SetaPDF_Signer_Signature_Module_Pades A signature module to create PAdES-BES/B-B conform signatures.
File: /SetaPDF v2/Signer/Signature/Module/Pades.php
This modules allows you to create signatures conforming to the PAdES-BES profile as specified in ETSI TS 102 778-3 or the PAdES baseline signature level B-B (PAdES-B-B) specified in ETSI EN 319 142-1.
By adding a signature time-stamp through e.g. the SetaPDF_Signer_Timestamp_Module_Rfc3161_Curl
class
you can add the optional signature time-stamp attribute to comply with e.g. PAdES-B-T (ETSI EN 319 142-1).
Class hierarchy
Implements
- SetaPDF_Signer_Signature_DictionaryInterface
- SetaPDF_Signer_Signature_DocumentInterface
- SetaPDF_Signer_Signature_Module_ModuleInterface
Summary
Methods
- _getSignatureAlgorithmIdentifier()
- _getSignedAttributes()
- _getSigningCertificateV2Attribute()
- _getUnsignedAttributes()
- addCrl()
- addOcspResponse()
- addSigningCertificateV2()
- createSignature()
- getCertificate()
- getCms()
- getDataToSign()
- getDigest()
- setCertificate()
- setDigest()
- setExtraCertificates()
- setOcspResponse()
- setPrivateKey()
- setSignatureValue()
- updateDocument()
- updateSignatureDictionary()
Properties
$_cms
The CMS structure
$_extraCertificates
Additional certificates to be specified
$_oCertificate
Get the original signing certificate argument
$_ocspResponses
OCSP response instances to be embedded in the RevocationInfoArchival attribute.
$_privateKey
The private key to use when signing
Static Methods
getParsedCertificate()
WARNING: This method is marked as deprecated!
Ensures a certificate parameter and parses it into an ASN.1 element object structure.
Parameters
- $certificate : string
A PEM encoded string or path to a PEM encoded X.509 certificate.
Exceptions
Throws InvalidArgumentException
Methods
_getSignedAttributes()
Creates and returns all signed attribues.
Overwritten to add additional required signing attributes.
Exceptions
Throws SetaPDF_Signer_Exception
_getSigningCertificateV2Attribute()
Create and return the Signing Certificate Reference Attributes.
Exceptions
Throws SetaPDF_Signer_Exception
_getUnsignedAttributes()
Creates and returns unsigned attributes.
addCrl()
Adds an CRL which will be embedded in the CMS structure.
Parameters
- $crl : string|SetaPDF_Signer_X509_Crl
addOcspResponse()
Adds an OCSP response which will be embedded in the CMS structure.
Parameters
- $ocspResponse : string|SetaPDF_Signer_Ocsp_Response
DER encoded OCSP response or OCSP response instance.
Exceptions
Throws SetaPDF_Signer_Exception
addSigningCertificateV2()
Adds Signing Certificate Reference Attribute.
Parameters
- $certificate : string|string[]|SetaPDF_Signer_X509_Certificate|SetaPDF_Signer_X509_Certificate[]
- $hashAlgorithm : string
Exceptions
createSignature()
Create a signature for the file in the given $tmpPath.
Parameters
- $tmpPath : SetaPDF_Core_Reader_FilePath
Exceptions
Throws BadMethodCallException
Throws SetaPDF_Signer_Exception
getCertificate()
Get the certificate value.
getCms()
getDataToSign()
Get the data which needs to be digitally signed.
Parameters
- $tmpPath : SetaPDF_Core_Reader_FilePath
Exceptions
Throws SetaPDF_Signer_Exception
setCertificate()
Set the signing certificate.
Parameters
- $certificate : string|SetaPDF_Signer_X509_Certificate
PEM encoded certificate, path to the PEM encoded certificate or a certificate instance.
Exceptions
Throws InvalidArgumentException
setDigest()
Set the digest algorithm to use when signing.
Possible values are defined in TS 119 312.
Parameters
- $digest : string
See
setExtraCertificates()
Add additional certificates which are placed into the CMS structure.
Parameters
- $extraCertificates : array|SetaPDF_Signer_X509_Collection
PEM encoded certificates or pathes to PEM encoded certificates.
Exceptions
setOcspResponse()
WARNING: This method is marked as deprecated!
Alias for addOcspResponse().
Parameters
- $ocspResponse : string
DER encoded OCSP response.
Exceptions
Throws SetaPDF_Signer_Exception
setPrivateKey()
Set the the private key or a path to the private key file and password argument.
Parameters
- $privateKey : resource|OpenSSLAsymmetricKey|string|array
A key, returned by openssl_get_privatekey() or a PEM formatted key as a string. Or a string having the format file://path/to/file.pem
- $passphrase : string
The optional parameter passphrase must be used if the specified key is encrypted (protected by a passphrase).
Exceptions
Throws InvalidArgumentException
setSignatureValue()
Set the signature value.
By default this needs to be the binary string of an RSASSA-PKCS1-v1_5 signature operation.
Parameters
- $signatureValue : string
updateDocument()
Updates the document instance.
Parameters
- $document : SetaPDF_Core_Document
Exceptions
Throws SetaPDF_Core_SecHandler_Exception
Throws SetaPDF_Core_Type_Exception
See
- ETSI TS 102 778-3 V1.2.1 - 4.7 Extensions Dictionary
- ETSI EN 319 142-1 V1.1.0 - 5.6 Extension dictionary
updateSignatureDictionary()
Updates the signature dictionary.
PAdES requires special Filter and SubFilter entries in the signature dictionary.
Parameters
- $dictionary : SetaPDF_Core_Type_Dictionary
Exceptions
Throws SetaPDF_Signer_Exception