sop / x509

lib/X509/Certificate/Certificate.php

Indentation +231 added lines, -231 removed lines

@@ -20,235 +20,235 @@
  */
 class Certificate
 {
-    /**
-     * "To be signed" certificate information.
-     *
-     * @var TBSCertificate $_tbsCertificate
-     */
-    protected $_tbsCertificate;
-    
-    /**
-     * Signature algorithm.
-     *
-     * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
-     */
-    protected $_signatureAlgorithm;
-    
-    /**
-     * Signature value.
-     *
-     * @var Signature $_signatureValue
-     */
-    protected $_signatureValue;
-    
-    /**
-     * Constructor.
-     *
-     * @param TBSCertificate $tbsCert
-     * @param SignatureAlgorithmIdentifier $algo
-     * @param Signature $signature
-     */
-    public function __construct(TBSCertificate $tbsCert,
-        SignatureAlgorithmIdentifier $algo, Signature $signature)
-    {
-        $this->_tbsCertificate = $tbsCert;
-        $this->_signatureAlgorithm = $algo;
-        $this->_signatureValue = $signature;
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
-        $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
-        if (!$algo instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                "Unsupported signature algorithm " . $algo->oid() . ".");
-        }
-        $signature = Signature::fromSignatureData(
-            $seq->at(2)
-                ->asBitString()
-                ->string(), $algo);
-        return new self($tbsCert, $algo, $signature);
-    }
-    
-    /**
-     * Initialize from DER.
-     *
-     * @param string $data
-     * @return self
-     */
-    public static function fromDER(string $data): self
-    {
-        return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence());
-    }
-    
-    /**
-     * Initialize from PEM.
-     *
-     * @param PEM $pem
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromPEM(PEM $pem): self
-    {
-        if ($pem->type() != PEM::TYPE_CERTIFICATE) {
-            throw new \UnexpectedValueException("Invalid PEM type.");
-        }
-        return self::fromDER($pem->data());
-    }
-    
-    /**
-     * Get certificate information.
-     *
-     * @return TBSCertificate
-     */
-    public function tbsCertificate(): TBSCertificate
-    {
-        return $this->_tbsCertificate;
-    }
-    
-    /**
-     * Get signature algorithm.
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signatureAlgorithm(): SignatureAlgorithmIdentifier
-    {
-        return $this->_signatureAlgorithm;
-    }
-    
-    /**
-     * Get signature value.
-     *
-     * @return Signature
-     */
-    public function signatureValue(): Signature
-    {
-        return $this->_signatureValue;
-    }
-    
-    /**
-     * Check whether certificate is self-issued.
-     *
-     * @return bool
-     */
-    public function isSelfIssued(): bool
-    {
-        return $this->_tbsCertificate->subject()->equals(
-            $this->_tbsCertificate->issuer());
-    }
-    
-    /**
-     * Check whether certificate is semantically equal to another.
-     *
-     * @param Certificate $cert Certificate to compare to
-     * @return bool
-     */
-    public function equals(Certificate $cert): bool
-    {
-        return $this->_hasEqualSerialNumber($cert) &&
-             $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
-    }
-    
-    /**
-     * Check whether certificate has serial number equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualSerialNumber(Certificate $cert): bool
-    {
-        $sn1 = $this->_tbsCertificate->serialNumber();
-        $sn2 = $cert->_tbsCertificate->serialNumber();
-        return $sn1 == $sn2;
-    }
-    
-    /**
-     * Check whether certificate has public key equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualPublicKey(Certificate $cert): bool
-    {
-        $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        return $kid1 == $kid2;
-    }
-    
-    /**
-     * Check whether certificate has subject equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualSubject(Certificate $cert): bool
-    {
-        $dn1 = $this->_tbsCertificate->subject();
-        $dn2 = $cert->_tbsCertificate->subject();
-        return $dn1->equals($dn2);
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        return new Sequence($this->_tbsCertificate->toASN1(),
-            $this->_signatureAlgorithm->toASN1(),
-            $this->_signatureValue->bitString());
-    }
-    
-    /**
-     * Get certificate as a DER.
-     *
-     * @return string
-     */
-    public function toDER(): string
-    {
-        return $this->toASN1()->toDER();
-    }
-    
-    /**
-     * Get certificate as a PEM.
-     *
-     * @return PEM
-     */
-    public function toPEM(): PEM
-    {
-        return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
-    }
-    
-    /**
-     * Verify certificate signature.
-     *
-     * @param PublicKeyInfo $pubkey_info Issuer's public key
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @return bool True if certificate signature is valid
-     */
-    public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $data = $this->_tbsCertificate->toASN1()->toDER();
-        return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
-            $this->_signatureAlgorithm);
-    }
-    
-    /**
-     * Get certificate as a PEM formatted string.
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->toPEM()->string();
-    }
+	/**
+	 * "To be signed" certificate information.
+	 *
+	 * @var TBSCertificate $_tbsCertificate
+	 */
+	protected $_tbsCertificate;
+    
+	/**
+	 * Signature algorithm.
+	 *
+	 * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
+	 */
+	protected $_signatureAlgorithm;
+    
+	/**
+	 * Signature value.
+	 *
+	 * @var Signature $_signatureValue
+	 */
+	protected $_signatureValue;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param TBSCertificate $tbsCert
+	 * @param SignatureAlgorithmIdentifier $algo
+	 * @param Signature $signature
+	 */
+	public function __construct(TBSCertificate $tbsCert,
+		SignatureAlgorithmIdentifier $algo, Signature $signature)
+	{
+		$this->_tbsCertificate = $tbsCert;
+		$this->_signatureAlgorithm = $algo;
+		$this->_signatureValue = $signature;
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
+		$algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
+		if (!$algo instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				"Unsupported signature algorithm " . $algo->oid() . ".");
+		}
+		$signature = Signature::fromSignatureData(
+			$seq->at(2)
+				->asBitString()
+				->string(), $algo);
+		return new self($tbsCert, $algo, $signature);
+	}
+    
+	/**
+	 * Initialize from DER.
+	 *
+	 * @param string $data
+	 * @return self
+	 */
+	public static function fromDER(string $data): self
+	{
+		return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence());
+	}
+    
+	/**
+	 * Initialize from PEM.
+	 *
+	 * @param PEM $pem
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromPEM(PEM $pem): self
+	{
+		if ($pem->type() != PEM::TYPE_CERTIFICATE) {
+			throw new \UnexpectedValueException("Invalid PEM type.");
+		}
+		return self::fromDER($pem->data());
+	}
+    
+	/**
+	 * Get certificate information.
+	 *
+	 * @return TBSCertificate
+	 */
+	public function tbsCertificate(): TBSCertificate
+	{
+		return $this->_tbsCertificate;
+	}
+    
+	/**
+	 * Get signature algorithm.
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signatureAlgorithm(): SignatureAlgorithmIdentifier
+	{
+		return $this->_signatureAlgorithm;
+	}
+    
+	/**
+	 * Get signature value.
+	 *
+	 * @return Signature
+	 */
+	public function signatureValue(): Signature
+	{
+		return $this->_signatureValue;
+	}
+    
+	/**
+	 * Check whether certificate is self-issued.
+	 *
+	 * @return bool
+	 */
+	public function isSelfIssued(): bool
+	{
+		return $this->_tbsCertificate->subject()->equals(
+			$this->_tbsCertificate->issuer());
+	}
+    
+	/**
+	 * Check whether certificate is semantically equal to another.
+	 *
+	 * @param Certificate $cert Certificate to compare to
+	 * @return bool
+	 */
+	public function equals(Certificate $cert): bool
+	{
+		return $this->_hasEqualSerialNumber($cert) &&
+			 $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
+	}
+    
+	/**
+	 * Check whether certificate has serial number equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualSerialNumber(Certificate $cert): bool
+	{
+		$sn1 = $this->_tbsCertificate->serialNumber();
+		$sn2 = $cert->_tbsCertificate->serialNumber();
+		return $sn1 == $sn2;
+	}
+    
+	/**
+	 * Check whether certificate has public key equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualPublicKey(Certificate $cert): bool
+	{
+		$kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		$kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		return $kid1 == $kid2;
+	}
+    
+	/**
+	 * Check whether certificate has subject equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualSubject(Certificate $cert): bool
+	{
+		$dn1 = $this->_tbsCertificate->subject();
+		$dn2 = $cert->_tbsCertificate->subject();
+		return $dn1->equals($dn2);
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		return new Sequence($this->_tbsCertificate->toASN1(),
+			$this->_signatureAlgorithm->toASN1(),
+			$this->_signatureValue->bitString());
+	}
+    
+	/**
+	 * Get certificate as a DER.
+	 *
+	 * @return string
+	 */
+	public function toDER(): string
+	{
+		return $this->toASN1()->toDER();
+	}
+    
+	/**
+	 * Get certificate as a PEM.
+	 *
+	 * @return PEM
+	 */
+	public function toPEM(): PEM
+	{
+		return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
+	}
+    
+	/**
+	 * Verify certificate signature.
+	 *
+	 * @param PublicKeyInfo $pubkey_info Issuer's public key
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @return bool True if certificate signature is valid
+	 */
+	public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$data = $this->_tbsCertificate->toASN1()->toDER();
+		return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
+			$this->_signatureAlgorithm);
+	}
+    
+	/**
+	 * Get certificate as a PEM formatted string.
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->toPEM()->string();
+	}
 }

