File: docs/OpenSSLSpkiFactory.md

Recommend this page to a friend!

docs/OpenSSLSpkiFactory.md

File:	`docs/OpenSSLSpkiFactory.md`
Role:	Auxiliary data
Content type:	`text/markdown`
Description:	Auxiliary data
Class:	PHP OpenSSL Toolbox Use SSL certificates to process data with OpenSSL
Author:	By Kjell-Inge Gustafsson
Last change:
Date:	5 years ago
Size:	`5,505 bytes`

Download

OpenSSLSpkiFactory class

extends OpenSSLBase, implements OpenSSLInterface

Wrapper for PHP OpenSSL SPKI functions, encapsulates the SPKI (string) resource<br> Note: You need to have a valid openssl.cnf installed for this to operate correctly.<br> You will find convenient constants in OpenSSLInterface.<br> Require a Psr\Log logger, provided by LoggerDepot<br>

Class property

spkac  string  spkac without 'SPKAC='-prefix

>Class constructor and factory methods

OpenSSLSpkiFactory::__construct( [ privateKey, challenge [, algorithm ]] )

If argument privateKey and challenge are set, a new spkac is set

privateKey   resource
               1. A private key, previously generated by openssl_pkey_new()
                  (or otherwise obtained from the other openssl_pkey family of functions).
               2. A string having the format (file://)path/to/file.pem.
                  The named file must contain a PEM encoded certificate/private key (it may contain both).
               3. A string, PEM formatted private key.
challenge   string
               To associate with the SPKAC
algorithm   int
               The digest algorithm.
                 MUST be one of Signature algorithms, https://www.php.net/manual/en/openssl.signature-algos.php
                 NOTE :  (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
                 
throws InvalidArgumentException, RunTimeException on error

OpenSSLSpkiFactory::factory( [ privateKey, challenge [, algorithm ]] )

If argument privateKey and challenge are set, a new spkac is set

privateKey   resource
               1. A private key, previously generated by openssl_pkey_new()
                  (or otherwise obtained from the other openssl_pkey family of functions).
               2. A string having the format (file://)path/to/file.pem.
                  The named file must contain a PEM encoded certificate/private key (it may contain both).
               3. A string, PEM formatted private key.
challenge   string
               To associate with the SPKAC
algorithm   int
               The digest algorithm.
                 MUST be one of Signature algorithms, https://www.php.net/manual/en/openssl.signature-algos.php
                 NOTE :  (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
                 
throws InvalidArgumentException, RunTimeException on error
static method
return static

>Class logic methods

OpenSSLSpkiFactory::export()

Return (exports) the associated PEM formatted public key - uses openssl_spki_export
return string
throws RuntimeException on error

OpenSSLSpkiFactory::getSPKACasString()

alias of OpenSSLSpkiFactory::export

OpenSSLSpkiFactory::exportChallenge()

uses openssl_spki_export_challenge
return string  the challenge associated with a signed public key and challenge
throws RuntimeException on error

OpenSSLSpkiFactory::getChallengeAsString()

alias of OpenSSLSpkiFactory::exportChallenge

OpenSSLSpkiFactory::spkiNew( privateKey, challenge, algorithm = 0 )

uses openssl_spki_new
Generate and save a new signed public key and challenge - SPKI

privateKey  resource
               1. A private key, previously generated by openssl_pkey_new()
                  (or otherwise obtained from the other openssl_pkey family of functions).
               2. A string having the format (file://)path/to/file.pem.
                  The named file must contain a PEM encoded certificate/private key (it may contain both).
               3. A string, PEM formatted private key.
challenge  string
               To associate with the SPKAC
algorithm  int
               The digest algorithm.
               MUST be one of Signature algorithms, https://www.php.net/manual/en/openssl.signature-algos.php
               default 1, OPENSSL_ALGO_SHA1
               NOTE :  (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok
               
return static
throws InvalidArgumentException, throws RuntimeException on error

OpenSSLSpkiFactory::verify( spkac )

uses openssl_spki_verify
NOTE :  (2) OPENSSL_ALGO_MD5, (3) OPENSSL_ALGO_MD4, (5) OPENSSL_ALGO_DSS1 don't verify ok

spkac        string

return bool     true if a signed public key and challenge is verified ok
static method

>Getters and setters etc

OpenSSLSpkiFactory::removePrefix( spkac )

spkac        string

return string   without prefix

OpenSSLSpkiFactory::getSpkac()

return string  SPKAC (with removed prefix)

OpenSSLSpkiFactory::isSpkiacSet()

return bool   true if spkiac is set

OpenSSLSpkiFactory::setSpkac( spkac )

Set 'verified' SPKAC (with removed prefix)

spkac        string

return static
throws InvalidArgumentException on error

Usage and examples

Please review test/OpenSSLSpkiFactoryTest.php

OpenSSLSpkiTest1
   exceptions

OpenSSLSpkiTest21
  __construct (+ spkiNew)
  getSPKACasString
  getChallengeAsString

OpenSSLSpkiTest22
  populate spkiFactory from "spkac" string, test exceptions if verify not ok

[return to docs][return to README]

About us

Advertise on this site

For more information send a message to info at phpclasses dot org.