如何在php中籤署SOAP消息

Question

我正在使用php（yii2），我想實現與服務器的SOAP通信。我有以下指導SOAP：

The Customer’s system uses the Customer’s private key for issuing digital signatures. Both the application request (ApplicationRequest) and the SOAP message must be signed separately in the WSC. The signature is performed with the private key. The signing system must include in the signature also the certificate. This certificate contains the public key corresponding to the private key used in the signing. The receiver uses the public key to authenticate the signature.

和：

Next step: Digitally sign (detached type XML Digital Signature) the whole SOAP message with the Private Key of Sender Certificate and put the signature into SOAP-header

所以，我有自己的private.key，public.key和certificate.cer

我的代碼看起來像

$client = new SoapClient($wdsl, ['trace' => true]); 
    $arguments = ['DownloadFileListRequest' => $dflr]; 
    $appResponse = $client->__call('downloadFileList', $arguments); 

但我得到預期的錯誤：

SOAP signature error

我要做什麼以及如何簽署此SOAP？

Answer 1

XMLSecurityDSig幫助（https://github.com/robrichards/xmlseclibs）

$dom = new DOMDocument('1.0', 'UTF-8'); 
$ar = $dom->createElementNS('http://bxd.fi/xmldata/', 'ApplicationRequest'); 
$dom->appendChild($ar); 
$ar->appendChild($dom->createElement('CustomerId', $this->userID)); 
... 
$ar->appendChild($dom->createElement('Content', $contentBase64)); 

$objDSig = new XMLSecurityDSig(); 
$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); 
$objDSig->addReference(
      $dom, 
      XMLSecurityDSig::SHA256, 
      ['http://www.w3.org/2000/09/xmldsig#enveloped-signature'], 
      ['force_uri' => true] 
     ); 
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, ['type'=>'private']); 
$objKey->loadKey($this->privateKeyPath, true); 
$objDSig->sign($objKey); 
$objDSig->add509Cert(base64_encode(file_get_contents($this->certificatePath)), false); 
$objDSig->appendSignature($dom->documentElement); 

$xmlRaw = $dom->saveXML();