lib/X509/Certificate/Extension/PolicyMappingsExtension.php

Indentation +155 added lines, -155 removed lines

@@ -15,170 +15,170 @@
  * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.5
  */
 class PolicyMappingsExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Policy mappings.
-     *
-     * @var PolicyMapping[] $_mappings
-     */
-    protected $_mappings;
+	/**
+	 * Policy mappings.
+	 *
+	 * @var PolicyMapping[] $_mappings
+	 */
+	protected $_mappings;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param PolicyMapping ...$mappings One or more PolicyMapping objects
-     */
-    public function __construct(bool $critical, PolicyMapping ...$mappings)
-    {
-        parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
-        $this->_mappings = $mappings;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param PolicyMapping ...$mappings One or more PolicyMapping objects
+	 */
+	public function __construct(bool $critical, PolicyMapping ...$mappings)
+	{
+		parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
+		$this->_mappings = $mappings;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $mappings = array_map(
-            function (UnspecifiedType $el) {
-                return PolicyMapping::fromASN1($el->asSequence());
-            }, UnspecifiedType::fromDER($data)->asSequence()->elements());
-        if (!count($mappings)) {
-            throw new \UnexpectedValueException(
-                "PolicyMappings must have at least one mapping.");
-        }
-        return new self($critical, ...$mappings);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$mappings = array_map(
+			function (UnspecifiedType $el) {
+				return PolicyMapping::fromASN1($el->asSequence());
+			}, UnspecifiedType::fromDER($data)->asSequence()->elements());
+		if (!count($mappings)) {
+			throw new \UnexpectedValueException(
+				"PolicyMappings must have at least one mapping.");
+		}
+		return new self($critical, ...$mappings);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        if (!count($this->_mappings)) {
-            throw new \LogicException("No mappings.");
-        }
-        $elements = array_map(
-            function (PolicyMapping $mapping) {
-                return $mapping->toASN1();
-            }, $this->_mappings);
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		if (!count($this->_mappings)) {
+			throw new \LogicException("No mappings.");
+		}
+		$elements = array_map(
+			function (PolicyMapping $mapping) {
+				return $mapping->toASN1();
+			}, $this->_mappings);
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Get all mappings.
-     *
-     * @return PolicyMapping[]
-     */
-    public function mappings(): array
-    {
-        return $this->_mappings;
-    }
+	/**
+	 * Get all mappings.
+	 *
+	 * @return PolicyMapping[]
+	 */
+	public function mappings(): array
+	{
+		return $this->_mappings;
+	}
     
-    /**
-     * Get mappings flattened into a single array of arrays of subject domains
-     * keyed by issuer domain.
-     *
-     * Eg. if policy mappings contains multiple mappings with the same issuer
-     * domain policy, their corresponding subject domain policies are placed
-     * under the same key.
-     *
-     * @return (string[])[]
-     */
-    public function flattenedMappings(): array
-    {
-        $mappings = array();
-        foreach ($this->_mappings as $mapping) {
-            $idp = $mapping->issuerDomainPolicy();
-            if (!isset($mappings[$idp])) {
-                $mappings[$idp] = array();
-            }
-            array_push($mappings[$idp], $mapping->subjectDomainPolicy());
-        }
-        return $mappings;
-    }
+	/**
+	 * Get mappings flattened into a single array of arrays of subject domains
+	 * keyed by issuer domain.
+	 *
+	 * Eg. if policy mappings contains multiple mappings with the same issuer
+	 * domain policy, their corresponding subject domain policies are placed
+	 * under the same key.
+	 *
+	 * @return (string[])[]
+	 */
+	public function flattenedMappings(): array
+	{
+		$mappings = array();
+		foreach ($this->_mappings as $mapping) {
+			$idp = $mapping->issuerDomainPolicy();
+			if (!isset($mappings[$idp])) {
+				$mappings[$idp] = array();
+			}
+			array_push($mappings[$idp], $mapping->subjectDomainPolicy());
+		}
+		return $mappings;
+	}
     
-    /**
-     * Get all subject domain policy OIDs that are mapped to given issuer
-     * domain policy OID.
-     *
-     * @param string $oid Issuer domain policy
-     * @return string[] List of OIDs in dotted format
-     */
-    public function issuerMappings(string $oid): array
-    {
-        $oids = array();
-        foreach ($this->_mappings as $mapping) {
-            if ($mapping->issuerDomainPolicy() == $oid) {
-                $oids[] = $mapping->subjectDomainPolicy();
-            }
-        }
-        return $oids;
-    }
+	/**
+	 * Get all subject domain policy OIDs that are mapped to given issuer
+	 * domain policy OID.
+	 *
+	 * @param string $oid Issuer domain policy
+	 * @return string[] List of OIDs in dotted format
+	 */
+	public function issuerMappings(string $oid): array
+	{
+		$oids = array();
+		foreach ($this->_mappings as $mapping) {
+			if ($mapping->issuerDomainPolicy() == $oid) {
+				$oids[] = $mapping->subjectDomainPolicy();
+			}
+		}
+		return $oids;
+	}
     
-    /**
-     * Get all mapped issuer domain policy OIDs.
-     *
-     * @return string[]
-     */
-    public function issuerDomainPolicies(): array
-    {
-        $idps = array_map(
-            function (PolicyMapping $mapping) {
-                return $mapping->issuerDomainPolicy();
-            }, $this->_mappings);
-        return array_values(array_unique($idps));
-    }
+	/**
+	 * Get all mapped issuer domain policy OIDs.
+	 *
+	 * @return string[]
+	 */
+	public function issuerDomainPolicies(): array
+	{
+		$idps = array_map(
+			function (PolicyMapping $mapping) {
+				return $mapping->issuerDomainPolicy();
+			}, $this->_mappings);
+		return array_values(array_unique($idps));
+	}
     
