search

robrichards / xmlseclibs

A PHP library for XML Security
BSD 3-Clause "New" or "Revised" License
387 stars 181 forks source link

Signing complex XML #190

Open jecorrales opened 5 years ago

jecorrales commented 5 years ago

Hi, regards.

I'm making a small signature in a XML file (all it's ok until here), but, the request from the service it's more complicated than the examples (I'm new in this world of XML and WebServices); doesn't matter the algorithm to use (SHA1, SHA256):.

There are many nodes with different attributes, what I have been able to achieve with the library is very basic for what they are asking me. This is only a fraction of the document, the rest of the document is very extensive so I refrain from adding all the XML.

The example has the signature inside this tag

<ext:UBLExtension>
  <ext:ExtensionContent/>
</ext:UBLExtension>

Example of XML (to the point that I must arrive)

<ext:UBLExtension>
  <ext:ExtensionContent>
    <ds:Signature Id="xmldsig-e2f27048-53c6-4130-bf5e-5915089e9807">
      <ds:SignedInfo>
        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n20010315"/>
        <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
        <ds:Reference Id="xmldsig-e2f27048-53c6-4130-bf5e-5915089e9807-ref0" URI="">
          <ds:Transforms>
            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#envelopedsignature"/>
          </ds:Transforms>
          <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
          <ds:DigestValue>nQoslfKNH9/a7YoLBXFYsyTkBJ8=</ds:DigestValue>
        </ds:Reference>
        <ds:Reference URI="#xmldsig-87d128b5-aa31-4f0b-8e45-3d9cfa0eec26-keyinfo">
          <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
          <ds:DigestValue>0iE/FGZgLfbnV9DhUaDBBVPjn44=</ds:DigestValue>
        </ds:Reference>
        <ds:Reference Type="http://uri.etsi.org/01903#SignedProperties" URI="#xmldsig-e2f27048-53c6-4130-bf5e-5915089e9807-signedprops">
          <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
          <ds:DigestValue>4VZaJAZGvxifoGYetOYuOEuZUrE=</ds:DigestValue>
        </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue Id="xmldsig-e2f27048-53c6-4130-bf5e-5915089e9807-sigvalue">
        Ijd7mzeBj4NV/F+EyP7WQO13Bi1wLNFFyvQPmiXgcTQ9zBYtuTWNeUS+vk425vrA1ghgC8V
        fpem9ODzhe/gsV5R82Ya9Dp3Ek6SDIoJYsD1nFEaq5h1Gt56iMr+hPEvyvR6ddQl+n4sRhmLCKvKV3
        JgeL8MvAx6Bg+m8Z7sQVdbBjLE/4oSdN+jo8DpUQrPuKMg0ZRmMEBp4LGbljQE0esFLG0cHml
        LeFEZH
      </ds:SignatureValue>
      <ds:KeyInfo Id="xmldsig-87d128b5-aa31-4f0b-8e45-3d9cfa0eec26-keyinfo">
        <ds:X509Data>
          <ds:X509Certificate>
            MIIILDCCBhSgAwIBAgIIfq9P6xyRMBEwDQYJKoZIhvcNAQELBQAwgbQxIzAhBgkqhkiG9w0B
            CQEWFGluZm9AYW5kZXNzY2QuY29tLmNvMSMwIQYDVQQDExpDQSBBTkRFUyBTQ0QgUy5BLiB
            DbGFzZSBJSTEwMC4GA1UECxMnRGl2aXNpb24gZGUgY2VydGlmaWNhY2lvbiBlbnRpZGFkIGZpbmFsM
            RMwEQYD
          </ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <ds:Object>
        <xades:QualifyingProperties Target="#xmldsig-e2f27048-53c6-4130-bf5e-5915089e9807">
          <xades:SignedProperties Id="xmldsig-e2f27048-53c6-4130-bf5e-5915089e9807- signedprops">
            <xades:SignedSignatureProperties>
              <xades:SigningTime>2015-09-04T20:06:27.100-05:00</xades:SigningTime>
              <xades:SigningCertificate>
