当前位置: 首页>>代码示例>>PHP>>正文


PHP openssl_x509_free函数代码示例

本文整理汇总了PHP中openssl_x509_free函数的典型用法代码示例。如果您正苦于以下问题:PHP openssl_x509_free函数的具体用法?PHP openssl_x509_free怎么用?PHP openssl_x509_free使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了openssl_x509_free函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: setUpBeforeClass

 public static function setUpBeforeClass()
 {
     self::$pKey = openssl_pkey_new();
     $csr = openssl_csr_new([], self::$pKey);
     $x509 = openssl_csr_sign($csr, null, self::$pKey, 1);
     openssl_x509_export($x509, self::$certificate);
     openssl_x509_free($x509);
 }
开发者ID:poisa,项目名称:aws-php-sns-message-validator,代码行数:8,代码来源:MessageValidatorTest.php

示例2: loadKeyFromCertificate

 /**
  * @param string $certificate
  *
  * @throws \InvalidArgumentException
  *
  * @return array
  */
 public static function loadKeyFromCertificate($certificate)
 {
     try {
         $res = openssl_x509_read($certificate);
     } catch (\Exception $e) {
         $certificate = self::convertDerToPem($certificate);
         $res = openssl_x509_read($certificate);
     }
     if (false === $res) {
         throw new \InvalidArgumentException('Unable to load the certificate');
     }
     $values = self::loadKeyFromX509Resource($res);
     openssl_x509_free($res);
     return $values;
 }
开发者ID:gitter-badger,项目名称:jose,代码行数:22,代码来源:KeyConverter.php

示例3: getIssuer

 public static function getIssuer($cert)
 {
     if ($cert == NULL) {
         return 'http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self';
     } else {
         $resource = file_get_contents($cert);
         $check_cert = openssl_x509_read($resource);
         $array = openssl_x509_parse($check_cert);
         openssl_x509_free($check_cert);
         $schema = $array['name'];
         $pattern = '/.*CN=/';
         $replacement = '';
         $CN = preg_replace($pattern, $replacement, $schema);
         return $CN;
     }
 }
开发者ID:danielkjfrog,项目名称:docker,代码行数:16,代码来源:Utils.php

示例4: calculate_RP_PPID_Seed_2_2007

function calculate_RP_PPID_Seed_2_2007($certs)
{
    $check_cert = openssl_x509_read(file_get_contents($certs[0]));
    $array = openssl_x509_parse($check_cert);
    openssl_x509_free($check_cert);
    $OrgIdString = '|O="' . $array['subject']['O'] . '"|L="' . $array['subject']['L'] . '"|S="' . $array['subject']['ST'] . '"|C="' . $array['subject']['C'] . '"|';
    $numcerts = sizeof($certs);
    for ($i = 1; $i < $numcerts; $i++) {
        $check_cert = openssl_x509_read(file_get_contents($certs[$i]));
        $array = openssl_x509_parse($check_cert);
        openssl_x509_free($check_cert);
        $tmpstring = '|ChainElement="CN=' . $array['subject']['CN'] . ', OU=' . $array['subject']['OU'] . ', O=' . $array['subject']['O'] . ', L=' . $array['subject']['L'] . ', S=' . $array['subject']['ST'] . ', C=' . $array['subject']['C'] . '"';
        $OrgIdString = $tmpstring . $OrgIdString;
    }
    $OrgIdBytes = iconv("UTF-8", "UTF-16LE", $OrgIdString);
    $RPPPIDSeed = hash('sha256', $OrgIdBytes, TRUE);
    return $RPPPIDSeed;
}
开发者ID:Stony-Brook-University,项目名称:doitsbu,代码行数:18,代码来源:STS_card_issuer.php

