(PHP Extension) Apply 2nd Signature to sii.cl Factura Electrónica (Chile Servicio de Impuestos Internos)

Demonstrates how to apply the 2nd signature an XML invoice according to Chilean Internal Revenue Service regulations.

Chilkat PHP Downloads PHP Extension for Windows, Linux, MacOS, Alpine Linux, Solaris

<?php

// The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number.
// For example, if using Chilkat v9.5.0.48, then include as shown here:
include("chilkat_9_5_0.php");

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// In this example: Create sii.cl Factura Electr�nica (Chile Servicio de Impuestos Internos)
// We signed XML structured like this:

// <?xml version="1.0" encoding="iso-8859-1"?>
// <DTE version="1.0" xmlns="http://www.sii.cl/SiiDte">
//   <Documento ID="F11T22">
//     ...
//   </Documento>
// </DTE>

// To get a signature like this:
// <?xml version="1.0" encoding="iso-8859-1"?>
// <DTE version="1.0" xmlns="http://www.sii.cl/SiiDte">
//   <Documento ID="F11T22">
//     ...
//   </Documento>
//   <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
//     ..
//   </Signature>
// </DTE>

// Now we wish to wrap the result of the 1st example in the following and sign again:

// <?xml version="1.0" encoding="iso-8859-1"?>
// <EnvioDTE version="1.0" xmlns="http://www.sii.cl/SiiDte" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sii.cl/SiiDte EnvioDTE_v10.xsd">
//     <SetDTE ID="NDTECHILE">
//         <Caratula version="1.0">
//             <RutEmisor>...</RutEmisor>
//             <RutEnvia>...</RutEnvia>
//             <RutReceptor>...</RutReceptor>
//             <FchResol>2014-08-22</FchResol>
//             <NroResol>80</NroResol>
//             <TmstFirmaEnv>2020-07-17T13:19:10</TmstFirmaEnv>
//             <SubTotDTE>
//                 <TpoDTE>34</TpoDTE>
//                 <NroDTE>1</NroDTE>
//             </SubTotDTE>
//         </Caratula>
//         <DTE version="1.0" xmlns="http://www.sii.cl/SiiDte">
//             <Documento ID="F11T22">...</Documento>
//             <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">..</Signature>
//         </DTE>
//     </SetDTE>
// </EnvioDTE>

// The result will be this:

// <?xml version="1.0" encoding="iso-8859-1"?>
// <EnvioDTE version="1.0" xmlns="http://www.sii.cl/SiiDte" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sii.cl/SiiDte EnvioDTE_v10.xsd">
//     <SetDTE ID="NDTECHILE">
//         <Caratula version="1.0">
//             <RutEmisor>...</RutEmisor>
//             <RutEnvia>...</RutEnvia>
//             <RutReceptor>...</RutReceptor>
//             <FchResol>2014-08-22</FchResol>
//             <NroResol>80</NroResol>
//             <TmstFirmaEnv>2020-07-17T13:19:10</TmstFirmaEnv>
//             <SubTotDTE>
//                 <TpoDTE>34</TpoDTE>
//                 <NroDTE>1</NroDTE>
//             </SubTotDTE>
//         </Caratula>
//         <DTE version="1.0" xmlns="http://www.sii.cl/SiiDte">
//             <Documento ID="F11T22">...</Documento>
//             <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">..</Signature>
//         </DTE>
//     </SetDTE>
//     <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">..</Signature>
// </EnvioDTE>

$gen = new CkXmlDSigGen();

$gen->put_SigLocation('EnvioDTE');
$gen->put_SigLocationMod(0);
$gen->put_SigNamespacePrefix('');
$gen->put_SigNamespaceUri('http://www.w3.org/2000/09/xmldsig#');
$gen->put_SignedInfoCanonAlg('C14N');
$gen->put_SignedInfoDigestMethod('sha1');

// -------- Reference 1 --------
$gen->AddSameDocRef('NDTECHILE','sha1','','','');

// Provide a certificate + private key. (PFX password is test123)
$cert = new CkCert();
$success = $cert->LoadPfxFile('qa_data/pfx/cert_test123.pfx','test123');
if ($success != true) {
    print $cert->lastErrorText() . "\n";
    exit;
}

$gen->SetX509Cert($cert,true);

$gen->put_KeyInfoType('X509Data+KeyValue');
$gen->put_X509Type('Certificate');

