Creating bad signature with XMLSecurityDSig

Hi, I'm signing an xml with the following code:

public static function addSignature(\DOMElement $element, $privateKey, $privateCertificate, $publicCertificate, $x509IssuerName, $x509SerialNumber)
    {
        $x509IssuerName = true;
        $x509SerialNumber = true;
        $objDSig = new XMLSecurityDSig('');

        $objDSig->setCanonicalMethod(XMLSecurityDSig::C14N);

        $objDSig->addReference($element->parentNode, XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'));

        $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
        $objKey->passphrase = $privateKey;
        /* load private key */
        $objKey->loadKey($privateCertificate, is_file($privateCertificate));

        $objDSig->sign($objKey);

        $options = [];
        if ($x509IssuerName != null && $x509SerialNumber != null) {
            $options['issuerSerial'] = true;
            $options['subjectName'] = true;
        }
        //Check for file
        if (!is_file($publicCertificate)) {
            throw new \AppBundle\Exception\FileNotFoundException('No file for a public certificate');
        }
        /* Add associated public key */
        $objDSig->add509Cert(file_get_contents($publicCertificate), true, false, $options);

        $objDSig->appendSignature($element);

        return $element;
    }

The xml it generates is:

<ns0:CFE xmlns:ns0="http://cfe.dgi.gub.uy" version="1.0">
      <ns0:eTck>
         <ns0:TmstFirma>2018-01-30T01:42:30-02:00</ns0:TmstFirma>
         <ns0:Encabezado>
            <ns0:IdDoc>
               <ns0:TipoCFE>103</ns0:TipoCFE>
               <ns0:Serie>A</ns0:Serie>
               <ns0:Nro>15020</ns0:Nro>
               <ns0:FchEmis>2018-01-30</ns0:FchEmis>
               <ns0:FmaPago>1</ns0:FmaPago>
            </ns0:IdDoc>
            <ns0:Emisor>
               <ns0:RUCEmisor>217946920017</ns0:RUCEmisor>
               <ns0:RznSoc>TEST SRL</ns0:RznSoc>
               <ns0:CdgDGISucur>1</ns0:CdgDGISucur>
               <ns0:DomFiscal>217946920017</ns0:DomFiscal>
               <ns0:Ciudad>217946920017</ns0:Ciudad>
               <ns0:Departamento>217946920017</ns0:Departamento>
            </ns0:Emisor>
            <ns0:Receptor>
               <ns0:TipoDocRecep>2</ns0:TipoDocRecep>
               <ns0:CodPaisRecep>UY</ns0:CodPaisRecep>
               <ns0:DocRecep>219999830019</ns0:DocRecep>
               <ns0:RznSocRecep>Test</ns0:RznSocRecep>
               <ns0:DirRecep>test</ns0:DirRecep>
               <ns0:CiudadRecep>Montevideo</ns0:CiudadRecep>
            </ns0:Receptor>
            <ns0:Totales>
