Open NerijusNoreika opened 4 years ago
Upon signing the XML with xmlseclibs, my KeyInfo holds no data (no exponent, no modulus).
Here is the code:
` $doc = new \DOMDocument(); $doc->load('./keys/data.xml');
$sig = new XMLSecurityDSig(); try { $sig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); } catch (Exception $e) { echo $e->getMessage(); } try { $privateKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, ['type' => 'private']); $privateKey->passphrase = 'testtest'; } catch (Exception $e) { echo $e->getMessage(); }
try { $privateKey->loadKey('file://keys/testKey.pem'); } catch (Exception $e) { echo $e->getMessage(); }
$sig->sign($privateKey); $sig->add509Cert('file://keys/testCert.pem'); $sig->appendSignature($doc->getElementsByTagName('authenticationRequest')[0], false); $doc->save('./keys/test.xml'); `
Signed document: <authentication:authenticationRequest xmlns:authentication="http://www.epaslaugos.lt/services/authentication" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ns3="http://www.w3.org/2001/10/xml-exc-c14n#" id="uniqueNodeId"><authentication:pid>VSID000000000113</authentication:pid><authentication:serviceTarget>citizen</authentication:serviceTarget><authentication:authenticationProvider>auth.lt.identity.card</authentication:authenticationProvider><authentication:authenticationProvider>auth.lt.bank</authentication:authenticationProvider><authentication:authenticationProvider>auth.signatureProvider</authentication:authenticationProvider><authentication:authenticationProvider>auth.login.pass</authentication:authenticationProvider><authentication:authenticationProvider>auth.lt.government.employee.card</authentication:authenticationProvider><authentication:authenticationProvider>auth.stork</authentication:authenticationProvider><authentication:authenticationProvider>auth.tsl.identity.card</authentication:authenticationProvider><authentication:authenticationAttribute>lt-personal-code</authentication:authenticationAttribute><authentication:authenticationAttribute>lt-company-code</authentication:authenticationAttribute><authentication:userInformation>firstName</authentication:userInformation><authentication:userInformation>lastName</authentication:userInformation><authentication:userInformation>companyName</authentication:userInformation><authentication:userInformation>email</authentication:userInformation><authentication:userInformation>address</authentication:userInformation><authentication:postbackUrl>https://localhost/</authentication:postbackUrl><authentication:customData>correlationData</authentication:customData></authentication:authenticationRequest>
<authentication:authenticationRequest xmlns:authentication="http://www.epaslaugos.lt/services/authentication" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ns3="http://www.w3.org/2001/10/xml-exc-c14n#" id="uniqueNodeId"><authentication:pid>VSID000000000113</authentication:pid><authentication:serviceTarget>citizen</authentication:serviceTarget><authentication:authenticationProvider>auth.lt.identity.card</authentication:authenticationProvider><authentication:authenticationProvider>auth.lt.bank</authentication:authenticationProvider><authentication:authenticationProvider>auth.signatureProvider</authentication:authenticationProvider><authentication:authenticationProvider>auth.login.pass</authentication:authenticationProvider><authentication:authenticationProvider>auth.lt.government.employee.card</authentication:authenticationProvider><authentication:authenticationProvider>auth.stork</authentication:authenticationProvider><authentication:authenticationProvider>auth.tsl.identity.card</authentication:authenticationProvider><authentication:authenticationAttribute>lt-personal-code</authentication:authenticationAttribute><authentication:authenticationAttribute>lt-company-code</authentication:authenticationAttribute><authentication:userInformation>firstName</authentication:userInformation><authentication:userInformation>lastName</authentication:userInformation><authentication:userInformation>companyName</authentication:userInformation><authentication:userInformation>email</authentication:userInformation><authentication:userInformation>address</authentication:userInformation><authentication:postbackUrl>https://localhost/</authentication:postbackUrl><authentication:customData>correlationData</authentication:customData></authentication:authenticationRequest>
Output:
`<?xml version="1.0"?>
Current codebase does not support this but it looks like there is an old PR #75 which adds support. I will see about getting the support added.
Upon signing the XML with xmlseclibs, my KeyInfo holds no data (no exponent, no modulus).
Here is the code:
` $doc = new \DOMDocument(); $doc->load('./keys/data.xml');
$sig = new XMLSecurityDSig(); try { $sig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); } catch (Exception $e) { echo $e->getMessage(); } try { $privateKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, ['type' => 'private']); $privateKey->passphrase = 'testtest'; } catch (Exception $e) { echo $e->getMessage(); }
try { $privateKey->loadKey('file://keys/testKey.pem'); } catch (Exception $e) { echo $e->getMessage(); }
$sig->sign($privateKey); $sig->add509Cert('file://keys/testCert.pem'); $sig->appendSignature($doc->getElementsByTagName('authenticationRequest')[0], false); $doc->save('./keys/test.xml'); `
Signed document:
<authentication:authenticationRequest xmlns:authentication="http://www.epaslaugos.lt/services/authentication" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ns3="http://www.w3.org/2001/10/xml-exc-c14n#" id="uniqueNodeId"><authentication:pid>VSID000000000113</authentication:pid><authentication:serviceTarget>citizen</authentication:serviceTarget><authentication:authenticationProvider>auth.lt.identity.card</authentication:authenticationProvider><authentication:authenticationProvider>auth.lt.bank</authentication:authenticationProvider><authentication:authenticationProvider>auth.signatureProvider</authentication:authenticationProvider><authentication:authenticationProvider>auth.login.pass</authentication:authenticationProvider><authentication:authenticationProvider>auth.lt.government.employee.card</authentication:authenticationProvider><authentication:authenticationProvider>auth.stork</authentication:authenticationProvider><authentication:authenticationProvider>auth.tsl.identity.card</authentication:authenticationProvider><authentication:authenticationAttribute>lt-personal-code</authentication:authenticationAttribute><authentication:authenticationAttribute>lt-company-code</authentication:authenticationAttribute><authentication:userInformation>firstName</authentication:userInformation><authentication:userInformation>lastName</authentication:userInformation><authentication:userInformation>companyName</authentication:userInformation><authentication:userInformation>email</authentication:userInformation><authentication:userInformation>address</authentication:userInformation><authentication:postbackUrl>https://localhost/</authentication:postbackUrl><authentication:customData>correlationData</authentication:customData></authentication:authenticationRequest>
Output:
`<?xml version="1.0"?>