sop /
x509
@@ -19,172 +19,172 @@ |
||
| 19 | 19 | */ |
| 20 | 20 | class IssuerSerial |
| 21 | 21 | { |
| 22 | - /** |
|
| 23 | - * Issuer name. |
|
| 24 | - * |
|
| 25 | - * @var GeneralNames $_issuer |
|
| 26 | - */ |
|
| 27 | - protected $_issuer; |
|
| 22 | + /** |
|
| 23 | + * Issuer name. |
|
| 24 | + * |
|
| 25 | + * @var GeneralNames $_issuer |
|
| 26 | + */ |
|
| 27 | + protected $_issuer; |
|
| 28 | 28 | |
| 29 | - /** |
|
| 30 | - * Serial number. |
|
| 31 | - * |
|
| 32 | - * @var string|int $_serial |
|
| 33 | - */ |
|
| 34 | - protected $_serial; |
|
| 29 | + /** |
|
| 30 | + * Serial number. |
|
| 31 | + * |
|
| 32 | + * @var string|int $_serial |
|
| 33 | + */ |
|
| 34 | + protected $_serial; |
|
| 35 | 35 | |
| 36 | - /** |
|
| 37 | - * Issuer unique ID. |
|
| 38 | - * |
|
| 39 | - * @var UniqueIdentifier|null $_issuerUID |
|
| 40 | - */ |
|
| 41 | - protected $_issuerUID; |
|
| 36 | + /** |
|
| 37 | + * Issuer unique ID. |
|
| 38 | + * |
|
| 39 | + * @var UniqueIdentifier|null $_issuerUID |
|
| 40 | + */ |
|
| 41 | + protected $_issuerUID; |
|
| 42 | 42 | |
| 43 | - /** |
|
| 44 | - * Constructor. |
|
| 45 | - * |
|
| 46 | - * @param GeneralNames $issuer |
|
| 47 | - * @param string|int $serial |
|
| 48 | - * @param UniqueIdentifier|null $uid |
|
| 49 | - */ |
|
| 50 | - public function __construct(GeneralNames $issuer, $serial, |
|
| 51 | - UniqueIdentifier $uid = null) |
|
| 52 | - { |
|
| 53 | - $this->_issuer = $issuer; |
|
| 54 | - $this->_serial = $serial; |
|
| 55 | - $this->_issuerUID = $uid; |
|
| 56 | - } |
|
| 43 | + /** |
|
| 44 | + * Constructor. |
|
| 45 | + * |
|
| 46 | + * @param GeneralNames $issuer |
|
| 47 | + * @param string|int $serial |
|
| 48 | + * @param UniqueIdentifier|null $uid |
|
| 49 | + */ |
|
| 50 | + public function __construct(GeneralNames $issuer, $serial, |
|
| 51 | + UniqueIdentifier $uid = null) |
|
| 52 | + { |
|
| 53 | + $this->_issuer = $issuer; |
|
| 54 | + $this->_serial = $serial; |
|
| 55 | + $this->_issuerUID = $uid; |
|
| 56 | + } |
|
| 57 | 57 | |
| 58 | - /** |
|
| 59 | - * Initialize from ASN.1. |
|
| 60 | - * |
|
| 61 | - * @param Sequence $seq |
|
| 62 | - * @return self |
|
| 63 | - */ |
|
| 64 | - public static function fromASN1(Sequence $seq) |
|
| 65 | - { |
|
| 66 | - $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence()); |
|
| 67 | - $serial = $seq->at(1) |
|
| 68 | - ->asInteger() |
|
| 69 | - ->number(); |
|
| 70 | - $uid = null; |
|
| 71 | - if ($seq->has(2, Element::TYPE_BIT_STRING)) { |
|
| 72 | - $uid = UniqueIdentifier::fromASN1($seq->at(2)->asBitString()); |
|
| 73 | - } |
|
| 74 | - return new self($issuer, $serial, $uid); |
|
| 75 | - } |
|
| 58 | + /** |
|
| 59 | + * Initialize from ASN.1. |
|
| 60 | + * |
|
| 61 | + * @param Sequence $seq |
|
| 62 | + * @return self |
|
| 63 | + */ |
|
| 64 | + public static function fromASN1(Sequence $seq) |
|
| 65 | + { |
|
| 66 | + $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence()); |
|
| 67 | + $serial = $seq->at(1) |
|
| 68 | + ->asInteger() |
|
| 69 | + ->number(); |
|
| 70 | + $uid = null; |
|
| 71 | + if ($seq->has(2, Element::TYPE_BIT_STRING)) { |
|
| 72 | + $uid = UniqueIdentifier::fromASN1($seq->at(2)->asBitString()); |
|
| 73 | + } |
|
| 74 | + return new self($issuer, $serial, $uid); |
|
| 75 | + } |
|
| 76 | 76 | |
| 77 | - /** |
|
| 78 | - * Initialize from a public key certificate. |
|
| 79 | - * |
|
| 80 | - * @param Certificate $cert |
|
| 81 | - * @return self |
|
| 82 | - */ |
|
| 83 | - public static function fromPKC(Certificate $cert) |
|
| 84 | - { |
|
| 85 | - $tbsCert = $cert->tbsCertificate(); |
|
| 86 | - $issuer = new GeneralNames(new DirectoryName($tbsCert->issuer())); |
|
| 87 | - $serial = $tbsCert->serialNumber(); |
|
| 88 | - $uid = $tbsCert->hasIssuerUniqueID() ? $tbsCert->issuerUniqueID() : null; |
|
| 89 | - return new self($issuer, $serial, $uid); |
|
| 90 | - } |
|
| 77 | + /** |
|
| 78 | + * Initialize from a public key certificate. |
|
| 79 | + * |
|
| 80 | + * @param Certificate $cert |
|
| 81 | + * @return self |
|
| 82 | + */ |
|
| 83 | + public static function fromPKC(Certificate $cert) |
|
| 84 | + { |
|
| 85 | + $tbsCert = $cert->tbsCertificate(); |
|
| 86 | + $issuer = new GeneralNames(new DirectoryName($tbsCert->issuer())); |
|
| 87 | + $serial = $tbsCert->serialNumber(); |
|
| 88 | + $uid = $tbsCert->hasIssuerUniqueID() ? $tbsCert->issuerUniqueID() : null; |
|
| 89 | + return new self($issuer, $serial, $uid); |
|
| 90 | + } |
|
| 91 | 91 | |
| 92 | - /** |
|
| 93 | - * Get issuer name. |
|
| 94 | - * |
|
| 95 | - * @return GeneralNames |
|
| 96 | - */ |
|
| 97 | - public function issuer(): GeneralNames |
|
| 98 | - { |
|
| 99 | - return $this->_issuer; |
|
| 100 | - } |
|
| 92 | + /** |
|
| 93 | + * Get issuer name. |
|
| 94 | + * |
|
| 95 | + * @return GeneralNames |
|
| 96 | + */ |
|
| 97 | + public function issuer(): GeneralNames |
|
| 98 | + { |
|
| 99 | + return $this->_issuer; |
|
| 100 | + } |
|
| 101 | 101 | |
| 102 | - /** |
|
| 103 | - * Get serial number. |
|
| 104 | - * |
|
| 105 | - * @return int|string |
|
| 106 | - */ |
|
| 107 | - public function serial() |
|
| 108 | - { |
|
| 109 | - return $this->_serial; |
|
| 110 | - } |
|
| 102 | + /** |
|
| 103 | + * Get serial number. |
|
| 104 | + * |
|
| 105 | + * @return int|string |
|
| 106 | + */ |
|
| 107 | + public function serial() |
|
| 108 | + { |
|
| 109 | + return $this->_serial; |
|
| 110 | + } |
|
| 111 | 111 | |
| 112 | - /** |
|
| 113 | - * Check whether issuer unique identifier is present. |
|
| 114 | - * |
|
| 115 | - * @return bool |
|
| 116 | - */ |
|
| 117 | - public function hasIssuerUID(): bool |
|
| 118 | - { |
|
| 119 | - return isset($this->_issuerUID); |
|
| 120 | - } |
|
| 112 | + /** |
|
| 113 | + * Check whether issuer unique identifier is present. |
|
| 114 | + * |
|
| 115 | + * @return bool |
|
| 116 | + */ |
|
| 117 | + public function hasIssuerUID(): bool |
|
| 118 | + { |
|
| 119 | + return isset($this->_issuerUID); |
|
| 120 | + } |
|
| 121 | 121 | |
| 122 | - /** |
|
| 123 | - * Get issuer unique identifier. |
|
| 124 | - * |
|
| 125 | - * @throws \LogicException |
|
| 126 | - * @return UniqueIdentifier |
|
| 127 | - */ |
|
| 128 | - public function issuerUID(): UniqueIdentifier |
|
| 129 | - { |
|
| 130 | - if (!$this->hasIssuerUID()) { |
|
| 131 | - throw new \LogicException("issuerUID not set."); |
|
| 132 | - } |
|
| 133 | - return $this->_issuerUID; |
|
| 134 | - } |
|
| 122 | + /** |
|
| 123 | + * Get issuer unique identifier. |
|
| 124 | + * |
|
| 125 | + * @throws \LogicException |
|
| 126 | + * @return UniqueIdentifier |
|
| 127 | + */ |
|
| 128 | + public function issuerUID(): UniqueIdentifier |
|
| 129 | + { |
|
| 130 | + if (!$this->hasIssuerUID()) { |
|
| 131 | + throw new \LogicException("issuerUID not set."); |
|
| 132 | + } |
|
| 133 | + return $this->_issuerUID; |
|
| 134 | + } |
|
| 135 | 135 | |
| 136 | - /** |
|
| 137 | - * Generate ASN.1 structure. |
|
| 138 | - * |
|
| 139 | - * @return Sequence |
|
| 140 | - */ |
|
| 141 | - public function toASN1(): Sequence |
|
| 142 | - { |
|
| 143 | - $elements = array($this->_issuer->toASN1(), new Integer($this->_serial)); |
|
| 144 | - if (isset($this->_issuerUID)) { |
|
| 145 | - $elements[] = $this->_issuerUID->toASN1(); |
|
| 146 | - } |
|
| 147 | - return new Sequence(...$elements); |
|
| 148 | - } |
|
| 136 | + /** |
|
| 137 | + * Generate ASN.1 structure. |
|
| 138 | + * |
|
| 139 | + * @return Sequence |
|
| 140 | + */ |
|
| 141 | + public function toASN1(): Sequence |
|
| 142 | + { |
|
| 143 | + $elements = array($this->_issuer->toASN1(), new Integer($this->_serial)); |
|
| 144 | + if (isset($this->_issuerUID)) { |
|
| 145 | + $elements[] = $this->_issuerUID->toASN1(); |
|
| 146 | + } |
|
| 147 | + return new Sequence(...$elements); |
|
| 148 | + } |
|
| 149 | 149 | |
| 150 | - /** |
|
| 151 | - * Check whether this IssuerSerial identifies given certificate. |
|
| 152 | - * |
|
| 153 | - * @param Certificate $cert |
|
| 154 | - * @return boolean |
|
| 155 | - */ |
|
| 156 | - public function identifiesPKC(Certificate $cert): bool |
|
| 157 | - { |
|
| 158 | - $tbs = $cert->tbsCertificate(); |
|
| 159 | - if (!$tbs->issuer()->equals($this->_issuer->firstDN())) { |
