EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Sign XML file with PHP with Xades_bes format

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#35439
Posted: 01/07/2016 16:20:04
by Gabby Z. (Basic support level)
Joined: 01/07/2016
Posts: 3

Hello

I am testing SecureBlackbox library with PHP in my WAMP server for signing a XML file with Xades_bes format. I found an example in the forum, but it doesn't work, the error says: "SecureBlackbox extension NOT available". Please help me. Thanks a lot. The example is:

Code
<?php

error_reporting(E_ALL);
date_default_timezone_set("UTC");

if (isset($_POST["sign"]))
{
  if (!extension_loaded("sbb") && !function_exists('SBUtils\SetLicenseKey'))
  {
    print "SecureBlackbox extension NOT available";
    die;
  }

  try
  {
    if (!SBUtils\GetLicense())
    {
      #error Please pick the evaluation license key from <SecureBlackbox>\LicenseKey.txt file and place it in "sbb.license_key" php.ini directive or here. If the evaluation key expires, you can request an extension using the form on https://www.eldos.com/sbb/keyreq/
      SBUtils\SetLicenseKey("my key");
    }
  }
  catch (SBException $e)
  {
    print "<p style='color:red'>Setting SBB License Key failed with message: <br/>" . $e->getErrorMessage() . "</p>";
    die;
  }

  $pass = $_POST["pass"];
  $filename = "";
  $certfile = "";
  if ($_FILES["filename"]["error"] == 0)
  {
    $filename = $_FILES["filename"]["tmp_name"];
  }
  if ($_FILES["certfile"]["error"] == 0)
  {
    $certfile = $_FILES["certfile"]["tmp_name"];
  }

  if ((strlen($filename) > 0) and (strlen($certfile) > 0))
  {
    $error_happened = false;
    $error_details = "";

    $cert = new TElX509Certificate(null);
    try
    {
      $res = $cert->LoadFromFileAuto($certfile, $pass);
      if ($res != 0)
      {
        $error_happened = true;
        $cert = null;
        $error_details = "Loading signing certificate failed with error: " . $res;
      }
    }
    catch (SBException $e)
    {
      $error_happened = true;
      $cert = null;
      $error_details = "Loading signing certificate failed with message: " . $e->getErrorMessage();
    }

    if (!$error_happened and (!is_null($cert)))
    {
      try
      {
        $xmlDocument = new TElXMLDOMDocument();
        $xmlDocument->LoadFromFile($filename);

        // add reference for the whole document
        $xmlSigner = new TElXMLSigner(null);
        $k = $xmlSigner->References->Add();
        $ref = $xmlSigner->References->get_Reference($k);
        $ref->DigestMethod = TElXMLDigestMethod::xdmSHA1;
        $ref->URI = "";
        $ref->URINode = $xmlDocument->DocumentElement;
        $ref->TransformChain->AddEnvelopedSignatureTransform();

        $xmlSigner->SignatureMethodType = TElXMLSigMethodType::xmtSig;
        $xmlSigner->SignatureMethod = TElXMLSignatureMethod::xsmRSA_SHA1;
        $xmlSigner->KeyName = "";
        $xmlSigner->IncludeKey = true;

        $X509Data = new TElXMLKeyInfoX509Data(false);
        $X509Data->Certificate = $cert;
        $xmlSigner->KeyData = $X509Data;

        $xmlSigner->UpdateReferencesDigest();

        $xmlSigner->GenerateSignature();

        $xmlSigner->SaveEnveloped($xmlDocument->DocumentElement);

        $xmlDocument->SaveToFile($filename);

      }
      catch (SBException $e)
      {
        $error_happened = true;
        $error_details = "XML signing failed with message: " . $e->getErrorMessage();
      }
    }

    if (!$error_happened)
    {
      $handle = fopen($filename, "r");
      $contents = fread($handle, filesize($filename));
      fclose($handle);

      header('Content-Transfer-Encoding: binary');
      header('Content-length: ' . strlen($contents));
      header('Content-Type: application/xml');
      header('Content-Disposition: **inline**; filename=' . $filename);

      print $contents;
    }
    else
    {
      print "Error happened: <br/>" . $error_details;
    }

    return;
  }
  else
  {
    $error_details = "";
    if (strlen($filename) == 0)
    {
      $error_details = $error_details . "XML file for signing is not specified <br/>";
    }
    if (strlen($certfile) == 0)
    {
      $error_details = $error_details . "Signing certificate is not specified <br/>";
    }
    print "Error happened: <br/><br/>" . $error_details;
  }
}

