|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PHP ActiveX) XML-DSig Add Reference with Transforms Specified ExplicitlyDemonstrates how to use the new AddSameDocRef2 method to explicitly specify the XML Transforms fragment.
<?php // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. $success = 1; // Create the following XML to be signed: // <doc> // <s id="s1">Some text...</s> // <p>Some text...</p> // <p class="note">A note...</p> // </doc> // Use this online tool to generate code from sample XML: // Generate Code to Create XML // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Xml') $xmlToSign = new COM("Chilkat.Xml"); $xmlToSign->Tag = 'doc'; $xmlToSign->UpdateAttrAt('s',1,'id','s1'); $xmlToSign->UpdateChildContent('s','Some text...'); $xmlToSign->UpdateChildContent('p','Some text...'); $xmlToSign->UpdateAttrAt('p[1]',1,'class','note'); $xmlToSign->UpdateChildContent('p[1]','A note...'); print $xmlToSign->getXml() . "\n"; // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.XmlDSigGen') $gen = new COM("Chilkat.XmlDSigGen"); $gen->SigLocation = 'doc'; $gen->SigLocationMod = 0; $gen->SigId = 'Signature-78f29839-06af-448f-b479-ca46457fab1b-Signature'; $gen->SigNamespacePrefix = 'ds'; $gen->SigNamespaceUri = 'http://www.w3.org/2000/09/xmldsig#'; $gen->SigValueId = 'Signature-78f29839-06af-448f-b479-ca46457fab1b-SignatureValue'; $gen->SignedInfoCanonAlg = 'C14N'; $gen->SignedInfoDigestMethod = 'sha1'; // Set the KeyInfoId before adding references.. $gen->KeyInfoId = 'Signature-78f29839-06af-448f-b479-ca46457fab1b-KeyInfo'; // The following XML to be added as an Object to the Signature // Use this online tool to generate code from sample XML: // Generate Code to Create XML // <xades:QualifyingProperties Id="Signature-78f29839-06af-448f-b479-ca46457fab1b-QualifyingProperties" Target="#Signature-78f29839-06af-448f-b479-ca46457fab1b-Signature" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#"> // <xades:SignedProperties Id="Signature-78f29839-06af-448f-b479-ca46457fab1b-SignedProperties"> // <xades:SignedSignatureProperties> // <xades:SigningTime>TO BE GENERATED BY CHILKAT</xades:SigningTime> // <xades:SigningCertificate> // <xades:Cert> // <xades:CertDigest> // <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> // <ds:DigestValue>TO BE GENERATED BY CHILKAT</ds:DigestValue> // </xades:CertDigest> // <xades:IssuerSerial> // <ds:X509IssuerName>TO BE GENERATED BY CHILKAT</ds:X509IssuerName> // <ds:X509SerialNumber>TO BE GENERATED BY CHILKAT</ds:X509SerialNumber> // </xades:IssuerSerial> // </xades:Cert> // </xades:SigningCertificate> // </xades:SignedSignatureProperties> // <xades:SignedDataObjectProperties> // <xades:DataObjectFormat ObjectReference="#Reference-24eb6003-d41c-442c-a731-d4c58f94790b"> // <xades:Description/> // <xades:ObjectIdentifier> // <xades:Identifier Qualifier="OIDAsURN">urn:oid:1.2.840.10003.5.109.10</xades:Identifier> // <xades:Description/> // </xades:ObjectIdentifier> // <xades:MimeType>text/xml</xades:MimeType> // <xades:Encoding/> // </xades:DataObjectFormat> // </xades:SignedDataObjectProperties> // </xades:SignedProperties> // </xades:QualifyingProperties> // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Xml') $object1 = new COM("Chilkat.Xml"); $object1->Tag = 'xades:QualifyingProperties'; $object1->AddAttribute('Id','Signature-78f29839-06af-448f-b479-ca46457fab1b-QualifyingProperties'); $object1->AddAttribute('Target','#Signature-78f29839-06af-448f-b479-ca46457fab1b-Signature'); $object1->AddAttribute('xmlns:ds','http://www.w3.org/2000/09/xmldsig#'); $object1->AddAttribute('xmlns:xades','http://uri.etsi.org/01903/v1.3.2#'); $object1->UpdateAttrAt('xades:SignedProperties',1,'Id','Signature-78f29839-06af-448f-b479-ca46457fab1b-SignedProperties'); $object1->UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime','TO BE GENERATED BY CHILKAT'); // Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1 $object1->UpdateAttrAt('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod',1,'Algorithm','http://www.w3.org/2000/09/xmldsig#sha1'); $object1->UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue','TO BE GENERATED BY CHILKAT'); $object1->UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName','TO