Es un código de ejemplo de como hacer certificados y firmas en si lo lees ojala te sirva :D básicamente para los usuarios de windows
<? | |
function mostrarErrores($certificado){ | |
print "$certificado Certificated: <br>Error<br><br>"; | |
while (($e = openssl_error_string()) !== false) { | |
echo $e . "\n"; | |
} | |
} | |
?> | |
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>OpenSSL</title> | |
</head> | |
<body> | |
<h1>Ejemplo de uso de la libreria de OPENSSL</h1> | |
<? | |
$configargs = array( | |
"config" => "C:/xampp/php/extras/openssl/openssl.cnf", | |
'private_key_bits'=> 2048, | |
'default_md' => "sha256", | |
); | |
// Create the keypair | |
$res=openssl_pkey_new($configargs); | |
// Get private key | |
openssl_pkey_export($res, $privKey,NULL,$configargs); | |
// Get public key | |
$publickey=openssl_pkey_get_details($res); | |
$publickey=$publickey["key"]; | |
?> | |
<h2>Mostrando el par de llaves</h2> | |
<? | |
echo "Private Key:<br><textarea rows='30' cols='70' readonly>$privKey</textarea><br><br>"; | |
echo "Public Key:<br><textarea rows='10' cols='70' readonly>$publickey</textarea><br><br>"; | |
?> | |
<h2>Asignando el CSR (Peticion de firma de certificado)</h2> | |
<? | |
$dn = array( | |
"countryName" => "MX", | |
"stateOrProvinceName" => "Veracruz", | |
"localityName" => "Xalapa", | |
"organizationName" => "Signati Litteris", | |
"organizationalUnitName" => "Signati Litteris Team", | |
"commonName" => "Signati Litteris", | |
"emailAddress" => "SignatiLitteris@gmail.com" | |
); | |
$csr = openssl_csr_new($dn, $privkey,$configargs); | |
openssl_csr_export($csr, $csr_string); | |
echo "CSR Certificated: <br><textarea rows='20' cols='70' readonly>$csr_string</textarea><br><br>"; | |
$x509 = openssl_csr_sign($csr, null, $privkey, 365, $configargs); | |
openssl_csr_export($csr, $csrout); | |
print "CSROUT Certificated: <br><textarea rows='20' cols='70' readonly>$csrout</textarea><br><br>"; | |
?> | |
<h2>Certificado Autofirmado</h2> | |
<? | |
openssl_x509_export($x509, $certout); | |
print "CEROUT Certificated: <br><textarea rows='30' cols='70' readonly>$certout</textarea><br><br>"; | |
?> | |
<h2>Cifrando la llave privada con la contraseña</h2> | |
<small>secret1</small><br> | |
<? | |
openssl_pkey_export($privkey, $pkeyout,"secret1",$configargs); | |
if ($pkeyout == false) { | |
mostrarErrores("pkeyout"); | |
}else{ | |
print "PKEYOUT Certificated <br><textarea rows='35' cols='70' readonly>$pkeyout</textarea><br><br>"; | |
} | |
?> | |
<h2>Firmando el documento</h2> | |
<? | |
$huellaDocumento = "4a9e87180a1f6f82ee2196e034b52f96"; | |
openssl_sign($huellaDocumento,$firmaDocumento,$privkey,OPENSSL_ALGO_SHA256); | |
#print "Firma del documento: <br>$firmaDocumento<br><br>"; | |
$cadena = base64_encode($firmaDocumento); | |
print "Firma del documento: <br><textarea rows='10' cols='70' readonly>$cadena</textarea><br><br>"; | |
$cadena2 = base64_decode($cadena); | |
//print "Firma del documento: <br>$cadena2<br><br>"; | |
$firmaArchivo=fopen("firmaDocumento.dat",'w'); | |
fwrite($firmaArchivo,$firmaDocumento); | |
fclose($firmaArchivo); | |
?> | |
<a href="firmaDocumento.dat" download="firmaDocumento.dat">Descargar Firma Binaria</a> | |
<? | |
$ok = openssl_verify($huellaDocumento, $firmaDocumento, $certout , OPENSSL_ALGO_SHA256); | |
if ($ok == 1) { | |
echo "<p style='color:green;'>La firma coincide<p>"; | |
} else { | |
echo "La firma no coincide"; | |
} | |
?> | |
</body> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment