static function staticAdd509Cert($parentRef, $cert, $isPEMFormat = TRUE, $isURL = False, $xpath = NULL, $options = NULL) { if ($isURL) { $cert = file_get_contents($cert); } if (!$parentRef instanceof DOMElement) { throw new Exception('Invalid parent Node parameter'); } $baseDoc = $parentRef->ownerDocument; if (empty($xpath)) { $xpath = new DOMXPath($parentRef->ownerDocument); $xpath->registerNamespace('secdsig', DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS); } $query = "./secdsig:KeyInfo"; $nodeset = $xpath->query($query, $parentRef); $keyInfo = $nodeset->item(0); if (!$keyInfo) { $inserted = FALSE; $keyInfo = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'KeyInfo'); $query = "./secdsig:Object"; $nodeset = $xpath->query($query, $parentRef); if ($sObject = $nodeset->item(0)) { $sObject->parentNode->insertBefore($keyInfo, $sObject); $inserted = TRUE; } if (!$inserted) { $parentRef->appendChild($keyInfo); } } // Add all certs if there are more than one $certs = DBSeller_Helper_Xml_Security_XMLSecurityDSig::staticGet509XCerts($cert, $isPEMFormat); // Attach X509 data node $x509DataNode = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509Data'); $keyInfo->appendChild($x509DataNode); $issuerSerial = FALSE; $subjectName = FALSE; if (is_array($options)) { if (!empty($options['issuerSerial'])) { $issuerSerial = TRUE; } } // Attach all certificate nodes and any additional data foreach ($certs as $X509Cert) { if ($issuerSerial) { if ($certData = openssl_x509_parse("-----BEGIN CERTIFICATE-----\n" . chunk_split($X509Cert, 64, "\n") . "-----END CERTIFICATE-----\n")) { if ($issuerSerial && !empty($certData['issuer']) && !empty($certData['serialNumber'])) { if (is_array($certData['issuer'])) { $parts = array(); foreach ($certData['issuer'] as $key => $value) { array_unshift($parts, "{$key}={$value}" . $issuer); } $issuerName = implode(',', $parts); } else { $issuerName = $certData['issuer']; } $x509IssuerNode = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509IssuerSerial'); $x509DataNode->appendChild($x509IssuerNode); $x509Node = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509IssuerName', $issuerName); $x509IssuerNode->appendChild($x509Node); $x509Node = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509SerialNumber', $certData['serialNumber']); $x509IssuerNode->appendChild($x509Node); } } } $x509CertNode = $baseDoc->createElementNS(DBSeller_Helper_Xml_Security_XMLSecurityDSig::XMLDSIGNS, 'X509Certificate', $X509Cert); $x509DataNode->appendChild($x509CertNode); } }