Inspection of "Fix documentation" - sop/x509 - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( f7ba31...da62d3 )

by Joni

created 2017-11-07 09:26 UTC

Status

Indentation +75 added lines, -75 removed lines patch added patch discarded remove patch

@@ -13,86 +13,86 @@
 block discarded – undo
  */
 class Validity
 {
-    /**
-     * Not before time.
-     *
-     * @var Time $_notBefore
-     */
-    protected $_notBefore;
+	/**
+	 * Not before time.
+	 *
+	 * @var Time $_notBefore
+	 */
+	protected $_notBefore;
     
-    /**
-     * Not after time.
-     *
-     * @var Time $_notAfter
-     */
-    protected $_notAfter;
+	/**
+	 * Not after time.
+	 *
+	 * @var Time $_notAfter
+	 */
+	protected $_notAfter;
     
-    /**
-     * Constructor.
-     *
-     * @param Time $not_before
-     * @param Time $not_after
-     */
-    public function __construct(Time $not_before, Time $not_after)
-    {
-        $this->_notBefore = $not_before;
-        $this->_notAfter = $not_after;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Time $not_before
+	 * @param Time $not_after
+	 */
+	public function __construct(Time $not_before, Time $not_after)
+	{
+		$this->_notBefore = $not_before;
+		$this->_notAfter = $not_after;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $nb = Time::fromASN1($seq->at(0)->asTime());
-        $na = Time::fromASN1($seq->at(1)->asTime());
-        return new self($nb, $na);
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$nb = Time::fromASN1($seq->at(0)->asTime());
+		$na = Time::fromASN1($seq->at(1)->asTime());
+		return new self($nb, $na);
+	}
     
-    /**
-     * Initialize from date strings.
-     *
-     * @param string|null $nb_date Not before date
-     * @param string|null $na_date Not after date
-     * @param string|null $tz Timezone string
-     * @return self
-     */
-    public static function fromStrings($nb_date, $na_date, $tz = null): self
-    {
-        return new self(Time::fromString($nb_date, $tz),
-            Time::fromString($na_date, $tz));
-    }
+	/**
+	 * Initialize from date strings.
+	 *
+	 * @param string|null $nb_date Not before date
+	 * @param string|null $na_date Not after date
+	 * @param string|null $tz Timezone string
+	 * @return self
+	 */
+	public static function fromStrings($nb_date, $na_date, $tz = null): self
+	{
+		return new self(Time::fromString($nb_date, $tz),
+			Time::fromString($na_date, $tz));
+	}
     
-    /**
-     * Get not before time.
-     *
-     * @return Time
-     */
-    public function notBefore(): Time
-    {
-        return $this->_notBefore;
-    }
+	/**
+	 * Get not before time.
+	 *
+	 * @return Time
+	 */
+	public function notBefore(): Time
+	{
+		return $this->_notBefore;
+	}
     
-    /**
-     * Get not after time.
-     *
-     * @return Time
-     */
-    public function notAfter(): Time
-    {
-        return $this->_notAfter;
-    }
+	/**
+	 * Get not after time.
+	 *
+	 * @return Time
+	 */
+	public function notAfter(): Time
+	{
+		return $this->_notAfter;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        return new Sequence($this->_notBefore->toASN1(),
-            $this->_notAfter->toASN1());
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		return new Sequence($this->_notBefore->toASN1(),
+			$this->_notAfter->toASN1());
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/CertificateBundle.php 2 patches

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -53,7 +53,7 @@
 block discarded – undo
     public static function fromPEMs(PEM ...$pems): self
     {
         $certs = array_map(
-            function ($pem) {
+            function($pem) {
                 return Certificate::fromPEM($pem);
             }, $pems);
         return new self(...$certs);

Please login to merge, or discard this patch.

