PHP openssl_pkey_export_to_file函数代码示例

 public function testOpenSSLSignature()
 {
     if (!extension_loaded('OpenSSL')) {
         $this->markTestSkipped("Need OpenSSL extension");
     }
     // Generate a private key on the fly.
     $passphrase = uniqid();
     $passfile = PHING_TEST_BASE . '/etc/tasks/ext/pharpackage/pass.txt';
     file_put_contents($passfile, $passphrase);
     $pkey = openssl_pkey_new();
     openssl_pkey_export_to_file($pkey, PHING_TEST_BASE . '/etc/tasks/ext/pharpackage/priv.key', $passphrase);
     $this->executeTarget(__FUNCTION__);
     // Make sure we are dealing with an OpenSSL signature.
     // (Phar silently falls back to an SHA1 signature
     // whenever it fails to add an OpenSSL signature)
     $dest = PHING_TEST_BASE . '/etc/tasks/ext/pharpackage/pharpackage.phar';
     $this->assertFileExists($dest);
     $phar = new Phar($dest);
     $signature = $phar->getSignature();
     $this->assertEquals('OpenSSL', $signature['hash_type']);
     unlink(PHING_TEST_BASE . '/etc/tasks/ext/pharpackage/priv.key');
     unlink(PHING_TEST_BASE . '/etc/tasks/ext/pharpackage/pharpackage.phar.pubkey');
     unlink(PHING_TEST_BASE . '/etc/tasks/ext/pharpackage/pass.txt');
     unlink($dest);
 }

function createNewcertificate()
{
    global $gbl, $login, $ghtml;
    $cerpath = "server.crt";
    $keypath = "server.key";
    $requestpath = "a.csr";
    $ltemp["countryName"] = "IN";
    $ltemp["stateOrProvinceName"] = "Bn";
    $ltemp["localityName"] = "Bn";
    $ltemp["organizationName"] = "LxCenter";
    $ltemp["organizationalUnitName"] = "Kloxo";
    $ltemp["commonName"] = "Kloxo";
    $ltemp["emailAddress"] = "contact@lxcenter.org";
    $privkey = openssl_pkey_new();
    openssl_pkey_export_to_file($privkey, $keypath);
    $csr = openssl_csr_new($ltemp, $privkey);
    openssl_csr_export_to_file($csr, $requestpath);
    $sscert = openssl_csr_sign($csr, null, $privkey, 365);
    openssl_x509_export_to_file($sscert, $cerpath);
    $src = getcwd();
    $dest = '/usr/local/lxlabs/kloxo/ext/lxhttpd/conf';
    root_execsys("lxfilesys_mkdir", $dest . "/ssl.crt/");
    root_execsys("lxfilesys_mkdir", $dest . "/ssl.key/");
    root_execsys("lxfilesys_mv", "{$src}/{$cerpath}", $dest . "/ssl.crt/" . $cerpath);
    root_execsys("lxfilesys_mv", "{$src}/{$keypath}", $dest . "/ssl.key/" . $cerpath);
    root_execsys("lxfilesys_mv", "{$src}/{$requestpath}", "{$dest}/{$requestpath}");
}

 /**
  * Speichert den Schlüssel als PEM.
  *
  * @param string $filename
  * @param string $password
  * @param array $config
  */
 public function exportToFile(string $filename, string $password = NULL, array $config = [])
 {
     $status = openssl_pkey_export_to_file($this->getHandle(), $filename, $password, $config);
     if (!$status) {
         throw new RuntimeException(OpenSSL::getLastError());
     }
 }

function create_ca()
{
    global $file_ca_pkey, $file_ca_x509;
    global $pass, $config, $dn, $root_expire_time;
    $ca_key = openssl_pkey_new($config);
    // OpenSSL key
    $ca_csr = openssl_csr_new($dn, $ca_key, $config);
    // OpenSSL X.509 CSR
    $ca_cert = openssl_csr_sign($ca_csr, null, $ca_key, $root_expire_time);
    // OpenSSL X.509
    $ret = openssl_x509_export_to_file($ca_cert, $file_ca_x509);
    if (!$ret) {
        while ($msg = openssl_error_string()) {
            echo $msg . "<br />\n";
        }
        echo "-Err, create CA x509 fail!(" . __LINE__ . ")\n";
        exit(1);
    }
    $ret = openssl_pkey_export_to_file($ca_key, $file_ca_pkey, $pass, $config);
    if (!$ret) {
        while ($msg = openssl_error_string()) {
            echo $msg . "<br />\n";
        }
        echo "-Err, create CA pkey fail!(" . __LINE__ . ")\n";
        exit(1);
    }
    echo "+Ok, create CA succ!\n";
}

