I specifically want to determine the expiration date of the key used to sign an Android APK.
The file appears to be DER-encoded PKCS#7, as this shows me the contents:
openssl pkcs7 -inform DER -in CERT.RSA -noout -print_certs -text
Some approaches I have tried:
/* try to open as pkcs#7. prints FALSE. */
if( TRUE === openssl_pkcs7_verify ( 'CERT.RSA', 0 ) ) {
echo "TRUE\n";
}
else {
echo "FALSE\n";
}
/* try to open as an x509. prints FALSE. */
$data = openssl_x509_parse(file_get_contents('CERT.RSA'));
if( $data === FALSE ) {
echo "FALSE\n";
}
/*
un-DER with phpseclib
prints a nestated data structure that clearly includes
data from CERT.RDA, but unclear to me which value is
the cert expiration date.
*/
$ASN1 = new File_ASN1(file_get_contents('CERT.RSA'));
print_r( $ASN1->decodeBER(file_get_contents('CERT.RSA')) );`
I could just call openssl from an exec() or similar, but I'd rather have a pure-PHP solution. Anybody got one?