|
| 160 | - return false; |
|
| 161 | - } |
|
| 162 | - if (strval($tbs->serialNumber()) != strval($this->_serial)) { |
|
| 163 | - return false; |
|
| 164 | - } |
|
| 165 | - if ($this->_issuerUID && !$this->_checkUniqueID($cert)) { |
|
| 166 | - return false; |
|
| 167 | - } |
|
| 168 | - return true; |
|
| 169 | - } |
|
| 150 | + /** |
|
| 151 | + * Check whether this IssuerSerial identifies given certificate. |
|
| 152 | + * |
|
| 153 | + * @param Certificate $cert |
|
| 154 | + * @return boolean |
|
| 155 | + */ |
|
| 156 | + public function identifiesPKC(Certificate $cert): bool |
|
| 157 | + { |
|
| 158 | + $tbs = $cert->tbsCertificate(); |
|
| 159 | + if (!$tbs->issuer()->equals($this->_issuer->firstDN())) { |
|
| 160 | + return false; |
|
| 161 | + } |
|
| 162 | + if (strval($tbs->serialNumber()) != strval($this->_serial)) { |
|
| 163 | + return false; |
|
| 164 | + } |
|
| 165 | + if ($this->_issuerUID && !$this->_checkUniqueID($cert)) { |
|
| 166 | + return false; |
|
| 167 | + } |
|
| 168 | + return true; |
|
| 169 | + } |
|
| 170 | 170 | |
| 171 | - /** |
|
| 172 | - * Check whether issuerUID matches given certificate. |
|
| 173 | - * |
|
| 174 | - * @param Certificate $cert |
|
| 175 | - * @return boolean |
|
| 176 | - */ |
|
| 177 | - private function _checkUniqueID(Certificate $cert): bool |
|
| 178 | - { |
|
| 179 | - if (!$cert->tbsCertificate()->hasIssuerUniqueID()) { |
|
| 180 | - return false; |
|
| 181 | - } |
|
| 182 | - $uid = $cert->tbsCertificate() |
|
| 183 | - ->issuerUniqueID() |
|
| 184 | - ->string(); |
|
| 185 | - if ($this->_issuerUID->string() != $uid) { |
|
| 186 | - return false; |
|
| 187 | - } |
|
| 188 | - return true; |
|
| 189 | - } |
|
| 171 | + /** |
|
| 172 | + * Check whether issuerUID matches given certificate. |
|
| 173 | + * |
|
| 174 | + * @param Certificate $cert |
|
| 175 | + * @return boolean |
|
| 176 | + */ |
|
| 177 | + private function _checkUniqueID(Certificate $cert): bool |
|
| 178 | + { |
|
| 179 | + if (!$cert->tbsCertificate()->hasIssuerUniqueID()) { |
|
| 180 | + return false; |
|
| 181 | + } |
|
| 182 | + $uid = $cert->tbsCertificate() |
|
| 183 | + ->issuerUniqueID() |
|
| 184 | + ->string(); |
|
| 185 | + if ($this->_issuerUID->string() != $uid) { |
|
| 186 | + return false; |
|
| 187 | + } |
|
| 188 | + return true; |
|
| 189 | + } |
|
| 190 | 190 | } |
@@ -15,94 +15,94 @@ |
||
| 15 | 15 | */ |
| 16 | 16 | class AttCertValidityPeriod |
| 17 | 17 | { |
| 18 | - use DateTimeHelper; |
|
| 18 | + use DateTimeHelper; |
|
| 19 | 19 | |
| 20 | - /** |
|
| 21 | - * Not before time. |
|
| 22 | - * |
|
| 23 | - * @var \DateTimeImmutable |
|
| 24 | - */ |
|
| 25 | - protected $_notBeforeTime; |
|
| 20 | + /** |
|
| 21 | + * Not before time. |
|
| 22 | + * |
|
| 23 | + * @var \DateTimeImmutable |
|
| 24 | + */ |
|
| 25 | + protected $_notBeforeTime; |
|
| 26 | 26 | |
| 27 | - /** |
|
| 28 | - * Not after time. |
|
| 29 | - * |
|
| 30 | - * @var \DateTimeImmutable |
|
| 31 | - */ |
|
| 32 | - protected $_notAfterTime; |
|
| 27 | + /** |
|
| 28 | + * Not after time. |
|
| 29 | + * |
|
| 30 | + * @var \DateTimeImmutable |
|
| 31 | + */ |
|
| 32 | + protected $_notAfterTime; |
|
| 33 | 33 | |
| 34 | - /** |
|
| 35 | - * Constructor. |
|
| 36 | - * |
|
| 37 | - * @param \DateTimeImmutable $nb |
|
| 38 | - * @param \DateTimeImmutable $na |
|
| 39 | - */ |
|
| 40 | - public function __construct(\DateTimeImmutable $nb, \DateTimeImmutable $na) |
|
| 41 | - { |
|
| 42 | - $this->_notBeforeTime = $nb; |
|
| 43 | - $this->_notAfterTime = $na; |
|
| 44 | - } |
|
| 34 | + /** |
|
| 35 | + * Constructor. |
|
| 36 | + * |
|
| 37 | + * @param \DateTimeImmutable $nb |
|
| 38 | + * @param \DateTimeImmutable $na |
|
| 39 | + */ |
|
| 40 | + public function __construct(\DateTimeImmutable $nb, \DateTimeImmutable $na) |
|
| 41 | + { |
|
| 42 | + $this->_notBeforeTime = $nb; |
|
| 43 | + $this->_notAfterTime = $na; |
|
| 44 | + } |
|
| 45 | 45 | |
| 46 | - /** |
|
| 47 | - * Initialize from ASN.1. |
|
| 48 | - * |
|
| 49 | - * @param Sequence $seq |
|
| 50 | - * @return self |
|
| 51 | - */ |
|
| 52 | - public static function fromASN1(Sequence $seq) |
|
| 53 | - { |
|
| 54 | - $nb = $seq->at(0) |
|
| 55 | - ->asGeneralizedTime() |
|
| 56 | - ->dateTime(); |
|
| 57 | - $na = $seq->at(1) |
|
| 58 | - ->asGeneralizedTime() |
|
| 59 | - ->dateTime(); |
|
| 60 | - return new self($nb, $na); |
|
| 61 | - } |
|
| 46 | + /** |
|
| 47 | + * Initialize from ASN.1. |
|
| 48 | + * |
|
| 49 | + * @param Sequence $seq |
|
| 50 | + * @return self |
|
| 51 | + */ |
|
| 52 | + public static function fromASN1(Sequence $seq) |
|
| 53 | + { |
|
| 54 | + $nb = $seq->at(0) |
|
| 55 | + ->asGeneralizedTime() |
|
| 56 | + ->dateTime(); |
|
| 57 | + $na = $seq->at(1) |
|
| 58 | + ->asGeneralizedTime() |
|
| 59 | + ->dateTime(); |
|
| 60 | + return new self($nb, $na); |
|
| 61 | + } |
|
| 62 | 62 | |
| 63 | - /** |
|
| 64 | - * Initialize from date strings. |
|
| 65 | - * |
|
| 66 | - * @param string|null $nb_date Not before date |
|
| 67 | - * @param string|null $na_date Not after date |
|
| 68 | - * @param string|null $tz Timezone string |
|
| 69 | - * @return self |
|
| 70 | - */ |
|
| 71 | - public static function fromStrings($nb_date, $na_date, $tz = null) |
|
| 72 | - { |
|
| 73 | - $nb = self::_createDateTime($nb_date, $tz); |
|
| 74 | - $na = self::_createDateTime($na_date, $tz); |
|
| 75 | - return new self($nb, $na); |
|
| 76 | - } |
|
| 63 | + /** |
|
| 64 | + * Initialize from date strings. |
|
| 65 | + * |
|
| 66 | + * @param string|null $nb_date Not before date |
|
| 67 | + * @param string|null $na_date Not after date |
|
| 68 | + * @param string|null $tz Timezone string |
|
| 69 | + * @return self |
|
| 70 | + */ |
|
| 71 | + public static function fromStrings($nb_date, $na_date, $tz = null) |
|
| 72 | + { |
|
| 73 | + $nb = self::_createDateTime($nb_date, $tz); |
|
| 74 | + $na = self::_createDateTime($na_date, $tz); |
|
| 75 | + return new self($nb, $na); |
|
| 76 | + } |
|
| 77 | 77 | |
| 78 | - /** |
|
| 79 | - * Get not before time. |
|
| 80 | - * |
|
| 81 | - * @return \DateTimeImmutable |
|
| 82 | - */ |
|
| 83 | - public function notBeforeTime(): \DateTimeImmutable |
|
| 84 | - { |
|
| 85 | - return $this->_notBeforeTime; |
|
| 86 | - } |
|
| 78 | + /** |
|
| 79 | + * Get not before time. |
|
| 80 | + * |
|
| 81 | + * @return \DateTimeImmutable |
|
| 82 | + */ |
|
| 83 | + public function notBeforeTime(): \DateTimeImmutable |
|
| 84 | + { |
|
| 85 | + return $this->_notBeforeTime; |
|
| 86 | + } |
|
| 87 | 87 | |
| 88 | - /** |
|
| 89 | - * Get not after time. |
|
| 90 | - * |
|
| 91 | - * @return \DateTimeImmutable |
|
| 92 | - */ |
|
| 93 | - public function notAfterTime(): \DateTimeImmutable |
|
| 94 | - { |
|
| 95 | - return $this->_notAfterTime; |
|
| 96 | - } |
|
| 88 | + /** |
|
| 89 | + * Get not after time. |
|
| 90 | + * |
|
| 91 | + * @return \DateTimeImmutable |
|
| 92 | + */ |
|
| 93 | + public function notAfterTime(): \DateTimeImmutable |
|
| 94 | + { |
|
| 95 | + return $this->_notAfterTime; |
|
| 96 | + } |
|
| 97 | 97 | |
| 98 | - /** |
|
| 99 | - * Generate ASN.1 structure. |
|
| 100 | - * |
|
| 101 | - * @return Sequence |
|
| 102 | - */ |
|
| 103 | - public function toASN1(): Sequence |
|
| 104 | - { |
|
| 105 | - return new Sequence(new GeneralizedTime($this->_notBeforeTime), |
|
| 106 | - new GeneralizedTime($this->_notAfterTime)); |
|
| 107 | - } |
|
| 98 | + /** |
|
| 99 | + * Generate ASN.1 structure. |
|
| 100 | + * |
|
| 101 | + * @return Sequence |
|
| 102 | + */ |
|
| 103 | + public function toASN1(): Sequence |
|
| 104 | + { |
|
| 105 | + return new Sequence(new GeneralizedTime($this->_notBeforeTime), |
|
| 106 | + new GeneralizedTime($this->_notAfterTime)); |
|
| 107 | + } |
|
| 108 | 108 | } |
@@ -18,66 +18,66 @@ |
||
| 18 | 18 | */ |
| 19 | 19 | abstract class AttCertIssuer |
| 20 | 20 | { |
| 21 | - /** |
|
| 22 | - * Generate ASN.1 element. |
|
| 23 | - * |
|
| 24 | - * @return Element |
|
| 25 | - */ |
|
| 26 | - abstract public function toASN1(); |
|
| 21 | + /** |
|
| 22 | + * Generate ASN.1 element. |
|
| 23 | + * |
|
| 24 | + * @return Element |
|
| 25 | + */ |
|
| 26 | + abstract public function toASN1(); |
|
| 27 | 27 | |
| 28 | - /** |
