Kelunik\Acme\OpenSSLKeyGenerator::generate PHP Метод

Документация по классу OpenSSLKeyGenerator Usage Examples Of Kelunik\Acme\OpenSSLKeyGenerator::generate Показать файл Открыть проект

generate() публичный Метод

Generates a new key pair with the given length in bits.
public generate ( integer $bits = 2048 ) : KeyPair
$bits integer length of the key
Результат KeyPair generated key pair 
    public function generate($bits = 2048)
    {
        if (!is_int($bits)) {
            throw new \InvalidArgumentException(sprintf("\$bits must be of type int, %s given", gettype($bits)));
        }
        if ($bits < 2048) {
            throw new \InvalidArgumentException("Keys with fewer than 2048 bits are not allowed!");
        }
        $configFile = __DIR__ . "/../res/openssl.cnf";
        if (class_exists("Phar") && !empty(Phar::running(true))) {
            $configContent = file_get_contents($configFile);
            $configFile = tempnam(sys_get_temp_dir(), "acme_openssl_");
            file_put_contents($configFile, $configContent);
        }
        $res = openssl_pkey_new(["private_key_type" => OPENSSL_KEYTYPE_RSA, "private_key_bits" => $bits, "config" => $configFile]);
        $success = openssl_pkey_export($res, $privateKey, null, ["config" => $configFile]);
        if (!$success) {
            openssl_pkey_free($res);
            throw new \RuntimeException("Key export failed!");
        }
        if (class_exists("Phar") && !empty(Phar::running(true)) && file_exists($configFile)) {
            unlink($configFile);
        }
        $publicKey = openssl_pkey_get_details($res)["key"];
        openssl_pkey_free($res);
        // clear error buffer, because of minimalistic openssl.cnf
        while (openssl_error_string() !== false) {
        }
        return new KeyPair($privateKey, $publicKey);
    }

Usage Example

Пример #1
0
 private function doLoadKeyPair(string $path) : Generator
 {
     $privateExists = (yield exists("{$path}/private.pem"));
     $publicExists = (yield exists("{$path}/public.pem"));
     $lockExists = (yield exists("{$path}/key.lock"));
     if ($privateExists && $publicExists) {
         while ($lockExists) {
             (yield new Pause(500));
             $lockExists = (yield exists("{$path}/key.lock"));
         }
         return new KeyPair((yield get("{$path}/private.pem")), (yield get("{$path}/public.pem")));
     }
     $lock = new Lock("{$path}/key.lock");
     try {
         $lock->acquire();
         $gen = new OpenSSLKeyGenerator();
         $keyPair = $gen->generate(4096);
         (yield put("{$path}/private.pem", $keyPair->getPrivate()));
         (yield put("{$path}/public.pem", $keyPair->getPublic()));
         return $keyPair;
     } catch (Exception $e) {
         do {
             (yield new Pause(500));
             $lockExists = (yield exists("{$path}/key.lock"));
         } while ($lockExists);
         return new KeyPair((yield get("{$path}/private.pem")), (yield get("{$path}/public.pem")));
     } finally {
         $lock->release();
         unlink("{$path}/key.lock");
         // do not yield in finally!
     }
 }
OpenSSLKeyGenerator
generate