$rootCertContent
$rootCertContent
extractSignature(string $der = false) : string
Extract signature from der encoded cert.
Expects x509 der encoded certificate consisting of a section container containing 2 sections and a bitstream. The bitstream contains the original encrypted signature, encrypted by the public key of the issuing signer.
string | $der |
on success
getSignatureAlgorithmOid(mixed $der = null) : bool
Get signature algorithm oid from der encoded signature data.
Expects decrypted signature data from a certificate in der format. This ASN1 data should contain the following structure: SEQUENCE SEQUENCE OID (signature algorithm) NULL OCTET STRING (signature hash)
mixed | $der |
false on failures
getSignatureHash(mixed $der = null) : bool
Get signature hash from der encoded signature data.
Expects decrypted signature data from a certificate in der format. This ASN1 data should contain the following structure: SEQUENCE SEQUENCE OID (signature algorithm) NULL OCTET STRING (signature hash)
mixed | $der |
false on failures
isCertSigner(mixed $certPem = null, mixed $caCertPem = null) : bool
Determine if one cert was used to sign another Note that more than one CA cert can give a positive result, some certs re-issue signing certs after having only changed the expiration dates.
mixed | $certPem | |
mixed | $caCertPem |