示例5: validateSslOptions

 protected function validateSslOptions()
 {
     // Get the contents.
     $sslCertFile = file_exists($this->certPath) ? trim(file_get_contents($this->certPath)) : '';
     $sslKeyFile = file_exists($this->keyPath) ? trim(file_get_contents($this->keyPath)) : '';
     $sslChainFiles = $this->assembleChainFiles($this->chainPaths);
     // Do a bit of validation.
     // @todo: Cert first.
     $certResource = openssl_x509_read($sslCertFile);
     if (!$certResource) {
         throw new \Exception("The provided certificate is either not a valid X509 certificate or could not be read.");
     }
     // Then the key. Does it match?
     $keyResource = openssl_pkey_get_private($sslKeyFile);
     if (!$keyResource) {
         throw new \Exception("The provided private key is either not a valid RSA private key or could not be read.");
     }
     $keyMatch = openssl_x509_check_private_key($certResource, $keyResource);
     if (!$keyMatch) {
         throw new \Exception("The provided certificate does not match the provided private key.");
     }
     // Each chain needs to be a valid cert.
     foreach ($sslChainFiles as $chainFile) {
         $chainResource = openssl_x509_read($chainFile);
         if (!$chainResource) {
             throw new \Exception("One of the provided certificates in the chain is not a valid X509 certificate.");
         } else {
             openssl_x509_free($chainResource);
         }
     }
     // Yay we win.
     $this->sslOptions = array('certificate' => $sslCertFile, 'key' => $sslKeyFile, 'chain' => $sslChainFiles);
     return true;
 }
开发者ID:pjcdawkins,项目名称:platformsh-cli,代码行数:34,代码来源:DomainAddCommand.php

示例6: createFromX5C

 /**
  * @param array $x5c
  * @param array $additional_values
  *
  * @return \Jose\Object\JWKInterface
  */
 public static function createFromX5C(array $x5c, array $additional_values = [])
 {
     $certificate = null;
     $last_issuer = null;
     $last_subject = null;
     foreach ($x5c as $cert) {
         $current_cert = "-----BEGIN CERTIFICATE-----\n{$cert}\n-----END CERTIFICATE-----";
         $x509 = openssl_x509_read($current_cert);
         if (false === $x509) {
             $last_issuer = null;
             $last_subject = null;
             break;
         }
         $parsed = openssl_x509_parse($x509);
         openssl_x509_free($x509);
         if (false === $parsed) {
             $last_issuer = null;
             $last_subject = null;
             break;
         }
         if (null === $last_subject) {
             $last_subject = $parsed['subject'];
             $last_issuer = $parsed['issuer'];
             $certificate = $current_cert;
         } else {
             if (json_encode($last_issuer) === json_encode($parsed['subject'])) {
                 $last_subject = $parsed['subject'];
                 $last_issuer = $parsed['issuer'];
             } else {
                 $last_issuer = null;
                 $last_subject = null;
                 break;
             }
         }
     }
     if (null === $last_issuer || json_encode($last_issuer) !== json_encode($last_subject)) {
         throw new \InvalidArgumentException('Invalid certificate chain.');
     }
     return self::createFromCertificate($certificate, $additional_values);
 }
开发者ID:gitter-badger,项目名称:jose,代码行数:46,代码来源:KeyFactory.php

