/**
* Método que firma un XML utilizando RSA y SHA1
*
* Referencia: http://www.di-mgt.com.au/xmldsig2.html
*
* @param xml Datos XML que se desean firmar
* @param reference Referencia a la que hace la firma
* @return XML firmado o =false si no se pudo fimar
* @author Esteban De La Fuente Rubio, DeLaF (esteban[at]sasco.cl)
* @version 2015-09-02
*/
public function signXML($xml, $reference = '', $tag = null, $xmlns_xsi = false)
{
$doc = new XML();
$doc->loadXML($xml);
// crear nodo para la firma
$Signature = $doc->importNode((new XML())->generate(['Signature' => ['@attributes' => ['xmlns' => 'http://www.w3.org/2000/09/xmldsig#'], 'SignedInfo' => ['@attributes' => ['xmlns' => 'http://www.w3.org/2000/09/xmldsig#', 'xmlns:xsi' => $xmlns_xsi ? 'http://www.w3.org/2001/XMLSchema-instance' : false], 'CanonicalizationMethod' => ['@attributes' => ['Algorithm' => 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315']], 'SignatureMethod' => ['@attributes' => ['Algorithm' => 'http://www.w3.org/2000/09/xmldsig#rsa-sha1']], 'Reference' => ['@attributes' => ['URI' => $reference], 'Transforms' => ['Transform' => ['@attributes' => ['Algorithm' => 'http://www.w3.org/2000/09/xmldsig#enveloped-signature']]], 'DigestMethod' => ['@attributes' => ['Algorithm' => 'http://www.w3.org/2000/09/xmldsig#sha1']], 'DigestValue' => null]], 'SignatureValue' => null, 'KeyInfo' => ['KeyValue' => ['RSAKeyValue' => ['Modulus' => null, 'Exponent' => null]], 'X509Data' => ['X509Certificate' => null]]]])->documentElement, true);
// calcular DigestValue
if ($tag) {
$digest = base64_encode(sha1($doc->documentElement->getElementsByTagName($tag)->item(0)->C14N(), true));
} else {
$digest = base64_encode(sha1($doc->C14N(), true));
}
$Signature->getElementsByTagName('DigestValue')->item(0)->nodeValue = $digest;
// calcular SignatureValue
$SignedInfo = $doc->saveHTML($Signature->getElementsByTagName('SignedInfo')->item(0));
$firma = $this->sign($SignedInfo);
if (!$firma) {
return false;
}
$signature = wordwrap($firma, $this->config['wordwrap'], "\n", true);
// reemplazar valores en la firma de
$Signature->getElementsByTagName('SignatureValue')->item(0)->nodeValue = $signature;
$Signature->getElementsByTagName('Modulus')->item(0)->nodeValue = $this->getModulus();
$Signature->getElementsByTagName('Exponent')->item(0)->nodeValue = $this->getExponent();
$Signature->getElementsByTagName('X509Certificate')->item(0)->nodeValue = $this->getCertificate(true);
// agregar y entregar firma
$doc->documentElement->appendChild($Signature);
return $doc->saveXML();
}
