2015-07-13 52 views
36

我想將Aadhaar卡驗證API用於PHP中的Aadhaar驗證。我嘗試了this並編寫了API訪問代碼。如何整合Aadhaar卡身份驗證API在PHP中的Aadhaar數字驗證?

如何在PHP中生成以下XML加密字段數據? This sample code是用Java編寫的。

<Auth uid="" tid="" ac="" sa="" ver="" txn="" lk=""> 
    <Uses pi="" pa="" pfa="" bio="" bt="" pin="" otp=""/> 
    <Tkn type="" value=""/> 
    <Meta udc="" fdc="" idc="" pip="" lot=」G|P」 lov=""/> 
    <Skey ci="" ki="">encrypted and encoded session key</Skey> 
    <Data type=」X|P」>encrypted PID block</Data> 
    <Hmac>SHA-256 Hash of Pid block, encrypted and then encoded</Hmac> 
    <Signature>Digital signature of AUA</Signature> 
</Auth> 
+0

你是否從UID獲得生產密鑰? ping我,如果是的話,[email protected] –

+0

@IT超級大國嗨,你能告訴我我怎麼能得到加密和編碼的會話密鑰在Skey中的值,加密的PID數據塊,SHA-256哈希Pid塊,加密然後在Signature中用Hmac和Digital簽名進行編碼?我已經通過文檔,但不知道我怎麼能得到這些值。 – Lokesh

回答

2

生成XML,你可以使用這個庫來很容易地生成它:

https://github.com/iwyg/xmlbuilder

對於加密;我可能是錯的,但它看起來像(from this page)你可以在java中一次生成編碼結果,並將結果粘貼到你的PHP變量中。

+0

我想整合只是aadhar狀態和下載adhar到我的android應用程序...所以你可以指導如何發送參數到apis和哪些API使用? –

5
// Below is the running code to integrate Aadhaar Card Authentication Api for Aadhaar number Verification in PHP? 

     $path=$_SERVER['DOCUMENT_ROOT']; 
     $certpath=$path."/your .pfx file"; 
     $publickeypath=$path."/your .cer file"; 
     $certpassword="your cert password"; 

     require_once('xmlsecurity.php'); // for creating this file use link : https://github.com/robrichards/xmlseclibs 
     $trn_id = "AuthDemoClient:public:". date('YmdHisU'); 
     if (!$cert_store = file_get_contents($certpath)) { 
      echo "Error: Unable to read the cert file\n"; 
      exit; 
     } 
     if (openssl_pkcs12_read($cert_store, $cert_info, $certpassword)) { 
      //print_r($cert_info["cert"]); 
      //print_r($cert_info["pkey"]); 
     } else { 
      echo "Error: Unable to read the cert store.\n"; 
      exit; 
     } 

     define("UIDAI_PUBLIC_CERTIFICATE" , $publickeypath); 
     define("AUA_PRIVATE_CERTIFICATE" , $cert_info["pkey"]); 


     date_default_timezone_set("Asia/Calcutta"); 
     $date2= gmdate("Y-m-d\TH:i:s"); 
     $date1 = date('Y-m-d\TH:i:s', time()); 
     $ts='"'.$date1.'"';//date('Y-m-d\TH:i:s'); 
     $pid_1='<Pid ts='.$ts.' ver="1.0"><Pv otp="'.$otp.'"/></Pid>'; 

     $randkey = generateRandomString(); 
     $SESSION_ID = $randkey; 

      $skey1=encryptMcrypt($SESSION_ID); 
      $skey=base64_encode($skey1); 

     // generate ci code start 
      $ci=getExpiryDate(UIDAI_PUBLIC_CERTIFICATE); 

     // generate pid block code start 
      $pid=encryptPID($pid_1,$randkey); 
      //hmac creation code start 
      $hash=hash("SHA256",$pid_1,true); 
      $hmac=encryptPID($hash,$randkey); 

