/** * Revoke a certificate * * @param string $fqdn * * @return $this */ public function revoke($fqdn) { $this->findByDomainName($fqdn); $response = $this->client->revokeCertificate(\JOSE_URLSafeBase64::encode($this->certificate), $this->getPrivateKey(), $this->getPublicKey()); $this->storage->delete($this, 'certificate'); print_r($response); return $this; }
protected function compact($segment) { if (is_object($segment)) { $stringified = str_replace("\\/", "/", json_encode($segment)); } else { $stringified = $segment; } if ($stringified === 'null' && $segment !== null) { // shouldn't happen, just for safe throw new JOSE_Exception_InvalidFormat('Compact seriarization failed'); } return JOSE_URLSafeBase64::encode($stringified); }
static function encode($key, $extra_components = array()) { switch (get_class($key)) { case 'phpseclib\\Crypt\\RSA': $components = array('kty' => 'RSA', 'e' => JOSE_URLSafeBase64::encode($key->publicExponent->toBytes()), 'n' => JOSE_URLSafeBase64::encode($key->modulus->toBytes())); if ($key->exponent != $key->publicExponent) { $components = array_merge($components, array('d' => JOSE_URLSafeBase64::encode($key->exponent->toBytes()))); } return new self(array_merge($components, $extra_components)); default: throw new JOSE_Exception_UnexpectedAlgorithm('Unknown key type'); } }
/** * request a certificate for a domain name * by calling new-cert acme api endpoint. * YOU MUST have called newReg or getReg before that (on the same session) * to choose which account to use * @param string $fqdn a fully qualified domain name you want a cert for * @param array $altNames (non-mandatory) other names to sign this certificate for * Please note that all fqdn or altNames must have been validated through an Authz + Challenge call before * (and not too long ago, FIXME: How long is it valid? shall we validate on our side?) * @return array an hash containing all cert informations, including an ID from the Storage, key,csr,crt,chain as PEM strings * @throws AcmeException */ function newCert($fqdn, $altNames = array()) { $this->checkFqdn($fqdn); // may throw Exception // Generate a proper CSR / KEY $key = $this->ssl->genRsa(); $csr = $this->ssl->genCsr($key, $fqdn, $altNames); $dercsr = $this->ssl->pemToDer($csr); $resource['csr'] = JOSE_URLSafeBase64::encode($dercsr); list($headers, $content) = $this->stdCall("new-cert", $resource); if (isset($headers["HTTP"])) { if ($headers["HTTP"][1] != "200") { throw new AcmeException("Error " . $headers["HTTP"][1] . " when calling the API", 2); } } // FIXME WHAT DO I GET BACK ?? $cert = array("key" => $key, "csr" => $csr, "crt" => $content["crt"], "chain" => $content["chain"]); // store it along with contact information $id = $this->db->setCert($cert); $cert["id"] = $id; return $cert; }