Current File : /home/k/a/r/karenpetzb/www/items/category/Xml.tar
Exception.php000060400000002246150714754330007224 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Exception.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Exception
 */
require_once 'Zend/InfoCard/Exception.php';

/**
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_Exception extends Zend_InfoCard_Exception 
{
}
Security/Transform/Interface.php000060400000002734150714754330012752 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Interface.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Interface for XML Security Transforms
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
interface Zend_InfoCard_Xml_Security_Transform_Interface
{
    /**
     * Transform the given XML string according to the transform rules
     * implemented by the object using this interface
     *
     * @throws Zend_InfoCard_Xml_Security_Transform_Exception
     * @param string $strXmlData the input XML
     * @return string the output XML
     */
    public function transform($strXmlData);
}
Security/Transform/Exception.php000060400000002362150714754330013005 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Exception.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Security_Exception
 */
require_once 'Zend/InfoCard/Xml/Security/Exception.php';

/**
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_Security_Transform_Exception extends Zend_InfoCard_Xml_Security_Exception 
{
}
Security/Transform/XmlExcC14N.php000060400000004076150714754330012641 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: XmlExcC14N.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Security_Transform_Interface
 */
require_once 'Zend/InfoCard/Xml/Security/Transform/Interface.php';

/**
 * Zend_InfoCard_Xml_Security_Transform_Exception
 */
require_once 'Zend/InfoCard/Xml/Security/Transform/Exception.php';

/**
 * A Transform to perform C14n XML Exclusive Canonicalization
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_Security_Transform_XmlExcC14N
    implements Zend_InfoCard_Xml_Security_Transform_Interface
{
    /**
     * Transform the input XML based on C14n XML Exclusive Canonicalization rules
     *
     * @throws Zend_InfoCard_Xml_Security_Transform_Exception
     * @param string $strXMLData The input XML
     * @return string The output XML
     */
    public function transform($strXMLData)
    {
        $dom = new DOMDocument();
        $dom->loadXML($strXMLData);

        if(method_exists($dom, 'C14N')) {
            return $dom->C14N(true, false);
        }

        throw new Zend_InfoCard_Xml_Security_Transform_Exception("This transform requires the C14N() method to exist in the DOM extension");
    }
}
Security/Transform/EnvelopedSignature.php000060400000004117150714754330014652 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: EnvelopedSignature.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Security_Transform_Interface
 */
require_once 'Zend/InfoCard/Xml/Security/Transform/Interface.php';

/**
 * Zend_InfoCard_Xml_Security_Transform_Exception
 */
require_once 'Zend/InfoCard/Xml/Security/Transform/Exception.php';

/**
 * A object implementing the EnvelopedSignature XML Transform
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_Security_Transform_EnvelopedSignature
    implements Zend_InfoCard_Xml_Security_Transform_Interface
{
    /**
     * Transforms the XML Document according to the EnvelopedSignature Transform
     *
     * @throws Zend_InfoCard_Xml_Security_Transform_Exception
     * @param string $strXMLData The input XML data
     * @return string the transformed XML data
     */
    public function transform($strXMLData)
    {
        $sxe = simplexml_load_string($strXMLData);

        if(!$sxe->Signature) {
            throw new Zend_InfoCard_Xml_Security_Transform_Exception("Unable to locate Signature Block for EnvelopedSignature Transform");
        }

        unset($sxe->Signature);

        return $sxe->asXML();
    }
}
Security/Exception.php000060400000002315150714754330011030 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Exception.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Exception
 */
require_once 'Zend/InfoCard/Xml/Exception.php';

/**
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_Security_Exception extends Zend_InfoCard_Xml_Exception 
{
}
Security/Transform.php000060400000007314150714754330011051 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Transform.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_Loader
 */
require_once 'Zend/Loader.php';

/**
 * A class to create a transform rule set based on XML URIs and then apply those rules
 * in the correct order to a given XML input
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_Security_Transform
{
    /**
     * A list of transforms to apply
     *
     * @var array
     */
    protected $_transformList = array();

    /**
     * Returns the name of the transform class based on a given URI
     *
     * @throws Zend_InfoCard_Xml_Security_Exception
     * @param string $uri The transform URI
     * @return string The transform implementation class name
     */
    protected function _findClassbyURI($uri)
    {
        switch($uri) {
            case 'http://www.w3.org/2000/09/xmldsig#enveloped-signature':
                return 'Zend_InfoCard_Xml_Security_Transform_EnvelopedSignature';
            case 'http://www.w3.org/2001/10/xml-exc-c14n#':
                return 'Zend_InfoCard_Xml_Security_Transform_XmlExcC14N';
            default:
                throw new Zend_InfoCard_Xml_Security_Exception("Unknown or Unsupported Transformation Requested");
        }
    }

    /**
     * Add a Transform URI to the list of transforms to perform
     *
     * @param string $uri The Transform URI
     * @return Zend_InfoCard_Xml_Security_Transform
     */
    public function addTransform($uri)
    {
        $class = $this->_findClassbyURI($uri);

        $this->_transformList[] = array('uri' => $uri,
                                        'class' => $class);
        return $this;
    }

    /**
     * Return the list of transforms to perform
     *
     * @return array The list of transforms
     */
    public function getTransformList()
    {
        return $this->_transformList;
    }

    /**
     * Apply the transforms in the transform list to the input XML document
     *
     * @param string $strXmlDocument The input XML
     * @return string The XML after the transformations have been applied
     */
    public function applyTransforms($strXmlDocument)
    {
        foreach($this->_transformList as $transform) {
            Zend_Loader::loadClass($transform['class']);

            $transformer = new $transform['class'];

            // We can't really test this check because it would require logic changes in the component itself
            // @codeCoverageIgnoreStart
            if(!($transformer instanceof Zend_InfoCard_Xml_Security_Transform_Interface)) {
                throw new Zend_InfoCard_Xml_Security_Exception("Transforms must implement the Transform Interface");
            }
            // @codeCoverageIgnoreEnd

