phpseclib API Documentation
Class

phpseclib\File\X509

class X509

Pure-PHP X.509 Parser

Constants

VALIDATE_SIGNATURE_BY_CA

Flag to only accept signatures signed by certificate authorities

Not really used anymore but retained all the same to suppress E_NOTICEs from old installs

DN_ARRAY

Return internal array representation

DN_STRING

Return string

DN_ASN1

Return ASN.1 name string

DN_OPENSSL

Return OpenSSL compatible array

DN_CANON

Return canonical ASN.1 RDNs string

DN_HASH

Return name hash for file indexing

FORMAT_PEM

Save as PEM

ie. a base64-encoded PEM with a header and a footer

FORMAT_DER

Save as DER

FORMAT_SPKAC

Save as a SPKAC

Only works on CSRs. Not currently supported.

FORMAT_AUTO_DETECT

Auto-detect the format

Used only by the load*() functions

ATTR_ALL

Attribute value disposition.

If disposition is >= 0, this is the index of the target value.

ATTR_APPEND

ATTR_REPLACE

Properties

array $Certificate ASN.1 syntax for X.509 certificates
$DirectoryString
$PKCS9String
$AttributeValue
$Extensions
$KeyUsage
$ExtKeyUsageSyntax
$BasicConstraints
$KeyIdentifier
$CRLDistributionPoints
$AuthorityKeyIdentifier
$CertificatePolicies
$AuthorityInfoAccessSyntax
$SubjectAltName
$PrivateKeyUsagePeriod
$IssuerAltName
$PolicyMappings
$NameConstraints
$CPSuri
$UserNotice
$netscape_cert_type
$netscape_comment
$netscape_ca_policy_url
$Name
$RelativeDistinguishedName
$CRLNumber
$CRLReason
$IssuingDistributionPoint
$InvalidityDate
$CertificateIssuer
$HoldInstructionCode
$SignedPublicKeyAndChallenge
array $CertificationRequest ASN.1 syntax for Certificate Signing Requests (RFC2986)
array $CertificateList ASN.1 syntax for Certificate Revocation Lists (RFC5280)
array $dn Distinguished Name
string $publicKey Public key
string $privateKey Private key
array $oids Object identifiers for X.509 certificates
array $CAs The certificate authorities
array $currentCert The currently loaded certificate
string $signatureSubject The signature subject
string $startDate Certificate Start Date
string $endDate Certificate End Date
string $serialNumber Serial Number
string $currentKeyIdentifier Key Identifier
bool $caFlag CA Flag
string $challenge SPKAC Challenge

Methods

X509 __construct()

Default Constructor.

mixed loadX509(string $cert, int $mode = self::FORMAT_AUTO_DETECT)

Load X.509 certificate

string saveX509(array $cert, int $format = self::FORMAT_PEM)

Save X.509 certificate

_mapInExtensions(array $root, string $path, object $asn1)

Map extension values from octet string to extension-specific internal format.

_mapOutExtensions(array $root, string $path, object $asn1)

Map extension values from extension-specific internal format to octet string.

_mapInAttributes(array $root, string $path, object $asn1)

Map attribute values from ANY type to attribute-specific internal format.

_mapOutAttributes(array $root, string $path, object $asn1)

Map attribute values from attribute-specific internal format to ANY type.

mixed _getMapping(string $extnId)

Associate an extension ID to an extension mapping

bool loadCA(string $cert)

Load an X.509 certificate as a certificate authority

bool validateURL(string $url)

Validate an X.509 certificate against a URL

validateDate(int $date = null)

Validate a date

mixed validateSignature(bool $caonly = true)

Validate a signature

bool _validateSignature(string $publicKeyAlgorithm, string $publicKey, string $signatureAlgorithm, string $signature, string $signatureSubject)

Validates a signature

string _reformatKey(string $algorithm, string $key)

Reformat public keys

string _decodeIP(string $ip)

Decodes an IP address

string _encodeIP(string $ip)

Encodes an IP address

mixed _translateDNProp(string $propName)

"Normalizes" a Distinguished Name property

bool setDNProp(string $propName, mixed $propValue, string $type = 'utf8String')

Set a Distinguished Name property

removeDNProp(string $propName)

Remove Distinguished Name properties

mixed getDNProp(string $propName, array $dn = null, bool $withType = false)

Get Distinguished Name properties

bool setDN(mixed $dn, bool $merge = false, string $type = 'utf8String')

