SEO Title: Day 6: Digitally Sign UBL XML Using XMLSecLibs #xmlsignature #irbsigning
Focus Keyphrase: IRB e-invoice integration
Meta Description: Learn how to digitally sign your UBL XML for IRB e-invoice integration using XMLSecLibs in Laravel. Ensure your XML includes the required ds:Signature block.
Signing the UBL XML for IRB Submission
IRBM requires all submitted XML invoices to be digitally signed using an enveloped XML signature in the ds:Signature
block. We’ll use the popular PHP library RobRichards/XMLSecLibs.
Step 1: Install XMLSecLibs
composer require robrichards/xmlseclibs
Step 2: Update IRBXmlSignatureService.php
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecurityKey;
public function sign(string $unsignedXml): string
{
$doc = new \DOMDocument();
$doc->loadXML($unsignedXml);
$objDSig = new XMLSecurityDSig();
$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
$objDSig->addReference(
$doc,
XMLSecurityDSig::SHA256,
['http://www.w3.org/2000/09/xmldsig#enveloped-signature'],
['uri' => '']
);
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, ['type'=>'private']);
$objKey->loadKey($this->pkeyPem, false, true, $this->pkeyPassphrase);
$objDSig->sign($objKey);
$objDSig->add509Cert($this->certPem, true, false);
$objDSig->appendSignature($doc->documentElement);
return $doc->saveXML();
}
Step 3: Test Signing Output
In your controller or test route:
$xml = app(IRBInvoiceXmlGenerator::class)->generate($invoiceData);
$signedXml = app(IRBXmlSignatureService::class)->sign($xml);
return response($signedXml)->header('Content-Type', 'application/xml');
What to Check in Output
- Look for a full
ds:Signature
block inside your <Invoice> - Make sure it includes
ds:SignedInfo
,ds:SignatureValue
, andds:X509Certificate
Common Issues
- ❌ Incorrect line endings or formatting in PEM files — normalize your certs
- ❌ Signature not appended inside Invoice — use
appendSignature($doc->documentElement)
Resources
Coming Up in Day 7
We’ll add the UBLExtensions wrapper around your signature block, as IRBM requires the signature to be wrapped inside that tag.
Tags: #XMLSignature #UBL #IRBIntegration #DigitalSigning #Laravel