Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(PHP ActiveX) Create IRS MeF Login Service Request MessageThis example demonstrates how to create a digitally signed Login Service Request Message. This example used the documentation at https://www.irs.gov/pub/irs-utl/mef-doc-stp_ref_guide.pdf as a guide. It creates signed XML as specified in section 4.1.1 found in Section 4: Example A2A Web Service Messages.
<?php // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // -------------------------------------------------------------------------------- // Also see Chilkat's Online WSDL Code Generator // to generate code and SOAP Request and Response XML for each operation in a WSDL. // -------------------------------------------------------------------------------- // The goal of this example is to create signed SOAP XML such as the following: // <?xml version="1.0" encoding="UTF-8"?> // <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> // <SOAP-ENV:Header> // <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> // <wsse:BinarySecurityToken // xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" // EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" // ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" // wsu:Id="CertId-1673181727">MIIHab...n71P</wsse:BinarySecurityToken> // <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> // <ds:SignedInfo> // <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> // <ds:Reference URI="#id-1214941501"> // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> // <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> // <ds:DigestValue>abcdefghijkLMNOPQRSTUVwxyz012345Em0o3VEOTck=</ds:DigestValue> // </ds:Reference> // <ds:Reference URI="#id-1871558655"> // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> // <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> // <ds:DigestValue>abcdefghijkLMNOPQRSTUVwxyz012345Xm5ViA+royg=</ds:DigestValue> // </ds:Reference> // </ds:SignedInfo> // <ds:SignatureValue>abcd...5Nbw==</ds:SignatureValue> // <ds:KeyInfo Id="KeyId-256137097"> // <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-1862925355"> // <wsse:Reference URI="#CertId-1673181727" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/> // </wsse:SecurityTokenReference> // </ds:KeyInfo> // </ds:Signature> // </wsse:Security> // <ns1:MeFHeader xmlns:ns1="http://www.irs.gov/a2a/mef/MeFHeader.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1214941501"> // <ns1:MessageID>12345202018200000234</ns1:MessageID> // <ns1:Action>Login</ns1:Action> // <ns1:MessageTs>2020-06-30T15:25:42.678Z</ns1:MessageTs> // <ns1:ETIN>12345</ns1:ETIN> // <ns1:SessionKeyCd>Y</ns1:SessionKeyCd> // <ns1:TestCd>P</ns1:TestCd> // <ns1:AppSysID>65432190</ns1:AppSysID> // <ns1:WSDLVersionNum>10.3</ns1:WSDLVersionNum> // <ns1:ClientSoftwareTxt>SOATest</ns1:ClientSoftwareTxt> // </ns1:MeFHeader> // </SOAP-ENV:Header> // <SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1871558655"> // <LoginRequest xmlns="http://www.irs.gov/a2a/mef/MeFMSIServices.xsd"/> // </SOAP-ENV:Body> // </SOAP-ENV:Envelope> // ------------------------------------------------------------------------------------------- // First, let's load the certificate + private key to be used for signing (from a PFX). // (It is also possible to use certificates installed on a Windows system, or from other file formats..) // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Pfx') $pfx = new COM("Chilkat.Pfx"); $success = $pfx->LoadPfxFile('qa_data/pfx/cert_test123.pfx','test123'); if ($success != 1) { print $pfx->LastErrorText . "\n"; exit; } // We'll be needing the X.509 signing cert as base64 for the BinarySecurityToken, so let's get it now.. // The certificate having the private key should be the 1st in the PFX. // signingCert is a Chilkat.Cert $signingCert = $pfx->GetCert(0); if ($pfx->LastMethodSuccess != 1) { print $pfx->LastErrorText . "\n"; exit; } // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.BinData') $bdCert = new COM("Chilkat.BinData"); $signingCert->ExportCertDerBd($bdCert); // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder') $sbCert64 = new COM("Chilkat.StringBuilder"); $bdCert->GetEncodedSb('base64',$sbCert64); // ------------------------------------------------------------------------------------------- // The XML before signing would look like this: // <?xml version="1.0" encoding="UTF-8"?> // <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> // <SOAP-ENV:Header> // <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> // <wsse:BinarySecurityToken // xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" // EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" // ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" // wsu:Id="CertId-1673181727">MIIHab...n71P</wsse:BinarySecurityToken> // </wsse:Security> // <ns1:MeFHeader xmlns:ns1="http://www.irs.gov/a2a/mef/MeFHeader.