Set a Distinguished Name

bool getDN(mixed $format = self::DN_ARRAY, array $dn = null)

Get the Distinguished Name for a certificates subject

mixed getIssuerDN(int $format = self::DN_ARRAY)

Get the Distinguished Name for a certificate/crl issuer

mixed getSubjectDN(int $format = self::DN_ARRAY)

Get the Distinguished Name for a certificate/csr subject Alias of getDN()

mixed getIssuerDNProp(string $propName, bool $withType = false)

Get an individual Distinguished Name property for a certificate/crl issuer

mixed getSubjectDNProp(string $propName, bool $withType = false)

Get an individual Distinguished Name property for a certificate/csr subject

mixed getChain()

Get the certificate chain for the current cert

bool setPublicKey(object $key)

Set public key

setPrivateKey(object $key)

Set private key

setChallenge(string $challenge)

Set challenge

mixed getPublicKey()

Gets the public key

mixed loadCSR($csr, $mode = self::FORMAT_AUTO_DETECT)

Load a Certificate Signing Request

string saveCSR(array $csr, int $format = self::FORMAT_PEM)

Save CSR request

mixed loadSPKAC($spkac)

Load a SPKAC CSR

string saveSPKAC($spkac, $format = self::FORMAT_PEM)

Save a SPKAC CSR request

mixed loadCRL($crl, $mode = self::FORMAT_AUTO_DETECT)

Load a Certificate Revocation List

string saveCRL(array $crl, int $format = self::FORMAT_PEM)

Save Certificate Revocation List.

array _timeField(string $date)

Helper function to build a time field according to RFC 3280 section - 4.1.2.5 Validity - 5.1.2.4 This Update - 5.1.2.5 Next Update - 5.1.2.6 Revoked Certificates by choosing utcTime iff year of date given is before 2050 and generalTime else.

mixed sign(X509 $issuer, X509 $subject, string $signatureAlgorithm = 'sha1WithRSAEncryption')

Sign an X.509 certificate

mixed signCSR($signatureAlgorithm = 'sha1WithRSAEncryption')

Sign a CSR

mixed signSPKAC($signatureAlgorithm = 'sha1WithRSAEncryption')

Sign a SPKAC

mixed signCRL(X509 $issuer, X509 $crl, string $signatureAlgorithm = 'sha1WithRSAEncryption')

Sign a CRL

mixed _sign($key, $signatureAlgorithm)

X.509 certificate signing helper function.

setStartDate(string $date)

Set certificate start date

setEndDate(string $date)

Set certificate end date

setSerialNumber(string $serial, $base $base = -256)

Set Serial Number

makeCA()

Turns the certificate into a certificate authority

array|false _subArray(array $root, string $path, bool $create = false)

Get a reference to a subarray

array|false _extensions(array $root, string $path = null, bool $create = false)

Get a reference to an extension subarray

bool _removeExtension(string $id, string $path = null)

Remove an Extension

mixed _getExtension(string $id, array $cert = null, string $path = null)

Get an Extension

array _getExtensions(array $cert = null, string $path = null)

Returns a list of all extensions in use

bool _setExtension(string $id, mixed $value, bool $critical = false, bool $replace = true, string $path = null)

Set an Extension

bool removeExtension(string $id)

Remove a certificate, CSR or CRL Extension

mixed getExtension(string $id, array $cert = null)

Get a certificate, CSR or CRL Extension

array getExtensions(array $cert = null)

Returns a list of all extensions in use in certificate, CSR or CRL

bool setExtension(string $id, mixed $value, bool $critical = false, bool $replace = true)

Set a certificate, CSR or CRL Extension

bool removeAttribute(string $id, int $disposition = self::ATTR_ALL)

Remove a CSR attribute.

mixed getAttribute(string $id, int $disposition = self::ATTR_ALL, array $csr = null)

Get a CSR attribute

array getAttributes(array $csr = null)

Returns a list of all CSR attributes in use

bool setAttribute(string $id, mixed $value, bool $disposition = self::ATTR_ALL)

Set a CSR attribute

setKeyIdentifier(string $value)

Sets the subject key identifier

string computeKeyIdentifier(mixed $key = null, int $method = 1)

Compute a public key identifier.

array _formatSubjectPublicKey()

Format a public key as appropriate

array setDomain()

