Chilkat_9_5_0.XmlDSig PHP ActiveX Reference Documentation

Chilkat_9_5_0.XmlDSig

An API for validating XML Digital Signatures. Use the XmlDSigGen class for creating XML Digital Signatures.

Object Creation

$obj = new COM("Chilkat_9_5_0.XmlDSig");

Properties

string DebugLogFilePath

If set to a file path, causes each Chilkat method or property call to automatically append it's LastErrorText to the specified log file. The information is appended such that if a hang or crash occurs, it is possible to see the context in which the problem occurred, as well as a history of all Chilkat calls up to the point of the problem. The VerboseLogging property can be set to provide more detailed information.

This property is typically used for debugging the rare cases where a Chilkat method call hangs or generates an exception that halts program execution (i.e. crashes). A hang or crash should generally never happen. The typical causes of a hang are:

  1. a timeout related property was set to 0 to explicitly indicate that an infinite timeout is desired,
  2. the hang is actually a hang within an event callback (i.e. it is a hang within the application code), or
  3. there is an internal problem (bug) in the Chilkat code that causes the hang.

VARIANT LastBinaryResult (read-only)

Introduced in version 9.5.0.52

The binary data returned by the last (binary data returning) method called. Only available if Chilkat.Global.KeepBinaryResult is set to true. This provides a means for obtaining large varbinary results in the SQL Server environment (where limitations exist in getting large amounts of data returned by method calls, but where temp tables can be used for binary properties).

string LastErrorHtml (read-only)

Provides information in HTML format about the last method/property called. If a method call returns a value indicating failure, or behaves unexpectedly, examine this property to get more information.

string LastErrorText (read-only)

Provides information in plain-text format about the last method/property called. If a method call returns a value indicating failure, or behaves unexpectedly, examine this property to get more information.

Concept of LastErrorText

LastErrorText Standard Information

string LastErrorXml (read-only)

Provides information in XML format about the last method/property called. If a method call returns a value indicating failure, or behaves unexpectedly, examine this property to get more information.

bool LastMethodSuccess

Introduced in version 9.5.0.52

Indicate whether the last method call succeeded or failed. A value of true indicates success, a value of false indicates failure. This property is automatically set for method calls. It is not modified by property accesses. The property is automatically set to indicate success for the following types of method calls:

  • Any method that returns a string.
  • Any method returning a Chilkat object, binary bytes, or a date/time.
  • Any method returning a standard boolean status value where success = true and failure = false.
  • Any method returning an integer where failure is defined by a return value less than zero.

Note: Methods that do not fit the above requirements will always set this property equal to true. For example, a method that returns no value (such as a "void" in C++) will technically always succeed.

string LastStringResult (read-only)

Introduced in version 9.5.0.52

The string return value of the last (string returning) method called. Only available if Chilkat.Global.KeepStringResult is set to true. This provides a means for obtaining large string results in the SQL Server environment (where limitations exist in getting long strings returned by method calls, but where temp tables can be used for string properties).

Long Strings Returned by ActiveX Methods in SQL Server

int LastStringResultLen (read-only)

Introduced in version 9.5.0.53

The length, in characters, of the string contained in the LastStringResult property.

int NumReferences (read-only)

Introduced in version 9.5.0.69

The number of data objects referenced in the XML digital signature. A data object may be self-contained within the loaded XML signature, or it may be an external URI reference. An application can check each reference to see if it's external by calling IsReferenceExternal, and can get each reference URI by calling ReferenceUri.

Verify an XML Signature with Multiple References

Verify Multiple Signatures in XML

int NumSignatures (read-only)

Introduced in version 9.5.0.69

The number of digital signatures found within the loaded XML. Each digital signature is composed of XML having the following structure:

  <Signature ID?> 
     <SignedInfo>
       <CanonicalizationMethod/>
       <SignatureMethod/>
       (<Reference URI? >
         (<Transforms>)?
         <DigestMethod>
         <DigestValue>
       </Reference>)+
     </SignedInfo>
     <SignatureValue> 
    (<KeyInfo>)?
    (<Object ID?>)*
 </Signature>
Note: The "Signature" and other XML tags may be namespace prefixed.

