->nameFormat = "\x75\162\156\72\157\141\x73\151\163\72\x6e\x61\155\145\163\x3a\x74\x63\x3a\x53\x41\115\x4c\x3a\61\56\61\x3a\x6e\x61\155\145\x69\x64\55\x66\x6f\162\x6d\141\x74\x3a\165\156\x73\x70\145\143\151\x66\151\145\144";
wP:
goto ag;
t4:
$this->nameFormat = $wU;
$VP = FALSE;
ag:
if (!empty($this->attributes[$lZ])) {
goto Xd;
}
$this->attributes[$lZ] = array();
Xd:
$El = Utilities::xpQuery($Oo, "\x2e\57\x73\x61\x6d\154\x5f\x61\x73\x73\145\x72\x74\151\157\x6e\x3a\x41\x74\164\x72\x69\x62\x75\164\145\126\x61\154\x75\x65");
foreach ($El as $Cd) {
$this->attributes[$lZ][] = trim($Cd->textContent);
mW:
}
C4:
au:
}
Fl:
}
private function parseEncryptedAttributes(DOMElement $Yu)
{
$this->encryptedAttribute = Utilities::xpQuery($Yu, "\x2e\57\163\x61\x6d\x6c\x5f\141\x73\x73\x65\162\164\151\157\156\x3a\x41\x74\x74\x72\151\x62\x75\x74\x65\123\164\x61\x74\145\x6d\145\x6e\x74\x2f\163\141\155\x6c\137\x61\163\x73\145\x72\x74\x69\157\156\x3a\x45\156\143\x72\171\x70\164\x65\144\101\x74\x74\x72\151\x62\x75\x74\x65");
}
private function parseSignature(DOMElement $Yu)
{
$xQ = Utilities::validateElement($Yu);
if (!($xQ !== FALSE)) {
goto N_;
}
$this->wasSignedAtConstruction = TRUE;
$this->certificates = $xQ["\103\x65\162\x74\151\146\151\143\x61\x74\x65\x73"];
$this->signatureData = $xQ;
N_:
}
public function validate(XMLSecurityKey $tK)
{
if (!($this->signatureData === NULL)) {
goto k1;
}
return FALSE;
k1:
Utilities::validateSignature($this->signatureData, $tK);
return TRUE;
}
public function getId()
{
return $this->id;
}
public function setId($ga)
{
$this->id = $ga;
}
public function getIssueInstant()
{
return $this->issueInstant;
}
public function setIssueInstant($tA)
{
$this->issueInstant = $tA;
}
public function getIssuer()
{
return $this->issuer;
}
public function setIssuer($V4)
{
$this->issuer = $V4;
}
public function getNameId()
{
if (!($this->encryptedNameId !== NULL)) {
goto sb;
}
throw new Exception("\101\x74\164\x65\x6d\160\164\x65\144\40\x74\x6f\40\162\x65\164\x72\151\145\166\x65\x20\145\x6e\143\162\x79\160\x74\x65\x64\40\116\x61\155\145\111\x44\40\x77\151\x74\150\157\165\x74\x20\x64\x65\x63\162\171\x70\x74\x69\156\x67\40\151\x74\x20\x66\151\x72\163\164\x2e");
sb:
return $this->nameId;
}
public function setNameId($Be)
{
$this->nameId = $Be;
}
public function isNameIdEncrypted()
{
if (!($this->encryptedNameId !== NULL)) {
goto oa;
}
return TRUE;
oa:
return FALSE;
}
public function encryptNameId(XMLSecurityKey $tK)
{
$Wq = new DOMDocument();
$zH = $Wq->createElement("\x72\157\x6f\164");
$Wq->appendChild($zH);
Utilities::addNameId($zH, $this->nameId);
$Be = $zH->firstChild;
Utilities::getContainer()->debugMessage($Be, "\x65\156\143\162\x79\160\164");
$to = new XMLSecEnc();
$to->setNode($Be);
