sop / x509

lib/X509/CertificationPath/PathValidation/PathValidator.php

Doc Comments +1 added lines

@@ -50,6 +50,7 @@
      * @param PathValidationConfig $config Validation config
      * @param Certificate ...$certificates Certificates from the trust anchor to
      *            the end-entity certificate
+     * @param Certificate[] $certificates
      */
     public function __construct(Crypto $crypto, PathValidationConfig $config,
         Certificate ...$certificates)

Indentation +553 added lines, -553 removed lines

@@ -17,584 +17,584 @@
  */
 class PathValidator
 {
-    /**
-     * Crypto engine.
-     *
-     * @var Crypto $_crypto
-     */
-    protected $_crypto;
+	/**
+	 * Crypto engine.
+	 *
+	 * @var Crypto $_crypto
+	 */
+	protected $_crypto;
     
-    /**
-     * Path validation configuration.
-     *
-     * @var PathValidationConfig $_config
-     */
-    protected $_config;
+	/**
+	 * Path validation configuration.
+	 *
+	 * @var PathValidationConfig $_config
+	 */
+	protected $_config;
     
-    /**
-     * Certification path.
-     *
-     * @var Certificate[] $_certificates
-     */
-    protected $_certificates;
+	/**
+	 * Certification path.
+	 *
+	 * @var Certificate[] $_certificates
+	 */
+	protected $_certificates;
     
-    /**
-     * Certification path trust anchor.
-     *
-     * @var Certificate $_trustAnchor
-     */
-    protected $_trustAnchor;
+	/**
+	 * Certification path trust anchor.
+	 *
+	 * @var Certificate $_trustAnchor
+	 */
+	protected $_trustAnchor;
     
-    /**
-     * Constructor.
-     *
-     * @param Crypto $crypto Crypto engine
-     * @param PathValidationConfig $config Validation config
-     * @param Certificate ...$certificates Certificates from the trust anchor to
-     *            the end-entity certificate
-     */
-    public function __construct(Crypto $crypto, PathValidationConfig $config,
-        Certificate ...$certificates)
-    {
-        if (!count($certificates)) {
-            throw new \LogicException("No certificates.");
-        }
-        $this->_crypto = $crypto;
-        $this->_config = $config;
-        $this->_certificates = $certificates;
-        // if trust anchor is explicitly given in configuration
-        if ($config->hasTrustAnchor()) {
-            $this->_trustAnchor = $config->trustAnchor();
-        } else {
-            $this->_trustAnchor = $certificates[0];
-        }
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Crypto $crypto Crypto engine
+	 * @param PathValidationConfig $config Validation config
+	 * @param Certificate ...$certificates Certificates from the trust anchor to
+	 *            the end-entity certificate
+	 */
+	public function __construct(Crypto $crypto, PathValidationConfig $config,
+		Certificate ...$certificates)
+	{
+		if (!count($certificates)) {
+			throw new \LogicException("No certificates.");
+		}
+		$this->_crypto = $crypto;
+		$this->_config = $config;
+		$this->_certificates = $certificates;
+		// if trust anchor is explicitly given in configuration
+		if ($config->hasTrustAnchor()) {
+			$this->_trustAnchor = $config->trustAnchor();
+		} else {
+			$this->_trustAnchor = $certificates[0];
+		}
+	}
     
-    /**
-     * Validate certification path.
-     *
-     * @throws PathValidationException
-     * @return PathValidationResult
-     */
-    public function validate()
-    {
-        $n = count($this->_certificates);
-        $state = ValidatorState::initialize($this->_config, $this->_trustAnchor,
-            $n);
-        for ($i = 0; $i < $n; ++$i) {
-            $state = $state->withIndex($i + 1);
-            $cert = $this->_certificates[$i];
-            // process certificate (section 6.1.3.)
-            $state = $this->_processCertificate($state, $cert);
-            if (!$state->isFinal()) {
-                // prepare next certificate (section 6.1.4.)
-                $state = $this->_prepareNext($state, $cert);
-            }
-        }
-        if (!isset($cert)) {
-            throw new \LogicException("No certificates.");
-        }
-        // wrap-up (section 6.1.5.)
-        $state = $this->_wrapUp($state, $cert);
-        // return outputs
-        return $state->getResult($this->_certificates);
-    }
+	/**
+	 * Validate certification path.
+	 *
+	 * @throws PathValidationException
+	 * @return PathValidationResult
+	 */
+	public function validate()
+	{
+		$n = count($this->_certificates);
+		$state = ValidatorState::initialize($this->_config, $this->_trustAnchor,
+			$n);
+		for ($i = 0; $i < $n; ++$i) {
+			$state = $state->withIndex($i + 1);
+			$cert = $this->_certificates[$i];
+			// process certificate (section 6.1.3.)
+			$state = $this->_processCertificate($state, $cert);
+			if (!$state->isFinal()) {
+				// prepare next certificate (section 6.1.4.)
+				$state = $this->_prepareNext($state, $cert);
+			}
+		}
+		if (!isset($cert)) {
+			throw new \LogicException("No certificates.");
+		}
+		// wrap-up (section 6.1.5.)
+		$state = $this->_wrapUp($state, $cert);
+		// return outputs
+		return $state->getResult($this->_certificates);
+	}
     
-    /**
-     * Apply basic certificate processing according to RFC 5280 section 6.1.3.
-     *
-     * @link https://tools.ietf.org/html/rfc5280#section-6.1.3
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @throws PathValidationException
-     * @return ValidatorState
-     */
-    private function _processCertificate(ValidatorState $state, Certificate $cert)
-    {
-        // (a.1) verify signature
-        $this->_verifySignature($state, $cert);
-        // (a.2) check validity period
-        $this->_checkValidity($cert);
-        // (a.3) check that certificate is not revoked
-        $this->_checkRevocation($cert);
-        // (a.4) check issuer
-        $this->_checkIssuer($state, $cert);
-        // (b)(c) if certificate is self-issued and it is not
-        // the final certificate in the path, skip this step
-        if (!($cert->isSelfIssued() && !$state->isFinal())) {
-            // (b) check permitted subtrees
-            $this->_checkPermittedSubtrees($state, $cert);
-            // (c) check excluded subtrees
-            $this->_checkExcludedSubtrees($state, $cert);
-        }
-        $extensions = $cert->tbsCertificate()->extensions();
-        if ($extensions->hasCertificatePolicies()) {
-            // (d) process policy information
-            if ($state->hasValidPolicyTree()) {
-                $state = $state->validPolicyTree()->processPolicies($state,
-                    $cert);
-            }
-        } else {
-            // (e) certificate policies extension not present,
-            // set the valid_policy_tree to NULL
-            $state = $state->withoutValidPolicyTree();
-        }
-        // (f) check that explicit_policy > 0 or valid_policy_tree is set
-        if (!($state->explicitPolicy() > 0 || $state->hasValidPolicyTree())) {
-            throw new PathValidationException("No valid policies.");
-        }
-        return $state;
-    }
+	/**
+	 * Apply basic certificate processing according to RFC 5280 section 6.1.3.
+	 *
+	 * @link https://tools.ietf.org/html/rfc5280#section-6.1.3
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @throws PathValidationException
+	 * @return ValidatorState
+	 */
+	private function _processCertificate(ValidatorState $state, Certificate $cert)
+	{
+		// (a.1) verify signature
+		$this->_verifySignature($state, $cert);
+		// (a.2) check validity period
+		$this->_checkValidity($cert);
+		// (a.3) check that certificate is not revoked
+		$this->_checkRevocation($cert);
+		// (a.4) check issuer
+		$this->_checkIssuer($state, $cert);
+		// (b)(c) if certificate is self-issued and it is not
+		// the final certificate in the path, skip this step
+		if (!($cert->isSelfIssued() && !$state->isFinal())) {
+			// (b) check permitted subtrees
+			$this->_checkPermittedSubtrees($state, $cert);
+			// (c) check excluded subtrees
+			$this->_checkExcludedSubtrees($state, $cert);
+		}
+		$extensions = $cert->tbsCertificate()->extensions();
+		if ($extensions->hasCertificatePolicies()) {
+			// (d) process policy information
+			if ($state->hasValidPolicyTree()) {
+				$state = $state->validPolicyTree()->processPolicies($state,
+					$cert);
+			}
+		} else {
+			// (e) certificate policies extension not present,
+			// set the valid_policy_tree to NULL
+			$state = $state->withoutValidPolicyTree();
+		}
+		// (f) check that explicit_policy > 0 or valid_policy_tree is set
+		if (!($state->explicitPolicy() > 0 || $state->hasValidPolicyTree())) {
+			throw new PathValidationException("No valid policies.");
+		}
+		return $state;
+	}
     
