在PHP中使用PHP传递.PEM和.KEY作为字符串 [英] Passing .PEM and .KEY as string in Curl using PHP

问题描述

我有一个CERT和私钥文件。我使用cUrl和PHP连接到另一个服务。目前，我有cert和key文件，它与以下代码完全正常：

  $ pemfile =cert .pem; 
 $ keyfile =private_key.key; 
 $ url =someTestUrl; 
 $ requestXml =requestData; 
 
 $ ch = curl_init（）; 
 curl_setopt（$ ch，CURLOPT_URL，$ url）; 
 curl_setopt（$ ch，CURLOPT_VERBOSE，1）; 
 curl_setopt（$ ch，CURLOPT_RETURNTRANSFER，1）; 
 curl_setopt（$ ch，CURLOPT_SSL_VERIFYPEER，1）; 
 curl_setopt（$ ch，CURLOPT_SSL_VERIFYHOST，1）; 
 curl_setopt（$ ch，CURLOPT_FAILONERROR，1）; 
 curl_setopt（$ ch，CURLOPT_SSLCERT，$ pemfile）; 
 curl_setopt（$ ch，CURLOPT_SSLCERTTYPE，'PEM'）; 
 curl_setopt（$ ch，CURLOPT_SSLKEY，$ keyfile）; 
 curl_setopt（$ ch，CURLOPT_POST，1）; 
 curl_setopt（$ ch，CURLOPT_HTTPHEADER，array（'Content-Type：text / xml'））; 
 curl_setopt（$ ch，CURLOPT_POSTFIELDS，$ requestXml）; 
 $ ret = curl_exec（$ ch）; 
  

我的问题是：我可以传递证书和密钥作为字符串，而不是作为文件传递？我尝试简单地传递各个文件的内容作为如下字符串：

  $ pemfile =----- BEGIN CERTIFICATE  - --- CERTDATAASSTRING ----- END CERTIFICATE -----; 
 $ keyfile =----- BEGIN RSA PRIVATE KEY ----- PRIVATEKEYINCODE ----- END RSA PRIVATE KEY -----; 
  

...不用说...它不工作：（

任何想法？指针？建议？

解决方案

底层的libcurl没有提供键作为字符串的API，只是作为文件！

赠金材料：

如果您确定使用OpenSSL构建，您实际上可以使用 CURLOPT_SSL_CTX_FUNCTION 选项来执行此操作。但是：

1. 使其成为libcurl + OpenSSL特定解决方案

我不认为PHP / CURL公开了这个函数>

（我应该补充说，我是libcurl的主要作者和维护者。）

I've a CERT and private key files. I'm using cUrl and PHP to connect to another service. At the moment, I've cert and key in files and it works perfectly fine with following code:

$pemfile = "cert.pem";
$keyfile = "private_key.key";
$url = "someTestUrl";
$requestXml = "requestData";

$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL, $url); 
curl_setopt($ch, CURLOPT_VERBOSE, 1); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1); 
curl_setopt($ch, CURLOPT_FAILONERROR, 1); 
curl_setopt($ch, CURLOPT_SSLCERT, $pemfile); 
curl_setopt($ch, CURLOPT_SSLCERTTYPE, 'PEM'); 
curl_setopt($ch, CURLOPT_SSLKEY, $keyfile); 
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_POSTFIELDS, $requestXml);
$ret = curl_exec($ch);

My question is: Can I pass cert and key as strings rather passing them as files? I tried simply passing contents of respective files as strings like this:

$pemfile = "-----BEGIN CERTIFICATE-----CERTDATAASSTRING-----END CERTIFICATE-----";
$keyfile = "-----BEGIN RSA PRIVATE KEY-----PRIVATEKEYINCODE-----END RSA PRIVATE KEY-----";

...and needless to say...it didn't work :(

Any ideas? pointers? suggestions???

解决方案

The answer is unfortunately as easy as it is simple: No, it is not possible.

The underlying libcurl has no API for providing keys as strings, only as files!

Bonus material:

If you're sure that your libcurl is built with OpenSSL, you can actually use the CURLOPT_SSL_CTX_FUNCTION option to do it. However:

1. that makes it an libcurl+OpenSSL specific solution

2. I don't think PHP/CURL exposes that function (enough) to allow this. You would probably need to extend the binding code first...

(I should add that I am the main author and maintainer of libcurl.)

这篇关于在PHP中使用PHP传递.PEM和.KEY作为字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！