 public function makeKeys($distinguishedName, $passphrase = NULL, $certCA = NULL, $keyCA)
 {
     // keep track of the distinguished name
     $this->dn = $distinguishedName;
     // generate the pem-encoded private key
     $config = array('digest_alg' => 'sha1', 'private_key_bits' => 1024, 'encrypt_key' => TRUE);
     $key = openssl_pkey_new($config);
     // generate the certificate signing request...
     $csr = openssl_csr_new($this->dn, $key, $config);
     // and use it to make a self-signed certificate
     $this->serialNumber = rand();
     $cert = openssl_csr_sign($csr, NULL, $key, 365, $config, time());
     // make openssl forget the key
     openssl_free_key($keyCA);
     // export private and public keys
     openssl_pkey_export($key, $this->privatekey, $passphrase, $config);
     //openssl_pkey_export_to_file ( $this->privatekey , "server.key", $passphrase, $config )
     openssl_x509_export($cert, $this->certificate);
     // parse certificate
     $this->x509 = openssl_x509_parse($cert);
     if (isset($this->serialNumber)) {
         $outfilename = '/var/www/html/' . $this->serialNumber;
         // Gets an exportable representation of a key into a file
         openssl_pkey_export_to_file($key, $outfilename . '.pem', $passphrase, $config);
     }
     openssl_x509_export_to_file($this->certificate, $outfilename . '.crt', TRUE);
     return TRUE;
     // end of makeKeys() method
 }

 function generateKeyPair($publicKeyFile, $privateKeyFile)
 {
     // generate a 1024 bit rsa private key, returns a php resource, save to file
     $privateKey = openssl_pkey_new(array('private_key_bits' => 1024, 'private_key_type' => OPENSSL_KEYTYPE_RSA));
     openssl_pkey_export_to_file($privateKey, $privateKeyFile, $passphrase);
     // get the public key $keyDetails['key'] from the private key;
     $keyDetails = openssl_pkey_get_details($privateKey);
     file_put_contents($publicKeyFile, $keyDetails['key']);
 }

 /**
  * Initialise the private key.
  */
 protected function initPrivateKey()
 {
     if (!isset($config['private-key']['file']) || !file_exists($config['private-key']['file'])) {
         $this->privateKey = openssl_pkey_new();
         openssl_pkey_export_to_file($this->privateKey, $config['private-key']['file']);
     } else {
         $this->privateKey = openssl_pkey_new($config['private-key']['file']);
     }
 }

 public function generateKeyPair($saveTo)
 {
     $privateKey = openssl_pkey_new(array('private_key_bits' => 2048, 'private_key_type' => OPENSSL_KEYTYPE_RSA));
     if (!file_exists($saveTo . 'private.key') || !file_exists($saveTo . 'public.key')) {
         // Save the private key to private.key file. Never share this file with anyone.
         openssl_pkey_export_to_file($privateKey, $saveTo . 'private.key');
         // Generate the public key for the private key
         $a_key = openssl_pkey_get_details($privateKey);
         // Save the public key in public.key file. Send this file to anyone who want to send you the encrypted data.
         file_put_contents($saveTo . 'public.key', $a_key['key']);
         // Free the private Key.
         openssl_free_key($privateKey);
     }
 }

 public function create($bits = 2048, $folder = null)
 {
     $folder = $folder ? rtrim($folder, '/') : __DIR__;
     $public = $folder . '/public.key';
     $private = $folder . '/private.key';
     if (!is_writable($folder)) {
         throw new Exception('folder is not writable');
     }
     $config = ['private_key_bits' => $bits, 'private_key_type' => OPENSSL_KEYTYPE_RSA];
     $private_key = openssl_pkey_new($config);
     openssl_pkey_export_to_file($private_key, $private);
     $public_key = openssl_pkey_get_details($private_key);
     file_put_contents($public, $public_key['key']);
     openssl_free_key($private_key);
 }

 public function testGenerateSignedLink()
 {
     if (!extension_loaded('openssl')) {
         $this->markTestSkipped('OpenSSL is required for this test.');
     }
     $pemFile = sys_get_temp_dir() . '/aws-sdk-php-zf2-cloudfront-test.pem';
     if (!file_exists($pemFile)) {
         // Generate a new Certificate Signing Request and public/private keypair
         $csr = openssl_csr_new(array(), $keypair);
         // Create a self-signed certificate
         $x509 = openssl_csr_sign($csr, null, $keypair, 1);
         openssl_x509_export($x509, $certificate);
         // Create and save a private key
         $privateKey = openssl_get_privatekey($keypair);
         openssl_pkey_export_to_file($privateKey, $pemFile);
     }
     $this->viewHelper->setHostname('example.com');
     $link = $this->viewHelper->__invoke('my-object', '123abc', time() + 600, 'kpid', $pemFile);
     $this->assertRegExp('#^https\\:\\/\\/123abc\\.example\\.com\\/my-object\\?Expires\\=(.*)\\&Signature\\=(.*)\\&Key-Pair-Id\\=kpid$#', $link);
 }