            $strXmlDocument = $transformer->transform($strXmlDocument);
        }

        return $strXmlDocument;
    }
}
Assertion.php000060400000005420150714754330007232 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Assertion.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Exception
 */
require_once 'Zend/InfoCard/Xml/Exception.php';

/**
 * Zend_InfoCard_Xml_Assertion_Interface
 */
require_once 'Zend/InfoCard/Xml/Assertion/Interface.php';

/**
 * Factory object to retrieve an Assertion object based on the type of XML document provided
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
final class Zend_InfoCard_Xml_Assertion
{
    /**
     * The namespace for a SAML-formatted Assertion document
     */
    const TYPE_SAML = 'urn:oasis:names:tc:SAML:1.0:assertion';

    /**
     * Constructor (disabled)
     *
     * @return void
     */
    private function __construct()
    {
    }

    /**
     * Returns an instance of a InfoCard Assertion object based on the XML data provided
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @param string $xmlData The XML-Formatted Assertion
     * @return Zend_InfoCard_Xml_Assertion_Interface
     * @throws Zend_InfoCard_Xml_Exception
     */
    static public function getInstance($xmlData)
    {

        if($xmlData instanceof Zend_InfoCard_Xml_Element) {
            $strXmlData = $xmlData->asXML();
        } else if (is_string($xmlData)) {
            $strXmlData = $xmlData;
        } else {
            throw new Zend_InfoCard_Xml_Exception("Invalid Data provided to create instance");
        }

        $sxe = simplexml_load_string($strXmlData);

        $namespaces = $sxe->getDocNameSpaces();

        foreach($namespaces as $namespace) {
            switch($namespace) {
                case self::TYPE_SAML:
                    include_once 'Zend/InfoCard/Xml/Assertion/Saml.php';
                    return simplexml_load_string($strXmlData, 'Zend_InfoCard_Xml_Assertion_Saml', null);
            }
        }

        throw new Zend_InfoCard_Xml_Exception("Unable to determine Assertion type by Namespace");
    }
}
Element.php000060400000007073150714754330006662 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Element.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Exception
 */
require_once 'Zend/InfoCard/Xml/Exception.php';

/**
 * Zend_InfoCard_Xml_Element_Interface
 */
require_once 'Zend/InfoCard/Xml/Element/Interface.php';

/**
 * Zend_Loader
 */
require_once 'Zend/Loader.php';

/**
 * An abstract class representing a an XML data block
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
abstract class Zend_InfoCard_Xml_Element
    extends SimpleXMLElement
    implements Zend_InfoCard_Xml_Element_Interface
{
    /**
     * Convert the object to a string by displaying its XML content
     *
     * @return string an XML representation of the object
     */
    public function __toString()
    {
        return $this->asXML();
    }

    /**
     * Converts an XML Element object into a DOM object
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @param Zend_InfoCard_Xml_Element $e The object to convert
     * @return DOMElement A DOMElement representation of the same object
     */
    static public function convertToDOM(Zend_InfoCard_Xml_Element $e)
    {
        $dom = dom_import_simplexml($e);

        if(!($dom instanceof DOMElement)) {
            // Zend_InfoCard_Xml_Element exntes SimpleXMLElement, so this should *never* fail
            // @codeCoverageIgnoreStart
            throw new Zend_InfoCard_Xml_Exception("Failed to convert between SimpleXML and DOM");
            // @codeCoverageIgnoreEnd
        }

        return $dom;
    }

    /**
     * Converts a DOMElement object into the specific class
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @param DOMElement $e The DOMElement object to convert
     * @param string $classname The name of the class to convert it to (must inhert from Zend_InfoCard_Xml_Element)
     * @return Zend_InfoCard_Xml_Element a Xml Element object from the DOM element
     */
    static public function convertToObject(DOMElement $e, $classname)
    {

        Zend_Loader::loadClass($classname);

        $reflection = new ReflectionClass($classname);

        if(!$reflection->isSubclassOf('Zend_InfoCard_Xml_Element')) {
            throw new Zend_InfoCard_Xml_Exception("DOM element must be converted to an instance of Zend_InfoCard_Xml_Element");
        }

        $sxe = simplexml_import_dom($e, $classname);

        if(!($sxe instanceof Zend_InfoCard_Xml_Element)) {
            // Since we just checked to see if this was a subclass of Zend_infoCard_Xml_Element this shoudl never fail
            // @codeCoverageIgnoreStart
            throw new Zend_InfoCard_Xml_Exception("Failed to convert between DOM and SimpleXML");
            // @codeCoverageIgnoreEnd
        }

        return $sxe;
    }
}
KeyInfo/Default.php000060400000004347150714754330010222 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Default.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_KeyInfo_Abstract
 */
require_once 'Zend/InfoCard/Xml/KeyInfo/Abstract.php';

/**
 * Zend_InfoCard_Xml_SecurityTokenReference
 */
require_once 'Zend/InfoCard/Xml/SecurityTokenReference.php';

/**
 * An object representation of a XML <KeyInfo> block which doesn't provide a namespace
 * In this context, it is assumed to mean that it is the type of KeyInfo block which
 * contains the SecurityTokenReference
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_KeyInfo_Default extends Zend_InfoCard_Xml_KeyInfo_Abstract
{
    /**
     * Returns the object representation of the SecurityTokenReference block
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @return Zend_InfoCard_Xml_SecurityTokenReference
     */
    public function getSecurityTokenReference()
    {
        $this->registerXPathNamespace('o', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd');

        list($sectokenref) = $this->xpath('//o:SecurityTokenReference');

        if(!($sectokenref instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception('Could not locate the Security Token Reference');
        }

        return Zend_InfoCard_Xml_SecurityTokenReference::getInstance($sectokenref);
    }
}
KeyInfo/XmlDSig.php000060400000004403150714754330010136 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: XmlDSig.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_KeyInfo_Abstract
 */
require_once 'Zend/InfoCard/Xml/KeyInfo/Abstract.php';

