Docs For Class Crypt

Class Crypt_KeyStore

Description

<p>This class represents a storage facility for cryptographic keys and certificates.</p>

author: Steve Wamsley <swamsley@gmail.com>
version: Release: @package_version@
copyright: 2008 Katanaa
link: http://phpkeystore.org/Crypt_KeyStore
license: LGPL License 2.1

Located in /Crypt/KeyStore.php (line 45)

Variable Summary

static mixed $DEFAULT_Crypt_KeyStore_TYPE

Method Summary

static string getDefaultType ()

static Crypt_KeyStore getInstance (string $type)

array aliases ()

boolean containsAlias (string $alias)

string createCSR (string $alias, [string $password = false], [array $dn = array()], [array $options = array()])

void createSecretKey (string $alias, [array $password = false], [array $options = array()])

string decrypt (string $encData, string $alias, [string $password = false], [array $options = array()])

void deleteEntry (string $alias)

string encrypt (string $data, string $alias, [string $password = false], [array $options = array()])

boolean entryInstanceOf (string $alias, class $entryClazzName)

string getCertificateAlias (string $cert)

array getCertificateChain (string $alias)

DateTime getCreationDate (string $alias)

Crypt_KeyStore_Entry getEntry (string $alias, [array $options = array()])

string getType ()

void importCertificate (string $cert, string $alias, [string $password = false])

array initializeDn ()

boolean isCertificateEntry (string $alias)

boolean isKeyEntry (string $alias)

void load (string $filename, string $password, [array $options = array()])

string sign (string $data, string $alias, [string $password = false], [array $options = array()])

int size ()

void store (string $filename, string $password, [array $options = array()])

boolean verify (string $data, string $signature, string $alias, [array $options = array()])

Variables

static mixed $DEFAULT_Crypt_KeyStore_TYPE = 'PKS' (line 48)

access: public

Methods

static method getDefaultType (line 103)

Returns the default Crypt_KeyStore type.

return: the default key store type
access: public

static string getDefaultType ()

static method getInstance (line 75)

Returns a Crypt_KeyStore object of the specified type. If an instance of the specified type is not already initialized, a new instance is created.

access: public

static Crypt_KeyStore getInstance (string $type)

string $type: the type of key store instance

aliases (line 113)

Lists all the alias names of this Crypt_KeyStore.

return: array of alias strings
access: public

array aliases ()

containsAlias (line 126)

Checks if the given alias exists in this Crypt_KeyStore.

return: true if the key store contains an entry with the alias, false if not
access: public

boolean containsAlias (string $alias)

string $alias: the alias of the entry to query

createCSR (line 308)

Creates a new private key and certificate signing request (CSR) for the private key. The CSR is returned for signing.

access: public

string createCSR (string $alias, [string $password = false], [array $dn = array()], [array $options = array()])

string $alias: alias to store new key/certificate under
string $password: password used to protect the private key
array $dn: distinguished name used to create CSR
array $options: array of key pair/certificate creation options

createSecretKey (line 271)

Creates a symmetric secret key from a randomly generated

pass phrase and stores the new key in the key store, protecting it with the password if specified. The pass phrase is a sequence of random hex numbers which is then used to generate the key using a SHA-256 hash and 8-bytes of salt.

access: public

void createSecretKey (string $alias, [array $password = false], [array $options = array()])

string $alias: the alias the new key will be stored as
array $password: password used to protected the key
array $options: array of key creation options

decrypt (line 362)

Decrypts the data with the key stored with the alias, optionally using the password to decrypt the key.

return: the encrypted data
access: public

string decrypt (string $encData, string $alias, [string $password = false], [array $options = array()])

string $encData: the encrypted data to decrypt
string $alias: the alias of the key to use to decrypt
string $password: the password to use to decrypt the key
array $options: array of decryption options

deleteEntry (line 138)

Deletes the entry identified by the given alias from this Crypt_KeyStore.

access: public

void deleteEntry (string $alias)

string $alias: the alias of the entry to delete

encrypt (line 346)

Encrypts the data with the key stored with the alias, optionally using the password to decrypt the key.

return: the encrypted data
access: public

string encrypt (string $data, string $alias, [string $password = false], [array $options = array()])

string $data: the plain text data to encrypt
string $alias: the alias of the key to use to encrypt
string $password: the password to use to decrypt the key
array $options: array of encryption options

entryInstanceOf (line 153)