|
| 29 | - * Check whether AttCertIssuer identifies given certificate. |
|
| 30 | - * |
|
| 31 | - * @param Certificate $cert |
|
| 32 | - * @return bool |
|
| 33 | - */ |
|
| 34 | - abstract public function identifiesPKC(Certificate $cert): bool; |
|
| 28 | + /** |
|
| 29 | + * Check whether AttCertIssuer identifies given certificate. |
|
| 30 | + * |
|
| 31 | + * @param Certificate $cert |
|
| 32 | + * @return bool |
|
| 33 | + */ |
|
| 34 | + abstract public function identifiesPKC(Certificate $cert): bool; |
|
| 35 | 35 | |
| 36 | - /** |
|
| 37 | - * Initialize from distinguished name. |
|
| 38 | - * |
|
| 39 | - * This conforms to RFC 5755 which states that only v2Form must be used, |
|
| 40 | - * and issuerName must contain exactly one GeneralName of DirectoryName |
|
| 41 | - * type. |
|
| 42 | - * |
|
| 43 | - * @link https://tools.ietf.org/html/rfc5755#section-4.2.3 |
|
| 44 | - * @param Name $name |
|
| 45 | - * @return self |
|
| 46 | - */ |
|
| 47 | - public static function fromName(Name $name) |
|
| 48 | - { |
|
| 49 | - return new V2Form(new GeneralNames(new DirectoryName($name))); |
|
| 50 | - } |
|
| 36 | + /** |
|
| 37 | + * Initialize from distinguished name. |
|
| 38 | + * |
|
| 39 | + * This conforms to RFC 5755 which states that only v2Form must be used, |
|
| 40 | + * and issuerName must contain exactly one GeneralName of DirectoryName |
|
| 41 | + * type. |
|
| 42 | + * |
|
| 43 | + * @link https://tools.ietf.org/html/rfc5755#section-4.2.3 |
|
| 44 | + * @param Name $name |
|
| 45 | + * @return self |
|
| 46 | + */ |
|
| 47 | + public static function fromName(Name $name) |
|
| 48 | + { |
|
| 49 | + return new V2Form(new GeneralNames(new DirectoryName($name))); |
|
| 50 | + } |
|
| 51 | 51 | |
| 52 | - /** |
|
| 53 | - * Initialize from an issuer's public key certificate. |
|
| 54 | - * |
|
| 55 | - * @param Certificate $cert |
|
| 56 | - * @return self |
|
| 57 | - */ |
|
| 58 | - public static function fromPKC(Certificate $cert) |
|
| 59 | - { |
|
| 60 | - return self::fromName($cert->tbsCertificate()->subject()); |
|
| 61 | - } |
|
| 52 | + /** |
|
| 53 | + * Initialize from an issuer's public key certificate. |
|
| 54 | + * |
|
| 55 | + * @param Certificate $cert |
|
| 56 | + * @return self |
|
| 57 | + */ |
|
| 58 | + public static function fromPKC(Certificate $cert) |
|
| 59 | + { |
|
| 60 | + return self::fromName($cert->tbsCertificate()->subject()); |
|
| 61 | + } |
|
| 62 | 62 | |
| 63 | - /** |
|
| 64 | - * Initialize from ASN.1. |
|
| 65 | - * |
|
| 66 | - * @param UnspecifiedType $el CHOICE |
|
| 67 | - * @throws \UnexpectedValueException |
|
| 68 | - * @return self |
|
| 69 | - */ |
|
| 70 | - public static function fromASN1(UnspecifiedType $el) |
|
| 71 | - { |
|
| 72 | - if (!$el->isTagged()) { |
|
| 73 | - throw new \UnexpectedValueException("v1Form issuer not supported."); |
|
| 74 | - } |
|
| 75 | - $tagged = $el->asTagged(); |
|
| 76 | - switch ($tagged->tag()) { |
|
| 77 | - case 0: |
|
| 78 | - return V2Form::fromV2ASN1( |
|
| 79 | - $tagged->asImplicit(Element::TYPE_SEQUENCE)->asSequence()); |
|
| 80 | - } |
|
| 81 | - throw new \UnexpectedValueException("Unsupported issuer type."); |
|
| 82 | - } |
|
| 63 | + /** |
|
| 64 | + * Initialize from ASN.1. |
|
| 65 | + * |
|
| 66 | + * @param UnspecifiedType $el CHOICE |
|
| 67 | + * @throws \UnexpectedValueException |
|
| 68 | + * @return self |
|
| 69 | + */ |
|
| 70 | + public static function fromASN1(UnspecifiedType $el) |
|
| 71 | + { |
|
| 72 | + if (!$el->isTagged()) { |
|
| 73 | + throw new \UnexpectedValueException("v1Form issuer not supported."); |
|
| 74 | + } |
|
| 75 | + $tagged = $el->asTagged(); |
|
| 76 | + switch ($tagged->tag()) { |
|
| 77 | + case 0: |
|
| 78 | + return V2Form::fromV2ASN1( |
|
| 79 | + $tagged->asImplicit(Element::TYPE_SEQUENCE)->asSequence()); |
|
| 80 | + } |
|
| 81 | + throw new \UnexpectedValueException("Unsupported issuer type."); |
|
| 82 | + } |
|
| 83 | 83 | } |
@@ -17,144 +17,144 @@ |
||
| 17 | 17 | */ |
| 18 | 18 | class V2Form extends AttCertIssuer |
| 19 | 19 | { |
| 20 | - /** |
|
| 21 | - * Issuer name. |
|
| 22 | - * |
|
| 23 | - * @var GeneralNames $_issuerName |
|
| 24 | - */ |
|
| 25 | - protected $_issuerName; |
|
| 20 | + /** |
|
| 21 | + * Issuer name. |
|
| 22 | + * |
|
| 23 | + * @var GeneralNames $_issuerName |
|
| 24 | + */ |
|
| 25 | + protected $_issuerName; |
|
| 26 | 26 | |
| 27 | - /** |
|
| 28 | - * Issuer PKC's issuer and serial. |
|
| 29 | - * |
|
| 30 | - * @var IssuerSerial $_baseCertificateID |
|
| 31 | - */ |
|
| 32 | - protected $_baseCertificateID; |
|
| 27 | + /** |
|
| 28 | + * Issuer PKC's issuer and serial. |
|
| 29 | + * |
|
| 30 | + * @var IssuerSerial $_baseCertificateID |
|
| 31 | + */ |
|
| 32 | + protected $_baseCertificateID; |
|
| 33 | 33 | |
| 34 | - /** |
|
| 35 | - * Linked object. |
|
| 36 | - * |
|
| 37 | - * @var ObjectDigestInfo $_objectDigestInfo |
|
| 38 | - */ |
|
| 39 | - protected $_objectDigestInfo; |
|
| 34 | + /** |
|
| 35 | + * Linked object. |
|
| 36 | + * |
|
| 37 | + * @var ObjectDigestInfo $_objectDigestInfo |
|
| 38 | + */ |
|
| 39 | + protected $_objectDigestInfo; |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * Constructor. |
|
| 43 | - * |
|
| 44 | - * @param GeneralNames|null $names |
|
| 45 | - */ |
|
| 46 | - public function __construct(GeneralNames $names = null) |
|
| 47 | - { |
|
| 48 | - $this->_issuerName = $names; |
|
| 49 | - $this->_baseCertificateID = null; |
|
| 50 | - $this->_objectDigestInfo = null; |
|
| 51 | - } |
|
| 41 | + /** |
|
| 42 | + * Constructor. |
|
| 43 | + * |
|
| 44 | + * @param GeneralNames|null $names |
|
| 45 | + */ |
|
| 46 | + public function __construct(GeneralNames $names = null) |
|
| 47 | + { |
|
| 48 | + $this->_issuerName = $names; |
|
| 49 | + $this->_baseCertificateID = null; |
|
| 50 | + $this->_objectDigestInfo = null; |
|
| 51 | + } |
|
| 52 | 52 | |
| 53 | - /** |
|
| 54 | - * Initialize from ASN.1. |
|
| 55 | - * |
|
| 56 | - * @param Sequence $seq |
|
| 57 | - * @return self |
|
| 58 | - */ |
|
| 59 | - public static function fromV2ASN1(Sequence $seq) |
|
| 60 | - { |
|
| 61 | - $issuer = null; |
|
| 62 | - $cert_id = null; |
|
| 63 | - $digest_info = null; |
|
| 64 | - if ($seq->has(0, Element::TYPE_SEQUENCE)) { |
|
| 65 | - $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence()); |
|
| 66 | - } |
|
| 67 | - if ($seq->hasTagged(0)) { |
|
| 68 | - $cert_id = IssuerSerial::fromASN1( |
|
| 69 | - $seq->getTagged(0) |
|
| 70 | - ->asImplicit(Element::TYPE_SEQUENCE) |
|
| 71 | - ->asSequence()); |
|
| 72 | - } |
|
| 73 | - if ($seq->hasTagged(1)) { |
|
| 74 | - $digest_info = ObjectDigestInfo::fromASN1( |
|
| 75 | - $seq->getTagged(1) |
|
| 76 | - ->asImplicit(Element::TYPE_SEQUENCE) |
|
| 77 | - ->asSequence()); |
|
| 78 | - } |
|
| 79 | - $obj = new self($issuer); |
|
| 80 | - $obj->_baseCertificateID = $cert_id; |
|
| 81 | - $obj->_objectDigestInfo = $digest_info; |
|
| 82 | - return $obj; |
|
| 83 | - } |
|
| 53 | + /** |
|
| 54 | + * Initialize from ASN.1. |
|
| 55 | + * |
|
| 56 | + * @param Sequence $seq |
|
| 57 | + * @return self |
|
| 58 | + */ |
|
| 59 | + public static function fromV2ASN1(Sequence $seq) |
|
| 60 | + { |
|
| 61 | + $issuer = null; |
|
| 62 | + $cert_id = null; |
|
| 63 | + $digest_info = null; |
|
| 64 | + if ($seq->has(0, Element::TYPE_SEQUENCE)) { |
|
| 65 | + $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence()); |
|
| 66 | + } |
|
| 67 | + if ($seq->hasTagged(0)) { |
|
| 68 | + $cert_id = IssuerSerial::fromASN1( |
|
| 69 | + $seq->getTagged(0) |
|
| 70 | + ->asImplicit(Element::TYPE_SEQUENCE) |
|
| 71 | + ->asSequence()); |
|
| 72 | + } |
|
| 73 | + if ($seq->hasTagged(1)) { |
|
| 74 | + $digest_info = ObjectDigestInfo::fromASN1( |
|
| 75 | + $seq->getTagged(1) |
|
| 76 | + ->asImplicit(Element::TYPE_SEQUENCE) |
|
| 77 | + ->asSequence()); |
|
| 78 | + } |
|
| 79 | + $obj = new self($issuer); |
|
| 80 | + $obj->_baseCertificateID = $cert_id; |
|
| 81 | + $obj->_objectDigestInfo = $digest_info; |
|
| 82 | + return $obj; |
|
| 83 | + } |
|
| 84 | 84 | |
| 85 | - /** |
|
| 86 | - * Check whether issuer name is set. |
|
| 87 | - * |
|
| 88 | - * @return bool |
|
| 89 | - */ |
|
| 90 | - public function hasIssuerName(): bool |
