sop / x509

lib/X509/Certificate/Extension/KeyUsageExtension.php

Indentation +137 added lines, -137 removed lines

@@ -14,155 +14,155 @@
  */
 class KeyUsageExtension extends Extension
 {
-    const DIGITAL_SIGNATURE = 0x100;
-    const NON_REPUDIATION = 0x080;
-    const KEY_ENCIPHERMENT = 0x040;
-    const DATA_ENCIPHERMENT = 0x020;
-    const KEY_AGREEMENT = 0x010;
-    const KEY_CERT_SIGN = 0x008;
-    const CRL_SIGN = 0x004;
-    const ENCIPHER_ONLY = 0x002;
-    const DECIPHER_ONLY = 0x001;
+	const DIGITAL_SIGNATURE = 0x100;
+	const NON_REPUDIATION = 0x080;
+	const KEY_ENCIPHERMENT = 0x040;
+	const DATA_ENCIPHERMENT = 0x020;
+	const KEY_AGREEMENT = 0x010;
+	const KEY_CERT_SIGN = 0x008;
+	const CRL_SIGN = 0x004;
+	const ENCIPHER_ONLY = 0x002;
+	const DECIPHER_ONLY = 0x001;
     
-    /**
-     * Key usage flags.
-     *
-     * @var int $_keyUsage
-     */
-    protected $_keyUsage;
+	/**
+	 * Key usage flags.
+	 *
+	 * @var int $_keyUsage
+	 */
+	protected $_keyUsage;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param int $keyUsage
-     */
-    public function __construct(bool $critical, $keyUsage)
-    {
-        parent::__construct(self::OID_KEY_USAGE, $critical);
-        $this->_keyUsage = (int) $keyUsage;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param int $keyUsage
+	 */
+	public function __construct(bool $critical, $keyUsage)
+	{
+		parent::__construct(self::OID_KEY_USAGE, $critical);
+		$this->_keyUsage = (int) $keyUsage;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER($data, $critical)
-    {
-        return new self($critical,
-            Flags::fromBitString(BitString::fromDER($data), 9)->number());
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER($data, $critical)
+	{
+		return new self($critical,
+			Flags::fromBitString(BitString::fromDER($data), 9)->number());
+	}
     
-    /**
-     * Check whether digitalSignature flag is set.
-     *
-     * @return bool
-     */
-    public function isDigitalSignature(): bool
-    {
-        return $this->_flagSet(self::DIGITAL_SIGNATURE);
-    }
+	/**
+	 * Check whether digitalSignature flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isDigitalSignature(): bool
+	{
+		return $this->_flagSet(self::DIGITAL_SIGNATURE);
+	}
     
-    /**
-     * Check whether nonRepudiation/contentCommitment flag is set.
-     *
-     * @return bool
-     */
-    public function isNonRepudiation(): bool
-    {
-        return $this->_flagSet(self::NON_REPUDIATION);
-    }
+	/**
+	 * Check whether nonRepudiation/contentCommitment flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isNonRepudiation(): bool
+	{
+		return $this->_flagSet(self::NON_REPUDIATION);
+	}
     
-    /**
-     * Check whether keyEncipherment flag is set.
-     *
-     * @return bool
-     */
-    public function isKeyEncipherment(): bool
-    {
-        return $this->_flagSet(self::KEY_ENCIPHERMENT);
-    }
+	/**
+	 * Check whether keyEncipherment flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isKeyEncipherment(): bool
+	{
+		return $this->_flagSet(self::KEY_ENCIPHERMENT);
+	}
     
-    /**
-     * Check whether dataEncipherment flag is set.
-     *
-     * @return bool
-     */
-    public function isDataEncipherment(): bool
-    {
-        return $this->_flagSet(self::DATA_ENCIPHERMENT);
-    }
+	/**
+	 * Check whether dataEncipherment flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isDataEncipherment(): bool
+	{
+		return $this->_flagSet(self::DATA_ENCIPHERMENT);
+	}
     
-    /**
-     * Check whether keyAgreement flag is set.
-     *
-     * @return bool
-     */
-    public function isKeyAgreement(): bool
-    {
-        return $this->_flagSet(self::KEY_AGREEMENT);
-    }
+	/**
+	 * Check whether keyAgreement flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isKeyAgreement(): bool
+	{
+		return $this->_flagSet(self::KEY_AGREEMENT);
+	}
     
-    /**
-     * Check whether keyCertSign flag is set.
-     *
-     * @return bool
-     */
-    public function isKeyCertSign(): bool
-    {
-        return $this->_flagSet(self::KEY_CERT_SIGN);
-    }
+	/**
+	 * Check whether keyCertSign flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isKeyCertSign(): bool
+	{
+		return $this->_flagSet(self::KEY_CERT_SIGN);
+	}
     
-    /**
-     * Check whether cRLSign flag is set.
-     *
-     * @return bool
-     */
-    public function isCRLSign(): bool
-    {
-        return $this->_flagSet(self::CRL_SIGN);
-    }
+	/**
+	 * Check whether cRLSign flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isCRLSign(): bool
+	{
+		return $this->_flagSet(self::CRL_SIGN);
+	}
     
-    /**
-     * Check whether encipherOnly flag is set.
-     *
-     * @return bool
-     */
-    public function isEncipherOnly(): bool
-    {
-        return $this->_flagSet(self::ENCIPHER_ONLY);
-    }
+	/**
+	 * Check whether encipherOnly flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isEncipherOnly(): bool
+	{
+		return $this->_flagSet(self::ENCIPHER_ONLY);
+	}
     
-    /**
-     * Check whether decipherOnly flag is set.
-     *
-     * @return bool
-     */
-    public function isDecipherOnly(): bool
-    {
-        return $this->_flagSet(self::DECIPHER_ONLY);
-    }
+	/**
+	 * Check whether decipherOnly flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isDecipherOnly(): bool
+	{
+		return $this->_flagSet(self::DECIPHER_ONLY);
+	}
     
-    /**
-     * Check whether given flag is set.
-     *
-     * @param int $flag
-     * @return boolean
-     */
-    protected function _flagSet($flag): bool
-    {
-        return (bool) ($this->_keyUsage & $flag);
-    }
+	/**
+	 * Check whether given flag is set.
+	 *
+	 * @param int $flag
+	 * @return boolean
+	 */
+	protected function _flagSet($flag): bool
+	{
+		return (bool) ($this->_keyUsage & $flag);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return BitString
-     */
-    protected function _valueASN1(): BitString
-    {
-        $flags = new Flags($this->_keyUsage, 9);
-        return $flags->bitString()->withoutTrailingZeroes();
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return BitString
+	 */
+	protected function _valueASN1(): BitString
+	{
+		$flags = new Flags($this->_keyUsage, 9);
+		return $flags->bitString()->withoutTrailingZeroes();
+	}
 }

