PHP 8.4.0 RC4 available for testing

    openssl_pkey_get_public

    (PHP 4 >= 4.2.0, PHP 5, PHP 7, PHP 8)

    openssl_pkey_get_publicExtrai a chave pública do certificado e prepara-a para uso

    Descrição

    openssl_pkey_get_public(OpenSSLAsymmetricKey|OpenSSLCertificate|array|string $public_key): OpenSSLAsymmetricKey|false

    openssl_pkey_get_public() extrai a chave pública de public_key e prepara-a para uso por outras funções.

    Parâmetros

    public_key

    public_key pode ser uma das seguintes opções:

    1. uma instância de OpenSSLAsymmetricKey
    2. uma string no formato file://caminho/para/arquivo.pem. O arquivo precisa conter uma chave pública ou certificado (pode conter ambos) codificados em PEM.
    3. Uma chave pública no formato PEM.

    Valor Retornado

    Retorna uma instância de OpenSSLAsymmetricKey em caso de sucesso ou false em caso de erro.

    Registro de Alterações

    Versão Descrição
    8.0.0 Em caso de sucesso, esta função retorna uma instância OpenSSLAsymmetricKey agora; anteriormente, retornava um resource do tipo OpenSSL key.
    8.0.0 public_key agora aceita uma instância de OpenSSLAsymmetricKey ou OpenSSLCertificate; anteriormente, um resource do tipo OpenSSL key ou OpenSSL X.509 era aceito.

    Melhore Esta Página

    Aprenda Como Melhorar Esta PáginaEnvie uma Solicitação de ModificaçãoReporte um Problema
    adicione uma nota

    Notas Enviadas por Usuários (em inglês) 7 notes

    up
    10
    info at steyla dot com
    13 years ago
    If you are trying to read a PKCS#1 RSA public key you run into trouble, because openssl wants the public key in X.509 style.

    The PKCS#1 RSA public key

    -----BEGIN RSA PUBLIC KEY-----
    MIIBCgKCAQEAgYxTW5Yj+5QiQtlPMnS9kqQ/HVp+T2KtmvShe68cm8luR7Dampmb
    [...]
    cbn6n2FsV91BlEnrAKq65PGJxcwcH5+aJwIDAQAB
    -----END RSA PUBLIC KEY-----

    .. is not readable while the X.509 style public key

    -----BEGIN PUBLIC KEY-----
    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYxTW5Yj+5QiQtlPMnS9
    [..]
    JwIDAQAB
    -----END PUBLIC KEY-----

    is. You can use an easy (and dirty) work around to read the PKCS#1 RSA anyway. The first few bytes of the X.509 style public key contain header information and can shamelessly be copied.

    In other words: Delete everything after the first 32 bytes from the above X.509 key (starting behind Q8A) and attach your PKCS#1 data, reformat to 64 bytes length and use it with openssl.

    Please note: The above example only works for 2048 bit length.

    Like I said - it's kind of dirty - but hey - if you're as desperate as I was.

    Michaela
    up
    3
    Joey
    8 years ago
    I spent a few hours raging with this function and hitting my head on the desk trying to get it to load a public PEM key.

    This function can leave errors in openssl_error_string even if it succeeded so this can cause a lot of confusion further down. Especially if you're prototyping and haven't put full checks on return values in yet. The error will not be cleared either when calling other functions successfully.

    To avoid confusion, you should always check the return result and only call openssl_error_string after calling an openssl function that returned failure (false).
    up
    2
    Anonymous
    17 years ago
    you can get (and save to file) public key using openssl_pkey_get_details(resource $key ) function:

    <?php
    $pub_key     = openssl_pkey_get_public(file_get_contents('./cert.crt'));
    $keyData = openssl_pkey_get_details($pub_key);
    file_put_contents('./key.pub', $keyData['key']);
    ?>
    up
    0
    GeniusLe at zslm dot org
    4 years ago
    You may need to export a public key from the private key, because the public key provided by the key generated by other tools is in pem format, and we need openssh format

    ```
    <?php
    $public     = openssl_pkey_get_details(openssl_pkey_get_private(OPENSSL_USER_PRIVATE_KYE))['key'];

    // save $public

    ```
    up
    0
    Anonymous
    20 years ago
    This documentation notes it can take a PEM-formatted private key, but as per bug #25614, this is not possible in any form. The function simply returns a FALSE.

    The only thing you can get public keys out of are X.509 certificates.

    Furthermore, there is NO way to export a public key into a PEM-encoded form.
    up
    -3
    dankybastard at hotmail
    19 years ago
    You must also use the string representation of the certificate to get the public key resource:

    $dn = array(); // use defaults
    $res_privkey = openssl_pkey_new();
    $res_csr = openssl_csr_new($dn, $res_privkey);
    $res_cert = openssl_csr_sign($res_csr, null, $res_privkey, $ndays);

    openssl_x509_export($res_cert, $str_cert);

    $res_pubkey = openssl_pkey_get_public($str_cert);
    up
    -5
    VaD
    16 years ago
    Small error in this code:

    $pub_key = openssl_pkey_get_public(file_get_contents('./cert.crt'));
    $keyData = openssl_pkey_get_details($pub_key);
    file_put_contents('./key.pub', $keyData['key']);
    adicione uma nota
    To Top