/** * @param string $keyFile - path to key file * @param string $certFile - path to certificate chain file * @throws \Exception */ private function initialize($keyFile, $certFile) { if (false === file_exists($keyFile)) { throw new \InvalidArgumentException('Private key file does not exist'); } if (false === file_exists($certFile)) { throw new \InvalidArgumentException('Certificate file does not exist'); } if ('x509+sha256' === $this->type && !$this->supportsSha256()) { throw new \Exception('Server does not support x.509+SHA256'); } $chain = $this->fetchChain($certFile); if (!is_array($chain) || count($chain) === 0) { throw new \RuntimeException('Certificate file contains no certificates'); } foreach ($chain as $cert) { $this->certificates->addCertificate($cert); } $pkeyid = openssl_get_privatekey(file_get_contents($keyFile)); if (false === $pkeyid) { throw new \InvalidArgumentException('Private key is invalid'); } $this->privateKey = $pkeyid; $this->algoConst = $this->type === 'x509+sha256' ? OPENSSL_ALGO_SHA256 : OPENSSL_ALGO_SHA1; }
/** * @param string $type * @param string $keyFile * @param string $certFile * @throws \InvalidArgumentException * @throws \Exception */ public function __construct($type = 'none', $keyFile = '', $certFile = '') { if (false === in_array($type, ['none', 'x509+sha1', 'x509+sha256'])) { throw new \InvalidArgumentException('Invalid BIP70 signature type'); } $this->type = $type; $this->certificates = new X509CertificatesBuf(); if ($type !== 'none') { if (false === file_exists($keyFile)) { throw new \InvalidArgumentException('Private key file does not exist'); } if (false === file_exists($certFile)) { throw new \InvalidArgumentException('Certificate file does not exist'); } if ('x509+sha256' == $type and !defined('OPENSSL_ALGO_SHA256')) { throw new \Exception('Server does not support x.509+SHA256'); } $chain = $this->fetchChain($certFile); if (!is_array($chain) || count($chain) == 0) { throw new \RuntimeException('Certificate file contains no certificates'); } foreach ($chain as $cert) { $this->certificates->addCertificate($cert); } $pkeyid = openssl_get_privatekey(file_get_contents($keyFile)); if (false === $pkeyid) { throw new \InvalidArgumentException('Private key is invalid'); } $this->privateKey = $pkeyid; $this->algoConst = $type == 'x509+sha256' ? OPENSSL_ALGO_SHA256 : OPENSSL_ALGO_SHA1; } }