Update demo-ltv.php

Setasign · Mar 10, 2022 · 8e0ef11 · 8e0ef11
1 parent 5f5bd24
commit 8e0ef11
Showing 1 changed file with 37 additions and 18 deletions.
diff --git a/examples/demo-ltv.php b/examples/demo-ltv.php
@@ -22,16 +22,17 @@
 $settings = require __DIR__ . '/settings.php';
 
 $file = __DIR__ . '/files/Laboratory-Report.pdf';
-$apiUrl = 'https://t2gtest.globaltrust.eu/trust2go';
 $certificateSerialNumber = $settings['certificateSerialNumber'];
 // A requestID generated by the client to identify this signature operation (6 alphanumeric characters)
 $requestId = '123456';
 
+$caBundle = realpath(__DIR__ . '/files/globaltrust-all.pem');
+
 $httpClient = new GuzzleClient([
     'handler' => new CurlHandler(),
     // note: guzzle requires this parameter to fully support PSR-18
     'http_errors' => false,
-    'verify' => __DIR__ . '/files/globaltrust-eu-cert-chain.pem',
+    'verify' => $caBundle,
     // timeout by api after ~300 seconds
     'timeout' => 360,
 ]);
@@ -44,7 +45,7 @@
     $httpClient,
     $requestFactory,
     $streamFactory,
-    $apiUrl,
+    $settings['apiUrl'],
     $settings['username'],
     $settings['activationPin']
 );
@@ -59,37 +60,55 @@
 
 $reader = new SetaPDF_Core_Reader_File($file);
 $writer = new SetaPDF_Core_Writer_File(__DIR__ . '/signed-ltv.pdf');
+$tmpWriter = new SetaPDF_Core_Writer_TempFile();
 // let's get the document
-$document = SetaPDF_Core_Document::load($reader, $writer);
+$document = SetaPDF_Core_Document::load($reader, $tmpWriter);
 
 // now let's create a signer instance
 $signer = new SetaPDF_Signer($document);
 $signer->setAllowSignatureContentLengthChange(false);
-$signer->setSignatureContentLength(30000);
+$signer->setSignatureContentLength(26000);
+
+if ($settings['tsUrl']) {
+    $tsModule = new SetaPDF_Signer_Timestamp_Module_Rfc3161_Curl($settings['tsUrl']);
+    $tsModule->setCurlOption(CURLOPT_USERPWD, $settings['tsUsername'] . ':' . $settings['tsPassword']);
+    $tsModule->setCurlOption(CURLOPT_CAINFO, $caBundle);
+    $signer->setTimestampModule($tsModule);
+}
 
-//// set some signature properties
-$signer->setLocation($_SERVER['SERVER_NAME']);
+// set some signature properties
 $signer->setReason('Testing TRUST2GO');
 
 $field = $signer->getSignatureField();
 $fieldName = $field->getQualifiedName();
 $signer->setSignatureFieldName($fieldName);
 
+$signer->sign($module);
+
+$document = \SetaPDF_Core_Document::loadByFilename($tmpWriter->getPath(), $writer);
+
 // Create a collection of trusted certificats:
 $trustedCertificates = new SetaPDF_Signer_X509_Collection($certificates['chain']);
+// This is the root certificate for the SubCA of the timestamping service
+$trustedCertificates->add(SetaPDF_Signer_Pem::extractFromFile($caBundle));
+
 // Create a collector instance
 $collector = new SetaPDF_Signer_ValidationRelatedInfo_Collector($trustedCertificates);
 
-// Collect revocation information for this certificate
-$vriData = $collector->getByCertificate($certificate);
+// Collect revocation information for this field
+$vriData = $collector->getByFieldName($document, $fieldName);
 
-// now add these information to the CMS container
-$module->setExtraCertificates($vriData->getCertificates());
-foreach ($vriData->getOcspResponses() as $ocspResponse) {
-    $module->addOcspResponse($ocspResponse);
-}
-foreach ($vriData->getCrls() as $crl) {
-    $module->addCrl($crl);
-}
+// Debug process for resolving verification related information
+//foreach ($collector->getLogger()->getLogs() as $log) {
+//    echo str_repeat(' ', $log->getDepth() * 4) . $log . "\n";
+//}
 
-$signer->sign($module);
+$dss = new SetaPDF_Signer_DocumentSecurityStore($document);
+$dss->addValidationRelatedInfoByFieldName(
+    $fieldName,
+    $vriData->getCrls(),
+    $vriData->getOcspResponses(),
+    $vriData->getCertificates()
+);
+
+$document->save()->finish();