Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php include_once 'xmlseclibs.php'; use \RobRichards\XMLSecLibs\XMLSecurityKey; us..
Decoded Output download
<?php
include_once 'xmlseclibs.php';
use \RobRichards\XMLSecLibs\XMLSecurityKey;
use \RobRichards\XMLSecLibs\XMLSecurityDSig;
use \RobRichards\XMLSecLibs\XMLSecEnc;
class Utilities
{
public static function generateID()
{
return "_" . self::stringToHex(self::generateRandomBytes(21));
}
public static function stringToHex($y4)
{
$ZQ = '';
$dM = 0;
piw:
if (!($dM < strlen($y4))) {
goto w5X;
}
$ZQ .= sprintf("%02x", ord($y4[$dM]));
Mpy:
$dM++;
goto piw;
w5X:
return $ZQ;
}
public static function generateRandomBytes($ZY, $lL = TRUE)
{
return openssl_random_pseudo_bytes($ZY);
}
public static function createAuthnRequest($bz, $W_, $dS, $Qo = "false", $Xc = "HttpRedirect", $rb = '')
{
$rb = "urn:oasis:names:tc:SAML:" . $rb;
$Ey = "<?xml version="1.0" encoding="UTF-8"?>" . "<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="" . self::generateID() . "" Version="2.0" IssueInstant="" . self::generateTimestamp() . """;
if (!($Qo == "true")) {
goto HKk;
}
$Ey .= " ForceAuthn="true"";
HKk:
$Ey .= " ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="" . $bz . "" Destination="" . $dS . ""><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">" . $W_ . "</saml:Issuer><samlp:NameIDPolicy AllowCreate="true" Format="" . $rb . ""
\xa /></samlp:AuthnRequest>";
if (empty($Xc) || $Xc == "HttpRedirect") {
goto Y5T;
}
$Qm = gzdeflate($Ey);
$Vj = base64_encode($Qm);
update_site_option("mo_saml_request", $Vj);
goto l5i;
Y5T:
$Qm = gzdeflate($Ey);
$Vj = base64_encode($Qm);
update_site_option("mo_saml_request", $Vj);
$HY = urlencode($Vj);
$Ey = $HY;
l5i:
return $Ey;
}
public static function createLogoutRequest($dQ, $W_, $dS, $Fv = '', $IE = "HttpRedirect")
{
$Ey = "<?xml version="1.0" encoding="UTF-8"?>" . "<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="" . self::generateID() . "" IssueInstant="" . self::generateTimestamp() . "" Version="2.0" Destination="" . $dS . "">
\x9 <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">" . $W_ . "</saml:Issuer>
\xa\x9 \x9 \x9 <saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">" . $dQ[0] . "</saml:NameID>";
if (empty($Fv)) {
goto spk;
}
$Ey .= "<samlp:SessionIndex>" . $Fv[0] . "</samlp:SessionIndex>";
spk:
$Ey .= "</samlp:LogoutRequest>";
if (!(empty($IE) || $IE == "HttpRedirect")) {
goto OVE;
}
$Qm = gzdeflate($Ey);
$Vj = base64_encode($Qm);
$HY = urlencode($Vj);
$Ey = $HY;
OVE:
return $Ey;
}
public static function createLogoutResponse($HQ, $W_, $dS, $IE = "HttpRedirect")
{
$Ey = "<?xml version="1.0" encoding="UTF-8"?>" . "<samlp:LogoutResponse xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" " . "ID="" . self::generateID() . "" " . "Version="2.0" IssueInstant="" . self::generateTimestamp() . "" " . "Destination="" . $dS . "" " . "InResponseTo="" . $HQ . "">" . "<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">" . $W_ . "</saml:Issuer>" . "<samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status></samlp:LogoutResponse>";
if (!(empty($IE) || $IE == "HttpRedirect")) {
goto B2m;
}
$Qm = gzdeflate($Ey);
$Vj = base64_encode($Qm);
$HY = urlencode($Vj);
$Ey = $HY;
B2m:
return $Ey;
}
public static function generateTimestamp($XS = NULL)
{
if (!($XS === NULL)) {
goto FII;
}
$XS = time();
FII:
return gmdate("Y-m-d\TH:i:s\Z", $XS);
}
public static function xpQuery(DOMNode $yc, $X2)
{
static $pL = NULL;
if ($yc instanceof DOMDocument) {
goto t1M;
}
$Re = $yc->ownerDocument;
goto AUs;
t1M:
$Re = $yc;
AUs:
if (!($pL === NULL || !$pL->document->isSameNode($Re))) {
goto rmH;
}
$pL = new DOMXPath($Re);
$pL->registerNamespace("soap-env", "http://schemas.xmlsoap.org/soap/envelope/");
$pL->registerNamespace("saml_protocol", "urn:oasis:names:tc:SAML:2.0:protocol");
$pL->registerNamespace("saml_assertion", "urn:oasis:names:tc:SAML:2.0:assertion");
$pL->registerNamespace("saml_metadata", "urn:oasis:names:tc:SAML:2.0:metadata");
$pL->registerNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
$pL->registerNamespace("xenc", "http://www.w3.org/2001/04/xmlenc#");
rmH:
$Nn = $pL->query($X2, $yc);
$ZQ = array();
$dM = 0;
A74:
if (!($dM < $Nn->length)) {
goto o6g;
}
$ZQ[$dM] = $Nn->item($dM);
AEB:
$dM++;
goto A74;
o6g:
return $ZQ;
}
public static function parseNameId(DOMElement $P6)
{
$ZQ = array("Value" => trim($P6->textContent));
foreach (array("NameQualifier", "SPNameQualifier", "Format") as $cc) {
if (!$P6->hasAttribute($cc)) {
goto Gjj;
}
$ZQ[$cc] = $P6->getAttribute($cc);
Gjj:
adg:
}
Lzh:
return $ZQ;
}
public static function xsDateTimeToTimestamp($XJ)
{
$sO = array();
$Fw = "/^(\d\d\d\d)-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)(?:\.\d+)?Z$/D";
if (!(preg_match($Fw, $XJ, $sO) == 0)) {
goto etj;
}
echo sprintf("nvalid SAML2 timestamp passed to xsDateTimeToTimestamp: " . $XJ);
exit;
etj:
$Ui = intval($sO[1]);
$nI = intval($sO[2]);
$Xe = intval($sO[3]);
$m2 = intval($sO[4]);
$hH = intval($sO[5]);
$P9 = intval($sO[6]);
$p_ = gmmktime($m2, $hH, $P9, $nI, $Xe, $Ui);
return $p_;
}
public static function extractStrings(DOMElement $Qu, $m_, $a2)
{
$ZQ = array();
$yc = $Qu->firstChild;
Akd:
if (!($yc !== NULL)) {
goto Rp8;
}
if (!($yc->namespaceURI !== $m_ || $yc->localName !== $a2)) {
goto wjm;
}
goto JSU;
wjm:
$ZQ[] = trim($yc->textContent);
JSU:
$yc = $yc->nextSibling;
goto Akd;
Rp8:
return $ZQ;
}
public static function validateElement(DOMElement $iW)
{
$bt = new XMLSecurityDSig();
$bt->idKeys[] = "ID";
$t1 = self::xpQuery($iW, "./ds:Signature");
if (count($t1) === 0) {
goto XOh;
}
if (count($t1) > 1) {
goto ndC;
}
goto Atf;
XOh:
return FALSE;
goto Atf;
ndC:
echo sprintf("XMLSec: more than one signature element in root.");
exit;
Atf:
$t1 = $t1[0];
$bt->sigNode = $t1;
$bt->canonicalizeSignedInfo();
if ($bt->validateReference()) {
goto XvT;
}
echo sprintf("XMLsec: digest validation failed");
exit;
XvT:
$O6 = FALSE;
foreach ($bt->getValidatedNodes() as $i0) {
if ($i0->isSameNode($iW)) {
goto cxc;
}
if ($iW->parentNode instanceof DOMDocument && $i0->isSameNode($iW->ownerDocument)) {
goto SyG;
}
goto H6C;
cxc:
$O6 = TRUE;
goto aAs;
goto H6C;
SyG:
$O6 = TRUE;
goto aAs;
H6C:
yJ4:
}
aAs:
if ($O6) {
goto c5v;
}
echo sprintf("XMLSec: The root element is not signed.");
exit;
c5v:
$XO = array();
foreach (self::xpQuery($t1, "./ds:KeyInfo/ds:X509Data/ds:X509Certificate") as $Tn) {
$Ka = trim($Tn->textContent);
$Ka = str_replace(array("\xd", "\xa", "\x9", " "), '', $Ka);
$XO[] = $Ka;
Y2F:
}
aK2:
$ZQ = array("Signature" => $bt, "Certificates" => $XO);
return $ZQ;
}
public static function validateSignature(array $AM, XMLSecurityKey $I1)
{
$bt = $AM["Signature"];
$E3 = self::xpQuery($bt->sigNode, "./ds:SignedInfo/ds:SignatureMethod");
if (!empty($E3)) {
goto NTM;
}
echo sprintf("Missing SignatureMethod element");
exit;
NTM:
$E3 = $E3[0];
if ($E3->hasAttribute("Algorithm")) {
goto TYQ;
}
echo sprintf("Missing Algorithm-attribute on SignatureMethod element.");
exit;
TYQ:
$vd = $E3->getAttribute("Algorithm");
if (!($I1->type === XMLSecurityKey::RSA_SHA1 && $vd !== $I1->type)) {
goto XIs;
}
$I1 = self::castKey($I1, $vd);
XIs:
if ($bt->verify($I1)) {
goto w8m;
}
return false;
w8m:
}
public static function castKey(XMLSecurityKey $I1, $Tg, $Sc = "public")
{
if (!($I1->type === $Tg)) {
goto Eq1;
}
return $I1;
Eq1:
$uX = openssl_pkey_get_details($I1->key);
if (!($uX === FALSE)) {
goto sxw;
}
echo sprintf("Unable to get key details from XMLSecurityKey.");
exit;
sxw:
if (isset($uX["key"])) {
goto Iy3;
}
echo sprintf("Missing key in public key details.");
exit;
Iy3:
$P1 = new XMLSecurityKey($Tg, array("type" => $Sc));
$P1->loadKey($uX["key"]);
return $P1;
}
public static function processResponse($rT, $Qw, $ba, SAML2_Response $a3, $bI, $fJ)
{
$qb = current($a3->getAssertions());
$VX = $qb->getNotBefore();
if (!($VX !== NULL && $VX > time() + 60)) {
goto PHF;
}
wp_die("Received an assertion that is valid in the future. Check clock synchronization on IdP and SP.");
PHF:
$y5 = $qb->getNotOnOrAfter();
if (!($y5 !== NULL && $y5 <= time() - 60)) {
goto siO;
}
wp_die("Received an assertion that has expired. Check clock synchronization on IdP and SP.");
siO:
$uA = $qb->getSessionNotOnOrAfter();
if (!($uA !== NULL && $uA <= time() - 60)) {
goto oGi;
}
wp_die("Received an assertion with a session that has expired. Check clock synchronization on IdP and SP.");
oGi:
$C6 = $a3->getDestination();
if (!(substr($C6, -1) == "/")) {
goto Usp;
}
$C6 = substr($C6, 0, -1);
Usp:
if (!(substr($rT, -1) == "/")) {
goto VK7;
}
$rT = substr($rT, 0, -1);
VK7:
if (!($C6 !== NULL && $C6 !== $rT)) {
goto BG5;
}
echo "Destination in response doesn't match the current URL. Destination is "" . htmlspecialchars($C6) . "", current URL is "" . htmlspecialchars($rT) . "".";
exit;
BG5:
$Oy = self::checkSign($Qw, $ba, $bI, $fJ);
return $Oy;
}
public static function checkSign($Qw, $ba, $bI, $fJ)
{
$XO = $ba["Certificates"];
if (count($XO) === 0) {
goto HKb;
}
$vX = array();
$vX[] = $Qw;
$fY = self::findCertificate($vX, $XO, $fJ);
if ($fY) {
goto cUb;
}
return FALSE;
cUb:
goto U_O;
HKb:
$QC = maybe_unserialize(get_site_option("saml_x509_certificate"));
$fY = $QC[$bI];
U_O:
$lu = NULL;
$I1 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array("type" => "public"));
$I1->loadKey($fY);
try {
self::validateSignature($ba, $I1);
return TRUE;
} catch (Exception $r_) {
$lu = $r_;
return FALSE;
}
if ($lu !== NULL) {
goto IkO;
}
return FALSE;
goto tDX;
IkO:
throw $lu;
tDX:
}
public static function validateIssuerAndAudience($eI, $ls, $Tl, $fJ)
{
$W_ = current($eI->getAssertions())->getIssuer();
$qb = current($eI->getAssertions());
$QD = $qb->getValidAudiences();
if (strcmp($Tl, $W_) === 0) {
goto whW;
}
if ($fJ == "testValidate" or $fJ == "testNewCertificate") {
goto Owr;
}
wp_die("We could not sign you in. Please contact your Administrator", "Error :Issuer cannot be verified");
goto nEf;
Owr:
ob_end_clean();
$Jt = mo_options_error_constants::Error_issuer_not_verfied;
$q8 = mo_options_error_constants::Cause_issuer_not_verfied;
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>\xd\xa \x9 <div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Issuer cannot be verified.</p>\xd
<p>Please contact your administrator and report the following error:</p>\xd\xa\x9 <p><strong>Possible Cause: </strong>IdP Entity ID configured in the plugin is incorrect</p>\xd
\x9 <p><strong>Entity ID in SAML Response: </strong>" . esc_html($W_) . "<p>\xd\xa \x9 <p><strong>Entity ID configured in the plugin: </strong>" . esc_html($Tl) . "</p>
\x9\x9 <p><strong>Solution:</strong></p>\xd
\x9\x9 \x9<ol>\xd\xa \x9 \x9<li>Copy the Entity ID of SAML Response from above and paste it in Entity ID or Issuer field under Service Provider Setup tab.</li>
\x9\x9\x9\x9</ol>
\xa\x9\x9 </div>\xd\xa <div style="margin:3%;display:block;text-align:center;">\xd\xa \x9\x9 <div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
mo_saml_download_logs($Jt, $q8);
exit;
nEf:
goto T_4;
whW:
if (empty($QD)) {
goto eQU;
}
if (in_array($ls, $QD, TRUE)) {
goto Qy5;
}
if ($fJ == "testValidate" or $fJ == "testNewCertificate") {
goto lky;
}
wp_die("We could not sign you in. Please contact your Administrator", "Error :Invalid Audience URI");
goto QQI;
lky:
$Jt = mo_options_error_constants::Error_invalid_audience;
$q8 = mo_options_error_constants::Cause_invalid_audience;
ob_end_clean();
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Invalid Audience URI.</p>\xd\xa <p>Please contact your administrator and report the following error:</p>\xd