lib/X509/Certificate/Extension/CertificatePoliciesExtension.php

Indentation +122 added lines, -122 removed lines

@@ -14,136 +14,136 @@
  * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.4
  */
 class CertificatePoliciesExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Policy information terms.
-     *
-     * @var PolicyInformation[] $_policies
-     */
-    protected $_policies;
+	/**
+	 * Policy information terms.
+	 *
+	 * @var PolicyInformation[] $_policies
+	 */
+	protected $_policies;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param PolicyInformation ...$policies
-     */
-    public function __construct($critical, PolicyInformation ...$policies)
-    {
-        parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
-        $this->_policies = [];
-        foreach ($policies as $policy) {
-            $this->_policies[$policy->oid()] = $policy;
-        }
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param PolicyInformation ...$policies
+	 */
+	public function __construct($critical, PolicyInformation ...$policies)
+	{
+		parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
+		$this->_policies = [];
+		foreach ($policies as $policy) {
+			$this->_policies[$policy->oid()] = $policy;
+		}
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER($data, $critical)
-    {
-        $policies = array_map(
-            function (UnspecifiedType $el) {
-                return PolicyInformation::fromASN1($el->asSequence());
-            }, Sequence::fromDER($data)->elements());
-        if (!count($policies)) {
-            throw new \UnexpectedValueException(
-                "certificatePolicies must contain" .
-                     " at least one PolicyInformation.");
-        }
-        return new self($critical, ...$policies);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER($data, $critical)
+	{
+		$policies = array_map(
+			function (UnspecifiedType $el) {
+				return PolicyInformation::fromASN1($el->asSequence());
+			}, Sequence::fromDER($data)->elements());
+		if (!count($policies)) {
+			throw new \UnexpectedValueException(
+				"certificatePolicies must contain" .
+					 " at least one PolicyInformation.");
+		}
+		return new self($critical, ...$policies);
+	}
     
-    /**
-     * Check whether policy information by OID is present.
-     *
-     * @param string $oid
-     * @return bool
-     */
-    public function has(string $oid): bool
-    {
-        return isset($this->_policies[$oid]);
-    }
+	/**
+	 * Check whether policy information by OID is present.
+	 *
+	 * @param string $oid
+	 * @return bool
+	 */
+	public function has(string $oid): bool
+	{
+		return isset($this->_policies[$oid]);
+	}
     
-    /**
-     * Get policy information by OID.
-     *
-     * @param string $oid
-     * @throws \LogicException
-     * @return PolicyInformation
-     */
-    public function get(string $oid): PolicyInformation
-    {
-        if (!$this->has($oid)) {
-            throw new \LogicException("Not certificate policy by OID $oid.");
-        }
-        return $this->_policies[$oid];
-    }
+	/**
+	 * Get policy information by OID.
+	 *
+	 * @param string $oid
+	 * @throws \LogicException
+	 * @return PolicyInformation
+	 */
+	public function get(string $oid): PolicyInformation
+	{
+		if (!$this->has($oid)) {
+			throw new \LogicException("Not certificate policy by OID $oid.");
+		}
+		return $this->_policies[$oid];
+	}
     
-    /**
-     * Check whether anyPolicy is present.
-     *
-     * @return bool
-     */
-    public function hasAnyPolicy(): bool
-    {
-        return $this->has(PolicyInformation::OID_ANY_POLICY);
-    }
+	/**
+	 * Check whether anyPolicy is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAnyPolicy(): bool
+	{
+		return $this->has(PolicyInformation::OID_ANY_POLICY);
+	}
     
-    /**
-     * Get anyPolicy information.
-     *
-     * @throws \LogicException If anyPolicy is not present.
-     * @return PolicyInformation
-     */
-    public function anyPolicy(): PolicyInformation
-    {
-        if (!$this->hasAnyPolicy()) {
-            throw new \LogicException("No anyPolicy.");
-        }
-        return $this->get(PolicyInformation::OID_ANY_POLICY);
-    }
+	/**
+	 * Get anyPolicy information.
+	 *
+	 * @throws \LogicException If anyPolicy is not present.
+	 * @return PolicyInformation
+	 */
+	public function anyPolicy(): PolicyInformation
+	{
+		if (!$this->hasAnyPolicy()) {
+			throw new \LogicException("No anyPolicy.");
+		}
+		return $this->get(PolicyInformation::OID_ANY_POLICY);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        if (!count($this->_policies)) {
-            throw new \LogicException("No policies.");
-        }
-        $elements = array_map(
-            function (PolicyInformation $pi) {
-                return $pi->toASN1();
-            }, array_values($this->_policies));
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		if (!count($this->_policies)) {
+			throw new \LogicException("No policies.");
+		}
+		$elements = array_map(
+			function (PolicyInformation $pi) {
+				return $pi->toASN1();
+			}, array_values($this->_policies));
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Get the number of policies.
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_policies);
-    }
+	/**
+	 * Get the number of policies.
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_policies);
+	}
     
-    /**
-     * Get iterator for policy information terms.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_policies);
-    }
+	/**
+	 * Get iterator for policy information terms.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_policies);
+	}
 }

lib/X509/Certificate/Extension/NameConstraintsExtension.php

Indentation +110 added lines, -110 removed lines

@@ -16,122 +16,122 @@
  */
 class NameConstraintsExtension extends Extension
 {
-    /**
-     * Permitted subtrees.
-     *
-     * @var GeneralSubtrees|null $_permitted
-     */
-    protected $_permitted;
+	/**
+	 * Permitted subtrees.
+	 *
+	 * @var GeneralSubtrees|null $_permitted
+	 */
+	protected $_permitted;
     
-    /**
-     * Excluded subtrees.
-     *
-     * @var GeneralSubtrees|null $_excluded
-     */
-    protected $_excluded;
+	/**
+	 * Excluded subtrees.
+	 *
+	 * @var GeneralSubtrees|null $_excluded
+	 */
+	protected $_excluded;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param GeneralSubtrees $permitted
-     * @param GeneralSubtrees $excluded
-     */
-    public function __construct(bool $critical, GeneralSubtrees $permitted = null,
-        GeneralSubtrees $excluded = null)
-    {
-        parent::__construct(self::OID_NAME_CONSTRAINTS, $critical);
-        $this->_permitted = $permitted;
-        $this->_excluded = $excluded;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param GeneralSubtrees $permitted
+	 * @param GeneralSubtrees $excluded
+	 */
+	public function __construct(bool $critical, GeneralSubtrees $permitted = null,
+		GeneralSubtrees $excluded = null)
+	{
+		parent::__construct(self::OID_NAME_CONSTRAINTS, $critical);
+		$this->_permitted = $permitted;
+		$this->_excluded = $excluded;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER($data, $critical)
-    {
-        $seq = Sequence::fromDER($data);
-        $permitted = null;
-        $excluded = null;
-        if ($seq->hasTagged(0)) {
-            $permitted = GeneralSubtrees::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        if ($seq->hasTagged(1)) {
-            $excluded = GeneralSubtrees::fromASN1(
-                $seq->getTagged(1)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        return new self($critical, $permitted, $excluded);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER($data, $critical)
+	{
+		$seq = Sequence::fromDER($data);
+		$permitted = null;
+		$excluded = null;
+		if ($seq->hasTagged(0)) {
+			$permitted = GeneralSubtrees::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		if ($seq->hasTagged(1)) {
+			$excluded = GeneralSubtrees::fromASN1(
+				$seq->getTagged(1)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		return new self($critical, $permitted, $excluded);
+	}
     
