SetaPDF_Signer_Signature_Module_Cms A signature module to create CMS signatures.
File: /SetaPDF v2/Signer/Signature/Module/Cms.php
This module creates a signature using the Cryptographic Message Syntax (CMS - described in RFC3852).
It allows a low level access to the ASN.1 structure, including signed and unsigned attributes. The final signature makes use of the openssl_sign() function.
To add additional signed or unsigned attributes this class needs to be extended and own implementations of the _getSignedAttributes() and _getUnsignedAttributes() needs to be implemented.
By default the class makes use of signed attributes to reduce the overhead data that needs to be signed (see getDataToSign()).
Class hierarchy
Implements
Summary
Properties
$_cms
The CMS structure
$_extraCertificates
Additional certificates to be specified
$_oCertificate
Get the original signing certificate argument
$_ocspResponses
OCSP response instances to be embedded in the RevocationInfoArchival attribute.
$_privateKey
The private key to use when signing
Static Methods
getParsedCertificate()
Ensures a certificate parameter and parses it into an ASN.1 element object structure.
Parameters
- $certificate : string
A PEM encoded string or path to a PEM encoded X.509 certificate.
Exceptions
Throws InvalidArgumentException
Methods
_getSignedAttributes()
Creates and returns all signed attribues.
Overwrite this method to add individual signed attributes.
_getUnsignedAttributes()
Creates and returns unsigned attributes.
addCrl()
Adds an CRL which will be embedded in the CMS structure.
Parameters
- $crl : string|SetaPDF_Signer_X509_Crl
addOcspResponse()
Adds an OCSP response which will be embedded in the CMS structure.
Parameters
- $ocspResponse : string|SetaPDF_Signer_Ocsp_Response
DER encoded OCSP response or OCSP response instance.
Exceptions
Throws SetaPDF_Signer_Exception
createSignature()
Create a signature for the file in the given $tmpPath.
Parameters
- $tmpPath : SetaPDF_Core_Reader_FilePath
Exceptions
Throws BadMethodCallException
Throws SetaPDF_Signer_Exception
getCertificate()
Get the certificate value.
getCms()
getDataToSign()
Get the data which needs to be digitally signed.
Parameters
- $tmpPath : SetaPDF_Core_Reader_FilePath
Exceptions
Throws SetaPDF_Signer_Exception
setCertificate()
Set the signing certificate (PEM).
Parameters
- $certificate : string|SetaPDF_Signer_X509_Certificate
PEM encoded certificate, path to the PEM encoded certificate or a certificate instance.
Exceptions
Throws InvalidArgumentException
setDigest()
Set the digest algorithm to use when signing.
Possible values are defined in SetaPDF_Signer_Digest.
Parameters
- $digest : string
See
setExtraCertificates()
Add additional certificates which are placed into the CMS structure.
Parameters
- $extraCertificates : array|SetaPDF_Signer_X509_Collection
PEM encoded certificates or pathes to PEM encoded certificates.
Exceptions
setOcspResponse()
Alias for addOcspResponse().
Parameters
- $ocspResponse : string
DER encoded OCSP response.
Exceptions
Throws SetaPDF_Signer_Exception
setPrivateKey()
Set the the private key or a path to the private key file and password argument.
Parameters
- $privateKey : resource|OpenSSLAsymmetricKey|string|array
A key, returned by openssl_get_privatekey() or a PEM formatted key as a string. Or a string having the format file://path/to/file.pem
- $passphrase : string
The optional parameter passphrase must be used if the specified key is encrypted (protected by a passphrase).
Exceptions
Throws InvalidArgumentException
setSignatureValue()
Set the signature value.
By default this needs to be the binary string of an RSASSA-PKCS1-v1_5 signature operation.
Parameters
- $signatureValue : string