-    /**
-     * Apply preparation for the certificate i+1 according to rfc5280 section
-     * 6.1.4.
-     *
-     * @link https://tools.ietf.org/html/rfc5280#section-6.1.4
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    private function _prepareNext(ValidatorState $state, Certificate $cert)
-    {
-        // (a)(b) if policy mappings extension is present
-        $state = $this->_preparePolicyMappings($state, $cert);
-        // (c) assign working_issuer_name
-        $state = $state->withWorkingIssuerName(
-            $cert->tbsCertificate()
-                ->subject());
-        // (d)(e)(f)
-        $state = $this->_setPublicKeyState($state, $cert);
-        // (g) if name constraints extension is present
-        $state = $this->_prepareNameConstraints($state, $cert);
-        // (h) if certificate is not self-issued
-        if (!$cert->isSelfIssued()) {
-            $state = $this->_prepareNonSelfIssued($state);
-        }
-        // (i) if policy constraints extension is present
-        $state = $this->_preparePolicyConstraints($state, $cert);
-        // (j) if inhibit any policy extension is present
-        $state = $this->_prepareInhibitAnyPolicy($state, $cert);
-        // (k) check basic constraints
-        $this->_processBasicContraints($cert);
-        // (l) verify max_path_length
-        $state = $this->_verifyMaxPathLength($state, $cert);
-        // (m) check pathLenContraint
-        $state = $this->_processPathLengthContraint($state, $cert);
-        // (n) check key usage
-        $this->_checkKeyUsage($cert);
-        // (o) process relevant extensions
-        $state = $this->_processExtensions($state, $cert);
-        return $state;
-    }
+	/**
+	 * Apply preparation for the certificate i+1 according to rfc5280 section
+	 * 6.1.4.
+	 *
+	 * @link https://tools.ietf.org/html/rfc5280#section-6.1.4
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	private function _prepareNext(ValidatorState $state, Certificate $cert)
+	{
+		// (a)(b) if policy mappings extension is present
+		$state = $this->_preparePolicyMappings($state, $cert);
+		// (c) assign working_issuer_name
+		$state = $state->withWorkingIssuerName(
+			$cert->tbsCertificate()
+				->subject());
+		// (d)(e)(f)
+		$state = $this->_setPublicKeyState($state, $cert);
+		// (g) if name constraints extension is present
+		$state = $this->_prepareNameConstraints($state, $cert);
+		// (h) if certificate is not self-issued
+		if (!$cert->isSelfIssued()) {
+			$state = $this->_prepareNonSelfIssued($state);
+		}
+		// (i) if policy constraints extension is present
+		$state = $this->_preparePolicyConstraints($state, $cert);
+		// (j) if inhibit any policy extension is present
+		$state = $this->_prepareInhibitAnyPolicy($state, $cert);
+		// (k) check basic constraints
+		$this->_processBasicContraints($cert);
+		// (l) verify max_path_length
+		$state = $this->_verifyMaxPathLength($state, $cert);
+		// (m) check pathLenContraint
+		$state = $this->_processPathLengthContraint($state, $cert);
+		// (n) check key usage
+		$this->_checkKeyUsage($cert);
+		// (o) process relevant extensions
+		$state = $this->_processExtensions($state, $cert);
+		return $state;
+	}
     
-    /**
-     * Apply wrap-up procedure according to RFC 5280 section 6.1.5.
-     *
-     * @link https://tools.ietf.org/html/rfc5280#section-6.1.5
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @throws PathValidationException
-     */
-    private function _wrapUp(ValidatorState $state, Certificate $cert)
-    {
-        $tbs_cert = $cert->tbsCertificate();
-        $extensions = $tbs_cert->extensions();
-        // (a)
-        if ($state->explicitPolicy() > 0) {
-            $state = $state->withExplicitPolicy($state->explicitPolicy() - 1);
-        }
-        // (b)
-        if ($extensions->hasPolicyConstraints()) {
-            $ext = $extensions->policyConstraints();
-            if ($ext->hasRequireExplicitPolicy() &&
-                 $ext->requireExplicitPolicy() == 0) {
-                $state = $state->withExplicitPolicy(0);
-            }
-        }
-        // (c)(d)(e)
-        $state = $this->_setPublicKeyState($state, $cert);
-        // (f) process relevant extensions
-        $state = $this->_processExtensions($state, $cert);
-        // (g) intersection of valid_policy_tree and the initial-policy-set
-        $state = $this->_calculatePolicyIntersection($state);
-        // check that explicit_policy > 0 or valid_policy_tree is set
-        if (!($state->explicitPolicy() > 0 || $state->hasValidPolicyTree())) {
-            throw new PathValidationException("No valid policies.");
-        }
-        // path validation succeeded
-        return $state;
-    }
+	/**
+	 * Apply wrap-up procedure according to RFC 5280 section 6.1.5.
+	 *
+	 * @link https://tools.ietf.org/html/rfc5280#section-6.1.5
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @throws PathValidationException
+	 */
+	private function _wrapUp(ValidatorState $state, Certificate $cert)
+	{
+		$tbs_cert = $cert->tbsCertificate();
+		$extensions = $tbs_cert->extensions();
+		// (a)
+		if ($state->explicitPolicy() > 0) {
+			$state = $state->withExplicitPolicy($state->explicitPolicy() - 1);
+		}
+		// (b)
+		if ($extensions->hasPolicyConstraints()) {
+			$ext = $extensions->policyConstraints();
+			if ($ext->hasRequireExplicitPolicy() &&
+				 $ext->requireExplicitPolicy() == 0) {
+				$state = $state->withExplicitPolicy(0);
+			}
+		}
+		// (c)(d)(e)
+		$state = $this->_setPublicKeyState($state, $cert);
+		// (f) process relevant extensions
+		$state = $this->_processExtensions($state, $cert);
+		// (g) intersection of valid_policy_tree and the initial-policy-set
+		$state = $this->_calculatePolicyIntersection($state);
+		// check that explicit_policy > 0 or valid_policy_tree is set
+		if (!($state->explicitPolicy() > 0 || $state->hasValidPolicyTree())) {
+			throw new PathValidationException("No valid policies.");
+		}
+		// path validation succeeded
+		return $state;
+	}
     
-    /**
-     * Update working_public_key, working_public_key_parameters and
-     * working_public_key_algorithm state variables from certificate.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    private function _setPublicKeyState(ValidatorState $state, Certificate $cert)
-    {
-        $pk_info = $cert->tbsCertificate()->subjectPublicKeyInfo();
-        // assign working_public_key
-        $state = $state->withWorkingPublicKey($pk_info);
-        // assign working_public_key_parameters
-        $params = ValidatorState::getAlgorithmParameters(
-            $pk_info->algorithmIdentifier());
-        if (null !== $params) {
-            $state = $state->withWorkingPublicKeyParameters($params);
-        } else {
-            // if algorithms differ, set parameters to null
-            if ($pk_info->algorithmIdentifier()->oid() !==
-                 $state->workingPublicKeyAlgorithm()->oid()) {
-                $state = $state->withWorkingPublicKeyParameters(null);
-            }
-        }
-        // assign working_public_key_algorithm
-        $state = $state->withWorkingPublicKeyAlgorithm(
-            $pk_info->algorithmIdentifier());
-        return $state;
-    }
+	/**
+	 * Update working_public_key, working_public_key_parameters and
+	 * working_public_key_algorithm state variables from certificate.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	private function _setPublicKeyState(ValidatorState $state, Certificate $cert)
+	{
+		$pk_info = $cert->tbsCertificate()->subjectPublicKeyInfo();
+		// assign working_public_key
+		$state = $state->withWorkingPublicKey($pk_info);
+		// assign working_public_key_parameters
+		$params = ValidatorState::getAlgorithmParameters(
+			$pk_info->algorithmIdentifier());
+		if (null !== $params) {
+			$state = $state->withWorkingPublicKeyParameters($params);
+		} else {
+			// if algorithms differ, set parameters to null
+			if ($pk_info->algorithmIdentifier()->oid() !==
+				 $state->workingPublicKeyAlgorithm()->oid()) {
+				$state = $state->withWorkingPublicKeyParameters(null);
+			}
+		}
+		// assign working_public_key_algorithm
+		$state = $state->withWorkingPublicKeyAlgorithm(
+			$pk_info->algorithmIdentifier());
+		return $state;
+	}
     
-    /**
-     * Verify certificate signature.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @throws PathValidationException
-     */
-    private function _verifySignature(ValidatorState $state, Certificate $cert)
-    {
-        try {
-            $valid = $cert->verify($state->workingPublicKey(), $this->_crypto);
-        } catch (\RuntimeException $e) {
-            throw new PathValidationException(
-                "Failed to verify signature: " . $e->getMessage(), 0, $e);
-        }
-        if (!$valid) {
-            throw new PathValidationException(
-                "Certificate signature doesn't match.");
-        }
-    }
+	/**
+	 * Verify certificate signature.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @throws PathValidationException
+	 */
+	private function _verifySignature(ValidatorState $state, Certificate $cert)
+	{
+		try {
+			$valid = $cert->verify($state->workingPublicKey(), $this->_crypto);
+		} catch (\RuntimeException $e) {
+			throw new PathValidationException(
+				"Failed to verify signature: " . $e->getMessage(), 0, $e);
+		}
+		if (!$valid) {
+			throw new PathValidationException(
+				"Certificate signature doesn't match.");
+		}
+	}
     
