1. Go to this page and download the library: Download webcoder31/ezxmldsig library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
webcoder31 / ezxmldsig example snippets
// Load ire(dirname(__DIR__) . '/vendor/robrichards/xmlseclibs/xmlseclibs.php');
// // Use statements.
use webcoder31\ezxmldsig\XMLDSigToken;
// Asymmetric cryptographic key pair for signing (in PEM format).
$signKey = 'path/to/signing/private/key';
$signCert = 'path/to/signing/public/certificate';
$signKeyPassword = 'signing-key-password'; // Use null if it is not needed.
// User data.
$data = [
'name' => 'Ragnar Lothbrock',
'role' => 'Jarl',
'location' => 'Kattegat'
];
// Create token for user data.
$token = XMLDSigToken::createXMLToken($data, $signKey, $signCert, $signKeyPassword);
// Get the XML Digital Signature.
$sig = $token->getXML();
// Display the XML Digital Signature.
echo htmlentities($sig);
// Load ire(dirname(__DIR__) . '/vendor/robrichards/xmlseclibs/xmlseclibs.php');
// // Use statements.
use webcoder31\ezxmldsig\XMLDSigToken;
// Asymmetric cryptographic key pair for signing (in PEM format).
$signKey = 'path/to/signing/private/key';
$signCert = 'path/to/signing/public/certificate';
$signKeyPassword = 'signing-key-password'; // Use null if it is not needed.
// Asymmetric cryptographic key pair for crypting (in PEM format).
$cryptKey = 'path/to/crypting/private/key';
$cryptCert = 'path/to/crypting/public/certificate';
$cryptKeyPassword = 'crypting-key-password'; // Use null if it is not needed.
// User data.
$data = [
'name' => 'Ragnar Lothbrock',
'role' => 'Jarl',
'location' => 'Kattegat'
];
// Create token for user data.
$token = XMLDSigToken::createSecureXMLToken($data, $signKey, $signCert, $cryptKey, $cryptCert, $signKeyPassword, $cryptKeyPassword);
// Get the XML Digital Signature.
$sig = $token->getXML();
// Display the XML Digital Signature.
echo htmlentities($sig);
// Load ire(dirname(__DIR__) . '/vendor/robrichards/xmlseclibs/xmlseclibs.php');
// // Use statements.
use webcoder31\ezxmldsig\XMLDSigToken;
// Get the Base64 encoded XML Digital Signature and decode it.
if (!isset($_POST['xmltoken']))
{
echo "Can't find XML token in HTTP POST request!";
exit();
}
$sig = base64_decode($_POST['xmltoken']);
// Private key (and eventualy its passphrase) to be used
// to decrypt token (mailAddress' => '[email protected]'
];
// CA intermediate certificate against which to verify origin of
// the signing certificate transmitted in the XML Digital Signature.
$caCertPath = 'path/to/ca/intermediate/certificate';
// Create token object from the XML Digital Signature
$token = XMLDSigToken::analyzeSecureXMLToken($sig, $cryptKey, $cryptKeyPassword);
// NOTE: The above instruction works even if user data is not encrypted.
// However, if user data is not encrypted and you don't own a private key
// then use the following method:
// $token = XMLDSigToken::analyzeXMLToken($sig);
// Verify that:
// - the XML digital signature meets the XMLDSIG specifications.
// - the algorithms used to construct the XML digital signature are those
// expected (here, the default ones).
// - the token contained in the XML digital signature has not been altered.
// - the token contained in the XML digital signature is correctly timestamped
// and contains user data.
if (!$token->isValid())
{
echo "ERROR: Invalid XML Digital Signature!";
exit();
}
// Verify that the X.509 certificate
sh
php composer.phar
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.