Viewing File: /usr/local/cpanel/whostmgr/docroot/cgi/ncssl/source/src/Service/Certificate/PrivateKey.php

<?php

namespace App\Service\Certificate;

use App\Repository\CertificateRepository;
use App\Service\CpanelHelper;
use App\Service\NcPlugin\PluginException;
use App\Entity\Certificate as CertificateEntity;
use Doctrine\ORM\EntityManagerInterface;

class PrivateKey
{
    public function __construct(
        private readonly CpanelHelper $cpanelHelper,
        private readonly EntityManagerInterface $entityManager,
    ) {
    }

    /**
     * @throws PluginException
     */
    private function getPkIdByCertificate($cert)
    {
        $usersPKs = $this->cpanelHelper->getPrivateKeys();
        foreach ($usersPKs as $pk) {
            $privateKey = $this->cpanelHelper->getPrivateKey($pk['id']);
            if (openssl_x509_check_private_key($cert, $privateKey)) {
                return $pk['id'];
            }
        }
        return null;
    }

    /**
     * @throws PluginException
     */
    public function restorePrivateKeyId(CertificateEntity $certificate, $certBody): CertificateEntity
    {
        $friendlyName = $this->cpanelHelper->generatePrivateKeyFriendlyName($certificate->getNcId());
        $privateKeyId = $this->cpanelHelper->getPrivateKeyId($friendlyName);

        if (empty($privateKeyId)) {
            $privateKeyId = $this->getPkIdByCertificate($certBody);
        }

        if (!empty($privateKeyId)) {
            $certificate->setPrivatekeyId($privateKeyId);
            $this->cpanelHelper->renamePrivateKey($certificate->getPrivatekeyId(), $friendlyName);
        } else {
            $certificate->setStatus(CertificateEntity::STATUS_CORRUPTED);
        }

        $this->entityManager->persist($certificate);
        $this->entityManager->flush();

        return $certificate;
    }
}