From 1f6fb68af6db14f1a13d32de71bfc8596bfcdb4b Mon Sep 17 00:00:00 2001 From: bseddon Date: Sat, 26 Feb 2022 23:47:31 +0000 Subject: [PATCH] Adds support for signing a specific node identified by id --- src/InputResourceInfo.php | 7 +++++++ src/XAdES.php | 18 ++++++++++++++++-- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/src/InputResourceInfo.php b/src/InputResourceInfo.php index 468e809..22d5e9b 100644 --- a/src/InputResourceInfo.php +++ b/src/InputResourceInfo.php @@ -46,6 +46,13 @@ class InputResourceInfo extends BaseInputResourceInfo */ public $hugeFile = false; + /** + * The value of an id to select when signing + * + * @var string + */ + public $uri = null; + /** * Returns true if the transforms contains one that is enveloped * diff --git a/src/XAdES.php b/src/XAdES.php index 7522312..cb23f1a 100644 --- a/src/XAdES.php +++ b/src/XAdES.php @@ -475,9 +475,23 @@ public function signXAdESFile( $xmlResource, $certificateResource, $keyResource ) ); + // Check if a URI has been given that might be an Id + $node = $doc; + if ( ! $xmlResource->detached && $xmlResource->uri && ! filter_var( $xmlResource->uri, FILTER_VALIDATE_URL ) ) + { + $node = false; + $xpath = new \DOMXPath( $doc ); + $nodes = $xpath->query( "//*[@Id='{$xmlResource->uri}']" ); + if ( $nodes && $nodes->count() ) + { + $node = $nodes[0]; + $xmlResource->uri = '#' . $xmlResource->uri; + } + } + // Sign using SHA-256 $this->addReference( - $doc, // Content + $node, // Content XMLSecurityDSig::SHA256, // Algorithm $xmlResource->convertTransforms( ! $xmlResource->detached ), // Transforms array( // Options @@ -486,7 +500,7 @@ public function signXAdESFile( $xmlResource, $certificateResource, $keyResource ? XMLSecurityDSig::encodedUrl( parse_url( $xmlResource->resource ) ) : basename( $xmlResource->resource ) ) - : true, + : $xmlResource->uri ?? true, 'id' => $referenceId, ) );