diff options
author | yakatz <yehuda@ymkatz.net> | 2011-04-21 14:29:54 -0400 |
---|---|---|
committer | yakatz <yehuda@ymkatz.net> | 2011-04-21 14:29:54 -0400 |
commit | a828210b746c074c1e701a44f5f2ec3a69ba368a (patch) | |
tree | 6bc76319d1b423c686e72e6377ef69041fda4327 /etc/inc/certs.inc | |
parent | e2e934e0c976bae835b58de7c2595666ad59d2a0 (diff) | |
download | pfsense-a828210b746c074c1e701a44f5f2ec3a69ba368a.zip pfsense-a828210b746c074c1e701a44f5f2ec3a69ba368a.tar.gz |
checking moduli of ssl csr request and response
Diffstat (limited to 'etc/inc/certs.inc')
-rw-r--r-- | etc/inc/certs.inc | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index 2b192c1..2e9718c 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -369,6 +369,25 @@ function cert_get_issuer($str_crt, $decode = true) { return $issuer; } +/* this function works on x509 (crt), rsa key (prv), and req(csr) */ +function cert_get_modulus($str_crt, $decode = true, $type = "crt"){ + if ($decode) + $str_crt = base64_decode($str_crt); + + $modulus = ""; + if ( in_array($type, array("crt", "prv", "csr")) ) { + $type = str_replace( array("crt","prv","csr"), array("x509","rsa","req"), $type); + $modulus = exec("echo \"{$str_crt}\" | openssl {$type} -noout -modulus"); + } + return $modulus; +} +function csr_get_modulus($str_crt, $decode = true){ + return cert_get_modulus($str_crt, $decode, "csr"); +} +function prv_get_modulus($str_crt, $decode = true){ + return cert_get_modulus($str_crt, $decode, "prv"); +} + function is_user_cert($certref) { global $config; if (!is_array($config['system']['user'])) |