| public static loadFromX5C ( array $x5c ) : array | ||
| $x5c | array | |
| return | array | |
public static function loadFromX5C(array $x5c)
{
$certificate = null;
$last_issuer = null;
$last_subject = null;
foreach ($x5c as $cert) {
$current_cert = '-----BEGIN CERTIFICATE-----' . PHP_EOL . $cert . PHP_EOL . '-----END CERTIFICATE-----';
$x509 = openssl_x509_read($current_cert);
if (false === $x509) {
$last_issuer = null;
$last_subject = null;
break;
}
$parsed = openssl_x509_parse($x509);
openssl_x509_free($x509);
if (false === $parsed) {
$last_issuer = null;
$last_subject = null;
break;
}
if (null === $last_subject) {
$last_subject = $parsed['subject'];
$last_issuer = $parsed['issuer'];
$certificate = $current_cert;
} else {
if (json_encode($last_issuer) === json_encode($parsed['subject'])) {
$last_subject = $parsed['subject'];
$last_issuer = $parsed['issuer'];
} else {
$last_issuer = null;
$last_subject = null;
break;
}
}
}
Assertion::false(null === $last_issuer || json_encode($last_issuer) !== json_encode($last_subject), 'Invalid certificate chain.');
return self::loadKeyFromCertificate($certificate);
} /**
* {@inheritdoc}
*/
public static function createFromX5C(array $x5c, array $additional_values = [])
{
$values = KeyConverter::loadFromX5C($x5c);
$values = array_merge($values, $additional_values);
return new JWK($values);
}