 public function testKeyGen()
 {
     $fileName = 'testfile_ssl_id_rsa_' . date('Ymd_His') . '_' . uniqid('', true);
     $sslConfig = array('digest_alg' => 'sha512', 'private_key_bits' => 4096, 'private_key_type' => OPENSSL_KEYTYPE_RSA);
     $ssl = openssl_pkey_new($sslConfig);
     $this->assertTrue($ssl ? true : false);
     openssl_pkey_export_to_file($ssl, 'test_data/' . $fileName . '.prv');
     #fwrite(STDOUT, 'SSL ERROR: '.openssl_error_string()."\n");
     openssl_pkey_export_to_file($ssl, 'test_data/' . $fileName . '_pass.prv', 'my_password');
     #fwrite(STDOUT, 'SSL ERROR: '.openssl_error_string()."\n");
     $keyPub = openssl_pkey_get_details($ssl);
     #ve($keyPub);
     $keyPub = $keyPub['key'];
     file_put_contents('test_data/' . $fileName . '.pub', $keyPub);
     openssl_public_encrypt('test my keys', $encrypted, $keyPub);
     #fwrite(STDOUT, 'SSL ERROR: '.openssl_error_string()."\n");
     openssl_private_decrypt($encrypted, $decrypted, $ssl);
     #fwrite(STDOUT, 'SSL ERROR: '.openssl_error_string()."\n");
     $this->assertEquals('test my keys', $decrypted);
     openssl_pkey_free($ssl);
 }

 public function init($options)
 {
     parent::init($options);
     if (!extension_loaded("openssl")) {
         return;
     }
     $keyFile = $this->getPluginWorkDir(true) . "/agent.pem";
     if (file_exists($keyFile)) {
         return;
     }
     $config = array("digest_alg" => "sha1", "private_key_bits" => 1024, "private_key_type" => OPENSSL_KEYTYPE_RSA);
     // Create the private and public key
     $res = openssl_pkey_new($config);
     if ($res === false) {
         AJXP_Logger::error(__CLASS__, __FUNCTION__, "Warning, OpenSSL is active but could not correctly generate a key for Zoho Editor. Please make sure the openssl.cnf file is correctly set up.");
         while ($message = openssl_error_string()) {
             AJXP_Logger::debug(__CLASS__, __FUNCTION__, "Open SSL Error: " . $message);
         }
     } else {
         openssl_pkey_export_to_file($res, $keyFile);
     }
 }

 /**
  * Save the private key in a file using a passphrase
  * @param string $filename
  * @param string $passphrase
  * @return boolean
  */
 public function savePrivateKey(string $filename, string $passphrase)
 {
     return openssl_pkey_export_to_file($this->getPrivateKey(), $filename, $passphrase);
 }

<?php

$privateKey = openssl_pkey_new(array(
    'private_key_bits' => 1024,
    'private_key_type' => OPENSSL_KEYTYPE_RSA,
        ));
openssl_pkey_export_to_file($privateKey, 'private.key');
$a_key = openssl_pkey_get_details($privateKey);
file_put_contents('public.key', $a_key['key']);
openssl_free_key($privateKey);
?>

	/**
	* Generates the private key and certificate used by iDeal
	*
	* @return bool True on success, false on failure
	*/
	private function GenerateKeyAndCertificate()
	{
		if (file_exists($this->_keyFile) && file_exists($this->_certFile)) {
			return false;
		}

		// Create the keypair
		if (($key = openssl_pkey_new()) === false) {
			// could not create key
			$this->SetError(GetLang('IdealCantCreateKeyPair'));

			return false;
		}

		if (file_exists($this->_keyFile)) {
			if (!unlink($this->_keyFile)) {
				// could not delete old key file
				$this->SetError(GetLang('IdealCantDeleteKeyFile', array("keyFile" => $this->_keyFile)));

				return false;
			}
		}

		// export our key
		if (!openssl_pkey_export_to_file($key, $this->_keyFile, GetConfig('EncryptionToken'))) {
			// could not export key
			$this->SetError(GetLang('IdealCantExportKey'));

			return false;
		}

		chmod($this->_keyFile, ISC_WRITEABLE_FILE_PERM);

		$dn = array(
			"countryName" => GetCountryISO2ByName(GetConfig('CompanyCountry')),
			"stateOrProvinceName" => GetConfig('CompanyState'),
			"localityName" => GetConfig('CompanyCity'),
			"organizationName" => GetConfig('CompanyName'),
			"organizationalUnitName" => GetConfig('CompanyName'),
			"commonName" => GetConfig('CompanyName'),
			"emailAddress" => GetConfig('AdminEmail')
		);

		// create our certificate
		if (($csr = openssl_csr_new($dn, $key)) === false) {
			// could not create cert
			$this->SetError(GetLang('IdealCantCreateCert'));

			return false;
		}

		// self sign our certificate
		if (($sscert = openssl_csr_sign($csr, null, $key, 3650)) === false) {
			// could not sign cert
			$this->SetError(GetLang('IdealCantSignCert'));

			return false;
		}

		if (file_exists($this->_certFile)) {
			if (!unlink($this->_certFile)) {
				// could not delete old cert file
				$this->SetError(GetLang('IdealCantDeleteCertFile', array("certFile" => $this->_certFile)));

				return false;
			}
		}

		// export certificate to file
		if (!openssl_x509_export_to_file($sscert, $this->_certFile)) {
			// could not export cert
			$this->SetError(GetLang('IdealCantExportCert'));

			return false;
		}

		chmod($this->_certFile, ISC_WRITEABLE_FILE_PERM);

		return true;
	}