YGGverse/Yoda
1
0
Fork 0
mirror of https://github.com/YGGverse/Yoda.git synced 2026-03-31 16:45:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

implement identity model

Browse source
This commit is contained in:
yggverse 2024-08-02 21:07:06 +03:00
parent 7e150ebea2
commit 47b7344e2e
3 changed files with 195 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

77
src/Abstract/Model/Identity.php Normal file
View file

@ -0,0 +1,77 @@
<?php
declare(strict_types=1);
namespace Yggverse\Yoda\Abstract\Model;
use \Exception;
use \OpenSSLAsymmetricKey;
use \OpenSSLCertificate;
use \OpenSSLCertificateSigningRequest;
abstract class Identity implements \Yggverse\Yoda\Interface\Model\Identity
{
// Generate a new private key
public static function new(
int $bits = self::PRIVATE_KEY_BITS,
int $type = self::PRIVATE_KEY_TYPE
): OpenSSLAsymmetricKey
{
$key = openssl_pkey_new(
[
'private_key_bits' => $bits,
'private_key_type' => $type
]
);
if ($key)
{
return $key;
}
throw new Exception;
}
// Generate a new certificate signing request (CSR)
public static function csr(
OpenSSLAsymmetricKey $key
): OpenSSLCertificateSigningRequest
{
$csr = openssl_csr_new(
[
// 'commonName' => $commonName @TODO
],
$key
);
if ($csr)
{
return $csr;
}
throw new Exception;
}
// Sign the CSR
public static function sign(
OpenSSLCertificateSigningRequest $csr,
OpenSSLCertificate|OpenSSLAsymmetricKey|array|string $key,
OpenSSLCertificate|string|null $crt = null, // self-signed
int $days = self::CSR_SIGN_DAYS
): OpenSSLCertificate
{
$x509 = openssl_csr_sign(
$csr,
$crt,
$key,
$days
);
if ($x509)
{
return $x509;
}
throw new Exception;
}
}

40
src/Interface/Model/Identity.php Normal file
View file

@ -0,0 +1,40 @@
<?php
declare(strict_types=1);
namespace Yggverse\Yoda\Interface\Model;
use \OpenSSLAsymmetricKey;
use \OpenSSLCertificate;
use \OpenSSLCertificateSigningRequest;
/*
* Certificate-based Identity API
*
*/
interface Identity
{
public const CSR_SIGN_DAYS = 365;
public const PRIVATE_KEY_BITS = 2048;
public const PRIVATE_KEY_TYPE = OPENSSL_KEYTYPE_RSA;
// Generate new private key
public static function new(
int $bits = self::PRIVATE_KEY_BITS,
int $type = self::PRIVATE_KEY_TYPE
): OpenSSLAsymmetricKey;
// Generate certificate signing request (CSR)
public static function csr(
OpenSSLAsymmetricKey $key
): OpenSSLCertificateSigningRequest;
// Sign the CSR
public static function sign(
OpenSSLCertificateSigningRequest $csr,
OpenSSLCertificate|OpenSSLAsymmetricKey|array|string $key,
OpenSSLCertificate|string|null $crt = null, // self-signed
int $days = self::CSR_SIGN_DAYS
): OpenSSLCertificate;
}

78
src/Model/Identity/Gemini.php Normal file
View file

@ -0,0 +1,78 @@
<?php
declare(strict_types=1);
namespace Yggverse\Yoda\Model\Identity;
use \Exception;
use \OpenSSLAsymmetricKey;
use \OpenSSLCertificate;
class Gemini extends \Yggverse\Yoda\Abstract\Model\Identity
{
// Update defaults
public const CSR_SIGN_DAYS = 365 * 1965; // @TODO
// Init identity variables
protected OpenSSLAsymmetricKey $_key;
protected OpenSSLCertificate $_crt;
// Init new identity
public function __construct(
?OpenSSLAsymmetricKey $key = null,
?OpenSSLCertificate $crt = null
) {
// Init private key
$this->_key = $key ? $key : self::new();
// Init self-signed certificate
$this->_crt = $crt ? $crt : self::sign(
self::csr(
$this->_key
),
$this->_key,
null,
self::CSR_SIGN_DAYS
);
}
// Get certificate
public function crt(
?OpenSSLCertificate $crt = null
): string
{
$pem = '';
$result = openssl_x509_export(
$crt ? $crt : $this->_crt,
$pem
);
if ($result)
{
return $pem;
}
throw new Exception;
}
// Get private key
public function key(
?OpenSSLAsymmetricKey $key = null
): string
{
$pem = '';
$result = openssl_pkey_export(
$key ? $key : $this->_key,
$pem
);
if ($result)
{
return $pem;
}
throw new Exception;
}
}