Generated on May 10, 2024 via composer

Composer

Home

robrichards/xmlseclibs 3.1.1

A PHP library for XML Security

xml

security

signature

xmldsig

Package summary

issues

license

Package created

21 May 2015

Version published

5 Sep 2020

Maintainers

Total deps

Direct deps

License

BSD-3-Clause

Issues

Licenses

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

1 Packages, Including:

robrichards/xmlseclibs@3.1.1

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of robrichards/xmlseclibs 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities

Tree

Treemap

Frequently Asked Questions

What does robrichards/xmlseclibs do?

Rob Richards has developed the robrichards/xmlseclibs as a useful PHP library that assists in working with XML Encryption and Signatures. This library is crucial in ensuring data integrity and privacy, more so in fields requiring heightened security measures. It gets consistently updated and maintained, with the master and 3.1 branches as the only ones currently active, which boasts added support for AES-GCM and requires PHP 7.1+.

How do you use robrichards/xmlseclibs?

As a PHP library, robrichards/xmlseclibs is best utilized through installation with Composer. The process is as easy as typing "php composer.phar require "robrichards/xmlseclibs" in your terminal. There are a few requirements, such as a PHP version 5.4 or higher (5.6.24+ recommended due to security purposes).

Here is an example of its usage in code:

use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecurityKey;

// Load your XML to be signed
$doc = new DOMDocument();
$doc->load('./path/to/file/tobesigned.xml');

// Create a new Security object 
$objDSig = new XMLSecurityDSig();
$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
$objDSig->addReference(
    $doc, 
    XMLSecurityDSig::SHA256, 
    array('http://www.w3.org/2000/09/xmldsig#enveloped-signature')
);

// Create a new (private) Security key
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type'=>'private'));

// Load the private key
$objKey->loadKey('./path/to/privatekey.pem', TRUE);

// Sign the XML file
$objDSig->sign($objKey);

// Add the associated public key to the signature
$objDSig->add509Cert(file_get_contents('./path/to/file/mycert.pem'));

// Append the signature to the XML
$objDSig->appendSignature($doc->documentElement);
// Save the signed XML
$doc->save('./path/to/signed.xml');

This example illustrates the basic utilization of xmlseclibs with a SHA-256 signature.

Where are the robrichards/xmlseclibs docs?

For the complete documentation and additional resources on robrichards/xmlseclibs, head over to Rob Richards' GitHub repository at https://github.com/robrichards/xmlseclibs.git. The page offers thorough explanations on each aspect of the library. Should you wish to contribute, it provides the platform for open issues and pull requests. There's even a mailing list at https://groups.google.com/forum/#!forum/xmlseclibs for more detailed discussions.