-    /**
-     * Whether permitted subtrees are present.
-     *
-     * @return bool
-     */
-    public function hasPermittedSubtrees(): bool
-    {
-        return isset($this->_permitted);
-    }
+	/**
+	 * Whether permitted subtrees are present.
+	 *
+	 * @return bool
+	 */
+	public function hasPermittedSubtrees(): bool
+	{
+		return isset($this->_permitted);
+	}
     
-    /**
-     * Get permitted subtrees.
-     *
-     * @throws \LogicException
-     * @return GeneralSubtrees
-     */
-    public function permittedSubtrees(): GeneralSubtrees
-    {
-        if (!$this->hasPermittedSubtrees()) {
-            throw new \LogicException("No permitted subtrees.");
-        }
-        return $this->_permitted;
-    }
+	/**
+	 * Get permitted subtrees.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralSubtrees
+	 */
+	public function permittedSubtrees(): GeneralSubtrees
+	{
+		if (!$this->hasPermittedSubtrees()) {
+			throw new \LogicException("No permitted subtrees.");
+		}
+		return $this->_permitted;
+	}
     
-    /**
-     * Whether excluded subtrees are present.
-     *
-     * @return bool
-     */
-    public function hasExcludedSubtrees(): bool
-    {
-        return isset($this->_excluded);
-    }
+	/**
+	 * Whether excluded subtrees are present.
+	 *
+	 * @return bool
+	 */
+	public function hasExcludedSubtrees(): bool
+	{
+		return isset($this->_excluded);
+	}
     
-    /**
-     * Get excluded subtrees.
-     *
-     * @throws \LogicException
-     * @return GeneralSubtrees
-     */
-    public function excludedSubtrees(): GeneralSubtrees
-    {
-        if (!$this->hasExcludedSubtrees()) {
-            throw new \LogicException("No excluded subtrees.");
-        }
-        return $this->_excluded;
-    }
+	/**
+	 * Get excluded subtrees.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralSubtrees
+	 */
+	public function excludedSubtrees(): GeneralSubtrees
+	{
+		if (!$this->hasExcludedSubtrees()) {
+			throw new \LogicException("No excluded subtrees.");
+		}
+		return $this->_excluded;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1()
-    {
-        $elements = array();
-        if (isset($this->_permitted)) {
-            $elements[] = new ImplicitlyTaggedType(0, $this->_permitted->toASN1());
-        }
-        if (isset($this->_excluded)) {
-            $elements[] = new ImplicitlyTaggedType(1, $this->_excluded->toASN1());
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1()
+	{
+		$elements = array();
+		if (isset($this->_permitted)) {
+			$elements[] = new ImplicitlyTaggedType(0, $this->_permitted->toASN1());
+		}
+		if (isset($this->_excluded)) {
+			$elements[] = new ImplicitlyTaggedType(1, $this->_excluded->toASN1());
+		}
+		return new Sequence(...$elements);
+	}
 }

