friendica-addons/saml/vendor/robrichards/xmlseclibs/README.md

#xmlseclibs 

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures.

The author of xmlseclibs is Rob Richards.

# Branches
Master is currently the only actively maintained branch.
* master/3.1: Added AES-GCM support requiring 7.1+
* 3.0: Removes mcrypt usage requiring 5.4+ (5.6.24+ recommended for security reasons)
* 2.0: Contains namespace support requiring 5.3+
* 1.4: Contains auto-loader support while also maintaining backwards compatiblity with the older 1.3 version using the xmlseclibs.php file. Supports PHP 5.2+

# Requirements

xmlseclibs requires PHP version 5.4 or greater. **5.6.24+ recommended for security reasons**


## How to Install

Install with [`composer.phar`](http://getcomposer.org).

```sh
php composer.phar require "robrichards/xmlseclibs"
```


## Use cases

xmlseclibs is being used in many different software.

* [SimpleSAMLPHP](https://github.com/simplesamlphp/simplesamlphp)
* [LightSAML](https://github.com/lightsaml/lightsaml)
* [OneLogin](https://github.com/onelogin/php-saml)

## Basic usage

The example below shows basic usage of xmlseclibs, with a SHA-256 signature.

```php
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecurityKey;

// Load the XML to be signed
$doc = new DOMDocument();
$doc->load('./path/to/file/tobesigned.xml');

// Create a new Security object 
$objDSig = new XMLSecurityDSig();
// Use the c14n exclusive canonicalization
$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
// Sign using SHA-256
$objDSig->addReference(
    $doc, 
    XMLSecurityDSig::SHA256, 
    array('http://www.w3.org/2000/09/xmldsig#enveloped-signature')
);

// Create a new (private) Security key
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type'=>'private'));
/*
If key has a passphrase, set it using
$objKey->passphrase = '<passphrase>';
*/
// Load the private key
$objKey->loadKey('./path/to/privatekey.pem', TRUE);

// Sign the XML file
$objDSig->sign($objKey);

// Add the associated public key to the signature
$objDSig->add509Cert(file_get_contents('./path/to/file/mycert.pem'));

// Append the signature to the XML
$objDSig->appendSignature($doc->documentElement);
// Save the signed XML
$doc->save('./path/to/signed.xml');
```

## How to Contribute

* [Open Issues](https://github.com/robrichards/xmlseclibs/issues)
* [Open Pull Requests](https://github.com/robrichards/xmlseclibs/pulls)

Mailing List: https://groups.google.com/forum/#!forum/xmlseclibs
Add SAML addon. 2021-05-17 05:56:37 +02:00			`#xmlseclibs`

			`xmlseclibs is a library written in PHP for working with XML Encryption and Signatures.`

			`The author of xmlseclibs is Rob Richards.`

			`# Branches`
			`Master is currently the only actively maintained branch.`
			`* master/3.1: Added AES-GCM support requiring 7.1+`
			`* 3.0: Removes mcrypt usage requiring 5.4+ (5.6.24+ recommended for security reasons)`
			`* 2.0: Contains namespace support requiring 5.3+`
			`* 1.4: Contains auto-loader support while also maintaining backwards compatiblity with the older 1.3 version using the xmlseclibs.php file. Supports PHP 5.2+`

			`# Requirements`

			`xmlseclibs requires PHP version 5.4 or greater. 5.6.24+ recommended for security reasons`


			`## How to Install`

			Install with [`composer.phar`](http://getcomposer.org).

			```sh
			`php composer.phar require "robrichards/xmlseclibs"`
			```


			`## Use cases`

			`xmlseclibs is being used in many different software.`

			`* [SimpleSAMLPHP](https://github.com/simplesamlphp/simplesamlphp)`
			`* [LightSAML](https://github.com/lightsaml/lightsaml)`
			`* [OneLogin](https://github.com/onelogin/php-saml)`

			`## Basic usage`

			`The example below shows basic usage of xmlseclibs, with a SHA-256 signature.`

			```php
			`use RobRichards\XMLSecLibs\XMLSecurityDSig;`
			`use RobRichards\XMLSecLibs\XMLSecurityKey;`

			`// Load the XML to be signed`
			`$doc = new DOMDocument();`
			`$doc->load('./path/to/file/tobesigned.xml');`

			`// Create a new Security object`
			`$objDSig = new XMLSecurityDSig();`
			`// Use the c14n exclusive canonicalization`
			`$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);`
			`// Sign using SHA-256`
			`$objDSig->addReference(`
			`$doc,`
			`XMLSecurityDSig::SHA256,`
			`array('http://www.w3.org/2000/09/xmldsig#enveloped-signature')`
			`);`

			`// Create a new (private) Security key`
			`$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type'=>'private'));`
			`/*`
			`If key has a passphrase, set it using`
			`$objKey->passphrase = '<passphrase>';`
			`*/`
			`// Load the private key`
			`$objKey->loadKey('./path/to/privatekey.pem', TRUE);`

			`// Sign the XML file`
			`$objDSig->sign($objKey);`

			`// Add the associated public key to the signature`
			`$objDSig->add509Cert(file_get_contents('./path/to/file/mycert.pem'));`

			`// Append the signature to the XML`
			`$objDSig->appendSignature($doc->documentElement);`
			`// Save the signed XML`
			`$doc->save('./path/to/signed.xml');`
			```

			`## How to Contribute`

			`* [Open Issues](https://github.com/robrichards/xmlseclibs/issues)`
			`* [Open Pull Requests](https://github.com/robrichards/xmlseclibs/pulls)`

			`Mailing List: https://groups.google.com/forum/#!forum/xmlseclibs`