This library enables you to parse X.509 certificates in order to be able to extract some attributes from it.
Currently the API is very limited and will be expanded based on actual needs API consumers.
For example, to obtain the certificate expiry date from a certificate loaded from a file:
<?php
use fkooman\X509\CertParser;
use fkooman\X509\CertParserException;
try {
$cp = CertParser::fromFile("certificate.pem");
echo date("r", $cp->getNotValidAfter()) . PHP_EOL;
} catch (CertParserException $e) {
echo $e->getMessage();
}
Or from a string:
try {
$cp = new CertParser("MIIDyzCC...CYkxLaPI");
echo date("r", $cp->getNotValidAfter()) . PHP_EOL;
} catch (CertParserException $e) {
echo $e->getMessage();
}
All API calls:
getFingerprint($algorithm = "sha1")
- get the fingerprint of the certificate, by defaultsha1
. Seehash_algos()
in the PHP manual to figure out supported hash algorithmsgetName()
- get the subject DNnotValidBefore()
- get the UNIX timestamp from which the certificate is validnotValidAfter()
- get the UNIX timestamp after which the certificate is no longer validtoDer()
- get the DER encoded certificatetoPem()
- get the certificate as PEMtoBase64()
- get the base64 encoded DER certificate (PEM without headers on one line)isIssuedBy()
- check wheter the current certificate is issued by the provided certificate. WEAK comparison only by comparing DNs, not by verifying signatures
Licensed under the Apache License, Version 2.0;