update to support LTV and TSA at once

tecnickcom · Apr 22, 2024 · fe247a1 · fe247a1
1 parent 3a741b6
commit fe247a1
Show file tree

Hide file tree

Showing 9 changed files with 2,073 additions and 547 deletions.
diff --git a/examples/data/cert/PDF User.pem b/examples/data/cert/PDF User.pem
@@ -0,0 +1,42 @@
+-----BEGIN CERTIFICATE-----
+MIIEbjCCAlagAwIBAgIBNTANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDEwxSb290
+IENBIFRlc3QwIhgPMjAyNDA0MjAwMzMzNDVaGA8yMDM0MDQyMDAzMzM0NVowJTEQ
+MA4GA1UEChMHVGVzdGluZzERMA8GA1UEAxMIUERGIFVzZXIwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAKH1qYqwFNlpd6ok7KyvXWxH1sp7GjJDwlLsWmpvfxJL
+HFmfOtlVFcvtgFEg4DvX2U09k10vCe3IebXyBBuNDwQsqjsMqQOFDEZjQ7jO4iML
+P9OOt5yuPCQFNCvzOmghUZi03QdE061wTKKQ4FKBefeXKm46ai5lQBzZcaH8WaRz
+AgMBAAGjggE1MIIBMTAdBgNVHQ4EFgQU5DDcS3grVKgqyrOSqbwXnQ3S2V4wHwYD
+VR0jBBgwFoAUiTCzgJSQfaYOamTcu/ocq5KNU4EwYgYIKwYBBQUHAQEEVjBUMC4G
+CCsGAQUFBzAChiJodHRwOi8vbG9jYWxob3N0L2NhL1Jvb3RDQVRlc3QuY3J0MCIG
+CCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0L29jc3AvMDQGA1UdHwQtMCswKaAn
+oCWGI2h0dHA6Ly9sb2NhbGhvc3QvY3JsL1Jvb3RDQVRlc3QuY3JsMAsGA1UdDwQE
+AwIHgDA9BgNVHSUENjA0BggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggr
+BgEFBQcDBAYKKwYBBAGCNwoDBDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IC
+AQClD/VJ1I73rCe6uWIRkivyDMZWGSOD3hg5VAi7bJ4mrVIc+p1kR5BaK4ZYTKO+
+iHQ+ybb+9FhqvLvkok1am2eXCmDp1KcPi6iGJbAzGYi+wd+u7SKl921kVTtv/oqz
+ccILoLq0e3lB7VD3MRY0aHtwyLGLPgWcpJXopkNOUnPgTJKGLN/xrZ2OwRizim54
+HzF+EzFpZpVgKN5MEGfXVMLKuRr8mtuIYNJQiKT0WdprCKTv5xdOEmoZY7DdVTKB
+O8Qf006/3XSsytNq79Mr034KwYSxwtz8goMP6F1qSXVnbBM0+BnEk3O+8iN0iy7A
+BZhV4Cd8Il5AjIHjOLToySTNUFnSzTZZjNqtqKl0XgRIyBCHZEh6kbzkrvR+MMOv
+qgisq0EtlHMLzWztIKxzc7lGV5xv8qhhPVYw6b/WY6D2IzabL6gluYuNqntsAvC2
+BO7FhcyTFgO3eO/PUJvLetNtZEfuUkjPUP17cEm26MwmDlbLCK4l/iJBClg/Zo5X
+W0lRADLV/HvspXYCBVXJdGTROmRfYNua1MnFjyuj0UdnWlh05NoIX0xY/OhjumGZ
+GlZgeH1FmmN3ird2dbpJ7JISVH7FFlte+nUnL/5/Mtso5s8NaaKlEordowwLEAcj
+x+0xKj8xzKstu4KYxl1WgjDHXGvDcsIGQLcgHZiG8dxFBA==
+-----END CERTIFICATE-----
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKH1qYqwFNlpd6ok
+7KyvXWxH1sp7GjJDwlLsWmpvfxJLHFmfOtlVFcvtgFEg4DvX2U09k10vCe3IebXy
