mirror of
https://git.friendi.ca/friendica/friendica-addons.git
synced 2024-11-05 10:42:59 +00:00
86 lines
2.4 KiB
Markdown
86 lines
2.4 KiB
Markdown
|
#xmlseclibs
|
||
|
|
||
|
xmlseclibs is a library written in PHP for working with XML Encryption and Signatures.
|
||
|
|
||
|
The author of xmlseclibs is Rob Richards.
|
||
|
|
||
|
# Branches
|
||
|
Master is currently the only actively maintained branch.
|
||
|
* master/3.1: Added AES-GCM support requiring 7.1+
|
||
|
* 3.0: Removes mcrypt usage requiring 5.4+ (5.6.24+ recommended for security reasons)
|
||
|
* 2.0: Contains namespace support requiring 5.3+
|
||
|
* 1.4: Contains auto-loader support while also maintaining backwards compatiblity with the older 1.3 version using the xmlseclibs.php file. Supports PHP 5.2+
|
||
|
|
||
|
# Requirements
|
||
|
|
||
|
xmlseclibs requires PHP version 5.4 or greater. **5.6.24+ recommended for security reasons**
|
||
|
|
||
|
|
||
|
## How to Install
|
||
|
|
||
|
Install with [`composer.phar`](http://getcomposer.org).
|
||
|
|
||
|
```sh
|
||
|
php composer.phar require "robrichards/xmlseclibs"
|
||
|
```
|
||
|
|
||
|
|
||
|
## Use cases
|
||
|
|
||
|
xmlseclibs is being used in many different software.
|
||
|
|
||
|
* [SimpleSAMLPHP](https://github.com/simplesamlphp/simplesamlphp)
|
||
|
* [LightSAML](https://github.com/lightsaml/lightsaml)
|
||
|
* [OneLogin](https://github.com/onelogin/php-saml)
|
||
|
|
||
|
## Basic usage
|
||
|
|
||
|
The example below shows basic usage of xmlseclibs, with a SHA-256 signature.
|
||
|
|
||
|
```php
|
||
|
use RobRichards\XMLSecLibs\XMLSecurityDSig;
|
||
|
use RobRichards\XMLSecLibs\XMLSecurityKey;
|
||
|
|
||
|
// Load the XML to be signed
|
||
|
$doc = new DOMDocument();
|
||
|
$doc->load('./path/to/file/tobesigned.xml');
|
||
|
|
||
|
// Create a new Security object
|
||
|
$objDSig = new XMLSecurityDSig();
|
||
|
// Use the c14n exclusive canonicalization
|
||
|
$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
|
||
|
// Sign using SHA-256
|
||
|
$objDSig->addReference(
|
||
|
$doc,
|
||
|
XMLSecurityDSig::SHA256,
|
||
|
array('http://www.w3.org/2000/09/xmldsig#enveloped-signature')
|
||
|
);
|
||
|
|
||
|
// Create a new (private) Security key
|
||
|
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type'=>'private'));
|
||
|
/*
|
||
|
If key has a passphrase, set it using
|
||
|
$objKey->passphrase = '<passphrase>';
|
||
|
*/
|
||
|
// Load the private key
|
||
|
$objKey->loadKey('./path/to/privatekey.pem', TRUE);
|
||
|
|
||
|
// Sign the XML file
|
||
|
$objDSig->sign($objKey);
|
||
|
|
||
|
// Add the associated public key to the signature
|
||
|
$objDSig->add509Cert(file_get_contents('./path/to/file/mycert.pem'));
|
||
|
|
||
|
// Append the signature to the XML
|
||
|
$objDSig->appendSignature($doc->documentElement);
|
||
|
// Save the signed XML
|
||
|
$doc->save('./path/to/signed.xml');
|
||
|
```
|
||
|
|
||
|
## How to Contribute
|
||
|
|
||
|
* [Open Issues](https://github.com/robrichards/xmlseclibs/issues)
|
||
|
* [Open Pull Requests](https://github.com/robrichards/xmlseclibs/pulls)
|
||
|
|
||
|
Mailing List: https://groups.google.com/forum/#!forum/xmlseclibs
|