port allow definable namespace prefix including not having one. closes …

…robrichards#13
klemenb · Jul 24, 2015 · 10d1976 · 10d1976
1 parent 663e559
commit 10d1976
Show file tree

Hide file tree

Showing 5 changed files with 123 additions and 13 deletions.
diff --git a/src/XMLSecurityDSig.php b/src/XMLSecurityDSig.php
@@ -67,22 +67,35 @@ class XMLSecurityDSig
   </ds:SignedInfo>
 </ds:Signature>';
 
+    const BASE_TEMPLATE = '<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+  <SignedInfo>
+    <SignatureMethod />
+  </SignedInfo>
+</Signature>';
+
     public $sigNode = null;
     public $idKeys = array();
     public $idNS = array();
     private $signedInfo = null;
     private $xPathCtx = null;
     private $canonicalMethod = null;
-    private $prefix = 'ds';
+    private $prefix = '';
     private $searchpfx = 'secdsig';
 
     /* This variable contains an associative array of validated nodes. */
     private $validatedNodes = null;
 
-    public function __construct()
+    public function __construct($prefix='ds')
     {
+    	$template = self::BASE_TEMPLATE;
+    	if (! empty($prefix)) {
+    		$this->prefix = $prefix.':';
+    		$search = array("<S", "</S", "xmlns=");
+    		$replace = array("<$prefix:S", "</$prefix:S", "xmlns:$prefix=");
+    		$template = str_replace($search, $replace, $template);
+    	}
         $sigdoc = new DOMDocument();
-        $sigdoc->loadXML(self::template);
+        $sigdoc->loadXML($template);
         $this->sigNode = $sigdoc->documentElement;
     }
 
@@ -155,9 +168,9 @@ public function createNewSignNode($name, $value=null)
     {
         $doc = $this->sigNode->ownerDocument;
         if (! is_null($value)) {
-            $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.':'.$name, $value);
+            $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.$name, $value);
         } else {
-            $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.':'.$name);
+            $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.$name);
         }
         return $node;
     }
@@ -778,9 +791,14 @@ public static function staticAdd509Cert($parentRef, $cert, $isPEMFormat=true, $i
         $query = "./secdsig:KeyInfo";
         $nodeset = $xpath->query($query, $parentRef);
         $keyInfo = $nodeset->item(0);
+        $dsig_pfx = '';
         if (! $keyInfo) {
+            $pfx = $parentRef->lookupPrefix(XMLSecurityDSig::XMLDSIGNS);
+            if (! empty($pfx)) {
+                $dsig_pfx = $pfx.":";
+            }
             $inserted = false;
-            $keyInfo = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:KeyInfo');
+            $keyInfo = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'KeyInfo');
 
             $query = "./secdsig:Object";
             $nodeset = $xpath->query($query, $parentRef);
@@ -792,13 +810,18 @@ public static function staticAdd509Cert($parentRef, $cert, $isPEMFormat=true, $i
             if (! $inserted) {
                 $parentRef->appendChild($keyInfo);
             }
+        } else {
+            $pfx = $keyInfo->lookupPrefix(XMLSecurityDSig::XMLDSIGNS);
+            if (! empty($pfx)) {
+                $dsig_pfx = $pfx.":";
+            }
         }
 
         // Add all certs if there are more than one
         $certs = self::staticGet509XCerts($cert, $isPEMFormat);
 
         // Attach X509 data node
-        $x509DataNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509Data');
+        $x509DataNode = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509Data');
         $keyInfo->appendChild($x509DataNode);
 
         $issuerSerial = false;
@@ -826,7 +849,7 @@ public static function staticAdd509Cert($parentRef, $cert, $isPEMFormat=true, $i
                         } else {
                             $subjectNameValue = $certData['issuer'];
                         }
-                        $x509SubjectNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509SubjectName', $subjectNameValue);
+                        $x509SubjectNode = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509SubjectName', $subjectNameValue);
                         $x509DataNode->appendChild($x509SubjectNode);
                     }
                     if ($issuerSerial && ! empty($certData['issuer']) && ! empty($certData['serialNumber'])) {
@@ -840,18 +863,18 @@ public static function staticAdd509Cert($parentRef, $cert, $isPEMFormat=true, $i
                             $issuerName = $certData['issuer'];
                         }
 
