PHP Classes

File: docs/OpenSSLSpkiFactory.md

Recommend this page to a friend!
  Classes of Kjell-Inge Gustafsson   PHP OpenSSL Toolbox   docs/OpenSSLSpkiFactory.md   Download  
File: docs/OpenSSLSpkiFactory.md
Role: Auxiliary data
Content type: text/markdown
Description: Auxiliary data
Class: PHP OpenSSL Toolbox
Use SSL certificates to process data with OpenSSL
Author: By
Last change:
Date: 4 years ago
Size: 5,505 bytes
 

Contents

Class file image Download

OpenSSLSpkiFactory class

extends OpenSSLBase, implements OpenSSLInterface

Wrapper for PHP OpenSSL SPKI functions, encapsulates the SPKI (string) resource<br> Note: You need to have a valid openssl.cnf installed for this to operate correctly.<br> You will find convenient constants in OpenSSLInterface.<br> Require a Psr\Log logger, provided by LoggerDepot<br>

Class property

spkac  string  spkac without 'SPKAC='-prefix

>Class constructor and factory methods

OpenSSLSpkiFactory::__construct( [ privateKey, challenge [, algorithm ]] )
If argument privateKey and challenge are set, a new spkac is set

privateKey   resource
               1. A private key, previously generated by openssl_pkey_new()
                  (or otherwise obtained from the other openssl_pkey family of functions).
               2. A string having the format (file://)path/to/file.pem.
                  The named file must contain a PEM encoded certificate/private key (it may contain both).
               3. A string, PEM formatted private key.
challenge   string
               To associate with the SPKAC
algorithm   int
               The digest algorithm.
                 MUST be one of Signature algorithms, https://www.php.net/manual/en/openssl.signature-algos.php
                 NOTE :  (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
                 
throws InvalidArgumentException, RunTimeException on error

OpenSSLSpkiFactory::factory( [ privateKey, challenge [, algorithm ]] )
If argument privateKey and challenge are set, a new spkac is set

privateKey   resource
               1. A private key, previously generated by openssl_pkey_new()
                  (or otherwise obtained from the other openssl_pkey family of functions).
               2. A string having the format (file://)path/to/file.pem.
                  The named file must contain a PEM encoded certificate/private key (it may contain both).
               3. A string, PEM formatted private key.
challenge   string
               To associate with the SPKAC
algorithm   int
               The digest algorithm.
                 MUST be one of Signature algorithms, https://www.php.net/manual/en/openssl.signature-algos.php
                 NOTE :  (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
                 
throws InvalidArgumentException, RunTimeException on error
static method
return static

>Class logic methods

OpenSSLSpkiFactory::export()
Return (exports) the associated PEM formatted public key - uses openssl_spki_export
return string
throws RuntimeException on error

OpenSSLSpkiFactory::getSPKACasString()
alias of OpenSSLSpkiFactory::export

OpenSSLSpkiFactory::exportChallenge()
uses openssl_spki_export_challenge
return string  the challenge associated with a signed public key and challenge
throws RuntimeException on error

OpenSSLSpkiFactory::getChallengeAsString()
alias of OpenSSLSpkiFactory::exportChallenge

OpenSSLSpkiFactory::spkiNew( privateKey, challenge, algorithm = 0 )
uses openssl_spki_new
Generate and save a new signed public key and challenge - SPKI

privateKey  resource
               1. A private key, previously generated by openssl_pkey_new()
                  (or otherwise obtained from the other openssl_pkey family of functions).
               2. A string having the format (file://)path/to/file.pem.
                  The named file must contain a PEM encoded certificate/private key (it may contain both).
               3. A string, PEM formatted private key.
challenge  string
               To associate with the SPKAC
algorithm  int
               The digest algorithm.
               MUST be one of Signature algorithms, https://www.php.net/manual/en/openssl.signature-algos.php
               default 1, OPENSSL_ALGO_SHA1
               NOTE :  (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
               
return static
throws InvalidArgumentException, throws RuntimeException on error

OpenSSLSpkiFactory::verify( spkac )
uses openssl_spki_verify
NOTE :  (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok

spkac        string

return bool     true if a signed public key and challenge is verified ok
static method

>Getters and setters etc

OpenSSLSpkiFactory::removePrefix( spkac )
spkac        string

return string   without prefix

OpenSSLSpkiFactory::getSpkac()
return string  SPKAC (with removed prefix)

OpenSSLSpkiFactory::isSpkiacSet()
return bool   true if spkiac is set

OpenSSLSpkiFactory::setSpkac( spkac )
Set 'verified' SPKAC (with removed prefix)

spkac        string

return static
throws InvalidArgumentException on error

Usage and examples

Please review test/OpenSSLSpkiFactoryTest.php

OpenSSLSpkiTest1
   exceptions

OpenSSLSpkiTest21
  __construct (+ spkiNew)
  getSPKACasString
  getChallengeAsString

OpenSSLSpkiTest22
  populate spkiFactory from "spkac" string, test exceptions if verify not ok

[return to docs][return to README]