-
Notifications
You must be signed in to change notification settings - Fork 113
/
Certificate.php
executable file
·211 lines (190 loc) · 5.18 KB
/
Certificate.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
<?php
/**
* Certificate class for management and use of digital certificates A1 (PKCS # 12)
* @category NFePHP
* @package NFePHP\Common\Certificate
* @copyright Copyright (c) 2008-2017
* @license http://www.gnu.org/licenses/lesser.html LGPL v3
* @author Antonio Spinelli <tonicospinelli85 at gmail dot com>
* @link http://github.com/nfephp-org/sped-common for the canonical source repository
*/
namespace NFePHP\Common;
use NFePHP\Common\Certificate\PrivateKey;
use NFePHP\Common\Certificate\PublicKey;
use NFePHP\Common\Certificate\CertificationChain;
use NFePHP\Common\Certificate\SignatureInterface;
use NFePHP\Common\Certificate\VerificationInterface;
use NFePHP\Common\Exception\CertificateException;
class Certificate implements SignatureInterface, VerificationInterface
{
/**
* @var \NFePHP\Common\Certificate\PrivateKey
*/
public $privateKey;
/**
* @var \NFePHP\Common\Certificate\PublicKey
*/
public $publicKey;
/**
* @var \NFePHP\Common\Certificate\CertificationChain
*/
public $chainKeys;
/**
* Constructor
* @param \NFePHP\Common\Certificate\PrivateKey $privateKey
* @param \NFePHP\Common\Certificate\PublicKey $publicKey
* @param \NFePHP\Common\Certificate\CertificationChain $chainKeys
*/
public function __construct(PrivateKey $privateKey, PublicKey $publicKey, CertificationChain $chainKeys)
{
$this->privateKey = $privateKey;
$this->publicKey = $publicKey;
$this->chainKeys = $chainKeys;
}
/**
* Read PFX and return this class
* @param string $content
* @param string $password
* @return \NFePHP\Common\Certificate
* @throws CertificateException
*/
public static function readPfx($content, $password)
{
$certs = [];
if (!openssl_pkcs12_read($content, $certs, $password)) {
throw CertificateException::unableToRead();
}
$chain = '';
if (!empty($certs['extracerts'])) {
foreach ($certs['extracerts'] as $ec) {
$chain .= $ec;
}
}
return new static(
new PrivateKey($certs['pkey']),
new PublicKey($certs['cert']),
new CertificationChain($chain)
);
}
/**
* Returns a PFX string with certification chain if exists
* @param string $password
* @return string
*/
public function writePfx($password)
{
$password = trim($password);
if (empty($password)) {
return '';
}
$x509_cert = openssl_x509_read("{$this->publicKey}");
$privateKey_resource = openssl_pkey_get_private("{$this->privateKey}");
$pfxstring = '';
openssl_pkcs12_export(
$x509_cert,
$pfxstring,
$privateKey_resource,
$password,
$this->chainKeys->getExtraCertsForPFX()
);
return $pfxstring;
}
/**
* Gets company name.
* @return string
*/
public function getCompanyName()
{
return $this->publicKey->commonName;
}
/**
* Gets start date.
* @return \DateTime Returns start date.
*/
public function getValidFrom()
{
return $this->publicKey->validFrom;
}
/**
* Gets end date.
* @return \DateTime Returns end date.
*/
public function getValidTo()
{
return $this->publicKey->validTo;
}
/**
* Check if certificate has been expired.
* @return bool Returns true when it is truth, otherwise false.
*/
public function isExpired()
{
return $this->publicKey->isExpired();
}
/**
* Gets CNPJ by OID '2.16.76.1.3.3' from ASN.1 certificate struture
* @return string
*/
public function getCnpj()
{
return $this->publicKey->cnpj();
}
/**
* Gets CPF by OID '2.16.76.1.3.1' from ASN.1 certificate struture
* @return string
*/
public function getCpf()
{
return $this->publicKey->cpf();
}
/**
* Retorna o nome do ICP (Autoridade Certificadora Raiz)
* @return string
*/
public function getICP()
{
return $this->publicKey->icp;
}
/**
* Retorna a URL do para a cadeia de certificação
* @return string
*/
public function getCAurl()
{
return $this->publicKey->caurl;
}
/**
* Retorna a certificadora
* @return string
*/
public function getCSP()
{
return $this->publicKey->cspName;
}
/**
* {@inheritdoc}
*/
public function sign($content, $algorithm = OPENSSL_ALGO_SHA1)
{
return $this->privateKey->sign($content, $algorithm);
}
/**
* {@inheritdoc}
*/
public function verify($data, $signature, $algorithm = OPENSSL_ALGO_SHA1)
{
return $this->publicKey->verify($data, $signature, $algorithm);
}
/**
* Returns public key and chain in PEM format
* @return string
*/
public function __toString()
{
$chainKeys = '';
if ($this->chainKeys != null) {
$chainKeys = "{$this->chainKeys}";
}
return "{$this->publicKey}{$chainKeys}";
}
}