anikeen/yaac
1
0
Fork 0
mirror of https://github.com/anikeen-com/yaac.git synced 2026-03-13 13:46:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

naming changes

Browse Source 
readme update
This commit is contained in:
peterbakker
2020-04-28 20:38:51 +02:00
parent 713285f8b5
commit 32b9d432db
4 changed files with 56 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -195,6 +195,12 @@ file_put_contents('certificate.cert', $certificate->getCertificate());
file_put_contents('private.key', $certificate->getPrivateKey()); file_put_contents('private.key', $certificate->getPrivateKey());
``` ```
>To get a seperate intermediate certificate and domain certificate:
>```php
>$domainCertificate = $certificate->getCertificate(false);
>$intermediateCertificate = $certificate->getIntermediate();
>```
### Who is using it? ### Who is using it?
Are you using this package, would love to know. Please send a PR to enlist your project or company. Are you using this package, would love to know. Please send a PR to enlist your project or company.

38
src/Client.php
View File

@@ -194,7 +194,7 @@ class Client
foreach ($domains as $domain) { foreach ($domains as $domain) {
$identifiers[] = $identifiers[] =
[ [
'type' => 'dns', 'type' => 'dns',
'value' => $domain, 'value' => $domain,
]; ];
} }
@@ -331,8 +331,8 @@ class Client
$data['certificate'], $data['certificate'],
$this->signPayloadKid(null, $data['certificate']) $this->signPayloadKid(null, $data['certificate'])
); );
$certificate = $str = preg_replace('/^[ \t]*[\r\n]+/m', '', (string)$certificateResponse->getBody()); $chain = $str = preg_replace('/^[ \t]*[\r\n]+/m', '', (string)$certificateResponse->getBody());
return new Certificate($privateKey, $csr, $certificate); return new Certificate($privateKey, $csr, $chain);
} }
@@ -383,8 +383,8 @@ class Client
protected function getSelfTestClient() protected function getSelfTestClient()
{ {
return new HttpClient([ return new HttpClient([
'verify' => false, 'verify' => false,
'timeout' => 10, 'timeout' => 10,
'connect_timeout' => 3, 'connect_timeout' => 3,
'allow_redirects' => true, 'allow_redirects' => true,
]); ]);
@@ -459,9 +459,9 @@ class Client
protected function getSelfTestDNSClient() protected function getSelfTestDNSClient()
{ {
return new HttpClient([ return new HttpClient([
'base_uri' => 'https://cloudflare-dns.com', 'base_uri' => 'https://cloudflare-dns.com',
'connect_timeout' => 10, 'connect_timeout' => 10,
'headers' => [ 'headers' => [
'Accept' => 'application/dns-json', 'Accept' => 'application/dns-json',
], ],
]); ]);
@@ -511,7 +511,7 @@ class Client
$this->getUrl(self::DIRECTORY_NEW_ACCOUNT), $this->getUrl(self::DIRECTORY_NEW_ACCOUNT),
$this->signPayloadJWK( $this->signPayloadJWK(
[ [
'contact' => [ 'contact' => [
'mailto:' . $this->getOption('username'), 'mailto:' . $this->getOption('username'),
], ],
'termsOfServiceAgreed' => true, 'termsOfServiceAgreed' => true,
@@ -590,7 +590,7 @@ class Client
{ {
try { try {
$response = $this->getHttpClient()->request($method, $url, [ $response = $this->getHttpClient()->request($method, $url, [
'json' => $payload, 'json' => $payload,
'headers' => [ 'headers' => [
'Content-Type' => 'application/jose+json', 'Content-Type' => 'application/jose+json',
] ]
@@ -650,9 +650,9 @@ class Client
protected function getJWKHeader(): array protected function getJWKHeader(): array
{ {
return [ return [
'e' => Helper::toSafeString(Helper::getKeyDetails($this->getAccountKey())['rsa']['e']), 'e' => Helper::toSafeString(Helper::getKeyDetails($this->getAccountKey())['rsa']['e']),
'kty' => 'RSA', 'kty' => 'RSA',
'n' => Helper::toSafeString(Helper::getKeyDetails($this->getAccountKey())['rsa']['n']), 'n' => Helper::toSafeString(Helper::getKeyDetails($this->getAccountKey())['rsa']['n']),
]; ];
} }
@@ -671,10 +671,10 @@ class Client
$this->nonce = $response->getHeaderLine('replay-nonce'); $this->nonce = $response->getHeaderLine('replay-nonce');
} }
return [ return [
'alg' => 'RS256', 'alg' => 'RS256',
'jwk' => $this->getJWKHeader(), 'jwk' => $this->getJWKHeader(),
'nonce' => $this->nonce, 'nonce' => $this->nonce,
'url' => $url 'url' => $url
]; ];
} }
@@ -691,10 +691,10 @@ class Client
$nonce = $response->getHeaderLine('replay-nonce'); $nonce = $response->getHeaderLine('replay-nonce');
return [ return [
"alg" => "RS256", "alg" => "RS256",
"kid" => $this->account->getAccountURL(), "kid" => $this->account->getAccountURL(),
"nonce" => $nonce, "nonce" => $nonce,
"url" => $url "url" => $url
]; ];
} }
@@ -720,7 +720,7 @@ class Client
return [ return [
'protected' => $protected, 'protected' => $protected,
'payload' => $payload, 'payload' => $payload,
'signature' => Helper::toSafeString($signature), 'signature' => Helper::toSafeString($signature),
]; ];
} }
@@ -746,7 +746,7 @@ class Client
return [ return [
'protected' => $protected, 'protected' => $protected,
'payload' => $payload, 'payload' => $payload,
'signature' => Helper::toSafeString($signature), 'signature' => Helper::toSafeString($signature),
]; ];
} }

22
src/Data/Certificate.php
View File

@@ -15,12 +15,12 @@ class Certificate
/** /**
* @var string * @var string
*/ */
protected $certificate; protected $chain;
/** /**
* @var string * @var string
*/ */
protected $certificateNoChain; protected $certificate;
/** /**
* @var string * @var string
@@ -41,16 +41,16 @@ class Certificate
* Certificate constructor. * Certificate constructor.
