sop / x509

examples/issue-cert.php

Indentation +9 added lines, -9 removed lines

@@ -25,27 +25,27 @@
 $csr = CertificationRequest::fromPEM(PEM::fromFile($argv[2]));
 // verify CSR
 if (!$csr->verify()) {
-    echo "Failed to verify certification request signature.\n";
-    exit(1);
+	echo "Failed to verify certification request signature.\n";
+	exit(1);
 }
 // load CA's private key from PEM
 $private_key_info = PrivateKeyInfo::fromPEM(
-    PEM::fromFile(dirname(__DIR__) . "/test/assets/rsa/private_key.pem"));
+	PEM::fromFile(dirname(__DIR__) . "/test/assets/rsa/private_key.pem"));
 // initialize certificate from CSR and issuer's certificate
 $tbs_cert = TBSCertificate::fromCSR($csr)->withIssuerCertificate($issuer_cert);
 // set random serial number
 $tbs_cert = $tbs_cert->withRandomSerialNumber();
 // set validity period
 $tbs_cert = $tbs_cert->withValidity(
-    Validity::fromStrings("now", "now + 3 months"));
+	Validity::fromStrings("now", "now + 3 months"));
 // add extensions
 $tbs_cert = $tbs_cert->withAdditionalExtensions(
-    new KeyUsageExtension(true,
-        KeyUsageExtension::DIGITAL_SIGNATURE |
-             KeyUsageExtension::KEY_ENCIPHERMENT),
-    new BasicConstraintsExtension(true, false));
+	new KeyUsageExtension(true,
+		KeyUsageExtension::DIGITAL_SIGNATURE |
+			 KeyUsageExtension::KEY_ENCIPHERMENT),
+	new BasicConstraintsExtension(true, false));
 // sign certificate with issuer's private key
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
-    $private_key_info->algorithmIdentifier(), new SHA512AlgorithmIdentifier());
+	$private_key_info->algorithmIdentifier(), new SHA512AlgorithmIdentifier());
 $cert = $tbs_cert->sign($algo, $private_key_info);
 echo $cert;

examples/create-csr.php

Indentation +2 added lines, -2 removed lines

@@ -16,7 +16,7 @@ 
 
 // load EC private key from PEM
 $private_key_info = PrivateKeyInfo::fromPEM(
-    PEM::fromFile(dirname(__DIR__) . "/test/assets/ec/private_key.pem"));
+	PEM::fromFile(dirname(__DIR__) . "/test/assets/ec/private_key.pem"));
 // extract public key from private key
 $public_key_info = $private_key_info->publicKeyInfo();
 // DN of the subject
@@ -25,6 +25,6 @@ 
 $cri = new CertificationRequestInfo($subject, $public_key_info);
 // sign certificate request with private key
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
-    $private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
+	$private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
 $csr = $cri->sign($algo, $private_key_info);
 echo $csr;

examples/path-validate.php

Indentation +8 added lines, -8 removed lines

@@ -28,19 +28,19 @@
 // build certification path from CA to end-entity certificate
 $path = CertificationPath::fromTrustAnchorToTarget($ca, $cert);
 foreach ($path->certificates() as $idx => $cert) {
-    printf("#%d: %s\n", $idx,
-        $cert->tbsCertificate()
-            ->subject()
-            ->toString());
+	printf("#%d: %s\n", $idx,
+		$cert->tbsCertificate()
+			->subject()
+			->toString());
 }
 // validate certification path with default configuration
 $config = PathValidationConfig::defaultConfig();
 $result = $path->validate($config);
 printf("Certificate '%s' is valid.\n",
-    $result->certificate()
-        ->tbsCertificate()
-        ->subject()
-        ->toString());
+	$result->certificate()
+		->tbsCertificate()
+		->subject()
+		->toString());
 // remove temporary files
 unlink($ca_file);
 unlink($csr_file);

lib/X509/CertificationPath/PathValidation/PathValidationConfig.php

Indentation +245 added lines, -245 removed lines

@@ -12,274 +12,274 @@
  */
 class PathValidationConfig
 {
-    /**
-     * Maximum allowed certification path length.
-     *
-     * @var int $_maxLength
-     */
-    protected $_maxLength;
+	/**
+	 * Maximum allowed certification path length.
+	 *
+	 * @var int $_maxLength
+	 */
+	protected $_maxLength;
     
-    /**
-     * Reference time.
-     *
-     * @var \DateTimeImmutable $_dateTime
-     */
-    protected $_dateTime;
+	/**
+	 * Reference time.
+	 *
+	 * @var \DateTimeImmutable $_dateTime
+	 */
+	protected $_dateTime;
     
-    /**
-     * List of acceptable policy identifiers.
-     *
-     * @var string[] $_policySet
-     */
-    protected $_policySet;
+	/**
+	 * List of acceptable policy identifiers.
+	 *
+	 * @var string[] $_policySet
+	 */
+	protected $_policySet;
     
-    /**
-     * Trust anchor certificate.
-     *
-     * If not set, path validation uses the first certificate of the path.
-     *
-     * @var Certificate|null $_trustAnchor
-     */
-    protected $_trustAnchor;
+	/**
+	 * Trust anchor certificate.
+	 *
+	 * If not set, path validation uses the first certificate of the path.
+	 *
+	 * @var Certificate|null $_trustAnchor
+	 */
+	protected $_trustAnchor;
     