+BBuNDwQsqjsMqQOFDEZjQ7jO4iMLP9OOt5yuPCQFNCvzOmghUZi03QdE061wTKKQ
+4FKBefeXKm46ai5lQBzZcaH8WaRzAgMBAAECgYBlByogMiB/UlPsFaZxPd8H+XQZ
+0FqR+kSQl5D7Ddv1XFct7K63/WRgViGR+fEGQ2nwzbVMDliiNEj/3x0C1qYDVU+u
+DgZ6mpj6SxcGlZPZDL/tBWnscMx+MdxtLgebpTRc33WZebT4Z0BpGwAyVVTP+UVY
+DM1saWxx4M220zm9WQJBANUt4mh0w0/jCeAFarj0RPbxAP9ISehzRi5nGLGURy/k
+BhCxlyoD2bNBaKfY4LrKTeW6DWP28F1URxmooX5+DFcCQQDCffWm//ow3i+hkyu1
+lzV86OibYIIXMSrytQ9VYc+7Osyl5SJL51pgxFy/+Rb0MrOBWbnwnDOC+NIT+Z9+
+D5dFAkEAxn1TqwjU9mQiRLkmdpHSSM97qzZGwq3acchCoM28PqYk05RXeKJfKF3F
+sUrpbGKDh1vlrec2RN/817JAtANvPwJBAIuFnMIOg8amvXilgQelz6Mp2iQMmYZV
+qT+vj65qmoDv73ta4r2c3ALrGrZE1Kid7pPucCshgvqD0QCvZDEkshkCQBvgmKkw
+gCp4t7beLYuKQA2ZoxAUUhUpfgm+ZrmYVNuucu/NRGFnCE0/RPK0hcHuJ+quA+vX
+LvO+htmWg69RL1Q=
+-----END PRIVATE KEY-----
diff --git a/examples/data/cert/Root CA Test OCSP Signer.pem b/examples/data/cert/Root CA Test OCSP Signer.pem
@@ -0,0 +1,39 @@
+-----BEGIN CERTIFICATE-----
+MIIDwDCCAaigAwIBAgIBmTANBgkqhkiG9w0BAQ0FADAXMRUwEwYDVQQDEwxSb290
+IENBIFRlc3QwIhgPMjAyNDA0MjAwMzM5MjNaGA8yMDc0MDQyMDAzMzkyM1owIzEh
+MB8GA1UEAxMYUm9vdCBDQSBUZXN0IE9DU1AgU2lnbmVyMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDZ3Y7XgXxECy6i/kGNK2w3v/qn7yl8x0mUO4eI3rdFh2Cu
+hWWnmn3NVDwU84FF4yDPAk1Q5S8PujOXE71d2y1pv1JxDLOJU1mmkqAaz9PAabx9
+B4ipM5quWzYYy2+pIcBUMgcdK1RsdDBHmtl275aKa01FEwCGoF+i7MMbsQnQ8QID
+AQABo4GKMIGHMB0GA1UdDgQWBBQwRbuGabUZgZinsgNT0NQdZIVH6TAfBgNVHSME
+GDAWgBSJMLOAlJB9pg5qZNy7+hyrko1TgTAPBgkrBgEFBQcwAQUEAgUAMA4GA1Ud
+DwEB/wQEAwIHgDAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCTAMBgNVHRMBAf8EAjAA
+MA0GCSqGSIb3DQEBDQUAA4ICAQAaFbhL/2WYtZwFCpLI7xsxxX0k8l3MgVP+6TRv
+brM0QGu6PGda9wfxnlkW0S/vx7HPFD7ncczPzxkaekDbfgDXbuvezryCpGNz+8Qt
+wCVoqEKmWE3YsBxEb1/v9lXoPQx1zxc5gup6JTC0/EWdZcKhdskj5PX46S4M+akc
+TbMKJ/p46Au+2zTevlreZTJVT11/zjaiUAJLyRPE2BUWWYfhIB3yapUJ0XcCFTT3
+SGIIa5Nec+jRcuDoyZZdIQAhqrSkiVDBJ39oz4eXQ8Q0dQYcLIyhdjuBrnrOi90m
+BK0Xgvgu5wc5fxmPinKMbcuUg0v3jJ4EF5fg+XEohPDI1Wr0kywjfmSYSNhhID0T
+i1J/L6O0AP0EV2xc5E8HolpbV1/qWg9InI4BlyFMY1VRcd52Sv9eblxPE8wpjdwv
+FPTwhJ/4Cz/AzOPQVrHSbzdJLJIzHrbCxhOMJg3z595INy8RaoLM+maya1lS44ZA
+0y34dO5DSqip7+HUFPUPH3IFSN2z02VUT4UVy4qLav9UWdwujXihUebSD5lgPF8n
+HCFfXnsx61yxiU1dzJ7KtjE00R5/MhtFfC8B8H281nLm0t83+uZs+fRlNh2aGkMJ