<p><strong>Possible Cause: </strong>The value of 'Audience URI' field on Identity Provider's side is incorrect</p>\xd\xa <p>Expected one of the Audiences to be: " . $ls . "<p>\xd\xa\x9\x9\x9 \x9<p><strong>Solution:</strong></p>
\xa \x9 <ol>
\x9 \x9 \x9<li>Copy the Expected Audience URI from above and paste it in the Audience URI field at Identity Provider side.</li>
\xa\x9 \x9 </ol>
\x9 \x9\x9</div>
<div style="margin:3%;display:block;text-align:center;">\xd\xa <div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
exit;
mo_saml_download_logs($Jt, $q8);
QQI:
goto jzB;
Qy5:
return TRUE;
jzB:
eQU:
T_4:
}
private static function findCertificate(array $IJ, array $XO, $fJ)
{
$Om = array();
foreach ($XO as $WP) {
$De = strtolower(sha1(base64_decode($WP)));
if (!in_array($De, $IJ, TRUE)) {
goto mph;
}
$G0 = "-----BEGIN CERTIFICATE-----\xa" . chunk_split($WP, 64) . "-----END CERTIFICATE-----
";
return $G0;
mph:
$Om[] = $De;
vLj:
}
wFJ:
return false;
}
private static function doDecryptElement(DOMElement $qq, XMLSecurityKey $Am, array &$HI)
{
$EY = new XMLSecEnc();
$EY->setNode($qq);
$EY->type = $qq->getAttribute("Type");
$KR = $EY->locateKey($qq);
if ($KR) {
goto dSS;
}
echo sprintf("Could not locate key algorithm in encrypted data.");
exit;
dSS:
$U9 = $EY->locateKeyInfo($KR);
if ($U9) {
goto Rns;
}
echo sprintf("Could not locate <dsig:KeyInfo> for the encrypted key.");
exit;
Rns:
$lv = $Am->getAlgorith();
if ($U9->isEncrypted) {
goto d21;
}
$xM = $KR->getAlgorith();
if (!($lv !== $xM)) {
goto dti;
}
echo sprintf("Algorithm mismatch between input key and key in message. " . "Key was: " . var_export($lv, TRUE) . "; message was: " . var_export($xM, TRUE));
exit;
dti:
$KR = $Am;
goto bGj;
d21:
$A5 = $U9->getAlgorith();
if (!in_array($A5, $HI, TRUE)) {
goto eLU;
}
echo sprintf("Algorithm disabled: " . var_export($A5, TRUE));
exit;
eLU:
if (!($A5 === XMLSecurityKey::RSA_OAEP_MGF1P && $lv === XMLSecurityKey::RSA_1_5)) {
goto Bn1;
}
$lv = XMLSecurityKey::RSA_OAEP_MGF1P;
Bn1:
if (!($lv !== $A5)) {
goto LpX;
}
echo sprintf("Algorithm mismatch between input key and key used to encrypt " . " the symmetric key for the message. Key was: " . var_export($lv, TRUE) . "; message was: " . var_export($A5, TRUE));
exit;
LpX:
$eh = $U9->encryptedCtx;
$U9->key = $Am->key;
$lk = $KR->getSymmetricKeySize();
if (!($lk === NULL)) {
goto syE;
}
echo sprintf("Unknown key size for encryption algorithm: " . var_export($KR->type, TRUE));
exit;
syE:
try {
$I1 = $eh->decryptKey($U9);
if (!(strlen($I1) != $lk)) {
goto yGr;
}
echo sprintf("Unexpected key size (" . strlen($I1) * 8 . "bits) for encryption algorithm: " . var_export($KR->type, TRUE));
exit;
yGr:
} catch (Exception $r_) {
$OC = $eh->getCipherValue();
$dq = openssl_pkey_get_details($U9->key);
$dq = sha1(serialize($dq), TRUE);
$I1 = sha1($OC . $dq, TRUE);
if (strlen($I1) > $lk) {
goto kFw;
}
if (strlen($I1) < $lk) {
goto zGM;
}
goto QTv;
kFw:
$I1 = substr($I1, 0, $lk);
goto QTv;
zGM:
$I1 = str_pad($I1, $lk);
QTv:
}
$KR->loadkey($I1);
bGj:
$Tg = $KR->getAlgorith();
if (!in_array($Tg, $HI, TRUE)) {
goto qdJ;
}
echo sprintf("Algorithm disabled: " . var_export($Tg, TRUE));
exit;
qdJ:
$kI = $EY->decryptNode($KR, FALSE);
$P6 = "<root xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" " . "xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">" . $kI . "</root>";
$qV = new DOMDocument();
if (@$qV->loadXML($P6)) {
goto Aw7;
}
echo sprintf("Failed to parse decrypted XML. Maybe the wrong sharedkey was used?");
throw new Exception("Failed to parse decrypted XML. Maybe the wrong sharedkey was used?");
Aw7:
$uU = $qV->firstChild->firstChild;
if (!($uU === NULL)) {
goto Qw6;
}
echo sprintf("Missing encrypted element.");
throw new Exception("Missing encrypted element.");
Qw6:
if ($uU instanceof DOMElement) {
goto m2m;
}
echo sprintf("Decrypted element was not actually a DOMElement.");
m2m:
return $uU;
}
public static function decryptElement(DOMElement $qq, XMLSecurityKey $Am, array $HI = array(), XMLSecurityKey $JM = NULL)
{
try {
return self::doDecryptElement($qq, $Am, $HI);
} catch (Exception $r_) {
echo sprintf("Failed to decrypt XML element.");
exit;
}
}
public static function get_mapped_groups($aB, $Ds)
{
$S7 = array();
if (empty($Ds)) {
goto EHO;
}
$AJ = array();
$dM = 1;
YUQ:
if (!($dM < 10)) {
goto P47;
}
$Vv = $aB->get("group" . $dM . "_map");
$AJ[$dM] = explode(";", $Vv);
$dM++;
goto YUQ;
P47:
EHO:
foreach ($Ds as $LW) {
if (empty($LW)) {
goto Z6l;
}
$dM = 0;
$C2 = false;
JNN:
if (!($dM < 9 && !$C2)) {
goto UAU;
}
if (!(!empty($AJ[$dM]) && in_array($LW, $AJ[$dM]))) {
goto KGI;
}
$S7[] = $aB->get("group" . $dM);
$C2 = true;
KGI:
$dM++;
goto JNN;
UAU:
Z6l:
lE3:
}
vlU:
return array_unique($S7);
}
public static function getEncryptionAlgorithm($RX)
{
switch ($RX) {
case "http://www.w3.org/2001/04/xmlenc#tripledes-cbc":
return XMLSecurityKey::TRIPLEDES_CBC;
goto UYg;
case "http://www.w3.org/2001/04/xmlenc#aes128-cbc":
return XMLSecurityKey::AES128_CBC;
case "http://www.w3.org/2001/04/xmlenc#aes192-cbc":
return XMLSecurityKey::AES192_CBC;
goto UYg;
case "http://www.w3.org/2001/04/xmlenc#aes256-cbc":
return XMLSecurityKey::AES256_CBC;
goto UYg;
case "http://www.w3.org/2001/04/xmlenc#rsa-1_5":
return XMLSecurityKey::RSA_1_5;
goto UYg;
case "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p":
return XMLSecurityKey::RSA_OAEP_MGF1P;
goto UYg;
case "http://www.w3.org/2000/09/xmldsig#dsa-sha1":
return XMLSecurityKey::DSA_SHA1;
goto UYg;
case "http://www.w3.org/2000/09/xmldsig#rsa-sha1":
return XMLSecurityKey::RSA_SHA1;
goto UYg;
case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256":
return XMLSecurityKey::RSA_SHA256;
goto UYg;
case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384":
return XMLSecurityKey::RSA_SHA384;
goto UYg;
case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512":
return XMLSecurityKey::RSA_SHA512;
goto UYg;
default:
echo sprintf("Invalid Encryption Method: " . $RX);
exit;
goto UYg;
}
Ytd:
UYg:
}
public static function insertSignature(XMLSecurityKey $I1, array $XO, DOMElement $iW, DOMNode $bc = NULL)
{
$bt = new XMLSecurityDSig();
$bt->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
switch ($I1->type) {
case XMLSecurityKey::RSA_SHA256:
$Sc = XMLSecurityDSig::SHA256;
goto YIR;
case XMLSecurityKey::RSA_SHA384:
$Sc = XMLSecurityDSig::SHA384;
goto YIR;
case XMLSecurityKey::RSA_SHA512:
$Sc = XMLSecurityDSig::SHA512;
goto YIR;
default:
$Sc = XMLSecurityDSig::SHA1;
}
b5n:
YIR:
$bt->addReferenceList(array($iW), $Sc, array("http://www.w3.org/2000/09/xmldsig#enveloped-signature", XMLSecurityDSig::EXC_C14N), array("id_name" => "ID", "overwrite" => FALSE));
$bt->sign($I1);
foreach ($XO as $x3) {
$bt->add509Cert($x3, TRUE);
nC7:
}
CGS:
$bt->insertSignature($iW, $bc);
}
public static function getRemainingDaysOfCurrentCertificate()
{
$x3 = get_site_option("mo_saml_current_cert");
$tw = openssl_x509_parse($x3);
$dw = $tw["validTo_time_t"];
$Ku = $dw - time();
return round($Ku / (60 * 60 * 24));
}
public static function getExpiryDateOfCurrentCertificate()
{
$x3 = get_site_option("mo_saml_current_cert");
$tw = openssl_x509_parse($x3);
return $tw["validTo_time_t"];
}
public static function getValidUntilDateFromCert($x3)
{
$tw = openssl_x509_parse($x3);
$dw = $tw["validTo_time_t"];
$wv = date("Y-m-d", $dw);
$RH = $wv . "T23:59:59Z";
return $RH;
}
public static function signXML($P6, $Ja = '', $rl = false)
{
$IN = array("type" => "private");
$I1 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $IN);
if ($rl) {
goto lAJ;
}
$nl = get_site_option("mo_saml_current_cert_private_key");
$v6 = get_site_option("mo_saml_current_cert");
goto Me5;
lAJ:
$nl = file_get_contents(plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
$v6 = file_get_contents(plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Public_Certificate);
Me5:
$I1->loadKey($nl, FALSE);
$Ni = new DOMDocument();
$Ni->loadXML($P6);
$he = $Ni->firstChild;
if (!empty($Ja)) {
goto MSB;
}
self::insertSignature($I1, array($v6), $he);
goto uZ4;
MSB:
$dN = $Ni->getElementsByTagName($Ja)->item(0);
self::insertSignature($I1, array($v6), $he, $dN);
uZ4:
$h_ = $he->ownerDocument->saveXML($he);
$Oq = base64_encode($h_);
return $Oq;
}
public static function postSAMLRequest($Nw, $Ki, $fJ)
{
echo "<html><head><script src='https://code.jquery.com/jquery-1.11.3.min.js'></script><script type="text/javascript">$(function(){document.forms['saml-request-form'].submit();});</script></head><body>Please wait...<form action="" . $Nw . "" method="post" id="saml-request-form"><input type="hidden" name="SAMLRequest" value="" . $Ki . "" /><input type="hidden" name="RelayState" value="" . htmlentities($fJ) . "" /></form></body></html>";
exit;
}
public static function postSAMLResponse($Nw, $PI, $fJ)
{
echo "<html><head><script src='https://code.jquery.com/jquery-1.11.3.min.js'></script><script type="text/javascript">$(function(){document.forms['saml-request-form'].submit();});</script></head><body>Please wait...<form action="" . $Nw . "" method="post" id="saml-request-form"><input type="hidden" name="SAMLResponse" value="" . $PI . "" /><input type="hidden" name="RelayState" value="" . htmlentities($fJ) . "" /></form></body></html>";
exit;
}
public static function sanitize_certificate($x3)
{
$x3 = preg_replace("/[\xd\xa]+/", '', $x3);
$x3 = str_replace("-", '', $x3);
$x3 = str_replace("BEGIN CERTIFICATE", '', $x3);
$x3 = str_replace("END CERTIFICATE", '', $x3);
$x3 = str_replace(" ", '', $x3);
$x3 = chunk_split($x3, 64, "
\xa");
$x3 = "-----BEGIN CERTIFICATE-----
" . $x3 . "-----END CERTIFICATE-----";
return $x3;
}
public static function desanitize_certificate($x3)
{
$x3 = preg_replace("/[\xd
]+/", '', $x3);
$x3 = str_replace("-----BEGIN CERTIFICATE-----", '', $x3);
$x3 = str_replace("-----END CERTIFICATE-----", '', $x3);
$x3 = str_replace(" ", '', $x3);
return $x3;
}
public static function get_sites()
{
$ur = array("network_id" => null, "public" => null, "archived" => 0, "mature" => null, "spam" => 0, "deleted" => 0, "number" => 0, "offset" => 0);
if (function_exists("get_sites") && class_exists("WP_Site_Query")) {
goto Wfh;
}
if (!function_exists("wp_get_sites")) {
goto aTV;
}
$Kx = wp_get_sites($ur);
aTV:
goto xGp;
Wfh:
$Kx = get_sites($ur);
xGp:
return $Kx;
}
public static function get_active_sites()
{
$BE = maybe_unserialize(get_site_option("mo_enable_sso_sites"));
if (!empty($BE)) {
goto Jlq;
}
$BE = array();
$Kx = self::get_sites();
foreach ($Kx as $mP) {
array_push($BE, $mP->blog_id);
PfO:
}
X61:
Jlq:
$bB = self::get_main_subsite_id();
if (in_array($bB, $BE)) {
goto mmv;
}
array_push($BE, $bB);
mmv:
return $BE;
}
public static function get_all_roles()
{
$Kx = self::get_sites();
$Sb = array();
foreach ($Kx as $mP) {
$sL = new WP_Roles($mP->blog_id);
$b8 = $sL->get_names();
$Sb = array_merge($Sb, $b8);
z3n:
}
Ku9:
return $Sb;
}
public static function get_main_subsite_id()
{
$Kx = self::get_sites();
$Pj = get_site_option("mo_saml_sp_base_url");
if (!empty($Pj)) {
goto dwt;
}
$Pj = get_network_site_url();
dwt:
$bz = $Pj . "/";
$mA = parse_url($Pj, PHP_URL_SCHEME);
$bz = str_replace($mA . "://", '', $bz);
$zI = 1;
foreach ($Kx as $mP) {
$tY = $mP->domain . $mP->path;
if (!($tY == $bz)) {
goto IR8;
}
$zI = $mP->blog_id;
IR8:
X5L:
}
Wnv:
return $zI;
}
public static function mo_saml_wp_remote_call($Nw, $BQ, $ur = array(), $d9 = false)
{
if (!$d9) {
goto lup;
}
$a3 = wp_remote_get($Nw, $ur);
goto M5n;
lup:
$a3 = wp_remote_post($Nw, $ur);
M5n:
if (!is_wp_error($a3)) {
goto fL2;
}
$qZ = $BQ;
update_option("mo_saml_message", "Unable to connect to the Internet. Please try again.");
$qZ->mo_saml_show_error_message();
return false;
goto gdx;
fL2:
return $a3["body"];
gdx:
}
}
?>Did this file decode correctly?
