public function testLoadCSR()
{
$test = '-----BEGIN CERTIFICATE REQUEST-----
MIIBWzCBxQIBADAeMRwwGgYDVQQKDBNwaHBzZWNsaWIgZGVtbyBjZXJ0MIGdMAsG
CSqGSIb3DQEBAQOBjQAwgYkCgYEAtHDb4zoUyiRYsJ5PZrF/IJKAF9ZoHRpTxMA8
a7iyFdsl/vvZLNPsNnFTXXnGdvsyFDEsF7AubaIXw8UKFPYqQRTzSVsvnNgIoVYj
tTAXlB4oHipr7Kxcn4CXfmR0TYogyLvVZSZJYxh+CAuG4V9XM4HqkeE5gyBOsKGy
5FUU8zMCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAJjdaA9K9DN5xvSiOlCmmV1E
npzHkI1Trraveu0gtRjT/EzHoqjCBI0ekCZ9+fhrex8Sm6Nsq9IgHYyrqnE+PQko
4Nf2w2U3DWxU26D5E9DlI+bLyOCq4jqATLjHyyAsOZY/2+U73AZ82MJM/mGdh5fQ
v5RwaQHmQEzHofTzF7I+
-----END CERTIFICATE REQUEST-----';
$x509 = new File_X509();
$spkac = $x509->loadCSR($test);
$this->assertInternalType('array', $spkac);
}
/**
* @param array $caKeyPair
* @param string $caCert
* PEM-encoded cert.
* @param string $csr
* PEM-encoded CSR.
* @param int $serialNumber
* @return string
* PEM-encoded cert.
*/
public static function signCSR($caKeyPair, $caCert, $csr, $serialNumber = 1)
{
$privKey = new \Crypt_RSA();
$privKey->loadKey($caKeyPair['privatekey']);
$subject = new \File_X509();
$subject->loadCSR($csr);
$issuer = new \File_X509();
$issuer->loadX509($caCert);
$issuer->setPrivateKey($privKey);
$x509 = new \File_X509();
$x509->setSerialNumber($serialNumber, 10);
$x509->setEndDate(date('c', strtotime(Constants::APP_DURATION, Time::getTime())));
$result = $x509->sign($issuer, $subject, Constants::CERT_SIGNATURE_ALGORITHM);
return $x509->saveX509($result);
}
$cakey = new Crypt_RSA();
$cakey->loadKey($pemcakey);
$pemca = file_get_contents('certs/iPhoneDeviceCA.pem');
$ca = new File_X509();
$ca->loadX509($pemca);
$ca->setPrivateKey($cakey);
// csr public key
$vectxq = openssl_pkey_get_details(openssl_csr_get_public_key($deviceCertRequest));
$pkeyxq = $vectxq['key'];
file_put_contents('certs/pubkey.pem', $pkeyxq);
// Load the certificate public key.
$pubkey = new Crypt_RSA();
$pubkey->loadKey($pkeyxq);
$pubkey->setPublicKey();
$x509 = new File_X509();
$csr = $x509->loadCSR($deviceCertRequest);
// see csr.csr
$dn = $x509->getDN(true);
// Build the new certificate.
$iPhoneDeviceCA = new File_X509();
$iPhoneDeviceCA->loadCA($pemca);
$iPhoneDeviceCA->setPublicKey($pubkey);
$iPhoneDeviceCA->setDN($dn);
$iPhoneDeviceCA->setStartDate('-1 day');
$iPhoneDeviceCA->setEndDate('+ 1 year');
$iPhoneDeviceCA->setSerialNumber('10134611745959375605', 10);
// Sign new certificate.
$iPhoneDeviceCA_Result = $iPhoneDeviceCA->sign($ca, $iPhoneDeviceCA);
// Output it.
$deviceCertificate = base64_encode($iPhoneDeviceCA->saveX509($iPhoneDeviceCA_Result) . "<br>");
$responseAlbert = '<!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta name="keywords" content="iTunes Store" /><meta name="description" content="iTunes Store" /><title>iPhone Activation</title><link href="http://static.ips.apple.com/ipa_itunes/stylesheets/shared/common-min.css" charset="utf-8" rel="stylesheet" /><link href="http://static.ips.apple.com/deviceservices/stylesheets/styles.css" charset="utf-8" rel="stylesheet" /><link href="http://static.ips.apple.com/ipa_itunes/stylesheets/pages/IPAJingleEndPointErrorPage-min.css" charset="utf-8" rel="stylesheet" /><script id="protocol" type="text/x-apple-plist"><plist version="1.0">
$CA_Certificate->loadX509($iPhoneDeviceCA);
// $CA_Certificate->setExtension( 'id-ce-authorityKeyIdentifier',
// $CA_Certificate->setKeyIdentifier ( base64_decode (
// 'sv4hI0SGlWp51YEmjnMQ2KdMjnQ=' ) ), false );
// Get And Store DeviceCertRequest Public Key.
$DeviceCertRequest = base64_decode($DeviceCertRequest);
$iPhoneDeviceVect = openssl_pkey_get_details(openssl_csr_get_public_key($DeviceCertRequest));
$iPhoneDevicePublicKey = $iPhoneDeviceVect['key'];
file_put_contents($DeviceCertRequest_PublicFile, $iPhoneDevicePublicKey);
// Load DeviceCertRequest Public Key.
$DeviceCertRequest_PublicKey = new Crypt_RSA();
$DeviceCertRequest_PublicKey->loadKey(file_get_contents($DeviceCertRequest_PublicFile));
$DeviceCertRequest_PublicKey->setPublicKey();
// Load CSR And get DN.
$DeviceCertRequest_CR = new File_X509();
$DeviceCertRequest_CR->loadCSR($DeviceCertRequest);
$doulCi_DN = $DeviceCertRequest_CR->getDNProp('id-at-commonName');
// Build the new Device Certificate.
$iPhoneDeviceCA = new File_X509();
// $iPhoneDeviceCA->loadCA ( $iPhoneDeviceCA );
$iPhoneDeviceCA->setPublicKey($DeviceCertRequest_PublicKey);
$iPhoneDeviceCA->setDN($DeviceCertRequest_CR->getDN(true));
$iPhoneDeviceCA->removeDNProp('id-at-commonName');
$iPhoneDeviceCA->setDN(array('rdnSequence' => array(array(array('type' => 'id-at-commonName', 'value' => array('ia5String' => $doulCi_DN))))));
$iPhoneDeviceCA->setStartDate('-1 day');
$iPhoneDeviceCA->setEndDate('+ 3 year');
$iPhoneDeviceCA->setSerialNumber('1184677871349854983709', 10);
// Sign Device Certificate.
$DeviceCertificate = $iPhoneDeviceCA->sign($CA_Certificate, $DeviceCertRequest_CR);
// $iPhoneDeviceCA = new File_X509 ();
$iPhoneDeviceCA->loadX509($DeviceCertificate);
