PHP Extension
PHP Extension
Sign PDF using PAdES-Baseline-B
See more PDF Signatures Examples
PAdES-Baseline-B is the most basic, entry-level profile of the PDF Advanced Electronic Signatures (PAdES) standard.
It means:
- A PDF contains a CMS/PKCS#7 detached signature over the document’s byte range.
/SubFiltermust beETSI.CAdES.detached.- The signer’s X.509 certificate is included inside the signature.
- The signature uses recognized secure algorithms (e.g., SHA-256 with RSA/ECDSA).
- It proves document integrity (no changes since signing) and signer authenticity (certificate identifies who signed).
- It does not include time-stamps, revocation data (CRL/OCSP), or long-term validation information — those appear only in higher levels (PAdES-Baseline-T, -LT, -LTA).
In short: Baseline-B = a standard PDF digital signature that ensures integrity and origin, but without time or revocation guarantees.
Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
$pdf = new CkPdf();
// Load a PDF to be signed.
$success = $pdf->LoadFile('c:/someDir/my.pdf');
if ($success == false) {
print $pdf->lastErrorText() . "\n";
exit;
}
// Options for signing are specified in JSON.
$json = new CkJsonObject();
$json->UpdateString('subFilter','/ETSI.CAdES.detached');
$json->UpdateBool('signingCertificateV2',true);
$json->UpdateBool('signingTime',true);
$json->UpdateString('signingAlgorithm','pkcs');
$json->UpdateString('hashAlgorithm','sha256');
// -----------------------------------------------------------
// The following JSON settings define the signature appearance.
$json->UpdateInt('page',1);
$json->UpdateString('appearance.y','top');
$json->UpdateString('appearance.x','left');
$json->UpdateString('appearance.fontScale','10.0');
$json->UpdateString('appearance.text[0]','Digitally signed by: cert_cn');
$json->UpdateString('appearance.text[1]','current_dt');
$json->UpdateString('appearance.text[2]','Hello 123 ABC');
// --------------------------------------------------------------
// Load the signing certificate. (Use your own certificate.)
// Note: There are other methods for using a certificate on an HSM (smartcard or token)
// or from other sources, such as a cloud HSM, a Windows installed certificate,
// or other file formats.
$cert = new CkCert();
$success = $cert->LoadPfxFile('c:/myPfxFiles/myPdfSigningCert.pfx','pfxPassword');
if ($success == false) {
print $cert->lastErrorText() . "\n";
exit;
}
// Once we have the certificate object, tell the PDF object to use it for signing
$success = $pdf->SetSigningCert($cert);
if ($success == false) {
print $pdf->lastErrorText() . "\n";
exit;
}
// Sign the PDF, creating the output file.
$outFilePath = 'c:/someDir/mySigned.pdf';
$success = $pdf->SignPdf($json,$outFilePath);
if ($success == false) {
print $pdf->lastErrorText() . "\n";
exit;
}
print 'Success.' . "\n";
?>