How to know exactly what's been signed?
Closed this issue · 5 comments
Hello, it's me again.
Is there a way to know exactly what I'm passing to the class to generate the signature?
I need to know this to be sure I'm sending the corrent request to the server.
Thanks in advice
I'm not sure I follow the question. The references you add indicate what in the document is being signed. Are you trying to see the final xml document post signature?
Actually, I'm trying to be sure that the only tag I sign is the 'InfDeclaracaoPrestacaoServico' tag. I have more tags in the complete XML but I need to sign only this one.
Here's my code:
$objDSig->addReference( $doc->getElementsByTagName('InfDeclaracaoPrestacaoServico')->item(0), XMLSecurityDSig::SHA1, ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'], array('force_uri'=>true, 'overwrite'=>false) );
With it, can I assure that the content of the signature is only the 'InfDeclaracaoPrestacaoServico' tag.?
I had attched the xml to sign and the signed one.
Hello @robrichards. I'm deeply sorry for asking it again, but, I'm right in my assumption?
OK. Just what I need. Thank you so much @robrichards.