@@ -20,235 +20,235 @@ |
||
20 | 20 | */ |
21 | 21 | class Certificate |
22 | 22 | { |
23 | - /** |
|
24 | - * "To be signed" certificate information. |
|
25 | - * |
|
26 | - * @var TBSCertificate $_tbsCertificate |
|
27 | - */ |
|
28 | - protected $_tbsCertificate; |
|
29 | - |
|
30 | - /** |
|
31 | - * Signature algorithm. |
|
32 | - * |
|
33 | - * @var SignatureAlgorithmIdentifier $_signatureAlgorithm |
|
34 | - */ |
|
35 | - protected $_signatureAlgorithm; |
|
36 | - |
|
37 | - /** |
|
38 | - * Signature value. |
|
39 | - * |
|
40 | - * @var Signature $_signatureValue |
|
41 | - */ |
|
42 | - protected $_signatureValue; |
|
43 | - |
|
44 | - /** |
|
45 | - * Constructor. |
|
46 | - * |
|
47 | - * @param TBSCertificate $tbsCert |
|
48 | - * @param SignatureAlgorithmIdentifier $algo |
|
49 | - * @param Signature $signature |
|
50 | - */ |
|
51 | - public function __construct(TBSCertificate $tbsCert, |
|
52 | - SignatureAlgorithmIdentifier $algo, Signature $signature) |
|
53 | - { |
|
54 | - $this->_tbsCertificate = $tbsCert; |
|
55 | - $this->_signatureAlgorithm = $algo; |
|
56 | - $this->_signatureValue = $signature; |
|
57 | - } |
|
58 | - |
|
59 | - /** |
|
60 | - * Initialize from ASN.1. |
|
61 | - * |
|
62 | - * @param Sequence $seq |
|
63 | - * @return self |
|
64 | - */ |
|
65 | - public static function fromASN1(Sequence $seq): self |
|
66 | - { |
|
67 | - $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence()); |
|
68 | - $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence()); |
|
69 | - if (!$algo instanceof SignatureAlgorithmIdentifier) { |
|
70 | - throw new \UnexpectedValueException( |
|
71 | - "Unsupported signature algorithm " . $algo->oid() . "."); |
|
72 | - } |
|
73 | - $signature = Signature::fromSignatureData( |
|
74 | - $seq->at(2) |
|
75 | - ->asBitString() |
|
76 | - ->string(), $algo); |
|
77 | - return new self($tbsCert, $algo, $signature); |
|
78 | - } |
|
79 | - |
|
80 | - /** |
|
81 | - * Initialize from DER. |
|
82 | - * |
|
83 | - * @param string $data |
|
84 | - * @return self |
|
85 | - */ |
|
86 | - public static function fromDER(string $data): self |
|
87 | - { |
|
88 | - return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); |
|
89 | - } |
|
90 | - |
|
91 | - /** |
|
92 | - * Initialize from PEM. |
|
93 | - * |
|
94 | - * @param PEM $pem |
|
95 | - * @throws \UnexpectedValueException |
|
96 | - * @return self |
|
97 | - */ |
|
98 | - public static function fromPEM(PEM $pem): self |
|
99 | - { |
|
100 | - if ($pem->type() != PEM::TYPE_CERTIFICATE) { |
|
101 | - throw new \UnexpectedValueException("Invalid PEM type."); |
|
102 | - } |
|
103 | - return self::fromDER($pem->data()); |
|
104 | - } |
|
105 | - |
|
106 | - /** |
|
107 | - * Get certificate information. |
|
108 | - * |
|
109 | - * @return TBSCertificate |
|
110 | - */ |
|
111 | - public function tbsCertificate(): TBSCertificate |
|
112 | - { |
|
113 | - return $this->_tbsCertificate; |
|
114 | - } |
|
115 | - |
|
116 | - /** |
|
117 | - * Get signature algorithm. |
|
118 | - * |
|
119 | - * @return SignatureAlgorithmIdentifier |
|
120 | - */ |
|
121 | - public function signatureAlgorithm(): SignatureAlgorithmIdentifier |
|
122 | - { |
|
123 | - return $this->_signatureAlgorithm; |
|
124 | - } |
|
125 | - |
|
126 | - /** |
|
127 | - * Get signature value. |
|
128 | - * |
|
129 | - * @return Signature |
|
130 | - */ |
|
131 | - public function signatureValue(): Signature |
|
132 | - { |
|
133 | - return $this->_signatureValue; |
|
134 | - } |
|
135 | - |
|
136 | - /** |
|
137 | - * Check whether certificate is self-issued. |
|
138 | - * |
|
139 | - * @return bool |
|
140 | - */ |
|
141 | - public function isSelfIssued(): bool |
|
142 | - { |
|
143 | - return $this->_tbsCertificate->subject()->equals( |
|
144 | - $this->_tbsCertificate->issuer()); |
|
145 | - } |
|
146 | - |
|
147 | - /** |
|
148 | - * Check whether certificate is semantically equal to another. |
|
149 | - * |
|
150 | - * @param Certificate $cert Certificate to compare to |
|
151 | - * @return bool |
|
152 | - */ |
|
153 | - public function equals(Certificate $cert): bool |
|
154 | - { |
|
155 | - return $this->_hasEqualSerialNumber($cert) && |
|
156 | - $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert); |
|
157 | - } |
|
158 | - |
|
159 | - /** |
|
160 | - * Check whether certificate has serial number equal to another. |
|
161 | - * |
|
162 | - * @param Certificate $cert |
|
163 | - * @return bool |
|
164 | - */ |
|
165 | - private function _hasEqualSerialNumber(Certificate $cert): bool |
|
166 | - { |
|
167 | - $sn1 = $this->_tbsCertificate->serialNumber(); |
|
168 | - $sn2 = $cert->_tbsCertificate->serialNumber(); |
|
169 | - return $sn1 == $sn2; |
|
170 | - } |
|
171 | - |
|
172 | - /** |
|
173 | - * Check whether certificate has public key equal to another. |
|
174 | - * |
|
175 | - * @param Certificate $cert |
|
176 | - * @return bool |
|
177 | - */ |
|
178 | - private function _hasEqualPublicKey(Certificate $cert): bool |
|
179 | - { |
|
180 | - $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier(); |
|
181 | - $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier(); |
|
182 | - return $kid1 == $kid2; |
|
183 | - } |
|
184 | - |
|
185 | - /** |
|
186 | - * Check whether certificate has subject equal to another. |
|
187 | - * |
|
188 | - * @param Certificate $cert |
|
189 | - * @return bool |
|
190 | - */ |
|
191 | - private function _hasEqualSubject(Certificate $cert): bool |
|
192 | - { |
|
193 | - $dn1 = $this->_tbsCertificate->subject(); |
|
194 | - $dn2 = $cert->_tbsCertificate->subject(); |
|
195 | - return $dn1->equals($dn2); |
|
196 | - } |
|
197 | - |
|
198 | - /** |
|
199 | - * Generate ASN.1 structure. |
|
200 | - * |
|
201 | - * @return Sequence |
|
202 | - */ |
|
203 | - public function toASN1(): Sequence |
|
204 | - { |
|
205 | - return new Sequence($this->_tbsCertificate->toASN1(), |
|
206 | - $this->_signatureAlgorithm->toASN1(), |
|
207 | - $this->_signatureValue->bitString()); |
|
208 | - } |
|
209 | - |
|
210 | - /** |
|
211 | - * Get certificate as a DER. |
|
212 | - * |
|
213 | - * @return string |
|
214 | - */ |
|
215 | - public function toDER(): string |
|
216 | - { |
|
217 | - return $this->toASN1()->toDER(); |
|
218 | - } |
|
219 | - |
|
220 | - /** |
|
221 | - * Get certificate as a PEM. |
|
222 | - * |
|
223 | - * @return PEM |
|
224 | - */ |
|
225 | - public function toPEM(): PEM |
|
226 | - { |
|
227 | - return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER()); |
|
228 | - } |
|
229 | - |
|
230 | - /** |
|
231 | - * Verify certificate signature. |
|
232 | - * |
|
233 | - * @param PublicKeyInfo $pubkey_info Issuer's public key |
|
234 | - * @param Crypto|null $crypto Crypto engine, use default if not set |
|
235 | - * @return bool True if certificate signature is valid |
|
236 | - */ |
|
237 | - public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool |
|
238 | - { |
|
239 | - $crypto = $crypto ?: Crypto::getDefault(); |
|
240 | - $data = $this->_tbsCertificate->toASN1()->toDER(); |
|
241 | - return $crypto->verify($data, $this->_signatureValue, $pubkey_info, |
|
242 | - $this->_signatureAlgorithm); |
|
243 | - } |
|
244 | - |
|
245 | - /** |
|
246 | - * Get certificate as a PEM formatted string. |
|
247 | - * |
|
248 | - * @return string |
|
249 | - */ |
|
250 | - public function __toString() |
|
251 | - { |
|
252 | - return $this->toPEM()->string(); |
|
253 | - } |
|
23 | + /** |
|
24 | + * "To be signed" certificate information. |
|
25 | + * |
|
26 | + * @var TBSCertificate $_tbsCertificate |
|
27 | + */ |
|
28 | + protected $_tbsCertificate; |
|
29 | + |
|
30 | + /** |
|
31 | + * Signature algorithm. |
|
32 | + * |
|
33 | + * @var SignatureAlgorithmIdentifier $_signatureAlgorithm |
|
34 | + */ |
|
35 | + protected $_signatureAlgorithm; |
|
36 | + |
|
37 | + /** |
|
38 | + * Signature value. |
|
39 | + * |
|
40 | + * @var Signature $_signatureValue |
|
41 | + */ |
|
42 | + protected $_signatureValue; |
|
43 | + |
|
44 | + /** |
|
45 | + * Constructor. |
|
46 | + * |
|
47 | + * @param TBSCertificate $tbsCert |
|
48 | + * @param SignatureAlgorithmIdentifier $algo |
|
49 | + * @param Signature $signature |
|
50 | + */ |
|
51 | + public function __construct(TBSCertificate $tbsCert, |
|
52 | + SignatureAlgorithmIdentifier $algo, Signature $signature) |
|
53 | + { |
|
54 | + $this->_tbsCertificate = $tbsCert; |
|
55 | + $this->_signatureAlgorithm = $algo; |
|
56 | + $this->_signatureValue = $signature; |
|
57 | + } |
|
58 | + |
|
59 | + /** |
|
60 | + * Initialize from ASN.1. |
|
61 | + * |
|
62 | + * @param Sequence $seq |
|
63 | + * @return self |
|
64 | + */ |
|
65 | + public static function fromASN1(Sequence $seq): self |
|
66 | + { |
|
67 | + $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence()); |
|
68 | + $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence()); |
|
69 | + if (!$algo instanceof SignatureAlgorithmIdentifier) { |
|
70 | + throw new \UnexpectedValueException( |
|
71 | + "Unsupported signature algorithm " . $algo->oid() . "."); |
|
72 | + } |
|
73 | + $signature = Signature::fromSignatureData( |
|
74 | + $seq->at(2) |
|
75 | + ->asBitString() |
|
76 | + ->string(), $algo); |
|
77 | + return new self($tbsCert, $algo, $signature); |
|
78 | + } |
|
79 | + |
|
80 | + /** |
|
81 | + * Initialize from DER. |
|
82 | + * |
|
83 | + * @param string $data |
|
84 | + * @return self |
|
85 | + */ |
|
86 | + public static function fromDER(string $data): self |
|
87 | + { |
|
88 | + return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence()); |
|
89 | + } |
|
90 | + |
|
91 | + /** |
|
92 | + * Initialize from PEM. |
|
93 | + * |
|
94 | + * @param PEM $pem |
|
95 | + * @throws \UnexpectedValueException |
|
96 | + * @return self |
|
97 | + */ |
|
98 | + public static function fromPEM(PEM $pem): self |
|
99 | + { |
|
100 | + if ($pem->type() != PEM::TYPE_CERTIFICATE) { |
|
101 | + throw new \UnexpectedValueException("Invalid PEM type."); |
|
102 | + } |
|
103 | + return self::fromDER($pem->data()); |
|
104 | + } |
|
105 | + |
|
106 | + /** |
|
107 | + * Get certificate information. |
|
108 | + * |
|
109 | + * @return TBSCertificate |
|
110 | + */ |
|
111 | + public function tbsCertificate(): TBSCertificate |
|
112 | + { |
|
113 | + return $this->_tbsCertificate; |
|
114 | + } |
|
115 | + |
|
116 | + /** |
|
117 | + * Get signature algorithm. |
|
118 | + * |
|
119 | + * @return SignatureAlgorithmIdentifier |
|
120 | + */ |
|
121 | + public function signatureAlgorithm(): SignatureAlgorithmIdentifier |
|
122 | + { |
|
123 | + return $this->_signatureAlgorithm; |
|
124 | + } |
|
125 | + |
|
126 | + /** |
|
127 | + * Get signature value. |
|
128 | + * |
|
129 | + * @return Signature |
