Sign PDF files with valid x509 certificate
Home Page: https://laravel-a1-pdf-sign.netlify.app/
License: MIT License
| Reference | |||
|---|---|---|---|
| Laravel version | PHP version | Package version | Docs |
| ^8~8.54 | ^7.4 | ^0~0.0.11 | Official Doc |
| ^8.56+ | ^0.0.12 | ||
| ^9, ^10 or ^11 | ^8.1, ^8.2 or ^8.3 | ^1 | Official Doc |
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Thanks a lot for this library !
I wondering if you plan to add timestamping on it (RFC3161) ?
(using for example https://www.freetsa.org/, or any secure timestamp server : https://kbpdfstudio.qoppa.com/list-of-timestamp-servers-for-signing-pdf/)
I can't generate a certificate.
Error:
Process runtime error, reason: "Mac verify error: invalid password?. "
ManagerCert.php:
line 104
$openssl = "openssl pkcs12 -in {$pfxPath} -out {$output} -nodes -password pass:{$this->password}";
result:
openssl pkcs12 -in /var/www/digital/digital/storage/app/certificado/certificado.pfx -out /var/www/digital/digital/app/LSNepomuceno/LaravelA1PdfSign/Temp/96f30689-040a-47e0-a7e3-f43d334e2f3d.crt -nodes -password pass:***
A file has been created in /temp/ but empty file.
Any Idea?
Pelos meus testes funciona na versão php 8.2 sem alteração alguma.
E alterei o composer.json e o phpunit.xml e funcionou também para laravel 10.
Você pretende fazer a alteração? Posso fazer PR?
o phpunit.xml praticamente foi criado com o comando: vendor/bin/phpunit --migrate-configuration para funcioanr
O composer.json só adicionei as versões nova do laravel e pronto.
Hello,
I just tried to used your SealImage function (I'm using the 1.0 dev version for laravel 9 compatibility).
I'm having an error at
$image = SealImage::fromCert($cert);
Intervention \ Image \ Exception \ NotReadableException
Image source not readable
I checked, the seal image is in the Vendor src/Resources/img/...
My certificate is ok (works with SignaturePdf() )...
Any ideas of what's going on ?
Thanks, Denis
Olá Lucas, tudo bem?
Quem me apresentou seu pacote foi um amigo que trabalhava comigo e ele diz que é seu amigo, mas na época o pacote não resolvia meu problema e hoje eu testei ele resolve, parabéns e obrigado pelo pacote, pena que não é compatível com symfony rs, mas isso é outra questão e na próxima versão do sistema será Laravel então não é problema.
Gostaria de saber se você tem intenção de implementar assinatura de TXT onde é gerado um arquivo separado p7s?
Atualmente estamos usando uma extensão para php, mas não queremos está preso a um serviço de terceiro.
Novamente obrigado pelo pacote e parabéns!
an error occurs when validating a signature, apparently the format for other countries is different, it is a certificate from Peru
try {
dd(ValidatePdfSignature::from('.../sign.pdf'));
} catch (\Throwable $th) {
return $th;
}
adobe acrobat
use ValidatePdfSignature()
Is there a way to use this package in laravel 6?
I have a project in laravel 6 with some dependencies that keep me from updating the application to a newer version.
Thanks in advance.
Hello @lsnepomuceno my code is no longer works after the update to 0.0.6
I think it is since you add checking for pdf file extension in this commit
Previously I can use
$pdf = new SignaturePdf($request->file('file'), $cert, SignaturePdf::MODE_DOWNLOAD);Your code was supported to use a pdf file from upload.
Please let me know if there is another way to do so.
Thanks
Describe the bug
adding image via setImage() like this
$resource = $pdf->setImage($imagePath) // USE THE "setImage" METHOD
->signature();
does not work
To Reproduce
use the code from the documentation: https://laravel-a1-pdf-sign.netlify.app/docs/1.x/sign-pdf-file
Expected behavior
That the seal image is added.
Screenshots
If applicable, add screenshots to help explain your problem.