$to->type = XMLSecEnc::Element;
$cn = new XMLSecurityKey(XMLSecurityKey::AES128_CBC);
$cn->generateSessionKey();
$to->encryptKey($tK, $cn);
$this->encryptedNameId = $to->encryptNode($cn);
$this->nameId = NULL;
}
public function decryptNameId(XMLSecurityKey $tK, array $Ac = array())
{
if (!($this->encryptedNameId === NULL)) {
goto WZ;
}
return;
WZ:
$Be = Utilities::decryptElement($this->encryptedNameId, $tK, $Ac);
Utilities::getContainer()->debugMessage($Be, "\144\x65\143\x72\x79\160\x74");
$this->nameId = Utilities::parseNameId($Be);
$this->encryptedNameId = NULL;
}
public function decryptAttributes(XMLSecurityKey $tK, array $Ac = array())
{
if (!($this->encryptedAttribute === NULL)) {
goto v1;
}
return;
v1:
$VP = TRUE;
$ww = $this->encryptedAttribute;
foreach ($ww as $As) {
$Oo = Utilities::decryptElement($As->getElementsByTagName("\105\x6e\143\x72\171\x70\164\145\144\x44\141\164\x61")->item(0), $tK, $Ac);
if ($Oo->hasAttribute("\116\x61\x6d\145")) {
goto ng;
}
throw new Exception("\x4d\151\x73\163\151\156\x67\40\156\141\x6d\x65\x20\157\156\x20\74\163\141\155\154\72\x41\164\164\x72\x69\x62\x75\164\x65\76\40\x65\154\145\x6d\145\156\x74\x2e");
ng:
$lZ = $Oo->getAttribute("\116\x61\155\x65");
if ($Oo->hasAttribute("\116\x61\x6d\x65\106\x6f\162\155\141\x74")) {
goto Vd;
}
$wU = "\x75\162\156\x3a\x6f\x61\163\151\163\72\156\141\155\x65\163\72\x74\143\x3a\x53\101\115\x4c\x3a\x32\x2e\60\x3a\x61\x74\x74\x72\156\x61\x6d\145\x2d\x66\157\x72\x6d\x61\x74\72\165\156\163\x70\x65\x63\x69\146\x69\x65\x64";
goto MW;
Vd:
$wU = $Oo->getAttribute("\x4e\141\155\145\x46\157\x72\155\141\164");
MW:
if ($VP) {
goto P9;
}
if (!($this->nameFormat !== $wU)) {
goto Ip;
}
$this->nameFormat = "\x75\x72\156\72\157\x61\x73\x69\x73\72\x6e\x61\155\x65\163\72\164\x63\72\x53\x41\115\114\x3a\x32\56\60\x3a\141\164\164\x72\x6e\141\155\145\55\x66\x6f\162\155\x61\164\72\x75\x6e\x73\x70\x65\143\151\x66\x69\145\144";
Ip:
goto Nr;
P9:
$this->nameFormat = $wU;
$VP = FALSE;
Nr:
if (!empty($this->attributes[$lZ])) {
goto PY;
}
$this->attributes[$lZ] = array();
PY:
$El = Utilities::xpQuery($Oo, "\x2e\x2f\x73\141\x6d\x6c\x5f\x61\163\163\x65\162\164\151\x6f\x6e\x3a\x41\164\164\162\x69\142\165\x74\145\126\x61\154\x75\145");
foreach ($El as $Cd) {
$this->attributes[$lZ][] = trim($Cd->textContent);
qc:
}
Ds:
qK:
}
eo:
}
public function getNotBefore()
{
return $this->notBefore;
}
public function setNotBefore($A9)
{
$this->notBefore = $A9;
}
public function getNotOnOrAfter()
{
return $this->notOnOrAfter;
}
public function setNotOnOrAfter($F3)
{
$this->notOnOrAfter = $F3;
}
public function setEncryptedAttributes($PE)
{
$this->requiredEncAttributes = $PE;
}
public function getValidAudiences()
{
return $this->validAudiences;
}