lib/X509/Certificate/Extension/Extension.php

Indentation +199 added lines, -199 removed lines

@@ -19,214 +19,214 @@
  */
 abstract class Extension
 {
-    // OID's from standard certificate extensions
-    const OID_OBSOLETE_AUTHORITY_KEY_IDENTIFIER = "2.5.29.1";
-    const OID_OBSOLETE_KEY_ATTRIBUTES = "2.5.29.2";
-    const OID_OBSOLETE_CERTIFICATE_POLICIES = "2.5.29.3";
-    const OID_OBSOLETE_KEY_USAGE_RESTRICTION = "2.5.29.4";
-    const OID_OBSOLETE_POLICY_MAPPING = "2.5.29.5";
-    const OID_OBSOLETE_SUBTREES_CONSTRAINT = "2.5.29.6";
-    const OID_OBSOLETE_SUBJECT_ALT_NAME = "2.5.29.7";
-    const OID_OBSOLETE_ISSUER_ALT_NAME = "2.5.29.8";
-    const OID_SUBJECT_DIRECTORY_ATTRIBUTES = "2.5.29.9";
-    const OID_OBSOLETE_BASIC_CONSTRAINTS = "2.5.29.10";
-    const OID_SUBJECT_KEY_IDENTIFIER = "2.5.29.14";
-    const OID_KEY_USAGE = "2.5.29.15";
-    const OID_PRIVATE_KEY_USAGE_PERIOD = "2.5.29.16";
-    const OID_SUBJECT_ALT_NAME = "2.5.29.17";
-    const OID_ISSUER_ALT_NAME = "2.5.29.18";
-    const OID_BASIC_CONSTRAINTS = "2.5.29.19";
-    const OID_CRL_NUMBER = "2.5.29.20";
-    const OID_REASON_CODE = "2.5.29.21";
-    const OID_OBSOLETE_EXPIRATION_DATE = "2.5.29.22";
-    const OID_INSTRUCTION_CODE = "2.5.29.23";
-    const OID_INVALIDITY_DATE = "2.5.29.24";
-    const OID_OBSOLETE_CRL_DISTRIBUTION_POINTS = "2.5.29.25";
-    const OID_OBSOLETE_ISSUING_DISTRIBUTION_POINT = "2.5.29.26";
-    const OID_DELTA_CRL_INDICATOR = "2.5.29.27";
-    const OID_ISSUING_DISTRIBUTION_POINT = "2.5.29.28";
-    const OID_CERTIFICATE_ISSUER = "2.5.29.29";
-    const OID_NAME_CONSTRAINTS = "2.5.29.30";
-    const OID_CRL_DISTRIBUTION_POINTS = "2.5.29.31";
-    const OID_CERTIFICATE_POLICIES = "2.5.29.32";
-    const OID_POLICY_MAPPINGS = "2.5.29.33";
-    const OID_OBSOLETE_POLICY_CONSTRAINTS = "2.5.29.34";
-    const OID_AUTHORITY_KEY_IDENTIFIER = "2.5.29.35";
-    const OID_POLICY_CONSTRAINTS = "2.5.29.36";
-    const OID_EXT_KEY_USAGE = "2.5.29.37";
-    const OID_AUTHORITY_ATTRIBUTE_IDENTIFIER = "2.5.29.38";
-    const OID_ROLE_SPEC_CERT_IDENTIFIER = "2.5.29.39";
-    const OID_CRL_STREAM_IDENTIFIER = "2.5.29.40";
-    const OID_BASIC_ATT_CONSTRAINTS = "2.5.29.41";
-    const OID_DELEGATED_NAME_CONSTRAINTS = "2.5.29.42";
-    const OID_TIME_SPECIFICATION = "2.5.29.43";
-    const OID_CRL_SCOPE = "2.5.29.44";
-    const OID_STATUS_REFERRALS = "2.5.29.45";
-    const OID_FRESHEST_CRL = "2.5.29.46";
-    const OID_ORDERED_LIST = "2.5.29.47";
-    const OID_ATTRIBUTE_DESCRIPTOR = "2.5.29.48";
-    const OID_USER_NOTICE = "2.5.29.49";
-    const OID_SOA_IDENTIFIER = "2.5.29.50";
-    const OID_BASE_UPDATE_TIME = "2.5.29.51";
-    const OID_ACCEPTABLE_CERT_POLICIES = "2.5.29.52";
-    const OID_DELTA_INFO = "2.5.29.53";
-    const OID_INHIBIT_ANY_POLICY = "2.5.29.54";
-    const OID_TARGET_INFORMATION = "2.5.29.55";
-    const OID_NO_REV_AVAIL = "2.5.29.56";
-    const OID_ACCEPTABLE_PRIVILEGE_POLICIES = "2.5.29.57";
-    const OID_TO_BE_REVOKED = "2.5.29.58";
-    const OID_REVOKED_GROUPS = "2.5.29.59";
-    const OID_EXPIRED_CERTS_ON_CRL = "2.5.29.60";
-    const OID_INDIRECT_ISSUER = "2.5.29.61";
-    const OID_NO_ASSERTION = "2.5.29.62";
-    const OID_AA_ISSUING_DISTRIBUTION_POINT = "2.5.29.63";
-    const OID_ISSUED_ON_BEHALF_OF = "2.5.29.64";
-    const OID_SINGLE_USE = "2.5.29.65";
-    const OID_GROUP_AC = "2.5.29.66";
-    const OID_ALLOWED_ATT_ASS = "2.5.29.67";
-    const OID_ATTRIBUTE_MAPPINGS = "2.5.29.68";
-    const OID_HOLDER_NAME_CONSTRAINTS = "2.5.29.69";
+	// OID's from standard certificate extensions
+	const OID_OBSOLETE_AUTHORITY_KEY_IDENTIFIER = "2.5.29.1";
+	const OID_OBSOLETE_KEY_ATTRIBUTES = "2.5.29.2";
+	const OID_OBSOLETE_CERTIFICATE_POLICIES = "2.5.29.3";
+	const OID_OBSOLETE_KEY_USAGE_RESTRICTION = "2.5.29.4";
+	const OID_OBSOLETE_POLICY_MAPPING = "2.5.29.5";
+	const OID_OBSOLETE_SUBTREES_CONSTRAINT = "2.5.29.6";
+	const OID_OBSOLETE_SUBJECT_ALT_NAME = "2.5.29.7";
+	const OID_OBSOLETE_ISSUER_ALT_NAME = "2.5.29.8";
+	const OID_SUBJECT_DIRECTORY_ATTRIBUTES = "2.5.29.9";
+	const OID_OBSOLETE_BASIC_CONSTRAINTS = "2.5.29.10";
+	const OID_SUBJECT_KEY_IDENTIFIER = "2.5.29.14";
+	const OID_KEY_USAGE = "2.5.29.15";
+	const OID_PRIVATE_KEY_USAGE_PERIOD = "2.5.29.16";
+	const OID_SUBJECT_ALT_NAME = "2.5.29.17";
+	const OID_ISSUER_ALT_NAME = "2.5.29.18";
+	const OID_BASIC_CONSTRAINTS = "2.5.29.19";
+	const OID_CRL_NUMBER = "2.5.29.20";
+	const OID_REASON_CODE = "2.5.29.21";
+	const OID_OBSOLETE_EXPIRATION_DATE = "2.5.29.22";
+	const OID_INSTRUCTION_CODE = "2.5.29.23";
+	const OID_INVALIDITY_DATE = "2.5.29.24";
+	const OID_OBSOLETE_CRL_DISTRIBUTION_POINTS = "2.5.29.25";
+	const OID_OBSOLETE_ISSUING_DISTRIBUTION_POINT = "2.5.29.26";
+	const OID_DELTA_CRL_INDICATOR = "2.5.29.27";
+	const OID_ISSUING_DISTRIBUTION_POINT = "2.5.29.28";
+	const OID_CERTIFICATE_ISSUER = "2.5.29.29";
+	const OID_NAME_CONSTRAINTS = "2.5.29.30";
+	const OID_CRL_DISTRIBUTION_POINTS = "2.5.29.31";
+	const OID_CERTIFICATE_POLICIES = "2.5.29.32";
+	const OID_POLICY_MAPPINGS = "2.5.29.33";
+	const OID_OBSOLETE_POLICY_CONSTRAINTS = "2.5.29.34";
+	const OID_AUTHORITY_KEY_IDENTIFIER = "2.5.29.35";
+	const OID_POLICY_CONSTRAINTS = "2.5.29.36";
+	const OID_EXT_KEY_USAGE = "2.5.29.37";
+	const OID_AUTHORITY_ATTRIBUTE_IDENTIFIER = "2.5.29.38";
+	const OID_ROLE_SPEC_CERT_IDENTIFIER = "2.5.29.39";
+	const OID_CRL_STREAM_IDENTIFIER = "2.5.29.40";
+	const OID_BASIC_ATT_CONSTRAINTS = "2.5.29.41";
+	const OID_DELEGATED_NAME_CONSTRAINTS = "2.5.29.42";
+	const OID_TIME_SPECIFICATION = "2.5.29.43";
+	const OID_CRL_SCOPE = "2.5.29.44";
+	const OID_STATUS_REFERRALS = "2.5.29.45";
+	const OID_FRESHEST_CRL = "2.5.29.46";
+	const OID_ORDERED_LIST = "2.5.29.47";
+	const OID_ATTRIBUTE_DESCRIPTOR = "2.5.29.48";
+	const OID_USER_NOTICE = "2.5.29.49";
+	const OID_SOA_IDENTIFIER = "2.5.29.50";
+	const OID_BASE_UPDATE_TIME = "2.5.29.51";
+	const OID_ACCEPTABLE_CERT_POLICIES = "2.5.29.52";
+	const OID_DELTA_INFO = "2.5.29.53";
+	const OID_INHIBIT_ANY_POLICY = "2.5.29.54";
+	const OID_TARGET_INFORMATION = "2.5.29.55";
+	const OID_NO_REV_AVAIL = "2.5.29.56";
+	const OID_ACCEPTABLE_PRIVILEGE_POLICIES = "2.5.29.57";
+	const OID_TO_BE_REVOKED = "2.5.29.58";
+	const OID_REVOKED_GROUPS = "2.5.29.59";
+	const OID_EXPIRED_CERTS_ON_CRL = "2.5.29.60";
+	const OID_INDIRECT_ISSUER = "2.5.29.61";
+	const OID_NO_ASSERTION = "2.5.29.62";
+	const OID_AA_ISSUING_DISTRIBUTION_POINT = "2.5.29.63";
+	const OID_ISSUED_ON_BEHALF_OF = "2.5.29.64";
+	const OID_SINGLE_USE = "2.5.29.65";
+	const OID_GROUP_AC = "2.5.29.66";
+	const OID_ALLOWED_ATT_ASS = "2.5.29.67";
+	const OID_ATTRIBUTE_MAPPINGS = "2.5.29.68";
+	const OID_HOLDER_NAME_CONSTRAINTS = "2.5.29.69";
     
-    // OID's from private certificate extensions arc
-    const OID_AA_CONTROLS = "1.3.6.1.5.5.7.1.6";
+	// OID's from private certificate extensions arc
+	const OID_AA_CONTROLS = "1.3.6.1.5.5.7.1.6";
     
