|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PHP Extension) Sign SOAP XML for New Zealand Customs ServiceSee more XAdES ExamplesDemonstrates how to create an XAdES signed SOAP XML pertaining to the New Zealand Customs Service.Note: This example requires Chilkat v9.5.0.96 or later.
<?php include("chilkat.php"); // Use "chilkat_9_5_0.php" for versions of Chilkat < 10.0.0 // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. $success = true; // Create the following XML to be signed: // <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" // xmlns:v1="http://customs.govt.nz/jbms/msggate/reqresp/v1"> // <soapenv:Header> // <wsse:Security soapenv:mustUnderstand="1" // xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" // xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> // <wsu:Timestamp wsu:Id="TS-037E78514E9B9132CB16817563559151"> // <wsu:Created>2023-04-17T18:32:35.913Z</wsu:Created> // <wsu:Expires>2023-04-17T19:32:35.913Z</wsu:Expires> // </wsu:Timestamp> // </wsse:Security> // </soapenv:Header> // <soapenv:Body wsu:Id="id-8" // xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> // <v1:RequestResponse> // <v1:Submitter>TEST1234</v1:Submitter> // <v1:MailboxMsgId>999999</v1:MailboxMsgId> // </v1:RequestResponse> // </soapenv:Body> // </soapenv:Envelope> // Create a random ID like this: TS-037E78514E9B9132CB16817563559151 $tsId = new CkStringBuilder(); $tsId->Append('TS-'); $tsId->AppendRandom(16,'hex'); // STR-037E78514E9B9132CB16817563559614 $strId = new CkStringBuilder(); $strId->Append('STR-'); $strId->AppendRandom(16,'hex'); // KI-037E78514E9B9132CB16817563559583 $keyInfoId = new CkStringBuilder(); $keyInfoId->Append('KI-'); $keyInfoId->AppendRandom(16,'hex'); // Create a date/time for the current time with this format: 2023-04-17T18:32:35.913Z $dt = new CkDateTime(); $dt->SetFromCurrentSystemTime(); $sbNow = new CkStringBuilder(); $sbNow->Append($dt->getAsTimestamp(false)); // If we really need the milliseconds, we can replace the "Z" with ".000Z" // The server will also likely accept a timestamp without milliseconds, such as 2023-04-17T18:32:35Z $n = $sbNow->Replace('Z','.000Z'); $sbNowPlusOneHour = new CkStringBuilder(); $dt->AddSeconds(3600); $sbNowPlusOneHour->Append($dt->getAsTimestamp(false)); $n = $sbNowPlusOneHour->Replace('Z','.000Z'); $xmlToSign = new CkXml(); $xmlToSign->put_Tag('soapenv:Envelope'); $xmlToSign->AddAttribute('xmlns:soapenv','http://schemas.xmlsoap.org/soap/envelope/'); $xmlToSign->AddAttribute('xmlns:v1','http://customs.govt.nz/jbms/msggate/reqresp/v1'); $xmlToSign->UpdateAttrAt('soapenv:Header|wsse:Security',true,'soapenv:mustUnderstand','1'); $xmlToSign->UpdateAttrAt('soapenv:Header|wsse:Security',true,'xmlns:wsse','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'); $xmlToSign->UpdateAttrAt('soapenv:Header|wsse:Security',true,'xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'); $xmlToSign->UpdateAttrAt('soapenv:Header|wsse:Security|wsu:Timestamp',true,'wsu:Id',$tsId->getAsString()); $xmlToSign->UpdateChildContent('soapenv:Header|wsse:Security|wsu:Timestamp|wsu:Created',$sbNow->getAsString()); $xmlToSign->UpdateChildContent('soapenv:Header|wsse:Security|wsu:Timestamp|wsu:Expires',$sbNowPlusOneHour->getAsString()); $xmlToSign->UpdateAttrAt('soapenv:Body',true,'wsu:Id','id-8'); $xmlToSign->UpdateAttrAt('soapenv:Body',true,'xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'); $xmlToSign->UpdateChildContent('soapenv:Body|v1:RequestResponse|v1:Submitter','TEST1234'); $xmlToSign->UpdateChildContent('soapenv:Body|v1:RequestResponse|v1:MailboxMsgId','999999'); $gen = new CkXmlDSigGen(); $gen->put_SigLocation('soapenv:Envelope|soapenv:Header|wsse:Security'); $gen->put_SigLocationMod(0); $gen->put_SigId('SIG-037E78514E9B9132CB16817563559695'); $gen->put_SigNamespacePrefix('ds'); $gen->put_SigNamespaceUri('http://www.w3.org/2000/09/xmldsig#'); $gen->put_SignedInfoPrefixList('soapenv v1'); $gen->put_IncNamespacePrefix('ec'); $gen->put_IncNamespaceUri('http://www.w3.org/2001/10/xml-exc-c14n#'); $gen->put_SignedInfoCanonAlg('EXCL_C14N'); $gen->put_SignedInfoDigestMethod('sha256'); // Set the KeyInfoId before adding references.. $gen->put_KeyInfoId($keyInfoId->getAsString()); // -------- Reference 1 -------- $xml1 = new CkXml(); $xml1->put_Tag('ds:Transforms'); $xml1->UpdateAttrAt('ds:Transform',true,'Algorithm','http://www.w3.org/2001/10/xml-exc-c14n#'); $xml1->UpdateAttrAt('ds:Transform|ec:InclusiveNamespaces',true,'PrefixList','wsse soapenv v1'); $xml1->UpdateAttrAt('ds:Transform|ec:InclusiveNamespaces',true,'xmlns:ec','http://www.w3.org/2001/10/xml-exc-c14n#'); $gen->AddSameDocRef2($tsId->getAsString(),'sha256',$xml1,''); // -------- Reference 2 -------- $xml2 = new CkXml(); $xml2->put_Tag('ds:Transforms'); $xml2->UpdateAttrAt('ds:Transform',true,'Algorithm','http://www.w3.org/2001/10/xml-exc-c14n#'); $xml2->UpdateAttrAt('ds:Transform|ec:InclusiveNamespaces',true,'PrefixList','v1'); $xml2->UpdateAttrAt('ds:Transform|ec:InclusiveNamespaces',true,'xmlns:ec','http://www.w3.org/2001/10/xml-exc-c14n#'); $gen->AddSameDocRef2('id-8','sha256',$xml2,''); // Provide a certificate + private key. (PFX password is test123) $cert = new CkCert(); $success = $cert->LoadPfxFile('qa_data/pfx/cert_test123.pfx','test123'); if ($success != true) { print $cert->lastErrorText() . "\n"; exit; } $gen->SetX509Cert($cert,true); $gen->put_KeyInfoType('Custom'); // Create the custom KeyInfo XML.. $xmlCustomKeyInfo = new CkXml(); $xmlCustomKeyInfo->put_Tag('wsse:SecurityTokenReference'); $xmlCustomKeyInfo->AddAttribute('wsu:Id',$strId->getAsString()); $xmlCustomKeyInfo->UpdateAttrAt('wsse:KeyIdentifier',true,'EncodingType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'); $xmlCustomKeyInfo->UpdateAttrAt('wsse:KeyIdentifier',true,'ValueType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'); // Insert the single-line base64 of the signing certificate's DER $cert->put_UncommonOptions('Base64CertNoCRLF'); $xmlCustomKeyInfo->UpdateChildContent('wsse:KeyIdentifier',$cert->getEncoded()); $xmlCustomKeyInfo->put_EmitXmlDecl(false); $gen->put_CustomKeyInfoXml($xmlCustomKeyInfo->getXml()); // Load XML to be signed... $sbXml = new CkStringBuilder(); $xmlToSign->GetXmlSb($sbXml); $gen->put_Behaviors('IndentedSignature'); // Sign the XML... $gen->put_VerboseLogging(true); $success = $gen->CreateXmlDSigSb($sbXml); if ($success != true) { print $gen->lastErrorText() . "\n"; exit; } // Save the signed XML to a file. $success = $sbXml->WriteFile('c:/temp/qa_output/signedXml.xml','utf-8',false); print $sbXml->getAsString() . "\n"; ?> |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.