Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(PHP Extension) Signing HTTP MessagesDemonstrates how to sign HTTP messages per draft-cavage-http-signatures-10 For more information, see https://tools.ietf.org/html/draft-cavage-http-signatures-10
<?php // The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number. // For example, if using Chilkat v9.5.0.48, then include as shown here: include("chilkat_9_5_0.php"); // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. $bCrlf = true; $sbPublicKeyPem = new CkStringBuilder(); $sbPublicKeyPem->AppendLine('-----BEGIN PUBLIC KEY-----',$bCrlf); $sbPublicKeyPem->AppendLine('MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3',$bCrlf); $sbPublicKeyPem->AppendLine('6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6',$bCrlf); $sbPublicKeyPem->AppendLine('Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw',$bCrlf); $sbPublicKeyPem->AppendLine('oYi+1hqp1fIekaxsyQIDAQAB',$bCrlf); $sbPublicKeyPem->AppendLine('-----END PUBLIC KEY-----',$bCrlf); $pubKey = new CkPublicKey(); $pubKey->LoadFromString($sbPublicKeyPem->getAsString()); $sbPrivateKeyPem = new CkStringBuilder(); $sbPrivateKeyPem->AppendLine('-----BEGIN RSA PRIVATE KEY-----',$bCrlf); $sbPrivateKeyPem->AppendLine('MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF',$bCrlf); $sbPrivateKeyPem->AppendLine('NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F',$bCrlf); $sbPrivateKeyPem->AppendLine('UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB',$bCrlf); $sbPrivateKeyPem->AppendLine('AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA',$bCrlf); $sbPrivateKeyPem->AppendLine('QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK',$bCrlf); $sbPrivateKeyPem->AppendLine('kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg',$bCrlf); $sbPrivateKeyPem->AppendLine('f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u',$bCrlf); $sbPrivateKeyPem->AppendLine('412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc',$bCrlf); $sbPrivateKeyPem->AppendLine('mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7',$bCrlf); $sbPrivateKeyPem->AppendLine('kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA',$bCrlf); $sbPrivateKeyPem->AppendLine('gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW',$bCrlf); $sbPrivateKeyPem->AppendLine('G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI',$bCrlf); $sbPrivateKeyPem->AppendLine('7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==',$bCrlf); $sbPrivateKeyPem->AppendLine('-----END RSA PRIVATE KEY-----',$bCrlf); $privKey = new CkPrivateKey(); $privKey->LoadPem($sbPrivateKeyPem->getAsString()); // All examples use this request: // // POST /foo?param=value&pet=dog HTTP/1.1 // Host: example.com // Date: Sun, 05 Jan 2014 21:31:40 GMT // Content-Type: application/json // Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= // Content-Length: 18 // // {"hello": "world"} // C.1. Default Test // // If a list of headers is not included, the date is the only header // that is signed by default. The string to sign would be: // // date: Sun, 05 Jan 2014 21:31:40 GMT // // The Authorization header would be: // // Authorization: Signature keyId="Test",algorithm="rsa-sha256", // signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz // 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB // 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM=" // // The Signature header would be: // // Signature: keyId="Test",algorithm="rsa-sha256", // signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz // 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB // 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM=" // $dtNow = new CkDateTime(); $success = $dtNow->SetFromCurrentSystemTime(); $dateStr = $dtNow->getAsRfc822(false); // To duplicate the above result, we'll hard-code the date string. $dateStr = 'Sun, 05 Jan 2014 21:31:40 GMT'; $rsa = new CkRsa(); $success = $rsa->ImportPrivateKeyObj($privKey); if ($success == false) { print $rsa->lastErrorText() . "\n"; exit; } $sbStringToSign = new CkStringBuilder(); $sbStringToSign->Append('date: '); $sbStringToSign->Append($dateStr); $rsa->put_EncodingMode('base64'); $b64Signature = $rsa->signStringENC($sbStringToSign->getAsString(),'SHA256'); print $b64Signature . "\n"; print '---------------------------' . "\n"; // The result should be: // SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM= // ---------------------------------------------------------------------------------------------------- // C.2. Basic Test // // The minimum recommended data to sign is the (request-target), host, // and date. In this case, the string to sign would be: // // (request-target): post /foo?param=value&pet=dog // host: example.com // date: Sun, 05 Jan 2014 21:31:40 GMT // // The Authorization header would be: // // Authorization: Signature keyId="Test",algorithm="rsa-sha256", // headers="(request-target) host date", signature="qdx+H7PHHDZgy4 // y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn // 7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs // kLu6kd9Fswtemr3lgdDEmn04swr2Os0=" $sbStringToSign->Clear(); $sbStringToSign->Append('(request-target): '); $sbStringToSign->AppendLine('post /foo?param=value&pet=dog',false); $sbStringToSign->Append('host: '); $sbStringToSign->AppendLine('example.com',false); $sbStringToSign->Append('date: '); $sbStringToSign->Append($dateStr); print 'StringToSign:' . "\n"; print $sbStringToSign->getAsString() . "\n"; $b64Signature = $rsa->signStringENC($sbStringToSign->getAsString(),'SHA256'); print $b64Signature . "\n"; print '---------------------------' . "\n"; // The result should be: // qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0= ?> |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.