The Selector property is used to select which XML signature is in effect when validating or calling other methods or properties.

int Selector

Introduced in version 9.5.0.69

If the loaded XML contains multiple signatures, this property can be set to specify which signature is in effect when calling other methods or properties. In most cases, the loaded XML contains a single signature and this property will remain at the default value of 0.

Verify Multiple Signatures in XML

bool VerboseLogging

If set to true, then the contents of LastErrorText (or LastErrorXml, or LastErrorHtml) may contain more verbose information. The default value is false. Verbose logging should only be used for debugging. The potentially large quantity of logged information may adversely affect peformance.

string Version (read-only)

Version of the component/library, such as "9.5.0.63"

bool WithComments

This property is deprecated. It will be removed in a future version.

Note: This property is not actually used because the "with/without comments" behavior is passed as an argument to the CanonicalizeXml and CanonicalizeFragment methods.

Determines whether XML is canonicalized with or without comments. The default value is false. (Set to true to canonicalize with XML comments.)

Methods

string CanonicalizeFragment(string xml, string fragmentId, string version, string prefixList, bool withComments)

Applies XML canonicalization to a fragment of the passed-in XML, and returns the canonicalized XML string. The fragmentId identifies the XML element where output begins. It is the XML element having an "id" attribute equal to fragmentId. The version may be one of the following:

  • "C14N" -- for Inclusive Canonical XML
  • "EXCL_C14N" -- for Exclusive Canonical XML

The prefixList only applies when the version is set to "EXCL_C14N". The prefixList may be an empty string, or a SPACE separated list of namespace prefixes. It is the InclusiveNamespaces PrefixList, which is the list of namespaces that are propagated from ancestor elements for canonicalization purposes.

If withComments is true, then XML comments are included in the output. If withComments is false, then XML comments are excluded from the output.

Returns null on failure

Canonicalize XML Fragment

string CanonicalizeXml(string xml, string version, bool withComments)

Applies XML canonicalization to the passed-in XML, and returns the canonicalized XML string. The version may be one of the following:

  • "C14N" -- for Inclusive Canonical XML
  • "EXCL_C14N" -- for Exclusive Canonical XML

If withComments is true, then XML comments are included in the output. If withComments is false, then XML comments are excluded from the output.

Returns null on failure

XML Exclusive Canonicalization

XML Inclusive Canonicalization

Chilkat_9_5_0.Xml GetKeyInfo()

Introduced in version 9.5.0.69

Returns the KeyInfo XML for the signature indicated by the Selector property. Returns null if no KeyInfo exists.

Returns null on failure

Verify XML Digital Signature having KeyName

Chilkat_9_5_0.PublicKey GetPublicKey()

Introduced in version 9.5.0.69

Returns the public key from the KeyInfo XML for the signature indicated by the Selector property. Returns null if no KeyInfo exists, or if no public key is actually contained in the KeyInfo.

Returns null on failure

bool IsReferenceExternal(int index)

Introduced in version 9.5.0.69

Returns true if the reference at index is external. Each external reference would first need to be provided by the application prior to validating the signature.

bool LoadSignature(string xmlSig)

Introduced in version 9.5.0.69

Loads an XML document containing 1 or more XML digital signatures. An application would first load XML containing digital signature(s), then validate. After loading, it is also possible to use various methods and properties to get information about the signature, such as the key info, references, etc. If external data is referenced by the signature, it may be necessary to provide the referenced data prior to validating.

Note: When loading an XML document, the Selector property is automatically reset to 0, and the NumSignatures property is set to the number of XML digital signatures found.

Returns true for success, false for failure.

bool LoadSignatureBd(Chilkat_9_5_0.BinData binData)

Introduced in version 9.5.0.69

Loads an XML document containing one or more XML digital signatures from the contents of a BinData object. An application would first load the XML, then validate. After loading, it is also possible to use various methods and properties to get information about the signature, such as the key info, references, etc. If external data is referenced by the signature, it may be necessary to provide the referenced data prior to validating.

