function download_cert($this_cert, $cer_ext)
{
$config = $_SESSION['config'];
if (!isset($cer_ext)) {
$cer_ext = 'FALSE';
}
if ($this_cert == "zzTHISzzCAzz") {
$my_x509_parse = openssl_x509_parse(file_get_contents($config['cacert']));
$filename = $my_x509_parse['subject']['CN'] . ":" . $my_x509_parse['subject']['OU'] . ":" . $my_x509_parse['subject']['O'] . ":" . $my_x509_parse['subject']['L'] . ":" . $my_x509_parse['subject']['ST'] . ":" . $my_x509_parse['subject']['C'];
$download_certfile = $config['cacert'];
$ext = ".pem";
//$application_type="application/x-x509-ca-cert";
$application_type = 'application/octet-stream';
} else {
$filename = substr($this_cert, 0, strrpos($this_cert, '.'));
$ext = substr($this_cert, strrpos($this_cert, '.'));
$download_certfile = base64_encode($filename);
$download_certfile = $config['cert_path'] . $download_certfile . $ext;
$application_type = 'application/octet-stream';
}
if ($cer_ext != 'FALSE') {
$ext = '.' . $cer_ext;
}
if (file_exists($download_certfile)) {
$myCert = join("", file($download_certfile));
download_header_code($filename . $ext, $myCert, $application_type);
} else {
printHeader("Certificate Retrieval");
print "<h1> {$filename} - X509 CA certificate not found</h1>\n";
printFooter();
}
}
function download_crl($this_crl, $crl_ext, $crl_filename)
{
$this_ca = $_SESSION['my_ca'];
$config = $_SESSION['config'];
if (!isset($crl_ext)) {
$crl_ext = 'FALSE';
}
$filename = substr($this_crl, 0, strrpos($this_crl, '.'));
$ext = substr($this_crl, strrpos($this_crl, '.'));
$download_crlfile = $config['crl_path'] . $filename . $ext;
$application_type = 'application/octet-stream';
if ($crl_ext != 'FALSE') {
$ext = '.' . $crl_ext;
}
if ($crl_filename != 'off') {
$filename = $this_ca;
}
if (file_exists($download_crlfile)) {
$myCRL = join("", file($download_crlfile));
download_header_code($filename . $ext, $myCRL, $application_type);
} else {
printHeader("Certificate Retrieval");
print "<h1> {$filename} - X509 CRL not found</h1>\n";
printFooter();
}
}
function get_public_ssh_key($this_key_name, $my_passPhrase)
{
$config = $_SESSION['config'];
if (!is_dir($config['ssh_pubkey_path'])) {
mkdir($config['ssh_pubkey_path'], 0777, true) or die('Fatal: Unable to create ssh public key folder');
}
$name = base64_encode(substr($this_key_name, 0, strrpos($this_key_name, '.')));
$ext = substr($this_key_name, strrpos($this_key_name, '.'));
$my_base64_keyfile = $name . $ext;
$my_key_filename = $config['key_path'] . $name . $ext;
$fp = fopen($my_key_filename, "r") or die('Fatal: Error opening Private Key');
$my_key_x509 = fread($fp, filesize($my_key_filename)) or die('Fatal: Error reading Private Key');
fclose($fp) or die('Fatal: Error closing Private Key');
$my_private_key = openssl_pkey_get_private($my_key_x509, $my_passPhrase) or die('Fatal: Error decoding Private Key. Passphrase Incorrect');
$my_public_key = sshEncodePublicKey(openssl_pkey_get_details($my_private_key));
$application_type = 'application/octet-stream';
download_header_code($this_key_name . ".ssh.pub", $my_public_key, $application_type);
}