Versions involved:
Additional context
The default parameters for setImage() is specifying the page where the image should be inserted as -1
public function setImage(
string $imagePath,
float $pageX = 155,
float $pageY = 250,
float $imageW = 50,
float $imageH = 0,
int $page = -1
): SignaturePdf
{
$this->image = compact('imagePath', 'pageX', 'pageY', 'imageW', 'imageH', 'page');
return $this;
}
the signature() method that handle insertion of the image have this code:
if ($this->hasSealImgOnEveryPages ||
$i === ($this->image['page'] ?? 0)) {
$this->implementSignatureImage($i);
}
and since the page property is set to -1, images will only be set when $this->hasSealImgOnEveryPagesis true
Please consider to make a getter for the $pdf on the SignaturePdf class, so that it is possible to add extra properties while signing.
Describe the bug
Error when trying to read the file, it seems like it is an openSSL error, but I couldn't find the recommendation for the version they are using.
To Reproduce
use LSNepomuceno\LaravelA1PdfSign\Sign\ManageCert;
$cert = new ManageCert;
$cert->setPreservePfx()->fromPfx('/var/www/public/file.pfx', 'my_password');
LSNepomuceno\LaravelA1PdfSign\Exceptions\ProcessRunTimeException with message 'Process runtime error, reason: "Error outputting keys and certificates. 20202682FFFF0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (RC2-40-CBC : 0), Properties (). "'
Versions involved:
Hey, this package is great, but how can I verify the signed pdf without adobe? Thanks in advance.
Describe the bug
Running my projects unit tests on a GitLab CI pipeline the following error occurs:
LSNepomuceno\LaravelA1PdfSign\Exception\ProcessRunTimeException: Process runtime error, reason: "pkcs12: Can't open "/my-project/vendor/lsnepomuceno/laravel-a1-pdf-sign/src/Temp/99b32999-6a57-418e-a2a0-0c289acc60bc.crt" for writing, Permission denied. "
Expected behavior
Vendor folder must never be written on runtime.
Instead Laravel's storage_path should be used or sys_get_temp_dir.
Versions involved:
Additional information
This is caused by the line
$tempDir = __DIR__ . '/Temp/';
in the a1TempDir helper function
Boa Tarde,
Existe a possibilidade de ter mais de uma assinatura em um único arquivo?
Describe the bug
Some of the included test case fails. I have a problem with validating a pdf after adding the seal image but I did not know if it was my code or code from the package.
To Reproduce
Steps to reproduce the behavior:
➜ laravel-a1-pdf-sign git:(main) ./vendor/bin/phpunit
PHPUnit 10.0.7 by Sebastian Bergmann and contributors.
Runtime: PHP 8.1.15
Configuration: /Users/rabol/code/web/laravel-a1-pdf-sign/phpunit.xml
..F.....E.......E 17 / 17 (100%)
Time: 00:13.199, Memory: 36.00 MB
There were 2 errors:
1) LSNepomuceno\LaravelA1PdfSign\Tests\HelpersTest::testWhenASignedPdfFileIsCorrectlyValidatedByTheValidatePdfSignatureHelper
ErrorException: Undefined array key 1
/Users/rabol/code/web/laravel-a1-pdf-sign/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/HandleExceptions.php:250
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Sign/ValidatePdfSignature.php:132
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Sign/ValidatePdfSignature.php:111
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Sign/ValidatePdfSignature.php:111
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Sign/ValidatePdfSignature.php:26
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Helpers/helpers.php:98
/Users/rabol/code/web/laravel-a1-pdf-sign/tests/HelpersTest.php:131
/Users/rabol/code/web/laravel-a1-pdf-sign/vendor/orchestra/testbench-core/src/TestCase.php:96
2) LSNepomuceno\LaravelA1PdfSign\Tests\SealImageTest::testInsertSealImageOnPdfFile
ErrorException: Undefined array key 1
/Users/rabol/code/web/laravel-a1-pdf-sign/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/HandleExceptions.php:250
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Sign/ValidatePdfSignature.php:132
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Sign/ValidatePdfSignature.php:111
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Sign/ValidatePdfSignature.php:111
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Sign/ValidatePdfSignature.php:26
/Users/rabol/code/web/laravel-a1-pdf-sign/src/Helpers/helpers.php:98
/Users/rabol/code/web/laravel-a1-pdf-sign/tests/SealImageTest.php:78
/Users/rabol/code/web/laravel-a1-pdf-sign/vendor/orchestra/testbench-core/src/TestCase.php:96
--
There was 1 failure:
1) CommandsTest::testWhenASignedPdfIsSuccessfullyValidated
Expected status code 0 but received 1.