                <xades:Cert>
                  <xades:CertDigest>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <ds:DigestValue>2el6MfWvYsvEaa/TV513a7tVK0g=</ds:DigestValue>
                  </xades:CertDigest>
                  <xades:IssuerSerial>
                    <ds:X509IssuerName>
                      C=CO,L=Bogota D.C.,O=Andes SCD.,OU=Division de certificacion entidad
                      final,CN=Ficticious ECD Colombia Clase
                      II,1.2.840.113549.1.9.1=#1614696e666f40616e6465737363642e636f6d2e636f
                    </ds:X509IssuerName>
                    <ds:X509SerialNumber>9128602840918470673</ds:X509SerialNumber>
                  </xades:IssuerSerial>
                </xades:Cert>
                <xades:Cert>
                  <xades:CertDigest>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>
                      YGJTXnOzmebG2Mc6A/QapNi1PRA=
                    </ds:DigestValue>
                  </xades:CertDigest>
                  <xades:IssuerSerial>
                    <ds:X509IssuerName>
                      C=CO,L=Bogota D.C.,O=Andes SCD,OU=Division de certificacion,CN=Sub CA Ficticious ECD
                      Colombia
                      S.A.,1.2.840.113549.1.9.1=#1614696e666f40616e6465737363642e636f6d2e636f
                    </ds:X509IssuerName>
                    <ds:X509SerialNumber>7958418607150926283</ds:X509SerialNumber>
                  </xades:IssuerSerial>
                </xades:Cert>
                <xades:Cert>
                  <xades:CertDigest>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <ds:DigestValue>6EVr7OINyc49AgvNkie19xul55c=</ds:DigestValue>
                  </xades:CertDigest>
                  <xades:IssuerSerial>
                    <ds:X509IssuerName>
                      C=CO,L=Bogota D.C.,O=Andes SCD,OU=Division de certificacion,CN=ROOT CA Ficticious
                      ECD Colombia
                      S.A.,1.2.840.113549.1.9.1=#1614696e666f40616e6465737363642e636f6d2e636f
                    </ds:X509IssuerName>
                    <ds:X509SerialNumber>3248112716520923666</ds:X509SerialNumber>
                  </xades:IssuerSerial>
                </xades:Cert>
              </xades:SigningCertificate>
              <xades:SignaturePolicyIdentifier>
                <xades:SignaturePolicyId>
                  <xades:SigPolicyId>
                    <xades:Identifier>
                      http://www.facturae.es/politica_de_firma_formato_facturae/politica_de_firma_formato_facturae_v3_1.pdf
                    </xades:Identifier>
                  </xades:SigPolicyId>
                  <xades:SigPolicyHash>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <ds:DigestValue>Ohixl6upD6av8N7pEvDABhEL6hM=</ds:DigestValue>
                  </xades:SigPolicyHash>
                </xades:SignaturePolicyId>
              </xades:SignaturePolicyIdentifier>
              <xades:SignerRole>
                <xades:ClaimedRoles>
                  <xades:ClaimedRole>supplier</xades:ClaimedRole>
                </xades:ClaimedRoles>
              </xades:SignerRole>
            </xades:SignedSignatureProperties>
          </xades:SignedProperties>
        </xades:QualifyingProperties>
      </ds:Object>
    </ds:Signature>
  </ext:ExtensionContent>
</ext:UBLExtension>

