Unable to verify partial (signDocument) #28
Description
I added a test
/**
* Test.
*
* @dataProvider providerTestSignAndVerify
*
* @param string $privateKeyFile The key file
* @param string $publicKeyFile The key file
* @param string $password The file password
*
* @return void
*/
public function testSignAndVerifyPartial(string $privateKeyFile, string $publicKeyFile, string $password)
{
$files = [
__DIR__ . '/example4.xml',
];
$algos = [
Algorithm::METHOD_SHA1,
Algorithm::METHOD_SHA224,
Algorithm::METHOD_SHA256,
Algorithm::METHOD_SHA384,
Algorithm::METHOD_SHA512,
];
foreach ($files as $filename) {
foreach ($algos as $algo) {
$privateKeyStore = new PrivateKeyStore();
if (pathinfo($privateKeyFile, PATHINFO_EXTENSION) === 'p12') {
$privateKeyStore->loadFromPkcs12(file_get_contents($privateKeyFile), $password);
} else {
$privateKeyStore->loadFromPem(file_get_contents($privateKeyFile), $password);
}
$algorithm = new Algorithm($algo, $algo);
$cryptoSigner = new CryptoSigner($privateKeyStore, $algorithm);
$xmlSigner = new XmlSigner($cryptoSigner);
$xmlSigner->setReferenceUri('');
$xml = new DOMDocument();
$xml->preserveWhiteSpace = true;
$xml->formatOutput = false;
$xml->loadXML(file_get_contents($filename));
$xpath = new DOMXPath($xml);
$elementToSign = $xpath->query('/References/Book/Author')->item(0);
$signedXml = $xmlSigner->signDocument($xml, $elementToSign);
// verify
$publicKeyStore = new PublicKeyStore();
if (pathinfo($publicKeyFile, PATHINFO_EXTENSION) === 'p12') {
$publicKeyStore->loadFromPkcs12(file_get_contents($publicKeyFile), $password);
} else {
$publicKeyStore->loadFromPem(file_get_contents($publicKeyFile));
}
$cryptoVerifier = new CryptoVerifier($publicKeyStore);
$xmlSignatureVerifier = new XmlSignatureVerifier($cryptoVerifier);
$isValid = $xmlSignatureVerifier->verifyXml($signedXml);
$this->assertTrue($isValid, 'Could not validate partial signed xml document');
}
}
}Which tests the partial (signDocument)
This is the xml output of the $signedXml
<?xml version="1.0"?>
<References>
<Book>
<Author>
<FirstName>Bruce</FirstName>
<LastName>Schneier</LastName>
</Author>
<Title>Applied Cryptography</Title>
</Book>
<Web>
<Title>XMLSec</Title>
<Url>http://www.aleksey.com/xmlsec/</Url>
</Web>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>JcCwDiYORvy5oZax2ZLPbtOMWeU=</DigestValue></Reference></SignedInfo><SignatureValue>feoBWMSYKSjh2/Vu5L/szUDL/7hpu6cxwy/LTlwP8XwKGzq3WFBYJRNO2s/CdDSCAyH2Gka2xTZslVlxnpcloeg8dVL36Z6OXoPNH/B8LppE+r4cB9ivXu/cCbes0SHnnP+zG4aRV5W9NRyevMWdlg9WdtNXUDtZ0aseWNnOjjI=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>2smhWoycTnVVPvBI8Dt9Utl6jZmMcWx34lCTt8Noeezj1JCgHCnuRr7fYSWz029wuG5T0nDpHtkXsSp10u6QF128RZYFJWdECtCtqXZeefTkpq7R95jz/QSb7wzJcZHDY/fxHg/shnfBjf8k+j0w4fBv+JbMzly/rciiJAuGLP8=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo></Signature></References>Is this normal, or?