-    /**
-     * Whether policy mapping in inhibited.
-     *
-     * Setting this to true disallows policy mapping.
-     *
-     * @var bool $_policyMappingInhibit
-     */
-    protected $_policyMappingInhibit;
+	/**
+	 * Whether policy mapping in inhibited.
+	 *
+	 * Setting this to true disallows policy mapping.
+	 *
+	 * @var bool $_policyMappingInhibit
+	 */
+	protected $_policyMappingInhibit;
     
-    /**
-     * Whether the path must be valid for at least one policy in the
-     * initial policy set.
-     *
-     * @var bool $_explicitPolicy
-     */
-    protected $_explicitPolicy;
+	/**
+	 * Whether the path must be valid for at least one policy in the
+	 * initial policy set.
+	 *
+	 * @var bool $_explicitPolicy
+	 */
+	protected $_explicitPolicy;
     
-    /**
-     * Whether anyPolicy OID processing should be inhibited.
-     *
-     * Setting this to true disallows the usage of anyPolicy.
-     *
-     * @var bool $_anyPolicyInhibit
-     */
-    protected $_anyPolicyInhibit;
+	/**
+	 * Whether anyPolicy OID processing should be inhibited.
+	 *
+	 * Setting this to true disallows the usage of anyPolicy.
+	 *
+	 * @var bool $_anyPolicyInhibit
+	 */
+	protected $_anyPolicyInhibit;
     
-    /**
-     *
-     * @todo Implement
-     * @var mixed $_permittedSubtrees
-     */
-    protected $_permittedSubtrees;
+	/**
+	 *
+	 * @todo Implement
+	 * @var mixed $_permittedSubtrees
+	 */
+	protected $_permittedSubtrees;
     
-    /**
-     *
-     * @todo Implement
-     * @var mixed $_excludedSubtrees
-     */
-    protected $_excludedSubtrees;
+	/**
+	 *
+	 * @todo Implement
+	 * @var mixed $_excludedSubtrees
+	 */
+	protected $_excludedSubtrees;
     
-    /**
-     * Constructor.
-     *
-     * @param \DateTimeImmutable $dt Reference date and time
-     * @param int $max_length Maximum certification path length
-     */
-    public function __construct(\DateTimeImmutable $dt, $max_length)
-    {
-        $this->_dateTime = $dt;
-        $this->_maxLength = (int) $max_length;
-        $this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
-        $this->_policyMappingInhibit = false;
-        $this->_explicitPolicy = false;
-        $this->_anyPolicyInhibit = false;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param \DateTimeImmutable $dt Reference date and time
+	 * @param int $max_length Maximum certification path length
+	 */
+	public function __construct(\DateTimeImmutable $dt, $max_length)
+	{
+		$this->_dateTime = $dt;
+		$this->_maxLength = (int) $max_length;
+		$this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
+		$this->_policyMappingInhibit = false;
+		$this->_explicitPolicy = false;
+		$this->_anyPolicyInhibit = false;
+	}
     
-    /**
-     * Get default configuration.
-     *
-     * @return self
-     */
-    public static function defaultConfig()
-    {
-        return new self(new \DateTimeImmutable(), 3);
-    }
+	/**
+	 * Get default configuration.
+	 *
+	 * @return self
+	 */
+	public static function defaultConfig()
+	{
+		return new self(new \DateTimeImmutable(), 3);
+	}
     
-    /**
-     * Get self with maximum path length.
-     *
-     * @param int $length
-     * @return self
-     */
-    public function withMaxLength($length)
-    {
-        $obj = clone $this;
-        $obj->_maxLength = $length;
-        return $obj;
-    }
+	/**
+	 * Get self with maximum path length.
+	 *
+	 * @param int $length
+	 * @return self
+	 */
+	public function withMaxLength($length)
+	{
+		$obj = clone $this;
+		$obj->_maxLength = $length;
+		return $obj;
+	}
     
-    /**
-     * Get self with reference date and time.
-     *
-     * @param \DateTimeImmutable $dt
-     * @return self
-     */
-    public function withDateTime(\DateTimeImmutable $dt)
-    {
-        $obj = clone $this;
-        $obj->_dateTime = $dt;
-        return $obj;
-    }
+	/**
+	 * Get self with reference date and time.
+	 *
+	 * @param \DateTimeImmutable $dt
+	 * @return self
+	 */
+	public function withDateTime(\DateTimeImmutable $dt)
+	{
+		$obj = clone $this;
+		$obj->_dateTime = $dt;
+		return $obj;
+	}
     
-    /**
-     * Get self with trust anchor certificate.
-     *
-     * @param Certificate $ca
-     * @return self
-     */
-    public function withTrustAnchor(Certificate $ca)
-    {
-        $obj = clone $this;
-        $obj->_trustAnchor = $ca;
-        return $obj;
-    }
+	/**
+	 * Get self with trust anchor certificate.
+	 *
+	 * @param Certificate $ca
+	 * @return self
+	 */
+	public function withTrustAnchor(Certificate $ca)
+	{
+		$obj = clone $this;
+		$obj->_trustAnchor = $ca;
+		return $obj;
+	}
     
