PHP Classes
elePHPant
Icontem

PHP XML Signature: Parse and create XML documents signed digitally

Recommend this page to a friend!
     
  Info   View files Documentation   View files View files (159)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2019-11-06 (2 months ago) RSS 2.0 feedNot yet rated by the usersTotal: 81 This week: 5All time: 9,441 This week: 59Up
Version License PHP version Categories
dsigsdk 1.0.0GNU Lesser Genera...5XML, PHP 5, Cryptography
Description Author

This package can be used to parse and create XML documents signed digitally.

It can take as parameters a string of a given XML document and parse it.

The package can also use cryptographic keys to sign parts of the XML by adding elements that allow that the document to be verified later to check if it was signed by the owner of the keys.

The resulting signed document can be saved back to a XML string or a DOM node for further processing of the XML document structure.

Innovation Award
PHP Programming Innovation award nominee
November 2019
Number 6		 XML is a format that sometimes is used to create documents that need to be digitally signed to be used in situations that require that a person or a company is identified as author of the document information.

This package provides a solution that can parse existing XML documents and sign the relevant parts of the documents with a cryptographic key that belongs to the person or company, thus establishing the authorship of the document in a way that it can be verified with legal validity.

Manuel Lemos
  Performance   Level  

Level 1 Star

 Innovation award
Innovation award
Nominee: 2x

 

Details

DsigSdk

  • PHP SDK of XML Digital Signature recomendation
  • based on the [XSD] schema

and provide

For help finding a good PHP cryptography library, please review * Choosing the Right Cryptography Library for your PHP Project: A Guide

Usage, parse XML

To parse an Dsig (Signature root) XML file (using XMLReader) :

<?php
namespace Kigkonsult\DsigSdk;
use Kigkonsult\DsigSdk\XMLParse\DsigParser;

$dsig = DsigParser::factory()->parse( 
    file_get_contents( 'DsigFile.xml' )
);

$signedInfo = $dsig->getsignedInfo();
...

The XML parser save the XMLreader node properties (baseURI, localName, name, namespaceURI, prefix) for each XML (Dto) element as 'XMLattributes' as well as XML attributes (xmlns, xmlns:*, schemaLocation), if set (more info below).

'any' [XSD] elements are accepted as 'Anytype' object instances (more info below, 'AnyType').

Usage, build up structure

To build up dsig structure:

<?php
namespace Kigkonsult\DsigSdk;
use Kigkonsult\DsigSdk\Dto\AnyType;
use Kigkonsult\DsigSdk\Dto\CanonicalizationMethodType;
use Kigkonsult\DsigSdk\Dto\KeyInfoType;
use Kigkonsult\DsigSdk\Dto\SignedInfoType;
use Kigkonsult\DsigSdk\Dto\SignatureType;
use Kigkonsult\DsigSdk\Dto\SignatureValueType;

$dsig = SignatureType::factory()
    ->setSignedInfo( 
        SignedInfoType::factory()
            ->setCanonicalizationMethod(
                CanonicalizationMethodType::factory()
                    ->setAlgorithm( SignatureType::MINICANONICAL )
                    ->setAny( [
                        AnyType::factory()
                            ->setElementName( 'nonSchemaElement1')
                            ->setAttributes( [
                                'id' => '12345' 
                                ] )
                             ->setContent( 'Lr1mKGxP7VAgMB...' ),
                        AnyType::factory()
                            ->setElementName( 'nonSchemaElement2')
                            ->setSubElements( [
                                AnyType::factory()
                                    ->setElementName( 'nonSchemaElement3')
                                    ->setContent( 'Lr1mKGxP7VAgMB...' ),
                            ] )
                        ]
                    )
            )
    )
    ->setSignatureValue(
        SignatureValueType::factory()
            ->setSignatureValueType( 'vgGZnRlm8...' )
    )
    ->setKeyInfo(
        KeyInfoType::factory()
            ->setKeyInfoType( [
                [                 // one set of elements
                    [             // element
                        SignatureType::X509DATA => 
                            X509DataType::factory()
                                ->setX509Certificate( ... )
                    ],
                ],
        ] )
    )
    ->setObject(
        ...
    )
    ...
XML attributes