-    /**
-     * Check certificate validity.
-     *
-     * @param Certificate $cert
-     * @throws PathValidationException
-     */
-    private function _checkValidity(Certificate $cert)
-    {
-        $refdt = $this->_config->dateTime();
-        $validity = $cert->tbsCertificate()->validity();
-        if ($validity->notBefore()
-            ->dateTime()
-            ->diff($refdt)->invert) {
-            throw new PathValidationException(
-                "Certificate validity period has not started.");
-        }
-        if ($refdt->diff($validity->notAfter()
-            ->dateTime())->invert) {
-            throw new PathValidationException("Certificate has expired.");
-        }
-    }
+	/**
+	 * Check certificate validity.
+	 *
+	 * @param Certificate $cert
+	 * @throws PathValidationException
+	 */
+	private function _checkValidity(Certificate $cert)
+	{
+		$refdt = $this->_config->dateTime();
+		$validity = $cert->tbsCertificate()->validity();
+		if ($validity->notBefore()
+			->dateTime()
+			->diff($refdt)->invert) {
+			throw new PathValidationException(
+				"Certificate validity period has not started.");
+		}
+		if ($refdt->diff($validity->notAfter()
+			->dateTime())->invert) {
+			throw new PathValidationException("Certificate has expired.");
+		}
+	}
     
-    /**
-     * Check certificate revocation.
-     *
-     * @param Certificate $cert
-     */
-    private function _checkRevocation(Certificate $cert)
-    {
-        // @todo Implement CRL handling
-    }
+	/**
+	 * Check certificate revocation.
+	 *
+	 * @param Certificate $cert
+	 */
+	private function _checkRevocation(Certificate $cert)
+	{
+		// @todo Implement CRL handling
+	}
     
-    /**
-     * Check certificate issuer.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @throws PathValidationException
-     */
-    private function _checkIssuer(ValidatorState $state, Certificate $cert)
-    {
-        if (!$cert->tbsCertificate()
-            ->issuer()
-            ->equals($state->workingIssuerName())) {
-            throw new PathValidationException("Certification issuer mismatch.");
-        }
-    }
+	/**
+	 * Check certificate issuer.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @throws PathValidationException
+	 */
+	private function _checkIssuer(ValidatorState $state, Certificate $cert)
+	{
+		if (!$cert->tbsCertificate()
+			->issuer()
+			->equals($state->workingIssuerName())) {
+			throw new PathValidationException("Certification issuer mismatch.");
+		}
+	}
     
-    /**
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     */
-    private function _checkPermittedSubtrees(ValidatorState $state,
-        Certificate $cert)
-    {
-        // @todo Implement
-        $state->permittedSubtrees();
-    }
+	/**
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 */
+	private function _checkPermittedSubtrees(ValidatorState $state,
+		Certificate $cert)
+	{
+		// @todo Implement
+		$state->permittedSubtrees();
+	}
     
-    /**
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     */
-    private function _checkExcludedSubtrees(ValidatorState $state,
-        Certificate $cert)
-    {
-        // @todo Implement
-        $state->excludedSubtrees();
-    }
+	/**
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 */
+	private function _checkExcludedSubtrees(ValidatorState $state,
+		Certificate $cert)
+	{
+		// @todo Implement
+		$state->excludedSubtrees();
+	}
     
-    /**
-     * Apply policy mappings handling for the preparation step.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @throws PathValidationException
-     * @return ValidatorState
-     */
-    private function _preparePolicyMappings(ValidatorState $state,
-        Certificate $cert)
-    {
-        $extensions = $cert->tbsCertificate()->extensions();
-        if ($extensions->hasPolicyMappings()) {
-            // (a) verify that anyPolicy mapping is not used
-            if ($extensions->policyMappings()->hasAnyPolicyMapping()) {
-                throw new PathValidationException("anyPolicy mapping found.");
-            }
-            // (b) process policy mappings
-            if ($state->hasValidPolicyTree()) {
-                $state = $state->validPolicyTree()->processMappings($state,
-                    $cert);
-            }
-        }
-        return $state;
-    }
+	/**
+	 * Apply policy mappings handling for the preparation step.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @throws PathValidationException
+	 * @return ValidatorState
+	 */
+	private function _preparePolicyMappings(ValidatorState $state,
+		Certificate $cert)
+	{
+		$extensions = $cert->tbsCertificate()->extensions();
+		if ($extensions->hasPolicyMappings()) {
+			// (a) verify that anyPolicy mapping is not used
+			if ($extensions->policyMappings()->hasAnyPolicyMapping()) {
+				throw new PathValidationException("anyPolicy mapping found.");
+			}
+			// (b) process policy mappings
+			if ($state->hasValidPolicyTree()) {
+				$state = $state->validPolicyTree()->processMappings($state,
+					$cert);
+			}
+		}
+		return $state;
+	}
     
-    /**
-     * Apply name constraints handling for the preparation step.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    private function _prepareNameConstraints(ValidatorState $state,
-        Certificate $cert)
-    {
-        $extensions = $cert->tbsCertificate()->extensions();
-        if ($extensions->hasNameConstraints()) {
-            $state = $this->_processNameConstraints($state, $cert);
-        }
-        return $state;
-    }
+	/**
+	 * Apply name constraints handling for the preparation step.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	private function _prepareNameConstraints(ValidatorState $state,
+		Certificate $cert)
+	{
+		$extensions = $cert->tbsCertificate()->extensions();
+		if ($extensions->hasNameConstraints()) {
+			$state = $this->_processNameConstraints($state, $cert);
+		}
+		return $state;
+	}
     
-    /**
-     * Apply preparation for a non-self-signed certificate.
-     *
-     * @param ValidatorState $state
-     * @return ValidatorState
-     */
-    private function _prepareNonSelfIssued(ValidatorState $state)
-    {
-        // (h.1)
-        if ($state->explicitPolicy() > 0) {
-            $state = $state->withExplicitPolicy($state->explicitPolicy() - 1);
-        }
-        // (h.2)
-        if ($state->policyMapping() > 0) {
-            $state = $state->withPolicyMapping($state->policyMapping() - 1);
-        }
-        // (h.3)
-        if ($state->inhibitAnyPolicy() > 0) {
-            $state = $state->withInhibitAnyPolicy(
-                $state->inhibitAnyPolicy() - 1);
-        }
-        return $state;
-    }
+	/**
+	 * Apply preparation for a non-self-signed certificate.
+	 *
+	 * @param ValidatorState $state
+	 * @return ValidatorState
+	 */
+	private function _prepareNonSelfIssued(ValidatorState $state)
+	{
+		// (h.1)
+		if ($state->explicitPolicy() > 0) {
+			$state = $state->withExplicitPolicy($state->explicitPolicy() - 1);
+		}
+		// (h.2)
+		if ($state->policyMapping() > 0) {
+			$state = $state->withPolicyMapping($state->policyMapping() - 1);
+		}
+		// (h.3)
+		if ($state->inhibitAnyPolicy() > 0) {
+			$state = $state->withInhibitAnyPolicy(
+				$state->inhibitAnyPolicy() - 1);
+		}
+		return $state;
+	}
     
-    /**
-     * Apply policy constraints handling for the preparation step.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    private function _preparePolicyConstraints(ValidatorState $state,
-        Certificate $cert)
-    {
-        $extensions = $cert->tbsCertificate()->extensions();
-        if (!$extensions->hasPolicyConstraints()) {
-            return $state;
-        }
-        $ext = $extensions->policyConstraints();
-        // (i.1)
-        if ($ext->hasRequireExplicitPolicy() &&
-             $ext->requireExplicitPolicy() < $state->explicitPolicy()) {
-            $state = $state->withExplicitPolicy($ext->requireExplicitPolicy());
-        }
-        // (i.2)
-        if ($ext->hasInhibitPolicyMapping() &&
-             $ext->inhibitPolicyMapping() < $state->policyMapping()) {
-            $state = $state->withPolicyMapping($ext->inhibitPolicyMapping());
-        }
-        return $state;
-    }
+	/**
+	 * Apply policy constraints handling for the preparation step.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	private function _preparePolicyConstraints(ValidatorState $state,
+		Certificate $cert)
+	{
+		$extensions = $cert->tbsCertificate()->extensions();
+		if (!$extensions->hasPolicyConstraints()) {
+			return $state;
+		}
+		$ext = $extensions->policyConstraints();
+		// (i.1)
+		if ($ext->hasRequireExplicitPolicy() &&
+			 $ext->requireExplicitPolicy() < $state->explicitPolicy()) {
+			$state = $state->withExplicitPolicy($ext->requireExplicitPolicy());
+		}
+		// (i.2)
+		if ($ext->hasInhibitPolicyMapping() &&
+			 $ext->inhibitPolicyMapping() < $state->policyMapping()) {
+			$state = $state->withPolicyMapping($ext->inhibitPolicyMapping());
+		}
+		return $state;
+	}
     
-    /**
-     * Apply inhibit any-policy handling for the preparation step.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    private function _prepareInhibitAnyPolicy(ValidatorState $state,
-        Certificate $cert)
-    {
-        $extensions = $cert->tbsCertificate()->extensions();
-        if ($extensions->hasInhibitAnyPolicy()) {
-            $ext = $extensions->inhibitAnyPolicy();
-            if ($ext->skipCerts() < $state->inhibitAnyPolicy()) {
-                $state = $state->withInhibitAnyPolicy($ext->skipCerts());
-            }
-        }
-        return $state;
-    }
+	/**
+	 * Apply inhibit any-policy handling for the preparation step.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	private function _prepareInhibitAnyPolicy(ValidatorState $state,
+		Certificate $cert)
+	{
+		$extensions = $cert->tbsCertificate()->extensions();
+		if ($extensions->hasInhibitAnyPolicy()) {
+			$ext = $extensions->inhibitAnyPolicy();
+			if ($ext->skipCerts() < $state->inhibitAnyPolicy()) {
+				$state = $state->withInhibitAnyPolicy($ext->skipCerts());
+			}
+		}
+		return $state;
+	}
     