-    /**
-     * Get self with initial-policy-mapping-inhibit set.
-     *
-     * @param bool $flag
-     * @return self
-     */
-    public function withPolicyMappingInhibit($flag)
-    {
-        $obj = clone $this;
-        $obj->_policyMappingInhibit = (bool) $flag;
-        return $obj;
-    }
+	/**
+	 * Get self with initial-policy-mapping-inhibit set.
+	 *
+	 * @param bool $flag
+	 * @return self
+	 */
+	public function withPolicyMappingInhibit($flag)
+	{
+		$obj = clone $this;
+		$obj->_policyMappingInhibit = (bool) $flag;
+		return $obj;
+	}
     
-    /**
-     * Get self with initial-explicit-policy set.
-     *
-     * @param bool $flag
-     * @return self
-     */
-    public function withExplicitPolicy($flag)
-    {
-        $obj = clone $this;
-        $obj->_explicitPolicy = (bool) $flag;
-        return $obj;
-    }
+	/**
+	 * Get self with initial-explicit-policy set.
+	 *
+	 * @param bool $flag
+	 * @return self
+	 */
+	public function withExplicitPolicy($flag)
+	{
+		$obj = clone $this;
+		$obj->_explicitPolicy = (bool) $flag;
+		return $obj;
+	}
     
-    /**
-     * Get self with initial-any-policy-inhibit set.
-     *
-     * @param bool $flag
-     * @return self
-     */
-    public function withAnyPolicyInhibit($flag)
-    {
-        $obj = clone $this;
-        $obj->_anyPolicyInhibit = (bool) $flag;
-        return $obj;
-    }
+	/**
+	 * Get self with initial-any-policy-inhibit set.
+	 *
+	 * @param bool $flag
+	 * @return self
+	 */
+	public function withAnyPolicyInhibit($flag)
+	{
+		$obj = clone $this;
+		$obj->_anyPolicyInhibit = (bool) $flag;
+		return $obj;
+	}
     
-    /**
-     * Get self with user-initial-policy-set set to policy OIDs.
-     *
-     * @param string ...$policies List of policy OIDs
-     * @return self
-     */
-    public function withPolicySet(...$policies)
-    {
-        $obj = clone $this;
-        $obj->_policySet = $policies;
-        return $obj;
-    }
+	/**
+	 * Get self with user-initial-policy-set set to policy OIDs.
+	 *
+	 * @param string ...$policies List of policy OIDs
+	 * @return self
+	 */
+	public function withPolicySet(...$policies)
+	{
+		$obj = clone $this;
+		$obj->_policySet = $policies;
+		return $obj;
+	}
     
-    /**
-     * Get maximum certification path length.
-     *
-     * @return int
-     */
-    public function maxLength()
-    {
-        return $this->_maxLength;
-    }
+	/**
+	 * Get maximum certification path length.
+	 *
+	 * @return int
+	 */
+	public function maxLength()
+	{
+		return $this->_maxLength;
+	}
     
-    /**
-     * Get reference date and time.
-     *
-     * @return \DateTimeImmutable
-     */
-    public function dateTime()
-    {
-        return $this->_dateTime;
-    }
+	/**
+	 * Get reference date and time.
+	 *
+	 * @return \DateTimeImmutable
+	 */
+	public function dateTime()
+	{
+		return $this->_dateTime;
+	}
     
-    /**
-     * Get user-initial-policy-set.
-     *
-     * @return string[] Array of OID's
-     */
-    public function policySet()
-    {
-        return $this->_policySet;
-    }
+	/**
+	 * Get user-initial-policy-set.
+	 *
+	 * @return string[] Array of OID's
+	 */
+	public function policySet()
+	{
+		return $this->_policySet;
+	}
     
-    /**
-     * Check whether trust anchor certificate is set.
-     *
-     * @return bool
-     */
-    public function hasTrustAnchor()
-    {
-        return isset($this->_trustAnchor);
-    }
+	/**
+	 * Check whether trust anchor certificate is set.
+	 *
+	 * @return bool
+	 */
+	public function hasTrustAnchor()
+	{
+		return isset($this->_trustAnchor);
+	}
     
-    /**
-     * Get trust anchor certificate.
-     *
-     * @throws \LogicException
-     * @return Certificate
-     */
-    public function trustAnchor()
-    {
-        if (!$this->hasTrustAnchor()) {
-            throw new \LogicException("No trust anchor.");
-        }
-        return $this->_trustAnchor;
-    }
+	/**
+	 * Get trust anchor certificate.
+	 *
+	 * @throws \LogicException
+	 * @return Certificate
+	 */
+	public function trustAnchor()
+	{
+		if (!$this->hasTrustAnchor()) {
+			throw new \LogicException("No trust anchor.");
+		}
+		return $this->_trustAnchor;
+	}
     
-    /**
-     * Get initial-policy-mapping-inhibit.
-     *
-     * @return bool
-     */
-    public function policyMappingInhibit()
-    {
-        return $this->_policyMappingInhibit;
-    }
+	/**
+	 * Get initial-policy-mapping-inhibit.
+	 *
+	 * @return bool
+	 */
+	public function policyMappingInhibit()
+	{
+		return $this->_policyMappingInhibit;
+	}
     