-    /**
-     * Mapping from extension ID to implementation class name.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const MAP_OID_TO_CLASS = array(
-        /* @formatter:off */
-        self::OID_AUTHORITY_KEY_IDENTIFIER => AuthorityKeyIdentifierExtension::class,
-        self::OID_SUBJECT_KEY_IDENTIFIER => SubjectKeyIdentifierExtension::class,
-        self::OID_KEY_USAGE => KeyUsageExtension::class,
-        self::OID_CERTIFICATE_POLICIES => CertificatePoliciesExtension::class,
-        self::OID_POLICY_MAPPINGS => PolicyMappingsExtension::class,
-        self::OID_SUBJECT_ALT_NAME => SubjectAlternativeNameExtension::class,
-        self::OID_ISSUER_ALT_NAME => IssuerAlternativeNameExtension::class,
-        self::OID_SUBJECT_DIRECTORY_ATTRIBUTES => SubjectDirectoryAttributesExtension::class,
-        self::OID_BASIC_CONSTRAINTS => BasicConstraintsExtension::class,
-        self::OID_NAME_CONSTRAINTS => NameConstraintsExtension::class,
-        self::OID_POLICY_CONSTRAINTS => PolicyConstraintsExtension::class,
-        self::OID_EXT_KEY_USAGE => ExtendedKeyUsageExtension::class,
-        self::OID_CRL_DISTRIBUTION_POINTS => CRLDistributionPointsExtension::class,
-        self::OID_INHIBIT_ANY_POLICY => InhibitAnyPolicyExtension::class,
-        self::OID_FRESHEST_CRL => FreshestCRLExtension::class,
-        self::OID_NO_REV_AVAIL => NoRevocationAvailableExtension::class,
-        self::OID_TARGET_INFORMATION => TargetInformationExtension::class,
-        self::OID_AA_CONTROLS => AAControlsExtension::class
-        /* @formatter:on */
-    );
+	/**
+	 * Mapping from extension ID to implementation class name.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const MAP_OID_TO_CLASS = array(
+		/* @formatter:off */
+		self::OID_AUTHORITY_KEY_IDENTIFIER => AuthorityKeyIdentifierExtension::class,
+		self::OID_SUBJECT_KEY_IDENTIFIER => SubjectKeyIdentifierExtension::class,
+		self::OID_KEY_USAGE => KeyUsageExtension::class,
+		self::OID_CERTIFICATE_POLICIES => CertificatePoliciesExtension::class,
+		self::OID_POLICY_MAPPINGS => PolicyMappingsExtension::class,
+		self::OID_SUBJECT_ALT_NAME => SubjectAlternativeNameExtension::class,
+		self::OID_ISSUER_ALT_NAME => IssuerAlternativeNameExtension::class,
+		self::OID_SUBJECT_DIRECTORY_ATTRIBUTES => SubjectDirectoryAttributesExtension::class,
+		self::OID_BASIC_CONSTRAINTS => BasicConstraintsExtension::class,
+		self::OID_NAME_CONSTRAINTS => NameConstraintsExtension::class,
+		self::OID_POLICY_CONSTRAINTS => PolicyConstraintsExtension::class,
+		self::OID_EXT_KEY_USAGE => ExtendedKeyUsageExtension::class,
+		self::OID_CRL_DISTRIBUTION_POINTS => CRLDistributionPointsExtension::class,
+		self::OID_INHIBIT_ANY_POLICY => InhibitAnyPolicyExtension::class,
+		self::OID_FRESHEST_CRL => FreshestCRLExtension::class,
+		self::OID_NO_REV_AVAIL => NoRevocationAvailableExtension::class,
+		self::OID_TARGET_INFORMATION => TargetInformationExtension::class,
+		self::OID_AA_CONTROLS => AAControlsExtension::class
+		/* @formatter:on */
+	);
     
-    /**
-     * Extension's OID.
-     *
-     * @var string $_oid
-     */
-    protected $_oid;
+	/**
+	 * Extension's OID.
+	 *
+	 * @var string $_oid
+	 */
+	protected $_oid;
     
-    /**
-     * Whether extension is critical.
-     *
-     * @var bool $_critical
-     */
-    protected $_critical;
+	/**
+	 * Whether extension is critical.
+	 *
+	 * @var bool $_critical
+	 */
+	protected $_critical;
     
-    /**
-     * Get ASN.1 structure of the extension value.
-     *
-     * @return Element
-     */
-    abstract protected function _valueASN1();
+	/**
+	 * Get ASN.1 structure of the extension value.
+	 *
+	 * @return Element
+	 */
+	abstract protected function _valueASN1();
     
-    /**
-     * Parse extension value from DER.
-     *
-     * @param string $data DER data
-     * @param bool $critical Whether extension is critical
-     * @throws \BadMethodCallException
-     * @return self
-     */
-    protected static function _fromDER($data, $critical)
-    {
-        throw new \BadMethodCallException(
-            __FUNCTION__ . " must be implemented in derived class.");
-    }
+	/**
+	 * Parse extension value from DER.
+	 *
+	 * @param string $data DER data
+	 * @param bool $critical Whether extension is critical
+	 * @throws \BadMethodCallException
+	 * @return self
+	 */
+	protected static function _fromDER($data, $critical)
+	{
+		throw new \BadMethodCallException(
+			__FUNCTION__ . " must be implemented in derived class.");
+	}
     
-    /**
-     * Constructor.
-     *
-     * @param string $oid Extension OID
-     * @param bool $critical Whether extension is critical
-     */
-    public function __construct(string $oid, bool $critical)
-    {
-        $this->_oid = $oid;
-        $this->_critical = $critical;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $oid Extension OID
+	 * @param bool $critical Whether extension is critical
+	 */
+	public function __construct(string $oid, bool $critical)
+	{
+		$this->_oid = $oid;
+		$this->_critical = $critical;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq)
-    {
-        $extnID = $seq->at(0)
-            ->asObjectIdentifier()
-            ->oid();
-        $critical = false;
-        $idx = 1;
-        if ($seq->has($idx, Element::TYPE_BOOLEAN)) {
-            $critical = $seq->at($idx++)
-                ->asBoolean()
-                ->value();
-        }
-        $data = $seq->at($idx)
-            ->asOctetString()
-            ->string();
-        if (array_key_exists($extnID, self::MAP_OID_TO_CLASS)) {
-            $cls = self::MAP_OID_TO_CLASS[$extnID];
-            return $cls::_fromDER($data, $critical);
-        }
-        return new UnknownExtension($extnID, $critical, new DERData($data));
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq)
+	{
+		$extnID = $seq->at(0)
+			->asObjectIdentifier()
+			->oid();
+		$critical = false;
+		$idx = 1;
+		if ($seq->has($idx, Element::TYPE_BOOLEAN)) {
+			$critical = $seq->at($idx++)
+				->asBoolean()
+				->value();
+		}
+		$data = $seq->at($idx)
+			->asOctetString()
+			->string();
+		if (array_key_exists($extnID, self::MAP_OID_TO_CLASS)) {
+			$cls = self::MAP_OID_TO_CLASS[$extnID];
+			return $cls::_fromDER($data, $critical);
+		}
+		return new UnknownExtension($extnID, $critical, new DERData($data));
+	}
     
-    /**
-     * Get extension OID.
-     *
-     * @return string
-     */
-    public function oid(): string
-    {
-        return $this->_oid;
-    }
+	/**
+	 * Get extension OID.
+	 *
+	 * @return string
+	 */
+	public function oid(): string
+	{
+		return $this->_oid;
+	}
     