public function setValidAudiences(array $hb = NULL)
{
$this->validAudiences = $hb;
}
public function getAuthnInstant()
{
return $this->authnInstant;
}
public function setAuthnInstant($Zv)
{
$this->authnInstant = $Zv;
}
public function getSessionNotOnOrAfter()
{
return $this->sessionNotOnOrAfter;
}
public function setSessionNotOnOrAfter($mt)
{
$this->sessionNotOnOrAfter = $mt;
}
public function getSessionIndex()
{
return $this->sessionIndex;
}
public function setSessionIndex($fC)
{
$this->sessionIndex = $fC;
}
public function getAuthnContext()
{
if (empty($this->authnContextClassRef)) {
goto rp;
}
return $this->authnContextClassRef;
rp:
if (empty($this->authnContextDeclRef)) {
goto BG;
}
return $this->authnContextDeclRef;
BG:
return NULL;
}
public function setAuthnContext($LN)
{
$this->setAuthnContextClassRef($LN);
}
public function getAuthnContextClassRef()
{
return $this->authnContextClassRef;
}
public function setAuthnContextClassRef($zW)
{
$this->authnContextClassRef = $zW;
}
public function setAuthnContextDecl(SAML2_XML_Chunk $pT)
{
if (empty($this->authnContextDeclRef)) {
goto Eb;
}
throw new Exception("\101\x75\x74\x68\x6e\x43\157\x6e\164\x65\170\x74\x44\x65\x63\154\122\145\146\x20\x69\163\x20\x61\x6c\162\145\x61\x64\x79\x20\x72\145\x67\x69\x73\164\x65\162\x65\x64\41\40\115\x61\171\x20\157\156\154\171\40\150\x61\x76\145\40\x65\151\164\150\145\162\x20\141\x20\x44\145\143\x6c\40\157\162\x20\141\40\104\145\143\154\x52\145\x66\x2c\x20\156\x6f\x74\x20\142\x6f\x74\x68\41");
Eb:
$this->authnContextDecl = $pT;
}
public function getAuthnContextDecl()
{
return $this->authnContextDecl;
}
public function setAuthnContextDeclRef($NL)
{
if (empty($this->authnContextDecl)) {
goto Lz;
}
throw new Exception("\x41\x75\x74\150\156\103\x6f\156\x74\145\x78\164\104\x65\x63\154\x20\151\163\x20\x61\x6c\162\145\141\144\x79\x20\162\145\147\151\163\x74\x65\x72\145\144\41\40\x4d\x61\x79\x20\x6f\156\154\x79\40\150\x61\166\145\x20\x65\x69\x74\150\x65\x72\40\x61\x20\x44\145\x63\154\x20\x6f\162\x20\141\x20\x44\145\143\154\122\x65\x66\54\40\x6e\x6f\164\x20\142\157\x74\x68\41");
Lz:
$this->authnContextDeclRef = $NL;
}
public function getAuthnContextDeclRef()
{
return $this->authnContextDeclRef;
}
public function getAuthenticatingAuthority()
{
return $this->AuthenticatingAuthority;
}
public function setAuthenticatingAuthority($Gq)
{
$this->AuthenticatingAuthority = $Gq;
}
public function getAttributes()
{
return $this->attributes;
}
public function setAttributes(array $ww)
{
$this->attributes = $ww;
}
public function getAttributeNameFormat()
{
return $this->nameFormat;
}
public function setAttributeNameFormat($wU)
{
$this->nameFormat = $wU;
}
public function getSubjectConfirmation()
{
return $this->SubjectConfirmation;
}
