markuspaks / xades-tools
Sign files and verify signatures using XAdES
Installs: 328
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 4
pkg:composer/markuspaks/xades-tools
Requires
- php: ^8.1
- ext-dom: *
- ext-json: *
- ext-openssl: *
- krowinski/bcmath-extended: ^6.0
- symfony/uid: >=5.4
Requires (Dev)
- phpunit/phpunit: ^9.5
- symfony/var-dumper: >=5.4
README
Signing
use XadesTools\Settings; use XadesTools\Signature; $settings = new Settings($pathToCertificate, $passphrase); $xades = new Signature($settings); $signedXmlAsString = $xades->signFile($file, $embed);
Verification, content extraction
use XadesTools\Verification; $xades = new Verification(); $result = $xades->verifyFile($pathToXadesFile); if ($result) { $content = $res->content; // binary content or plain text for xml files $signTime = $res->dateSigned; // DateTime object $signingSubject = $res->signingSubject; // array } else { // Signature does not match signed content }
COMMAND LINE USAGE:
Signing file
php bin/sign.php file cert pass [embed] [load-content]
Where:
file- path to file we want to sign. Signature will be created in the same folder, with .XAdES extensioncert- certificate in PKCS#12 format (.p12) - with private keypass- password for p12 fileembed- if true, signature will embed given fileload-content- loads file content into variable and signs it as embedded object
Results in file.XAdES located in the same directory as given file
Verification
php src/verify.php file [verbose]
Where:
fileis path to .XAdES fileverboseif true print additional info about sign time andload-content- loads file content into variable and verifies it as embedded object (can not rely on files on disk)
Verifies content in given XAdES file, prints OK if everything passes, error message otherwise.
Extracting file from XAdES files
php src/extract.php file output
Where:
fileis path to .XAdES file with embedded objectoutputpath for output file