?>

<html>
<head>
  <title>EldoS XML Signer demo</title>
  <style type="text/css">
  .textheader {
    font-family: Arial;
    font-size: 16;
    font-weight: bold;
  }
  .textnormal {
    font-family: Arial;
    font-size: 12;
  }
  </style>
</head>
<body>
  <div align="center">
  <table border="0" cellspacing="0" cellpadding="0" width="600" height="100%">
    <tr height="*"></tr>
    <tr height="400">
      <td width="600" valign="top">
        <table border="0" cellspacing="0" cellpadding="10" width="100%" height="100%" style="border: 1px solid #bbbbbb;" bgcolor="#f6f6f6">
          <tr height="50">
            <td width="100%" valign="center" bgcolor="#e6e6e6">
              <div align="center" class="textheader">EldoS SecureBlackbox XML Signer demo</div>
            </td>
          </tr>
          <tr height="70">
            <td width="100%" height="*" align="center" valign="center" class="textnormal">
              <div align="center"> This sample illustrates the use of SecureBlackbox components for signing a XML document. <br/>
              Please select XML document and signing certificate files and provide the certificate passphrase in the text box below, next click the 'Sign' button to sign the document. </div>
            </td>
          </tr>
          <tr height="*">
            <td width="100%" height="*">
              <form action="" method="post" enctype="multipart/form-data">
                <table border="0" cellspacing="0" cellpadding="0" width="100%" height="100%" class="textnormal">
                  <tr height="30">
                    <td width="40%" align="right"> XML file: </td>
                    <td width="10"></td>
                    <td width="*" align="left"> <input type="file" name="filename" value="" size="30" /> </td>
                  </tr>
                  <tr height="30">
                    <td width="40%" align="right"> Certificate file: </td>
                    <td width="10"></td>
                    <td width="*" align="left"> <input type="file" name="certfile" value="" size="30" /> </td>
                  </tr>
                  <tr height="30">
                    <td width="40%" align="right"> Certificate passphrase: </td>
                    <td width="10"></td>
                    <td width="*" align="left"> <input width="20" type="password" name="pass" value="" size="20" /> <td>
                  </tr>
                  <tr height="45" valign="center">
                    <td colspan="3" align="center"> <input type="submit" name="sign" value="Sign"/> </td>
                  </tr>
                  <tr height="30" valign="bottom">
                    <td colspan="3" align="center"> Please inspect the source code of this script for more details. </td>
                  </tr>
                </table>
              </form>
            </td>
          </tr>
          <tr height="20">
            <td width="100%" valign="center" bgcolor="#e6e6e6">
              <div align="center" class="textnormal">Copyright &copy; EldoS Corporation <a href="http://www.eldos.com/">www.eldos.com</a></div>
            </td>
          </tr>
        </table>
      </td>
    </tr>
    <tr height="*"></tr>
  </table>
  </div>
</body>
</html>
#35441
Posted: 01/07/2016 16:39:40
by Eugene Mayevski (EldoS Corp.)

SecureBlackbox is actually not a pure PHP library but the extension for PHP. This is a binary module which you need to add to your PHP installation in order for it to work. The extensions are included in the archive with SecureBlackbox. If you need instructions on installing the extension, please let us know and specify, what OS you have (Windows, Linux, MacOS X). In general the extension is installed in the same way as any other PHP extension.


Sincerely yours
Eugene Mayevski
#35443
Posted: 01/07/2016 16:49:32
by Gabby Z. (Basic support level)
Joined: 01/07/2016
Posts: 3

The php_sbb.dll is on the "ext" folder of my WAMP server and it is included on php.ini.
#35444
Posted: 01/07/2016 16:56:11
by Dmytro Bogatskyy (EldoS Corp.)

Hi,
Quote
The php_sbb.dll is on the "ext" folder of my WAMP server and it is included on php.ini.

Please, check the Readme file that is included in the archive with SecureBlackbox.
Additionally, you need to copy appropriate SecureBlackbox library "libsbbphp.dll" from "$INSTALL_PATH\Libraries" to the directory where php.exe/httpd.exe reside or add the directory with a library to a search path or you can copy the library to the C:\Windows\System32 folder.
#35445
Posted: 01/07/2016 17:05:21
by Gabby Z. (Basic support level)
Joined: 01/07/2016
Posts: 3

Thank you. It works! :)
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 2285 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!