{"id":343917,"date":"2023-01-13T21:01:13","date_gmt":"2023-01-13T21:01:13","guid":{"rendered":"http:\/\/savepearlharbor.com\/?p=343917"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=343917","title":{"rendered":"XMLDSig: php + openssl<\/span>"},"content":{"rendered":"
<\/div>\n
\n
\n
\n
\n

\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u0442\u0430 \u043f\u0440\u043e \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044e \u0441 \u0413\u0418\u0421 \u0416\u041a\u0425 — https:\/\/habr.com\/en\/post\/710462\/<\/a><\/p>\n

\u0412 \u044d\u0442\u043e\u0439 \u0447\u0430\u0441\u0442\u0438 \u0440\u0430\u0437\u0431\u0435\u0440\u0451\u043c \u043a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u0442\u044c xml-\u0437\u0430\u043f\u0440\u043e\u0441 \u0432 php<\/code> \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 openssl<\/code><\/p>\n

\u0412 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u044f \u043d\u0435 \u0440\u0430\u0437\u0431\u0438\u0440\u0430\u044e \u043f\u043e\u0447\u0435\u043c\u0443 xmldsig<\/code> \u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438\u043c\u0435\u043d\u043d\u043e \u0442\u0430\u043a — \u044f \u043f\u0440\u0438\u0432\u043e\u0436\u0443 \u043f\u0440\u0438\u043c\u0435\u0440 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u044f \u043e\u0436\u0438\u0434\u0430\u044e, \u0447\u0442\u043e \u0432\u044b \u0443\u0436\u0435 \u0437\u043d\u0430\u043a\u043e\u043c\u044b \u0441 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u043f\u043e\u043d\u044f\u0442\u0438\u044f\u043c\u0438 \u0438 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u043c \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u043f\u043e xmldsig<\/code>.<\/p>\n

\u0411\u0443\u0434\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e openssl<\/code> \u0438\u0437 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043f\u043e\u0441\u0442\u0430, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u043d \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u0435\u043d \u043a \u043f\u0440\u043e\u0447\u0442\u0435\u043d\u0438\u044e<\/p>\n

\u0412 \u043e\u0441\u043d\u043e\u0432\u0435 \u0432\u0441\u0435\u0433\u043e \u043b\u0435\u0436\u0438\u0442 \u0431\u0430\u0437\u043e\u0432\u044b\u0439 \u043a\u043b\u0430\u0441\u0441 Xml<\/code>, \u043d\u0430\u0441\u043b\u0435\u0434\u0443\u0435\u043c\u044b\u0439 \u043e\u0442 DOMDocument<\/code>:<\/p>\n

\nXml<\/summary>\n
\n
<?php  namespace gis\\xml;  use DOMDocument as GlobalDOMDocument; use DOMElement; use RuntimeException;  class Xml extends GlobalDOMDocument {     public function setVersion(string $version)     {         $this->addAttributeToTag($this->getRequestPayloadXml()->localName, new TagAttributeData([             'attributeName' => 'base:version',             'attributeValue' => $version,             'attributeNamespace' => 'xmlns:base',             'attributeNamespaceValue' => 'http:\/\/dom.gosuslugi.ru\/schema\/integration\/base\/'         ]));     }      public function addAttributeToTag(string $tagName, TagAttributeData $tagAttributeData)     {         \/** @var DOMElement $tag *\/         $tag = $this->getElementByTagName($tagName);          if ($tagAttributeData->getAttributeNamespace()) {             $tag->setAttribute($tagAttributeData->getAttributeNamespace(), $tagAttributeData->getAttributeNamespaceValue());         }         $tag->setAttribute($tagAttributeData->getAttributeName(), $tagAttributeData->getAttributeValue());          $tmpDoc = self::fromText($tag->C14N(true), false);         $imported = $this->importNode($tmpDoc->documentElement, true);         $body = $this->getBody();         $body->removeChild($tag);         $body->appendChild($imported);     }      public function getRequestPayloadXml(): DOMElement     {         $availableTags = ['exportDSRsRequest', 'importDSRResponsesRequest'];         foreach ($availableTags as $tagName) {             if ($found = $this->getElementByTagName($tagName)) {                 return $found;             }         }         throw new RuntimeException('Not yet implemented');     }      public function getElementByTagName(string $qualifiedName): ?DOMElement     {         return $this->getElementsByTagName($qualifiedName)->item(0);     }      public static function fromText(string $source, bool $canonicalize = true): static     {         $xml = new static('1.0', 'utf-8');         $xml->loadXML($source);          return $canonicalize ? self::fromText($xml->C14N(), false) : $xml;     }      public function getBody(): DOMElement     {         return $this->getElementByTagName('Body');     } } <\/code><\/pre>\n<\/p>\n<\/p>\n<\/div>\n<\/details>\n
\u0412 \u043d\u0451\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441 TagAttributeData<\/code> — \u044d\u0442\u043e \u043f\u0440\u043e\u0441\u0442\u043e DTO<\/code> \u0441 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u043e \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0443 \u0442\u044d\u0433\u0430:<\/p>\n