|
| 91 | - { |
|
| 92 | - return isset($this->_issuerName); |
|
| 93 | - } |
|
| 85 | + /** |
|
| 86 | + * Check whether issuer name is set. |
|
| 87 | + * |
|
| 88 | + * @return bool |
|
| 89 | + */ |
|
| 90 | + public function hasIssuerName(): bool |
|
| 91 | + { |
|
| 92 | + return isset($this->_issuerName); |
|
| 93 | + } |
|
| 94 | 94 | |
| 95 | - /** |
|
| 96 | - * Get issuer name. |
|
| 97 | - * |
|
| 98 | - * @throws \LogicException |
|
| 99 | - * @return GeneralNames |
|
| 100 | - */ |
|
| 101 | - public function issuerName(): GeneralNames |
|
| 102 | - { |
|
| 103 | - if (!$this->hasIssuerName()) { |
|
| 104 | - throw new \LogicException("issuerName not set."); |
|
| 105 | - } |
|
| 106 | - return $this->_issuerName; |
|
| 107 | - } |
|
| 95 | + /** |
|
| 96 | + * Get issuer name. |
|
| 97 | + * |
|
| 98 | + * @throws \LogicException |
|
| 99 | + * @return GeneralNames |
|
| 100 | + */ |
|
| 101 | + public function issuerName(): GeneralNames |
|
| 102 | + { |
|
| 103 | + if (!$this->hasIssuerName()) { |
|
| 104 | + throw new \LogicException("issuerName not set."); |
|
| 105 | + } |
|
| 106 | + return $this->_issuerName; |
|
| 107 | + } |
|
| 108 | 108 | |
| 109 | - /** |
|
| 110 | - * Get DN of the issuer. |
|
| 111 | - * |
|
| 112 | - * This is a convenience method conforming to RFC 5755, which states |
|
| 113 | - * that Issuer must contain only one non-empty distinguished name. |
|
| 114 | - * |
|
| 115 | - * @return \X501\ASN1\Name |
|
| 116 | - */ |
|
| 117 | - public function name(): \X501\ASN1\Name |
|
| 118 | - { |
|
| 119 | - return $this->issuerName()->firstDN(); |
|
| 120 | - } |
|
| 109 | + /** |
|
| 110 | + * Get DN of the issuer. |
|
| 111 | + * |
|
| 112 | + * This is a convenience method conforming to RFC 5755, which states |
|
| 113 | + * that Issuer must contain only one non-empty distinguished name. |
|
| 114 | + * |
|
| 115 | + * @return \X501\ASN1\Name |
|
| 116 | + */ |
|
| 117 | + public function name(): \X501\ASN1\Name |
|
| 118 | + { |
|
| 119 | + return $this->issuerName()->firstDN(); |
|
| 120 | + } |
|
| 121 | 121 | |
| 122 | - /** |
|
| 123 | - * |
|
| 124 | - * @see \X509\AttributeCertificate\AttCertIssuer::ASN1() |
|
| 125 | - * @return ImplicitlyTaggedType Tagged Sequence |
|
| 126 | - */ |
|
| 127 | - public function toASN1() |
|
| 128 | - { |
|
| 129 | - $elements = array(); |
|
| 130 | - if (isset($this->_issuerName)) { |
|
| 131 | - $elements[] = $this->_issuerName->toASN1(); |
|
| 132 | - } |
|
| 133 | - if (isset($this->_baseCertificateID)) { |
|
| 134 | - $elements[] = new ImplicitlyTaggedType(0, |
|
| 135 | - $this->_baseCertificateID->toASN1()); |
|
| 136 | - } |
|
| 137 | - if (isset($this->_objectDigestInfo)) { |
|
| 138 | - $elements[] = new ImplicitlyTaggedType(1, |
|
| 139 | - $this->_objectDigestInfo->toASN1()); |
|
| 140 | - } |
|
| 141 | - return new ImplicitlyTaggedType(0, new Sequence(...$elements)); |
|
| 142 | - } |
|
| 122 | + /** |
|
| 123 | + * |
|
| 124 | + * @see \X509\AttributeCertificate\AttCertIssuer::ASN1() |
|
| 125 | + * @return ImplicitlyTaggedType Tagged Sequence |
|
| 126 | + */ |
|
| 127 | + public function toASN1() |
|
| 128 | + { |
|
| 129 | + $elements = array(); |
|
| 130 | + if (isset($this->_issuerName)) { |
|
| 131 | + $elements[] = $this->_issuerName->toASN1(); |
|
| 132 | + } |
|
| 133 | + if (isset($this->_baseCertificateID)) { |
|
| 134 | + $elements[] = new ImplicitlyTaggedType(0, |
|
| 135 | + $this->_baseCertificateID->toASN1()); |
|
| 136 | + } |
|
| 137 | + if (isset($this->_objectDigestInfo)) { |
|
| 138 | + $elements[] = new ImplicitlyTaggedType(1, |
|
| 139 | + $this->_objectDigestInfo->toASN1()); |
|
| 140 | + } |
|
| 141 | + return new ImplicitlyTaggedType(0, new Sequence(...$elements)); |
|
| 142 | + } |
|
| 143 | 143 | |
| 144 | - /** |
|
| 145 | - * |
|
| 146 | - * {@inheritdoc} |
|
| 147 | - * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC() |
|
| 148 | - * @return bool |
|
| 149 | - */ |
|
| 150 | - public function identifiesPKC(Certificate $cert): bool |
|
| 151 | - { |
|
| 152 | - $name = $this->_issuerName->firstDN(); |
|
| 153 | - if (!$cert->tbsCertificate() |
|
| 154 | - ->subject() |
|
| 155 | - ->equals($name)) { |
|
| 156 | - return false; |
|
| 157 | - } |
|
| 158 | - return true; |
|
| 159 | - } |
|
| 144 | + /** |
|
| 145 | + * |
|
| 146 | + * {@inheritdoc} |
|
| 147 | + * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC() |
|
| 148 | + * @return bool |
|
| 149 | + */ |
|
| 150 | + public function identifiesPKC(Certificate $cert): bool |
|
| 151 | + { |
|
| 152 | + $name = $this->_issuerName->firstDN(); |
|
| 153 | + if (!$cert->tbsCertificate() |
|
| 154 | + ->subject() |
|
| 155 | + ->equals($name)) { |
|
| 156 | + return false; |
|
| 157 | + } |
|
| 158 | + return true; |
|
| 159 | + } |
|
| 160 | 160 | } |
@@ -13,131 +13,131 @@ |
||
| 13 | 13 | */ |
| 14 | 14 | class CertificateChain implements \Countable, \IteratorAggregate |
| 15 | 15 | { |
| 16 | - /** |
|
| 17 | - * List of certificates in a chain. |
|
| 18 | - * |
|
| 19 | - * @var Certificate[] |
|
| 20 | - */ |
|
| 21 | - protected $_certs; |
|
| 16 | + /** |
|
| 17 | + * List of certificates in a chain. |
|
| 18 | + * |
|
| 19 | + * @var Certificate[] |
|
| 20 | + */ |
|
| 21 | + protected $_certs; |
|
| 22 | 22 | |
| 23 | - /** |
|
| 24 | - * Constructor. |
|
| 25 | - * |
|
| 26 | - * @param Certificate ...$certs List of certificates, end-entity first |
|
| 27 | - */ |
|
| 28 | - public function __construct(Certificate ...$certs) |
|
| 29 | - { |
|
| 30 | - $this->_certs = $certs; |
|
| 31 | - } |
|
| 23 | + /** |
|
| 24 | + * Constructor. |
|
| 25 | + * |
|
| 26 | + * @param Certificate ...$certs List of certificates, end-entity first |
|
| 27 | + */ |
|
| 28 | + public function __construct(Certificate ...$certs) |
|
| 29 | + { |
|
| 30 | + $this->_certs = $certs; |
|
| 31 | + } |
|
| 32 | 32 | |
| 33 | - /** |
|
| 34 | - * Initialize from a list of PEMs. |
|
| 35 | - * |
|
| 36 | - * @param PEM ...$pems |
|
| 37 | - * @return self |
|
| 38 | - */ |
|
| 39 | - public static function fromPEMs(PEM ...$pems) |
|
| 40 | - { |
|
| 41 | - $certs = array_map( |
|
| 42 | - function (PEM $pem) { |
|
| 43 | - return Certificate::fromPEM($pem); |
|
| 44 | - }, $pems); |
|
| 45 | - return new self(...$certs); |
|
| 46 | - } |
|
| 33 | + /** |
|
| 34 | + * Initialize from a list of PEMs. |
|
| 35 | + * |
|
| 36 | + * @param PEM ...$pems |
|
| 37 | + * @return self |
|
| 38 | + */ |
|
| 39 | + public static function fromPEMs(PEM ...$pems) |
|
| 40 | + { |
|
| 41 | + $certs = array_map( |
|
| 42 | + function (PEM $pem) { |
|
| 43 | + return Certificate::fromPEM($pem); |
|
| 44 | + }, $pems); |
|
| 45 | + return new self(...$certs); |
|
| 46 | + } |
|
| 47 | 47 | |
| 48 | - /** |
|
| 49 | - * Initialize from a string containing multiple PEM blocks. |
|
| 50 | - * |
|
| 51 | - * @param string $str |
|
| 52 | - * @return self |
|
| 53 | - */ |
|
| 54 | - public static function fromPEMString(string $str) |
|
| 55 | - { |
|
| 56 | - $pems = PEMBundle::fromString($str)->all(); |
|
| 57 | - return self::fromPEMs(...$pems); |
|
| 58 | - } |
|
| 48 | + /** |
|
| 49 | + * Initialize from a string containing multiple PEM blocks. |
|
| 50 | + * |
|
| 51 | + * @param string $str |
|
| 52 | + * @return self |
|
| 53 | + */ |
|
| 54 | + public static function fromPEMString(string $str) |
|
| 55 | + { |
|
| 56 | + $pems = PEMBundle::fromString($str)->all(); |
|
| 57 | + return self::fromPEMs(...$pems); |
|
| 58 | + } |
|
| 59 | 59 | |
| 60 | - /** |
|
| 61 | - * Get all certificates in a chain ordered from the end-entity certificate |
|
| 62 | - * to the trust anchor. |
|
| 63 | - * |
|
| 64 | - * @return Certificate[] |
|
| 65 | - */ |
|
| 66 | - public function certificates(): array |
|
| 67 | - { |
|
| 68 | - return $this->_certs; |
|
| 69 | - } |
|
| 60 | + /** |
|
| 61 | + * Get all certificates in a chain ordered from the end-entity certificate |
|
| 62 | + * to the trust anchor. |
|
| 63 | + * |
|
| 64 | + * @return Certificate[] |
|
| 65 | + */ |
|
| 66 | + public function certificates(): array |
|
| 67 | + { |
|
| 68 | + return $this->_certs; |
|
| 69 | + } |
|
| 70 | 70 | |
| 71 | - /** |
|
| 72 | - * Get the end-entity certificate. |