/**
 * Zend_InfoCard_Xml_EncryptedKey
 */
require_once 'Zend/InfoCard/Xml/EncryptedKey.php';

/**
 * Zend_InfoCard_Xml_KeyInfo_Interface
 */
require_once 'Zend/InfoCard/Xml/KeyInfo/Interface.php';

/**
 * Represents a Xml Digital Signature XML Data Block
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_KeyInfo_XmlDSig
    extends Zend_InfoCard_Xml_KeyInfo_Abstract
    implements Zend_InfoCard_Xml_KeyInfo_Interface
{
    /**
     * Returns an instance of the EncryptedKey Data Block
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @return Zend_InfoCard_Xml_EncryptedKey
     */
    public function getEncryptedKey()
    {
        $this->registerXPathNamespace('e', 'http://www.w3.org/2001/04/xmlenc#');
        list($encryptedkey) = $this->xpath('//e:EncryptedKey');

        if(!($encryptedkey instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Failed to retrieve encrypted key");
        }

        return Zend_InfoCard_Xml_EncryptedKey::getInstance($encryptedkey);
    }

    /**
     * Returns the KeyInfo Block within the encrypted key
     *
     * @return Zend_InfoCard_Xml_KeyInfo_Default
     */
    public function getKeyInfo()
    {
        return $this->getEncryptedKey()->getKeyInfo();
    }
}
KeyInfo/Abstract.php000060400000002273150714754330010375 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Abstract.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Element
 */
require_once 'Zend/InfoCard/Xml/Element.php';

/**
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
abstract class Zend_InfoCard_Xml_KeyInfo_Abstract extends Zend_InfoCard_Xml_Element 
{
}
KeyInfo/Interface.php000060400000002334150714754330010530 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Interface.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
interface Zend_InfoCard_Xml_KeyInfo_Interface
{
    /**
     * Return an object representing a KeyInfo data type
     *
     * @return Zend_InfoCard_Xml_KeyInfo
     */
    public function getKeyInfo();
}
Element/Interface.php000060400000002614150714754330010556 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Interface.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * The Interface used to represent an XML Data Type
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
interface Zend_InfoCard_Xml_Element_Interface
{
    /**
     * Return the data within the object as an XML document
     */
    public function asXML();

    /**
     * Magic function which allows us to treat the object as a string to return XML
     * (same as the asXML() method)
     */
    public function __toString();
}
EncryptedData.php000060400000004631150714754330010015 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: EncryptedData.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_EncryptedData
 */
require_once 'Zend/InfoCard/Xml/Exception.php';

/**
 * A factory class for producing Zend_InfoCard_Xml_EncryptedData objects based on
 * the type of XML document provided
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
final class Zend_InfoCard_Xml_EncryptedData
{
    /**
     * Constructor (disabled)
     *
     * @return void
     */
    private function __construct()
    {
    }

    /**
     * Returns an instance of the class
     *
     * @param string $xmlData The XML EncryptedData String
     * @return Zend_InfoCard_Xml_EncryptedData_Abstract
     * @throws Zend_InfoCard_Xml_Exception
     */
    static public function getInstance($xmlData)
    {

        if($xmlData instanceof Zend_InfoCard_Xml_Element) {
            $strXmlData = $xmlData->asXML();
        } else if (is_string($xmlData)) {
            $strXmlData = $xmlData;
        } else {
            throw new Zend_InfoCard_Xml_Exception("Invalid Data provided to create instance");
        }

        $sxe = simplexml_load_string($strXmlData);

        switch($sxe['Type']) {
            case 'http://www.w3.org/2001/04/xmlenc#Element':
                include_once 'Zend/InfoCard/Xml/EncryptedData/XmlEnc.php';
                return simplexml_load_string($strXmlData, 'Zend_InfoCard_Xml_EncryptedData_XmlEnc');
            default:
                throw new Zend_InfoCard_Xml_Exception("Unknown EncryptedData type found");
        }
    }
}
EncryptedKey.php000060400000013134150714754330007672 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: EncryptedKey.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Element
 */
require_once 'Zend/InfoCard/Xml/Element.php';

/**
 * Zend_InfoCard_Xml_EncryptedKey
 */
require_once 'Zend/InfoCard/Xml/EncryptedKey.php';

/**
 * Zend_InfoCard_Xml_KeyInfo_Interface
 */
require_once 'Zend/InfoCard/Xml/KeyInfo/Interface.php';

/**
 * An object representing an Xml EncryptedKEy block
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_EncryptedKey
    extends Zend_InfoCard_Xml_Element
    implements Zend_InfoCard_Xml_KeyInfo_Interface
{
    /**
     * Return an instance of the object based on input XML Data
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @param string $xmlData The EncryptedKey XML Block
     * @return Zend_InfoCard_Xml_EncryptedKey
     */
    static public function getInstance($xmlData)
    {
        if($xmlData instanceof Zend_InfoCard_Xml_Element) {
            $strXmlData = $xmlData->asXML();
        } else if (is_string($xmlData)) {
            $strXmlData = $xmlData;
        } else {
            throw new Zend_InfoCard_Xml_Exception("Invalid Data provided to create instance");
        }

        $sxe = simplexml_load_string($strXmlData);

        if($sxe->getName() != "EncryptedKey") {
            throw new Zend_InfoCard_Xml_Exception("Invalid XML Block provided for EncryptedKey");
        }

        return simplexml_load_string($strXmlData, "Zend_InfoCard_Xml_EncryptedKey");
    }

    /**
     * Returns the Encyption Method Algorithm URI of the block
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @return string the Encryption method algorithm URI
     */
    public function getEncryptionMethod()
    {

        $this->registerXPathNamespace('e', 'http://www.w3.org/2001/04/xmlenc#');
        list($encryption_method) = $this->xpath("//e:EncryptionMethod");

        if(!($encryption_method instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Unable to find the e:EncryptionMethod KeyInfo encryption block");
        }