public function setSubjectConfirmation(array $JW)
{
$this->SubjectConfirmation = $JW;
}
public function getSignatureKey()
{
return $this->signatureKey;
}
public function setSignatureKey(XMLsecurityKey $M5 = NULL)
{
$this->signatureKey = $M5;
}
public function getEncryptionKey()
{
return $this->encryptionKey;
}
public function setEncryptionKey(XMLSecurityKey $OZ = NULL)
{
$this->encryptionKey = $OZ;
}
public function setCertificates(array $kh)
{
$this->certificates = $kh;
}
public function getCertificates()
{
return $this->certificates;
}
public function getSignatureData()
{
return $this->signatureData;
}
public function getWasSignedAtConstruction()
{
return $this->wasSignedAtConstruction;
}
public function toXML(DOMNode $Mt = NULL)
{
if ($Mt === NULL) {
goto Dh;
}
$Hr = $Mt->ownerDocument;
goto cS;
Dh:
$Hr = new DOMDocument();
$Mt = $Hr;
cS:
$zH = $Hr->createElementNS("\165\162\x6e\x3a\157\141\x73\x69\163\x3a\x6e\141\x6d\145\x73\x3a\164\143\72\x53\x41\x4d\114\x3a\x32\56\x30\x3a\141\x73\x73\x65\162\x74\x69\157\156", "\163\x61\155\x6c\x3a" . "\101\163\x73\x65\x72\x74\x69\x6f\x6e");
$Mt->appendChild($zH);
$zH->setAttributeNS("\x75\162\156\72\157\x61\x73\x69\x73\72\156\x61\155\145\x73\x3a\164\x63\x3a\x53\101\115\114\x3a\x32\56\60\x3a\x70\162\157\164\157\x63\157\154", "\163\x61\155\x6c\160\72\x74\155\x70", "\164\155\x70");
$zH->removeAttributeNS("\165\162\156\x3a\157\x61\x73\x69\163\72\156\141\155\x65\163\x3a\x74\143\x3a\x53\x41\x4d\x4c\x3a\62\56\x30\x3a\x70\162\157\x74\x6f\143\157\x6c", "\x74\155\x70");
$zH->setAttributeNS("\x68\164\x74\x70\72\57\x2f\167\x77\x77\x2e\167\x33\x2e\x6f\x72\147\57\x32\x30\x30\x31\57\130\115\x4c\123\x63\x68\145\155\x61\55\x69\156\163\x74\141\x6e\x63\x65", "\170\x73\151\x3a\164\155\x70", "\164\155\160");
$zH->removeAttributeNS("\150\164\x74\x70\x3a\57\57\167\167\x77\x2e\167\x33\x2e\x6f\x72\147\57\x32\x30\x30\61\57\x58\115\x4c\x53\143\x68\x65\x6d\x61\55\151\x6e\163\164\x61\156\x63\145", "\164\155\160");
$zH->setAttributeNS("\150\x74\x74\x70\72\57\57\x77\x77\x77\56\167\63\56\157\x72\x67\57\x32\60\60\x31\57\130\x4d\114\123\143\x68\x65\155\x61", "\170\x73\x3a\x74\155\160", "\x74\x6d\x70");
$zH->removeAttributeNS("\x68\x74\164\x70\x3a\x2f\x2f\167\x77\x77\x2e\167\x33\x2e\x6f\x72\147\57\x32\x30\60\61\57\130\115\x4c\123\x63\150\145\155\141", "\164\155\160");
$zH->setAttribute("\111\104", $this->id);
$zH->setAttribute("\x56\145\x72\x73\x69\x6f\156", "\62\x2e\x30");
$zH->setAttribute("\111\x73\163\165\x65\111\156\163\x74\141\x6e\x74", gmdate("\x59\x2d\155\x2d\144\x5c\x54\x48\72\151\72\x73\134\132", $this->issueInstant));
$V4 = Utilities::addString($zH, "\x75\162\x6e\x3a\157\141\x73\x69\x73\x3a\x6e\x61\x6d\x65\163\72\x74\143\x3a\123\x41\x4d\114\72\x32\x2e\x30\x3a\141\163\163\145\162\x74\151\157\x6e", "\163\141\x6d\x6c\x3a\111\163\x73\165\145\162", $this->issuer);
