1 files changed, 22 insertions, 1 deletions

diff --git a/src/etc/inc/certs.inc b/src/etc/inc/certs.inc
index 1ed1b6e..53bebeb 100644
--- a/src/etc/inc/certs.inc
+++ b/src/etc/inc/certs.inc
@@ -435,7 +435,7 @@ function csr_generate(& $cert, $keylen, $dn, $type = "user", $digest_alg = "sha2
 	return true;
 }
 
-function csr_sign($csr, & $ca, $duration, $type = "user", $altnames) {
+function csr_sign($csr, & $ca, $duration, $type = "user", $altnames, $digest_alg = "sha256") {
 	global $config;
 	$old_err_level = error_reporting(0);
 
@@ -460,6 +460,7 @@ function csr_sign($csr, & $ca, $duration, $type = "user", $altnames) {
 
 	$args = array(
 		"x509_extensions" => $cert_type,
+		"digest_alg" => $digest_alg,
 		"req_extensions" => "req_{$cert_type}"
 	);
 
@@ -682,6 +683,26 @@ function cert_get_serial($str_crt, $decode = true) {
 	}
 }
 
+function cert_get_sigtype($str_crt, $decode = true) {
+	if ($decode) {
+		$str_crt = base64_decode($str_crt);
+	}
+	$crt_details = openssl_x509_parse($str_crt);
+
+	$signature = array();
+	if (isset($crt_details['signatureTypeSN']) && !empty($crt_details['signatureTypeSN'])) {
+		$signature['shortname'] = $crt_details['signatureTypeSN'];
+	}
+	if (isset($crt_details['signatureTypeLN']) && !empty($crt_details['signatureTypeLN'])) {
+		$signature['longname'] = $crt_details['signatureTypeLN'];
+	}
+	if (isset($crt_details['signatureTypeNID']) && !empty($crt_details['signatureTypeNID'])) {
+		$signature['nid'] = $crt_details['signatureTypeNID'];
+	}
+
+	return $signature;
+}
+
 function is_openvpn_server_ca($caref) {
 	global $config;
 	if (!is_array($config['openvpn']['openvpn-server'])) {