Inspection of "Add AC example" - sop/x509 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 91afec...2569ae )

by Joni

created 2017-11-27 12:42 UTC

Status

Indentation +155 added lines, -155 removed lines patch added patch discarded remove patch

@@ -23,171 +23,171 @@
 block discarded – undo
  */
 class CertificationPath implements \Countable, \IteratorAggregate
 {
-    /**
-     * Certification path.
-     *
-     * @var Certificate[] $_certificates
-     */
-    protected $_certificates;
+	/**
+	 * Certification path.
+	 *
+	 * @var Certificate[] $_certificates
+	 */
+	protected $_certificates;
     
-    /**
-     * Constructor.
-     *
-     * @param Certificate ...$certificates Certificates from the trust anchor
-     *        to the target end-entity certificate
-     */
-    public function __construct(Certificate ...$certificates)
-    {
-        $this->_certificates = $certificates;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Certificate ...$certificates Certificates from the trust anchor
+	 *        to the target end-entity certificate
+	 */
+	public function __construct(Certificate ...$certificates)
+	{
+		$this->_certificates = $certificates;
+	}
     
-    /**
-     * Initialize from a certificate chain.
-     *
-     * @param CertificateChain $chain
-     * @return self
-     */
-    public static function fromCertificateChain(CertificateChain $chain): self
-    {
-        return new self(...array_reverse($chain->certificates(), false));
-    }
+	/**
+	 * Initialize from a certificate chain.
+	 *
+	 * @param CertificateChain $chain
+	 * @return self
+	 */
+	public static function fromCertificateChain(CertificateChain $chain): self
+	{
+		return new self(...array_reverse($chain->certificates(), false));
+	}
     
-    /**
-     * Build certification path to given target.
-     *
-     * @param Certificate $target Target end-entity certificate
-     * @param CertificateBundle $trust_anchors List of trust anchors
-     * @param CertificateBundle|null $intermediate Optional intermediate
-     *        certificates
-     * @return self
-     */
-    public static function toTarget(Certificate $target,
-        CertificateBundle $trust_anchors, CertificateBundle $intermediate = null): self
-    {
-        $builder = new CertificationPathBuilder($trust_anchors);
-        return $builder->shortestPathToTarget($target, $intermediate);
-    }
+	/**
+	 * Build certification path to given target.
+	 *
+	 * @param Certificate $target Target end-entity certificate
+	 * @param CertificateBundle $trust_anchors List of trust anchors
+	 * @param CertificateBundle|null $intermediate Optional intermediate
+	 *        certificates
+	 * @return self
+	 */
+	public static function toTarget(Certificate $target,
+		CertificateBundle $trust_anchors, CertificateBundle $intermediate = null): self
+	{
+		$builder = new CertificationPathBuilder($trust_anchors);
+		return $builder->shortestPathToTarget($target, $intermediate);
+	}
     
-    /**
-     * Build certification path from given trust anchor to target certificate,
-     * using intermediate certificates from given bundle.
-     *
-     * @param Certificate $trust_anchor Trust anchor certificate
-     * @param Certificate $target Target end-entity certificate
-     * @param CertificateBundle|null $intermediate Optional intermediate
-     *        certificates
-     * @return self
-     */
-    public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
-        Certificate $target, CertificateBundle $intermediate = null): self
-    {
-        return self::toTarget($target, new CertificateBundle($trust_anchor),
-            $intermediate);
-    }
+	/**
+	 * Build certification path from given trust anchor to target certificate,
+	 * using intermediate certificates from given bundle.
+	 *
+	 * @param Certificate $trust_anchor Trust anchor certificate
+	 * @param Certificate $target Target end-entity certificate
+	 * @param CertificateBundle|null $intermediate Optional intermediate
+	 *        certificates
+	 * @return self
+	 */
+	public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
+		Certificate $target, CertificateBundle $intermediate = null): self
+	{
+		return self::toTarget($target, new CertificateBundle($trust_anchor),
+			$intermediate);
+	}
     
-    /**
-     * Get certificates.
-     *
-     * @return Certificate[]
-     */
-    public function certificates(): array
-    {
-        return $this->_certificates;
-    }
+	/**
+	 * Get certificates.
+	 *
+	 * @return Certificate[]
+	 */
+	public function certificates(): array
+	{
+		return $this->_certificates;
+	}
     
-    /**
-     * Get the trust anchor certificate from the path.
-     *
-     * @throws \LogicException If path is empty
-     * @return Certificate
-     */
-    public function trustAnchorCertificate(): Certificate
-    {
-        if (!count($this->_certificates)) {
-            throw new \LogicException("No certificates.");
-        }
-        return $this->_certificates[0];
-    }
+	/**
+	 * Get the trust anchor certificate from the path.
+	 *
+	 * @throws \LogicException If path is empty
+	 * @return Certificate
+	 */
+	public function trustAnchorCertificate(): Certificate
+	{
+		if (!count($this->_certificates)) {
+			throw new \LogicException("No certificates.");
+		}
+		return $this->_certificates[0];
+	}
     
-    /**
-     * Get the end-entity certificate from the path.
-     *
-     * @throws \LogicException If path is empty
-     * @return Certificate
-     */
-    public function endEntityCertificate(): Certificate
-    {
-        if (!count($this->_certificates)) {
-            throw new \LogicException("No certificates.");
-        }
-        return $this->_certificates[count($this->_certificates) - 1];
-    }
+	/**
+	 * Get the end-entity certificate from the path.
+	 *
+	 * @throws \LogicException If path is empty
+	 * @return Certificate
+	 */
+	public function endEntityCertificate(): Certificate
+	{
+		if (!count($this->_certificates)) {
+			throw new \LogicException("No certificates.");
+		}
+		return $this->_certificates[count($this->_certificates) - 1];
+	}
     
-    /**
-     * Get certification path as a certificate chain.
-     *
-     * @return CertificateChain
-     */
-    public function certificateChain(): CertificateChain
-    {
-        return new CertificateChain(
-            ...array_reverse($this->_certificates, false));
-    }
+	/**
+	 * Get certification path as a certificate chain.
+	 *
+	 * @return CertificateChain
+	 */
+	public function certificateChain(): CertificateChain
+	{
+		return new CertificateChain(
+			...array_reverse($this->_certificates, false));
+	}
     
-    /**
-     * Check whether certification path starts with one ore more given
-     * certificates in parameter order.
-     *
-     * @param Certificate ...$certs Certificates
-     * @return true
-     */
-    public function startsWith(Certificate ...$certs): bool
-    {
-        $n = count($certs);
-        if ($n > count($this->_certificates)) {
-            return false;
-        }
-        for ($i = 0; $i < $n; ++$i) {
-            if (!$certs[$i]->equals($this->_certificates[$i])) {
-                return false;
-            }
-        }
-        return true;
-    }
+	/**
+	 * Check whether certification path starts with one ore more given
+	 * certificates in parameter order.
+	 *
+	 * @param Certificate ...$certs Certificates
+	 * @return true
+	 */
+	public function startsWith(Certificate ...$certs): bool
+	{
+		$n = count($certs);
+		if ($n > count($this->_certificates)) {
+			return false;
+		}
+		for ($i = 0; $i < $n; ++$i) {
+			if (!$certs[$i]->equals($this->_certificates[$i])) {
+				return false;
+			}
+		}
+		return true;
+	}
     
-    /**
-     * Validate certification path.
-     *
-     * @param PathValidationConfig $config
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @throws Exception\PathValidationException
-     * @return PathValidation\PathValidationResult
-     */
-    public function validate(PathValidationConfig $config, Crypto $crypto = null): PathValidation\PathValidationResult
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $validator = new PathValidator($crypto, $config, ...$this->_certificates);
-        return $validator->validate();
-    }
+	/**
+	 * Validate certification path.
+	 *
+	 * @param PathValidationConfig $config
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @throws Exception\PathValidationException
+	 * @return PathValidation\PathValidationResult
+	 */
+	public function validate(PathValidationConfig $config, Crypto $crypto = null): PathValidation\PathValidationResult
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$validator = new PathValidator($crypto, $config, ...$this->_certificates);
+		return $validator->validate();
+	}
     
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_certificates);
-    }
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_certificates);
+	}
     
-    /**
-     * Get iterator for certificates.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_certificates);
-    }
+	/**
+	 * Get iterator for certificates.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_certificates);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/CertificationPath/PathValidation/PathValidationConfig.php 1 patch

Indentation +245 added lines, -245 removed lines patch added patch discarded remove patch

@@ -14,274 +14,274 @@
 block discarded – undo
  */
 class PathValidationConfig
 {
-    /**
-     * Maximum allowed certification path length.
-     *
-     * @var int $_maxLength
-     */
-    protected $_maxLength;
+	/**
+	 * Maximum allowed certification path length.
+	 *
+	 * @var int $_maxLength
+	 */
+	protected $_maxLength;
     
-    /**
-     * Reference time.
-     *
-     * @var \DateTimeImmutable $_dateTime
-     */
-    protected $_dateTime;
+	/**
+	 * Reference time.
+	 *
+	 * @var \DateTimeImmutable $_dateTime
+	 */
+	protected $_dateTime;
     
-    /**
-     * List of acceptable policy identifiers.
-     *
-     * @var string[] $_policySet
-     */
-    protected $_policySet;
+	/**
+	 * List of acceptable policy identifiers.
+	 *
+	 * @var string[] $_policySet
+	 */
+	protected $_policySet;
     
-    /**
-     * Trust anchor certificate.
-     *
-     * If not set, path validation uses the first certificate of the path.
-     *
-     * @var Certificate|null $_trustAnchor
-     */
-    protected $_trustAnchor;
+	/**
+	 * Trust anchor certificate.
+	 *
+	 * If not set, path validation uses the first certificate of the path.
+	 *
+	 * @var Certificate|null $_trustAnchor
+	 */
+	protected $_trustAnchor;
     
-    /**
-     * Whether policy mapping in inhibited.
-     *
-     * Setting this to true disallows policy mapping.
-     *
-     * @var bool $_policyMappingInhibit
-     */
-    protected $_policyMappingInhibit;
+	/**
+	 * Whether policy mapping in inhibited.
+	 *
+	 * Setting this to true disallows policy mapping.
+	 *
+	 * @var bool $_policyMappingInhibit
+	 */
+	protected $_policyMappingInhibit;
     
-    /**
-     * Whether the path must be valid for at least one policy in the
-     * initial policy set.
-     *
-     * @var bool $_explicitPolicy
-     */
-    protected $_explicitPolicy;
+	/**
+	 * Whether the path must be valid for at least one policy in the
+	 * initial policy set.
+	 *
+	 * @var bool $_explicitPolicy
+	 */
+	protected $_explicitPolicy;
     
-    /**
-     * Whether anyPolicy OID processing should be inhibited.
-     *
-     * Setting this to true disallows the usage of anyPolicy.
-     *
-     * @var bool $_anyPolicyInhibit
-     */
-    protected $_anyPolicyInhibit;
+	/**
+	 * Whether anyPolicy OID processing should be inhibited.
+	 *
+	 * Setting this to true disallows the usage of anyPolicy.
+	 *
+	 * @var bool $_anyPolicyInhibit
+	 */
+	protected $_anyPolicyInhibit;
     
-    /**
-     *
-     * @todo Implement
-     * @var mixed $_permittedSubtrees
-     */
-    protected $_permittedSubtrees;
+	/**
+	 *
+	 * @todo Implement
+	 * @var mixed $_permittedSubtrees
+	 */
+	protected $_permittedSubtrees;
     
-    /**
-     *
-     * @todo Implement
-     * @var mixed $_excludedSubtrees
-     */
-    protected $_excludedSubtrees;
+	/**
+	 *
+	 * @todo Implement
+	 * @var mixed $_excludedSubtrees
+	 */
+	protected $_excludedSubtrees;
     
-    /**
-     * Constructor.
-     *
-     * @param \DateTimeImmutable $dt Reference date and time
-     * @param int $max_length Maximum certification path length
-     */
-    public function __construct(\DateTimeImmutable $dt, int $max_length)
-    {
-        $this->_dateTime = $dt;
-        $this->_maxLength = (int) $max_length;
-        $this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
-        $this->_policyMappingInhibit = false;
-        $this->_explicitPolicy = false;
-        $this->_anyPolicyInhibit = false;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param \DateTimeImmutable $dt Reference date and time
+	 * @param int $max_length Maximum certification path length
+	 */
+	public function __construct(\DateTimeImmutable $dt, int $max_length)
+	{
+		$this->_dateTime = $dt;
+		$this->_maxLength = (int) $max_length;
+		$this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
+		$this->_policyMappingInhibit = false;
+		$this->_explicitPolicy = false;
+		$this->_anyPolicyInhibit = false;
+	}
     
-    /**
-     * Get default configuration.
-     *
-     * @return self
-     */
-    public static function defaultConfig(): self
-    {
-        return new self(new \DateTimeImmutable(), 3);
-    }
+	/**
+	 * Get default configuration.
+	 *
+	 * @return self
+	 */
+	public static function defaultConfig(): self
+	{
+		return new self(new \DateTimeImmutable(), 3);
+	}
     
-    /**
-     * Get self with maximum path length.
-     *
-     * @param int $length
-     * @return self
-     */
-    public function withMaxLength(int $length): self
-    {
-        $obj = clone $this;
-        $obj->_maxLength = $length;
-        return $obj;
-    }
+	/**
+	 * Get self with maximum path length.
+	 *
+	 * @param int $length
+	 * @return self
+	 */
+	public function withMaxLength(int $length): self
+	{
+		$obj = clone $this;
+		$obj->_maxLength = $length;
+		return $obj;
+	}
     
-    /**
-     * Get self with reference date and time.
-     *
-     * @param \DateTimeImmutable $dt
-     * @return self
-     */
-    public function withDateTime(\DateTimeImmutable $dt): self
-    {
-        $obj = clone $this;
-        $obj->_dateTime = $dt;
-        return $obj;
-    }
+	/**
+	 * Get self with reference date and time.
+	 *
+	 * @param \DateTimeImmutable $dt
+	 * @return self
+	 */
+	public function withDateTime(\DateTimeImmutable $dt): self
+	{
+		$obj = clone $this;
+		$obj->_dateTime = $dt;
+		return $obj;
+	}
     
-    /**
-     * Get self with trust anchor certificate.
-     *
-     * @param Certificate $ca
-     * @return self
-     */
-    public function withTrustAnchor(Certificate $ca): self
-    {
-        $obj = clone $this;
-        $obj->_trustAnchor = $ca;
-        return $obj;
-    }
+	/**
+	 * Get self with trust anchor certificate.
+	 *
+	 * @param Certificate $ca
+	 * @return self
+	 */
+	public function withTrustAnchor(Certificate $ca): self
+	{
+		$obj = clone $this;
+		$obj->_trustAnchor = $ca;
+		return $obj;
+	}
     
-    /**
-     * Get self with initial-policy-mapping-inhibit set.
-     *
-     * @param bool $flag
-     * @return self
-     */
-    public function withPolicyMappingInhibit(bool $flag): self
-    {
-        $obj = clone $this;
-        $obj->_policyMappingInhibit = $flag;
-        return $obj;
-    }
+	/**
+	 * Get self with initial-policy-mapping-inhibit set.
+	 *
+	 * @param bool $flag
+	 * @return self
+	 */
+	public function withPolicyMappingInhibit(bool $flag): self
+	{
+		$obj = clone $this;
+		$obj->_policyMappingInhibit = $flag;
+		return $obj;
+	}
     
-    /**
-     * Get self with initial-explicit-policy set.
-     *
-     * @param bool $flag
-     * @return self
-     */
-    public function withExplicitPolicy(bool $flag): self
-    {
-        $obj = clone $this;
-        $obj->_explicitPolicy = $flag;
-        return $obj;
-    }
+	/**
+	 * Get self with initial-explicit-policy set.
+	 *
+	 * @param bool $flag
+	 * @return self
+	 */
+	public function withExplicitPolicy(bool $flag): self
+	{
+		$obj = clone $this;
+		$obj->_explicitPolicy = $flag;
+		return $obj;
+	}
     
-    /**
-     * Get self with initial-any-policy-inhibit set.
-     *
-     * @param bool $flag
-     * @return self
-     */
-    public function withAnyPolicyInhibit(bool $flag): self
-    {
-        $obj = clone $this;
-        $obj->_anyPolicyInhibit = $flag;
-        return $obj;
-    }
+	/**
+	 * Get self with initial-any-policy-inhibit set.
+	 *
+	 * @param bool $flag
+	 * @return self
+	 */
+	public function withAnyPolicyInhibit(bool $flag): self
+	{
+		$obj = clone $this;
+		$obj->_anyPolicyInhibit = $flag;
+		return $obj;
+	}
     
-    /**
-     * Get self with user-initial-policy-set set to policy OIDs.
-     *
-     * @param string ...$policies List of policy OIDs
-     * @return self
-     */
-    public function withPolicySet(string ...$policies): self
-    {
-        $obj = clone $this;
-        $obj->_policySet = $policies;
-        return $obj;
-    }
+	/**
+	 * Get self with user-initial-policy-set set to policy OIDs.
+	 *
+	 * @param string ...$policies List of policy OIDs
+	 * @return self
+	 */
+	public function withPolicySet(string ...$policies): self
+	{
+		$obj = clone $this;
+		$obj->_policySet = $policies;
+		return $obj;
+	}
     
-    /**
-     * Get maximum certification path length.
-     *
-     * @return int
-     */
-    public function maxLength(): int
-    {
-        return $this->_maxLength;
-    }
+	/**
+	 * Get maximum certification path length.
+	 *
+	 * @return int
+	 */
+	public function maxLength(): int
+	{
+		return $this->_maxLength;
+	}
     
-    /**
-     * Get reference date and time.
-     *
-     * @return \DateTimeImmutable
-     */
-    public function dateTime(): \DateTimeImmutable
-    {
-        return $this->_dateTime;
-    }
+	/**
+	 * Get reference date and time.
+	 *
+	 * @return \DateTimeImmutable
+	 */
+	public function dateTime(): \DateTimeImmutable
+	{
+		return $this->_dateTime;
+	}
     
-    /**
-     * Get user-initial-policy-set.
-     *
-     * @return string[] Array of OID's
-     */
-    public function policySet(): array
-    {
-        return $this->_policySet;
-    }
+	/**
+	 * Get user-initial-policy-set.
+	 *
+	 * @return string[] Array of OID's
+	 */
+	public function policySet(): array
+	{
+		return $this->_policySet;
+	}
     
-    /**
-     * Check whether trust anchor certificate is set.
-     *
-     * @return bool
-     */
-    public function hasTrustAnchor(): bool
-    {
-        return isset($this->_trustAnchor);
-    }
+	/**
+	 * Check whether trust anchor certificate is set.
+	 *
+	 * @return bool
+	 */
+	public function hasTrustAnchor(): bool
+	{
+		return isset($this->_trustAnchor);
+	}
     
-    /**
-     * Get trust anchor certificate.
-     *
-     * @throws \LogicException
-     * @return Certificate
-     */
-    public function trustAnchor(): Certificate
-    {
-        if (!$this->hasTrustAnchor()) {
-            throw new \LogicException("No trust anchor.");
-        }
-        return $this->_trustAnchor;
-    }
+	/**
+	 * Get trust anchor certificate.
+	 *
+	 * @throws \LogicException
+	 * @return Certificate
+	 */
+	public function trustAnchor(): Certificate
+	{
+		if (!$this->hasTrustAnchor()) {
+			throw new \LogicException("No trust anchor.");
+		}
+		return $this->_trustAnchor;
+	}
     
-    /**
-     * Get initial-policy-mapping-inhibit.
-     *
-     * @return bool
-     */
-    public function policyMappingInhibit(): bool
-    {
-        return $this->_policyMappingInhibit;
-    }
+	/**
+	 * Get initial-policy-mapping-inhibit.
+	 *
+	 * @return bool
+	 */
+	public function policyMappingInhibit(): bool
+	{
+		return $this->_policyMappingInhibit;
+	}
     
-    /**
-     * Get initial-explicit-policy.
-     *
-     * @return bool
-     */
-    public function explicitPolicy(): bool
-    {
-        return $this->_explicitPolicy;
-    }
+	/**
+	 * Get initial-explicit-policy.
+	 *
+	 * @return bool
+	 */
+	public function explicitPolicy(): bool
+	{
+		return $this->_explicitPolicy;
+	}
     
-    /**
-     * Get initial-any-policy-inhibit.
-     *
-     * @return bool
-     */
-    public function anyPolicyInhibit(): bool
-    {
-        return $this->_anyPolicyInhibit;
-    }
+	/**
+	 * Get initial-any-policy-inhibit.
+	 *
+	 * @return bool
+	 */
+	public function anyPolicyInhibit(): bool
+	{
+		return $this->_anyPolicyInhibit;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/CertificationPath/PathValidation/ValidatorState.php 1 patch

Indentation +480 added lines, -480 removed lines patch added patch discarded remove patch