And, this is the XML that I've created:

<?xml version="1.0" encoding="UTF-8"?>
<fe:Invoice xmlns:fe="http://www.dian.gov.co/contratos/facturaelectronica/v1" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2" xmlns:clm54217="urn:un:unece:uncefact:codelist:specification:54217:2001" xmlns:clm66411="urn:un:unece:uncefact:codelist:specification:66411:2001" xmlns:clmIANAMIMEMediaType="urn:un:unece:uncefact:codelist:specification:IANAMIMEMediaType:2003" xmlns:ext="urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2" xmlns:qdt="urn:oasis:names:specification:ubl:schema:xsd:QualifiedDatatypes-2" xmlns:sts="http://www.dian.gov.co/contratos/facturaelectronica/v1/Structure" xmlns:udt="urn:un:unece:uncefact:data:specification:UnqualifiedDataTypesSchemaModule:2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.dian.gov.co/contratos/facturaelectronica/v1 ../xsd/DIAN_UBL.xsd urn:un:unece:uncefact:data:specification:UnqualifiedDataTypesSchemaModule:2 ../../ubl2/common/UnqualifiedDataTypeSchemaModule-2.0.xsd urn:oasis:names:specification:ubl:schema:xsd:QualifiedDatatypes-2 ../../ubl2/common/UBL-QualifiedDatatypes-2.0.xsd">
  <ext:UBLExtensions>
    <ext:UBLExtension>
      <ext:ExtensionContent>
        <sts:DianExtensions>
          <sts:InvoiceControl>
            <sts:InvoiceAuthorization>9000000107023546</sts:InvoiceAuthorization>
            <sts:AuthorizationPeriod>
              <cbc:StartDate>2018-04-20</cbc:StartDate>
              <cbc:EndDate>2026-12-21</cbc:EndDate>
            </sts:AuthorizationPeriod>
            <sts:AuthorizedInvoices>
              <sts:Prefix>PRUE</sts:Prefix>
              <sts:From>980000000</sts:From>
              <sts:To>985000000</sts:To>
            </sts:AuthorizedInvoices>
          </sts:InvoiceControl>
          <sts:InvoiceSource>
            <cbc:IdentificationCode listAgencyID="6" listAgencyName="United Nations Economic Commission for Europe" listSchemeURI="urn:oasis:names:specification:ubl:codelist:gc:CountryIdentificationCode-2.0">CO</cbc:IdentificationCode>
          </sts:InvoiceSource>
          <sts:SoftwareProvider>
            <sts:ProviderID schemeAgencyID="195" schemeAgencyName="CO, DIAN (Direccion de Impuestos y Aduanas Nacionales)">900411455</sts:ProviderID>
            <sts:SoftwareID schemeAgencyID="195" schemeAgencyName="CO, DIAN (Direccion de Impuestos y Aduanas Nacionales)">3e82b097-fed0-44e0-8fbc-370fa4bbe718</sts:SoftwareID>
          </sts:SoftwareProvider>
          <sts:SoftwareSecurityCode schemeAgencyID="195" schemeAgencyName="CO, DIAN (Direccion de Impuestos y Aduanas Nacionales)">8f86d8751e4cb9c9c6107bc3d95f727796ad5401e55859cab92c8e28d380f2f4e6bbfe66ded0f2c22344d23661c86da7</sts:SoftwareSecurityCode>
        </sts:DianExtensions>
      </ext:ExtensionContent>
    </ext:UBLExtension>
    <ext:UBLExtension>
      <ext:ExtensionContent/>
    </ext:UBLExtension>
  </ext:UBLExtensions>
  <cbc:UBLVersionID>UBL 2.0</cbc:UBLVersionID>
  <cbc:ProfileID>DIAN 1.0</cbc:ProfileID>
  <cbc:ID>PRUE980000007</cbc:ID>
  <cbc:UUID schemeAgencyID="195" schemeAgencyName="CO, DIAN (Direccion de Impuestos y Aduanas Nacionales)">b1f15bbfbd3743c5a43aa60f6e6fe79467719153</cbc:UUID>