        $dom = self::convertToDOM($encryption_method);

        if(!$dom->hasAttribute('Algorithm')) {
            throw new Zend_InfoCard_Xml_Exception("Unable to determine the encryption algorithm in the Symmetric enc:EncryptionMethod XML block");
        }

        return $dom->getAttribute('Algorithm');

    }

    /**
     * Returns the Digest Method Algorithm URI used
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @return string the Digest Method Algorithm URI
     */
    public function getDigestMethod()
    {
        $this->registerXPathNamespace('e', 'http://www.w3.org/2001/04/xmlenc#');
        list($encryption_method) = $this->xpath("//e:EncryptionMethod");

        if(!($encryption_method instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Unable to find the e:EncryptionMethod KeyInfo encryption block");
        }

        if(!($encryption_method->DigestMethod instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Unable to find the DigestMethod block");
        }

        $dom = self::convertToDOM($encryption_method->DigestMethod);

        if(!$dom->hasAttribute('Algorithm')) {
            throw new Zend_InfoCard_Xml_Exception("Unable to determine the digest algorithm for the symmetric Keyinfo");
        }

        return $dom->getAttribute('Algorithm');

    }

    /**
     * Returns the KeyInfo block object
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @return Zend_InfoCard_Xml_KeyInfo_Abstract
     */
    public function getKeyInfo()
    {

        if(isset($this->KeyInfo)) {
            return Zend_InfoCard_Xml_KeyInfo::getInstance($this->KeyInfo);
        }

        throw new Zend_InfoCard_Xml_Exception("Unable to locate a KeyInfo block");
    }

    /**
     * Return the encrypted value of the block in base64 format
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @return string The Value of the CipherValue block in base64 format
     */
    public function getCipherValue()
    {

        $this->registerXPathNamespace('e', 'http://www.w3.org/2001/04/xmlenc#');

        list($cipherdata) = $this->xpath("//e:CipherData");

        if(!($cipherdata instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Unable to find the e:CipherData block");
        }

        $cipherdata->registerXPathNameSpace('enc', 'http://www.w3.org/2001/04/xmlenc#');
        list($ciphervalue) = $cipherdata->xpath("//enc:CipherValue");

        if(!($ciphervalue instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Unable to fidn the enc:CipherValue block");
        }

        return (string)$ciphervalue;
    }
}
KeyInfo.php000060400000005670150714754330006636 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: KeyInfo.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Element
 */
require_once 'Zend/InfoCard/Xml/Element.php';

/**
 * Factory class to return a XML KeyInfo block based on input XML
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_KeyInfo
{
    /**
     * Constructor (disabled)
     *
     * @return void
     */
    private function __construct()
    {
    }

    /**
     * Returns an instance of KeyInfo object based on the input KeyInfo XML block
     *
     * @param string $xmlData The KeyInfo XML Block
     * @return Zend_InfoCard_Xml_KeyInfo_Abstract
     * @throws Zend_InfoCard_Xml_Exception
     */
    static public function getInstance($xmlData)
    {

        if($xmlData instanceof Zend_InfoCard_Xml_Element) {
            $strXmlData = $xmlData->asXML();
        } else if (is_string($xmlData)) {
            $strXmlData = $xmlData;
        } else {
            throw new Zend_InfoCard_Xml_Exception("Invalid Data provided to create instance");
        }

        $sxe = simplexml_load_string($strXmlData);

        $namespaces = $sxe->getDocNameSpaces();

        if(!empty($namespaces)) {
            foreach($sxe->getDocNameSpaces() as $namespace) {
                switch($namespace) {
                    case 'http://www.w3.org/2000/09/xmldsig#':
                        include_once 'Zend/InfoCard/Xml/KeyInfo/XmlDSig.php';
                        return simplexml_load_string($strXmlData, 'Zend_InfoCard_Xml_KeyInfo_XmlDSig');
                    default:

                        throw new Zend_InfoCard_Xml_Exception("Unknown KeyInfo Namespace provided");
                    // We are ignoring these lines, as XDebug reports each as a "non executed" line
                    // which breaks my coverage %
                    // @codeCoverageIgnoreStart
                }
            }
        }
        // @codeCoverageIgnoreEnd

        include_once 'Zend/InfoCard/Xml/KeyInfo/Default.php';
        return simplexml_load_string($strXmlData, 'Zend_InfoCard_Xml_KeyInfo_Default');
    }
}
Assertion/Interface.php000060400000004273150714754330011137 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Interface.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * The Interface required by any InfoCard Assertion Object implemented within the component
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
interface Zend_InfoCard_Xml_Assertion_Interface
{
    /**
     * Get the Assertion ID of the assertion
     *
     * @return string The Assertion ID
     */
    public function getAssertionID();

    /**
     * Return an array of attributes (claims) contained within the assertion
     *
     * @return array An array of attributes / claims within the assertion
     */
    public function getAttributes();

    /**
     * Get the Assertion URI for this type of Assertion
     *
     * @return string the Assertion URI
     */
    public function getAssertionURI();

    /**
     * Return an array of conditions which the assertions are predicated on
     *
     * @return array an array of conditions
     */
    public function getConditions();

    /**
     * Validate the conditions array returned from the getConditions() call
     *
     * @param array $conditions An array of condtions for the assertion taken from getConditions()
     * @return mixed Boolean true on success, an array of condition, error message on failure
     */
    public function validateConditions(Array $conditions);
}
Assertion/Saml.php000060400000021013150714754330010122 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Saml.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Element
 */
require_once 'Zend/InfoCard/Xml/Element.php';

/**
 * Zend_InfoCard_Xml_Assertion_Interface
 */
require_once 'Zend/InfoCard/Xml/Assertion/Interface.php';

/**
 * A Xml Assertion Document in SAML Token format
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_Assertion_Saml
    extends Zend_InfoCard_Xml_Element
    implements Zend_InfoCard_Xml_Assertion_Interface
{

    /**
     * Audience Restriction Condition
     */
    const CONDITION_AUDIENCE = 'AudienceRestrictionCondition';

