public function addReference($name, $node, $type)
{
if (!$node instanceof DOMNode) {
throw new Exception('$node is not of type DOMNode');
}
$curencdoc = $this->encdoc;
$this->_resetTemplate();
$encdoc = $this->encdoc;
$this->encdoc = $curencdoc;
$refuri = DBSeller_Helper_Xml_Security_XMLSecurityDSig::generate_GUID();
$element = $encdoc->documentElement;
$element->setAttribute("Id", $refuri);
$this->references[$name] = array("node" => $node, "type" => $type, "encnode" => $encdoc, "refuri" => $refuri);
}
/**
* Realiza a validação do documento.
* @param bool $lVerificarIntegridadeDocumento true para validar a integridade do documento
* @return bool
*/
public function validar($lVerificarIntegridadeDocumento = true)
{
if ($this->getDataFinal() < new DateTime()) {
$this->lastError = self::ERRO_CERTIFICADO_VENCIDO;
return false;
}
$oXMLSecDSig = new DBSeller_Helper_Xml_Security_XMLSecurityDSig();
$oAssinatura = $oXMLSecDSig->locateSignature($this->oDomDocument);
if (empty($oAssinatura)) {
$this->lastError = self::ERRO_ASSINATURA_NAO_ENCONTRADA;
return false;
}
$oXMLSecDSig->canonicalizeSignedInfo();
if ($lVerificarIntegridadeDocumento && !$oXMLSecDSig->validateReference()) {
$this->lastError = self::ERRO_INTEGRIDADE_DOCUMENTO;
return false;
}
$oKeyData = $oXMLSecDSig->locateKey();
if (!$oKeyData) {
$this->lastError = self::ERRO_ASSINATURA_INVALIDA;
return false;
}
$objKeyInfo = DBSeller_Helper_Xml_Security_XMLSecEnc::staticLocateKeyInfo($oKeyData, $oAssinatura);
return $oXMLSecDSig->verify($objKeyInfo);
}
static function staticAdd509Cert($parentRef, $cert, $isPEMFormat = TRUE, $isURL = False, $xpath = NULL, $options = NULL)
{
if ($isURL) {
$cert = file_get_contents($cert);
}
if (!$parentRef instanceof DOMElement) {
throw new Exception('Invalid parent Node parameter');
}
$baseDoc = $parentRef->ownerDocument;
if (empty($xpath)) {
$xpath = new DOMXPath($parentRef->ownerDocument);
$xpath->registerNamespace('secdsig', DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS);
}
$query = "./secdsig:KeyInfo";
$nodeset = $xpath->query($query, $parentRef);
$keyInfo = $nodeset->item(0);
if (!$keyInfo) {
$inserted = FALSE;
$keyInfo = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'KeyInfo');
$query = "./secdsig:Object";
$nodeset = $xpath->query($query, $parentRef);
if ($sObject = $nodeset->item(0)) {
$sObject->parentNode->insertBefore($keyInfo, $sObject);
$inserted = TRUE;
}
if (!$inserted) {
$parentRef->appendChild($keyInfo);
}
}
// Add all certs if there are more than one
$certs = DBSeller_Helper_Xml_Security_XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat);
// Attach X509 data node
$x509DataNode = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509Data');
$keyInfo->appendChild($x509DataNode);
$issuerSerial = FALSE;
$subjectName = FALSE;
if (is_array($options)) {
if (!empty($options['issuerSerial'])) {
$issuerSerial = TRUE;
}
}
// Attach all certificate nodes and any additional data
foreach ($certs as $X509Cert) {
if ($issuerSerial) {
if ($certData = openssl_x509_parse("-----BEGIN CERTIFICATE-----\n" . chunk_split($X509Cert, 64, "\n") . "-----END CERTIFICATE-----\n")) {
if ($issuerSerial && !empty($certData['issuer']) && !empty($certData['serialNumber'])) {
if (is_array($certData['issuer'])) {
$parts = array();
foreach ($certData['issuer'] as $key => $value) {
array_unshift($parts, "{$key}={$value}" . $issuer);
}
$issuerName = implode(',', $parts);
} else {
$issuerName = $certData['issuer'];
}
$x509IssuerNode = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509IssuerSerial');
$x509DataNode->appendChild($x509IssuerNode);
$x509Node = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509IssuerName', $issuerName);
$x509IssuerNode->appendChild($x509Node);
$x509Node = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509SerialNumber', $certData['serialNumber']);
$x509IssuerNode->appendChild($x509Node);
}
}
}
$x509CertNode = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509Certificate', $X509Cert);
$x509DataNode->appendChild($x509CertNode);
}
}
