<?php defined('SYSPATH') or die('No direct access allowed.');

/**
 * This class is for access to SSL information
 *
 * @package    OSB
 * @subpackage System
 * @category   Helpers
 * @author     Deon George
 * @copyright  (c) 2010 Open Source Billing
 * @license    http://dev.osbill.net/license.html
 */
class SSL {
	public static function instance() {
		return new SSL;
	}

	public static function details($cert,$key=NULL) {
		$k = openssl_x509_parse($cert);

		return is_null($key) ? $k : $k[$key];
	}

	public static function algorithm($cert,$key=NULL) {
		if (! $cert)
			return '';

		$r = openssl_x509_read($cert);
		openssl_x509_export($r,$e,FALSE);

		// @todo There must be a nice way to get this?
		if (preg_match('/^\s+Signature Algorithm:\s*(.*)\s*$/m',$e,$match))
			return $match[1];
		else
			return _('Unknown');
	}

	public static function dn($cert) {
		if (! $cert)
			return '';

		$s = '';

		$c = 0;
		foreach (static::details($cert,'subject') as $k=>$v) {
			if ($c++)
				$s .= ',';

			$s .= sprintf('%s=%s',$k,$v);
		}

		return $s;
	}

	public static function dnissuer($cert) {
		if (! $cert)
			return '';

		$s = '';

		$c = 0;
		foreach (static::details($cert,'issuer') as $k=>$v) {
			if ($c++)
				$s .= ',';

			$s .= sprintf('%s=%s',$k,$v);
		}

		return $s;
	}

	public static function issuer($cert) {
		$k = static::details($cert,'issuer');
		return $k['CN'];
	}

	public static function from($cert,$format=FALSE) {
		$k = static::details($cert,'validFrom_time_t');
		return $format ? Config::date($k) : $k;
	}

	public static function expire($key,$format=FALSE) {
		$k = static::details($key,'validTo_time_t');
		return $format ? Config::date($k) : $k;
	}

	public static function hash($key) {
		return static::details($key,'hash');
	}

	public static function serial($key) {
		return static::details($key,'serialNumber');
	}

	public static function subject($key) {
		$k = static::details($key,'subject');
		return $k['CN'];
	}

	public static function version($key) {
		return static::details($key,'version');
	}

	public static function csrsubject($csr) {
		$c = openssl_csr_get_subject($csr);

		return $c['CN'];
	}
}
?>