Sample code for 30+ languages & platforms
PHP Extension

CMS Sign Hash

Demonstrates how to use the SignHashENC method to sign a pre-computed hash. This method creates a CMS signature (PKCS7 detached signature).

This example requires Chilkat v9.5.0.90 or later.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$crypt = new CkCrypt2();

// Create the hash to be signed...
$crypt->put_HashAlgorithm('sha256');
$crypt->put_EncodingMode('base64');
$crypt->put_Charset('utf-8');
// Create the SHA256 hash of a string using the utf-8 byte representation.
// Return the hash as base64.
$base64Hash = $crypt->hashStringENC('This is the string to be hashed');

// Load a certificate for signing.
$cert = new CkCert();
$success = $cert->LoadPfxFile('qa_data/pfx/cert_test123.pfx','test123');
if ($success == false) {
    print $cert->lastErrorText() . "\n";
    exit;
}

$crypt->SetSigningCert($cert);

// Sign the hash to create a base64 CMS signature (which does not contain the original data).
// We can get the signature in a single line of base64 by specifying "base64", or 
// we can get multi-line base64 by specifying "base64_mime".
$crypt->put_EncodingMode('base64_mime');
$base64CmsSig = $crypt->signHashENC($base64Hash,'sha256','base64');
if ($crypt->get_LastMethodSuccess() == false) {
    print $crypt->lastErrorText() . "\n";
    exit;
}

// Note: In the above call to SignHashENC, the encoding of the returned CMS signature is specified by the EncodingMode property.
// However, the encoding of the passed-in hash is indicated by the 3rd argument.

print 'CMS Signature: ' . $base64CmsSig . "\n";

?>