DownloadOpenSSLSpkiFactory class
extends OpenSSLBase, implements OpenSSLInterface
Wrapper for PHP OpenSSL SPKI functions, encapsulates the SPKI (string) resource<br>
Note: You need to have a valid openssl.cnf installed for this to operate correctly.<br>
You will find convenient constants in OpenSSLInterface.<br>
Require a Psr\Log logger, provided by LoggerDepot<br>
Class property
spkac string spkac without 'SPKAC='-prefix
>Class constructor and factory methods
OpenSSLSpkiFactory::__construct( [ privateKey, challenge [, algorithm ]] )
If argument privateKey and challenge are set, a new spkac is set
privateKey resource
1. A private key, previously generated by openssl_pkey_new()
(or otherwise obtained from the other openssl_pkey family of functions).
2. A string having the format (file://)path/to/file.pem.
The named file must contain a PEM encoded certificate/private key (it may contain both).
3. A string, PEM formatted private key.
challenge string
To associate with the SPKAC
algorithm int
The digest algorithm.
MUST be one of Signature algorithms, https://www.php.net/manual/en/openssl.signature-algos.php
NOTE : (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
throws InvalidArgumentException, RunTimeException on error
OpenSSLSpkiFactory::factory( [ privateKey, challenge [, algorithm ]] )
If argument privateKey and challenge are set, a new spkac is set
privateKey resource
1. A private key, previously generated by openssl_pkey_new()
(or otherwise obtained from the other openssl_pkey family of functions).
2. A string having the format (file://)path/to/file.pem.
The named file must contain a PEM encoded certificate/private key (it may contain both).
3. A string, PEM formatted private key.
challenge string
To associate with the SPKAC
algorithm int
The digest algorithm.
MUST be one of Signature algorithms, https://www.php.net/manual/en/openssl.signature-algos.php
NOTE : (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
throws InvalidArgumentException, RunTimeException on error
static method
return static
>Class logic methods
OpenSSLSpkiFactory::export()
Return (exports) the associated PEM formatted public key - uses openssl_spki_export
return string
throws RuntimeException on error
OpenSSLSpkiFactory::getSPKACasString()
alias of OpenSSLSpkiFactory::export
OpenSSLSpkiFactory::exportChallenge()
uses openssl_spki_export_challenge
return string the challenge associated with a signed public key and challenge
throws RuntimeException on error
OpenSSLSpkiFactory::getChallengeAsString()
alias of OpenSSLSpkiFactory::exportChallenge
OpenSSLSpkiFactory::spkiNew( privateKey, challenge, algorithm = 0 )
uses openssl_spki_new
Generate and save a new signed public key and challenge - SPKI
privateKey resource
1. A private key, previously generated by openssl_pkey_new()
(or otherwise obtained from the other openssl_pkey family of functions).
2. A string having the format (file://)path/to/file.pem.
The named file must contain a PEM encoded certificate/private key (it may contain both).
3. A string, PEM formatted private key.
challenge string
To associate with the SPKAC
algorithm int
The digest algorithm.
MUST be one of Signature algorithms, https://www.php.net/manual/en/openssl.signature-algos.php
default 1, OPENSSL_ALGO_SHA1
NOTE : (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
return static
throws InvalidArgumentException, throws RuntimeException on error
OpenSSLSpkiFactory::verify( spkac )
uses openssl_spki_verify
NOTE : (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
spkac string
return bool true if a signed public key and challenge is verified ok
static method
>Getters and setters etc
OpenSSLSpkiFactory::removePrefix( spkac )
spkac string
return string without prefix
OpenSSLSpkiFactory::getSpkac()
return string SPKAC (with removed prefix)
OpenSSLSpkiFactory::isSpkiacSet()
return bool true if spkiac is set
OpenSSLSpkiFactory::setSpkac( spkac )
Set 'verified' SPKAC (with removed prefix)
spkac string
return static
throws InvalidArgumentException on error
Usage and examples
Please review test/OpenSSLSpkiFactoryTest.php
OpenSSLSpkiTest1
exceptions
OpenSSLSpkiTest21
__construct (+ spkiNew)
getSPKACasString
getChallengeAsString
OpenSSLSpkiTest22
populate spkiFactory from "spkac" string, test exceptions if verify not ok
[return to docs][return to README]
|