\nTagAttributeData<\/summary>\n
\n
<?php  namespace gis\\xml;  use yii\\base\\Component;  final class TagAttributeData extends Component {     public string $attributeName;     public string $attributeValue;     public ?string $attributeNamespace = null;     public ?string $attributeNamespaceValue = null;      public function getAttributeName(): string     {         return $this->attributeName;     }      public function getAttributeValue(): string     {         return $this->attributeValue;     }      public function getAttributeNamespace(): ?string     {         return $this->attributeNamespace;     }      public function getAttributeNamespaceValue(): ?string     {         return $this->attributeNamespaceValue;     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
\u041e\u0442 \u043d\u0435\u0433\u043e \u043d\u0430\u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043a\u043b\u0430\u0441\u0441 SignedXml<\/code>, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441:<\/p>\n
\nSignedXml<\/summary>\n
\n
<?php  namespace gis\\xml;  use common\\helpers\\DateHelper; use DOMElement; use DOMNode; use gis\\components\\UUID; use gis\\openssl\\OpenSSLInterface; use Yii;  final class SignedXml extends Xml {     private OpenSSLInterface $openssl;      public function __construct(string $version, string $encoding)     {         $this->openssl = Yii::$app->get('openssl');          parent::__construct($version, $encoding);     }      public function saveXML(?DOMNode $node = null, int $options = null): string|false     {         $this->tagSignedElement();          $signatureElement = $this->importSignatureContainer();         $this->digestSignedProperties($signatureElement);         $this->digestSignedInfo($signatureElement);          return parent::saveXML();     }      private function tagSignedElement(): void     {         $this->addAttributeToTag($this->getRequestPayloadXml()->localName, new TagAttributeData([             'attributeName' => 'Id',             'attributeValue' => 'signed-data-container',         ]));     }      private function importSignatureContainer(): DOMElement     {         $x509 = $this->openssl->getX509();          $signedInfoProperties = [             'signatureId' => UUID::new(),             'keyInfoId' => UUID::new(),             'canonicalDataDigest' => $this->openssl->digest($this->getRequestPayloadXml()->C14N(true)),             'x509CertDigest' => $this->openssl->digest(base64_decode($x509->getStripped())),             'x509Cert' => $x509->getStripped(),             'signingTime' => DateHelper::soap(),             'x509IssuerName' => $x509->getIssuerName(),             'x509SerialNumber' => $x509->getSerialNumber()         ];          $render = Yii::$app->getView()->renderPhpFile(Yii::getAlias('@gis\/templates\/full-signature.php'), $signedInfoProperties);         $signatureContainer = Xml::fromText($render);         $signatureElement = $this->importNode($signatureContainer->documentElement, true);         $actualRequestBody = $this->getRequestPayloadXml();         $firstParam = $actualRequestBody->childNodes->item(0);         $actualRequestBody->insertBefore($signatureElement, $firstParam);          return $signatureElement;     }      private function digestSignedProperties(DOMElement $signatureElement): void     {         $signedPropertiesElement = $signatureElement->getElementsByTagName('SignedProperties')->item(0);         $signedPropertiesDigest = $this->openssl->digest($signedPropertiesElement->C14N(true));         $signatureElement->getElementsByTagName('DigestValue')->item(1)->textContent = $signedPropertiesDigest;     }      private function digestSignedInfo(DOMElement $signatureElement): void     {         $signatureValue = $this->openssl->sign($signatureElement->getElementsByTagName('SignedInfo')->item(0)->C14N(true));         $signatureElement->getElementsByTagName('SignatureValue')->item(0)->textContent = $signatureValue;     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
\u0412 \u043d\u0451\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441 UUID<\/code>:<\/p>\n
\nUUID<\/summary>\n
\n
<?php  namespace gis\\components;  class UUID {     public static function new(): string     {         $data = random_bytes(16);          return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
\u0414\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u0432\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 OpenSSLInterface<\/code> \u0438 X509Interface<\/code>, \u043f\u0440\u0438\u0432\u0435\u0434\u0443 \u0438\u0445 \u0442\u0435\u043a\u0443\u0449\u0438\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438:<\/p>\n
\nOpenSSLInterface<\/summary>\n
\n
