diff --git a/lib/xmlseclibs.php b/lib/xmlseclibs.php index 3f192c7f7badf532fcb2fd339aa936b130e0b55a..46e6f60c329063c1085a5dc730be35ff3d57f89e 100644 --- a/lib/xmlseclibs.php +++ b/lib/xmlseclibs.php @@ -569,6 +569,10 @@ class XMLSecurityDSig { private $prefix = 'ds'; private $searchpfx = 'secdsig'; + + /* This variable contains an associative array of validated nodes. */ + private $validatedNodes = NULL; + public function __construct() { $sigdoc = new DOMDocument(); $sigdoc->loadXML(XMLSecurityDSig::template); @@ -823,7 +827,20 @@ class XMLSecurityDSig { $dataObject = $refNode->ownerDocument; } $data = $this->processTransforms($refNode, $dataObject); - return $this->validateDigest($refNode, $data); + if (!$this->validateDigest($refNode, $data)) { + return FALSE; + } + + if ($dataObject instanceof DOMNode) { + /* Add this node to the list of validated nodes. */ + if($identifier) { + $this->validatedNodes[$identifier] = $dataObject; + } else { + $this->validatedNodes[] = $dataObject; + } + } + + return TRUE; } public function getRefNodeID($refNode) { @@ -865,8 +882,15 @@ class XMLSecurityDSig { if ($nodeset->length == 0) { throw new Exception("Reference nodes not found"); } + + /* Initialize/reset the list of validated nodes. */ + $this->validatedNodes = array(); + foreach ($nodeset AS $refNode) { if (! $this->processRefNode($refNode)) { + /* Clear the list of validated nodes. */ + $this->validatedNodes = NULL; + throw new Exception("Reference validation failed"); } } @@ -1226,6 +1250,18 @@ class XMLSecurityDSig { self::staticAdd509Cert($this->sigNode, $cert, $isPEMFormat, $isURL, $xpath); } } + + /* This function retrieves an associative array of the validated nodes. + * + * The array will contain the id of the referenced node as the key and the node itself + * as the value. + * + * Returns: + * An associative array of validated nodes or NULL if no nodes have been validated. + */ + public function getValidatedNodes() { + return $this->validatedNodes; + } } class XMLSecEnc {