Gitee
\
Adbar
AlibabaCloud
Tea
Exception
FileForm
FileForm
Tests
Alipay
EasySDK
Base
Image
Models
OAuth
Models
Qrcode
Models
Video
Models
Kernel
Exceptions
Util
Marketing
OpenLife
Models
Pass
Models
TemplateMessage
Models
Member
Identification
Models
Payment
App
Models
Common
Models
FaceToFace
Models
Huabei
Models
Page
Models
Wap
Models
Security
TextRisk
Models
Test
base
image
oauth
video
Base
marketing
openlife
pass
templatemessage
member
identification
multipleFactory
payment
common
facetoface
huabei
security
textrisk
util
generic
Util
AES
Generic
Models
app
controller
middleware
model
validate
BaconQrCode
Common
Encoder
Exception
Renderer
Color
Eye
Image
Module
EdgeIterator
Path
RendererStyle
BaconQrCodeTest
Common
Encoder
BarcodeBakery
Barcode
Common
Drawer
BigintTest
BugHonorFileTimeTest
Complex
Composer
Autoload
DASPRiD
Enum
Exception
EnumTest
Endroid
QrCode
Exception
Factory
Tests
Writer
GuzzleHttp
Cookie
Exception
Handler
Promise
Psr7
JmesPath
Khanamiryan
QrCodeTests
League
Flysystem
Adapter
Polyfill
Cached
Storage
Plugin
Util
MimeTypeDetection
Matrix
Decomposition
Operators
MyCLabs
Enum
PHPUnit
org
PhpOffice
PhpSpreadsheet
Calculation
Database
Engine
Engineering
Internal
Logical
MathTrig
Statistical
Token
Cell
Chart
Renderer
Collection
Document
Helper
Reader
Gnumeric
Ods
Security
Xls
Color
Style
Xlsx
Xml
RichText
Shared
Escher
DgContainer
SpgrContainer
DggContainer
BstoreContainer
BSE
JAMA
OLE
PPS
Trend
Style
ConditionalFormatting
Worksheet
AutoFilter
Column
Drawing
Writer
Ods
Cell
Pdf
Xls
Xlsx
Pimple
Exception
Psr11
Tests
Fixtures
Psr11
Psr
Cache
Container
Http
Client
Message
Log
Test
SimpleCache
Songshenzong
Support
Test
Core
Traits
spec
League
Flysystem
Cached
Stringy
Symfony
Component
OptionsResolver
Debug
Exception
PropertyAccess
Exception
PropertyInfo
DependencyInjection
Extractor
Util
String
Exception
Inflector
Slugger
VarDumper
Caster
Cloner
Command
Descriptor
Dumper
ContextProvider
Exception
Server
Test
Polyfill
Ctype
Intl
Grapheme
Normalizer
Mbstring
Php72
Php73
Php80
think
cache
driver
console
command
make
optimize
input
output
descriptor
driver
formatter
question
contract
db
builder
concern
connector
exception
event
exception
facade
file
filesystem
driver
helper
initializer
log
driver
middleware
model
concern
relation
paginator
driver
response
route
dispatch
service
session
driver
template
driver
exception
taglib
tests
trace
validate
view
driver
ZipStream
Exception
Option
ZipStreamTest
Zxing
Common
Detector
Reedsolomon
Qrcode
Decoder
Detector

\Alipay\EasySDK\Kernel\UtilAntCertificationUtil

Summary

Methods
Properties
Constants
getCertSN()
getPublicKey()
getRootCertSN()
hex2dec()
isTrusted()
verifySignature()
readPemCertChain()
verifyCert()
verifyCertChain()
sortByDn()
isSelfSigned()
array2string()
addressingUp()
addressingDown()
extractSignature()
getSignatureAlgorithmOid()
getSignatureHash()
isCertSigner()
pemToDer()
stripSignerAsn()
No public properties found
No constants found
No protected methods found
No protected properties found
N/A
No private methods found
$rootCertContent
N/A