|
130 | + */ |
|
131 | + public function signatureValue(): Signature |
|
132 | + { |
|
133 | + return $this->_signatureValue; |
|
134 | + } |
|
135 | + |
|
136 | + /** |
|
137 | + * Check whether certificate is self-issued. |
|
138 | + * |
|
139 | + * @return bool |
|
140 | + */ |
|
141 | + public function isSelfIssued(): bool |
|
142 | + { |
|
143 | + return $this->_tbsCertificate->subject()->equals( |
|
144 | + $this->_tbsCertificate->issuer()); |
|
145 | + } |
|
146 | + |
|
147 | + /** |
|
148 | + * Check whether certificate is semantically equal to another. |
|
149 | + * |
|
150 | + * @param Certificate $cert Certificate to compare to |
|
151 | + * @return bool |
|
152 | + */ |
|
153 | + public function equals(Certificate $cert): bool |
|
154 | + { |
|
155 | + return $this->_hasEqualSerialNumber($cert) && |
|
156 | + $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert); |
|
157 | + } |
|
158 | + |
|
159 | + /** |
|
160 | + * Check whether certificate has serial number equal to another. |
|
161 | + * |
|
162 | + * @param Certificate $cert |
|
163 | + * @return bool |
|
164 | + */ |
|
165 | + private function _hasEqualSerialNumber(Certificate $cert): bool |
|
166 | + { |
|
167 | + $sn1 = $this->_tbsCertificate->serialNumber(); |
|
168 | + $sn2 = $cert->_tbsCertificate->serialNumber(); |
|
169 | + return $sn1 == $sn2; |
|
170 | + } |
|
171 | + |
|
172 | + /** |
|
173 | + * Check whether certificate has public key equal to another. |
|
174 | + * |
|
175 | + * @param Certificate $cert |
|
176 | + * @return bool |
|
177 | + */ |
|
178 | + private function _hasEqualPublicKey(Certificate $cert): bool |
|
179 | + { |
|
180 | + $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier(); |
|
181 | + $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier(); |
|
182 | + return $kid1 == $kid2; |
|
183 | + } |
|
184 | + |
|
185 | + /** |
|
186 | + * Check whether certificate has subject equal to another. |
|
187 | + * |
|
188 | + * @param Certificate $cert |
|
189 | + * @return bool |
|
190 | + */ |
|
191 | + private function _hasEqualSubject(Certificate $cert): bool |
|
192 | + { |
|
193 | + $dn1 = $this->_tbsCertificate->subject(); |
|
194 | + $dn2 = $cert->_tbsCertificate->subject(); |
|
195 | + return $dn1->equals($dn2); |
|
196 | + } |
|
197 | + |
|
198 | + /** |
|
199 | + * Generate ASN.1 structure. |
|
200 | + * |
|
201 | + * @return Sequence |
|
202 | + */ |
|
203 | + public function toASN1(): Sequence |
|
204 | + { |
|
205 | + return new Sequence($this->_tbsCertificate->toASN1(), |
|
206 | + $this->_signatureAlgorithm->toASN1(), |
|
207 | + $this->_signatureValue->bitString()); |
|
208 | + } |
|
209 | + |
|
210 | + /** |
|
211 | + * Get certificate as a DER. |
|
212 | + * |
|
213 | + * @return string |
|
214 | + */ |
|
215 | + public function toDER(): string |
|
216 | + { |
|
217 | + return $this->toASN1()->toDER(); |
|
218 | + } |
|
219 | + |
|
220 | + /** |
|
221 | + * Get certificate as a PEM. |
|
222 | + * |
|
223 | + * @return PEM |
|
224 | + */ |
|
225 | + public function toPEM(): PEM |
|
226 | + { |
|
227 | + return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER()); |
|
228 | + } |
|
229 | + |
|
230 | + /** |
|
231 | + * Verify certificate signature. |
|
232 | + * |
|
233 | + * @param PublicKeyInfo $pubkey_info Issuer's public key |
|
234 | + * @param Crypto|null $crypto Crypto engine, use default if not set |
|
235 | + * @return bool True if certificate signature is valid |
|
236 | + */ |
|
237 | + public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool |
|
238 | + { |
|
239 | + $crypto = $crypto ?: Crypto::getDefault(); |
|
240 | + $data = $this->_tbsCertificate->toASN1()->toDER(); |
|
241 | + return $crypto->verify($data, $this->_signatureValue, $pubkey_info, |
|
242 | + $this->_signatureAlgorithm); |
|
243 | + } |
|
244 | + |
|
245 | + /** |
|
246 | + * Get certificate as a PEM formatted string. |
|
247 | + * |
|
248 | + * @return string |
|
249 | + */ |
|
250 | + public function __toString() |
|
251 | + { |
|
252 | + return $this->toPEM()->string(); |
|
253 | + } |
|
254 | 254 | } |
@@ -15,170 +15,170 @@ |
||
15 | 15 | * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.5 |
16 | 16 | */ |
17 | 17 | class PolicyMappingsExtension extends Extension implements |
18 | - \Countable, |
|
19 | - \IteratorAggregate |
|
18 | + \Countable, |
|
19 | + \IteratorAggregate |
|
20 | 20 | { |
21 | - /** |
|
22 | - * Policy mappings. |
|
23 | - * |
|
24 | - * @var PolicyMapping[] $_mappings |
|
25 | - */ |
|
26 | - protected $_mappings; |
|
21 | + /** |
|
22 | + * Policy mappings. |
|
23 | + * |
|
24 | + * @var PolicyMapping[] $_mappings |
|
25 | + */ |
|
26 | + protected $_mappings; |
|
27 | 27 | |
28 | - /** |
|
29 | - * Constructor. |
|
30 | - * |
|
31 | - * @param bool $critical |
|
32 | - * @param PolicyMapping ...$mappings One or more PolicyMapping objects |
|
33 | - */ |
|
34 | - public function __construct(bool $critical, PolicyMapping ...$mappings) |
|
35 | - { |
|
36 | - parent::__construct(self::OID_POLICY_MAPPINGS, $critical); |
|
37 | - $this->_mappings = $mappings; |
|
38 | - } |
|
28 | + /** |
|
29 | + * Constructor. |
|
30 | + * |
|
31 | + * @param bool $critical |
|
32 | + * @param PolicyMapping ...$mappings One or more PolicyMapping objects |
|
33 | + */ |
|
34 | + public function __construct(bool $critical, PolicyMapping ...$mappings) |
|
35 | + { |
|
36 | + parent::__construct(self::OID_POLICY_MAPPINGS, $critical); |
|
37 | + $this->_mappings = $mappings; |
|
38 | + } |
|
39 | 39 | |
40 | - /** |
|
41 | - * |
|
42 | - * {@inheritdoc} |
|
43 | - * @return self |
|
44 | - */ |
|
45 | - protected static function _fromDER(string $data, bool $critical): self |
|
46 | - { |
|
47 | - $mappings = array_map( |
|
48 | - function (UnspecifiedType $el) { |
|
49 | - return PolicyMapping::fromASN1($el->asSequence()); |
|
50 | - }, UnspecifiedType::fromDER($data)->asSequence()->elements()); |
|
51 | - if (!count($mappings)) { |
|
52 | - throw new \UnexpectedValueException( |
|
53 | - "PolicyMappings must have at least one mapping."); |
|
54 | - } |
|
55 | - return new self($critical, ...$mappings); |
|
56 | - } |
|
40 | + /** |
|
41 | + * |
|
42 | + * {@inheritdoc} |
|
43 | + * @return self |
|
44 | + */ |
|
45 | + protected static function _fromDER(string $data, bool $critical): self |
|
46 | + { |
|
47 | + $mappings = array_map( |
|
48 | + function (UnspecifiedType $el) { |
|
49 | + return PolicyMapping::fromASN1($el->asSequence()); |
|
50 | + }, UnspecifiedType::fromDER($data)->asSequence()->elements()); |
|
51 | + if (!count($mappings)) { |
|
52 | + throw new \UnexpectedValueException( |
|
53 | + "PolicyMappings must have at least one mapping."); |
|
54 | + } |
|
55 | + return new self($critical, ...$mappings); |
|
56 | + } |
|
57 | 57 | |
58 | - /** |
|
59 | - * |
|
60 | - * {@inheritdoc} |
|
61 | - * @return Sequence |
|
62 | - */ |
|
63 | - protected function _valueASN1(): Sequence |
|
64 | - { |
|
65 | - if (!count($this->_mappings)) { |
|
66 | - throw new \LogicException("No mappings."); |
|
67 | - } |
|
68 | - $elements = array_map( |
|
69 | - function (PolicyMapping $mapping) { |
|
70 | - return $mapping->toASN1(); |
|
71 | - }, $this->_mappings); |
|
72 | - return new Sequence(...$elements); |
|
73 | - } |
|
58 | + /** |
|
59 | + * |
|
60 | + * {@inheritdoc} |
|
61 | + * @return Sequence |
|
62 | + */ |
|
63 | + protected function _valueASN1(): Sequence |
|
64 | + { |
|
65 | + if (!count($this->_mappings)) { |
|
66 | + throw new \LogicException("No mappings."); |
|
67 | + } |
|
68 | + $elements = array_map( |
|
69 | + function (PolicyMapping $mapping) { |
|
70 | + return $mapping->toASN1(); |
|
71 | + }, $this->_mappings); |
|
72 | + return new Sequence(...$elements); |
|
73 | + } |
|
74 | 74 | |
75 | - /** |
|
76 | - * Get all mappings. |
|
77 | - * |
|
78 | - * @return PolicyMapping[] |
|
79 | - */ |
|
80 | - public function mappings(): array |
|
81 | - { |
|
82 | - return $this->_mappings; |
|
83 | - } |
|
75 | + /** |
|
76 | + * Get all mappings. |
|
77 | + * |
|
78 | + * @return PolicyMapping[] |
|
79 | + */ |
|
80 | + public function mappings(): array |
|
81 | + { |
|
82 | + return $this->_mappings; |
|
83 | + } |
|
84 | 84 | |
85 | - /** |
|
86 | - * Get mappings flattened into a single array of arrays of subject domains |
|
87 | - * keyed by issuer domain. |
|
88 | - * |
|
89 | - * Eg. if policy mappings contains multiple mappings with the same issuer |
|
90 | - * domain policy, their corresponding subject domain policies are placed |
|
91 | - * under the same key. |
|
92 | - * |
|
93 | - * @return (string[])[] |
|
94 | - */ |
|
95 | - public function flattenedMappings(): array |
|
96 | - { |
|
97 | - $mappings = array(); |
|
98 | - foreach ($this->_mappings as $mapping) { |
|
99 | - $idp = $mapping->issuerDomainPolicy(); |
|
100 | - if (!isset($mappings[$idp])) { |
|
101 | - $mappings[$idp] = array(); |
|
102 | - } |
|
103 | - array_push($mappings[$idp], $mapping->subjectDomainPolicy()); |
|
104 | - } |
|
105 | - return $mappings; |
|
106 | - } |
|
85 | + /** |
|
86 | + * Get mappings flattened into a single array of arrays of subject domains |
|
87 | + * keyed by issuer domain. |
|
88 | + * |
|
89 | + * Eg. if policy mappings contains multiple mappings with the same issuer |
|
90 | + * domain policy, their corresponding subject domain policies are placed |
|
91 | + * under the same key. |
|
92 | + * |
|
93 | + * @return (string[])[] |
|
94 | + */ |
|
95 | + public function flattenedMappings(): array |
|
96 | + { |
|
97 | + $mappings = array(); |
|
98 | + foreach ($this->_mappings as $mapping) { |
|
99 | + $idp = $mapping->issuerDomainPolicy(); |
|
100 | + if (!isset($mappings[$idp])) { |
|
101 | + $mappings[$idp] = array(); |
|
102 | + } |
|
103 | + array_push($mappings[$idp], $mapping->subjectDomainPolicy()); |
|
104 | + } |
|
105 | + return $mappings; |
|
106 | + } |
|
107 | 107 | |
108 | - /** |
|
109 | - * Get all subject domain policy OIDs that are mapped to given issuer |
|
110 | - * domain policy OID. |
|
111 | - * |
|
112 | - * @param string $oid Issuer domain policy |
|
113 | - * @return string[] List of OIDs in dotted format |
|
114 | - */ |
|
115 | - public function issuerMappings(string $oid): array |
|
116 | - { |
|
117 | - $oids = array(); |
|
118 | - foreach ($this->_mappings as $mapping) { |
|
119 | - if ($mapping->issuerDomainPolicy() == $oid) { |
|
120 | - $oids[] = $mapping->subjectDomainPolicy(); |
|
121 | - } |
|
122 | - } |
|
123 | - return $oids; |
|
124 | - } |
|
108 | + /** |
|
109 | + * Get all subject domain policy OIDs that are mapped to given issuer |
|
110 | + * domain policy OID. |
|
111 | + * |
|
112 | + * @param string $oid Issuer domain policy |
|