-    /**
-     * Verify maximum certification path length for the preparation step.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @throws PathValidationException
-     * @return ValidatorState
-     */
-    private function _verifyMaxPathLength(ValidatorState $state,
-        Certificate $cert): ValidatorState
-    {
-        if (!$cert->isSelfIssued()) {
-            if ($state->maxPathLength() <= 0) {
-                throw new PathValidationException(
-                    "Certification path length exceeded.");
-            }
-            $state = $state->withMaxPathLength($state->maxPathLength() - 1);
-        }
-        return $state;
-    }
+	/**
+	 * Verify maximum certification path length for the preparation step.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @throws PathValidationException
+	 * @return ValidatorState
+	 */
+	private function _verifyMaxPathLength(ValidatorState $state,
+		Certificate $cert): ValidatorState
+	{
+		if (!$cert->isSelfIssued()) {
+			if ($state->maxPathLength() <= 0) {
+				throw new PathValidationException(
+					"Certification path length exceeded.");
+			}
+			$state = $state->withMaxPathLength($state->maxPathLength() - 1);
+		}
+		return $state;
+	}
     
-    /**
-     * Check key usage extension for the preparation step.
-     *
-     * @param Certificate $cert
-     * @throws PathValidationException
-     */
-    private function _checkKeyUsage(Certificate $cert)
-    {
-        $extensions = $cert->tbsCertificate()->extensions();
-        if ($extensions->hasKeyUsage()) {
-            $ext = $extensions->keyUsage();
-            if (!$ext->isKeyCertSign()) {
-                throw new PathValidationException("keyCertSign usage not set.");
-            }
-        }
-    }
+	/**
+	 * Check key usage extension for the preparation step.
+	 *
+	 * @param Certificate $cert
+	 * @throws PathValidationException
+	 */
+	private function _checkKeyUsage(Certificate $cert)
+	{
+		$extensions = $cert->tbsCertificate()->extensions();
+		if ($extensions->hasKeyUsage()) {
+			$ext = $extensions->keyUsage();
+			if (!$ext->isKeyCertSign()) {
+				throw new PathValidationException("keyCertSign usage not set.");
+			}
+		}
+	}
     
-    /**
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    private function _processNameConstraints(ValidatorState $state,
-        Certificate $cert): ValidatorState
-    {
-        // @todo Implement
-        return $state;
-    }
+	/**
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	private function _processNameConstraints(ValidatorState $state,
+		Certificate $cert): ValidatorState
+	{
+		// @todo Implement
+		return $state;
+	}
     
-    /**
-     * Process basic constraints extension.
-     *
-     * @param Certificate $cert
-     * @throws PathValidationException
-     */
-    private function _processBasicContraints(Certificate $cert)
-    {
-        if ($cert->tbsCertificate()->version() == TBSCertificate::VERSION_3) {
-            $extensions = $cert->tbsCertificate()->extensions();
-            if (!$extensions->hasBasicConstraints()) {
-                throw new PathValidationException(
-                    "v3 certificate must have basicConstraints extension.");
-            }
-            // verify that cA is set to TRUE
-            if (!$extensions->basicConstraints()->isCA()) {
-                throw new PathValidationException(
-                    "Certificate is not a CA certificate.");
-            }
-        }
-    }
+	/**
+	 * Process basic constraints extension.
+	 *
+	 * @param Certificate $cert
+	 * @throws PathValidationException
+	 */
+	private function _processBasicContraints(Certificate $cert)
+	{
+		if ($cert->tbsCertificate()->version() == TBSCertificate::VERSION_3) {
+			$extensions = $cert->tbsCertificate()->extensions();
+			if (!$extensions->hasBasicConstraints()) {
+				throw new PathValidationException(
+					"v3 certificate must have basicConstraints extension.");
+			}
+			// verify that cA is set to TRUE
+			if (!$extensions->basicConstraints()->isCA()) {
+				throw new PathValidationException(
+					"Certificate is not a CA certificate.");
+			}
+		}
+	}
     
-    /**
-     * Process pathLenConstraint.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    private function _processPathLengthContraint(ValidatorState $state,
-        Certificate $cert): ValidatorState
-    {
-        $extensions = $cert->tbsCertificate()->extensions();
-        if ($extensions->hasBasicConstraints()) {
-            $ext = $extensions->basicConstraints();
-            if ($ext->hasPathLen()) {
-                if ($ext->pathLen() < $state->maxPathLength()) {
-                    $state = $state->withMaxPathLength($ext->pathLen());
-                }
-            }
-        }
-        return $state;
-    }
+	/**
+	 * Process pathLenConstraint.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	private function _processPathLengthContraint(ValidatorState $state,
+		Certificate $cert): ValidatorState
+	{
+		$extensions = $cert->tbsCertificate()->extensions();
+		if ($extensions->hasBasicConstraints()) {
+			$ext = $extensions->basicConstraints();
+			if ($ext->hasPathLen()) {
+				if ($ext->pathLen() < $state->maxPathLength()) {
+					$state = $state->withMaxPathLength($ext->pathLen());
+				}
+			}
+		}
+		return $state;
+	}
     
-    /**
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    private function _processExtensions(ValidatorState $state, Certificate $cert): ValidatorState
-    {
-        // @todo Implement
-        return $state;
-    }
+	/**
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	private function _processExtensions(ValidatorState $state, Certificate $cert): ValidatorState
+	{
+		// @todo Implement
+		return $state;
+	}
     
-    /**
-     *
-     * @param ValidatorState $state
-     * @return ValidatorState
-     */
-    private function _calculatePolicyIntersection(ValidatorState $state): ValidatorState
-    {
-        // (i) If the valid_policy_tree is NULL, the intersection is NULL
-        if (!$state->hasValidPolicyTree()) {
-            return $state;
-        }
-        // (ii) If the valid_policy_tree is not NULL and
-        // the user-initial-policy-set is any-policy, the intersection
-        // is the entire valid_policy_tree
-        $initial_policies = $this->_config->policySet();
-        if (in_array(PolicyInformation::OID_ANY_POLICY, $initial_policies)) {
-            return $state;
-        }
-        // (iii) If the valid_policy_tree is not NULL and the
-        // user-initial-policy-set is not any-policy, calculate
-        // the intersection of the valid_policy_tree and the
-        // user-initial-policy-set as follows
-        return $state->validPolicyTree()->calculateIntersection($state,
-            $initial_policies);
-    }
+	/**
+	 *
+	 * @param ValidatorState $state
+	 * @return ValidatorState
+	 */
+	private function _calculatePolicyIntersection(ValidatorState $state): ValidatorState
+	{
+		// (i) If the valid_policy_tree is NULL, the intersection is NULL
+		if (!$state->hasValidPolicyTree()) {
+			return $state;
+		}
+		// (ii) If the valid_policy_tree is not NULL and
+		// the user-initial-policy-set is any-policy, the intersection
+		// is the entire valid_policy_tree
+		$initial_policies = $this->_config->policySet();
+		if (in_array(PolicyInformation::OID_ANY_POLICY, $initial_policies)) {
+			return $state;
+		}
+		// (iii) If the valid_policy_tree is not NULL and the
+		// user-initial-policy-set is not any-policy, calculate
+		// the intersection of the valid_policy_tree and the
+		// user-initial-policy-set as follows
+		return $state->validPolicyTree()->calculateIntersection($state,
+			$initial_policies);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\CertificationPath\PathValidation;
 

lib/X509/GeneralName/IPv4Address.php

Switch Indentation +9 added lines, -9 removed lines

@@ -16,15 +16,15 @@
         $mask = null;
         $bytes = unpack("C*", $octets);
         switch (count($bytes)) {
-            case 4:
-                $ip = implode(".", $bytes);
-                break;
-            case 8:
-                $ip = implode(".", array_slice($bytes, 0, 4));
-                $mask = implode(".", array_slice($bytes, 4, 4));
-                break;
-            default:
-                throw new \UnexpectedValueException("Invalid IPv4 octet length.");
+        case 4:
+            $ip = implode(".", $bytes);
+            break;
+        case 8:
+            $ip = implode(".", array_slice($bytes, 0, 4));
+            $mask = implode(".", array_slice($bytes, 4, 4));
+            break;
+        default:
+            throw new \UnexpectedValueException("Invalid IPv4 octet length.");
         }
         return new self($ip, $mask);
     }