    /**
     * The URI for a 'bearer' confirmation
     */
    const CONFIRMATION_BEARER = 'urn:oasis:names:tc:SAML:1.0:cm:bearer';

    /**
     * The amount of time in seconds to buffer when checking conditions to ensure
     * that differences between client/server clocks don't interfer too much
     */
    const CONDITION_TIME_ADJ = 3600; // +- 5 minutes

    protected function _getServerName() {
        return $_SERVER['SERVER_NAME'];
    }

    protected function _getServerPort() {
        return $_SERVER['SERVER_PORT'];
    }

    /**
     * Validate the conditions array returned from the getConditions() call
     *
     * @param array $conditions An array of condtions for the assertion taken from getConditions()
     * @return mixed Boolean true on success, an array of condition, error message on failure
     */
    public function validateConditions(Array $conditions)
    {

        $currentTime = time();

        if(!empty($conditions)) {

            foreach($conditions as $condition => $conditionValue) {
                switch(strtolower($condition)) {
                    case 'audiencerestrictioncondition':

                        $serverName = $this->_getServerName();
                        $serverPort = $this->_getServerPort();

                        $self_aliases[] = $serverName;
                        $self_aliases[] = "{{$serverName}:{$serverPort}";

                        $found = false;
                        if(is_array($conditionValue)) {
                            foreach($conditionValue as $audience) {

                                list(,,$audience) = explode('/', $audience);
                                if(in_array($audience, $self_aliases)) {
                                    $found = true;
                                    break;
                                }
                            }
                        }

                        if(!$found) {
                            return array($condition, 'Could not find self in allowed audience list');
                        }

                        break;
                    case 'notbefore':
                        $notbeforetime = strtotime($conditionValue);

                        if($currentTime < $notbeforetime) {
                            if($currentTime + self::CONDITION_TIME_ADJ < $notbeforetime) {
                                return array($condition, 'Current time is before specified window');
                            }
                        }

                        break;
                    case 'notonorafter':
                        $notonoraftertime = strtotime($conditionValue);

                        if($currentTime >= $notonoraftertime) {
                            if($currentTime - self::CONDITION_TIME_ADJ >= $notonoraftertime) {
                                return array($condition, 'Current time is after specified window');
                            }
                        }

                        break;

                }
            }
        }
        return true;
    }

    /**
     * Get the Assertion URI for this type of Assertion
     *
     * @return string the Assertion URI
     */
    public function getAssertionURI()
    {
        return Zend_InfoCard_Xml_Assertion::TYPE_SAML;
    }

    /**
     * Get the Major Version of the SAML Assertion
     *
     * @return integer The major version number
     */
    public function getMajorVersion()
    {
        return (int)(string)$this['MajorVersion'];
    }

    /**
     * The Minor Version of the SAML Assertion
     *
     * @return integer The minor version number
     */
    public function getMinorVersion()
    {
        return (int)(string)$this['MinorVersion'];
    }

    /**
     * Get the Assertion ID of the assertion
     *
     * @return string The Assertion ID
     */
    public function getAssertionID()
    {
        return (string)$this['AssertionID'];
    }

    /**
     * Get the Issuer URI of the assertion
     *
     * @return string the URI of the assertion Issuer
     */
    public function getIssuer()
    {
        return (string)$this['Issuer'];
    }

    /**
     * Get the Timestamp of when the assertion was issued
     *
     * @return integer a UNIX timestamp representing when the assertion was issued
     */
    public function getIssuedTimestamp()
    {
        return strtotime((string)$this['IssueInstant']);
    }

    /**
     * Return an array of conditions which the assertions are predicated on
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @return array an array of conditions
     */
    public function getConditions()
    {

        list($conditions) = $this->xpath("//saml:Conditions");

        if(!($conditions instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Unable to find the saml:Conditions block");
        }

        $retval = array();

        foreach($conditions->children('urn:oasis:names:tc:SAML:1.0:assertion') as $key => $value) {
            switch($key) {
                case self::CONDITION_AUDIENCE:
                    foreach($value->children('urn:oasis:names:tc:SAML:1.0:assertion') as $audience_key => $audience_value) {
                        if($audience_key == 'Audience') {
                            $retval[$key][] = (string)$audience_value;
                        }
                    }
                    break;
            }
        }

        $retval['NotBefore'] = (string)$conditions['NotBefore'];
        $retval['NotOnOrAfter'] = (string)$conditions['NotOnOrAfter'];

        return $retval;
    }

    /**
     * Get they KeyInfo element for the Subject KeyInfo block
     *
     * @todo Not Yet Implemented
     * @ignore
     */
    public function getSubjectKeyInfo()
    {
        /**
         * @todo Not sure if this is part of the scope for now..
         */

        if($this->getConfirmationMethod() == self::CONFIRMATION_BEARER) {
            throw new Zend_InfoCard_Xml_Exception("Cannot get Subject Key Info when Confirmation Method was Bearer");
        }
    }

    /**
     * Return the Confirmation Method URI used in the Assertion
     *
     * @return string The confirmation method URI
     */
    public function getConfirmationMethod()
    {
        list($confirmation) = $this->xPath("//saml:ConfirmationMethod");
        return (string)$confirmation;
    }

    /**
     * Return an array of attributes (claims) contained within the assertion
     *
     * @return array An array of attributes / claims within the assertion
     */
    public function getAttributes()
    {
        $attributes = $this->xPath('//saml:Attribute');

        $retval = array();
        foreach($attributes as $key => $value) {

            $retkey = (string)$value['AttributeNamespace'].'/'.(string)$value['AttributeName'];

            $retval[$retkey]['name'] = (string)$value['AttributeName'];
            $retval[$retkey]['namespace'] = (string)$value['AttributeNamespace'];

            list($aValue) = $value->children('urn:oasis:names:tc:SAML:1.0:assertion');
            $retval[$retkey]['value'] = (string)$aValue;
        }

        return $retval;
    }
}
EncryptedData/XmlEnc.php000060400000004176150714754330011207 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: XmlEnc.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_EncryptedData/Abstract.php
 */
require_once 'Zend/InfoCard/Xml/EncryptedData/Abstract.php';