Original Code
<?php
include_once 'xmlseclibs.php';
use \RobRichards\XMLSecLibs\XMLSecurityKey;
use \RobRichards\XMLSecLibs\XMLSecurityDSig;
use \RobRichards\XMLSecLibs\XMLSecEnc;
class Utilities
{
public static function generateID()
{
return "\137" . self::stringToHex(self::generateRandomBytes(21));
}
public static function stringToHex($y4)
{
$ZQ = '';
$dM = 0;
piw:
if (!($dM < strlen($y4))) {
goto w5X;
}
$ZQ .= sprintf("\45\x30\x32\x78", ord($y4[$dM]));
Mpy:
$dM++;
goto piw;
w5X:
return $ZQ;
}
public static function generateRandomBytes($ZY, $lL = TRUE)
{
return openssl_random_pseudo_bytes($ZY);
}
public static function createAuthnRequest($bz, $W_, $dS, $Qo = "\x66\141\x6c\x73\145", $Xc = "\x48\164\x74\160\122\145\144\x69\162\145\143\164", $rb = '')
{
$rb = "\165\x72\x6e\x3a\157\141\x73\151\x73\72\x6e\x61\155\x65\x73\72\164\x63\72\x53\101\115\114\x3a" . $rb;
$Ey = "\74\77\170\x6d\x6c\x20\x76\145\162\x73\151\157\156\x3d\42\61\56\x30\42\40\x65\156\x63\x6f\144\151\x6e\x67\x3d\42\x55\x54\x46\55\70\42\77\x3e" . "\74\x73\x61\155\x6c\x70\72\101\165\164\x68\x6e\122\x65\161\165\145\163\164\40\x78\155\x6c\156\163\72\x73\x61\x6d\x6c\160\75\42\165\162\x6e\x3a\x6f\x61\163\151\163\72\156\141\x6d\145\x73\x3a\164\x63\72\123\x41\115\x4c\72\62\x2e\60\72\160\162\157\164\157\143\157\x6c\x22\40\170\x6d\x6c\156\x73\75\x22\x75\x72\156\x3a\x6f\141\163\151\163\72\x6e\141\155\145\x73\72\x74\143\x3a\123\x41\115\x4c\x3a\62\56\x30\x3a\x61\x73\163\x65\162\x74\151\x6f\x6e\x22\x20\x49\104\75\42" . self::generateID() . "\x22\x20\x56\x65\162\163\x69\157\156\x3d\42\x32\x2e\x30\x22\40\x49\x73\163\165\x65\111\156\163\164\x61\156\164\x3d\42" . self::generateTimestamp() . "\42";
if (!($Qo == "\x74\162\165\145")) {
goto HKk;
}
$Ey .= "\40\x46\x6f\162\x63\145\101\x75\x74\150\x6e\75\x22\x74\x72\165\145\x22";
HKk:
$Ey .= "\40\120\162\157\x74\x6f\143\x6f\x6c\102\151\156\144\151\156\147\75\x22\x75\x72\x6e\x3a\x6f\x61\163\x69\163\x3a\x6e\x61\155\x65\163\72\x74\143\72\123\x41\x4d\x4c\72\62\x2e\60\72\142\151\x6e\144\x69\x6e\147\x73\72\110\124\x54\120\55\x50\x4f\123\124\42\40\x41\163\x73\x65\162\164\x69\157\x6e\103\157\156\x73\x75\x6d\145\162\x53\145\162\x76\x69\x63\145\125\x52\114\75\42" . $bz . "\42\x20\x44\x65\x73\x74\x69\156\x61\x74\151\x6f\156\x3d\x22" . $dS . "\x22\x3e\74\x73\x61\x6d\x6c\x3a\x49\163\x73\165\x65\162\40\x78\x6d\x6c\x6e\x73\x3a\163\x61\155\x6c\75\42\165\x72\x6e\72\x6f\141\x73\151\x73\x3a\156\x61\x6d\x65\163\x3a\x74\143\72\x53\101\x4d\x4c\x3a\62\x2e\60\72\x61\x73\163\x65\162\164\x69\157\156\42\76" . $W_ . "\x3c\x2f\163\x61\x6d\x6c\x3a\111\163\163\165\145\162\x3e\74\x73\x61\155\154\160\72\x4e\x61\x6d\145\x49\x44\120\157\x6c\x69\x63\x79\40\101\154\x6c\157\167\103\x72\x65\141\164\x65\x3d\42\x74\x72\x75\145\x22\40\x46\157\x72\155\x61\164\x3d\x22" . $rb . "\42\15\xa\x20\x20\40\40\40\x20\40\40\x20\x20\40\40\x20\40\40\40\x20\x20\40\x20\x20\40\40\x20\x2f\x3e\74\x2f\163\141\x6d\154\160\72\101\x75\x74\x68\x6e\x52\145\x71\x75\145\x73\164\76";
if (empty($Xc) || $Xc == "\110\x74\x74\160\x52\145\x64\x69\162\145\143\x74") {
goto Y5T;
}
$Qm = gzdeflate($Ey);
$Vj = base64_encode($Qm);
update_site_option("\x6d\x6f\137\163\141\155\x6c\137\x72\145\x71\x75\145\163\x74", $Vj);
goto l5i;
Y5T:
$Qm = gzdeflate($Ey);
$Vj = base64_encode($Qm);
update_site_option("\155\x6f\x5f\163\x61\155\x6c\x5f\x72\x65\161\x75\145\163\x74", $Vj);
$HY = urlencode($Vj);
$Ey = $HY;
l5i:
return $Ey;
}
public static function createLogoutRequest($dQ, $W_, $dS, $Fv = '', $IE = "\110\x74\164\x70\122\x65\x64\x69\x72\x65\x63\164")
{
$Ey = "\74\77\x78\x6d\154\40\166\145\162\x73\151\x6f\156\x3d\x22\61\56\60\42\40\x65\x6e\x63\157\x64\x69\x6e\147\75\x22\125\x54\x46\55\x38\42\x3f\76" . "\74\163\141\155\x6c\160\x3a\114\157\147\x6f\x75\164\122\x65\x71\165\x65\x73\164\40\x78\x6d\x6c\156\163\x3a\x73\x61\155\154\x70\x3d\x22\165\162\x6e\72\157\x61\163\x69\x73\x3a\x6e\x61\155\145\x73\72\x74\143\72\123\101\x4d\114\72\62\x2e\60\72\160\x72\x6f\x74\x6f\143\157\x6c\x22\40\170\x6d\154\156\163\72\x73\141\155\x6c\x3d\x22\165\162\x6e\x3a\x6f\141\163\151\x73\72\156\x61\x6d\145\x73\72\164\x63\72\123\101\x4d\x4c\72\x32\x2e\x30\x3a\141\163\x73\x65\162\x74\151\157\156\42\40\x49\x44\75\x22" . self::generateID() . "\42\40\111\163\163\x75\145\111\156\x73\x74\x61\x6e\164\75\42" . self::generateTimestamp() . "\x22\40\126\x65\162\x73\151\x6f\156\x3d\x22\62\x2e\60\x22\x20\x44\145\x73\x74\x69\156\x61\164\x69\x6f\x6e\75\42" . $dS . "\x22\x3e\15\12\11\11\x9\11\11\11\74\x73\x61\155\x6c\72\111\x73\x73\x75\145\x72\40\x78\155\x6c\x6e\163\x3a\x73\x61\x6d\154\x3d\x22\x75\162\x6e\x3a\157\141\163\x69\163\x3a\x6e\141\x6d\x65\x73\x3a\x74\143\x3a\123\x41\115\114\72\x32\x2e\60\x3a\141\x73\x73\145\162\164\151\157\x6e\x22\x3e" . $W_ . "\74\57\x73\141\155\x6c\x3a\x49\163\x73\165\x65\162\76\15\xa\x9\11\x9\11\x9\11\74\163\x61\155\154\72\116\x61\155\145\x49\104\x20\170\155\x6c\156\x73\72\163\141\x6d\154\x3d\42\x75\x72\x6e\72\x6f\141\163\151\163\x3a\x6e\141\155\145\163\x3a\x74\x63\x3a\123\101\115\x4c\x3a\x32\x2e\x30\72\141\163\x73\x65\162\x74\151\157\156\42\76" . $dQ[0] . "\x3c\x2f\x73\x61\155\154\x3a\x4e\141\x6d\145\x49\x44\76";
if (empty($Fv)) {
goto spk;
}
$Ey .= "\74\x73\x61\155\x6c\160\72\123\x65\163\163\x69\x6f\x6e\x49\x6e\144\x65\170\76" . $Fv[0] . "\74\x2f\163\141\155\x6c\x70\x3a\x53\145\163\163\x69\157\156\111\x6e\x64\145\170\x3e";
spk:
$Ey .= "\74\57\163\x61\155\154\160\72\x4c\x6f\147\157\165\164\122\145\161\165\x65\163\x74\x3e";
if (!(empty($IE) || $IE == "\110\164\164\x70\122\x65\144\151\x72\x65\x63\x74")) {
goto OVE;
}
$Qm = gzdeflate($Ey);
$Vj = base64_encode($Qm);
$HY = urlencode($Vj);
$Ey = $HY;
OVE:
return $Ey;
}
public static function createLogoutResponse($HQ, $W_, $dS, $IE = "\110\x74\x74\x70\122\x65\144\151\x72\x65\x63\164")
{
$Ey = "\x3c\x3f\170\155\x6c\40\166\x65\x72\163\x69\x6f\x6e\75\42\x31\x2e\60\x22\40\x65\x6e\143\x6f\144\x69\156\x67\x3d\x22\125\124\x46\55\x38\x22\77\x3e" . "\x3c\x73\141\x6d\x6c\160\72\114\x6f\x67\157\x75\164\x52\x65\x73\160\x6f\156\163\x65\40\170\x6d\154\156\x73\x3a\x73\141\155\154\160\x3d\x22\x75\162\x6e\x3a\x6f\141\163\x69\163\x3a\156\141\155\x65\x73\x3a\164\x63\x3a\123\101\115\114\x3a\x32\56\x30\x3a\x70\162\157\164\x6f\x63\x6f\x6c\x22\40\x78\x6d\154\x6e\x73\x3a\163\141\x6d\154\x3d\x22\x75\162\x6e\x3a\157\x61\163\151\x73\72\x6e\x61\x6d\145\x73\72\x74\x63\x3a\123\x41\115\x4c\72\x32\56\x30\72\x61\x73\163\145\162\164\x69\157\x6e\x22\40" . "\x49\x44\75\42" . self::generateID() . "\42\x20" . "\126\x65\x72\x73\x69\157\x6e\75\x22\x32\x2e\x30\42\40\111\x73\x73\x75\x65\111\x6e\x73\164\x61\x6e\x74\x3d\42" . self::generateTimestamp() . "\42\40" . "\x44\x65\163\x74\151\156\141\164\x69\157\156\x3d\x22" . $dS . "\42\x20" . "\111\156\122\145\163\160\157\156\163\x65\x54\x6f\x3d\x22" . $HQ . "\x22\x3e" . "\x3c\163\x61\155\154\72\111\x73\163\165\x65\x72\40\170\x6d\x6c\x6e\163\x3a\163\141\x6d\x6c\75\42\165\162\156\72\x6f\x61\x73\151\163\x3a\156\x61\x6d\145\163\72\164\x63\x3a\x53\101\115\x4c\72\x32\56\x30\72\141\x73\163\x65\x72\164\x69\x6f\x6e\42\76" . $W_ . "\x3c\57\163\141\x6d\x6c\x3a\x49\x73\163\165\145\x72\x3e" . "\74\x73\141\x6d\x6c\x70\72\123\164\x61\164\165\163\x3e\74\163\x61\155\x6c\160\x3a\x53\x74\141\x74\x75\x73\x43\x6f\x64\x65\x20\x56\x61\x6c\x75\145\75\42\165\162\156\72\x6f\141\163\151\163\72\156\x61\x6d\145\x73\x3a\x74\x63\72\x53\101\x4d\x4c\x3a\x32\56\60\72\163\164\x61\x74\165\163\72\123\x75\x63\143\x65\163\x73\x22\57\x3e\74\x2f\163\141\x6d\x6c\160\x3a\123\x74\141\x74\x75\x73\x3e\74\x2f\163\x61\155\x6c\x70\x3a\x4c\157\147\157\x75\x74\122\145\163\x70\x6f\156\163\145\x3e";
if (!(empty($IE) || $IE == "\x48\x74\164\160\x52\145\144\x69\162\145\x63\164")) {
goto B2m;
}
$Qm = gzdeflate($Ey);
$Vj = base64_encode($Qm);
$HY = urlencode($Vj);
$Ey = $HY;
B2m:
return $Ey;
}
public static function generateTimestamp($XS = NULL)
{
if (!($XS === NULL)) {
goto FII;
}
$XS = time();
FII:
return gmdate("\x59\55\x6d\x2d\144\x5c\x54\x48\72\151\72\x73\x5c\132", $XS);
}
public static function xpQuery(DOMNode $yc, $X2)
{
static $pL = NULL;
if ($yc instanceof DOMDocument) {
goto t1M;
}
$Re = $yc->ownerDocument;
goto AUs;
t1M:
$Re = $yc;
AUs:
if (!($pL === NULL || !$pL->document->isSameNode($Re))) {
goto rmH;
}