Indentation +37 added lines, -37 removed lines

@@ -6,42 +6,42 @@
 
 class IPv4Address extends IPAddress
 {
-    /**
-     * Initialize from octets.
-     *
-     * @param string $octets
-     * @throws \InvalidArgumentException
-     * @return self
-     */
-    public static function fromOctets(string $octets)
-    {
-        $mask = null;
-        $bytes = unpack("C*", $octets);
-        switch (count($bytes)) {
-            case 4:
-                $ip = implode(".", $bytes);
-                break;
-            case 8:
-                $ip = implode(".", array_slice($bytes, 0, 4));
-                $mask = implode(".", array_slice($bytes, 4, 4));
-                break;
-            default:
-                throw new \UnexpectedValueException("Invalid IPv4 octet length.");
-        }
-        return new self($ip, $mask);
-    }
+	/**
+	 * Initialize from octets.
+	 *
+	 * @param string $octets
+	 * @throws \InvalidArgumentException
+	 * @return self
+	 */
+	public static function fromOctets(string $octets)
+	{
+		$mask = null;
+		$bytes = unpack("C*", $octets);
+		switch (count($bytes)) {
+			case 4:
+				$ip = implode(".", $bytes);
+				break;
+			case 8:
+				$ip = implode(".", array_slice($bytes, 0, 4));
+				$mask = implode(".", array_slice($bytes, 4, 4));
+				break;
+			default:
+				throw new \UnexpectedValueException("Invalid IPv4 octet length.");
+		}
+		return new self($ip, $mask);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _octets(): string
-    {
-        $bytes = array_map("intval", explode(".", $this->_ip));
-        if (isset($this->_mask)) {
-            $bytes = array_merge($bytes,
-                array_map("intval", explode(".", $this->_mask)));
-        }
-        return pack("C*", ...$bytes);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _octets(): string
+	{
+		$bytes = array_map("intval", explode(".", $this->_ip));
+		if (isset($this->_mask)) {
+			$bytes = array_merge($bytes,
+				array_map("intval", explode(".", $this->_mask)));
+		}
+		return pack("C*", ...$bytes);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\GeneralName;
 

lib/X509/GeneralName/IPAddress.php

Switch Indentation +9 added lines, -9 removed lines

@@ -59,15 +59,15 @@
     {
         $octets = $el->asOctetString()->string();
         switch (strlen($octets)) {
-            case 4:
-            case 8:
-                return IPv4Address::fromOctets($octets);
-            case 16:
-            case 32:
-                return IPv6Address::fromOctets($octets);
-            default:
-                throw new \UnexpectedValueException(
-                    "Invalid octet length for IP address.");
+        case 4:
+        case 8:
+            return IPv4Address::fromOctets($octets);
+        case 16:
+        case 32:
+            return IPv6Address::fromOctets($octets);
+        default:
+            throw new \UnexpectedValueException(
+                "Invalid octet length for IP address.");
         }
     }
     

Indentation +85 added lines, -85 removed lines

@@ -18,97 +18,97 @@
  */
 abstract class IPAddress extends GeneralName
 {
-    /**
-     * IP address.
-     *
-     * @var string $_ip
-     */
-    protected $_ip;
+	/**
+	 * IP address.
+	 *
+	 * @var string $_ip
+	 */
+	protected $_ip;
     
-    /**
-     * Subnet mask.
-     *
-     * @var string|null $_mask
-     */
-    protected $_mask;
+	/**
+	 * Subnet mask.
+	 *
+	 * @var string|null $_mask
+	 */
+	protected $_mask;
     
-    /**
-     * Get octet representation of the IP address.
-     *
-     * @return string
-     */
-    abstract protected function _octets();
+	/**
+	 * Get octet representation of the IP address.
+	 *
+	 * @return string
+	 */
+	abstract protected function _octets();
     
-    /**
-     * Constructor.
-     *
-     * @param string $ip
-     * @param string|null $mask
-     */
-    public function __construct(string $ip, $mask = null)
-    {
-        $this->_tag = self::TAG_IP_ADDRESS;
-        $this->_ip = $ip;
-        $this->_mask = $mask;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $ip
+	 * @param string|null $mask
+	 */
+	public function __construct(string $ip, $mask = null)
+	{
+		$this->_tag = self::TAG_IP_ADDRESS;
+		$this->_ip = $ip;
+		$this->_mask = $mask;
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromChosenASN1(UnspecifiedType $el)
-    {
-        $octets = $el->asOctetString()->string();
-        switch (strlen($octets)) {
-            case 4:
-            case 8:
-                return IPv4Address::fromOctets($octets);
-            case 16:
-            case 32:
-                return IPv6Address::fromOctets($octets);
-            default:
-                throw new \UnexpectedValueException(
-                    "Invalid octet length for IP address.");
-        }
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromChosenASN1(UnspecifiedType $el)
+	{
+		$octets = $el->asOctetString()->string();
+		switch (strlen($octets)) {
+			case 4:
+			case 8:
+				return IPv4Address::fromOctets($octets);
+			case 16:
+			case 32:
+				return IPv6Address::fromOctets($octets);
+			default:
+				throw new \UnexpectedValueException(
+					"Invalid octet length for IP address.");
+		}
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function string(): string
-    {
-        return $this->_ip . (isset($this->_mask) ? "/" . $this->_mask : "");
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function string(): string
+	{
+		return $this->_ip . (isset($this->_mask) ? "/" . $this->_mask : "");
+	}
     
-    /**
-     * Get IP address as a string.
-     *
-     * @return string
-     */
-    public function address(): string
-    {
-        return $this->_ip;
-    }
+	/**
+	 * Get IP address as a string.
+	 *
+	 * @return string
+	 */
+	public function address(): string
+	{
+		return $this->_ip;
+	}
     
-    /**
-     * Get subnet mask as a string.
-     *
-     * @return string
-     */
-    public function mask(): string
-    {
-        return $this->_mask;
-    }
+	/**
+	 * Get subnet mask as a string.
+	 *
+	 * @return string
+	 */
+	public function mask(): string
+	{
+		return $this->_mask;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _choiceASN1()
-    {
-        return new ImplicitlyTaggedType($this->_tag,
-            new OctetString($this->_octets()));
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _choiceASN1()
+	{
+		return new ImplicitlyTaggedType($this->_tag,
+			new OctetString($this->_octets()));
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\GeneralName;
 

lib/X509/GeneralName/IPv6Address.php

Switch Indentation +9 added lines, -9 removed lines

@@ -16,15 +16,15 @@
         $mask = null;
         $words = unpack("n*", $octets);
         switch (count($words)) {
-            case 8:
-                $ip = self::_wordsToIPv6String($words);
-                break;
-            case 16:
-                $ip = self::_wordsToIPv6String(array_slice($words, 0, 8));
-                $mask = self::_wordsToIPv6String(array_slice($words, 8, 8));
-                break;
-            default:
-                throw new \UnexpectedValueException("Invalid IPv6 octet length.");
+        case 8:
+            $ip = self::_wordsToIPv6String($words);
+            break;
+        case 16:
+            $ip = self::_wordsToIPv6String(array_slice($words, 0, 8));
+            $mask = self::_wordsToIPv6String(array_slice($words, 8, 8));
+            break;
+        default:
+            throw new \UnexpectedValueException("Invalid IPv6 octet length.");
         }
         return new self($ip, $mask);
     }

Indentation +51 added lines, -51 removed lines

@@ -6,57 +6,57 @@
 
 class IPv6Address extends IPAddress
 {
-    /**
-     * Initialize from octets.
-     *
-     * @param string $octets
-     * @throws \InvalidArgumentException
-     * @return self
-     */
-    public static function fromOctets(string $octets)
-    {
-        $mask = null;
-        $words = unpack("n*", $octets);
-        switch (count($words)) {
-            case 8:
-                $ip = self::_wordsToIPv6String($words);
-                break;
-            case 16:
-                $ip = self::_wordsToIPv6String(array_slice($words, 0, 8));
-                $mask = self::_wordsToIPv6String(array_slice($words, 8, 8));
-                break;
-            default:
-                throw new \UnexpectedValueException("Invalid IPv6 octet length.");
-        }
-        return new self($ip, $mask);
-    }
+	/**
+	 * Initialize from octets.
+	 *
+	 * @param string $octets
+	 * @throws \InvalidArgumentException
+	 * @return self
+	 */
+	public static function fromOctets(string $octets)
+	{
+		$mask = null;
+		$words = unpack("n*", $octets);
+		switch (count($words)) {
+			case 8:
+				$ip = self::_wordsToIPv6String($words);
+				break;
+			case 16:
+				$ip = self::_wordsToIPv6String(array_slice($words, 0, 8));
+				$mask = self::_wordsToIPv6String(array_slice($words, 8, 8));
+				break;
+			default:
+				throw new \UnexpectedValueException("Invalid IPv6 octet length.");
+		}
+		return new self($ip, $mask);
+	}
     
