Rogierw\Letsencrypt\Support\OpenSsl::generateCsr()

Complexity

Conditions	2
Paths	2

Size

Total Lines	39
Code Lines	26

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	1

<?php
    public static function generateCsr(array $domains, string $privateKey): string
    {
        $dn = ['commonName' => $domains[0]];

        $san = implode(',', array_map(function ($dns) {
            return 'DNS:' . $dns;
        }, $domains));

        $tempFile = tmpfile();

        fwrite(
            $tempFile,

It seems like $tempFile can also be of type false; however, parameter $handle of fwrite() does only seem to accept resource, maybe add an additional type check?

            'HOME = .
			RANDFILE = $ENV::HOME/.rnd
			[ req ]
			default_bits = 4096
			default_keyfile = privkey.pem
			distinguished_name = req_distinguished_name
			req_extensions = v3_req
			[ req_distinguished_name ]
			countryName = Country Name (2 letter code)
			[ v3_req ]
			basicConstraints = CA:FALSE
			subjectAltName = ' . $san . '
			keyUsage = nonRepudiation, digitalSignature, keyEncipherment'
        );

        $csr = openssl_csr_new($dn, $privateKey, [

$privateKey of type string is incompatible with the type resource expected by parameter $privkey of openssl_csr_new().

            'digest_alg' => 'sha256',
            'config'     => stream_get_meta_data($tempFile)['uri'],

It seems like $tempFile can also be of type false; however, parameter $stream of stream_get_meta_data() does only seem to accept resource, maybe add an additional type check?

        ]);

        fclose($tempFile);

It seems like $tempFile can also be of type false; however, parameter $handle of fclose() does only seem to accept resource, maybe add an additional type check?

        if (!openssl_csr_export($csr, $out)) {
            throw new RuntimeException('Exporting CSR failed.');
        }

        return trim($out);
    }