$pL = new DOMXPath($Re);
$pL->registerNamespace("\x73\157\141\x70\55\x65\x6e\x76", "\150\x74\164\x70\x3a\57\x2f\x73\143\150\145\x6d\x61\163\x2e\x78\x6d\x6c\x73\x6f\x61\x70\56\157\x72\147\57\x73\x6f\141\160\x2f\x65\x6e\x76\x65\x6c\157\160\x65\x2f");
$pL->registerNamespace("\163\x61\155\154\x5f\x70\162\x6f\x74\157\x63\x6f\x6c", "\x75\x72\156\72\157\x61\163\x69\x73\x3a\x6e\x61\x6d\145\x73\72\x74\143\72\123\101\x4d\114\72\x32\x2e\60\72\160\x72\157\164\157\143\157\x6c");
$pL->registerNamespace("\163\141\155\154\137\x61\163\163\145\162\x74\151\x6f\156", "\x75\x72\156\x3a\157\x61\x73\151\163\x3a\156\141\155\145\163\72\164\x63\x3a\x53\x41\x4d\114\x3a\62\x2e\60\72\x61\163\x73\x65\x72\164\x69\157\x6e");
$pL->registerNamespace("\x73\x61\x6d\154\x5f\x6d\x65\x74\141\x64\141\164\x61", "\x75\162\x6e\x3a\x6f\x61\x73\151\163\72\x6e\x61\155\x65\163\x3a\164\x63\72\x53\101\115\114\72\62\56\60\72\x6d\x65\164\141\144\x61\x74\141");
$pL->registerNamespace("\x64\163", "\150\x74\164\x70\72\x2f\x2f\167\x77\x77\56\167\63\56\157\162\147\57\x32\60\x30\x30\x2f\60\x39\x2f\170\x6d\x6c\x64\x73\x69\147\x23");
$pL->registerNamespace("\170\145\x6e\x63", "\x68\x74\x74\x70\x3a\57\57\x77\x77\x77\56\x77\x33\x2e\157\162\x67\57\62\x30\60\61\57\60\x34\x2f\170\155\154\x65\156\143\43");
rmH:
$Nn = $pL->query($X2, $yc);
$ZQ = array();
$dM = 0;
A74:
if (!($dM < $Nn->length)) {
goto o6g;
}
$ZQ[$dM] = $Nn->item($dM);
AEB:
$dM++;
goto A74;
o6g:
return $ZQ;
}
public static function parseNameId(DOMElement $P6)
{
$ZQ = array("\126\141\154\165\x65" => trim($P6->textContent));
foreach (array("\x4e\x61\155\x65\x51\165\141\154\151\x66\x69\x65\162", "\x53\120\116\141\x6d\145\121\x75\x61\154\x69\146\151\145\162", "\106\157\162\155\x61\164") as $cc) {
if (!$P6->hasAttribute($cc)) {
goto Gjj;
}
$ZQ[$cc] = $P6->getAttribute($cc);
Gjj:
adg:
}
Lzh:
return $ZQ;
}
public static function xsDateTimeToTimestamp($XJ)
{
$sO = array();
$Fw = "\57\x5e\50\134\144\x5c\x64\134\x64\x5c\144\x29\55\x28\134\144\134\144\51\55\50\x5c\144\134\x64\51\124\x28\x5c\144\x5c\144\x29\x3a\50\x5c\144\x5c\144\51\x3a\50\134\x64\134\x64\51\x28\77\x3a\x5c\56\x5c\x64\x2b\51\77\x5a\x24\x2f\104";
if (!(preg_match($Fw, $XJ, $sO) == 0)) {
goto etj;
}
echo sprintf("\156\x76\x61\154\151\x64\40\123\101\x4d\x4c\62\40\x74\151\155\145\163\164\x61\x6d\x70\x20\160\x61\163\x73\145\x64\40\164\x6f\40\170\x73\104\x61\164\x65\x54\151\155\145\x54\x6f\124\151\x6d\x65\163\x74\x61\155\x70\72\x20" . $XJ);
exit;
etj:
$Ui = intval($sO[1]);
$nI = intval($sO[2]);
$Xe = intval($sO[3]);
$m2 = intval($sO[4]);
$hH = intval($sO[5]);
$P9 = intval($sO[6]);
$p_ = gmmktime($m2, $hH, $P9, $nI, $Xe, $Ui);
return $p_;
}
public static function extractStrings(DOMElement $Qu, $m_, $a2)
{
$ZQ = array();
$yc = $Qu->firstChild;
Akd:
if (!($yc !== NULL)) {
goto Rp8;
}
if (!($yc->namespaceURI !== $m_ || $yc->localName !== $a2)) {
goto wjm;
}
goto JSU;
wjm:
$ZQ[] = trim($yc->textContent);
JSU:
$yc = $yc->nextSibling;
goto Akd;
Rp8:
return $ZQ;
}
public static function validateElement(DOMElement $iW)
{
$bt = new XMLSecurityDSig();
$bt->idKeys[] = "\x49\x44";
$t1 = self::xpQuery($iW, "\56\57\x64\x73\72\123\151\x67\156\x61\x74\165\x72\145");
if (count($t1) === 0) {
goto XOh;
}
if (count($t1) > 1) {
goto ndC;
}
goto Atf;
XOh:
return FALSE;
goto Atf;
ndC:
echo sprintf("\130\x4d\114\x53\x65\x63\72\x20\155\157\162\x65\x20\164\x68\141\156\x20\x6f\156\145\x20\163\151\147\156\141\x74\165\x72\145\x20\x65\154\x65\155\145\x6e\164\x20\x69\156\40\162\157\x6f\164\x2e");
exit;
Atf:
$t1 = $t1[0];
$bt->sigNode = $t1;
$bt->canonicalizeSignedInfo();
if ($bt->validateReference()) {
goto XvT;
}
echo sprintf("\130\115\x4c\x73\145\x63\72\40\144\151\x67\x65\x73\x74\40\x76\x61\x6c\x69\144\141\x74\151\x6f\156\40\146\141\151\x6c\145\x64");
exit;
XvT:
$O6 = FALSE;
foreach ($bt->getValidatedNodes() as $i0) {
if ($i0->isSameNode($iW)) {
goto cxc;
}
if ($iW->parentNode instanceof DOMDocument && $i0->isSameNode($iW->ownerDocument)) {
goto SyG;
}
goto H6C;
cxc:
$O6 = TRUE;
goto aAs;
goto H6C;
SyG:
$O6 = TRUE;
goto aAs;
H6C:
yJ4:
}
aAs:
if ($O6) {
goto c5v;
}
echo sprintf("\130\x4d\x4c\x53\145\x63\72\x20\x54\150\x65\40\162\x6f\157\x74\40\x65\x6c\x65\155\145\156\x74\x20\151\163\x20\x6e\x6f\164\40\x73\151\147\x6e\x65\144\x2e");
exit;
c5v:
$XO = array();
foreach (self::xpQuery($t1, "\x2e\57\x64\x73\x3a\x4b\x65\x79\x49\156\146\x6f\x2f\x64\x73\x3a\130\65\x30\x39\x44\x61\x74\141\57\x64\163\72\x58\x35\x30\x39\103\x65\162\164\x69\146\x69\143\x61\x74\x65") as $Tn) {
$Ka = trim($Tn->textContent);
$Ka = str_replace(array("\xd", "\xa", "\x9", "\x20"), '', $Ka);
$XO[] = $Ka;
Y2F:
}
aK2:
$ZQ = array("\x53\151\x67\156\x61\x74\x75\x72\145" => $bt, "\x43\x65\x72\164\151\x66\151\x63\141\x74\x65\163" => $XO);
return $ZQ;
}
public static function validateSignature(array $AM, XMLSecurityKey $I1)
{
$bt = $AM["\123\151\x67\156\x61\164\165\x72\x65"];
$E3 = self::xpQuery($bt->sigNode, "\56\57\x64\163\x3a\x53\151\147\x6e\145\x64\111\x6e\x66\157\x2f\144\163\x3a\123\151\x67\x6e\141\164\x75\x72\x65\115\x65\164\x68\157\144");
if (!empty($E3)) {
goto NTM;
}
echo sprintf("\115\151\x73\x73\x69\x6e\147\40\x53\151\147\156\141\164\x75\x72\145\115\x65\x74\x68\x6f\x64\x20\x65\154\145\155\x65\x6e\164");
exit;
NTM:
$E3 = $E3[0];
if ($E3->hasAttribute("\101\154\x67\157\x72\x69\x74\150\155")) {
goto TYQ;
}
echo sprintf("\115\151\163\x73\151\x6e\x67\x20\x41\154\147\x6f\162\x69\x74\x68\x6d\55\141\x74\164\162\x69\x62\165\x74\x65\x20\x6f\x6e\40\x53\x69\147\x6e\141\164\165\x72\145\115\145\164\150\157\144\x20\145\x6c\145\155\x65\x6e\164\x2e");
exit;
TYQ:
$vd = $E3->getAttribute("\x41\154\x67\157\x72\x69\x74\150\155");
if (!($I1->type === XMLSecurityKey::RSA_SHA1 && $vd !== $I1->type)) {
goto XIs;
}
$I1 = self::castKey($I1, $vd);
XIs:
if ($bt->verify($I1)) {
goto w8m;
}
return false;
w8m:
}
public static function castKey(XMLSecurityKey $I1, $Tg, $Sc = "\160\x75\x62\154\x69\143")
{
if (!($I1->type === $Tg)) {
goto Eq1;
}
return $I1;
Eq1:
$uX = openssl_pkey_get_details($I1->key);
if (!($uX === FALSE)) {
goto sxw;
}
echo sprintf("\x55\x6e\x61\142\154\x65\x20\164\157\40\147\145\164\40\x6b\x65\171\x20\144\x65\x74\141\x69\154\x73\40\146\x72\x6f\155\x20\130\115\x4c\123\145\x63\165\162\151\x74\171\113\145\x79\56");
exit;
sxw:
if (isset($uX["\x6b\x65\x79"])) {
goto Iy3;
}
echo sprintf("\115\151\x73\x73\151\156\147\x20\153\x65\171\40\x69\x6e\40\160\x75\142\154\151\x63\40\153\145\171\x20\x64\145\164\141\151\154\163\56");
exit;
Iy3:
$P1 = new XMLSecurityKey($Tg, array("\x74\171\160\x65" => $Sc));
$P1->loadKey($uX["\x6b\145\171"]);
return $P1;
}
public static function processResponse($rT, $Qw, $ba, SAML2_Response $a3, $bI, $fJ)
{
$qb = current($a3->getAssertions());
$VX = $qb->getNotBefore();
if (!($VX !== NULL && $VX > time() + 60)) {
goto PHF;
}
wp_die("\x52\145\143\x65\151\166\x65\x64\x20\141\x6e\40\141\x73\163\145\x72\x74\151\x6f\x6e\x20\164\150\x61\164\x20\151\x73\x20\x76\x61\x6c\151\144\x20\151\x6e\x20\164\150\145\40\x66\165\164\x75\x72\145\56\x20\103\150\145\x63\153\40\143\x6c\x6f\x63\x6b\x20\x73\171\x6e\143\x68\162\157\156\151\172\141\164\151\x6f\x6e\x20\x6f\x6e\40\111\x64\x50\x20\x61\x6e\144\x20\123\120\56");
PHF:
$y5 = $qb->getNotOnOrAfter();
if (!($y5 !== NULL && $y5 <= time() - 60)) {
goto siO;
}
wp_die("\x52\x65\x63\x65\x69\x76\145\x64\40\x61\x6e\40\x61\163\163\x65\162\x74\151\x6f\x6e\x20\164\150\141\x74\40\150\x61\163\x20\145\x78\160\151\162\145\144\x2e\40\x43\150\145\143\153\x20\x63\x6c\x6f\143\153\40\163\x79\156\x63\x68\162\157\156\151\x7a\141\x74\x69\x6f\156\x20\x6f\x6e\x20\111\x64\120\40\141\x6e\x64\40\x53\120\x2e");
siO:
$uA = $qb->getSessionNotOnOrAfter();
if (!($uA !== NULL && $uA <= time() - 60)) {
goto oGi;
}
wp_die("\x52\145\143\145\x69\166\145\x64\x20\141\156\40\x61\163\163\x65\x72\164\151\157\156\40\x77\151\x74\x68\40\x61\x20\x73\x65\163\163\151\x6f\x6e\40\x74\x68\x61\x74\40\150\141\163\x20\145\170\160\x69\x72\x65\144\56\x20\103\x68\x65\143\153\x20\x63\x6c\x6f\x63\153\40\163\x79\x6e\x63\150\162\157\x6e\151\x7a\x61\164\x69\157\156\40\157\x6e\40\111\x64\x50\40\141\x6e\144\40\123\120\x2e");
oGi:
$C6 = $a3->getDestination();
if (!(substr($C6, -1) == "\x2f")) {
goto Usp;
}
$C6 = substr($C6, 0, -1);
Usp:
if (!(substr($rT, -1) == "\x2f")) {
goto VK7;
}
$rT = substr($rT, 0, -1);
VK7:
if (!($C6 !== NULL && $C6 !== $rT)) {
goto BG5;
}
echo "\104\145\x73\164\151\x6e\141\164\x69\157\x6e\40\x69\x6e\40\162\x65\163\x70\157\156\163\145\x20\x64\x6f\145\163\156\47\x74\40\155\x61\164\x63\x68\x20\164\x68\145\x20\143\165\x72\x72\145\x6e\x74\40\x55\122\x4c\x2e\x20\x44\145\163\164\151\x6e\x61\164\x69\x6f\x6e\40\x69\163\40\x22" . htmlspecialchars($C6) . "\x22\54\40\143\x75\162\x72\x65\x6e\164\40\x55\122\x4c\x20\x69\x73\40\x22" . htmlspecialchars($rT) . "\42\x2e";
exit;
BG5:
$Oy = self::checkSign($Qw, $ba, $bI, $fJ);
return $Oy;
}
public static function checkSign($Qw, $ba, $bI, $fJ)
{
$XO = $ba["\103\145\x72\164\151\146\x69\x63\141\164\x65\x73"];
if (count($XO) === 0) {
goto HKb;
}
$vX = array();
$vX[] = $Qw;
$fY = self::findCertificate($vX, $XO, $fJ);
if ($fY) {
goto cUb;
}
return FALSE;
cUb:
goto U_O;
HKb:
$QC = maybe_unserialize(get_site_option("\163\141\x6d\154\137\x78\65\x30\71\x5f\x63\x65\162\164\x69\146\151\x63\x61\164\x65"));
$fY = $QC[$bI];
U_O:
$lu = NULL;
$I1 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array("\x74\x79\x70\x65" => "\160\x75\x62\154\x69\143"));
$I1->loadKey($fY);
try {
self::validateSignature($ba, $I1);
return TRUE;
} catch (Exception $r_) {
$lu = $r_;
return FALSE;
}
if ($lu !== NULL) {
goto IkO;
}
return FALSE;
goto tDX;
IkO:
throw $lu;
tDX:
}
public static function validateIssuerAndAudience($eI, $ls, $Tl, $fJ)
{
$W_ = current($eI->getAssertions())->getIssuer();
$qb = current($eI->getAssertions());
$QD = $qb->getValidAudiences();
if (strcmp($Tl, $W_) === 0) {
goto whW;
}
if ($fJ == "\x74\x65\x73\164\126\141\x6c\x69\144\x61\164\x65" or $fJ == "\x74\145\163\164\116\145\167\103\145\162\x74\x69\x66\151\x63\x61\x74\145") {
goto Owr;
}
wp_die("\127\x65\x20\143\x6f\x75\x6c\144\40\156\157\x74\x20\x73\151\147\x6e\40\171\157\165\40\x69\x6e\x2e\x20\x50\154\x65\x61\163\145\40\x63\x6f\156\164\x61\x63\164\40\x79\157\165\162\40\101\x64\155\151\156\151\163\x74\162\x61\164\x6f\x72", "\105\162\x72\x6f\162\40\72\111\x73\x73\x75\145\162\x20\143\141\156\156\x6f\x74\x20\x62\145\40\x76\145\x72\151\x66\151\x65\144");
goto nEf;
Owr:
ob_end_clean();
$Jt = mo_options_error_constants::Error_issuer_not_verfied;
$q8 = mo_options_error_constants::Cause_issuer_not_verfied;
echo "\74\144\151\x76\x20\163\x74\171\x6c\x65\x3d\x22\x66\157\156\164\x2d\146\x61\x6d\x69\x6c\x79\x3a\103\141\x6c\151\142\x72\151\73\160\141\x64\x64\151\x6e\x67\x3a\x30\40\x33\45\73\x22\76";
echo "\x3c\x64\x69\166\40\163\x74\x79\154\x65\x3d\x22\143\x6f\x6c\x6f\x72\72\x20\x23\x61\71\64\64\x34\x32\x3b\x62\141\143\x6b\x67\162\157\165\x6e\144\x2d\143\157\x6c\157\162\x3a\x20\43\x66\x32\144\145\x64\x65\73\x70\141\144\144\151\x6e\x67\72\x20\x31\x35\160\x78\73\155\x61\x72\x67\x69\x6e\x2d\x62\157\x74\164\157\x6d\x3a\x20\x32\60\x70\x78\x3b\x74\145\170\x74\x2d\141\x6c\151\147\x6e\72\x63\x65\x6e\164\145\162\x3b\142\157\x72\x64\145\162\72\x31\160\x78\x20\x73\157\x6c\151\x64\40\x23\x45\x36\x42\63\102\62\x3b\146\x6f\156\x74\55\x73\151\172\145\x3a\x31\x38\160\x74\x3b\42\x3e\40\105\x52\122\117\x52\74\57\x64\151\166\x3e\xd\xa\11\11\x9\x20\x3c\x64\x69\x76\x20\x73\164\171\154\x65\x3d\x22\143\x6f\x6c\x6f\162\x3a\x20\x23\141\x39\64\64\64\62\x3b\x66\x6f\x6e\164\55\x73\151\172\145\x3a\x31\x34\160\x74\x3b\x20\x6d\141\162\x67\151\156\55\x62\157\x74\164\157\x6d\72\62\60\160\x78\73\42\x3e\74\x70\76\74\163\164\162\x6f\x6e\147\76\x45\162\162\x6f\162\x3a\40\x3c\57\x73\x74\162\x6f\156\147\76\111\x73\163\165\145\x72\40\x63\141\156\156\x6f\x74\40\x62\145\40\x76\145\162\151\146\151\145\x64\x2e\74\x2f\x70\x3e\xd\12\11\11\11\x20\74\x70\76\120\154\145\x61\x73\145\40\x63\x6f\156\x74\141\x63\x74\40\171\x6f\165\162\40\x61\x64\x6d\151\156\151\x73\164\x72\x61\x74\x6f\x72\x20\141\x6e\144\x20\x72\145\x70\157\162\164\x20\164\x68\145\x20\x66\157\154\154\x6f\167\151\x6e\147\x20\x65\162\x72\157\162\x3a\x3c\57\x70\76\xd\xa\x9\11\11\40\x3c\160\x3e\74\163\x74\162\157\x6e\x67\x3e\120\x6f\x73\x73\151\x62\154\145\40\x43\x61\165\163\145\72\x20\74\57\x73\x74\162\x6f\x6e\147\x3e\x49\144\x50\x20\105\156\x74\151\164\171\40\111\x44\40\x63\157\x6e\146\151\147\x75\x72\145\144\x20\151\156\x20\x74\150\x65\40\160\x6c\x75\x67\151\156\x20\151\x73\40\151\x6e\143\x6f\x72\162\x65\143\x74\74\57\x70\76\xd\12\11\x9\11\x20\x3c\x70\76\74\163\x74\162\x6f\156\147\x3e\x45\156\164\151\x74\x79\x20\x49\104\40\151\x6e\x20\x53\x41\x4d\x4c\40\122\x65\x73\x70\x6f\x6e\163\x65\x3a\40\74\x2f\x73\164\162\157\x6e\x67\x3e" . esc_html($W_) . "\74\160\76\xd\xa\11\11\x9\40\74\x70\76\74\x73\164\162\157\x6e\x67\76\x45\156\164\x69\x74\x79\x20\111\104\40\x63\157\x6e\x66\151\147\x75\162\145\144\x20\151\x6e\x20\164\x68\x65\40\x70\154\x75\x67\x69\x6e\x3a\x20\x3c\57\163\164\162\x6f\x6e\x67\x3e" . esc_html($Tl) . "\x3c\x2f\160\x3e\15\12\11\x9\x9\x20\x3c\160\76\74\163\x74\x72\157\x6e\x67\x3e\123\x6f\154\165\164\x69\157\156\72\74\x2f\163\164\x72\157\156\147\76\x3c\57\160\76\xd\12\x9\x9\11\x9\74\x6f\154\76\xd\xa\11\x9\11\11\x9\x3c\154\x69\x3e\103\157\160\x79\x20\164\x68\x65\40\105\x6e\164\x69\164\x79\x20\111\x44\x20\157\x66\40\x53\101\115\x4c\40\x52\145\163\160\x6f\x6e\x73\145\x20\146\x72\x6f\x6d\40\141\142\157\166\x65\x20\x61\x6e\144\40\x70\x61\163\x74\x65\40\151\x74\x20\151\156\x20\105\x6e\164\x69\164\x79\40\x49\x44\x20\157\162\x20\111\163\x73\165\x65\x72\40\x66\x69\x65\154\144\x20\x75\156\x64\x65\162\40\x53\145\162\x76\x69\x63\x65\40\x50\x72\157\166\151\x64\145\162\x20\123\145\x74\x75\x70\x20\164\141\142\x2e\74\57\x6c\151\x3e\15\12\x9\x9\x9\x9\74\57\x6f\154\x3e\15\xa\x9\x9\11\x20\x3c\x2f\x64\151\166\76\xd\xa\11\11\11\40\74\x64\151\x76\40\x73\x74\171\154\145\75\x22\x6d\x61\162\x67\x69\x6e\72\63\x25\73\144\151\163\x70\154\141\x79\x3a\x62\154\x6f\x63\x6b\73\164\145\x78\x74\55\x61\x6c\x69\147\x6e\x3a\143\145\x6e\164\145\162\73\42\76\xd\xa\11\x9\x9\40\74\144\151\166\40\163\x74\x79\x6c\145\x3d\42\x6d\141\162\x67\151\156\72\x33\45\73\x64\x69\x73\160\154\x61\171\72\x62\154\157\x63\153\73\x74\x65\170\x74\55\141\154\x69\147\x6e\72\143\x65\156\164\x65\162\x3b\42\x3e\x3c\151\156\160\x75\164\x20\163\x74\171\154\145\x3d\42\160\x61\x64\144\151\156\147\72\61\x25\73\x77\151\x64\164\x68\x3a\x31\60\60\160\170\x3b\142\141\143\x6b\x67\162\x6f\x75\x6e\144\72\40\x23\x30\x30\71\61\103\x44\40\x6e\x6f\156\145\x20\162\145\160\x65\x61\164\x20\163\143\162\157\154\x6c\40\x30\x25\x20\60\45\x3b\x63\x75\x72\x73\x6f\162\72\40\160\x6f\x69\156\164\x65\x72\73\x66\157\156\164\55\x73\151\172\x65\x3a\61\x35\x70\x78\x3b\142\x6f\162\144\145\x72\x2d\x77\x69\x64\x74\150\72\x20\x31\x70\x78\x3b\142\157\162\144\145\x72\x2d\163\x74\x79\154\x65\72\40\163\x6f\x6c\151\x64\x3b\x62\157\x72\144\x65\x72\55\x72\x61\144\151\165\x73\x3a\40\63\x70\x78\73\167\x68\x69\164\x65\x2d\163\x70\141\143\145\72\40\156\x6f\167\x72\x61\160\73\x62\157\x78\x2d\x73\x69\x7a\x69\x6e\x67\72\40\142\157\x72\x64\x65\162\55\142\x6f\170\73\x62\x6f\x72\144\145\162\55\143\157\154\157\162\72\x20\x23\x30\60\x37\x33\101\101\73\142\157\170\55\x73\x68\141\x64\157\x77\72\x20\60\160\170\40\61\x70\x78\40\x30\160\x78\x20\x72\x67\142\141\50\x31\x32\60\x2c\40\62\x30\x30\x2c\x20\62\x33\x30\x2c\x20\60\56\66\x29\x20\151\x6e\x73\x65\164\x3b\143\x6f\x6c\x6f\x72\72\40\43\x46\106\x46\73\42\x74\171\x70\145\x3d\42\142\165\164\x74\157\156\x22\40\166\x61\x6c\165\145\75\x22\104\x6f\156\145\x22\x20\157\x6e\103\x6c\x69\143\x6b\75\42\163\x65\x6c\x66\56\143\x6c\x6f\163\x65\50\51\73\42\76\74\57\144\x69\x76\76";
mo_saml_download_logs($Jt, $q8);
exit;
nEf:
goto T_4;
whW:
if (empty($QD)) {
goto eQU;
}
if (in_array($ls, $QD, TRUE)) {
goto Qy5;
}
if ($fJ == "\x74\145\163\164\x56\141\154\x69\x64\141\164\x65" or $fJ == "\x74\x65\163\164\116\x65\167\103\x65\162\x74\x69\x66\x69\x63\141\x74\x65") {
goto lky;
}
wp_die("\x57\x65\x20\x63\157\x75\154\144\40\x6e\157\164\40\x73\x69\x67\x6e\x20\x79\x6f\x75\x20\x69\156\x2e\x20\120\x6c\145\x61\x73\x65\40\143\x6f\156\x74\141\x63\x74\x20\171\x6f\165\162\40\x41\144\155\151\156\x69\163\164\162\141\x74\157\162", "\105\162\x72\x6f\x72\x20\x3a\x49\156\x76\141\154\151\144\40\101\x75\144\151\145\156\x63\x65\40\125\x52\x49");
goto QQI;
lky:
$Jt = mo_options_error_constants::Error_invalid_audience;
$q8 = mo_options_error_constants::Cause_invalid_audience;