Failed asserting that 1 matches expected 0.
/Users/rabol/code/web/laravel-a1-pdf-sign/vendor/laravel/framework/src/Illuminate/Testing/PendingCommand.php:308
/Users/rabol/code/web/laravel-a1-pdf-sign/vendor/laravel/framework/src/Illuminate/Testing/PendingCommand.php:481
/Users/rabol/code/web/laravel-a1-pdf-sign/tests/CommandsTest.php:90
/Users/rabol/code/web/laravel-a1-pdf-sign/vendor/orchestra/testbench-core/src/TestCase.php:96
Expected behavior
All included tests passes.
Screenshots
Versions involved:
Additional context
Add any other context about the problem here.
Describe the bug
Retrieving certificate from DB returns an parse error:
To Reproduce
Steps to reproduce the behavior:
create certificate like this
$cert = new ManageCert();
$cert->makeDebugCertificate();
// For MySQL
$uc = UserCertificate::create([
'certificate' => $cert->encryptBase64BlobString($cert->getCert()->original),
'password' => $cert->getEncrypter()->encryptString('123456'),
'hash' => base64_encode($cert->getHashKey()), // IMPORTANT
'user_id' => Str::uuid(),
'name' => 'auto upload',
]);
get the certificate like this:
$uc = UserCertificate::find('98937f06-c230-466f-ba71-179b385d2cac');
dd($uc->parse());
parse method looks like this:
public function parse(): ?ManageCert
{
try {
$hashKey = base64_decode($this->hash);
return decryptCertData($hashKey, $this->certificate, $this->password, true);
} catch (\Throwable $th) {
Log::error('Parse certificate: '.$th->getMessage());
}
return null;
}
Table migration:
Schema::create('user_certificates', function (Blueprint $table) {
$table->uuid('id')->primary();
$table->string('name');
//$table->unsignedInteger('user_id');
$table->uuid('user_id');
$table->binary('certificate');
$table->string('password');
$table->string('hash');
$table->timestamps();
});
Error:
Process runtime error, reason: "8213037376:error:0DFFF0A8:asn1 encoding routines:CRYPTO_internal:wrong tag:/AppleInternal/Library/BuildRoots/9e200cfa-7d96-11ed-886f-a23c4f261b56/Library/Caches/com.apple.xbs/Sources/libressl/libressl-3.3/crypto/asn1/tasn_dec.c:1167:. 8213037376:error:0DFFF03A:asn1 encoding routines:CRYPTO_internal:nested asn1 error:/AppleInternal/Library/BuildRoots/9e200cfa-7d96-11ed-886f-a23c4f261b56/Library/Caches/com.apple.xbs/Sources/libressl/libressl-3.3/crypto/asn1/tasn_dec.c:337:Type=PKCS12. "
Expected behavior
That the certificate was retrieved from the DB.
Screenshots
If applicable, add screenshots to help explain your problem.
Versions involved:
Additional context
Running on MacBook Pro M1 Max
MacOS 13.2.1 (22D68)
Laravel Valet
Describe the bug
Exception during validation the signed document
To Reproduce
Create some pdf and sign with .pfx cert.
After that I am trying to check if PDF is valid, but I have an exception:
Undefined array key 1
Steps to reproduce the behavior:
Expected behavior
Dump data with the certificate
Versions involved:
Additional context
Firstly I thought that I have a wrong cert data, but when I checked with another PDF signed with
mobile APP I have the same error.
As I see exception appeared in function
convertPlainTextToObject Line:111
Hi,
How add LTV signature (long term validation)?
The method fromPFX() does not fail or throw any error in case the provided password is wrong
try {
$process = Process::fromShellCommandline($openssl);
$process->run();
while ($process->isRunning());
$process->stop(1);
} catch (ProcessFailedException $exception) {
throw $exception;
}
should check the $process->isSuccessful() and if not, then throw an error
e.g. in case og wrong password, the isSucessful() is one and $process->getErrorOutput() will say: Mac verify error: invalid password?
Hello,
I'm trying to install the last version (1.0.0) as I'm using Laravel 9.11 and PHP 8.1.
I got the following msgs after composer require lsnepomuceno/laravel-a1-pdf-sign "^1".