@@ -20,484 +20,484 @@
 block discarded – undo
  */
 class ValidatorState
 {
-    /**
-     * Length of the certification path (n).
-     *
-     * @var int $_pathLength
-     */
-    protected $_pathLength;
-    
-    /**
-     * Current index in the certification path in the range of 1..n (i).
-     *
-     * @var int $_index
-     */
-    protected $_index;
-    
-    /**
-     * Valid policy tree (valid_policy_tree).
-     *
-     * A tree of certificate policies with their optional qualifiers.
-     * Each of the leaves of the tree represents a valid policy at this stage in
-     * the certification path validation.
-     * Once the tree is set to NULL, policy processing ceases.
-     *
-     * @var PolicyTree|null $_validPolicyTree
-     */
-    protected $_validPolicyTree;
-    
-    /**
-     * Permitted subtrees (permitted_subtrees).
-     *
-     * A set of root names for each name type defining a set of subtrees within
-     * which all subject names in subsequent certificates in the certification
-     * path must fall.
-     *
-     * @var mixed $_permittedSubtrees
-     */
-    protected $_permittedSubtrees;
-    
-    /**
-     * Excluded subtrees (excluded_subtrees).
-     *
-     * A set of root names for each name type defining a set of subtrees within
-     * which no subject name in subsequent certificates in the certification
-     * path may fall.
-     *
-     * @var mixed $_excludedSubtrees
-     */
-    protected $_excludedSubtrees;
-    
-    /**
-     * Explicit policy (explicit_policy).
-     *
-     * An integer that indicates if a non-NULL valid_policy_tree is required.
-     *
-     * @var int $_explicitPolicy
-     */
-    protected $_explicitPolicy;
-    
-    /**
-     * Inhibit anyPolicy (inhibit_anyPolicy).
-     *
-     * An integer that indicates whether the anyPolicy policy identifier is
-     * considered a match.
-     *
-     * @var int $_inhibitAnyPolicy
-     */
-    protected $_inhibitAnyPolicy;
-    
-    /**
-     * Policy mapping (policy_mapping).
-     *
-     * An integer that indicates if policy mapping is permitted.
-     *
-     * @var int $_policyMapping
-     */
-    protected $_policyMapping;
-    
-    /**
-     * Working public key algorithm (working_public_key_algorithm).
-     *
-     * The digital signature algorithm used to verify the signature of a
-     * certificate.
-     *
-     * @var AlgorithmIdentifierType $_workingPublicKeyAlgorithm
-     */
-    protected $_workingPublicKeyAlgorithm;
-    
-    /**
-     * Working public key (working_public_key).
-     *
-     * The public key used to verify the signature of a certificate.
-     *
-     * @var PublicKeyInfo $_workingPublicKey
-     */
-    protected $_workingPublicKey;
-    
-    /**
-     * Working public key parameters (working_public_key_parameters).
-     *
-     * Parameters associated with the current public key that may be required to
-     * verify a signature.
-     *
-     * @var Element|null $_workingPublicKeyParameters
-     */
-    protected $_workingPublicKeyParameters;
-    
-    /**
-     * Working issuer name (working_issuer_name).
-     *
-     * The issuer distinguished name expected in the next certificate in the
-     * chain.
-     *
-     * @var Name $_workingIssuerName
-     */
-    protected $_workingIssuerName;
-    
-    /**
-     * Maximum certification path length (max_path_length).
-     *
-     * @var int $_maxPathLength
-     */
-    protected $_maxPathLength;
-    
-    /**
-     * Constructor.
-     */
-    protected function __construct()
-    {
-    }
-    
-    /**
-     * Initialize variables according to RFC 5280 6.1.2.
-     *
-     * @link https://tools.ietf.org/html/rfc5280#section-6.1.2
-     * @param PathValidationConfig $config
-     * @param Certificate $trust_anchor Trust anchor certificate
-     * @param int $n Number of certificates in the certification path
-     * @return self
-     */
-    public static function initialize(PathValidationConfig $config,
-        Certificate $trust_anchor, $n)
-    {
-        $state = new self();
-        $state->_pathLength = $n;
-        $state->_index = 1;
-        $state->_validPolicyTree = new PolicyTree(PolicyNode::anyPolicyNode());
-        $state->_permittedSubtrees = null;
-        $state->_excludedSubtrees = null;
-        $state->_explicitPolicy = $config->explicitPolicy() ? 0 : $n + 1;
-        $state->_inhibitAnyPolicy = $config->anyPolicyInhibit() ? 0 : $n + 1;
-        $state->_policyMapping = $config->policyMappingInhibit() ? 0 : $n + 1;
-        $state->_workingPublicKeyAlgorithm = $trust_anchor->signatureAlgorithm();
-        $tbsCert = $trust_anchor->tbsCertificate();
-        $state->_workingPublicKey = $tbsCert->subjectPublicKeyInfo();
-        $state->_workingPublicKeyParameters = self::getAlgorithmParameters(
-            $state->_workingPublicKey->algorithmIdentifier());
-        $state->_workingIssuerName = $tbsCert->issuer();
-        $state->_maxPathLength = $config->maxLength();
-        return $state;
-    }
-    
-    /**
-     * Get self with current certification path index set.
-     *
-     * @param int $index
-     * @return self
-     */
-    public function withIndex(int $index): self
-    {
-        $state = clone $this;
-        $state->_index = $index;
-        return $state;
-    }
-    
-    /**
-     * Get self with valid_policy_tree.
-     *
-     * @param PolicyTree $policy_tree
-     * @return self
-     */
-    public function withValidPolicyTree(PolicyTree $policy_tree): self
-    {
-        $state = clone $this;
-        $state->_validPolicyTree = $policy_tree;
-        return $state;
-    }
-    
-    /**
-     * Get self with valid_policy_tree set to null.
-     *
-     * @return self
-     */
-    public function withoutValidPolicyTree(): self
-    {
-        $state = clone $this;
-        $state->_validPolicyTree = null;
-        return $state;
-    }
-    
-    /**
-     * Get self with explicit_policy.
-     *
-     * @param int $num
-     * @return self
-     */
-    public function withExplicitPolicy(int $num): self
-    {
-        $state = clone $this;
-        $state->_explicitPolicy = $num;
-        return $state;
-    }
-    
-    /**
-     * Get self with inhibit_anyPolicy.
-     *
-     * @param int $num
-     * @return self
-     */
-    public function withInhibitAnyPolicy(int $num): self
-    {
-        $state = clone $this;
-        $state->_inhibitAnyPolicy = $num;
-        return $state;
-    }
-    
-    /**
-     * Get self with policy_mapping.
-     *
-     * @param int $num
-     * @return self
-     */
-    public function withPolicyMapping(int $num): self
-    {
-        $state = clone $this;
-        $state->_policyMapping = $num;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_public_key_algorithm.
-     *
-     * @param AlgorithmIdentifierType $algo
-     * @return self
-     */
-    public function withWorkingPublicKeyAlgorithm(AlgorithmIdentifierType $algo): self
-    {
-        $state = clone $this;
-        $state->_workingPublicKeyAlgorithm = $algo;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_public_key.
-     *
-     * @param PublicKeyInfo $pubkey_info
-     * @return self
-     */
-    public function withWorkingPublicKey(PublicKeyInfo $pubkey_info): self
-    {
-        $state = clone $this;
-        $state->_workingPublicKey = $pubkey_info;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_public_key_parameters.
-     *
-     * @param Element|null $params
-     * @return self
-     */
-    public function withWorkingPublicKeyParameters(Element $params = null): self
-    {
-        $state = clone $this;
-        $state->_workingPublicKeyParameters = $params;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_issuer_name.
-     *
-     * @param Name $issuer
-     * @return self
-     */
-    public function withWorkingIssuerName(Name $issuer): self
-    {
-        $state = clone $this;
-        $state->_workingIssuerName = $issuer;
-        return $state;
-    }
-    
-    /**
-     * Get self with max_path_length.
-     *
-     * @param int $length
-     * @return self
-     */
-    public function withMaxPathLength(int $length): self
-    {
-        $state = clone $this;
-        $state->_maxPathLength = $length;
-        return $state;
-    }
-    
-    /**
-     * Get the certification path length (n).
-     *
-     * @return int
-     */
-    public function pathLength(): int
-    {
-        return $this->_pathLength;
-    }
-    
-    /**
-     * Get the current index in certification path in the range of 1..n.
-     *
-     * @return int
-     */
-    public function index(): int
-    {
-        return $this->_index;
-    }
-    
-    /**
-     * Check whether valid_policy_tree is present.
-     *
-     * @return bool
-     */
-    public function hasValidPolicyTree(): bool
-    {
-        return isset($this->_validPolicyTree);
-    }
-    
-    /**
-     * Get valid_policy_tree.
-     *
-     * @throws \LogicException
-     * @return PolicyTree
-     */
-    public function validPolicyTree(): PolicyTree
-    {
-        if (!$this->hasValidPolicyTree()) {
-            throw new \LogicException("valid_policy_tree not set.");
-        }
-        return $this->_validPolicyTree;
-    }
-    
-    /**
-     * Get permitted_subtrees.
-     *
-     * @return mixed
-     */
-    public function permittedSubtrees()
-    {
-        return $this->_permittedSubtrees;
-    }
-    
-    /**
-     * Get excluded_subtrees.
-     *
-     * @return mixed
-     */
-    public function excludedSubtrees()
-    {
-        return $this->_excludedSubtrees;
-    }
-    
-    /**
-     * Get explicit_policy.
-     *
-     * @return int
-     */
-    public function explicitPolicy(): int
-    {
-        return $this->_explicitPolicy;
-    }
-    
-    /**
-     * Get inhibit_anyPolicy.
-     *
-     * @return int
-     */
-    public function inhibitAnyPolicy(): int
-    {
-        return $this->_inhibitAnyPolicy;
-    }
-    
-    /**
-     * Get policy_mapping.
-     *
-     * @return int
-     */
-    public function policyMapping(): int
-    {
-        return $this->_policyMapping;
-    }
-    
-    /**
-     * Get working_public_key_algorithm.
-     *
-     * @return AlgorithmIdentifierType
-     */
-    public function workingPublicKeyAlgorithm(): AlgorithmIdentifierType
-    {
-        return $this->_workingPublicKeyAlgorithm;
-    }
-    
-    /**
-     * Get working_public_key.
-     *
-     * @return PublicKeyInfo
-     */
-    public function workingPublicKey(): PublicKeyInfo
-    {
-        return $this->_workingPublicKey;
-    }
-    
-    /**
-     * Get working_public_key_parameters.
-     *
-     * @return Element|null
-     */
-    public function workingPublicKeyParameters()
-    {
-        return $this->_workingPublicKeyParameters;
-    }
-    
-    /**
-     * Get working_issuer_name.
-     *
-     * @return Name
-     */
-    public function workingIssuerName(): Name
-    {
-        return $this->_workingIssuerName;
-    }
-    
-    /**
-     * Get maximum certification path length.
-     *
-     * @return int
-     */
-    public function maxPathLength(): int
-    {
-        return $this->_maxPathLength;
-    }
-    
-    /**
-     * Check whether processing the final certificate of the certification path.
-     *
-     * @return bool
-     */
-    public function isFinal(): bool
-    {
-        return $this->_index == $this->_pathLength;
-    }
-    
-    /**
-     * Get the path validation result.
-     *
-     * @param Certificate[] $certificates Certificates in a certification path
-     * @return PathValidationResult
-     */
-    public function getResult(array $certificates): PathValidationResult
-    {
-        return new PathValidationResult($certificates, $this->_validPolicyTree,
-            $this->_workingPublicKey, $this->_workingPublicKeyAlgorithm,
-            $this->_workingPublicKeyParameters);
-    }
-    
-    /**
-     * Get ASN.1 parameters from algorithm identifier.
-     *
-     * @param AlgorithmIdentifierType $algo
-     * @return Element|null ASN.1 element or null if parameters are omitted
-     */
-    public static function getAlgorithmParameters(AlgorithmIdentifierType $algo)
-    {
-        $seq = $algo->toASN1();
-        return $seq->has(1) ? $seq->at(1)->asElement() : null;
-    }
+	/**
+	 * Length of the certification path (n).
+	 *
+	 * @var int $_pathLength
+	 */
+	protected $_pathLength;
+    
+	/**
+	 * Current index in the certification path in the range of 1..n (i).
+	 *
+	 * @var int $_index
+	 */
+	protected $_index;
+    
+	/**
+	 * Valid policy tree (valid_policy_tree).
+	 *
+	 * A tree of certificate policies with their optional qualifiers.
+	 * Each of the leaves of the tree represents a valid policy at this stage in
+	 * the certification path validation.
+	 * Once the tree is set to NULL, policy processing ceases.
+	 *
+	 * @var PolicyTree|null $_validPolicyTree
+	 */
+	protected $_validPolicyTree;
+    
+	/**
+	 * Permitted subtrees (permitted_subtrees).
+	 *
+	 * A set of root names for each name type defining a set of subtrees within
+	 * which all subject names in subsequent certificates in the certification
+	 * path must fall.
+	 *
+	 * @var mixed $_permittedSubtrees
+	 */
+	protected $_permittedSubtrees;
+    
+	/**
+	 * Excluded subtrees (excluded_subtrees).
+	 *
+	 * A set of root names for each name type defining a set of subtrees within
+	 * which no subject name in subsequent certificates in the certification
+	 * path may fall.
+	 *
+	 * @var mixed $_excludedSubtrees
+	 */
+	protected $_excludedSubtrees;
+    
+	/**
+	 * Explicit policy (explicit_policy).
+	 *
+	 * An integer that indicates if a non-NULL valid_policy_tree is required.
+	 *
+	 * @var int $_explicitPolicy
+	 */
+	protected $_explicitPolicy;
+    
+	/**
+	 * Inhibit anyPolicy (inhibit_anyPolicy).
+	 *
+	 * An integer that indicates whether the anyPolicy policy identifier is
+	 * considered a match.
+	 *
+	 * @var int $_inhibitAnyPolicy
+	 */
+	protected $_inhibitAnyPolicy;
+    
+	/**
+	 * Policy mapping (policy_mapping).
+	 *
+	 * An integer that indicates if policy mapping is permitted.
+	 *
+	 * @var int $_policyMapping
+	 */
+	protected $_policyMapping;
+    
+	/**
+	 * Working public key algorithm (working_public_key_algorithm).
+	 *
+	 * The digital signature algorithm used to verify the signature of a
+	 * certificate.
+	 *
+	 * @var AlgorithmIdentifierType $_workingPublicKeyAlgorithm
+	 */
+	protected $_workingPublicKeyAlgorithm;
+    
+	/**
+	 * Working public key (working_public_key).
+	 *
+	 * The public key used to verify the signature of a certificate.
+	 *
+	 * @var PublicKeyInfo $_workingPublicKey
+	 */
+	protected $_workingPublicKey;
+    
+	/**
+	 * Working public key parameters (working_public_key_parameters).
+	 *
+	 * Parameters associated with the current public key that may be required to
+	 * verify a signature.
+	 *
+	 * @var Element|null $_workingPublicKeyParameters
+	 */
+	protected $_workingPublicKeyParameters;
+    
+	/**
+	 * Working issuer name (working_issuer_name).
+	 *
+	 * The issuer distinguished name expected in the next certificate in the
+	 * chain.
+	 *
+	 * @var Name $_workingIssuerName
+	 */
+	protected $_workingIssuerName;
+    
+	/**
+	 * Maximum certification path length (max_path_length).
+	 *
+	 * @var int $_maxPathLength
+	 */
+	protected $_maxPathLength;
+    
+	/**
+	 * Constructor.
+	 */
+	protected function __construct()
+	{
+	}
+    
+	/**
+	 * Initialize variables according to RFC 5280 6.1.2.
+	 *
+	 * @link https://tools.ietf.org/html/rfc5280#section-6.1.2
+	 * @param PathValidationConfig $config
+	 * @param Certificate $trust_anchor Trust anchor certificate
+	 * @param int $n Number of certificates in the certification path
+	 * @return self
+	 */
+	public static function initialize(PathValidationConfig $config,
+		Certificate $trust_anchor, $n)
+	{
+		$state = new self();
+		$state->_pathLength = $n;
+		$state->_index = 1;
+		$state->_validPolicyTree = new PolicyTree(PolicyNode::anyPolicyNode());
+		$state->_permittedSubtrees = null;
+		$state->_excludedSubtrees = null;
+		$state->_explicitPolicy = $config->explicitPolicy() ? 0 : $n + 1;
+		$state->_inhibitAnyPolicy = $config->anyPolicyInhibit() ? 0 : $n + 1;
+		$state->_policyMapping = $config->policyMappingInhibit() ? 0 : $n + 1;
+		$state->_workingPublicKeyAlgorithm = $trust_anchor->signatureAlgorithm();
+		$tbsCert = $trust_anchor->tbsCertificate();
+		$state->_workingPublicKey = $tbsCert->subjectPublicKeyInfo();
+		$state->_workingPublicKeyParameters = self::getAlgorithmParameters(
+			$state->_workingPublicKey->algorithmIdentifier());
+		$state->_workingIssuerName = $tbsCert->issuer();
+		$state->_maxPathLength = $config->maxLength();
+		return $state;
+	}
+    
+	/**
+	 * Get self with current certification path index set.
+	 *
+	 * @param int $index
+	 * @return self
+	 */
+	public function withIndex(int $index): self
+	{
+		$state = clone $this;
+		$state->_index = $index;
+		return $state;
+	}
+    
+	/**
+	 * Get self with valid_policy_tree.
+	 *
+	 * @param PolicyTree $policy_tree
+	 * @return self
+	 */
+	public function withValidPolicyTree(PolicyTree $policy_tree): self
+	{
+		$state = clone $this;
+		$state->_validPolicyTree = $policy_tree;
+		return $state;
+	}
+    
+	/**
+	 * Get self with valid_policy_tree set to null.
+	 *
+	 * @return self
+	 */
+	public function withoutValidPolicyTree(): self
+	{
+		$state = clone $this;
+		$state->_validPolicyTree = null;
+		return $state;
+	}
+    
+	/**
+	 * Get self with explicit_policy.
+	 *
+	 * @param int $num
+	 * @return self
+	 */
+	public function withExplicitPolicy(int $num): self
+	{
+		$state = clone $this;
+		$state->_explicitPolicy = $num;
+		return $state;
+	}
+    
+	/**
+	 * Get self with inhibit_anyPolicy.
+	 *
+	 * @param int $num
+	 * @return self
+	 */
+	public function withInhibitAnyPolicy(int $num): self
+	{
+		$state = clone $this;
+		$state->_inhibitAnyPolicy = $num;
+		return $state;
+	}
+    
+	/**
+	 * Get self with policy_mapping.
+	 *
+	 * @param int $num
+	 * @return self
+	 */
+	public function withPolicyMapping(int $num): self
+	{
+		$state = clone $this;
+		$state->_policyMapping = $num;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_public_key_algorithm.
+	 *
+	 * @param AlgorithmIdentifierType $algo
+	 * @return self
+	 */
+	public function withWorkingPublicKeyAlgorithm(AlgorithmIdentifierType $algo): self
+	{
+		$state = clone $this;
+		$state->_workingPublicKeyAlgorithm = $algo;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_public_key.
+	 *
+	 * @param PublicKeyInfo $pubkey_info
+	 * @return self
+	 */
+	public function withWorkingPublicKey(PublicKeyInfo $pubkey_info): self
+	{
+		$state = clone $this;
+		$state->_workingPublicKey = $pubkey_info;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_public_key_parameters.
+	 *
+	 * @param Element|null $params
+	 * @return self
+	 */
+	public function withWorkingPublicKeyParameters(Element $params = null): self
+	{
+		$state = clone $this;
+		$state->_workingPublicKeyParameters = $params;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_issuer_name.
+	 *
+	 * @param Name $issuer
+	 * @return self
+	 */
+	public function withWorkingIssuerName(Name $issuer): self
+	{
+		$state = clone $this;
+		$state->_workingIssuerName = $issuer;
+		return $state;
+	}
+    
+	/**
+	 * Get self with max_path_length.
+	 *
+	 * @param int $length
+	 * @return self
+	 */
+	public function withMaxPathLength(int $length): self
+	{
+		$state = clone $this;
+		$state->_maxPathLength = $length;
+		return $state;
+	}
+    
+	/**
+	 * Get the certification path length (n).
+	 *
+	 * @return int
+	 */
+	public function pathLength(): int
+	{
+		return $this->_pathLength;
+	}
+    
+	/**
+	 * Get the current index in certification path in the range of 1..n.
+	 *
+	 * @return int
+	 */
+	public function index(): int
+	{
+		return $this->_index;
+	}
+    
+	/**
+	 * Check whether valid_policy_tree is present.
+	 *
+	 * @return bool
+	 */
+	public function hasValidPolicyTree(): bool
+	{
+		return isset($this->_validPolicyTree);
+	}
+    
+	/**
+	 * Get valid_policy_tree.
+	 *
+	 * @throws \LogicException
+	 * @return PolicyTree
+	 */
+	public function validPolicyTree(): PolicyTree
+	{
+		if (!$this->hasValidPolicyTree()) {
+			throw new \LogicException("valid_policy_tree not set.");
+		}
+		return $this->_validPolicyTree;
+	}
+    
+	/**
+	 * Get permitted_subtrees.
+	 *
+	 * @return mixed
+	 */
+	public function permittedSubtrees()
+	{
+		return $this->_permittedSubtrees;
+	}
+    
+	/**
+	 * Get excluded_subtrees.
+	 *
+	 * @return mixed
+	 */
+	public function excludedSubtrees()
+	{
+		return $this->_excludedSubtrees;
+	}
+    
+	/**
+	 * Get explicit_policy.
+	 *
+	 * @return int
+	 */
+	public function explicitPolicy(): int
+	{
+		return $this->_explicitPolicy;
+	}
+    
+	/**
+	 * Get inhibit_anyPolicy.
+	 *
+	 * @return int
+	 */
+	public function inhibitAnyPolicy(): int
+	{
+		return $this->_inhibitAnyPolicy;
+	}
+    
+	/**
+	 * Get policy_mapping.
+	 *
+	 * @return int
+	 */
+	public function policyMapping(): int
+	{
+		return $this->_policyMapping;
+	}
+    
+	/**
+	 * Get working_public_key_algorithm.
+	 *
+	 * @return AlgorithmIdentifierType
+	 */
+	public function workingPublicKeyAlgorithm(): AlgorithmIdentifierType
+	{
+		return $this->_workingPublicKeyAlgorithm;
+	}
+    
+	/**
+	 * Get working_public_key.
+	 *
+	 * @return PublicKeyInfo
+	 */
+	public function workingPublicKey(): PublicKeyInfo
+	{
+		return $this->_workingPublicKey;
+	}
+    
+	/**
+	 * Get working_public_key_parameters.
+	 *
+	 * @return Element|null
+	 */
+	public function workingPublicKeyParameters()
+	{
+		return $this->_workingPublicKeyParameters;
+	}
+    
+	/**
+	 * Get working_issuer_name.
+	 *
+	 * @return Name
+	 */
+	public function workingIssuerName(): Name
+	{
+		return $this->_workingIssuerName;
+	}
+    
+	/**
+	 * Get maximum certification path length.
+	 *
+	 * @return int
+	 */
+	public function maxPathLength(): int
+	{
+		return $this->_maxPathLength;
+	}
+    
+	/**
+	 * Check whether processing the final certificate of the certification path.
+	 *
+	 * @return bool
+	 */
+	public function isFinal(): bool
+	{
+		return $this->_index == $this->_pathLength;
+	}
+    
+	/**
+	 * Get the path validation result.
+	 *
+	 * @param Certificate[] $certificates Certificates in a certification path
+	 * @return PathValidationResult
+	 */
+	public function getResult(array $certificates): PathValidationResult
+	{
+		return new PathValidationResult($certificates, $this->_validPolicyTree,
+			$this->_workingPublicKey, $this->_workingPublicKeyAlgorithm,
+			$this->_workingPublicKeyParameters);
+	}
+    
+	/**
+	 * Get ASN.1 parameters from algorithm identifier.
+	 *
+	 * @param AlgorithmIdentifierType $algo
+	 * @return Element|null ASN.1 element or null if parameters are omitted
+	 */
+	public static function getAlgorithmParameters(AlgorithmIdentifierType $algo)
+	{
+		$seq = $algo->toASN1();
+		return $seq->has(1) ? $seq->at(1)->asElement() : null;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/AttributeCertificate/AttributeCertificateInfo.php 1 patch

Indentation +431 added lines, -431 removed lines patch added patch discarded remove patch

