public static loadFromX5C ( array $x5c ) : array | ||
$x5c | array | |
return | array |
public static function loadFromX5C(array $x5c)
{
$certificate = null;
$last_issuer = null;
$last_subject = null;
foreach ($x5c as $cert) {
$current_cert = '-----BEGIN CERTIFICATE-----' . PHP_EOL . $cert . PHP_EOL . '-----END CERTIFICATE-----';
$x509 = openssl_x509_read($current_cert);
if (false === $x509) {
$last_issuer = null;
$last_subject = null;
break;
}
$parsed = openssl_x509_parse($x509);
openssl_x509_free($x509);
if (false === $parsed) {
$last_issuer = null;
$last_subject = null;
break;
}
if (null === $last_subject) {
$last_subject = $parsed['subject'];
$last_issuer = $parsed['issuer'];
$certificate = $current_cert;
} else {
if (json_encode($last_issuer) === json_encode($parsed['subject'])) {
$last_subject = $parsed['subject'];
$last_issuer = $parsed['issuer'];
} else {
$last_issuer = null;
$last_subject = null;
break;
}
}
}
Assertion::false(null === $last_issuer || json_encode($last_issuer) !== json_encode($last_subject), 'Invalid certificate chain.');
return self::loadKeyFromCertificate($certificate);
}
/** * {@inheritdoc} */ public static function createFromX5C(array $x5c, array $additional_values = []) { $values = KeyConverter::loadFromX5C($x5c); $values = array_merge($values, $additional_values); return new JWK($values); }