-    /**
-     * Get initial-explicit-policy.
-     *
-     * @return bool
-     */
-    public function explicitPolicy()
-    {
-        return $this->_explicitPolicy;
-    }
+	/**
+	 * Get initial-explicit-policy.
+	 *
+	 * @return bool
+	 */
+	public function explicitPolicy()
+	{
+		return $this->_explicitPolicy;
+	}
     
-    /**
-     * Get initial-any-policy-inhibit.
-     *
-     * @return bool
-     */
-    public function anyPolicyInhibit()
-    {
-        return $this->_anyPolicyInhibit;
-    }
+	/**
+	 * Get initial-any-policy-inhibit.
+	 *
+	 * @return bool
+	 */
+	public function anyPolicyInhibit()
+	{
+		return $this->_anyPolicyInhibit;
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\CertificationPath\PathValidation;
 

lib/X509/Exception/X509ValidationException.php

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\Exception;
 

lib/X509/AttributeCertificate/Attributes.php

Indentation +196 added lines, -196 removed lines

@@ -26,200 +26,200 @@
  */
 class Attributes implements \Countable, \IteratorAggregate
 {
-    use AttributeContainer;
-    
-    /**
-     * Mapping from OID to attribute value class name.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const MAP_OID_TO_CLASS = array(
-        /* @formatter:off */
-        AccessIdentityAttributeValue::OID => AccessIdentityAttributeValue::class,
-        AuthenticationInfoAttributeValue::OID => AuthenticationInfoAttributeValue::class,
-        ChargingIdentityAttributeValue::OID => ChargingIdentityAttributeValue::class,
-        GroupAttributeValue::OID => GroupAttributeValue::class,
-        AttributeType::OID_ROLE => RoleAttributeValue::class
-        /* @formatter:on */
-    );
-    
-    /**
-     * Constructor.
-     *
-     * @param Attribute[] $attribs
-     */
-    public function __construct(Attribute ...$attribs)
-    {
-        $this->_attributes = $attribs;
-    }
-    
-    /**
-     * Initialize from attribute values.
-     *
-     * @param AttributeValue[] $values
-     * @return self
-     */
-    public static function fromAttributeValues(AttributeValue ...$values)
-    {
-        $attribs = array_map(
-            function (AttributeValue $value) {
-                return $value->toAttribute();
-            }, $values);
-        return new self(...$attribs);
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq)
-    {
-        $attribs = array_map(
-            function (UnspecifiedType $el) {
-                return Attribute::fromASN1($el->asSequence());
-            }, $seq->elements());
-        // cast attributes
-        $attribs = array_map(
-            function (Attribute $attr) {
-                $oid = $attr->oid();
-                if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
-                    $cls = self::MAP_OID_TO_CLASS[$oid];
-                    $attr = $attr->castValues($cls);
-                }
-                return $attr;
-            }, $attribs);
-        return new self(...$attribs);
-    }
-    
-    /**
-     * Check whether 'Access Identity' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasAccessIdentity(): bool
-    {
-        return $this->has(AccessIdentityAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Access Identity' attribute value.
-     *
-     * @return AccessIdentityAttributeValue
-     */
-    public function accessIdentity(): AccessIdentityAttributeValue
-    {
-        return $this->firstOf(AccessIdentityAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Service Authentication Information' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasAuthenticationInformation(): bool
-    {
-        return $this->has(AuthenticationInfoAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Service Authentication Information' attribute value.
-     *
-     * @return AuthenticationInfoAttributeValue
-     */
-    public function authenticationInformation(): AuthenticationInfoAttributeValue
-    {
-        return $this->firstOf(AuthenticationInfoAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Charging Identity' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasChargingIdentity(): bool
-    {
-        return $this->has(ChargingIdentityAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Charging Identity' attribute value.
-     *
-     * @return ChargingIdentityAttributeValue
-     */
-    public function chargingIdentity(): ChargingIdentityAttributeValue
-    {
-        return $this->firstOf(ChargingIdentityAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Group' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasGroup(): bool
-    {
-        return $this->has(GroupAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Group' attribute value.
-     *
-     * @return GroupAttributeValue
-     */
-    public function group(): GroupAttributeValue
-    {
-        return $this->firstOf(GroupAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Role' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasRole(): bool
-    {
-        return $this->has(AttributeType::OID_ROLE);
-    }
-    
-    /**
-     * Get the first 'Role' attribute value.
-     *
-     * @return RoleAttributeValue
-     */
-    public function role(): RoleAttributeValue
-    {
-        return $this->firstOf(AttributeType::OID_ROLE)->first();
-    }
-    
-    /**
-     * Get all 'Role' attribute values.
-     *
-     * @return RoleAttributeValue[]
-     */
-    public function roles(): array
-    {
-        return array_merge(array(),
-            ...array_map(
-                function (Attribute $attr) {
-                    return $attr->values();
-                }, $this->allOf(AttributeType::OID_ROLE)));
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array_map(
-            function (Attribute $attr) {
-                return $attr->toASN1();
-            }, array_values($this->_attributes));
-        return new Sequence(...$elements);
-    }
+	use AttributeContainer;
+    
+	/**
+	 * Mapping from OID to attribute value class name.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const MAP_OID_TO_CLASS = array(
+		/* @formatter:off */
+		AccessIdentityAttributeValue::OID => AccessIdentityAttributeValue::class,
+		AuthenticationInfoAttributeValue::OID => AuthenticationInfoAttributeValue::class,
+		ChargingIdentityAttributeValue::OID => ChargingIdentityAttributeValue::class,
+		GroupAttributeValue::OID => GroupAttributeValue::class,
+		AttributeType::OID_ROLE => RoleAttributeValue::class
+		/* @formatter:on */
+	);
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Attribute[] $attribs
+	 */
+	public function __construct(Attribute ...$attribs)
+	{
+		$this->_attributes = $attribs;
+	}
+    
+	/**
+	 * Initialize from attribute values.
+	 *
+	 * @param AttributeValue[] $values
+	 * @return self
+	 */
+	public static function fromAttributeValues(AttributeValue ...$values)
+	{
+		$attribs = array_map(
+			function (AttributeValue $value) {
+				return $value->toAttribute();
+			}, $values);
+		return new self(...$attribs);
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq)
+	{
+		$attribs = array_map(
+			function (UnspecifiedType $el) {
+				return Attribute::fromASN1($el->asSequence());
+			}, $seq->elements());
+		// cast attributes
+		$attribs = array_map(
+			function (Attribute $attr) {
+				$oid = $attr->oid();
+				if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
+					$cls = self::MAP_OID_TO_CLASS[$oid];
+					$attr = $attr->castValues($cls);
+				}
+				return $attr;
+			}, $attribs);
+		return new self(...$attribs);
+	}
+    
+	/**
+	 * Check whether 'Access Identity' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAccessIdentity(): bool
+	{
+		return $this->has(AccessIdentityAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Access Identity' attribute value.
+	 *
+	 * @return AccessIdentityAttributeValue
+	 */
+	public function accessIdentity(): AccessIdentityAttributeValue
+	{
+		return $this->firstOf(AccessIdentityAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Service Authentication Information' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthenticationInformation(): bool
+	{
+		return $this->has(AuthenticationInfoAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Service Authentication Information' attribute value.
+	 *
+	 * @return AuthenticationInfoAttributeValue
+	 */
+	public function authenticationInformation(): AuthenticationInfoAttributeValue
+	{
+		return $this->firstOf(AuthenticationInfoAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Charging Identity' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasChargingIdentity(): bool
+	{
+		return $this->has(ChargingIdentityAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Charging Identity' attribute value.
+	 *
+	 * @return ChargingIdentityAttributeValue
+	 */
+	public function chargingIdentity(): ChargingIdentityAttributeValue
+	{
+		return $this->firstOf(ChargingIdentityAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Group' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasGroup(): bool
+	{
+		return $this->has(GroupAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Group' attribute value.
+	 *
+	 * @return GroupAttributeValue
+	 */
+	public function group(): GroupAttributeValue
+	{
+		return $this->firstOf(GroupAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Role' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRole(): bool
+	{
+		return $this->has(AttributeType::OID_ROLE);
+	}
+    
+	/**
+	 * Get the first 'Role' attribute value.
+	 *
+	 * @return RoleAttributeValue
+	 */
+	public function role(): RoleAttributeValue
+	{
+		return $this->firstOf(AttributeType::OID_ROLE)->first();
+	}
+    
+	/**
+	 * Get all 'Role' attribute values.
+	 *
+	 * @return RoleAttributeValue[]
+	 */
+	public function roles(): array
+	{
+		return array_merge(array(),
+			...array_map(
+				function (Attribute $attr) {
+					return $attr->values();
+				}, $this->allOf(AttributeType::OID_ROLE)));
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array_map(
+			function (Attribute $attr) {
+				return $attr->toASN1();
+			}, array_values($this->_attributes));
+		return new Sequence(...$elements);
+	}
 }

