public function signSoapDoc($objKey, $options = NULL) { $objDSig = new XMLSecurityDSig(); $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); $arNodes = array(); foreach ($this->secNode->childNodes as $node) { if ($node->nodeType == XML_ELEMENT_NODE) { $arNodes[] = $node; } } if ($this->signAllHeaders) { foreach ($this->secNode->parentNode->childNodes as $node) { if ($node->nodeType == XML_ELEMENT_NODE && $node->namespaceURI != WSSESoap::WSSENS) { $arNodes[] = $node; } } } foreach ($this->envelope->childNodes as $node) { if ($node->namespaceURI == $this->soapNS && $node->localName == 'Body') { $arNodes[] = $node; break; } } $algorithm = XMLSecurityDSig::SHA1; if (is_array($options) && isset($options["algorithm"])) { $algorithm = $options["algorithm"]; } $arOptions = array('prefix' => WSSESoap::WSUPFX, 'prefix_ns' => WSSESoap::WSUNS); $objDSig->addReferenceList($arNodes, $algorithm, NULL, $arOptions); $objDSig->sign($objKey); $insertTop = TRUE; if (is_array($options) && isset($options["insertBefore"])) { $insertTop = (bool) $options["insertBefore"]; } $objDSig->appendSignature($this->secNode, $insertTop); /* New suff */ if (is_array($options)) { if (!empty($options["KeyInfo"])) { if (!empty($options["KeyInfo"]["X509SubjectKeyIdentifier"])) { $sigNode = $this->secNode->firstChild->nextSibling; $objDoc = $sigNode->ownerDocument; $keyInfo = $sigNode->ownerDocument->createElementNS(XMLSecurityDSig::XMLDSIGNS, 'ds:KeyInfo'); $sigNode->appendChild($keyInfo); $tokenRef = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX . ':SecurityTokenReference'); $keyInfo->appendChild($tokenRef); $reference = $objDoc->createElementNS(WSSESoap::WSSENS, WSSESoap::WSSEPFX . ':KeyIdentifier'); $reference->setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"); $reference->setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"); $tokenRef->appendChild($reference); $x509 = openssl_x509_parse($objKey->getX509Certificate()); $keyid = $x509["extensions"]["subjectKeyIdentifier"]; $arkeyid = explode(":", $keyid); $data = ""; foreach ($arkeyid as $hexchar) { $data .= chr(hexdec($hexchar)); } $dataNode = new DOMText(base64_encode($data)); $reference->appendChild($dataNode); } } } }