* @param $privateKey * @param $privateKey
* @param $csr * @param $csr
* @param $certificate * @param $chain
* @throws \Exception * @throws \Exception
*/ */
public function __construct($privateKey, $csr, $certificate) public function __construct($privateKey, $csr, $chain)
{ {
$this->privateKey = $privateKey; $this->privateKey = $privateKey;
$this->csr = $csr; $this->csr = $csr;
$this->certificate = $certificate; $this->chain = $chain;
list($this->certificateNoChain, $this->intermediateCertificate) = Helper::splitCertificate($certificate); list($this->certificate, $this->intermediateCertificate) = Helper::splitCertificate($chain);
$this->expiryDate = Helper::getCertExpiryDate($certificate); $this->expiryDate = Helper::getCertExpiryDate($chain);
} }
/** /**
@@ -72,19 +72,21 @@ class Certificate
} }
/** /**
* Return the certificate as a multi line string * Return the certificate as a multi line string, by default it includes the intermediate certificate as well
*
* @param bool $asChain
* @return string * @return string
*/ */
public function getCertificate($asChain = true): string public function getCertificate($asChain = true): string
{ {
return $asChain ? $this->certificate : $this->certificateNoChain; return $asChain ? $this->chain : $this->certificate;
} }
/** /**
* Return the intermediate certificate as a multi line string * Return the intermediate certificate as a multi line string
* @return string * @return string
*/ */
public function getIntermediateCertificate(): string public function getIntermediate(): string
{ {
return $this->intermediateCertificate; return $this->intermediateCertificate;
} }

34
src/Helper.php
View File

@@ -65,7 +65,7 @@ class Helper
/** /**
* Get a new CSR * Get a new CSR
* *
* @param array $domains * @param array $domains
* @param $key * @param $key
* *
* @return string * @return string
@@ -81,8 +81,8 @@ class Helper
'[v3_req]', '[v3_req]',
'[v3_ca]', '[v3_ca]',
'[SAN]', '[SAN]',
'subjectAltName='.implode(',', array_map(function ($domain) { 'subjectAltName=' . implode(',', array_map(function ($domain) {
return 'DNS:'.$domain; return 'DNS:' . $domain;
}, $domains)), }, $domains)),
]; ];
@@ -90,11 +90,11 @@ class Helper
file_put_contents($fn, implode("\n", $config)); file_put_contents($fn, implode("\n", $config));
$csr = openssl_csr_new([ $csr = openssl_csr_new([
'countryName' => 'NL', 'countryName' => 'NL',
'commonName' => $primaryDomain, 'commonName' => $primaryDomain,
], $key, [ ], $key, [
'config' => $fn, 'config' => $fn,
'req_extensions' => 'SAN', 'req_extensions' => 'SAN',
'digest_alg' => 'sha512', 'digest_alg' => 'sha512',
]); ]);
unlink($fn); unlink($fn);
@@ -140,23 +140,27 @@ class Helper
} }
/** /**
* Split a two certificate bundle into separate * Split a two certificate bundle into separate multi line string certificates
* multi line string certificates * @param string $chain
* @return array * @return array
* @throws \Exception
*/ */
public static function splitCertificate(string $certificate): array public static function splitCertificate(string $chain): array
{ {
preg_match('/^(?<signed>-----BEGIN CERTIFICATE-----.+?-----END CERTIFICATE-----)\n' preg_match(
.'(?<intermediate>-----BEGIN CERTIFICATE-----.+?-----END CERTIFICATE-----)$/s', '/^(?<domain>-----BEGIN CERTIFICATE-----.+?-----END CERTIFICATE-----)\n'
$certificate, $certificates); . '(?<intermediate>-----BEGIN CERTIFICATE-----.+?-----END CERTIFICATE-----)$/s',
$chain,
$certificates
);
$signed = $certificates['signed'] ?? null; $domain = $certificates['domain'] ?? null;
$intermediate = $certificates['intermediate'] ?? null; $intermediate = $certificates['intermediate'] ?? null;
if (!$signed || !$intermediate) { if (!$domain || !$intermediate) {
throw new \Exception('Could not parse certificate string'); throw new \Exception('Could not parse certificate string');
} }
return [$signed, $intermediate]; return [$domain, $intermediate];
} }
} }