113 | + * @return string[] List of OIDs in dotted format |
|
114 | + */ |
|
115 | + public function issuerMappings(string $oid): array |
|
116 | + { |
|
117 | + $oids = array(); |
|
118 | + foreach ($this->_mappings as $mapping) { |
|
119 | + if ($mapping->issuerDomainPolicy() == $oid) { |
|
120 | + $oids[] = $mapping->subjectDomainPolicy(); |
|
121 | + } |
|
122 | + } |
|
123 | + return $oids; |
|
124 | + } |
|
125 | 125 | |
126 | - /** |
|
127 | - * Get all mapped issuer domain policy OIDs. |
|
128 | - * |
|
129 | - * @return string[] |
|
130 | - */ |
|
131 | - public function issuerDomainPolicies(): array |
|
132 | - { |
|
133 | - $idps = array_map( |
|
134 | - function (PolicyMapping $mapping) { |
|
135 | - return $mapping->issuerDomainPolicy(); |
|
136 | - }, $this->_mappings); |
|
137 | - return array_values(array_unique($idps)); |
|
138 | - } |
|
126 | + /** |
|
127 | + * Get all mapped issuer domain policy OIDs. |
|
128 | + * |
|
129 | + * @return string[] |
|
130 | + */ |
|
131 | + public function issuerDomainPolicies(): array |
|
132 | + { |
|
133 | + $idps = array_map( |
|
134 | + function (PolicyMapping $mapping) { |
|
135 | + return $mapping->issuerDomainPolicy(); |
|
136 | + }, $this->_mappings); |
|
137 | + return array_values(array_unique($idps)); |
|
138 | + } |
|
139 | 139 | |
140 | - /** |
|
141 | - * Check whether policy mappings have anyPolicy mapped. |
|
142 | - * |
|
143 | - * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either |
|
144 | - * to or from the special value anyPolicy". |
|
145 | - * |
|
146 | - * @return bool |
|
147 | - */ |
|
148 | - public function hasAnyPolicyMapping(): bool |
|
149 | - { |
|
150 | - foreach ($this->_mappings as $mapping) { |
|
151 | - if ($mapping->issuerDomainPolicy() == |
|
152 | - PolicyInformation::OID_ANY_POLICY) { |
|
153 | - return true; |
|
154 | - } |
|
155 | - if ($mapping->subjectDomainPolicy() == |
|
156 | - PolicyInformation::OID_ANY_POLICY) { |
|
157 | - return true; |
|
158 | - } |
|
159 | - } |
|
160 | - return false; |
|
161 | - } |
|
140 | + /** |
|
141 | + * Check whether policy mappings have anyPolicy mapped. |
|
142 | + * |
|
143 | + * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either |
|
144 | + * to or from the special value anyPolicy". |
|
145 | + * |
|
146 | + * @return bool |
|
147 | + */ |
|
148 | + public function hasAnyPolicyMapping(): bool |
|
149 | + { |
|
150 | + foreach ($this->_mappings as $mapping) { |
|
151 | + if ($mapping->issuerDomainPolicy() == |
|
152 | + PolicyInformation::OID_ANY_POLICY) { |
|
153 | + return true; |
|
154 | + } |
|
155 | + if ($mapping->subjectDomainPolicy() == |
|
156 | + PolicyInformation::OID_ANY_POLICY) { |
|
157 | + return true; |
|
158 | + } |
|
159 | + } |
|
160 | + return false; |
|
161 | + } |
|
162 | 162 | |
163 | - /** |
|
164 | - * Get the number of mappings. |
|
165 | - * |
|
166 | - * @see \Countable::count() |
|
167 | - * @return int |
|
168 | - */ |
|
169 | - public function count(): int |
|
170 | - { |
|
171 | - return count($this->_mappings); |
|
172 | - } |
|
163 | + /** |
|
164 | + * Get the number of mappings. |
|
165 | + * |
|
166 | + * @see \Countable::count() |
|
167 | + * @return int |
|
168 | + */ |
|
169 | + public function count(): int |
|
170 | + { |
|
171 | + return count($this->_mappings); |
|
172 | + } |
|
173 | 173 | |
174 | - /** |
|
175 | - * Get iterator for policy mappings. |
|
176 | - * |
|
177 | - * @see \IteratorAggregate::getIterator() |
|
178 | - * @return \ArrayIterator |
|
179 | - */ |
|
180 | - public function getIterator(): \ArrayIterator |
|
181 | - { |
|
182 | - return new \ArrayIterator($this->_mappings); |
|
183 | - } |
|
174 | + /** |
|
175 | + * Get iterator for policy mappings. |
|
176 | + * |
|
177 | + * @see \IteratorAggregate::getIterator() |
|
178 | + * @return \ArrayIterator |
|
179 | + */ |
|
180 | + public function getIterator(): \ArrayIterator |
|
181 | + { |
|
182 | + return new \ArrayIterator($this->_mappings); |
|
183 | + } |
|
184 | 184 | } |
@@ -45,7 +45,7 @@ discard block |
||
45 | 45 | protected static function _fromDER(string $data, bool $critical): self |
46 | 46 | { |
47 | 47 | $mappings = array_map( |
48 | - function (UnspecifiedType $el) { |
|
48 | + function(UnspecifiedType $el) { |
|
49 | 49 | return PolicyMapping::fromASN1($el->asSequence()); |
50 | 50 | }, UnspecifiedType::fromDER($data)->asSequence()->elements()); |
51 | 51 | if (!count($mappings)) { |
@@ -66,7 +66,7 @@ discard block |
||
66 | 66 | throw new \LogicException("No mappings."); |
67 | 67 | } |
68 | 68 | $elements = array_map( |
69 | - function (PolicyMapping $mapping) { |
|
69 | + function(PolicyMapping $mapping) { |
|
70 | 70 | return $mapping->toASN1(); |
71 | 71 | }, $this->_mappings); |
72 | 72 | return new Sequence(...$elements); |
@@ -131,7 +131,7 @@ discard block |
||
131 | 131 | public function issuerDomainPolicies(): array |
132 | 132 | { |
133 | 133 | $idps = array_map( |
134 | - function (PolicyMapping $mapping) { |
|
134 | + function(PolicyMapping $mapping) { |
|
135 | 135 | return $mapping->issuerDomainPolicy(); |
136 | 136 | }, $this->_mappings); |
137 | 137 | return array_values(array_unique($idps)); |
@@ -19,170 +19,170 @@ |
||
19 | 19 | */ |
20 | 20 | class AuthorityKeyIdentifierExtension extends Extension |
21 | 21 | { |
22 | - /** |
|
23 | - * Key identifier. |
|
24 | - * |
|
25 | - * @var string|null $_keyIdentifier |
|
26 | - */ |
|
27 | - protected $_keyIdentifier; |
|
22 | + /** |
|
23 | + * Key identifier. |
|
24 | + * |
|
25 | + * @var string|null $_keyIdentifier |
|
26 | + */ |
|
27 | + protected $_keyIdentifier; |
|
28 | 28 | |
29 | - /** |
|
30 | - * Issuer name. |
|
31 | - * |
|
32 | - * @var GeneralNames|null $_authorityCertIssuer |
|
33 | - */ |
|
34 | - protected $_authorityCertIssuer; |
|
29 | + /** |
|
30 | + * Issuer name. |
|
31 | + * |
|
32 | + * @var GeneralNames|null $_authorityCertIssuer |
|
33 | + */ |
|
34 | + protected $_authorityCertIssuer; |
|
35 | 35 | |
36 | - /** |
|
37 | - * Issuer serial number. |
|
38 | - * |
|
39 | - * @var string|null $_authorityCertSerialNumber |
|
40 | - */ |
|
41 | - protected $_authorityCertSerialNumber; |
|
36 | + /** |
|
37 | + * Issuer serial number. |
|
38 | + * |
|
39 | + * @var string|null $_authorityCertSerialNumber |
|
40 | + */ |
|
41 | + protected $_authorityCertSerialNumber; |
|
42 | 42 | |
43 | - /** |
|
44 | - * Constructor. |
|
45 | - * |
|
46 | - * @param bool $critical Conforming CA's must mark as non-critical (false) |
|
47 | - * @param string|null $keyIdentifier |
|
48 | - * @param GeneralNames|null $issuer |
|
49 | - * @param string|null $serial |
|
50 | - */ |
|
51 | - public function __construct(bool $critical, $keyIdentifier, |
|
52 | - GeneralNames $issuer = null, $serial = null) |
|
53 | - { |
|
54 | - parent::__construct(self::OID_AUTHORITY_KEY_IDENTIFIER, $critical); |
|
55 | - $this->_keyIdentifier = $keyIdentifier; |
|
56 | - $this->_authorityCertIssuer = $issuer; |
|
57 | - $this->_authorityCertSerialNumber = isset($serial) ? strval($serial) : null; |
|
58 | - } |
|
43 | + /** |
|
44 | + * Constructor. |
|
45 | + * |
|
46 | + * @param bool $critical Conforming CA's must mark as non-critical (false) |
|
47 | + * @param string|null $keyIdentifier |
|
48 | + * @param GeneralNames|null $issuer |
|
49 | + * @param string|null $serial |
|
50 | + */ |
|
51 | + public function __construct(bool $critical, $keyIdentifier, |
|
52 | + GeneralNames $issuer = null, $serial = null) |
|
53 | + { |
|
54 | + parent::__construct(self::OID_AUTHORITY_KEY_IDENTIFIER, $critical); |
|
55 | + $this->_keyIdentifier = $keyIdentifier; |
|
56 | + $this->_authorityCertIssuer = $issuer; |
|
57 | + $this->_authorityCertSerialNumber = isset($serial) ? strval($serial) : null; |
|
58 | + } |
|
59 | 59 | |
60 | - /** |
|
61 | - * |
|
62 | - * {@inheritdoc} |
|
63 | - * @return self |
|
64 | - */ |
|
65 | - protected static function _fromDER(string $data, bool $critical): self |
|
66 | - { |
|
67 | - $seq = UnspecifiedType::fromDER($data)->asSequence(); |
|
68 | - $keyIdentifier = null; |
|
69 | - $issuer = null; |
|
70 | - $serial = null; |
|
71 | - if ($seq->hasTagged(0)) { |
|
72 | - $keyIdentifier = $seq->getTagged(0) |
|
73 | - ->asImplicit(Element::TYPE_OCTET_STRING) |
|
74 | - ->asOctetString() |
|
75 | - ->string(); |
|
76 | - } |
|
77 | - if ($seq->hasTagged(1) || $seq->hasTagged(2)) { |
|
78 | - if (!$seq->hasTagged(1) || !$seq->hasTagged(2)) { |
|
79 | - throw new \UnexpectedValueException( |
|
80 | - "AuthorityKeyIdentifier must have both" . |
|
81 | - " authorityCertIssuer and authorityCertSerialNumber" . |
|
82 | - " present or both absent."); |
|
83 | - } |
|
84 | - $issuer = GeneralNames::fromASN1( |
|
85 | - $seq->getTagged(1) |
|
86 | - ->asImplicit(Element::TYPE_SEQUENCE) |
|
87 | - ->asSequence()); |
|
88 | - $serial = $seq->getTagged(2) |
|
89 | - ->asImplicit(Element::TYPE_INTEGER) |
|
90 | - ->asInteger() |
|
91 | - ->number(); |
|
92 | - } |
|
93 | - return new self($critical, $keyIdentifier, $issuer, $serial); |
|
94 | - } |
|
60 | + /** |
|
61 | + * |
|
62 | + * {@inheritdoc} |
|
63 | + * @return self |
|
64 | + */ |
|
65 | + protected static function _fromDER(string $data, bool $critical): self |
|
66 | + { |
|
67 | + $seq = UnspecifiedType::fromDER($data)->asSequence(); |
|
68 | + $keyIdentifier = null; |
|
69 | + $issuer = null; |
|
70 | + $serial = null; |
|
71 | + if ($seq->hasTagged(0)) { |
|
72 | + $keyIdentifier = $seq->getTagged(0) |
|
73 | + ->asImplicit(Element::TYPE_OCTET_STRING) |
|
74 | + ->asOctetString() |
|
75 | + ->string(); |
|
76 | + } |
|
77 | + if ($seq->hasTagged(1) || $seq->hasTagged(2)) { |
|
78 | + if (!$seq->hasTagged(1) || !$seq->hasTagged(2)) { |
|
79 | + throw new \UnexpectedValueException( |
|
80 | + "AuthorityKeyIdentifier must have both" . |
|
81 | + " authorityCertIssuer and authorityCertSerialNumber" . |
|
82 | + " present or both absent."); |
|
83 | + } |
|
84 | + $issuer = GeneralNames::fromASN1( |
|
85 | + $seq->getTagged(1) |
|
86 | + ->asImplicit(Element::TYPE_SEQUENCE) |
|
87 | + ->asSequence()); |
|
88 | + $serial = $seq->getTagged(2) |
|
89 | + ->asImplicit(Element::TYPE_INTEGER) |
|
90 | + ->asInteger() |
|
91 | + ->number(); |
|
92 | + } |
|
93 | + return new self($critical, $keyIdentifier, $issuer, $serial); |
|
94 | + } |
|
95 | 95 | |
96 | - /** |
|
97 | - * Whether key identifier is present. |
|
98 | - * |
|
99 | - * @return bool |
|
100 | - */ |
|
101 | - public function hasKeyIdentifier(): bool |
|
102 | - { |
|
103 | - return isset($this->_keyIdentifier); |
|
104 | - } |
|
96 | + /** |
|
97 | + * Whether key identifier is present. |
|
98 | + * |
|
99 | + * @return bool |
|
100 | + */ |
|
101 | + public function hasKeyIdentifier(): bool |
|
