Skip to content

kduma-OSS/PHP-signed-document

Repository files navigation

PHP Signed Document Library

Latest Version on Packagist Build Status Quality Score Total Downloads

PHP implementation of digital document signing.

Installation

You can install the package via composer:

composer require kduma/signed-document

Usage

Creating and Signing documents

$signer = new \Kduma\SignedDocument\DocumentSigner(
    \ParagonIE\Halite\KeyFactory::generateSignatureKeyPair()->getSecretKey()
);

$document_1 = \Kduma\SignedDocument\Document::make("Some Content", 'test-document');
$document_1->addSignature($signer->sign($document_1, 'ceo'));

$document_2 = \Kduma\SignedDocument\Document::make("Some  Other Content", 'other-document');
$document_2->addSignature($signer->sign($document_2, 'ceo'));

$collection = new \Kduma\SignedDocument\DocumentCollection();
$collection->addDocument($document_1);
$collection->addDocument($document_2);

echo $collection->getXml();

Sample Output:

<?xml version="1.0" encoding="UTF-8"?>
<documents xmlns="https://opensource.duma.sh/xml/signed-document" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="https://opensource.duma.sh/xml/signed-document https://github.com/kduma-OSS/PHP-signed-document/raw/master/schema/signed-document.xsd">
  <document>
    <content encoding="raw" sha256="950f1fb144716a62ed1f19f04d8a9ddcc35869d278641fd4f724012b3bbf7d70"><![CDATA[Some Content]]></content>
    <signature id="ceo" public-key="314004003d9fb8394a38d3c116b7f8042ca626d71594ce476a0479c0d2e51d9b7ba087845d34d44e054ae321595d6da514b71bec6ee3e0e1712d475bcddcddbfdeaa5aa59fb4b9590387f9bcd54ccffc30b48040b37cfc93548d50ce1353a19ed157d6a2">09ef8a4aca1ed3faf0886351f54fd6469b60fee91f41ad27176b77cb6a287f4850cd89661cac0f02d3cdbc8821c9defb0d337c368583241f20d208d821977d09</signature>
  </document>
  <document>
    <content encoding="raw" sha256="0f897b0422d2307fe88d8dda7b6996c4a264b468f5bc6be383b4623c2734f840"><![CDATA[Some  Other Content]]></content>
    <signature id="ceo" public-key="314004003d9fb8394a38d3c116b7f8042ca626d71594ce476a0479c0d2e51d9b7ba087845d34d44e054ae321595d6da514b71bec6ee3e0e1712d475bcddcddbfdeaa5aa59fb4b9590387f9bcd54ccffc30b48040b37cfc93548d50ce1353a19ed157d6a2">af8dcdcb2f2644edd633bf288df516c27fe25904e314cc71a9e26c7121376b10fff83615d4c6ac6df2f7512ac23efaa0cb55235c941b3c9653705741e7879808</signature>
  </document>
</documents>

Verifying

$signer = new \Kduma\SignedDocument\DocumentValidator();

$collection = \Kduma\SignedDocument\DocumentCollection::fromXml('<?xml version="1.0" encoding="UTF-8"?><documents xmlns="https://opensource.duma.sh/xml/signed-document"...');

var_dump($signer->validateCollection($collection));

Testing

composer test

Changelog

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.