ob_end_clean();
echo "\x3c\x64\151\166\40\163\164\x79\154\x65\75\x22\x66\x6f\x6e\x74\x2d\146\x61\x6d\x69\x6c\171\72\103\x61\x6c\151\x62\x72\x69\x3b\x70\x61\x64\144\151\x6e\x67\x3a\60\40\63\45\x3b\42\76";
echo "\x3c\x64\151\166\40\163\x74\171\154\x65\x3d\42\x63\x6f\x6c\157\162\72\x20\x23\141\x39\64\x34\64\62\73\x62\141\143\x6b\x67\x72\x6f\165\x6e\144\x2d\x63\x6f\154\x6f\x72\x3a\x20\43\146\62\144\x65\144\145\x3b\x70\141\144\144\151\x6e\147\x3a\40\61\65\x70\x78\x3b\x6d\x61\x72\147\151\x6e\55\142\x6f\164\164\157\x6d\72\x20\x32\60\160\170\x3b\164\145\170\164\55\x61\x6c\x69\147\x6e\x3a\x63\145\x6e\164\145\x72\x3b\x62\x6f\162\x64\x65\x72\72\x31\x70\170\40\163\157\154\x69\x64\x20\43\105\x36\102\63\102\62\x3b\146\157\156\x74\x2d\x73\x69\172\145\x3a\61\x38\x70\x74\73\42\x3e\40\x45\122\122\x4f\122\74\57\x64\151\x76\76\15\12\x20\x20\x20\x20\40\x20\40\40\40\40\x20\x20\40\x20\x20\40\40\40\40\x20\74\x64\151\166\x20\x73\x74\x79\x6c\x65\75\42\x63\x6f\x6c\157\162\x3a\40\x23\x61\71\64\64\64\62\73\x66\x6f\156\x74\55\x73\151\x7a\145\72\x31\64\x70\x74\73\x20\155\x61\x72\x67\x69\156\x2d\x62\x6f\x74\x74\157\x6d\x3a\x32\x30\x70\170\x3b\42\x3e\74\x70\x3e\74\163\164\162\x6f\156\x67\x3e\x45\x72\x72\157\x72\72\x20\x3c\x2f\163\164\162\157\156\147\x3e\111\156\x76\x61\154\x69\144\x20\101\165\x64\151\x65\x6e\x63\145\x20\x55\x52\x49\56\74\x2f\160\76\xd\xa\x20\x20\x20\40\40\40\x20\x20\x20\40\x20\40\x20\x20\40\x20\40\x20\40\40\74\160\76\120\x6c\145\141\x73\x65\40\x63\x6f\x6e\x74\x61\143\164\x20\x79\x6f\165\162\40\141\x64\155\151\156\151\163\164\x72\141\x74\157\x72\40\x61\x6e\144\40\x72\145\x70\157\x72\x74\x20\164\150\x65\40\x66\x6f\154\154\x6f\x77\x69\156\x67\40\x65\162\162\157\x72\x3a\74\57\160\x3e\xd\12\x20\40\40\40\40\x20\40\40\x20\40\40\40\x20\40\40\40\x20\x20\x20\40\74\160\76\74\x73\164\162\x6f\x6e\147\x3e\120\157\x73\x73\x69\142\154\145\40\x43\141\165\163\x65\72\x20\74\x2f\163\164\x72\157\156\147\76\x54\x68\145\40\x76\141\x6c\x75\x65\40\x6f\x66\40\47\101\165\x64\151\145\156\x63\145\x20\x55\122\x49\47\40\146\x69\x65\154\144\x20\157\156\40\x49\x64\145\x6e\x74\151\164\171\40\x50\162\157\x76\x69\x64\x65\x72\47\163\x20\x73\x69\x64\x65\40\151\x73\40\x69\156\143\x6f\162\162\145\143\164\x3c\57\160\76\xd\xa\x20\40\40\x20\x20\40\x20\40\40\x20\x20\x20\x20\40\40\x20\x20\40\x20\x20\74\x70\x3e\105\170\160\145\x63\164\145\x64\x20\157\x6e\145\40\157\146\x20\164\x68\x65\x20\x41\165\x64\x69\x65\x6e\x63\145\x73\x20\x74\x6f\40\x62\x65\72\40" . $ls . "\74\160\x3e\xd\xa\x9\x9\x9\11\x9\74\160\76\x3c\163\164\162\157\x6e\x67\x3e\123\157\154\165\x74\x69\157\x6e\x3a\x3c\57\x73\x74\x72\x6f\156\147\x3e\74\57\x70\x3e\15\xa\11\11\11\x9\11\x3c\157\154\76\15\12\x9\11\11\x9\11\x9\74\x6c\151\x3e\103\157\160\171\x20\x74\x68\145\40\x45\170\x70\x65\x63\x74\145\144\40\x41\165\144\151\x65\x6e\143\145\40\x55\x52\x49\x20\x66\x72\x6f\x6d\40\x61\142\157\166\x65\x20\141\156\x64\40\x70\141\x73\164\x65\40\x69\164\x20\x69\x6e\x20\x74\x68\x65\40\x41\x75\x64\x69\145\156\143\145\x20\125\x52\111\40\x66\151\x65\154\x64\40\x61\164\40\111\x64\145\156\x74\x69\x74\171\40\120\162\x6f\166\151\x64\x65\162\40\x73\x69\144\x65\x2e\74\x2f\154\x69\76\15\xa\x9\11\11\x9\11\x3c\57\x6f\154\x3e\15\12\11\x9\11\x9\x9\74\x2f\144\151\166\x3e\15\12\40\x20\x20\x20\40\40\x20\40\x20\40\x20\40\x20\40\40\x20\x20\40\x20\40\74\144\151\166\40\163\x74\x79\154\x65\x3d\x22\x6d\141\x72\147\x69\156\x3a\x33\45\x3b\x64\151\x73\x70\154\141\x79\x3a\142\x6c\x6f\x63\x6b\x3b\x74\x65\x78\164\55\141\x6c\151\147\156\x3a\x63\145\156\164\145\162\x3b\x22\x3e\xd\xa\40\x20\x20\x20\x20\x20\x20\40\40\x20\40\x20\x20\40\x20\40\40\40\40\x20\74\x64\151\166\x20\163\x74\x79\154\145\75\x22\x6d\x61\162\147\151\x6e\72\x33\x25\73\144\x69\x73\x70\x6c\141\x79\x3a\x62\x6c\x6f\x63\x6b\73\x74\145\170\x74\x2d\x61\x6c\x69\x67\x6e\x3a\x63\145\x6e\x74\x65\162\x3b\42\x3e\x3c\151\x6e\x70\x75\164\x20\x73\x74\x79\154\x65\75\x22\x70\141\144\144\x69\156\147\x3a\x31\x25\73\167\x69\x64\x74\x68\x3a\61\60\x30\160\x78\73\142\x61\x63\x6b\147\x72\x6f\165\156\x64\72\40\x23\x30\x30\x39\61\x43\104\x20\156\157\156\x65\x20\x72\x65\x70\x65\141\x74\40\x73\x63\162\x6f\154\154\40\60\45\x20\60\45\73\143\165\x72\163\x6f\x72\72\x20\x70\x6f\151\x6e\164\x65\162\x3b\x66\x6f\156\x74\x2d\163\x69\172\145\72\x31\65\160\x78\x3b\142\x6f\162\x64\x65\162\55\167\x69\144\x74\x68\72\x20\61\x70\x78\x3b\x62\x6f\162\144\x65\x72\x2d\163\164\171\x6c\145\x3a\40\163\x6f\x6c\151\x64\x3b\x62\x6f\x72\x64\x65\x72\x2d\x72\x61\x64\151\x75\x73\x3a\40\x33\x70\x78\73\x77\150\151\x74\x65\x2d\163\x70\x61\x63\x65\72\x20\156\x6f\x77\162\x61\x70\73\142\x6f\x78\55\x73\151\x7a\151\x6e\147\72\x20\142\x6f\x72\x64\x65\x72\55\142\157\x78\73\142\157\x72\x64\145\162\55\x63\157\154\x6f\x72\72\40\x23\60\x30\x37\63\101\x41\73\x62\157\x78\x2d\x73\150\x61\x64\x6f\x77\72\x20\60\x70\x78\40\x31\x70\170\x20\x30\160\170\40\162\147\x62\141\x28\61\62\x30\54\40\62\x30\60\x2c\x20\x32\63\x30\54\x20\x30\56\66\x29\x20\151\156\x73\145\164\73\x63\x6f\x6c\157\x72\72\40\x23\106\106\x46\x3b\42\164\171\x70\x65\x3d\x22\x62\165\164\164\x6f\x6e\42\40\x76\x61\154\x75\145\x3d\42\104\x6f\156\145\42\40\x6f\x6e\x43\x6c\151\x63\153\x3d\x22\163\145\154\146\56\x63\154\x6f\163\x65\x28\x29\73\42\76\74\57\x64\x69\x76\x3e";
exit;
mo_saml_download_logs($Jt, $q8);
QQI:
goto jzB;
Qy5:
return TRUE;
jzB:
eQU:
T_4:
}
private static function findCertificate(array $IJ, array $XO, $fJ)
{
$Om = array();
foreach ($XO as $WP) {
$De = strtolower(sha1(base64_decode($WP)));
if (!in_array($De, $IJ, TRUE)) {
goto mph;
}
$G0 = "\55\55\55\x2d\55\x42\105\x47\111\116\40\103\105\122\124\111\106\x49\103\101\124\x45\x2d\x2d\55\x2d\55\xa" . chunk_split($WP, 64) . "\x2d\x2d\55\x2d\55\x45\116\104\x20\x43\105\122\x54\x49\106\111\103\x41\124\x45\55\x2d\55\x2d\55\12";
return $G0;
mph:
$Om[] = $De;
vLj:
}
wFJ:
return false;
}
private static function doDecryptElement(DOMElement $qq, XMLSecurityKey $Am, array &$HI)
{
$EY = new XMLSecEnc();
$EY->setNode($qq);
$EY->type = $qq->getAttribute("\124\x79\160\x65");
$KR = $EY->locateKey($qq);
if ($KR) {
goto dSS;
}
echo sprintf("\x43\157\165\154\144\x20\x6e\157\x74\40\x6c\x6f\143\141\x74\145\x20\153\145\171\40\141\154\147\157\162\151\164\x68\155\40\151\x6e\x20\145\x6e\143\162\x79\x70\x74\145\144\40\x64\141\164\x61\56");
exit;
dSS:
$U9 = $EY->locateKeyInfo($KR);
if ($U9) {
goto Rns;
}
echo sprintf("\x43\x6f\165\154\x64\x20\156\157\x74\40\x6c\157\x63\141\x74\x65\40\x3c\144\x73\x69\147\72\x4b\145\171\111\x6e\146\x6f\x3e\x20\146\x6f\x72\40\164\x68\x65\x20\x65\156\x63\x72\171\160\164\145\x64\40\x6b\145\171\56");
exit;
Rns:
$lv = $Am->getAlgorith();
if ($U9->isEncrypted) {
goto d21;
}
$xM = $KR->getAlgorith();
if (!($lv !== $xM)) {
goto dti;
}
echo sprintf("\101\154\x67\157\x72\x69\x74\150\155\x20\x6d\x69\x73\x6d\141\164\x63\150\x20\142\x65\x74\x77\145\x65\x6e\40\151\x6e\x70\x75\164\40\x6b\145\171\x20\x61\x6e\144\40\x6b\x65\171\40\151\156\x20\155\145\163\163\x61\x67\x65\56\x20" . "\113\145\x79\40\167\x61\163\x3a\x20" . var_export($lv, TRUE) . "\73\40\155\145\x73\163\141\147\145\40\x77\141\x73\72\x20" . var_export($xM, TRUE));
exit;
dti:
$KR = $Am;
goto bGj;
d21:
$A5 = $U9->getAlgorith();
if (!in_array($A5, $HI, TRUE)) {
goto eLU;
}
echo sprintf("\101\x6c\147\x6f\162\151\x74\150\x6d\40\144\151\163\x61\x62\x6c\x65\x64\72\40" . var_export($A5, TRUE));
exit;
eLU:
if (!($A5 === XMLSecurityKey::RSA_OAEP_MGF1P && $lv === XMLSecurityKey::RSA_1_5)) {
goto Bn1;
}
$lv = XMLSecurityKey::RSA_OAEP_MGF1P;
Bn1:
if (!($lv !== $A5)) {
goto LpX;
}
echo sprintf("\x41\x6c\147\x6f\162\x69\164\150\x6d\40\x6d\151\163\155\x61\x74\x63\x68\40\142\145\164\167\x65\145\x6e\x20\151\156\x70\x75\x74\x20\x6b\145\x79\x20\141\x6e\x64\x20\x6b\x65\x79\40\165\x73\x65\x64\x20\164\x6f\x20\145\156\143\x72\171\160\164\x20" . "\40\164\x68\x65\x20\163\171\x6d\155\x65\164\162\x69\143\40\153\x65\171\40\x66\x6f\162\x20\164\x68\145\x20\155\x65\x73\x73\x61\147\145\x2e\40\x4b\x65\x79\40\x77\x61\x73\x3a\40" . var_export($lv, TRUE) . "\x3b\40\155\x65\x73\x73\x61\x67\145\40\167\141\163\x3a\40" . var_export($A5, TRUE));
exit;
LpX:
$eh = $U9->encryptedCtx;
$U9->key = $Am->key;
$lk = $KR->getSymmetricKeySize();
if (!($lk === NULL)) {
goto syE;
}