-                        $x509IssuerNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509IssuerSerial');
+                        $x509IssuerNode = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509IssuerSerial');
                         $x509DataNode->appendChild($x509IssuerNode);
 
-                        $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509IssuerName', $issuerName);
+                        $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509IssuerName', $issuerName);
                         $x509IssuerNode->appendChild($x509Node);
-                        $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509SerialNumber', $certData['serialNumber']);
+                        $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509SerialNumber', $certData['serialNumber']);
                         $x509IssuerNode->appendChild($x509Node);
                     }
                 }
 
             }
-            $x509CertNode = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:X509Certificate', $X509Cert);
+            $x509CertNode = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509Certificate', $X509Cert);
             $x509DataNode->appendChild($x509CertNode);
         }
     }
@@ -887,8 +910,13 @@ public function appendToKeyInfo($node)
         $nodeset = $xpath->query($query, $parentRef);
         $keyInfo = $nodeset->item(0);
         if (! $keyInfo) {
+            $dsig_pfx = '';
+            $pfx = $parentRef->lookupPrefix(XMLSecurityDSig::XMLDSIGNS);
+            if (! empty($pfx)) {
+                $dsig_pfx = $pfx.":";
+            }
             $inserted = false;
-            $keyInfo = $baseDoc->createElementNS(self::XMLDSIGNS, 'ds:KeyInfo');
+            $keyInfo = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'KeyInfo');
 
             $query = "./secdsig:Object";
             $nodeset = $xpath->query($query, $parentRef);

