function download_cert($this_cert, $cer_ext) { $config = $_SESSION['config']; if (!isset($cer_ext)) { $cer_ext = 'FALSE'; } if ($this_cert == "zzTHISzzCAzz") { $my_x509_parse = openssl_x509_parse(file_get_contents($config['cacert'])); $filename = $my_x509_parse['subject']['CN'] . ":" . $my_x509_parse['subject']['OU'] . ":" . $my_x509_parse['subject']['O'] . ":" . $my_x509_parse['subject']['L'] . ":" . $my_x509_parse['subject']['ST'] . ":" . $my_x509_parse['subject']['C']; $download_certfile = $config['cacert']; $ext = ".pem"; //$application_type="application/x-x509-ca-cert"; $application_type = 'application/octet-stream'; } else { $filename = substr($this_cert, 0, strrpos($this_cert, '.')); $ext = substr($this_cert, strrpos($this_cert, '.')); $download_certfile = base64_encode($filename); $download_certfile = $config['cert_path'] . $download_certfile . $ext; $application_type = 'application/octet-stream'; } if ($cer_ext != 'FALSE') { $ext = '.' . $cer_ext; } if (file_exists($download_certfile)) { $myCert = join("", file($download_certfile)); download_header_code($filename . $ext, $myCert, $application_type); } else { printHeader("Certificate Retrieval"); print "<h1> {$filename} - X509 CA certificate not found</h1>\n"; printFooter(); } }
function download_crl($this_crl, $crl_ext, $crl_filename) { $this_ca = $_SESSION['my_ca']; $config = $_SESSION['config']; if (!isset($crl_ext)) { $crl_ext = 'FALSE'; } $filename = substr($this_crl, 0, strrpos($this_crl, '.')); $ext = substr($this_crl, strrpos($this_crl, '.')); $download_crlfile = $config['crl_path'] . $filename . $ext; $application_type = 'application/octet-stream'; if ($crl_ext != 'FALSE') { $ext = '.' . $crl_ext; } if ($crl_filename != 'off') { $filename = $this_ca; } if (file_exists($download_crlfile)) { $myCRL = join("", file($download_crlfile)); download_header_code($filename . $ext, $myCRL, $application_type); } else { printHeader("Certificate Retrieval"); print "<h1> {$filename} - X509 CRL not found</h1>\n"; printFooter(); } }
function get_public_ssh_key($this_key_name, $my_passPhrase) { $config = $_SESSION['config']; if (!is_dir($config['ssh_pubkey_path'])) { mkdir($config['ssh_pubkey_path'], 0777, true) or die('Fatal: Unable to create ssh public key folder'); } $name = base64_encode(substr($this_key_name, 0, strrpos($this_key_name, '.'))); $ext = substr($this_key_name, strrpos($this_key_name, '.')); $my_base64_keyfile = $name . $ext; $my_key_filename = $config['key_path'] . $name . $ext; $fp = fopen($my_key_filename, "r") or die('Fatal: Error opening Private Key'); $my_key_x509 = fread($fp, filesize($my_key_filename)) or die('Fatal: Error reading Private Key'); fclose($fp) or die('Fatal: Error closing Private Key'); $my_private_key = openssl_pkey_get_private($my_key_x509, $my_passPhrase) or die('Fatal: Error decoding Private Key. Passphrase Incorrect'); $my_public_key = sshEncodePublicKey(openssl_pkey_get_details($my_private_key)); $application_type = 'application/octet-stream'; download_header_code($this_key_name . ".ssh.pub", $my_public_key, $application_type); }