metalback/xmldsig

Fork of Selective\XmlDSig for Sign XML Documents with Digital Signatures

Maintainers

Details

github.com/metalback/xmldsig

Homepage

Source

Installs: 22

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 34

2.2.1.1 2021-11-16 15:57 UTC

Requires

Requires (Dev)

MIT 9bf7162f5601780986d44a912e3054c5c78b9860

xmlxmldsigverifysignatures

This package is auto-updated.

Last update: 2024-11-16 23:09:37 UTC

README

Latest Version on Packagist Software License Build Status Coverage Status Quality Score Total Downloads

Features

  • Sign XML Documents with Digital Signatures (XMLDSIG)
  • Verify the Digital Signatures of XML Documents

Requirements

  • PHP 7.2+ or 8.0+
  • The openssl extension
  • A X.509 digital certificate

Installation

composer require selective/xmldsig

Usage

Sign XML Document with Digital Signature

Input file: example.xml

<?xml version="1.0"?>
<root>
    <creditcard>
        <number>19834209</number>
        <expiry>02/02/2025</expiry>
    </creditcard>
</root>
use Selective\XmlDSig\DigestAlgorithmType;
use Selective\XmlDSig\XmlSigner;

$xmlSigner = new XmlSigner();

$xmlSigner->loadPfxFile('filename.pfx', 'password');

// or load pfx from a string
//$xmlSigner->loadPfx('pfx content', 'password');

// or load a PEM file
//$xmlSigner->loadPrivateKeyFile('filename.pem', 'password');

// or load a PEM private key from a string
//$xmlSigner->loadPrivateKey('private key content', 'password');

// Optional: Set reference URI
$xmlSigner->setReferenceUri('');

$xmlSigner->signXmlFile('example.xml', 'signed-example.xml', DigestAlgorithmType::SHA512);

Output file: signed-example.xml

<?xml version="1.0"?>
<root>
    <creditcard>
        <number>19834209</number>
        <expiry>02/02/2025</expiry>
    </creditcard>
    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
        <SignedInfo>
            <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
            <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
            <Reference URI="">
                <Transforms>
                    <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                </Transforms>
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
                <DigestValue>Base64EncodedValue==</DigestValue>
            </Reference>
        </SignedInfo>
        <SignatureValue>AnotherBase64EncodedValue===</SignatureValue>
    </Signature>
</root>

Verify the Digital Signatures of XML Documents

use Selective\XmlDSig\XmlSignatureValidator;

// Create a validator instance
$signatureValidator = new XmlSignatureValidator();
// Load a PFX file
$signatureValidator->loadPfxFile('filename.pfx', 'password');

// or load just a public key file from a string
$signatureValidator->loadPfx('public key content', 'password');

// or load a public key file (without password)
$signatureValidator->loadPublicKeyFile('cacert.pem');

// or load the public key from a string (without password)
$signatureValidator->loadPublicKey('public key content');
// Verify a XML file
$isValid = $signatureValidator->verifyXmlFile('signed-example.xml');

// or verify XML from a string
$isValid = $signatureValidator->verifyXml('xml content');

if ($isValid === true) {
    echo 'The XML signature is valid.';
} else {
    echo 'The XML signature is not valid.';
}

Online XML Digital Signature Verifier

Try these excellent online tools to verify XML signatures:

Similar libraries

License

The MIT License (MIT). Please see License File for more information.