-    /**
-     * Check whether extension is critical.
-     *
-     * @return bool
-     */
-    public function isCritical(): bool
-    {
-        return $this->_critical;
-    }
+	/**
+	 * Check whether extension is critical.
+	 *
+	 * @return bool
+	 */
+	public function isCritical(): bool
+	{
+		return $this->_critical;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array(new ObjectIdentifier($this->_oid));
-        if ($this->_critical) {
-            $elements[] = new Boolean(true);
-        }
-        $elements[] = new OctetString($this->_valueASN1()->toDER());
-        return new Sequence(...$elements);
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array(new ObjectIdentifier($this->_oid));
+		if ($this->_critical) {
+			$elements[] = new Boolean(true);
+		}
+		$elements[] = new OctetString($this->_valueASN1()->toDER());
+		return new Sequence(...$elements);
+	}
 }

lib/X509/Certificate/Extension/SubjectAlternativeNameExtension.php

Indentation +45 added lines, -45 removed lines

@@ -14,53 +14,53 @@
  */
 class SubjectAlternativeNameExtension extends Extension
 {
-    /**
-     * Names.
-     *
-     * @var GeneralNames $_names
-     */
-    protected $_names;
+	/**
+	 * Names.
+	 *
+	 * @var GeneralNames $_names
+	 */
+	protected $_names;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param GeneralNames $names
-     */
-    public function __construct(bool $critical, GeneralNames $names)
-    {
-        parent::__construct(self::OID_SUBJECT_ALT_NAME, $critical);
-        $this->_names = $names;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param GeneralNames $names
+	 */
+	public function __construct(bool $critical, GeneralNames $names)
+	{
+		parent::__construct(self::OID_SUBJECT_ALT_NAME, $critical);
+		$this->_names = $names;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER($data, $critical)
-    {
-        return new self($critical,
-            GeneralNames::fromASN1(Sequence::fromDER($data)));
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER($data, $critical)
+	{
+		return new self($critical,
+			GeneralNames::fromASN1(Sequence::fromDER($data)));
+	}
     
-    /**
-     * Get names.
-     *
-     * @return GeneralNames
-     */
-    public function names(): GeneralNames
-    {
-        return $this->_names;
-    }
+	/**
+	 * Get names.
+	 *
+	 * @return GeneralNames
+	 */
+	public function names(): GeneralNames
+	{
+		return $this->_names;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        return $this->_names->toASN1();
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		return $this->_names->toASN1();
+	}
 }

lib/X509/Certificate/Extension/PolicyMappings/PolicyMapping.php

Indentation +67 added lines, -67 removed lines

@@ -15,77 +15,77 @@
  */
 class PolicyMapping
 {
-    /**
-     * OID of the issuer policy.
-     *
-     * @var string $_issuerDomainPolicy
-     */
-    protected $_issuerDomainPolicy;
+	/**
+	 * OID of the issuer policy.
+	 *
+	 * @var string $_issuerDomainPolicy
+	 */
+	protected $_issuerDomainPolicy;
     
-    /**
-     * OID of the subject policy.
-     *
-     * @var string $_subjectDomainPolicy
-     */
-    protected $_subjectDomainPolicy;
+	/**
+	 * OID of the subject policy.
+	 *
+	 * @var string $_subjectDomainPolicy
+	 */
+	protected $_subjectDomainPolicy;
     
-    /**
-     * Constructor.
-     *
-     * @param string $issuer_policy OID of the issuer policy
-     * @param string $subject_policy OID of the subject policy
-     */
-    public function __construct($issuer_policy, $subject_policy)
-    {
-        $this->_issuerDomainPolicy = $issuer_policy;
-        $this->_subjectDomainPolicy = $subject_policy;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $issuer_policy OID of the issuer policy
+	 * @param string $subject_policy OID of the subject policy
+	 */
+	public function __construct($issuer_policy, $subject_policy)
+	{
+		$this->_issuerDomainPolicy = $issuer_policy;
+		$this->_subjectDomainPolicy = $subject_policy;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq)
-    {
-        $issuer_policy = $seq->at(0)
-            ->asObjectIdentifier()
-            ->oid();
-        $subject_policy = $seq->at(1)
-            ->asObjectIdentifier()
-            ->oid();
-        return new self($issuer_policy, $subject_policy);
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq)
+	{
+		$issuer_policy = $seq->at(0)
+			->asObjectIdentifier()
+			->oid();
+		$subject_policy = $seq->at(1)
+			->asObjectIdentifier()
+			->oid();
+		return new self($issuer_policy, $subject_policy);
+	}
     
-    /**
-     * Get issuer domain policy.
-     *
-     * @return string OID in dotted format
-     */
-    public function issuerDomainPolicy(): string
-    {
-        return $this->_issuerDomainPolicy;
-    }
+	/**
+	 * Get issuer domain policy.
+	 *
+	 * @return string OID in dotted format
+	 */
+	public function issuerDomainPolicy(): string
+	{
+		return $this->_issuerDomainPolicy;
+	}
     
-    /**
-     * Get subject domain policy.
-     *
-     * @return string OID in dotted format
-     */
-    public function subjectDomainPolicy(): string
-    {
-        return $this->_subjectDomainPolicy;
-    }
+	/**
+	 * Get subject domain policy.
+	 *
+	 * @return string OID in dotted format
+	 */
+	public function subjectDomainPolicy(): string
+	{
+		return $this->_subjectDomainPolicy;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        return new Sequence(new ObjectIdentifier($this->_issuerDomainPolicy),
-            new ObjectIdentifier($this->_subjectDomainPolicy));
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		return new Sequence(new ObjectIdentifier($this->_issuerDomainPolicy),
+			new ObjectIdentifier($this->_subjectDomainPolicy));
+	}
 }

lib/X509/Certificate/Extension/PolicyConstraintsExtension.php

Indentation +111 added lines, -111 removed lines

@@ -16,123 +16,123 @@
  */
 class PolicyConstraintsExtension extends Extension
 {
-    /**
-     *
-     * @var int $_requireExplicitPolicy
-     */
-    protected $_requireExplicitPolicy;
+	/**
+	 *
+	 * @var int $_requireExplicitPolicy
+	 */
+	protected $_requireExplicitPolicy;
     
-    /**
-     *
-     * @var int $_inhibitPolicyMapping
-     */
-    protected $_inhibitPolicyMapping;
+	/**
+	 *
+	 * @var int $_inhibitPolicyMapping
+	 */
+	protected $_inhibitPolicyMapping;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param int|null $require_explicit_policy
-     * @param int|null $inhibit_policy_mapping
-     */
-    public function __construct(bool $critical, $require_explicit_policy = null,
-        $inhibit_policy_mapping = null)
-    {
-        parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
-        $this->_requireExplicitPolicy = $require_explicit_policy;
-        $this->_inhibitPolicyMapping = $inhibit_policy_mapping;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param int|null $require_explicit_policy
+	 * @param int|null $inhibit_policy_mapping
+	 */
+	public function __construct(bool $critical, $require_explicit_policy = null,
+		$inhibit_policy_mapping = null)
+	{
+		parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
+		$this->_requireExplicitPolicy = $require_explicit_policy;
+		$this->_inhibitPolicyMapping = $inhibit_policy_mapping;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER($data, $critical)
-    {
-        $seq = Sequence::fromDER($data);
-        $require_explicit_policy = null;
-        $inhibit_policy_mapping = null;
-        if ($seq->hasTagged(0)) {
-            $require_explicit_policy = $seq->getTagged(0)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->number();
-        }
-        if ($seq->hasTagged(1)) {
-            $inhibit_policy_mapping = $seq->getTagged(1)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->number();
-        }
-        return new self($critical, $require_explicit_policy,
-            $inhibit_policy_mapping);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER($data, $critical)
+	{
+		$seq = Sequence::fromDER($data);
+		$require_explicit_policy = null;
+		$inhibit_policy_mapping = null;
+		if ($seq->hasTagged(0)) {
+			$require_explicit_policy = $seq->getTagged(0)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->number();
+		}
+		if ($seq->hasTagged(1)) {
+			$inhibit_policy_mapping = $seq->getTagged(1)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->number();
+		}
+		return new self($critical, $require_explicit_policy,
+			$inhibit_policy_mapping);
+	}
     
