如何在php中签署SOAP消息

Question

我正在使用php（yii2），我想实现与服务器的SOAP通信。我有以下指导SOAP：

The Customer’s system uses the Customer’s private key for issuing digital signatures. Both the application request (ApplicationRequest) and the SOAP message must be signed separately in the WSC. The signature is performed with the private key. The signing system must include in the signature also the certificate. This certificate contains the public key corresponding to the private key used in the signing. The receiver uses the public key to authenticate the signature.

和：

Next step: Digitally sign (detached type XML Digital Signature) the whole SOAP message with the Private Key of Sender Certificate and put the signature into SOAP-header

所以，我有自己的private.key，public.key和certificate.cer

我的代码看起来像

$client = new SoapClient($wdsl, ['trace' => true]); 
    $arguments = ['DownloadFileListRequest' => $dflr]; 
    $appResponse = $client->__call('downloadFileList', $arguments); 

但我得到预期的错误：

SOAP signature error

我要做什么以及如何签署此SOAP？

Answer 1

XMLSecurityDSig帮助（https://github.com/robrichards/xmlseclibs）

$dom = new DOMDocument('1.0', 'UTF-8'); 
$ar = $dom->createElementNS('http://bxd.fi/xmldata/', 'ApplicationRequest'); 
$dom->appendChild($ar); 
$ar->appendChild($dom->createElement('CustomerId', $this->userID)); 
... 
$ar->appendChild($dom->createElement('Content', $contentBase64)); 

$objDSig = new XMLSecurityDSig(); 
$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); 
$objDSig->addReference(
      $dom, 
      XMLSecurityDSig::SHA256, 
      ['http://www.w3.org/2000/09/xmldsig#enveloped-signature'], 
      ['force_uri' => true] 
     ); 
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, ['type'=>'private']); 
$objKey->loadKey($this->privateKeyPath, true); 
$objDSig->sign($objKey); 
$objDSig->add509Cert(base64_encode(file_get_contents($this->certificatePath)), false); 
$objDSig->appendSignature($dom->documentElement); 

$xmlRaw = $dom->saveXML();