Class LSNepomuceno\LaravelA1PdfSign\Exceptions\InvalidX509PrivateKeyException located in ./vendor/lsnepomuceno/laravel-a1-pdf-sign/src/Exceptions/Invalidx509PrivateKeyException.php does not comply with psr-4 autoloading standard. Skipping. Class LSNepomuceno\LaravelA1PdfSign\Exceptions\CertificateOutputNotFoundException located in ./vendor/lsnepomuceno/laravel-a1-pdf-sign/src/Exceptions/CertificateOutputNotFounfException.php does not comply with psr-4 autoloading standard. Skipping.
Thanks, Denis
Param $page doesn't work .
**
check the file here : lsnepomuceno/laravel-a1-pdf-sign/src/SignaturePdf.php Line: 266
When $this->hasSealImgOnEveryPages === false , The correct codes should be like this :
if ($this->hasSealImgOnEveryPages) {
$this->implementSignatureImage($i);
}else{
extract($this->image);
if($page == $i){
$this->implementSignatureImage($page);
}
}
Describe the bug
My pc can not read certificate from file (Windows 11). But it works well on my Linux server.
I use an example code on the doc.
try { $cert = new ManageCert; $cert->setPreservePfx() // If you need to preserve the PFX certificate file ->fromPfx($path, $password); dd($cert->getCert()); } catch (\Throwable $th) { dd($th); }
What I do
Looking similar issues and found this #71
Update openssl on my windows, it work correctly.
Check is openssl extension enable.
I try others command like php --version, composere --version from Process::fromShellCommandline($command);
Got the same error "Process runtime error, reason: "'php, composer' is not recognized as an internal or external command,. . operable program or batch file.. . ""
Versions involved:
Describe the bug
I got the error Process runtime error, reason: "'openssl' is not recognized as an internal or external command,. . operable program or batch file.. . "
To Reproduce
I have this simple code :
$app = new Container();
$app->singleton('app', Container::class);
$app->singleton('files', fn () => new Filesystem);
Facade::setFacadeApplication($app);
$cert = new ManageCert();
$cert->fromPfx('C:/wamp64/www/facturacion electronica/WALTER ANDRES GARAY LUZURIAGA 090322112505.pfx', 'True22');
$pdf = new SignaturePdf('C:/wamp64/www/firma-doc/0202202301131234612300110010030000000013437950515.pdf', $cert, SignaturePdf::MODE_RESOURCE); // Resource mode is default
$resource = $pdf->signature();
Expected behavior
It was supposed to work.
Screenshots
If applicable, add screenshots to help explain your problem.
Versions involved:
reference image, only text is inserted.
when i use the signature() at SignaturePdf with Landpage document, it will convert to Portrait. This function need verify the width is great than height
Suggestion:
the TCPDF have getTemplateSize() to get dimensions of page each looping interaction
Olá Lucas, tudo bem?
Quem me apresentou seu pacote foi um amigo que trabalhava comigo e ele diz que é seu amigo, mas na época o pacote não resolvia meu problema e hoje eu testei ele resolve, parabéns e obrigado pelo pacote, pena que não é compatível com symfony rs, mas isso é outra questão e na próxima versão do sistema será Laravel então não é problema.
Gostaria de saber se você tem intenção de implementar assinatura de TXT onde é gerado um arquivo separado p7s?
Atualmente estamos usando uma extensão para php, mas não queremos está preso a um serviço de terceiro.
Novamente obrigado pelo pacote e parabéns!
