Skip to content

Latest commit

 

History

History
178 lines (140 loc) · 3.73 KB

README.md

File metadata and controls

178 lines (140 loc) · 3.73 KB
Raw

php-openssl-proxy

About

A PHP wrapper around the OpenSSL extension that provides a user-friendly interface for dealing with OpenSSL.

What's up with the "proxy" name?

It is simply an analogy of the role of a proxy server - which acts as an intermediary.

Features

Create X.509, CSRs and CRLs certificates, Create RSA, HD and DSA keys, Generate and verify signatures, Encoding and decoding, Parsing x509 certificate.

Requirements

This library needs PHP 8 or greater, ext-openssl.

Installation

composer require adaopedro/php-openssl-proxy @dev

Example Usage

Creating a Self-Signed Certificate

use AdaoPedro\OpenSSLProxy\SSCertificate;

$ssCertificate = (new SSCertificate(
    days: 365, //expiration
))->setDistinguishNames(
        countryName: "AO",
        stateOrProvinceName: "Angola",
        localityName: "Luanda",
        organizationName: "A Pedro Developers (SU), Lda",
        organizationalUnitName: "AP",
        commonName: "apedrodevelopers",
        emailAddress: "contato@apdev.ao"
);

try {
    $ssCertificate->save();
} catch(\Exception $ex) {
    echo $ex->getMessage() . PHP_EOL;
}

Creating a CA-Signed Certificate

use AdaoPedro\OpenSSLProxy\CASCertificate;

$certificate = (new CASCertificate(
    days: 365, //expiration
    rootCertificate: $rootCertificate, //an instance of a Self-Signed Certificate, for example
))->setDistinguishNames(
        //...
);

try {
    $certificate->save();
} catch(\Exception $ex) {
    echo $ex->getMessage() . PHP_EOL;
}

Exporting a certificate as a string

//$certificate => an instance of SS or CAS Certificate
echo $certificate->getx509();

Exporting a certificate as an PHP OpenSSLCertificate object

//$certificate => an instance of SS or CAS Certificate
var_dump(
    $certificate->get()
);

Exporting public and private keys from a certificate

 //$certificate => an instance of SS or CAS Certificate
var_dump(
    $certificate->getPublicKey(),
);

//$certificate => an instance of SS or CAS Certificate
var_dump(
    $certificate->getPrivateKey(),
);

var_dump(
    $certificate->getPrivateKeyDecrypted() //in case we're working with encrypt_key
);

Generating public and private keys

$pKey = \AdaoPedro\OpenSSLProxy\generateNewPKey();

list($privKey, $pubKey) = \AdaoPedro\OpenSSLProxy\exportKeysFrom($pKey);

echo $pubKey . PHP_EOL;
echo $privKey . PHP_EOL;

Signing

$data = "Hello world!!";

$signature = \AdaoPedro\OpenSSLProxy\getSignatureFrom(
    $data,
    file_get_contents(".../private_key.pem"),
);

Signature verification

$data = "Hello world!!";

echo
\AdaoPedro\OpenSSLProxy\verifySignatureOf(
    $data,
    file_get_contents(".../hash.dat"),
    file_get_contents(".../public_key.pem"),
) === true
? "Verified"
: "Error. Data modified";

Parsing a PHP OpenSSLCertificate certificate object

//$certificate => an instance of SS or CAS Certificate
var_dump(
    $certificate()
);

Checks if a private key corresponds to a certificate

echo
\AdaoPedro\OpenSSLProxy\checkIfPrivateKey(
    file_get_contents(".../private_key.pem")
)->correspondsTo(
    file_get_contents(".../cert.pem")
) === true
? "Yes. It does"
: "No. It does not";

Customizing OpenSSL configurations (in case when we're using certificate generator classes)

use AdaoPedro\OpenSSLProxy\SSCertificate;

//you can find the initial config file in root of lib directory
/*
To customize, just pass the config filename as second parameter to SSCertificate constructor
or third parameter in case of CASCertificate
*/

$certificate = (new SSCertificate(
    days: 365, //expiration
    configFilename: __DIR__ . "/openssl_configs.php"
))->setDistinguishNames(
        //...
);