Set the domain name's which the cert is to be valid for

setIPAddress()

Set the IP Addresses's which the cert is to be valid for

array _dnsName(string $domain)

Helper function to build domain array

array _iPAddress(string $address)

Helper function to build IP Address array

int|false _revokedCertificate(array $rclist, string $serial, bool $create = false)

Get the index of a revoked certificate.

bool revoke(string $serial, string $date = null)

Revoke a certificate.

bool unrevoke(string $serial)

Unrevoke a certificate.

mixed getRevoked(string $serial)

Get a revoked certificate.

array listRevoked(array $crl = null)

List revoked certificates

bool removeRevokedCertificateExtension(string $serial, string $id)

Remove a Revoked Certificate Extension

mixed getRevokedCertificateExtension(string $serial, string $id, array $crl = null)

Get a Revoked Certificate Extension

array getRevokedCertificateExtensions(string $serial, array $crl = null)

Returns a list of all extensions in use for a given revoked certificate

bool setRevokedCertificateExtension(string $serial, string $id, mixed $value, bool $critical = false, bool $replace = true)

Set a Revoked Certificate Extension

string _extractBER(string $str)

Extract raw BER from Base64 encoding

string getOID($name)

Returns the OID corresponding to a name

Details

at line 304
public X509 __construct()

Default Constructor.

Return Value

X509

at line 1416
public mixed loadX509(string $cert, int $mode = self::FORMAT_AUTO_DETECT)

Load X.509 certificate

Returns an associative array describing the X.509 cert or a false if the cert failed to load

Parameters

string $cert
int $mode

Return Value

mixed

at line 1485
public string saveX509(array $cert, int $format = self::FORMAT_PEM)

Save X.509 certificate

Parameters

array $cert
int $format optional

Return Value

string

at line 1561
public _mapInExtensions(array $root, string $path, object $asn1)

Map extension values from octet string to extension-specific internal format.

Parameters

array $root ref $root
string $path
object $asn1

at line 1611
public _mapOutExtensions(array $root, string $path, object $asn1)

Map extension values from extension-specific internal format to octet string.

Parameters

array $root ref $root
string $path
object $asn1

at line 1677
public _mapInAttributes(array $root, string $path, object $asn1)

Map attribute values from ANY type to attribute-specific internal format.

Parameters

array $root ref $root
string $path
object $asn1

at line 1718
public _mapOutAttributes(array $root, string $path, object $asn1)

Map attribute values from attribute-specific internal format to ANY type.

Parameters

array $root ref $root
string $path
object $asn1

at line 1759
public mixed _getMapping(string $extnId)

Associate an extension ID to an extension mapping

Parameters

string $extnId

Return Value

mixed

at line 1855
public bool loadCA(string $cert)

Load an X.509 certificate as a certificate authority

Parameters

string $cert

Return Value

bool

at line 1922
public bool validateURL(string $url)

Validate an X.509 certificate against a URL

From RFC2818 "HTTP over TLS":

Matching is performed using the matching rules specified by [RFC2459]. If more than one identity of a given type is present in the certificate (e.g., more than one dNSName name, a match in any one of the set is considered acceptable.) Names may contain the wildcard character * which is considered to match any single domain name component or component fragment. E.g., .a.com matches foo.a.com but not bar.foo.a.com. f.com matches foo.com but not bar.com.

Parameters

string $url

Return Value

bool

at line 1979
public validateDate(int $date = null)

Validate a date

If $date isn't defined it is assumed to be the current date.

Parameters

int $date optional

at line 2019
public mixed validateSignature(bool $caonly = true)

Validate a signature

Works on X.509 certs, CSR's and CRL's. Returns true if the signature is verified, false if it is not correct or null on error

By default returns false for self-signed certs. Call validateSignature(false) to make this support self-signed.

The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}.

Parameters

bool $caonly optional

Return Value

mixed

at line 2135
public bool _validateSignature(string $publicKeyAlgorithm, string $publicKey, string $signatureAlgorithm, string $signature, string $signatureSubject)

Validates a signature

Returns true if the signature is verified and false if it is not correct. If the algorithms are unsupposed an exception is thrown.