Spacing +6 added lines, -6 removed lines

@@ -1,6 +1,6 @@ 
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\AttributeCertificate;
 
@@ -64,7 +64,7 @@ 
     public static function fromAttributeValues(AttributeValue ...$values)
     {
         $attribs = array_map(
-            function (AttributeValue $value) {
+            function(AttributeValue $value) {
                 return $value->toAttribute();
             }, $values);
         return new self(...$attribs);
@@ -79,12 +79,12 @@ 
     public static function fromASN1(Sequence $seq)
     {
         $attribs = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return Attribute::fromASN1($el->asSequence());
             }, $seq->elements());
         // cast attributes
         $attribs = array_map(
-            function (Attribute $attr) {
+            function(Attribute $attr) {
                 $oid = $attr->oid();
                 if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
                     $cls = self::MAP_OID_TO_CLASS[$oid];
@@ -204,7 +204,7 @@ 
     {
         return array_merge(array(),
             ...array_map(
-                function (Attribute $attr) {
+                function(Attribute $attr) {
                     return $attr->values();
                 }, $this->allOf(AttributeType::OID_ROLE)));
     }
@@ -217,7 +217,7 @@ 
     public function toASN1(): Sequence
     {
         $elements = array_map(
-            function (Attribute $attr) {
+            function(Attribute $attr) {
                 return $attr->toASN1();
             }, array_values($this->_attributes));
         return new Sequence(...$elements);

lib/X509/AttributeCertificate/ObjectDigestInfo.php

Indentation +81 added lines, -81 removed lines

@@ -20,92 +20,92 @@
  */
 class ObjectDigestInfo
 {
-    const TYPE_PUBLIC_KEY = 0;
-    const TYPE_PUBLIC_KEY_CERT = 1;
-    const TYPE_OTHER_OBJECT_TYPES = 2;
+	const TYPE_PUBLIC_KEY = 0;
+	const TYPE_PUBLIC_KEY_CERT = 1;
+	const TYPE_OTHER_OBJECT_TYPES = 2;
     
