metalback/xmldsig

Selective\XmlDSig的分支,用于对XML文档进行数字签名

维护者

详细信息

github.com/metalback/xmldsig

主页

源代码

安装: 18

依赖项: 0

建议者: 0

安全: 0

星标: 0

关注者: 1

分支: 32

2.2.1.1 2021-11-16 15:57 UTC

Requires

Requires (Dev)

MIT 9bf7162f5601780986d44a912e3054c5c78b9860

xmlxmldsigverifysignatures

This package is auto-updated.

Last update: 2024-09-16 22:45:53 UTC

README

Latest Version on Packagist Software License Build Status Coverage Status Quality Score Total Downloads

功能

  • 使用数字签名对XML文档进行签名 (XMLDSIG)
  • 验证XML文档的数字签名

需求

  • PHP 7.2+ 或 8.0+
  • openssl扩展
  • 一个X.509数字证书

安装

composer require selective/xmldsig

使用

使用数字签名对XML文档进行签名

输入文件:example.xml

<?xml version="1.0"?>
<root>
    <creditcard>
        <number>19834209</number>
        <expiry>02/02/2025</expiry>
    </creditcard>
</root>
use Selective\XmlDSig\DigestAlgorithmType;
use Selective\XmlDSig\XmlSigner;

$xmlSigner = new XmlSigner();

$xmlSigner->loadPfxFile('filename.pfx', 'password');

// or load pfx from a string
//$xmlSigner->loadPfx('pfx content', 'password');

// or load a PEM file
//$xmlSigner->loadPrivateKeyFile('filename.pem', 'password');

// or load a PEM private key from a string
//$xmlSigner->loadPrivateKey('private key content', 'password');

// Optional: Set reference URI
$xmlSigner->setReferenceUri('');

$xmlSigner->signXmlFile('example.xml', 'signed-example.xml', DigestAlgorithmType::SHA512);

输出文件:signed-example.xml

<?xml version="1.0"?>
<root>
    <creditcard>
        <number>19834209</number>
        <expiry>02/02/2025</expiry>
    </creditcard>
    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
        <SignedInfo>
            <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
            <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
            <Reference URI="">
                <Transforms>
                    <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                </Transforms>
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
                <DigestValue>Base64EncodedValue==</DigestValue>
            </Reference>
        </SignedInfo>
        <SignatureValue>AnotherBase64EncodedValue===</SignatureValue>
    </Signature>
</root>

验证XML文档的数字签名

use Selective\XmlDSig\XmlSignatureValidator;

// Create a validator instance
$signatureValidator = new XmlSignatureValidator();
// Load a PFX file
$signatureValidator->loadPfxFile('filename.pfx', 'password');

// or load just a public key file from a string
$signatureValidator->loadPfx('public key content', 'password');

// or load a public key file (without password)
$signatureValidator->loadPublicKeyFile('cacert.pem');

// or load the public key from a string (without password)
$signatureValidator->loadPublicKey('public key content');
// Verify a XML file
$isValid = $signatureValidator->verifyXmlFile('signed-example.xml');

// or verify XML from a string
$isValid = $signatureValidator->verifyXml('xml content');

if ($isValid === true) {
    echo 'The XML signature is valid.';
} else {
    echo 'The XML signature is not valid.';
}

在线XML数字签名验证器

尝试这些优秀的在线工具来验证XML签名

类似库

许可

MIT许可(MIT)。请参阅许可文件获取更多信息。