我需要使用私有RSA密钥签署XML文件,以便使用我的C#应用程序进行验证。当我用我的C#应用程序签署xml时,这是最终输出:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>VIRRzqwb20aCSXrRTX1Y5vW//IA=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>mS3JQ/KmyXCayLly4hHRXKM51jPy230B3h4ngjzOhq0xR/7BRDQP2wfp7ugVcL5kMWaV+pBHbJgdvvu8OrzyxCUQ+R7RYqWpEBYJHUARov0Pws7oFybFpmzRnwhg2gPaPEzcVpK4VL4G1iM07XgmoSKM8Id0fRQ1lD+4BEcAxNY=</SignatureValue>
</Signature>
使用C#登录:
public static void SignXmlDocument(RSA key, XmlDocument doc)
{
var sxml = new SignedXml(doc);
sxml.SigningKey = key;
sxml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigCanonicalizationUrl;
var r = new Reference("");
r.AddTransform(new XmlDsigEnvelopedSignatureTransform(false));
sxml.AddReference(r);
sxml.ComputeSignature();
var sig = sxml.GetXml();
doc.DocumentElement.AppendChild(sig);
}
如何在PHP中使用相同的内容?
答案 0 :(得分:1)
您可以使用XMLDsig
安装库并在自动装带器中注册路径。如果您使用composer,则两个步骤都是自动的。
require_once __DIR__ . '/vendor/autoload.php';
$xmlDocument = new DOMDocument();
$xmlDocument..... // define the contents to sign
$xmlTool = new FR3D\XmlDSig\Adapter\XmlseclibsAdapter();
$xmlTool->setPrivateKey(file_get_contents('<path to your private key>/private.pem');
$xmlTool->addTransform(FR3D\XmlDSig\Adapter\XmlseclibsAdapter::ENVELOPED);
$xmlTool->sign($xmlDocument);
现在$xmlDocument最后有<signature>元素。