|
| 73 | - * |
|
| 74 | - * @throws \LogicException |
|
| 75 | - * @return Certificate |
|
| 76 | - */ |
|
| 77 | - public function endEntityCertificate(): Certificate |
|
| 78 | - { |
|
| 79 | - if (!count($this->_certs)) { |
|
| 80 | - throw new \LogicException("No certificates."); |
|
| 81 | - } |
|
| 82 | - return $this->_certs[0]; |
|
| 83 | - } |
|
| 71 | + /** |
|
| 72 | + * Get the end-entity certificate. |
|
| 73 | + * |
|
| 74 | + * @throws \LogicException |
|
| 75 | + * @return Certificate |
|
| 76 | + */ |
|
| 77 | + public function endEntityCertificate(): Certificate |
|
| 78 | + { |
|
| 79 | + if (!count($this->_certs)) { |
|
| 80 | + throw new \LogicException("No certificates."); |
|
| 81 | + } |
|
| 82 | + return $this->_certs[0]; |
|
| 83 | + } |
|
| 84 | 84 | |
| 85 | - /** |
|
| 86 | - * Get the trust anchor certificate. |
|
| 87 | - * |
|
| 88 | - * @throws \LogicException |
|
| 89 | - * @return Certificate |
|
| 90 | - */ |
|
| 91 | - public function trustAnchorCertificate(): Certificate |
|
| 92 | - { |
|
| 93 | - if (!count($this->_certs)) { |
|
| 94 | - throw new \LogicException("No certificates."); |
|
| 95 | - } |
|
| 96 | - return $this->_certs[count($this->_certs) - 1]; |
|
| 97 | - } |
|
| 85 | + /** |
|
| 86 | + * Get the trust anchor certificate. |
|
| 87 | + * |
|
| 88 | + * @throws \LogicException |
|
| 89 | + * @return Certificate |
|
| 90 | + */ |
|
| 91 | + public function trustAnchorCertificate(): Certificate |
|
| 92 | + { |
|
| 93 | + if (!count($this->_certs)) { |
|
| 94 | + throw new \LogicException("No certificates."); |
|
| 95 | + } |
|
| 96 | + return $this->_certs[count($this->_certs) - 1]; |
|
| 97 | + } |
|
| 98 | 98 | |
| 99 | - /** |
|
| 100 | - * Convert certificate chain to certification path. |
|
| 101 | - * |
|
| 102 | - * @return CertificationPath |
|
| 103 | - */ |
|
| 104 | - public function certificationPath(): CertificationPath |
|
| 105 | - { |
|
| 106 | - return CertificationPath::fromCertificateChain($this); |
|
| 107 | - } |
|
| 99 | + /** |
|
| 100 | + * Convert certificate chain to certification path. |
|
| 101 | + * |
|
| 102 | + * @return CertificationPath |
|
| 103 | + */ |
|
| 104 | + public function certificationPath(): CertificationPath |
|
| 105 | + { |
|
| 106 | + return CertificationPath::fromCertificateChain($this); |
|
| 107 | + } |
|
| 108 | 108 | |
| 109 | - /** |
|
| 110 | - * Convert certificate chain to string of PEM blocks. |
|
| 111 | - * |
|
| 112 | - * @return string |
|
| 113 | - */ |
|
| 114 | - public function toPEMString(): string |
|
| 115 | - { |
|
| 116 | - return implode("\n", |
|
| 117 | - array_map( |
|
| 118 | - function (Certificate $cert) { |
|
| 119 | - return $cert->toPEM()->string(); |
|
| 120 | - }, $this->_certs)); |
|
| 121 | - } |
|
| 109 | + /** |
|
| 110 | + * Convert certificate chain to string of PEM blocks. |
|
| 111 | + * |
|
| 112 | + * @return string |
|
| 113 | + */ |
|
| 114 | + public function toPEMString(): string |
|
| 115 | + { |
|
| 116 | + return implode("\n", |
|
| 117 | + array_map( |
|
| 118 | + function (Certificate $cert) { |
|
| 119 | + return $cert->toPEM()->string(); |
|
| 120 | + }, $this->_certs)); |
|
| 121 | + } |
|
| 122 | 122 | |
| 123 | - /** |
|
| 124 | - * |
|
| 125 | - * @see \Countable::count() |
|
| 126 | - * @return int |
|
| 127 | - */ |
|
| 128 | - public function count(): int |
|
| 129 | - { |
|
| 130 | - return count($this->_certs); |
|
| 131 | - } |
|
| 123 | + /** |
|
| 124 | + * |
|
| 125 | + * @see \Countable::count() |
|
| 126 | + * @return int |
|
| 127 | + */ |
|
| 128 | + public function count(): int |
|
| 129 | + { |
|
| 130 | + return count($this->_certs); |
|
| 131 | + } |
|
| 132 | 132 | |
| 133 | - /** |
|
| 134 | - * Get iterator for certificates. |
|
| 135 | - * |
|
| 136 | - * @see \IteratorAggregate::getIterator() |
|
| 137 | - * @return \ArrayIterator |
|
| 138 | - */ |
|
| 139 | - public function getIterator(): \ArrayIterator |
|
| 140 | - { |
|
| 141 | - return new \ArrayIterator($this->_certs); |
|
| 142 | - } |
|
| 133 | + /** |
|
| 134 | + * Get iterator for certificates. |
|
| 135 | + * |
|
| 136 | + * @see \IteratorAggregate::getIterator() |
|
| 137 | + * @return \ArrayIterator |
|
| 138 | + */ |
|
| 139 | + public function getIterator(): \ArrayIterator |
|
| 140 | + { |
|
| 141 | + return new \ArrayIterator($this->_certs); |
|
| 142 | + } |
|
| 143 | 143 | } |
@@ -15,87 +15,87 @@ |
||
| 15 | 15 | */ |
| 16 | 16 | class GeneralSubtrees implements \Countable, \IteratorAggregate |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * Subtrees. |
|
| 20 | - * |
|
| 21 | - * @var GeneralSubtree[] $_subtrees |
|
| 22 | - */ |
|
| 23 | - protected $_subtrees; |
|
| 18 | + /** |
|
| 19 | + * Subtrees. |
|
| 20 | + * |
|
| 21 | + * @var GeneralSubtree[] $_subtrees |
|
| 22 | + */ |
|
| 23 | + protected $_subtrees; |
|
| 24 | 24 | |
| 25 | - /** |
|
| 26 | - * Constructor. |
|
| 27 | - * |
|
| 28 | - * @param GeneralSubtree[] $subtrees |
|
| 29 | - */ |
|
| 30 | - public function __construct(GeneralSubtree ...$subtrees) |
|
| 31 | - { |
|
| 32 | - $this->_subtrees = $subtrees; |
|
| 33 | - } |
|
| 25 | + /** |
|
| 26 | + * Constructor. |
|
| 27 | + * |
|
| 28 | + * @param GeneralSubtree[] $subtrees |
|
| 29 | + */ |
|
| 30 | + public function __construct(GeneralSubtree ...$subtrees) |
|
| 31 | + { |
|
| 32 | + $this->_subtrees = $subtrees; |
|
| 33 | + } |
|
| 34 | 34 | |
| 35 | - /** |
|
| 36 | - * Initialize from ASN.1. |
|
| 37 | - * |
|
| 38 | - * @param Sequence $seq |
|
| 39 | - * @return self |
|
| 40 | - */ |
|
| 41 | - public static function fromASN1(Sequence $seq) |
|
| 42 | - { |
|
| 43 | - $subtrees = array_map( |
|
| 44 | - function (UnspecifiedType $el) { |
|
| 45 | - return GeneralSubtree::fromASN1($el->asSequence()); |
|
| 46 | - }, $seq->elements()); |
|
| 47 | - if (!count($subtrees)) { |
|
| 48 | - throw new \UnexpectedValueException( |
|
| 49 | - "GeneralSubtrees must contain at least one GeneralSubtree."); |
|
| 50 | - } |
|
| 51 | - return new self(...$subtrees); |
|
| 52 | - } |
|
| 35 | + /** |
|
| 36 | + * Initialize from ASN.1. |
|
| 37 | + * |
|
| 38 | + * @param Sequence $seq |
|
| 39 | + * @return self |
|
| 40 | + */ |
|
| 41 | + public static function fromASN1(Sequence $seq) |
|
| 42 | + { |
|
| 43 | + $subtrees = array_map( |
|
| 44 | + function (UnspecifiedType $el) { |
|
| 45 | + return GeneralSubtree::fromASN1($el->asSequence()); |
|
| 46 | + }, $seq->elements()); |
|
| 47 | + if (!count($subtrees)) { |
|
| 48 | + throw new \UnexpectedValueException( |
|
| 49 | + "GeneralSubtrees must contain at least one GeneralSubtree."); |
|
| 50 | + } |
|
| 51 | + return new self(...$subtrees); |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - /** |
|
| 55 | - * Get all subtrees. |
|
| 56 | - * |
|
| 57 | - * @return GeneralSubtree[] |
|
| 58 | - */ |
|
| 59 | - public function all(): array |
|
| 60 | - { |
|
| 61 | - return $this->_subtrees; |
|
| 62 | - } |
|
| 54 | + /** |
|
| 55 | + * Get all subtrees. |
|
| 56 | + * |
|
| 57 | + * @return GeneralSubtree[] |
|
| 58 | + */ |
|
| 59 | + public function all(): array |
|
| 60 | + { |
|
| 61 | + return $this->_subtrees; |
|
| 62 | + } |
|
| 63 | 63 | |
| 64 | - /** |
|
| 65 | - * Generate ASN.1 structure. |
|
| 66 | - * |
|
| 67 | - * @return Sequence |
|
| 68 | - */ |
|
| 69 | - public function toASN1(): Sequence |
|
| 70 | - { |
|
| 71 | - if (!count($this->_subtrees)) { |
|
| 72 | - throw new \LogicException("No subtrees."); |
|
| 73 | - } |
|
| 74 | - $elements = array_map( |
|
| 75 | - function (GeneralSubtree $gs) { |
|
| 76 | - return $gs->toASN1(); |
|
| 77 | - }, $this->_subtrees); |
|
| 78 | - return new Sequence(...$elements); |
|
| 79 | - } |
|
| 64 | + /** |
|
| 65 | + * Generate ASN.1 structure. |
|
| 66 | + * |
|
| 67 | + * @return Sequence |
|
| 68 | + */ |
|
| 69 | + public function toASN1(): Sequence |
|
| 70 | + { |
|
| 71 | + if (!count($this->_subtrees)) { |
|
| 72 | + throw new \LogicException("No subtrees."); |
|
| 73 | + } |
|
| 74 | + $elements = array_map( |
|
| 75 | + function (GeneralSubtree $gs) { |
|
| 76 | + return $gs->toASN1(); |
|
| 77 | + }, $this->_subtrees); |
|
| 78 | + return new Sequence(...$elements); |
|
| 79 | + } |
