I want to Digitally Sign an XML file with PHP using OpenSSL, so far I can generate an XML with all the information that I need, and I have a working demo that signs and verifys a signature (declaring the private and public keys as a string). I have a .cer file and a .key file that are files I want to use to sign the XML file. How can I achieve this? The goal is that the end user just uploads these certificates and downloads a signed XML. (Some concrete documentation about this is greatly appreciated)
EDIT: Okay I am now familiarized with OpenSSL and its functions, but still I need to know how to do include this in PHP:
openssl pkcs8 -inform DER -in c:/route/myfile.key -passin pass:contraseña -out c:/route/myfile.pem
To this:
$data = "||2.0|ABCD|2|03-05-2010T14:11:36|49|2008|INGRESO|UNA SOLA EXHIBICIÓN|2000.00|00.00|2320.00|PAMC660606ER9|CONTRIBUYENTE PRUEBASEIS PATERNOSEIS MATERNOSEIS|PRUEBA SEIS|6|6|PUEBLA CENTRO|PUEBLA|PUEBLA|PUEBLA||MÉXICO|72000|CAUR390312S87|ROSA MARÍA CÁLDERON URIEGAS|TOPOCHICO|52|JARDINES DEL VALLE|NUEVO LEÓN|MEXICO|95465|1.00|SERVICIO|01|ASESORIA FISCAL Y ADMINISTRATIVA|2000.00|IVA|16.00|320.00|| ";
$priv_key_id=openssl_get_privatekey("file://C:\files\Clavepr.key.pem");
$public_key_id=openssl_get_publickey("file://C:\files\cert.cer.pem");
$o=openssl_sign($data,$cadenafirmada, $priv_key_id,OPENSSL_ALGO_SHA1);
$sello=base64_encode($cadenafirmada);
var_dump($sello);
I am currently using sites in hostgator and I raised a ticket on the matter, they configured OpenSSL in the server and enabled it back again for me, then instead of using exec() for executing i used shell_exec() then executed that command directly into the linux console, it looked like this:
shell_exec('openssl pkcs8 -inform DER -in '.$_SERVER['DOCUMENT_ROOT'].'/'.$path1.' -passin pass:'.$contrasena.' -out '.$_SERVER['DOCUMENT_ROOT'].'/'.$path1.'.pem');
That was the only problem all along.