(PHP Extension) Hungary NAV Invoicing Signature Calculation

Demonstrates the requestSignature calculation for the Hungarian NAV Online Invoicing System REST API v2.0.

Note: This example requires Chilkat v9.5.0.83 or greater.

For more information, see https://onlineszamla.nav.gov.hu/api/files/container/download/Online%20Szamla_Interfesz%20specifik%C3%A1ci%C3%B3_EN_v2.0.pdf

Chilkat PHP Downloads PHP Extension for Windows, Linux, MacOS, Alpine Linux, Solaris

<?php

// The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number.
// For example, if using Chilkat v9.5.0.48, then include as shown here:
include("chilkat_9_5_0.php");

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// This example performs the following calculation:

// 1.5.1 Calculations for manageInvoice and manageAnnulment operations
// 
// For the manageInvoice and manageAnnulment operations comprising the core of requestSignature, 
// requestSignature is calculated using partial authentication, concatenating the hash values for 
// indices 1-100 as well as additional SHA3-512 hash operations. The partial authentication can be 
// derived by concatenating the following values:
// 
//   - requestId value
//   - UTC timestamp tag value using a YYYYMMDDhhmmss mask
//   - string literal of the technical users signature key
// 
// When concatenating, the date and time separators as well as the time zone must be removed for timestamp masking.
// 
// The index hash value can be derived from the uppercase SHA3-512 hash values following the concatenation of the 
// operation and base64 content for the individual indices:
// 
//   - literal value of invoiceOperation or annulmentOperation
//   - base64 content in the invoiceData or invoiceAnnulment tag
// 
// The calculated hash values should be appended after the partial hash, in the order corresponding to the indices. 
// The SHA3-512 hash result (capitals) of the string thus concatenated yields the requestSignature value.
// 
// A fictitious example for request data:
// 
// 	- requestId = TSTKFT1222564
// 	- timestamp = 2017-12-30T18:25:45.000Z
// 	- technical users signature key = ce-8f5e-215119fa7dd621DLMRHRLH2S
// 	- the index#1 invoice data items
// 	- invoiceOperation = CREATE
// 	- invoiceData = QWJjZDEyMzQ=
// 	- the index#2 invoice data items
// 	- invoiceOperation = MODIFY
// 	- invoiceData = RGNiYTQzMjE=
// 	- partial authentication value = TSTKFT122256420171230182545ce-8f5e-215119fa7dd621DLMRHRLH2S
// 	- the first index hash =
// 		- hash base = CREATEQWJjZDEyMzQ=
// 		- lowercase hash = 4317798460962869bc67f07c48ea7e4a3afa301513ceb87b8eb94ecf92bc220a89c480f87f0860e85e29a3b6c0463d4f29712c5ad48104a6486ce839dc2f24cb
// 		- uppercase hash = 4317798460962869BC67F07C48EA7E4A3AFA301513CEB87B8EB94ECF92BC220A89C480F87F0860E85E29A3B6C0463D4F29712C5AD48104A6486CE839DC2F24CB
// 	- the second index hash =
// 		- hash base = MODIFYRGNiYTQzMjE=
// 		- lowercase hash = a881218238933f6ffb9e167445cb4daa9749bcf484fde48ab7649fd25e8b634a4736a65a7c4a8e2831119f739837e006566f97370415aad55e268605206f2a6c
// 		- uppercase hash = A881218238933F6FFB9E167445CB4DAA9749BCF484FDE48AB7649FD25E8B634A4736A65A7C4A8E2831119F739837E006566F97370415AAD55E268605206F2A6C
// 
// Thus, the base for the entire requestSignature is:
// 	TSTKFT122256420171230182545ce-8f5e-215119fa7dd621DLMRHRLH2S4317798460962869BC67F07C48EA7E4A3AFA301513CEB87B8EB94ECF92BC220A89C480F87F0860E85E29A3B6C0463D4F29712C5AD48104A6486CE839DC2F24CBA881218238933F6FFB9E167445CB4DAA9749BCF484FDE48AB7649FD25E8B634A4736A65A7C4A8E2831119F739837E006566F97370415AAD55E268605206F2A6C
// 
// Value of requestSignature after SHA3-512 hashing and converting to uppercase:
// 	60BC80609EE3B8F42FE904200A49A1921A1DADA08D55319ACD40C59F626514B74EEA49011D372600A10DBCF8199D590DA9C2841D987308F2D83DAE17C2470C42
// 
// -------------------