$this->addSubject($zH);
$this->addConditions($zH);
$this->addAuthnStatement($zH);
if ($this->requiredEncAttributes == FALSE) {
goto tk;
}
$this->addEncryptedAttributeStatement($zH);
goto V3;
tk:
$this->addAttributeStatement($zH);
V3:
if (!($this->signatureKey !== NULL)) {
goto Ef;
}
Utilities::insertSignature($this->signatureKey, $this->certificates, $zH, $V4->nextSibling);
Ef:
return $zH;
}
private function addSubject(DOMElement $zH)
{
if (!($this->nameId === NULL && $this->encryptedNameId === NULL)) {
goto x2;
}
return;
x2:
$L2 = $zH->ownerDocument->createElementNS("\x75\x72\x6e\x3a\157\x61\x73\151\x73\72\x6e\141\x6d\x65\163\x3a\x74\143\72\123\101\x4d\x4c\72\x32\56\x30\72\x61\x73\163\145\x72\x74\151\x6f\156", "\163\141\155\x6c\x3a\x53\165\x62\152\x65\x63\164");
$zH->appendChild($L2);
if ($this->encryptedNameId === NULL) {
goto ok;
}
$PZ = $L2->ownerDocument->createElementNS("\165\162\156\x3a\157\x61\x73\x69\163\x3a\x6e\141\x6d\x65\163\72\164\143\x3a\x53\x41\115\114\x3a\62\x2e\x30\x3a\141\163\163\145\x72\164\x69\157\156", "\x73\141\x6d\x6c\x3a" . "\105\x6e\x63\162\x79\x70\164\145\x64\111\104");
$L2->appendChild($PZ);
$PZ->appendChild($L2->ownerDocument->importNode($this->encryptedNameId, TRUE));
goto rN;
ok:
Utilities::addNameId($L2, $this->nameId);
rN:
foreach ($this->SubjectConfirmation as $mS) {
$mS->toXML($L2);
P0:
}
mg:
}
private function addConditions(DOMElement $zH)
{
$Hr = $zH->ownerDocument;
$Z7 = $Hr->createElementNS("\x75\x72\156\72\x6f\141\x73\x69\163\x3a\156\141\x6d\145\x73\72\x74\x63\x3a\x53\x41\x4d\x4c\x3a\62\x2e\x30\x3a\141\x73\x73\145\x72\x74\x69\157\156", "\x73\x61\155\x6c\72\103\157\156\144\x69\x74\x69\x6f\156\163");
$zH->appendChild($Z7);
if (!($this->notBefore !== NULL)) {
goto zt;
}
$Z7->setAttribute("\116\157\x74\102\145\x66\157\x72\x65", gmdate("\x59\55\x6d\55\144\134\x54\x48\72\x69\x3a\163\134\132", $this->notBefore));
zt:
if (!($this->notOnOrAfter !== NULL)) {
goto Zh;
}
$Z7->setAttribute("\x4e\157\164\x4f\x6e\117\162\101\146\164\x65\x72", gmdate("\x59\x2d\x6d\x2d\x64\x5c\124\x48\x3a\x69\x3a\163\x5c\132", $this->notOnOrAfter));
Zh:
if (!($this->validAudiences !== NULL)) {
goto HS;
}
$iS = $Hr->createElementNS("\x75\162\156\x3a\157\141\x73\x69\x73\72\x6e\141\x6d\x65\163\72\x74\x63\x3a\123\x41\115\114\x3a\62\x2e\x30\72\x61\163\x73\x65\162\x74\x69\x6f\156", "\x73\x61\x6d\154\72\101\165\x64\x69\x65\156\x63\x65\x52\x65\x73\x74\162\151\143\164\x69\157\156");
$Z7->appendChild($iS);
Utilities::addStrings($iS, "\165\x72\x6e\x3a\x6f\141\163\151\x73\x3a\x6e\x61\155\x65\x73\72\164\x63\x3a\123\x41\115\114\x3a\62\x2e\x30\72\141\x73\163\x65\162\164\151\x6f\x6e", "\x73\141\x6d\x6c\72\101\165\x64\x69\145\x6e\x63\145", FALSE, $this->validAudiences);
