Is there any documentation for xmlseclibs?

Question

I have signed the XML but I don't know how to include KeyValue element in the signature. Having some documentation would save a lot of time.

The code below (if you are interested) is what I managed to do with xmlseclibs so far:

<?php
require('xmlseclibs.php'); 

XML string

$getToken = '<getToken>
<item>
<Semilla>Random string</Semilla>
</item>
</getToken>';

Creating XML object (to sign)

$getToken_DOMDocument = new DOMDocument(); 
$getToken_DOMDocument -> loadXml($getToken); 

Creating the signature object with xmlseclibs

$getToken_XMLSecurityDSig = new XMLSecurityDSig(); 
$getToken_XMLSecurityDSig -> setCanonicalMethod(XMLSecurityDSig::C14N); 

Trying to turn off the ds: prefix which didn't work

$options['prefix'] = '';
$options['prefix_ns'] = '';
$options['force_uri'] = TRUE;
$options['id_name'] = 'ID';

$getToken_XMLSecurityDSig -> addReference($getToken_DOMDocument, XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'), $options); 

Accessing the necessary key data

$XMLSecurityKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'private')); 
$XMLSecurityKey -> loadKey('../../DTE/certificado/firma/certificado.pem', TRUE); 
/* if key has Passphrase, set it using $objKey -> passphrase = <passphrase> */ 

Signing the XML object

$getToken_XMLSecurityDSig -> sign($XMLSecurityKey); 

Adding the public key

$getToken_XMLSecurityDSig -> add509Cert(file_get_contents('../../DTE/certificado/firma/certificado.pem')); 

Appending the enveloped signature to the XML object

$getToken_XMLSecurityDSig -> appendSignature($getToken_DOMDocument -> documentElement); 

Saving the signed XML code toa file

$getToken_DOMDocument -> save('sign-basic-test.xml'); 
?>

Additionaly would also like from this library:

1. Know official and trustable repository to ensure the library is not corrupted.
2. Turning off the "ds:" prefix (because nor the example nor the documentation of the XML I am producing includes such prefix).
3. Linebreaks every X characters in the Base64 type values.
4. Full indentation (otherwise none at all).

I got the library from enter link description here

Thanks in advance.

Answer 1

Here is a list of links which might help with those issues:

How to validate signature with phpseclib, in a XML signature message?

http://code.google.com/p/xmlseclibs/issues/attachmentText?id=6&aid=-1080340148797098435&name=example.php&token=81f737657f6cf89b3e7fcdb6cc15033b

http://code.google.com/p/xmlseclibs/issues/detail?id=13

Which is the proper XML exclusive canonicalization?

Not sure it will solve everything but should help you along a bit.

Answer 2

I've wrote a facade library called xmldsig for simplify the use of the underline XMLSecLibs

With this library the code result as this:

public function testSign()
{
    $getToken = '<getToken>
    <item>
    <Semilla>Random string</Semilla>
    </item>
    </getToken>';

    $data = new DOMDocument();
    $data->loadXml($getToken);

    $adapter = new XmlseclibsAdapter();
    $adapter
        ->setPrivateKey(file_get_contents('privateKey.pem'))
        ->setPublicKey(file_get_contents('publicKey.pem'))
        ->setCanonicalMethod('http://www.w3.org/2001/10/xml-exc-c14n#')
        ->sign($data);

        echo $data->saveXML();
    );
}