Properties

$rootCertContent

$rootCertContent

Methods

getCertSN()

getCertSN( $certPath) : string

从证书中提取序列号

Parameters

$certPath

Returns

string —

getPublicKey()

getPublicKey( $certPath) : mixed

从证书中提取公钥

Parameters

$certPath

Returns

mixed —

getRootCertSN()

getRootCertSN( $certPath) : string|null

提取根证书序列号

Parameters

$certPath

string 根证书

Returns

string|null —

hex2dec()

hex2dec( $hex) : int|string

0x转高精度数字

Parameters

$hex

Returns

int|string —

isTrusted()

isTrusted( $alipayCert,  $rootCert) : bool

验证支付宝公钥证书是否可信

Parameters

$alipayCert

支付宝公钥证书
$rootCert

支付宝根证书

Returns

bool —

验证证书是否可信

verifySignature()

verifySignature(mixed  $alipayCert, mixed  $rootCert) : mixed

Parameters

mixed $alipayCert
mixed $rootCert

Returns

mixed —

readPemCertChain()

readPemCertChain(mixed  $cert) : mixed

Parameters

mixed $cert

Returns

mixed —

verifyCert()

verifyCert(mixed  $prev, mixed  $rootCerts) : mixed

Parameters

mixed $prev
mixed $rootCerts

Returns

mixed —

verifyCertChain()

verifyCertChain( $alipayCerts,  $rootCerts) : bool

验证证书链是否是信任证书库中证书签发的

Parameters

$alipayCerts

array 目标验证证书列表
$rootCerts

array 可信根证书列表

Returns

bool —

sortByDn()

sortByDn( $certs) : bool

将证书链按照完整的签发顺序进行排序,排序后证书链为:[issuerA, subjectA]-[issuerA, subjectB]-[issuerB, subjectC]-[issuerC, subjectD].

..

Parameters

$certs

array 证书链

Returns

bool —

isSelfSigned()

isSelfSigned( $cert) : bool

验证证书是否是自签发的

Parameters

$cert

array 目标证书

Returns

bool —

array2string()

array2string(mixed  $array) : mixed

Parameters

mixed $array

Returns

mixed —

addressingUp()

addressingUp( $subjectMap,  $certChain,  $current) : mixed

向上构造证书链

Parameters

$subjectMap

array 主题和证书的映射
$certChain

array 证书链
$current

当前需要插入证书链的证书,include

Returns

mixed —

addressingDown()

addressingDown( $issuerMap,  $certChain,  $current) : mixed

向下构造证书链

Parameters

$issuerMap

签发者和证书的映射
$certChain

证书链
$current

当前需要插入证书链的证书,exclude

Returns

mixed —

extractSignature()

extractSignature(string  $der = false) : string

Extract signature from der encoded cert.

Expects x509 der encoded certificate consisting of a section container containing 2 sections and a bitstream. The bitstream contains the original encrypted signature, encrypted by the public key of the issuing signer.

Parameters

string $der

Returns

string —

on success

getSignatureAlgorithmOid()

getSignatureAlgorithmOid(mixed  $der = null) : bool

Get signature algorithm oid from der encoded signature data.

Expects decrypted signature data from a certificate in der format. This ASN1 data should contain the following structure: SEQUENCE SEQUENCE OID (signature algorithm) NULL OCTET STRING (signature hash)

Parameters

mixed $der

Returns

bool —

false on failures

getSignatureHash()

getSignatureHash(mixed  $der = null) : bool

Get signature hash from der encoded signature data.

Expects decrypted signature data from a certificate in der format. This ASN1 data should contain the following structure: SEQUENCE SEQUENCE OID (signature algorithm) NULL OCTET STRING (signature hash)

Parameters

mixed $der

Returns

bool —

false on failures

isCertSigner()

isCertSigner(mixed  $certPem = null, mixed  $caCertPem = null) : bool

Determine if one cert was used to sign another Note that more than one CA cert can give a positive result, some certs re-issue signing certs after having only changed the expiration dates.

Parameters

mixed $certPem
mixed $caCertPem

Returns

bool —

pemToDer()

pemToDer(mixed  $pem = null) : string

Convert pem encoded certificate to DER encoding

Parameters

mixed $pem

Returns

string —

$derEncoded on success

stripSignerAsn()

stripSignerAsn(string  $der = null) : string

Obtain der cert with issuer and signature sections stripped.

Parameters

string $der
  • der encoded certificate

Returns

string —

$der on success