diff --git a/tests/xml-sign-prefix-ds.res b/tests/xml-sign-prefix-ds.res
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Basic XML example -->
+<Root xmlns="urn:envelope">
+  <Value>
+	Hello, World!
+  </Value>
+<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+  <ds:Reference><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>scTXEJcKZm9Mb0ldX7LSRbAKY8g=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>TPHrAOC4iXv5Uwk4oROJXuXHVJ7bUgmUVsAdr21oPhy37ROqT8ZsaWHxAFnBnc5XmXKkzu1yYrlNA7Im9nmAXwMZCH4xZvvFTBR2UA49F8Of92GKRLqwy+OBp/zA0FnEOKB9ji/ZYEMeZ4SoV7fY+avoJ4u5UBjlj/dtQrZVQcftdOw1+urvIo43PYpxLeIVxs+fnO8o6+pc80OLOhzT0tcnNLkYZvfTufdi2PjDuJvjaNP+HGbvSkleUoSwngAFDu4yABKudiEYENxzesP09HtMrWnmjNy2MAejq71ABsXPlx2O1acDA5b9eYRTmZTfxOQwRTxTn6fUb2GNJsPS8A==</ds:SignatureValue>
+<ds:KeyInfo><ds:X509Data><ds:X509SubjectName>CN=xmlseclibs/www.cdatazone.org,O=xmlseclibs.php Library,L=Limington,ST=Maine,C=US</ds:X509SubjectName><ds:X509IssuerSerial><ds:X509IssuerName>CN=xmlseclibs/www.cdatazone.org,O=xmlseclibs.php Library,L=Limington,ST=Maine,C=US</ds:X509IssuerName><ds:X509SerialNumber>17648358729206786805</ds:X509SerialNumber></ds:X509IssuerSerial><ds:X509Certificate>MIIEVDCCAzygAwIBAgIJAPTrkMJbCOr1MA0GCSqGSIb3DQEBBQUAMHkxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIEwVNYWluZTESMBAGA1UEBxMJTGltaW5ndG9uMR8wHQYDVQQKExZ4bWxzZWNsaWJzLnBocCBMaWJyYXJ5MSUwIwYDVQQDExx4bWxzZWNsaWJzL3d3dy5jZGF0YXpvbmUub3JnMB4XDTA4MDcwNzIwMjIzMVoXDTE4MDcwNTIwMjIzMVoweTELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBU1haW5lMRIwEAYDVQQHEwlMaW1pbmd0b24xHzAdBgNVBAoTFnhtbHNlY2xpYnMucGhwIExpYnJhcnkxJTAjBgNVBAMTHHhtbHNlY2xpYnMvd3d3LmNkYXRhem9uZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDttdMyM5ISVD1Uz+BHAPrxVJ6N1eZonfg3DMvZVT0Zy64+qcXj8zuHC6lolDsfGnD8LUttraQ7qCL+bHKps+hjAhCRdx5Wcn4iDrlFpxFL7INnr6vekzsCQ45BPUrvksF9FKa7yX4iSDButmPfoT14gPnIuSe8Y5UeGe6Lk6sF0WgHyL+JmxOu377Kuhah2pXZ1+z7V4JIlNgemJtKlqrvgGeuE9TagfGHUL9BuZK5fUx/RSDUjqxUeKU3fft9fGIAZl0dduitC2Otv4dr1gxLrUmI+ZZ75FmtfKQT7SmS92QVI2B5WAPlL1bnbvhkZiyw7nFE+Q/wGJ2myE4RIFjdAgMBAAGjgd4wgdswHQYDVR0OBBYEFEC5iG0uGXLpQG/zMj/4TuDWfTpHMIGrBgNVHSMEgaMwgaCAFEC5iG0uGXLpQG/zMj/4TuDWfTpHoX2kezB5MQswCQYDVQQGEwJVUzEOMAwGA1UECBMFTWFpbmUxEjAQBgNVBAcTCUxpbWluZ3RvbjEfMB0GA1UEChMWeG1sc2VjbGlicy5waHAgTGlicmFyeTElMCMGA1UEAxMceG1sc2VjbGlicy93d3cuY2RhdGF6b25lLm9yZ4IJAPTrkMJbCOr1MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBACmSKrte07VrGB8dtrN5mrt28ILickQjguu46h6vChgQ4YfIAoA1KWNsZJUuuIzTDjE5xz2hsW37CI0yrNesv2ho2hhP+fIaxCGmcwLYXL80UaPRglYk5+wPWFOt3QFAVoEgwjLX9+y+c2Gu7xLgHAFZVRjQ5hhKT0Nj3vhnt0k8LcognNl1wKuWda7VL4tODp/2IOXr5o5v/OL3UesGfeWfvr8LVmMc5f7/vLAu1+2Yk+/C9/EZyf3BDZQ4z8ae/iwqprCTUIEjhUDcq4+0YN2EIw6suGE2FtWlsIywNErmoOhdrmntU61n3nFCQBi7QDUnZrAFrl4/bmk3eRJ00nE=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></Root>