<?php  namespace gis\\openssl;  use gis\\components\\TemporaryFile; use Yii; use yii\\base\\Component;  class OpenSSL extends Component implements OpenSSLInterface {     private X509Interface $x509;      public function __construct($config = [])     {         $this->x509 = Yii::$app->get('x509')::fromFile(Yii::$app->params['gis']['openssl']['x509.pem']);          parent::__construct($config);     }      public function digest(string $value): string     {         return $this->dgst($value);     }      private function dgst(string $value, ?string $privateKeyPath = null): bool|string|null     {         $temporaryFile = new TemporaryFile($value);         $filepath = $temporaryFile->getFilepath();          $command = [             'cat',             $filepath,             '|',             'openssl',             'dgst',             '-md_gost12_256',             '-binary',         ];          if ($privateKeyPath) {             $command = array_merge($command, [                 '-sign',                 $privateKeyPath             ]);         }          $command = array_merge($command, [             '|',             'base64',             '-w',             '0'         ]);          return shell_exec(implode(' ', $command));     }      public function sign(string $value): string     {         return $this->dgst($value, Yii::$app->params['gis']['openssl']['private.key']);     }      public function getX509(): X509Interface     {         return $this->x509;     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
\u0412 \u043d\u0451\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441 TemporaryFile<\/code>:<\/p>\n
\nTemporaryFile<\/summary>\n
\n
<?php  namespace gis\\components;  class TemporaryFile {     private string $filepath;      public function __construct(?string $data = null)     {         $this->filepath = tempnam(sys_get_temp_dir(), 'php');         $data && $this->setData($data);     }      public function setData(string $data): void     {         file_put_contents($this->getFilepath(), $data);     }      public function getFilepath(): bool|string     {         return $this->filepath;     }      public function __destruct()     {         $this->destroy();     }      private function destroy(): void     {         if (!file_exists($this->filepath)) {             return;         }         unlink($this->filepath);     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
\nX509Interface<\/summary>\n
\n
<?php  namespace gis\\openssl;  use common\\components\\MathHelper; use yii\\base\\Component;  final class X509 extends Component implements X509Interface {     private string $content;      public static function fromFile(string $filepath): static     {         $x509 = new self();         $x509->content = file_get_contents($filepath);          return $x509;     }      public function getSerialNumber(): string     {         $serialNumber = $this->getParsedValue('serialNumber');          return str_starts_with($serialNumber, '0x')             ? MathHelper::bcHexToDecimal(substr($serialNumber, 2))             : $serialNumber;     }      private function getParsedValue(string $key): mixed     {         $read = openssl_x509_read($this->content);          return openssl_x509_parse($read)[$key] ?? null;     }      public function getIssuerName(): string     {         $issuer = $this->getParsedValue('issuer');         $issuerData = [             'CN' => $issuer['CN'],             'O' => $issuer['O'],             'OU' => $issuer['OU'],             'C' => $issuer['C'],             'ST' => $issuer['ST'],             'L' => $issuer['L'],             'E' => $issuer['emailAddress'],             'STREET' => $issuer['street'],             '1.2.643.100.4' => $issuer['INN'] ?? $issuer['UNDEF'] ?? null,             '1.2.643.100.1' => $issuer['OGRN'],         ];         $mergedIssuerData = [];         foreach ($issuerData as $key => $value) {             $value = str_replace(['\"', ','], ['\\\"', '\\,'], $value);             $mergedIssuerData[] = \"$key=$value\";         }          return implode(',', $mergedIssuerData);     }      public function getStripped(): string     {         $allLines = explode(PHP_EOL, $this->content);         unset($allLines[0], $allLines[count($allLines) - 1]);          return implode(PHP_EOL, $allLines);     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
\u0412 \u043d\u0438\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0448\u0430\u0431\u043b\u043e\u043d \u043f\u043e\u0434\u043f\u0438\u0441\u0438:<\/p>\n
\n\u0420\u0430\u0437\u043c\u0435\u0442\u043a\u0430 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u043f\u043e\u0434\u043f\u0438\u0441\u0438<\/summary>\n
\n