-    /**
-     * Check whether policy mappings have anyPolicy mapped.
-     *
-     * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
-     * to or from the special value anyPolicy".
-     *
-     * @return bool
-     */
-    public function hasAnyPolicyMapping(): bool
-    {
-        foreach ($this->_mappings as $mapping) {
-            if ($mapping->issuerDomainPolicy() ==
-                 PolicyInformation::OID_ANY_POLICY) {
-                return true;
-            }
-            if ($mapping->subjectDomainPolicy() ==
-                 PolicyInformation::OID_ANY_POLICY) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether policy mappings have anyPolicy mapped.
+	 *
+	 * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
+	 * to or from the special value anyPolicy".
+	 *
+	 * @return bool
+	 */
+	public function hasAnyPolicyMapping(): bool
+	{
+		foreach ($this->_mappings as $mapping) {
+			if ($mapping->issuerDomainPolicy() ==
+				 PolicyInformation::OID_ANY_POLICY) {
+				return true;
+			}
+			if ($mapping->subjectDomainPolicy() ==
+				 PolicyInformation::OID_ANY_POLICY) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Get the number of mappings.
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_mappings);
-    }
+	/**
+	 * Get the number of mappings.
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_mappings);
+	}
     
-    /**
-     * Get iterator for policy mappings.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_mappings);
-    }
+	/**
+	 * Get iterator for policy mappings.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_mappings);
+	}
 }

Spacing +3 added lines, -3 removed lines

@@ -45,7 +45,7 @@ 
     protected static function _fromDER(string $data, bool $critical): self
     {
         $mappings = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return PolicyMapping::fromASN1($el->asSequence());
             }, UnspecifiedType::fromDER($data)->asSequence()->elements());
         if (!count($mappings)) {
@@ -66,7 +66,7 @@ 
             throw new \LogicException("No mappings.");
         }
         $elements = array_map(
-            function (PolicyMapping $mapping) {
+            function(PolicyMapping $mapping) {
                 return $mapping->toASN1();
             }, $this->_mappings);
         return new Sequence(...$elements);
@@ -131,7 +131,7 @@ 
     public function issuerDomainPolicies(): array
     {
         $idps = array_map(
-            function (PolicyMapping $mapping) {
+            function(PolicyMapping $mapping) {
                 return $mapping->issuerDomainPolicy();
             }, $this->_mappings);
         return array_values(array_unique($idps));

lib/X509/Certificate/Extension/AuthorityKeyIdentifierExtension.php

Indentation +156 added lines, -156 removed lines

@@ -19,170 +19,170 @@
  */
 class AuthorityKeyIdentifierExtension extends Extension
 {
-    /**
-     * Key identifier.
-     *
-     * @var string|null $_keyIdentifier
-     */
-    protected $_keyIdentifier;
+	/**
+	 * Key identifier.
+	 *
+	 * @var string|null $_keyIdentifier
+	 */
+	protected $_keyIdentifier;
     
-    /**
-     * Issuer name.
-     *
-     * @var GeneralNames|null $_authorityCertIssuer
-     */
-    protected $_authorityCertIssuer;
+	/**
+	 * Issuer name.
+	 *
+	 * @var GeneralNames|null $_authorityCertIssuer
+	 */
+	protected $_authorityCertIssuer;
     
-    /**
-     * Issuer serial number.
-     *
-     * @var string|null $_authorityCertSerialNumber
-     */
-    protected $_authorityCertSerialNumber;
+	/**
+	 * Issuer serial number.
+	 *
+	 * @var string|null $_authorityCertSerialNumber
+	 */
+	protected $_authorityCertSerialNumber;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical Conforming CA's must mark as non-critical (false)
-     * @param string|null $keyIdentifier
-     * @param GeneralNames|null $issuer
-     * @param string|null $serial
-     */
-    public function __construct(bool $critical, $keyIdentifier,
-        GeneralNames $issuer = null, $serial = null)
-    {
-        parent::__construct(self::OID_AUTHORITY_KEY_IDENTIFIER, $critical);
-        $this->_keyIdentifier = $keyIdentifier;
-        $this->_authorityCertIssuer = $issuer;
-        $this->_authorityCertSerialNumber = isset($serial) ? strval($serial) : null;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical Conforming CA's must mark as non-critical (false)
+	 * @param string|null $keyIdentifier
+	 * @param GeneralNames|null $issuer
+	 * @param string|null $serial
+	 */
+	public function __construct(bool $critical, $keyIdentifier,
+		GeneralNames $issuer = null, $serial = null)
+	{
+		parent::__construct(self::OID_AUTHORITY_KEY_IDENTIFIER, $critical);
+		$this->_keyIdentifier = $keyIdentifier;
+		$this->_authorityCertIssuer = $issuer;
+		$this->_authorityCertSerialNumber = isset($serial) ? strval($serial) : null;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $seq = UnspecifiedType::fromDER($data)->asSequence();
-        $keyIdentifier = null;
-        $issuer = null;
-        $serial = null;
-        if ($seq->hasTagged(0)) {
-            $keyIdentifier = $seq->getTagged(0)
-                ->asImplicit(Element::TYPE_OCTET_STRING)
-                ->asOctetString()
-                ->string();
-        }
-        if ($seq->hasTagged(1) || $seq->hasTagged(2)) {
-            if (!$seq->hasTagged(1) || !$seq->hasTagged(2)) {
-                throw new \UnexpectedValueException(
-                    "AuthorityKeyIdentifier must have both" .
-                         " authorityCertIssuer and authorityCertSerialNumber" .
-                         " present or both absent.");
-            }
-            $issuer = GeneralNames::fromASN1(
-                $seq->getTagged(1)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-            $serial = $seq->getTagged(2)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->number();
-        }
-        return new self($critical, $keyIdentifier, $issuer, $serial);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$seq = UnspecifiedType::fromDER($data)->asSequence();
+		$keyIdentifier = null;
+		$issuer = null;
+		$serial = null;
+		if ($seq->hasTagged(0)) {
+			$keyIdentifier = $seq->getTagged(0)
+				->asImplicit(Element::TYPE_OCTET_STRING)
+				->asOctetString()
+				->string();
+		}
+		if ($seq->hasTagged(1) || $seq->hasTagged(2)) {
+			if (!$seq->hasTagged(1) || !$seq->hasTagged(2)) {
+				throw new \UnexpectedValueException(
+					"AuthorityKeyIdentifier must have both" .
+						 " authorityCertIssuer and authorityCertSerialNumber" .
+						 " present or both absent.");
+			}
+			$issuer = GeneralNames::fromASN1(
+				$seq->getTagged(1)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+			$serial = $seq->getTagged(2)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->number();
+		}
+		return new self($critical, $keyIdentifier, $issuer, $serial);
+	}
     
-    /**
-     * Whether key identifier is present.
-     *
-     * @return bool
-     */
-    public function hasKeyIdentifier(): bool
-    {
-        return isset($this->_keyIdentifier);
-    }
+	/**
+	 * Whether key identifier is present.
+	 *
+	 * @return bool
+	 */
+	public function hasKeyIdentifier(): bool
+	{
+		return isset($this->_keyIdentifier);
+	}
     
-    /**
-     * Get key identifier.
-     *
-     * @throws \LogicException
-     * @return string
-     */
-    public function keyIdentifier(): string
-    {
-        if (!$this->hasKeyIdentifier()) {
-            throw new \LogicException("keyIdentifier not set.");
-        }
-        return $this->_keyIdentifier;
-    }
+	/**
+	 * Get key identifier.
+	 *
+	 * @throws \LogicException
+	 * @return string
+	 */
+	public function keyIdentifier(): string
+	{
+		if (!$this->hasKeyIdentifier()) {
+			throw new \LogicException("keyIdentifier not set.");
+		}
+		return $this->_keyIdentifier;
+	}
     
-    /**
-     * Whether issuer is present.
-     *
-     * @return bool
-     */
-    public function hasIssuer(): bool
-    {
-        return isset($this->_authorityCertIssuer);
-    }
+	/**
+	 * Whether issuer is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuer(): bool
+	{
+		return isset($this->_authorityCertIssuer);
+	}
     
-    /**
-     * Get issuer.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function issuer(): GeneralNames
-    {
-        if (!$this->hasIssuer()) {
-            throw new \LogicException("authorityCertIssuer not set.");
-        }
-        return $this->_authorityCertIssuer;
-    }
+	/**
+	 * Get issuer.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function issuer(): GeneralNames
+	{
+		if (!$this->hasIssuer()) {
+			throw new \LogicException("authorityCertIssuer not set.");
+		}
+		return $this->_authorityCertIssuer;
+	}
     
-    /**
-     * Get serial number.
-     *
-     * @throws \LogicException
-     * @return string Base 10 integer string
-     */
-    public function serial(): string
-    {
-        // both issuer and serial must be present or both absent
-        if (!$this->hasIssuer()) {
-            throw new \LogicException("authorityCertSerialNumber not set.");
-        }
-        return $this->_authorityCertSerialNumber;
-    }
+	/**
+	 * Get serial number.
+	 *
+	 * @throws \LogicException
+	 * @return string Base 10 integer string
+	 */
+	public function serial(): string
+	{
+		// both issuer and serial must be present or both absent
+		if (!$this->hasIssuer()) {
+			throw new \LogicException("authorityCertSerialNumber not set.");
+		}
+		return $this->_authorityCertSerialNumber;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        $elements = array();
-        if (isset($this->_keyIdentifier)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                new OctetString($this->_keyIdentifier));
-        }
-        // if either issuer or serial is set, both must be set
-        if (isset($this->_authorityCertIssuer) ||
-             isset($this->_authorityCertSerialNumber)) {
-            if (!isset($this->_authorityCertIssuer,
-                $this->_authorityCertSerialNumber)) {
-                throw new \LogicException(
-                    "AuthorityKeyIdentifier must have both" .
-                     " authorityCertIssuer and authorityCertSerialNumber" .
-                     " present or both absent.");
-            }
-            $elements[] = new ImplicitlyTaggedType(1,
-                $this->_authorityCertIssuer->toASN1());
-            $elements[] = new ImplicitlyTaggedType(2,
-                new Integer($this->_authorityCertSerialNumber));
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		$elements = array();
+		if (isset($this->_keyIdentifier)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				new OctetString($this->_keyIdentifier));
+		}
+		// if either issuer or serial is set, both must be set
+		if (isset($this->_authorityCertIssuer) ||
+			 isset($this->_authorityCertSerialNumber)) {
+			if (!isset($this->_authorityCertIssuer,
+				$this->_authorityCertSerialNumber)) {
+				throw new \LogicException(
+					"AuthorityKeyIdentifier must have both" .
+					 " authorityCertIssuer and authorityCertSerialNumber" .
+					 " present or both absent.");
+			}
+			$elements[] = new ImplicitlyTaggedType(1,
+				$this->_authorityCertIssuer->toASN1());
+			$elements[] = new ImplicitlyTaggedType(2,
+				new Integer($this->_authorityCertSerialNumber));
+		}
+		return new Sequence(...$elements);
+	}
 }

lib/X509/Certificate/Extension/AAControlsExtension.php

Indentation +198 added lines, -198 removed lines

@@ -19,215 +19,215 @@
  */
 class AAControlsExtension extends Extension
 {
-    /**
-     * Path length contraint.
-     *
-     * @var int|null $_pathLenConstraint
-     */
-    protected $_pathLenConstraint;
+	/**
+	 * Path length contraint.
+	 *
+	 * @var int|null $_pathLenConstraint
+	 */
+	protected $_pathLenConstraint;
     
-    /**
-     * Permitted attributes.
-     *
-     * Array of OID's.
-     *
-     * @var string[]|null $_permittedAttrs
-     */
-    protected $_permittedAttrs;
+	/**
+	 * Permitted attributes.
+	 *
+	 * Array of OID's.
+	 *
+	 * @var string[]|null $_permittedAttrs
+	 */
+	protected $_permittedAttrs;
     
-    /**
-     * Excluded attributes.
-     *
-     * Array of OID's.
-     *
-     * @var string[]|null $_excludedAttrs
-     */
-    protected $_excludedAttrs;
+	/**
+	 * Excluded attributes.
+	 *
+	 * Array of OID's.
+	 *
+	 * @var string[]|null $_excludedAttrs
+	 */
+	protected $_excludedAttrs;
     
-    /**
-     * Whether to permit unspecified attributes.
-     *
-     * @var bool $_permitUnSpecified
-     */
-    protected $_permitUnSpecified;
+	/**
+	 * Whether to permit unspecified attributes.
+	 *
+	 * @var bool $_permitUnSpecified
+	 */
+	protected $_permitUnSpecified;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param int|null $path_len
-     * @param string[]|null $permitted
-     * @param string[]|null $excluded
-     * @param bool $permit_unspecified
-     */
-    public function __construct(bool $critical, $path_len = null,
-        array $permitted = null, array $excluded = null, bool $permit_unspecified = true)
-    {
-        parent::__construct(self::OID_AA_CONTROLS, $critical);
-        $this->_pathLenConstraint = isset($path_len) ? intval($path_len) : null;
-        $this->_permittedAttrs = $permitted;
-        $this->_excludedAttrs = $excluded;
-        $this->_permitUnSpecified = $permit_unspecified;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param int|null $path_len
+	 * @param string[]|null $permitted
+	 * @param string[]|null $excluded
+	 * @param bool $permit_unspecified
+	 */
+	public function __construct(bool $critical, $path_len = null,
+		array $permitted = null, array $excluded = null, bool $permit_unspecified = true)
+	{
+		parent::__construct(self::OID_AA_CONTROLS, $critical);
+		$this->_pathLenConstraint = isset($path_len) ? intval($path_len) : null;
+		$this->_permittedAttrs = $permitted;
+		$this->_excludedAttrs = $excluded;
+		$this->_permitUnSpecified = $permit_unspecified;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $seq = UnspecifiedType::fromDER($data)->asSequence();
-        $path_len = null;
-        $permitted = null;
-        $excluded = null;
-        $permit_unspecified = true;
-        $idx = 0;
-        if ($seq->has($idx, Element::TYPE_INTEGER)) {
-            $path_len = $seq->at($idx++)
-                ->asInteger()
-                ->intNumber();
-        }
-        if ($seq->hasTagged(0)) {
-            $attr_seq = $seq->getTagged(0)
-                ->asImplicit(Element::TYPE_SEQUENCE)
-                ->asSequence();
-            $permitted = array_map(
-                function (UnspecifiedType $el) {
-                    return $el->asObjectIdentifier()->oid();
-                }, $attr_seq->elements());
-            $idx++;
-        }
-        if ($seq->hasTagged(1)) {
-            $attr_seq = $seq->getTagged(1)
-                ->asImplicit(Element::TYPE_SEQUENCE)
-                ->asSequence();
-            $excluded = array_map(
-                function (UnspecifiedType $el) {
-                    return $el->asObjectIdentifier()->oid();
-                }, $attr_seq->elements());
-            $idx++;
-        }
-        if ($seq->has($idx, Element::TYPE_BOOLEAN)) {
-            $permit_unspecified = $seq->at($idx++)
-                ->asBoolean()
-                ->value();
-        }
-        return new self($critical, $path_len, $permitted, $excluded,
-            $permit_unspecified);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$seq = UnspecifiedType::fromDER($data)->asSequence();
+		$path_len = null;
+		$permitted = null;
+		$excluded = null;
+		$permit_unspecified = true;
+		$idx = 0;
+		if ($seq->has($idx, Element::TYPE_INTEGER)) {
+			$path_len = $seq->at($idx++)
+				->asInteger()
+				->intNumber();
+		}
+		if ($seq->hasTagged(0)) {
+			$attr_seq = $seq->getTagged(0)
+				->asImplicit(Element::TYPE_SEQUENCE)
+				->asSequence();
+			$permitted = array_map(
+				function (UnspecifiedType $el) {
+					return $el->asObjectIdentifier()->oid();
+				}, $attr_seq->elements());
+			$idx++;
+		}
+		if ($seq->hasTagged(1)) {
+			$attr_seq = $seq->getTagged(1)
+				->asImplicit(Element::TYPE_SEQUENCE)
+				->asSequence();
+			$excluded = array_map(
+				function (UnspecifiedType $el) {
+					return $el->asObjectIdentifier()->oid();
+				}, $attr_seq->elements());
+			$idx++;
+		}
+		if ($seq->has($idx, Element::TYPE_BOOLEAN)) {
+			$permit_unspecified = $seq->at($idx++)
+				->asBoolean()
+				->value();
+		}
+		return new self($critical, $path_len, $permitted, $excluded,
+			$permit_unspecified);
+	}
     
