phpseclib使用自己的CA签署CSR

时间:2012-12-17 15:37:56

标签: php ssl certificate phpseclib

我想与我的CA签署CSR。我从phpseclib: X.509 Examples

中获取了此代码的部分内容 
<?php
include('File/X509.php');
include('Crypt/RSA.php');
$c = $_POST['csr'];

$CAPrivKey = new Crypt_RSA();
$CAPrivKey->setPassword('PrivatePassword');
$CAPrivKey->loadKey("-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,47EF178926906B55

lVtuTcJ1etpRaUT9086Vm5dsop8o5D92VVubcyhI268ZG4frRCBR4yuyORp+zdS2
[...]
gyx636VRV7aekLc6IFHJ56MzZRA/23izSooWqAJLTGEBrc4CWuodj9cc/+p3+9zC
-----END RSA PRIVATE KEY-----
");

$issuer = new File_X509();
$issuer->setPrivateKey($CAPrivKey);
$issuer->loadX509("-----BEGIN CERTIFICATE-----
MIIK0zCCBrugAwIBAgIJAPzTFDuzmcUcMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD
[...]
6F5Ji6w2IfD6xFhgvyTmqYgsae3+DEX6TAJosaI0EJQz6vYeubQb
-----END CERTIFICATE-----
");


$subject = new File_X509();

$subject->loadCSR($c); 


$x509 = new File_X509();
$x509->setStartDate('-1 month');
$x509->setEndDate('+1 year');

$result = $x509->sign($issuer, $subject);

echo $x509->saveX509($result);
?>

在$ csr中我用这种方式编写了CSR格式:

-----开始证书申请----- MIGYMIGFAgAwbzELMAkGA1UEBgwCUEwxCjAIBgNVBAgMAS4xETAPBgNVBAcMCExlb2Frd2RhMQow [...] dGVzdC5wbDAQMAsGCSqGSIb3DQEBAQMBADALBgkqhkiG9w0BAQUDAQA = -----结束证书请求-----

此代码给出了错误:Fatal error: Maximum execution time of 30 seconds exceeded in D:\wamp\www\Math\BigInteger.php on line 1659

1 个答案:

答案 0 :(得分:3)

关键是多少位?你有安装gmp或bcmath或openssl吗?如果它们可用,Phpseclib会使用其中的每一个加速,如果没有,它将使用它自己的内部实现,这是最慢的。根据{{​​3}},旧版本的php上的纯PHP实现即使使用2048位密钥也需要很长时间。

相关问题
最新问题