<?php  \/**  * @var string $signatureId  * @var string $keyInfoId  * @var string $canonicalDataDigest - digest1  * @var string $x509CertDigest - digest2  * @var string $x509Cert  * @var string $signingTime  * @var string $x509IssuerName  * @var string $x509SerialNumber  *\/  ?> <ds:Signature xmlns:ds=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#\" Id=\"xmldsig-<?= $signatureId ?>\">     <ds:SignedInfo>         <ds:CanonicalizationMethod Algorithm=\"http:\/\/www.w3.org\/2001\/10\/xml-exc-c14n#\" \/>         <ds:SignatureMethod Algorithm=\"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-256\" \/>         <ds:Reference URI=\"#signed-data-container\">             <ds:Transforms>                 <ds:Transform Algorithm=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#enveloped-signature\" \/>                 <ds:Transform Algorithm=\"http:\/\/www.w3.org\/2001\/10\/xml-exc-c14n#\" \/>             <\/ds:Transforms>             <ds:DigestMethod Algorithm=\"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-256\" \/>             <ds:DigestValue><?= $canonicalDataDigest ?><\/ds:DigestValue>         <\/ds:Reference>         <ds:Reference URI=\"#xmldsig-<?= $signatureId ?>-signedprops\" Type=\"http:\/\/uri.etsi.org\/01903#SignedProperties\">             <ds:Transforms>                 <ds:Transform Algorithm=\"http:\/\/www.w3.org\/2001\/10\/xml-exc-c14n#\" \/>             <\/ds:Transforms>             <ds:DigestMethod Algorithm=\"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-256\" \/>             <ds:DigestValue><\/ds:DigestValue>         <\/ds:Reference>     <\/ds:SignedInfo>     <ds:SignatureValue><\/ds:SignatureValue>     <ds:KeyInfo Id=\"xmldsig-<?= $keyInfoId ?>\">         <ds:X509Data xmlns:ds=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#\">             <ds:X509Certificate><?= $x509Cert ?><\/ds:X509Certificate>         <\/ds:X509Data>     <\/ds:KeyInfo>     <ds:Object>         <xades:QualifyingProperties xmlns:xades=\"http:\/\/uri.etsi.org\/01903\/v1.3.2#\" Target=\"#xmldsig-<?= $signatureId ?>\">             <xades:SignedProperties Id=\"xmldsig-<?= $signatureId ?>-signedprops\">                 <xades:SignedSignatureProperties>                     <xades:SigningTime><?= $signingTime ?><\/xades:SigningTime>                     <xades:SigningCertificate>                         <xades:Cert>                             <xades:CertDigest>                                 <ds:DigestMethod Algorithm=\"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-256\" \/>                                 <ds:DigestValue><?= $x509CertDigest ?><\/ds:DigestValue>                             <\/xades:CertDigest>                             <xades:IssuerSerial>                                 <ds:X509IssuerName><?= $x509IssuerName ?><\/ds:X509IssuerName>                                 <ds:X509SerialNumber><?= $x509SerialNumber ?><\/ds:X509SerialNumber>                             <\/xades:IssuerSerial>                         <\/xades:Cert>                     <\/xades:SigningCertificate>                 <\/xades:SignedSignatureProperties>             <\/xades:SignedProperties>         <\/xades:QualifyingProperties>     <\/ds:Object> <\/ds:Signature><\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0438\u043c \u043a\u0430\u043a \u044d\u0442\u043e \u0432\u0441\u0451 \u0441\u043b\u0438\u0442\u044c \u0432\u043e\u0435\u0434\u0438\u043d\u043e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 xml-\u0437\u0430\u043f\u0440\u043e\u0441<\/p>\n
\u041d\u0430 \u044d\u0442\u043e\u043c \u044d\u0442\u0430\u043f\u0435 \u044f \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0443, \u0447\u0442\u043e \u0432\u044b \u0443\u0436\u0435 \u0437\u043d\u0430\u0435\u0442\u0435 \u043a\u0430\u043a \u0438\u0437 WSDL \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u0442\u044c xml-\u0437\u0430\u043f\u0440\u043e\u0441<\/p>\n
\n\u0415\u0441\u043b\u0438 \u043d\u0435\u0442<\/summary>\n
\n
    \n
  1. \n
    \u0433\u0443\u0433\u043b\u0438\u043c «php soap client wsdl»<\/p>\n<\/li>\n
  2. \n
    \u043f\u0438\u0448\u0435\u043c \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u0443\u044e \u043e\u0431\u0451\u0440\u0442\u043a\u0443 \u043d\u0430\u0434 soap client<\/p>\n<\/li>\n
  3. \n
    \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u043c \u0441\u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0438\u0437 wsdl \u0437\u0430\u043f\u0440\u043e\u0441<\/p>\n<\/li>\n<\/ol>\n
    \u041f\u0440\u0438\u043c\u0435\u0440 \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u043e\u0439 \u043e\u0431\u0451\u0440\u0442\u043a\u0438 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u0432 \u043f\u0435\u0440\u0432\u043e\u0439 \u0447\u0430\u0441\u0442\u0438 \u0441\u0442\u0430\u0442\u0435\u0439 \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435 \u0432\u0432\u0435\u0440\u0445\u0443<\/p>\n<\/div>\n<\/details>\n
    $xml = Xml::fromText($request); # $request = \u0432\u0430\u0448 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u044b\u0439 wsdl-\u0437\u0430\u043f\u0440\u043e\u0441 $xml->setVersion('13.1.1.6');  $signedXml = SignedXml::fromText($xml->saveXML())->saveXML();<\/code><\/pre>\n
    \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u044f:<\/p>\n
      \n
    1. \n