               <ns0:TpoMoneda>UYU</ns0:TpoMoneda>
               <ns0:MntNoGrv>20</ns0:MntNoGrv>
               <ns0:MntNetoIVATasaBasica>33</ns0:MntNetoIVATasaBasica>
               <ns0:IVATasaBasica>22</ns0:IVATasaBasica>
               <ns0:MntIVATasaBasica>33</ns0:MntIVATasaBasica>
               <ns0:MntTotal>150</ns0:MntTotal>
               <ns0:CantLinDet>1</ns0:CantLinDet>
               <ns0:MntPagar>203</ns0:MntPagar>
            </ns0:Totales>
         </ns0:Encabezado>
         <ns0:Detalle>
            <ns0:Item>
               <ns0:NroLinDet>1</ns0:NroLinDet>
               <ns0:IndFact>1</ns0:IndFact>
               <ns0:NomItem>Trabajo 1</ns0:NomItem>
               <ns0:Cantidad>1</ns0:Cantidad>
               <ns0:UniMed>Un</ns0:UniMed>
               <ns0:PrecioUnitario>150</ns0:PrecioUnitario>
               <ns0:MontoItem>150</ns0:MontoItem>
            </ns0:Item>
         </ns0:Detalle>
         <ns0:CAEData>
            <ns0:CAE_ID>15020</ns0:CAE_ID>
            <ns0:DNro>15001</ns0:DNro>
            <ns0:HNro>20000</ns0:HNro>
            <ns0:FecVenc>2019-01-04</ns0:FecVenc>
         </ns0:CAEData>
      </ns0:eTck>
      <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
         <SignedInfo>
            <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
            <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
            <Reference URI="#pfxf4152757-29a2-c6b6-b3d7-709ccb81f9e8">
               <Transforms>
                  <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
               </Transforms>
               <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
               <DigestValue>TW2AxA3eUrESwxQvaWjVQcTAFCM=</DigestValue>
            </Reference>
         </SignedInfo>
         <SignatureValue>HEJAcnvGNFGj5OTtexYmgsjYgouT9gKsZGiLbT85yGJLrKuWyQvuhKdenvuYqBk4E51Aq7IkpPqe8PSQYmifR2VNRj9OBhOKBFNv8DcE7qb32IgsTVayv4exzSg5FuA8xODs/1Lg6As15R8q1FROaGtRaRoB2u2O/ICElQjrXi4xIcoWXbilCW+kyI6N9A2sxucuN5aS866wMdfqbjTLiF5dyC222yhAjKNSvnzBOJmdJZYJ/Sa56VwT1g9HtHnCEgyv4EVYucuOjUPtSh0gLNzMWy5oVBX1SZMdXfSHhwTTJpSAnHq8OPir3+llPk9sLc2osJT0Mz26CrJYmr3rqw==</SignatureValue>
         <KeyInfo>
            <X509Data>
               <X509SubjectName>CN=billit,O=billit uruguay srl,serialNumber=RUC217946920017,ST=Montevideo,C=UY</X509SubjectName>
               <X509IssuerSerial>
                  <X509IssuerName>CN=Abitab,OU=ID digital,O=Abitab S.A.,L=Montevideo,C=UY</X509IssuerName>
                  <X509SerialNumber>24662479416612290898333642498842669033391054462</X509SerialNumber>
               </X509IssuerSerial>
