PHP数字签名 [英] PHP Digital Signatures

问题描述

我想用PHP使用OpenSSL数字签名一个XML文件，到目前为止，我可以生成一个包含我需要的所有信息的XML，我有一个工作演示，签名和验证签名（声明私钥和公钥作为字符串）。我有一个.cer文件和一个.key文件，我想用来签署XML文件。我该如何实现呢？ 目标是最终用户只需上传这些证书并下载签名的XML。（非常感谢有关这方面的具体文档）

strong> EDIT：好了，我现在已经熟悉OpenSSL及其功能，但仍然需要知道如何在PHP中包含这个：

  openssl pkcs8 -inform DER -in c：/route/myfile.key -passin pass：contraseña-out c：/route/myfile.pem 
  pre> 
 
 
至此：
  $ data =|| 2.0 | ABCD | 2 | 03-05-2010T14：11 | 36 | 49 | 2008 | INGRESO | UNA SOLAEXHIBICIÓN| 2000.00 | 00.00 | 2320.00 | PAMC660606ER9 |捐款预付款PATERNOSEIS MATERNOSEIS | PRUEBA SEIS | 6 | 6 | PUEBLA CENTRO | PUEBLA | PUEBLA | PUEBLA ||MÉXICO| 72000 | CAUR390312S87 | ROSAMARÍACÁLDERONURIEGAS | TOPOCHICO | 52 | JARDINES DEL VALLE | NUEVOLEÓN| MEXICO | 95465 | 1.00 | SERVICIO | 01 | ASESORIA FISCAL Y ADMINISTRATIVA | 2000.00 | IVA | 16.00 | |; 
 
 $ priv_key_id = openssl_get_privatekey（file：// C：\files\Clavepr.key.pem）; 
 $ public_key_id = openssl_get_publickey（file：// C：\files\cert.cer.pem）; 
 $ o = openssl_sign（$ data，$ cadenafirmada，$ priv_key_id，OPENSSL_ALGO_SHA1）; 
 $ sello = base64_encode（$ cadenafirmada）; 
 
 var_dump（$ sello）; 
  
 
 
解决方案
我目前正在hostgator中使用网站，票据，他们配置OpenSSL在服务器，并再次启用它为我，然后，而不是使用exec（）执行i使用shell_exec（）然后直接执行该命令到linux控制台，它看起来像这样： p> 
 
 
  shell_exec（'openssl pkcs8 -inform DER -in'。$ _ SERVER ['DOCUMENT_ROOT']。'/'。$ path1。 -passin pass：'。$ contrasena。'-out'。$ _ SERVER ['DOCUMENT_ROOT']。'/'。$ path1。'。pem'）; 
  
这是唯一的问题。 
 
I want to Digitally Sign an XML file with PHP using OpenSSL, so far I can generate an XML with all the information that I need, and I have a working demo that signs and verifys a signature (declaring the private and public keys as a string). I have a .cer file and a .key file that are files I want to use to sign the XML file. How can I achieve this? The goal is that the end user just uploads these certificates and downloads a signed XML. (Some concrete documentation about this is greatly appreciated)

EDIT: Okay I am now familiarized with OpenSSL and its functions, but still I need to know how to do include this in PHP:
openssl pkcs8 -inform DER -in c:/route/myfile.key -passin pass:contraseña -out c:/route/myfile.pem
To this:
$data = "||2.0|ABCD|2|03-05-2010T14:11:36|49|2008|INGRESO|UNA SOLA EXHIBICIÓN|2000.00|00.00|2320.00|PAMC660606ER9|CONTRIBUYENTE PRUEBASEIS PATERNOSEIS MATERNOSEIS|PRUEBA SEIS|6|6|PUEBLA CENTRO|PUEBLA|PUEBLA|PUEBLA||MÉXICO|72000|CAUR390312S87|ROSA MARÍA CÁLDERON URIEGAS|TOPOCHICO|52|JARDINES DEL VALLE|NUEVO LEÓN|MEXICO|95465|1.00|SERVICIO|01|ASESORIA FISCAL Y ADMINISTRATIVA|2000.00|IVA|16.00|320.00|| "; 

$priv_key_id=openssl_get_privatekey("file://C:\files\Clavepr.key.pem");
$public_key_id=openssl_get_publickey("file://C:\files\cert.cer.pem");
$o=openssl_sign($data,$cadenafirmada, $priv_key_id,OPENSSL_ALGO_SHA1);
$sello=base64_encode($cadenafirmada);

var_dump($sello);

解决方案
I am currently using sites in hostgator and I raised a ticket on the matter, they configured OpenSSL in the server and enabled it back again for me, then instead of using exec() for executing i used shell_exec() then executed that command directly into the linux console, it looked like this:
shell_exec('openssl pkcs8 -inform DER -in '.$_SERVER['DOCUMENT_ROOT'].'/'.$path1.' -passin pass:'.$contrasena.' -out '.$_SERVER['DOCUMENT_ROOT'].'/'.$path1.'.pem');
That was the only problem all along. 

                        
这篇关于PHP数字签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！