102 | + { |
|
103 | + return isset($this->_keyIdentifier); |
|
104 | + } |
|
105 | 105 | |
106 | - /** |
|
107 | - * Get key identifier. |
|
108 | - * |
|
109 | - * @throws \LogicException |
|
110 | - * @return string |
|
111 | - */ |
|
112 | - public function keyIdentifier(): string |
|
113 | - { |
|
114 | - if (!$this->hasKeyIdentifier()) { |
|
115 | - throw new \LogicException("keyIdentifier not set."); |
|
116 | - } |
|
117 | - return $this->_keyIdentifier; |
|
118 | - } |
|
106 | + /** |
|
107 | + * Get key identifier. |
|
108 | + * |
|
109 | + * @throws \LogicException |
|
110 | + * @return string |
|
111 | + */ |
|
112 | + public function keyIdentifier(): string |
|
113 | + { |
|
114 | + if (!$this->hasKeyIdentifier()) { |
|
115 | + throw new \LogicException("keyIdentifier not set."); |
|
116 | + } |
|
117 | + return $this->_keyIdentifier; |
|
118 | + } |
|
119 | 119 | |
120 | - /** |
|
121 | - * Whether issuer is present. |
|
122 | - * |
|
123 | - * @return bool |
|
124 | - */ |
|
125 | - public function hasIssuer(): bool |
|
126 | - { |
|
127 | - return isset($this->_authorityCertIssuer); |
|
128 | - } |
|
120 | + /** |
|
121 | + * Whether issuer is present. |
|
122 | + * |
|
123 | + * @return bool |
|
124 | + */ |
|
125 | + public function hasIssuer(): bool |
|
126 | + { |
|
127 | + return isset($this->_authorityCertIssuer); |
|
128 | + } |
|
129 | 129 | |
130 | - /** |
|
131 | - * Get issuer. |
|
132 | - * |
|
133 | - * @throws \LogicException |
|
134 | - * @return GeneralNames |
|
135 | - */ |
|
136 | - public function issuer(): GeneralNames |
|
137 | - { |
|
138 | - if (!$this->hasIssuer()) { |
|
139 | - throw new \LogicException("authorityCertIssuer not set."); |
|
140 | - } |
|
141 | - return $this->_authorityCertIssuer; |
|
142 | - } |
|
130 | + /** |
|
131 | + * Get issuer. |
|
132 | + * |
|
133 | + * @throws \LogicException |
|
134 | + * @return GeneralNames |
|
135 | + */ |
|
136 | + public function issuer(): GeneralNames |
|
137 | + { |
|
138 | + if (!$this->hasIssuer()) { |
|
139 | + throw new \LogicException("authorityCertIssuer not set."); |
|
140 | + } |
|
141 | + return $this->_authorityCertIssuer; |
|
142 | + } |
|
143 | 143 | |
144 | - /** |
|
145 | - * Get serial number. |
|
146 | - * |
|
147 | - * @throws \LogicException |
|
148 | - * @return string Base 10 integer string |
|
149 | - */ |
|
150 | - public function serial(): string |
|
151 | - { |
|
152 | - // both issuer and serial must be present or both absent |
|
153 | - if (!$this->hasIssuer()) { |
|
154 | - throw new \LogicException("authorityCertSerialNumber not set."); |
|
155 | - } |
|
156 | - return $this->_authorityCertSerialNumber; |
|
157 | - } |
|
144 | + /** |
|
145 | + * Get serial number. |
|
146 | + * |
|
147 | + * @throws \LogicException |
|
148 | + * @return string Base 10 integer string |
|
149 | + */ |
|
150 | + public function serial(): string |
|
151 | + { |
|
152 | + // both issuer and serial must be present or both absent |
|
153 | + if (!$this->hasIssuer()) { |
|
154 | + throw new \LogicException("authorityCertSerialNumber not set."); |
|
155 | + } |
|
156 | + return $this->_authorityCertSerialNumber; |
|
157 | + } |
|
158 | 158 | |
159 | - /** |
|
160 | - * |
|
161 | - * {@inheritdoc} |
|
162 | - * @return Sequence |
|
163 | - */ |
|
164 | - protected function _valueASN1(): Sequence |
|
165 | - { |
|
166 | - $elements = array(); |
|
167 | - if (isset($this->_keyIdentifier)) { |
|
168 | - $elements[] = new ImplicitlyTaggedType(0, |
|
169 | - new OctetString($this->_keyIdentifier)); |
|
170 | - } |
|
171 | - // if either issuer or serial is set, both must be set |
|
172 | - if (isset($this->_authorityCertIssuer) || |
|
173 | - isset($this->_authorityCertSerialNumber)) { |
|
174 | - if (!isset($this->_authorityCertIssuer, |
|
175 | - $this->_authorityCertSerialNumber)) { |
|
176 | - throw new \LogicException( |
|
177 | - "AuthorityKeyIdentifier must have both" . |
|
178 | - " authorityCertIssuer and authorityCertSerialNumber" . |
|
179 | - " present or both absent."); |
|
180 | - } |
|
181 | - $elements[] = new ImplicitlyTaggedType(1, |
|
182 | - $this->_authorityCertIssuer->toASN1()); |
|
183 | - $elements[] = new ImplicitlyTaggedType(2, |
|
184 | - new Integer($this->_authorityCertSerialNumber)); |
|
185 | - } |
|
186 | - return new Sequence(...$elements); |
|
187 | - } |
|
159 | + /** |
|
160 | + * |
|
161 | + * {@inheritdoc} |
|
162 | + * @return Sequence |
|
163 | + */ |
|
164 | + protected function _valueASN1(): Sequence |
|
165 | + { |
|
166 | + $elements = array(); |
|
167 | + if (isset($this->_keyIdentifier)) { |
|
168 | + $elements[] = new ImplicitlyTaggedType(0, |
|
169 | + new OctetString($this->_keyIdentifier)); |
|
170 | + } |
|
171 | + // if either issuer or serial is set, both must be set |
|
172 | + if (isset($this->_authorityCertIssuer) || |
|
173 | + isset($this->_authorityCertSerialNumber)) { |
|
174 | + if (!isset($this->_authorityCertIssuer, |
|
175 | + $this->_authorityCertSerialNumber)) { |
|
176 | + throw new \LogicException( |
|
177 | + "AuthorityKeyIdentifier must have both" . |
|
178 | + " authorityCertIssuer and authorityCertSerialNumber" . |
|
179 | + " present or both absent."); |
|
180 | + } |
|
181 | + $elements[] = new ImplicitlyTaggedType(1, |
|
182 | + $this->_authorityCertIssuer->toASN1()); |
|
183 | + $elements[] = new ImplicitlyTaggedType(2, |
|
184 | + new Integer($this->_authorityCertSerialNumber)); |
|
185 | + } |
|
186 | + return new Sequence(...$elements); |
|
187 | + } |
|
188 | 188 | } |
@@ -19,215 +19,215 @@ |
||
19 | 19 | */ |
20 | 20 | class AAControlsExtension extends Extension |
21 | 21 | { |
22 | - /** |
|
23 | - * Path length contraint. |
|
24 | - * |
|
25 | - * @var int|null $_pathLenConstraint |
|
26 | - */ |
|
27 | - protected $_pathLenConstraint; |
|
22 | + /** |
|
23 | + * Path length contraint. |
|
24 | + * |
|
25 | + * @var int|null $_pathLenConstraint |
|
26 | + */ |
|
27 | + protected $_pathLenConstraint; |
|
28 | 28 | |
29 | - /** |
|
30 | - * Permitted attributes. |
|
31 | - * |
|
32 | - * Array of OID's. |
|
33 | - * |
|
34 | - * @var string[]|null $_permittedAttrs |
|
35 | - */ |
|
36 | - protected $_permittedAttrs; |
|
29 | + /** |
|
30 | + * Permitted attributes. |
|
31 | + * |
|
32 | + * Array of OID's. |
|
33 | + * |
|
34 | + * @var string[]|null $_permittedAttrs |
|
35 | + */ |
|
36 | + protected $_permittedAttrs; |
|
37 | 37 | |
38 | - /** |
|
39 | - * Excluded attributes. |
|
40 | - * |
|
41 | - * Array of OID's. |
|
42 | - * |
|
43 | - * @var string[]|null $_excludedAttrs |
|
44 | - */ |
|
45 | - protected $_excludedAttrs; |
|
38 | + /** |
|
39 | + * Excluded attributes. |
|
40 | + * |
|
41 | + * Array of OID's. |
|
42 | + * |
|
43 | + * @var string[]|null $_excludedAttrs |
|
44 | + */ |
|
45 | + protected $_excludedAttrs; |
|
46 | 46 | |
47 | - /** |
|
48 | - * Whether to permit unspecified attributes. |
|
49 | - * |
|
50 | - * @var bool $_permitUnSpecified |
|
51 | - */ |
|
52 | - protected $_permitUnSpecified; |
|
47 | + /** |
|
48 | + * Whether to permit unspecified attributes. |
|
49 | + * |
|
50 | + * @var bool $_permitUnSpecified |
|
51 | + */ |
|
52 | + protected $_permitUnSpecified; |
|
53 | 53 | |
54 | - /** |
|
55 | - * Constructor. |
|
56 | - * |
|
57 | - * @param bool $critical |
|
58 | - * @param int|null $path_len |
|
59 | - * @param string[]|null $permitted |
|
60 | - * @param string[]|null $excluded |
|
61 | - * @param bool $permit_unspecified |
|
62 | - */ |
|
63 | - public function __construct(bool $critical, $path_len = null, |
|
64 | - array $permitted = null, array $excluded = null, bool $permit_unspecified = true) |
|
65 | - { |
|
66 | - parent::__construct(self::OID_AA_CONTROLS, $critical); |
|
67 | - $this->_pathLenConstraint = isset($path_len) ? intval($path_len) : null; |
|
68 | - $this->_permittedAttrs = $permitted; |
|
69 | - $this->_excludedAttrs = $excluded; |
|
70 | - $this->_permitUnSpecified = $permit_unspecified; |
|
71 | - } |
|
54 | + /** |
|
55 | + * Constructor. |
|
56 | + * |
|
57 | + * @param bool $critical |
|
58 | + * @param int|null $path_len |
|
59 | + * @param string[]|null $permitted |
|
60 | + * @param string[]|null $excluded |
|
61 | + * @param bool $permit_unspecified |
|
62 | + */ |
|
63 | + public function __construct(bool $critical, $path_len = null, |
|
64 | + array $permitted = null, array $excluded = null, bool $permit_unspecified = true) |
|
65 | + { |
|
66 | + parent::__construct(self::OID_AA_CONTROLS, $critical); |
|
67 | + $this->_pathLenConstraint = isset($path_len) ? intval($path_len) : null; |
|
68 | + $this->_permittedAttrs = $permitted; |
|
69 | + $this->_excludedAttrs = $excluded; |
|
70 | + $this->_permitUnSpecified = $permit_unspecified; |
|
71 | + } |
|
72 | 72 | |
73 | - /** |
|
74 | - * |
|
75 | - * {@inheritdoc} |
|
76 | - * @return self |
|
77 | - */ |
|
78 | - protected static function _fromDER(string $data, bool $critical): self |
|
79 | - { |
|
80 | - $seq = UnspecifiedType::fromDER($data)->asSequence(); |
|
81 | - $path_len = null; |
|
82 | - $permitted = null; |
|
83 | - $excluded = null; |
|
84 | - $permit_unspecified = true; |
|
85 | - $idx = 0; |
|
86 | - if ($seq->has($idx, Element::TYPE_INTEGER)) { |
|
87 | - $path_len = $seq->at($idx++) |
|
88 | - ->asInteger() |
|
89 | - ->intNumber(); |
|
90 | - } |
|
91 | - if ($seq->hasTagged(0)) { |
|
92 | - $attr_seq = $seq->getTagged(0) |
|
93 | - ->asImplicit(Element::TYPE_SEQUENCE) |
|
94 | - ->asSequence(); |
|
95 | - $permitted = array_map( |
|
96 | - function (UnspecifiedType $el) { |
|
97 | - return $el->asObjectIdentifier()->oid(); |
|
98 | - }, $attr_seq->elements()); |
|
99 | - $idx++; |
|
100 | - } |
|
101 | - if ($seq->hasTagged(1)) { |
|
102 | - $attr_seq = $seq->getTagged(1) |
|
103 | - ->asImplicit(Element::TYPE_SEQUENCE) |
|
104 | - ->asSequence(); |
|
105 | - $excluded = array_map( |
|
106 | - function (UnspecifiedType $el) { |
|
107 | - return $el->asObjectIdentifier()->oid(); |
|
108 | - }, $attr_seq->elements()); |
|
109 | - $idx++; |
|
110 | - } |
|
111 | - if ($seq->has($idx, Element::TYPE_BOOLEAN)) { |
|
112 | - $permit_unspecified = $seq->at($idx++) |
|
113 | - ->asBoolean() |
|
114 | - ->value(); |
|
115 | - } |
|
116 | - return new self($critical, $path_len, $permitted, $excluded, |
|
117 | - $permit_unspecified); |
|
118 | - } |
|
73 | + /** |
|
74 | + * |
|
75 | + * {@inheritdoc} |
|
76 | + * @return self |
|
77 | + */ |
|
78 | + protected static function _fromDER(string $data, bool $critical): self |
|
79 | + { |
|
80 | + $seq = UnspecifiedType::fromDER($data)->asSequence(); |
|
81 | + $path_len = null; |
|
82 | + $permitted = null; |
|
83 | + $excluded = null; |
|
84 | + $permit_unspecified = true; |
|
85 | + $idx = 0; |