-    /**
-     * Check whether path length constraint is present.
-     *
-     * @return bool
-     */
-    public function hasPathLen(): bool
-    {
-        return isset($this->_pathLenConstraint);
-    }
+	/**
+	 * Check whether path length constraint is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPathLen(): bool
+	{
+		return isset($this->_pathLenConstraint);
+	}
     
-    /**
-     * Get path length constraint.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function pathLen(): int
-    {
-        if (!$this->hasPathLen()) {
-            throw new \LogicException("pathLen not set.");
-        }
-        return $this->_pathLenConstraint;
-    }
+	/**
+	 * Get path length constraint.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function pathLen(): int
+	{
+		if (!$this->hasPathLen()) {
+			throw new \LogicException("pathLen not set.");
+		}
+		return $this->_pathLenConstraint;
+	}
     
-    /**
-     * Check whether permitted attributes are present.
-     *
-     * @return bool
-     */
-    public function hasPermittedAttrs(): bool
-    {
-        return isset($this->_permittedAttrs);
-    }
+	/**
+	 * Check whether permitted attributes are present.
+	 *
+	 * @return bool
+	 */
+	public function hasPermittedAttrs(): bool
+	{
+		return isset($this->_permittedAttrs);
+	}
     
-    /**
-     * Get OID's of permitted attributes.
-     *
-     * @throws \LogicException
-     * @return string[]
-     */
-    public function permittedAttrs(): array
-    {
-        if (!$this->hasPermittedAttrs()) {
-            throw new \LogicException("permittedAttrs not set.");
-        }
-        return $this->_permittedAttrs;
-    }
+	/**
+	 * Get OID's of permitted attributes.
+	 *
+	 * @throws \LogicException
+	 * @return string[]
+	 */
+	public function permittedAttrs(): array
+	{
+		if (!$this->hasPermittedAttrs()) {
+			throw new \LogicException("permittedAttrs not set.");
+		}
+		return $this->_permittedAttrs;
+	}
     
-    /**
-     * Check whether excluded attributes are present.
-     *
-     * @return bool
-     */
-    public function hasExcludedAttrs(): bool
-    {
-        return isset($this->_excludedAttrs);
-    }
+	/**
+	 * Check whether excluded attributes are present.
+	 *
+	 * @return bool
+	 */
+	public function hasExcludedAttrs(): bool
+	{
+		return isset($this->_excludedAttrs);
+	}
     
-    /**
-     * Get OID's of excluded attributes.
-     *
-     * @throws \LogicException
-     * @return string[]
-     */
-    public function excludedAttrs(): array
-    {
-        if (!$this->hasExcludedAttrs()) {
-            throw new \LogicException("excludedAttrs not set.");
-        }
-        return $this->_excludedAttrs;
-    }
+	/**
+	 * Get OID's of excluded attributes.
+	 *
+	 * @throws \LogicException
+	 * @return string[]
+	 */
+	public function excludedAttrs(): array
+	{
+		if (!$this->hasExcludedAttrs()) {
+			throw new \LogicException("excludedAttrs not set.");
+		}
+		return $this->_excludedAttrs;
+	}
     
-    /**
-     * Whether to permit attributes that are not explicitly specified in
-     * neither permitted nor excluded list.
-     *
-     * @return bool
-     */
-    public function permitUnspecified(): bool
-    {
-        return $this->_permitUnSpecified;
-    }
+	/**
+	 * Whether to permit attributes that are not explicitly specified in
+	 * neither permitted nor excluded list.
+	 *
+	 * @return bool
+	 */
+	public function permitUnspecified(): bool
+	{
+		return $this->_permitUnSpecified;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        $elements = array();
-        if (isset($this->_pathLenConstraint)) {
-            $elements[] = new Integer($this->_pathLenConstraint);
-        }
-        if (isset($this->_permittedAttrs)) {
-            $oids = array_map(
-                function ($oid) {
-                    return new ObjectIdentifier($oid);
-                }, $this->_permittedAttrs);
-            $elements[] = new ImplicitlyTaggedType(0, new Sequence(...$oids));
-        }
-        if (isset($this->_excludedAttrs)) {
-            $oids = array_map(
-                function ($oid) {
-                    return new ObjectIdentifier($oid);
-                }, $this->_excludedAttrs);
-            $elements[] = new ImplicitlyTaggedType(1, new Sequence(...$oids));
-        }
-        if ($this->_permitUnSpecified !== true) {
-            $elements[] = new Boolean(false);
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		$elements = array();
+		if (isset($this->_pathLenConstraint)) {
+			$elements[] = new Integer($this->_pathLenConstraint);
+		}
+		if (isset($this->_permittedAttrs)) {
+			$oids = array_map(
+				function ($oid) {
+					return new ObjectIdentifier($oid);
+				}, $this->_permittedAttrs);
+			$elements[] = new ImplicitlyTaggedType(0, new Sequence(...$oids));
+		}
+		if (isset($this->_excludedAttrs)) {
+			$oids = array_map(
+				function ($oid) {
+					return new ObjectIdentifier($oid);
+				}, $this->_excludedAttrs);
+			$elements[] = new ImplicitlyTaggedType(1, new Sequence(...$oids));
+		}
+		if ($this->_permitUnSpecified !== true) {
+			$elements[] = new Boolean(false);
+		}
+		return new Sequence(...$elements);
+	}
 }

lib/X509/Certificate/Extension/KeyUsageExtension.php

Indentation +138 added lines, -138 removed lines

@@ -15,156 +15,156 @@
  */
 class KeyUsageExtension extends Extension
 {
-    const DIGITAL_SIGNATURE = 0x100;
-    const NON_REPUDIATION = 0x080;
-    const KEY_ENCIPHERMENT = 0x040;
-    const DATA_ENCIPHERMENT = 0x020;
-    const KEY_AGREEMENT = 0x010;
-    const KEY_CERT_SIGN = 0x008;
-    const CRL_SIGN = 0x004;
-    const ENCIPHER_ONLY = 0x002;
-    const DECIPHER_ONLY = 0x001;
+	const DIGITAL_SIGNATURE = 0x100;
+	const NON_REPUDIATION = 0x080;
+	const KEY_ENCIPHERMENT = 0x040;
+	const DATA_ENCIPHERMENT = 0x020;
+	const KEY_AGREEMENT = 0x010;
+	const KEY_CERT_SIGN = 0x008;
+	const CRL_SIGN = 0x004;
+	const ENCIPHER_ONLY = 0x002;
+	const DECIPHER_ONLY = 0x001;
     