-    /**
-     * Convert an array of 16 bit words to an IPv6 string representation.
-     *
-     * @param int[] $words
-     * @return string
-     */
-    protected static function _wordsToIPv6String(array $words): string
-    {
-        $groups = array_map(
-            function ($word) {
-                return sprintf("%04x", $word);
-            }, $words);
-        return implode(":", $groups);
-    }
+	/**
+	 * Convert an array of 16 bit words to an IPv6 string representation.
+	 *
+	 * @param int[] $words
+	 * @return string
+	 */
+	protected static function _wordsToIPv6String(array $words): string
+	{
+		$groups = array_map(
+			function ($word) {
+				return sprintf("%04x", $word);
+			}, $words);
+		return implode(":", $groups);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _octets(): string
-    {
-        $words = array_map("hexdec", explode(":", $this->_ip));
-        if (isset($this->_mask)) {
-            $words = array_merge($words,
-                array_map("hexdec", explode(":", $this->_mask)));
-        }
-        return pack("n*", ...$words);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _octets(): string
+	{
+		$words = array_map("hexdec", explode(":", $this->_ip));
+		if (isset($this->_mask)) {
+			$words = array_merge($words,
+				array_map("hexdec", explode(":", $this->_mask)));
+		}
+		return pack("n*", ...$words);
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -1,6 +1,6 @@ 
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\GeneralName;
 
@@ -40,7 +40,7 @@ 
     protected static function _wordsToIPv6String(array $words): string
     {
         $groups = array_map(
-            function ($word) {
+            function($word) {
                 return sprintf("%04x", $word);
             }, $words);
         return implode(":", $groups);

lib/X509/GeneralName/GeneralName.php

Indentation +134 added lines, -134 removed lines

@@ -13,147 +13,147 @@
  */
 abstract class GeneralName
 {
-    // GeneralName CHOICE tags
-    const TAG_OTHER_NAME = 0;
-    const TAG_RFC822_NAME = 1;
-    const TAG_DNS_NAME = 2;
-    const TAG_X400_ADDRESS = 3;
-    const TAG_DIRECTORY_NAME = 4;
-    const TAG_EDI_PARTY_NAME = 5;
-    const TAG_URI = 6;
-    const TAG_IP_ADDRESS = 7;
-    const TAG_REGISTERED_ID = 8;
+	// GeneralName CHOICE tags
+	const TAG_OTHER_NAME = 0;
+	const TAG_RFC822_NAME = 1;
+	const TAG_DNS_NAME = 2;
+	const TAG_X400_ADDRESS = 3;
+	const TAG_DIRECTORY_NAME = 4;
+	const TAG_EDI_PARTY_NAME = 5;
+	const TAG_URI = 6;
+	const TAG_IP_ADDRESS = 7;
+	const TAG_REGISTERED_ID = 8;
     
-    /**
-     * Chosen tag.
-     *
-     * @var int $_tag
-     */
-    protected $_tag;
+	/**
+	 * Chosen tag.
+	 *
+	 * @var int $_tag
+	 */
+	protected $_tag;
     
-    /**
-     * Get string value of the type.
-     *
-     * @return string
-     */
-    abstract public function string();
+	/**
+	 * Get string value of the type.
+	 *
+	 * @return string
+	 */
+	abstract public function string();
     
-    /**
-     * Get ASN.1 value in GeneralName CHOICE context.
-     *
-     * @return TaggedType
-     */
-    abstract protected function _choiceASN1();
+	/**
+	 * Get ASN.1 value in GeneralName CHOICE context.
+	 *
+	 * @return TaggedType
+	 */
+	abstract protected function _choiceASN1();
     
-    /**
-     * Initialize concrete object from the chosen ASN.1 element.
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromChosenASN1(UnspecifiedType $el)
-    {
-        throw new \BadMethodCallException(
-            __FUNCTION__ . " must be implemented in the derived class.");
-    }
+	/**
+	 * Initialize concrete object from the chosen ASN.1 element.
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromChosenASN1(UnspecifiedType $el)
+	{
+		throw new \BadMethodCallException(
+			__FUNCTION__ . " must be implemented in the derived class.");
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param TaggedType $el
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromASN1(TaggedType $el)
-    {
-        switch ($el->tag()) {
-            // otherName
-            case self::TAG_OTHER_NAME:
-                return OtherName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // rfc822Name
-            case self::TAG_RFC822_NAME:
-                return RFC822Name::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // dNSName
-            case self::TAG_DNS_NAME:
-                return DNSName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // x400Address
-            case self::TAG_X400_ADDRESS:
-                return X400Address::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // directoryName
-            case self::TAG_DIRECTORY_NAME:
-                // because Name is a CHOICE, albeit having only one option,
-                // explicit tagging must be used
-                // (see X.680 07/2002 30.6.c)
-                return DirectoryName::fromChosenASN1($el->asExplicit());
-            // ediPartyName
-            case self::TAG_EDI_PARTY_NAME:
-                return EDIPartyName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // uniformResourceIdentifier
-            case self::TAG_URI:
-                return UniformResourceIdentifier::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // iPAddress
-            case self::TAG_IP_ADDRESS:
-                return IPAddress::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_OCTET_STRING));
-            // registeredID
-            case self::TAG_REGISTERED_ID:
-                return RegisteredID::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_OBJECT_IDENTIFIER));
-        }
-        throw new \UnexpectedValueException(
-            "GeneralName type " . $el->tag() . " not supported.");
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param TaggedType $el
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromASN1(TaggedType $el)
+	{
+		switch ($el->tag()) {
+			// otherName
+			case self::TAG_OTHER_NAME:
+				return OtherName::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_SEQUENCE));
+			// rfc822Name
+			case self::TAG_RFC822_NAME:
+				return RFC822Name::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_IA5_STRING));
+			// dNSName
+			case self::TAG_DNS_NAME:
+				return DNSName::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_IA5_STRING));
+			// x400Address
+			case self::TAG_X400_ADDRESS:
+				return X400Address::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_SEQUENCE));
+			// directoryName
+			case self::TAG_DIRECTORY_NAME:
+				// because Name is a CHOICE, albeit having only one option,
+				// explicit tagging must be used
+				// (see X.680 07/2002 30.6.c)
+				return DirectoryName::fromChosenASN1($el->asExplicit());
+			// ediPartyName
+			case self::TAG_EDI_PARTY_NAME:
+				return EDIPartyName::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_SEQUENCE));
+			// uniformResourceIdentifier
+			case self::TAG_URI:
+				return UniformResourceIdentifier::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_IA5_STRING));
+			// iPAddress
+			case self::TAG_IP_ADDRESS:
+				return IPAddress::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_OCTET_STRING));
+			// registeredID
+			case self::TAG_REGISTERED_ID:
+				return RegisteredID::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_OBJECT_IDENTIFIER));
+		}
+		throw new \UnexpectedValueException(
+			"GeneralName type " . $el->tag() . " not supported.");
+	}
     
-    /**
-     * Get type tag.
-     *
-     * @return int
-     */
-    public function tag()
-    {
-        return $this->_tag;
-    }
+	/**
+	 * Get type tag.
+	 *
+	 * @return int
+	 */
+	public function tag()
+	{
+		return $this->_tag;
+	}
     
-    /**
-     * Generate ASN.1 element.
-     *
-     * @return Element
-     */
-    public function toASN1()
-    {
-        return $this->_choiceASN1();
-    }
+	/**
+	 * Generate ASN.1 element.
+	 *
+	 * @return Element
+	 */
+	public function toASN1()
+	{
+		return $this->_choiceASN1();
+	}
     
-    /**
-     * Check whether GeneralName is equal to other.
-     *
-     * @param GeneralName $other GeneralName to compare to
-     * @return boolean True if names are equal
-     */
-    public function equals(GeneralName $other)
-    {
-        if ($this->_tag != $other->_tag) {
-            return false;
-        }
-        if ($this->_choiceASN1()->toDER() != $other->_choiceASN1()->toDER()) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 * Check whether GeneralName is equal to other.
+	 *
+	 * @param GeneralName $other GeneralName to compare to
+	 * @return boolean True if names are equal
+	 */
+	public function equals(GeneralName $other)
+	{
+		if ($this->_tag != $other->_tag) {
+			return false;
+		}
+		if ($this->_choiceASN1()->toDER() != $other->_choiceASN1()->toDER()) {
+			return false;
+		}
+		return true;
+	}
     
-    /**
-     * Get general name as a string.
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->string();
-    }
+	/**
+	 * Get general name as a string.
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->string();
+	}
 }

Switch Indentation +37 added lines, -37 removed lines

@@ -68,43 +68,43 @@
     {
         switch ($el->tag()) {
             // otherName
-            case self::TAG_OTHER_NAME:
-                return OtherName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // rfc822Name
-            case self::TAG_RFC822_NAME:
-                return RFC822Name::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // dNSName
-            case self::TAG_DNS_NAME:
-                return DNSName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // x400Address
-            case self::TAG_X400_ADDRESS:
-                return X400Address::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // directoryName
-            case self::TAG_DIRECTORY_NAME:
-                // because Name is a CHOICE, albeit having only one option,
-                // explicit tagging must be used
-                // (see X.680 07/2002 30.6.c)
-                return DirectoryName::fromChosenASN1($el->asExplicit());
-            // ediPartyName
-            case self::TAG_EDI_PARTY_NAME:
-                return EDIPartyName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // uniformResourceIdentifier
-            case self::TAG_URI:
-                return UniformResourceIdentifier::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // iPAddress
-            case self::TAG_IP_ADDRESS:
-                return IPAddress::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_OCTET_STRING));
-            // registeredID
-            case self::TAG_REGISTERED_ID:
-                return RegisteredID::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_OBJECT_IDENTIFIER));
+        case self::TAG_OTHER_NAME:
+            return OtherName::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_SEQUENCE));
+        // rfc822Name
+        case self::TAG_RFC822_NAME:
+            return RFC822Name::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_IA5_STRING));
+        // dNSName
+        case self::TAG_DNS_NAME:
+            return DNSName::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_IA5_STRING));
+        // x400Address
+        case self::TAG_X400_ADDRESS:
+            return X400Address::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_SEQUENCE));
+        // directoryName
+        case self::TAG_DIRECTORY_NAME:
+            // because Name is a CHOICE, albeit having only one option,
+            // explicit tagging must be used
+            // (see X.680 07/2002 30.6.c)
+            return DirectoryName::fromChosenASN1($el->asExplicit());
+        // ediPartyName
+        case self::TAG_EDI_PARTY_NAME:
+            return EDIPartyName::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_SEQUENCE));
+        // uniformResourceIdentifier
+        case self::TAG_URI:
+            return UniformResourceIdentifier::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_IA5_STRING));
+        // iPAddress
+        case self::TAG_IP_ADDRESS:
+            return IPAddress::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_OCTET_STRING));
+        // registeredID
+        case self::TAG_REGISTERED_ID:
+            return RegisteredID::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_OBJECT_IDENTIFIER));
         }
         throw new \UnexpectedValueException(
             "GeneralName type " . $el->tag() . " not supported.");

