PAdES (PKCS11) and Zend_Pdf

Similar to my last post about Zend_Mail S/MIME class, this one allows to digitally sign and even add TSA (timestamping) support to your PDF documents generated using Zend_Pdf. There is a standalone ASN1 parser included that can be used for other projects that require ASN1 data interchange. See for reference. The challenge was to add the BytesRange element with right byte bounds of the signed document. How to use it:

<?php ini_set('include_path',ini_get('include_path').PATH_SEPARATOR.realpath('./'));   require_once('Zend/Loader/Autoloader.php');   $loader = Zend_Loader_Autoloader::getInstance();   $pdf = Zend_Pdf::load('35232018_Summary(2).pdf');   $signature = new Zend_Pdf_Signature('self_key_cert.pem','','tmp',true); $signature->setSigParams(array(
    'Name' => 'Someone',
    'Location' => 'Kharkov, UA',
    'Reason' => 'I'm approving this document',
    'ContactInfo' => ''
    'TSA_username' => '',
    'TSA_password' => '',
    'TSA_url'      => '',
    'TSA_cert'     => '',
    'TSA_algorithm' => 'sha1'
$fp = fopen('tmp3.pdf','w');

Note, that you need a writeable by php user directory (tmp in the example above). See attached Zend_Pdf modified class + Zend_ASN1 parser.


  • Podolinek

    Hi, thanks a lot for the script. I was looking PDF digital certification for weeks. I am not using Zend, but it was quite easy extract necessary libs and voila, it running. Well done:)

    • admin

      Hi, glad it helped!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.