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1214941501"> // <ns1:MessageID>12345202018200000234</ns1:MessageID> // <ns1:Action>Login</ns1:Action> // <ns1:MessageTs>2020-06-30T15:25:42.678Z</ns1:MessageTs> // <ns1:ETIN>12345</ns1:ETIN> // <ns1:SessionKeyCd>Y</ns1:SessionKeyCd> // <ns1:TestCd>P</ns1:TestCd> // <ns1:AppSysID>65432190</ns1:AppSysID> // <ns1:WSDLVersionNum>10.3</ns1:WSDLVersionNum> // <ns1:ClientSoftwareTxt>SOATest</ns1:ClientSoftwareTxt> // </ns1:MeFHeader> // </SOAP-ENV:Header> // <SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1871558655"> // <LoginRequest xmlns="http://www.irs.gov/a2a/mef/MeFMSIServices.xsd"/> // </SOAP-ENV:Body> // </SOAP-ENV:Envelope> // You can use the online XML code generation tool at http://tools.chilkat.io/xmlCreate.cshtml // to generate the following XML creation source code: // Create the XML to be signed... // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Xml') $xmlToSign = new COM("Chilkat.Xml"); $xmlToSign->Tag = 'SOAP-ENV:Envelope'; $xmlToSign->AddAttribute('xmlns:SOAP-ENV','http://schemas.xmlsoap.org/soap/envelope/'); $xmlToSign->AddAttribute('xmlns:xsd','http://www.w3.org/2001/XMLSchema'); $xmlToSign->AddAttribute('xmlns:xsi','http://www.w3.org/2001/XMLSchema-instance'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Header|wsse:Security',1,'xmlns:wsse','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',1,'xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',1,'EncodingType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',1,'ValueType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',1,'wsu:Id','CertId-1673181727'); $xmlToSign->UpdateChildContent('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',$sbCert64->getAsString()); $xmlToSign->UpdateAttrAt('SOAP-ENV:Header|ns1:MeFHeader',1,'xmlns:ns1','http://www.irs.gov/a2a/mef/MeFHeader.xsd'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Header|ns1:MeFHeader',1,'xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Header|ns1:MeFHeader',1,'wsu:Id','id-1214941501'); $xmlToSign->UpdateChildContent('SOAP-ENV:Header|ns1:MeFHeader|ns1:MessageID','12345202018200000234'); $xmlToSign->UpdateChildContent('SOAP-ENV:Header|ns1:MeFHeader|ns1:Action','Login'); $xmlToSign->UpdateChildContent('SOAP-ENV:Header|ns1:MeFHeader|ns1:MessageTs','2020-06-30T15:25:42.678Z'); $xmlToSign->UpdateChildContentInt('SOAP-ENV:Header|ns1:MeFHeader|ns1:ETIN',12345); $xmlToSign->UpdateChildContent('SOAP-ENV:Header|ns1:MeFHeader|ns1:SessionKeyCd','Y'); $xmlToSign->UpdateChildContent('SOAP-ENV:Header|ns1:MeFHeader|ns1:TestCd','P'); $xmlToSign->UpdateChildContentInt('SOAP-ENV:Header|ns1:MeFHeader|ns1:AppSysID',65432190); $xmlToSign->UpdateChildContent('SOAP-ENV:Header|ns1:MeFHeader|ns1:WSDLVersionNum','10.3'); $xmlToSign->UpdateChildContent('SOAP-ENV:Header|ns1:MeFHeader|ns1:ClientSoftwareTxt','SOATest'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Body',1,'xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Body',1,'wsu:Id','id-1871558655'); $xmlToSign->UpdateAttrAt('SOAP-ENV:Body|LoginRequest',1,'xmlns','http://www.irs.gov/a2a/mef/MeFMSIServices.xsd'); // ------------------------------------------------------------------------------------------- // Setup the XML DSig generator object to create the desired signature. // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.XmlDSigGen') $gen = new COM("Chilkat.XmlDSigGen"); $gen->SigLocation = 'SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security'; $gen->SigLocationMod = 0; $gen->SigNamespacePrefix = 'ds'; $gen->SigNamespaceUri = 'http://www.w3.org/2000/09/xmldsig#'; $gen->SignedInfoCanonAlg = 'EXCL_C14N'; $gen->SignedInfoDigestMethod = 'sha256'; // Set the KeyInfoId before adding references.. $gen->KeyInfoId = 'KeyId-256137097'; // -------- Reference 1 -------- $gen->AddSameDocRef('id-1214941501','sha256','EXCL_C14N','',''); // -------- Reference 2 -------- $gen->AddSameDocRef('id-1871558655','sha256','EXCL_C14N','',''); // Provide a certificate + private key. (PFX password is test123) // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Cert') $cert = new COM("Chilkat.Cert"); $success = $cert->LoadPfxFile('qa_data/pfx/cert_test123.pfx','test123'); if ($success != 1) { print $cert->LastErrorText . "\n"; exit; } $gen->SetX509Cert($cert,1); $gen->KeyInfoType = 'Custom'; // Create the custom KeyInfo XML.. // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Xml') $xmlCustomKeyInfo = new COM("Chilkat.Xml"); $xmlCustomKeyInfo->Tag = 'wsse:SecurityTokenReference'; $xmlCustomKeyInfo->AddAttribute('xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'); $xmlCustomKeyInfo->AddAttribute('wsu:Id','STRId-1862925355'); $xmlCustomKeyInfo->UpdateAttrAt('wsse:Reference',1,'URI','#CertId-1673181727'); $xmlCustomKeyInfo->UpdateAttrAt('wsse:Reference',1,'ValueType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'); $xmlCustomKeyInfo->EmitXmlDecl = 0; $gen->CustomKeyInfoXml = $xmlCustomKeyInfo->getXml(); // ------------------------------------------------------------------------------------------- // Load XML to be signed... // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder') $sbXml = new COM("Chilkat.StringBuilder"); $xmlToSign->GetXmlSb($sbXml); // Update BinarySecurityToken_Base64Binary_Content with the actual X509 of the signing cert. $nReplaced = $sbXml->Replace('BinarySecurityToken_Base64Binary_Content',$cert->getEncoded()); $gen->Behaviors = 'IndentedSignature'; // Sign the XML... $success = $gen->CreateXmlDSigSb($sbXml); if ($success != 1) { print $gen->LastErrorText . "\n"; exit; } // ----------------------------------------------- // Save the signed XML to a file. $success = $sbXml->WriteFile('c:/temp/qa_output/signedXml.xml','utf-8',0); print $sbXml->getAsString() . "\n"; ?> |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.