  <cbc:IssueDate>2018-07-06</cbc:IssueDate>
  <cbc:IssueTime>08:04:19</cbc:IssueTime>
  <cbc:InvoiceTypeCode listAgencyID="195" listAgencyName="CO, DIAN (Direccion de Impuestos y Aduanas Nacionales)" listSchemeURI="http://www.dian.gov.co/contratos/facturaelectronica/v1/InvoiceType">1</cbc:InvoiceTypeCode>
  <cbc:Note>FACTURA DE PRUEBA</cbc:Note>
  <cbc:DocumentCurrencyCode>COP</cbc:DocumentCurrencyCode>
  <fe:AccountingSupplierParty>
    <cbc:AdditionalAccountID>1</cbc:AdditionalAccountID>
    <fe:Party>
      <cac:PartyIdentification>
        <cbc:ID schemeAgencyID="195" schemeAgencyName="CO, DIAN (Direccion de Impuestos y Aduanas Nacionales)" schemeID="31">900411455</cbc:ID>
      </cac:PartyIdentification>
      <cac:PartyName>
        <cbc:Name>EMPRESA DE PRUEBA</cbc:Name>
      </cac:PartyName>
      <fe:PhysicalLocation>
        <fe:Address>
          <cbc:Department>BOGOTA, DC</cbc:Department>
          <cbc:CitySubdivisionName>BOGOTA, DC</cbc:CitySubdivisionName>
          <cbc:CityName>BOGOTA, DC</cbc:CityName>
          <cac:AddressLine>
            <cbc:Line>DIRECCION DEL CLIENTE</cbc:Line>
          </cac:AddressLine>
          <cac:Country>
            <cbc:IdentificationCode>CO</cbc:IdentificationCode>
          </cac:Country>
        </fe:Address>
      </fe:PhysicalLocation>
      <fe:PartyTaxScheme>
        <cbc:TaxLevelCode>2</cbc:TaxLevelCode>
        <cac:TaxScheme/>
      </fe:PartyTaxScheme>
      <fe:PartyLegalEntity>
        <cbc:RegistrationName>EMPRESA DE PRUEBA</cbc:RegistrationName>
      </fe:PartyLegalEntity>
    </fe:Party>
  </fe:AccountingSupplierParty>
  <fe:AccountingCustomerParty>
    <cbc:AdditionalAccountID>2</cbc:AdditionalAccountID>
    <fe:Party>
      <cac:PartyIdentification>
        <cbc:ID schemeAgencyID="195" schemeAgencyName="CO, DIAN (Direccion de Impuestos y Aduanas Nacionales)" schemeID="31">830507412</cbc:ID>
      </cac:PartyIdentification>
      <fe:PhysicalLocation>
        <fe:Address>
          <cbc:Department>BOGOTA DC</cbc:Department>
          <cbc:CitySubdivisionName>BOGOTA</cbc:CitySubdivisionName>
          <cbc:CityName>CITY</cbc:CityName>
          <cac:AddressLine>
            <cbc:Line>DIRECCION</cbc:Line>
          </cac:AddressLine>
          <cac:Country>
            <cbc:IdentificationCode>CO</cbc:IdentificationCode>
          </cac:Country>
        </fe:Address>
      </fe:PhysicalLocation>
      <fe:PartyTaxScheme>
        <cbc:TaxLevelCode>2</cbc:TaxLevelCode>
        <cac:TaxScheme/>
      </fe:PartyTaxScheme>
      <fe:Person>
        <cbc:FirstName>NOMBRE DE EMPRESA</cbc:FirstName>
        <cbc:FamilyName>APELLIDO</cbc:FamilyName>
        <cbc:MiddleName>NOMBRE</cbc:MiddleName>
      </fe:Person>
    </fe:Party>
  </fe:AccountingCustomerParty>
  <fe:TaxTotal>
    <cbc:TaxAmount currencyID="COP">0.00</cbc:TaxAmount>
    <cbc:TaxEvidenceIndicator>false</cbc:TaxEvidenceIndicator>
    <fe:TaxSubtotal>
      <cbc:TaxableAmount currencyID="COP">0.00</cbc:TaxableAmount>
      <cbc:TaxAmount currencyID="COP">0.00</cbc:TaxAmount>
      <cbc:Percent>19.00</cbc:Percent>