|
| 80 | 80 | |
| 81 | - /** |
|
| 82 | - * |
|
| 83 | - * @see \Countable::count() |
|
| 84 | - * @return int |
|
| 85 | - */ |
|
| 86 | - public function count(): int |
|
| 87 | - { |
|
| 88 | - return count($this->_subtrees); |
|
| 89 | - } |
|
| 81 | + /** |
|
| 82 | + * |
|
| 83 | + * @see \Countable::count() |
|
| 84 | + * @return int |
|
| 85 | + */ |
|
| 86 | + public function count(): int |
|
| 87 | + { |
|
| 88 | + return count($this->_subtrees); |
|
| 89 | + } |
|
| 90 | 90 | |
| 91 | - /** |
|
| 92 | - * Get iterator for subtrees. |
|
| 93 | - * |
|
| 94 | - * @see \IteratorAggregate::getIterator() |
|
| 95 | - * @return \ArrayIterator |
|
| 96 | - */ |
|
| 97 | - public function getIterator(): \ArrayIterator |
|
| 98 | - { |
|
| 99 | - return new \ArrayIterator($this->_subtrees); |
|
| 100 | - } |
|
| 91 | + /** |
|
| 92 | + * Get iterator for subtrees. |
|
| 93 | + * |
|
| 94 | + * @see \IteratorAggregate::getIterator() |
|
| 95 | + * @return \ArrayIterator |
|
| 96 | + */ |
|
| 97 | + public function getIterator(): \ArrayIterator |
|
| 98 | + { |
|
| 99 | + return new \ArrayIterator($this->_subtrees); |
|
| 100 | + } |
|
| 101 | 101 | } |
@@ -16,106 +16,106 @@ |
||
| 16 | 16 | */ |
| 17 | 17 | class BasicConstraintsExtension extends Extension |
| 18 | 18 | { |
| 19 | - /** |
|
| 20 | - * Whether certificate is a CA. |
|
| 21 | - * |
|
| 22 | - * @var boolean $_ca |
|
| 23 | - */ |
|
| 24 | - protected $_ca; |
|
| 19 | + /** |
|
| 20 | + * Whether certificate is a CA. |
|
| 21 | + * |
|
| 22 | + * @var boolean $_ca |
|
| 23 | + */ |
|
| 24 | + protected $_ca; |
|
| 25 | 25 | |
| 26 | - /** |
|
| 27 | - * Maximum certification path length. |
|
| 28 | - * |
|
| 29 | - * @var int|null $_pathLen |
|
| 30 | - */ |
|
| 31 | - protected $_pathLen; |
|
| 26 | + /** |
|
| 27 | + * Maximum certification path length. |
|
| 28 | + * |
|
| 29 | + * @var int|null $_pathLen |
|
| 30 | + */ |
|
| 31 | + protected $_pathLen; |
|
| 32 | 32 | |
| 33 | - /** |
|
| 34 | - * Constructor. |
|
| 35 | - * |
|
| 36 | - * @param bool $critical |
|
| 37 | - * @param bool $ca |
|
| 38 | - * @param int|null $path_len |
|
| 39 | - */ |
|
| 40 | - public function __construct(bool $critical, $ca, $path_len = null) |
|
| 41 | - { |
|
| 42 | - parent::__construct(self::OID_BASIC_CONSTRAINTS, $critical); |
|
| 43 | - $this->_ca = (bool) $ca; |
|
| 44 | - $this->_pathLen = $path_len; |
|
| 45 | - } |
|
| 33 | + /** |
|
| 34 | + * Constructor. |
|
| 35 | + * |
|
| 36 | + * @param bool $critical |
|
| 37 | + * @param bool $ca |
|
| 38 | + * @param int|null $path_len |
|
| 39 | + */ |
|
| 40 | + public function __construct(bool $critical, $ca, $path_len = null) |
|
| 41 | + { |
|
| 42 | + parent::__construct(self::OID_BASIC_CONSTRAINTS, $critical); |
|
| 43 | + $this->_ca = (bool) $ca; |
|
| 44 | + $this->_pathLen = $path_len; |
|
| 45 | + } |
|
| 46 | 46 | |
| 47 | - /** |
|
| 48 | - * |
|
| 49 | - * {@inheritdoc} |
|
| 50 | - * @return self |
|
| 51 | - */ |
|
| 52 | - protected static function _fromDER($data, $critical) |
|
| 53 | - { |
|
| 54 | - $seq = Sequence::fromDER($data); |
|
| 55 | - $ca = false; |
|
| 56 | - $path_len = null; |
|
| 57 | - $idx = 0; |
|
| 58 | - if ($seq->has($idx, Element::TYPE_BOOLEAN)) { |
|
| 59 | - $ca = $seq->at($idx++) |
|
| 60 | - ->asBoolean() |
|
| 61 | - ->value(); |
|
| 62 | - } |
|
| 63 | - if ($seq->has($idx, Element::TYPE_INTEGER)) { |
|
| 64 | - $path_len = $seq->at($idx) |
|
| 65 | - ->asInteger() |
|
| 66 | - ->number(); |
|
| 67 | - } |
|
| 68 | - return new self($critical, $ca, $path_len); |
|
| 69 | - } |
|
| 47 | + /** |
|
| 48 | + * |
|
| 49 | + * {@inheritdoc} |
|
| 50 | + * @return self |
|
| 51 | + */ |
|
| 52 | + protected static function _fromDER($data, $critical) |
|
| 53 | + { |
|
| 54 | + $seq = Sequence::fromDER($data); |
|
| 55 | + $ca = false; |
|
| 56 | + $path_len = null; |
|
| 57 | + $idx = 0; |
|
| 58 | + if ($seq->has($idx, Element::TYPE_BOOLEAN)) { |
|
| 59 | + $ca = $seq->at($idx++) |
|
| 60 | + ->asBoolean() |
|
| 61 | + ->value(); |
|
| 62 | + } |
|
| 63 | + if ($seq->has($idx, Element::TYPE_INTEGER)) { |
|
| 64 | + $path_len = $seq->at($idx) |
|
| 65 | + ->asInteger() |
|
| 66 | + ->number(); |
|
| 67 | + } |
|
| 68 | + return new self($critical, $ca, $path_len); |
|
| 69 | + } |
|
| 70 | 70 | |
| 71 | - /** |
|
| 72 | - * Whether certificate is a CA. |
|
| 73 | - * |
|
| 74 | - * @return bool |
|
| 75 | - */ |
|
| 76 | - public function isCA(): bool |
|
| 77 | - { |
|
| 78 | - return $this->_ca; |
|
| 79 | - } |
|
| 71 | + /** |
|
| 72 | + * Whether certificate is a CA. |
|
| 73 | + * |
|
| 74 | + * @return bool |
|
| 75 | + */ |
|
| 76 | + public function isCA(): bool |
|
| 77 | + { |
|
| 78 | + return $this->_ca; |
|
| 79 | + } |
|
| 80 | 80 | |
| 81 | - /** |
|
| 82 | - * Whether path length is present. |
|
| 83 | - * |
|
| 84 | - * @return bool |
|
| 85 | - */ |
|
| 86 | - public function hasPathLen(): bool |
|
| 87 | - { |
|
| 88 | - return isset($this->_pathLen); |
|
| 89 | - } |
|
| 81 | + /** |
|
| 82 | + * Whether path length is present. |
|
| 83 | + * |
|
| 84 | + * @return bool |
|
| 85 | + */ |
|
| 86 | + public function hasPathLen(): bool |
|
| 87 | + { |
|
| 88 | + return isset($this->_pathLen); |
|
| 89 | + } |
|
| 90 | 90 | |
| 91 | - /** |
|
| 92 | - * Get path length. |
|
| 93 | - * |
|
| 94 | - * @throws \LogicException |
|
| 95 | - * @return int |
|
| 96 | - */ |
|
| 97 | - public function pathLen() |
|
| 98 | - { |
|
| 99 | - if (!$this->hasPathLen()) { |
|
| 100 | - throw new \LogicException("pathLenConstraint not set."); |
|
| 101 | - } |
|
| 102 | - return $this->_pathLen; |
|
| 103 | - } |
|
| 91 | + /** |
|
| 92 | + * Get path length. |
|
| 93 | + * |
|
| 94 | + * @throws \LogicException |
|
| 95 | + * @return int |
|
| 96 | + */ |
|
| 97 | + public function pathLen() |
|
| 98 | + { |
|
| 99 | + if (!$this->hasPathLen()) { |
|
| 100 | + throw new \LogicException("pathLenConstraint not set."); |
|
| 101 | + } |
|
| 102 | + return $this->_pathLen; |
|
| 103 | + } |
|
| 104 | 104 | |
| 105 | - /** |
|
| 106 | - * |
|
| 107 | - * {@inheritdoc} |
|
| 108 | - * @return Sequence |
|
| 109 | - */ |
|
| 110 | - protected function _valueASN1(): Sequence |
|
| 111 | - { |
|
| 112 | - $elements = array(); |
|
| 113 | - if ($this->_ca) { |
|
| 114 | - $elements[] = new Boolean(true); |
|
| 115 | - } |
|
| 116 | - if (isset($this->_pathLen)) { |
|
| 117 | - $elements[] = new Integer($this->_pathLen); |
|
| 118 | - } |
|
| 119 | - return new Sequence(...$elements); |
|
| 120 | - } |
|
| 105 | + /** |
|
| 106 | + * |
|
| 107 | + * {@inheritdoc} |
|
| 108 | + * @return Sequence |
|
| 109 | + */ |
|
| 110 | + protected function _valueASN1(): Sequence |
|
| 111 | + { |
|
| 112 | + $elements = array(); |
|
| 113 | + if ($this->_ca) { |
|
| 114 | + $elements[] = new Boolean(true); |
|
| 115 | + } |
|
| 116 | + if (isset($this->_pathLen)) { |
|
| 117 | + $elements[] = new Integer($this->_pathLen); |
|
| 118 | + } |
|
| 119 | + return new Sequence(...$elements); |
|
| 120 | + } |
|
| 121 | 121 | } |
@@ -14,155 +14,155 @@ |
||
| 14 | 14 | */ |
| 15 | 15 | class KeyUsageExtension extends Extension |
| 16 | 16 | { |
| 17 | - const DIGITAL_SIGNATURE = 0x100; |
|
| 18 | - const NON_REPUDIATION = 0x080; |
|
| 19 | - const KEY_ENCIPHERMENT = 0x040; |
|
| 20 | - const DATA_ENCIPHERMENT = 0x020; |
|
| 21 | - const KEY_AGREEMENT = 0x010; |
|
| 22 | - const KEY_CERT_SIGN = 0x008; |
|
| 23 | - const CRL_SIGN = 0x004; |
|
| 24 | - const ENCIPHER_ONLY = 0x002; |
|
| 25 | - const DECIPHER_ONLY = 0x001; |
|
| 17 | + const DIGITAL_SIGNATURE = 0x100; |
|
| 18 | + const NON_REPUDIATION = 0x080; |
|
| 19 | + const KEY_ENCIPHERMENT = 0x040; |
|
| 20 | + const DATA_ENCIPHERMENT = 0x020; |
|
| 21 | + const KEY_AGREEMENT = 0x010; |
|
| 22 | + const KEY_CERT_SIGN = 0x008; |
|
| 23 | + const CRL_SIGN = 0x004; |
|
| 24 | + const ENCIPHER_ONLY = 0x002; |
|
| 25 | + const DECIPHER_ONLY = 0x001; |
|
| 26 | 26 | |
| 27 | - /** |
|
| 28 | - * Key usage flags. |
|
| 29 | - * |
|
| 30 | - * @var int $_keyUsage |
|
| 31 | - */ |
|
| 32 | - protected $_keyUsage; |
|
| 27 | + /** |
|
| 28 | + * Key usage flags. |
|
| 29 | + * |
|
| 30 | + * @var int $_keyUsage |
|
| 31 | + */ |
|
