Adds support for signing a specific node identified by id

bseddon · Feb 26, 2022 · 1f6fb68 · 1f6fb68
1 parent 48a37a7
commit 1f6fb68
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 2 deletions.
diff --git a/src/InputResourceInfo.php b/src/InputResourceInfo.php
@@ -46,6 +46,13 @@ class InputResourceInfo extends BaseInputResourceInfo
 	 */
 	public $hugeFile = false;
 
+	/**
+	 * The value of an id to select when signing
+	 *
+	 * @var string
+	 */
+	public $uri = null;
+
 	/**
 	 * Returns true if the transforms contains one that is enveloped
 	 *

diff --git a/src/XAdES.php b/src/XAdES.php
@@ -475,9 +475,23 @@ public function signXAdESFile( $xmlResource, $certificateResource, $keyResource
 			)
 		);
 
+		// Check if a URI has been given that might be an Id
+		$node = $doc;
+		if ( ! $xmlResource->detached && $xmlResource->uri && ! filter_var( $xmlResource->uri, FILTER_VALIDATE_URL ) )
+		{
+			$node = false;
+			$xpath = new \DOMXPath( $doc );
+			$nodes = $xpath->query( "//*[@Id='{$xmlResource->uri}']" );
+			if ( $nodes && $nodes->count() )
+			{
+				$node = $nodes[0];
+				$xmlResource->uri = '#' . $xmlResource->uri;
+			}
+		}
+
 		// Sign using SHA-256
 		$this->addReference(
-			$doc, // Content
+			$node, // Content
 			XMLSecurityDSig::SHA256, // Algorithm
 			$xmlResource->convertTransforms( ! $xmlResource->detached ), // Transforms
 			array( // Options
@@ -486,7 +500,7 @@ public function signXAdESFile( $xmlResource, $certificateResource, $keyResource
 						? XMLSecurityDSig::encodedUrl( parse_url( $xmlResource->resource ) ) 
 						: basename( $xmlResource->resource )
 					  )
-					: true,
+					: $xmlResource->uri ?? true,
 				'id' => $referenceId,
 			)
 		);