echo sprintf("\125\156\x6b\x6e\x6f\x77\156\x20\153\145\171\40\163\151\172\x65\40\146\157\162\x20\x65\156\x63\x72\171\160\x74\x69\157\x6e\40\141\154\147\x6f\x72\x69\164\150\x6d\x3a\x20" . var_export($KR->type, TRUE));
exit;
syE:
try {
$I1 = $eh->decryptKey($U9);
if (!(strlen($I1) != $lk)) {
goto yGr;
}
echo sprintf("\125\156\145\170\x70\145\x63\164\x65\x64\40\153\145\171\40\163\151\172\x65\40\x28" . strlen($I1) * 8 . "\x62\151\x74\x73\51\x20\146\x6f\x72\40\145\x6e\x63\162\x79\160\x74\151\157\x6e\40\141\154\147\157\x72\x69\164\x68\155\x3a\x20" . var_export($KR->type, TRUE));
exit;
yGr:
} catch (Exception $r_) {
$OC = $eh->getCipherValue();
$dq = openssl_pkey_get_details($U9->key);
$dq = sha1(serialize($dq), TRUE);
$I1 = sha1($OC . $dq, TRUE);
if (strlen($I1) > $lk) {
goto kFw;
}
if (strlen($I1) < $lk) {
goto zGM;
}
goto QTv;
kFw:
$I1 = substr($I1, 0, $lk);
goto QTv;
zGM:
$I1 = str_pad($I1, $lk);
QTv:
}
$KR->loadkey($I1);
bGj:
$Tg = $KR->getAlgorith();
if (!in_array($Tg, $HI, TRUE)) {
goto qdJ;
}
echo sprintf("\x41\x6c\x67\x6f\162\x69\164\x68\x6d\x20\x64\x69\x73\x61\x62\x6c\x65\144\72\40" . var_export($Tg, TRUE));
exit;
qdJ:
$kI = $EY->decryptNode($KR, FALSE);
$P6 = "\74\162\157\157\164\x20\170\x6d\154\x6e\x73\x3a\163\x61\x6d\x6c\x3d\x22\165\162\156\x3a\x6f\141\163\x69\163\x3a\156\x61\x6d\x65\x73\x3a\164\x63\x3a\123\101\x4d\x4c\x3a\x32\x2e\60\72\x61\x73\x73\x65\162\x74\151\x6f\156\x22\x20" . "\170\x6d\154\x6e\163\72\170\x73\x69\75\x22\150\x74\164\x70\72\57\57\x77\x77\167\56\x77\63\56\157\162\x67\x2f\62\x30\x30\x31\x2f\130\x4d\114\x53\x63\x68\145\x6d\141\55\151\156\x73\x74\141\156\x63\x65\x22\76" . $kI . "\74\x2f\x72\x6f\x6f\164\76";
$qV = new DOMDocument();
if (@$qV->loadXML($P6)) {
goto Aw7;
}
echo sprintf("\x46\141\151\154\145\144\40\x74\157\x20\160\x61\162\x73\145\40\144\145\143\162\x79\x70\x74\145\144\x20\130\x4d\114\x2e\40\x4d\141\x79\142\x65\x20\164\150\x65\40\x77\x72\157\156\x67\x20\x73\x68\141\x72\145\144\x6b\145\171\x20\x77\x61\163\x20\165\163\145\x64\x3f");
throw new Exception("\x46\141\151\x6c\145\144\40\x74\157\40\x70\x61\x72\x73\x65\x20\x64\145\x63\x72\x79\x70\164\x65\144\x20\130\x4d\114\56\x20\x4d\141\x79\x62\145\x20\164\150\145\40\x77\162\157\x6e\147\x20\x73\x68\141\162\145\x64\153\x65\171\40\167\x61\163\x20\x75\163\x65\144\x3f");
Aw7:
$uU = $qV->firstChild->firstChild;
if (!($uU === NULL)) {
goto Qw6;
}
echo sprintf("\115\x69\163\163\x69\156\147\40\145\x6e\x63\162\171\x70\164\x65\x64\x20\145\154\x65\155\145\x6e\164\56");
throw new Exception("\115\x69\163\163\151\x6e\x67\x20\145\156\x63\x72\x79\x70\x74\145\144\40\x65\x6c\x65\155\x65\x6e\x74\56");
Qw6:
if ($uU instanceof DOMElement) {
goto m2m;
}
echo sprintf("\104\145\x63\x72\171\x70\164\145\x64\x20\145\x6c\x65\x6d\x65\x6e\x74\40\167\x61\163\40\x6e\157\x74\x20\x61\x63\164\165\x61\154\x6c\x79\x20\x61\40\x44\x4f\x4d\x45\x6c\145\155\x65\x6e\x74\56");
m2m:
return $uU;
}
public static function decryptElement(DOMElement $qq, XMLSecurityKey $Am, array $HI = array(), XMLSecurityKey $JM = NULL)
{
try {
return self::doDecryptElement($qq, $Am, $HI);
} catch (Exception $r_) {
echo sprintf("\x46\x61\151\154\145\144\x20\164\157\40\x64\x65\143\162\x79\160\x74\x20\130\x4d\x4c\x20\145\x6c\x65\x6d\x65\156\164\56");
exit;
}
}
public static function get_mapped_groups($aB, $Ds)
{
$S7 = array();
if (empty($Ds)) {
goto EHO;
}
$AJ = array();
$dM = 1;
YUQ:
if (!($dM < 10)) {
goto P47;
}
$Vv = $aB->get("\147\x72\x6f\x75\160" . $dM . "\x5f\x6d\141\x70");
$AJ[$dM] = explode("\x3b", $Vv);
$dM++;
goto YUQ;
P47:
EHO:
foreach ($Ds as $LW) {
if (empty($LW)) {
goto Z6l;
}
$dM = 0;
$C2 = false;
JNN:
if (!($dM < 9 && !$C2)) {
goto UAU;
}
if (!(!empty($AJ[$dM]) && in_array($LW, $AJ[$dM]))) {
goto KGI;
}
$S7[] = $aB->get("\147\162\157\165\160" . $dM);
$C2 = true;
KGI:
$dM++;
goto JNN;
UAU:
Z6l:
lE3:
}
vlU:
return array_unique($S7);
}
public static function getEncryptionAlgorithm($RX)
{
switch ($RX) {
case "\x68\x74\x74\160\72\x2f\57\x77\167\x77\56\x77\x33\x2e\x6f\x72\x67\x2f\x32\x30\60\61\57\60\64\57\x78\155\154\x65\x6e\x63\43\164\x72\x69\160\154\145\144\145\x73\55\143\x62\143":
return XMLSecurityKey::TRIPLEDES_CBC;
goto UYg;
case "\x68\164\x74\160\x3a\57\57\x77\x77\167\56\x77\63\56\x6f\162\x67\57\x32\x30\x30\61\x2f\x30\x34\57\170\155\x6c\145\x6e\x63\x23\141\x65\163\x31\x32\x38\55\143\x62\x63":
return XMLSecurityKey::AES128_CBC;
case "\150\x74\164\x70\x3a\57\57\x77\x77\167\56\167\x33\56\157\162\x67\57\62\60\60\61\x2f\x30\x34\x2f\x78\155\154\145\156\143\43\x61\x65\163\x31\71\62\x2d\x63\142\x63":
return XMLSecurityKey::AES192_CBC;
goto UYg;
case "\150\164\x74\x70\72\x2f\57\167\x77\x77\56\167\63\x2e\x6f\162\x67\57\x32\60\60\x31\x2f\x30\64\57\170\x6d\x6c\x65\x6e\143\x23\x61\145\x73\x32\x35\66\55\x63\x62\x63":
return XMLSecurityKey::AES256_CBC;
goto UYg;
case "\x68\x74\x74\x70\x3a\57\57\167\x77\x77\56\167\x33\x2e\x6f\x72\x67\57\62\x30\x30\61\57\x30\x34\57\x78\155\154\145\x6e\143\x23\162\163\141\x2d\x31\x5f\65":
return XMLSecurityKey::RSA_1_5;
goto UYg;
case "\x68\x74\164\x70\x3a\x2f\57\167\167\x77\x2e\167\x33\x2e\x6f\162\x67\57\62\x30\x30\61\x2f\x30\x34\x2f\x78\x6d\x6c\145\x6e\143\x23\162\x73\x61\x2d\x6f\x61\145\160\55\x6d\147\x66\x31\x70":
return XMLSecurityKey::RSA_OAEP_MGF1P;
goto UYg;
case "\150\164\x74\x70\72\x2f\57\x77\x77\x77\x2e\x77\63\x2e\x6f\x72\x67\57\x32\x30\x30\x30\57\x30\x39\x2f\170\x6d\154\x64\163\151\147\x23\144\163\x61\x2d\163\x68\x61\x31":
return XMLSecurityKey::DSA_SHA1;
goto UYg;
case "\150\164\164\160\x3a\57\57\x77\167\167\x2e\x77\63\x2e\157\162\x67\57\62\x30\60\x30\57\60\71\57\170\x6d\x6c\144\163\x69\147\x23\162\x73\x61\55\163\x68\141\61":
return XMLSecurityKey::RSA_SHA1;
goto UYg;
case "\150\x74\x74\160\72\x2f\x2f\x77\167\x77\x2e\167\x33\x2e\157\162\147\x2f\62\60\60\61\57\x30\x34\x2f\170\155\x6c\x64\163\151\x67\55\155\157\x72\x65\43\x72\163\x61\x2d\x73\150\141\62\65\66":
return XMLSecurityKey::RSA_SHA256;
goto UYg;
case "\150\164\164\160\x3a\57\57\167\167\x77\56\167\x33\56\157\162\147\x2f\x32\x30\60\61\57\60\x34\x2f\170\x6d\x6c\x64\163\x69\147\x2d\155\x6f\162\145\43\162\163\x61\x2d\x73\150\141\63\70\64":
return XMLSecurityKey::RSA_SHA384;
goto UYg;
case "\150\164\164\160\x3a\x2f\57\x77\x77\x77\56\x77\63\x2e\157\x72\x67\57\x32\60\x30\x31\57\x30\64\x2f\x78\155\154\144\x73\151\x67\55\x6d\x6f\x72\x65\x23\162\x73\x61\x2d\x73\150\x61\65\61\x32":
return XMLSecurityKey::RSA_SHA512;
goto UYg;
default:
echo sprintf("\x49\x6e\166\x61\x6c\151\x64\40\x45\x6e\x63\x72\171\x70\164\x69\x6f\x6e\40\115\145\x74\150\x6f\x64\x3a\x20" . $RX);
exit;
goto UYg;
}
Ytd:
UYg:
}
public static function insertSignature(XMLSecurityKey $I1, array $XO, DOMElement $iW, DOMNode $bc = NULL)
{
$bt = new XMLSecurityDSig();
$bt->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
switch ($I1->type) {
case XMLSecurityKey::RSA_SHA256:
$Sc = XMLSecurityDSig::SHA256;
goto YIR;
case XMLSecurityKey::RSA_SHA384:
$Sc = XMLSecurityDSig::SHA384;
goto YIR;
case XMLSecurityKey::RSA_SHA512:
$Sc = XMLSecurityDSig::SHA512;
goto YIR;
default:
$Sc = XMLSecurityDSig::SHA1;
}
b5n:
YIR:
$bt->addReferenceList(array($iW), $Sc, array("\150\x74\164\160\72\57\x2f\x77\167\x77\56\x77\63\x2e\x6f\x72\x67\x2f\x32\60\60\60\57\60\x39\x2f\170\x6d\154\x64\x73\x69\147\43\x65\x6e\166\x65\x6c\157\160\145\144\x2d\163\x69\147\x6e\141\x74\165\x72\x65", XMLSecurityDSig::EXC_C14N), array("\151\x64\137\156\141\155\x65" => "\111\x44", "\157\x76\145\x72\167\x72\151\x74\145" => FALSE));
$bt->sign($I1);
foreach ($XO as $x3) {
$bt->add509Cert($x3, TRUE);
nC7:
}
CGS:
$bt->insertSignature($iW, $bc);
}
public static function getRemainingDaysOfCurrentCertificate()
{
$x3 = get_site_option("\155\x6f\x5f\163\x61\155\x6c\x5f\143\x75\x72\x72\x65\156\164\137\143\145\x72\164");
$tw = openssl_x509_parse($x3);
$dw = $tw["\166\141\x6c\x69\144\124\157\x5f\x74\x69\x6d\145\x5f\x74"];
$Ku = $dw - time();
return round($Ku / (60 * 60 * 24));
}
public static function getExpiryDateOfCurrentCertificate()
{
$x3 = get_site_option("\x6d\157\137\x73\141\155\154\x5f\143\x75\162\162\x65\x6e\x74\x5f\143\145\x72\x74");
$tw = openssl_x509_parse($x3);
return $tw["\166\x61\154\151\144\x54\x6f\137\x74\x69\x6d\145\137\x74"];
}
public static function getValidUntilDateFromCert($x3)
{
$tw = openssl_x509_parse($x3);
