johnhenryspike/kalkancrypt

KalkanCrypt 包装器

维护者

详细信息

github.com/JohnHenrySpike/kalkan-crypt

源代码

问题

安装: 96

依赖关系: 0

建议者: 0

安全: 0

星标: 2

关注者: 2

分支: 2

开放问题: 0

0.3.0 2023-10-27 11:33 UTC

Requires

Requires (Dev)

MIT 8d461772657f87baf74dfa863304ecb9a077b3bb

  • JohnHenrySpike <JohnHenrySpike.woop@gmail.com>

This package is auto-updated.

Last update: 2024-09-18 05:52:12 UTC

README

PhpUnit Packagist Version Packagist Downloads Packagist Stars

加密库 KalkanCrypt (PHP) 的包装器

要求

  • PHP >= 8.2
  • Composer
  • 库 (libltdl-dev, libpcsclite-dev, libxml2-dev)
  • KalkanCrypt 扩展 (kalkancrypt.so)

安装

使用 Composer 安装包

composer require johnhenryspike/kalkancrypt

示例

1. 基本用法

  • 使用系统注册的中间证书和 CA 证书加载链
// init KeyStore (default storage type PKCS12)
$keyStore = KeyStore::load('/path/to/keyStore.p12', 'password');
//init Chain 
$chain = Chain::init($this->keyStore)->fromSystem();
//init Provider with chain, sign data and return signed string
return Provider::init($chain)->signData("Hello world", SignFlag::SIGN_CMS | SignFlag::OUT_PEM);
  • 从中间和 CA 证书集合加载链
$keyStore = KeyStore::load('/path/to/keyStore.p12', 'password');
$collection = new CertCollection();
$collection->addItem(Certificate::loadFromPath('/path/to/nca.cer'));
$collection->addItem(Certificate::loadFromPath('/path/to/root.cer'));
$chain = Chain::init($this->keyStore)->fromCollection($collection);
return Provider::init($chain)->signData("Hello world", SignFlag::SIGN_CMS | SignFlag::OUT_PEM);
  • 从认证信息自动加载链
$keyStore = KeyStore::load('/path/to/keyStore.p12', 'password');
$chain  = Chain::init($keyStore)->fromAuthInfo();
return Provider::init($chain)->signData("Hello world", SignFlag::SIGN_CMS | SignFlag::OUT_PEM);

2. 仅使用 Adapter::class

$adapter = Adapter::getInstance();

$adapter -> loadKeyStore( Adapter::KCST_PKCS12, '/path/to/keyStore.p12', 'password');

// use if CA certs not registered in system
// $adapter->loadCertFromFile(Adapter::KC_CERT_INTERMEDIATE, '/path/to/nca_gost.pem');
// $adapter->loadCertFromFile(Adapter::KC_CERT_CA, '/path/to/root_gost.pem');

return $a->signData( "Hello World", 
    Adapter::KC_SIGN_CMS | 
    Adapter::KC_IN_PEM   | 
    Adapter::KC_OUT_PEM 
);

3. 使用 Wsse 客户端

$provider = Provider::init(
    Chain::init(
        KeyStore::load('/path/to/keyStore.p12', 'password')
    )->fromAuthInfo()
);

$client = new WsseClient($provider, [
    "location" => "http://192.168.1.1/bip-sync-wss-gost/",
    "uri" => "http://bip.bee.kz/SyncChannel/v10/Types",
    'proxy_host' => '127.0.0.1',
    'proxy_port' => 80
]);
return $client->SendMessage(new \SoapVar('<mydata>Hello World</mydata>', XSD_ANYXML));