aboutsummaryrefslogtreecommitdiff
path: root/mod/foafssl/cert_proxy.php
blob: 5dc4f8b677364ee57e69af20a9a911916f8d20bb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?php

//-----------------------------------------------------------------------------------------------------------------------------------
//
// Filename   : cert.php                                                                                                            
// Version    : 1.0
// Date       : 3rd Jan 2009
//
// Decription : This script creates an PKCS12 encoded SSL Certificate which is file transfered to the script caller.
//
// Usage      : cert.php?foaf=http://foaf.me/jsmith&
//                       commonName=J Smith&
//                       emailAddress=jsmith@example.com&
//                       organizationName=My Company Ltd&
//                       organizationalUnitName=Technology Division&
//                       localityName=Newbury&
//				         stateOrProvinceName=Berkshire&
//                       countryName=GB&
//                       password=secret
//
//              All parameters except 'foaf' are optional. Some parameters if missing will default as per openssl.cnf 
//
// See Also   : Using PHP to create self-signed X.509 Client Certificates
//              http://foaf.me/Using_PHP_to_create_X.509_Client_Certificates.php
//
//-----------------------------------------------------------------------------------------------------------------------------------

// Check if the foaf loaction is specified in the script call

function request_identity_p12($commonName, $webid, $pubkey, $hours=0.0, $days=0.0) {
	$post_fields = array();
	$post_fields['webid'] = $webid;
	$post_fields['spkac'] = $pubkey;
	$post_fields['hours'] = $hours;
	$post_fields['days'] = $days;
	$post_fields['keygensubmit'] = "submit certificate request";
	$post_fields['cn'] = $commonName;
	$ch = curl_init('http://webid.myxwiki.org/xwiki/bin/view/WebId/CreateCert');
	curl_setopt($ch, CURLOPT_POST      ,1);
	curl_setopt($ch, CURLOPT_POSTFIELDS    ,$post_fields);
	curl_setopt($ch, CURLOPT_FOLLOWLOCATION  ,1);
	curl_setopt($ch, CURLOPT_HEADER      ,0);  // DO NOT RETURN HTTP HEADERS
	curl_setopt($ch, CURLOPT_RETURNTRANSFER  ,1);  // RETURN THE CONTENTS OF THE CALL
	// should check the error code and warn if something goes wrong
        $Rec_Data = curl_exec($ch);
	header('Last-Modified: '.date('r+b'));
        header('Accept-Ranges: bytes');
        header('Content-Length: '.strlen($Rec_Data));
	header('Content-Type: application/x-x509-user-cert');
	echo $Rec_Data;
	return $Rec_Data;

}

/*// Create a PKCS12 encoded SSL certificate
if ( $p12 = request_identity_p12(
			$countryName, $stateOrProvinceName, $localityName, $organizationName, $organizationalUnitName, $commonName, $emailAddress,
			$foafLocation, $pubkey ) )
{	
	// Send the PKCS12 encoded SSL certificate to the script caller as a file transfer
	download_identity_p12($p12, $foafLocation);
}*/

?>