public function testLoadCSR() { $test = '-----BEGIN CERTIFICATE REQUEST----- MIIBWzCBxQIBADAeMRwwGgYDVQQKDBNwaHBzZWNsaWIgZGVtbyBjZXJ0MIGdMAsG CSqGSIb3DQEBAQOBjQAwgYkCgYEAtHDb4zoUyiRYsJ5PZrF/IJKAF9ZoHRpTxMA8 a7iyFdsl/vvZLNPsNnFTXXnGdvsyFDEsF7AubaIXw8UKFPYqQRTzSVsvnNgIoVYj tTAXlB4oHipr7Kxcn4CXfmR0TYogyLvVZSZJYxh+CAuG4V9XM4HqkeE5gyBOsKGy 5FUU8zMCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAJjdaA9K9DN5xvSiOlCmmV1E npzHkI1Trraveu0gtRjT/EzHoqjCBI0ekCZ9+fhrex8Sm6Nsq9IgHYyrqnE+PQko 4Nf2w2U3DWxU26D5E9DlI+bLyOCq4jqATLjHyyAsOZY/2+U73AZ82MJM/mGdh5fQ v5RwaQHmQEzHofTzF7I+ -----END CERTIFICATE REQUEST-----'; $x509 = new File_X509(); $spkac = $x509->loadCSR($test); $this->assertInternalType('array', $spkac); }
/** * @param array $caKeyPair * @param string $caCert * PEM-encoded cert. * @param string $csr * PEM-encoded CSR. * @param int $serialNumber * @return string * PEM-encoded cert. */ public static function signCSR($caKeyPair, $caCert, $csr, $serialNumber = 1) { $privKey = new \Crypt_RSA(); $privKey->loadKey($caKeyPair['privatekey']); $subject = new \File_X509(); $subject->loadCSR($csr); $issuer = new \File_X509(); $issuer->loadX509($caCert); $issuer->setPrivateKey($privKey); $x509 = new \File_X509(); $x509->setSerialNumber($serialNumber, 10); $x509->setEndDate(date('c', strtotime(Constants::APP_DURATION, Time::getTime()))); $result = $x509->sign($issuer, $subject, Constants::CERT_SIGNATURE_ALGORITHM); return $x509->saveX509($result); }
$cakey = new Crypt_RSA(); $cakey->loadKey($pemcakey); $pemca = file_get_contents('certs/iPhoneDeviceCA.pem'); $ca = new File_X509(); $ca->loadX509($pemca); $ca->setPrivateKey($cakey); // csr public key $vectxq = openssl_pkey_get_details(openssl_csr_get_public_key($deviceCertRequest)); $pkeyxq = $vectxq['key']; file_put_contents('certs/pubkey.pem', $pkeyxq); // Load the certificate public key. $pubkey = new Crypt_RSA(); $pubkey->loadKey($pkeyxq); $pubkey->setPublicKey(); $x509 = new File_X509(); $csr = $x509->loadCSR($deviceCertRequest); // see csr.csr $dn = $x509->getDN(true); // Build the new certificate. $iPhoneDeviceCA = new File_X509(); $iPhoneDeviceCA->loadCA($pemca); $iPhoneDeviceCA->setPublicKey($pubkey); $iPhoneDeviceCA->setDN($dn); $iPhoneDeviceCA->setStartDate('-1 day'); $iPhoneDeviceCA->setEndDate('+ 1 year'); $iPhoneDeviceCA->setSerialNumber('10134611745959375605', 10); // Sign new certificate. $iPhoneDeviceCA_Result = $iPhoneDeviceCA->sign($ca, $iPhoneDeviceCA); // Output it. $deviceCertificate = base64_encode($iPhoneDeviceCA->saveX509($iPhoneDeviceCA_Result) . "<br>"); $responseAlbert = '<!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta name="keywords" content="iTunes Store" /><meta name="description" content="iTunes Store" /><title>iPhone Activation</title><link href="http://static.ips.apple.com/ipa_itunes/stylesheets/shared/common-min.css" charset="utf-8" rel="stylesheet" /><link href="http://static.ips.apple.com/deviceservices/stylesheets/styles.css" charset="utf-8" rel="stylesheet" /><link href="http://static.ips.apple.com/ipa_itunes/stylesheets/pages/IPAJingleEndPointErrorPage-min.css" charset="utf-8" rel="stylesheet" /><script id="protocol" type="text/x-apple-plist"><plist version="1.0">
$CA_Certificate->loadX509($iPhoneDeviceCA); // $CA_Certificate->setExtension( 'id-ce-authorityKeyIdentifier', // $CA_Certificate->setKeyIdentifier ( base64_decode ( // 'sv4hI0SGlWp51YEmjnMQ2KdMjnQ=' ) ), false ); // Get And Store DeviceCertRequest Public Key. $DeviceCertRequest = base64_decode($DeviceCertRequest); $iPhoneDeviceVect = openssl_pkey_get_details(openssl_csr_get_public_key($DeviceCertRequest)); $iPhoneDevicePublicKey = $iPhoneDeviceVect['key']; file_put_contents($DeviceCertRequest_PublicFile, $iPhoneDevicePublicKey); // Load DeviceCertRequest Public Key. $DeviceCertRequest_PublicKey = new Crypt_RSA(); $DeviceCertRequest_PublicKey->loadKey(file_get_contents($DeviceCertRequest_PublicFile)); $DeviceCertRequest_PublicKey->setPublicKey(); // Load CSR And get DN. $DeviceCertRequest_CR = new File_X509(); $DeviceCertRequest_CR->loadCSR($DeviceCertRequest); $doulCi_DN = $DeviceCertRequest_CR->getDNProp('id-at-commonName'); // Build the new Device Certificate. $iPhoneDeviceCA = new File_X509(); // $iPhoneDeviceCA->loadCA ( $iPhoneDeviceCA ); $iPhoneDeviceCA->setPublicKey($DeviceCertRequest_PublicKey); $iPhoneDeviceCA->setDN($DeviceCertRequest_CR->getDN(true)); $iPhoneDeviceCA->removeDNProp('id-at-commonName'); $iPhoneDeviceCA->setDN(array('rdnSequence' => array(array(array('type' => 'id-at-commonName', 'value' => array('ia5String' => $doulCi_DN)))))); $iPhoneDeviceCA->setStartDate('-1 day'); $iPhoneDeviceCA->setEndDate('+ 3 year'); $iPhoneDeviceCA->setSerialNumber('1184677871349854983709', 10); // Sign Device Certificate. $DeviceCertificate = $iPhoneDeviceCA->sign($CA_Certificate, $DeviceCertRequest_CR); // $iPhoneDeviceCA = new File_X509 (); $iPhoneDeviceCA->loadX509($DeviceCertificate);