// Here's the part where we must be very careful not to disturb the existing signature.
// We want to encapsulate the existing signed XML like this:

// <?xml version="1.0" encoding="iso-8859-1"?>
// <EnvioDTE version="1.0" xmlns="http://www.sii.cl/SiiDte" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sii.cl/SiiDte EnvioDTE_v10.xsd">
//     <SetDTE ID="NDTECHILE">
//         <Caratula version="1.0">
//             <RutEmisor>...</RutEmisor>
//             <RutEnvia>...</RutEnvia>
//             <RutReceptor>...</RutReceptor>
//             <FchResol>2014-08-22</FchResol>
//             <NroResol>80</NroResol>
//             <TmstFirmaEnv>2020-07-17T13:19:10</TmstFirmaEnv>
//             <SubTotDTE>
//                 <TpoDTE>34</TpoDTE>
//                 <NroDTE>1</NroDTE>
//             </SubTotDTE>
//         </Caratula>
//         <EXISTING_SIGNED_XML>HERE</EXISTING_SIGNED_XML>
//     </SetDTE>
//     <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">..</Signature>
// </EnvioDTE>

$xml = new CkXml();
$xml->put_Tag('EnvioDTE');
$xml->AddAttribute('version','1.0');
$xml->AddAttribute('xmlns','http://www.sii.cl/SiiDte');
$xml->AddAttribute('xmlns:xsi','http://www.w3.org/2001/XMLSchema-instance');
$xml->AddAttribute('xsi:schemaLocation','http://www.sii.cl/SiiDte EnvioDTE_v10.xsd');
$xml->UpdateAttrAt('SetDTE',true,'ID','NDTECHILE');
$xml->UpdateAttrAt('SetDTE|Caratula',true,'version','1.0');
$xml->UpdateChildContent('SetDTE|Caratula|RutEmisor','...');
$xml->UpdateChildContent('SetDTE|Caratula|RutEnvia','...');
$xml->UpdateChildContent('SetDTE|Caratula|RutReceptor','...');
$xml->UpdateChildContent('SetDTE|Caratula|FchResol','2014-08-22');
$xml->UpdateChildContent('SetDTE|Caratula|NroResol','80');
$xml->UpdateChildContent('SetDTE|Caratula|TmstFirmaEnv','2020-07-17T13:19:10');
$xml->UpdateChildContent('SetDTE|Caratula|SubTotDTE|TpoDTE','34');
$xml->UpdateChildContent('SetDTE|Caratula|SubTotDTE|NroDTE','1');
$xml->UpdateChildContent('SetDTE|EXISTING_SIGNED_XML','HERE');

$sbXml = new CkStringBuilder();
$xml->GetXmlSb($sbXml);

// Load our existing signed XML.
// We cannot load it into a Chilkat XML object because we cannot allow anything to change,
// not even indentation or whitespace.
$sbExisting = new CkStringBuilder();
$sbExisting->LoadFile('qa_data/xml_dsig/sii_cl/signed1.xml','iso-8859-1');

// However, we must remove the XML declarator, and we can trim the whitespace at the very front and back (i.e. whitespace completely outside the document).
$numReplaced = $sbExisting->Replace('<?xml version=\'1.0\' encoding=\'iso-8859-1\'?>','');
$sbExisting->Trim();

// Insert the existing signed XML into the new XML document to be signed.
$numReplaced = $sbXml->Replace('<EXISTING_SIGNED_XML>HERE</EXISTING_SIGNED_XML>',$sbExisting->getAsString());

// We now have the XML document ready for the 2nd signature to be applied...

// Make sure we add the "SignExistingSignatures" behavior so that this signature includes the original signature in the digest.
$gen->put_Behaviors('IndentedSignature,SignExistingSignatures');

// Sign the XML...
$success = $gen->CreateXmlDSigSb($sbXml);
if ($success != true) {
    print $gen->lastErrorText() . "\n";
    exit;
}

// -----------------------------------------------

// Change the XML declarator to indicate iso-8859-1 (because we'll be saving using iso-8859-1)
$numReplaced = $sbXml->Replace('encoding=\'utf-8\'?>','encoding=\'iso-8859-1\'?>');

// Save the signed XML to a file.
$success = $sbXml->WriteFile('qa_data/xml_dsig/sii_cl/signed2.xml','iso-8859-1',false);

print $sbXml->getAsString() . "\n";

?>