通过 
搜索
搜索kigkonsult / openssltoolbox
PHP OpenSSL 工具箱
v1.0.1
2021-06-21 11:08 UTC
Requires
- php: >=7.0 <8.0
- ext-openssl: *
- kigkonsult/loggerdepot: >=1.04
- psr/log: >=1.1.0
Requires (Dev)
- fzaninotto/faker: ^v1.8.0
- katzgrau/klogger: 1.2.1
- phpcompatibility/php-compatibility: >=9.3.5
- phpstan/phpstan: >=0.9.3
- phpunit/phpunit: >=6.5.14
- squizlabs/php_codesniffer: >=3.5.5
This package is auto-updated.
Last update: 2024-09-21 18:24:43 UTC
README
提供面向对象、安全且扩展的 PHP OpenSSL 函数访问
构思基础
OpenSSL pkey 函数组装在
- OpenSSLPkeyFactory 类中
OpenSSL CSR 函数组装在
- OpenSSLCsrFactory 类中
OpenSSL x509 函数组装在
- OpenSSLX509Factory 类中
OpenSSL pkcs7 函数组装在
- OpenSSLPkcs7Factory 类中
OpenSSL pkcs12 函数组装在
- OpenSSLPkcs12Factory 类中
OpenSSL spki 函数组装在
- OpenSSLSpkiFactory 类中
其余 OpenSSL 函数组装在
- OpenSSLFactory 类中
断言和方便的盐、base64、hex、pack 工具等方法组装在
- Assert 类中
- 转换类
方法
所有方法都有
- 参数验证,并在错误时抛出 InvalidArgumentException
- 错误处理器保护和结果错误评估,错误时抛出 RuntimeException
方法名称源自 OpenSSL 函数名称
- 例如 'openssl_pkey_export' 封装在方法 OpenSSLPkeyFactory::export() 中
大多数方法(例如设置器)都有更方便且描述性的命名方法别名
- 例如 OpenSSLPkeyFactory::getPrivateKeyAsPemString() 对应 'openssl_pkey_export'
大多数方法(例如设置器)都是可链式的(即返回 'static')
上述 OO 类具有 'factory' 方法,支持 '一行代码',并继承 OpenSSLInterface 中定义的有用常量
消息摘要/ hmac 摘要支持的辅助方法组装在
- HashFactory 类中
- HmacHashFactory 类中
示例用法
生成密钥
<?php namespace Kigkonsult\OpenSSLToolbox; $config = [ OpenSSLPkeyFactory::DIGESTALGO => OPENSSL_ALGO_SHA512, OpenSSLPkeyFactory::PRIVATEKEYBITS => 4096, OpenSSLPkeyFactory::PRIVATEKEYTYPE => OPENSSL_KEYTYPE_RSA, ]; $pKeyFactory = new OpenSSLPkeyFactory( $config ); // Generate a private key $privateKeyString = $pKeyFactory->getPrivateKeyAsPemString(); // Generate a public key $publicKeyString = $pKeyFactory->getPublicKeyAsPemString(); /* // or list( $privateKeyString, $publicKeyString ) = $pKeyFactory->getPrivatePublicKeyPairAsPemStrings(); // or one-liner, all-in-one list( $privateKeyString, $publicKeyString ) = OpenSSLPkeyFactory::factory( $config ) ->getPrivatePublicKeyPairAsPemStrings(); // or to files OpenSSLPkeyFactory::factory( $config ) ->savePrivatePublicKeyPairIntoPemFiles( 'priv.pem', 'pub.pem' ) */ // Distinguished Name or subject fields to be used in the certificate $DN = [ OpenSSLCsrFactory::COUNTRYNAME => "GB", OpenSSLCsrFactory::STATEORPROVINCENAME => "Somerset", OpenSSLCsrFactory::LOCALITYNAME => "Glastonbury", OpenSSLCsrFactory::ORGANIZATIONNAME => "The Brain Room Limited", OpenSSLCsrFactory::ORGANIZATIONUNITNAME => "PHP Documentation Team", OpenSSLCsrFactory::COMMONNAME => "Wez Furlong", OpenSSLCsrFactory::EMAILADDRESS => "wez@example.com" ]; // Generate a certificate signing request $csrFactory = OpenSSLCsrFactory::factory( $DN, $privateKeyString, $config ); $csrCertString = $csrFactory->getCSRasPemString(); // Generate a self-signed cert $x509CertResource = $csrFactory->getX509CertResource( null, $privateKeyString ); $x509Factory = OpenSSLX509Factory::factory() ->setX509Resource( $x509CertResource ); $x509CertString = $x509Factory->getX509CertAsPemString(); /* // or shorter $x509CertString = OpenSSLX509Factory::csrFactory( null, $DN, $privateKeyString, $config ) ->getX509CertAsPemString(); // or save to pem/der-file OpenSSLX509Factory::csrFactory( null, $DN, $privateKeyString, $config ) ->saveX509CertIntoPemFile( 'cert.pem' ); // ->saveX509CertIntoDerFile( 'cert.der' ) */
盖章/打开
<?php ... // Seal data using public key(s) $data = implode( array_fill( 0, 100, 'Testing OpenSSL seal/open, !"#¤%&/()=?. ')); $recipientId = 'The Recipient'; $publicKeys = [ $recipientId => $publicKeyString ]; list( $sealed, $envelopeKeys ) = OpenSSLFactory::getSealedString( $data, $publicKeys ); // Open (decrypted) data using private key $decrypted = OpenSSLFactory::getOpenedSealedString( $sealed, $envelopeKeys[$recipientId], $privateKeyString );
加密/解密
$data = implode( array_fill( 0, 100, 'Testing OpenSSL encrypt/decrypt, !"#¤%&/()=?. ')); $cipher = 'AES-256-ECB'; $passPhrase = Workshop::getSalt(); // encrypt string $encrypted = OpenSSLFactory::getEncryptedString( $data, $cipher, $passPhrase ); // decrypt string $decrypted = OpenSSLFactory::getDecryptedString( $encrypted, $cipher, $passPhrase );
更多加密/解密
$data = 'Testing OpenSSL public/private encrypt/decrypt, !"#¤%&/()=?. '; // Encrypt the data using the PUBLIC key $encrypted = OpenSSLFactory::getpublicKeyEncryptedString( $data, $publicKeyString ); // Decrypt the data using the PRIVATE key $decrypted = OpenSSLFactory::getprivateKeyDecryptedString( $encrypted, $privateKeyString ); // Encrypt the data using the PRIVATE key $encrypted = OpenSSLFactory::getprivateKeyEncryptedString( $data, $privateKeyString ); // Decrypt the data using the PUBLIC key $decrypted = OpenSSLFactory::getpublicKeyDecryptedString( $encrypted, $publicKeyString );
信息
您将在 docs 文件夹中找到
- 类信息
- 方便的常量在 src/OpenSSLInterface
- 测试文件夹中有更多示例。
支持
对于支持,请使用 Github/issues。除非赞助,否则非紧急支持问题将及时修复。
赞助
使用 paypal.me/kigkonsult 进行捐款,我们将非常感激。如需发票,请发送电子邮件。
安装
Composer
从命令行
composer require kigkonsult/openssltoolbox
在您的 composer.json
{
"require": {
"kigkonsult/openssltoolbox": "dev-master"
}
}
获取访问权限
namespace Kigkonsult\OpenSSLToolbox; ... include 'vendor/autoload.php';
或
下载并获取..
namepace Kigkonsult\OpenSSLToolbox; ... include 'pathToSource/OpenSSLToolbox/autoload.php';
测试
cd pathToSource/OpenSSLToolbox
vendor/bin/phpunit
测试在 LOG 模式下执行,要更改,请最后在 phpunit.xml 中更新 PHP const。
注意,这需要一些时间,80% 的覆盖率...
但仍有一些未测试的部分,欢迎帮助。
使用 PHPCompatibility 和 PHPStan 在 PHP 7+ 上断言。
许可
本项目采用 LGPLv3 许可证