Parameters

string $publicKeyAlgorithm
string $publicKey
string $signatureAlgorithm
string $signature
string $signatureSubject

Return Value

bool

Exceptions

UnsupportedAlgorithmException if the algorithm is unsupported

at line 2176
public string _reformatKey(string $algorithm, string $key)

Reformat public keys

Reformats a public key to a format supported by phpseclib (if applicable)

Parameters

string $algorithm
string $key

Return Value

string

at line 2201
public string _decodeIP(string $ip)

Decodes an IP address

Takes in a base64 encoded "blob" and returns a human readable IP address

Parameters

string $ip

Return Value

string

at line 2215
public string _encodeIP(string $ip)

Encodes an IP address

Takes a human readable IP address into a base64-encoded "blob"

Parameters

string $ip

Return Value

string

at line 2227
public mixed _translateDNProp(string $propName)

"Normalizes" a Distinguished Name property

Parameters

string $propName

Return Value

mixed

at line 2318
public bool setDNProp(string $propName, mixed $propValue, string $type = 'utf8String')

Set a Distinguished Name property

Parameters

string $propName
mixed $propValue
string $type optional

Return Value

bool

at line 2349
public removeDNProp(string $propName)

Remove Distinguished Name properties

Parameters

string $propName

at line 2379
public mixed getDNProp(string $propName, array $dn = null, bool $withType = false)

Get Distinguished Name properties

Parameters

string $propName
array $dn optional
bool $withType optional

Return Value

mixed

at line 2430
public bool setDN(mixed $dn, bool $merge = false, string $type = 'utf8String')

Set a Distinguished Name

Parameters

mixed $dn
bool $merge optional
string $type optional

Return Value

bool

at line 2472
public bool getDN(mixed $format = self::DN_ARRAY, array $dn = null)

Get the Distinguished Name for a certificates subject

Parameters

mixed $format optional
array $dn optional

Return Value

bool

at line 2614
public mixed getIssuerDN(int $format = self::DN_ARRAY)

Get the Distinguished Name for a certificate/crl issuer

Parameters

int $format optional

Return Value

mixed

at line 2636
public mixed getSubjectDN(int $format = self::DN_ARRAY)

Get the Distinguished Name for a certificate/csr subject Alias of getDN()

Parameters

int $format optional

Return Value

mixed

at line 2660
public mixed getIssuerDNProp(string $propName, bool $withType = false)

Get an individual Distinguished Name property for a certificate/crl issuer

Parameters

string $propName
bool $withType optional

Return Value

mixed

at line 2682
public mixed getSubjectDNProp(string $propName, bool $withType = false)

Get an individual Distinguished Name property for a certificate/csr subject

Parameters

string $propName
bool $withType optional

Return Value

mixed

at line 2704
public mixed getChain()

Get the certificate chain for the current cert

Return Value

mixed

at line 2752
public bool setPublicKey(object $key)

Set public key

Key needs to be a \phpseclib\Crypt\RSA object

Parameters

object $key

Return Value

bool

at line 2766
public setPrivateKey(object $key)

Set private key

Key needs to be a \phpseclib\Crypt\RSA object

Parameters

object $key

at line 2779
public setChallenge(string $challenge)

Set challenge

Used for SPKAC CSR's

Parameters

string $challenge

at line 2792
public mixed getPublicKey()

Gets the public key

Returns a \phpseclib\Crypt\RSA object or a false.

Return Value

mixed

at line 2832
public mixed loadCSR($csr, $mode = self::FORMAT_AUTO_DETECT)

Load a Certificate Signing Request

Parameters

$csr
$mode

Return Value

mixed

at line 2912
public string saveCSR(array $csr, int $format = self::FORMAT_PEM)

Save CSR request

Parameters

array $csr
int $format optional

Return Value

string

at line 2963
public mixed loadSPKAC($spkac)

Load a SPKAC CSR

SPKAC's are produced by the HTML5 keygen element:

https://developer.mozilla.org/en-US/docs/HTML/Element/keygen

Parameters

$spkac

Return Value

mixed

at line 3035
public string saveSPKAC($spkac, $format = self::FORMAT_PEM)

Save a SPKAC CSR request

Parameters

$spkac
$format

Return Value

string

at line 3077
public mixed loadCRL($crl, $mode = self::FORMAT_AUTO_DETECT)

Load a Certificate Revocation List

Parameters

$crl
$mode

Return Value

mixed

at line 3139
public string saveCRL(array $crl, int $format = self::FORMAT_PEM)

Save Certificate Revocation List.

