You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

131 lines
3.1 KiB

3 years ago
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  6. * @author Lukas Reschke <lukas@statuscode.ch>
  7. * @author Morris Jobke <hey@morrisjobke.de>
  8. * @author Robin Appelman <robin@icewind.nl>
  9. *
  10. * @license AGPL-3.0
  11. *
  12. * This code is free software: you can redistribute it and/or modify
  13. * it under the terms of the GNU Affero General Public License, version 3,
  14. * as published by the Free Software Foundation.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU Affero General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public License, version 3,
  22. * along with this program. If not, see <http://www.gnu.org/licenses/>
  23. *
  24. */
  25. namespace OC\Security;
  26. use OCP\ICertificate;
  27. class Certificate implements ICertificate {
  28. protected $name;
  29. protected $commonName;
  30. protected $organization;
  31. protected $serial;
  32. protected $issueDate;
  33. protected $expireDate;
  34. protected $issuerName;
  35. protected $issuerOrganization;
  36. /**
  37. * @param string $data base64 encoded certificate
  38. * @param string $name
  39. * @throws \Exception If the certificate could not get parsed
  40. */
  41. public function __construct($data, $name) {
  42. $this->name = $name;
  43. $gmt = new \DateTimeZone('GMT');
  44. // If string starts with "file://" ignore the certificate
  45. $query = 'file://';
  46. if (strtolower(substr($data, 0, strlen($query))) === $query) {
  47. throw new \Exception('Certificate could not get parsed.');
  48. }
  49. $info = openssl_x509_parse($data);
  50. if (!is_array($info)) {
  51. throw new \Exception('Certificate could not get parsed.');
  52. }
  53. $this->commonName = isset($info['subject']['CN']) ? $info['subject']['CN'] : null;
  54. $this->organization = isset($info['subject']['O']) ? $info['subject']['O'] : null;
  55. $this->issueDate = new \DateTime('@' . $info['validFrom_time_t'], $gmt);
  56. $this->expireDate = new \DateTime('@' . $info['validTo_time_t'], $gmt);
  57. $this->issuerName = isset($info['issuer']['CN']) ? $info['issuer']['CN'] : null;
  58. $this->issuerOrganization = isset($info['issuer']['O']) ? $info['issuer']['O'] : null;
  59. }
  60. /**
  61. * @return string
  62. */
  63. public function getName() {
  64. return $this->name;
  65. }
  66. /**
  67. * @return string|null
  68. */
  69. public function getCommonName() {
  70. return $this->commonName;
  71. }
  72. /**
  73. * @return string
  74. */
  75. public function getOrganization() {
  76. return $this->organization;
  77. }
  78. /**
  79. * @return \DateTime
  80. */
  81. public function getIssueDate() {
  82. return $this->issueDate;
  83. }
  84. /**
  85. * @return \DateTime
  86. */
  87. public function getExpireDate() {
  88. return $this->expireDate;
  89. }
  90. /**
  91. * @return bool
  92. */
  93. public function isExpired() {
  94. $now = new \DateTime();
  95. return $this->issueDate > $now or $now > $this->expireDate;
  96. }
  97. /**
  98. * @return string|null
  99. */
  100. public function getIssuerName() {
  101. return $this->issuerName;
  102. }
  103. /**
  104. * @return string|null
  105. */
  106. public function getIssuerOrganization() {
  107. return $this->issuerOrganization;
  108. }
  109. }