示例7: mnet_generate_keypair

/**
 * Generate public/private keys and store in the config table
 *
 * Use the distinguished name provided to create a CSR, and then sign that CSR
 * with the same credentials. Store the keypair you create in the config table.
 * If a distinguished name is not provided, create one using the fullname of
 * 'the course with ID 1' as your organization name, and your hostname (as
 * detailed in $CFG->wwwroot).
 *
 * @param   array  $dn  The distinguished name of the server
 * @return  string      The signature over that text
 */
function mnet_generate_keypair($dn = null, $days = 28)
{
    global $CFG, $USER;
    // check if lifetime has been overriden
    if (!empty($CFG->mnetkeylifetime)) {
        $days = $CFG->mnetkeylifetime;
    }
    $host = strtolower($CFG->wwwroot);
    $host = ereg_replace("^http(s)?://", '', $host);
    $break = strpos($host . '/', '/');
    $host = substr($host, 0, $break);
    if ($result = get_record_select('course', " id ='" . SITEID . "' ")) {
        $organization = $result->fullname;
    } else {
        $organization = 'None';
    }
    $keypair = array();
    $country = 'NZ';
    $province = 'Wellington';
    $locality = 'Wellington';
    $email = $CFG->noreplyaddress;
    if (!empty($USER->country)) {
        $country = $USER->country;
    }
    if (!empty($USER->city)) {
        $province = $USER->city;
        $locality = $USER->city;
    }
    if (!empty($USER->email)) {
        $email = $USER->email;
    }
    if (is_null($dn)) {
        $dn = array("countryName" => $country, "stateOrProvinceName" => $province, "localityName" => $locality, "organizationName" => $organization, "organizationalUnitName" => 'Moodle', "commonName" => $CFG->wwwroot, "emailAddress" => $email);
    }
    $dnlimits = array('countryName' => 2, 'stateOrProvinceName' => 128, 'localityName' => 128, 'organizationName' => 64, 'organizationalUnitName' => 64, 'commonName' => 64, 'emailAddress' => 128);
    foreach ($dnlimits as $key => $length) {
        $dn[$key] = substr($dn[$key], 0, $length);
    }
    // ensure we remove trailing slashes
    $dn["commonName"] = preg_replace(':/$:', '', $dn["commonName"]);
    if (!empty($CFG->opensslcnf)) {
        //allow specification of openssl.cnf especially for Windows installs
        $new_key = openssl_pkey_new(array("config" => $CFG->opensslcnf));
        $csr_rsc = openssl_csr_new($dn, $new_key, array("config" => $CFG->opensslcnf));
        $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days, array("config" => $CFG->opensslcnf));
    } else {
        $new_key = openssl_pkey_new();
        $csr_rsc = openssl_csr_new($dn, $new_key, array('private_key_bits', 2048));
        $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days);
    }
    unset($csr_rsc);
    // Free up the resource
    // We export our self-signed certificate to a string.
    openssl_x509_export($selfSignedCert, $keypair['certificate']);
    openssl_x509_free($selfSignedCert);
    // Export your public/private key pair as a PEM encoded string. You
    // can protect it with an optional passphrase if you wish.
    if (!empty($CFG->opensslcnf)) {
        //allow specification of openssl.cnf especially for Windows installs
        $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'], null, array("config" => $CFG->opensslcnf));
    } else {
        $export = openssl_pkey_export($new_key, $keypair['keypair_PEM']);
    }
    openssl_pkey_free($new_key);
    unset($new_key);
    // Free up the resource
    return $keypair;
}
开发者ID:JackCanada,项目名称:moodle-hacks,代码行数:80,代码来源:lib.php

示例8: test_openssl_x509_free

function test_openssl_x509_free()
{
    $fcert = file_get_contents(__DIR__ . "/test_x509.crt");
    $cert = openssl_x509_read($fcert);
    VERIFY($cert != null);
    openssl_x509_free($cert);
}
开发者ID:ezoic,项目名称:hhvm,代码行数:7,代码来源:ext_openssl.php

示例9: __destruct

 /**
  * Destructor
  *
  */
 public function __destruct()
 {
     if (is_resource($this->_res)) {
         openssl_x509_free($this->_res);
     }
 }
开发者ID:xp-framework,项目名称:security,代码行数:10,代码来源:X509Certificate.class.php

示例10: verify

 /**
  * Verifies the signature of the document and that the signing certificate
  * stems from a trusted root CA.
  * 
  * Returns the CN of the signing certificate if valid.
  *
  * @param str $xml XML doc to verify
  * @param str $signature_value Base64 encoded signature to verify against.
  * @returns str
  */
 function verify($xml, $signature_value)
 {
     $doc = $this->parse_doc($xml);
     $xp = $this->get_xpath($doc);
     $valid = $this->validate_xml($xp);
     $certs = $this->parse_certificates($xp);
     $cert = openssl_x509_read($certs[0]);
     $parsed_certificate = openssl_x509_parse($cert);
     $pubkey = openssl_pkey_get_public($cert);
     $valid = openssl_verify($xml, base64_decode($signature_value), $pubkey);
     openssl_pkey_free($pubkey);
     openssl_x509_free($cert);
     $signed_by = null;
     if (!$valid) {
         throw new GApps_Discovery_Exception("Signature verification failed.");
     }
     $trusted = $this->validate_chain($certs);
     if (!$trusted) {
         throw new GApps_Discovery_Exception("Can not verify trust chain.");
     }
     $subject = $parsed_certificate["subject"];
     $signed_by = strtolower($subject["CN"]);
     return $signed_by;
 }
开发者ID:ashishvazirani,项目名称:food,代码行数:34,代码来源:google_discovery.php