@@ -22,435 +22,435 @@
 block discarded – undo
  */
 class AttributeCertificateInfo
 {
-    const VERSION_2 = 1;
-    
-    /**
-     * AC version.
-     *
-     * @var int $_version
-     */
-    protected $_version;
-    
-    /**
-     * AC holder.
-     *
-     * @var Holder $_holder
-     */
-    protected $_holder;
-    
-    /**
-     * AC issuer.
-     *
-     * @var AttCertIssuer $_issuer
-     */
-    protected $_issuer;
-    
-    /**
-     * Signature algorithm identifier.
-     *
-     * @var SignatureAlgorithmIdentifier $_signature
-     */
-    protected $_signature;
-    
-    /**
-     * AC serial number.
-     *
-     * @var string $_serialNumber
-     */
-    protected $_serialNumber;
-    
-    /**
-     * Validity period.
-     *
-     * @var AttCertValidityPeriod $_attrCertValidityPeriod
-     */
-    protected $_attrCertValidityPeriod;
-    
-    /**
-     * Attributes.
-     *
-     * @var Attributes $_attributes
-     */
-    protected $_attributes;
-    
-    /**
-     * Issuer unique identifier.
-     *
-     * @var UniqueIdentifier|null $_issuerUniqueID
-     */
-    protected $_issuerUniqueID;
-    
-    /**
-     * Extensions.
-     *
-     * @var Extensions $_extensions
-     */
-    protected $_extensions;
-    
-    /**
-     * Constructor.
-     *
-     * @param Holder $holder AC holder
-     * @param AttCertIssuer $issuer AC issuer
-     * @param AttCertValidityPeriod $validity Validity
-     * @param Attributes $attribs Attributes
-     */
-    public function __construct(Holder $holder, AttCertIssuer $issuer,
-        AttCertValidityPeriod $validity, Attributes $attribs)
-    {
-        $this->_version = self::VERSION_2;
-        $this->_holder = $holder;
-        $this->_issuer = $issuer;
-        $this->_attrCertValidityPeriod = $validity;
-        $this->_attributes = $attribs;
-        $this->_extensions = new Extensions();
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $version = $seq->at(0)
-            ->asInteger()
-            ->intNumber();
-        if ($version != self::VERSION_2) {
-            throw new \UnexpectedValueException("Version must be 2.");
-        }
-        $holder = Holder::fromASN1($seq->at(1)->asSequence());
-        $issuer = AttCertIssuer::fromASN1($seq->at(2));
-        $signature = AlgorithmIdentifier::fromASN1($seq->at(3)->asSequence());
-        if (!$signature instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                "Unsupported signature algorithm " . $signature->oid() . ".");
-        }
-        $serial = $seq->at(4)
-            ->asInteger()
-            ->number();
-        $validity = AttCertValidityPeriod::fromASN1($seq->at(5)->asSequence());
-        $attribs = Attributes::fromASN1($seq->at(6)->asSequence());
-        $obj = new self($holder, $issuer, $validity, $attribs);
-        $obj->_signature = $signature;
-        $obj->_serialNumber = $serial;
-        $idx = 7;
-        if ($seq->has($idx, Element::TYPE_BIT_STRING)) {
-            $obj->_issuerUniqueID = UniqueIdentifier::fromASN1(
-                $seq->at($idx++)->asBitString());
-        }
-        if ($seq->has($idx, Element::TYPE_SEQUENCE)) {
-            $obj->_extensions = Extensions::fromASN1(
-                $seq->at($idx++)->asSequence());
-        }
-        return $obj;
-    }
-    
-    /**
-     * Get self with holder.
-     *
-     * @param Holder $holder
-     * @return self
-     */
-    public function withHolder(Holder $holder): self
-    {
-        $obj = clone $this;
-        $obj->_holder = $holder;
-        return $obj;
-    }
-    
-    /**
-     * Get self with issuer.
-     *
-     * @param AttCertIssuer $issuer
-     * @return self
-     */
-    public function withIssuer(AttCertIssuer $issuer): self
-    {
-        $obj = clone $this;
-        $obj->_issuer = $issuer;
-        return $obj;
-    }
-    
-    /**
-     * Get self with signature algorithm identifier.
-     *
-     * @param SignatureAlgorithmIdentifier $algo
-     * @return self
-     */
-    public function withSignature(SignatureAlgorithmIdentifier $algo): self
-    {
-        $obj = clone $this;
-        $obj->_signature = $algo;
-        return $obj;
-    }
-    
-    /**
-     * Get self with serial number.
-     *
-     * @param int|string $serial
-     * @return self
-     */
-    public function withSerialNumber($serial): self
-    {
-        $obj = clone $this;
-        $obj->_serialNumber = strval($serial);
-        return $obj;
-    }
-    
-    /**
-     * Get self with random positive serial number.
-     *
-     * @param int $size Number of random bytes
-     * @return self
-     */
-    public function withRandomSerialNumber(int $size = 16): self
-    {
-        // ensure that first byte is always non-zero and having first bit unset
-        $num = gmp_init(mt_rand(1, 0x7f), 10);
-        for ($i = 1; $i < $size; ++$i) {
-            $num <<= 8;
-            $num += mt_rand(0, 0xff);
-        }
-        return $this->withSerialNumber(gmp_strval($num, 10));
-    }
-    
-    /**
-     * Get self with validity period.
-     *
-     * @param AttCertValidityPeriod $validity
-     * @return self
-     */
-    public function withValidity(AttCertValidityPeriod $validity): self
-    {
-        $obj = clone $this;
-        $obj->_attrCertValidityPeriod = $validity;
-        return $obj;
-    }
-    
-    /**
-     * Get self with attributes.
-     *
-     * @param Attributes $attribs
-     * @return self
-     */
-    public function withAttributes(Attributes $attribs): self
-    {
-        $obj = clone $this;
-        $obj->_attributes = $attribs;
-        return $obj;
-    }
-    
-    /**
-     * Get self with issuer unique identifier.
-     *
-     * @param UniqueIdentifier $uid
-     * @return self
-     */
-    public function withIssuerUniqueID(UniqueIdentifier $uid): self
-    {
-        $obj = clone $this;
-        $obj->_issuerUniqueID = $uid;
-        return $obj;
-    }
-    
-    /**
-     * Get self with extensions.
-     *
-     * @param Extensions $extensions
-     * @return self
-     */
-    public function withExtensions(Extensions $extensions): self
-    {
-        $obj = clone $this;
-        $obj->_extensions = $extensions;
-        return $obj;
-    }
-    
-    /**
-     * Get self with extensions added.
-     *
-     * @param Extension ...$exts One or more Extension objects
-     * @return self
-     */
-    public function withAdditionalExtensions(Extension ...$exts): self
-    {
-        $obj = clone $this;
-        $obj->_extensions = $obj->_extensions->withExtensions(...$exts);
-        return $obj;
-    }
-    
-    /**
-     * Get version.
-     *
-     * @return int
-     */
-    public function version(): int
-    {
-        return $this->_version;
-    }
-    
-    /**
-     * Get AC holder.
-     *
-     * @return Holder
-     */
-    public function holder(): Holder
-    {
-        return $this->_holder;
-    }
-    
-    /**
-     * Get AC issuer.
-     *
-     * @return AttCertIssuer
-     */
-    public function issuer(): AttCertIssuer
-    {
-        return $this->_issuer;
-    }
-    
-    /**
-     * Check whether signature is set.
-     *
-     * @return bool
-     */
-    public function hasSignature(): bool
-    {
-        return isset($this->_signature);
-    }
-    
-    /**
-     * Get signature algorithm identifier.
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signature(): SignatureAlgorithmIdentifier
-    {
-        if (!$this->hasSignature()) {
-            throw new \LogicException("signature not set.");
-        }
-        return $this->_signature;
-    }
-    
-    /**
-     * Check whether serial number is present.
-     *
-     * @return bool
-     */
-    public function hasSerialNumber(): bool
-    {
-        return isset($this->_serialNumber);
-    }
-    
-    /**
-     * Get AC serial number.
-     *
-     * @return string
-     */
-    public function serialNumber(): string
-    {
-        if (!$this->hasSerialNumber()) {
-            throw new \LogicException("serialNumber not set.");
-        }
-        return $this->_serialNumber;
-    }
-    
-    /**
-     * Get validity period.
-     *
-     * @return AttCertValidityPeriod
-     */
-    public function validityPeriod(): AttCertValidityPeriod
-    {
-        return $this->_attrCertValidityPeriod;
-    }
-    
-    /**
-     * Get attributes.
-     *
-     * @return Attributes
-     */
-    public function attributes(): Attributes
-    {
-        return $this->_attributes;
-    }
-    
-    /**
-     * Check whether issuer unique identifier is present.
-     *
-     * @return bool
-     */
-    public function hasIssuerUniqueID(): bool
-    {
-        return isset($this->_issuerUniqueID);
-    }
-    
-    /**
-     * Get issuer unique identifier.
-     *
-     * @return UniqueIdentifier
-     */
-    public function issuerUniqueID(): UniqueIdentifier
-    {
-        if (!$this->hasIssuerUniqueID()) {
-            throw new \LogicException("issuerUniqueID not set.");
-        }
-        return $this->_issuerUniqueID;
-    }
-    
-    /**
-     * Get extensions.
-     *
-     * @return Extensions
-     */
-    public function extensions(): Extensions
-    {
-        return $this->_extensions;
-    }
-    
-    /**
-     * Get ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array(new Integer($this->_version), $this->_holder->toASN1(),
-            $this->_issuer->toASN1(), $this->signature()->toASN1(),
-            new Integer($this->serialNumber()),
-            $this->_attrCertValidityPeriod->toASN1(),
-            $this->_attributes->toASN1());
-        if (isset($this->_issuerUniqueID)) {
-            $elements[] = $this->_issuerUniqueID->toASN1();
-        }
-        if (count($this->_extensions)) {
-            $elements[] = $this->_extensions->toASN1();
-        }
-        return new Sequence(...$elements);
-    }
-    
-    /**
-     * Create signed attribute certificate.
-     *
-     * @param SignatureAlgorithmIdentifier $algo Signature algorithm
-     * @param PrivateKeyInfo $privkey_info Private key
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @return AttributeCertificate
-     */
-    public function sign(SignatureAlgorithmIdentifier $algo,
-        PrivateKeyInfo $privkey_info, Crypto $crypto = null): AttributeCertificate
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $aci = clone $this;
-        if (!isset($aci->_serialNumber)) {
-            $aci->_serialNumber = "0";
-        }
-        $aci->_signature = $algo;
-        $data = $aci->toASN1()->toDER();
-        $signature = $crypto->sign($data, $privkey_info, $algo);
-        return new AttributeCertificate($aci, $algo, $signature);
-    }
+	const VERSION_2 = 1;
+    
+	/**
+	 * AC version.
+	 *
+	 * @var int $_version
+	 */
+	protected $_version;
+    
+	/**
+	 * AC holder.
+	 *
+	 * @var Holder $_holder
+	 */
+	protected $_holder;
+    
+	/**
+	 * AC issuer.
+	 *
+	 * @var AttCertIssuer $_issuer
+	 */
+	protected $_issuer;
+    
+	/**
+	 * Signature algorithm identifier.
+	 *
+	 * @var SignatureAlgorithmIdentifier $_signature
+	 */
+	protected $_signature;
+    
+	/**
+	 * AC serial number.
+	 *
+	 * @var string $_serialNumber
+	 */
+	protected $_serialNumber;
+    
+	/**
+	 * Validity period.
+	 *
+	 * @var AttCertValidityPeriod $_attrCertValidityPeriod
+	 */
+	protected $_attrCertValidityPeriod;
+    
+	/**
+	 * Attributes.
+	 *
+	 * @var Attributes $_attributes
+	 */
+	protected $_attributes;
+    
+	/**
+	 * Issuer unique identifier.
+	 *
+	 * @var UniqueIdentifier|null $_issuerUniqueID
+	 */
+	protected $_issuerUniqueID;
+    
+	/**
+	 * Extensions.
+	 *
+	 * @var Extensions $_extensions
+	 */
+	protected $_extensions;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Holder $holder AC holder
+	 * @param AttCertIssuer $issuer AC issuer
+	 * @param AttCertValidityPeriod $validity Validity
+	 * @param Attributes $attribs Attributes
+	 */
+	public function __construct(Holder $holder, AttCertIssuer $issuer,
+		AttCertValidityPeriod $validity, Attributes $attribs)
+	{
+		$this->_version = self::VERSION_2;
+		$this->_holder = $holder;
+		$this->_issuer = $issuer;
+		$this->_attrCertValidityPeriod = $validity;
+		$this->_attributes = $attribs;
+		$this->_extensions = new Extensions();
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$version = $seq->at(0)
+			->asInteger()
+			->intNumber();
+		if ($version != self::VERSION_2) {
+			throw new \UnexpectedValueException("Version must be 2.");
+		}
+		$holder = Holder::fromASN1($seq->at(1)->asSequence());
+		$issuer = AttCertIssuer::fromASN1($seq->at(2));
+		$signature = AlgorithmIdentifier::fromASN1($seq->at(3)->asSequence());
+		if (!$signature instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				"Unsupported signature algorithm " . $signature->oid() . ".");
+		}
+		$serial = $seq->at(4)
+			->asInteger()
+			->number();
+		$validity = AttCertValidityPeriod::fromASN1($seq->at(5)->asSequence());
+		$attribs = Attributes::fromASN1($seq->at(6)->asSequence());
+		$obj = new self($holder, $issuer, $validity, $attribs);
+		$obj->_signature = $signature;
+		$obj->_serialNumber = $serial;
+		$idx = 7;
+		if ($seq->has($idx, Element::TYPE_BIT_STRING)) {
+			$obj->_issuerUniqueID = UniqueIdentifier::fromASN1(
+				$seq->at($idx++)->asBitString());
+		}
+		if ($seq->has($idx, Element::TYPE_SEQUENCE)) {
+			$obj->_extensions = Extensions::fromASN1(
+				$seq->at($idx++)->asSequence());
+		}
+		return $obj;
+	}
+    
+	/**
+	 * Get self with holder.
+	 *
+	 * @param Holder $holder
+	 * @return self
+	 */
+	public function withHolder(Holder $holder): self
+	{
+		$obj = clone $this;
+		$obj->_holder = $holder;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with issuer.
+	 *
+	 * @param AttCertIssuer $issuer
+	 * @return self
+	 */
+	public function withIssuer(AttCertIssuer $issuer): self
+	{
+		$obj = clone $this;
+		$obj->_issuer = $issuer;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with signature algorithm identifier.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo
+	 * @return self
+	 */
+	public function withSignature(SignatureAlgorithmIdentifier $algo): self
+	{
+		$obj = clone $this;
+		$obj->_signature = $algo;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with serial number.
+	 *
+	 * @param int|string $serial
+	 * @return self
+	 */
+	public function withSerialNumber($serial): self
+	{
+		$obj = clone $this;
+		$obj->_serialNumber = strval($serial);
+		return $obj;
+	}
+    
+	/**
+	 * Get self with random positive serial number.
+	 *
+	 * @param int $size Number of random bytes
+	 * @return self
+	 */
+	public function withRandomSerialNumber(int $size = 16): self
+	{
+		// ensure that first byte is always non-zero and having first bit unset
+		$num = gmp_init(mt_rand(1, 0x7f), 10);
+		for ($i = 1; $i < $size; ++$i) {
+			$num <<= 8;
+			$num += mt_rand(0, 0xff);
+		}
+		return $this->withSerialNumber(gmp_strval($num, 10));
+	}
+    
+	/**
+	 * Get self with validity period.
+	 *
+	 * @param AttCertValidityPeriod $validity
+	 * @return self
+	 */
+	public function withValidity(AttCertValidityPeriod $validity): self
+	{
+		$obj = clone $this;
+		$obj->_attrCertValidityPeriod = $validity;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with attributes.
+	 *
+	 * @param Attributes $attribs
+	 * @return self
+	 */
+	public function withAttributes(Attributes $attribs): self
+	{
+		$obj = clone $this;
+		$obj->_attributes = $attribs;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with issuer unique identifier.
+	 *
+	 * @param UniqueIdentifier $uid
+	 * @return self
+	 */
+	public function withIssuerUniqueID(UniqueIdentifier $uid): self
+	{
+		$obj = clone $this;
+		$obj->_issuerUniqueID = $uid;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with extensions.
+	 *
+	 * @param Extensions $extensions
+	 * @return self
+	 */
+	public function withExtensions(Extensions $extensions): self
+	{
+		$obj = clone $this;
+		$obj->_extensions = $extensions;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with extensions added.
+	 *
+	 * @param Extension ...$exts One or more Extension objects
+	 * @return self
+	 */
+	public function withAdditionalExtensions(Extension ...$exts): self
+	{
+		$obj = clone $this;
+		$obj->_extensions = $obj->_extensions->withExtensions(...$exts);
+		return $obj;
+	}
+    
+	/**
+	 * Get version.
+	 *
+	 * @return int
+	 */
+	public function version(): int
+	{
+		return $this->_version;
+	}
+    
+	/**
+	 * Get AC holder.
+	 *
+	 * @return Holder
+	 */
+	public function holder(): Holder
+	{
+		return $this->_holder;
+	}
+    
+	/**
+	 * Get AC issuer.
+	 *
+	 * @return AttCertIssuer
+	 */
+	public function issuer(): AttCertIssuer
+	{
+		return $this->_issuer;
+	}
+    
+	/**
+	 * Check whether signature is set.
+	 *
+	 * @return bool
+	 */
+	public function hasSignature(): bool
+	{
+		return isset($this->_signature);
+	}
+    
+	/**
+	 * Get signature algorithm identifier.
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signature(): SignatureAlgorithmIdentifier
+	{
+		if (!$this->hasSignature()) {
+			throw new \LogicException("signature not set.");
+		}
+		return $this->_signature;
+	}
+    
+	/**
+	 * Check whether serial number is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSerialNumber(): bool
+	{
+		return isset($this->_serialNumber);
+	}
+    
+	/**
+	 * Get AC serial number.
+	 *
+	 * @return string
+	 */
+	public function serialNumber(): string
+	{
+		if (!$this->hasSerialNumber()) {
+			throw new \LogicException("serialNumber not set.");
+		}
+		return $this->_serialNumber;
+	}
+    
+	/**
+	 * Get validity period.
+	 *
+	 * @return AttCertValidityPeriod
+	 */
+	public function validityPeriod(): AttCertValidityPeriod
+	{
+		return $this->_attrCertValidityPeriod;
+	}
+    
+	/**
+	 * Get attributes.
+	 *
+	 * @return Attributes
+	 */
+	public function attributes(): Attributes
+	{
+		return $this->_attributes;
+	}
+    
+	/**
+	 * Check whether issuer unique identifier is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerUniqueID(): bool
+	{
+		return isset($this->_issuerUniqueID);
+	}
+    
+	/**
+	 * Get issuer unique identifier.
+	 *
+	 * @return UniqueIdentifier
+	 */
+	public function issuerUniqueID(): UniqueIdentifier
+	{
+		if (!$this->hasIssuerUniqueID()) {
+			throw new \LogicException("issuerUniqueID not set.");
+		}
+		return $this->_issuerUniqueID;
+	}
+    
+	/**
+	 * Get extensions.
+	 *
+	 * @return Extensions
+	 */
+	public function extensions(): Extensions
+	{
+		return $this->_extensions;
+	}
+    
+	/**
+	 * Get ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array(new Integer($this->_version), $this->_holder->toASN1(),
+			$this->_issuer->toASN1(), $this->signature()->toASN1(),
+			new Integer($this->serialNumber()),
+			$this->_attrCertValidityPeriod->toASN1(),
+			$this->_attributes->toASN1());
+		if (isset($this->_issuerUniqueID)) {
+			$elements[] = $this->_issuerUniqueID->toASN1();
+		}
+		if (count($this->_extensions)) {
+			$elements[] = $this->_extensions->toASN1();
+		}
+		return new Sequence(...$elements);
+	}
+    
+	/**
+	 * Create signed attribute certificate.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo Signature algorithm
+	 * @param PrivateKeyInfo $privkey_info Private key
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @return AttributeCertificate
+	 */
+	public function sign(SignatureAlgorithmIdentifier $algo,
+		PrivateKeyInfo $privkey_info, Crypto $crypto = null): AttributeCertificate
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$aci = clone $this;
+		if (!isset($aci->_serialNumber)) {
+			$aci->_serialNumber = "0";
+		}
+		$aci->_signature = $algo;
+		$data = $aci->toASN1()->toDER();
+		$signature = $crypto->sign($data, $privkey_info, $algo);
+		return new AttributeCertificate($aci, $algo, $signature);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/AttributeCertificate/V2Form.php 1 patch

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

@@ -19,144 +19,144 @@
 block discarded – undo
  */
 class V2Form extends AttCertIssuer
 {
-    /**
-     * Issuer name.
-     *
-     * @var GeneralNames $_issuerName
-     */
-    protected $_issuerName;
+	/**
+	 * Issuer name.
+	 *
+	 * @var GeneralNames $_issuerName
+	 */
+	protected $_issuerName;
     
-    /**
-     * Issuer PKC's issuer and serial.
-     *
-     * @var IssuerSerial $_baseCertificateID
-     */
-    protected $_baseCertificateID;
+	/**
+	 * Issuer PKC's issuer and serial.
+	 *
+	 * @var IssuerSerial $_baseCertificateID
+	 */
+	protected $_baseCertificateID;
     
-    /**
-     * Linked object.
-     *
-     * @var ObjectDigestInfo $_objectDigestInfo
-     */
-    protected $_objectDigestInfo;
+	/**
+	 * Linked object.
+	 *
+	 * @var ObjectDigestInfo $_objectDigestInfo
+	 */
+	protected $_objectDigestInfo;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralNames|null $names
-     */
-    public function __construct(GeneralNames $names = null)
-    {
-        $this->_issuerName = $names;
-        $this->_baseCertificateID = null;
-        $this->_objectDigestInfo = null;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralNames|null $names
+	 */
+	public function __construct(GeneralNames $names = null)
+	{
+		$this->_issuerName = $names;
+		$this->_baseCertificateID = null;
+		$this->_objectDigestInfo = null;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromV2ASN1(Sequence $seq): self
-    {
-        $issuer = null;
-        $cert_id = null;
-        $digest_info = null;
-        if ($seq->has(0, Element::TYPE_SEQUENCE)) {
-            $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
-        }
-        if ($seq->hasTagged(0)) {
-            $cert_id = IssuerSerial::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        if ($seq->hasTagged(1)) {
-            $digest_info = ObjectDigestInfo::fromASN1(
-                $seq->getTagged(1)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        $obj = new self($issuer);
-        $obj->_baseCertificateID = $cert_id;
-        $obj->_objectDigestInfo = $digest_info;
-        return $obj;
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromV2ASN1(Sequence $seq): self
+	{
+		$issuer = null;
+		$cert_id = null;
+		$digest_info = null;
+		if ($seq->has(0, Element::TYPE_SEQUENCE)) {
+			$issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
+		}
+		if ($seq->hasTagged(0)) {
+			$cert_id = IssuerSerial::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		if ($seq->hasTagged(1)) {
+			$digest_info = ObjectDigestInfo::fromASN1(
+				$seq->getTagged(1)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		$obj = new self($issuer);
+		$obj->_baseCertificateID = $cert_id;
+		$obj->_objectDigestInfo = $digest_info;
+		return $obj;
+	}
     
-    /**
-     * Check whether issuer name is set.
-     *
-     * @return bool
-     */
-    public function hasIssuerName(): bool
-    {
-        return isset($this->_issuerName);
-    }
+	/**
+	 * Check whether issuer name is set.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerName(): bool
+	{
+		return isset($this->_issuerName);
+	}
     
-    /**
-     * Get issuer name.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function issuerName(): GeneralNames
-    {
-        if (!$this->hasIssuerName()) {
-            throw new \LogicException("issuerName not set.");
-        }
-        return $this->_issuerName;
-    }
+	/**
+	 * Get issuer name.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function issuerName(): GeneralNames
+	{
+		if (!$this->hasIssuerName()) {
+			throw new \LogicException("issuerName not set.");
+		}
+		return $this->_issuerName;
+	}
     
-    /**
-     * Get DN of the issuer.
-     *
-     * This is a convenience method conforming to RFC 5755, which states
-     * that Issuer must contain only one non-empty distinguished name.
-     *
-     * @return \X501\ASN1\Name
-     */
-    public function name(): Name
-    {
-        return $this->issuerName()->firstDN();
-    }
+	/**
+	 * Get DN of the issuer.
+	 *
+	 * This is a convenience method conforming to RFC 5755, which states
+	 * that Issuer must contain only one non-empty distinguished name.
+	 *
+	 * @return \X501\ASN1\Name
+	 */
+	public function name(): Name
+	{
+		return $this->issuerName()->firstDN();
+	}
     
-    /**
-     *
-     * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
-     * @return ImplicitlyTaggedType Tagged Sequence
-     */
-    public function toASN1(): TaggedType
-    {
-        $elements = array();
-        if (isset($this->_issuerName)) {
-            $elements[] = $this->_issuerName->toASN1();
-        }
-        if (isset($this->_baseCertificateID)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_baseCertificateID->toASN1());
-        }
-        if (isset($this->_objectDigestInfo)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                $this->_objectDigestInfo->toASN1());
-        }
-        return new ImplicitlyTaggedType(0, new Sequence(...$elements));
-    }
+	/**
+	 *
+	 * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
+	 * @return ImplicitlyTaggedType Tagged Sequence
+	 */
+	public function toASN1(): TaggedType
+	{
+		$elements = array();
+		if (isset($this->_issuerName)) {
+			$elements[] = $this->_issuerName->toASN1();
+		}
+		if (isset($this->_baseCertificateID)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_baseCertificateID->toASN1());
+		}
+		if (isset($this->_objectDigestInfo)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				$this->_objectDigestInfo->toASN1());
+		}
+		return new ImplicitlyTaggedType(0, new Sequence(...$elements));
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
-     * @return bool
-     */
-    public function identifiesPKC(Certificate $cert): bool
-    {
-        $name = $this->_issuerName->firstDN();
-        if (!$cert->tbsCertificate()
-            ->subject()
-            ->equals($name)) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
+	 * @return bool
+	 */
+	public function identifiesPKC(Certificate $cert): bool
+	{
+		$name = $this->_issuerName->firstDN();
+		if (!$cert->tbsCertificate()
+			->subject()
+			->equals($name)) {
+			return false;
+		}
+		return true;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/AttributeCertificate/Attribute/RoleAttributeValue.php 1 patch

Indentation +139 added lines, -139 removed lines patch added patch discarded remove patch

@@ -23,155 +23,155 @@
 block discarded – undo
  */
 class RoleAttributeValue extends AttributeValue
 {
-    /**
-     * Issuing authority.
-     *
-     * @var GeneralNames $_roleAuthority
-     */
-    protected $_roleAuthority;
+	/**
+	 * Issuing authority.
+	 *
+	 * @var GeneralNames $_roleAuthority
+	 */
+	protected $_roleAuthority;
     
-    /**
-     * Role name.
-     *
-     * @var GeneralName $_roleName
-     */
-    protected $_roleName;
+	/**
+	 * Role name.
+	 *
+	 * @var GeneralName $_roleName
+	 */
+	protected $_roleName;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralName $name Role name
-     * @param GeneralNames|null $authority Issuing authority
-     */
-    public function __construct(GeneralName $name, GeneralNames $authority = null)
-    {
-        $this->_roleAuthority = $authority;
-        $this->_roleName = $name;
-        $this->_oid = AttributeType::OID_ROLE;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralName $name Role name
+	 * @param GeneralNames|null $authority Issuing authority
+	 */
+	public function __construct(GeneralName $name, GeneralNames $authority = null)
+	{
+		$this->_roleAuthority = $authority;
+		$this->_roleName = $name;
+		$this->_oid = AttributeType::OID_ROLE;
+	}
     
-    /**
-     * Initialize from a role string.
-     *
-     * @param string $role_name Role name in URI format
-     * @param GeneralNames|null $authority Issuing authority
-     * @return self
-     */
-    public static function fromString(string $role_name,
-        GeneralNames $authority = null): self
-    {
-        return new self(new UniformResourceIdentifier($role_name), $authority);
-    }
+	/**
+	 * Initialize from a role string.
+	 *
+	 * @param string $role_name Role name in URI format
+	 * @param GeneralNames|null $authority Issuing authority
+	 * @return self
+	 */
+	public static function fromString(string $role_name,
+		GeneralNames $authority = null): self
+	{
+		return new self(new UniformResourceIdentifier($role_name), $authority);
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el): self
-    {
-        $seq = $el->asSequence();
-        $authority = null;
-        if ($seq->hasTagged(0)) {
-            $authority = GeneralNames::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        $name = GeneralName::fromASN1(
-            $seq->getTagged(1)
-                ->asExplicit()
-                ->asTagged());
-        return new self($name, $authority);
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el): self
+	{
+		$seq = $el->asSequence();
+		$authority = null;
+		if ($seq->hasTagged(0)) {
+			$authority = GeneralNames::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		$name = GeneralName::fromASN1(
+			$seq->getTagged(1)
+				->asExplicit()
+				->asTagged());
+		return new self($name, $authority);
+	}
     
-    /**
-     * Check whether issuing authority is present.
-     *
-     * @return bool
-     */
-    public function hasRoleAuthority(): bool
-    {
-        return isset($this->_roleAuthority);
-    }
+	/**
+	 * Check whether issuing authority is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRoleAuthority(): bool
+	{
+		return isset($this->_roleAuthority);
+	}
     
-    /**
-     * Get issuing authority.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function roleAuthority(): GeneralNames
-    {
-        if (!$this->hasRoleAuthority()) {
-            throw new \LogicException("roleAuthority not set.");
-        }
-        return $this->_roleAuthority;
-    }
+	/**
+	 * Get issuing authority.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function roleAuthority(): GeneralNames
+	{
+		if (!$this->hasRoleAuthority()) {
+			throw new \LogicException("roleAuthority not set.");
+		}
+		return $this->_roleAuthority;
+	}
     
-    /**
-     * Get role name.
-     *
-     * @return GeneralName
-     */
-    public function roleName(): GeneralName
-    {
-        return $this->_roleName;
-    }
+	/**
+	 * Get role name.
+	 *
+	 * @return GeneralName
+	 */
+	public function roleName(): GeneralName
+	{
+		return $this->_roleName;
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array();
-        if (isset($this->_roleAuthority)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_roleAuthority->toASN1());
-        }
-        $elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array();
+		if (isset($this->_roleAuthority)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_roleAuthority->toASN1());
+		}
+		$elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
+		return new Sequence(...$elements);
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
-     * @return string
-     */
-    public function stringValue(): string
-    {
-        return "#" . bin2hex($this->toASN1()->toDER());
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
+	 * @return string
+	 */
+	public function stringValue(): string
+	{
+		return "#" . bin2hex($this->toASN1()->toDER());
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
-     * @return BinaryMatch
-     */
-    public function equalityMatchingRule(): BinaryMatch
-    {
-        return new BinaryMatch();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
+	 * @return BinaryMatch
+	 */
+	public function equalityMatchingRule(): BinaryMatch
+	{
+		return new BinaryMatch();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
-     * @return string
-     */
-    public function rfc2253String(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
+	 * @return string
+	 */
+	public function rfc2253String(): string
+	{
+		return $this->stringValue();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
-     * @return string
-     */
-    protected function _transcodedString(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
+	 * @return string
+	 */
+	protected function _transcodedString(): string
+	{
+		return $this->stringValue();
+	}
 }

Please login to merge, or discard this patch.

lib/X509/AttributeCertificate/Attribute/SvceAuthInfo.php 1 patch

Indentation +139 added lines, -139 removed lines patch added patch discarded remove patch

@@ -20,156 +20,156 @@
 block discarded – undo
  */
 abstract class SvceAuthInfo extends AttributeValue
 {
-    /**
-     * Service.
-     *
-     * @var GeneralName $_service
-     */
-    protected $_service;
+	/**
+	 * Service.
+	 *
+	 * @var GeneralName $_service
+	 */
+	protected $_service;
     
-    /**
-     * Ident.
-     *
-     * @var GeneralName $_ident
-     */
-    protected $_ident;
+	/**
+	 * Ident.
+	 *
+	 * @var GeneralName $_ident
+	 */
+	protected $_ident;
     