/**
 * An XmlEnc formatted EncryptedData XML block
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_EncryptedData_XmlEnc extends Zend_InfoCard_Xml_EncryptedData_Abstract
{

    /**
     * Returns the Encrypted CipherValue block from the EncryptedData XML document
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @return string The value of the CipherValue block base64 encoded
     */
    public function getCipherValue()
    {
        $this->registerXPathNamespace('enc', 'http://www.w3.org/2001/04/xmlenc#');

        list(,$cipherdata) = $this->xpath("//enc:CipherData");

        if(!($cipherdata instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Unable to find the enc:CipherData block");
        }

        list(,$ciphervalue) = $cipherdata->xpath("//enc:CipherValue");

        if(!($ciphervalue instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Unable to fidn the enc:CipherValue block");
        }

        return (string)$ciphervalue;
    }
}
EncryptedData/Abstract.php000060400000005723150714754330011563 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Abstract.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Element
 */
require_once 'Zend/InfoCard/Xml/Element.php';

/**
 * Zend_InfoCard_Xml_KeyInfo
 */
require_once 'Zend/InfoCard/Xml/KeyInfo.php';

/**
 * An abstract class representing a generic EncryptedData XML block. This class is extended
 * into a specific type of EncryptedData XML block (i.e. XmlEnc) as necessary
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
abstract class Zend_InfoCard_Xml_EncryptedData_Abstract extends Zend_InfoCard_Xml_Element
{

    /**
     * Returns the KeyInfo Block
     *
     * @return Zend_InfoCard_Xml_KeyInfo_Abstract
     */
    public function getKeyInfo()
    {
        return Zend_InfoCard_Xml_KeyInfo::getInstance($this->KeyInfo[0]);
    }

    /**
     * Return the Encryption method used to encrypt the assertion document
     * (the symmetric cipher)
     *
     * @throws Zend_InfoCard_Xml_Exception
     * @return string The URI of the Symmetric Encryption Method used
     */
    public function getEncryptionMethod()
    {

        /**
         * @todo This is pretty hacky unless we can always be confident that the first
         * EncryptionMethod block is the correct one (the AES or compariable symetric algorithm)..
         * the second is the PK method if provided.
         */
        list($encryption_method) = $this->xpath("//enc:EncryptionMethod");

        if(!($encryption_method instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Unable to find the enc:EncryptionMethod symmetric encryption block");
        }

        $dom = self::convertToDOM($encryption_method);

        if(!$dom->hasAttribute('Algorithm')) {
            throw new Zend_InfoCard_Xml_Exception("Unable to determine the encryption algorithm in the Symmetric enc:EncryptionMethod XML block");
        }

        return $dom->getAttribute('Algorithm');
    }

    /**
     * Returns the value of the encrypted block
     *
     * @return string the value of the encrypted CipherValue block
     */
    abstract function getCipherValue();
}
Security.php000060400000025621150714754330007077 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: Security.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Security_Exception
 */
require_once 'Zend/InfoCard/Xml/Security/Exception.php';

/**
 * Zend_InfoCard_Xml_Security_Transform
 */
require_once 'Zend/InfoCard/Xml/Security/Transform.php';

/**
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml_Security
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_Security
{
    /**
     * ASN.1 type INTEGER class
     */
    const ASN_TYPE_INTEGER = 0x02;

    /**
     * ASN.1 type BIT STRING class
     */
    const ASN_TYPE_BITSTRING = 0x03;

    /**
     * ASN.1 type SEQUENCE class
     */
    const ASN_TYPE_SEQUENCE = 0x30;

    /**
     * The URI for Canonical Method C14N Exclusive
     */
    const CANONICAL_METHOD_C14N_EXC = 'http://www.w3.org/2001/10/xml-exc-c14n#';

    /**
     * The URI for Signature Method SHA1
     */
    const SIGNATURE_METHOD_SHA1 = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1';

    /**
     * The URI for Digest Method SHA1
     */
    const DIGEST_METHOD_SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1';

    /**
     * The Identifier for RSA Keys
     */
    const RSA_KEY_IDENTIFIER = '300D06092A864886F70D0101010500';

    /**
     * Constructor  (disabled)
     *
     * @return void
     */
    private function __construct()
    {
    }

    /**
     * Validates the signature of a provided XML block
     *
     * @param  string $strXMLInput An XML block containing a Signature
     * @return bool True if the signature validated, false otherwise
     * @throws Zend_InfoCard_Xml_Security_Exception
     */
    static public function validateXMLSignature($strXMLInput)
    {
        if(!extension_loaded('openssl')) {
            throw new Zend_InfoCard_Xml_Security_Exception("You must have the openssl extension installed to use this class");
        }

        $sxe = simplexml_load_string($strXMLInput);

        if(!isset($sxe->Signature)) {
            throw new Zend_InfoCard_Xml_Security_Exception("Could not identify XML Signature element");
        }

        if(!isset($sxe->Signature->SignedInfo)) {
            throw new Zend_InfoCard_Xml_Security_Exception("Signature is missing a SignedInfo block");
        }

        if(!isset($sxe->Signature->SignatureValue)) {
            throw new Zend_InfoCard_Xml_Security_Exception("Signature is missing a SignatureValue block");
        }

        if(!isset($sxe->Signature->KeyInfo)) {
            throw new Zend_InfoCard_Xml_Security_Exception("Signature is missing a KeyInfo block");
        }

        if(!isset($sxe->Signature->KeyInfo->KeyValue)) {
            throw new Zend_InfoCard_Xml_Security_Exception("Signature is missing a KeyValue block");
        }

        switch((string)$sxe->Signature->SignedInfo->CanonicalizationMethod['Algorithm']) {
            case self::CANONICAL_METHOD_C14N_EXC:
                $cMethod = (string)$sxe->Signature->SignedInfo->CanonicalizationMethod['Algorithm'];
                break;
            default:
                throw new Zend_InfoCard_Xml_Security_Exception("Unknown or unsupported CanonicalizationMethod Requested");
        }

