Merge pull request #51 from eclipxe13/development

Create certificate using PEM contents (version 2.12.3)

Author: eclipxe13

docs/CHANGELOG.md

@@ -28,6 +28,14 @@
 - Change visibility of `CfdiUtils\Cleaner\Cleaner#removeIncompleteSchemaLocation()` to private.
 
 
+## Version 2.12.3 2019-09-26
+
+- `CfdiUtils\Certificado\Certificado` can be created using PEM contents and not only a certificate path.
+- `CfdiUtils\Creator33` can use a certificate without associated filename.
+- `CfdiUtils\RetencionesCreator10` can use a certificate without associated filename.
+- `CfdiUtils\Certificado\NodeCertificado` can obtain the certificate without creating a temporary file.
+
+
 ## Version 2.12.2 2019-09-24
 
 - When cannot load an Xml string include `LibXMLError` information into exception, like:

src/CfdiUtils/Certificado/Certificado.php

@@ -38,27 +38,36 @@ class Certificado
     /**
      * Certificado constructor.
      *
-     * @param string $filename
+     * @param string $filename Allows filename or certificate contents (PEM or DER)
      * @param OpenSSL $openSSL
-     * @throws \UnexpectedValueException when the file does not exists or is not readable
-     * @throws \UnexpectedValueException when cannot read the certificate file or is empty
-     * @throws \RuntimeException when cannot parse the certificate file or is empty
+     * @throws \UnexpectedValueException when the certificate does not exists or is not readable
+     * @throws \UnexpectedValueException when cannot read the certificate or is empty
+     * @throws \RuntimeException when cannot parse the certificate or is empty
      * @throws \RuntimeException when cannot get serialNumberHex or serialNumber from certificate
      */
     public function __construct(string $filename, OpenSSL $openSSL = null)
     {
-        $this->assertFileExists($filename);
-        $contents = strval(file_get_contents($filename));
+        $this->setOpenSSL($openSSL ?: new OpenSSL());
+        $contents = $this->extractPemCertificate($filename);
+        // using $filename as PEM content did not retrieve any result, so, use it as path
         if ('' === $contents) {
-            throw new \UnexpectedValueException("File $filename is empty");
+            $sourceName = 'file ' . $filename;
+            $this->assertFileExists($filename);
+            $contents = file_get_contents($filename) ?: '';
+            if ('' === $contents) {
+                throw new \UnexpectedValueException("File $filename is empty");
+            }
+            // this will take PEM contents or perform a PHP conversion from DER to PEM
+            $contents = $this->obtainPemCertificate($contents);
+        } else {
+            $filename = '';
+            $sourceName = '(contents)';
         }
-        $this->setOpenSSL($openSSL ?: new OpenSSL());
-        $contents = $this->obtainPemCertificate($contents);
 
         // get the certificate data
         $data = openssl_x509_parse($contents, true);
         if (! is_array($data)) {
-            throw new \RuntimeException("Cannot parse the certificate file $filename");
+            throw new \RuntimeException("Cannot parse the certificate $sourceName");
         }
 
         // get the public key
@@ -74,7 +83,7 @@ public function __construct(string $filename, OpenSSL $openSSL = null)
         } elseif (isset($data['serialNumber'])) {
             $serial->loadDecimal($data['serialNumber']);
         } else {
-            throw new \RuntimeException("Cannot get serialNumberHex or serialNumber from certificate file $filename");
+            throw new \RuntimeException("Cannot get serialNumberHex or serialNumber from certificate $sourceName");
         }
         $this->serial = $serial;
         $this->validFrom = $data['validFrom_time_t'] ?? 0;
@@ -84,12 +93,29 @@ public function __construct(string $filename, OpenSSL $openSSL = null)
         $this->filename = $filename;
     }
 