You can set (single 'element') XMLattribute using

$dsig->setXMLAttribut( <key>, <value> );

To set (ex. prefix) and 'propagate' down in hierarchy:

$dsig->setXMLAttribut( SignatureType::PREFIX, <value>, true );

You can remove (single 'element') XMLattribute using

$dsig->unsetXMLAttribut( <key> );

To unset (ex. prefix) and 'propagate' down in hierarchy:

$dsig->unsetXMLAttribut( SignatureType::PREFIX, true );

To fetch and iterate over XMLAttributes 

foreach( $dsig->getXMLAttributes() as $key => $value {
    ...
}

Anytype

Anytype object instances are used for 'any' [XSD] elements. The element name are stored and fetched with

$anytype->setElementName( <name> );

$anytypeName = $anytype->getElementName();

The 'any' [XSD] element attributes may include XML attributes.

The AnyType attributes are stored and fetched as array.

$anytype->setAttributes( [ <key> => <value> ] );

foreach( $anytype->getAttributes() as $key => $value {
    ...
}

Note, an AnyType instance may have * content * type string, * AnyType::setContent() * AnyType::getContent()

or * sub-elements type array [AnyType] * AnyType::setSubElements() * AnyType::getSubElements()

but not both.

Usage, output as XML

DsigSdk uses XMLWriter creating output.

$XMLstring = DsigWriter::factory()->write( $dsig );

The XMLwriter adds for each element * element name with prefix, if exists XMLattribute xmlns, xmlns: and schemaLocation, if exists.

Usage, output as DomNode

$domNode = DsigWriter::factory()->write( $dsig, true );

Info

For class structure and architecture, please review * the [XSD] * docs/Dsig.png class design * the src/DsigLoader directory

You may find convenient constants in - src/DsigInterface - src/XMLAttributesInterface

For base64Encode/base64Decode/hash support, please review src/Impl/Impl.md

Installation

[Composer]

From the Command Line:

composer require kigkonsult/dsigsdk

In your composer.json:

{
    "require": {
        "kigkonsult/dsigsdk": "dev-master"
    }
}

Acquire access

namespace Kigkonsult\DsigSdk;
...
include 'vendor/autoload.php';

Run tests

cd pathToSource/DsigSdk
vendor/bin/phpunit

Or

Download and acquire..

namepace Kigkonsult\DsigSdk;
...
include 'pathToSource/DsigSdk/autoload.php';

Support

For support, please use [Github]/issues.

License

This project is licensed under the LGPLv3 License

[Composer]:https://getcomposer.org/ [Github]:https://github.com/iCalcreator/dsigsdk/issues [http://www.w3.org/2000/09/xmldsig#]:http://www.w3.org/2000/09/xmldsig# [XSD]:https://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd

  Files folder image Files  
File Role Description
Files folder imagedocs (6 files)
Files folder imagesrc (4 files, 5 directories)
Files folder imagetest (2 files, 1 directory)
Accessible without login Plain text file autoload.php Aux. Auxiliary script
Accessible without login Plain text file composer.json Data Auxiliary data
Accessible without login Plain text file phpunit.xml Data Auxiliary data
Accessible without login Plain text file README.md Doc. Read me

Downloaddsigsdk-2019-11-06.zip 513KB
Downloaddsigsdk-2019-11-06.tar.gz 365KB
Install with ComposerInstall with Composer
 Version Control Unique User Downloads Download Rankings  
 100%
Total:81
This week:5
All time:9,441
This week:59Up

  Applications that use this package  
No pages of applications that use this class were specified.

Add link image If you know an application of this package, send a message to the author to add a link here.