PHP Extension
PHP Extension
Create XAdES using Smart Card or USB Token
See more XAdES Examples
Demonstrates how to create an XAdES signed XML document using a certificate located on a smartcard or USB token.Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
// Load the XML to be signed.
$xmlToSign = new CkXml();
$success = $xmlToSign->LoadXmlFile('qa_data/fattura_electronica/docToSign.xml');
if ($success == false) {
print $xmlToSign->lastErrorText() . "\n";
exit;
}
$gen = new CkXmlDSigGen();
$gen->put_SigLocation('p:FatturaElettronica');
$gen->put_SigId('xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504');
$gen->put_SigNamespacePrefix('ds');
$gen->put_SigNamespaceUri('http://www.w3.org/2000/09/xmldsig#');
$gen->put_SigValueId('xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-sigvalue');
$gen->put_SignedInfoCanonAlg('C14N');
$gen->put_SignedInfoDigestMethod('sha256');
// Create an Object to be added to the Signature.
// Note: Chilkat will automatically populate the strings indicated by "TO BE GENERATED BY CHILKAT" with actual/correct values
// when the XML is signed.
$object1 = new CkXml();
$object1->put_Tag('xades:QualifyingProperties');
$object1->AddAttribute('xmlns:xades','http://uri.etsi.org/01903/v1.3.2#');
$object1->AddAttribute('xmlns:xades141','http://uri.etsi.org/01903/v1.4.1#');
$object1->AddAttribute('Target','#xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504');
$object1->UpdateAttrAt('xades:SignedProperties',true,'Id','xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-signedprops');
$object1->UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime','TO BE GENERATED BY CHILKAT');
$object1->UpdateAttrAt('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod',true,'Algorithm','http://www.w3.org/2001/04/xmlenc#sha256');
$object1->UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue','TO BE GENERATED BY CHILKAT');
$object1->UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2','TO BE GENERATED BY CHILKAT');
$gen->AddObject('',$object1->getXml(),'','');
// -------- Reference 1 --------
$gen->put_KeyInfoId('xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-keyinfo');
$gen->AddSameDocRef('xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-keyinfo','sha256','','','');
// -------- Reference 2 --------
$gen->AddSameDocRef('','sha256','','','');
$gen->SetRefIdAttr('','xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-ref0');
// -------- Reference 3 --------
$gen->AddObjectRef('xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-signedprops','sha256','','','http://uri.etsi.org/01903#SignedProperties');
// ----------------------------------------------------------------
// Load a certificate that has been pre-installed on the Windows system
// This includes certificates on smartcards and USB tokens
$cert = new CkCert();
// You may provide the PIN here..
$cert->put_SmartCardPin('000000');
// Load the certificate on the smartcard currently in the reader (or on the USB token).
// Pass an empty string to allow Chilkat to automatically choose the CSP (Cryptographi Service Provider).
// See Load Certificate on Smartcard for information about explicitly selecting a particular CSP.
$success = $cert->LoadFromSmartcard('');
if ($success == false) {
print $cert->lastErrorText() . "\n";
exit;
}
$gen->SetX509Cert($cert,true);
$gen->put_KeyInfoType('X509Data');
$gen->put_X509Type('Certificate');
// Load XML to be signed...
$sbXml = new CkStringBuilder();
$xmlToSign->GetXmlSb($sbXml);
$gen->put_Behaviors('IndentedSignature,ForceAddEnvelopedSignatureTransform');
// Sign the XML...
$success = $gen->CreateXmlDSigSb($sbXml);
if ($success == false) {
print $gen->lastErrorText() . "\n";
exit;
}
// Save the signed XMl to a file.
$success = $sbXml->WriteFile('qa_output/signedXml.xml','utf-8',false);
print $sbXml->getAsString() . "\n";
// ----------------------------------------
// Verify the signature we just produced...
$verifier = new CkXmlDSig();
$success = $verifier->LoadSignatureSb($sbXml);
if ($success == false) {
print $verifier->lastErrorText() . "\n";
exit;
}
$verified = $verifier->VerifySignature(true);
if ($verified != true) {
print $verifier->lastErrorText() . "\n";
exit;
}
print 'This signature was successfully verified.' . "\n";
?>