-    /**
-     * Key usage flags.
-     *
-     * @var int $_keyUsage
-     */
-    protected $_keyUsage;
+	/**
+	 * Key usage flags.
+	 *
+	 * @var int $_keyUsage
+	 */
+	protected $_keyUsage;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param int $keyUsage
-     */
-    public function __construct(bool $critical, int $keyUsage)
-    {
-        parent::__construct(self::OID_KEY_USAGE, $critical);
-        $this->_keyUsage = $keyUsage;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param int $keyUsage
+	 */
+	public function __construct(bool $critical, int $keyUsage)
+	{
+		parent::__construct(self::OID_KEY_USAGE, $critical);
+		$this->_keyUsage = $keyUsage;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        return new self($critical,
-            Flags::fromBitString(UnspecifiedType::fromDER($data)->asBitString(),
-                9)->intNumber());
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		return new self($critical,
+			Flags::fromBitString(UnspecifiedType::fromDER($data)->asBitString(),
+				9)->intNumber());
+	}
     
-    /**
-     * Check whether digitalSignature flag is set.
-     *
-     * @return bool
-     */
-    public function isDigitalSignature(): bool
-    {
-        return $this->_flagSet(self::DIGITAL_SIGNATURE);
-    }
+	/**
+	 * Check whether digitalSignature flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isDigitalSignature(): bool
+	{
+		return $this->_flagSet(self::DIGITAL_SIGNATURE);
+	}
     
-    /**
-     * Check whether nonRepudiation/contentCommitment flag is set.
-     *
-     * @return bool
-     */
-    public function isNonRepudiation(): bool
-    {
-        return $this->_flagSet(self::NON_REPUDIATION);
-    }
+	/**
+	 * Check whether nonRepudiation/contentCommitment flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isNonRepudiation(): bool
+	{
+		return $this->_flagSet(self::NON_REPUDIATION);
+	}
     
-    /**
-     * Check whether keyEncipherment flag is set.
-     *
-     * @return bool
-     */
-    public function isKeyEncipherment(): bool
-    {
-        return $this->_flagSet(self::KEY_ENCIPHERMENT);
-    }
+	/**
+	 * Check whether keyEncipherment flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isKeyEncipherment(): bool
+	{
+		return $this->_flagSet(self::KEY_ENCIPHERMENT);
+	}
     
-    /**
-     * Check whether dataEncipherment flag is set.
-     *
-     * @return bool
-     */
-    public function isDataEncipherment(): bool
-    {
-        return $this->_flagSet(self::DATA_ENCIPHERMENT);
-    }
+	/**
+	 * Check whether dataEncipherment flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isDataEncipherment(): bool
+	{
+		return $this->_flagSet(self::DATA_ENCIPHERMENT);
+	}
     
-    /**
-     * Check whether keyAgreement flag is set.
-     *
-     * @return bool
-     */
-    public function isKeyAgreement(): bool
-    {
-        return $this->_flagSet(self::KEY_AGREEMENT);
-    }
+	/**
+	 * Check whether keyAgreement flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isKeyAgreement(): bool
+	{
+		return $this->_flagSet(self::KEY_AGREEMENT);
+	}
     
-    /**
-     * Check whether keyCertSign flag is set.
-     *
-     * @return bool
-     */
-    public function isKeyCertSign(): bool
-    {
-        return $this->_flagSet(self::KEY_CERT_SIGN);
-    }
+	/**
+	 * Check whether keyCertSign flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isKeyCertSign(): bool
+	{
+		return $this->_flagSet(self::KEY_CERT_SIGN);
+	}
     
-    /**
-     * Check whether cRLSign flag is set.
-     *
-     * @return bool
-     */
-    public function isCRLSign(): bool
-    {
-        return $this->_flagSet(self::CRL_SIGN);
-    }
+	/**
+	 * Check whether cRLSign flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isCRLSign(): bool
+	{
+		return $this->_flagSet(self::CRL_SIGN);
+	}
     
-    /**
-     * Check whether encipherOnly flag is set.
-     *
-     * @return bool
-     */
-    public function isEncipherOnly(): bool
-    {
-        return $this->_flagSet(self::ENCIPHER_ONLY);
-    }
+	/**
+	 * Check whether encipherOnly flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isEncipherOnly(): bool
+	{
+		return $this->_flagSet(self::ENCIPHER_ONLY);
+	}
     
-    /**
-     * Check whether decipherOnly flag is set.
-     *
-     * @return bool
-     */
-    public function isDecipherOnly(): bool
-    {
-        return $this->_flagSet(self::DECIPHER_ONLY);
-    }
+	/**
+	 * Check whether decipherOnly flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isDecipherOnly(): bool
+	{
+		return $this->_flagSet(self::DECIPHER_ONLY);
+	}
     
-    /**
-     * Check whether given flag is set.
-     *
-     * @param int $flag
-     * @return boolean
-     */
-    protected function _flagSet(int $flag): bool
-    {
-        return (bool) ($this->_keyUsage & $flag);
-    }
+	/**
+	 * Check whether given flag is set.
+	 *
+	 * @param int $flag
+	 * @return boolean
+	 */
+	protected function _flagSet(int $flag): bool
+	{
+		return (bool) ($this->_keyUsage & $flag);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return BitString
-     */
-    protected function _valueASN1(): BitString
-    {
-        $flags = new Flags($this->_keyUsage, 9);
-        return $flags->bitString()->withoutTrailingZeroes();
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return BitString
+	 */
+	protected function _valueASN1(): BitString
+	{
+		$flags = new Flags($this->_keyUsage, 9);
+		return $flags->bitString()->withoutTrailingZeroes();
+	}
 }

lib/X509/Certificate/Extension/SubjectKeyIdentifierExtension.php

Indentation +45 added lines, -45 removed lines

@@ -14,53 +14,53 @@
  */
 class SubjectKeyIdentifierExtension extends Extension
 {
-    /**
-     * Key identifier.
-     *
-     * @var string $_keyIdentifier
-     */
-    protected $_keyIdentifier;
+	/**
+	 * Key identifier.
+	 *
+	 * @var string $_keyIdentifier
+	 */
+	protected $_keyIdentifier;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param string $keyIdentifier
-     */
-    public function __construct(bool $critical, string $keyIdentifier)
-    {
-        parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical);
-        $this->_keyIdentifier = $keyIdentifier;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param string $keyIdentifier
+	 */
+	public function __construct(bool $critical, string $keyIdentifier)
+	{
+		parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical);
+		$this->_keyIdentifier = $keyIdentifier;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        return new self($critical,
-            UnspecifiedType::fromDER($data)->asOctetString()->string());
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		return new self($critical,
+			UnspecifiedType::fromDER($data)->asOctetString()->string());
+	}
     