示例11: client_addSslCert

/**
 * Add or update an SSL certificate
 *
 * @throws iMSCP_Exception
 * @throws iMSCP_Exception_Database
 * @param int $domainId domain unique identifier
 * @param string $domainType Domain type (dmn|als|sub|alssub)
 * @return void
 */
function client_addSslCert($domainId, $domainType)
{
    $config = iMSCP_Registry::get('config');
    $domainName = _client_getDomainName($domainId, $domainType);
    $selfSigned = isset($_POST['selfsigned']);
    if ($domainName === false) {
        showBadRequestErrorPage();
    }
    if ($selfSigned && !client_generateSelfSignedCert($domainName)) {
        set_page_message(tr('Could not generate SSL certificate. An unexpected error occurred.'), 'error');
        return;
    }
    if (!isset($_POST['passphrase']) || !isset($_POST['private_key']) || !isset($_POST['certificate']) || !isset($_POST['ca_bundle']) || !isset($_POST['cert_id'])) {
        showBadRequestErrorPage();
    }
    $passPhrase = clean_input($_POST['passphrase']);
    $privateKey = clean_input($_POST['private_key']);
    $certificate = clean_input($_POST['certificate']);
    $caBundle = clean_input($_POST['ca_bundle']);
    $certId = intval($_POST['cert_id']);
    if (!$selfSigned) {
        // Validate SSL certificate (private key, SSL certificate and certificate chain)
        $privateKey = @openssl_pkey_get_private($privateKey, $passPhrase);
        if (!is_resource($privateKey)) {
            set_page_message(tr('Invalid private key or passphrase.'), 'error');
            return;
        }
        $certificateStr = $certificate;
        $certificate = @openssl_x509_read($certificate);
        if (!is_resource($certificate)) {
            set_page_message(tr('Invalid SSL certificate.'), 'error');
            return;
        }
        if (!@openssl_x509_check_private_key($certificate, $privateKey)) {
            set_page_message(tr("The private key doesn't belong to the provided SSL certificate."), 'error');
            return;
        }
        if (!($tmpfname = @tempnam(sys_get_temp_dir(), intval($_SESSION['user_id']) . 'ssl-ca'))) {
            write_log('Could not create temporary file for CA bundle..', E_USER_ERROR);
            set_page_message(tr('Could not add/update SSL certificate. An unexpected error occurred.'), 'error');
            return;
        }
        register_shutdown_function(function ($file) {
            @unlink($file);
        }, $tmpfname);
        if ($caBundle !== '') {
            if (!@file_put_contents($tmpfname, $caBundle)) {
                write_log('Could not export customer CA bundle in temporary file.', E_USER_ERROR);
                set_page_message(tr('Could not add/update SSL certificate. An unexpected error occurred.'), 'error');
                return;
            }
            // Note: Here we also add the CA bundle in the trusted chain to support self-signed certificates
            if (@openssl_x509_checkpurpose($certificate, X509_PURPOSE_SSL_SERVER, array($config['DISTRO_CA_BUNDLE'], $tmpfname), $tmpfname)) {
                set_page_message(tr('At least one intermediate certificate is invalid or missing.'), 'error');
                return;
            }
        } else {
            @file_put_contents($tmpfname, $certificateStr);
            // Note: Here we also add the certificate in the trusted chain to support self-signed certificates
            if (!@openssl_x509_checkpurpose($certificate, X509_PURPOSE_SSL_SERVER, array($config['DISTRO_CA_BUNDLE'], $tmpfname))) {
                set_page_message(tr('At least one intermediate certificate is invalid or missing.'), 'error');
                return;
            }
        }
    }
    // Preparing data for insertion in database
    if (!$selfSigned) {
        if (!@openssl_pkey_export($privateKey, $privateKeyStr)) {
            write_log('Could not export private key.', E_USER_ERROR);
            set_page_message(tr('Could not add/update SSL certificate. An unexpected error occurred.'), 'error');
            return;
        }
        @openssl_pkey_free($privateKey);
        if (!@openssl_x509_export($certificate, $certificateStr)) {
            write_log('Could not export SSL certificate.', E_USER_ERROR);
            set_page_message(tr('Could not add/update SSL certificate. An unexpected error occurred.'), 'error');
            return;
        }
        @openssl_x509_free($certificate);
        $caBundleStr = str_replace("\r\n", "\n", $caBundle);
    } else {
        $privateKeyStr = $privateKey;
        $certificateStr = $certificate;
        $caBundleStr = $caBundle;
    }
    $db = iMSCP_Database::getInstance();
    try {
        $db->beginTransaction();
        if ($certId == 0) {
            // Add new certificate
            exec_query('
//.........这里部分代码省略.........
开发者ID:svenjantzen,项目名称:imscp,代码行数:101,代码来源:cert_view.php