$dw = $tw["\166\141\x6c\151\144\x54\157\x5f\x74\x69\x6d\145\137\164"];
$wv = date("\x59\55\155\55\x64", $dw);
$RH = $wv . "\124\62\63\x3a\65\x39\x3a\65\71\x5a";
return $RH;
}
public static function signXML($P6, $Ja = '', $rl = false)
{
$IN = array("\x74\171\x70\145" => "\160\x72\151\166\x61\164\145");
$I1 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $IN);
if ($rl) {
goto lAJ;
}
$nl = get_site_option("\x6d\157\x5f\163\x61\x6d\154\137\x63\x75\x72\x72\145\x6e\x74\137\143\x65\162\x74\x5f\160\162\x69\166\141\x74\x65\137\153\x65\171");
$v6 = get_site_option("\155\x6f\x5f\163\141\x6d\154\x5f\x63\x75\162\x72\145\x6e\x74\137\x63\145\x72\x74");
goto Me5;
lAJ:
$nl = file_get_contents(plugin_dir_path(__FILE__) . "\x72\145\x73\x6f\x75\162\x63\x65\163" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
$v6 = file_get_contents(plugin_dir_path(__FILE__) . "\x72\x65\163\157\165\x72\x63\x65\163" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Public_Certificate);
Me5:
$I1->loadKey($nl, FALSE);
$Ni = new DOMDocument();
$Ni->loadXML($P6);
$he = $Ni->firstChild;
if (!empty($Ja)) {
goto MSB;
}
self::insertSignature($I1, array($v6), $he);
goto uZ4;
MSB:
$dN = $Ni->getElementsByTagName($Ja)->item(0);
self::insertSignature($I1, array($v6), $he, $dN);
uZ4:
$h_ = $he->ownerDocument->saveXML($he);
$Oq = base64_encode($h_);
return $Oq;
}
public static function postSAMLRequest($Nw, $Ki, $fJ)
{
echo "\74\x68\164\x6d\x6c\x3e\x3c\150\x65\x61\144\x3e\x3c\163\143\x72\151\160\164\40\163\x72\x63\x3d\x27\150\164\164\x70\x73\72\57\x2f\x63\157\x64\145\56\x6a\x71\165\x65\162\x79\x2e\x63\x6f\x6d\x2f\152\x71\x75\x65\x72\x79\x2d\61\x2e\61\x31\56\x33\56\x6d\151\156\x2e\x6a\x73\47\76\74\57\163\143\162\151\160\164\76\x3c\163\x63\162\151\160\164\40\164\171\x70\145\x3d\x22\164\x65\x78\164\57\152\x61\166\x61\x73\143\x72\151\x70\x74\x22\x3e\x24\50\x66\x75\x6e\143\164\x69\x6f\156\50\x29\173\144\157\x63\165\x6d\x65\x6e\x74\x2e\x66\157\x72\x6d\163\133\x27\163\141\x6d\x6c\x2d\x72\x65\161\165\x65\163\164\55\x66\157\x72\x6d\x27\x5d\56\163\165\x62\155\x69\x74\x28\x29\73\x7d\51\73\74\57\x73\x63\162\151\160\164\76\x3c\x2f\150\x65\141\x64\x3e\74\142\157\x64\x79\x3e\x50\154\x65\141\x73\x65\x20\x77\x61\x69\x74\56\x2e\x2e\x3c\146\x6f\162\155\x20\x61\x63\164\151\x6f\156\x3d\x22" . $Nw . "\42\x20\155\x65\x74\150\157\x64\75\42\x70\157\x73\x74\x22\40\151\x64\75\x22\x73\141\x6d\154\x2d\x72\145\x71\165\x65\x73\x74\55\x66\157\162\x6d\x22\x3e\74\x69\x6e\x70\x75\164\x20\x74\171\x70\145\x3d\x22\x68\151\x64\x64\x65\x6e\42\40\x6e\x61\x6d\145\x3d\x22\123\101\x4d\x4c\122\145\161\x75\x65\163\164\x22\40\166\141\x6c\165\x65\75\42" . $Ki . "\x22\40\57\76\x3c\151\156\x70\x75\164\40\x74\171\160\145\75\x22\x68\x69\x64\x64\145\156\x22\40\156\x61\x6d\145\x3d\x22\122\x65\x6c\x61\171\123\164\x61\164\145\x22\x20\166\141\x6c\x75\145\75\x22" . htmlentities($fJ) . "\42\x20\x2f\x3e\74\57\146\157\x72\155\x3e\74\x2f\x62\x6f\144\x79\76\x3c\x2f\x68\x74\x6d\x6c\x3e";
exit;
}
public static function postSAMLResponse($Nw, $PI, $fJ)
{
echo "\74\150\x74\155\x6c\x3e\x3c\150\x65\x61\x64\76\74\163\143\162\151\x70\x74\x20\163\x72\x63\75\47\x68\164\164\x70\163\x3a\57\x2f\143\157\144\145\x2e\x6a\x71\165\145\x72\x79\x2e\143\x6f\155\57\152\161\165\145\162\x79\55\61\x2e\x31\61\56\63\56\155\151\x6e\x2e\152\x73\x27\76\74\57\163\x63\162\x69\x70\164\76\74\x73\143\162\x69\160\x74\x20\x74\x79\x70\145\75\x22\x74\x65\x78\x74\57\x6a\x61\x76\141\163\143\x72\x69\x70\164\42\76\x24\x28\x66\165\156\143\x74\x69\x6f\156\50\51\x7b\144\157\143\x75\x6d\145\x6e\164\56\146\x6f\162\155\163\x5b\47\163\141\155\x6c\55\162\x65\x71\165\145\163\164\x2d\x66\x6f\162\x6d\x27\135\56\x73\165\142\155\x69\164\50\x29\73\x7d\51\x3b\x3c\57\x73\x63\162\x69\x70\164\x3e\74\x2f\150\145\x61\144\76\x3c\x62\157\144\171\x3e\x50\154\x65\141\x73\x65\x20\x77\141\x69\x74\56\x2e\x2e\74\146\x6f\x72\155\40\x61\x63\x74\x69\x6f\x6e\75\x22" . $Nw . "\x22\40\x6d\x65\x74\x68\x6f\144\x3d\x22\160\x6f\x73\x74\42\40\151\x64\x3d\x22\163\141\155\x6c\55\162\x65\161\x75\x65\163\x74\x2d\x66\x6f\x72\155\42\76\x3c\x69\x6e\160\165\164\40\164\171\x70\x65\75\42\150\151\144\x64\145\156\42\x20\x6e\141\155\145\75\x22\123\101\x4d\x4c\122\145\x73\160\x6f\x6e\163\x65\x22\x20\x76\141\x6c\x75\x65\75\x22" . $PI . "\42\40\57\x3e\74\x69\x6e\160\x75\x74\40\164\171\x70\145\75\x22\150\x69\x64\144\145\156\x22\x20\156\141\155\x65\x3d\x22\122\x65\154\141\171\x53\x74\141\x74\145\x22\40\x76\x61\x6c\165\145\x3d\42" . htmlentities($fJ) . "\42\x20\x2f\x3e\x3c\57\146\x6f\162\155\x3e\x3c\57\142\157\144\171\x3e\74\57\150\164\155\154\x3e";
exit;
}
public static function sanitize_certificate($x3)
{
$x3 = preg_replace("\x2f\x5b\xd\xa\135\x2b\57", '', $x3);
$x3 = str_replace("\55", '', $x3);
$x3 = str_replace("\102\x45\x47\x49\x4e\40\x43\x45\x52\x54\x49\x46\x49\103\x41\124\105", '', $x3);
$x3 = str_replace("\x45\116\x44\x20\x43\105\x52\x54\x49\106\x49\103\x41\x54\x45", '', $x3);
$x3 = str_replace("\x20", '', $x3);
$x3 = chunk_split($x3, 64, "\15\xa");
$x3 = "\x2d\55\55\55\x2d\102\x45\107\x49\x4e\40\103\105\x52\124\111\x46\x49\103\101\x54\x45\55\55\55\55\55\15\12" . $x3 . "\55\x2d\55\55\55\x45\116\x44\40\103\x45\122\124\111\106\x49\103\x41\124\105\55\55\55\x2d\x2d";
return $x3;
}
public static function desanitize_certificate($x3)
{
$x3 = preg_replace("\x2f\133\xd\12\135\53\57", '', $x3);
$x3 = str_replace("\55\55\x2d\55\x2d\x42\105\x47\x49\116\40\x43\x45\122\x54\x49\106\x49\103\x41\124\x45\55\55\55\55\x2d", '', $x3);
$x3 = str_replace("\55\55\x2d\x2d\55\105\x4e\x44\40\103\x45\122\x54\x49\106\x49\x43\x41\124\105\55\x2d\55\55\x2d", '', $x3);
$x3 = str_replace("\x20", '', $x3);
return $x3;
}
public static function get_sites()
{
$ur = array("\x6e\145\164\167\x6f\162\153\137\151\x64" => null, "\x70\165\142\154\x69\143" => null, "\x61\x72\x63\150\151\x76\145\144" => 0, "\x6d\141\164\165\162\x65" => null, "\x73\x70\141\x6d" => 0, "\x64\145\154\x65\x74\x65\144" => 0, "\x6e\165\x6d\142\x65\x72" => 0, "\x6f\x66\146\163\x65\x74" => 0);
if (function_exists("\x67\145\x74\x5f\163\x69\x74\x65\163") && class_exists("\127\x50\137\x53\x69\x74\145\x5f\121\165\x65\x72\171")) {
goto Wfh;
}
if (!function_exists("\167\160\137\147\x65\164\137\163\151\164\x65\163")) {
goto aTV;
}
$Kx = wp_get_sites($ur);
aTV:
goto xGp;
Wfh:
$Kx = get_sites($ur);
xGp:
return $Kx;
}
public static function get_active_sites()
{
$BE = maybe_unserialize(get_site_option("\x6d\x6f\x5f\145\x6e\x61\x62\x6c\145\x5f\163\x73\157\x5f\163\151\164\145\163"));
if (!empty($BE)) {
goto Jlq;
}
$BE = array();
$Kx = self::get_sites();
foreach ($Kx as $mP) {
array_push($BE, $mP->blog_id);
PfO:
}
X61:
Jlq:
$bB = self::get_main_subsite_id();
if (in_array($bB, $BE)) {
goto mmv;
}
array_push($BE, $bB);
mmv:
return $BE;
}
public static function get_all_roles()
{
$Kx = self::get_sites();
$Sb = array();
foreach ($Kx as $mP) {
$sL = new WP_Roles($mP->blog_id);
$b8 = $sL->get_names();
$Sb = array_merge($Sb, $b8);
z3n:
}
Ku9:
return $Sb;
}
public static function get_main_subsite_id()
{
$Kx = self::get_sites();
$Pj = get_site_option("\155\x6f\x5f\163\141\155\154\x5f\163\160\x5f\x62\141\x73\145\x5f\165\162\x6c");
if (!empty($Pj)) {
goto dwt;
}
$Pj = get_network_site_url();
dwt:
$bz = $Pj . "\x2f";
$mA = parse_url($Pj, PHP_URL_SCHEME);
$bz = str_replace($mA . "\72\x2f\x2f", '', $bz);
$zI = 1;
foreach ($Kx as $mP) {
$tY = $mP->domain . $mP->path;
if (!($tY == $bz)) {
goto IR8;
}
$zI = $mP->blog_id;
IR8:
X5L:
}
Wnv:
return $zI;
}
public static function mo_saml_wp_remote_call($Nw, $BQ, $ur = array(), $d9 = false)
{
if (!$d9) {
goto lup;
}
$a3 = wp_remote_get($Nw, $ur);
goto M5n;
lup:
$a3 = wp_remote_post($Nw, $ur);
M5n:
if (!is_wp_error($a3)) {
goto fL2;
}
$qZ = $BQ;
update_option("\155\157\x5f\163\x61\155\154\137\x6d\x65\163\163\141\147\x65", "\125\156\x61\142\154\145\x20\164\x6f\x20\x63\157\156\x6e\145\143\x74\x20\x74\x6f\40\164\x68\x65\x20\111\156\x74\x65\x72\x6e\145\x74\56\x20\120\x6c\145\x61\163\x65\40\164\162\x79\40\141\147\x61\151\156\56");
$qZ->mo_saml_show_error_message();
return false;
goto gdx;
fL2:
return $a3["\x62\157\144\x79"];
gdx:
}
}
Function Calls
| None |
Stats
| MD5 | a609d5586795cc8cc3360ae94e702fd1 |
| Eval Count | 0 |
| Decode Time | 70 ms |