Index

  1. \SetaPDF
    1. Signer
    2. Signer
      1. Asn1
      2. Cms
      3. Exception
      4. Exception
      5. InformationResolver
      6. Ocsp
      7. Signature
      8. Timestamp
      9. Tsp
      10. ValidationRelatedInfo
      11. X509
      12. CertificateBundler
      13. Digest
      14. DigestInterface
      15. DocumentSecurityStore
      16. Pem
      17. SignatureField
      18. TmpDocument

SetaPDF_Signer_DocumentSecurityStore Class representing a "Document Security Store" in a PDF document.

File: /SetaPDF v2/Signer/DocumentSecurityStore.php

Class hierarchy

Summary

Methods

Properties

Properties

$_document

protected SetaPDF_Core_Document SetaPDF_Signer_DocumentSecurityStore::$_document

The document instance

$_optimizeOcspResponses

protected bool SetaPDF_Signer_DocumentSecurityStore::$_optimizeOcspResponses = true

Defines whether OCSP responses should be embedded including their optional certificates (false) or not (true).


Methods

__construct()

public SetaPDF_Signer_DocumentSecurityStore::__construct ()

The constructor.

Parameters
$document : SetaPDF_Core_Document
 

_addStream()

protected SetaPDF_Signer_DocumentSecurityStore::_addStream (
string $type, string $data
): SetaPDF_Core_Type_IndirectObject

Adds a stream to the DSS data.

Parameters
$type : string

The type/key to which the data should be added.

$data : string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

_getStreams()

protected SetaPDF_Signer_DocumentSecurityStore::_getStreams (
string $type
): array

Get a stream by its type from the DSS dictionary.

Parameters
$type : string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

addCRL()

public SetaPDF_Signer_DocumentSecurityStore::addCRL (): SetaPDF_Core_Type_IndirectObject

Add a CRL to the CRLs entry in the DSS dictionary.

Parameters
$crl : string|SetaPDF_Signer_X509_Crl
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

addCRLs()

public SetaPDF_Signer_DocumentSecurityStore::addCRLs (
string[]|SetaPDF_Signer_X509_Crl[] $crls
): void

Add CRLs to the CRLs entry in the DSS dictionary.

Parameters
$crls : string[]|SetaPDF_Signer_X509_Crl[]
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

addCertificate()

public SetaPDF_Signer_DocumentSecurityStore::addCertificate (
string|SetaPDF_Signer_X509_Certificate $certificate
): SetaPDF_Core_Type_IndirectObject

Add a certificate to the Certs entry in the DSS dictionary.

Parameters
$certificate : string|SetaPDF_Signer_X509_Certificate
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Signer_Asn1_Exception

addCertificates()

public SetaPDF_Signer_DocumentSecurityStore::addCertificates (
string[]|SetaPDF_Signer_X509_Certificate[] $certificates
): void

Add certificates to the Certs entry in the DSS dictionary.

Parameters
$certificates : string[]|SetaPDF_Signer_X509_Certificate[]
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Signer_Asn1_Exception

addOCSP()

public SetaPDF_Signer_DocumentSecurityStore::addOCSP (
string|SetaPDF_Signer_Ocsp_Response $ocspResponse
): SetaPDF_Core_Type_IndirectObject

Add a OCSP response to the OCSPs entry in the DSS dictionary.

Parameters
$ocspResponse : string|SetaPDF_Signer_Ocsp_Response
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Signer_Asn1_Exception

Throws SetaPDF_Signer_Exception

addOCSPs()

public SetaPDF_Signer_DocumentSecurityStore::addOCSPs (): void

Add OCSP responses to the OCSPs entry in the DSS dictionary.

Parameters
$ocsps : string[]|SetaPDF_Signer_Ocsp_Response
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Signer_Asn1_Exception

Throws SetaPDF_Signer_Exception

addValidationRelatedInfo()

public SetaPDF_Signer_DocumentSecurityStore::addValidationRelatedInfo (
string $key [, array $crls = array ( ) [, array $ocsps = array ( ) [, array $certs = array ( ) [, null|SetaPDF_Core_DataStructure_Date|DateTime|string $timestamp = null ]]]]
): void

Add validation related information to the VRI dictionary of the DSS dictionary.

Parameters
$key : string

The sha1 digest of the signature.

$crls : array

An array of strings, SetaPDF_Signer_X509_Crl instances or SetaPDF_Core_Type_IndirectObjectInterface to streams of the CRLs.

$ocsps : array

An array of strings, SetaPDF_Signer_Ocsp_Response instances or SetaPDF_Core_Type_IndirectObjectInterface to streams of the OCSPs.

$certs : array

An array of strings, SetaPDF_Signer_X509_Certificate instances or SetaPDF_Core_Type_IndirectObjectInterface to streams of the certs.

$timestamp : null|SetaPDF_Core_DataStructure_Date|DateTime|string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Signer_Asn1_Exception

Throws SetaPDF_Signer_Exception

Throws Exception

addValidationRelatedInfoByField()

WARNING: This method is marked as deprecated!

Use SetaPDF_Signer_DocumentSecurityStore::addValidationRelatedInfoByFieldName() instead.

public SetaPDF_Signer_DocumentSecurityStore::addValidationRelatedInfoByField (
string $fieldName [, array $crls = array ( ) [, array $ocsps = array ( ) [, array $certs = array ( ) [, null|SetaPDF_Core_DataStructure_Date|DateTime|string $timestamp = null ]]]]
): void
Parameters
$fieldName : string

The signature field name.

$crls : array

An array of strings or SetaPDF_Core_Type_IndirectObjectInterface to streams of the CRLs.

$ocsps : array

An array of strings or SetaPDF_Core_Type_IndirectObjectInterface to streams of the OCSPs.