      <cac:TaxCategory>
        <cac:TaxScheme>
          <cbc:ID>01</cbc:ID>
        </cac:TaxScheme>
      </cac:TaxCategory>
    </fe:TaxSubtotal>
  </fe:TaxTotal>
  <fe:LegalMonetaryTotal>
    <cbc:LineExtensionAmount currencyID="COP">0.00</cbc:LineExtensionAmount>
    <cbc:TaxExclusiveAmount currencyID="COP">0.00</cbc:TaxExclusiveAmount>
    <cbc:PayableAmount currencyID="COP">0.00</cbc:PayableAmount>
  </fe:LegalMonetaryTotal>
  <fe:InvoiceLine>
    <cbc:ID>PV00000001</cbc:ID>
    <cbc:InvoicedQuantity>1.00</cbc:InvoicedQuantity>
    <cbc:LineExtensionAmount currencyID="COP">20.00</cbc:LineExtensionAmount>
    <fe:Item>
      <cbc:Description>PRODUCTOS VARIOS</cbc:Description>
    </fe:Item>
    <fe:Price>
      <cbc:PriceAmount currencyID="COP">20.00</cbc:PriceAmount>
    </fe:Price>
  </fe:InvoiceLine>
  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <ds:SignedInfo>
      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <ds:Reference>
      <ds:Transforms>
        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
      </ds:Transforms>
      <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
      <ds:DigestValue>54iNdi7I+p1PnU0zXuXn89HUdlmkMK3ZoRPHpcaqlOQ=</ds:DigestValue>
    </ds:Reference>
  </ds:SignedInfo>
  <ds:SignatureValue>
    WmZG4QHfKqBsjtoFjP3BNTLoZVV3+Bww/XjH4gXW+6FDm+J/fkGR1wnmt9C3t98nwFlpOAl5gaOyhC0DNHce3MYWobMNc08hcFES9EV13/tqNsXiCrXXwXVzmwY7CDge0wGa9jYVo6CaLj+t9+IbvgNVc6HdRuVeLzojmO+iyBOPTC5w5QWVVdRV4HeBsxYNsIRNIclp34TsljHYy1g7sMjMAm0SMHkduwgXNn96q+GX/v8pjckdxeZwAYKB+yW3US6mr5lzvyWr9e7pQ0LqZBgX3tT9b050rQHBE8t/H4sh665JyBjSafBSV8/NYRgEafhqBvL0SLVwOESvmvg98Q==
  </ds:SignatureValue>
  <ds:KeyInfo>
    <ds:X509Data>
      <ds:X509Certificate>
        MIID0DCCArigAwIBAgIJAKRguh9Kxjd4MA0GCSqGSIb3DQEBCwUAMH0xCzAJBgNVBAYTAkJSMQswCQYDVQQIDAJTUDEMMAoGA1UEBwwDUmlvMQ4wDAYDVQQKDAVGSVJNUzEQMA4GA1UECwwHRkVSTUlOTzEQMA4GA1UEAwwHRkVSTUlOTzEfMB0GCSqGSIb3DQEJARYQZ3VpaGdmQGdtYWlsLmNvbTAeFw0xNzA2MjcxMzU2MTBaFw0yNzA2MjUxMzU2MTBaMH0xCzAJBgNVBAYTAkJSMQswCQYDVQQIDAJTUDEMMAoGA1UEBwwDUmlvMQ4wDAYDVQQKDAVGSVJNUzEQMA4GA1UECwwHRkVSTUlOTzEQMA4GA1UEAwwHRkVSTUlOTzEfMB0GCSqGSIb3DQEJARYQZ3VpaGdmQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxoXF67vmncyWwoJ3h3MK/foNuP7uvmSv1aiLgLgc0dH1SGQWqM33ocloBtHWs1QFpU7TGVVmyS9bf47fdVxa/75MLV7mSMdWDiK0cIBDwQFAhSu+ipQ3kpTJSmJWiXKd16Xtrxq9XtwdwC25kVMEws7ggZoMHzrmmKPtTUwvbaqy0xXw5IFFt/r9L6dzOQcfwdNhQACLlO7cEGdJQXbwvICn3VN6M5nwTXec6vlalppX3kmjTiVJURKi64hmih84Hf12loDbtyiuxYcc8rK0ceUAxhFtmekwDAcV+EAr7sXUrNDKZErpK6HZ/QDrhZVeXzVuKsHyRmYYn0RUGzNqMCAwEAAaNTMFEwHQYDVR0OBBYEFONdUpNRKv8PN9499PBw0zVD+025MB8GA1UdIwQYMBaAFONdUpNRKv8PN9499PBw0zVD+025MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAK5OwB/iVWDHEtGKkQCmMqXOcsVz7PvYJIaGtSUq1X6CWDGZoEtyCkfoMC/FYPz6V8JgSwDFENyw4VaH0HWggwz2vCDEA5Mg3iOobRG98gk9lLolk7DjXsfvHkCYI6ncvz7eIdawwzddhSaj+2LSUCB8UNONYsl6CPdioNGUVJix9QDSrf5gcMkWsWa8Sg3f6vjVCWdgl5mOnJeeXapxvg1VEjnmOLDb25hNKO44i4jVNKN4+jSKCcECCKw7fu7uD4PyVbTCZi037svPzMZ6dG7wlWLBWOopbj7G2sAMMVwCoHAJBoEV8lArRq4n1ZW3DAW9NQ8+OQcJMXWGWQhSmJk=
      </ds:X509Certificate>
    </ds:X509Data>
  </ds:KeyInfo>
</ds:Signature>
</fe:Invoice>

