Framework-agnostic AS2 (Applicability Statement 2) server library for secure, authenticated B2B document exchange with non-repudiation capabilities.
- Complete RFC 4130 Compliance - Full AS2 protocol implementation
- All 12 Security Permutations - Support for signed/unsigned, encrypted/unencrypted messages with/without receipts
- Synchronous & Asynchronous MDNs - Both immediate and delayed receipts
- Non-Repudiation of Receipt (NRR) - Complete audit trail with MIC validation
- S/MIME Security - Encryption/decryption and digital signatures using OpenSSL
- Framework Agnostic - Works with Laravel, Symfony, or plain PHP
- PSR Compliant - Follows PHP-FIG standards (PSR-1, PSR-2/PSR-12, PSR-4, PSR-7, PSR-3)
- Type Safe - PHP 8.4 with strict typing, readonly properties, complete type hints
- High Performance - Streaming parser for large messages, efficient Message-ID indexing
- PHP 8.4 or higher
- OpenSSL extension
- mbstring extension
- Composer
composer require php-as2/as2-serverSee Quick Start Guide for detailed integration examples.
<?php
declare(strict_types=1);
use As2\As2Server;
use As2\Partnership\PartnershipManager;
use As2\Storage\FileMessageRepository;
// Initialize AS2 server
$messageRepository = new FileMessageRepository('/var/as2/messages');
$partnershipManager = new PartnershipManager('/var/as2/partnerships.json');
$server = new As2Server($messageRepository, $partnershipManager);
// Receive message
$response = $server->receive($_SERVER, file_get_contents('php://input'));
// Send response
http_response_code($response->getStatusCode());
foreach ($response->getHeaders() as $name => $values) {
foreach ($values as $value) {
header("$name: $value");
}
}
echo $response->getBody();- Implementation Plan - Technical architecture and design
- Data Model - Entity definitions and relationships
- Interface Contracts - Layer interfaces
- Quick Start Guide - Integration examples
- Research - Technical decisions and RFC analysis
# Run all tests
composer test
# Run with coverage
composer test:coverage
# Run static analysis
composer phpstan
# Run code style check
composer cs:check
# Fix code style
composer cs:fix
# Run all checks
composer checkThis library supports all 12 AS2 security configurations:
| Encryption | Signature | MDN | Receipt Signed | Use Case |
|---|---|---|---|---|
| ✓ | ✓ | Sync | ✓ | Maximum security with NRR |
| ✓ | ✓ | Async | ✓ | Encrypted+signed with async receipt |
| ✓ | ✓ | None | - | Encrypted+signed, no receipt |
| ✓ | ✗ | Sync | ✓ | Encrypted only with verified receipt |
| ✓ | ✗ | Async | ✓ | Encrypted only with async receipt |
| ✓ | ✗ | None | - | Encrypted only, no receipt |
| ✗ | ✓ | Sync | ✓ | Signed only with verified receipt |
| ✗ | ✓ | Async | ✓ | Signed only with async receipt |
| ✗ | ✓ | None | - | Signed only, no receipt |
| ✗ | ✗ | Sync | ✗ | Plain message with simple receipt |
| ✗ | ✗ | Async | ✗ | Plain message with async receipt |
| ✗ | ✗ | None | - | Plain message, no receipt |
MIT License - see LICENSE file for details.