duanbu1421 2016-04-21 15:17
浏览 46

如何在php中签署SOAP消息

I'm using php (yii2) and I'd like to implement SOAP communication with server. I have following guide to SOAP:

The Customer’s system uses the Customer’s private key for issuing digital signatures. Both the application request (ApplicationRequest) and the SOAP message must be signed separately in the WSC. The signature is performed with the private key. The signing system must include in the signature also the certificate. This certificate contains the public key corresponding to the private key used in the signing. The receiver uses the public key to authenticate the signature.

and:

Next step: Digitally sign (detached type XML Digital Signature) the whole SOAP message with the Private Key of Sender Certificate and put the signature into SOAP-header

So, I have own private.key, public.key and certificate.cer

My code looks like

    $client = new SoapClient($wdsl, ['trace' => true]);
    $arguments = ['DownloadFileListRequest' => $dflr];
    $appResponse = $client->__call('downloadFileList', $arguments);

But I get the expected error:

SOAP signature error

What I have to do and how to sign this SOAP?

  • 写回答

1条回答 默认 最新

  • doupu1727 2017-03-12 11:30
    关注

    XMLSecurityDSig helped (https://github.com/robrichards/xmlseclibs)

    $dom = new DOMDocument('1.0', 'UTF-8');
$ar = $dom->createElementNS('http://bxd.fi/xmldata/', 'ApplicationRequest');
$dom->appendChild($ar);
$ar->appendChild($dom->createElement('CustomerId', $this->userID));
...
$ar->appendChild($dom->createElement('Content', $contentBase64));

$objDSig = new XMLSecurityDSig();
$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
$objDSig->addReference(
            $dom,
            XMLSecurityDSig::SHA256,
            ['http://www.w3.org/2000/09/xmldsig#enveloped-signature'],
            ['force_uri' => true]
        );
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, ['type'=>'private']);
$objKey->loadKey($this->privateKeyPath, true);
$objDSig->sign($objKey);
$objDSig->add509Cert(base64_encode(file_get_contents($this->certificatePath)), false);
$objDSig->appendSignature($dom->documentElement);

$xmlRaw = $dom->saveXML();
    评论

报告相同问题?

悬赏问题

  • ¥15 Vue3 大型图片数据拖动排序
  • ¥15 划分vlan后不通了
  • ¥15 GDI处理通道视频时总是带有白色锯齿
  • ¥20 用雷电模拟器安装百达屋apk一直闪退
  • ¥15 算能科技20240506咨询(拒绝大模型回答)
  • ¥15 自适应 AR 模型 参数估计Matlab程序
  • ¥100 角动量包络面如何用MATLAB绘制
  • ¥15 merge函数占用内存过大
  • ¥15 使用EMD去噪处理RML2016数据集时候的原理
  • ¥15 神经网络预测均方误差很小 但是图像上看着差别太大