Index

  1. \setasign\SetaPDF2
    1. Signer
      1. Signature
        1. Module
          1. Cms
          2. DictionaryInterface
          3. DocumentInterface
          4. ModuleInterface
          5. OpenSsl
          6. OpenSslCli
          7. OpenSslCliCms
          8. Pades
          9. PadesProxyTrait

setasign\SetaPDF2\Signer\Signature\Module

OpenSslCliCms A signature module which uses the CMS utility of OpenSSL via command line.

File: /SetaPDF v2/Signer/Signature/Module/OpenSslCliCms.php
Old class name (alias): \SetaPDF_Signer_Signature_Module_OpenSslCliCms

The CMS utility is described here: http://www.openssl.org/docs/apps/cms.html.

Class hierarchy

Implements

Summary

Methods

Properties

Properties

$_certificate

protected string OpenSslCli::$_certificate

The path to the signing certificate

$_digest

protected string OpenSslCliCms::$_digest = 'sha256'

The digest algorithm to use when signing

$_extraCertificates

protected string OpenSslCli::$_extraCertificates

The path to the extra/other certificates

$_keyOptions

protected array OpenSslCliCms::$_keyOptions = array()

Options which are used as -keyopt argument

$_openSslPath

protected string OpenSslCli::$_openSslPath = '/usr/bin/'

A path to additional certificates to be specified

$_outPath

protected string OpenSslCli::$_outPath

A temporary path of the signed message

$_privateKey

protected string OpenSslCli::$_privateKey

The path to the private key to use when signing

$_privateKeyPassword

protected string OpenSslCli::$_privateKeyPassword

The private key password source

See

Methods

_cleanUp()

protected OpenSslCli::_cleanUp (
void
): void

Removes temporary file if needed.

_createCommand()

protected OpenSslCliCms::_createCommand (
string $inPath
): string

Creates the command line command.

Parameters
$inPath : string
 

_getUtility()

protected OpenSslCliCms::_getUtility (
void
): string

Returns the name of the OpenSSL utitlity.

createSignature()

public OpenSslCli::createSignature (): string

Create the signature.

This method creates a digital signature for the file available in $tmpPath and returns it in binary format.

Parameters
$tmpPath : \SetaPDF_Core_Reader_FilePath
 
Exceptions

Throws \setasign\SetaPDF2\Signer\Exception

Throws \InvalidArgumentException

getCertificate()

public OpenSslCli::getCertificate (
void
): string

Get the path to the signing certificate.

getDigest()

public OpenSslCli::getDigest (
void
): string

Get the digest algorithm.

getExtraCertificates()

public OpenSslCli::getExtraCertificates (
void
): string

Get the path of the file with additional certificates.

getKeyOptions()

public OpenSslCliCms::getKeyOptions (
void
): string[]

Get all signing key options.

getOpenSslPath()

public OpenSslCli::getOpenSslPath (
void
): string

Get the path to the openssl binary.

getPrivateKey()

public OpenSslCli::getPrivateKey (
void
): string

Get the path to the private key file.

getPrivateKeyPassword()

public OpenSslCli::getPrivateKeyPassword (
void
): string

Get the private key password source.

setCertificate()

public OpenSslCli::setCertificate (
string $certificate
): void

Set the path to the signing certificate.

Parameters
$certificate : string
 
Exceptions

Throws \InvalidArgumentException

setDigest()

public OpenSslCli::setDigest (
string $digest
): void

Set the digest algorithm to use when signing.

Possible values are defined in \setasign\SetaPDF2\Signer\Digest.

Parameters
$digest : string
 
See

setExtraCertificates()

public OpenSslCli::setExtraCertificates (
?string $extraCertificates
): void

Set the path to a file with additional certificates which will be included in the signature.

If the certificates are saved in separate files, you will need to assemble them in one single file. Just copy them with a text editor one after another.

Parameters
$extraCertificates : ?string
 
Exceptions

Throws \InvalidArgumentException

setKeyOption()

public OpenSslCliCms::setKeyOption (
string $name,
string $value
): void

Set a signing key options (passed via -keyopt argument).

Parameters
$name : string
 
$value : string
 

setOpenSslPath()

public OpenSslCli::setOpenSslPath (
string $openSslPath
): void

Set the path to the openssl binary.

Parameters
$openSslPath : string
 

setPrivateKey()

public OpenSslCli::setPrivateKey (
array|string $privateKey,
null $password = null
): void

Set the path to the private key file and password argument.

Parameters
$privateKey : array|string

An array of private key and password or only a private key.

$password : null
 
Exceptions

Throws \InvalidArgumentException

setPrivateKeyPassword()

public OpenSslCli::setPrivateKeyPassword (
string $password
): void

Set the private key password source.

Parameters
$password : string
 
See

© 2025 Setasign GmbH & Co. KG · Contact / Imprint · Data Privacy Statement (German)