EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Server-side PHP Class Library for Securing PDF Documents: Signing, Encrypting and Timestamping

SecureBlackbox product diagram

PDFBlackbox (PHP edition, part of SecureBlackbox) integrates classes for securing and handling secure PDF documents on your PHP Web server. Sign PDF files and verify signatures, encrypt, decrypt, compress and decompress PDF documents, add and validate timestapms easily with a set of PHP functions.

Download and try now

Download SecureBlackbox (PHP edition) including PDFBlackbox

The Adobe PDF format is a de-facto standard for digital documents distributed over the Web. Combining the benefits of being truly portable across multiple platforms with uniform presentation regardless of the device or media, PDF files are perfect for distributing and printing documents.

Security including signing and encryption is part of the PDF standard. PDF files signed and/or encrypted with accordance to the published standard will be accessible by PDF readers on a wide range of devices across multiple platforms. Implement PDF security the easy way! The PHP edition of PDFBlackbox will enable your applications to sign, encrypt and timestamp PDF documents according to the published standard. Likewise, your users will be able to access encrypted PDF files, verify digital signatures and validate timestamps of PDF documents signed or encrypetd with other standard-compliant tools.

Why choose PDFBlackbox

  • PDFBlackbox is 100% standard compliant, enabling seamless compatibility across multiple platforms, devices and PDF readers
  • Use any tool to generate PDF documents. Leave security to PDFBlackbox
  • PDF timestamping allows your software to certify the time and date of applying the signature. Timestamping is available when signing PDF documents with PAdES standard
  • PDFBlackbox provides the complete PDF security support including signature and timestamp validation, and supports certificate revocation lists (CRLs) and online validation protocol (OCSP)
  • PDF security is certificate-based. PDFBlackbox offers functionality for creating and managing X.509 certificates, certificate storages and CRLs
  • The document that resides on the server can be signed with client-side certificate without downloading the complete document to the client (the feature requires Distributed Cryptography add-on)
  • The PHP edition of PDFBlackbox is perfect for building Web services and applications
  • Advanced developer-level technical support is available even if you are just evaluating the demo version

Main features

  • Supports PAdES (PDF Advanced Electronic Signature) standard (requires additional license for PKIBlackbox)
  • Certificate-based PDF signing question mark;
  • TSP (Timstamping Protocol, RFC 3161) support for timestamping and validating timestampsquestion mark
  • Certificate-based public key PDF encryption question mark
  • support for Cryptocards and USB Crypto Tokens question mark
  • Royalty-free licensing question mark;
  • Platform-independent support for PHP Web servers
  • Plenty of sample code available
  • Unlike free open source tools, SecureBlackbox comes with developer-level technical support question mark
Check the complete list of features.

Download SecureBlackbox (PHP) including PDFBlackbox

Read more about PDFBlackbox

Compression gives an additional level of security and lets you increase transfer speed significantly and reduce the network load and storage space requirements.

Synchronous operation mode gives you a linear programming approach without complicated callback functions. This approach saves your development time and reduces the number of errors.

Asynchronous operation mode, on the other hand, gives you flexibility and complete control over your application communications.

Synchronous operation mode gives you a linear programming approach without complicated callback functions. This approach saves your development time and reduces the number of errors. Simple SecureBlackbox components can be used for reliable data transfer no matter what type of proxy or firewall is used to protect the network.
HTTPS proxy access includes support for Basic, Digest and Windows Integrated (NTLM) authentication mechanisms.
You can process huge files and not be bound by restrictions of 32-bit environments. This feature works on both 32-bit and 64-bit systems without any limitations. To limit and control network load and bandwidth consumption you can setup maximum upload and download speed for the data transfer components. Transport (SSL, FTP, HTTP, SMTP, POP3, IMAP, WebDAV, LDAP, SSH, SFTP) components can be used in IPv6 networks without any problems, address conversions or packet wrapping. Transport (SSL, FTP, HTTP, SMTP, POP3, IMAP, WebDAV, LDAP, SSH, SFTP) components understand and make use of non-latin domain names (so-called International Domain Names, IDN). In FIPS operation mode SecureBlackbox uses only certified CryptoAPI modules of Windows to perform any cryptographic operations.
FIPS mode is available only on Windows platform.
Virtual File System adapters let SecureBlackbox components, which operate with files, work with various backend file storages and not just with "physical" disk.
For example, in WebDAV, SFTP, HTTP(S) and FTP(S) servers you can provide a personal storage space for each connected user.
Out of the box file system adapter and SolFS virtual file system adapter are included and you can easily create your own adapter.
With DNSSEC support enabled you protect your socket connection from being fooled by possible DNS cache poisoning and other malicious DNS activities.
DNSSEC requires that the DNS record for the destination server contains a certified signature.
Distributed Crypto modules let web site visitors use certificates accessible only on the client system to sign the data, stored on the server (no need to download this data).
This is done with help of client-side modules (Java applet, ActiveX control, Flash applet), embedded into the web page.
Cryptographic hardware gains more and more popularity every day. If your software deals with X.509 certificates or PKI in general (RSA keys etc.), it is time to support cryptocards and USB tokens.
To use cryptographic hardware you need a license for PKIBlackbox.
SecureBlackbox was written from the ground up by EldoS developers. It doesn't use third-party code to implement its cryptographic functions. This means that you are not bound by CryptoAPI or OpenSSL version when you need to use certain algorithm.
At the same time it's possible to plug third-party security libraries and hardware modules by utilizing the pluggable architecture of SecureBlackbox.
No royalties means the licensing procedure which is clear and easy to understand and manage. Pay for the license once and use it for development and deployment with no other payments. We provide free technical support via web-based Forum and HelpDesk. Support is available for everyone, and the requests from clients who purchased a license are given priority. Also you can use our extensive knowledgebase. With PDFBlackbox you can be sure that you can exchange the documents with any PDF application that the other party uses. Password-based encryption is the basic encryption type supported by most (if not all) PDF readers. Many components can encrypt the data using the password. But it's PDFBlackbox that provides document encryption using X.509 certificate. With certificate-based encryption you can prepare the documents, which are supposed to be read by just one or several recipients. And you don't need to share the common passwords between all parties. Digital signing of the documents becomes more and more popular every day. Now you can publish your documents and sign them with X.509 certificates without the need for expensive Acrobat and its SDK. Timestamping is a vital part of digital signing procedure, that allows you to certify the time, when the signature was made. With PDFBlackbox you can create visible or invisible signatures. What's more, you can create certification and modifcation detection signatures. This type of signatures allows certain document modifications such as filling the forms while protecting the main document contents. Validation of the digital signature is usually much more than just verifying the cryptographic signature. Correct validation includes signature verification, checking of the signature timestamp, verification of validity of the certificate and all of its issuer certficates. With PDFBlackbox you can build your own verification procedures.

Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!