-    /**
-     * Get key identifier.
-     *
-     * @return string
-     */
-    public function keyIdentifier(): string
-    {
-        return $this->_keyIdentifier;
-    }
+	/**
+	 * Get key identifier.
+	 *
+	 * @return string
+	 */
+	public function keyIdentifier(): string
+	{
+		return $this->_keyIdentifier;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return OctetString
-     */
-    protected function _valueASN1(): OctetString
-    {
-        return new OctetString($this->_keyIdentifier);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return OctetString
+	 */
+	protected function _valueASN1(): OctetString
+	{
+		return new OctetString($this->_keyIdentifier);
+	}
 }

lib/X509/Certificate/Extension/CertificatePoliciesExtension.php

Indentation +122 added lines, -122 removed lines

@@ -14,136 +14,136 @@
  * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.4
  */
 class CertificatePoliciesExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Policy information terms.
-     *
-     * @var PolicyInformation[] $_policies
-     */
-    protected $_policies;
+	/**
+	 * Policy information terms.
+	 *
+	 * @var PolicyInformation[] $_policies
+	 */
+	protected $_policies;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param PolicyInformation ...$policies
-     */
-    public function __construct(bool $critical, PolicyInformation ...$policies)
-    {
-        parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
-        $this->_policies = [];
-        foreach ($policies as $policy) {
-            $this->_policies[$policy->oid()] = $policy;
-        }
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param PolicyInformation ...$policies
+	 */
+	public function __construct(bool $critical, PolicyInformation ...$policies)
+	{
+		parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
+		$this->_policies = [];
+		foreach ($policies as $policy) {
+			$this->_policies[$policy->oid()] = $policy;
+		}
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $policies = array_map(
-            function (UnspecifiedType $el) {
-                return PolicyInformation::fromASN1($el->asSequence());
-            }, UnspecifiedType::fromDER($data)->asSequence()->elements());
-        if (!count($policies)) {
-            throw new \UnexpectedValueException(
-                "certificatePolicies must contain" .
-                     " at least one PolicyInformation.");
-        }
-        return new self($critical, ...$policies);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$policies = array_map(
+			function (UnspecifiedType $el) {
+				return PolicyInformation::fromASN1($el->asSequence());
+			}, UnspecifiedType::fromDER($data)->asSequence()->elements());
+		if (!count($policies)) {
+			throw new \UnexpectedValueException(
+				"certificatePolicies must contain" .
+					 " at least one PolicyInformation.");
+		}
+		return new self($critical, ...$policies);
+	}
     
-    /**
-     * Check whether policy information by OID is present.
-     *
-     * @param string $oid
-     * @return bool
-     */
-    public function has(string $oid): bool
-    {
-        return isset($this->_policies[$oid]);
-    }
+	/**
+	 * Check whether policy information by OID is present.
+	 *
+	 * @param string $oid
+	 * @return bool
+	 */
+	public function has(string $oid): bool
+	{
+		return isset($this->_policies[$oid]);
+	}
     
-    /**
-     * Get policy information by OID.
-     *
-     * @param string $oid
-     * @throws \LogicException
-     * @return PolicyInformation
-     */
-    public function get(string $oid): PolicyInformation
-    {
-        if (!$this->has($oid)) {
-            throw new \LogicException("Not certificate policy by OID $oid.");
-        }
-        return $this->_policies[$oid];
-    }
+	/**
+	 * Get policy information by OID.
+	 *
+	 * @param string $oid
+	 * @throws \LogicException
+	 * @return PolicyInformation
+	 */
+	public function get(string $oid): PolicyInformation
+	{
+		if (!$this->has($oid)) {
+			throw new \LogicException("Not certificate policy by OID $oid.");
+		}
+		return $this->_policies[$oid];
+	}
     
-    /**
-     * Check whether anyPolicy is present.
-     *
-     * @return bool
-     */
-    public function hasAnyPolicy(): bool
-    {
-        return $this->has(PolicyInformation::OID_ANY_POLICY);
-    }
+	/**
+	 * Check whether anyPolicy is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAnyPolicy(): bool
+	{
+		return $this->has(PolicyInformation::OID_ANY_POLICY);
+	}
     
-    /**
-     * Get anyPolicy information.
-     *
-     * @throws \LogicException If anyPolicy is not present.
-     * @return PolicyInformation
-     */
-    public function anyPolicy(): PolicyInformation
-    {
-        if (!$this->hasAnyPolicy()) {
-            throw new \LogicException("No anyPolicy.");
-        }
-        return $this->get(PolicyInformation::OID_ANY_POLICY);
-    }
+	/**
+	 * Get anyPolicy information.
+	 *
+	 * @throws \LogicException If anyPolicy is not present.
+	 * @return PolicyInformation
+	 */
+	public function anyPolicy(): PolicyInformation
+	{
+		if (!$this->hasAnyPolicy()) {
+			throw new \LogicException("No anyPolicy.");
+		}
+		return $this->get(PolicyInformation::OID_ANY_POLICY);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        if (!count($this->_policies)) {
-            throw new \LogicException("No policies.");
-        }
-        $elements = array_map(
-            function (PolicyInformation $pi) {
-                return $pi->toASN1();
-            }, array_values($this->_policies));
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		if (!count($this->_policies)) {
+			throw new \LogicException("No policies.");
+		}
+		$elements = array_map(
+			function (PolicyInformation $pi) {
+				return $pi->toASN1();
+			}, array_values($this->_policies));
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Get the number of policies.
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_policies);
-    }
+	/**
+	 * Get the number of policies.
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_policies);
+	}
     
-    /**
-     * Get iterator for policy information terms.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_policies);
-    }
+	/**
+	 * Get iterator for policy information terms.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_policies);
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -47,7 +47,7 @@ 
     protected static function _fromDER(string $data, bool $critical): self
     {
         $policies = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return PolicyInformation::fromASN1($el->asSequence());
             }, UnspecifiedType::fromDER($data)->asSequence()->elements());
         if (!count($policies)) {
@@ -119,7 +119,7 @@ 
             throw new \LogicException("No policies.");
         }
         $elements = array_map(
-            function (PolicyInformation $pi) {
+            function(PolicyInformation $pi) {
                 return $pi->toASN1();
             }, array_values($this->_policies));
         return new Sequence(...$elements);

lib/X509/Certificate/Extension/PolicyConstraintsExtension.php

Indentation +113 added lines, -113 removed lines

@@ -17,125 +17,125 @@
  */
 class PolicyConstraintsExtension extends Extension
 {
-    /**
-     *
-     * @var int $_requireExplicitPolicy
-     */
-    protected $_requireExplicitPolicy;
+	/**
+	 *
+	 * @var int $_requireExplicitPolicy
+	 */
+	protected $_requireExplicitPolicy;
     