BE GENERATED BY CHILKAT'); $object1->UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber','TO BE GENERATED BY CHILKAT'); $object1->UpdateAttrAt('xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat',1,'ObjectReference','#Reference-24eb6003-d41c-442c-a731-d4c58f94790b'); $object1->UpdateChildContent('xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Description',''); $object1->UpdateAttrAt('xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier',1,'Qualifier','OIDAsURN'); $object1->UpdateChildContent('xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier','urn:oid:1.2.840.10003.5.109.10'); $object1->UpdateChildContent('xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Description',''); $object1->UpdateChildContent('xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType','text/xml'); $object1->UpdateChildContent('xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Encoding',''); print $object1->getXml() . "\n"; $gen->AddObject('',$object1->getXml(),'',''); // -------- Reference 1 -------- // Create the following Transforms fragment: // Use this online tool to generate code from sample XML: // Generate Code to Create XML // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> // <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> // <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> // <ds:XPath xmlns:ds="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::ds:Signature)</ds:XPath> // </ds:Transform> // </ds:Transforms> // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Xml') $xml1 = new COM("Chilkat.Xml"); $xml1->Tag = 'ds:Transforms'; $xml1->UpdateAttrAt('ds:Transform',1,'Algorithm','http://www.w3.org/TR/2001/REC-xml-c14n-20010315'); $xml1->UpdateAttrAt('ds:Transform[1]',1,'Algorithm','http://www.w3.org/2000/09/xmldsig#enveloped-signature'); $xml1->UpdateAttrAt('ds:Transform[2]',1,'Algorithm','http://www.w3.org/TR/1999/REC-xpath-19991116'); $xml1->UpdateAttrAt('ds:Transform[2]|ds:XPath',1,'xmlns:ds','http://www.w3.org/2000/09/xmldsig#'); $xml1->UpdateChildContent('ds:Transform[2]|ds:XPath','not(ancestor-or-self::ds:Signature)'); // This is the "Transforms" XML fragment passed to AddSameDocRef2. print $xml1->getXml() . "\n"; $gen->AddSameDocRef2('','sha1',$xml1,''); $gen->SetRefIdAttr('','Reference-24eb6003-d41c-442c-a731-d4c58f94790b'); // -------- Reference 2 -------- $gen->AddObjectRef('Signature-78f29839-06af-448f-b479-ca46457fab1b-SignedProperties','sha1','','','http://uri.etsi.org/01903#SignedProperties'); // -------- Reference 3 -------- $gen->AddSameDocRef('Signature-78f29839-06af-448f-b479-ca46457fab1b-KeyInfo','sha1','','',''); // Provide a certificate + private key. (PFX password is test123) // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Cert') $cert = new COM("Chilkat.Cert"); $success = $cert->LoadPfxFile('qa_data/pfx/cert_test123.pfx','test123'); if ($success != 1) { print $cert->LastErrorText . "\n"; exit; } $gen->SetX509Cert($cert,1); $gen->KeyInfoType = 'X509Data+KeyValue'; $gen->X509Type = 'CertChain'; // Load XML to be signed... // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder') $sbXml = new COM("Chilkat.StringBuilder"); $xmlToSign->GetXmlSb($sbXml); $gen->Behaviors = 'IndentedSignature'; // Sign the XML... $success = $gen->CreateXmlDSigSb($sbXml); if ($success != 1) { print $gen->LastErrorText . "\n"; exit; } // ----------------------------------------------- // Save the signed XML to a file. $success = $sbXml->WriteFile('qa_output/signedXml.xml','utf-8',0); print $sbXml->getAsString() . "\n"; // ---------------------------------------- // Verify the signatures we just produced... // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.XmlDSig') $verifier = new COM("Chilkat.XmlDSig"); $success = $verifier->LoadSignatureSb($sbXml); if ($success != 1) { print $verifier->LastErrorText . "\n"; exit; } $numSigs = $verifier->NumSignatures; $verifyIdx = 0; while ($verifyIdx < $numSigs) { $verifier->Selector = $verifyIdx; $verified = $verifier->VerifySignature(1); if ($verified != 1) { print $verifier->LastErrorText . "\n"; exit; } $verifyIdx = $verifyIdx + 1; } print 'All signatures were successfully verified.' . "\n"; ?> |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.