Indentation +189 added lines, -189 removed lines patch added patch discarded remove patch

@@ -12,208 +12,208 @@
 block discarded – undo
  */
 class CertificateBundle implements \Countable, \IteratorAggregate
 {
-    /**
-     * Certificates.
-     *
-     * @var Certificate[] $_certs
-     */
-    protected $_certs;
+	/**
+	 * Certificates.
+	 *
+	 * @var Certificate[] $_certs
+	 */
+	protected $_certs;
     
-    /**
-     * Mapping from public key id to array of certificates.
-     *
-     * @var null|(Certificate[])[]
-     */
-    private $_keyIdMap;
+	/**
+	 * Mapping from public key id to array of certificates.
+	 *
+	 * @var null|(Certificate[])[]
+	 */
+	private $_keyIdMap;
     
-    /**
-     * Constructor.
-     *
-     * @param Certificate ...$certs Certificate objects
-     */
-    public function __construct(Certificate ...$certs)
-    {
-        $this->_certs = $certs;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Certificate ...$certs Certificate objects
+	 */
+	public function __construct(Certificate ...$certs)
+	{
+		$this->_certs = $certs;
+	}
     
-    /**
-     * Reset internal cached variables on clone.
-     */
-    public function __clone()
-    {
-        $this->_keyIdMap = null;
-    }
+	/**
+	 * Reset internal cached variables on clone.
+	 */
+	public function __clone()
+	{
+		$this->_keyIdMap = null;
+	}
     
-    /**
-     * Initialize from PEMs.
-     *
-     * @param PEM ...$pems PEM objects
-     * @return self
-     */
-    public static function fromPEMs(PEM ...$pems): self
-    {
-        $certs = array_map(
-            function ($pem) {
-                return Certificate::fromPEM($pem);
-            }, $pems);
-        return new self(...$certs);
-    }
+	/**
+	 * Initialize from PEMs.
+	 *
+	 * @param PEM ...$pems PEM objects
+	 * @return self
+	 */
+	public static function fromPEMs(PEM ...$pems): self
+	{
+		$certs = array_map(
+			function ($pem) {
+				return Certificate::fromPEM($pem);
+			}, $pems);
+		return new self(...$certs);
+	}
     
-    /**
-     * Initialize from PEM bundle.
-     *
-     * @param PEMBundle $pem_bundle
-     * @return self
-     */
-    public static function fromPEMBundle(PEMBundle $pem_bundle): self
-    {
-        return self::fromPEMs(...$pem_bundle->all());
-    }
+	/**
+	 * Initialize from PEM bundle.
+	 *
+	 * @param PEMBundle $pem_bundle
+	 * @return self
+	 */
+	public static function fromPEMBundle(PEMBundle $pem_bundle): self
+	{
+		return self::fromPEMs(...$pem_bundle->all());
+	}
     
-    /**
-     * Get self with certificates added.
-     *
-     * @param Certificate ...$cert
-     * @return self
-     */
-    public function withCertificates(Certificate ...$cert): self
-    {
-        $obj = clone $this;
-        $obj->_certs = array_merge($obj->_certs, $cert);
-        return $obj;
-    }
+	/**
+	 * Get self with certificates added.
+	 *
+	 * @param Certificate ...$cert
+	 * @return self
+	 */
+	public function withCertificates(Certificate ...$cert): self
+	{
+		$obj = clone $this;
+		$obj->_certs = array_merge($obj->_certs, $cert);
+		return $obj;
+	}
     
-    /**
-     * Get self with certificates from PEMBundle added.
-     *
-     * @param PEMBundle $pem_bundle
-     * @return self
-     */
-    public function withPEMBundle(PEMBundle $pem_bundle): self
-    {
-        $certs = $this->_certs;
-        foreach ($pem_bundle as $pem) {
-            $certs[] = Certificate::fromPEM($pem);
-        }
-        return new self(...$certs);
-    }
+	/**
+	 * Get self with certificates from PEMBundle added.
+	 *
+	 * @param PEMBundle $pem_bundle
+	 * @return self
+	 */
+	public function withPEMBundle(PEMBundle $pem_bundle): self
+	{
+		$certs = $this->_certs;
+		foreach ($pem_bundle as $pem) {
+			$certs[] = Certificate::fromPEM($pem);
+		}
+		return new self(...$certs);
+	}
     
