From f46e38a6834a0c992b816f9914ddf0ef4e75f699 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Fri, 10 Sep 2010 13:14:35 +0000
Subject: [PATCH] Log encrypted and decrypted messages.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2544 44740490-163a-0410-bde0-09ae8108e29a
---
 config-templates/config.php      |  2 ++
 lib/SAML2/EncryptedAssertion.php |  7 +++++++
 lib/SimpleSAML/Utilities.php     | 18 ++++++++++++++----
 3 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/config-templates/config.php b/config-templates/config.php
index d553a502b..11e22bcaf 100644
--- a/config-templates/config.php
+++ b/config-templates/config.php
@@ -28,6 +28,8 @@ $config = array (
 	 * If you enable this option, simpleSAMLphp will log all sent and received messages
 	 * to the log file.
 	 *
+	 * This option also enables logging of the messages that are encrypted and decrypted.
+	 *
 	 * Note: The messages are logged with the DEBUG log level, so you also need to set
 	 * the 'logging.level' option to LOG_DEBUG.
 	 */
diff --git a/lib/SAML2/EncryptedAssertion.php b/lib/SAML2/EncryptedAssertion.php
index 07bf4432c..5084ebb6d 100644
--- a/lib/SAML2/EncryptedAssertion.php
+++ b/lib/SAML2/EncryptedAssertion.php
@@ -46,6 +46,9 @@ class SAML2_EncryptedAssertion {
 
 		$xml = $assertion->toXML();
 
+		$xmlStr = $xml->ownerDocument->saveXML($xml);
+		SimpleSAML_Utilities::debugMessage($xmlStr, 'encrypt');
+
 		$enc = new XMLSecEnc();
 		$enc->setNode($xml);
 		$enc->type = XMLSecEnc::Element;
@@ -84,6 +87,10 @@ class SAML2_EncryptedAssertion {
 	public function getAssertion(XMLSecurityKey $inputKey) {
 
 		$assertionXML = SAML2_Utils::decryptElement($this->encryptedData, $inputKey);
+
+		$xmlStr = $assertionXML->ownerDocument->saveXML($assertionXML);
+		SimpleSAML_Utilities::debugMessage($xmlStr, 'decrypt');
+
 		return new SAML2_Assertion($assertionXML);
 	}
 
diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index 02057ee25..95b165c18 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -1911,11 +1911,10 @@ class SimpleSAML_Utilities {
 	 * Helper function to log messages that we send or receive.
 	 *
 	 * @param string $message  The message, as an XML string.
-	 * @param string $type  Whether this message is sent or received.
+	 * @param string $type  Whether this message is sent or received, encrypted or decrypted.
 	 */
 	public static function debugMessage($message, $type) {
 		assert('is_string($message)');
-		assert('$type === "out" || $type === "in"');
 
 		$globalConfig = SimpleSAML_Configuration::getInstance();
 		if (!$globalConfig->getBoolean('debug', FALSE)) {
@@ -1923,10 +1922,21 @@ class SimpleSAML_Utilities {
 			return;
 		}
 
-		if ($type === 'in') {
+		switch ($type) {
+		case 'in':
 			SimpleSAML_Logger::debug('Received message:');
-		} else {
+			break;
+		case 'out':
 			SimpleSAML_Logger::debug('Sending message:');
+			break;
+		case 'decrypt':
+			SimpleSAML_Logger::debug('Decrypted message:');
+			break;
+		case 'encrypt':
+			SimpleSAML_Logger::debug('Encrypted message:');
+			break;
+		default:
+			assert(FALSE);
 		}
 
 		$str = self::formatXMLString($message);
-- 
GitLab