summaryrefslogtreecommitdiffstats
path: root/library/X509/CertificateDetails.php
diff options
context:
space:
mode:
Diffstat (limited to 'library/X509/CertificateDetails.php')
-rw-r--r--library/X509/CertificateDetails.php120
1 files changed, 120 insertions, 0 deletions
diff --git a/library/X509/CertificateDetails.php b/library/X509/CertificateDetails.php
new file mode 100644
index 0000000..f28e423
--- /dev/null
+++ b/library/X509/CertificateDetails.php
@@ -0,0 +1,120 @@
+<?php
+
+// Icinga Web 2 X.509 Module | (c) 2018 Icinga GmbH | GPLv2
+
+namespace Icinga\Module\X509;
+
+use DateTime;
+use Icinga\Module\X509\Model\X509Certificate;
+use ipl\Html\BaseHtmlElement;
+use ipl\Html\Html;
+use ipl\Web\Widget\IcingaIcon;
+
+/**
+ * Widget to display X.509 certificate details
+ */
+class CertificateDetails extends BaseHtmlElement
+{
+ protected $tag = 'div';
+
+ protected $defaultAttributes = ['class' => 'cert-details'];
+
+ /**
+ * @var X509Certificate
+ */
+ protected $cert;
+
+ public function setCert(X509Certificate $cert)
+ {
+ $this->cert = $cert;
+
+ return $this;
+ }
+
+ protected function assemble()
+ {
+ $pem = $this->cert->certificate;
+ $cert = openssl_x509_parse($pem);
+// $pubkey = openssl_pkey_get_details(openssl_get_publickey($pem));
+
+ $subject = Html::tag('dl');
+ $sans = CertificateUtils::splitSANs($cert['extensions']['subjectAltName'] ?? null);
+ if (! isset($cert['subject']['CN']) && ! empty($sans)) {
+ foreach ($sans as $type => $values) {
+ foreach ($values as $value) {
+ $subject->addHtml(Html::tag('dt', $type), Html::tag('dd', $value));
+ }
+ }
+ } else {
+ foreach ($cert['subject'] as $key => $value) {
+ $subject->add([
+ Html::tag('dt', $key),
+ Html::tag('dd', $value)
+ ]);
+ }
+ }
+
+ $issuer = Html::tag('dl');
+ foreach ($cert['issuer'] as $key => $value) {
+ $issuer->add([
+ Html::tag('dt', $key),
+ Html::tag('dd', $value)
+ ]);
+ }
+
+ $certInfo = Html::tag('dl');
+ $certInfo->add([
+ Html::tag('dt', mt('x509', 'Serial Number')),
+ Html::tag('dd', bin2hex($this->cert->serial)),
+ Html::tag('dt', mt('x509', 'Version')),
+ Html::tag('dd', $this->cert->version),
+ Html::tag('dt', mt('x509', 'Signature Algorithm')),
+ Html::tag('dd', $this->cert->signature_algo . ' with ' . $this->cert->signature_hash_algo),
+ Html::tag('dt', mt('x509', 'Not Valid Before')),
+ Html::tag('dd', $this->cert->valid_from->format('l F jS, Y H:i:s e')),
+ Html::tag('dt', mt('x509', 'Not Valid After')),
+ Html::tag('dd', $this->cert->valid_to->format('l F jS, Y H:i:s e')),
+ ]);
+
+ $pubkeyInfo = Html::tag('dl');
+ $pubkeyInfo->add([
+ Html::tag('dt', mt('x509', 'Algorithm')),
+ Html::tag('dd', $this->cert->pubkey_algo),
+ Html::tag('dt', mt('x509', 'Key Size')),
+ Html::tag('dd', $this->cert->pubkey_bits)
+ ]);
+
+ $extensions = Html::tag('dl');
+ foreach ($cert['extensions'] as $key => $value) {
+ $extensions->add([
+ Html::tag('dt', ucwords(implode(' ', preg_split('/(?=[A-Z])/', $key)))),
+ Html::tag('dd', $value)
+ ]);
+ }
+
+ $fingerprints = Html::tag('dl');
+ $fingerprints->add([
+ Html::tag('dt', 'SHA-256'),
+ Html::tag(
+ 'dd',
+ wordwrap(strtoupper(bin2hex($this->cert->fingerprint)), 2, ' ', true)
+ )
+ ]);
+
+ $this->add([
+ Html::tag('h2', [new IcingaIcon('certificate'), $this->cert->subject]),
+ Html::tag('h3', mt('x509', 'Subject Name')),
+ $subject,
+ Html::tag('h3', mt('x509', 'Issuer Name')),
+ $issuer,
+ Html::tag('h3', mt('x509', 'Certificate Info')),
+ $certInfo,
+ Html::tag('h3', mt('x509', 'Public Key Info')),
+ $pubkeyInfo,
+ Html::tag('h3', mt('x509', 'Extensions')),
+ $extensions,
+ Html::tag('h3', mt('x509', 'Fingerprints')),
+ $fingerprints
+ ]);
+ }
+}