        switch((string)$sxe->Signature->SignedInfo->SignatureMethod['Algorithm']) {
            case self::SIGNATURE_METHOD_SHA1:
                $sMethod = (string)$sxe->Signature->SignedInfo->SignatureMethod['Algorithm'];
                break;
            default:
                throw new Zend_InfoCard_Xml_Security_Exception("Unknown or unsupported SignatureMethod Requested");
        }

        switch((string)$sxe->Signature->SignedInfo->Reference->DigestMethod['Algorithm']) {
            case self::DIGEST_METHOD_SHA1:
                $dMethod = (string)$sxe->Signature->SignedInfo->Reference->DigestMethod['Algorithm'];
                break;
            default:
                throw new Zend_InfoCard_Xml_Security_Exception("Unknown or unsupported DigestMethod Requested");
        }

        $base64DecodeSupportsStrictParam = version_compare(PHP_VERSION, '5.2.0', '>=');

        if ($base64DecodeSupportsStrictParam) {
            $dValue = base64_decode((string)$sxe->Signature->SignedInfo->Reference->DigestValue, true);
        } else {
            $dValue = base64_decode((string)$sxe->Signature->SignedInfo->Reference->DigestValue);
        }

        if ($base64DecodeSupportsStrictParam) {
            $signatureValue = base64_decode((string)$sxe->Signature->SignatureValue, true);
        } else {
            $signatureValue = base64_decode((string)$sxe->Signature->SignatureValue);
        }

        $transformer = new Zend_InfoCard_Xml_Security_Transform();

        foreach($sxe->Signature->SignedInfo->Reference->Transforms->children() as $transform) {
            $transformer->addTransform((string)$transform['Algorithm']);
        }

        $transformed_xml = $transformer->applyTransforms($strXMLInput);

        $transformed_xml_binhash = pack("H*", sha1($transformed_xml));

        if($transformed_xml_binhash != $dValue) {
            throw new Zend_InfoCard_Xml_Security_Exception("Locally Transformed XML does not match XML Document. Cannot Verify Signature");
        }

        $public_key = null;

        switch(true) {
            case isset($sxe->Signature->KeyInfo->KeyValue->X509Certificate):

                $certificate = (string)$sxe->Signature->KeyInfo->KeyValue->X509Certificate;


                $pem = "-----BEGIN CERTIFICATE-----\n" .
                       wordwrap($certificate, 64, "\n", true) .
                       "\n-----END CERTIFICATE-----";

                $public_key = openssl_pkey_get_public($pem);

                if(!$public_key) {
                    throw new Zend_InfoCard_Xml_Security_Exception("Unable to extract and prcoess X509 Certificate from KeyValue");
                }

                break;
            case isset($sxe->Signature->KeyInfo->KeyValue->RSAKeyValue):

                if(!isset($sxe->Signature->KeyInfo->KeyValue->RSAKeyValue->Modulus) ||
                   !isset($sxe->Signature->KeyInfo->KeyValue->RSAKeyValue->Exponent)) {
                    throw new Zend_InfoCard_Xml_Security_Exception("RSA Key Value not in Modulus/Exponent form");
                }

                $modulus = base64_decode((string)$sxe->Signature->KeyInfo->KeyValue->RSAKeyValue->Modulus);
                $exponent = base64_decode((string)$sxe->Signature->KeyInfo->KeyValue->RSAKeyValue->Exponent);

                $pem_public_key = self::_getPublicKeyFromModExp($modulus, $exponent);

                $public_key = openssl_pkey_get_public ($pem_public_key);

                break;
            default:
                throw new Zend_InfoCard_Xml_Security_Exception("Unable to determine or unsupported representation of the KeyValue block");
        }

        $transformer = new Zend_InfoCard_Xml_Security_Transform();
        $transformer->addTransform((string)$sxe->Signature->SignedInfo->CanonicalizationMethod['Algorithm']);

        // The way we are doing our XML processing requires that we specifically add this
        // (even though it's in the <Signature> parent-block).. otherwise, our canonical form
        // fails signature verification
        $sxe->Signature->SignedInfo->addAttribute('xmlns', 'http://www.w3.org/2000/09/xmldsig#');

        $canonical_signedinfo = $transformer->applyTransforms($sxe->Signature->SignedInfo->asXML());

        if(@openssl_verify($canonical_signedinfo, $signatureValue, $public_key)) {
            return (string)$sxe->Signature->SignedInfo->Reference['URI'];
        }

        return false;
    }

    /**
     * Transform an RSA Key in Modulus/Exponent format into a PEM encoding and
     * return an openssl resource for it
     *
     * @param string $modulus The RSA Modulus in binary format
     * @param string $exponent The RSA exponent in binary format
     * @return string The PEM encoded version of the key
     */
    static protected function _getPublicKeyFromModExp($modulus, $exponent)
    {
        $modulusInteger  = self::_encodeValue($modulus, self::ASN_TYPE_INTEGER);
        $exponentInteger = self::_encodeValue($exponent, self::ASN_TYPE_INTEGER);
        $modExpSequence  = self::_encodeValue($modulusInteger . $exponentInteger, self::ASN_TYPE_SEQUENCE);
        $modExpBitString = self::_encodeValue($modExpSequence, self::ASN_TYPE_BITSTRING);

        $binRsaKeyIdentifier = pack( "H*", self::RSA_KEY_IDENTIFIER );

        $publicKeySequence = self::_encodeValue($binRsaKeyIdentifier . $modExpBitString, self::ASN_TYPE_SEQUENCE);

        $publicKeyInfoBase64 = base64_encode( $publicKeySequence );