      \u041d\u0430 \u0441\u0442\u0440\u043e\u043a\u0435 38 \u0432 \u043a\u043b\u0430\u0441\u0441\u0435 XML<\/code> \u0438\u0434\u0451\u0442 \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 wsdl-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u043f\u043e-\u0434\u0440\u0443\u0433\u043e\u043c\u0443 \u0432\u044b\u0447\u043b\u0435\u043d\u044f\u0442\u044c \u0442\u0435\u043b\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u0441\u043b\u043e\u0436\u043d\u043e\u0432\u0430\u0442\u043e<\/em><\/p>\n<\/li>\n
    2. \n
      \u041f\u043e \u043a\u043b\u0430\u0441\u0441\u0443 SignedXML<\/code>:<\/p>\n
        \n
      1. \n
        \u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 OpenSSLInterface<\/code> \u0438\u043d\u0436\u0435\u043a\u0442\u0438\u0442\u0435 \u043a\u0430\u043a \u0445\u043e\u0442\u0438\u0442\u0435, \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u0432 Yii2<\/code> \u044d\u0442\u043e \u043f\u0440\u043e\u0449\u0435 \u0447\u0435\u0440\u0435\u0437 service locator \u0431\u044b\u043b\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c<\/p>\n<\/li>\n
      2. \n
        \u041d\u0430 \u0441\u0442\u0440\u043e\u043a\u0435 52 \u0435\u0441\u0442\u044c DateHelper::soap()<\/code> — \u044d\u0442\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u0442\u0435\u043a\u0443\u0449\u0430\u044f \u0434\u0430\u0442\u0430 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 Y-m-d\\TH:i:s.uP<\/code><\/p>\n<\/li>\n
      3. \n
        \u041d\u0430 \u0441\u0442\u0440\u043e\u043a\u0435 57 \u0438\u0434\u0451\u0442 \u0438\u043c\u043f\u043e\u0440\u0442 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 — \u043c\u0435\u043d\u044f\u0439\u0442\u0435 \u043d\u0430 \u043d\u0443\u0436\u043d\u044b\u0439 \u0432\u0430\u043c. \u041c\u043e\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0442\u0443\u0442 \u043e\u043f\u044f\u0442\u044c \u0436\u0435 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430<\/p>\n<\/li>\n<\/ol>\n<\/li>\n
      4. \n
        \u041f\u043e \u043a\u043b\u0430\u0441\u0441\u0443 OpenSSL<\/code>:<\/p>\n
          \n
        1. \n
          \u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 X509Interface<\/code> \u0438\u043d\u0436\u0435\u043a\u0442\u0438\u0442\u0435 \u043a\u0430\u043a \u0445\u043e\u0442\u0438\u0442\u0435)<\/p>\n<\/li>\n
        2. \n
          \u0414\u0430, \u0434\u043b\u044f \u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f digest<\/code> \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f shell_exec<\/code>. \u0415\u0441\u043b\u0438 \u043e\u0447\u0435\u043d\u044c \u0445\u043e\u0447\u0435\u0442\u0441\u044f, \u0442\u043e \u043f\u0435\u0440\u0435\u0441\u043e\u0431\u0438\u0440\u0430\u0439\u0442\u0435 php<\/code> \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 openssl<\/code> \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 `gost-engine`)<\/p>\n<\/li>\n
        3. \n
          \u041d\u0430 \u0441\u0442\u0440\u043e\u043a\u0435 59 \u0432 dgst<\/code> \u0432\u0442\u043e\u0440\u044b\u043c \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u043c \u043f\u0435\u0440\u0435\u0434\u0430\u0451\u0442\u0441\u044f \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0439 \u043a\u043b\u044e\u0447 \u0432\u0430\u0448\u0435\u0433\u043e \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0438\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432 \u043f\u0435\u0440\u0432\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435<\/p>\n<\/li>\n<\/ol>\n<\/li>\n
        4. \n
          \u041f\u043e \u043a\u043b\u0430\u0441\u0441\u0443 X509<\/code>:<\/p>\n
            \n
          1. \n
            \u041f\u043e\u0436\u0430\u043b\u0443\u0439, \u0442\u043e, \u043e\u0442 \u0447\u0435\u0433\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0441\u0435\u0434\u0435\u044e\u0442 \u0432\u043e\u043b\u043e\u0441\u044b \u0432\u043e \u0432\u0441\u0435\u0439 \u044d\u0442\u043e\u0439 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 — \u044d\u0442\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0439 \u0441 \u0434\u0430\u043d\u043d\u044b\u043c\u0438. \u0423 \u0432\u0441\u0435\u0445 \u043d\u043e\u0440\u043c\u0430\u043b\u044c\u043d\u044b\u0445 \u043b\u044e\u0434\u0435\u0439 \u0418\u041d\u041d \u043b\u0435\u0436\u0438\u0442 \u0432 \u043f\u043e\u043b\u0435 INN, \u0443 \u0433\u0438\u0441 \u0436\u043a\u0445 \u044d\u0442\u043e \u043f\u043e\u0447\u0435\u043c\u0443-\u0442\u043e 1.2.643.100.4<\/code><\/p>\n<\/li>\n
          2. \n
            \u041d\u0430 \u0441\u0442\u0440\u043e\u043a\u0435 25 \u043c\u044b \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c \u0441\u0435\u0440\u0438\u0439\u043d\u0438\u043a \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430:<\/p>\n
            public static function bcHexToDecimal(string $hex): string {     if (strlen($hex) === 1) {         return hexdec($hex);     }      $remain = substr($hex, 0, -1);     $last = substr($hex, -1);      return bcadd(bcmul(16, self::bcHexToDecimal($remain)), hexdec($last)); }<\/code><\/pre>\n<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n