      $load_xml="<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?><Auth xmlns=\"http://www.uidai.gov.in/authentication/uid-auth-request/1.0\" sa=\"public\" lk=\"your license key\" txn=\"$trn_id\" ver=\"1.6\" tid=\"public\" ac=\"your code from aadhaar\" uid=\"$aadhaarno\"><Uses pi=\"n\" pa=\"n\" pfa=\"n\" bio=\"n\" bt=\"\" pin=\"n\" otp=\"y\"/><Meta udc=\"UDC:001\" fdc=\"NC\" idc=\"NA\" pip=\"NA\" lot=\"P\" lov=\"$pincode\"/><Skey ci=\"$ci\">$skey</Skey><Data type=\"X\">$pid</Data><Hmac>$hmac</Hmac></Auth>"; 

      $dom = new DOMDocument(); 
      $dom->loadXML($load_xml); // the XML you specified above. 
      $objDSig = new XMLSecurityDSig(); 
      $objDSig->setCanonicalMethod(XMLSecurityDSig::C14N_COMMENTS); 
      $objDSig->addReference($dom, XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'),array('force_uri' 
      =>'true')); 
      $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'private')); 
      $objKey->loadKey($cert_info["pkey"], False); 
      $objKey->passphrase = 'your certificate password'; 
      $objDSig->sign($objKey, $dom->documentElement); 
      $objDSig->add509Cert($cert_info["cert"]); 
      $objDSig->appendSignature($dom->documentElement); 
      $xml_string = $dom->saveXML(); 
      $xml_string1 = urlencode($xml_string); 


     $curl = curl_init(); 
     $url=""; //aadhar service url 
     curl_setopt($curl, CURLOPT_URL, $url); 
     curl_setopt($curl, CURLOPT_POST, true); 
     curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); 
     curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); 
     curl_setopt($curl, CURLOPT_POSTFIELDS,"eXml=A28".$xml_string1); 
     curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); 
     /* complete within 20 seconds */ 
     curl_setopt($curl, CURLOPT_TIMEOUT, 20); 

     $result = curl_exec($curl); 
     curl_close($curl); 
     $xml = @simplexml_load_string($result); 
     $return_status=$xml['ret']; 
     if($return_status=="y"){ 
       $res=1; 
     } 
     if($return_status!="y"){ 
       $res=0; 
      } 

     }else 
     { 
      $res='Aadhaarno not exist'; 
     } 
    return array('Message'=>$res);    
} 

function encryptMcrypt($data) { 
      $fp=fopen(UIDAI_PUBLIC_CERTIFICATE,"r"); 
      $pub_key_string=fread($fp,8192); 
      openssl_public_encrypt($data, $encrypted_data, $pub_key_string, OPENSSL_PKCS1_PADDING); 
      return $encrypted_data; 
      } 
     function generateRandomString($length = 32) { 
      $characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; 
      $charactersLength = strlen($characters); 
      $randomString = ''; 
      for ($i = 0; $i < $length; $i++) { 
       $randomString .= $characters[rand(0, $charactersLength - 1)]; 
      } 
      return $randomString; 
     } 
     function encryptPID($data,$skey) { 
       $result=openssl_encrypt ($data , 'AES-256-ECB' , $skey); 
      return ($result); 
      } 
     function getExpiryDate($_CERTIFICATE){ 
      $_CERT_DATA = openssl_x509_parse(file_get_contents($_CERTIFICATE)); 
      return date('Ymd', $_CERT_DATA['validTo_time_t']); 
     } 
+0

以上代碼是從GETOTP webservice獲得otp後,將Aadhaar卡身份驗證API集成到PHP中的Aadhaar數字驗證。 –

+0

嗨,你能告訴我我怎麼能得到Skey中的加密和編碼會話密鑰的值,加密PID數據塊,SHA-256哈希Pid塊,加密,然後編碼Hmac和簽名中的數字簽名?我已經通過了文檔,但不知道我怎麼能得到這些值 – Lokesh

+0

@lokesh:所有問題的答案已經在上面的代碼中共享。以上代碼包括:1. Skey中的加密和編碼會話密鑰。 2.數據加密的PID塊,SHA-256 Hash的Pid塊3.加密,然後在Hmac中編碼。 4.使用數字簽名創建簽名的xml。 –