-    /**
-     * Object type.
-     *
-     * @var int $_digestedObjectType
-     */
-    protected $_digestedObjectType;
+	/**
+	 * Object type.
+	 *
+	 * @var int $_digestedObjectType
+	 */
+	protected $_digestedObjectType;
     
-    /**
-     * OID of other object type.
-     *
-     * @var string|null $_otherObjectTypeID
-     */
-    protected $_otherObjectTypeID;
+	/**
+	 * OID of other object type.
+	 *
+	 * @var string|null $_otherObjectTypeID
+	 */
+	protected $_otherObjectTypeID;
     
-    /**
-     * Digest algorithm.
-     *
-     * @var AlgorithmIdentifierType $_digestAlgorithm
-     */
-    protected $_digestAlgorithm;
+	/**
+	 * Digest algorithm.
+	 *
+	 * @var AlgorithmIdentifierType $_digestAlgorithm
+	 */
+	protected $_digestAlgorithm;
     
-    /**
-     * Object digest.
-     *
-     * @var BitString $_objectDigest
-     */
-    protected $_objectDigest;
+	/**
+	 * Object digest.
+	 *
+	 * @var BitString $_objectDigest
+	 */
+	protected $_objectDigest;
     
-    /**
-     * Constructor.
-     *
-     * @param int $type
-     * @param AlgorithmIdentifierType $algo
-     * @param BitString $digest
-     */
-    public function __construct($type, AlgorithmIdentifierType $algo,
-        BitString $digest)
-    {
-        $this->_digestedObjectType = $type;
-        $this->_otherObjectTypeID = null;
-        $this->_digestAlgorithm = $algo;
-        $this->_objectDigest = $digest;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param int $type
+	 * @param AlgorithmIdentifierType $algo
+	 * @param BitString $digest
+	 */
+	public function __construct($type, AlgorithmIdentifierType $algo,
+		BitString $digest)
+	{
+		$this->_digestedObjectType = $type;
+		$this->_otherObjectTypeID = null;
+		$this->_digestAlgorithm = $algo;
+		$this->_objectDigest = $digest;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq)
-    {
-        $type = $seq->at(0)
-            ->asEnumerated()
-            ->number();
-        $oid = null;
-        $idx = 1;
-        if ($seq->has($idx, Element::TYPE_OBJECT_IDENTIFIER)) {
-            $oid = $seq->at($idx++)
-                ->asObjectIdentifier()
-                ->oid();
-        }
-        $algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
-        $digest = $seq->at($idx)->asBitString();
-        $obj = new self($type, $algo, $digest);
-        $obj->_otherObjectTypeID = $oid;
-        return $obj;
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq)
+	{
+		$type = $seq->at(0)
+			->asEnumerated()
+			->number();
+		$oid = null;
+		$idx = 1;
+		if ($seq->has($idx, Element::TYPE_OBJECT_IDENTIFIER)) {
+			$oid = $seq->at($idx++)
+				->asObjectIdentifier()
+				->oid();
+		}
+		$algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
+		$digest = $seq->at($idx)->asBitString();
+		$obj = new self($type, $algo, $digest);
+		$obj->_otherObjectTypeID = $oid;
+		return $obj;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array(new Enumerated($this->_digestedObjectType));
-        if (isset($this->_otherObjectTypeID)) {
-            $elements[] = new ObjectIdentifier($this->_otherObjectTypeID);
-        }
-        $elements[] = $this->_digestAlgorithm->toASN1();
-        $elements[] = $this->_objectDigest;
-        return new Sequence(...$elements);
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array(new Enumerated($this->_digestedObjectType));
+		if (isset($this->_otherObjectTypeID)) {
+			$elements[] = new ObjectIdentifier($this->_otherObjectTypeID);
+		}
+		$elements[] = $this->_digestAlgorithm->toASN1();
+		$elements[] = $this->_objectDigest;
+		return new Sequence(...$elements);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\AttributeCertificate;
 

lib/X509/AttributeCertificate/Validation/Exception/ACValidationException.php

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\AttributeCertificate\Validation\Exception;
 

lib/X509/AttributeCertificate/Validation/ACValidator.php

Indentation +164 added lines, -164 removed lines

@@ -21,178 +21,178 @@
  */
 class ACValidator
 {
-    /**
-     * Attribute certificate.
-     *
-     * @var AttributeCertificate
-     */
-    protected $_ac;
+	/**
+	 * Attribute certificate.
+	 *
+	 * @var AttributeCertificate
+	 */
+	protected $_ac;
     
-    /**
-     * Validation configuration.
-     *
-     * @var ACValidationConfig
-     */
-    protected $_config;
+	/**
+	 * Validation configuration.
+	 *
+	 * @var ACValidationConfig
+	 */
+	protected $_config;
     