            \u041f\u0430\u0440\u0430-\u043f\u0430\u0440\u0430-\u043f\u0430\u043c! \u0412\u043e\u0442 \u0438 \u0432\u0441\u0451. \u042d\u0442\u043e\u0442 \u043c\u0430\u043d\u0451\u0432\u0440 \u0441\u0442\u043e\u0438\u043b \u043c\u043d\u0435 2 \u043d\u0435\u0434\u0435\u043b\u0438 \u0436\u0438\u0437\u043d\u0438. \u041d\u0430\u0434\u0435\u044e\u0441\u044c, \u043f\u0440\u0438\u0433\u043e\u0434\u0438\u0442\u0441\u044f \u0432\u0430\u043c.<\/p>\n
            \u041a\u0430\u043a \u0432\u0441\u0435\u0433\u0434\u0430 — \u0440\u0430\u0434 \u043b\u044e\u0431\u044b\u043c \u0432\u043e\u043f\u0440\u043e\u0441\u0430\u043c, \u0432\u0441\u0451 \u0447\u0442\u043e \u043d\u0430\u0434\u043e — \u0434\u043e\u043f\u0438\u0448\u0443 \u0432 \u0441\u0442\u0430\u0442\u044c\u044e.<\/p>\n<\/div>\n<\/div>\n<\/div>\n
              <\/div>\n
              
             \u0441\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b \u0441\u0442\u0430\u0442\u044c\u0438  https:\/\/habr.com\/ru\/post\/710532\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
            <\/div>\n
            \n
            \n
            \n
            \n
            \u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u0442\u0430 \u043f\u0440\u043e \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044e \u0441 \u0413\u0418\u0421 \u0416\u041a\u0425 — https:\/\/habr.com\/en\/post\/710462\/<\/a><\/p>\n
            \u0412 \u044d\u0442\u043e\u0439 \u0447\u0430\u0441\u0442\u0438 \u0440\u0430\u0437\u0431\u0435\u0440\u0451\u043c \u043a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u0442\u044c xml-\u0437\u0430\u043f\u0440\u043e\u0441 \u0432 php<\/code> \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 openssl<\/code><\/p>\n
            \u0412 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u044f \u043d\u0435 \u0440\u0430\u0437\u0431\u0438\u0440\u0430\u044e \u043f\u043e\u0447\u0435\u043c\u0443 xmldsig<\/code> \u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438\u043c\u0435\u043d\u043d\u043e \u0442\u0430\u043a — \u044f \u043f\u0440\u0438\u0432\u043e\u0436\u0443 \u043f\u0440\u0438\u043c\u0435\u0440 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u044f \u043e\u0436\u0438\u0434\u0430\u044e, \u0447\u0442\u043e \u0432\u044b \u0443\u0436\u0435 \u0437\u043d\u0430\u043a\u043e\u043c\u044b \u0441 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u043f\u043e\u043d\u044f\u0442\u0438\u044f\u043c\u0438 \u0438 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u043c \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u043f\u043e xmldsig<\/code>.<\/p>\n
            \u0411\u0443\u0434\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e openssl<\/code> \u0438\u0437 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043f\u043e\u0441\u0442\u0430, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u043d \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u0435\u043d \u043a \u043f\u0440\u043e\u0447\u0442\u0435\u043d\u0438\u044e<\/p>\n
            \u0412 \u043e\u0441\u043d\u043e\u0432\u0435 \u0432\u0441\u0435\u0433\u043e \u043b\u0435\u0436\u0438\u0442 \u0431\u0430\u0437\u043e\u0432\u044b\u0439 \u043a\u043b\u0430\u0441\u0441 Xml<\/code>, \u043d\u0430\u0441\u043b\u0435\u0434\u0443\u0435\u043c\u044b\u0439 \u043e\u0442 DOMDocument<\/code>:<\/p>\n
            \nXml<\/summary>\n
            \n
            <?php  namespace gis\\xml;  use DOMDocument as GlobalDOMDocument; use DOMElement; use RuntimeException;  class Xml extends GlobalDOMDocument {     public function setVersion(string $version)     {         $this->addAttributeToTag($this->getRequestPayloadXml()->localName, new TagAttributeData([             'attributeName' => 'base:version',             'attributeValue' => $version,             'attributeNamespace' => 'xmlns:base',             'attributeNamespaceValue' => 'http:\/\/dom.gosuslugi.ru\/schema\/integration\/base\/'         ]));     }      public function addAttributeToTag(string $tagName, TagAttributeData $tagAttributeData)     {         \/** @var DOMElement $tag *\/         $tag = $this->getElementByTagName($tagName);          if ($tagAttributeData->getAttributeNamespace()) {             $tag->setAttribute($tagAttributeData->getAttributeNamespace(), $tagAttributeData->getAttributeNamespaceValue());         }         $tag->setAttribute($tagAttributeData->getAttributeName(), $tagAttributeData->getAttributeValue());          $tmpDoc = self::fromText($tag->C14N(true), false);         $imported = $this->importNode($tmpDoc->documentElement, true);         $body = $this->getBody();         $body->removeChild($tag);         $body->appendChild($imported);     }      public function getRequestPayloadXml(): DOMElement     {         $availableTags = ['exportDSRsRequest', 'importDSRResponsesRequest'];         foreach ($availableTags as $tagName) {             if ($found = $this->getElementByTagName($tagName)) {                 return $found;             }         }         throw new RuntimeException('Not yet implemented');     }      public function getElementByTagName(string $qualifiedName): ?DOMElement     {         return $this->getElementsByTagName($qualifiedName)->item(0);     }      public static function fromText(string $source, bool $canonicalize = true): static     {         $xml = new static('1.0', 'utf-8');         $xml->loadXML($source);          return $canonicalize ? self::fromText($xml->C14N(), false) : $xml;     }      public function getBody(): DOMElement     {         return $this->getElementByTagName('Body');     } } <\/code><\/pre>\n<\/p>\n<\/p>\n<\/div>\n<\/details>\n