Note: When loading an XML document, the Selector property is automatically reset to 0, and the NumSignatures property is set to the number of XML digital signatures found.

Returns true for success, false for failure.

bool LoadSignatureSb(Chilkat_9_5_0.StringBuilder sbXmlSig)

Introduced in version 9.5.0.69

Loads an XML document containing one or more XML digital signatures from the contents of a StringBuilder object. An application would first load the XML, then validate. After loading, it is also possible to use various methods and properties to get information about the signature, such as the key info, references, etc. If external data is referenced by the signature, it may be necessary to provide the referenced data prior to validating.

Note: When loading an XML document, the Selector property is automatically reset to 0, and the NumSignatures property is set to the number of XML digital signatures found.

Returns true for success, false for failure.

Verify XML Digital Signature with an RSA Key

string ReferenceUri(int index)

Introduced in version 9.5.0.69

Returns the URI of the Nth reference specified by index. (The 1st reference is at index 0.) URI's beginning with a pound sign ('#') are internal references.

Returns null on failure

bool SetHmacKey(string key, string encoding)

Introduced in version 9.5.0.69

Sets the HMAC key to be used if the Signature used an HMAC signing algorithm. The encoding specifies the encoding of key, and can be "hex", "base64", "ascii", or any of the binary encodings supported by Chilkat in the link below.

Returns true for success, false for failure.

Binary Encodings Supported by Chilkat

Verify HMAC XML Digital Signature

bool SetPublicKey(Chilkat_9_5_0.PublicKey pubKey)

Introduced in version 9.5.0.69

Sets the public key to be used for verifying the signature indicated by the Selector property. A public key only needs to be explicitly provided by the application for those XML signatures where the public key is not already available within the KeyInfo of the Signature. In some cases, the KeyInfo within the Signature contains information about what public key was used for signing. The application can use this information to retrieve the matching public key and provide it via this method.

Returns true for success, false for failure.

Verify XML Digital Signature having KeyName

bool SetRefDataBd(int index, Chilkat_9_5_0.BinData binData)

Introduced in version 9.5.0.69

Provides the binary data for the external reference at index.

Verify XML Signature with External Data Reference

bool SetRefDataFile(int index, string path)

Introduced in version 9.5.0.69

Provides the data for the external reference at index. When validating the signature, the data contained in path will be streamed to compute the digest for validation.

bool SetRefDataSb(int index, Chilkat_9_5_0.StringBuilder sb, string charset)

Introduced in version 9.5.0.69

Provides the text data for the external reference at index. The charset specifies the byte representation of the text, such as "utf-8", "utf-16", "windows-1252", etc. (If in doubt, try utf-8 first.)

bool UseCertVault(Chilkat_9_5_0.XmlCertVault certVault)

Introduced in version 9.5.0.69

Adds an XML certificate vault to the object's internal list of sources to be searched for certificates having public keys when verifying an XML signature. A single XML certificate vault may be used. If UseCertVault is called multiple times, only the last certificate vault will be used, as each call to UseCertVault will replace the certificate vault provided in previous calls.

Returns true for success, false for failure.

Verify XML Signature having KeyInfo / X509Data / X509IssuerSerial

Verify XML Signature having KeyInfo / X509Data / X509SKI

bool VerifyReferenceDigest(int index)

Introduced in version 9.5.0.69

This method allows for an application to verify the digest for each reference separately. This can be helpful if the full XMLDSIG validation fails, then one can test each referenced data's digest to see which, if any, fail to match.

Verify an XML Signature with Multiple References

bool VerifySignature(bool verifyReferenceDigests)

Introduced in version 9.5.0.69

Verifies the signature indicated by the Selector property. If verifyReferenceDigests is true, then the digest of each Reference within the signature's SignedInfo is also validated.

Returns true for success, false for failure.

Verify XML Digital Signature with an RSA Key

Verify SOAP XML using a wsse:SecurityTokenReference

Verify XML Signature having KeyInfo / X509Data / X509Certificate