From a828210b746c074c1e701a44f5f2ec3a69ba368a Mon Sep 17 00:00:00 2001
From: yakatz <yehuda@ymkatz.net>
Date: Thu, 21 Apr 2011 14:29:54 -0400
Subject: checking moduli of ssl csr request and response

---
 etc/inc/certs.inc | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'etc/inc/certs.inc')

diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc
index 2b192c1..2e9718c 100644
--- a/etc/inc/certs.inc
+++ b/etc/inc/certs.inc
@@ -369,6 +369,25 @@ function cert_get_issuer($str_crt, $decode = true) {
 	return $issuer;
 }
 
+/* this function works on x509 (crt), rsa key (prv), and req(csr) */
+function cert_get_modulus($str_crt, $decode = true, $type = "crt"){
+	if ($decode)
+		$str_crt = base64_decode($str_crt);
+
+	$modulus = "";
+	if ( in_array($type, array("crt", "prv", "csr")) ) {
+			$type = str_replace( array("crt","prv","csr"), array("x509","rsa","req"), $type);
+			$modulus = exec("echo \"{$str_crt}\" | openssl {$type} -noout -modulus");
+	}
+	return $modulus;
+}
+function csr_get_modulus($str_crt, $decode = true){
+	return cert_get_modulus($str_crt, $decode, "csr");
+}
+function prv_get_modulus($str_crt, $decode = true){
+	return cert_get_modulus($str_crt, $decode, "prv");
+}
+
 function is_user_cert($certref) {
 	global $config;
 	if (!is_array($config['system']['user']))
-- 
cgit v1.1