diff --git a/tests/xml-sign-prefix-none.res b/tests/xml-sign-prefix-none.res
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Basic XML example -->
+<Root xmlns="urn:envelope">
+  <Value>
+	Hello, World!
+  </Value>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+  <SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+    <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+  <Reference><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>scTXEJcKZm9Mb0ldX7LSRbAKY8g=</DigestValue></Reference></SignedInfo><SignatureValue>Adk5gWjxcxpow584FRbT1oAu7h4lBOHvzp7o6qMUlmMlpP9KeH8/csNMAejV/7sAHkFYUgmtI64LrA0Hgf6Ai7lLbzW73ducdjfAwHvcmdVuapGj3NaSSDUt3EQ5ewcFUIPrek+oA/iPPHkzcr8w/0zKJtXAqsgOK+wekhREcGHnn70XnMhPTNAQPsdV/0kbS2w6dencp+Dz5CSNdEpdm/WA7nOkrXX9h5+i050+/RNE67Gs6toUZ5IO5j6rnQlccAJYOfh8D3o1aLqmtjpDWSbbYm8BOWeY1+1tRLXoyP6jJf2DpCayNeUfbhzzUBXjFEEExEtsN6Me8oFypxpiog==</SignatureValue>
+<KeyInfo><X509Data><X509SubjectName>CN=xmlseclibs/www.cdatazone.org,O=xmlseclibs.php Library,L=Limington,ST=Maine,C=US</X509SubjectName><X509IssuerSerial><X509IssuerName>CN=xmlseclibs/www.cdatazone.org,O=xmlseclibs.php Library,L=Limington,ST=Maine,C=US</X509IssuerName><X509SerialNumber>17648358729206786805</X509SerialNumber></X509IssuerSerial><X509Certificate>MIIEVDCCAzygAwIBAgIJAPTrkMJbCOr1MA0GCSqGSIb3DQEBBQUAMHkxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIEwVNYWluZTESMBAGA1UEBxMJTGltaW5ndG9uMR8wHQYDVQQKExZ4bWxzZWNsaWJzLnBocCBMaWJyYXJ5MSUwIwYDVQQDExx4bWxzZWNsaWJzL3d3dy5jZGF0YXpvbmUub3JnMB4XDTA4MDcwNzIwMjIzMVoXDTE4MDcwNTIwMjIzMVoweTELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBU1haW5lMRIwEAYDVQQHEwlMaW1pbmd0b24xHzAdBgNVBAoTFnhtbHNlY2xpYnMucGhwIExpYnJhcnkxJTAjBgNVBAMTHHhtbHNlY2xpYnMvd3d3LmNkYXRhem9uZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDttdMyM5ISVD1Uz+BHAPrxVJ6N1eZonfg3DMvZVT0Zy64+qcXj8zuHC6lolDsfGnD8LUttraQ7qCL+bHKps+hjAhCRdx5Wcn4iDrlFpxFL7INnr6vekzsCQ45BPUrvksF9FKa7yX4iSDButmPfoT14gPnIuSe8Y5UeGe6Lk6sF0WgHyL+JmxOu377Kuhah2pXZ1+z7V4JIlNgemJtKlqrvgGeuE9TagfGHUL9BuZK5fUx/RSDUjqxUeKU3fft9fGIAZl0dduitC2Otv4dr1gxLrUmI+ZZ75FmtfKQT7SmS92QVI2B5WAPlL1bnbvhkZiyw7nFE+Q/wGJ2myE4RIFjdAgMBAAGjgd4wgdswHQYDVR0OBBYEFEC5iG0uGXLpQG/zMj/4TuDWfTpHMIGrBgNVHSMEgaMwgaCAFEC5iG0uGXLpQG/zMj/4TuDWfTpHoX2kezB5MQswCQYDVQQGEwJVUzEOMAwGA1UECBMFTWFpbmUxEjAQBgNVBAcTCUxpbWluZ3RvbjEfMB0GA1UEChMWeG1sc2VjbGlicy5waHAgTGlicmFyeTElMCMGA1UEAxMceG1sc2VjbGlicy93d3cuY2RhdGF6b25lLm9yZ4IJAPTrkMJbCOr1MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBACmSKrte07VrGB8dtrN5mrt28ILickQjguu46h6vChgQ4YfIAoA1KWNsZJUuuIzTDjE5xz2hsW37CI0yrNesv2ho2hhP+fIaxCGmcwLYXL80UaPRglYk5+wPWFOt3QFAVoEgwjLX9+y+c2Gu7xLgHAFZVRjQ5hhKT0Nj3vhnt0k8LcognNl1wKuWda7VL4tODp/2IOXr5o5v/OL3UesGfeWfvr8LVmMc5f7/vLAu1+2Yk+/C9/EZyf3BDZQ4z8ae/iwqprCTUIEjhUDcq4+0YN2EIw6suGE2FtWlsIywNErmoOhdrmntU61n3nFCQBi7QDUnZrAFrl4/bmk3eRJ00nE=</X509Certificate></X509Data></KeyInfo></Signature></Root>
diff --git a/tests/xml-sign-prefix-pfx.res b/tests/xml-sign-prefix-pfx.res
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Basic XML example -->
+<Root xmlns="urn:envelope">
+  <Value>
+	Hello, World!
+  </Value>
+<pfx:Signature xmlns:pfx="http://www.w3.org/2000/09/xmldsig#">
+  <pfx:SignedInfo><pfx:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+    <pfx:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+  <pfx:Reference><pfx:Transforms><pfx:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></pfx:Transforms><pfx:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><pfx:DigestValue>scTXEJcKZm9Mb0ldX7LSRbAKY8g=</pfx:DigestValue></pfx:Reference></pfx:SignedInfo><pfx:SignatureValue>WWT71vbIV6YLBk8fRzZFY3vLiCGuFTh0eh/A158/tOHKR/5qDNkwZ2DRslG0nAFfle0qz41fpnkjniR5gnbcAX/BCDTi/TFdVOiHGUzH3Erb9fFnFFUEoRSh/ZWYyNlBQERmrsnX8tr9mP6IfpTy01yq+tFeiU6jj9TSkst5Bwa74Wn2sXs1OxpsswhUCAsKRdNf0KGLeHGM00RIBD8ep5bKLmFn8WTvPmDBJloyxMQxD0qLKT8qZWoka/qX0JUE+Q2FNsCkGZ69H8/e8/zzXJSOHu/A22r5VrAGisTwLl2g3128/hOvtuMvOAXNotHKFxSt52kDLAfVCWLPCMNRhA==</pfx:SignatureValue>
+<pfx:KeyInfo><pfx:X509Data><pfx:X509SubjectName>CN=xmlseclibs/www.cdatazone.org,O=xmlseclibs.php Library,L=Limington,ST=Maine,C=US</pfx:X509SubjectName><pfx:X509IssuerSerial><pfx:X509IssuerName>CN=xmlseclibs/www.cdatazone.org,O=xmlseclibs.php Library,L=Limington,ST=Maine,C=US</pfx:X509IssuerName><pfx:X509SerialNumber>17648358729206786805</pfx:X509SerialNumber></pfx:X509IssuerSerial><pfx:X509Certificate>MIIEVDCCAzygAwIBAgIJAPTrkMJbCOr1MA0GCSqGSIb3DQEBBQUAMHkxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIEwVNYWluZTESMBAGA1UEBxMJTGltaW5ndG9uMR8wHQYDVQQKExZ4bWxzZWNsaWJzLnBocCBMaWJyYXJ5MSUwIwYDVQQDExx4bWxzZWNsaWJzL3d3dy5jZGF0YXpvbmUub3JnMB4XDTA4MDcwNzIwMjIzMVoXDTE4MDcwNTIwMjIzMVoweTELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBU1haW5lMRIwEAYDVQQHEwlMaW1pbmd0b24xHzAdBgNVBAoTFnhtbHNlY2xpYnMucGhwIExpYnJhcnkxJTAjBgNVBAMTHHhtbHNlY2xpYnMvd3d3LmNkYXRhem9uZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDttdMyM5ISVD1Uz+BHAPrxVJ6N1eZonfg3DMvZVT0Zy64+qcXj8zuHC6lolDsfGnD8LUttraQ7qCL+bHKps+hjAhCRdx5Wcn4iDrlFpxFL7INnr6vekzsCQ45BPUrvksF9FKa7yX4iSDButmPfoT14gPnIuSe8Y5UeGe6Lk6sF0WgHyL+JmxOu377Kuhah2pXZ1+z7V4JIlNgemJtKlqrvgGeuE9TagfGHUL9BuZK5fUx/RSDUjqxUeKU3fft9fGIAZl0dduitC2Otv4dr1gxLrUmI+ZZ75FmtfKQT7SmS92QVI2B5WAPlL1bnbvhkZiyw7nFE+Q/wGJ2myE4RIFjdAgMBAAGjgd4wgdswHQYDVR0OBBYEFEC5iG0uGXLpQG/zMj/4TuDWfTpHMIGrBgNVHSMEgaMwgaCAFEC5iG0uGXLpQG/zMj/4TuDWfTpHoX2kezB5MQswCQYDVQQGEwJVUzEOMAwGA1UECBMFTWFpbmUxEjAQBgNVBAcTCUxpbWluZ3RvbjEfMB0GA1UEChMWeG1sc2VjbGlicy5waHAgTGlicmFyeTElMCMGA1UEAxMceG1sc2VjbGlicy93d3cuY2RhdGF6b25lLm9yZ4IJAPTrkMJbCOr1MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBACmSKrte07VrGB8dtrN5mrt28ILickQjguu46h6vChgQ4YfIAoA1KWNsZJUuuIzTDjE5xz2hsW37CI0yrNesv2ho2hhP+fIaxCGmcwLYXL80UaPRglYk5+wPWFOt3QFAVoEgwjLX9+y+c2Gu7xLgHAFZVRjQ5hhKT0Nj3vhnt0k8LcognNl1wKuWda7VL4tODp/2IOXr5o5v/OL3UesGfeWfvr8LVmMc5f7/vLAu1+2Yk+/C9/EZyf3BDZQ4z8ae/iwqprCTUIEjhUDcq4+0YN2EIw6suGE2FtWlsIywNErmoOhdrmntU61n3nFCQBi7QDUnZrAFrl4/bmk3eRJ00nE=</pfx:X509Certificate></pfx:X509Data></pfx:KeyInfo></pfx:Signature></Root>
diff --git a/tests/xml-sign-prefix.phpt b/tests/xml-sign-prefix.phpt
@@ -0,0 +1,49 @@
+--TEST--
+Basic Signature with no namespace prefix
+--FILE--
+<?php
+require(dirname(__FILE__) . '/../xmlseclibs.php');
+use RobRichards\XMLSecLibs\XMLSecurityDSig;
+use RobRichards\XMLSecLibs\XMLSecurityKey;
+
+$prefixes = array('ds' => 'ds', 'pfx' => 'pfx', 'none' => null);
+
+foreach ($prefixes as $file_out => $prefix) {
+	$doc = new DOMDocument();
+	$doc->load(dirname(__FILE__) . '/basic-doc.xml');
+
+	$objDSig = new XMLSecurityDSig($prefix);
+
+	$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
+
+	$objDSig->addReference($doc, XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'));
+
+	$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'private'));
+	/* load private key */
+	$objKey->loadKey(dirname(__FILE__) . '/privkey.pem', TRUE);
+
+	/* if key has Passphrase, set it using $objKey->passphrase = <passphrase> " */
+
+	$objDSig->sign($objKey);
+
+	/* Add associated public key */
+	$options = array('issuerSerial' => true, 'subjectName' => true, );
+	$objDSig->add509Cert(file_get_contents(dirname(__FILE__) . '/mycert.pem'), true, false, $options);
+
+	$objDSig->appendSignature($doc->documentElement);
+	$sig_out = "/xml-sign-prefix-$file_out.xml";
+	$doc->save(dirname(__FILE__) . $sig_out);
+
+	$sign_output = file_get_contents(dirname(__FILE__) . $sig_out);
+	$sign_output_def = file_get_contents(dirname(__FILE__) . "/xml-sign-prefix-$file_out.res");
+	if ($sign_output != $sign_output_def) {
+		echo "NOT THE SAME\n";
+	}
+	echo "DONE\n";
+	unlink(dirname(__FILE__) . $sig_out);
+}
+?>
+--EXPECTF--
+DONE
+DONE
+DONE