Parameters

array $crl
int $format optional

Return Value

string

at line 3200
public array _timeField(string $date)

Helper function to build a time field according to RFC 3280 section - 4.1.2.5 Validity - 5.1.2.4 This Update - 5.1.2.5 Next Update - 5.1.2.6 Revoked Certificates by choosing utcTime iff year of date given is before 2050 and generalTime else.

Parameters

string $date in format date('D, d M Y H:i:s O')

Return Value

array

at line 3223
public mixed sign(X509 $issuer, X509 $subject, string $signatureAlgorithm = 'sha1WithRSAEncryption')

Sign an X.509 certificate

$issuer's private key needs to be loaded. $subject can be either an existing X.509 cert (if you want to resign it), a CSR or something with the DN and public key explicitly set.

Parameters

X509 $issuer
X509 $subject
string $signatureAlgorithm optional

Return Value

mixed

at line 3400
public mixed signCSR($signatureAlgorithm = 'sha1WithRSAEncryption')

Sign a CSR

Parameters

$signatureAlgorithm

Return Value

mixed

at line 3458
public mixed signSPKAC($signatureAlgorithm = 'sha1WithRSAEncryption')

Sign a SPKAC

Parameters

$signatureAlgorithm

Return Value

mixed

at line 3528
public mixed signCRL(X509 $issuer, X509 $crl, string $signatureAlgorithm = 'sha1WithRSAEncryption')

Sign a CRL

$issuer's private key needs to be loaded.

Parameters

X509 $issuer
X509 $crl
string $signatureAlgorithm optional

Return Value

mixed

at line 3658
public mixed _sign($key, $signatureAlgorithm)

X.509 certificate signing helper function.

Parameters

$key
$signatureAlgorithm

Return Value

mixed

Exceptions

UnsupportedAlgorithmException if the algorithm is unsupported

at line 3687
public setStartDate(string $date)

Set certificate start date

Parameters

string $date

at line 3698
public setEndDate(string $date)

Set certificate end date

Parameters

string $date

at line 3724
public setSerialNumber(string $serial, $base $base = -256)

Set Serial Number

Parameters

string $serial
$base $base optional

at line 3734
public makeCA()

Turns the certificate into a certificate authority

at line 3748
public array|false _subArray(array $root, string $path, bool $create = false)

Get a reference to a subarray

Parameters

array $root
string $path absolute path with / as component separator
bool $create optional

Return Value

array|false

at line 3784
public array|false _extensions(array $root, string $path = null, bool $create = false)

Get a reference to an extension subarray

Parameters

array $root
string $path optional absolute path with / as component separator
bool $create optional

Return Value

array|false

at line 3838
public bool _removeExtension(string $id, string $path = null)

Remove an Extension

Parameters

string $id
string $path optional

Return Value

bool

at line 3869
public mixed _getExtension(string $id, array $cert = null, string $path = null)

Get an Extension

Returns the extension if it exists and false if not

Parameters

string $id
array $cert optional
string $path optional

Return Value

mixed

at line 3894
public array _getExtensions(array $cert = null, string $path = null)

Returns a list of all extensions in use

Parameters

array $cert optional
string $path optional

Return Value

array

at line 3919
public bool _setExtension(string $id, mixed $value, bool $critical = false, bool $replace = true, string $path = null)

Set an Extension

Parameters

string $id
mixed $value
bool $critical optional
bool $replace optional
string $path optional

Return Value

bool

at line 3951
public bool removeExtension(string $id)

Remove a certificate, CSR or CRL Extension

Parameters

string $id

Return Value

bool

at line 3966
public mixed getExtension(string $id, array $cert = null)

Get a certificate, CSR or CRL Extension

Returns the extension if it exists and false if not

Parameters

string $id
array $cert optional

Return Value

mixed

at line 3978
public array getExtensions(array $cert = null)

Returns a list of all extensions in use in certificate, CSR or CRL

Parameters

array $cert optional

Return Value

array

at line 3993
public bool setExtension(string $id, mixed $value, bool $critical = false, bool $replace = true)

Set a certificate, CSR or CRL Extension

Parameters

string $id
mixed $value
bool $critical optional
bool $replace optional

Return Value

bool

at line 4006
public bool removeAttribute(string $id, int $disposition = self::ATTR_ALL)

Remove a CSR attribute.