            \u0412 \u043d\u0451\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441 TagAttributeData<\/code> — \u044d\u0442\u043e \u043f\u0440\u043e\u0441\u0442\u043e DTO<\/code> \u0441 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u043e \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0443 \u0442\u044d\u0433\u0430:<\/p>\n
            \nTagAttributeData<\/summary>\n
            \n
            <?php  namespace gis\\xml;  use yii\\base\\Component;  final class TagAttributeData extends Component {     public string $attributeName;     public string $attributeValue;     public ?string $attributeNamespace = null;     public ?string $attributeNamespaceValue = null;      public function getAttributeName(): string     {         return $this->attributeName;     }      public function getAttributeValue(): string     {         return $this->attributeValue;     }      public function getAttributeNamespace(): ?string     {         return $this->attributeNamespace;     }      public function getAttributeNamespaceValue(): ?string     {         return $this->attributeNamespaceValue;     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
            \u041e\u0442 \u043d\u0435\u0433\u043e \u043d\u0430\u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043a\u043b\u0430\u0441\u0441 SignedXml<\/code>, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441:<\/p>\n
            \nSignedXml<\/summary>\n
            \n
            <?php  namespace gis\\xml;  use common\\helpers\\DateHelper; use DOMElement; use DOMNode; use gis\\components\\UUID; use gis\\openssl\\OpenSSLInterface; use Yii;  final class SignedXml extends Xml {     private OpenSSLInterface $openssl;      public function __construct(string $version, string $encoding)     {         $this->openssl = Yii::$app->get('openssl');          parent::__construct($version, $encoding);     }      public function saveXML(?DOMNode $node = null, int $options = null): string|false     {         $this->tagSignedElement();          $signatureElement = $this->importSignatureContainer();         $this->digestSignedProperties($signatureElement);         $this->digestSignedInfo($signatureElement);          return parent::saveXML();     }      private function tagSignedElement(): void     {         $this->addAttributeToTag($this->getRequestPayloadXml()->localName, new TagAttributeData([             'attributeName' => 'Id',             'attributeValue' => 'signed-data-container',         ]));     }      private function importSignatureContainer(): DOMElement     {         $x509 = $this->openssl->getX509();          $signedInfoProperties = [             'signatureId' => UUID::new(),             'keyInfoId' => UUID::new(),             'canonicalDataDigest' => $this->openssl->digest($this->getRequestPayloadXml()->C14N(true)),             'x509CertDigest' => $this->openssl->digest(base64_decode($x509->getStripped())),             'x509Cert' => $x509->getStripped(),             'signingTime' => DateHelper::soap(),             'x509IssuerName' => $x509->getIssuerName(),             'x509SerialNumber' => $x509->getSerialNumber()         ];          $render = Yii::$app->getView()->renderPhpFile(Yii::getAlias('@gis\/templates\/full-signature.php'), $signedInfoProperties);         $signatureContainer = Xml::fromText($render);         $signatureElement = $this->importNode($signatureContainer->documentElement, true);         $actualRequestBody = $this->getRequestPayloadXml();         $firstParam = $actualRequestBody->childNodes->item(0);         $actualRequestBody->insertBefore($signatureElement, $firstParam);          return $signatureElement;     }      private function digestSignedProperties(DOMElement $signatureElement): void     {         $signedPropertiesElement = $signatureElement->getElementsByTagName('SignedProperties')->item(0);         $signedPropertiesDigest = $this->openssl->digest($signedPropertiesElement->C14N(true));         $signatureElement->getElementsByTagName('DigestValue')->item(1)->textContent = $signedPropertiesDigest;     }      private function digestSignedInfo(DOMElement $signatureElement): void     {         $signatureValue = $this->openssl->sign($signatureElement->getElementsByTagName('SignedInfo')->item(0)->C14N(true));         $signatureElement->getElementsByTagName('SignatureValue')->item(0)->textContent = $signatureValue;     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