|
86 | + if ($seq->has($idx, Element::TYPE_INTEGER)) { |
|
87 | + $path_len = $seq->at($idx++) |
|
88 | + ->asInteger() |
|
89 | + ->intNumber(); |
|
90 | + } |
|
91 | + if ($seq->hasTagged(0)) { |
|
92 | + $attr_seq = $seq->getTagged(0) |
|
93 | + ->asImplicit(Element::TYPE_SEQUENCE) |
|
94 | + ->asSequence(); |
|
95 | + $permitted = array_map( |
|
96 | + function (UnspecifiedType $el) { |
|
97 | + return $el->asObjectIdentifier()->oid(); |
|
98 | + }, $attr_seq->elements()); |
|
99 | + $idx++; |
|
100 | + } |
|
101 | + if ($seq->hasTagged(1)) { |
|
102 | + $attr_seq = $seq->getTagged(1) |
|
103 | + ->asImplicit(Element::TYPE_SEQUENCE) |
|
104 | + ->asSequence(); |
|
105 | + $excluded = array_map( |
|
106 | + function (UnspecifiedType $el) { |
|
107 | + return $el->asObjectIdentifier()->oid(); |
|
108 | + }, $attr_seq->elements()); |
|
109 | + $idx++; |
|
110 | + } |
|
111 | + if ($seq->has($idx, Element::TYPE_BOOLEAN)) { |
|
112 | + $permit_unspecified = $seq->at($idx++) |
|
113 | + ->asBoolean() |
|
114 | + ->value(); |
|
115 | + } |
|
116 | + return new self($critical, $path_len, $permitted, $excluded, |
|
117 | + $permit_unspecified); |
|
118 | + } |
|
119 | 119 | |
120 | - /** |
|
121 | - * Check whether path length constraint is present. |
|
122 | - * |
|
123 | - * @return bool |
|
124 | - */ |
|
125 | - public function hasPathLen(): bool |
|
126 | - { |
|
127 | - return isset($this->_pathLenConstraint); |
|
128 | - } |
|
120 | + /** |
|
121 | + * Check whether path length constraint is present. |
|
122 | + * |
|
123 | + * @return bool |
|
124 | + */ |
|
125 | + public function hasPathLen(): bool |
|
126 | + { |
|
127 | + return isset($this->_pathLenConstraint); |
|
128 | + } |
|
129 | 129 | |
130 | - /** |
|
131 | - * Get path length constraint. |
|
132 | - * |
|
133 | - * @throws \LogicException |
|
134 | - * @return int |
|
135 | - */ |
|
136 | - public function pathLen(): int |
|
137 | - { |
|
138 | - if (!$this->hasPathLen()) { |
|
139 | - throw new \LogicException("pathLen not set."); |
|
140 | - } |
|
141 | - return $this->_pathLenConstraint; |
|
142 | - } |
|
130 | + /** |
|
131 | + * Get path length constraint. |
|
132 | + * |
|
133 | + * @throws \LogicException |
|
134 | + * @return int |
|
135 | + */ |
|
136 | + public function pathLen(): int |
|
137 | + { |
|
138 | + if (!$this->hasPathLen()) { |
|
139 | + throw new \LogicException("pathLen not set."); |
|
140 | + } |
|
141 | + return $this->_pathLenConstraint; |
|
142 | + } |
|
143 | 143 | |
144 | - /** |
|
145 | - * Check whether permitted attributes are present. |
|
146 | - * |
|
147 | - * @return bool |
|
148 | - */ |
|
149 | - public function hasPermittedAttrs(): bool |
|
150 | - { |
|
151 | - return isset($this->_permittedAttrs); |
|
152 | - } |
|
144 | + /** |
|
145 | + * Check whether permitted attributes are present. |
|
146 | + * |
|
147 | + * @return bool |
|
148 | + */ |
|
149 | + public function hasPermittedAttrs(): bool |
|
150 | + { |
|
151 | + return isset($this->_permittedAttrs); |
|
152 | + } |
|
153 | 153 | |
154 | - /** |
|
155 | - * Get OID's of permitted attributes. |
|
156 | - * |
|
157 | - * @throws \LogicException |
|
158 | - * @return string[] |
|
159 | - */ |
|
160 | - public function permittedAttrs(): array |
|
161 | - { |
|
162 | - if (!$this->hasPermittedAttrs()) { |
|
163 | - throw new \LogicException("permittedAttrs not set."); |
|
164 | - } |
|
165 | - return $this->_permittedAttrs; |
|
166 | - } |
|
154 | + /** |
|
155 | + * Get OID's of permitted attributes. |
|
156 | + * |
|
157 | + * @throws \LogicException |
|
158 | + * @return string[] |
|
159 | + */ |
|
160 | + public function permittedAttrs(): array |
|
161 | + { |
|
162 | + if (!$this->hasPermittedAttrs()) { |
|
163 | + throw new \LogicException("permittedAttrs not set."); |
|
164 | + } |
|
165 | + return $this->_permittedAttrs; |
|
166 | + } |
|
167 | 167 | |
168 | - /** |
|
169 | - * Check whether excluded attributes are present. |
|
170 | - * |
|
171 | - * @return bool |
|
172 | - */ |
|
173 | - public function hasExcludedAttrs(): bool |
|
174 | - { |
|
175 | - return isset($this->_excludedAttrs); |
|
176 | - } |
|
168 | + /** |
|
169 | + * Check whether excluded attributes are present. |
|
170 | + * |
|
171 | + * @return bool |
|
172 | + */ |
|
173 | + public function hasExcludedAttrs(): bool |
|
174 | + { |
|
175 | + return isset($this->_excludedAttrs); |
|
176 | + } |
|
177 | 177 | |
178 | - /** |
|
179 | - * Get OID's of excluded attributes. |
|
180 | - * |
|
181 | - * @throws \LogicException |
|
182 | - * @return string[] |
|
183 | - */ |
|
184 | - public function excludedAttrs(): array |
|
185 | - { |
|
186 | - if (!$this->hasExcludedAttrs()) { |
|
187 | - throw new \LogicException("excludedAttrs not set."); |
|
188 | - } |
|
189 | - return $this->_excludedAttrs; |
|
190 | - } |
|
178 | + /** |
|
179 | + * Get OID's of excluded attributes. |
|
180 | + * |
|
181 | + * @throws \LogicException |
|
182 | + * @return string[] |
|
183 | + */ |
|
184 | + public function excludedAttrs(): array |
|
185 | + { |
|
186 | + if (!$this->hasExcludedAttrs()) { |
|
187 | + throw new \LogicException("excludedAttrs not set."); |
|
188 | + } |
|
189 | + return $this->_excludedAttrs; |
|
190 | + } |
|
191 | 191 | |
192 | - /** |
|
193 | - * Whether to permit attributes that are not explicitly specified in |
|
194 | - * neither permitted nor excluded list. |
|
195 | - * |
|
196 | - * @return bool |
|
197 | - */ |
|
198 | - public function permitUnspecified(): bool |
|
199 | - { |
|
200 | - return $this->_permitUnSpecified; |
|
201 | - } |
|
192 | + /** |
|
193 | + * Whether to permit attributes that are not explicitly specified in |
|
194 | + * neither permitted nor excluded list. |
|
195 | + * |
|
196 | + * @return bool |
|
197 | + */ |
|
198 | + public function permitUnspecified(): bool |
|
199 | + { |
|
200 | + return $this->_permitUnSpecified; |
|
201 | + } |
|
202 | 202 | |
203 | - /** |
|
204 | - * |
|
205 | - * {@inheritdoc} |
|
206 | - * @return Sequence |
|
207 | - */ |
|
208 | - protected function _valueASN1(): Sequence |
|
209 | - { |
|
210 | - $elements = array(); |
|
211 | - if (isset($this->_pathLenConstraint)) { |
|
212 | - $elements[] = new Integer($this->_pathLenConstraint); |
|
213 | - } |
|
214 | - if (isset($this->_permittedAttrs)) { |
|
215 | - $oids = array_map( |
|
216 | - function ($oid) { |
|
217 | - return new ObjectIdentifier($oid); |
|
218 | - }, $this->_permittedAttrs); |
|
219 | - $elements[] = new ImplicitlyTaggedType(0, new Sequence(...$oids)); |
|
220 | - } |
|
221 | - if (isset($this->_excludedAttrs)) { |
|
222 | - $oids = array_map( |
|
223 | - function ($oid) { |
|
224 | - return new ObjectIdentifier($oid); |
|
225 | - }, $this->_excludedAttrs); |
|
226 | - $elements[] = new ImplicitlyTaggedType(1, new Sequence(...$oids)); |
|
227 | - } |
|
228 | - if ($this->_permitUnSpecified !== true) { |
|
229 | - $elements[] = new Boolean(false); |
|
230 | - } |
|
231 | - return new Sequence(...$elements); |
|
232 | - } |
|
203 | + /** |
|
204 | + * |
|
205 | + * {@inheritdoc} |
|
206 | + * @return Sequence |
|
207 | + */ |
|
208 | + protected function _valueASN1(): Sequence |
|
209 | + { |
|
210 | + $elements = array(); |
|
211 | + if (isset($this->_pathLenConstraint)) { |
|
212 | + $elements[] = new Integer($this->_pathLenConstraint); |
|
213 | + } |
|
214 | + if (isset($this->_permittedAttrs)) { |
|
215 | + $oids = array_map( |
|
216 | + function ($oid) { |
|
217 | + return new ObjectIdentifier($oid); |
|
218 | + }, $this->_permittedAttrs); |
|
219 | + $elements[] = new ImplicitlyTaggedType(0, new Sequence(...$oids)); |
|
220 | + } |
|
221 | + if (isset($this->_excludedAttrs)) { |
|
222 | + $oids = array_map( |
|
223 | + function ($oid) { |
|
224 | + return new ObjectIdentifier($oid); |
|
225 | + }, $this->_excludedAttrs); |
|
226 | + $elements[] = new ImplicitlyTaggedType(1, new Sequence(...$oids)); |
|
227 | + } |
|
228 | + if ($this->_permitUnSpecified !== true) { |
|
229 | + $elements[] = new Boolean(false); |
|
230 | + } |
|
231 | + return new Sequence(...$elements); |
|
232 | + } |
|
233 | 233 | } |
@@ -15,156 +15,156 @@ |
||
15 | 15 | */ |
16 | 16 | class KeyUsageExtension extends Extension |
17 | 17 | { |
18 | - const DIGITAL_SIGNATURE = 0x100; |
|
19 | - const NON_REPUDIATION = 0x080; |
|
20 | - const KEY_ENCIPHERMENT = 0x040; |
|
21 | - const DATA_ENCIPHERMENT = 0x020; |
|
22 | - const KEY_AGREEMENT = 0x010; |
|
23 | - const KEY_CERT_SIGN = 0x008; |
|
24 | - const CRL_SIGN = 0x004; |
|
25 | - const ENCIPHER_ONLY = 0x002; |
|
26 | - const DECIPHER_ONLY = 0x001; |
|
18 | + const DIGITAL_SIGNATURE = 0x100; |
|
19 | + const NON_REPUDIATION = 0x080; |
|
20 | + const KEY_ENCIPHERMENT = 0x040; |
|
21 | + const DATA_ENCIPHERMENT = 0x020; |
|
22 | + const KEY_AGREEMENT = 0x010; |
|
23 | + const KEY_CERT_SIGN = 0x008; |
|
24 | + const CRL_SIGN = 0x004; |
|
25 | + const ENCIPHER_ONLY = 0x002; |
|
26 | + const DECIPHER_ONLY = 0x001; |
|
27 | 27 | |
28 | - /** |
|
29 | - * Key usage flags. |
|
30 | - * |
|
31 | - * @var int $_keyUsage |
|
32 | - */ |
|
33 | - protected $_keyUsage; |
|
28 | + /** |
|
29 | + * Key usage flags. |
|
30 | + * |
|
31 | + * @var int $_keyUsage |
|
32 | + */ |
|
33 | + protected $_keyUsage; |
|
34 | 34 | |
35 | - /** |
|
36 | - * Constructor. |
|
37 | - * |
|
38 | - * @param bool $critical |
|
39 | - * @param int $keyUsage |
|
40 | - */ |
|
41 | - public function __construct(bool $critical, int $keyUsage) |
|
42 | - { |
|
43 | - parent::__construct(self::OID_KEY_USAGE, $critical); |
|
44 | - $this->_keyUsage = $keyUsage; |
|
45 | - } |
|
35 | + /** |
|
36 | + * Constructor. |
|
37 | + * |
|
38 | + * @param bool $critical |
|
39 | + * @param int $keyUsage |
|
40 | + */ |
|
41 | + public function __construct(bool $critical, int $keyUsage) |
|
42 | + { |
|
43 | + parent::__construct(self::OID_KEY_USAGE, $critical); |
|
44 | + $this->_keyUsage = $keyUsage; |
|
45 | + } |
|
46 | 46 | |
47 | - /** |
|
48 | - * |
|
49 | - * {@inheritdoc} |
|
50 | - * @return self |
|
51 | - */ |
|
52 | - protected static function _fromDER(string $data, bool $critical): self |
|
53 | - { |
|
54 | - return new self($critical, |
|
55 | - Flags::fromBitString(UnspecifiedType::fromDER($data)->asBitString(), |
|
56 | - 9)->intNumber()); |
|
57 | - } |
|
47 | + /** |
|
48 | + * |
|
49 | + * {@inheritdoc} |
|
50 | + * @return self |
|
51 | + */ |
|
52 | + protected static function _fromDER(string $data, bool $critical): self |
|
53 | + { |
|
54 | + return new self($critical, |
|
55 | + Flags::fromBitString(UnspecifiedType::fromDER($data)->asBitString(), |
|
56 | + 9)->intNumber()); |
|
57 | + } |
|
58 | 58 | |
59 | - /** |
|
60 | - * Check whether digitalSignature flag is set. |