HS:
}
private function addAuthnStatement(DOMElement $zH)
{
if (!($this->authnInstant === NULL || $this->authnContextClassRef === NULL && $this->authnContextDecl === NULL && $this->authnContextDeclRef === NULL)) {
goto BW;
}
return;
BW:
$Hr = $zH->ownerDocument;
$gR = $Hr->createElementNS("\165\x72\156\72\157\x61\163\x69\x73\72\156\141\x6d\x65\163\x3a\x74\143\72\123\101\x4d\x4c\x3a\62\x2e\x30\x3a\x61\x73\163\145\162\164\151\x6f\156", "\163\x61\x6d\154\x3a\x41\165\x74\x68\156\x53\164\141\164\145\x6d\x65\156\164");
$zH->appendChild($gR);
$gR->setAttribute("\x41\165\164\x68\x6e\x49\x6e\x73\164\141\x6e\x74", gmdate("\x59\55\155\55\144\x5c\x54\x48\72\151\72\163\x5c\x5a", $this->authnInstant));
if (!($this->sessionNotOnOrAfter !== NULL)) {
goto A_;
}
$gR->setAttribute("\123\x65\163\x73\151\x6f\x6e\x4e\157\164\117\x6e\x4f\162\101\146\164\x65\162", gmdate("\x59\x2d\x6d\x2d\x64\x5c\124\x48\72\x69\72\163\x5c\x5a", $this->sessionNotOnOrAfter));
A_:
if (!($this->sessionIndex !== NULL)) {
goto kK;
}
$gR->setAttribute("\x53\x65\163\163\x69\157\156\111\156\x64\145\x78", $this->sessionIndex);
kK:
$Zy = $Hr->createElementNS("\x75\x72\x6e\72\157\141\x73\x69\x73\x3a\156\141\155\145\x73\72\x74\x63\x3a\123\x41\x4d\x4c\x3a\62\x2e\60\72\x61\x73\x73\145\162\164\151\157\156", "\163\x61\x6d\154\x3a\x41\x75\164\x68\156\x43\157\x6e\164\145\170\164");
$gR->appendChild($Zy);
if (empty($this->authnContextClassRef)) {
goto N2;
}
Utilities::addString($Zy, "\165\162\x6e\x3a\157\141\x73\x69\x73\72\x6e\x61\155\x65\163\72\x74\143\72\123\101\x4d\114\72\62\x2e\x30\x3a\141\163\163\145\162\x74\x69\157\156", "\x73\x61\155\154\x3a\x41\165\x74\x68\156\103\157\156\x74\145\x78\164\x43\x6c\x61\163\163\122\145\x66", $this->authnContextClassRef);
N2:
if (empty($this->authnContextDecl)) {
goto wM;
}
$this->authnContextDecl->toXML($Zy);
wM:
if (empty($this->authnContextDeclRef)) {
goto Da;
}
Utilities::addString($Zy, "\x75\x72\x6e\x3a\x6f\141\x73\x69\x73\x3a\156\141\155\x65\163\x3a\x74\143\x3a\x53\x41\115\114\72\x32\56\x30\x3a\x61\163\x73\x65\x72\x74\x69\x6f\156", "\163\x61\x6d\154\x3a\101\165\x74\150\x6e\103\x6f\156\x74\145\170\x74\x44\145\143\154\122\145\x66", $this->authnContextDeclRef);
Da:
Utilities::addStrings($Zy, "\165\162\x6e\x3a\x6f\141\163\x69\163\72\x6e\x61\155\145\x73\x3a\x74\x63\x3a\123\x41\x4d\x4c\72\62\x2e\x30\72\x61\x73\163\x65\162\164\151\x6f\156", "\x73\x61\155\x6c\x3a\x41\165\164\150\145\x6e\x74\151\x63\x61\164\151\x6e\147\101\165\x74\x68\157\x72\x69\x74\171", FALSE, $this->AuthenticatingAuthority);
}
private function addAttributeStatement(DOMElement $zH)
{
if (!empty($this->attributes)) {
goto hq;
}
return;
hq:
$Hr = $zH->ownerDocument;