-    /**
-     * Auth info.
-     *
-     * @var string|null $_authInfo
-     */
-    protected $_authInfo;
+	/**
+	 * Auth info.
+	 *
+	 * @var string|null $_authInfo
+	 */
+	protected $_authInfo;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralName $service
-     * @param GeneralName $ident
-     * @param string|null $auth_info
-     */
-    public function __construct(GeneralName $service, GeneralName $ident,
-        $auth_info = null)
-    {
-        $this->_service = $service;
-        $this->_ident = $ident;
-        $this->_authInfo = $auth_info;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralName $service
+	 * @param GeneralName $ident
+	 * @param string|null $auth_info
+	 */
+	public function __construct(GeneralName $service, GeneralName $ident,
+		$auth_info = null)
+	{
+		$this->_service = $service;
+		$this->_ident = $ident;
+		$this->_authInfo = $auth_info;
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el): self
-    {
-        $seq = $el->asSequence();
-        $service = GeneralName::fromASN1($seq->at(0)->asTagged());
-        $ident = GeneralName::fromASN1($seq->at(1)->asTagged());
-        $auth_info = null;
-        if ($seq->has(2, Element::TYPE_OCTET_STRING)) {
-            $auth_info = $seq->at(2)
-                ->asString()
-                ->string();
-        }
-        return new static($service, $ident, $auth_info);
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el): self
+	{
+		$seq = $el->asSequence();
+		$service = GeneralName::fromASN1($seq->at(0)->asTagged());
+		$ident = GeneralName::fromASN1($seq->at(1)->asTagged());
+		$auth_info = null;
+		if ($seq->has(2, Element::TYPE_OCTET_STRING)) {
+			$auth_info = $seq->at(2)
+				->asString()
+				->string();
+		}
+		return new static($service, $ident, $auth_info);
+	}
     
-    /**
-     * Get service name.
-     *
-     * @return GeneralName
-     */
-    public function service(): GeneralName
-    {
-        return $this->_service;
-    }
+	/**
+	 * Get service name.
+	 *
+	 * @return GeneralName
+	 */
+	public function service(): GeneralName
+	{
+		return $this->_service;
+	}
     
-    /**
-     * Get ident.
-     *
-     * @return GeneralName
-     */
-    public function ident(): GeneralName
-    {
-        return $this->_ident;
-    }
+	/**
+	 * Get ident.
+	 *
+	 * @return GeneralName
+	 */
+	public function ident(): GeneralName
+	{
+		return $this->_ident;
+	}
     
-    /**
-     * Check whether authentication info is present.
-     *
-     * @return bool
-     */
-    public function hasAuthInfo(): bool
-    {
-        return isset($this->_authInfo);
-    }
+	/**
+	 * Check whether authentication info is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthInfo(): bool
+	{
+		return isset($this->_authInfo);
+	}
     
-    /**
-     * Get authentication info.
-     *
-     * @throws \LogicException
-     * @return string
-     */
-    public function authInfo(): string
-    {
-        if (!$this->hasAuthInfo()) {
-            throw new \LogicException("authInfo not set.");
-        }
-        return $this->_authInfo;
-    }
+	/**
+	 * Get authentication info.
+	 *
+	 * @throws \LogicException
+	 * @return string
+	 */
+	public function authInfo(): string
+	{
+		if (!$this->hasAuthInfo()) {
+			throw new \LogicException("authInfo not set.");
+		}
+		return $this->_authInfo;
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array($this->_service->toASN1(), $this->_ident->toASN1());
-        if (isset($this->_authInfo)) {
-            $elements[] = new OctetString($this->_authInfo);
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array($this->_service->toASN1(), $this->_ident->toASN1());
+		if (isset($this->_authInfo)) {
+			$elements[] = new OctetString($this->_authInfo);
+		}
+		return new Sequence(...$elements);
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
-     * @return string
-     */
-    public function stringValue(): string
-    {
-        return "#" . bin2hex($this->toASN1()->toDER());
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
+	 * @return string
+	 */
+	public function stringValue(): string
+	{
+		return "#" . bin2hex($this->toASN1()->toDER());
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
-     * @return BinaryMatch
-     */
-    public function equalityMatchingRule(): BinaryMatch
-    {
-        return new BinaryMatch();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
+	 * @return BinaryMatch
+	 */
+	public function equalityMatchingRule(): BinaryMatch
+	{
+		return new BinaryMatch();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
-     * @return string
-     */
-    public function rfc2253String(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
+	 * @return string
+	 */
+	public function rfc2253String(): string
+	{
+		return $this->stringValue();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
-     * @return string
-     */
-    protected function _transcodedString(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
+	 * @return string
+	 */
+	protected function _transcodedString(): string
+	{
+		return $this->stringValue();
+	}
 }

Please login to merge, or discard this patch.

lib/X509/AttributeCertificate/Attribute/IetfAttrValue.php 2 patches

Indentation +144 added lines, -144 removed lines patch added patch discarded remove patch

@@ -17,161 +17,161 @@
 block discarded – undo
  */
 class IetfAttrValue
 {
-    /**
-     * Element type tag.
-     *
-     * @var int $_type
-     */
-    protected $_type;
+	/**
+	 * Element type tag.
+	 *
+	 * @var int $_type
+	 */
+	protected $_type;
     
-    /**
-     * Value.
-     *
-     * @var string $_value
-     */
-    protected $_value;
+	/**
+	 * Value.
+	 *
+	 * @var string $_value
+	 */
+	protected $_value;
     
-    /**
-     * Constructor.
-     *
-     * @param string $value
-     * @param int $type
-     */
-    public function __construct(string $value, int $type)
-    {
-        $this->_type = $type;
-        $this->_value = $value;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $value
+	 * @param int $type
+	 */
+	public function __construct(string $value, int $type)
+	{
+		$this->_type = $type;
+		$this->_value = $value;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param UnspecifiedType $el
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el): self
-    {
-        switch ($el->tag()) {
-            case Element::TYPE_OCTET_STRING:
-            case Element::TYPE_UTF8_STRING:
-                return new self($el->asString()->string(), $el->tag());
-            case Element::TYPE_OBJECT_IDENTIFIER:
-                return new self($el->asObjectIdentifier()->oid(), $el->tag());
-        }
-        throw new \UnexpectedValueException(
-            "Type " . Element::tagToName($el->tag()) . " not supported.");
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param UnspecifiedType $el
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el): self
+	{
+		switch ($el->tag()) {
+			case Element::TYPE_OCTET_STRING:
+			case Element::TYPE_UTF8_STRING:
+				return new self($el->asString()->string(), $el->tag());
+			case Element::TYPE_OBJECT_IDENTIFIER:
+				return new self($el->asObjectIdentifier()->oid(), $el->tag());
+		}
+		throw new \UnexpectedValueException(
+			"Type " . Element::tagToName($el->tag()) . " not supported.");
+	}
     
-    /**
-     * Initialize from octet string.
-     *
-     * @param string $octets
-     * @return self
-     */
-    public static function fromOctets(string $octets): self
-    {
-        return new self($octets, Element::TYPE_OCTET_STRING);
-    }
+	/**
+	 * Initialize from octet string.
+	 *
+	 * @param string $octets
+	 * @return self
+	 */
+	public static function fromOctets(string $octets): self
+	{
+		return new self($octets, Element::TYPE_OCTET_STRING);
+	}
     
-    /**
-     * Initialize from UTF-8 string.
-     *
-     * @param string $str
-     * @return self
-     */
-    public static function fromString(string $str): self
-    {
-        return new self($str, Element::TYPE_UTF8_STRING);
-    }
+	/**
+	 * Initialize from UTF-8 string.
+	 *
+	 * @param string $str
+	 * @return self
+	 */
+	public static function fromString(string $str): self
+	{
+		return new self($str, Element::TYPE_UTF8_STRING);
+	}
     
-    /**
-     * Initialize from OID.
-     *
-     * @param string $oid
-     * @return self
-     */
-    public static function fromOID(string $oid): self
-    {
-        return new self($oid, Element::TYPE_OBJECT_IDENTIFIER);
-    }
+	/**
+	 * Initialize from OID.
+	 *
+	 * @param string $oid
+	 * @return self
+	 */
+	public static function fromOID(string $oid): self
+	{
+		return new self($oid, Element::TYPE_OBJECT_IDENTIFIER);
+	}
     
-    /**
-     * Get type tag.
-     *
-     * @return int
-     */
-    public function type(): int
-    {
-        return $this->_type;
-    }
+	/**
+	 * Get type tag.
+	 *
+	 * @return int
+	 */
+	public function type(): int
+	{
+		return $this->_type;
+	}
     
-    /**
-     * Whether value type is octets.
-     *
-     * @return bool
-     */
-    public function isOctets(): bool
-    {
-        return $this->_type === Element::TYPE_OCTET_STRING;
-    }
+	/**
+	 * Whether value type is octets.
+	 *
+	 * @return bool
+	 */
+	public function isOctets(): bool
+	{
+		return $this->_type === Element::TYPE_OCTET_STRING;
+	}
     
-    /**
-     * Whether value type is OID.
-     *
-     * @return bool
-     */
-    public function isOID(): bool
-    {
-        return $this->_type === Element::TYPE_OBJECT_IDENTIFIER;
-    }
+	/**
+	 * Whether value type is OID.
+	 *
+	 * @return bool
+	 */
+	public function isOID(): bool
+	{
+		return $this->_type === Element::TYPE_OBJECT_IDENTIFIER;
+	}
     
-    /**
-     * Whether value type is string.
-     *
-     * @return bool
-     */
-    public function isString(): bool
-    {
-        return $this->_type === Element::TYPE_UTF8_STRING;
-    }
+	/**
+	 * Whether value type is string.
+	 *
+	 * @return bool
+	 */
+	public function isString(): bool
+	{
+		return $this->_type === Element::TYPE_UTF8_STRING;
+	}
     
-    /**
-     * Get value.
-     *
-     * @return string
-     */
-    public function value(): string
-    {
-        return $this->_value;
-    }
+	/**
+	 * Get value.
+	 *
+	 * @return string
+	 */
+	public function value(): string
+	{
+		return $this->_value;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @throws \LogicException
-     * @return Element
-     */
-    public function toASN1(): Element
-    {
-        switch ($this->_type) {
-            case Element::TYPE_OCTET_STRING:
-                return new OctetString($this->_value);
-            case Element::TYPE_UTF8_STRING:
-                return new UTF8String($this->_value);
-            case Element::TYPE_OBJECT_IDENTIFIER:
-                return new ObjectIdentifier($this->_value);
-        }
-        throw new \LogicException(
-            "Type " . Element::tagToName($this->_type) . " not supported.");
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @throws \LogicException
+	 * @return Element
+	 */
+	public function toASN1(): Element
+	{
+		switch ($this->_type) {
+			case Element::TYPE_OCTET_STRING:
+				return new OctetString($this->_value);
+			case Element::TYPE_UTF8_STRING:
+				return new UTF8String($this->_value);
+			case Element::TYPE_OBJECT_IDENTIFIER:
+				return new ObjectIdentifier($this->_value);
+		}
+		throw new \LogicException(
+			"Type " . Element::tagToName($this->_type) . " not supported.");
+	}
     
-    /**
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->_value;
-    }
+	/**
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->_value;
+	}
 }

Please login to merge, or discard this patch.

Switch Indentation +11 added lines, -11 removed lines patch added patch discarded remove patch

@@ -53,11 +53,11 @@  discard block
 block discarded – undo
     public static function fromASN1(UnspecifiedType $el): self
     {
         switch ($el->tag()) {
-            case Element::TYPE_OCTET_STRING:
-            case Element::TYPE_UTF8_STRING:
-                return new self($el->asString()->string(), $el->tag());
-            case Element::TYPE_OBJECT_IDENTIFIER:
-                return new self($el->asObjectIdentifier()->oid(), $el->tag());
+        case Element::TYPE_OCTET_STRING:
+        case Element::TYPE_UTF8_STRING:
+            return new self($el->asString()->string(), $el->tag());
+        case Element::TYPE_OBJECT_IDENTIFIER:
+            return new self($el->asObjectIdentifier()->oid(), $el->tag());
         }
         throw new \UnexpectedValueException(
             "Type " . Element::tagToName($el->tag()) . " not supported.");
@@ -155,12 +155,12 @@  discard block
 block discarded – undo
     public function toASN1(): Element
     {
         switch ($this->_type) {
-            case Element::TYPE_OCTET_STRING:
-                return new OctetString($this->_value);
-            case Element::TYPE_UTF8_STRING:
-                return new UTF8String($this->_value);
-            case Element::TYPE_OBJECT_IDENTIFIER:
-                return new ObjectIdentifier($this->_value);
+        case Element::TYPE_OCTET_STRING:
+            return new OctetString($this->_value);
+        case Element::TYPE_UTF8_STRING:
+            return new UTF8String($this->_value);
+        case Element::TYPE_OBJECT_IDENTIFIER:
+            return new ObjectIdentifier($this->_value);
         }
         throw new \LogicException(
             "Type " . Element::tagToName($this->_type) . " not supported.");

Please login to merge, or discard this patch.

lib/X509/AttributeCertificate/Holder.php 1 patch

Indentation +259 added lines, -259 removed lines patch added patch discarded remove patch

@@ -19,281 +19,281 @@
 block discarded – undo
  */
 class Holder
 {
-    /**
-     * Holder PKC's issuer and serial.
-     *
-     * @var IssuerSerial|null $_baseCertificateID
-     */
-    protected $_baseCertificateID;
+	/**
+	 * Holder PKC's issuer and serial.
+	 *
+	 * @var IssuerSerial|null $_baseCertificateID
+	 */
+	protected $_baseCertificateID;
     
-    /**
-     * Holder PKC's subject.
-     *
-     * @var GeneralNames|null $_entityName
-     */
-    protected $_entityName;
+	/**
+	 * Holder PKC's subject.
+	 *
+	 * @var GeneralNames|null $_entityName
+	 */
+	protected $_entityName;
     
-    /**
-     * Linked object.
-     *
-     * @var ObjectDigestInfo|null $_objectDigestInfo
-     */
-    protected $_objectDigestInfo;
+	/**
+	 * Linked object.
+	 *
+	 * @var ObjectDigestInfo|null $_objectDigestInfo
+	 */
+	protected $_objectDigestInfo;
     
-    /**
-     * Constructor.
-     *
-     * @param IssuerSerial|null $issuer_serial
-     * @param GeneralNames|null $entity_name
-     */
-    public function __construct(IssuerSerial $issuer_serial = null,
-        GeneralNames $entity_name = null)
-    {
-        $this->_baseCertificateID = $issuer_serial;
-        $this->_entityName = $entity_name;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param IssuerSerial|null $issuer_serial
+	 * @param GeneralNames|null $entity_name
+	 */
+	public function __construct(IssuerSerial $issuer_serial = null,
+		GeneralNames $entity_name = null)
+	{
+		$this->_baseCertificateID = $issuer_serial;
+		$this->_entityName = $entity_name;
+	}
     
-    /**
-     * Initialize from a holder's public key certificate.
-     *
-     * @param Certificate $cert
-     * @return self
-     */
-    public static function fromPKC(Certificate $cert): self
-    {
-        return new self(IssuerSerial::fromPKC($cert));
-    }
+	/**
+	 * Initialize from a holder's public key certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return self
+	 */
+	public static function fromPKC(Certificate $cert): self
+	{
+		return new self(IssuerSerial::fromPKC($cert));
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $cert_id = null;
-        $entity_name = null;
-        $digest_info = null;
-        if ($seq->hasTagged(0)) {
-            $cert_id = IssuerSerial::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        if ($seq->hasTagged(1)) {
-            $entity_name = GeneralNames::fromASN1(
-                $seq->getTagged(1)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        if ($seq->hasTagged(2)) {
-            $digest_info = ObjectDigestInfo::fromASN1(
-                $seq->getTagged(2)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        $obj = new self($cert_id, $entity_name);
-        $obj->_objectDigestInfo = $digest_info;
-        return $obj;
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$cert_id = null;
+		$entity_name = null;
+		$digest_info = null;
+		if ($seq->hasTagged(0)) {
+			$cert_id = IssuerSerial::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		if ($seq->hasTagged(1)) {
+			$entity_name = GeneralNames::fromASN1(
+				$seq->getTagged(1)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		if ($seq->hasTagged(2)) {
+			$digest_info = ObjectDigestInfo::fromASN1(
+				$seq->getTagged(2)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		$obj = new self($cert_id, $entity_name);
+		$obj->_objectDigestInfo = $digest_info;
+		return $obj;
+	}
     
-    /**
-     * Get self with base certificate ID.
-     *
-     * @param IssuerSerial $issuer
-     * @return self
-     */
-    public function withBaseCertificateID(IssuerSerial $issuer): self
-    {
-        $obj = clone $this;
-        $obj->_baseCertificateID = $issuer;
-        return $obj;
-    }
+	/**
+	 * Get self with base certificate ID.
+	 *
+	 * @param IssuerSerial $issuer
+	 * @return self
+	 */
+	public function withBaseCertificateID(IssuerSerial $issuer): self
+	{
+		$obj = clone $this;
+		$obj->_baseCertificateID = $issuer;
+		return $obj;
+	}
     
-    /**
-     * Get self with entity name.
-     *
-     * @param GeneralNames $names
-     * @return self
-     */
-    public function withEntityName(GeneralNames $names): self
-    {
-        $obj = clone $this;
-        $obj->_entityName = $names;
-        return $obj;
-    }
+	/**
+	 * Get self with entity name.
+	 *
+	 * @param GeneralNames $names
+	 * @return self
+	 */
+	public function withEntityName(GeneralNames $names): self
+	{
+		$obj = clone $this;
+		$obj->_entityName = $names;
+		return $obj;
+	}
     
-    /**
-     * Get self with object digest info.
-     *
-     * @param ObjectDigestInfo $odi
-     * @return self
-     */
-    public function withObjectDigestInfo(ObjectDigestInfo $odi): self
-    {
-        $obj = clone $this;
-        $obj->_objectDigestInfo = $odi;
-        return $obj;
-    }
+	/**
+	 * Get self with object digest info.
+	 *
+	 * @param ObjectDigestInfo $odi
+	 * @return self
+	 */
+	public function withObjectDigestInfo(ObjectDigestInfo $odi): self
+	{
+		$obj = clone $this;
+		$obj->_objectDigestInfo = $odi;
+		return $obj;
+	}
     
-    /**
-     * Check whether base certificate ID is present.
-     *
-     * @return bool
-     */
-    public function hasBaseCertificateID(): bool
-    {
-        return isset($this->_baseCertificateID);
-    }
+	/**
+	 * Check whether base certificate ID is present.
+	 *
+	 * @return bool
+	 */
+	public function hasBaseCertificateID(): bool
+	{
+		return isset($this->_baseCertificateID);
+	}
     
-    /**
-     * Get base certificate ID.
-     *
-     * @throws \LogicException
-     * @return IssuerSerial
-     */
-    public function baseCertificateID(): IssuerSerial
-    {
-        if (!$this->hasBaseCertificateID()) {
-            throw new \LogicException("baseCertificateID not set.");
-        }
-        return $this->_baseCertificateID;
-    }
+	/**
+	 * Get base certificate ID.
+	 *
+	 * @throws \LogicException
+	 * @return IssuerSerial
+	 */
+	public function baseCertificateID(): IssuerSerial
+	{
+		if (!$this->hasBaseCertificateID()) {
+			throw new \LogicException("baseCertificateID not set.");
+		}
+		return $this->_baseCertificateID;
+	}
     
-    /**
-     * Check whether entity name is present.
-     *
-     * @return bool
-     */
-    public function hasEntityName(): bool
-    {
-        return isset($this->_entityName);
-    }
+	/**
+	 * Check whether entity name is present.
+	 *
+	 * @return bool
+	 */
+	public function hasEntityName(): bool
+	{
+		return isset($this->_entityName);
+	}
     
-    /**
-     * Get entity name.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function entityName(): GeneralNames
-    {
-        if (!$this->hasEntityName()) {
-            throw new \LogicException("entityName not set.");
-        }
-        return $this->_entityName;
-    }
+	/**
+	 * Get entity name.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function entityName(): GeneralNames
+	{
+		if (!$this->hasEntityName()) {
+			throw new \LogicException("entityName not set.");
+		}
+		return $this->_entityName;
+	}
     
-    /**
-     * Check whether object digest info is present.
-     *
-     * @return bool
-     */
-    public function hasObjectDigestInfo(): bool
-    {
-        return isset($this->_objectDigestInfo);
-    }
+	/**
+	 * Check whether object digest info is present.
+	 *
+	 * @return bool
+	 */
+	public function hasObjectDigestInfo(): bool
+	{
+		return isset($this->_objectDigestInfo);
+	}
     
-    /**
-     * Get object digest info.
-     *
-     * @throws \LogicException
-     * @return ObjectDigestInfo
-     */
-    public function objectDigestInfo(): ObjectDigestInfo
-    {
-        if (!$this->hasObjectDigestInfo()) {
-            throw new \LogicException("objectDigestInfo not set.");
-        }
-        return $this->_objectDigestInfo;
-    }
+	/**
+	 * Get object digest info.
+	 *
+	 * @throws \LogicException
+	 * @return ObjectDigestInfo
+	 */
+	public function objectDigestInfo(): ObjectDigestInfo
+	{
+		if (!$this->hasObjectDigestInfo()) {
+			throw new \LogicException("objectDigestInfo not set.");
+		}
+		return $this->_objectDigestInfo;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = [];
-        if (isset($this->_baseCertificateID)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_baseCertificateID->toASN1());
-        }
-        if (isset($this->_entityName)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                $this->_entityName->toASN1());
-        }
-        if (isset($this->_objectDigestInfo)) {
-            $elements[] = new ImplicitlyTaggedType(2,
-                $this->_objectDigestInfo->toASN1());
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = [];
+		if (isset($this->_baseCertificateID)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_baseCertificateID->toASN1());
+		}
+		if (isset($this->_entityName)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				$this->_entityName->toASN1());
+		}
+		if (isset($this->_objectDigestInfo)) {
+			$elements[] = new ImplicitlyTaggedType(2,
+				$this->_objectDigestInfo->toASN1());
+		}
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Check whether Holder identifies given certificate.
-     *
-     * @param Certificate $cert
-     * @return boolean
-     */
-    public function identifiesPKC(Certificate $cert): bool
-    {
-        // if neither baseCertificateID nor entityName are present
-        if (!$this->_baseCertificateID && !$this->_entityName) {
-            return false;
-        }
-        // if baseCertificateID is present, but doesn't match
-        if ($this->_baseCertificateID &&
-             !$this->_baseCertificateID->identifiesPKC($cert)) {
-            return false;
-        }
-        // if entityName is present, but doesn't match
-        if ($this->_entityName && !$this->_checkEntityName($cert)) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 * Check whether Holder identifies given certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return boolean
+	 */
+	public function identifiesPKC(Certificate $cert): bool
+	{
+		// if neither baseCertificateID nor entityName are present
+		if (!$this->_baseCertificateID && !$this->_entityName) {
+			return false;
+		}
+		// if baseCertificateID is present, but doesn't match
+		if ($this->_baseCertificateID &&
+			 !$this->_baseCertificateID->identifiesPKC($cert)) {
+			return false;
+		}
+		// if entityName is present, but doesn't match
+		if ($this->_entityName && !$this->_checkEntityName($cert)) {
+			return false;
+		}
+		return true;
+	}
     
-    /**
-     * Check whether entityName matches the given certificate.
-     *
-     * @param Certificate $cert
-     * @return boolean
-     */
-    private function _checkEntityName(Certificate $cert): bool
-    {
-        $name = $this->_entityName->firstDN();
-        if ($cert->tbsCertificate()
-            ->subject()
-            ->equals($name)) {
-            return true;
-        }
-        $exts = $cert->tbsCertificate()->extensions();
-        if ($exts->hasSubjectAlternativeName()) {
-            $ext = $exts->subjectAlternativeName();
-            if ($this->_checkEntityAlternativeNames($ext->names())) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether entityName matches the given certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return boolean
+	 */
+	private function _checkEntityName(Certificate $cert): bool
+	{
+		$name = $this->_entityName->firstDN();
+		if ($cert->tbsCertificate()
+			->subject()
+			->equals($name)) {
+			return true;
+		}
+		$exts = $cert->tbsCertificate()->extensions();
+		if ($exts->hasSubjectAlternativeName()) {
+			$ext = $exts->subjectAlternativeName();
+			if ($this->_checkEntityAlternativeNames($ext->names())) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Check whether any of the subject alternative names match entityName.
-     *
-     * @param GeneralNames $san
-     * @return boolean
-     */
-    private function _checkEntityAlternativeNames(GeneralNames $san): bool
-    {
-        // only directory names supported for now
-        $name = $this->_entityName->firstDN();
-        foreach ($san->allOf(GeneralName::TAG_DIRECTORY_NAME) as $dn) {
-            if ($dn instanceof DirectoryName && $dn->dn()->equals($name)) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether any of the subject alternative names match entityName.
+	 *
+	 * @param GeneralNames $san
+	 * @return boolean
+	 */
+	private function _checkEntityAlternativeNames(GeneralNames $san): bool
+	{
+		// only directory names supported for now
+		$name = $this->_entityName->firstDN();
+		foreach ($san->allOf(GeneralName::TAG_DIRECTORY_NAME) as $dn) {
+			if ($dn instanceof DirectoryName && $dn->dn()->equals($name)) {
+				return true;
+			}
+		}
+		return false;
+	}
 }

Please login to merge, or discard this patch.