+/cBiM6NGnNAD6Wi0W/q7GgVLJL0Vv94e4nNP0ZUE6UZ5N7YEHJNdotURGen4hy0s
+n2FL0g==
+-----END CERTIFICATE-----
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANndjteBfEQLLqL+
+QY0rbDe/+qfvKXzHSZQ7h4jet0WHYK6FZaeafc1UPBTzgUXjIM8CTVDlLw+6M5cT
+vV3bLWm/UnEMs4lTWaaSoBrP08BpvH0HiKkzmq5bNhjLb6khwFQyBx0rVGx0MEea
+2XbvloprTUUTAIagX6LswxuxCdDxAgMBAAECgYEAn0Vo0sWXugrOulvUQkb3Yz5X
+GYQvOUhb0yE98WKYax0QIiXlbgT0aTJmhg6KeDQWXR/atAQIRqAibRUCQGYmKKpi
++pImH/5O7bGakm9wkKqHp3ETPH1iHdXNaRdQ0kqlqFPojGA22ACprd45sNsWz9+E
+v8IRG4CSuDuBhmOCtAECQQDug6x2zUmSHdALnkKvo0SlFOzhARtYk/+iei0rxxne
+bTmD6BRALff2293555HFWrkAKi+U53yOPbqyF80YUwSxAkEA6dZbBLml8+H7D8V4
+g4PPjLhEJlKlzlaH3bKBlUsDI6vqEzSPrSVlWtSDk3NCi2xz0baX49bUBTNb9QxM
+TzegQQJAVHLCiX294sIzeymZqt4/28NA65mcuQwNotVnUOy5uAssJgvxv5eHCBxo
+x6a58gphHjHRjwM3EpXAmHXc5BPgwQJBAOAvkrPFCUX4sis8t33fMW1IfI4BTtW0
+QC5cpb/sWuYoPBKNofHumG2ssTj8mB/zqla1KIpXvI3/33nggIiyXAECQQCMW6oi
+Ja+VPOIiHxsrrTtMu12kE3j5GYn+JbkFsoZqP7nNJwzVS/LNRjvPwWzgfGCM9A0B
+HR7T1oYpUMTBvIJH
+-----END PRIVATE KEY-----
diff --git a/examples/data/cert/Root CA Test.crt b/examples/data/cert/Root CA Test.crt
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIE7DCCAtSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDEwxSb290
+IENBIFRlc3QwIhgPMjAyNDA0MTkxMzM5NDhaGA8yMDY0MDQxOTEzMzk0OFowFzEV
+MBMGA1UEAxMMUm9vdCBDQSBUZXN0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEA4TNbja25gwf5Np8vo4KlIVQwOHEqJe4iv4iN6wupNT9jx6HHES/w8ZXG
+/WgXbEUVsX9qsRyEe3DJwLtLXJN7gMdV9PFW8JXqUktI4cNAeh0HqXu1aj4KNI8y
+OhPIa0GbWXpZVbCT+Eh9yYcC2iHSR2/sjCzVnmzfyT8ueseEEFFsoQQDe+o4nUeY
+2Pk359SFpoPkgzDKPjpeMwrtAJhUWngEWW2JpaXoeWV3X88+WKCc+S3dY3kyo/oO
+O+o1TcPOgb5S6hsqjfBgcMsnRKX/awo3i7Tv2wIxmsoCEFEu2ExJXONiMCFpzPhh
+g/sHVADwPZd88Azr8JAvPpDXvTnrAsZvtMzwRoF1/Odf69/JpMiMWwmZ13Nc8onb
+kXm8kCb/2J5e0dP/G3pCWoICm3Fso/OclHjdcji9dz/tZTkOcKr7HGvz8D/GQJ7c
+3sKqeu8SMi6xJWupbVA/Q9HNBBdaRbfub0mvvaav1tdxGXPdC7UGJ0m5UDue8Kai
+HG2FovwWCA3N6z4ZVkcaNeXqZTF/AwnL5zjA/NYroBgrsj8axuvYC2Z7yIIrJH+k
+RiffFfqFO7IVdrrAqEqZ1sY5tms2NGkOYNU0QBgWUdxLhu46Qn5cNe5vTUn5wPTj
+bOOs2IQkXBigCvwTD8QCuvnctvR3YOLT4Qt6ggfehosZLpKxfB0CAwEAAaM/MD0w
+CwYDVR0PBAQDAgGGMB0GA1UdDgQWBBSJMLOAlJB9pg5qZNy7+hyrko1TgTAPBgNV
+HRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQAyM1IlSiyJ5J2PfiBRk6sg
+bkn62jZhQbO5Lznp5pj26liRPt+BhXqUDUAyz27jMjsi8JNMlFA7AX/GMnR5TFrP
+j6HLIoJvH/oiyOw/wNTImqxBa1W3MZvAC1hp2CwkdS5oe4SL4biALfIiYkHPWsmZ
+BwnWueXLwUnroKjCLzeG4NmY0kSO6MXFSl1fnp14TuqzHvLizQt7qIuKd+D502Wd
+B6T7B3zxUXEJEa643fAN4qHQd/PUhkkC76V1eZ3st7gR+8fs37QABJwK5WWAcv6l
+yc4tRuLfkV8sAHuH1AxGbQsT+eCM38qEw2ftTMkdDfvjeBvDf4y9ELAIhsw6o1Sa
+nEzFLhRRENpEzgXJoASTNEbNqy7sVjYzxLt1+q0xpPOdn5pF0J1xbkOirTd9YzUG
+NIcF6QF5nVHYgA13/0pvhV2Zjlu4q70+hNrbkr+pyJ/8XQwScjWsz0l3PQNpdTvC
+pAnuVuQ0qpVBGZ5US9Jp4LhTKi1PIUM7Pfer22TuGZZqihwdgUWlqpWgfY8G4t5z
+b0LPPLZGR5kRZIeUq2IvlqgLIERKsxaUrWR6LVIZgvhEfxibN36B88SzcY1eAjXo
+MvWHBl2/zTvumujSqvHxoABnZ0Wgman+kH1JiDEbSbf0FNgGQQLM1W1FTFEi3o4J
+9Kq9zlhM4WiI5uds/Mz5bA==
+-----END CERTIFICATE-----
diff --git a/examples/data/cert/RootCATest.der.crl b/examples/data/cert/RootCATest.der.crl
diff --git a/examples/data/cert/RootCATest.pem.crl b/examples/data/cert/RootCATest.pem.crl
@@ -0,0 +1,17 @@
+-----BEGIN X509 CRL-----
+MIICxzCBsAIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDEwxSb290IENBIFRl
+c3QXDTI0MDQyMjIwMTUwMFoXDTQ0MDQxNzIwMTUwMFowFDASAgE2Fw0yNDA0MjIy
+MDE0MTdaoE8wTTA/BgNVHSMEODA2gBSJMLOAlJB9pg5qZNy7+hyrko1TgaEbpBkw
+FzEVMBMGA1UEAxMMUm9vdCBDQSBUZXN0ggEBMAoGA1UdFAQDAgENMA0GCSqGSIb3
+DQEBCwUAA4ICAQCiVOeVvHpOR3bXJLLS6U5AmGGw0lXqz6UyxjlLi/uabu7nrxh9
+AEhYzGk7I0XsC0LQlFPBjhwAzA8iOV+EBL8KW+tq+xan3BOz0fXtC5WY/j7Vb/8G
+SnoASb4u6MsERtgDXOaGZiFdGBe28iUi+spn0TrV3nn6RRvX9EjwAmJwrwRCNDoX
+mkcUEcJLbhtH56/VvLCSFvbo/mMrV7wnd8S+fN/vbMh6b5dPgaJ0jMgSq2TrVZJX
+tS61olA4ocfc9Se0FPfstUXKD2S58gvSbyAzxYKXNHTy+RASmMdKOeGdcIaN4p8M
+X0qlMSBi4BBpvgzrogUCYCxkUiDzO0EAZ0hwWiLE4bPLZQDMrgR3eFO/pj/I6Umb
+PnOlVodE0HUHX8aH4AUemhV+4hpezmTin6ysick4QxZxSBkzKK4E/q6b4ii3qkpt
+kzzp3C5tfJGUvI2JE+NjDVPYL0lr3pCbWjNtQvQ6pugvzbqUEreZkr+oX3tCoAaX
+Lqt4tN0d9JBh+/Hd5uIfUyPRwUlPIT0AUi/4MQqPOPfbemLOxoLZY1Zp+3D/F40E
+xD64gmPmnOeKWggHiN2WIZoEF67RoZpVhwm0ehN1LwSw+tKW0J4goTcZqxzQ+hWp
+5NhIzkocy5Z/3uRtZcAMs/kzbekfC+1JFXhA56iq+VUNk07DIbJa4Oavtg==
+-----END X509 CRL-----
diff --git a/examples/example_012.pdf b/examples/example_012.pdf
diff --git a/examples/example_052.php b/examples/example_052.php
@@ -76,8 +76,10 @@
 */
 