$wx = $Hr->createElementNS("\x75\x72\156\72\x6f\141\163\151\163\72\x6e\141\155\x65\x73\x3a\164\x63\x3a\x53\101\x4d\114\72\x32\56\x30\72\141\x73\163\x65\x72\x74\151\x6f\x6e", "\x73\x61\155\x6c\x3a\x41\x74\164\x72\x69\142\165\164\x65\123\x74\141\x74\x65\155\145\156\x74");
$zH->appendChild($wx);
foreach ($this->attributes as $lZ => $El) {
$Oo = $Hr->createElementNS("\x75\x72\156\x3a\x6f\141\x73\x69\163\72\156\141\x6d\x65\x73\72\164\x63\72\123\101\x4d\114\x3a\x32\56\x30\72\x61\163\x73\x65\162\164\x69\157\x6e", "\x73\141\x6d\x6c\x3a\x41\164\164\x72\151\142\165\x74\145");
$wx->appendChild($Oo);
$Oo->setAttribute("\x4e\141\155\145", $lZ);
if (!($this->nameFormat !== "\165\162\156\72\157\x61\x73\x69\x73\72\156\141\155\x65\x73\72\x74\x63\72\x53\101\x4d\x4c\x3a\62\x2e\60\72\x61\164\164\162\156\141\155\145\x2d\x66\157\x72\155\141\164\x3a\x75\x6e\x73\x70\145\x63\x69\146\x69\145\x64")) {
goto gX;
}
$Oo->setAttribute("\x4e\141\155\x65\x46\157\162\155\141\x74", $this->nameFormat);
gX:
foreach ($El as $Cd) {
if (is_string($Cd)) {
goto Dy;
}
if (is_int($Cd)) {
goto Km;
}
$Ks = NULL;
goto ux;
Dy:
$Ks = "\x78\x73\72\163\164\x72\x69\x6e\147";
goto ux;
Km:
$Ks = "\x78\x73\72\x69\x6e\x74\x65\x67\145\x72";
ux:
$E7 = $Hr->createElementNS("\x75\162\156\72\157\x61\x73\x69\x73\72\x6e\141\155\x65\x73\x3a\x74\x63\72\x53\x41\115\x4c\72\x32\x2e\60\72\x61\163\x73\x65\x72\x74\x69\157\x6e", "\163\141\155\154\72\101\164\x74\162\151\x62\165\164\145\x56\x61\x6c\165\145");
$Oo->appendChild($E7);
if (!($Ks !== NULL)) {
goto eu;
}
$E7->setAttributeNS("\x68\x74\x74\160\72\57\57\x77\x77\167\56\167\x33\56\x6f\162\x67\x2f\62\x30\x30\61\x2f\x58\x4d\x4c\123\x63\150\x65\x6d\141\x2d\151\x6e\x73\x74\x61\x6e\x63\145", "\170\163\x69\x3a\164\x79\x70\145", $Ks);
eu:
if (!is_null($Cd)) {
goto Ry;
}
$E7->setAttributeNS("\150\x74\164\160\x3a\57\x2f\x77\x77\167\x2e\167\x33\56\x6f\x72\x67\57\x32\x30\60\x31\57\x58\x4d\114\x53\143\150\145\155\x61\x2d\151\156\x73\x74\141\x6e\143\145", "\170\163\151\x3a\x6e\x69\154", "\x74\162\165\145");
Ry:
if ($Cd instanceof DOMNodeList) {
goto ME;
}
$E7->appendChild($Hr->createTextNode($Cd));
goto Ld;
ME:
$fN = 0;
Vr:
if (!($fN < $Cd->length)) {
goto o_;
}
$EB = $Hr->importNode($Cd->item($fN), TRUE);
$E7->appendChild($EB);
bK:
$fN++;
goto Vr;
o_:
Ld:
vF:
}
QZ:
wv:
}
qj:
}
private function addEncryptedAttributeStatement(DOMElement $zH)
{
if (!($this->requiredEncAttributes == FALSE)) {
goto up;
}
return;
up:
$Hr = $zH->ownerDocument;
$wx = $Hr->createElementNS("\165\x72\x6e\72\157\x61\163\151\x73\72\x6e\x61\x6d\x65\x73\x3a\164\x63\x3a\x53\x41\x4d\114\72\x32\x2e\60\72\141\163\163\x65\x72\164\x69\x6f\x6e", "\163\x61\155\x6c\72\x41\x74\164\x72\151\142\x75\x74\145\x53\164\x61\x74\x65\x6d\x65\x6e\164");
$zH->appendChild($wx);