            \u0412 \u043d\u0451\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441 UUID<\/code>:<\/p>\n
            \nUUID<\/summary>\n
            \n
            <?php  namespace gis\\components;  class UUID {     public static function new(): string     {         $data = random_bytes(16);          return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
            \u0414\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u0432\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 OpenSSLInterface<\/code> \u0438 X509Interface<\/code>, \u043f\u0440\u0438\u0432\u0435\u0434\u0443 \u0438\u0445 \u0442\u0435\u043a\u0443\u0449\u0438\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438:<\/p>\n
            \nOpenSSLInterface<\/summary>\n
            \n
            <?php  namespace gis\\openssl;  use gis\\components\\TemporaryFile; use Yii; use yii\\base\\Component;  class OpenSSL extends Component implements OpenSSLInterface {     private X509Interface $x509;      public function __construct($config = [])     {         $this->x509 = Yii::$app->get('x509')::fromFile(Yii::$app->params['gis']['openssl']['x509.pem']);          parent::__construct($config);     }      public function digest(string $value): string     {         return $this->dgst($value);     }      private function dgst(string $value, ?string $privateKeyPath = null): bool|string|null     {         $temporaryFile = new TemporaryFile($value);         $filepath = $temporaryFile->getFilepath();          $command = [             'cat',             $filepath,             '|',             'openssl',             'dgst',             '-md_gost12_256',             '-binary',         ];          if ($privateKeyPath) {             $command = array_merge($command, [                 '-sign',                 $privateKeyPath             ]);         }          $command = array_merge($command, [             '|',             'base64',             '-w',             '0'         ]);          return shell_exec(implode(' ', $command));     }      public function sign(string $value): string     {         return $this->dgst($value, Yii::$app->params['gis']['openssl']['private.key']);     }      public function getX509(): X509Interface     {         return $this->x509;     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
            \u0412 \u043d\u0451\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441 TemporaryFile<\/code>:<\/p>\n
            \nTemporaryFile<\/summary>\n
            \n
            <?php  namespace gis\\components;  class TemporaryFile {     private string $filepath;      public function __construct(?string $data = null)     {         $this->filepath = tempnam(sys_get_temp_dir(), 'php');         $data && $this->setData($data);     }      public function setData(string $data): void     {         file_put_contents($this->getFilepath(), $data);     }      public function getFilepath(): bool|string     {         return $this->filepath;     }      public function __destruct()     {         $this->destroy();     }      private function destroy(): void     {         if (!file_exists($this->filepath)) {             return;         }         unlink($this->filepath);     } } <\/code><\/pre>\n<\/p>\n<\/div>\n<\/details>\n
            \nX509Interface<\/summary>\n
            \n
            <?php  namespace gis\\openssl;  use common\\components\\MathHelper; use yii\\base\\Component;  final class X509 extends Component implements X509Interface {     private string $content;      public static function fromFile(string $filepath): static     {         $x509 = new self();         $x509->content = file_get_contents($filepath);          return $x509;     }      public function getSerialNumber(): string     {         $serialNumber = $this->getParsedValue('serialNumber');          return str_starts_with($serialNumber, '0x')             ? MathHelper::bcHexToDecimal(substr($serialNumber, 2))             : $serialNumber;     }      private function getParsedValue(string $key): mixed     {         $read = openssl_x509_read($this->content);          return openssl_x509_parse($read)[$key] ?? null;     }      public function getIssuerName(): string     {         $issuer = $this->getParsedValue('issuer');<\/code><\/pre>\n<\/div>\n<\/details>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-343917","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/343917","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=343917"}],"version-history":[{"count":0,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/343917\/revisions"}],"wp:attachment":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=343917"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=343917"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=343917"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}