+    private function extractPemCertificate(string $contents): string
+    {
+        if (strlen($contents) < 2000) {
+            return ''; // is too short to be a PEM certificate
+        }
+        $openssl = $this->getOpenSSL();
+        $decoded = @base64_decode($contents, true) ?: '';
+        if ($contents === base64_encode($decoded)) { // is a one liner certificate
+            $doubleEncoded = $openssl->readPemContents($decoded)->certificate();
+            if ($doubleEncoded !== '') {
+                return $doubleEncoded;
+            }
+            $contents = $this->getOpenSSL()->derCerConvertPhp($decoded);
+        }
+        return $openssl->readPemContents($contents)->certificate();
+    }
+
     private function obtainPemCertificate(string $contents): string
     {
         $openssl = $this->getOpenSSL();
         $extracted = $openssl->readPemContents($contents)->certificate();
         if ('' === $extracted) { // cannot extract, could be on DER format
-            $extracted = $openssl->derCerConvertPhp($contents);
+            $extracted = $this->getOpenSSL()->derCerConvertPhp($contents);
         }
         return $extracted;
     }

src/CfdiUtils/Certificado/NodeCertificado.php

@@ -1,7 +1,6 @@
 <?php
 namespace CfdiUtils\Certificado;
 
-use CfdiUtils\Internals\TemporaryFile;
 use CfdiUtils\Nodes\NodeInterface;
 
 class NodeCertificado
@@ -99,14 +98,10 @@ public function save(string $filename)
      */
     public function obtain(): Certificado
     {
-        $temporaryFile = TemporaryFile::create();
-        // the temporary name was created
-        try {
-            $this->save($temporaryFile->getPath());
-            $certificado = new Certificado($temporaryFile->getPath());
-            return $certificado;
-        } finally {
-            $temporaryFile->remove();
+        $certificado = $this->extract();
+        if ('' === $certificado) {
+            throw new \RuntimeException('The certificado attribute is empty');
         }
+        return new Certificado(base64_encode($certificado));
     }
 }

src/CfdiUtils/CfdiCreator33.php

@@ -77,11 +77,9 @@ public function comprobante(): Comprobante
     public function putCertificado(Certificado $certificado, bool $putEmisorRfcNombre = true)
     {
         $this->setCertificado($certificado);
-        $cerfile = $certificado->getFilename();
         $this->comprobante['NoCertificado'] = $certificado->getSerial();
-        if (file_exists($cerfile)) {
-            $this->comprobante['Certificado'] = base64_encode(strval(file_get_contents($cerfile)));
-        }
+        $pemContents = implode('', preg_grep('/^((?!-).)*$/', explode(PHP_EOL, $certificado->getPemContents())));
+        $this->comprobante['Certificado'] = $pemContents;
         if ($putEmisorRfcNombre) {
             $emisor = $this->comprobante->searchNode('cfdi:Emisor');
             if (null === $emisor) {

src/CfdiUtils/Retenciones/RetencionesCreator10.php

@@ -47,11 +47,9 @@ public function retenciones(): Retenciones
     public function putCertificado(Certificado $certificado)
     {
         $this->setCertificado($certificado);
-        $cerfile = $certificado->getFilename();
         $this->retenciones['NumCert'] = $certificado->getSerial();
-        if (file_exists($cerfile)) {
-            $this->retenciones['Cert'] = base64_encode(strval(file_get_contents($cerfile)));
-        }
+        $pemContents = implode('', preg_grep('/^((?!-).)*$/', explode(PHP_EOL, $certificado->getPemContents())));
+        $this->retenciones['Cert'] = $pemContents;
     }
 
     public function buildCadenaDeOrigen(): string

tests/CfdiUtilsTests/Certificado/CertificadoTest.php

@@ -64,6 +64,17 @@ public function testVerifyWithKnownData()
         $this->assertTrue($verify);
     }
 
+    public function testConstructUsingPemContents()
+    {
+        $pemfile = $this->utilAsset('certs/CSD01_AAA010101AAA.cer.pem');
+        $contents = file_get_contents($pemfile) ?: '';
+
+        $fromFile = new Certificado($pemfile);
+        $fromContents = new Certificado($contents);
+
+        $this->assertSame($fromFile->getPemContents(), $fromContents->getPemContents());
+    }
+
     public function testVerifyWithInvalidData()
     {
         $dataFile = $this->utilAsset('certs/data-to-sign.txt');

tests/CfdiUtilsTests/Certificado/NodeCertificadoTest.php

@@ -106,7 +106,7 @@ public function testObtain()
         $nodeCertificado = $this->createNodeCertificado(strval(file_get_contents($cfdiSample)));
 
         $certificate = $nodeCertificado->obtain();
-        $this->assertFileNotExists($certificate->getFilename());
+        $this->assertEmpty($certificate->getFilename());
         $this->assertEquals('CTO021007DZ8', $certificate->getRfc());
     }
 }