(PHP ActiveX) Duplicate Java Secure Token Creation

Demonstrates how to duplicate some Java code that creates an RSA signature to create a base64 token.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows Note: The php_com_dotnet.dll may need to be enabled inside of php.ini.

<?php

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// This example duplicates the following Java code:

// public X509Certificate2 cert = new X509Certificate2(@"Some path to p12/p12file_name.p12","Password_for_p12"); 
// 
// public string GenerateSignToken(double timeValidityMin){ 
//   string equalsSign = ":="; 
//   string timeCreated = DateTime.Now.ToString("yyyy-MM-ddTHH:mm:ss.fffzzz"); 
//   string tokenTimeInfo = "validityTimeMinutes" + equalsSign + timeValidityMin + ";"+"timeCreated" + equalsSign + timeCreated; 
//   string signature = SignData(tokenTimeInfo); 
//   string secureToken = tokenTimeInfo + ";" + "signature" + equalsSign + signature; 
//   return Base64UrlEncode(secureToken); 
// } 
//  
// public string SignData(string stringToSign){ 
//   byte[] dataToSign = Encoding.UTF8.GetBytes(stringToSign); 
//   RSACryptoServiceProvider privKey = (RSACryptoServiceProvider)cert.PrivateKey; 
//   CspKeyContainerInfo containerInfo = new RSACryptoServiceProvider().CspKeyContainerInfo; 
//   CspParameters cspparams = new CspParameters(containerInfo.ProviderType, containerInfo.ProviderName, privKey.CspKeyContainerInfo.KeyContainerName); 
//   privKey = new RSACryptoServiceProvider(cspparams); 
//   string id = CryptoConfig.MapNameToOID("SHA256"); 
//   byte[] sign = privKey.SignData(dataToSign, id); 
//   bool res = privKey.VerifyData(dataToSign, id, sign); 
//   return Convert.ToBase64String(sign).Replace('+', '-').Replace('/', '_').Replace("=", ""); 
// } 
//  
// private static string Base64UrlEncode(string input){ 
//   var inputBytes = Encoding.UTF8.GetBytes(input); 
//   return Convert.ToBase64String(inputBytes).Replace('+', '-').Replace('/', '_').Replace("=", ""); 
// } 

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.CkDateTime')
$dt = new COM("Chilkat.CkDateTime");
$dt->SetFromCurrentSystemTime();
$timeCreated = $dt->getAsTimestamp(1);

// Such as 2019-04-01T19:35:44-05:00
print $timeCreated . "\n";

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder')
$sbToken = new COM("Chilkat.StringBuilder");
$sbToken->Append('validityTimeMinutes:=10.0;timeCreated:=');
$sbToken->Append($timeCreated);

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Cert')
$cert = new COM("Chilkat.Cert");
$success = $cert->LoadPfxFile('Some path to p12/p12file_name.p12','Password_for_p12');
if ($success != 1) {
    print $cert->LastErrorText . "\n";
    exit;
}

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Rsa')
$rsa = new COM("Chilkat.Rsa");
$success = $rsa->SetX509Cert($cert,1);
if ($success != 1) {
    print $rsa->LastErrorText . "\n";
    exit;
}

$rsa->EncodingMode = 'base64url';

$signature = $rsa->signStringENC($sbToken->getAsString(),'sha256');
if ($rsa->LastMethodSuccess == 0) {
    print $rsa->LastErrorText . "\n";
    exit;
}

$sbToken->Append(';signature:=');
$sbToken->Append($signature);

// Base64URL encode the result
$sbToken->Encode('base64url','utf-8');
$token = $sbToken->getAsString();

print $token . "\n";

?>