johnhenryspike/kalkancrypt

KalkanCrypt wrapper

Maintainers

Details

github.com/JohnHenrySpike/kalkan-crypt

Source

Issues

Installs: 611

Dependents: 0

Suggesters: 0

Security: 0

Stars: 4

Watchers: 3

Forks: 2

Open Issues: 0

pkg:composer/johnhenryspike/kalkancrypt

0.3.0 2023-10-27 11:33 UTC

Requires

Requires (Dev)

MIT 8d461772657f87baf74dfa863304ecb9a077b3bb

  • JohnHenrySpike <JohnHenrySpike.woop@gmail.com>

This package is auto-updated.

Last update: 2025-09-18 07:58:28 UTC

README

PhpUnit Packagist Version Packagist Downloads Packagist Stars

Wrapper for cryptographic library KalkanCrypt(PHP)

Requirements

  • PHP >= 8.2
  • Composer
  • libs ( libltdl-dev, libpcsclite-dev, libxml2-dev )
  • KalkanCrypt extension (kalkancrypt.so)

Installation

Install the package with Composer:

composer require johnhenryspike/kalkancrypt

Examples

1. Basic usage

  • load chain with intermediate and ca certificates registered in system
// init KeyStore (default storage type PKCS12)
$keyStore = KeyStore::load('/path/to/keyStore.p12', 'password');
//init Chain 
$chain = Chain::init($this->keyStore)->fromSystem();
//init Provider with chain, sign data and return signed string
return Provider::init($chain)->signData("Hello world", SignFlag::SIGN_CMS | SignFlag::OUT_PEM);
  • load chain from collection of intermediate and ca certificates
$keyStore = KeyStore::load('/path/to/keyStore.p12', 'password');
$collection = new CertCollection();
$collection->addItem(Certificate::loadFromPath('/path/to/nca.cer'));
$collection->addItem(Certificate::loadFromPath('/path/to/root.cer'));
$chain = Chain::init($this->keyStore)->fromCollection($collection);
return Provider::init($chain)->signData("Hello world", SignFlag::SIGN_CMS | SignFlag::OUT_PEM);
  • autoload chain from auth info
$keyStore = KeyStore::load('/path/to/keyStore.p12', 'password');
$chain  = Chain::init($keyStore)->fromAuthInfo();
return Provider::init($chain)->signData("Hello world", SignFlag::SIGN_CMS | SignFlag::OUT_PEM);

2. Using only Adapter::class

$adapter = Adapter::getInstance();

$adapter -> loadKeyStore( Adapter::KCST_PKCS12, '/path/to/keyStore.p12', 'password');

// use if CA certs not registered in system
// $adapter->loadCertFromFile(Adapter::KC_CERT_INTERMEDIATE, '/path/to/nca_gost.pem');
// $adapter->loadCertFromFile(Adapter::KC_CERT_CA, '/path/to/root_gost.pem');

return $a->signData( "Hello World", 
    Adapter::KC_SIGN_CMS | 
    Adapter::KC_IN_PEM   | 
    Adapter::KC_OUT_PEM 
);

3. Use Wsse client

$provider = Provider::init(
    Chain::init(
        KeyStore::load('/path/to/keyStore.p12', 'password')
    )->fromAuthInfo()
);

$client = new WsseClient($provider, [
    "location" => "http://192.168.1.1/bip-sync-wss-gost/",
    "uri" => "http://bip.bee.kz/SyncChannel/v10/Types",
    'proxy_host' => '127.0.0.1',
    'proxy_port' => 80
]);
return $client->SendMessage(new \SoapVar('<mydata>Hello World</mydata>', XSD_ANYXML));