-    /**
-     * Whether requireExplicitPolicy is present.
-     *
-     * @return bool
-     */
-    public function hasRequireExplicitPolicy(): bool
-    {
-        return isset($this->_requireExplicitPolicy);
-    }
+	/**
+	 * Whether requireExplicitPolicy is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRequireExplicitPolicy(): bool
+	{
+		return isset($this->_requireExplicitPolicy);
+	}
     
-    /**
-     * Get requireExplicitPolicy.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function requireExplicitPolicy()
-    {
-        if (!$this->hasRequireExplicitPolicy()) {
-            throw new \LogicException("requireExplicitPolicy not set.");
-        }
-        return $this->_requireExplicitPolicy;
-    }
+	/**
+	 * Get requireExplicitPolicy.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function requireExplicitPolicy()
+	{
+		if (!$this->hasRequireExplicitPolicy()) {
+			throw new \LogicException("requireExplicitPolicy not set.");
+		}
+		return $this->_requireExplicitPolicy;
+	}
     
-    /**
-     * Whether inhibitPolicyMapping is present.
-     *
-     * @return bool
-     */
-    public function hasInhibitPolicyMapping(): bool
-    {
-        return isset($this->_inhibitPolicyMapping);
-    }
+	/**
+	 * Whether inhibitPolicyMapping is present.
+	 *
+	 * @return bool
+	 */
+	public function hasInhibitPolicyMapping(): bool
+	{
+		return isset($this->_inhibitPolicyMapping);
+	}
     
-    /**
-     * Get inhibitPolicyMapping.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function inhibitPolicyMapping()
-    {
-        if (!$this->hasInhibitPolicyMapping()) {
-            throw new \LogicException("inhibitPolicyMapping not set.");
-        }
-        return $this->_inhibitPolicyMapping;
-    }
+	/**
+	 * Get inhibitPolicyMapping.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function inhibitPolicyMapping()
+	{
+		if (!$this->hasInhibitPolicyMapping()) {
+			throw new \LogicException("inhibitPolicyMapping not set.");
+		}
+		return $this->_inhibitPolicyMapping;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1()
-    {
-        $elements = array();
-        if (isset($this->_requireExplicitPolicy)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                new Integer($this->_requireExplicitPolicy));
-        }
-        if (isset($this->_inhibitPolicyMapping)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                new Integer($this->_inhibitPolicyMapping));
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1()
+	{
+		$elements = array();
+		if (isset($this->_requireExplicitPolicy)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				new Integer($this->_requireExplicitPolicy));
+		}
+		if (isset($this->_inhibitPolicyMapping)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				new Integer($this->_inhibitPolicyMapping));
+		}
+		return new Sequence(...$elements);
+	}
 }

lib/X509/Certificate/Extension/AuthorityKeyIdentifierExtension.php

Indentation +156 added lines, -156 removed lines

@@ -18,170 +18,170 @@
  */
 class AuthorityKeyIdentifierExtension extends Extension
 {
-    /**
-     * Key identifier.
-     *
-     * @var string|null $_keyIdentifier
-     */
-    protected $_keyIdentifier;
+	/**
+	 * Key identifier.
+	 *
+	 * @var string|null $_keyIdentifier
+	 */
+	protected $_keyIdentifier;
 
-    /**
-     * Issuer name.
-     *
-     * @var GeneralNames|null $_authorityCertIssuer
-     */
-    protected $_authorityCertIssuer;
+	/**
+	 * Issuer name.
+	 *
+	 * @var GeneralNames|null $_authorityCertIssuer
+	 */
+	protected $_authorityCertIssuer;
 
-    /**
-     * Issuer serial number.
-     *
-     * @var int|string|null $_authorityCertSerialNumber
-     */
-    protected $_authorityCertSerialNumber;
+	/**
+	 * Issuer serial number.
+	 *
+	 * @var int|string|null $_authorityCertSerialNumber
+	 */
+	protected $_authorityCertSerialNumber;
 
-    /**
-     * Constructor.
-     *
-     * @param bool $critical Conforming CA's must mark as non-critical (false)
-     * @param string|null $keyIdentifier
-     * @param GeneralNames|null $issuer
-     * @param int|string|null $serial
-     */
-    public function __construct(bool $critical, $keyIdentifier,
-        GeneralNames $issuer = null, $serial = null)
-    {
-        parent::__construct(self::OID_AUTHORITY_KEY_IDENTIFIER, $critical);
-        $this->_keyIdentifier = $keyIdentifier;
-        $this->_authorityCertIssuer = $issuer;
-        $this->_authorityCertSerialNumber = $serial;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical Conforming CA's must mark as non-critical (false)
+	 * @param string|null $keyIdentifier
+	 * @param GeneralNames|null $issuer
+	 * @param int|string|null $serial
+	 */
+	public function __construct(bool $critical, $keyIdentifier,
+		GeneralNames $issuer = null, $serial = null)
+	{
+		parent::__construct(self::OID_AUTHORITY_KEY_IDENTIFIER, $critical);
+		$this->_keyIdentifier = $keyIdentifier;
+		$this->_authorityCertIssuer = $issuer;
+		$this->_authorityCertSerialNumber = $serial;
+	}
 
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER($data, $critical)
-    {
-        $seq = Sequence::fromDER($data);
-        $keyIdentifier = null;
-        $issuer = null;
-        $serial = null;
-        if ($seq->hasTagged(0)) {
-            $keyIdentifier = $seq->getTagged(0)
-                ->asImplicit(Element::TYPE_OCTET_STRING)
-                ->asOctetString()
-                ->string();
-        }
-        if ($seq->hasTagged(1) || $seq->hasTagged(2)) {
-            if (!$seq->hasTagged(1) || !$seq->hasTagged(2)) {
-                throw new \UnexpectedValueException(
-                    "AuthorityKeyIdentifier must have both" .
-                         " authorityCertIssuer and authorityCertSerialNumber" .
-                         " present or both absent.");
-            }
-            $issuer = GeneralNames::fromASN1(
-                $seq->getTagged(1)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-            $serial = $seq->getTagged(2)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->number();
-        }
-        return new self($critical, $keyIdentifier, $issuer, $serial);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER($data, $critical)
+	{
+		$seq = Sequence::fromDER($data);
+		$keyIdentifier = null;
+		$issuer = null;
+		$serial = null;
+		if ($seq->hasTagged(0)) {
+			$keyIdentifier = $seq->getTagged(0)
+				->asImplicit(Element::TYPE_OCTET_STRING)
+				->asOctetString()
+				->string();
+		}
+		if ($seq->hasTagged(1) || $seq->hasTagged(2)) {
+			if (!$seq->hasTagged(1) || !$seq->hasTagged(2)) {
+				throw new \UnexpectedValueException(
+					"AuthorityKeyIdentifier must have both" .
+						 " authorityCertIssuer and authorityCertSerialNumber" .
+						 " present or both absent.");
+			}
+			$issuer = GeneralNames::fromASN1(
+				$seq->getTagged(1)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+			$serial = $seq->getTagged(2)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->number();
+		}
+		return new self($critical, $keyIdentifier, $issuer, $serial);
+	}
 
