aboutsummaryrefslogtreecommitdiff
path: root/mod/foafssl/actions/generate.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/foafssl/actions/generate.php')
-rw-r--r--mod/foafssl/actions/generate.php53
1 files changed, 53 insertions, 0 deletions
diff --git a/mod/foafssl/actions/generate.php b/mod/foafssl/actions/generate.php
new file mode 100644
index 000000000..e899d3dd0
--- /dev/null
+++ b/mod/foafssl/actions/generate.php
@@ -0,0 +1,53 @@
+<?php
+
+require_once($CONFIG->pluginspath."foafssl/lib/Authentication.php");
+require_once($CONFIG->pluginspath."foafssl/cert_proxy.php");
+
+global $CONFIG;
+
+
+function toBASE64($encodeMe) {
+ // does openssl really need this?
+ $data = base64_encode($encodeMe);
+ $datalb = "";
+ while (strlen($data) > 64) {
+ $datalb .= substr($data, 0, 64) . "\n";
+ $data = substr($data,64);
+ }
+ $datalb .= $data;
+ return $datalb;
+}
+
+
+$user = get_loggedin_user();
+$webid = $user->getURL();
+$name = get_input("name");
+$pubkey = get_input("pubkey");
+
+$cert = request_identity_p12($name, $webid, $pubkey);
+
+if ($cert && $user) {
+ $armored_cert = "-----BEGIN CERTIFICATE-----\n";
+ $armored_cert .= toBase64($cert);
+ $armored_cert .= "\n-----END CERTIFICATE-----\n";
+ $res = openssl_x509_read($armored_cert);
+ $cert_data = openssl_x509_parse($armored_cert);
+ $uid = $cert_data["subject"]["UID"];
+ $altName = $cert_data["extensions"]["subjectAltName"];
+ $pubKey = openssl_pkey_get_public($res);
+ $keyData = openssl_pkey_get_details($pubKey);
+
+ //Remove certificate armour
+ $unpacked_n = unpack("H*",$keyData['rsa']['n']);
+ $modulus = strtoupper($unpacked_n[1]);
+ $unpacked_e = unpack("H*",$keyData['rsa']['e']);
+ $exponent = hexdec($unpacked_e[1]);
+ set_input("name",$cert_data["subject"]["CN"]);
+ set_input("webid",$altName);
+ set_input("modulus",$modulus);
+ set_input("exponent",$exponent);
+ // now really include
+ include($CONFIG->pluginspath."foafssl/actions/add.php");
+}
+
+?>