1
0

Certificate.php 2.5 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  6. * SPDX-License-Identifier: AGPL-3.0-only
  7. */
  8. namespace OC\Security;
  9. use OCP\ICertificate;
  10. class Certificate implements ICertificate {
  11. protected string $name;
  12. protected ?string $commonName;
  13. protected ?string $organization;
  14. protected \DateTime $issueDate;
  15. protected \DateTime $expireDate;
  16. protected ?string $issuerName;
  17. protected ?string $issuerOrganization;
  18. /**
  19. * @param string $data base64 encoded certificate
  20. * @throws \Exception If the certificate could not get parsed
  21. */
  22. public function __construct(string $data, string $name) {
  23. $this->name = $name;
  24. $gmt = new \DateTimeZone('GMT');
  25. // If string starts with "file://" ignore the certificate
  26. $query = 'file://';
  27. if (strtolower(substr($data, 0, strlen($query))) === $query) {
  28. throw new \Exception('Certificate could not get parsed.');
  29. }
  30. $info = openssl_x509_parse($data);
  31. if (!is_array($info)) {
  32. // There is a non-standardized certificate format only used by OpenSSL. Replace all
  33. // separators and try again.
  34. $data = str_replace(
  35. ['-----BEGIN TRUSTED CERTIFICATE-----', '-----END TRUSTED CERTIFICATE-----'],
  36. ['-----BEGIN CERTIFICATE-----', '-----END CERTIFICATE-----'],
  37. $data,
  38. );
  39. $info = openssl_x509_parse($data);
  40. }
  41. if (!is_array($info)) {
  42. throw new \Exception('Certificate could not get parsed.');
  43. }
  44. $this->commonName = $info['subject']['CN'] ?? null;
  45. $this->organization = $info['subject']['O'] ?? null;
  46. $this->issueDate = new \DateTime('@' . $info['validFrom_time_t'], $gmt);
  47. $this->expireDate = new \DateTime('@' . $info['validTo_time_t'], $gmt);
  48. $this->issuerName = $info['issuer']['CN'] ?? null;
  49. $this->issuerOrganization = $info['issuer']['O'] ?? null;
  50. }
  51. public function getName(): string {
  52. return $this->name;
  53. }
  54. public function getCommonName(): ?string {
  55. return $this->commonName;
  56. }
  57. public function getOrganization(): ?string {
  58. return $this->organization;
  59. }
  60. public function getIssueDate(): \DateTime {
  61. return $this->issueDate;
  62. }
  63. public function getExpireDate(): \DateTime {
  64. return $this->expireDate;
  65. }
  66. public function isExpired(): bool {
  67. $now = new \DateTime();
  68. return $this->issueDate > $now or $now > $this->expireDate;
  69. }
  70. public function getIssuerName(): ?string {
  71. return $this->issuerName;
  72. }
  73. public function getIssuerOrganization(): ?string {
  74. return $this->issuerOrganization;
  75. }
  76. }