4

My PHP program generates a PDF using TCPDF, then:

  1. User downloads the PDF;
  2. User digitally signs the PDF;
  3. User uploads the signed PDF;

For the step number 3, I'd like to check if the uploaded file is digitally signed.

Even better would be checks if the uploaded file is the same file that program generates on step 1.

thor
  • 21,418
  • 31
  • 87
  • 173
UBEX
  • 122
  • 1
  • 13

1 Answers1

8

Try this:

 <?php
    //from: http://stackoverflow.com/a/9059073/284932
        function isStringInFile($file,$string){

        $handle = fopen($file, 'r');
        $valid = false; // init as false
        while (($buffer = fgets($handle)) !== false) {
            if (strpos($buffer, $string) !== false) {
                $valid = TRUE;
                break; // Once you find the string, you should break out the loop.
            }      
        }
        fclose($handle);

        return $valid;

    }

Search "adbe.pkcs7.detached":

//Signed?
echo isStringInFile('mypdf.pdf', 'adbe.pkcs7.detached');

To check if is the same pdf you can use the TCPDF's setKeyWords() to put some unique keys and check with the Smalot PDF Parser:

<?php
    $parser = new \Smalot\PdfParser\Parser();
    $pdf    = $parser->parseFile('signed_pdf.pdf'); //com keywords
    $details = $pdf->getDetails();
celsowm
  • 846
  • 9
  • 34
  • 59
  • 1
    Adding: You should also check for ETSI.CAdES.detached for EU ETSI compatible signatures. More about PAdES in my [article](https://www.codeproject.com/Articles/1256991/The-AdES-Collection-CAdES-XAdES-PAdES-and-ASiC). – Michael Chourdakis Dec 11 '22 at 09:56