Sample code for 30+ languages & platforms
PHP Extension

Create XML Signature with External Data Reference

See more XML Digital Signatures Examples

Demonstrates how to create an XML digital signature where the data is external. In this case, the data is a JPG file.

This example requires Chilkat v9.5.0.69 or greater.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// This example inserts an XML signature in the following XML:

// <?xml version="1.0" encoding="UTF-8" standalone="no"?>
// <abc>
//   <xyz>
//     <jpg>
//         <name>starfish.jpg</name>
//         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
//     </jpg>
//   </xyz>
// </abc>

// The above XML is available at https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml
// First fetch the XML:

$url = 'https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml';
$http = new CkHttp();
$sbXml = new CkStringBuilder();
$success = $http->QuickGetSb($url,$sbXml);
if ($success != true) {
    print $http->lastErrorText() . "\n";
    exit;
}

// We'll use an RSA private key for signing.  
$rsaKey = new CkPrivateKey();
$success = $rsaKey->LoadPemFile('qa_data/rsa/rsaPrivKey_pkcs8.pem');
if ($success != true) {
    print $rsaKey->lastErrorText() . "\n";
    exit;
}

$xmlSigGen = new CkXmlDSigGen();

// Indicate were the Signature will be inserted:
$xmlSigGen->put_SigLocation('abc|xyz|jpg');

// Provide the RSA key to be used for signing:
$xmlSigGen->SetPrivateKey($rsaKey);

// Fetch the JPG image data.
$jpgUrl = 'https://www.chilkatsoft.com/images/starfish.jpg';
$jpgData = new CkBinData();
$success = $http->QuickGetBd($jpgUrl,$jpgData);
if ($success != true) {
    print $http->lastErrorText() . "\n";
    exit;
}

// Add the external data reference:
$xmlSigGen->AddExternalBinaryRef($jpgUrl,$jpgData,'sha256','');

// Create the XML digital signature:
$success = $xmlSigGen->CreateXmlDSigSb($sbXml);
if ($success != true) {
    print $xmlSigGen->lastErrorText() . "\n";
    exit;
}

// Examine the XML that now contains the Signature:
print $sbXml->getAsString() . "\n";

// <?xml version="1.0" encoding="UTF-8" standalone="no"?>
// <abc>
//   <xyz>
//     <jpg>
//         <name>starfish.jpg</name>
//         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
//     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="https://www.chilkatsoft.com/images/starfish.jpg"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>AOU810yJV5Np/DnO29qpObqiTSTTCDvxGsX5ayiTYXI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ApHRr6nilNrzt3dLveC9zlPoSllaCMfHsbAwr+vYBPkHkJ4wD5LzDDhi1tSJZAAeTckmvSqIG3Wi0rgXQiSM644MD3coBFx4QgrY+GZ+XJJE2Y0Ye3VvaQBiRdUW3INGsW4GLubncgQk5JhuAQjo6O/GKpfEuYqUJj/6CLHLQwMPwbZ2043ykgzuPFoOZf6EydJMBAn1ORMvrpUn+zuA9UngOTGap6eWE4CeiNx23BRC2wSztbUjdCLcqXvgiYu/v0tBNaTcwy7b6+IFtwv/lNUUBUQJ/3p+aErzFn3wLeH3yeqpDCU0U6Dqu5SS1jYupcWWsLHJjYnj2066DPJi/g==</ds:SignatureValue><ds:KeyInfo><ds:KeyValue><ds:RSAKeyValue><ds:Modulus>sXeRhM55P13FbpNcXAMR3olbw2Wa6keZIHu5YTZYUBTlYWId+pNiwUz3zFIEo+0IfYR0H27ybIycQO+1IIzJofUFNMAL3tZps2OKPlsjuCPls6kXpXhv/gvhux8LrCtp4PcKWqJ6QVOZKChc7WAx40qFWzHi57ueqRTv3x0kESqGg/VjsqyTEvb55psJO2RsfhLT7+YVh3hImRM3RDaJdkTkPuOxeFyT6N7VXD09329sLuS3QkUbE9zEKDnz9X3d8dEQdJhSI9ba5fxl8R7fu8pB67ElfzFml96X1jLFtzy1pzOT5Fc4ROcaqlYckVzdBq9sxezm6MYmDBjNAcibRw==</ds:Modulus><ds:Exponent>AQAB</ds:Exponent></ds:RSAKeyValue></ds:KeyValue></ds:KeyInfo></ds:Signature></jpg>
//   </xyz>
// </abc>
// 

?>