PHPackages authentin/eusig - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. authentin/eusig ActiveLibrary authentin/eusig =============== PHP library for eIDAS-compliant electronic signatures (PAdES, XAdES, CAdES) v0.1.0(yesterday)11↓100%1MITPHPPHP >=8.2 Since Apr 6Pushed yesterdayCompare [ Source](https://github.com/authentin/eusig)[ Packagist](https://packagist.org/packages/authentin/eusig)[ RSS](/packages/authentin-eusig/feed)WikiDiscussions main Synced today READMEChangelogDependencies (6)Versions (2)Used By (1) eusig ===== [](#eusig) [![CI](https://github.com/authentin/authentin/actions/workflows/ci.yml/badge.svg)](https://github.com/authentin/authentin/actions/workflows/ci.yml)[![Latest Version](https://camo.githubusercontent.com/de057dba392688736db651f28d743808c9d69ef02b28ab839fb010da77595678/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f61757468656e74696e2f65757369672e737667)](https://packagist.org/packages/authentin/eusig)[![PHP Version](https://camo.githubusercontent.com/367fd1e0ce8466d51d4575e6bf0867e8d7c14a0b927cbf779fb7e7f26772c258/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f61757468656e74696e2f65757369672e737667)](https://packagist.org/packages/authentin/eusig)[![License](https://camo.githubusercontent.com/5c949edb84ff90abe44a68cd9d54d551dc64534d760e4834c86296067a3de29f/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f61757468656e74696e2f65757369672e737667)](https://packagist.org/packages/authentin/eusig) PHP library for creating and validating eIDAS-compliant electronic signatures (PAdES, XAdES, CAdES, JAdES) via the [EU DSS](https://github.com/esig/dss) REST API. Installation ------------ [](#installation) ``` composer require authentin/eusig ``` ### Prerequisites [](#prerequisites) You need a running [EU DSS](https://github.com/esig/dss) instance. The easiest way is Docker: ``` docker run -d -p 8080:8080 ghcr.io/authentin/dss:latest ``` > DSS requires ~2 GB of RAM and takes about 60 seconds to start. Wait for the healthcheck before making requests. You also need a PSR-18 HTTP client and PSR-17 factories. For example: ``` composer require symfony/http-client nyholm/psr7 ``` Quick start ----------- [](#quick-start) Sign a PDF in 10 lines: ``` use Authentin\Eusig\Dss\DssClient; use Authentin\Eusig\Dss\DssSigningClient; use Authentin\Eusig\Model\Document; use Authentin\Eusig\Model\SignatureLevel; use Authentin\Eusig\Model\SignatureParameters; use Authentin\Eusig\Signer; use Authentin\Eusig\Token\Pkcs12Token; use Nyholm\Psr7\Factory\Psr17Factory; use Symfony\Component\HttpClient\Psr18Client; $psr17 = new Psr17Factory(); $dssClient = new DssClient(new Psr18Client(), $psr17, $psr17, 'http://localhost:8080/services/rest'); $token = Pkcs12Token::fromFile('/path/to/keystore.p12', 'password'); $signer = new Signer(new DssSigningClient($dssClient), $token); $signed = $signer->sign( Document::fromLocalFile('/path/to/document.pdf'), new SignatureParameters(signatureLevel: SignatureLevel::PAdES_BASELINE_B), ); $signed->saveToFile('/path/to/signed.pdf'); ``` How it works ------------ [](#how-it-works) eusig wraps the [EU DSS REST API](https://github.com/esig/dss) two-step signing flow: ``` 1. getDataToSign → DSS computes the digest that needs signing 2. Token::sign → Your key signs the digest (PKCS#12, HSM, remote provider, ...) 3. signDocument → DSS embeds the signature into the document ``` The `Signer` class orchestrates all three steps. For advanced control, use `SigningClientInterface` directly. Interfaces ---------- [](#interfaces) InterfacePurpose`SignerInterface`Convenience — wraps all 3 steps into one `sign()` call`SigningClientInterface`Low-level DSS client — `getDataToSign()`, `signDocument()`, `extendDocument()`, `timestampDocument()``ValidatorInterface`DSS validation — `validateSignature()`, `getOriginalDocuments()``TokenInterface`Abstracts the cryptographic signing step — implement for PKCS#12, HSM, remote providersValidation ---------- [](#validation) ``` use Authentin\Eusig\Dss\DssClient; use Authentin\Eusig\Dss\DssValidator; use Authentin\Eusig\Model\Document; use Nyholm\Psr7\Factory\Psr17Factory; use Symfony\Component\HttpClient\Psr18Client; $psr17 = new Psr17Factory(); $dssClient = new DssClient(new Psr18Client(), $psr17, $psr17, 'http://localhost:8080/services/rest'); $validator = new DssValidator($dssClient); $result = $validator->validateSignature(Document::fromLocalFile('/path/to/signed.pdf')); echo $result->valid ? 'Valid' : 'Invalid'; echo "Signatures: {$result->signaturesCount}"; foreach ($result->signatures as $sig) { echo "{$sig->signedBy}: {$sig->indication}"; } ``` Extending signatures -------------------- [](#extending-signatures) Upgrade a signature level (e.g. B-B to B-T by adding a trusted timestamp): ``` use Authentin\Eusig\Model\SignatureLevel; use Authentin\Eusig\Model\SignatureParameters; $extended = $signingClient->extendDocument( $signed->toDocument(), new SignatureParameters(signatureLevel: SignatureLevel::PAdES_BASELINE_T), ); ``` Signature levels ---------------- [](#signature-levels) FormatB (basic)T (timestamp)LT (long-term)LTA (archival)PAdES (PDF)`PAdES_BASELINE_B``PAdES_BASELINE_T``PAdES_BASELINE_LT``PAdES_BASELINE_LTA`XAdES (XML)`XAdES_BASELINE_B``XAdES_BASELINE_T``XAdES_BASELINE_LT``XAdES_BASELINE_LTA`CAdES (CMS)`CAdES_BASELINE_B``CAdES_BASELINE_T``CAdES_BASELINE_LT``CAdES_BASELINE_LTA`JAdES (JSON)`JAdES_BASELINE_B``JAdES_BASELINE_T``JAdES_BASELINE_LT``JAdES_BASELINE_LTA`Custom tokens ------------- [](#custom-tokens) Implement `TokenInterface` to sign with any key source (HSM, remote provider, smart card): ``` use Authentin\Eusig\Contract\TokenInterface; use Authentin\Eusig\Model\Certificate; use Authentin\Eusig\Model\DigestAlgorithm; use Authentin\Eusig\Model\SignatureValue; use Authentin\Eusig\Model\ToBeSigned; class MyHsmToken implements TokenInterface { public function sign(ToBeSigned $toBeSigned, DigestAlgorithm $digestAlgorithm): SignatureValue { // Send $toBeSigned->bytes to your HSM / signing service // Return the signature value } public function getCertificate(): Certificate { /* ... */ } public function getCertificateChain(): array { /* ... */ } } ``` Symfony integration ------------------- [](#symfony-integration) For Symfony projects, use the [eusig-bundle](https://github.com/authentin/eusig-bundle) for autowiring, configuration, and DI: ``` composer require authentin/eusig-bundle ``` License ------- [](#license) MIT ### Health Score 38 — LowBetter than 84% of packages Maintenance100 Actively maintained with recent releases Popularity4 Limited adoption so far Community8 Small or concentrated contributor base Maturity35 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 1d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/41073314?v=4)[llupa](/maintainers/llupa)[@llupa](https://github.com/llupa) --- Top Contributors [![llupa](https://avatars.githubusercontent.com/u/41073314?v=4)](https://github.com/llupa "llupa (5 commits)") --- Tags signaturepadesxadeselectronic signatureeidascadespdf-signing ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/authentin-eusig/health.svg) ``` [![Health](https://phpackages.com/badges/authentin-eusig/health.svg)](https://phpackages.com/packages/authentin-eusig) ``` ### Alternatives [cakephp/cakephp The CakePHP framework 8.8k18.5M1.6k](/packages/cakephp-cakephp)[swisnl/json-api-client A PHP package for mapping remote JSON:API resources to Eloquent like models and collections. 211473.2k12](/packages/swisnl-json-api-client)[laudis/neo4j-php-client Neo4j-PHP-Client is the most advanced PHP Client for Neo4j 184616.9k31](/packages/laudis-neo4j-php-client)[neos/flow Flow Application Framework 862.0M447](/packages/neos-flow)[neos/flow-development-collection Flow packages in a joined repository for pull requests. 144179.3k3](/packages/neos-flow-development-collection)[windwalker/framework The next generation PHP framework. 25639.1k1](/packages/windwalker-framework) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)