               <X509Certificate>MIIGdTCCBF2gAwIBAgIUBFHnYRQovu7xkrkqzOJwPhlG3n4wDQYJKoZIhvcNAQELBQAwXjELMAkGA1UEBhMCVVkxEzARBgNVBAcTCk1vbnRldmlkZW8xFDASBgNVBAoTC0FiaXRhYiBTLkEuMRMwEQYDVQQLEwpJRCBkaWdpdGFsMQ8wDQYDVQQDEwZBYml0YWIwHhcNMTcxMTAxMTk1NTMwWhcNMTgxMTAxMTk1NTMwWjBqMQswCQYDVQQGEwJVWTETMBEGA1UECBMKTW9udGV2aWRlbzEYMBYGA1UEBRMPUlVDMjE3OTQ2OTIwMDE3MRswGQYDVQQKExJiaWxsaXQgdXJ1Z3VheSBzcmwxDzANBgNVBAMTBmJpbGxpdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANzrmre71OFdpHJI6JHOmUQQVMetFSJrbnbk0S+hT0XSLjzSNBgS0RAJVl2WfoZrj7kAovcg0Pp3zZUf/At3A2FJGerleWkQenzuM26aHBProltvgJJ8UB+HZMyMgzsz6+3k+swkk3J4NrGPThzLcW5trRhCLXEGCIe+EOiS4eOGidGqeLxMUWFYCVbo5nlRUKvyNVjFw9cHeuBmS8yPTRANbWcFcAK6+jlm8aAI8wOh9JNfrBR/L/Hg2IqLH42dLNR0+qbD103ho1MOynMZDN+9nblkw2gPGiJj1kJj7VWLpVxuiP0mBOhgy+D31EF2iybQK3oGgwZOg3Xzt4cqF8UCAwEAAaOCAh0wggIZMH8GCCsGAQUFBwEBBHMwcTA1BggrBgEFBQcwAoYpaHR0cDovL3d3dy5pZC5jb20udXkvcmVzb3VyY2VzL0FiaXRhYi5jcnQwOAYIKwYBBQUHMAGGLGh0dHA6Ly93d3cuaWQuY29tLnV5L2FzZi9zZXJ2bGV0L09DU1BTZXJ2bGV0MA4GA1UdDwEB/wQEAwIE8DAMBgNVHRMBAf8EAjAAME4GA1UdHwRHMEUwQ6BBoD+GPWh0dHA6Ly93d3cuaWQuY29tLnV5L3Jlc291cmNlcy9jcmxfaWRfZGlnaXRhbF9wa2lfdXJ1Z3VheS5jcmwwgdIGA1UdIASByjCBxzBkBgtghlqE4q4dhIgFBDBVMFMGCCsGAQUFBwIBFkdodHRwOi8vdWNlLmd1Yi51eS9pbmZvcm1hY2lvbi10ZWNuaWNhL3BvbGl0aWNhcy9jcF9wZXJzb25hX2p1cmlkaWNhLnBkZjBfBgtghlqE4q4dhIgFBzBQME4GCCsGAQUFBwIBFkJodHRwOi8vd3d3LmlkLmNvbS51eS9yZXNvdXJjZXMvY3BzX2lkX2Zpcm1hRWxlY3Ryb25pY2FBdmFuemFkYS5wZGYwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0OBBYEFDbaJGhZXhCsvKOjHqNMd/1ijHnKMB8GA1UdIwQYMBaAFA0T1vbGKKbnxbeH0SScn5Pw6B07MA0GCSqGSIb3DQEBCwUAA4ICAQCCV80m6aBsavtT+i/WOGDh3uCpKBgx8lZlvLk4FQ50MQc1+CrDAbe+2wuFNh0Uo0WMALJRABwGavaRyGEuojCPLmP5WaYgY4QTHXvTqlta6YaoFHTR6OY0x1wQQDcAagVxNMSvzGK2l/PL7RcU4mRRK2tYqDJXp5j7gR33LqIh8dj1El9D4LhLY+8GSTRJTrrow1wB+HuFlCmCvRZxEZG7YgtyPzVcq+XLNiyeosEhGo4b9XcO8vikZ34O8SPyk8PY2asKwt6UPu2sQbm3B68Q+ZplwfKKLDOPMI8LIY5mfI2cH8BFicIrpuHr4z7FPpb4H+dlUAHLMLT4G9XxZn+FafpaxpiEFZI/XutqjSVFJXk057bAhdV3ti7JmHAQeP6EcO4HoHzp9lohhAMwwdlKpfFlWveSQUqDF6DTc2rbUUhcdbR4tszaADx/P6U4dtMrNX2rzKquyD4Hr7m8ns76QJcLUEwVqx8bONOQkGgB0TCbjHm7VniS0TmUNZzwyWLXYuAChsfMCKbyWhDe7FuATS5BtHM0OWQfiW5iDJo4XX9+kXDTcDAu7SUbco3MsOTV4araS2KzjxPd6QbZYTrvYKaxSMynOcxsP2u5u8NL7mqHpCODQePTcMSJK58aX6fvF0hzuiSIiUKzneuSfwiBSYy7CAZnLsC/nzl3oIG2dg==</X509Certificate>
            </X509Data>
         </KeyInfo>
      </Signature>
   </ns0:CFE>

I validate the signature using this: http://www.oracle.com/technetwork/articles/javase/dig-signature-api-140772.html an is always false. First it adds an URI on the reference tag that is incorrect, but it always validate wrong.

What I'm doing wrong ? Regards.

robrichards / xmlseclibs

Creating bad signature with XMLSecurityDSig #151