-    /**
-     * Crypto engine.
-     *
-     * @var Crypto
-     */
-    protected $_crypto;
+	/**
+	 * Crypto engine.
+	 *
+	 * @var Crypto
+	 */
+	protected $_crypto;
     
-    /**
-     * Constructor.
-     *
-     * @param AttributeCertificate $ac Attribute certificate to validate
-     * @param ACValidationConfig $config Validation configuration
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     */
-    public function __construct(AttributeCertificate $ac,
-        ACValidationConfig $config, Crypto $crypto = null)
-    {
-        $this->_ac = $ac;
-        $this->_config = $config;
-        $this->_crypto = $crypto ?: Crypto::getDefault();
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param AttributeCertificate $ac Attribute certificate to validate
+	 * @param ACValidationConfig $config Validation configuration
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 */
+	public function __construct(AttributeCertificate $ac,
+		ACValidationConfig $config, Crypto $crypto = null)
+	{
+		$this->_ac = $ac;
+		$this->_config = $config;
+		$this->_crypto = $crypto ?: Crypto::getDefault();
+	}
     
-    /**
-     * Validate attribute certificate.
-     *
-     * @throws ACValidationException If validation fails
-     * @return AttributeCertificate Validated AC
-     */
-    public function validate()
-    {
-        $this->_validateHolder();
-        $issuer = $this->_verifyIssuer();
-        $this->_validateIssuerProfile($issuer);
-        $this->_validateTime();
-        $this->_validateTargeting();
-        return $this->_ac;
-    }
+	/**
+	 * Validate attribute certificate.
+	 *
+	 * @throws ACValidationException If validation fails
+	 * @return AttributeCertificate Validated AC
+	 */
+	public function validate()
+	{
+		$this->_validateHolder();
+		$issuer = $this->_verifyIssuer();
+		$this->_validateIssuerProfile($issuer);
+		$this->_validateTime();
+		$this->_validateTargeting();
+		return $this->_ac;
+	}
     
-    /**
-     * Validate AC holder's certification.
-     *
-     * @throws ACValidationException
-     * @return Certificate Certificate of the AC's holder
-     */
-    private function _validateHolder()
-    {
-        $path = $this->_config->holderPath();
-        $config = PathValidationConfig::defaultConfig()->withMaxLength(
-            count($path))->withDateTime($this->_config->evaluationTime());
-        try {
-            $holder = $path->validate($config, $this->_crypto)->certificate();
-        } catch (PathValidationException $e) {
-            throw new ACValidationException(
-                "Failed to validate holder PKC's certification path.", 0, $e);
-        }
-        if (!$this->_ac->isHeldBy($holder)) {
-            throw new ACValidationException("Name mismatch of AC's holder PKC.");
-        }
-        return $holder;
-    }
+	/**
+	 * Validate AC holder's certification.
+	 *
+	 * @throws ACValidationException
+	 * @return Certificate Certificate of the AC's holder
+	 */
+	private function _validateHolder()
+	{
+		$path = $this->_config->holderPath();
+		$config = PathValidationConfig::defaultConfig()->withMaxLength(
+			count($path))->withDateTime($this->_config->evaluationTime());
+		try {
+			$holder = $path->validate($config, $this->_crypto)->certificate();
+		} catch (PathValidationException $e) {
+			throw new ACValidationException(
+				"Failed to validate holder PKC's certification path.", 0, $e);
+		}
+		if (!$this->_ac->isHeldBy($holder)) {
+			throw new ACValidationException("Name mismatch of AC's holder PKC.");
+		}
+		return $holder;
+	}
     
-    /**
-     * Verify AC's signature and issuer's certification.
-     *
-     * @throws ACValidationException
-     * @return Certificate Certificate of the AC's issuer
-     */
-    private function _verifyIssuer()
-    {
-        $path = $this->_config->issuerPath();
-        $config = PathValidationConfig::defaultConfig()->withMaxLength(
-            count($path))->withDateTime($this->_config->evaluationTime());
-        try {
-            $issuer = $path->validate($config, $this->_crypto)->certificate();
-        } catch (PathValidationException $e) {
-            throw new ACValidationException(
-                "Failed to validate issuer PKC's certification path.", 0, $e);
-        }
-        if (!$this->_ac->isIssuedBy($issuer)) {
-            throw new ACValidationException("Name mismatch of AC's issuer PKC.");
-        }
-        $pubkey_info = $issuer->tbsCertificate()->subjectPublicKeyInfo();
-        if (!$this->_ac->verify($pubkey_info, $this->_crypto)) {
-            throw new ACValidationException("Failed to verify signature.");
-        }
-        return $issuer;
-    }
+	/**
+	 * Verify AC's signature and issuer's certification.
+	 *
+	 * @throws ACValidationException
+	 * @return Certificate Certificate of the AC's issuer
+	 */
+	private function _verifyIssuer()
+	{
+		$path = $this->_config->issuerPath();
+		$config = PathValidationConfig::defaultConfig()->withMaxLength(
+			count($path))->withDateTime($this->_config->evaluationTime());
+		try {
+			$issuer = $path->validate($config, $this->_crypto)->certificate();
+		} catch (PathValidationException $e) {
+			throw new ACValidationException(
+				"Failed to validate issuer PKC's certification path.", 0, $e);
+		}
+		if (!$this->_ac->isIssuedBy($issuer)) {
+			throw new ACValidationException("Name mismatch of AC's issuer PKC.");
+		}
+		$pubkey_info = $issuer->tbsCertificate()->subjectPublicKeyInfo();
+		if (!$this->_ac->verify($pubkey_info, $this->_crypto)) {
+			throw new ACValidationException("Failed to verify signature.");
+		}
+		return $issuer;
+	}
     