-    /**
-     * Whether key identifier is present.
-     *
-     * @return bool
-     */
-    public function hasKeyIdentifier(): bool
-    {
-        return isset($this->_keyIdentifier);
-    }
+	/**
+	 * Whether key identifier is present.
+	 *
+	 * @return bool
+	 */
+	public function hasKeyIdentifier(): bool
+	{
+		return isset($this->_keyIdentifier);
+	}
     
-    /**
-     * Get key identifier.
-     *
-     * @throws \LogicException
-     * @return string
-     */
-    public function keyIdentifier(): string
-    {
-        if (!$this->hasKeyIdentifier()) {
-            throw new \LogicException("keyIdentifier not set.");
-        }
-        return $this->_keyIdentifier;
-    }
+	/**
+	 * Get key identifier.
+	 *
+	 * @throws \LogicException
+	 * @return string
+	 */
+	public function keyIdentifier(): string
+	{
+		if (!$this->hasKeyIdentifier()) {
+			throw new \LogicException("keyIdentifier not set.");
+		}
+		return $this->_keyIdentifier;
+	}
     
-    /**
-     * Whether issuer is present.
-     *
-     * @return bool
-     */
-    public function hasIssuer(): bool
-    {
-        return isset($this->_authorityCertIssuer);
-    }
+	/**
+	 * Whether issuer is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuer(): bool
+	{
+		return isset($this->_authorityCertIssuer);
+	}
     
-    /**
-     * Get issuer.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function issuer(): GeneralNames
-    {
-        if (!$this->hasIssuer()) {
-            throw new \LogicException("authorityCertIssuer not set.");
-        }
-        return $this->_authorityCertIssuer;
-    }
+	/**
+	 * Get issuer.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function issuer(): GeneralNames
+	{
+		if (!$this->hasIssuer()) {
+			throw new \LogicException("authorityCertIssuer not set.");
+		}
+		return $this->_authorityCertIssuer;
+	}
     
-    /**
-     * Get serial number.
-     *
-     * @throws \LogicException
-     * @return int|string
-     */
-    public function serial()
-    {
-        // both issuer and serial must be present or both absent
-        if (!$this->hasIssuer()) {
-            throw new \LogicException("authorityCertSerialNumber not set.");
-        }
-        return $this->_authorityCertSerialNumber;
-    }
+	/**
+	 * Get serial number.
+	 *
+	 * @throws \LogicException
+	 * @return int|string
+	 */
+	public function serial()
+	{
+		// both issuer and serial must be present or both absent
+		if (!$this->hasIssuer()) {
+			throw new \LogicException("authorityCertSerialNumber not set.");
+		}
+		return $this->_authorityCertSerialNumber;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1()
-    {
-        $elements = array();
-        if (isset($this->_keyIdentifier)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                new OctetString($this->_keyIdentifier));
-        }
-        // if either issuer or serial is set, both must be set
-        if (isset($this->_authorityCertIssuer) ||
-             isset($this->_authorityCertSerialNumber)) {
-            if (!isset($this->_authorityCertIssuer,
-                $this->_authorityCertSerialNumber)) {
-                throw new \LogicException(
-                    "AuthorityKeyIdentifier must have both" .
-                     " authorityCertIssuer and authorityCertSerialNumber" .
-                     " present or both absent.");
-            }
-            $elements[] = new ImplicitlyTaggedType(1,
-                $this->_authorityCertIssuer->toASN1());
-            $elements[] = new ImplicitlyTaggedType(2,
-                new Integer($this->_authorityCertSerialNumber));
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1()
+	{
+		$elements = array();
+		if (isset($this->_keyIdentifier)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				new OctetString($this->_keyIdentifier));
+		}
+		// if either issuer or serial is set, both must be set
+		if (isset($this->_authorityCertIssuer) ||
+			 isset($this->_authorityCertSerialNumber)) {
+			if (!isset($this->_authorityCertIssuer,
+				$this->_authorityCertSerialNumber)) {
+				throw new \LogicException(
+					"AuthorityKeyIdentifier must have both" .
+					 " authorityCertIssuer and authorityCertSerialNumber" .
+					 " present or both absent.");
+			}
+			$elements[] = new ImplicitlyTaggedType(1,
+				$this->_authorityCertIssuer->toASN1());
+			$elements[] = new ImplicitlyTaggedType(2,
+				new Integer($this->_authorityCertSerialNumber));
+		}
+		return new Sequence(...$elements);
+	}
 }

lib/X509/Certificate/Extension/SubjectDirectoryAttributesExtension.php

Indentation +47 added lines, -47 removed lines

@@ -15,55 +15,55 @@
  * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.8
  */
 class SubjectDirectoryAttributesExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    use AttributeContainer;
+	use AttributeContainer;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param Attribute ...$attribs One or more Attribute objects
-     */
-    public function __construct(bool $critical, Attribute ...$attribs)
-    {
-        parent::__construct(self::OID_SUBJECT_DIRECTORY_ATTRIBUTES, $critical);
-        $this->_attributes = $attribs;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param Attribute ...$attribs One or more Attribute objects
+	 */
+	public function __construct(bool $critical, Attribute ...$attribs)
+	{
+		parent::__construct(self::OID_SUBJECT_DIRECTORY_ATTRIBUTES, $critical);
+		$this->_attributes = $attribs;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER($data, $critical)
-    {
-        $attribs = array_map(
-            function (UnspecifiedType $el) {
-                return Attribute::fromASN1($el->asSequence());
-            }, Sequence::fromDER($data)->elements());
-        if (!count($attribs)) {
-            throw new \UnexpectedValueException(
-                "SubjectDirectoryAttributes must have at least one Attribute.");
-        }
-        return new self($critical, ...$attribs);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER($data, $critical)
+	{
+		$attribs = array_map(
+			function (UnspecifiedType $el) {
+				return Attribute::fromASN1($el->asSequence());
+			}, Sequence::fromDER($data)->elements());
+		if (!count($attribs)) {
+			throw new \UnexpectedValueException(
+				"SubjectDirectoryAttributes must have at least one Attribute.");
+		}
+		return new self($critical, ...$attribs);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        if (!count($this->_attributes)) {
-            throw new \LogicException("No attributes");
-        }
-        $elements = array_map(
-            function (Attribute $attr) {
-                return $attr->toASN1();
-            }, array_values($this->_attributes));
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		if (!count($this->_attributes)) {
+			throw new \LogicException("No attributes");
+		}
+		$elements = array_map(
+			function (Attribute $attr) {
+				return $attr->toASN1();
+			}, array_values($this->_attributes));
+		return new Sequence(...$elements);
+	}
 }