GitHub Access Token became invalid

Push — master ( 91afec...2569ae )

Status

Category

Indentation +155 added lines, -155 removed lines patch added patch discarded remove patch

Indentation +245 added lines, -245 removed lines patch added patch discarded remove patch

Indentation +480 added lines, -480 removed lines patch added patch discarded remove patch

Indentation +431 added lines, -431 removed lines patch added patch discarded remove patch

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

Indentation +139 added lines, -139 removed lines patch added patch discarded remove patch

Indentation +139 added lines, -139 removed lines patch added patch discarded remove patch

Indentation +144 added lines, -144 removed lines patch added patch discarded remove patch

Switch Indentation +11 added lines, -11 removed lines patch added patch discarded remove patch

Indentation +259 added lines, -259 removed lines patch added patch discarded remove patch

		@@ -23,171 +23,171 @@
		block discarded – undo
23	23	*/
24	24	class CertificationPath implements \Countable, \IteratorAggregate
25	25	{
26		- /**
27		- * Certification path.
28		- *
29		- * @var Certificate[] $_certificates
30		- */
31		- protected $_certificates;
	26	+ /**
	27	+ * Certification path.
	28	+ *
	29	+ * @var Certificate[] $_certificates
	30	+ */
	31	+ protected $_certificates;
32	32
33		- /**
34		- * Constructor.
35		- *
36		- * @param Certificate ...$certificates Certificates from the trust anchor
37		- * to the target end-entity certificate
38		- */
39		- public function __construct(Certificate ...$certificates)
40		- {
41		- $this->_certificates = $certificates;
42		- }
	33	+ /**
	34	+ * Constructor.
	35	+ *
	36	+ * @param Certificate ...$certificates Certificates from the trust anchor
	37	+ * to the target end-entity certificate
	38	+ */
	39	+ public function __construct(Certificate ...$certificates)
	40	+ {
	41	+ $this->_certificates = $certificates;
	42	+ }
43	43
44		- /**
45		- * Initialize from a certificate chain.
46		- *
47		- * @param CertificateChain $chain
48		- * @return self
49		- */
50		- public static function fromCertificateChain(CertificateChain $chain): self
51		- {
52		- return new self(...array_reverse($chain->certificates(), false));
53		- }
	44	+ /**
	45	+ * Initialize from a certificate chain.
	46	+ *
	47	+ * @param CertificateChain $chain
	48	+ * @return self
	49	+ */
	50	+ public static function fromCertificateChain(CertificateChain $chain): self
	51	+ {
	52	+ return new self(...array_reverse($chain->certificates(), false));
	53	+ }
54	54
55		- /**
56		- * Build certification path to given target.
57		- *
58		- * @param Certificate $target Target end-entity certificate
59		- * @param CertificateBundle $trust_anchors List of trust anchors
60		- * @param CertificateBundle\|null $intermediate Optional intermediate
61		- * certificates
62		- * @return self
63		- */
64		- public static function toTarget(Certificate $target,
65		- CertificateBundle $trust_anchors, CertificateBundle $intermediate = null): self
66		- {
67		- $builder = new CertificationPathBuilder($trust_anchors);
68		- return $builder->shortestPathToTarget($target, $intermediate);
69		- }
	55	+ /**
	56	+ * Build certification path to given target.
	57	+ *
	58	+ * @param Certificate $target Target end-entity certificate
	59	+ * @param CertificateBundle $trust_anchors List of trust anchors
	60	+ * @param CertificateBundle\|null $intermediate Optional intermediate
	61	+ * certificates
	62	+ * @return self
	63	+ */
	64	+ public static function toTarget(Certificate $target,
	65	+ CertificateBundle $trust_anchors, CertificateBundle $intermediate = null): self
	66	+ {
	67	+ $builder = new CertificationPathBuilder($trust_anchors);
	68	+ return $builder->shortestPathToTarget($target, $intermediate);
	69	+ }
70	70
71		- /**
72		- * Build certification path from given trust anchor to target certificate,
73		- * using intermediate certificates from given bundle.
74		- *
75		- * @param Certificate $trust_anchor Trust anchor certificate
76		- * @param Certificate $target Target end-entity certificate
77		- * @param CertificateBundle\|null $intermediate Optional intermediate
78		- * certificates
79		- * @return self
80		- */
81		- public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
82		- Certificate $target, CertificateBundle $intermediate = null): self
83		- {
84		- return self::toTarget($target, new CertificateBundle($trust_anchor),
85		- $intermediate);
86		- }
	71	+ /**
	72	+ * Build certification path from given trust anchor to target certificate,
	73	+ * using intermediate certificates from given bundle.
	74	+ *
	75	+ * @param Certificate $trust_anchor Trust anchor certificate
	76	+ * @param Certificate $target Target end-entity certificate
	77	+ * @param CertificateBundle\|null $intermediate Optional intermediate
	78	+ * certificates
	79	+ * @return self
	80	+ */
	81	+ public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
	82	+ Certificate $target, CertificateBundle $intermediate = null): self
	83	+ {
	84	+ return self::toTarget($target, new CertificateBundle($trust_anchor),
	85	+ $intermediate);
	86	+ }
87	87
88		- /**
89		- * Get certificates.
90		- *
91		- * @return Certificate[]
92		- */
93		- public function certificates(): array
94		- {
95		- return $this->_certificates;
96		- }
	88	+ /**
	89	+ * Get certificates.
	90	+ *
	91	+ * @return Certificate[]
	92	+ */
	93	+ public function certificates(): array
	94	+ {
	95	+ return $this->_certificates;
	96	+ }
97	97
98		- /**
99		- * Get the trust anchor certificate from the path.
100		- *
101		- * @throws \LogicException If path is empty
102		- * @return Certificate
103		- */
104		- public function trustAnchorCertificate(): Certificate
105		- {
106		- if (!count($this->_certificates)) {
107		- throw new \LogicException("No certificates.");
108		- }
109		- return $this->_certificates[0];
110		- }
	98	+ /**
	99	+ * Get the trust anchor certificate from the path.
	100	+ *
	101	+ * @throws \LogicException If path is empty
	102	+ * @return Certificate
	103	+ */
	104	+ public function trustAnchorCertificate(): Certificate
	105	+ {
	106	+ if (!count($this->_certificates)) {
	107	+ throw new \LogicException("No certificates.");
	108	+ }
	109	+ return $this->_certificates[0];
	110	+ }
111	111
112		- /**
113		- * Get the end-entity certificate from the path.
114		- *
115		- * @throws \LogicException If path is empty
116		- * @return Certificate
117		- */
118		- public function endEntityCertificate(): Certificate
119		- {
120		- if (!count($this->_certificates)) {
121		- throw new \LogicException("No certificates.");
122		- }
123		- return $this->_certificates[count($this->_certificates) - 1];
124		- }
	112	+ /**
	113	+ * Get the end-entity certificate from the path.
	114	+ *
	115	+ * @throws \LogicException If path is empty
	116	+ * @return Certificate
	117	+ */
	118	+ public function endEntityCertificate(): Certificate
	119	+ {
	120	+ if (!count($this->_certificates)) {
	121	+ throw new \LogicException("No certificates.");
	122	+ }
	123	+ return $this->_certificates[count($this->_certificates) - 1];
	124	+ }
125	125
126		- /**
127		- * Get certification path as a certificate chain.
128		- *
129		- * @return CertificateChain
130		- */
131		- public function certificateChain(): CertificateChain
132		- {
133		- return new CertificateChain(
134		- ...array_reverse($this->_certificates, false));
135		- }
	126	+ /**
	127	+ * Get certification path as a certificate chain.
	128	+ *
	129	+ * @return CertificateChain
	130	+ */
	131	+ public function certificateChain(): CertificateChain
	132	+ {
	133	+ return new CertificateChain(
	134	+ ...array_reverse($this->_certificates, false));
	135	+ }
136	136
137		- /**
138		- * Check whether certification path starts with one ore more given
139		- * certificates in parameter order.
140		- *
141		- * @param Certificate ...$certs Certificates
142		- * @return true
143		- */
144		- public function startsWith(Certificate ...$certs): bool
145		- {
146		- $n = count($certs);
147		- if ($n > count($this->_certificates)) {
148		- return false;
149		- }
150		- for ($i = 0; $i < $n; ++$i) {
151		- if (!$certs[$i]->equals($this->_certificates[$i])) {
152		- return false;
153		- }
154		- }
155		- return true;
156		- }
	137	+ /**
	138	+ * Check whether certification path starts with one ore more given
	139	+ * certificates in parameter order.
	140	+ *
	141	+ * @param Certificate ...$certs Certificates
	142	+ * @return true
	143	+ */
	144	+ public function startsWith(Certificate ...$certs): bool
	145	+ {
	146	+ $n = count($certs);
	147	+ if ($n > count($this->_certificates)) {
	148	+ return false;
	149	+ }
	150	+ for ($i = 0; $i < $n; ++$i) {
	151	+ if (!$certs[$i]->equals($this->_certificates[$i])) {
	152	+ return false;
	153	+ }
	154	+ }
	155	+ return true;
	156	+ }
157	157
158		- /**
159		- * Validate certification path.
160		- *
161		- * @param PathValidationConfig $config
162		- * @param Crypto\|null $crypto Crypto engine, use default if not set
163		- * @throws Exception\PathValidationException
164		- * @return PathValidation\PathValidationResult
165		- */
166		- public function validate(PathValidationConfig $config, Crypto $crypto = null): PathValidation\PathValidationResult
167		- {
168		- $crypto = $crypto ?: Crypto::getDefault();
169		- $validator = new PathValidator($crypto, $config, ...$this->_certificates);
170		- return $validator->validate();
171		- }
	158	+ /**
	159	+ * Validate certification path.
	160	+ *
	161	+ * @param PathValidationConfig $config
	162	+ * @param Crypto\|null $crypto Crypto engine, use default if not set
	163	+ * @throws Exception\PathValidationException
	164	+ * @return PathValidation\PathValidationResult
	165	+ */
	166	+ public function validate(PathValidationConfig $config, Crypto $crypto = null): PathValidation\PathValidationResult
	167	+ {
	168	+ $crypto = $crypto ?: Crypto::getDefault();
	169	+ $validator = new PathValidator($crypto, $config, ...$this->_certificates);
	170	+ return $validator->validate();
	171	+ }
172	172
173		- /**
174		- *
175		- * @see \Countable::count()
176		- * @return int
177		- */
178		- public function count(): int
179		- {
180		- return count($this->_certificates);
181		- }
	173	+ /**
	174	+ *
	175	+ * @see \Countable::count()
	176	+ * @return int
	177	+ */
	178	+ public function count(): int
	179	+ {
	180	+ return count($this->_certificates);
	181	+ }
182	182
183		- /**
184		- * Get iterator for certificates.
185		- *
186		- * @see \IteratorAggregate::getIterator()
187		- * @return \ArrayIterator
188		- */
189		- public function getIterator(): \ArrayIterator
190		- {
191		- return new \ArrayIterator($this->_certificates);
192		- }
	183	+ /**
	184	+ * Get iterator for certificates.
	185	+ *
	186	+ * @see \IteratorAggregate::getIterator()
	187	+ * @return \ArrayIterator
	188	+ */
	189	+ public function getIterator(): \ArrayIterator
	190	+ {
	191	+ return new \ArrayIterator($this->_certificates);
	192	+ }
193	193	}

		@@ -14,274 +14,274 @@
		block discarded – undo
14	14	*/
15	15	class PathValidationConfig
16	16	{
17		- /**
18		- * Maximum allowed certification path length.
19		- *
20		- * @var int $_maxLength
21		- */
22		- protected $_maxLength;
	17	+ /**
	18	+ * Maximum allowed certification path length.
	19	+ *
	20	+ * @var int $_maxLength
	21	+ */
	22	+ protected $_maxLength;
23	23
24		- /**
25		- * Reference time.
26		- *
27		- * @var \DateTimeImmutable $_dateTime
28		- */
29		- protected $_dateTime;
	24	+ /**
	25	+ * Reference time.
	26	+ *
	27	+ * @var \DateTimeImmutable $_dateTime
	28	+ */
	29	+ protected $_dateTime;
30	30
31		- /**
32		- * List of acceptable policy identifiers.
33		- *
34		- * @var string[] $_policySet
35		- */
36		- protected $_policySet;
	31	+ /**
	32	+ * List of acceptable policy identifiers.
	33	+ *
	34	+ * @var string[] $_policySet
	35	+ */
	36	+ protected $_policySet;
37	37
38		- /**
39		- * Trust anchor certificate.
40		- *
41		- * If not set, path validation uses the first certificate of the path.
42		- *
43		- * @var Certificate\|null $_trustAnchor
44		- */
45		- protected $_trustAnchor;
	38	+ /**
	39	+ * Trust anchor certificate.
	40	+ *
	41	+ * If not set, path validation uses the first certificate of the path.
	42	+ *
	43	+ * @var Certificate\|null $_trustAnchor
	44	+ */
	45	+ protected $_trustAnchor;
46	46
47		- /**
48		- * Whether policy mapping in inhibited.
49		- *
50		- * Setting this to true disallows policy mapping.
51		- *
52		- * @var bool $_policyMappingInhibit
53		- */
54		- protected $_policyMappingInhibit;
	47	+ /**
	48	+ * Whether policy mapping in inhibited.
	49	+ *
	50	+ * Setting this to true disallows policy mapping.
	51	+ *
	52	+ * @var bool $_policyMappingInhibit
	53	+ */
	54	+ protected $_policyMappingInhibit;
55	55
56		- /**
57		- * Whether the path must be valid for at least one policy in the
58		- * initial policy set.
59		- *
60		- * @var bool $_explicitPolicy
61		- */
62		- protected $_explicitPolicy;
	56	+ /**
	57	+ * Whether the path must be valid for at least one policy in the
	58	+ * initial policy set.
	59	+ *
	60	+ * @var bool $_explicitPolicy
	61	+ */
	62	+ protected $_explicitPolicy;
63	63
64		- /**
65		- * Whether anyPolicy OID processing should be inhibited.
66		- *
67		- * Setting this to true disallows the usage of anyPolicy.
68		- *
69		- * @var bool $_anyPolicyInhibit
70		- */
71		- protected $_anyPolicyInhibit;
	64	+ /**
	65	+ * Whether anyPolicy OID processing should be inhibited.
	66	+ *
	67	+ * Setting this to true disallows the usage of anyPolicy.
	68	+ *
	69	+ * @var bool $_anyPolicyInhibit
	70	+ */
	71	+ protected $_anyPolicyInhibit;
72	72
73		- /**
74		- *
75		- * @todo Implement
76		- * @var mixed $_permittedSubtrees
77		- */
78		- protected $_permittedSubtrees;
	73	+ /**
	74	+ *
	75	+ * @todo Implement
	76	+ * @var mixed $_permittedSubtrees
	77	+ */
	78	+ protected $_permittedSubtrees;
79	79
80		- /**
81		- *
82		- * @todo Implement
83		- * @var mixed $_excludedSubtrees
84		- */
85		- protected $_excludedSubtrees;
	80	+ /**
	81	+ *
	82	+ * @todo Implement
	83	+ * @var mixed $_excludedSubtrees
	84	+ */
	85	+ protected $_excludedSubtrees;
86	86
87		- /**
88		- * Constructor.
89		- *
90		- * @param \DateTimeImmutable $dt Reference date and time
91		- * @param int $max_length Maximum certification path length
92		- */
93		- public function __construct(\DateTimeImmutable $dt, int $max_length)
94		- {
95		- $this->_dateTime = $dt;
96		- $this->_maxLength = (int) $max_length;
97		- $this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
98		- $this->_policyMappingInhibit = false;
99		- $this->_explicitPolicy = false;
100		- $this->_anyPolicyInhibit = false;
101		- }
	87	+ /**
	88	+ * Constructor.
	89	+ *
	90	+ * @param \DateTimeImmutable $dt Reference date and time
	91	+ * @param int $max_length Maximum certification path length
	92	+ */
	93	+ public function __construct(\DateTimeImmutable $dt, int $max_length)
	94	+ {
	95	+ $this->_dateTime = $dt;
	96	+ $this->_maxLength = (int) $max_length;
	97	+ $this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
	98	+ $this->_policyMappingInhibit = false;
	99	+ $this->_explicitPolicy = false;
	100	+ $this->_anyPolicyInhibit = false;
	101	+ }
102	102
103		- /**
104		- * Get default configuration.
105		- *
106		- * @return self
107		- */
108		- public static function defaultConfig(): self
109		- {
110		- return new self(new \DateTimeImmutable(), 3);
111		- }
	103	+ /**
	104	+ * Get default configuration.
	105	+ *
	106	+ * @return self
	107	+ */
	108	+ public static function defaultConfig(): self
	109	+ {
	110	+ return new self(new \DateTimeImmutable(), 3);
	111	+ }
112	112
113		- /**
114		- * Get self with maximum path length.
115		- *
116		- * @param int $length
117		- * @return self
118		- */
119		- public function withMaxLength(int $length): self
120		- {
121		- $obj = clone $this;
122		- $obj->_maxLength = $length;
123		- return $obj;
124		- }
	113	+ /**
	114	+ * Get self with maximum path length.
	115	+ *
	116	+ * @param int $length
	117	+ * @return self
	118	+ */
	119	+ public function withMaxLength(int $length): self
	120	+ {
	121	+ $obj = clone $this;
	122	+ $obj->_maxLength = $length;
	123	+ return $obj;
	124	+ }
125	125
126		- /**
127		- * Get self with reference date and time.
128		- *
129		- * @param \DateTimeImmutable $dt
130		- * @return self
131		- */
132		- public function withDateTime(\DateTimeImmutable $dt): self
133		- {
134		- $obj = clone $this;
135		- $obj->_dateTime = $dt;
136		- return $obj;
137		- }
	126	+ /**
	127	+ * Get self with reference date and time.
	128	+ *
	129	+ * @param \DateTimeImmutable $dt
	130	+ * @return self
	131	+ */
	132	+ public function withDateTime(\DateTimeImmutable $dt): self
	133	+ {
	134	+ $obj = clone $this;
	135	+ $obj->_dateTime = $dt;
	136	+ return $obj;
	137	+ }
138	138
139		- /**
140		- * Get self with trust anchor certificate.
141		- *
142		- * @param Certificate $ca
143		- * @return self
144		- */
145		- public function withTrustAnchor(Certificate $ca): self
146		- {
147		- $obj = clone $this;
148		- $obj->_trustAnchor = $ca;
149		- return $obj;
150		- }
	139	+ /**
	140	+ * Get self with trust anchor certificate.
	141	+ *
	142	+ * @param Certificate $ca
	143	+ * @return self
	144	+ */
	145	+ public function withTrustAnchor(Certificate $ca): self
	146	+ {
	147	+ $obj = clone $this;
	148	+ $obj->_trustAnchor = $ca;
	149	+ return $obj;
	150	+ }
151	151
152		- /**
153		- * Get self with initial-policy-mapping-inhibit set.
154		- *
155		- * @param bool $flag
156		- * @return self
157		- */
158		- public function withPolicyMappingInhibit(bool $flag): self
159		- {
160		- $obj = clone $this;
161		- $obj->_policyMappingInhibit = $flag;
162		- return $obj;
163		- }
	152	+ /**
	153	+ * Get self with initial-policy-mapping-inhibit set.
	154	+ *
	155	+ * @param bool $flag
	156	+ * @return self
	157	+ */
	158	+ public function withPolicyMappingInhibit(bool $flag): self
	159	+ {
	160	+ $obj = clone $this;
	161	+ $obj->_policyMappingInhibit = $flag;
	162	+ return $obj;
	163	+ }
164	164
165		- /**
166		- * Get self with initial-explicit-policy set.
167		- *
168		- * @param bool $flag
169		- * @return self
170		- */
171		- public function withExplicitPolicy(bool $flag): self
172		- {
173		- $obj = clone $this;
174		- $obj->_explicitPolicy = $flag;
175		- return $obj;
176		- }
	165	+ /**
	166	+ * Get self with initial-explicit-policy set.
	167	+ *
	168	+ * @param bool $flag
	169	+ * @return self
	170	+ */
	171	+ public function withExplicitPolicy(bool $flag): self
	172	+ {
	173	+ $obj = clone $this;
	174	+ $obj->_explicitPolicy = $flag;
	175	+ return $obj;
	176	+ }
177	177
178		- /**
179		- * Get self with initial-any-policy-inhibit set.
180		- *
181		- * @param bool $flag
182		- * @return self
183		- */
184		- public function withAnyPolicyInhibit(bool $flag): self
185		- {
186		- $obj = clone $this;
187		- $obj->_anyPolicyInhibit = $flag;
188		- return $obj;
189		- }
	178	+ /**
	179	+ * Get self with initial-any-policy-inhibit set.
	180	+ *
	181	+ * @param bool $flag
	182	+ * @return self
	183	+ */
	184	+ public function withAnyPolicyInhibit(bool $flag): self
	185	+ {
	186	+ $obj = clone $this;
	187	+ $obj->_anyPolicyInhibit = $flag;
	188	+ return $obj;
	189	+ }
190	190
191		- /**
192		- * Get self with user-initial-policy-set set to policy OIDs.
193		- *
194		- * @param string ...$policies List of policy OIDs
195		- * @return self
196		- */
197		- public function withPolicySet(string ...$policies): self
198		- {
199		- $obj = clone $this;
200		- $obj->_policySet = $policies;
201		- return $obj;
202		- }
	191	+ /**
	192	+ * Get self with user-initial-policy-set set to policy OIDs.
	193	+ *
	194	+ * @param string ...$policies List of policy OIDs
	195	+ * @return self
	196	+ */
	197	+ public function withPolicySet(string ...$policies): self
	198	+ {
	199	+ $obj = clone $this;
	200	+ $obj->_policySet = $policies;
	201	+ return $obj;
	202	+ }
203	203
204		- /**
205		- * Get maximum certification path length.
206		- *
207		- * @return int
208		- */
209		- public function maxLength(): int
210		- {
211		- return $this->_maxLength;
212		- }
	204	+ /**
	205	+ * Get maximum certification path length.
	206	+ *
	207	+ * @return int
	208	+ */
	209	+ public function maxLength(): int
	210	+ {
	211	+ return $this->_maxLength;
	212	+ }
213	213
214		- /**
215		- * Get reference date and time.
216		- *
217		- * @return \DateTimeImmutable
218		- */
219		- public function dateTime(): \DateTimeImmutable
220		- {
221		- return $this->_dateTime;
222		- }
	214	+ /**
	215	+ * Get reference date and time.
	216	+ *
	217	+ * @return \DateTimeImmutable
	218	+ */
	219	+ public function dateTime(): \DateTimeImmutable
	220	+ {
	221	+ return $this->_dateTime;
	222	+ }
223	223
224		- /**
225		- * Get user-initial-policy-set.
226		- *
227		- * @return string[] Array of OID's
228		- */
229		- public function policySet(): array
230		- {
231		- return $this->_policySet;
232		- }
	224	+ /**
	225	+ * Get user-initial-policy-set.
	226	+ *
	227	+ * @return string[] Array of OID's
	228	+ */
	229	+ public function policySet(): array
	230	+ {
	231	+ return $this->_policySet;
	232	+ }
233	233
234		- /**
235		- * Check whether trust anchor certificate is set.
236		- *
237		- * @return bool
238		- */
239		- public function hasTrustAnchor(): bool
240		- {
241		- return isset($this->_trustAnchor);
242		- }
	234	+ /**
	235	+ * Check whether trust anchor certificate is set.
	236	+ *
	237	+ * @return bool
	238	+ */
	239	+ public function hasTrustAnchor(): bool
	240	+ {
	241	+ return isset($this->_trustAnchor);
	242	+ }
243	243
244		- /**
245		- * Get trust anchor certificate.
246		- *
247		- * @throws \LogicException
248		- * @return Certificate
249		- */
250		- public function trustAnchor(): Certificate
251		- {
252		- if (!$this->hasTrustAnchor()) {
253		- throw new \LogicException("No trust anchor.");
254		- }
255		- return $this->_trustAnchor;
256		- }
	244	+ /**
	245	+ * Get trust anchor certificate.
	246	+ *
	247	+ * @throws \LogicException
	248	+ * @return Certificate
	249	+ */
	250	+ public function trustAnchor(): Certificate
	251	+ {
	252	+ if (!$this->hasTrustAnchor()) {
	253	+ throw new \LogicException("No trust anchor.");
	254	+ }
	255	+ return $this->_trustAnchor;
	256	+ }
257	257
258		- /**
259		- * Get initial-policy-mapping-inhibit.
260		- *
261		- * @return bool
262		- */
263		- public function policyMappingInhibit(): bool
264		- {
265		- return $this->_policyMappingInhibit;
266		- }
	258	+ /**
	259	+ * Get initial-policy-mapping-inhibit.
	260	+ *
	261	+ * @return bool
	262	+ */
	263	+ public function policyMappingInhibit(): bool
	264	+ {
	265	+ return $this->_policyMappingInhibit;
	266	+ }
267	267
268		- /**
269		- * Get initial-explicit-policy.
270		- *
271		- * @return bool
272		- */
273		- public function explicitPolicy(): bool
274		- {
275		- return $this->_explicitPolicy;
276		- }
	268	+ /**
	269	+ * Get initial-explicit-policy.
	270	+ *
	271	+ * @return bool
	272	+ */
	273	+ public function explicitPolicy(): bool
	274	+ {
	275	+ return $this->_explicitPolicy;
	276	+ }
277	277
278		- /**
279		- * Get initial-any-policy-inhibit.
280		- *
281		- * @return bool
282		- */
283		- public function anyPolicyInhibit(): bool
284		- {
285		- return $this->_anyPolicyInhibit;
286		- }
	278	+ /**
	279	+ * Get initial-any-policy-inhibit.
	280	+ *
	281	+ * @return bool
	282	+ */
	283	+ public function anyPolicyInhibit(): bool
	284	+ {
	285	+ return $this->_anyPolicyInhibit;
	286	+ }
287	287	}

