diff options
Diffstat (limited to 'library/X509/CertificateDetails.php')
-rw-r--r-- | library/X509/CertificateDetails.php | 120 |
1 files changed, 120 insertions, 0 deletions
diff --git a/library/X509/CertificateDetails.php b/library/X509/CertificateDetails.php new file mode 100644 index 0000000..f28e423 --- /dev/null +++ b/library/X509/CertificateDetails.php @@ -0,0 +1,120 @@ +<?php + +// Icinga Web 2 X.509 Module | (c) 2018 Icinga GmbH | GPLv2 + +namespace Icinga\Module\X509; + +use DateTime; +use Icinga\Module\X509\Model\X509Certificate; +use ipl\Html\BaseHtmlElement; +use ipl\Html\Html; +use ipl\Web\Widget\IcingaIcon; + +/** + * Widget to display X.509 certificate details + */ +class CertificateDetails extends BaseHtmlElement +{ + protected $tag = 'div'; + + protected $defaultAttributes = ['class' => 'cert-details']; + + /** + * @var X509Certificate + */ + protected $cert; + + public function setCert(X509Certificate $cert) + { + $this->cert = $cert; + + return $this; + } + + protected function assemble() + { + $pem = $this->cert->certificate; + $cert = openssl_x509_parse($pem); +// $pubkey = openssl_pkey_get_details(openssl_get_publickey($pem)); + + $subject = Html::tag('dl'); + $sans = CertificateUtils::splitSANs($cert['extensions']['subjectAltName'] ?? null); + if (! isset($cert['subject']['CN']) && ! empty($sans)) { + foreach ($sans as $type => $values) { + foreach ($values as $value) { + $subject->addHtml(Html::tag('dt', $type), Html::tag('dd', $value)); + } + } + } else { + foreach ($cert['subject'] as $key => $value) { + $subject->add([ + Html::tag('dt', $key), + Html::tag('dd', $value) + ]); + } + } + + $issuer = Html::tag('dl'); + foreach ($cert['issuer'] as $key => $value) { + $issuer->add([ + Html::tag('dt', $key), + Html::tag('dd', $value) + ]); + } + + $certInfo = Html::tag('dl'); + $certInfo->add([ + Html::tag('dt', mt('x509', 'Serial Number')), + Html::tag('dd', bin2hex($this->cert->serial)), + Html::tag('dt', mt('x509', 'Version')), + Html::tag('dd', $this->cert->version), + Html::tag('dt', mt('x509', 'Signature Algorithm')), + Html::tag('dd', $this->cert->signature_algo . ' with ' . $this->cert->signature_hash_algo), + Html::tag('dt', mt('x509', 'Not Valid Before')), + Html::tag('dd', $this->cert->valid_from->format('l F jS, Y H:i:s e')), + Html::tag('dt', mt('x509', 'Not Valid After')), + Html::tag('dd', $this->cert->valid_to->format('l F jS, Y H:i:s e')), + ]); + + $pubkeyInfo = Html::tag('dl'); + $pubkeyInfo->add([ + Html::tag('dt', mt('x509', 'Algorithm')), + Html::tag('dd', $this->cert->pubkey_algo), + Html::tag('dt', mt('x509', 'Key Size')), + Html::tag('dd', $this->cert->pubkey_bits) + ]); + + $extensions = Html::tag('dl'); + foreach ($cert['extensions'] as $key => $value) { + $extensions->add([ + Html::tag('dt', ucwords(implode(' ', preg_split('/(?=[A-Z])/', $key)))), + Html::tag('dd', $value) + ]); + } + + $fingerprints = Html::tag('dl'); + $fingerprints->add([ + Html::tag('dt', 'SHA-256'), + Html::tag( + 'dd', + wordwrap(strtoupper(bin2hex($this->cert->fingerprint)), 2, ' ', true) + ) + ]); + + $this->add([ + Html::tag('h2', [new IcingaIcon('certificate'), $this->cert->subject]), + Html::tag('h3', mt('x509', 'Subject Name')), + $subject, + Html::tag('h3', mt('x509', 'Issuer Name')), + $issuer, + Html::tag('h3', mt('x509', 'Certificate Info')), + $certInfo, + Html::tag('h3', mt('x509', 'Public Key Info')), + $pubkeyInfo, + Html::tag('h3', mt('x509', 'Extensions')), + $extensions, + Html::tag('h3', mt('x509', 'Fingerprints')), + $fingerprints + ]); + } +} |