|
61 | - * |
|
62 | - * @return bool |
|
63 | - */ |
|
64 | - public function isDigitalSignature(): bool |
|
65 | - { |
|
66 | - return $this->_flagSet(self::DIGITAL_SIGNATURE); |
|
67 | - } |
|
59 | + /** |
|
60 | + * Check whether digitalSignature flag is set. |
|
61 | + * |
|
62 | + * @return bool |
|
63 | + */ |
|
64 | + public function isDigitalSignature(): bool |
|
65 | + { |
|
66 | + return $this->_flagSet(self::DIGITAL_SIGNATURE); |
|
67 | + } |
|
68 | 68 | |
69 | - /** |
|
70 | - * Check whether nonRepudiation/contentCommitment flag is set. |
|
71 | - * |
|
72 | - * @return bool |
|
73 | - */ |
|
74 | - public function isNonRepudiation(): bool |
|
75 | - { |
|
76 | - return $this->_flagSet(self::NON_REPUDIATION); |
|
77 | - } |
|
69 | + /** |
|
70 | + * Check whether nonRepudiation/contentCommitment flag is set. |
|
71 | + * |
|
72 | + * @return bool |
|
73 | + */ |
|
74 | + public function isNonRepudiation(): bool |
|
75 | + { |
|
76 | + return $this->_flagSet(self::NON_REPUDIATION); |
|
77 | + } |
|
78 | 78 | |
79 | - /** |
|
80 | - * Check whether keyEncipherment flag is set. |
|
81 | - * |
|
82 | - * @return bool |
|
83 | - */ |
|
84 | - public function isKeyEncipherment(): bool |
|
85 | - { |
|
86 | - return $this->_flagSet(self::KEY_ENCIPHERMENT); |
|
87 | - } |
|
79 | + /** |
|
80 | + * Check whether keyEncipherment flag is set. |
|
81 | + * |
|
82 | + * @return bool |
|
83 | + */ |
|
84 | + public function isKeyEncipherment(): bool |
|
85 | + { |
|
86 | + return $this->_flagSet(self::KEY_ENCIPHERMENT); |
|
87 | + } |
|
88 | 88 | |
89 | - /** |
|
90 | - * Check whether dataEncipherment flag is set. |
|
91 | - * |
|
92 | - * @return bool |
|
93 | - */ |
|
94 | - public function isDataEncipherment(): bool |
|
95 | - { |
|
96 | - return $this->_flagSet(self::DATA_ENCIPHERMENT); |
|
97 | - } |
|
89 | + /** |
|
90 | + * Check whether dataEncipherment flag is set. |
|
91 | + * |
|
92 | + * @return bool |
|
93 | + */ |
|
94 | + public function isDataEncipherment(): bool |
|
95 | + { |
|
96 | + return $this->_flagSet(self::DATA_ENCIPHERMENT); |
|
97 | + } |
|
98 | 98 | |
99 | - /** |
|
100 | - * Check whether keyAgreement flag is set. |
|
101 | - * |
|
102 | - * @return bool |
|
103 | - */ |
|
104 | - public function isKeyAgreement(): bool |
|
105 | - { |
|
106 | - return $this->_flagSet(self::KEY_AGREEMENT); |
|
107 | - } |
|
99 | + /** |
|
100 | + * Check whether keyAgreement flag is set. |
|
101 | + * |
|
102 | + * @return bool |
|
103 | + */ |
|
104 | + public function isKeyAgreement(): bool |
|
105 | + { |
|
106 | + return $this->_flagSet(self::KEY_AGREEMENT); |
|
107 | + } |
|
108 | 108 | |
109 | - /** |
|
110 | - * Check whether keyCertSign flag is set. |
|
111 | - * |
|
112 | - * @return bool |
|
113 | - */ |
|
114 | - public function isKeyCertSign(): bool |
|
115 | - { |
|
116 | - return $this->_flagSet(self::KEY_CERT_SIGN); |
|
117 | - } |
|
109 | + /** |
|
110 | + * Check whether keyCertSign flag is set. |
|
111 | + * |
|
112 | + * @return bool |
|
113 | + */ |
|
114 | + public function isKeyCertSign(): bool |
|
115 | + { |
|
116 | + return $this->_flagSet(self::KEY_CERT_SIGN); |
|
117 | + } |
|
118 | 118 | |
119 | - /** |
|
120 | - * Check whether cRLSign flag is set. |
|
121 | - * |
|
122 | - * @return bool |
|
123 | - */ |
|
124 | - public function isCRLSign(): bool |
|
125 | - { |
|
126 | - return $this->_flagSet(self::CRL_SIGN); |
|
127 | - } |
|
119 | + /** |
|
120 | + * Check whether cRLSign flag is set. |
|
121 | + * |
|
122 | + * @return bool |
|
123 | + */ |
|
124 | + public function isCRLSign(): bool |
|
125 | + { |
|
126 | + return $this->_flagSet(self::CRL_SIGN); |
|
127 | + } |
|
128 | 128 | |
129 | - /** |
|
130 | - * Check whether encipherOnly flag is set. |
|
131 | - * |
|
132 | - * @return bool |
|
133 | - */ |
|
134 | - public function isEncipherOnly(): bool |
|
135 | - { |
|
136 | - return $this->_flagSet(self::ENCIPHER_ONLY); |
|
137 | - } |
|
129 | + /** |
|
130 | + * Check whether encipherOnly flag is set. |
|
131 | + * |
|
132 | + * @return bool |
|
133 | + */ |
|
134 | + public function isEncipherOnly(): bool |
|
135 | + { |
|
136 | + return $this->_flagSet(self::ENCIPHER_ONLY); |
|
137 | + } |
|
138 | 138 | |
139 | - /** |
|
140 | - * Check whether decipherOnly flag is set. |
|
141 | - * |
|
142 | - * @return bool |
|
143 | - */ |
|
144 | - public function isDecipherOnly(): bool |
|
145 | - { |
|
146 | - return $this->_flagSet(self::DECIPHER_ONLY); |
|
147 | - } |
|
139 | + /** |
|
140 | + * Check whether decipherOnly flag is set. |
|
141 | + * |
|
142 | + * @return bool |
|
143 | + */ |
|
144 | + public function isDecipherOnly(): bool |
|
145 | + { |
|
146 | + return $this->_flagSet(self::DECIPHER_ONLY); |
|
147 | + } |
|
148 | 148 | |
149 | - /** |
|
150 | - * Check whether given flag is set. |
|
151 | - * |
|
152 | - * @param int $flag |
|
153 | - * @return boolean |
|
154 | - */ |
|
155 | - protected function _flagSet(int $flag): bool |
|
156 | - { |
|
157 | - return (bool) ($this->_keyUsage & $flag); |
|
158 | - } |
|
149 | + /** |
|
150 | + * Check whether given flag is set. |
|
151 | + * |
|
152 | + * @param int $flag |
|
153 | + * @return boolean |
|
154 | + */ |
|
155 | + protected function _flagSet(int $flag): bool |
|
156 | + { |
|
157 | + return (bool) ($this->_keyUsage & $flag); |
|
158 | + } |
|
159 | 159 | |
160 | - /** |
|
161 | - * |
|
162 | - * {@inheritdoc} |
|
163 | - * @return BitString |
|
164 | - */ |
|
165 | - protected function _valueASN1(): BitString |
|
166 | - { |
|
167 | - $flags = new Flags($this->_keyUsage, 9); |
|
168 | - return $flags->bitString()->withoutTrailingZeroes(); |
|
169 | - } |
|
160 | + /** |
|
161 | + * |
|
162 | + * {@inheritdoc} |
|
163 | + * @return BitString |
|
164 | + */ |
|
165 | + protected function _valueASN1(): BitString |
|
166 | + { |
|
167 | + $flags = new Flags($this->_keyUsage, 9); |
|
168 | + return $flags->bitString()->withoutTrailingZeroes(); |
|
169 | + } |
|
170 | 170 | } |
@@ -14,53 +14,53 @@ |
||
14 | 14 | */ |
15 | 15 | class SubjectKeyIdentifierExtension extends Extension |
16 | 16 | { |
17 | - /** |
|
18 | - * Key identifier. |
|
19 | - * |
|
20 | - * @var string $_keyIdentifier |
|
21 | - */ |
|
22 | - protected $_keyIdentifier; |
|
17 | + /** |
|
18 | + * Key identifier. |
|
19 | + * |
|
20 | + * @var string $_keyIdentifier |
|
21 | + */ |
|
22 | + protected $_keyIdentifier; |
|
23 | 23 | |
24 | - /** |
|
25 | - * Constructor. |
|
26 | - * |
|
27 | - * @param bool $critical |
|
28 | - * @param string $keyIdentifier |
|
29 | - */ |
|
30 | - public function __construct(bool $critical, string $keyIdentifier) |
|
31 | - { |
|
32 | - parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical); |
|
33 | - $this->_keyIdentifier = $keyIdentifier; |
|
34 | - } |
|
24 | + /** |
|
25 | + * Constructor. |
|
26 | + * |
|
27 | + * @param bool $critical |
|
28 | + * @param string $keyIdentifier |
|
29 | + */ |
|
30 | + public function __construct(bool $critical, string $keyIdentifier) |
|
31 | + { |
|
32 | + parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical); |
|
33 | + $this->_keyIdentifier = $keyIdentifier; |
|
34 | + } |
|
35 | 35 | |
36 | - /** |
|
37 | - * |
|
38 | - * {@inheritdoc} |
|
39 | - * @return self |
|
40 | - */ |
|
41 | - protected static function _fromDER(string $data, bool $critical): self |
|
42 | - { |
|
43 | - return new self($critical, |
|
44 | - UnspecifiedType::fromDER($data)->asOctetString()->string()); |
|
45 | - } |
|
36 | + /** |
|
37 | + * |
|
38 | + * {@inheritdoc} |
|
39 | + * @return self |
|
40 | + */ |
|
41 | + protected static function _fromDER(string $data, bool $critical): self |
|
42 | + { |
|
43 | + return new self($critical, |
|
44 | + UnspecifiedType::fromDER($data)->asOctetString()->string()); |
|
45 | + } |
|
46 | 46 | |
47 | - /** |
|
48 | - * Get key identifier. |
|
49 | - * |
|
50 | - * @return string |
|
51 | - */ |
|
52 | - public function keyIdentifier(): string |
|
53 | - { |
|
54 | - return $this->_keyIdentifier; |
|
55 | - } |
|
47 | + /** |
|
48 | + * Get key identifier. |
|
49 | + * |
|
50 | + * @return string |
|
51 | + */ |
|
52 | + public function keyIdentifier(): string |
|
53 | + { |
|
54 | + return $this->_keyIdentifier; |
|
55 | + } |
|
56 | 56 | |
57 | - /** |
|
58 | - * |
|
59 | - * {@inheritdoc} |
|
60 | - * @return OctetString |
|
61 | - */ |
|
62 | - protected function _valueASN1(): OctetString |
|
63 | - { |
|
64 | - return new OctetString($this->_keyIdentifier); |
|
65 | - } |
|
57 | + /** |
|
58 | + * |
|
59 | + * {@inheritdoc} |
|
60 | + * @return OctetString |
|
61 | + */ |
|
62 | + protected function _valueASN1(): OctetString |
|
63 | + { |
|
64 | + return new OctetString($this->_keyIdentifier); |
|
65 | + } |
|
66 | 66 | } |
@@ -14,136 +14,136 @@ |
||
14 | 14 | * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.4 |
15 | 15 | */ |
16 | 16 | class CertificatePoliciesExtension extends Extension implements |
17 | - \Countable, |
|
18 | - \IteratorAggregate |
|
17 | + \Countable, |
|
18 | + \IteratorAggregate |
|
19 | 19 | { |
20 | - /** |
|
21 | - * Policy information terms. |
|
22 | - * |
|
23 | - * @var PolicyInformation[] $_policies |
|
24 | - */ |
|
25 | - protected $_policies; |
|
20 | + /** |
|
21 | + * Policy information terms. |
|
22 | + * |
|
23 | + * @var PolicyInformation[] $_policies |
|
24 | + */ |
|
25 | + protected $_policies; |
|
26 | 26 | |
27 | - /** |
|
28 | - * Constructor. |
|
29 | - * |
|
30 | - * @param bool $critical |
|
31 | - * @param PolicyInformation ...$policies |
|
32 | - */ |
|
33 | - public function __construct(bool $critical, PolicyInformation ...$policies) |
|
34 | - { |
|
35 | - parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical); |
|
36 | - $this->_policies = []; |
|
37 | - foreach ($policies as $policy) { |
|
38 | - $this->_policies[$policy->oid()] = $policy; |
|
39 | - } |
|
40 | - } |
|
27 | + /** |
|
28 | + * Constructor. |
|
29 | + * |
|
30 | + * @param bool $critical |
|
31 | + * @param PolicyInformation ...$policies |
|
32 | + */ |
|
33 | + public function __construct(bool $critical, PolicyInformation ...$policies) |
|
34 | + { |
|
35 | + parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical); |
|
36 | + $this->_policies = []; |
|
37 | + foreach ($policies as $policy) { |
|
38 | + $this->_policies[$policy->oid()] = $policy; |
|
39 | + } |
|
40 | + } |
|
41 | 41 | |
42 | - /** |
|
43 | - * |
|
44 | - * {@inheritdoc} |
|
45 | - * @return self |
|
46 | - */ |
|
47 | - protected static function _fromDER(string $data, bool $critical): self |
|
48 | - { |
|
49 | - $policies = array_map( |
|
50 | - function (UnspecifiedType $el) { |
|
51 | - return PolicyInformation::fromASN1($el->asSequence()); |
|
