Subversion Repositories Sigmater

Rev

Blame | Last modification | View Log | Download | RSS feed

<?

        // client con soap FIRMATA:
        // firmo richiesta e imbusto come attachment
        
        // FIRMA IL FILE
        $attachment_filename = tempnam('./Log','XML_');
        $signed_filename = tempnam('./Log', 'P7M_');

    if(!write_file($attachment_filename,$xml)) {

        @unlink($attachment_filename);
        echo 'Errore scrittura file XML: '.$attachment_filename;
    }

        if (!openssl_pkcs7_sign($attachment_filename, $signed_filename, CERT_ENTE, $arr_privkey, $arr_header, PKCS7_TEXT + PKCS7_DETACHED)) {

                while($msg = openssl_error_string())
                        $err.= $msg;

            @unlink($signed_filename);
            @unlink($attachment_filename);

                echo $err;
        }
        else {
                
                require_once('SOAP/Client.php');
                
                $soapclient = new SOAP_Client($url);
                        
                $DatiXmlRequest = new SOAP_Attachment('{'.NS_WSDL.'}'.$operation, 'text/xml', $signed_filename);
        
                $methodValue = new SOAP_Value('DatiXmlattach', 'Struct', array($DatiXmlRequest));
                
                $arr_Segnatura = get_segnatura_client();
                $header = new SOAP_Header('{'.NS_HEADER.'}Segnatura', 'Struct', $arr_Segnatura, 1, "");
                
                // creazione SOAP headers
                $soapclient->addHeader($header);
                
                // questi sono gli header nella richiesta http
                $arr_headers = array();
                $options = array('Attachments'=>'Mime', 'namespace' => NS_WSDL, 'trace' => 1, 'style' => 'document', 'use' => 'literal', 'headers' => $arr_headers, 'timeout' => 300, 'soapaction' => 'http://www.agenziaterritorio.it/ws/transazionali');
                
                // chiamata al web service
                $ritorno = $soapclient->call("", $DatiXmlRequest, $options);

                @unlink($signed_filename);
            @unlink($attachment_filename);

/*
echo '<pre>';
print htmlentities($soapclient->__get_wire());
echo '</pre>';
*/

                if (PEAR::isError($ritorno)) {

            //print 'Errore: <b>'.$ritorno->getMessage().'</b>';
            if (strstr(strtoupper($ritorno->code), 'CLIENT.NODATA'))
                echo(' - CLIENT.NODATA');
                        
                        print ('<BR> <BR>');
            //exit;
                }
        else {

                        $part_to_verify = $ritorno;
                                
            print '<b>RISPOSTA RICEVUTA</b>';
            print ('<BR> <BR>');

                        // Verifica della firma
                        $server_cert_filename = tempnam ("./Log", "CERT_");
                        
            $ret = verify($part_to_verify, $server_cert_filename);
                        
            //$arr_cert_data = read_cert($server_cert_filename);
            //show($arr_cert_data);

            // Test sulla verifica della firma
            if ($ret === false) {
                print '<b>FIRMA NON VERIFICATA</b>';
            }
            elseif ($ret === -1) {
                print '<b>ERRORE VERIFICA FIRMA</b>';
            }
            elseif ($ret === true) {
                print '<b>FIRMA VERIFICATA</b>';
                print ('<BR> ');
                                                        
                                $struct_pkcs7 = decode_pkcs7($part_to_verify);
                                
                            $ritorno = $struct_pkcs7->parts[0]->body;
                                
                                /*
                $dati_cert  = read_cert($server_cert_filename);

                                echo "utente: ".$dati_cert["name"];
                                echo "<br>";
                                echo "issuer: ".$dati_cert["issuer"]["CN"];
                                echo "<br>";
                                echo "serial: ".$dati_cert["serialNumber"];
                                echo "<br>";
                                echo "server_cert_filename: ".$server_cert_filename;
                                echo "<br>";
                                */
                                
                        }
                        else {
                print '<b>ERRORE FIRMA NON PREVISTO</b>';
                print ('<BR> ');
                        }
                        
                        @unlink($server_cert_filename);
                        
                } // se pear_error
        } // se sign
?>