-    /**
-     * Validate AC issuer's profile.
-     *
-     * @link https://tools.ietf.org/html/rfc5755#section-4.5
-     * @param Certificate $cert
-     * @throws ACValidationException
-     */
-    private function _validateIssuerProfile(Certificate $cert)
-    {
-        $exts = $cert->tbsCertificate()->extensions();
-        if ($exts->hasKeyUsage() && !$exts->keyUsage()->isDigitalSignature()) {
-            throw new ACValidationException(
-                "Issuer PKC's Key Usage extension doesn't permit" .
-                     " verification of digital signatures.");
-        }
-        if ($exts->hasBasicConstraints() && $exts->basicConstraints()->isCA()) {
-            throw new ACValidationException("Issuer PKC must not be a CA.");
-        }
-    }
+	/**
+	 * Validate AC issuer's profile.
+	 *
+	 * @link https://tools.ietf.org/html/rfc5755#section-4.5
+	 * @param Certificate $cert
+	 * @throws ACValidationException
+	 */
+	private function _validateIssuerProfile(Certificate $cert)
+	{
+		$exts = $cert->tbsCertificate()->extensions();
+		if ($exts->hasKeyUsage() && !$exts->keyUsage()->isDigitalSignature()) {
+			throw new ACValidationException(
+				"Issuer PKC's Key Usage extension doesn't permit" .
+					 " verification of digital signatures.");
+		}
+		if ($exts->hasBasicConstraints() && $exts->basicConstraints()->isCA()) {
+			throw new ACValidationException("Issuer PKC must not be a CA.");
+		}
+	}
     
-    /**
-     * Validate AC's validity period.
-     *
-     * @throws ACValidationException
-     */
-    private function _validateTime()
-    {
-        $t = $this->_config->evaluationTime();
-        $validity = $this->_ac->acinfo()->validityPeriod();
-        if ($validity->notBeforeTime()->diff($t)->invert) {
-            throw new ACValidationException("Validity period has not started.");
-        }
-        if ($t->diff($validity->notAfterTime())->invert) {
-            throw new ACValidationException("Attribute certificate has expired.");
-        }
-    }
+	/**
+	 * Validate AC's validity period.
+	 *
+	 * @throws ACValidationException
+	 */
+	private function _validateTime()
+	{
+		$t = $this->_config->evaluationTime();
+		$validity = $this->_ac->acinfo()->validityPeriod();
+		if ($validity->notBeforeTime()->diff($t)->invert) {
+			throw new ACValidationException("Validity period has not started.");
+		}
+		if ($t->diff($validity->notAfterTime())->invert) {
+			throw new ACValidationException("Attribute certificate has expired.");
+		}
+	}
     
-    /**
-     * Validate AC's target information.
-     *
-     * @throws ACValidationException
-     */
-    private function _validateTargeting()
-    {
-        $exts = $this->_ac->acinfo()->extensions();
-        // if target information extension is not present
-        if (!$exts->has(Extension::OID_TARGET_INFORMATION)) {
-            return;
-        }
-        $ext = $exts->get(Extension::OID_TARGET_INFORMATION);
-        if ($ext instanceof TargetInformationExtension &&
-             !$this->_hasMatchingTarget($ext->targets())) {
-            throw new ACValidationException(
-                "Attribute certificate doesn't have a matching target.");
-        }
-    }
+	/**
+	 * Validate AC's target information.
+	 *
+	 * @throws ACValidationException
+	 */
+	private function _validateTargeting()
+	{
+		$exts = $this->_ac->acinfo()->extensions();
+		// if target information extension is not present
+		if (!$exts->has(Extension::OID_TARGET_INFORMATION)) {
+			return;
+		}
+		$ext = $exts->get(Extension::OID_TARGET_INFORMATION);
+		if ($ext instanceof TargetInformationExtension &&
+			 !$this->_hasMatchingTarget($ext->targets())) {
+			throw new ACValidationException(
+				"Attribute certificate doesn't have a matching target.");
+		}
+	}
     
-    /**
-     * Check whether validation configuration has matching targets.
-     *
-     * @param Targets $targets Set of eligible targets
-     * @return boolean
-     */
-    private function _hasMatchingTarget(Targets $targets)
-    {
-        foreach ($this->_config->targets() as $target) {
-            if ($targets->hasTarget($target)) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether validation configuration has matching targets.
+	 *
+	 * @param Targets $targets Set of eligible targets
+	 * @return boolean
+	 */
+	private function _hasMatchingTarget(Targets $targets)
+	{
+		foreach ($this->_config->targets() as $target) {
+			if ($targets->hasTarget($target)) {
+				return true;
+			}
+		}
+		return false;
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types=1);
+declare(strict_types = 1);
 
 namespace X509\AttributeCertificate\Validation;