setasign\SetaPDF2\Signer\Signature\Module
Cms A signature module to create CMS signatures.
File: /SetaPDF v2/Signer/Signature/Module/Cms.php
Old class name (alias):
\SetaPDF_Signer_Signature_Module_Cms
This module creates a signature using the Cryptographic Message Syntax (CMS - described in RFC3852).
It allows a low level access to the ASN.1 structure, including signed and unsigned attributes. The final signature makes use of the openssl_sign() function.
To add additional signed or unsigned attributes this class needs to be extended and own implementations of the _getSignedAttributes() and _getUnsignedAttributes() needs to be implemented.
By default the class makes use of signed attributes to reduce the overhead data that needs to be signed (see getDataToSign()).
Class hierarchy
Implements
Summary
Properties
$_certificate
The signing certificate
$_cms
The CMS structure
$_hashValue
The signature hash value object in the CMS structure
$_oCertificate
Get the original signing certificate argument
$_privateKey
The private key to use when signing
$_signatureValue
The signature value object in the CMS structure
Static Methods
getParsedCertificate()
WARNING: This method is marked as deprecated!
Ensures a certificate parameter and parses it into an ASN.1 element object structure.
Parameters
- $certificate : string
A PEM encoded string or path to a PEM encoded X.509 certificate.
Exceptions
Throws \InvalidArgumentException
Methods
_getSignedAttributes()
Creates and returns all signed attribues.
Overwrite this method to add individual signed attributes.
addCrl()
Adds an CRL which will be embedded in the CMS structure.
Parameters
- $crl : string|\SetaPDF_Signer_X509_Crl
addOcspResponse()
Adds an OCSP response which will be embedded in the CMS structure.
Parameters
- $ocspResponse : string|\SetaPDF_Signer_Ocsp_Response
DER encoded OCSP response or OCSP response instance.
Exceptions
createSignature()
Create a signature for the file in the given $tmpPath.
Parameters
- $tmpPath : \SetaPDF_Core_Reader_FilePath
Exceptions
Throws \BadMethodCallException
getDataToSign()
Get the data which needs to be digitally signed.
Parameters
- $tmpPath : \SetaPDF_Core_Reader_FilePath
Exceptions
setCertificate()
Set the signing certificate (PEM).
Parameters
- $certificate : string|\SetaPDF_Signer_X509_Certificate
PEM encoded certificate, path to the PEM encoded certificate or a certificate instance.
Exceptions
Throws \InvalidArgumentException
setDigest()
Set the digest algorithm to use when signing.
Possible values are defined in \setasign\SetaPDF2\Signer\Digest.
Parameters
- $digest : string
See
setExtraCertificates()
Add additional certificates which are placed into the CMS structure.
Parameters
- $extraCertificates : array|\SetaPDF_Signer_X509_Collection
PEM encoded certificates or pathes to PEM encoded certificates.
Exceptions
setOcspResponse()
WARNING: This method is marked as deprecated!
Alias for addOcspResponse().
Parameters
- $ocspResponse : string
DER encoded OCSP response.
Exceptions
setPrivateKey()
Set the the private key or a path to the private key file and password argument.
Parameters
- $privateKey : resource|\OpenSSLAsymmetricKey|string|array
A key, returned by openssl_get_privatekey() or a PEM formatted key as a string. Or a string having the format file://path/to/file.pem
- $passphrase : string
The optional parameter passphrase must be used if the specified key is encrypted (protected by a passphrase).
Exceptions
Throws \InvalidArgumentException
setSignatureValue()
Set the signature value.
By default this needs to be the binary string of an RSASSA-PKCS1-v1_5 signature operation.
Parameters
- $signatureValue : string