$crypt = new CkCrypt2();

// IMPORTANT: This example requires Chilkat v9.5.0.83 or greater.  The SHA3 hash algorithm is implemented in Chilkat v9.5.0.83, but not in earlier versions.
// IMPORTANT: This example requires Chilkat v9.5.0.83 or greater.  The SHA3 hash algorithm is implemented in Chilkat v9.5.0.83, but not in earlier versions.
// IMPORTANT: This example requires Chilkat v9.5.0.83 or greater.  The SHA3 hash algorithm is implemented in Chilkat v9.5.0.83, but not in earlier versions.
// IMPORTANT: This example requires Chilkat v9.5.0.83 or greater.  The SHA3 hash algorithm is implemented in Chilkat v9.5.0.83, but not in earlier versions.
// IMPORTANT: This example requires Chilkat v9.5.0.83 or greater.  The SHA3 hash algorithm is implemented in Chilkat v9.5.0.83, but not in earlier versions.
$crypt->put_HashAlgorithm('sha3-512');
$crypt->put_EncodingMode('hex');

$requestId = 'TSTKFT1222564';
$timestamp = '2017-12-30T18:25:45.000Z';
$signatureKey = 'ce-8f5e-215119fa7dd621DLMRHRLH2S';

// Step 1: Concatenate requestId, UTC timestamp, and user's signature key.
$sbFinalHashBase = new CkStringBuilder();

// First append the timestamp because we are going to remove certain chars/parts.
$sbFinalHashBase->Append($timestamp);
$numReplaced = $sbFinalHashBase->Replace('.000Z','');
$numReplaced = $sbFinalHashBase->Replace('-','');
$numReplaced = $sbFinalHashBase->Replace(':','');
$numReplaced = $sbFinalHashBase->Replace('T','');

// Prepend the requestId and append the signatureKey
$sbFinalHashBase->Prepend($requestId);
$sbFinalHashBase->Append($signatureKey);

// Step 2: Calculate first index hash.
$invoiceOperation = 'CREATE';
$invoiceData = 'QWJjZDEyMzQ=';

$sbHashBase = new CkStringBuilder();
$sbHashBase->Append($invoiceOperation);
$sbHashBase->Append($invoiceData);
print 'first hash base = ' . $sbHashBase->getAsString() . "\n";

$firstHash = $crypt->hashStringENC($sbHashBase->getAsString());
print 'first hash = ' . $firstHash . "\n";

// Output should be:
// first hash base = CREATEQWJjZDEyMzQ=
// first hash = 4317798460962869BC67F07C48EA7E4A3AFA301513CEB87B8EB94ECF92BC220A89C480F87F0860E85E29A3B6C0463D4F29712C5AD48104A6486CE839DC2F24CB

// Step 3: Calculate second index hash.
$invoiceOperation = 'MODIFY';
$invoiceData = 'RGNiYTQzMjE=';

$sbHashBase->Clear();
$sbHashBase->Append($invoiceOperation);
$sbHashBase->Append($invoiceData);
print 'second hash base = ' . $sbHashBase->getAsString() . "\n";

$secondHash = $crypt->hashStringENC($sbHashBase->getAsString());
print 'second hash = ' . $secondHash . "\n";

// Output should be:
// second hash base = MODIFYRGNiYTQzMjE=
// second hash = A881218238933F6FFB9E167445CB4DAA9749BCF484FDE48AB7649FD25E8B634A4736A65A7C4A8E2831119F739837E006566F97370415AAD55E268605206F2A6C

// Step 4: Append the uppercase hex hashes to the sbFinalHashBase
$sbFinalHashBase->Append($firstHash);
$sbFinalHashBase->Append($secondHash);
print 'sbFinalHashBase = ' . $sbFinalHashBase->getAsString() . "\n";

// Step 5: SHA3-512 hash to get the requestSignature
$requestSignature = $crypt->hashStringENC($sbFinalHashBase->getAsString());
print 'requestSignature = ' . $requestSignature . "\n";

// Output should be:
// requestSignature = 60BC80609EE3B8F42FE904200A49A1921A1DADA08D55319ACD40C59F626514B74EEA49011D372600A10DBCF8199D590DA9C2841D987308F2D83DAE17C2470C42

?>