Esempio n. 1
0
 public function signSoapDoc($objKey, $options = null)
 {
     $objDSig = new XMLSecurityDSig();
     $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
     $arNodes = array();
     foreach ($this->secNode->childNodes as $node) {
         if ($node->nodeType == XML_ELEMENT_NODE) {
             $arNodes[] = $node;
         }
     }
     if ($this->signAllHeaders) {
         foreach ($this->secNode->parentNode->childNodes as $node) {
             if ($node->nodeType == XML_ELEMENT_NODE && $node->namespaceURI != self::WSSENS) {
                 $arNodes[] = $node;
             }
         }
     }
     if ($this->signBody) {
         foreach ($this->envelope->childNodes as $node) {
             if ($node->namespaceURI == $this->soapNS && $node->localName == 'Body') {
                 $arNodes[] = $node;
                 break;
             }
         }
     }
     $algorithm = XMLSecurityDSig::SHA1;
     if (is_array($options) && isset($options['algorithm'])) {
         $algorithm = $options['algorithm'];
     }
     $arOptions = array('prefix' => self::WSUPFX, 'prefix_ns' => self::WSUNS);
     $objDSig->addReferenceList($arNodes, $algorithm, null, $arOptions);
     $objDSig->sign($objKey);
     $insertTop = true;
     if (is_array($options) && isset($options['insertBefore'])) {
         $insertTop = (bool) $options['insertBefore'];
     }
     $objDSig->appendSignature($this->secNode, $insertTop);
     /* New suff */
     if (is_array($options)) {
         if (!empty($options['KeyInfo'])) {
             if (!empty($options['KeyInfo']['X509SubjectKeyIdentifier'])) {
                 $sigNode = $this->secNode->firstChild->nextSibling;
                 $objDoc = $sigNode->ownerDocument;
                 $keyInfo = $sigNode->ownerDocument->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo');
                 $sigNode->appendChild($keyInfo);
                 $tokenRef = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':SecurityTokenReference');
                 $keyInfo->appendChild($tokenRef);
                 $reference = $objDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':KeyIdentifier');
                 $reference->setAttribute('ValueType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier');
                 $reference->setAttribute('EncodingType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary');
                 $tokenRef->appendChild($reference);
                 $x509 = openssl_x509_parse($objKey->getX509Certificate());
                 $keyid = $x509['extensions']['subjectKeyIdentifier'];
                 $arkeyid = split(':', $keyid);
                 $data = '';
                 foreach ($arkeyid as $hexchar) {
                     $data .= chr(hexdec($hexchar));
                 }
                 $dataNode = new DOMText(base64_encode($data));
                 $reference->appendChild($dataNode);
             }
         }
     }
 }