		@@ -22,435 +22,435 @@
		block discarded – undo
22	22	*/
23	23	class AttributeCertificateInfo
24	24	{
25		- const VERSION_2 = 1;
26		-
27		- /**
28		- * AC version.
29		- *
30		- * @var int $_version
31		- */
32		- protected $_version;
33		-
34		- /**
35		- * AC holder.
36		- *
37		- * @var Holder $_holder
38		- */
39		- protected $_holder;
40		-
41		- /**
42		- * AC issuer.
43		- *
44		- * @var AttCertIssuer $_issuer
45		- */
46		- protected $_issuer;
47		-
48		- /**
49		- * Signature algorithm identifier.
50		- *
51		- * @var SignatureAlgorithmIdentifier $_signature
52		- */
53		- protected $_signature;
54		-
55		- /**
56		- * AC serial number.
57		- *
58		- * @var string $_serialNumber
59		- */
60		- protected $_serialNumber;
61		-
62		- /**
63		- * Validity period.
64		- *
65		- * @var AttCertValidityPeriod $_attrCertValidityPeriod
66		- */
67		- protected $_attrCertValidityPeriod;
68		-
69		- /**
70		- * Attributes.
71		- *
72		- * @var Attributes $_attributes
73		- */
74		- protected $_attributes;
75		-
76		- /**
77		- * Issuer unique identifier.
78		- *
79		- * @var UniqueIdentifier\|null $_issuerUniqueID
80		- */
81		- protected $_issuerUniqueID;
82		-
83		- /**
84		- * Extensions.
85		- *
86		- * @var Extensions $_extensions
87		- */
88		- protected $_extensions;
89		-
90		- /**
91		- * Constructor.
92		- *
93		- * @param Holder $holder AC holder
94		- * @param AttCertIssuer $issuer AC issuer
95		- * @param AttCertValidityPeriod $validity Validity
96		- * @param Attributes $attribs Attributes
97		- */
98		- public function __construct(Holder $holder, AttCertIssuer $issuer,
99		- AttCertValidityPeriod $validity, Attributes $attribs)
100		- {
101		- $this->_version = self::VERSION_2;
102		- $this->_holder = $holder;
103		- $this->_issuer = $issuer;
104		- $this->_attrCertValidityPeriod = $validity;
105		- $this->_attributes = $attribs;
106		- $this->_extensions = new Extensions();
107		- }
108		-
109		- /**
110		- * Initialize from ASN.1.
111		- *
112		- * @param Sequence $seq
113		- * @throws \UnexpectedValueException
114		- * @return self
115		- */
116		- public static function fromASN1(Sequence $seq): self
117		- {
118		- $version = $seq->at(0)
119		- ->asInteger()
120		- ->intNumber();
121		- if ($version != self::VERSION_2) {
122		- throw new \UnexpectedValueException("Version must be 2.");
123		- }
124		- $holder = Holder::fromASN1($seq->at(1)->asSequence());
125		- $issuer = AttCertIssuer::fromASN1($seq->at(2));
126		- $signature = AlgorithmIdentifier::fromASN1($seq->at(3)->asSequence());
127		- if (!$signature instanceof SignatureAlgorithmIdentifier) {
128		- throw new \UnexpectedValueException(
129		- "Unsupported signature algorithm " . $signature->oid() . ".");
130		- }
131		- $serial = $seq->at(4)
132		- ->asInteger()
133		- ->number();
134		- $validity = AttCertValidityPeriod::fromASN1($seq->at(5)->asSequence());
135		- $attribs = Attributes::fromASN1($seq->at(6)->asSequence());
136		- $obj = new self($holder, $issuer, $validity, $attribs);
137		- $obj->_signature = $signature;
138		- $obj->_serialNumber = $serial;
139		- $idx = 7;
140		- if ($seq->has($idx, Element::TYPE_BIT_STRING)) {
141		- $obj->_issuerUniqueID = UniqueIdentifier::fromASN1(
142		- $seq->at($idx++)->asBitString());
143		- }
144		- if ($seq->has($idx, Element::TYPE_SEQUENCE)) {
145		- $obj->_extensions = Extensions::fromASN1(
146		- $seq->at($idx++)->asSequence());
147		- }
148		- return $obj;
149		- }
150		-
151		- /**
152		- * Get self with holder.
153		- *
154		- * @param Holder $holder
155		- * @return self
156		- */
157		- public function withHolder(Holder $holder): self
158		- {
159		- $obj = clone $this;
160		- $obj->_holder = $holder;
161		- return $obj;
162		- }
163		-
164		- /**
165		- * Get self with issuer.
166		- *
167		- * @param AttCertIssuer $issuer
168		- * @return self
169		- */
170		- public function withIssuer(AttCertIssuer $issuer): self
171		- {
172		- $obj = clone $this;
173		- $obj->_issuer = $issuer;
174		- return $obj;
175		- }
176		-
177		- /**
178		- * Get self with signature algorithm identifier.
179		- *
180		- * @param SignatureAlgorithmIdentifier $algo
181		- * @return self
182		- */
183		- public function withSignature(SignatureAlgorithmIdentifier $algo): self
184		- {
185		- $obj = clone $this;
186		- $obj->_signature = $algo;
187		- return $obj;
188		- }
189		-
190		- /**
191		- * Get self with serial number.
192		- *
193		- * @param int\|string $serial
194		- * @return self
195		- */
196		- public function withSerialNumber($serial): self
197		- {
198		- $obj = clone $this;
199		- $obj->_serialNumber = strval($serial);
200		- return $obj;
201		- }
202		-
203		- /**
204		- * Get self with random positive serial number.
205		- *
206		- * @param int $size Number of random bytes
207		- * @return self
208		- */
209		- public function withRandomSerialNumber(int $size = 16): self
210		- {
211		- // ensure that first byte is always non-zero and having first bit unset
212		- $num = gmp_init(mt_rand(1, 0x7f), 10);
213		- for ($i = 1; $i < $size; ++$i) {
214		- $num <<= 8;
215		- $num += mt_rand(0, 0xff);
216		- }
217		- return $this->withSerialNumber(gmp_strval($num, 10));
218		- }
219		-
220		- /**
221		- * Get self with validity period.
222		- *
223		- * @param AttCertValidityPeriod $validity
224		- * @return self
225		- */
226		- public function withValidity(AttCertValidityPeriod $validity): self
227		- {
228		- $obj = clone $this;
229		- $obj->_attrCertValidityPeriod = $validity;
230		- return $obj;
231		- }
232		-
233		- /**
234		- * Get self with attributes.
235		- *
236		- * @param Attributes $attribs
237		- * @return self
238		- */
239		- public function withAttributes(Attributes $attribs): self
240		- {
241		- $obj = clone $this;
242		- $obj->_attributes = $attribs;
243		- return $obj;
244		- }
245		-
246		- /**
247		- * Get self with issuer unique identifier.
248		- *
249		- * @param UniqueIdentifier $uid
250		- * @return self
251		- */
252		- public function withIssuerUniqueID(UniqueIdentifier $uid): self
253		- {
254		- $obj = clone $this;
255		- $obj->_issuerUniqueID = $uid;
256		- return $obj;
257		- }
258		-
259		- /**
260		- * Get self with extensions.
261		- *
262		- * @param Extensions $extensions
263		- * @return self
264		- */
265		- public function withExtensions(Extensions $extensions): self
266		- {
267		- $obj = clone $this;
268		- $obj->_extensions = $extensions;
269		- return $obj;
270		- }
271		-
272		- /**
273		- * Get self with extensions added.
274		- *
275		- * @param Extension ...$exts One or more Extension objects
276		- * @return self
277		- */
278		- public function withAdditionalExtensions(Extension ...$exts): self
279		- {
280		- $obj = clone $this;
281		- $obj->_extensions = $obj->_extensions->withExtensions(...$exts);
282		- return $obj;
283		- }
284		-
285		- /**
286		- * Get version.
287		- *
288		- * @return int
289		- */
290		- public function version(): int
291		- {
292		- return $this->_version;
293		- }
294		-
295		- /**
296		- * Get AC holder.
297		- *
298		- * @return Holder
299		- */
300		- public function holder(): Holder
301		- {
302		- return $this->_holder;
303		- }
304		-
305		- /**
306		- * Get AC issuer.
307		- *
308		- * @return AttCertIssuer
309		- */
310		- public function issuer(): AttCertIssuer
311		- {
312		- return $this->_issuer;
313		- }
314		-
315		- /**
316		- * Check whether signature is set.
317		- *
318		- * @return bool
319		- */
320		- public function hasSignature(): bool
321		- {
322		- return isset($this->_signature);
323		- }
324		-
325		- /**
326		- * Get signature algorithm identifier.
327		- *
328		- * @return SignatureAlgorithmIdentifier
329		- */
330		- public function signature(): SignatureAlgorithmIdentifier
331		- {
332		- if (!$this->hasSignature()) {
333		- throw new \LogicException("signature not set.");
334		- }
335		- return $this->_signature;
336		- }
337		-
338		- /**
339		- * Check whether serial number is present.
340		- *
341		- * @return bool
342		- */
343		- public function hasSerialNumber(): bool
344		- {
345		- return isset($this->_serialNumber);
346		- }
347		-
348		- /**
349		- * Get AC serial number.
350		- *
351		- * @return string
352		- */
353		- public function serialNumber(): string
354		- {
355		- if (!$this->hasSerialNumber()) {
356		- throw new \LogicException("serialNumber not set.");
357		- }
358		- return $this->_serialNumber;
359		- }
360		-
361		- /**
362		- * Get validity period.
363		- *
364		- * @return AttCertValidityPeriod
365		- */
366		- public function validityPeriod(): AttCertValidityPeriod
367		- {
368		- return $this->_attrCertValidityPeriod;
369		- }
370		-
371		- /**
372		- * Get attributes.
373		- *
374		- * @return Attributes
375		- */
376		- public function attributes(): Attributes
377		- {
378		- return $this->_attributes;
379		- }
380		-
381		- /**
382		- * Check whether issuer unique identifier is present.
383		- *
384		- * @return bool
385		- */
386		- public function hasIssuerUniqueID(): bool
387		- {
388		- return isset($this->_issuerUniqueID);
389		- }
390		-
391		- /**
392		- * Get issuer unique identifier.
393		- *
394		- * @return UniqueIdentifier
395		- */
396		- public function issuerUniqueID(): UniqueIdentifier
397		- {
398		- if (!$this->hasIssuerUniqueID()) {
399		- throw new \LogicException("issuerUniqueID not set.");
400		- }
401		- return $this->_issuerUniqueID;
402		- }
403		-
404		- /**
405		- * Get extensions.
406		- *
407		- * @return Extensions
408		- */
409		- public function extensions(): Extensions
410		- {
411		- return $this->_extensions;
412		- }
413		-
414		- /**
415		- * Get ASN.1 structure.
416		- *
417		- * @return Sequence
418		- */
419		- public function toASN1(): Sequence
420		- {
421		- $elements = array(new Integer($this->_version), $this->_holder->toASN1(),
422		- $this->_issuer->toASN1(), $this->signature()->toASN1(),
423		- new Integer($this->serialNumber()),
424		- $this->_attrCertValidityPeriod->toASN1(),
425		- $this->_attributes->toASN1());
426		- if (isset($this->_issuerUniqueID)) {
427		- $elements[] = $this->_issuerUniqueID->toASN1();
428		- }
429		- if (count($this->_extensions)) {
430		- $elements[] = $this->_extensions->toASN1();
431		- }
432		- return new Sequence(...$elements);
433		- }
434		-
435		- /**
436		- * Create signed attribute certificate.
437		- *
438		- * @param SignatureAlgorithmIdentifier $algo Signature algorithm
439		- * @param PrivateKeyInfo $privkey_info Private key
440		- * @param Crypto\|null $crypto Crypto engine, use default if not set
441		- * @return AttributeCertificate
442		- */
443		- public function sign(SignatureAlgorithmIdentifier $algo,
444		- PrivateKeyInfo $privkey_info, Crypto $crypto = null): AttributeCertificate
445		- {
446		- $crypto = $crypto ?: Crypto::getDefault();
447		- $aci = clone $this;
448		- if (!isset($aci->_serialNumber)) {
449		- $aci->_serialNumber = "0";
450		- }
451		- $aci->_signature = $algo;
452		- $data = $aci->toASN1()->toDER();
453		- $signature = $crypto->sign($data, $privkey_info, $algo);
454		- return new AttributeCertificate($aci, $algo, $signature);
455		- }
	25	+ const VERSION_2 = 1;
	26	+
	27	+ /**
	28	+ * AC version.
	29	+ *
	30	+ * @var int $_version
	31	+ */
	32	+ protected $_version;
	33	+
	34	+ /**
	35	+ * AC holder.
	36	+ *
	37	+ * @var Holder $_holder
	38	+ */
	39	+ protected $_holder;
	40	+
	41	+ /**
	42	+ * AC issuer.
	43	+ *
	44	+ * @var AttCertIssuer $_issuer
	45	+ */
	46	+ protected $_issuer;
	47	+
	48	+ /**
	49	+ * Signature algorithm identifier.
	50	+ *
	51	+ * @var SignatureAlgorithmIdentifier $_signature
	52	+ */
	53	+ protected $_signature;
	54	+
	55	+ /**
	56	+ * AC serial number.
	57	+ *
	58	+ * @var string $_serialNumber
	59	+ */
	60	+ protected $_serialNumber;
	61	+
	62	+ /**
	63	+ * Validity period.
	64	+ *
	65	+ * @var AttCertValidityPeriod $_attrCertValidityPeriod
	66	+ */
	67	+ protected $_attrCertValidityPeriod;
	68	+
	69	+ /**
	70	+ * Attributes.
	71	+ *
	72	+ * @var Attributes $_attributes
	73	+ */
	74	+ protected $_attributes;
	75	+
	76	+ /**
	77	+ * Issuer unique identifier.
	78	+ *
	79	+ * @var UniqueIdentifier\|null $_issuerUniqueID
	80	+ */
	81	+ protected $_issuerUniqueID;
	82	+
	83	+ /**
	84	+ * Extensions.
	85	+ *
	86	+ * @var Extensions $_extensions
	87	+ */
	88	+ protected $_extensions;
	89	+
	90	+ /**
	91	+ * Constructor.
	92	+ *
	93	+ * @param Holder $holder AC holder
	94	+ * @param AttCertIssuer $issuer AC issuer
	95	+ * @param AttCertValidityPeriod $validity Validity
	96	+ * @param Attributes $attribs Attributes
	97	+ */
	98	+ public function __construct(Holder $holder, AttCertIssuer $issuer,
	99	+ AttCertValidityPeriod $validity, Attributes $attribs)
	100	+ {
	101	+ $this->_version = self::VERSION_2;
	102	+ $this->_holder = $holder;
	103	+ $this->_issuer = $issuer;
	104	+ $this->_attrCertValidityPeriod = $validity;
	105	+ $this->_attributes = $attribs;
	106	+ $this->_extensions = new Extensions();
	107	+ }
	108	+
	109	+ /**
	110	+ * Initialize from ASN.1.
	111	+ *
	112	+ * @param Sequence $seq
	113	+ * @throws \UnexpectedValueException
	114	+ * @return self
	115	+ */
	116	+ public static function fromASN1(Sequence $seq): self
	117	+ {
	118	+ $version = $seq->at(0)
	119	+ ->asInteger()
	120	+ ->intNumber();
	121	+ if ($version != self::VERSION_2) {
	122	+ throw new \UnexpectedValueException("Version must be 2.");
	123	+ }
	124	+ $holder = Holder::fromASN1($seq->at(1)->asSequence());
	125	+ $issuer = AttCertIssuer::fromASN1($seq->at(2));
	126	+ $signature = AlgorithmIdentifier::fromASN1($seq->at(3)->asSequence());
	127	+ if (!$signature instanceof SignatureAlgorithmIdentifier) {
	128	+ throw new \UnexpectedValueException(
	129	+ "Unsupported signature algorithm " . $signature->oid() . ".");
	130	+ }
	131	+ $serial = $seq->at(4)
	132	+ ->asInteger()
	133	+ ->number();
	134	+ $validity = AttCertValidityPeriod::fromASN1($seq->at(5)->asSequence());
	135	+ $attribs = Attributes::fromASN1($seq->at(6)->asSequence());
	136	+ $obj = new self($holder, $issuer, $validity, $attribs);
	137	+ $obj->_signature = $signature;
	138	+ $obj->_serialNumber = $serial;
	139	+ $idx = 7;
	140	+ if ($seq->has($idx, Element::TYPE_BIT_STRING)) {
	141	+ $obj->_issuerUniqueID = UniqueIdentifier::fromASN1(
	142	+ $seq->at($idx++)->asBitString());
	143	+ }
	144	+ if ($seq->has($idx, Element::TYPE_SEQUENCE)) {
	145	+ $obj->_extensions = Extensions::fromASN1(
	146	+ $seq->at($idx++)->asSequence());
	147	+ }
	148	+ return $obj;
	149	+ }
	150	+
	151	+ /**
	152	+ * Get self with holder.
	153	+ *
	154	+ * @param Holder $holder
	155	+ * @return self
	156	+ */
	157	+ public function withHolder(Holder $holder): self
	158	+ {
	159	+ $obj = clone $this;
	160	+ $obj->_holder = $holder;
	161	+ return $obj;
	162	+ }
	163	+
	164	+ /**
	165	+ * Get self with issuer.
	166	+ *
	167	+ * @param AttCertIssuer $issuer
	168	+ * @return self
	169	+ */
	170	+ public function withIssuer(AttCertIssuer $issuer): self
	171	+ {
	172	+ $obj = clone $this;
	173	+ $obj->_issuer = $issuer;
	174	+ return $obj;
	175	+ }
	176	+
	177	+ /**
	178	+ * Get self with signature algorithm identifier.
	179	+ *
	180	+ * @param SignatureAlgorithmIdentifier $algo
	181	+ * @return self
	182	+ */
	183	+ public function withSignature(SignatureAlgorithmIdentifier $algo): self
	184	+ {
	185	+ $obj = clone $this;
	186	+ $obj->_signature = $algo;
	187	+ return $obj;
	188	+ }
	189	+
	190	+ /**
	191	+ * Get self with serial number.
	192	+ *
	193	+ * @param int\|string $serial
	194	+ * @return self
	195	+ */
	196	+ public function withSerialNumber($serial): self
	197	+ {
	198	+ $obj = clone $this;
	199	+ $obj->_serialNumber = strval($serial);
	200	+ return $obj;
	201	+ }
	202	+
	203	+ /**
	204	+ * Get self with random positive serial number.
	205	+ *
	206	+ * @param int $size Number of random bytes
	207	+ * @return self
	208	+ */
	209	+ public function withRandomSerialNumber(int $size = 16): self
	210	+ {
	211	+ // ensure that first byte is always non-zero and having first bit unset
	212	+ $num = gmp_init(mt_rand(1, 0x7f), 10);
	213	+ for ($i = 1; $i < $size; ++$i) {
	214	+ $num <<= 8;
	215	+ $num += mt_rand(0, 0xff);
	216	+ }
	217	+ return $this->withSerialNumber(gmp_strval($num, 10));
	218	+ }
	219	+
	220	+ /**
	221	+ * Get self with validity period.
	222	+ *
	223	+ * @param AttCertValidityPeriod $validity
	224	+ * @return self
	225	+ */
	226	+ public function withValidity(AttCertValidityPeriod $validity): self
	227	+ {
	228	+ $obj = clone $this;
	229	+ $obj->_attrCertValidityPeriod = $validity;
	230	+ return $obj;
	231	+ }
	232	+
	233	+ /**
	234	+ * Get self with attributes.
	235	+ *
	236	+ * @param Attributes $attribs
	237	+ * @return self
	238	+ */
	239	+ public function withAttributes(Attributes $attribs): self
	240	+ {
	241	+ $obj = clone $this;
	242	+ $obj->_attributes = $attribs;
	243	+ return $obj;
	244	+ }
	245	+
	246	+ /**
	247	+ * Get self with issuer unique identifier.
	248	+ *
	249	+ * @param UniqueIdentifier $uid
	250	+ * @return self
	251	+ */
	252	+ public function withIssuerUniqueID(UniqueIdentifier $uid): self
	253	+ {
	254	+ $obj = clone $this;
	255	+ $obj->_issuerUniqueID = $uid;
	256	+ return $obj;
	257	+ }
	258	+
	259	+ /**
	260	+ * Get self with extensions.
	261	+ *
	262	+ * @param Extensions $extensions
	263	+ * @return self
	264	+ */
	265	+ public function withExtensions(Extensions $extensions): self
	266	+ {
	267	+ $obj = clone $this;
	268	+ $obj->_extensions = $extensions;
	269	+ return $obj;
	270	+ }
	271	+
	272	+ /**
	273	+ * Get self with extensions added.
	274	+ *
	275	+ * @param Extension ...$exts One or more Extension objects
	276	+ * @return self
	277	+ */
	278	+ public function withAdditionalExtensions(Extension ...$exts): self
	279	+ {
	280	+ $obj = clone $this;
	281	+ $obj->_extensions = $obj->_extensions->withExtensions(...$exts);
	282	+ return $obj;
	283	+ }
	284	+
	285	+ /**
	286	+ * Get version.
	287	+ *
	288	+ * @return int
	289	+ */
	290	+ public function version(): int
	291	+ {
	292	+ return $this->_version;
	293	+ }
	294	+
	295	+ /**
	296	+ * Get AC holder.
	297	+ *
	298	+ * @return Holder
	299	+ */
	300	+ public function holder(): Holder
	301	+ {
	302	+ return $this->_holder;
	303	+ }
	304	+
	305	+ /**
	306	+ * Get AC issuer.
	307	+ *
	308	+ * @return AttCertIssuer
	309	+ */
	310	+ public function issuer(): AttCertIssuer
	311	+ {
	312	+ return $this->_issuer;
	313	+ }
	314	+
	315	+ /**
	316	+ * Check whether signature is set.
	317	+ *
	318	+ * @return bool
	319	+ */
	320	+ public function hasSignature(): bool
	321	+ {
	322	+ return isset($this->_signature);
	323	+ }
	324	+
	325	+ /**
	326	+ * Get signature algorithm identifier.
	327	+ *
	328	+ * @return SignatureAlgorithmIdentifier
	329	+ */
	330	+ public function signature(): SignatureAlgorithmIdentifier
	331	+ {
	332	+ if (!$this->hasSignature()) {
	333	+ throw new \LogicException("signature not set.");
	334	+ }
	335	+ return $this->_signature;
	336	+ }
	337	+
	338	+ /**
	339	+ * Check whether serial number is present.
	340	+ *
	341	+ * @return bool
	342	+ */
	343	+ public function hasSerialNumber(): bool
	344	+ {
	345	+ return isset($this->_serialNumber);
	346	+ }
	347	+
	348	+ /**
	349	+ * Get AC serial number.
	350	+ *
	351	+ * @return string
	352	+ */
	353	+ public function serialNumber(): string
	354	+ {
	355	+ if (!$this->hasSerialNumber()) {
	356	+ throw new \LogicException("serialNumber not set.");
	357	+ }
	358	+ return $this->_serialNumber;
	359	+ }
	360	+
	361	+ /**
	362	+ * Get validity period.
	363	+ *
	364	+ * @return AttCertValidityPeriod
	365	+ */
	366	+ public function validityPeriod(): AttCertValidityPeriod
	367	+ {
	368	+ return $this->_attrCertValidityPeriod;
	369	+ }
	370	+
	371	+ /**
	372	+ * Get attributes.
	373	+ *
	374	+ * @return Attributes
	375	+ */
	376	+ public function attributes(): Attributes
	377	+ {
	378	+ return $this->_attributes;
	379	+ }
	380	+
	381	+ /**
	382	+ * Check whether issuer unique identifier is present.
	383	+ *
	384	+ * @return bool
	385	+ */
	386	+ public function hasIssuerUniqueID(): bool
	387	+ {
	388	+ return isset($this->_issuerUniqueID);
	389	+ }
	390	+
	391	+ /**
	392	+ * Get issuer unique identifier.
	393	+ *
	394	+ * @return UniqueIdentifier
	395	+ */
	396	+ public function issuerUniqueID(): UniqueIdentifier
	397	+ {
	398	+ if (!$this->hasIssuerUniqueID()) {
	399	+ throw new \LogicException("issuerUniqueID not set.");
	400	+ }
	401	+ return $this->_issuerUniqueID;
	402	+ }
	403	+
	404	+ /**
	405	+ * Get extensions.
	406	+ *
	407	+ * @return Extensions
	408	+ */
	409	+ public function extensions(): Extensions
	410	+ {
	411	+ return $this->_extensions;
	412	+ }
	413	+
	414	+ /**
	415	+ * Get ASN.1 structure.
	416	+ *
	417	+ * @return Sequence
	418	+ */
	419	+ public function toASN1(): Sequence
	420	+ {
	421	+ $elements = array(new Integer($this->_version), $this->_holder->toASN1(),
	422	+ $this->_issuer->toASN1(), $this->signature()->toASN1(),
	423	+ new Integer($this->serialNumber()),
	424	+ $this->_attrCertValidityPeriod->toASN1(),
	425	+ $this->_attributes->toASN1());
	426	+ if (isset($this->_issuerUniqueID)) {
	427	+ $elements[] = $this->_issuerUniqueID->toASN1();
	428	+ }
	429	+ if (count($this->_extensions)) {
	430	+ $elements[] = $this->_extensions->toASN1();
	431	+ }
	432	+ return new Sequence(...$elements);
	433	+ }
	434	+
	435	+ /**
	436	+ * Create signed attribute certificate.
	437	+ *
	438	+ * @param SignatureAlgorithmIdentifier $algo Signature algorithm
	439	+ * @param PrivateKeyInfo $privkey_info Private key
	440	+ * @param Crypto\|null $crypto Crypto engine, use default if not set
	441	+ * @return AttributeCertificate
	442	+ */
	443	+ public function sign(SignatureAlgorithmIdentifier $algo,
	444	+ PrivateKeyInfo $privkey_info, Crypto $crypto = null): AttributeCertificate
	445	+ {
	446	+ $crypto = $crypto ?: Crypto::getDefault();
	447	+ $aci = clone $this;
	448	+ if (!isset($aci->_serialNumber)) {
	449	+ $aci->_serialNumber = "0";
	450	+ }
	451	+ $aci->_signature = $algo;
	452	+ $data = $aci->toASN1()->toDER();
	453	+ $signature = $crypto->sign($data, $privkey_info, $algo);
	454	+ return new AttributeCertificate($aci, $algo, $signature);
	455	+ }
456	456	}

