Skip to content

Instantly share code, notes, and snippets.

@DuckHunter213
Created December 8, 2018 13:42
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save DuckHunter213/becba884da06c0f785364485f6b46dd3 to your computer and use it in GitHub Desktop.
Save DuckHunter213/becba884da06c0f785364485f6b46dd3 to your computer and use it in GitHub Desktop.
Es un código de ejemplo de como hacer certificados y firmas en si lo lees ojala te sirva :D básicamente para los usuarios de windows
<?
function mostrarErrores($certificado){
print "$certificado Certificated: <br>Error<br><br>";
while (($e = openssl_error_string()) !== false) {
echo $e . "\n";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>OpenSSL</title>
</head>
<body>
<h1>Ejemplo de uso de la libreria de OPENSSL</h1>
<?
$configargs = array(
"config" => "C:/xampp/php/extras/openssl/openssl.cnf",
'private_key_bits'=> 2048,
'default_md' => "sha256",
);
// Create the keypair
$res=openssl_pkey_new($configargs);
// Get private key
openssl_pkey_export($res, $privKey,NULL,$configargs);
// Get public key
$publickey=openssl_pkey_get_details($res);
$publickey=$publickey["key"];
?>
<h2>Mostrando el par de llaves</h2>
<?
echo "Private Key:<br><textarea rows='30' cols='70' readonly>$privKey</textarea><br><br>";
echo "Public Key:<br><textarea rows='10' cols='70' readonly>$publickey</textarea><br><br>";
?>
<h2>Asignando el CSR (Peticion de firma de certificado)</h2>
<?
$dn = array(
"countryName" => "MX",
"stateOrProvinceName" => "Veracruz",
"localityName" => "Xalapa",
"organizationName" => "Signati Litteris",
"organizationalUnitName" => "Signati Litteris Team",
"commonName" => "Signati Litteris",
"emailAddress" => "SignatiLitteris@gmail.com"
);
$csr = openssl_csr_new($dn, $privkey,$configargs);
openssl_csr_export($csr, $csr_string);
echo "CSR Certificated: <br><textarea rows='20' cols='70' readonly>$csr_string</textarea><br><br>";
$x509 = openssl_csr_sign($csr, null, $privkey, 365, $configargs);
openssl_csr_export($csr, $csrout);
print "CSROUT Certificated: <br><textarea rows='20' cols='70' readonly>$csrout</textarea><br><br>";
?>
<h2>Certificado Autofirmado</h2>
<?
openssl_x509_export($x509, $certout);
print "CEROUT Certificated: <br><textarea rows='30' cols='70' readonly>$certout</textarea><br><br>";
?>
<h2>Cifrando la llave privada con la contraseña</h2>
<small>secret1</small><br>
<?
openssl_pkey_export($privkey, $pkeyout,"secret1",$configargs);
if ($pkeyout == false) {
mostrarErrores("pkeyout");
}else{
print "PKEYOUT Certificated <br><textarea rows='35' cols='70' readonly>$pkeyout</textarea><br><br>";
}
?>
<h2>Firmando el documento</h2>
<?
$huellaDocumento = "4a9e87180a1f6f82ee2196e034b52f96";
openssl_sign($huellaDocumento,$firmaDocumento,$privkey,OPENSSL_ALGO_SHA256);
#print "Firma del documento: <br>$firmaDocumento<br><br>";
$cadena = base64_encode($firmaDocumento);
print "Firma del documento: <br><textarea rows='10' cols='70' readonly>$cadena</textarea><br><br>";
$cadena2 = base64_decode($cadena);
//print "Firma del documento: <br>$cadena2<br><br>";
$firmaArchivo=fopen("firmaDocumento.dat",'w');
fwrite($firmaArchivo,$firmaDocumento);
fclose($firmaArchivo);
?>
<a href="firmaDocumento.dat" download="firmaDocumento.dat">Descargar Firma Binaria</a>
<?
$ok = openssl_verify($huellaDocumento, $firmaDocumento, $certout , OPENSSL_ALGO_SHA256);
if ($ok == 1) {
echo "<p style='color:green;'>La firma coincide<p>";
} else {
echo "La firma no coincide";
}
?>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment