Index

  1. \setasign\SetaPDF2
    1. Signer
      1. Signature
        1. Module
          1. Cms
          2. DictionaryInterface
          3. DocumentInterface
          4. ModuleInterface
          5. OpenSsl
          6. OpenSslCli
          7. OpenSslCliCms
          8. Pades
          9. PadesProxyTrait

setasign\SetaPDF2\Signer\Signature\Module

Pades A signature module to create PAdES-BES/B-B conform signatures.

File: /SetaPDF v2/Signer/Signature/Module/Pades.php
Old class name (alias): \SetaPDF_Signer_Signature_Module_Pades

This modules allows you to create signatures conforming to the PAdES-BES profile as specified in ETSI TS 102 778-3 or the PAdES baseline signature level B-B (PAdES-B-B) specified in ETSI EN 319 142-1.

By adding a signature time-stamp through e.g. the \setasign\SetaPDF2\Signer\Timestamp\Module\Rfc3161\Curl class you can add the optional signature time-stamp attribute to comply with e.g. PAdES-B-T (ETSI EN 319 142-1).

Class hierarchy

Implements

Summary

Static Methods

Methods

Properties

Properties

$_certificate

protected \SetaPDF_Signer_X509_Certificate Cms::$_certificate

The signing certificate

$_cms

protected ?\SetaPDF_Signer_Asn1_Element Cms::$_cms

The CMS structure

$_crls

protected \SetaPDF_Signer_X509_Crl[] Cms::$_crls = array()

CRL responses instances to be embedded in the RevocationInfoArchival attribute.

$_digest

protected string Cms::$_digest = 'sha256'

The digest algorithm to use when signing

$_extraCertificates

protected \SetaPDF_Signer_X509_Certificate[] Cms::$_extraCertificates = array()

Additional certificates to be specified

$_hashValue

protected \SetaPDF_Signer_Asn1_Element Cms::$_hashValue

The signature hash value object in the CMS structure

$_oCertificate

protected string|\SetaPDF_Signer_X509_Certificate Cms::$_oCertificate

Get the original signing certificate argument

$_ocspResponses

protected \SetaPDF_Signer_Ocsp_Response[] Cms::$_ocspResponses = array()

OCSP response instances to be embedded in the RevocationInfoArchival attribute.

$_privateKey

protected resource|string Cms::$_privateKey

The private key to use when signing

$_signatureValue

protected \SetaPDF_Signer_Asn1_Element Cms::$_signatureValue

The signature value object in the CMS structure

$_signingCertificatesV2

protected array Pades::$_signingCertificatesV2 = array()

Data for the signingCertificatesV2 attribute


Static Methods

getParsedCertificate()

WARNING: This method is marked as deprecated!

public static Cms::getParsedCertificate (
string $certificate
): \SetaPDF_Signer_Asn1_Element

Ensures a certificate parameter and parses it into an ASN.1 element object structure.

Parameters
$certificate : string

A PEM encoded string or path to a PEM encoded X.509 certificate.

Exceptions

Throws \InvalidArgumentException

Throws \setasign\SetaPDF2\Signer\Asn1\Exception


Methods

_getSignatureAlgorithmIdentifier()

protected Cms::_getSignatureAlgorithmIdentifier (
void
): void

_getSignedAttributes()

protected Pades::_getSignedAttributes (
void
): ?\SetaPDF_Signer_Asn1_Element[]

Creates and returns all signed attribues.

Overwritten to add additional required signing attributes.

Exceptions

Throws \setasign\SetaPDF2\Signer\Exception

_getSigningCertificateV2Attribute()

protected Pades::_getSigningCertificateV2Attribute (
void
): \SetaPDF_Signer_Asn1_Element

Create and return the Signing Certificate Reference Attributes.

Exceptions

Throws \setasign\SetaPDF2\Signer\Exception

_getUnsignedAttributes()

protected Cms::_getUnsignedAttributes (
void
): ?\SetaPDF_Signer_Asn1_Element[]

Creates and returns unsigned attributes.

addCrl()

public Cms::addCrl (): void

Adds an CRL which will be embedded in the CMS structure.

Parameters
$crl : string|\SetaPDF_Signer_X509_Crl
 

addOcspResponse()

public Cms::addOcspResponse (
string|\SetaPDF_Signer_Ocsp_Response $ocspResponse
): void

Adds an OCSP response which will be embedded in the CMS structure.

Parameters
$ocspResponse : string|\SetaPDF_Signer_Ocsp_Response

DER encoded OCSP response or OCSP response instance.

Exceptions

Throws \setasign\SetaPDF2\Signer\Exception

addSigningCertificateV2()

public Pades::addSigningCertificateV2 (): void

Adds Signing Certificate Reference Attribute.

Parameters
$certificate : string|string[]|\SetaPDF_Signer_X509_Certificate|\SetaPDF_Signer_X509_Certificate[]
 
$hashAlgorithm : string
 
Exceptions

Throws \setasign\SetaPDF2\Signer\Asn1\Exception

createSignature()

public Cms::createSignature (): string

Create a signature for the file in the given $tmpPath.

Parameters
$tmpPath : \SetaPDF_Core_Reader_FilePath
 
Exceptions

Throws \BadMethodCallException

Throws \setasign\SetaPDF2\Signer\Exception

getCertificate()

public Cms::getCertificate (
void
): string|\SetaPDF_Signer_X509_Certificate

Get the certificate value.

getCms()

public Cms::getCms (
void
): \SetaPDF_Signer_Asn1_Element

Get the complete Cryptographic Message Syntax structure.

Exceptions

Throws \setasign\SetaPDF2\Signer\Exception

getDataToSign()

public Cms::getDataToSign (): string

Get the data which needs to be digitally signed.

Parameters
$tmpPath : \SetaPDF_Core_Reader_FilePath
 
Exceptions

Throws \setasign\SetaPDF2\Signer\Exception

getDigest()

public Cms::getDigest (
void
): string

Get the digest algorithm.

setCertificate()

public Pades::setCertificate (
string|\SetaPDF_Signer_X509_Certificate $certificate
): void

Set the signing certificate.

Parameters
$certificate : string|\SetaPDF_Signer_X509_Certificate

PEM encoded certificate, path to the PEM encoded certificate or a certificate instance.

Exceptions

Throws \InvalidArgumentException

Throws \setasign\SetaPDF2\Signer\Asn1\Exception

setDigest()

public Pades::setDigest (
string $digest
): void

Set the digest algorithm to use when signing.

Possible values are defined in TS 119 312.

Parameters
$digest : string
 
See

setExtraCertificates()

public Cms::setExtraCertificates (
array|\SetaPDF_Signer_X509_Collection $extraCertificates
): void

Add additional certificates which are placed into the CMS structure.

Parameters
$extraCertificates : array|\SetaPDF_Signer_X509_Collection

PEM encoded certificates or pathes to PEM encoded certificates.

Exceptions

Throws \setasign\SetaPDF2\Signer\Asn1\Exception

setOcspResponse()

WARNING: This method is marked as deprecated!

public Cms::setOcspResponse (
string $ocspResponse
): void

Alias for addOcspResponse().

Parameters
$ocspResponse : string

DER encoded OCSP response.

Exceptions

Throws \setasign\SetaPDF2\Signer\Exception

setPrivateKey()

public Cms::setPrivateKey (
resource|\OpenSSLAsymmetricKey|string|array $privateKey,
string $passphrase = ''
): void

Set the the private key or a path to the private key file and password argument.

Parameters
$privateKey : resource|\OpenSSLAsymmetricKey|string|array

A key, returned by openssl_get_privatekey() or a PEM formatted key as a string. Or a string having the format file://path/to/file.pem

$passphrase : string

The optional parameter passphrase must be used if the specified key is encrypted (protected by a passphrase).

Exceptions

Throws \InvalidArgumentException

setSignatureValue()

public Cms::setSignatureValue (
string $signatureValue
): void

Set the signature value.

By default this needs to be the binary string of an RSASSA-PKCS1-v1_5 signature operation.

Parameters
$signatureValue : string
 

updateDocument()

public Pades::updateDocument (): void

Updates the document instance.

Parameters
$document : \SetaPDF_Core_Document
 
Exceptions

Throws \setasign\SetaPDF2\Core\SecHandler\Exception

Throws \setasign\SetaPDF2\Core\Type\Exception

See
  • ETSI TS 102 778-3 V1.2.1 - 4.7 Extensions Dictionary
  • ETSI EN 319 142-1 V1.1.0 - 5.6 Extension dictionary

updateSignatureDictionary()

public Pades::updateSignatureDictionary (): void

Updates the signature dictionary.

PAdES requires special Filter and SubFilter entries in the signature dictionary.

Parameters
$dictionary : \SetaPDF_Core_Type_Dictionary
 
Exceptions

Throws \setasign\SetaPDF2\Signer\Exception


© 2025 Setasign GmbH & Co. KG · Contact / Imprint · Data Privacy Statement (German)