Spomky-Labs/Pki-Framework 是一个用于管理公钥基础设施(PKI)的开源框架,旨在简化证书的生成、管理和验证过程。以下是如何高效、安全地使用该框架的指南。
首先,确保你的开发环境满足以下要求: - PHP 7.4 或更高版本 - Composer(PHP 依赖管理工具)
使用 Composer 安装 Spomky-Labs/Pki-Framework:
composer require spomky-labs/pki-framework
生成 RSA 或 ECDSA 密钥对:
use SpomkyLabs\Pki\CryptoTypes\Asymmetric\PrivateKey;
use SpomkyLabs\Pki\CryptoTypes\Asymmetric\PublicKey;
$privateKey = PrivateKey::generateRSA(2048);
$publicKey = $privateKey->publicKey();
生成自签名证书:
use SpomkyLabs\Pki\X509\Certificate\TBSCertificate;
use SpomkyLabs\Pki\X509\Certificate\Validity;
use SpomkyLabs\Pki\X509\Certificate\Certificate;
$validity = Validity::fromStrings('now', '+365 days');
$tbsCert = TBSCertificate::create('CN=example.com', $publicKey, $validity);
$certificate = Certificate::create($tbsCert, $privateKey);
生成 CSR:
use SpomkyLabs\Pki\X509\CertificationRequest\CertificationRequestInfo;
use SpomkyLabs\Pki\X509\CertificationRequest\CertificationRequest;
$csrInfo = CertificationRequestInfo::create('CN=example.com', $publicKey);
$csr = CertificationRequest::create($csrInfo, $privateKey);
验证证书的有效性:
use SpomkyLabs\Pki\X509\Certificate\Certificate;
use SpomkyLabs\Pki\CryptoTypes\Asymmetric\PublicKey;
$certificate = Certificate::fromPEM($pemData);
$publicKey = PublicKey::fromPEM($publicKeyPem);
if ($certificate->verify($publicKey)) {
echo "证书有效";
} else {
echo "证书无效";
}
通过以上步骤,你可以高效、安全地管理公钥基础设施,确保系统的安全性和可靠性。