diff options
Diffstat (limited to 'src/etc')
-rw-r--r-- | src/etc/inc/certs.inc | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/src/etc/inc/certs.inc b/src/etc/inc/certs.inc index 1ed1b6e..53bebeb 100644 --- a/src/etc/inc/certs.inc +++ b/src/etc/inc/certs.inc @@ -435,7 +435,7 @@ function csr_generate(& $cert, $keylen, $dn, $type = "user", $digest_alg = "sha2 return true; } -function csr_sign($csr, & $ca, $duration, $type = "user", $altnames) { +function csr_sign($csr, & $ca, $duration, $type = "user", $altnames, $digest_alg = "sha256") { global $config; $old_err_level = error_reporting(0); @@ -460,6 +460,7 @@ function csr_sign($csr, & $ca, $duration, $type = "user", $altnames) { $args = array( "x509_extensions" => $cert_type, + "digest_alg" => $digest_alg, "req_extensions" => "req_{$cert_type}" ); @@ -682,6 +683,26 @@ function cert_get_serial($str_crt, $decode = true) { } } +function cert_get_sigtype($str_crt, $decode = true) { + if ($decode) { + $str_crt = base64_decode($str_crt); + } + $crt_details = openssl_x509_parse($str_crt); + + $signature = array(); + if (isset($crt_details['signatureTypeSN']) && !empty($crt_details['signatureTypeSN'])) { + $signature['shortname'] = $crt_details['signatureTypeSN']; + } + if (isset($crt_details['signatureTypeLN']) && !empty($crt_details['signatureTypeLN'])) { + $signature['longname'] = $crt_details['signatureTypeLN']; + } + if (isset($crt_details['signatureTypeNID']) && !empty($crt_details['signatureTypeNID'])) { + $signature['nid'] = $crt_details['signatureTypeNID']; + } + + return $signature; +} + function is_openvpn_server_ca($caref) { global $config; if (!is_array($config['openvpn']['openvpn-server'])) { |