-    /**
-     *
-     * @var int $_inhibitPolicyMapping
-     */
-    protected $_inhibitPolicyMapping;
+	/**
+	 *
+	 * @var int $_inhibitPolicyMapping
+	 */
+	protected $_inhibitPolicyMapping;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param int|null $require_explicit_policy
-     * @param int|null $inhibit_policy_mapping
-     */
-    public function __construct(bool $critical, $require_explicit_policy = null,
-        $inhibit_policy_mapping = null)
-    {
-        parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
-        $this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval(
-            $require_explicit_policy) : null;
-        $this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval(
-            $inhibit_policy_mapping) : null;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param int|null $require_explicit_policy
+	 * @param int|null $inhibit_policy_mapping
+	 */
+	public function __construct(bool $critical, $require_explicit_policy = null,
+		$inhibit_policy_mapping = null)
+	{
+		parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
+		$this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval(
+			$require_explicit_policy) : null;
+		$this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval(
+			$inhibit_policy_mapping) : null;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $seq = UnspecifiedType::fromDER($data)->asSequence();
-        $require_explicit_policy = null;
-        $inhibit_policy_mapping = null;
-        if ($seq->hasTagged(0)) {
-            $require_explicit_policy = $seq->getTagged(0)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->intNumber();
-        }
-        if ($seq->hasTagged(1)) {
-            $inhibit_policy_mapping = $seq->getTagged(1)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->intNumber();
-        }
-        return new self($critical, $require_explicit_policy,
-            $inhibit_policy_mapping);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$seq = UnspecifiedType::fromDER($data)->asSequence();
+		$require_explicit_policy = null;
+		$inhibit_policy_mapping = null;
+		if ($seq->hasTagged(0)) {
+			$require_explicit_policy = $seq->getTagged(0)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->intNumber();
+		}
+		if ($seq->hasTagged(1)) {
+			$inhibit_policy_mapping = $seq->getTagged(1)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->intNumber();
+		}
+		return new self($critical, $require_explicit_policy,
+			$inhibit_policy_mapping);
+	}
     
-    /**
-     * Whether requireExplicitPolicy is present.
-     *
-     * @return bool
-     */
-    public function hasRequireExplicitPolicy(): bool
-    {
-        return isset($this->_requireExplicitPolicy);
-    }
+	/**
+	 * Whether requireExplicitPolicy is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRequireExplicitPolicy(): bool
+	{
+		return isset($this->_requireExplicitPolicy);
+	}
     
-    /**
-     * Get requireExplicitPolicy.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function requireExplicitPolicy(): int
-    {
-        if (!$this->hasRequireExplicitPolicy()) {
-            throw new \LogicException("requireExplicitPolicy not set.");
-        }
-        return $this->_requireExplicitPolicy;
-    }
+	/**
+	 * Get requireExplicitPolicy.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function requireExplicitPolicy(): int
+	{
+		if (!$this->hasRequireExplicitPolicy()) {
+			throw new \LogicException("requireExplicitPolicy not set.");
+		}
+		return $this->_requireExplicitPolicy;
+	}
     
-    /**
-     * Whether inhibitPolicyMapping is present.
-     *
-     * @return bool
-     */
-    public function hasInhibitPolicyMapping(): bool
-    {
-        return isset($this->_inhibitPolicyMapping);
-    }
+	/**
+	 * Whether inhibitPolicyMapping is present.
+	 *
+	 * @return bool
+	 */
+	public function hasInhibitPolicyMapping(): bool
+	{
+		return isset($this->_inhibitPolicyMapping);
+	}
     
-    /**
-     * Get inhibitPolicyMapping.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function inhibitPolicyMapping(): int
-    {
-        if (!$this->hasInhibitPolicyMapping()) {
-            throw new \LogicException("inhibitPolicyMapping not set.");
-        }
-        return $this->_inhibitPolicyMapping;
-    }
+	/**
+	 * Get inhibitPolicyMapping.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function inhibitPolicyMapping(): int
+	{
+		if (!$this->hasInhibitPolicyMapping()) {
+			throw new \LogicException("inhibitPolicyMapping not set.");
+		}
+		return $this->_inhibitPolicyMapping;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        $elements = array();
-        if (isset($this->_requireExplicitPolicy)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                new Integer($this->_requireExplicitPolicy));
-        }
-        if (isset($this->_inhibitPolicyMapping)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                new Integer($this->_inhibitPolicyMapping));
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		$elements = array();
+		if (isset($this->_requireExplicitPolicy)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				new Integer($this->_requireExplicitPolicy));
+		}
+		if (isset($this->_inhibitPolicyMapping)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				new Integer($this->_inhibitPolicyMapping));
+		}
+		return new Sequence(...$elements);
+	}
 }

lib/X509/Certificate/Extension/CRLDistributionPointsExtension.php

Indentation +84 added lines, -84 removed lines

@@ -14,95 +14,95 @@
  * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.13
  */
 class CRLDistributionPointsExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Distribution points.
-     *
-     * @var DistributionPoint[] $_distributionPoints
-     */
-    protected $_distributionPoints;
+	/**
+	 * Distribution points.
+	 *
+	 * @var DistributionPoint[] $_distributionPoints
+	 */
+	protected $_distributionPoints;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param DistributionPoint ...$distribution_points
-     */
-    public function __construct(bool $critical,
-        DistributionPoint ...$distribution_points)
-    {
-        parent::__construct(self::OID_CRL_DISTRIBUTION_POINTS, $critical);
-        $this->_distributionPoints = $distribution_points;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param DistributionPoint ...$distribution_points
+	 */
+	public function __construct(bool $critical,
+		DistributionPoint ...$distribution_points)
+	{
+		parent::__construct(self::OID_CRL_DISTRIBUTION_POINTS, $critical);
+		$this->_distributionPoints = $distribution_points;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $dps = array_map(
-            function (UnspecifiedType $el) {
-                return DistributionPoint::fromASN1($el->asSequence());
-            }, UnspecifiedType::fromDER($data)->asSequence()->elements());
-        if (!count($dps)) {
-            throw new \UnexpectedValueException(
-                "CRLDistributionPoints must have" .
-                     " at least one DistributionPoint.");
-        }
-        // late static bound, extended by Freshest CRL extension
-        return new static($critical, ...$dps);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$dps = array_map(
+			function (UnspecifiedType $el) {
+				return DistributionPoint::fromASN1($el->asSequence());
+			}, UnspecifiedType::fromDER($data)->asSequence()->elements());
+		if (!count($dps)) {
+			throw new \UnexpectedValueException(
+				"CRLDistributionPoints must have" .
+					 " at least one DistributionPoint.");
+		}
+		// late static bound, extended by Freshest CRL extension
+		return new static($critical, ...$dps);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        if (!count($this->_distributionPoints)) {
-            throw new \LogicException("No distribution points.");
-        }
-        $elements = array_map(
-            function (DistributionPoint $dp) {
-                return $dp->toASN1();
-            }, $this->_distributionPoints);
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		if (!count($this->_distributionPoints)) {
+			throw new \LogicException("No distribution points.");
+		}
+		$elements = array_map(
+			function (DistributionPoint $dp) {
+				return $dp->toASN1();
+			}, $this->_distributionPoints);
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Get distribution points.
-     *
-     * @return DistributionPoint[]
-     */
-    public function distributionPoints(): array
-    {
-        return $this->_distributionPoints;
-    }
+	/**
+	 * Get distribution points.
+	 *
+	 * @return DistributionPoint[]
+	 */
+	public function distributionPoints(): array
+	{
+		return $this->_distributionPoints;
+	}
     
-    /**
-     * Get the number of distribution points.
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_distributionPoints);
-    }
+	/**
+	 * Get the number of distribution points.
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_distributionPoints);
+	}
     
-    /**
-     * Get iterator for distribution points.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_distributionPoints);
-    }
+	/**
+	 * Get iterator for distribution points.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_distributionPoints);
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -45,7 +45,7 @@ 
     protected static function _fromDER(string $data, bool $critical): self
     {
         $dps = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return DistributionPoint::fromASN1($el->asSequence());
             }, UnspecifiedType::fromDER($data)->asSequence()->elements());
         if (!count($dps)) {
@@ -68,7 +68,7 @@ 
             throw new \LogicException("No distribution points.");
         }
         $elements = array_map(
-            function (DistributionPoint $dp) {
+            function(DistributionPoint $dp) {
                 return $dp->toASN1();
             }, $this->_distributionPoints);
         return new Sequence(...$elements);