foreach ($this->attributes as $lZ => $El) {
$lj = new DOMDocument();
$Oo = $lj->createElementNS("\165\162\x6e\x3a\157\141\x73\x69\163\72\x6e\x61\x6d\x65\163\72\x74\x63\x3a\x53\101\115\x4c\72\x32\x2e\x30\72\x61\163\163\145\162\x74\151\x6f\x6e", "\x73\x61\155\x6c\72\x41\x74\164\x72\x69\x62\x75\x74\x65");
$Oo->setAttribute("\116\141\x6d\145", $lZ);
$lj->appendChild($Oo);
if (!($this->nameFormat !== "\165\x72\x6e\x3a\157\x61\163\x69\163\72\156\x61\155\x65\x73\x3a\x74\x63\72\123\101\x4d\x4c\x3a\x32\x2e\60\72\x61\164\164\x72\156\141\155\145\x2d\146\157\162\x6d\141\164\72\x75\x6e\x73\160\145\143\151\146\x69\x65\x64")) {
goto ql;
}
$Oo->setAttribute("\x4e\141\x6d\x65\106\157\x72\x6d\141\x74", $this->nameFormat);
ql:
foreach ($El as $Cd) {
if (is_string($Cd)) {
goto Kt;
}
if (is_int($Cd)) {
goto nB;
}
$Ks = NULL;
goto YL;
Kt:
$Ks = "\170\163\72\163\164\162\151\156\147";
goto YL;
nB:
$Ks = "\x78\163\x3a\x69\x6e\164\x65\x67\x65\162";
YL:
$E7 = $lj->createElementNS("\x75\162\156\x3a\x6f\x61\x73\x69\163\72\156\141\x6d\x65\x73\x3a\x74\143\72\123\x41\115\114\x3a\x32\x2e\x30\72\x61\163\x73\145\162\x74\151\157\156", "\163\141\x6d\x6c\72\x41\x74\x74\162\151\x62\165\x74\145\126\x61\154\x75\145");
$Oo->appendChild($E7);
if (!($Ks !== NULL)) {
goto uR;
}
$E7->setAttributeNS("\150\164\164\160\x3a\57\57\167\167\x77\x2e\x77\63\56\157\162\147\57\x32\60\x30\61\57\x58\115\x4c\123\143\x68\145\x6d\x61\55\151\156\163\164\x61\156\x63\x65", "\x78\163\151\x3a\164\x79\160\x65", $Ks);
uR:
if ($Cd instanceof DOMNodeList) {
goto kY;
}
$E7->appendChild($lj->createTextNode($Cd));
goto Ui;
kY:
$fN = 0;
am:
if (!($fN < $Cd->length)) {
goto Go;
}
$EB = $lj->importNode($Cd->item($fN), TRUE);
$E7->appendChild($EB);
Ap:
$fN++;
goto am;
Go:
Ui:
C7:
}
gh:
$aq = new XMLSecEnc();
$aq->setNode($lj->documentElement);
$aq->type = "\150\164\164\160\x3a\57\x2f\x77\x77\167\56\167\x33\x2e\x6f\x72\x67\x2f\62\x30\x30\x31\x2f\60\64\x2f\x78\155\154\145\156\x63\43\105\154\145\155\x65\156\164";
$cn = new XMLSecurityKey(XMLSecurityKey::AES256_CBC);
$cn->generateSessionKey();
$aq->encryptKey($this->encryptionKey, $cn);
$r5 = $aq->encryptNode($cn);
$HT = $Hr->createElementNS("\165\x72\x6e\x3a\157\141\163\x69\x73\x3a\156\141\x6d\x65\163\x3a\x74\x63\x3a\x53\x41\115\x4c\72\x32\x2e\x30\x3a\141\x73\x73\145\162\164\x69\157\156", "\x73\x61\155\154\x3a\105\156\143\x72\x79\x70\164\x65\x64\x41\164\164\162\151\142\165\164\x65");
$wx->appendChild($HT);
$sp = $Hr->importNode($r5, TRUE);
$HT->appendChild($sp);
QJ:
}
DL:
}
public function getPrivateKeyUrl()
{
return $this->privateKeyUrl;
}
public function setPrivateKeyUrl($kk)
{
$this->privateKeyUrl = $kk;
}
}
Function Calls
None |
Stats
MD5 | 0eb50761b0f7b34009b0f88be690ea2c |
Eval Count | 0 |
Decode Time | 84 ms |