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\GeneralName;
 

lib/X509/Certificate/Extension/NameConstraints/GeneralSubtree.php

Indentation +81 added lines, -81 removed lines

@@ -16,91 +16,91 @@
  */
 class GeneralSubtree
 {
-    /**
-     * Constraint.
-     *
-     * @var GeneralName
-     */
-    protected $_base;
+	/**
+	 * Constraint.
+	 *
+	 * @var GeneralName
+	 */
+	protected $_base;
     
-    /**
-     * Not used, must be zero.
-     *
-     * @var int $_min
-     */
-    protected $_min;
+	/**
+	 * Not used, must be zero.
+	 *
+	 * @var int $_min
+	 */
+	protected $_min;
     
-    /**
-     * Not used, must be null.
-     *
-     * @var int|null $_max
-     */
-    protected $_max;
+	/**
+	 * Not used, must be null.
+	 *
+	 * @var int|null $_max
+	 */
+	protected $_max;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralName $base
-     * @param int $min
-     * @param int|null $max
-     */
-    public function __construct(GeneralName $base, $min = 0, $max = null)
-    {
-        $this->_base = $base;
-        $this->_min = $min;
-        $this->_max = $max;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralName $base
+	 * @param int $min
+	 * @param int|null $max
+	 */
+	public function __construct(GeneralName $base, $min = 0, $max = null)
+	{
+		$this->_base = $base;
+		$this->_min = $min;
+		$this->_max = $max;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq)
-    {
-        $base = GeneralName::fromASN1($seq->at(0)->asTagged());
-        $min = 0;
-        $max = null;
-        if ($seq->hasTagged(0)) {
-            $min = $seq->getTagged(0)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->number();
-        }
-        if ($seq->hasTagged(1)) {
-            $max = $seq->getTagged(1)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->number();
-        }
-        return new self($base, $min, $max);
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq)
+	{
+		$base = GeneralName::fromASN1($seq->at(0)->asTagged());
+		$min = 0;
+		$max = null;
+		if ($seq->hasTagged(0)) {
+			$min = $seq->getTagged(0)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->number();
+		}
+		if ($seq->hasTagged(1)) {
+			$max = $seq->getTagged(1)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->number();
+		}
+		return new self($base, $min, $max);
+	}
     
-    /**
-     * Get constraint.
-     *
-     * @return GeneralName
-     */
-    public function base()
-    {
-        return $this->_base;
-    }
+	/**
+	 * Get constraint.
+	 *
+	 * @return GeneralName
+	 */
+	public function base()
+	{
+		return $this->_base;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1()
-    {
-        $elements = array($this->_base->toASN1());
-        if (isset($this->_min) && $this->_min != 0) {
-            $elements[] = new ImplicitlyTaggedType(0, new Integer($this->_min));
-        }
-        if (isset($this->_max)) {
-            $elements[] = new ImplicitlyTaggedType(1, new Integer($this->_max));
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1()
+	{
+		$elements = array($this->_base->toASN1());
+		if (isset($this->_min) && $this->_min != 0) {
+			$elements[] = new ImplicitlyTaggedType(0, new Integer($this->_min));
+		}
+		if (isset($this->_max)) {
+			$elements[] = new ImplicitlyTaggedType(1, new Integer($this->_max));
+		}
+		return new Sequence(...$elements);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\Certificate\Extension\NameConstraints;
 

lib/X509/Certificate/Extension/DistributionPoint/DistributionPointName.php

Switch Indentation +10 added lines, -10 removed lines

@@ -43,16 +43,16 @@
     public static function fromTaggedType(TaggedType $el)
     {
         switch ($el->tag()) {
-            case self::TAG_FULL_NAME:
-                return new FullName(
-                    GeneralNames::fromASN1(
-                        $el->asImplicit(Element::TYPE_SEQUENCE)->asSequence()));
-            case self::TAG_RDN:
-                return new RelativeName(
-                    RDN::fromASN1($el->asImplicit(Element::TYPE_SET)->asSet()));
-            default:
-                throw new \UnexpectedValueException(
-                    "DistributionPointName tag " . $el->tag() . " not supported.");
+        case self::TAG_FULL_NAME:
+            return new FullName(
+                GeneralNames::fromASN1(
+                    $el->asImplicit(Element::TYPE_SEQUENCE)->asSequence()));
+        case self::TAG_RDN:
+            return new RelativeName(
+                RDN::fromASN1($el->asImplicit(Element::TYPE_SET)->asSet()));
+        default:
+            throw new \UnexpectedValueException(
+                "DistributionPointName tag " . $el->tag() . " not supported.");
         }
     }
     

Indentation +55 added lines, -55 removed lines

@@ -18,64 +18,64 @@
  */
 abstract class DistributionPointName
 {
-    const TAG_FULL_NAME = 0;
-    const TAG_RDN = 1;
+	const TAG_FULL_NAME = 0;
+	const TAG_RDN = 1;
     
-    /**
-     * Type.
-     *
-     * @var int $_tag
-     */
-    protected $_tag;
+	/**
+	 * Type.
+	 *
+	 * @var int $_tag
+	 */
+	protected $_tag;
     
-    /**
-     * Generate ASN.1 element.
-     *
-     * @return Element
-     */
-    abstract protected function _valueASN1();
+	/**
+	 * Generate ASN.1 element.
+	 *
+	 * @return Element
+	 */
+	abstract protected function _valueASN1();
     
-    /**
-     * Initialize from TaggedType.
-     *
-     * @param TaggedType $el
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromTaggedType(TaggedType $el)
-    {
-        switch ($el->tag()) {
-            case self::TAG_FULL_NAME:
-                return new FullName(
-                    GeneralNames::fromASN1(
-                        $el->asImplicit(Element::TYPE_SEQUENCE)->asSequence()));
-            case self::TAG_RDN:
-                return new RelativeName(
-                    RDN::fromASN1($el->asImplicit(Element::TYPE_SET)->asSet()));
-            default:
-                throw new \UnexpectedValueException(
-                    "DistributionPointName tag " . $el->tag() . " not supported.");
-        }
-    }
+	/**
+	 * Initialize from TaggedType.
+	 *
+	 * @param TaggedType $el
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromTaggedType(TaggedType $el)
+	{
+		switch ($el->tag()) {
+			case self::TAG_FULL_NAME:
+				return new FullName(
+					GeneralNames::fromASN1(
+						$el->asImplicit(Element::TYPE_SEQUENCE)->asSequence()));
+			case self::TAG_RDN:
+				return new RelativeName(
+					RDN::fromASN1($el->asImplicit(Element::TYPE_SET)->asSet()));
+			default:
+				throw new \UnexpectedValueException(
+					"DistributionPointName tag " . $el->tag() . " not supported.");
+		}
+	}
     
-    /**
-     * Get type tag.
-     *
-     * @return int
-     */
-    public function tag()
-    {
-        return $this->_tag;
-    }
+	/**
+	 * Get type tag.
+	 *
+	 * @return int
+	 */
+	public function tag()
+	{
+		return $this->_tag;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return ImplicitlyTaggedType
-     */
-    public function toASN1(): ImplicitlyTaggedType
-    {
-        $element = $this->_valueASN1();
-        return new ImplicitlyTaggedType($this->_tag, $element);
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return ImplicitlyTaggedType
+	 */
+	public function toASN1(): ImplicitlyTaggedType
+	{
+		$element = $this->_valueASN1();
+		return new ImplicitlyTaggedType($this->_tag, $element);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\Certificate\Extension\DistributionPoint;
 

lib/X509/Certificate/Extension/CertificatePolicy/UserNoticeQualifier.php

Indentation +102 added lines, -102 removed lines

@@ -14,114 +14,114 @@
  */
 class UserNoticeQualifier extends PolicyQualifierInfo
 {
-    /**
-     * Explicit notice text.
-     *
-     * @var DisplayText $_text
-     */
-    protected $_text;
+	/**
+	 * Explicit notice text.
+	 *
+	 * @var DisplayText $_text
+	 */
+	protected $_text;
     
