📌  相关文章
📜  PHP openssl_pkcs12_export_to_file()函数

📅  最后修改于: 2022-05-13 01:56:36.589000             🧑  作者: Mango

PHP openssl_pkcs12_export_to_file()函数

openssl_pkcs12_export_to_file()函数是PHP中的一个内置函数,用于将 x509 存储到一个以 PKCS#12 文件格式命名的文件中。 PKCS12 是公钥加密标准,它定义了用于存储服务器证书的存档文件格式。

句法: 

bool openssl_pkcs12_export_to_file( mixed $x509, string $filename,
        mixed $priv_key, string $pass [, array $args ])

参数:该函数接受上面提到的两个参数,如下所述:

  • $x509:此参数是定义公钥证书格式的标准。
  • $filename:这个参数是输出文件的路径。
  • $priv_key:该参数用于匹配甜点“priv_key”的私钥。私钥是 PKCS #12 文件的一个组件。
  • $pass:该参数用于解锁PKCS#12文件的加密密码。
  • $args:这个参数代表参数和变量,它们是代表其他东西的值。

返回值:此函数在成功时返回 TRUE,在失败时返回 FALSE。

下面的程序说明了PHP中的openssl_pkcs12_export_to_file()函数:

程序:

PHP
 'xx',
    "stateOrProvinceName" => 'uttar prradesh',
    "localityName" => 'varanasi',
    "organizationName" => 'geeksforgeeks',
    "organizationalUnitName" => 'geeks team',
    "commonName" => 'people',
    "emailAddress" => 'user@geeks.com'
);
   
$privateKeyPass = 'abcd1234';
$numberOfDays   = 108;
   
$privateKey = openssl_pkey_new();
$csr = openssl_csr_new($dn, $privateKey);
   
// Create a csr file, change null
// to a filename to save
$sscert = openssl_csr_sign($csr, 
    null, $privateKey, $numberOfDays);
   
// On success $publicKey will 
// hold the PEM content 
openssl_x509_export($sscert, $publicKey);
   
// Export the privateKey as a PEM content
openssl_pkey_export($privateKey, 
        $privateKey, $privateKeyPass);
   
$filename = dirname(__FILE__) 
        . '/certificate.pfx';
   
// Parses the $privateKey and used 
// by openssl_pkcs12_export_to_file
$key = openssl_pkey_get_private(
    $privateKey, $privateKeyPass);
   
// Save the pfx file to $filename
openssl_pkcs12_export_to_file($sscert, 
    $filename, $key, $privateKeyPass);
?>

输出: 