		@@ -19,144 +19,144 @@
		block discarded – undo
19	19	*/
20	20	class V2Form extends AttCertIssuer
21	21	{
22		- /**
23		- * Issuer name.
24		- *
25		- * @var GeneralNames $_issuerName
26		- */
27		- protected $_issuerName;
	22	+ /**
	23	+ * Issuer name.
	24	+ *
	25	+ * @var GeneralNames $_issuerName
	26	+ */
	27	+ protected $_issuerName;
28	28
29		- /**
30		- * Issuer PKC's issuer and serial.
31		- *
32		- * @var IssuerSerial $_baseCertificateID
33		- */
34		- protected $_baseCertificateID;
	29	+ /**
	30	+ * Issuer PKC's issuer and serial.
	31	+ *
	32	+ * @var IssuerSerial $_baseCertificateID
	33	+ */
	34	+ protected $_baseCertificateID;
35	35
36		- /**
37		- * Linked object.
38		- *
39		- * @var ObjectDigestInfo $_objectDigestInfo
40		- */
41		- protected $_objectDigestInfo;
	36	+ /**
	37	+ * Linked object.
	38	+ *
	39	+ * @var ObjectDigestInfo $_objectDigestInfo
	40	+ */
	41	+ protected $_objectDigestInfo;
42	42
43		- /**
44		- * Constructor.
45		- *
46		- * @param GeneralNames\|null $names
47		- */
48		- public function __construct(GeneralNames $names = null)
49		- {
50		- $this->_issuerName = $names;
51		- $this->_baseCertificateID = null;
52		- $this->_objectDigestInfo = null;
53		- }
	43	+ /**
	44	+ * Constructor.
	45	+ *
	46	+ * @param GeneralNames\|null $names
	47	+ */
	48	+ public function __construct(GeneralNames $names = null)
	49	+ {
	50	+ $this->_issuerName = $names;
	51	+ $this->_baseCertificateID = null;
	52	+ $this->_objectDigestInfo = null;
	53	+ }
54	54
55		- /**
56		- * Initialize from ASN.1.
57		- *
58		- * @param Sequence $seq
59		- * @return self
60		- */
61		- public static function fromV2ASN1(Sequence $seq): self
62		- {
63		- $issuer = null;
64		- $cert_id = null;
65		- $digest_info = null;
66		- if ($seq->has(0, Element::TYPE_SEQUENCE)) {
67		- $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
68		- }
69		- if ($seq->hasTagged(0)) {
70		- $cert_id = IssuerSerial::fromASN1(
71		- $seq->getTagged(0)
72		- ->asImplicit(Element::TYPE_SEQUENCE)
73		- ->asSequence());
74		- }
75		- if ($seq->hasTagged(1)) {
76		- $digest_info = ObjectDigestInfo::fromASN1(
77		- $seq->getTagged(1)
78		- ->asImplicit(Element::TYPE_SEQUENCE)
79		- ->asSequence());
80		- }
81		- $obj = new self($issuer);
82		- $obj->_baseCertificateID = $cert_id;
83		- $obj->_objectDigestInfo = $digest_info;
84		- return $obj;
85		- }
	55	+ /**
	56	+ * Initialize from ASN.1.
	57	+ *
	58	+ * @param Sequence $seq
	59	+ * @return self
	60	+ */
	61	+ public static function fromV2ASN1(Sequence $seq): self
	62	+ {
	63	+ $issuer = null;
	64	+ $cert_id = null;
	65	+ $digest_info = null;
	66	+ if ($seq->has(0, Element::TYPE_SEQUENCE)) {
	67	+ $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
	68	+ }
	69	+ if ($seq->hasTagged(0)) {
	70	+ $cert_id = IssuerSerial::fromASN1(
	71	+ $seq->getTagged(0)
	72	+ ->asImplicit(Element::TYPE_SEQUENCE)
	73	+ ->asSequence());
	74	+ }
	75	+ if ($seq->hasTagged(1)) {
	76	+ $digest_info = ObjectDigestInfo::fromASN1(
	77	+ $seq->getTagged(1)
	78	+ ->asImplicit(Element::TYPE_SEQUENCE)
	79	+ ->asSequence());
	80	+ }
	81	+ $obj = new self($issuer);
	82	+ $obj->_baseCertificateID = $cert_id;
	83	+ $obj->_objectDigestInfo = $digest_info;
	84	+ return $obj;
	85	+ }
86	86
87		- /**
88		- * Check whether issuer name is set.
89		- *
90		- * @return bool
91		- */
92		- public function hasIssuerName(): bool
93		- {
94		- return isset($this->_issuerName);
95		- }
	87	+ /**
	88	+ * Check whether issuer name is set.
	89	+ *
	90	+ * @return bool
	91	+ */
	92	+ public function hasIssuerName(): bool
	93	+ {
	94	+ return isset($this->_issuerName);
	95	+ }
96	96
97		- /**
98		- * Get issuer name.
99		- *
100		- * @throws \LogicException
101		- * @return GeneralNames
102		- */
103		- public function issuerName(): GeneralNames
104		- {
105		- if (!$this->hasIssuerName()) {
106		- throw new \LogicException("issuerName not set.");
107		- }
108		- return $this->_issuerName;
109		- }
	97	+ /**
	98	+ * Get issuer name.
	99	+ *
	100	+ * @throws \LogicException
	101	+ * @return GeneralNames
	102	+ */
	103	+ public function issuerName(): GeneralNames
	104	+ {
	105	+ if (!$this->hasIssuerName()) {
	106	+ throw new \LogicException("issuerName not set.");
	107	+ }
	108	+ return $this->_issuerName;
	109	+ }
110	110
111		- /**
112		- * Get DN of the issuer.
113		- *
114		- * This is a convenience method conforming to RFC 5755, which states
115		- * that Issuer must contain only one non-empty distinguished name.
116		- *
117		- * @return \X501\ASN1\Name
118		- */
119		- public function name(): Name
120		- {
121		- return $this->issuerName()->firstDN();
122		- }
	111	+ /**
	112	+ * Get DN of the issuer.
	113	+ *
	114	+ * This is a convenience method conforming to RFC 5755, which states
	115	+ * that Issuer must contain only one non-empty distinguished name.
	116	+ *
	117	+ * @return \X501\ASN1\Name
	118	+ */
	119	+ public function name(): Name
	120	+ {
	121	+ return $this->issuerName()->firstDN();
	122	+ }
123	123
124		- /**
125		- *
126		- * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
127		- * @return ImplicitlyTaggedType Tagged Sequence
128		- */
129		- public function toASN1(): TaggedType
130		- {
131		- $elements = array();
132		- if (isset($this->_issuerName)) {
133		- $elements[] = $this->_issuerName->toASN1();
134		- }
135		- if (isset($this->_baseCertificateID)) {
136		- $elements[] = new ImplicitlyTaggedType(0,
137		- $this->_baseCertificateID->toASN1());
138		- }
139		- if (isset($this->_objectDigestInfo)) {
140		- $elements[] = new ImplicitlyTaggedType(1,
141		- $this->_objectDigestInfo->toASN1());
142		- }
143		- return new ImplicitlyTaggedType(0, new Sequence(...$elements));
144		- }
	124	+ /**
	125	+ *
	126	+ * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
	127	+ * @return ImplicitlyTaggedType Tagged Sequence
	128	+ */
	129	+ public function toASN1(): TaggedType
	130	+ {
	131	+ $elements = array();
	132	+ if (isset($this->_issuerName)) {
	133	+ $elements[] = $this->_issuerName->toASN1();
	134	+ }
	135	+ if (isset($this->_baseCertificateID)) {
	136	+ $elements[] = new ImplicitlyTaggedType(0,
	137	+ $this->_baseCertificateID->toASN1());
	138	+ }
	139	+ if (isset($this->_objectDigestInfo)) {
	140	+ $elements[] = new ImplicitlyTaggedType(1,
	141	+ $this->_objectDigestInfo->toASN1());
	142	+ }
	143	+ return new ImplicitlyTaggedType(0, new Sequence(...$elements));
	144	+ }
145	145
146		- /**
147		- *
148		- * {@inheritdoc}
149		- * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
150		- * @return bool
151		- */
152		- public function identifiesPKC(Certificate $cert): bool
153		- {
154		- $name = $this->_issuerName->firstDN();
155		- if (!$cert->tbsCertificate()
156		- ->subject()
157		- ->equals($name)) {
158		- return false;
159		- }
160		- return true;
161		- }
	146	+ /**
	147	+ *
	148	+ * {@inheritdoc}
	149	+ * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
	150	+ * @return bool
	151	+ */
	152	+ public function identifiesPKC(Certificate $cert): bool
	153	+ {
	154	+ $name = $this->_issuerName->firstDN();
	155	+ if (!$cert->tbsCertificate()
	156	+ ->subject()
	157	+ ->equals($name)) {
	158	+ return false;
	159	+ }
	160	+ return true;
	161	+ }
162	162	}

		@@ -23,155 +23,155 @@
		block discarded – undo
23	23	*/
24	24	class RoleAttributeValue extends AttributeValue
25	25	{
26		- /**
27		- * Issuing authority.
28		- *
29		- * @var GeneralNames $_roleAuthority
30		- */
31		- protected $_roleAuthority;
	26	+ /**
	27	+ * Issuing authority.
	28	+ *
	29	+ * @var GeneralNames $_roleAuthority
	30	+ */
	31	+ protected $_roleAuthority;
32	32
33		- /**
34		- * Role name.
35		- *
36		- * @var GeneralName $_roleName
37		- */
38		- protected $_roleName;
	33	+ /**
	34	+ * Role name.
	35	+ *
	36	+ * @var GeneralName $_roleName
	37	+ */
	38	+ protected $_roleName;
39	39
40		- /**
41		- * Constructor.
42		- *
43		- * @param GeneralName $name Role name
44		- * @param GeneralNames\|null $authority Issuing authority
45		- */
46		- public function __construct(GeneralName $name, GeneralNames $authority = null)
47		- {
48		- $this->_roleAuthority = $authority;
49		- $this->_roleName = $name;
50		- $this->_oid = AttributeType::OID_ROLE;
51		- }
	40	+ /**
	41	+ * Constructor.
	42	+ *
	43	+ * @param GeneralName $name Role name
	44	+ * @param GeneralNames\|null $authority Issuing authority
	45	+ */
	46	+ public function __construct(GeneralName $name, GeneralNames $authority = null)
	47	+ {
	48	+ $this->_roleAuthority = $authority;
	49	+ $this->_roleName = $name;
	50	+ $this->_oid = AttributeType::OID_ROLE;
	51	+ }
52	52
53		- /**
54		- * Initialize from a role string.
55		- *
56		- * @param string $role_name Role name in URI format
57		- * @param GeneralNames\|null $authority Issuing authority
58		- * @return self
59		- */
60		- public static function fromString(string $role_name,
61		- GeneralNames $authority = null): self
62		- {
63		- return new self(new UniformResourceIdentifier($role_name), $authority);
64		- }
	53	+ /**
	54	+ * Initialize from a role string.
	55	+ *
	56	+ * @param string $role_name Role name in URI format
	57	+ * @param GeneralNames\|null $authority Issuing authority
	58	+ * @return self
	59	+ */
	60	+ public static function fromString(string $role_name,
	61	+ GeneralNames $authority = null): self
	62	+ {
	63	+ return new self(new UniformResourceIdentifier($role_name), $authority);
	64	+ }
65	65
66		- /**
67		- *
68		- * @param UnspecifiedType $el
69		- * @return self
70		- */
71		- public static function fromASN1(UnspecifiedType $el): self
72		- {
73		- $seq = $el->asSequence();
74		- $authority = null;
75		- if ($seq->hasTagged(0)) {
76		- $authority = GeneralNames::fromASN1(
77		- $seq->getTagged(0)
78		- ->asImplicit(Element::TYPE_SEQUENCE)
79		- ->asSequence());
80		- }
81		- $name = GeneralName::fromASN1(
82		- $seq->getTagged(1)
83		- ->asExplicit()
84		- ->asTagged());
85		- return new self($name, $authority);
86		- }
	66	+ /**
	67	+ *
	68	+ * @param UnspecifiedType $el
	69	+ * @return self
	70	+ */
	71	+ public static function fromASN1(UnspecifiedType $el): self
	72	+ {
	73	+ $seq = $el->asSequence();
	74	+ $authority = null;
	75	+ if ($seq->hasTagged(0)) {
	76	+ $authority = GeneralNames::fromASN1(
	77	+ $seq->getTagged(0)
	78	+ ->asImplicit(Element::TYPE_SEQUENCE)
	79	+ ->asSequence());
	80	+ }
	81	+ $name = GeneralName::fromASN1(
	82	+ $seq->getTagged(1)
	83	+ ->asExplicit()
	84	+ ->asTagged());
	85	+ return new self($name, $authority);
	86	+ }
87	87
88		- /**
89		- * Check whether issuing authority is present.
90		- *
91		- * @return bool
92		- */
93		- public function hasRoleAuthority(): bool
94		- {
95		- return isset($this->_roleAuthority);
96		- }
	88	+ /**
	89	+ * Check whether issuing authority is present.
	90	+ *
	91	+ * @return bool
	92	+ */
	93	+ public function hasRoleAuthority(): bool
	94	+ {
	95	+ return isset($this->_roleAuthority);
	96	+ }
97	97
98		- /**
99		- * Get issuing authority.
100		- *
101		- * @throws \LogicException
102		- * @return GeneralNames
103		- */
104		- public function roleAuthority(): GeneralNames
105		- {
106		- if (!$this->hasRoleAuthority()) {
107		- throw new \LogicException("roleAuthority not set.");
108		- }
109		- return $this->_roleAuthority;
110		- }
	98	+ /**
	99	+ * Get issuing authority.
	100	+ *
	101	+ * @throws \LogicException
	102	+ * @return GeneralNames
	103	+ */
	104	+ public function roleAuthority(): GeneralNames
	105	+ {
	106	+ if (!$this->hasRoleAuthority()) {
	107	+ throw new \LogicException("roleAuthority not set.");
	108	+ }
	109	+ return $this->_roleAuthority;
	110	+ }
111	111
112		- /**
113		- * Get role name.
114		- *
115		- * @return GeneralName
116		- */
117		- public function roleName(): GeneralName
118		- {
119		- return $this->_roleName;
120		- }
	112	+ /**
	113	+ * Get role name.
	114	+ *
	115	+ * @return GeneralName
	116	+ */
	117	+ public function roleName(): GeneralName
	118	+ {
	119	+ return $this->_roleName;
	120	+ }
121	121
122		- /**
123		- *
124		- * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
125		- * @return Sequence
126		- */
127		- public function toASN1(): Sequence
128		- {
129		- $elements = array();
130		- if (isset($this->_roleAuthority)) {
131		- $elements[] = new ImplicitlyTaggedType(0,
132		- $this->_roleAuthority->toASN1());
133		- }
134		- $elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
135		- return new Sequence(...$elements);
136		- }
	122	+ /**
	123	+ *
	124	+ * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
	125	+ * @return Sequence
	126	+ */
	127	+ public function toASN1(): Sequence
	128	+ {
	129	+ $elements = array();
	130	+ if (isset($this->_roleAuthority)) {
	131	+ $elements[] = new ImplicitlyTaggedType(0,
	132	+ $this->_roleAuthority->toASN1());
	133	+ }
	134	+ $elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
	135	+ return new Sequence(...$elements);
	136	+ }
137	137
138		- /**
139		- *
140		- * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
141		- * @return string
142		- */
143		- public function stringValue(): string
144		- {
145		- return "#" . bin2hex($this->toASN1()->toDER());
146		- }
	138	+ /**
	139	+ *
	140	+ * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
	141	+ * @return string
	142	+ */
	143	+ public function stringValue(): string
	144	+ {
	145	+ return "#" . bin2hex($this->toASN1()->toDER());
	146	+ }
147	147
148		- /**
149		- *
150		- * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
151		- * @return BinaryMatch
152		- */
153		- public function equalityMatchingRule(): BinaryMatch
154		- {
155		- return new BinaryMatch();
156		- }
	148	+ /**
	149	+ *
	150	+ * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
	151	+ * @return BinaryMatch
	152	+ */
	153	+ public function equalityMatchingRule(): BinaryMatch
	154	+ {
	155	+ return new BinaryMatch();
	156	+ }
157	157
158		- /**
159		- *
160		- * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
161		- * @return string
162		- */
163		- public function rfc2253String(): string
164		- {
165		- return $this->stringValue();
166		- }
	158	+ /**
	159	+ *
	160	+ * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
	161	+ * @return string
	162	+ */
	163	+ public function rfc2253String(): string
	164	+ {
	165	+ return $this->stringValue();
	166	+ }
167	167
168		- /**
169		- *
170		- * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
171		- * @return string
172		- */
173		- protected function _transcodedString(): string
174		- {
175		- return $this->stringValue();
176		- }
	168	+ /**
	169	+ *
	170	+ * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
	171	+ * @return string
	172	+ */
	173	+ protected function _transcodedString(): string
	174	+ {
	175	+ return $this->stringValue();
	176	+ }
177	177	}

		@@ -20,156 +20,156 @@
		block discarded – undo
20	20	*/
21	21	abstract class SvceAuthInfo extends AttributeValue
22	22	{
23		- /**
24		- * Service.
25		- *
26		- * @var GeneralName $_service
27		- */
28		- protected $_service;
	23	+ /**
	24	+ * Service.
	25	+ *
	26	+ * @var GeneralName $_service
	27	+ */
	28	+ protected $_service;
29	29
30		- /**
31		- * Ident.
32		- *
33		- * @var GeneralName $_ident
34		- */
35		- protected $_ident;
	30	+ /**
	31	+ * Ident.
	32	+ *
	33	+ * @var GeneralName $_ident
	34	+ */
	35	+ protected $_ident;
36	36
37		- /**
38		- * Auth info.
39		- *
40		- * @var string\|null $_authInfo
41		- */
42		- protected $_authInfo;
	37	+ /**
	38	+ * Auth info.
	39	+ *
	40	+ * @var string\|null $_authInfo
	41	+ */
	42	+ protected $_authInfo;
43	43
44		- /**
45		- * Constructor.
46		- *
47		- * @param GeneralName $service
48		- * @param GeneralName $ident
49		- * @param string\|null $auth_info
50		- */
51		- public function __construct(GeneralName $service, GeneralName $ident,
52		- $auth_info = null)
53		- {
54		- $this->_service = $service;
55		- $this->_ident = $ident;
56		- $this->_authInfo = $auth_info;
57		- }
	44	+ /**
	45	+ * Constructor.
	46	+ *
	47	+ * @param GeneralName $service
	48	+ * @param GeneralName $ident
	49	+ * @param string\|null $auth_info
	50	+ */
	51	+ public function __construct(GeneralName $service, GeneralName $ident,
	52	+ $auth_info = null)
	53	+ {
	54	+ $this->_service = $service;
	55	+ $this->_ident = $ident;
	56	+ $this->_authInfo = $auth_info;
	57	+ }
58	58
59		- /**
60		- *
61		- * @param UnspecifiedType $el
62		- * @return self
63		- */
64		- public static function fromASN1(UnspecifiedType $el): self
65		- {
66		- $seq = $el->asSequence();
67		- $service = GeneralName::fromASN1($seq->at(0)->asTagged());
68		- $ident = GeneralName::fromASN1($seq->at(1)->asTagged());
69		- $auth_info = null;
70		- if ($seq->has(2, Element::TYPE_OCTET_STRING)) {
71		- $auth_info = $seq->at(2)
72		- ->asString()
73		- ->string();
74		- }
75		- return new static($service, $ident, $auth_info);
76		- }
	59	+ /**
	60	+ *
	61	+ * @param UnspecifiedType $el
	62	+ * @return self
	63	+ */
	64	+ public static function fromASN1(UnspecifiedType $el): self
	65	+ {
	66	+ $seq = $el->asSequence();
	67	+ $service = GeneralName::fromASN1($seq->at(0)->asTagged());
	68	+ $ident = GeneralName::fromASN1($seq->at(1)->asTagged());
	69	+ $auth_info = null;
	70	+ if ($seq->has(2, Element::TYPE_OCTET_STRING)) {
	71	+ $auth_info = $seq->at(2)
	72	+ ->asString()
	73	+ ->string();
	74	+ }
	75	+ return new static($service, $ident, $auth_info);
	76	+ }
77	77
78		- /**
79		- * Get service name.
80		- *
81		- * @return GeneralName
82		- */
83		- public function service(): GeneralName
84		- {
85		- return $this->_service;
86		- }
	78	+ /**
	79	+ * Get service name.
	80	+ *
	81	+ * @return GeneralName
	82	+ */
	83	+ public function service(): GeneralName
	84	+ {
	85	+ return $this->_service;
	86	+ }
87	87
88		- /**
89		- * Get ident.
90		- *
91		- * @return GeneralName
92		- */
93		- public function ident(): GeneralName
94		- {
95		- return $this->_ident;
96		- }
	88	+ /**
	89	+ * Get ident.
	90	+ *
	91	+ * @return GeneralName
	92	+ */
	93	+ public function ident(): GeneralName
	94	+ {
	95	+ return $this->_ident;
	96	+ }
97	97
98		- /**
99		- * Check whether authentication info is present.
100		- *
101		- * @return bool
102		- */
103		- public function hasAuthInfo(): bool
104		- {
105		- return isset($this->_authInfo);
106		- }
	98	+ /**
	99	+ * Check whether authentication info is present.
	100	+ *
	101	+ * @return bool
	102	+ */
	103	+ public function hasAuthInfo(): bool
	104	+ {
	105	+ return isset($this->_authInfo);
	106	+ }
107	107
108		- /**
109		- * Get authentication info.
110		- *
111		- * @throws \LogicException
112		- * @return string
113		- */
114		- public function authInfo(): string
115		- {
116		- if (!$this->hasAuthInfo()) {
117		- throw new \LogicException("authInfo not set.");
118		- }
119		- return $this->_authInfo;
120		- }
	108	+ /**
	109	+ * Get authentication info.
	110	+ *
	111	+ * @throws \LogicException
	112	+ * @return string
	113	+ */
	114	+ public function authInfo(): string
	115	+ {
	116	+ if (!$this->hasAuthInfo()) {
	117	+ throw new \LogicException("authInfo not set.");
	118	+ }
	119	+ return $this->_authInfo;
	120	+ }
121	121
122		- /**
123		- *
124		- * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
125		- * @return Sequence
126		- */
127		- public function toASN1(): Sequence
128		- {
129		- $elements = array($this->_service->toASN1(), $this->_ident->toASN1());
130		- if (isset($this->_authInfo)) {
131		- $elements[] = new OctetString($this->_authInfo);
132		- }
133		- return new Sequence(...$elements);
134		- }
	122	+ /**
	123	+ *
	124	+ * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
	125	+ * @return Sequence
	126	+ */
	127	+ public function toASN1(): Sequence
	128	+ {
	129	+ $elements = array($this->_service->toASN1(), $this->_ident->toASN1());
	130	+ if (isset($this->_authInfo)) {
	131	+ $elements[] = new OctetString($this->_authInfo);
	132	+ }
	133	+ return new Sequence(...$elements);
	134	+ }
135	135
136		- /**
137		- *
138		- * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
139		- * @return string
140		- */
141		- public function stringValue(): string
142		- {
143		- return "#" . bin2hex($this->toASN1()->toDER());
144		- }
	136	+ /**
	137	+ *
	138	+ * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
	139	+ * @return string
	140	+ */
	141	+ public function stringValue(): string
	142	+ {
	143	+ return "#" . bin2hex($this->toASN1()->toDER());
	144	+ }
145	145
146		- /**
147		- *
148		- * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
149		- * @return BinaryMatch
150		- */
151		- public function equalityMatchingRule(): BinaryMatch
152		- {
153		- return new BinaryMatch();
154		- }
	146	+ /**
	147	+ *
	148	+ * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
	149	+ * @return BinaryMatch
	150	+ */
	151	+ public function equalityMatchingRule(): BinaryMatch
	152	+ {
	153	+ return new BinaryMatch();
	154	+ }
155	155
156		- /**
157		- *
158		- * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
159		- * @return string
160		- */
161		- public function rfc2253String(): string
162		- {
163		- return $this->stringValue();
164		- }
	156	+ /**
	157	+ *
	158	+ * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
	159	+ * @return string
	160	+ */
	161	+ public function rfc2253String(): string
	162	+ {
	163	+ return $this->stringValue();
	164	+ }
165	165
166		- /**
167		- *
168		- * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
169		- * @return string
170		- */
171		- protected function _transcodedString(): string
172		- {
173		- return $this->stringValue();
174		- }
	166	+ /**
	167	+ *
	168	+ * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
	169	+ * @return string
	170	+ */
	171	+ protected function _transcodedString(): string
	172	+ {
	173	+ return $this->stringValue();
	174	+ }
175	175	}