 // set certificate file
-//$certificate = 'file://data/cert/tcpdf.crt';
-$certificate = file_get_contents('data/cert/tcpdf.crt');
+$certificate = file_get_contents("data/cert/PDF User.pem");
+$ca = "data/cert/Root CA Test.crt";
+$extracerts = getcwd()."/$ca";
+$crl = "data/cert/RootCATest.der.crl";
 
 // set additional information
 $info = array(
@@ -87,11 +89,18 @@
 	'ContactInfo' => 'http://www.tcpdf.org',
 	);
 
+// set LTV setLtv($ocspURI=null, $crlURIorFILE=null, $issuerURIorFILE=null)
+// set null to skip ocsp or crl
+// set to empty or false will continue lookup in certificate attributes (Authority Info Access(AIA) and CRL Distribution Points(CDP))
+// skip both will result no LTV. Note that issuerURIorFILE cannot skipped. It will use given address/file location or lookup in cert AIA attributes if null.
+// dont give any parameter to lookup all address in cert attributes.
+$pdf->setLtv(null, $crl, $ca);
+
 // Set TSA server address
 $pdf->setTimeStamp('http://timestamp.apple.com/ts01');
 
 // set document signature
-$pdf->setSignature($certificate, $certificate, 'tcpdfdemo', '', 2, $info);
+$pdf->setSignature($certificate, $certificate, 'tcpdfdemo', $extracerts, 2, $info);
 
 // set font. 'helvetica' MUST be used to avoid a PHP notice from PHP 7.4+
 $pdf->setFont('helvetica', '', 12);
@@ -121,7 +130,12 @@
 
 //Close and output PDF document
 $pdf->Output('example_052.pdf', 'D');
+//$r=$pdf->Output('example_052.pdf', 'S');
+//$h = fopen('../example_052.pdf','w');
+//fwrite($h, $r);
+//fclose($h);
 
 //============================================================+
 // END OF FILE
 //============================================================+
+?>