Hi
I have tried to follow the instructions to store and use a certificate from DB
Her is my code:
$cert = new ManageCert();
$cert->fromUpload($request->file('pfxUploadedFile'), $request->input('password'));
$certificate = Certificate::create([
'certificate' => $cert->encryptBase64BlobString($cert->getCert()->original),
'password' => $cert->getEncrypter()->encryptString('password'),
'hash' => $cert->getHashKey(), // IMPORTANT
'name' => $request->input('name'),
'user_id' => Auth::user()->id,
]);
here is how I try to use it:
$cert = Certificate::find(3);
if ($cert) {
$fileName = 'xxxx/storage/app/pdf/test_doc-max_compressed.pdf';
if (File::exists($fileName)) {
Certificate::signPDF($fileName, $cert);
} else {
debug('file does not exists: ' . $fileName);
}
} else {
debug('did not get certificate from db');
}
here is the SignPDF method:
public static function signPDF(string $fileName, Certificate $certRecord)
{
try {
$cert = $certRecord->parse();
if (is_null($cert)) {
debug('Could not parse certificate');
return;
}
$pdf = new SignaturePdf($fileName, $cert->parse(), SignaturePdf::MODE_RESOURCE); // Resource mode is default
debug($pdf);
$resource = $pdf->signature();
// TODO necessary
} catch (\Throwable $th) {
// TODO necessary
}
}
and here is the parse method:
public function parse(): ?ManageCert
{
try {
return decryptCertData($this->hash, $this->certificate, $this->password);
} catch (\Throwable $th) {
Log::error($th->getMessage());
}
return null;
}
error thrown in decryptCertData()
openssl_x509_read(): X.509 Certificate cannot be retrieved
Everytime i use the PFX file it disappears, is there something we can do about it?
There is a problem when recovering the saved data of the certificates. The error is the following:
SNepomuceno\LaravelA1PdfSign\Exception\ProcessRunTimeException with message 'Process runtime error, reason: "17464:error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag:crypto\asn1\tasn_dec.c:1149:. . 17464:error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error:crypto\asn1\tasn_dec.c:309:Type=PKCS12. . "'
Table cretificates:
CREATE TABLE certificates (
id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
content TEXT NOT NULL COLLATE 'utf8mb4_unicode_ci',
hash VARBINARY(50) NULL DEFAULT NULL,
password VARCHAR(255) NOT NULL COLLATE 'utf8mb4_unicode_ci',
user_id BIGINT(20) UNSIGNED NULL DEFAULT NULL,
created_at TIMESTAMP NULL DEFAULT NULL,
updated_at TIMESTAMP NULL DEFAULT NULL,
PRIMARY KEY (id) USING BTREE,
INDEX certificates_user_id_index (user_id) USING BTREE,
CONSTRAINT certificates_user_id_foreign FOREIGN KEY (user_id) REFERENCES test.users (id) ON UPDATE RESTRICT ON DELETE CASCADE
)
COLLATE='utf8mb4_unicode_ci'
ENGINE=InnoDB
AUTO_INCREMENT=2
;
the problem occurs in both mysql and sql server.
I have tried several types in the hash column, both string and binary and the problem persists.
I don't know what data type to use to store the hash field.
I have tried saving the hash in string using the bin2hex method and then when retrieving it uses hex2bin. unsuccessfully
Would be nice to be able to set the PDF name to one that we want instead the UUID. Is is possible to add this feature? Or define it as the name of the readed pdf and concatenate something like "_signed". This would help a lot. Thanks
hi
i have laravel 9 the last
and i get an error when i try to install the pack
Problem 1
- lsnepomuceno/laravel-a1-pdf-sign[dev-dev, 0.0.1, ..., v0.x-dev] require illuminate/support ^8.0 -> found illuminate/support[v8.0.0, ..., 8.x-dev] but these were not loaded, likely because it conflicts with another require.
- lsnepomuceno/laravel-a1-pdf-sign[1.0.0-alpha, ..., 1.0.4] require tecnickcom/tcpdf 6.4.* -> found tecnickcom/tcpdf[6.4.1, 6.4.2, 6.4.3, 6.4.4] but it conflicts with your root composer.json require (6.3.).
- lsnepomuceno/laravel-a1-pdf-sign[dev-main, dev-v1.x-dev, 1.0.5] require tecnickcom/tcpdf 6.4. || 6.6.* -> found tecnickcom/tcpdf[6.4.1, ..., 6.6.2] but it conflicts with your root composer.json require (6.3.*).
- Root composer.json requires lsnepomuceno/laravel-a1-pdf-sign * -> satisfiable by lsnepomuceno/laravel-a1-pdf-sign[dev-main, dev-v1.x-dev, dev-dev, 0.0.1, ..., v0.x-dev, 1.0.0-alpha, ..., 1.0.5, 9999999-dev].
Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.
You can also try re-running composer require with an explicit version constraint, e.g. "composer require lsnepomuceno/laravel-a1-pdf-sign:*" to figure out if any version is installable, or "composer require lsnepomuceno/laravel-a1-pdf-sign:^2.1" if you know which you need.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.