52 | - }, UnspecifiedType::fromDER($data)->asSequence()->elements()); |
|
53 | - if (!count($policies)) { |
|
54 | - throw new \UnexpectedValueException( |
|
55 | - "certificatePolicies must contain" . |
|
56 | - " at least one PolicyInformation."); |
|
57 | - } |
|
58 | - return new self($critical, ...$policies); |
|
59 | - } |
|
42 | + /** |
|
43 | + * |
|
44 | + * {@inheritdoc} |
|
45 | + * @return self |
|
46 | + */ |
|
47 | + protected static function _fromDER(string $data, bool $critical): self |
|
48 | + { |
|
49 | + $policies = array_map( |
|
50 | + function (UnspecifiedType $el) { |
|
51 | + return PolicyInformation::fromASN1($el->asSequence()); |
|
52 | + }, UnspecifiedType::fromDER($data)->asSequence()->elements()); |
|
53 | + if (!count($policies)) { |
|
54 | + throw new \UnexpectedValueException( |
|
55 | + "certificatePolicies must contain" . |
|
56 | + " at least one PolicyInformation."); |
|
57 | + } |
|
58 | + return new self($critical, ...$policies); |
|
59 | + } |
|
60 | 60 | |
61 | - /** |
|
62 | - * Check whether policy information by OID is present. |
|
63 | - * |
|
64 | - * @param string $oid |
|
65 | - * @return bool |
|
66 | - */ |
|
67 | - public function has(string $oid): bool |
|
68 | - { |
|
69 | - return isset($this->_policies[$oid]); |
|
70 | - } |
|
61 | + /** |
|
62 | + * Check whether policy information by OID is present. |
|
63 | + * |
|
64 | + * @param string $oid |
|
65 | + * @return bool |
|
66 | + */ |
|
67 | + public function has(string $oid): bool |
|
68 | + { |
|
69 | + return isset($this->_policies[$oid]); |
|
70 | + } |
|
71 | 71 | |
72 | - /** |
|
73 | - * Get policy information by OID. |
|
74 | - * |
|
75 | - * @param string $oid |
|
76 | - * @throws \LogicException |
|
77 | - * @return PolicyInformation |
|
78 | - */ |
|
79 | - public function get(string $oid): PolicyInformation |
|
80 | - { |
|
81 | - if (!$this->has($oid)) { |
|
82 | - throw new \LogicException("Not certificate policy by OID $oid."); |
|
83 | - } |
|
84 | - return $this->_policies[$oid]; |
|
85 | - } |
|
72 | + /** |
|
73 | + * Get policy information by OID. |
|
74 | + * |
|
75 | + * @param string $oid |
|
76 | + * @throws \LogicException |
|
77 | + * @return PolicyInformation |
|
78 | + */ |
|
79 | + public function get(string $oid): PolicyInformation |
|
80 | + { |
|
81 | + if (!$this->has($oid)) { |
|
82 | + throw new \LogicException("Not certificate policy by OID $oid."); |
|
83 | + } |
|
84 | + return $this->_policies[$oid]; |
|
85 | + } |
|
86 | 86 | |
87 | - /** |
|
88 | - * Check whether anyPolicy is present. |
|
89 | - * |
|
90 | - * @return bool |
|
91 | - */ |
|
92 | - public function hasAnyPolicy(): bool |
|
93 | - { |
|
94 | - return $this->has(PolicyInformation::OID_ANY_POLICY); |
|
95 | - } |
|
87 | + /** |
|
88 | + * Check whether anyPolicy is present. |
|
89 | + * |
|
90 | + * @return bool |
|
91 | + */ |
|
92 | + public function hasAnyPolicy(): bool |
|
93 | + { |
|
94 | + return $this->has(PolicyInformation::OID_ANY_POLICY); |
|
95 | + } |
|
96 | 96 | |
97 | - /** |
|
98 | - * Get anyPolicy information. |
|
99 | - * |
|
100 | - * @throws \LogicException If anyPolicy is not present. |
|
101 | - * @return PolicyInformation |
|
102 | - */ |
|
103 | - public function anyPolicy(): PolicyInformation |
|
104 | - { |
|
105 | - if (!$this->hasAnyPolicy()) { |
|
106 | - throw new \LogicException("No anyPolicy."); |
|
107 | - } |
|
108 | - return $this->get(PolicyInformation::OID_ANY_POLICY); |
|
109 | - } |
|
97 | + /** |
|
98 | + * Get anyPolicy information. |
|
99 | + * |
|
100 | + * @throws \LogicException If anyPolicy is not present. |
|
101 | + * @return PolicyInformation |
|
102 | + */ |
|
103 | + public function anyPolicy(): PolicyInformation |
|
104 | + { |
|
105 | + if (!$this->hasAnyPolicy()) { |
|
106 | + throw new \LogicException("No anyPolicy."); |
|
107 | + } |
|
108 | + return $this->get(PolicyInformation::OID_ANY_POLICY); |
|
109 | + } |
|
110 | 110 | |
111 | - /** |
|
112 | - * |
|
113 | - * {@inheritdoc} |
|
114 | - * @return Sequence |
|
115 | - */ |
|
116 | - protected function _valueASN1(): Sequence |
|
117 | - { |
|
118 | - if (!count($this->_policies)) { |
|
119 | - throw new \LogicException("No policies."); |
|
120 | - } |
|
121 | - $elements = array_map( |
|
122 | - function (PolicyInformation $pi) { |
|
123 | - return $pi->toASN1(); |
|
124 | - }, array_values($this->_policies)); |
|
125 | - return new Sequence(...$elements); |
|
126 | - } |
|
111 | + /** |
|
112 | + * |
|
113 | + * {@inheritdoc} |
|
114 | + * @return Sequence |
|
115 | + */ |
|
116 | + protected function _valueASN1(): Sequence |
|
117 | + { |
|
118 | + if (!count($this->_policies)) { |
|
119 | + throw new \LogicException("No policies."); |
|
120 | + } |
|
121 | + $elements = array_map( |
|
122 | + function (PolicyInformation $pi) { |
|
123 | + return $pi->toASN1(); |
|
124 | + }, array_values($this->_policies)); |
|
125 | + return new Sequence(...$elements); |
|
126 | + } |
|
127 | 127 | |
128 | - /** |
|
129 | - * Get the number of policies. |
|
130 | - * |
|
131 | - * @see \Countable::count() |
|
132 | - * @return int |
|
133 | - */ |
|
134 | - public function count(): int |
|
135 | - { |
|
136 | - return count($this->_policies); |
|
137 | - } |
|
128 | + /** |
|
129 | + * Get the number of policies. |
|
130 | + * |
|
131 | + * @see \Countable::count() |
|
132 | + * @return int |
|
133 | + */ |
|
134 | + public function count(): int |
|
135 | + { |
|
136 | + return count($this->_policies); |
|
137 | + } |
|
138 | 138 | |
139 | - /** |
|
140 | - * Get iterator for policy information terms. |
|
141 | - * |
|
142 | - * @see \IteratorAggregate::getIterator() |
|
143 | - * @return \ArrayIterator |
|
144 | - */ |
|
145 | - public function getIterator(): \ArrayIterator |
|
146 | - { |
|
147 | - return new \ArrayIterator($this->_policies); |
|
148 | - } |
|
139 | + /** |
|
140 | + * Get iterator for policy information terms. |
|
141 | + * |
|
142 | + * @see \IteratorAggregate::getIterator() |
|
143 | + * @return \ArrayIterator |
|
144 | + */ |
|
145 | + public function getIterator(): \ArrayIterator |
|
146 | + { |
|
147 | + return new \ArrayIterator($this->_policies); |
|
148 | + } |
|
149 | 149 | } |
@@ -47,7 +47,7 @@ discard block |
||
47 | 47 | protected static function _fromDER(string $data, bool $critical): self |
48 | 48 | { |
49 | 49 | $policies = array_map( |
50 | - function (UnspecifiedType $el) { |
|
50 | + function(UnspecifiedType $el) { |
|
51 | 51 | return PolicyInformation::fromASN1($el->asSequence()); |
52 | 52 | }, UnspecifiedType::fromDER($data)->asSequence()->elements()); |
53 | 53 | if (!count($policies)) { |
@@ -119,7 +119,7 @@ discard block |
||
119 | 119 | throw new \LogicException("No policies."); |
120 | 120 | } |
121 | 121 | $elements = array_map( |
122 | - function (PolicyInformation $pi) { |
|
122 | + function(PolicyInformation $pi) { |
|
123 | 123 | return $pi->toASN1(); |
124 | 124 | }, array_values($this->_policies)); |
125 | 125 | return new Sequence(...$elements); |
@@ -17,125 +17,125 @@ |
||
17 | 17 | */ |
18 | 18 | class PolicyConstraintsExtension extends Extension |
19 | 19 | { |
20 | - /** |
|
21 | - * |
|
22 | - * @var int $_requireExplicitPolicy |
|
23 | - */ |
|
24 | - protected $_requireExplicitPolicy; |
|
20 | + /** |
|
21 | + * |
|
22 | + * @var int $_requireExplicitPolicy |
|
23 | + */ |
|
24 | + protected $_requireExplicitPolicy; |
|
25 | 25 | |
26 | - /** |
|
27 | - * |
|
28 | - * @var int $_inhibitPolicyMapping |
|
29 | - */ |
|
30 | - protected $_inhibitPolicyMapping; |
|
26 | + /** |
|
27 | + * |
|
28 | + * @var int $_inhibitPolicyMapping |
|
29 | + */ |
|
30 | + protected $_inhibitPolicyMapping; |
|
31 | 31 | |
32 | - /** |
|
33 | - * Constructor. |
|
34 | - * |
|
35 | - * @param bool $critical |
|
36 | - * @param int|null $require_explicit_policy |
|
37 | - * @param int|null $inhibit_policy_mapping |
|
38 | - */ |
|
39 | - public function __construct(bool $critical, $require_explicit_policy = null, |
|
40 | - $inhibit_policy_mapping = null) |
|
41 | - { |
|
42 | - parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical); |
|
43 | - $this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval( |
|
44 | - $require_explicit_policy) : null; |
|
45 | - $this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval( |
|
46 | - $inhibit_policy_mapping) : null; |
|
47 | - } |
|
32 | + /** |
|
33 | + * Constructor. |
|
34 | + * |
|
35 | + * @param bool $critical |
|
36 | + * @param int|null $require_explicit_policy |
|
37 | + * @param int|null $inhibit_policy_mapping |
|
38 | + */ |
|
39 | + public function __construct(bool $critical, $require_explicit_policy = null, |
|
40 | + $inhibit_policy_mapping = null) |
|
41 | + { |
|
42 | + parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical); |
|
43 | + $this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval( |
|
44 | + $require_explicit_policy) : null; |
|
45 | + $this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval( |
|
46 | + $inhibit_policy_mapping) : null; |
|
47 | + } |
|
48 | 48 | |
49 | - /** |
|
50 | - * |
|
51 | - * {@inheritdoc} |
|
52 | - * @return self |
|
53 | - */ |
|
54 | - protected static function _fromDER(string $data, bool $critical): self |
|
55 | - { |
|
56 | - $seq = UnspecifiedType::fromDER($data)->asSequence(); |
|
57 | - $require_explicit_policy = null; |
|
58 | - $inhibit_policy_mapping = null; |
|
59 | - if ($seq->hasTagged(0)) { |
|
60 | - $require_explicit_policy = $seq->getTagged(0) |
|
61 | - ->asImplicit(Element::TYPE_INTEGER) |
|
62 | - ->asInteger() |
|
63 | - ->intNumber(); |
|
64 | - } |
|
65 | - if ($seq->hasTagged(1)) { |
|
66 | - $inhibit_policy_mapping = $seq->getTagged(1) |
|
67 | - ->asImplicit(Element::TYPE_INTEGER) |
|
68 | - ->asInteger() |
|
69 | - ->intNumber(); |
|
70 | - } |
|
71 | - return new self($critical, $require_explicit_policy, |
|
72 | - $inhibit_policy_mapping); |
|
73 | - } |
|
49 | + /** |
|
50 | + * |
|
51 | + * {@inheritdoc} |
|
52 | + * @return self |
|
53 | + */ |
|
54 | + protected static function _fromDER(string $data, bool $critical): self |
|
55 | + { |
|
56 | + $seq = UnspecifiedType::fromDER($data)->asSequence(); |
|
57 | + $require_explicit_policy = null; |
|
58 | + $inhibit_policy_mapping = null; |
|
59 | + if ($seq->hasTagged(0)) { |
|
60 | + $require_explicit_policy = $seq->getTagged(0) |
|
61 | + ->asImplicit(Element::TYPE_INTEGER) |
|
62 | + ->asInteger() |
|
63 | + ->intNumber(); |
|
64 | + } |
|
65 | + if ($seq->hasTagged(1)) { |
|
66 | + $inhibit_policy_mapping = $seq->getTagged(1) |
|
67 | + ->asImplicit(Element::TYPE_INTEGER) |
|
68 | + ->asInteger() |
|
69 | + ->intNumber(); |
|
70 | + } |
|
71 | + return new self($critical, $require_explicit_policy, |