-    /**
-     * Notice reference.
-     *
-     * @var NoticeReference $_ref
-     */
-    protected $_ref;
+	/**
+	 * Notice reference.
+	 *
+	 * @var NoticeReference $_ref
+	 */
+	protected $_ref;
     
-    /**
-     * Constructor.
-     *
-     * @param DisplayText|null $text
-     * @param NoticeReference|null $ref
-     */
-    public function __construct(DisplayText $text = null, NoticeReference $ref = null)
-    {
-        $this->_oid = self::OID_UNOTICE;
-        $this->_text = $text;
-        $this->_ref = $ref;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param DisplayText|null $text
+	 * @param NoticeReference|null $ref
+	 */
+	public function __construct(DisplayText $text = null, NoticeReference $ref = null)
+	{
+		$this->_oid = self::OID_UNOTICE;
+		$this->_text = $text;
+		$this->_ref = $ref;
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromQualifierASN1(UnspecifiedType $el)
-    {
-        $seq = $el->asSequence();
-        $ref = null;
-        $text = null;
-        $idx = 0;
-        if ($seq->has($idx, Element::TYPE_SEQUENCE)) {
-            $ref = NoticeReference::fromASN1($seq->at($idx++)->asSequence());
-        }
-        if ($seq->has($idx, Element::TYPE_STRING)) {
-            $text = DisplayText::fromASN1($seq->at($idx)->asString());
-        }
-        return new self($text, $ref);
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromQualifierASN1(UnspecifiedType $el)
+	{
+		$seq = $el->asSequence();
+		$ref = null;
+		$text = null;
+		$idx = 0;
+		if ($seq->has($idx, Element::TYPE_SEQUENCE)) {
+			$ref = NoticeReference::fromASN1($seq->at($idx++)->asSequence());
+		}
+		if ($seq->has($idx, Element::TYPE_STRING)) {
+			$text = DisplayText::fromASN1($seq->at($idx)->asString());
+		}
+		return new self($text, $ref);
+	}
     
-    /**
-     * Whether explicit text is present.
-     *
-     * @return bool
-     */
-    public function hasExplicitText()
-    {
-        return isset($this->_text);
-    }
+	/**
+	 * Whether explicit text is present.
+	 *
+	 * @return bool
+	 */
+	public function hasExplicitText()
+	{
+		return isset($this->_text);
+	}
     
-    /**
-     * Get explicit text.
-     *
-     * @return DisplayText
-     */
-    public function explicitText()
-    {
-        if (!$this->hasExplicitText()) {
-            throw new \LogicException("explicitText not set.");
-        }
-        return $this->_text;
-    }
+	/**
+	 * Get explicit text.
+	 *
+	 * @return DisplayText
+	 */
+	public function explicitText()
+	{
+		if (!$this->hasExplicitText()) {
+			throw new \LogicException("explicitText not set.");
+		}
+		return $this->_text;
+	}
     
-    /**
-     * Whether notice reference is present.
-     *
-     * @return bool
-     */
-    public function hasNoticeRef()
-    {
-        return isset($this->_ref);
-    }
+	/**
+	 * Whether notice reference is present.
+	 *
+	 * @return bool
+	 */
+	public function hasNoticeRef()
+	{
+		return isset($this->_ref);
+	}
     
-    /**
-     * Get notice reference.
-     *
-     * @throws \RuntimeException
-     * @return NoticeReference
-     */
-    public function noticeRef()
-    {
-        if (!$this->hasNoticeRef()) {
-            throw new \LogicException("noticeRef not set.");
-        }
-        return $this->_ref;
-    }
+	/**
+	 * Get notice reference.
+	 *
+	 * @throws \RuntimeException
+	 * @return NoticeReference
+	 */
+	public function noticeRef()
+	{
+		if (!$this->hasNoticeRef()) {
+			throw new \LogicException("noticeRef not set.");
+		}
+		return $this->_ref;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _qualifierASN1()
-    {
-        $elements = array();
-        if (isset($this->_ref)) {
-            $elements[] = $this->_ref->toASN1();
-        }
-        if (isset($this->_text)) {
-            $elements[] = $this->_text->toASN1();
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _qualifierASN1()
+	{
+		$elements = array();
+		if (isset($this->_ref)) {
+			$elements[] = $this->_ref->toASN1();
+		}
+		if (isset($this->_text)) {
+			$elements[] = $this->_text->toASN1();
+		}
+		return new Sequence(...$elements);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\Certificate\Extension\CertificatePolicy;
 

lib/X509/Certificate/Extension/CertificatePolicy/DisplayText.php

Indentation +82 added lines, -82 removed lines

@@ -17,93 +17,93 @@
  */
 class DisplayText
 {
-    /**
-     * Text.
-     *
-     * @var string $_text
-     */
-    protected $_text;
+	/**
+	 * Text.
+	 *
+	 * @var string $_text
+	 */
+	protected $_text;
     
-    /**
-     * Element tag.
-     *
-     * @var int $_tag
-     */
-    protected $_tag;
+	/**
+	 * Element tag.
+	 *
+	 * @var int $_tag
+	 */
+	protected $_tag;
     
-    /**
-     * Constructor.
-     *
-     * @param string $text
-     * @param int $tag
-     */
-    public function __construct($text, $tag)
-    {
-        $this->_text = $text;
-        $this->_tag = $tag;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $text
+	 * @param int $tag
+	 */
+	public function __construct($text, $tag)
+	{
+		$this->_text = $text;
+		$this->_tag = $tag;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param StringType $el
-     * @return self
-     */
-    public static function fromASN1(StringType $el)
-    {
-        return new self($el->string(), $el->tag());
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param StringType $el
+	 * @return self
+	 */
+	public static function fromASN1(StringType $el)
+	{
+		return new self($el->string(), $el->tag());
+	}
     
-    /**
-     * Initialize from a UTF-8 string.
-     *
-     * @param string $str
-     * @return self
-     */
-    public static function fromString($str)
-    {
-        return new self($str, Element::TYPE_UTF8_STRING);
-    }
+	/**
+	 * Initialize from a UTF-8 string.
+	 *
+	 * @param string $str
+	 * @return self
+	 */
+	public static function fromString($str)
+	{
+		return new self($str, Element::TYPE_UTF8_STRING);
+	}
     
-    /**
-     * Get the text.
-     *
-     * @return string
-     */
-    public function string()
-    {
-        return $this->_text;
-    }
+	/**
+	 * Get the text.
+	 *
+	 * @return string
+	 */
+	public function string()
+	{
+		return $this->_text;
+	}
     
-    /**
-     * Generate ASN.1 element.
-     *
-     * @throws \UnexpectedValueException
-     * @return StringType
-     */
-    public function toASN1()
-    {
-        switch ($this->_tag) {
-            case Element::TYPE_IA5_STRING:
-                return new IA5String($this->_text);
-            case Element::TYPE_VISIBLE_STRING:
-                return new VisibleString($this->_text);
-            case Element::TYPE_BMP_STRING:
-                return new BMPString($this->_text);
-            case Element::TYPE_UTF8_STRING:
-                return new UTF8String($this->_text);
-            default:
-                throw new \UnexpectedValueException(
-                    "Type " . Element::tagToName($this->_tag) . " not supported.");
-        }
-    }
+	/**
+	 * Generate ASN.1 element.
+	 *
+	 * @throws \UnexpectedValueException
+	 * @return StringType
+	 */
+	public function toASN1()
+	{
+		switch ($this->_tag) {
+			case Element::TYPE_IA5_STRING:
+				return new IA5String($this->_text);
+			case Element::TYPE_VISIBLE_STRING:
+				return new VisibleString($this->_text);
+			case Element::TYPE_BMP_STRING:
+				return new BMPString($this->_text);
+			case Element::TYPE_UTF8_STRING:
+				return new UTF8String($this->_text);
+			default:
+				throw new \UnexpectedValueException(
+					"Type " . Element::tagToName($this->_tag) . " not supported.");
+		}
+	}
     
-    /**
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->string();
-    }
+	/**
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->string();
+	}
 }

Switch Indentation +11 added lines, -11 removed lines

@@ -84,17 +84,17 @@
     public function toASN1()
     {
         switch ($this->_tag) {
-            case Element::TYPE_IA5_STRING:
-                return new IA5String($this->_text);
-            case Element::TYPE_VISIBLE_STRING:
-                return new VisibleString($this->_text);
-            case Element::TYPE_BMP_STRING:
-                return new BMPString($this->_text);
-            case Element::TYPE_UTF8_STRING:
-                return new UTF8String($this->_text);
-            default:
-                throw new \UnexpectedValueException(
-                    "Type " . Element::tagToName($this->_tag) . " not supported.");
+        case Element::TYPE_IA5_STRING:
+            return new IA5String($this->_text);
+        case Element::TYPE_VISIBLE_STRING:
+            return new VisibleString($this->_text);
+        case Element::TYPE_BMP_STRING:
+            return new BMPString($this->_text);
+        case Element::TYPE_UTF8_STRING:
+            return new UTF8String($this->_text);
+        default:
+            throw new \UnexpectedValueException(
+                "Type " . Element::tagToName($this->_tag) . " not supported.");
         }
     }