| 32 | + protected $_keyUsage; |
|
| 33 | 33 | |
| 34 | - /** |
|
| 35 | - * Constructor. |
|
| 36 | - * |
|
| 37 | - * @param bool $critical |
|
| 38 | - * @param int $keyUsage |
|
| 39 | - */ |
|
| 40 | - public function __construct(bool $critical, $keyUsage) |
|
| 41 | - { |
|
| 42 | - parent::__construct(self::OID_KEY_USAGE, $critical); |
|
| 43 | - $this->_keyUsage = (int) $keyUsage; |
|
| 44 | - } |
|
| 34 | + /** |
|
| 35 | + * Constructor. |
|
| 36 | + * |
|
| 37 | + * @param bool $critical |
|
| 38 | + * @param int $keyUsage |
|
| 39 | + */ |
|
| 40 | + public function __construct(bool $critical, $keyUsage) |
|
| 41 | + { |
|
| 42 | + parent::__construct(self::OID_KEY_USAGE, $critical); |
|
| 43 | + $this->_keyUsage = (int) $keyUsage; |
|
| 44 | + } |
|
| 45 | 45 | |
| 46 | - /** |
|
| 47 | - * |
|
| 48 | - * {@inheritdoc} |
|
| 49 | - * @return self |
|
| 50 | - */ |
|
| 51 | - protected static function _fromDER($data, $critical) |
|
| 52 | - { |
|
| 53 | - return new self($critical, |
|
| 54 | - Flags::fromBitString(BitString::fromDER($data), 9)->number()); |
|
| 55 | - } |
|
| 46 | + /** |
|
| 47 | + * |
|
| 48 | + * {@inheritdoc} |
|
| 49 | + * @return self |
|
| 50 | + */ |
|
| 51 | + protected static function _fromDER($data, $critical) |
|
| 52 | + { |
|
| 53 | + return new self($critical, |
|
| 54 | + Flags::fromBitString(BitString::fromDER($data), 9)->number()); |
|
| 55 | + } |
|
| 56 | 56 | |
| 57 | - /** |
|
| 58 | - * Check whether digitalSignature flag is set. |
|
| 59 | - * |
|
| 60 | - * @return bool |
|
| 61 | - */ |
|
| 62 | - public function isDigitalSignature(): bool |
|
| 63 | - { |
|
| 64 | - return $this->_flagSet(self::DIGITAL_SIGNATURE); |
|
| 65 | - } |
|
| 57 | + /** |
|
| 58 | + * Check whether digitalSignature flag is set. |
|
| 59 | + * |
|
| 60 | + * @return bool |
|
| 61 | + */ |
|
| 62 | + public function isDigitalSignature(): bool |
|
| 63 | + { |
|
| 64 | + return $this->_flagSet(self::DIGITAL_SIGNATURE); |
|
| 65 | + } |
|
| 66 | 66 | |
| 67 | - /** |
|
| 68 | - * Check whether nonRepudiation/contentCommitment flag is set. |
|
| 69 | - * |
|
| 70 | - * @return bool |
|
| 71 | - */ |
|
| 72 | - public function isNonRepudiation(): bool |
|
| 73 | - { |
|
| 74 | - return $this->_flagSet(self::NON_REPUDIATION); |
|
| 75 | - } |
|
| 67 | + /** |
|
| 68 | + * Check whether nonRepudiation/contentCommitment flag is set. |
|
| 69 | + * |
|
| 70 | + * @return bool |
|
| 71 | + */ |
|
| 72 | + public function isNonRepudiation(): bool |
|
| 73 | + { |
|
| 74 | + return $this->_flagSet(self::NON_REPUDIATION); |
|
| 75 | + } |
|
| 76 | 76 | |
| 77 | - /** |
|
| 78 | - * Check whether keyEncipherment flag is set. |
|
| 79 | - * |
|
| 80 | - * @return bool |
|
| 81 | - */ |
|
| 82 | - public function isKeyEncipherment(): bool |
|
| 83 | - { |
|
| 84 | - return $this->_flagSet(self::KEY_ENCIPHERMENT); |
|
| 85 | - } |
|
| 77 | + /** |
|
| 78 | + * Check whether keyEncipherment flag is set. |
|
| 79 | + * |
|
| 80 | + * @return bool |
|
| 81 | + */ |
|
| 82 | + public function isKeyEncipherment(): bool |
|
| 83 | + { |
|
| 84 | + return $this->_flagSet(self::KEY_ENCIPHERMENT); |
|
| 85 | + } |
|
| 86 | 86 | |
| 87 | - /** |
|
| 88 | - * Check whether dataEncipherment flag is set. |
|
| 89 | - * |
|
| 90 | - * @return bool |
|
| 91 | - */ |
|
| 92 | - public function isDataEncipherment(): bool |
|
| 93 | - { |
|
| 94 | - return $this->_flagSet(self::DATA_ENCIPHERMENT); |
|
| 95 | - } |
|
| 87 | + /** |
|
| 88 | + * Check whether dataEncipherment flag is set. |
|
| 89 | + * |
|
| 90 | + * @return bool |
|
| 91 | + */ |
|
| 92 | + public function isDataEncipherment(): bool |
|
| 93 | + { |
|
| 94 | + return $this->_flagSet(self::DATA_ENCIPHERMENT); |
|
| 95 | + } |
|
| 96 | 96 | |
| 97 | - /** |
|
| 98 | - * Check whether keyAgreement flag is set. |
|
| 99 | - * |
|
| 100 | - * @return bool |
|
| 101 | - */ |
|
| 102 | - public function isKeyAgreement(): bool |
|
| 103 | - { |
|
| 104 | - return $this->_flagSet(self::KEY_AGREEMENT); |
|
| 105 | - } |
|
| 97 | + /** |
|
| 98 | + * Check whether keyAgreement flag is set. |
|
| 99 | + * |
|
| 100 | + * @return bool |
|
| 101 | + */ |
|
| 102 | + public function isKeyAgreement(): bool |
|
| 103 | + { |
|
| 104 | + return $this->_flagSet(self::KEY_AGREEMENT); |
|
| 105 | + } |
|
| 106 | 106 | |
| 107 | - /** |
|
| 108 | - * Check whether keyCertSign flag is set. |
|
| 109 | - * |
|
| 110 | - * @return bool |
|
| 111 | - */ |
|
| 112 | - public function isKeyCertSign(): bool |
|
| 113 | - { |
|
| 114 | - return $this->_flagSet(self::KEY_CERT_SIGN); |
|
| 115 | - } |
|
| 107 | + /** |
|
| 108 | + * Check whether keyCertSign flag is set. |
|
| 109 | + * |
|
| 110 | + * @return bool |
|
| 111 | + */ |
|
| 112 | + public function isKeyCertSign(): bool |
|
| 113 | + { |
|
| 114 | + return $this->_flagSet(self::KEY_CERT_SIGN); |
|
| 115 | + } |
|
| 116 | 116 | |
| 117 | - /** |
|
| 118 | - * Check whether cRLSign flag is set. |
|
| 119 | - * |
|
| 120 | - * @return bool |
|
| 121 | - */ |
|
| 122 | - public function isCRLSign(): bool |
|
| 123 | - { |
|
| 124 | - return $this->_flagSet(self::CRL_SIGN); |
|
| 125 | - } |
|
| 117 | + /** |
|
| 118 | + * Check whether cRLSign flag is set. |
|
| 119 | + * |
|
| 120 | + * @return bool |
|
| 121 | + */ |
|
| 122 | + public function isCRLSign(): bool |
|
| 123 | + { |
|
| 124 | + return $this->_flagSet(self::CRL_SIGN); |
|
| 125 | + } |
|
| 126 | 126 | |
| 127 | - /** |
|
| 128 | - * Check whether encipherOnly flag is set. |
|
| 129 | - * |
|
| 130 | - * @return bool |
|
| 131 | - */ |
|
| 132 | - public function isEncipherOnly(): bool |
|
| 133 | - { |
|
| 134 | - return $this->_flagSet(self::ENCIPHER_ONLY); |
|
| 135 | - } |
|
| 127 | + /** |
|
| 128 | + * Check whether encipherOnly flag is set. |
|
| 129 | + * |
|
| 130 | + * @return bool |
|
| 131 | + */ |
|
| 132 | + public function isEncipherOnly(): bool |
|
| 133 | + { |
|
| 134 | + return $this->_flagSet(self::ENCIPHER_ONLY); |
|
| 135 | + } |
|
| 136 | 136 | |
| 137 | - /** |
|
| 138 | - * Check whether decipherOnly flag is set. |
|
| 139 | - * |
|
| 140 | - * @return bool |
|
| 141 | - */ |
|
| 142 | - public function isDecipherOnly(): bool |
|
| 143 | - { |
|
| 144 | - return $this->_flagSet(self::DECIPHER_ONLY); |
|
| 145 | - } |
|
| 137 | + /** |
|
| 138 | + * Check whether decipherOnly flag is set. |
|
| 139 | + * |
|
| 140 | + * @return bool |
|
| 141 | + */ |
|
| 142 | + public function isDecipherOnly(): bool |
|
| 143 | + { |
|
| 144 | + return $this->_flagSet(self::DECIPHER_ONLY); |
|
| 145 | + } |
|
| 146 | 146 | |
| 147 | - /** |
|
| 148 | - * Check whether given flag is set. |
|
| 149 | - * |
|
| 150 | - * @param int $flag |
|
| 151 | - * @return boolean |
|
| 152 | - */ |
|
| 153 | - protected function _flagSet($flag): bool |
|
| 154 | - { |
|
| 155 | - return (bool) ($this->_keyUsage & $flag); |
|
| 156 | - } |
|
| 147 | + /** |
|
| 148 | + * Check whether given flag is set. |
|
| 149 | + * |
|
| 150 | + * @param int $flag |
|
| 151 | + * @return boolean |
|
| 152 | + */ |
|
| 153 | + protected function _flagSet($flag): bool |
|
| 154 | + { |
|
| 155 | + return (bool) ($this->_keyUsage & $flag); |
|
| 156 | + } |
|
| 157 | 157 | |
| 158 | - /** |
|
| 159 | - * |
|
| 160 | - * {@inheritdoc} |
|
| 161 | - * @return BitString |
|
| 162 | - */ |
|
| 163 | - protected function _valueASN1(): BitString |
|
| 164 | - { |
|
| 165 | - $flags = new Flags($this->_keyUsage, 9); |
|
| 166 | - return $flags->bitString()->withoutTrailingZeroes(); |
|
| 167 | - } |
|
| 158 | + /** |
|
| 159 | + * |
|
| 160 | + * {@inheritdoc} |
|
| 161 | + * @return BitString |
|
| 162 | + */ |
|
| 163 | + protected function _valueASN1(): BitString |
|
| 164 | + { |
|
| 165 | + $flags = new Flags($this->_keyUsage, 9); |
|
| 166 | + return $flags->bitString()->withoutTrailingZeroes(); |
|
| 167 | + } |
|
| 168 | 168 | } |
@@ -14,136 +14,136 @@ |
||
| 14 | 14 | * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.4 |
| 15 | 15 | */ |
| 16 | 16 | class CertificatePoliciesExtension extends Extension implements |
| 17 | - \Countable, |
|
| 18 | - \IteratorAggregate |
|
| 17 | + \Countable, |
|
| 18 | + \IteratorAggregate |
|
| 19 | 19 | { |
| 20 | - /** |
|
| 21 | - * Policy information terms. |
