/**
* Parse the certificate.
*
* @param Certificate $certificate
*
* @return ParsedCertificate
*/
public function parse(Certificate $certificate)
{
$rawData = openssl_x509_parse($certificate->getPEM());
if (!is_array($rawData)) {
throw new CertificateParsingException(sprintf('Fail to parse certificate with error: %s', openssl_error_string()));
}
if (!isset($rawData['subject']['CN'])) {
throw new CertificateParsingException('Missing expected key "subject.cn" in certificate');
}
if (!isset($rawData['issuer']['CN'])) {
throw new CertificateParsingException('Missing expected key "issuer.cn" in certificate');
}
if (!isset($rawData['serialNumber'])) {
throw new CertificateParsingException('Missing expected key "serialNumber" in certificate');
}
if (!isset($rawData['validFrom_time_t'])) {
throw new CertificateParsingException('Missing expected key "validFrom_time_t" in certificate');
}
if (!isset($rawData['validTo_time_t'])) {
throw new CertificateParsingException('Missing expected key "validTo_time_t" in certificate');
}
$subjectAlternativeName = [];
if (isset($rawData['extensions']['subjectAltName'])) {
$subjectAlternativeName = array_map(function ($item) {
return explode(':', trim($item), 2)[1];
}, array_filter(explode(',', $rawData['extensions']['subjectAltName']), function ($item) {
return false !== strpos($item, ':');
}));
}
return new ParsedCertificate($certificate, $rawData['subject']['CN'], $rawData['issuer']['CN'], $rawData['subject'] === $rawData['issuer'], new \DateTime('@' . $rawData['validFrom_time_t']), new \DateTime('@' . $rawData['validTo_time_t']), $rawData['serialNumber'], $subjectAlternativeName);
}