[英]Parsing X509 certificate
我想在php中解析X.509證書。
證書采用DER編碼的X.509格式。
我嘗試在php中使用openssl_x509_parse method
,但它不起作用。 證書數據是在mdm中為CertificateList觸發命令后收到的有效數據。
我使用以下代碼:
$data = 'MIIDizCCAnMCCQDCpCAUbA2P4TANBgkqhkiG9w0BAQUFADBrMSIw
IAYDVQQKDBkqLnNtYXJ0c291cmNpbmdnbG9iYWwubmV0MSEwHwYD
VQQLDBhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxIjAgBgNVBAMM
GSouc21hcnRzb3VyY2luZ2dsb2JhbC5uZXQwHhcNMTIwNTI5MTM1
NTU0WhcNMTMwNTI5MTM1NTU0WjCBozELMAkGA1UEBhMCTlkxCzAJ
BgNVBAgTAk5KMQswCQYDVQQHEwJOSjEiMCAGA1UEChMZU21hcnRz
b3VyY2luZyBHbG9iYWwgSU5DLjEPMA0GA1UECxMGTW9iaWxlMRYw
FAYDVQQDEw1TbWl0YSBZZWRla2FyMS0wKwYJKoZIhvcNAQkBFh5z
bWl0YXlAc21hcnRzb3VyY2luZ2dsb2JhbC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHDx238L+j6fA9h9lNnrl5
f/wXZoWWw72rChisVOszBl8uoT6DATngvCdBPJgJP/ddpAzJnFWW
N8bCbB+88siae2kO2a6mg3+NPNRUqpOJOpPIrWlgS5qf9Gs6WQi3
DRJvLSZ3uoalAvSpfveCbuHW0yFuzvnriwV3phd9fVbORi+qNW/b
RofF1PjA+Bx8E2WfNUTHL71K+pfbVvCV1E5bQNrz6mpbRbzNThQz
y92Y/Lp4VW/AYK6Jk6davxNcKSbTk/pHYNTD8Y/g1l1xhY3YpXfD
xhehEL9/1LmwpmG+JZcmjIQX6LzBoUHbRrmsV8magfZ/cODR3/YY
qfu6QnVLAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAEH3LA7IpfRb
ylzHjm4DmiTYMMoTKV8I3VX98F2DQEZ0S7OTT2xA7qnyeHDUUAMw
Amx/v/PS1fWNzFoD3DaAZlRvkd0LD9bPA3bXnzPrX90o2e9Y+4UY
iy1LvPRiwqoLiOikpxBI3ZVhBqQpYBvw2xedFCEFwlhz7QcfdpRl
1XNWedpHT+icGrn/h12SJvL5FTFAh2LapRXb5EmT2mbFVAIqfW2Q
IRCDpyrPxX+61p4wvyJ0SP1EoEvbtMmeRfpyuKKhWlYTqmuOOYU2
8C2REc5qhPkbSDdGpeme0w/hPlwG6+0UEXHUeArSKlQOM/YR4vao
OKwh1dJL4RZWgmwwHq9=';
$fp = fopen('cert.txt','w+');
fwrite($fp, 'data=>'.openssl_x509_parse($data,true));
fclose($fp);
那么你的證書缺少PEM封閉。 如果您將這些BEGIN CERTIFICATE
和END CERTIFICATE
標記添加到您的證書,它應該工作:
<?php
$data = // ... your certificate
// Add the missing PEM-enclosing
$x509Data =
"-----BEGIN CERTIFICATE-----\n"
. $data
. "\n-----END CERTIFICATE-----";
// this is the same but I've added "print_r" so it is nicely formated
$fp = fopen('cert.txt','w+');
fwrite($fp, 'data=>'.print_r(openssl_x509_parse($x509Data,true), true));
fclose($fp);
phpseclib是一個純PHP X.509解析器 ,可以處理你的字符串,而不需要將它封裝在任何東西中。 例如。
<?php
include('File/X509.php');
$x509 = new File_X509();
$cert = $x509->loadX509('MIIDizCCAnMCCQDCpCAUbA2P4TANBgkqhkiG9w0BAQUFADBrMSIw
IAYDVQQKDBkqLnNtYXJ0c291cmNpbmdnbG9iYWwubmV0MSEwHwYD
VQQLDBhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxIjAgBgNVBAMM
GSouc21hcnRzb3VyY2luZ2dsb2JhbC5uZXQwHhcNMTIwNTI5MTM1
NTU0WhcNMTMwNTI5MTM1NTU0WjCBozELMAkGA1UEBhMCTlkxCzAJ
BgNVBAgTAk5KMQswCQYDVQQHEwJOSjEiMCAGA1UEChMZU21hcnRz
b3VyY2luZyBHbG9iYWwgSU5DLjEPMA0GA1UECxMGTW9iaWxlMRYw
FAYDVQQDEw1TbWl0YSBZZWRla2FyMS0wKwYJKoZIhvcNAQkBFh5z
bWl0YXlAc21hcnRzb3VyY2luZ2dsb2JhbC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHDx238L+j6fA9h9lNnrl5
f/wXZoWWw72rChisVOszBl8uoT6DATngvCdBPJgJP/ddpAzJnFWW
N8bCbB+88siae2kO2a6mg3+NPNRUqpOJOpPIrWlgS5qf9Gs6WQi3
DRJvLSZ3uoalAvSpfveCbuHW0yFuzvnriwV3phd9fVbORi+qNW/b
RofF1PjA+Bx8E2WfNUTHL71K+pfbVvCV1E5bQNrz6mpbRbzNThQz
y92Y/Lp4VW/AYK6Jk6davxNcKSbTk/pHYNTD8Y/g1l1xhY3YpXfD
xhehEL9/1LmwpmG+JZcmjIQX6LzBoUHbRrmsV8magfZ/cODR3/YY
qfu6QnVLAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAEH3LA7IpfRb
ylzHjm4DmiTYMMoTKV8I3VX98F2DQEZ0S7OTT2xA7qnyeHDUUAMw
Amx/v/PS1fWNzFoD3DaAZlRvkd0LD9bPA3bXnzPrX90o2e9Y+4UY
iy1LvPRiwqoLiOikpxBI3ZVhBqQpYBvw2xedFCEFwlhz7QcfdpRl
1XNWedpHT+icGrn/h12SJvL5FTFAh2LapRXb5EmT2mbFVAIqfW2Q
IRCDpyrPxX+61p4wvyJ0SP1EoEvbtMmeRfpyuKKhWlYTqmuOOYU2
8C2REc5qhPkbSDdGpeme0w/hPlwG6+0UEXHUeArSKlQOM/YR4vao
OKwh1dJL4RZWgmwwHq9=');
print_r($cert);
?>
它總體來說也更加通用。 與OpenSSL一樣, 每行需要64個字符長且不再長 。 phpseclib otoh不關心。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.