people
Identity: people
Verified by: people
Expires: Wednesday 16 December 2020

Subject Name
C (Country): xx
ST (State): uttar prradesh
L (Locality): varanasi
O (Organization): geeksforgeeks
OU (Organizational Unit): geeks team
CN (Common Name): people
EMAIL (Email Address): user@geeks.com
Issuer Name
C (Country): xx
ST (State): uttar prradesh
L (Locality): varanasi
O (Organization): geeksforgeeks
OU (Organizational Unit): geeks team
CN (Common Name): people
EMAIL (Email Address): user@geeks.com
Issued Certificate
Version: 3
Serial Number: 00
Not Valid Before: 2020-08-30
Not Valid After: 2020-12-16
Certificate Fingerprints
SHA1: 95 D9 8E BB C0 9A 6D 33 C7 98 07 B9 36 F7 12 8E BB 54 4B 50
MD5: 64 7D 63 13 EB 80 55 C2 9D F8 41 DF 0E 7E 75 54
Public Key Info
Key Algorithm: RSA
Key Parameters: 05 00
Key Size: 2048
Key SHA1 Fingerprint: 25 F6 E2 26 5E 1E 7D B1 10 82 02 9D F3 05 1A 72 3B C4 9B 7C
Public Key: 30 82 01 0A 02 82 01 01 00 C4 CC 93 62 F9 D2 C9 39 5F F1 15 13 A2 2D 34 93 4C AD 45 E8 7E AE CE 24
 C6 FA 2B 99 6B FE B7 F7 30 D6 95 DA 3A 1C FB 1E BC 8F A6 C6 9D A4 03 3E 46 16 56 AB A5 78 32 2A C3 D3 FA 79 C
 3 5B 38 02 07 22 E6 6C 51 C9 B9 5C 44 AE 65 D3 0F ED F9 80 F4 1D 01 66 11 8A E1 78 55 DA C2 2E 72 3E 8E D3 D2
  CB 4C 40 0B 0E 55 BD EF 26 A1 21 E7 62 43 39 4B EF EE EB 85 40 11 E3 A9 44 D8 B2 FB 1B 46 13 1E 25 A0 8E 9D 
  F3 BA 1B F7 80 A8 1A 87 97 20 CE C0 1E 45 11 9A 94 F0 68 71 BA 7B 86 5F A8 55 69 E8 D4 C1 D0 E0 75 72 7E 3E 
  A1 6D B4 8B 2A 8C D2 69 2D E2 F8 F4 09 8A 8B 42 1E 1B C1 93 66 06 A8 AD FF 31 3F E5 D9 10 07 A8 AC 7E B9 69 
  9E CA 67 1B 83 99 5E 3E 58 26 28 60 A5 BC 45 92 4A C4 A3 16 6B 33 62 E4 AA 77 FA 28 90 01 40 2F 0E 7D D8 B7 
  3C E9 A6 B3 25 DB 07 E1 0F D6 CE 0E B4 42 B3 02 03 01 00 01
Subject Key Identifier
Key Identifier: 03 D6 83 8F E6 36 C2 08 39 F5 2B 0C D2 FA 17 3C 21 32 C6 EF
Critical: No
Extension
Identifier: 2.5.29.35
Value: 30 16 80 14 03 D6 83 8F E6 36 C2 08 39 F5 2B 0C D2 FA 17 3C 21 32 C6 EF
Critical: No
Basic Constraints
Certificate Authority: Yes
Max Path Length: Unlimited
Critical: Yes
Signature
Signature Algorithm: SHA1 with RSA
Signature Parameters: 05 00
Signature: B2 D0 04 4E 62 8F 8F 30 7D 19 62 6E AB 6F AC 01 0A 2C 11 A6 19 09 73 21 35 74 89 3A ED CB 91 2E E4
 50 77 CC 1A E9 7E 43 B5 E6 83 6F 3E EC 0F 5A 91 EB C4 99 37 08 76 12 2D 26 95 AD F6 7B A7 3F 42 CE 4F 5E 1A 
 C6 DD 71 66 73 30 2A 87 FB CC BE 7C B9 82 AA 09 AE 88 EC D4 C4 78 20 6B FA 08 B4 65 C3 D1 1D BB 78 B9 4B B2 
 E7 00 3C 62 4B EF 74 4B 2D BE 15 BD E1 A0 DE 9B 82 2B 24 F8 01 CD 90 30 C9 2F 87 6C B5 85 54 84 F3 7F A4 5C 
 3F 74 22 B1 3E 60 DB 81 4C C1 23 52 00 FD 4D 53 F3 02 17 EE AE E8 1F 24 02 81 DF B7 49 EA 8B 93 41 78 DA 4D 
 9E 34 B2 F4 E0 68 69 AA A9 0E ED 17 04 EA 6F FD C2 27 96 BC 1C A2 53 E8 80 AE 51 D1 F2 00 34 44 A0 5E AE F4 
 35 E4 CB 1D 61 F8 CB 25 B4 28 7C 7A 5C 82 8A 08 7B A2 DB E9 BA 67 CC FB C6 34 D3 D5 2D 8C C6 12 7F 5C BF 18 
 FA 7D CA 40 67 17 15


certificate.pfx
Private RSA Key
Strength: 2048 bits

Algorithm: RSA
Size: 2048
Fingerprints
SHA1: 25 F6 E2 26 5E 1E 7D B1 10 82 02 9D F3 05 1A 72 3B C4 9B 7C
SHA256: D8 63 1A 26 8D AE 7D 56 67 48 6E AA D3 8D B1 D7 8F 4A C2 C4 D6 D8 58 BA 32 53 AB D1 93 72 40 6F

参考: https://www. PHP.net/manual/en/函数.openssl-pkcs12-export-to-file。 PHP