示例12: headerFunction

    headerFunction("../general/login.php?msg=logout");
}
$auth = returnGlobal('auth', 'GET');
$loginForm = returnGlobal('loginForm', 'POST');
$passwordForm = returnGlobal('passwordForm', 'POST');
$match = false;
$ssl = false;
if (!empty($SSL_CLIENT_CERT) && !$logout && $auth != "test") {
    $auth = "on";
    $ssl = true;
    if (function_exists("openssl_x509_read")) {
        $x509 = openssl_x509_read($SSL_CLIENT_CERT);
        $cert_array = openssl_x509_parse($x509, true);
        $subject_array = $cert_array["subject"];
        $ssl_email = $subject_array["Email"];
        openssl_x509_free($x509);
    } else {
        $ssl_email = `echo "{$SSL_CLIENT_CERT}" | {$pathToOpenssl} x509 -noout -email`;
    }
} else {
    //test blank fields in form
    if ($auth == "test") {
        if ($loginForm == "" && $passwordForm == "") {
            $error = $strings["login_username"] . "<br/>" . $strings["login_password"];
        } else {
            if ($loginForm == "") {
                $error = $strings["login_username"];
            } else {
                if ($passwordForm == "") {
                    $error = $strings["login_password"];
                } else {
开发者ID:ColBT,项目名称:php_tut,代码行数:31,代码来源:login.php

示例13: getSignature

 protected function getSignature($stringToSign)
 {
     // Generate a new Certificate Signing Request and public/private keypair
     $csr = openssl_csr_new(array(), $keypair);
     // Create the self-signed certificate
     $x509 = openssl_csr_sign($csr, null, $keypair, 1);
     openssl_x509_export($x509, $certificate);
     // Create the signature
     $privateKey = openssl_get_privatekey($keypair);
     openssl_sign($stringToSign, $signature, $privateKey);
     // Free the openssl resources used
     openssl_pkey_free($keypair);
     openssl_x509_free($x509);
     return array(base64_encode($signature), $certificate);
 }
开发者ID:njbhatt18,项目名称:Amazon_API,代码行数:15,代码来源:MessageValidatorTest.php

示例14: __destruct

 public function __destruct()
 {
     openssl_x509_free($this->x509Cert);
 }
开发者ID:kgilden,项目名称:php-digidoc,代码行数:4,代码来源:Cert.php

示例15: __destruct

 public function __destruct()
 {
     if ($this->certResource) {
         openssl_x509_free($this->certResource);
     }
     $this->certResource = null;
     $this->publicKey = null;
     $this->clearText = null;
 }
开发者ID:ntthanh,项目名称:crypto,代码行数:9,代码来源:X509Certificate.class.php


注:本文中的openssl_x509_free函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。