As you can see, the signature is not in the contet of > 

<ext:UBLExtension>
  <ext:ExtensionContent/>
</ext:UBLExtension>

so, how can fix this problem and add new nodes or tags into the SIGNATURE?

Thanks! and sorry again!

robrichards commented 5 years ago

On 2/12/19 11:02 AM, Johan Corrales wrote:

Hi, regards.

I'm making a small signature in a XML file (all it's ok until here), but, the request from the service it's more complicated than the examples (I'm new in this world of XML and WebServices); doesn't matter the algorithm to use (SHA1, SHA256):.

There are many nodes with different attributes, what I have been able to achieve with the library is very basic for what they are asking me. This is only a fraction of the document, the rest of the document is very extensive so I refrain from adding all the XML.

The example has the signature inside this tag

|<ext:UBLExtension> <ext:ExtensionContent/> </ext:UBLExtension> |

Example of XML (to the point that I must arrive)

| <ds:Signature Id="xmldsig-e2f27048-53c6-4130-bf5e-5915089e9807"> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n20010315"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference Id="xmldsig-e2f27048-53c6-4130-bf5e-5915089e9807-ref0" URI="">

nQoslfKNH9/a7YoLBXFYsyTkBJ8= 0iE/FGZgLfbnV9DhUaDBBVPjn44= 4VZaJAZGvxifoGYetOYuOEuZUrE= Ijd7mzeBj4NV/F+EyP7WQO13Bi1wLNFFyvQPmiXgcTQ9zBYtuTWNeUS+vk425vrA1ghgC8V fpem9ODzhe/gsV5R82Ya9Dp3Ek6SDIoJYsD1nFEaq5h1Gt56iMr+hPEvyvR6ddQl+n4sRhmLCKvKV3 JgeL8MvAx6Bg+m8Z7sQVdbBjLE/4oSdN+jo8DpUQrPuKMg0ZRmMEBp4LGbljQE0esFLG0cHml LeFEZH MIIILDCCBhSgAwIBAgIIfq9P6xyRMBEwDQYJKoZIhvcNAQELBQAwgbQxIzAhBgkqhkiG9w0B CQEWFGluZm9AYW5kZXNzY2QuY29tLmNvMSMwIQYDVQQDExpDQSBBTkRFUyBTQ0QgUy5BLiB DbGFzZSBJSTEwMC4GA1UECxMnRGl2aXNpb24gZGUgY2VydGlmaWNhY2lvbiBlbnRpZGFkIGZpbmFsM RMwEQYD 2015-09-04T20:06:27.100-05:00 2el6MfWvYsvEaa/TV513a7tVK0g= C=CO,L=Bogota D.C.,O=Andes SCD.,OU=Division de certificacion entidad final,CN=Ficticious ECD Colombia Clase II,1.2.840.113549.1.9.1=#1614696e666f40616e6465737363642e636f6d2e636f 9128602840918470673 YGJTXnOzmebG2Mc6A/QapNi1PRA= C=CO,L=Bogota D.C.,O=Andes SCD,OU=Division de certificacion,CN=Sub CA Ficticious ECD Colombia S.A.,1.2.840.113549.1.9.1=#1614696e666f40616e6465737363642e636f6d2e636f 7958418607150926283 6EVr7OINyc49AgvNkie19xul55c= C=CO,L=Bogota D.C.,O=Andes SCD,OU=Division de certificacion,CN=ROOT CA Ficticious ECD Colombia S.A.,1.2.840.113549.1.9.1=#1614696e666f40616e6465737363642e636f6d2e636f 3248112716520923666 http://www.facturae.es/politica_de_firma_formato_facturae/politica_de_firma_formato_facturae_v3_1.pdf Ohixl6upD6av8N7pEvDABhEL6hM= supplier | And, this is the XML that I've created: | 9000000107023546 