Skip to content
Snippets Groups Projects
Commit b28a1f7e authored by Olav Morken's avatar Olav Morken
Browse files

Do not show detailed exceptions about decryption failures.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2951 44740490-163a-0410-bde0-09ae8108e29a
parent 59e666c5
No related branches found
No related tags found
No related merge requests found
......@@ -297,11 +297,13 @@ class SAML2_Utils {
/**
* Decrypt an encrypted element.
*
* This is an internal helper function.
*
* @param DOMElement $encryptedData The encrypted data.
* @param XMLSecurityKey $inputKey The decryption key.
* @return DOMElement The decrypted element.
*/
public static function decryptElement(DOMElement $encryptedData, XMLSecurityKey $inputKey) {
private static function _decryptElement(DOMElement $encryptedData, XMLSecurityKey $inputKey) {
$enc = new XMLSecEnc();
......@@ -372,10 +374,36 @@ class SAML2_Utils {
throw new Exception('Missing encrypted element.');
}
if (!($decryptedElement instanceof DOMElement)) {
throw new Exception('Decrypted element was not actually a DOMElement.');
}
return $decryptedElement;
}
/**
* Decrypt an encrypted element.
*
* @param DOMElement $encryptedData The encrypted data.
* @param XMLSecurityKey $inputKey The decryption key.
* @return DOMElement The decrypted element.
*/
public static function decryptElement(DOMElement $encryptedData, XMLSecurityKey $inputKey) {
try {
return self::_decryptElement($encryptedData, $inputKey);
} catch (Exception $e) {
/*
* Something went wrong during decryption, but for security
* reasons we cannot tell the user what failed.
*/
SimpleSAML_Logger::error('Decryption failed: ' . $e->getMessage());
throw new Exception('Failed to decrypt XML element.');
}
}
/**
* Extract localized strings from a set of nodes.
*
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment