# `SignCore`
[🔗](https://github.com/utaladriz/pkcs11ex/blob/v0.1.0/lib/sign_core.ex#L1)

Signer-agnostic primitives for PDF (PAdES B-B / B-T) and XML
(XAdES B-B / B-T) signing on top of CMS / XML-DSig.

Apps wire in their own signature source by implementing the
`SignCore.Signer` protocol on a struct of their choosing:

  * `pkcs11ex` — PKCS#11 hardware tokens / cloud HSMs.
    `%Pkcs11ex.Signer{slot_ref: ..., key_ref: ...}`
  * `soft_signer` — software keys from PKCS#12 / PKCS#8 PEM.
    `%SoftSigner.PKCS12{...}`, `%SoftSigner.PKCS8{...}`

Once a signer is constructed, the format adapters look the same
to callers regardless of where the bytes get signed:

    {:ok, signed_pdf} =
      SignCore.PDF.sign(pdf,
        signer: signer,
        alg: :PS256,
        x5c: leaf_der
      )

    {:ok, _subject_id} =
      SignCore.PDF.verify(signed_pdf)

Verification is signer-independent — `SignCore.PDF.verify/2` and
`SignCore.XML.verify/2` only need the leaf cert's SPKI from the
embedded chain, plus a `SignCore.Policy` decision on whether to
trust it. Verify-only deployments can depend on `:sign_core` alone
and ship no signer implementation at all.

---

*Consult [api-reference.md](api-reference.md) for complete listing*