2018-04-20 2026-12-21 PRUE 980000000 985000000 CO 900411455 3e82b097-fed0-44e0-8fbc-370fa4bbe718 8f86d8751e4cb9c9c6107bc3d95f727796ad5401e55859cab92c8e28d380f2f4e6bbfe66ded0f2c22344d23661c86da7 UBL 2.0 DIAN 1.0 PRUE980000007 b1f15bbfbd3743c5a43aa60f6e6fe79467719153 2018-07-06 08:04:19 1 FACTURA DE PRUEBA COP 1 900411455 EMPRESA DE PRUEBA BOGOTA, DC BOGOTA, DC BOGOTA, DC DIRECCION DEL CLIENTE CO 2 EMPRESA DE PRUEBA 2 830507412 BOGOTA DC BOGOTA CITY DIRECCION CO 2 NOMBRE DE EMPRESA APELLIDO NOMBRE 0.00 false 0.00 0.00 19.00 01 0.00 0.00 0.00 PV00000001 1.00 20.00 PRODUCTOS VARIOS 20.00 54iNdi7I+p1PnU0zXuXn89HUdlmkMK3ZoRPHpcaqlOQ= WmZG4QHfKqBsjtoFjP3BNTLoZVV3+Bww/XjH4gXW+6FDm+J/fkGR1wnmt9C3t98nwFlpOAl5gaOyhC0DNHce3MYWobMNc08hcFES9EV13/tqNsXiCrXXwXVzmwY7CDge0wGa9jYVo6CaLj+t9+IbvgNVc6HdRuVeLzojmO+iyBOPTC5w5QWVVdRV4HeBsxYNsIRNIclp34TsljHYy1g7sMjMAm0SMHkduwgXNn96q+GX/v8pjckdxeZwAYKB+yW3US6mr5lzvyWr9e7pQ0LqZBgX3tT9b050rQHBE8t/H4sh665JyBjSafBSV8/NYRgEafhqBvL0SLVwOESvmvg98Q== MIID0DCCArigAwIBAgIJAKRguh9Kxjd4MA0GCSqGSIb3DQEBCwUAMH0xCzAJBgNVBAYTAkJSMQswCQYDVQQIDAJTUDEMMAoGA1UEBwwDUmlvMQ4wDAYDVQQKDAVGSVJNUzEQMA4GA1UECwwHRkVSTUlOTzEQMA4GA1UEAwwHRkVSTUlOTzEfMB0GCSqGSIb3DQEJARYQZ3VpaGdmQGdtYWlsLmNvbTAeFw0xNzA2MjcxMzU2MTBaFw0yNzA2MjUxMzU2MTBaMH0xCzAJBgNVBAYTAkJSMQswCQYDVQQIDAJTUDEMMAoGA1UEBwwDUmlvMQ4wDAYDVQQKDAVGSVJNUzEQMA4GA1UECwwHRkVSTUlOTzEQMA4GA1UEAwwHRkVSTUlOTzEfMB0GCSqGSIb3DQEJARYQZ3VpaGdmQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxoXF67vmncyWwoJ3h3MK/foNuP7uvmSv1aiLgLgc0dH1SGQWqM33ocloBtHWs1QFpU7TGVVmyS9bf47fdVxa/75MLV7mSMdWDiK0cIBDwQFAhSu+ipQ3kpTJSmJWiXKd16Xtrxq9XtwdwC25kVMEws7ggZoMHzrmmKPtTUwvbaqy0xXw5IFFt/r9L6dzOQcfwdNhQACLlO7cEGdJQXbwvICn3VN6M5nwTXec6vlalppX3kmjTiVJURKi64hmih84Hf12loDbtyiuxYcc8rK0ceUAxhFtmekwDAcV+EAr7sXUrNDKZErpK6HZ/QDrhZVeXzVuKsHyRmYYn0RUGzNqMCAwEAAaNTMFEwHQYDVR0OBBYEFONdUpNRKv8PN9499PBw0zVD+025MB8GA1UdIwQYMBaAFONdUpNRKv8PN9499PBw0zVD+025MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAK5OwB/iVWDHEtGKkQCmMqXOcsVz7PvYJIaGtSUq1X6CWDGZoEtyCkfoMC/FYPz6V8JgSwDFENyw4VaH0HWggwz2vCDEA5Mg3iOobRG98gk9lLolk7DjXsfvHkCYI6ncvz7eIdawwzddhSaj+2LSUCB8UNONYsl6CPdioNGUVJix9QDSrf5gcMkWsWa8Sg3f6vjVCWdgl5mOnJeeXapxvg1VEjnmOLDb25hNKO44i4jVNKN4+jSKCcECCKw7fu7uD4PyVbTCZi037svPzMZ6dG7wlWLBWOopbj7G2sAMMVwCoHAJBoEV8lArRq4n1ZW3DAW9NQ8+OQcJMXWGWQhSmJk= | As you can see, the signature is not in the contet of > | | so, how can fix this problem? Thanks! and sorry again!

While you can probably accomplish what you need to do with insertSignature($node, $beforeNode = null), Im not sure about the xades support it appears you need. If you go back through the list you can see where someone has added some code that may or may not work for you.

Rob