PHPackages andreygrin/xades-tools - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. andreygrin/xades-tools ActiveLibrary[Security](/categories/security) andreygrin/xades-tools ====================== Sign files, xml content and verify signatures using XAdES 1.0.1(1y ago)066MITPHPPHP ^8.1 Since Sep 24Pushed 1y agoCompare [ Source](https://github.com/AndreyGrin/xades-tools)[ Packagist](https://packagist.org/packages/andreygrin/xades-tools)[ RSS](/packages/andreygrin-xades-tools/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (2)Dependencies (4)Versions (3)Used By (0) Updated version, includes IssuerSerial information with cert serial number and issuer details. API: ==== [](#api) ### Signing [](#signing) ``` use XadesTools\CertificateFactory; use XadesTools\Signature; $cert = CertificateFactory::string( $privateKeyContents, // .pem $certificateContents, // .crt $parivateKeyPassword // string ); $this->signer = new Signature($cert); $this->signer->signXml('xmlContent') // returns signature, you should add it to the xml file the way you need to have it there. ``` ### Verification, content extraction [](#verification-content-extraction) ``` use XadesTools\Verification; $xades = new Verification(); $result = $xades->verifyFile($pathToXadesFile); if ($result) { $content = $res->content; // binary content or plain text for xml files $signTime = $res->dateSigned; // DateTime object $signingSubject = $res->signingSubject; // array } else { // Signature does not match signed content } ``` COMMAND LINE USAGE: =================== [](#command-line-usage) ### Signing file [](#signing-file) ``` php bin/sign.php file cert pass [embed] [load-content] ``` Where: - `file` - path to file we want to sign. Signature will be created in the same folder, with .XAdES extension - `cert` - certificate in PKCS#12 format (.p12) - with private key - `pass` - password for p12 file - `embed` - if true, signature will embed given file - `load-content` - loads file content into variable and signs it as embedded object Results in `file.XAdES` located in the same directory as given `file` ### Verification [](#verification) ``` php src/verify.php file [verbose] ``` Where: - `file` is path to .XAdES file - `verbose` if true print additional info about sign time and - `load-content` - loads file content into variable and verifies it as embedded object (can not rely on files on disk) Verifies content in given XAdES file, prints `OK` if everything passes, error message otherwise. ### Extracting file from XAdES files [](#extracting-file-from-xades-files) ``` php src/extract.php file output ``` Where: - `file` is path to .XAdES file with embedded object - `output` path for output file ### Health Score 29 — LowBetter than 60% of packages Maintenance38 Infrequent updates — may be unmaintained Popularity12 Limited adoption so far Community8 Small or concentrated contributor base Maturity49 Maturing project, gaining track record Bus Factor1 Top contributor holds 60% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~36 days Total 2 Last Release 557d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/a951bf2b721a30c6806d8ff5e2f872509e8cefb1177a8adbad91f2120e7ae9b1?d=identicon)[andreygrin](/maintainers/andreygrin) --- Top Contributors [![AndreyGrin](https://avatars.githubusercontent.com/u/2453346?v=4)](https://github.com/AndreyGrin "AndreyGrin (6 commits)")[![srsbiz](https://avatars.githubusercontent.com/u/1525842?v=4)](https://github.com/srsbiz "srsbiz (4 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/andreygrin-xades-tools/health.svg) ``` [![Health](https://phpackages.com/badges/andreygrin-xades-tools/health.svg)](https://phpackages.com/packages/andreygrin-xades-tools) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[illuminate/encryption The Illuminate Encryption package. 9229.7M280](/packages/illuminate-encryption) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)