2011-12-16 23:31:35 +00:00
|
|
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* This class is for access to SSL information
|
|
|
|
|
*
|
|
|
|
|
* @package OSB
|
|
|
|
|
* @subpackage System
|
|
|
|
|
* @category Helpers
|
|
|
|
|
* @author Deon George
|
|
|
|
|
* @copyright (c) 2010 Open Source Billing
|
|
|
|
|
* @license http://dev.osbill.net/license.html
|
|
|
|
|
*/
|
|
|
|
|
class SSL {
|
|
|
|
|
public static function instance() {
|
|
|
|
|
return new SSL;
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-08 14:59:08 +00:00
|
|
|
public static function details($cert,$key=NULL) {
|
|
|
|
|
$k = openssl_x509_parse($cert);
|
|
|
|
|
|
|
|
|
|
return is_null($key) ? $k : $k[$key];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function algorithm($cert,$key=NULL) {
|
|
|
|
|
if (! $cert)
|
|
|
|
|
return '';
|
|
|
|
|
|
|
|
|
|
$r = openssl_x509_read($cert);
|
|
|
|
|
openssl_x509_export($r,$e,FALSE);
|
|
|
|
|
|
|
|
|
|
// @todo There must be a nice way to get this?
|
|
|
|
|
if (preg_match('/^\s+Signature Algorithm:\s*(.*)\s*$/m',$e,$match))
|
|
|
|
|
return $match[1];
|
|
|
|
|
else
|
|
|
|
|
return _('Unknown');
|
|
|
|
|
}
|
|
|
|
|
|
2012-12-10 21:48:30 +00:00
|
|
|
public static function aki($cert,$key=NULL) {
|
|
|
|
|
$k = array();
|
|
|
|
|
foreach (explode("\n",preg_replace("/\n$/",'',static::extensions($cert,'authorityKeyIdentifier'))) as $x) {
|
|
|
|
|
list($a,$b) = explode(":",$x,2);
|
|
|
|
|
$k[strtolower($a)] = $b;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return is_null($key) ? $k : $k[$key];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function aki_keyid($key) {
|
|
|
|
|
return static::aki($key,'keyid');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function aki_dirname($key) {
|
|
|
|
|
return static::aki($key,'dirname');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function aki_serial($key) {
|
|
|
|
|
return static::aki($key,'serial');
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-08 14:59:08 +00:00
|
|
|
public static function dn($cert) {
|
|
|
|
|
if (! $cert)
|
|
|
|
|
return '';
|
|
|
|
|
|
|
|
|
|
$s = '';
|
|
|
|
|
|
|
|
|
|
$c = 0;
|
|
|
|
|
foreach (static::details($cert,'subject') as $k=>$v) {
|
|
|
|
|
if ($c++)
|
|
|
|
|
$s .= ',';
|
|
|
|
|
|
|
|
|
|
$s .= sprintf('%s=%s',$k,$v);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $s;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function dnissuer($cert) {
|
|
|
|
|
if (! $cert)
|
|
|
|
|
return '';
|
|
|
|
|
|
|
|
|
|
$s = '';
|
|
|
|
|
|
|
|
|
|
$c = 0;
|
|
|
|
|
foreach (static::details($cert,'issuer') as $k=>$v) {
|
|
|
|
|
if ($c++)
|
|
|
|
|
$s .= ',';
|
|
|
|
|
|
|
|
|
|
$s .= sprintf('%s=%s',$k,$v);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $s;
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
2012-05-08 14:59:08 +00:00
|
|
|
public static function issuer($cert) {
|
|
|
|
|
$k = static::details($cert,'issuer');
|
|
|
|
|
return $k['CN'];
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
2012-05-08 14:59:08 +00:00
|
|
|
public static function from($cert,$format=FALSE) {
|
|
|
|
|
$k = static::details($cert,'validFrom_time_t');
|
|
|
|
|
return $format ? Config::date($k) : $k;
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
2011-12-26 13:52:46 +00:00
|
|
|
public static function expire($key,$format=FALSE) {
|
2012-05-08 14:59:08 +00:00
|
|
|
$k = static::details($key,'validTo_time_t');
|
|
|
|
|
return $format ? Config::date($k) : $k;
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-10 21:48:30 +00:00
|
|
|
public static function extensions($cert,$key=NULL) {
|
|
|
|
|
$k = static::details($cert,'extensions');
|
|
|
|
|
return is_null($key) ? $k : $k[$key];
|
|
|
|
|
}
|
|
|
|
|
|
2011-12-16 23:31:35 +00:00
|
|
|
public static function hash($key) {
|
2012-05-08 14:59:08 +00:00
|
|
|
return static::details($key,'hash');
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function serial($key) {
|
2012-12-10 21:48:30 +00:00
|
|
|
return static::dec_to_hex(static::details($key,'serialNumber'));
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function subject($key) {
|
2012-05-08 14:59:08 +00:00
|
|
|
$k = static::details($key,'subject');
|
|
|
|
|
return $k['CN'];
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-10 21:48:30 +00:00
|
|
|
public static function ski($key) {
|
|
|
|
|
return static::extensions($key,'subjectKeyIdentifier');
|
|
|
|
|
}
|
|
|
|
|
|
2011-12-16 23:31:35 +00:00
|
|
|
public static function version($key) {
|
2012-05-08 14:59:08 +00:00
|
|
|
return static::details($key,'version');
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function csrsubject($csr) {
|
|
|
|
|
$c = openssl_csr_get_subject($csr);
|
|
|
|
|
|
|
|
|
|
return $c['CN'];
|
|
|
|
|
}
|
2012-12-10 21:48:30 +00:00
|
|
|
|
|
|
|
|
private static function dec_to_hex($number) {
|
|
|
|
|
$hex = array();
|
|
|
|
|
|
|
|
|
|
if ($number == 0)
|
|
|
|
|
return '00';
|
|
|
|
|
|
|
|
|
|
while ($number > 0) {
|
|
|
|
|
if ($number == 0) {
|
|
|
|
|
array_push($hex, '0');
|
|
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
$x = (int) ($number/16);
|
|
|
|
|
array_push($hex,strtoupper(dechex((int)($number-($x*16)))));
|
|
|
|
|
$number = $x;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return preg_replace('/^:/','',preg_replace('/(..)/',":$1",implode(array_reverse($hex))));
|
|
|
|
|
}
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
?>
|