Parameters

string $id
int $disposition optional

Return Value

bool

at line 4057
public mixed getAttribute(string $id, int $disposition = self::ATTR_ALL, array $csr = null)

Get a CSR attribute

Returns the attribute if it exists and false if not

Parameters

string $id
int $disposition optional
array $csr optional

Return Value

mixed

at line 4097
public array getAttributes(array $csr = null)

Returns a list of all CSR attributes in use

Parameters

array $csr optional

Return Value

array

at line 4124
public bool setAttribute(string $id, mixed $value, bool $disposition = self::ATTR_ALL)

Set a CSR attribute

Parameters

string $id
mixed $value
bool $disposition optional

Return Value

bool

at line 4179
public setKeyIdentifier(string $value)

Sets the subject key identifier

This is used by the id-ce-authorityKeyIdentifier and the id-ce-subjectKeyIdentifier extensions.

Parameters

string $value

at line 4206
public string computeKeyIdentifier(mixed $key = null, int $method = 1)

Compute a public key identifier.

Although key identifiers may be set to any unique value, this function computes key identifiers from public key according to the two recommended methods (4.2.1.2 RFC 3280). Highly polymorphic: try to accept all possible forms of key: - Key object - \phpseclib\File\X509 object with public or private key defined - Certificate or CSR array - \phpseclib\File\ASN1\Element object - PEM or DER string

Parameters

mixed $key optional
int $method optional

Return Value

string binary key identifier

at line 4280
public array _formatSubjectPublicKey()

Format a public key as appropriate

Return Value

array

at line 4301
public array setDomain()

Set the domain name's which the cert is to be valid for

Return Value

array

at line 4314
public setIPAddress()

Set the IP Addresses's which the cert is to be valid for

at line 4332
public array _dnsName(string $domain)

Helper function to build domain array

Parameters

string $domain

Return Value

array

at line 4346
public array _iPAddress(string $address)

Helper function to build IP Address array

(IPv6 is not currently supported)

Parameters

string $address

Return Value

array

at line 4360
public int|false _revokedCertificate(array $rclist, string $serial, bool $create = false)

Get the index of a revoked certificate.

Parameters

array $rclist
string $serial
bool $create optional

Return Value

int|false

at line 4388
public bool revoke(string $serial, string $date = null)

Revoke a certificate.

Parameters

string $serial
string $date optional

Return Value

bool

at line 4414
public bool unrevoke(string $serial)

Unrevoke a certificate.

Parameters

string $serial

Return Value

bool

at line 4434
public mixed getRevoked(string $serial)

Get a revoked certificate.

Parameters

string $serial

Return Value

mixed

at line 4452
public array listRevoked(array $crl = null)

List revoked certificates

Parameters

array $crl optional

Return Value

array

at line 4481
public bool removeRevokedCertificateExtension(string $serial, string $id)

Remove a Revoked Certificate Extension

Parameters

string $serial
string $id

Return Value

bool

at line 4503
public mixed getRevokedCertificateExtension(string $serial, string $id, array $crl = null)

Get a Revoked Certificate Extension

Returns the extension if it exists and false if not

Parameters

string $serial
string $id
array $crl optional

Return Value

mixed

at line 4526
public array getRevokedCertificateExtensions(string $serial, array $crl = null)

Returns a list of all extensions in use for a given revoked certificate

Parameters

string $serial
array $crl optional

Return Value

array

at line 4552
public bool setRevokedCertificateExtension(string $serial, string $id, mixed $value, bool $critical = false, bool $replace = true)

Set a Revoked Certificate Extension

Parameters

string $serial
string $id
mixed $value
bool $critical optional
bool $replace optional

Return Value

bool

at line 4572
public string _extractBER(string $str)

Extract raw BER from Base64 encoding

Parameters

string $str

Return Value

string

at line 4610
public string getOID($name)

Returns the OID corresponding to a name

What's returned in the associative array returned by loadX509() (or load*()) is either a name or an OID if no OID to name mapping is available. The problem with this is that what may be an unmapped OID in one version of phpseclib may not be unmapped in the next version, so apps that are looking at this OID may not be able to work from version to version.

This method will return the OID if a name is passed to it and if no mapping is avialable it'll assume that what's being passed to it already is an OID and return that instead. A few examples.

getOID('2.16.840.1.101.3.4.2.1') == '2.16.840.1.101.3.4.2.1' getOID('id-sha256') == '2.16.840.1.101.3.4.2.1' getOID('zzz') == 'zzz'

Parameters

$name

Return Value

string