		@@ -17,161 +17,161 @@
		block discarded – undo
17	17	*/
18	18	class IetfAttrValue
19	19	{
20		- /**
21		- * Element type tag.
22		- *
23		- * @var int $_type
24		- */
25		- protected $_type;
	20	+ /**
	21	+ * Element type tag.
	22	+ *
	23	+ * @var int $_type
	24	+ */
	25	+ protected $_type;
26	26
27		- /**
28		- * Value.
29		- *
30		- * @var string $_value
31		- */
32		- protected $_value;
	27	+ /**
	28	+ * Value.
	29	+ *
	30	+ * @var string $_value
	31	+ */
	32	+ protected $_value;
33	33
34		- /**
35		- * Constructor.
36		- *
37		- * @param string $value
38		- * @param int $type
39		- */
40		- public function __construct(string $value, int $type)
41		- {
42		- $this->_type = $type;
43		- $this->_value = $value;
44		- }
	34	+ /**
	35	+ * Constructor.
	36	+ *
	37	+ * @param string $value
	38	+ * @param int $type
	39	+ */
	40	+ public function __construct(string $value, int $type)
	41	+ {
	42	+ $this->_type = $type;
	43	+ $this->_value = $value;
	44	+ }
45	45
46		- /**
47		- * Initialize from ASN.1.
48		- *
49		- * @param UnspecifiedType $el
50		- * @throws \UnexpectedValueException
51		- * @return self
52		- */
53		- public static function fromASN1(UnspecifiedType $el): self
54		- {
55		- switch ($el->tag()) {
56		- case Element::TYPE_OCTET_STRING:
57		- case Element::TYPE_UTF8_STRING:
58		- return new self($el->asString()->string(), $el->tag());
59		- case Element::TYPE_OBJECT_IDENTIFIER:
60		- return new self($el->asObjectIdentifier()->oid(), $el->tag());
61		- }
62		- throw new \UnexpectedValueException(
63		- "Type " . Element::tagToName($el->tag()) . " not supported.");
64		- }
	46	+ /**
	47	+ * Initialize from ASN.1.
	48	+ *
	49	+ * @param UnspecifiedType $el
	50	+ * @throws \UnexpectedValueException
	51	+ * @return self
	52	+ */
	53	+ public static function fromASN1(UnspecifiedType $el): self
	54	+ {
	55	+ switch ($el->tag()) {
	56	+ case Element::TYPE_OCTET_STRING:
	57	+ case Element::TYPE_UTF8_STRING:
	58	+ return new self($el->asString()->string(), $el->tag());
	59	+ case Element::TYPE_OBJECT_IDENTIFIER:
	60	+ return new self($el->asObjectIdentifier()->oid(), $el->tag());
	61	+ }
	62	+ throw new \UnexpectedValueException(
	63	+ "Type " . Element::tagToName($el->tag()) . " not supported.");
	64	+ }
65	65
66		- /**
67		- * Initialize from octet string.
68		- *
69		- * @param string $octets
70		- * @return self
71		- */
72		- public static function fromOctets(string $octets): self
73		- {
74		- return new self($octets, Element::TYPE_OCTET_STRING);
75		- }
	66	+ /**
	67	+ * Initialize from octet string.
	68	+ *
	69	+ * @param string $octets
	70	+ * @return self
	71	+ */
	72	+ public static function fromOctets(string $octets): self
	73	+ {
	74	+ return new self($octets, Element::TYPE_OCTET_STRING);
	75	+ }
76	76
77		- /**
78		- * Initialize from UTF-8 string.
79		- *
80		- * @param string $str
81		- * @return self
82		- */
83		- public static function fromString(string $str): self
84		- {
85		- return new self($str, Element::TYPE_UTF8_STRING);
86		- }
	77	+ /**
	78	+ * Initialize from UTF-8 string.
	79	+ *
	80	+ * @param string $str
	81	+ * @return self
	82	+ */
	83	+ public static function fromString(string $str): self
	84	+ {
	85	+ return new self($str, Element::TYPE_UTF8_STRING);
	86	+ }
87	87
88		- /**
89		- * Initialize from OID.
90		- *
91		- * @param string $oid
92		- * @return self
93		- */
94		- public static function fromOID(string $oid): self
95		- {
96		- return new self($oid, Element::TYPE_OBJECT_IDENTIFIER);
97		- }
	88	+ /**
	89	+ * Initialize from OID.
	90	+ *
	91	+ * @param string $oid
	92	+ * @return self
	93	+ */
	94	+ public static function fromOID(string $oid): self
	95	+ {
	96	+ return new self($oid, Element::TYPE_OBJECT_IDENTIFIER);
	97	+ }
98	98
99		- /**
100		- * Get type tag.
101		- *
102		- * @return int
103		- */
104		- public function type(): int
105		- {
106		- return $this->_type;
107		- }
	99	+ /**
	100	+ * Get type tag.
	101	+ *
	102	+ * @return int
	103	+ */
	104	+ public function type(): int
	105	+ {
	106	+ return $this->_type;
	107	+ }
108	108
109		- /**
110		- * Whether value type is octets.
111		- *
112		- * @return bool
113		- */
114		- public function isOctets(): bool
115		- {
116		- return $this->_type === Element::TYPE_OCTET_STRING;
117		- }
	109	+ /**
	110	+ * Whether value type is octets.
	111	+ *
	112	+ * @return bool
	113	+ */
	114	+ public function isOctets(): bool
	115	+ {
	116	+ return $this->_type === Element::TYPE_OCTET_STRING;
	117	+ }
118	118
119		- /**
120		- * Whether value type is OID.
121		- *
122		- * @return bool
123		- */
124		- public function isOID(): bool
125		- {
126		- return $this->_type === Element::TYPE_OBJECT_IDENTIFIER;
127		- }
	119	+ /**
	120	+ * Whether value type is OID.
	121	+ *
	122	+ * @return bool
	123	+ */
	124	+ public function isOID(): bool
	125	+ {
	126	+ return $this->_type === Element::TYPE_OBJECT_IDENTIFIER;
	127	+ }
128	128
129		- /**
130		- * Whether value type is string.
131		- *
132		- * @return bool
133		- */
134		- public function isString(): bool
135		- {
136		- return $this->_type === Element::TYPE_UTF8_STRING;
137		- }
	129	+ /**
	130	+ * Whether value type is string.
	131	+ *
	132	+ * @return bool
	133	+ */
	134	+ public function isString(): bool
	135	+ {
	136	+ return $this->_type === Element::TYPE_UTF8_STRING;
	137	+ }
138	138
139		- /**
140		- * Get value.
141		- *
142		- * @return string
143		- */
144		- public function value(): string
145		- {
146		- return $this->_value;
147		- }
	139	+ /**
	140	+ * Get value.
	141	+ *
	142	+ * @return string
	143	+ */
	144	+ public function value(): string
	145	+ {
	146	+ return $this->_value;
	147	+ }
148	148
149		- /**
150		- * Generate ASN.1 structure.
151		- *
152		- * @throws \LogicException
153		- * @return Element
154		- */
155		- public function toASN1(): Element
156		- {
157		- switch ($this->_type) {
158		- case Element::TYPE_OCTET_STRING:
159		- return new OctetString($this->_value);
160		- case Element::TYPE_UTF8_STRING:
161		- return new UTF8String($this->_value);
162		- case Element::TYPE_OBJECT_IDENTIFIER:
163		- return new ObjectIdentifier($this->_value);
164		- }
165		- throw new \LogicException(
166		- "Type " . Element::tagToName($this->_type) . " not supported.");
167		- }
	149	+ /**
	150	+ * Generate ASN.1 structure.
	151	+ *
	152	+ * @throws \LogicException
	153	+ * @return Element
	154	+ */
	155	+ public function toASN1(): Element
	156	+ {
	157	+ switch ($this->_type) {
	158	+ case Element::TYPE_OCTET_STRING:
	159	+ return new OctetString($this->_value);
	160	+ case Element::TYPE_UTF8_STRING:
	161	+ return new UTF8String($this->_value);
	162	+ case Element::TYPE_OBJECT_IDENTIFIER:
	163	+ return new ObjectIdentifier($this->_value);
	164	+ }
	165	+ throw new \LogicException(
	166	+ "Type " . Element::tagToName($this->_type) . " not supported.");
	167	+ }
168	168
169		- /**
170		- *
171		- * @return string
172		- */
173		- public function __toString()
174		- {
175		- return $this->_value;
176		- }
	169	+ /**
	170	+ *
	171	+ * @return string
	172	+ */
	173	+ public function __toString()
	174	+ {
	175	+ return $this->_value;
	176	+ }
177	177	}

		@@ -53,11 +53,11 @@ discard block
		block discarded – undo
53	53	public static function fromASN1(UnspecifiedType $el): self
54	54	{
55	55	switch ($el->tag()) {
56		- case Element::TYPE_OCTET_STRING:
57		- case Element::TYPE_UTF8_STRING:
58		- return new self($el->asString()->string(), $el->tag());
59		- case Element::TYPE_OBJECT_IDENTIFIER:
60		- return new self($el->asObjectIdentifier()->oid(), $el->tag());
	56	+ case Element::TYPE_OCTET_STRING:
	57	+ case Element::TYPE_UTF8_STRING:
	58	+ return new self($el->asString()->string(), $el->tag());
	59	+ case Element::TYPE_OBJECT_IDENTIFIER:
	60	+ return new self($el->asObjectIdentifier()->oid(), $el->tag());
61	61	}
62	62	throw new \UnexpectedValueException(
63	63	"Type " . Element::tagToName($el->tag()) . " not supported.");
		@@ -155,12 +155,12 @@ discard block
		block discarded – undo
155	155	public function toASN1(): Element
156	156	{
157	157	switch ($this->_type) {
158		- case Element::TYPE_OCTET_STRING:
159		- return new OctetString($this->_value);
160		- case Element::TYPE_UTF8_STRING:
161		- return new UTF8String($this->_value);
162		- case Element::TYPE_OBJECT_IDENTIFIER:
163		- return new ObjectIdentifier($this->_value);
	158	+ case Element::TYPE_OCTET_STRING:
	159	+ return new OctetString($this->_value);
	160	+ case Element::TYPE_UTF8_STRING:
	161	+ return new UTF8String($this->_value);
	162	+ case Element::TYPE_OBJECT_IDENTIFIER:
	163	+ return new ObjectIdentifier($this->_value);
164	164	}
165	165	throw new \LogicException(
166	166	"Type " . Element::tagToName($this->_type) . " not supported.");

		@@ -19,281 +19,281 @@
		block discarded – undo
19	19	*/
20	20	class Holder
21	21	{
22		- /**
23		- * Holder PKC's issuer and serial.
24		- *
25		- * @var IssuerSerial\|null $_baseCertificateID
26		- */
27		- protected $_baseCertificateID;
	22	+ /**
	23	+ * Holder PKC's issuer and serial.
	24	+ *
	25	+ * @var IssuerSerial\|null $_baseCertificateID
	26	+ */
	27	+ protected $_baseCertificateID;
28	28
29		- /**
30		- * Holder PKC's subject.
31		- *
32		- * @var GeneralNames\|null $_entityName
33		- */
34		- protected $_entityName;
	29	+ /**
	30	+ * Holder PKC's subject.
	31	+ *
	32	+ * @var GeneralNames\|null $_entityName
	33	+ */
	34	+ protected $_entityName;
35	35
36		- /**
37		- * Linked object.
38		- *
39		- * @var ObjectDigestInfo\|null $_objectDigestInfo
40		- */
41		- protected $_objectDigestInfo;
	36	+ /**
	37	+ * Linked object.
	38	+ *
	39	+ * @var ObjectDigestInfo\|null $_objectDigestInfo
	40	+ */
	41	+ protected $_objectDigestInfo;
42	42
43		- /**
44		- * Constructor.
45		- *
46		- * @param IssuerSerial\|null $issuer_serial
47		- * @param GeneralNames\|null $entity_name
48		- */
49		- public function __construct(IssuerSerial $issuer_serial = null,
50		- GeneralNames $entity_name = null)
51		- {
52		- $this->_baseCertificateID = $issuer_serial;
53		- $this->_entityName = $entity_name;
54		- }
	43	+ /**
	44	+ * Constructor.
	45	+ *
	46	+ * @param IssuerSerial\|null $issuer_serial
	47	+ * @param GeneralNames\|null $entity_name
	48	+ */
	49	+ public function __construct(IssuerSerial $issuer_serial = null,
	50	+ GeneralNames $entity_name = null)
	51	+ {
	52	+ $this->_baseCertificateID = $issuer_serial;
	53	+ $this->_entityName = $entity_name;
	54	+ }
55	55
56		- /**
57		- * Initialize from a holder's public key certificate.
58		- *
59		- * @param Certificate $cert
60		- * @return self
61		- */
62		- public static function fromPKC(Certificate $cert): self
63		- {
64		- return new self(IssuerSerial::fromPKC($cert));
65		- }
	56	+ /**
	57	+ * Initialize from a holder's public key certificate.
	58	+ *
	59	+ * @param Certificate $cert
	60	+ * @return self
	61	+ */
	62	+ public static function fromPKC(Certificate $cert): self
	63	+ {
	64	+ return new self(IssuerSerial::fromPKC($cert));
	65	+ }
66	66
67		- /**
68		- * Initialize from ASN.1.
69		- *
70		- * @param Sequence $seq
71		- */
72		- public static function fromASN1(Sequence $seq): self
73		- {
74		- $cert_id = null;
75		- $entity_name = null;
76		- $digest_info = null;
77		- if ($seq->hasTagged(0)) {
78		- $cert_id = IssuerSerial::fromASN1(
79		- $seq->getTagged(0)
80		- ->asImplicit(Element::TYPE_SEQUENCE)
81		- ->asSequence());
82		- }
83		- if ($seq->hasTagged(1)) {
84		- $entity_name = GeneralNames::fromASN1(
85		- $seq->getTagged(1)
86		- ->asImplicit(Element::TYPE_SEQUENCE)
87		- ->asSequence());
88		- }
89		- if ($seq->hasTagged(2)) {
90		- $digest_info = ObjectDigestInfo::fromASN1(
91		- $seq->getTagged(2)
92		- ->asImplicit(Element::TYPE_SEQUENCE)
93		- ->asSequence());
94		- }
95		- $obj = new self($cert_id, $entity_name);
96		- $obj->_objectDigestInfo = $digest_info;
97		- return $obj;
98		- }
	67	+ /**
	68	+ * Initialize from ASN.1.
	69	+ *
	70	+ * @param Sequence $seq
	71	+ */
	72	+ public static function fromASN1(Sequence $seq): self
	73	+ {
	74	+ $cert_id = null;
	75	+ $entity_name = null;
	76	+ $digest_info = null;
	77	+ if ($seq->hasTagged(0)) {
	78	+ $cert_id = IssuerSerial::fromASN1(
	79	+ $seq->getTagged(0)
	80	+ ->asImplicit(Element::TYPE_SEQUENCE)
	81	+ ->asSequence());
	82	+ }
	83	+ if ($seq->hasTagged(1)) {
	84	+ $entity_name = GeneralNames::fromASN1(
	85	+ $seq->getTagged(1)
	86	+ ->asImplicit(Element::TYPE_SEQUENCE)
	87	+ ->asSequence());
	88	+ }
	89	+ if ($seq->hasTagged(2)) {
	90	+ $digest_info = ObjectDigestInfo::fromASN1(
	91	+ $seq->getTagged(2)
	92	+ ->asImplicit(Element::TYPE_SEQUENCE)
	93	+ ->asSequence());
	94	+ }
	95	+ $obj = new self($cert_id, $entity_name);
	96	+ $obj->_objectDigestInfo = $digest_info;
	97	+ return $obj;
	98	+ }
99	99
100		- /**
101		- * Get self with base certificate ID.
102		- *
103		- * @param IssuerSerial $issuer
104		- * @return self
105		- */
106		- public function withBaseCertificateID(IssuerSerial $issuer): self
107		- {
108		- $obj = clone $this;
109		- $obj->_baseCertificateID = $issuer;
110		- return $obj;
111		- }
	100	+ /**
	101	+ * Get self with base certificate ID.
	102	+ *
	103	+ * @param IssuerSerial $issuer
	104	+ * @return self
	105	+ */
	106	+ public function withBaseCertificateID(IssuerSerial $issuer): self
	107	+ {
	108	+ $obj = clone $this;
	109	+ $obj->_baseCertificateID = $issuer;
	110	+ return $obj;
	111	+ }
112	112
113		- /**
114		- * Get self with entity name.
115		- *
116		- * @param GeneralNames $names
117		- * @return self
118		- */
119		- public function withEntityName(GeneralNames $names): self
120		- {
121		- $obj = clone $this;
122		- $obj->_entityName = $names;
123		- return $obj;
124		- }
	113	+ /**
	114	+ * Get self with entity name.
	115	+ *
	116	+ * @param GeneralNames $names
	117	+ * @return self
	118	+ */
	119	+ public function withEntityName(GeneralNames $names): self
	120	+ {
	121	+ $obj = clone $this;
	122	+ $obj->_entityName = $names;
	123	+ return $obj;
	124	+ }
125	125
126		- /**
127		- * Get self with object digest info.
128		- *
129		- * @param ObjectDigestInfo $odi
130		- * @return self
131		- */
132		- public function withObjectDigestInfo(ObjectDigestInfo $odi): self
133		- {
134		- $obj = clone $this;
135		- $obj->_objectDigestInfo = $odi;
136		- return $obj;
137		- }
	126	+ /**
	127	+ * Get self with object digest info.
	128	+ *
	129	+ * @param ObjectDigestInfo $odi
	130	+ * @return self
	131	+ */
	132	+ public function withObjectDigestInfo(ObjectDigestInfo $odi): self
	133	+ {
	134	+ $obj = clone $this;
	135	+ $obj->_objectDigestInfo = $odi;
	136	+ return $obj;
	137	+ }
138	138
139		- /**
140		- * Check whether base certificate ID is present.
141		- *
142		- * @return bool
143		- */
144		- public function hasBaseCertificateID(): bool
145		- {
146		- return isset($this->_baseCertificateID);
147		- }
	139	+ /**
	140	+ * Check whether base certificate ID is present.
	141	+ *
	142	+ * @return bool
	143	+ */
	144	+ public function hasBaseCertificateID(): bool
	145	+ {
	146	+ return isset($this->_baseCertificateID);
	147	+ }
148	148
149		- /**
150		- * Get base certificate ID.
151		- *
152		- * @throws \LogicException
153		- * @return IssuerSerial
154		- */
155		- public function baseCertificateID(): IssuerSerial
156		- {
157		- if (!$this->hasBaseCertificateID()) {
158		- throw new \LogicException("baseCertificateID not set.");
159		- }
160		- return $this->_baseCertificateID;
161		- }
	149	+ /**
	150	+ * Get base certificate ID.
	151	+ *
	152	+ * @throws \LogicException
	153	+ * @return IssuerSerial
	154	+ */
	155	+ public function baseCertificateID(): IssuerSerial
	156	+ {
	157	+ if (!$this->hasBaseCertificateID()) {
	158	+ throw new \LogicException("baseCertificateID not set.");
	159	+ }
	160	+ return $this->_baseCertificateID;
	161	+ }
162	162
163		- /**
164		- * Check whether entity name is present.
165		- *
166		- * @return bool
167		- */
168		- public function hasEntityName(): bool
169		- {
170		- return isset($this->_entityName);
171		- }
	163	+ /**
	164	+ * Check whether entity name is present.
	165	+ *
	166	+ * @return bool
	167	+ */
	168	+ public function hasEntityName(): bool
	169	+ {
	170	+ return isset($this->_entityName);
	171	+ }
172	172
173		- /**
174		- * Get entity name.
175		- *
176		- * @throws \LogicException
177		- * @return GeneralNames
178		- */
179		- public function entityName(): GeneralNames
180		- {
181		- if (!$this->hasEntityName()) {
182		- throw new \LogicException("entityName not set.");
183		- }
184		- return $this->_entityName;
185		- }
	173	+ /**
	174	+ * Get entity name.
	175	+ *
	176	+ * @throws \LogicException
	177	+ * @return GeneralNames
	178	+ */
	179	+ public function entityName(): GeneralNames
	180	+ {
	181	+ if (!$this->hasEntityName()) {
	182	+ throw new \LogicException("entityName not set.");
	183	+ }
	184	+ return $this->_entityName;
	185	+ }
186	186
187		- /**
188		- * Check whether object digest info is present.
189		- *
190		- * @return bool
191		- */
192		- public function hasObjectDigestInfo(): bool
193		- {
194		- return isset($this->_objectDigestInfo);
195		- }
	187	+ /**
	188	+ * Check whether object digest info is present.
	189	+ *
	190	+ * @return bool
	191	+ */
	192	+ public function hasObjectDigestInfo(): bool
	193	+ {
	194	+ return isset($this->_objectDigestInfo);
	195	+ }
196	196
197		- /**
198		- * Get object digest info.
199		- *
200		- * @throws \LogicException
201		- * @return ObjectDigestInfo
202		- */
203		- public function objectDigestInfo(): ObjectDigestInfo
204		- {
205		- if (!$this->hasObjectDigestInfo()) {
206		- throw new \LogicException("objectDigestInfo not set.");
207		- }
208		- return $this->_objectDigestInfo;
209		- }
	197	+ /**
	198	+ * Get object digest info.
	199	+ *
	200	+ * @throws \LogicException
	201	+ * @return ObjectDigestInfo
	202	+ */
	203	+ public function objectDigestInfo(): ObjectDigestInfo
	204	+ {
	205	+ if (!$this->hasObjectDigestInfo()) {
	206	+ throw new \LogicException("objectDigestInfo not set.");
	207	+ }
	208	+ return $this->_objectDigestInfo;
	209	+ }
210	210
211		- /**
212		- * Generate ASN.1 structure.
213		- *
214		- * @return Sequence
215		- */
216		- public function toASN1(): Sequence
217		- {
218		- $elements = [];
219		- if (isset($this->_baseCertificateID)) {
220		- $elements[] = new ImplicitlyTaggedType(0,
221		- $this->_baseCertificateID->toASN1());
222		- }
223		- if (isset($this->_entityName)) {
224		- $elements[] = new ImplicitlyTaggedType(1,
225		- $this->_entityName->toASN1());
226		- }
227		- if (isset($this->_objectDigestInfo)) {
228		- $elements[] = new ImplicitlyTaggedType(2,
229		- $this->_objectDigestInfo->toASN1());
230		- }
231		- return new Sequence(...$elements);
232		- }
	211	+ /**
	212	+ * Generate ASN.1 structure.
	213	+ *
	214	+ * @return Sequence
	215	+ */
	216	+ public function toASN1(): Sequence
	217	+ {
	218	+ $elements = [];
	219	+ if (isset($this->_baseCertificateID)) {
	220	+ $elements[] = new ImplicitlyTaggedType(0,
	221	+ $this->_baseCertificateID->toASN1());
	222	+ }
	223	+ if (isset($this->_entityName)) {
	224	+ $elements[] = new ImplicitlyTaggedType(1,
	225	+ $this->_entityName->toASN1());
	226	+ }
	227	+ if (isset($this->_objectDigestInfo)) {
	228	+ $elements[] = new ImplicitlyTaggedType(2,
	229	+ $this->_objectDigestInfo->toASN1());
	230	+ }
	231	+ return new Sequence(...$elements);
	232	+ }
233	233
234		- /**
235		- * Check whether Holder identifies given certificate.
236		- *
237		- * @param Certificate $cert
238		- * @return boolean
239		- */
240		- public function identifiesPKC(Certificate $cert): bool
241		- {
242		- // if neither baseCertificateID nor entityName are present
243		- if (!$this->_baseCertificateID && !$this->_entityName) {
244		- return false;
245		- }
246		- // if baseCertificateID is present, but doesn't match
247		- if ($this->_baseCertificateID &&
248		- !$this->_baseCertificateID->identifiesPKC($cert)) {
249		- return false;
250		- }
251		- // if entityName is present, but doesn't match
252		- if ($this->_entityName && !$this->_checkEntityName($cert)) {
253		- return false;
254		- }
255		- return true;
256		- }
	234	+ /**
	235	+ * Check whether Holder identifies given certificate.
	236	+ *
	237	+ * @param Certificate $cert
	238	+ * @return boolean
	239	+ */
	240	+ public function identifiesPKC(Certificate $cert): bool
	241	+ {
	242	+ // if neither baseCertificateID nor entityName are present
	243	+ if (!$this->_baseCertificateID && !$this->_entityName) {
	244	+ return false;
	245	+ }
	246	+ // if baseCertificateID is present, but doesn't match
	247	+ if ($this->_baseCertificateID &&
	248	+ !$this->_baseCertificateID->identifiesPKC($cert)) {
	249	+ return false;
	250	+ }
	251	+ // if entityName is present, but doesn't match
	252	+ if ($this->_entityName && !$this->_checkEntityName($cert)) {
	253	+ return false;
	254	+ }
	255	+ return true;
	256	+ }
257	257
258		- /**
259		- * Check whether entityName matches the given certificate.
260		- *
261		- * @param Certificate $cert
262		- * @return boolean
263		- */
264		- private function _checkEntityName(Certificate $cert): bool
265		- {
266		- $name = $this->_entityName->firstDN();
267		- if ($cert->tbsCertificate()
268		- ->subject()
269		- ->equals($name)) {
270		- return true;
271		- }
272		- $exts = $cert->tbsCertificate()->extensions();
273		- if ($exts->hasSubjectAlternativeName()) {
274		- $ext = $exts->subjectAlternativeName();
275		- if ($this->_checkEntityAlternativeNames($ext->names())) {
276		- return true;
277		- }
278		- }
279		- return false;
280		- }
	258	+ /**
	259	+ * Check whether entityName matches the given certificate.
	260	+ *
	261	+ * @param Certificate $cert
	262	+ * @return boolean
	263	+ */
	264	+ private function _checkEntityName(Certificate $cert): bool
	265	+ {
	266	+ $name = $this->_entityName->firstDN();
	267	+ if ($cert->tbsCertificate()
	268	+ ->subject()
	269	+ ->equals($name)) {
	270	+ return true;
	271	+ }
	272	+ $exts = $cert->tbsCertificate()->extensions();
	273	+ if ($exts->hasSubjectAlternativeName()) {
	274	+ $ext = $exts->subjectAlternativeName();
	275	+ if ($this->_checkEntityAlternativeNames($ext->names())) {
	276	+ return true;
	277	+ }
	278	+ }
	279	+ return false;
	280	+ }
281	281
282		- /**
283		- * Check whether any of the subject alternative names match entityName.
284		- *
285		- * @param GeneralNames $san
286		- * @return boolean
287		- */
288		- private function _checkEntityAlternativeNames(GeneralNames $san): bool
289		- {
290		- // only directory names supported for now
291		- $name = $this->_entityName->firstDN();
292		- foreach ($san->allOf(GeneralName::TAG_DIRECTORY_NAME) as $dn) {
293		- if ($dn instanceof DirectoryName && $dn->dn()->equals($name)) {
294		- return true;
295		- }
296		- }
297		- return false;
298		- }
	282	+ /**
	283	+ * Check whether any of the subject alternative names match entityName.
	284	+ *
	285	+ * @param GeneralNames $san
	286	+ * @return boolean
	287	+ */
	288	+ private function _checkEntityAlternativeNames(GeneralNames $san): bool
	289	+ {
	290	+ // only directory names supported for now
	291	+ $name = $this->_entityName->firstDN();
	292	+ foreach ($san->allOf(GeneralName::TAG_DIRECTORY_NAME) as $dn) {
	293	+ if ($dn instanceof DirectoryName && $dn->dn()->equals($name)) {
	294	+ return true;
	295	+ }
	296	+ }
	297	+ return false;
	298	+ }
299	299	}

sop / x509

GitHub Access Token became invalid

Push — master ( 91afec...2569ae )

Status

Category

Indentation +155 added lines, -155 removed lines patch added patch discarded remove patch

Indentation +245 added lines, -245 removed lines patch added patch discarded remove patch

Indentation +480 added lines, -480 removed lines patch added patch discarded remove patch

Indentation +431 added lines, -431 removed lines patch added patch discarded remove patch

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

Indentation +139 added lines, -139 removed lines patch added patch discarded remove patch

Indentation +139 added lines, -139 removed lines patch added patch discarded remove patch

Indentation +144 added lines, -144 removed lines patch added patch discarded remove patch

Switch Indentation +11 added lines, -11 removed lines patch added patch discarded remove patch

Indentation +259 added lines, -259 removed lines patch added patch discarded remove patch