        $publicKeyString = "-----BEGIN PUBLIC KEY-----\n";
        $publicKeyString .= wordwrap($publicKeyInfoBase64, 64, "\n", true);
        $publicKeyString .= "\n-----END PUBLIC KEY-----\n";

        return $publicKeyString;
    }

    /**
     * Encode a limited set of data types into ASN.1 encoding format
     * which is used in X.509 certificates
     *
     * @param string $data The data to encode
     * @param const $type The encoding format constant
     * @return string The encoded value
     * @throws Zend_InfoCard_Xml_Security_Exception
     */
    static protected function _encodeValue($data, $type)
    {
        // Null pad some data when we get it (integer values > 128 and bitstrings)
        if( (($type == self::ASN_TYPE_INTEGER) && (ord($data) > 0x7f)) ||
            ($type == self::ASN_TYPE_BITSTRING)) {
                $data = "\0$data";
        }

        $len = strlen($data);

        // encode the value based on length of the string
        // I'm fairly confident that this is by no means a complete implementation
        // but it is enough for our purposes
        switch(true) {
            case ($len < 128):
                return sprintf("%c%c%s", $type, $len, $data);
            case ($len < 0x0100):
                return sprintf("%c%c%c%s", $type, 0x81, $len, $data);
            case ($len < 0x010000):
                return sprintf("%c%c%c%c%s", $type, 0x82, $len / 0x0100, $len % 0x0100, $data);
            default:
                throw new Zend_InfoCard_Xml_Security_Exception("Could not encode value");
        }

        throw new Zend_InfoCard_Xml_Security_Exception("Invalid code path");
    }
}SecurityTokenReference.php000060400000012701150714754330011712 0ustar00<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: SecurityTokenReference.php 9094 2008-03-30 18:36:55Z thomas $
 */

/**
 * Zend_InfoCard_Xml_Element
 */
require_once 'Zend/InfoCard/Xml/Element.php';

/**
 * Represents a SecurityTokenReference XML block
 *
 * @category   Zend
 * @package    Zend_InfoCard
 * @subpackage Zend_InfoCard_Xml
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Zend_InfoCard_Xml_SecurityTokenReference extends Zend_InfoCard_Xml_Element
{
    /**
     * Base64 Binary Encoding URI
     */
    const ENCODING_BASE64BIN = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary';

    /**
     * Return an instance of the object based on the input XML
     *
     * @param string $xmlData The SecurityTokenReference XML Block
     * @return Zend_InfoCard_Xml_SecurityTokenReference
     * @throws Zend_InfoCard_Xml_Exception
     */
    static public function getInstance($xmlData)
    {
        if($xmlData instanceof Zend_InfoCard_Xml_Element) {
            $strXmlData = $xmlData->asXML();
        } else if (is_string($xmlData)) {
            $strXmlData = $xmlData;
        } else {
            throw new Zend_InfoCard_Xml_Exception("Invalid Data provided to create instance");
        }

        $sxe = simplexml_load_string($strXmlData);

        if($sxe->getName() != "SecurityTokenReference") {
            throw new Zend_InfoCard_Xml_Exception("Invalid XML Block provided for SecurityTokenReference");
        }

        return simplexml_load_string($strXmlData, "Zend_InfoCard_Xml_SecurityTokenReference");
    }

    /**
     * Return the Key Identifier XML Object
     *
     * @return Zend_InfoCard_Xml_Element
     * @throws Zend_InfoCard_Xml_Exception
     */
    protected function _getKeyIdentifier()
    {
        $this->registerXPathNamespace('o', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd');
        list($keyident) = $this->xpath('//o:KeyIdentifier');

        if(!($keyident instanceof Zend_InfoCard_Xml_Element)) {
            throw new Zend_InfoCard_Xml_Exception("Failed to retrieve Key Identifier");
        }

        return $keyident;
    }

    /**
     * Return the Key URI identifying the thumbprint type used
     *
     * @return string The thumbprint type URI
     * @throws  Zend_InfoCard_Xml_Exception
     */
    public function getKeyThumbprintType()
    {

        $keyident = $this->_getKeyIdentifier();

        $dom = self::convertToDOM($keyident);

        if(!$dom->hasAttribute('ValueType')) {
            throw new Zend_InfoCard_Xml_Exception("Key Identifier did not provide a type for the value");
        }

        return $dom->getAttribute('ValueType');
    }


    /**
     * Return the thumbprint encoding type used as a URI
     *
     * @return string the URI of the thumbprint encoding used
     * @throws Zend_InfoCard_Xml_Exception
     */
    public function getKeyThumbprintEncodingType()
    {

        $keyident = $this->_getKeyIdentifier();

        $dom = self::convertToDOM($keyident);

        if(!$dom->hasAttribute('EncodingType')) {
            throw new Zend_InfoCard_Xml_Exception("Unable to determine the encoding type for the key identifier");
        }

        return $dom->getAttribute('EncodingType');
    }

    /**
     * Get the key reference data used to identify the public key
     *
     * @param bool $decode if true, will return a decoded version of the key
     * @return string the key reference thumbprint, either in binary or encoded form
     * @throws Zend_InfoCard_Xml_Exception
     */
    public function getKeyReference($decode = true)
    {
        $keyIdentifier = $this->_getKeyIdentifier();

        $dom = self::convertToDOM($keyIdentifier);
        $encoded = $dom->nodeValue;

        if(empty($encoded)) {
            throw new Zend_InfoCard_Xml_Exception("Could not find the Key Reference Encoded Value");
        }

        if($decode) {

            $decoded = "";
            switch($this->getKeyThumbprintEncodingType()) {
                case self::ENCODING_BASE64BIN:

                    if(version_compare(PHP_VERSION, "5.2.0", ">=")) {
                        $decoded = base64_decode($encoded, true);
                    } else {
                        $decoded = base64_decode($encoded);
                    }

                    break;
                default:
                    throw new Zend_InfoCard_Xml_Exception("Unknown Key Reference Encoding Type: {$this->getKeyThumbprintEncodingType()}");
            }

            if(!$decoded || empty($decoded)) {
                throw new Zend_InfoCard_Xml_Exception("Failed to decode key reference");
            }

            return $decoded;
        }

        return $encoded;
    }
}