$certs : array

An array of strings or SetaPDF_Core_Type_IndirectObjectInterface to streams of the certs.

$timestamp : null|SetaPDF_Core_DataStructure_Date|DateTime|string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Signer_Asn1_Exception

Throws SetaPDF_Signer_Exception

See

addValidationRelatedInfoByFieldName()

public SetaPDF_Signer_DocumentSecurityStore::addValidationRelatedInfoByFieldName (
string $fieldName [, array $crls = array ( ) [, array $ocsps = array ( ) [, array $certs = array ( ) [, null|SetaPDF_Core_DataStructure_Date|DateTime|string $timestamp = null ]]]]
): void

Add validation related information to the VRI dictionary of the DSS dictionary by a specific signature field.

Parameters
$fieldName : string

The signature field name.

$crls : array

An array of strings or SetaPDF_Core_Type_IndirectObjectInterface to streams of the CRLs.

$ocsps : array

An array of strings or SetaPDF_Core_Type_IndirectObjectInterface to streams of the OCSPs.

$certs : array

An array of strings or SetaPDF_Core_Type_IndirectObjectInterface to streams of the certs.

$timestamp : null|SetaPDF_Core_DataStructure_Date|DateTime|string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Signer_Asn1_Exception

Throws SetaPDF_Signer_Exception

cleanUp()

public SetaPDF_Signer_DocumentSecurityStore::cleanUp (
void
): void

Release cycled references.

getCRLs()

public SetaPDF_Signer_DocumentSecurityStore::getCRLs (
void
): string[]

Get all CRLs the OCSPs entry in the DSS dictionary.

Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

getCertificates()

public SetaPDF_Signer_DocumentSecurityStore::getCertificates (
void
): string[]

Get all certificates from the Certs entry in the DSS dictionary.

Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

getDictionary()

public SetaPDF_Signer_DocumentSecurityStore::getDictionary (
[ bool $create = false ]
): null|SetaPDF_Core_Type_Dictionary

Get and/or creates the DSS dictionary.

Parameters
$create : bool
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

getOCSPs()

public SetaPDF_Signer_DocumentSecurityStore::getOCSPs (
void
): string[]

Get all OCSP responses from the OCSPs entry in the DSS dictionary.

Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

getOptimizeOcspResponses()

public SetaPDF_Signer_DocumentSecurityStore::getOptimizeOcspResponses (
void
): bool

Get whether OCSP responses should be optimized or not.

See

getSignatureDigest()

WARNING: This method is marked as deprecated!

Use SetaPDF_Signer_DocumentSecurityStore::getVriNameByFieldName() instead.

public SetaPDF_Signer_DocumentSecurityStore::getSignatureDigest (
string $fieldName
): string
Parameters
$fieldName : string
 
Exceptions

Throws SetaPDF_Core_Exception

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Core_Type_IndirectReference_Exception

Throws SetaPDF_Signer_Asn1_Exception

Throws SetaPDF_Signer_Exception

See

getValidationRelatedInfo()

public SetaPDF_Signer_DocumentSecurityStore::getValidationRelatedInfo (
[ null|string $vriKey = null ]
): array|array[]|bool

Get validation related information.

Parameters
$vriKey : null|string

The sha1 digest of the signature to get a specific information. Otherwise all found validation data is returned.

Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

getValidationRelatedInfoByField()

WARNING: This method is marked as deprecated!

Use SetaPDF_Signer_DocumentSecurityStore::getValidationRelatedInfoByFieldName() instead.

public SetaPDF_Signer_DocumentSecurityStore::getValidationRelatedInfoByField (
string $fieldName
): array|array[]|bool
Parameters
$fieldName : string

The signature field name.

Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Signer_Asn1_Exception

See

getValidationRelatedInfoByFieldName()

public SetaPDF_Signer_DocumentSecurityStore::getValidationRelatedInfoByFieldName (
string $fieldName
): array|array[]|bool

Get validation related information by a signature field name.

Parameters
$fieldName : string

The signature field name.

Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Signer_Asn1_Exception

getVriName()

public SetaPDF_Signer_DocumentSecurityStore::getVriName (): string

Get the signature digest of a CRL or OCSP response which can be used as an index in the VRI dictionary.

Parameters
$object : SetaPDF_Signer_Asn1_Signed
 

getVriNameByFieldName()

public SetaPDF_Signer_DocumentSecurityStore::getVriNameByFieldName (
string $fieldName
): string

Get the signature digest of a signature field, which can be used as an index in the VRI dictionary.

For a document signature the bytes that are hashed are those of the signature's DER-encoded PKCS#7 (and its derivatives) binary data object (base-16 decoded byte string in the Contents entry in the signature dictionary).

For the signatures of the CRL and OCSP response, it is the respective signature object represented as a BER-encoded OCTET STRING encoded with primitive encoding.

For a Time-stamp's signature it is the bytes of the Time-stamp itself since the Time-stamp token is a signed data object.
Parameters
$fieldName : string
 
Exceptions

Throws SetaPDF_Core_Exception

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Core_Type_IndirectReference_Exception

Throws SetaPDF_Signer_Asn1_Exception

Throws SetaPDF_Signer_Exception

setOptimizeOcspResponses()

public SetaPDF_Signer_DocumentSecurityStore::setOptimizeOcspResponses (
bool $optimizeOcspResponses
): void

Define whether OCSP responses should be optimized or not.

By optimizing (default = true) the OCSP responses the certificates are removed as they are normally embedded via self::addCertificates(), too. By doing this the certificates are not embedded twice.

Anyhow, there are validation enginges on the road which EXPECTS this optional field to be available.

Parameters
$optimizeOcspResponses : bool
 

© 2024 Setasign GmbH & Co. KG · Contact / Imprint · Data Privacy Statement (German)