<?php
/***********************************************
* File      :   validatecert.php
* Project   :   Z-Push
* Descr     :   Provides the ValidateCert command
*
* Created   :   15.10.2012
*
* Copyright 2007 - 2013 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation with the following additional
* term according to sec. 7:
*
* According to sec. 7 of the GNU Affero General Public License, version 3,
* the terms of the AGPL are supplemented with the following terms:
*
* "Zarafa" is a registered trademark of Zarafa B.V.
* "Z-Push" is a registered trademark of Zarafa Deutschland GmbH
* The licensing of the Program under the AGPL does not imply a trademark license.
* Therefore any rights, title and interest in our trademarks remain entirely with us.
*
* However, if you propagate an unmodified version of the Program you are
* allowed to use the term "Z-Push" to indicate that you distribute the Program.
* Furthermore you may use our trademarks where it is necessary to indicate
* the intended purpose of a product or service provided you use it in accordance
* with honest practices in industrial or commercial matters.
* If you want to propagate modified versions of the Program under the name "Z-Push",
* you may only do so if you have a written permission by Zarafa Deutschland GmbH
* (to acquire a permission please contact Zarafa at trademark@zarafa.com).
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program.  If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/

class ValidateCert extends RequestProcessor {

    /**
     * Handles the ValidateCert command
     *
     * @param int       $commandCode
     *
     * @access public
     * @return boolean
     */
    public function Handle($commandCode) {
        // Parse input
        if(!self::$decoder->getElementStartTag(SYNC_VALIDATECERT_VALIDATECERT))
            return false;

        $validateCert = new SyncValidateCert();
        $validateCert->Decode(self::$decoder);
        $cert_der = base64_decode($validateCert->certificates[0]);
        $cert_pem = "-----BEGIN CERTIFICATE-----\n".chunk_split(base64_encode($cert_der), 64, "\n")."-----END CERTIFICATE-----\n";

        $checkpurpose = (defined('CAINFO') && CAINFO) ? openssl_x509_checkpurpose($cert_pem, X509_PURPOSE_SMIME_SIGN, array(CAINFO)) : openssl_x509_checkpurpose($cert_pem, X509_PURPOSE_SMIME_SIGN);
        if ($checkpurpose === true)
            $status = SYNC_VALIDATECERTSTATUS_SUCCESS;
        else
            $status = SYNC_VALIDATECERTSTATUS_CANTVALIDATESIG;

        if(!self::$decoder->getElementEndTag())
                return false; // SYNC_VALIDATECERT_VALIDATECERT

        self::$encoder->startWBXML();
        self::$encoder->startTag(SYNC_VALIDATECERT_VALIDATECERT);

            self::$encoder->startTag(SYNC_VALIDATECERT_STATUS);
            self::$encoder->content($status);
            self::$encoder->endTag(); // SYNC_VALIDATECERT_STATUS

            self::$encoder->startTag(SYNC_VALIDATECERT_CERTIFICATE);
                self::$encoder->startTag(SYNC_VALIDATECERT_STATUS);
                self::$encoder->content($status);
                self::$encoder->endTag(); // SYNC_VALIDATECERT_STATUS
            self::$encoder->endTag(); // SYNC_VALIDATECERT_CERTIFICATE

        self::$encoder->endTag(); // SYNC_VALIDATECERT_VALIDATECERT
        return true;
    }
}
?>