$servers[] = "ct.googleapis.com/rocketeer"; /* those do not handle let's encrypt root yet */ /* $servers[]="ct1.digicert-ct.com/log"; $servers[]="ct.izenpe.com"; $servers[]="ct.ws.symantec.com"; $servers[]="vega.ws.symantec.com"; */ $servers[] = "ctlog.api.venafi.com"; $scts = array(); foreach ($servers as $server) { $content = post_data_to_log($curl_handle, "https://" . $server, "/ct/v1/add-chain", $payload_json); $obj = json_decode($content); $scts[] = pack_sct($obj); } $tls_extention = pack_tls_extention($scts); // write sct binary file if wanted sct_write($outfile, $tls_extention); $tls_extention_pem = "-----BEGIN SERVERINFO FOR EXTENSION 18-----\n" . wordwrap(base64_encode($tls_extention), 64, "\n", true) . "\n-----END SERVERINFO FOR EXTENSION 18-----\n"; echo $tls_extention_pem; function x509_pem2der64($pem_data) { $begin = "BEGIN CERTIFICATE-----"; $end = "-----END"; $pem_data = substr($pem_data, strpos($pem_data, $begin) + strlen($begin)); $pem_data = substr($pem_data, 0, strpos($pem_data, $end)); $der = base64_decode($pem_data); $enc = base64_encode($der); return $enc; } function post_data_to_log($curl_handle, $host, $path, $data)
#!/usr/bin/php <?php $sct1 = file_get_contents($argv[1]); $sct2 = file_get_contents($argv[2]); $sct1_tls_der = sct_get_der($sct1); $sct2_tls_der = sct_get_der($sct2); $sct_list = array(); sct_get_tls($sct1_tls_der, $sct_list); sct_get_tls($sct2_tls_der, $sct_list); $tls_extention = pack_tls_extention($sct_list); $tls_extention_pem = "-----BEGIN SERVERINFO FOR EXTENSION 18-----\n" . wordwrap(base64_encode($tls_extention), 64, "\n", true) . "\n-----END SERVERINFO FOR EXTENSION 18-----\n"; echo $tls_extention_pem; function sct_get_der($pem_data) { $begin = "BEGIN SERVERINFO FOR EXTENSION 18-----"; $end = "-----END"; $pem_data = substr($pem_data, strpos($pem_data, $begin) + strlen($begin)); $pem_data = substr($pem_data, 0, strpos($pem_data, $end)); $der = base64_decode($pem_data); return $der; } function sct_get_tls($sct, &$scts) { $tls_ext_version = unpack("n", substr($sct, 0, 2)); $tls_ext_len = unpack("n", substr($sct, 2, 2)); $sct_list_len = unpack("n", substr($sct, 4, 2)); $list_len = $sct_list_len[1]; $i = 0; $offset = 6; while (strlen(substr($sct, $offset, 1)) > 0) { $sct_data = array();