|
72 | + $inhibit_policy_mapping); |
|
73 | + } |
|
74 | 74 | |
75 | - /** |
|
76 | - * Whether requireExplicitPolicy is present. |
|
77 | - * |
|
78 | - * @return bool |
|
79 | - */ |
|
80 | - public function hasRequireExplicitPolicy(): bool |
|
81 | - { |
|
82 | - return isset($this->_requireExplicitPolicy); |
|
83 | - } |
|
75 | + /** |
|
76 | + * Whether requireExplicitPolicy is present. |
|
77 | + * |
|
78 | + * @return bool |
|
79 | + */ |
|
80 | + public function hasRequireExplicitPolicy(): bool |
|
81 | + { |
|
82 | + return isset($this->_requireExplicitPolicy); |
|
83 | + } |
|
84 | 84 | |
85 | - /** |
|
86 | - * Get requireExplicitPolicy. |
|
87 | - * |
|
88 | - * @throws \LogicException |
|
89 | - * @return int |
|
90 | - */ |
|
91 | - public function requireExplicitPolicy(): int |
|
92 | - { |
|
93 | - if (!$this->hasRequireExplicitPolicy()) { |
|
94 | - throw new \LogicException("requireExplicitPolicy not set."); |
|
95 | - } |
|
96 | - return $this->_requireExplicitPolicy; |
|
97 | - } |
|
85 | + /** |
|
86 | + * Get requireExplicitPolicy. |
|
87 | + * |
|
88 | + * @throws \LogicException |
|
89 | + * @return int |
|
90 | + */ |
|
91 | + public function requireExplicitPolicy(): int |
|
92 | + { |
|
93 | + if (!$this->hasRequireExplicitPolicy()) { |
|
94 | + throw new \LogicException("requireExplicitPolicy not set."); |
|
95 | + } |
|
96 | + return $this->_requireExplicitPolicy; |
|
97 | + } |
|
98 | 98 | |
99 | - /** |
|
100 | - * Whether inhibitPolicyMapping is present. |
|
101 | - * |
|
102 | - * @return bool |
|
103 | - */ |
|
104 | - public function hasInhibitPolicyMapping(): bool |
|
105 | - { |
|
106 | - return isset($this->_inhibitPolicyMapping); |
|
107 | - } |
|
99 | + /** |
|
100 | + * Whether inhibitPolicyMapping is present. |
|
101 | + * |
|
102 | + * @return bool |
|
103 | + */ |
|
104 | + public function hasInhibitPolicyMapping(): bool |
|
105 | + { |
|
106 | + return isset($this->_inhibitPolicyMapping); |
|
107 | + } |
|
108 | 108 | |
109 | - /** |
|
110 | - * Get inhibitPolicyMapping. |
|
111 | - * |
|
112 | - * @throws \LogicException |
|
113 | - * @return int |
|
114 | - */ |
|
115 | - public function inhibitPolicyMapping(): int |
|
116 | - { |
|
117 | - if (!$this->hasInhibitPolicyMapping()) { |
|
118 | - throw new \LogicException("inhibitPolicyMapping not set."); |
|
119 | - } |
|
120 | - return $this->_inhibitPolicyMapping; |
|
121 | - } |
|
109 | + /** |
|
110 | + * Get inhibitPolicyMapping. |
|
111 | + * |
|
112 | + * @throws \LogicException |
|
113 | + * @return int |
|
114 | + */ |
|
115 | + public function inhibitPolicyMapping(): int |
|
116 | + { |
|
117 | + if (!$this->hasInhibitPolicyMapping()) { |
|
118 | + throw new \LogicException("inhibitPolicyMapping not set."); |
|
119 | + } |
|
120 | + return $this->_inhibitPolicyMapping; |
|
121 | + } |
|
122 | 122 | |
123 | - /** |
|
124 | - * |
|
125 | - * {@inheritdoc} |
|
126 | - * @return Sequence |
|
127 | - */ |
|
128 | - protected function _valueASN1(): Sequence |
|
129 | - { |
|
130 | - $elements = array(); |
|
131 | - if (isset($this->_requireExplicitPolicy)) { |
|
132 | - $elements[] = new ImplicitlyTaggedType(0, |
|
133 | - new Integer($this->_requireExplicitPolicy)); |
|
134 | - } |
|
135 | - if (isset($this->_inhibitPolicyMapping)) { |
|
136 | - $elements[] = new ImplicitlyTaggedType(1, |
|
137 | - new Integer($this->_inhibitPolicyMapping)); |
|
138 | - } |
|
139 | - return new Sequence(...$elements); |
|
140 | - } |
|
123 | + /** |
|
124 | + * |
|
125 | + * {@inheritdoc} |
|
126 | + * @return Sequence |
|
127 | + */ |
|
128 | + protected function _valueASN1(): Sequence |
|
129 | + { |
|
130 | + $elements = array(); |
|
131 | + if (isset($this->_requireExplicitPolicy)) { |
|
132 | + $elements[] = new ImplicitlyTaggedType(0, |
|
133 | + new Integer($this->_requireExplicitPolicy)); |
|
134 | + } |
|
135 | + if (isset($this->_inhibitPolicyMapping)) { |
|
136 | + $elements[] = new ImplicitlyTaggedType(1, |
|
137 | + new Integer($this->_inhibitPolicyMapping)); |
|
138 | + } |
|
139 | + return new Sequence(...$elements); |
|
140 | + } |
|
141 | 141 | } |
@@ -14,95 +14,95 @@ |
||
14 | 14 | * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.13 |
15 | 15 | */ |
16 | 16 | class CRLDistributionPointsExtension extends Extension implements |
17 | - \Countable, |
|
18 | - \IteratorAggregate |
|
17 | + \Countable, |
|
18 | + \IteratorAggregate |
|
19 | 19 | { |
20 | - /** |
|
21 | - * Distribution points. |
|
22 | - * |
|
23 | - * @var DistributionPoint[] $_distributionPoints |
|
24 | - */ |
|
25 | - protected $_distributionPoints; |
|
20 | + /** |
|
21 | + * Distribution points. |
|
22 | + * |
|
23 | + * @var DistributionPoint[] $_distributionPoints |
|
24 | + */ |
|
25 | + protected $_distributionPoints; |
|
26 | 26 | |
27 | - /** |
|
28 | - * Constructor. |
|
29 | - * |
|
30 | - * @param bool $critical |
|
31 | - * @param DistributionPoint ...$distribution_points |
|
32 | - */ |
|
33 | - public function __construct(bool $critical, |
|
34 | - DistributionPoint ...$distribution_points) |
|
35 | - { |
|
36 | - parent::__construct(self::OID_CRL_DISTRIBUTION_POINTS, $critical); |
|
37 | - $this->_distributionPoints = $distribution_points; |
|
38 | - } |
|
27 | + /** |
|
28 | + * Constructor. |
|
29 | + * |
|
30 | + * @param bool $critical |
|
31 | + * @param DistributionPoint ...$distribution_points |
|
32 | + */ |
|
33 | + public function __construct(bool $critical, |
|
34 | + DistributionPoint ...$distribution_points) |
|
35 | + { |
|
36 | + parent::__construct(self::OID_CRL_DISTRIBUTION_POINTS, $critical); |
|
37 | + $this->_distributionPoints = $distribution_points; |
|
38 | + } |
|
39 | 39 | |
40 | - /** |
|
41 | - * |
|
42 | - * {@inheritdoc} |
|
43 | - * @return self |
|
44 | - */ |
|
45 | - protected static function _fromDER(string $data, bool $critical): self |
|
46 | - { |
|
47 | - $dps = array_map( |
|
48 | - function (UnspecifiedType $el) { |
|
49 | - return DistributionPoint::fromASN1($el->asSequence()); |
|
50 | - }, UnspecifiedType::fromDER($data)->asSequence()->elements()); |
|
51 | - if (!count($dps)) { |
|
52 | - throw new \UnexpectedValueException( |
|
53 | - "CRLDistributionPoints must have" . |
|
54 | - " at least one DistributionPoint."); |
|
55 | - } |
|
56 | - // late static bound, extended by Freshest CRL extension |
|
57 | - return new static($critical, ...$dps); |
|
58 | - } |
|
40 | + /** |
|
41 | + * |
|
42 | + * {@inheritdoc} |
|
43 | + * @return self |
|
44 | + */ |
|
45 | + protected static function _fromDER(string $data, bool $critical): self |
|
46 | + { |
|
47 | + $dps = array_map( |
|
48 | + function (UnspecifiedType $el) { |
|
49 | + return DistributionPoint::fromASN1($el->asSequence()); |
|
50 | + }, UnspecifiedType::fromDER($data)->asSequence()->elements()); |
|
51 | + if (!count($dps)) { |
|
52 | + throw new \UnexpectedValueException( |
|
53 | + "CRLDistributionPoints must have" . |
|
54 | + " at least one DistributionPoint."); |
|
55 | + } |
|
56 | + // late static bound, extended by Freshest CRL extension |
|
57 | + return new static($critical, ...$dps); |
|
58 | + } |
|
59 | 59 | |
60 | - /** |
|
61 | - * |
|
62 | - * {@inheritdoc} |
|
63 | - * @return Sequence |
|
64 | - */ |
|
65 | - protected function _valueASN1(): Sequence |
|
66 | - { |
|
67 | - if (!count($this->_distributionPoints)) { |
|
68 | - throw new \LogicException("No distribution points."); |
|
69 | - } |
|
70 | - $elements = array_map( |
|
71 | - function (DistributionPoint $dp) { |
|
72 | - return $dp->toASN1(); |
|
73 | - }, $this->_distributionPoints); |
|
74 | - return new Sequence(...$elements); |
|
75 | - } |
|
60 | + /** |
|
61 | + * |
|
62 | + * {@inheritdoc} |
|
63 | + * @return Sequence |
|
64 | + */ |
|
65 | + protected function _valueASN1(): Sequence |
|
66 | + { |
|
67 | + if (!count($this->_distributionPoints)) { |
|
68 | + throw new \LogicException("No distribution points."); |
|
69 | + } |
|
70 | + $elements = array_map( |
|
71 | + function (DistributionPoint $dp) { |
|
72 | + return $dp->toASN1(); |
|
73 | + }, $this->_distributionPoints); |
|
74 | + return new Sequence(...$elements); |
|
75 | + } |
|
76 | 76 | |
77 | - /** |
|
78 | - * Get distribution points. |
|
79 | - * |
|
80 | - * @return DistributionPoint[] |
|
81 | - */ |
|
82 | - public function distributionPoints(): array |
|
83 | - { |
|
84 | - return $this->_distributionPoints; |
|
85 | - } |
|
77 | + /** |
|
78 | + * Get distribution points. |
|
79 | + * |
|
80 | + * @return DistributionPoint[] |
|
81 | + */ |
|
82 | + public function distributionPoints(): array |
|
83 | + { |
|
84 | + return $this->_distributionPoints; |
|
85 | + } |
|
86 | 86 | |
87 | - /** |
|
88 | - * Get the number of distribution points. |
|
89 | - * |
|
90 | - * @see \Countable::count() |
|
91 | - * @return int |
|
92 | - */ |
|
93 | - public function count(): int |
|
94 | - { |
|
95 | - return count($this->_distributionPoints); |
|
96 | - } |
|
87 | + /** |
|
88 | + * Get the number of distribution points. |
|
89 | + * |
|
90 | + * @see \Countable::count() |
|
91 | + * @return int |
|
92 | + */ |
|
93 | + public function count(): int |
|
94 | + { |
|
95 | + return count($this->_distributionPoints); |
|
96 | + } |
|
97 | 97 | |
98 | - /** |
|
99 | - * Get iterator for distribution points. |
|
100 | - * |
|
101 | - * @see \IteratorAggregate::getIterator() |
|
102 | - * @return \ArrayIterator |
|
103 | - */ |
|
104 | - public function getIterator(): \ArrayIterator |
|
105 | - { |
|
106 | - return new \ArrayIterator($this->_distributionPoints); |
|
107 | - } |
|
98 | + /** |
|
99 | + * Get iterator for distribution points. |
|
100 | + * |
|
101 | + * @see \IteratorAggregate::getIterator() |
|
102 | + * @return \ArrayIterator |
|
103 | + */ |
|
104 | + public function getIterator(): \ArrayIterator |
|
105 | + { |
|
106 | + return new \ArrayIterator($this->_distributionPoints); |
|
107 | + } |
|
108 | 108 | } |
@@ -45,7 +45,7 @@ discard block |
||
45 | 45 | protected static function _fromDER(string $data, bool $critical): self |
46 | 46 | { |
47 | 47 | $dps = array_map( |
48 | - function (UnspecifiedType $el) { |
|
48 | + function(UnspecifiedType $el) { |
|
49 | 49 | return DistributionPoint::fromASN1($el->asSequence()); |
50 | 50 | }, UnspecifiedType::fromDER($data)->asSequence()->elements()); |
51 | 51 | if (!count($dps)) { |
@@ -68,7 +68,7 @@ discard block |
||
68 | 68 | throw new \LogicException("No distribution points."); |
69 | 69 | } |
70 | 70 | $elements = array_map( |
71 | - function (DistributionPoint $dp) { |
|
71 | + function(DistributionPoint $dp) { |
|
72 | 72 | return $dp->toASN1(); |
73 | 73 | }, $this->_distributionPoints); |
74 | 74 | return new Sequence(...$elements); |