Determines if the Crypt_KeyStore Entry for the specified alias is an instance or subclass of the specified entryClass.

return: true if entry is instance of the class name, false if not
access: public

boolean entryInstanceOf (string $alias, class $entryClazzName)

string $alias: the alias of the entry to test
class $entryClazzName: the key store entry class name to test

getCertificateAlias (line 166)

Returns the (alias) name of the first Crypt_KeyStore entry whose certificate matches the given certificate.

return: the alias of the certificate
access: public

string getCertificateAlias (string $cert)

string $cert: the certificate text

getCertificateChain (line 179)

Returns the certificate chain associated with the given alias.

return: an array of certificates in the chain, or NULL if the chain does not exist for the the alias
access: public

array getCertificateChain (string $alias)

string $alias: the alias of the certificate chain

getCreationDate (line 191)

Returns the creation date of the entry identified by the given alias.

return: the date/time the key was added to the key store
access: public

DateTime getCreationDate (string $alias)

string $alias: the alias of the entry to retrieve

getEntry (line 205)

Gets a Crypt_KeyStore Entry for the specified alias with the specified protection parameter.

access: public

Crypt_KeyStore_Entry getEntry (string $alias, [array $options = array()])

string $alias: the alias of the entry to retrieve
array $options: the password used to decrypt the key

getType (line 215)

Returns the type of this Crypt_KeyStore.

return: the type of key store implementation
access: public

string getType ()

importCertificate (line 329)

Imports a signed-certificate into the key store assigning the alias to

the new entry. If the alias is a pre-existing private key, the certificate must be valid and correspond to the private key. Otherwise, an exception is thrown. If no entry exists for the alias, a new trusted certificate entry is created for the certificate.

access: public

void importCertificate (string $cert, string $alias, [string $password = false])

string $cert: the certificate to import
string $alias: the alias of the entry to import certificate into
string $password: private key password

initializeDn (line 284)

Helper function to return an associative array initialized with default values for a distinguished name (DN) worthy of creating a CSR.

TODO - populate with values from a configuration file

return: string> associative array of DN values
access: public

array initializeDn ()

isCertificateEntry (line 229)

Returns true if the entry identified by the given alias was created by a call to _setCertificateEntry, or created by a call to _setEntry with a Crypt_KeyStore_TrustedCertificateEntry.

return: true if entry is a certificate, false if not
access: public

boolean isCertificateEntry (string $alias)

string $alias: the alias of the entry to test

isKeyEntry (line 243)

Returns true if the entry identified by the given alias was created by a call to _setKeyEntry, or created by a call to _setEntry with a Crypt_KeyStore_PrivateKeyEntry or a Crypt_KeyStore_SecretKeyEntry.

return: true if entry is a key, false if not
access: public

boolean isKeyEntry (string $alias)

string $alias: the alias of the entry to test

load (line 407)

Loads this Crypt_KeyStore from the given input stream.

access: public

void load (string $filename, string $password, [array $options = array()])

string $filename: path and file name of key store file
string $password: password used encrypt key store
array $options: load options

sign (line 377)

Signs the data with the private key stored by the specified alias.

return: the signature
access: public

string sign (string $data, string $alias, [string $password = false], [array $options = array()])

string $data: the data to be signed
string $alias: the alias of the private key to use for signing
string $password: the password to unlock the private key
array $options: array of signing options

size (line 253)

Retrieves the number of entries in this Crypt_KeyStore.

return: the number of entries in the Crypt_KeyStore instance
access: public

int size ()

store (line 423)

Stores this Crypt_KeyStore to the given output stream, and protects its integrity with the given password.

access: public

void store (string $filename, string $password, [array $options = array()])

string $filename: path and file name of key store file
string $password: password used encrypt key store
array $options: store options

verify (line 393)

Verifies the signature was signed by the private key stored by the specified alias.

return: true if signature is valid, false if not
access: public

boolean verify (string $data, string $signature, string $alias, [array $options = array()])

string $data: the original data to verify signature against
string $signature: the signature to verify
string $alias: the alias of the private key
array $options: array of verification options

Documentation generated on Tue, 08 Jul 2008 14:52:09 -0500 by phpDocumentor 1.4.2