|
| 22 | - * |
|
| 23 | - * @var PolicyInformation[] $_policies |
|
| 24 | - */ |
|
| 25 | - protected $_policies; |
|
| 20 | + /** |
|
| 21 | + * Policy information terms. |
|
| 22 | + * |
|
| 23 | + * @var PolicyInformation[] $_policies |
|
| 24 | + */ |
|
| 25 | + protected $_policies; |
|
| 26 | 26 | |
| 27 | - /** |
|
| 28 | - * Constructor. |
|
| 29 | - * |
|
| 30 | - * @param bool $critical |
|
| 31 | - * @param PolicyInformation ...$policies |
|
| 32 | - */ |
|
| 33 | - public function __construct($critical, PolicyInformation ...$policies) |
|
| 34 | - { |
|
| 35 | - parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical); |
|
| 36 | - $this->_policies = []; |
|
| 37 | - foreach ($policies as $policy) { |
|
| 38 | - $this->_policies[$policy->oid()] = $policy; |
|
| 39 | - } |
|
| 40 | - } |
|
| 27 | + /** |
|
| 28 | + * Constructor. |
|
| 29 | + * |
|
| 30 | + * @param bool $critical |
|
| 31 | + * @param PolicyInformation ...$policies |
|
| 32 | + */ |
|
| 33 | + public function __construct($critical, PolicyInformation ...$policies) |
|
| 34 | + { |
|
| 35 | + parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical); |
|
| 36 | + $this->_policies = []; |
|
| 37 | + foreach ($policies as $policy) { |
|
| 38 | + $this->_policies[$policy->oid()] = $policy; |
|
| 39 | + } |
|
| 40 | + } |
|
| 41 | 41 | |
| 42 | - /** |
|
| 43 | - * |
|
| 44 | - * {@inheritdoc} |
|
| 45 | - * @return self |
|
| 46 | - */ |
|
| 47 | - protected static function _fromDER($data, $critical) |
|
| 48 | - { |
|
| 49 | - $policies = array_map( |
|
| 50 | - function (UnspecifiedType $el) { |
|
| 51 | - return PolicyInformation::fromASN1($el->asSequence()); |
|
| 52 | - }, Sequence::fromDER($data)->elements()); |
|
| 53 | - if (!count($policies)) { |
|
| 54 | - throw new \UnexpectedValueException( |
|
| 55 | - "certificatePolicies must contain" . |
|
| 56 | - " at least one PolicyInformation."); |
|
| 57 | - } |
|
| 58 | - return new self($critical, ...$policies); |
|
| 59 | - } |
|
| 42 | + /** |
|
| 43 | + * |
|
| 44 | + * {@inheritdoc} |
|
| 45 | + * @return self |
|
| 46 | + */ |
|
| 47 | + protected static function _fromDER($data, $critical) |
|
| 48 | + { |
|
| 49 | + $policies = array_map( |
|
| 50 | + function (UnspecifiedType $el) { |
|
| 51 | + return PolicyInformation::fromASN1($el->asSequence()); |
|
| 52 | + }, Sequence::fromDER($data)->elements()); |
|
| 53 | + if (!count($policies)) { |
|
| 54 | + throw new \UnexpectedValueException( |
|
| 55 | + "certificatePolicies must contain" . |
|
| 56 | + " at least one PolicyInformation."); |
|
| 57 | + } |
|
| 58 | + return new self($critical, ...$policies); |
|
| 59 | + } |
|
| 60 | 60 | |
| 61 | - /** |
|
| 62 | - * Check whether policy information by OID is present. |
|
| 63 | - * |
|
| 64 | - * @param string $oid |
|
| 65 | - * @return bool |
|
| 66 | - */ |
|
| 67 | - public function has(string $oid): bool |
|
| 68 | - { |
|
| 69 | - return isset($this->_policies[$oid]); |
|
| 70 | - } |
|
| 61 | + /** |
|
| 62 | + * Check whether policy information by OID is present. |
|
| 63 | + * |
|
| 64 | + * @param string $oid |
|
| 65 | + * @return bool |
|
| 66 | + */ |
|
| 67 | + public function has(string $oid): bool |
|
| 68 | + { |
|
| 69 | + return isset($this->_policies[$oid]); |
|
| 70 | + } |
|
| 71 | 71 | |
| 72 | - /** |
|
| 73 | - * Get policy information by OID. |
|
| 74 | - * |
|
| 75 | - * @param string $oid |
|
| 76 | - * @throws \LogicException |
|
| 77 | - * @return PolicyInformation |
|
| 78 | - */ |
|
| 79 | - public function get(string $oid): PolicyInformation |
|
| 80 | - { |
|
| 81 | - if (!$this->has($oid)) { |
|
| 82 | - throw new \LogicException("Not certificate policy by OID $oid."); |
|
| 83 | - } |
|
| 84 | - return $this->_policies[$oid]; |
|
| 85 | - } |
|
| 72 | + /** |
|
| 73 | + * Get policy information by OID. |
|
| 74 | + * |
|
| 75 | + * @param string $oid |
|
| 76 | + * @throws \LogicException |
|
| 77 | + * @return PolicyInformation |
|
| 78 | + */ |
|
| 79 | + public function get(string $oid): PolicyInformation |
|
| 80 | + { |
|
| 81 | + if (!$this->has($oid)) { |
|
| 82 | + throw new \LogicException("Not certificate policy by OID $oid."); |
|
| 83 | + } |
|
| 84 | + return $this->_policies[$oid]; |
|
| 85 | + } |
|
| 86 | 86 | |
| 87 | - /** |
|
| 88 | - * Check whether anyPolicy is present. |
|
| 89 | - * |
|
| 90 | - * @return bool |
|
| 91 | - */ |
|
| 92 | - public function hasAnyPolicy(): bool |
|
| 93 | - { |
|
| 94 | - return $this->has(PolicyInformation::OID_ANY_POLICY); |
|
| 95 | - } |
|
| 87 | + /** |
|
| 88 | + * Check whether anyPolicy is present. |
|
| 89 | + * |
|
| 90 | + * @return bool |
|
| 91 | + */ |
|
| 92 | + public function hasAnyPolicy(): bool |
|
| 93 | + { |
|
| 94 | + return $this->has(PolicyInformation::OID_ANY_POLICY); |
|
| 95 | + } |
|
| 96 | 96 | |
| 97 | - /** |
|
| 98 | - * Get anyPolicy information. |
|
| 99 | - * |
|
| 100 | - * @throws \LogicException If anyPolicy is not present. |
|
| 101 | - * @return PolicyInformation |
|
| 102 | - */ |
|
| 103 | - public function anyPolicy(): PolicyInformation |
|
| 104 | - { |
|
| 105 | - if (!$this->hasAnyPolicy()) { |
|
| 106 | - throw new \LogicException("No anyPolicy."); |
|
| 107 | - } |
|
| 108 | - return $this->get(PolicyInformation::OID_ANY_POLICY); |
|
| 109 | - } |
|
| 97 | + /** |
|
| 98 | + * Get anyPolicy information. |
|
| 99 | + * |
|
| 100 | + * @throws \LogicException If anyPolicy is not present. |
|
| 101 | + * @return PolicyInformation |
|
| 102 | + */ |
|
| 103 | + public function anyPolicy(): PolicyInformation |
|
| 104 | + { |
|
| 105 | + if (!$this->hasAnyPolicy()) { |
|
| 106 | + throw new \LogicException("No anyPolicy."); |
|
| 107 | + } |
|
| 108 | + return $this->get(PolicyInformation::OID_ANY_POLICY); |
|
| 109 | + } |
|
| 110 | 110 | |
| 111 | - /** |
|
| 112 | - * |
|
| 113 | - * {@inheritdoc} |
|
| 114 | - * @return Sequence |
|
| 115 | - */ |
|
| 116 | - protected function _valueASN1(): Sequence |
|
| 117 | - { |
|
| 118 | - if (!count($this->_policies)) { |
|
| 119 | - throw new \LogicException("No policies."); |
|
| 120 | - } |
|
| 121 | - $elements = array_map( |
|
| 122 | - function (PolicyInformation $pi) { |
|
| 123 | - return $pi->toASN1(); |
|
| 124 | - }, array_values($this->_policies)); |
|
| 125 | - return new Sequence(...$elements); |
|
| 126 | - } |
|
| 111 | + /** |
|
| 112 | + * |
|
| 113 | + * {@inheritdoc} |
|
| 114 | + * @return Sequence |
|
| 115 | + */ |
|
| 116 | + protected function _valueASN1(): Sequence |
|
| 117 | + { |
|
| 118 | + if (!count($this->_policies)) { |
|
| 119 | + throw new \LogicException("No policies."); |
|
| 120 | + } |
|
| 121 | + $elements = array_map( |
|
| 122 | + function (PolicyInformation $pi) { |
|
| 123 | + return $pi->toASN1(); |
|
| 124 | + }, array_values($this->_policies)); |
|
| 125 | + return new Sequence(...$elements); |
|
| 126 | + } |
|
| 127 | 127 | |
| 128 | - /** |
|
| 129 | - * Get the number of policies. |
|
| 130 | - * |
|
| 131 | - * @see \Countable::count() |
|
| 132 | - * @return int |
|
| 133 | - */ |
|
| 134 | - public function count(): int |
|
| 135 | - { |
|
| 136 | - return count($this->_policies); |
|
| 137 | - } |
|
| 128 | + /** |
|
| 129 | + * Get the number of policies. |
|
| 130 | + * |
|
| 131 | + * @see \Countable::count() |
|
| 132 | + * @return int |
|
| 133 | + */ |
|
| 134 | + public function count(): int |
|
| 135 | + { |
|
| 136 | + return count($this->_policies); |
|
| 137 | + } |
|
| 138 | 138 | |
| 139 | - /** |
|
| 140 | - * Get iterator for policy information terms. |
|
| 141 | - * |
|
| 142 | - * @see \IteratorAggregate::getIterator() |
|
| 143 | - * @return \ArrayIterator |
|
| 144 | - */ |
|
| 145 | - public function getIterator(): \ArrayIterator |
|
| 146 | - { |
|
| 147 | - return new \ArrayIterator($this->_policies); |
|
| 148 | - } |
|
| 139 | + /** |
|
| 140 | + * Get iterator for policy information terms. |
|
| 141 | + * |
|
| 142 | + * @see \IteratorAggregate::getIterator() |
|
| 143 | + * @return \ArrayIterator |
|
| 144 | + */ |
|
| 145 | + public function getIterator(): \ArrayIterator |
|
| 146 | + { |
|
| 147 | + return new \ArrayIterator($this->_policies); |
|
| 148 | + } |
|
| 149 | 149 | } |