-    /**
-     * Get self with single certificate from PEM added.
-     *
-     * @param PEM $pem
-     * @return self
-     */
-    public function withPEM(PEM $pem): self
-    {
-        $certs = $this->_certs;
-        $certs[] = Certificate::fromPEM($pem);
-        return new self(...$certs);
-    }
+	/**
+	 * Get self with single certificate from PEM added.
+	 *
+	 * @param PEM $pem
+	 * @return self
+	 */
+	public function withPEM(PEM $pem): self
+	{
+		$certs = $this->_certs;
+		$certs[] = Certificate::fromPEM($pem);
+		return new self(...$certs);
+	}
     
-    /**
-     * Check whether bundle contains a given certificate.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    public function contains(Certificate $cert): bool
-    {
-        $id = self::_getCertKeyId($cert);
-        $map = $this->_getKeyIdMap();
-        if (!isset($map[$id])) {
-            return false;
-        }
-        foreach ($map[$id] as $c) {
-            /** @var Certificate $c */
-            if ($cert->equals($c)) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether bundle contains a given certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	public function contains(Certificate $cert): bool
+	{
+		$id = self::_getCertKeyId($cert);
+		$map = $this->_getKeyIdMap();
+		if (!isset($map[$id])) {
+			return false;
+		}
+		foreach ($map[$id] as $c) {
+			/** @var Certificate $c */
+			if ($cert->equals($c)) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Get all certificates that have given subject key identifier.
-     *
-     * @param string $id
-     * @return Certificate[]
-     */
-    public function allBySubjectKeyIdentifier(string $id): array
-    {
-        $map = $this->_getKeyIdMap();
-        if (!isset($map[$id])) {
-            return array();
-        }
-        return $map[$id];
-    }
+	/**
+	 * Get all certificates that have given subject key identifier.
+	 *
+	 * @param string $id
+	 * @return Certificate[]
+	 */
+	public function allBySubjectKeyIdentifier(string $id): array
+	{
+		$map = $this->_getKeyIdMap();
+		if (!isset($map[$id])) {
+			return array();
+		}
+		return $map[$id];
+	}
     
-    /**
-     * Get all certificates in a bundle.
-     *
-     * @return Certificate[]
-     */
-    public function all(): array
-    {
-        return $this->_certs;
-    }
+	/**
+	 * Get all certificates in a bundle.
+	 *
+	 * @return Certificate[]
+	 */
+	public function all(): array
+	{
+		return $this->_certs;
+	}
     
-    /**
-     * Get certificate mapping by public key id.
-     *
-     * @return (Certificate[])[]
-     */
-    private function _getKeyIdMap(): array
-    {
-        // lazily build mapping
-        if (!isset($this->_keyIdMap)) {
-            $this->_keyIdMap = array();
-            foreach ($this->_certs as $cert) {
-                $id = self::_getCertKeyId($cert);
-                if (!isset($this->_keyIdMap[$id])) {
-                    $this->_keyIdMap[$id] = array();
-                }
-                array_push($this->_keyIdMap[$id], $cert);
-            }
-        }
-        return $this->_keyIdMap;
-    }
+	/**
+	 * Get certificate mapping by public key id.
+	 *
+	 * @return (Certificate[])[]
+	 */
+	private function _getKeyIdMap(): array
+	{
+		// lazily build mapping
+		if (!isset($this->_keyIdMap)) {
+			$this->_keyIdMap = array();
+			foreach ($this->_certs as $cert) {
+				$id = self::_getCertKeyId($cert);
+				if (!isset($this->_keyIdMap[$id])) {
+					$this->_keyIdMap[$id] = array();
+				}
+				array_push($this->_keyIdMap[$id], $cert);
+			}
+		}
+		return $this->_keyIdMap;
+	}
     
-    /**
-     * Get public key id for the certificate.
-     *
-     * @param Certificate $cert
-     * @return string
-     */
-    private static function _getCertKeyId(Certificate $cert): string
-    {
-        $exts = $cert->tbsCertificate()->extensions();
-        if ($exts->hasSubjectKeyIdentifier()) {
-            return $exts->subjectKeyIdentifier()->keyIdentifier();
-        }
-        return $cert->tbsCertificate()
-            ->subjectPublicKeyInfo()
-            ->keyIdentifier();
-    }
+	/**
+	 * Get public key id for the certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return string
+	 */
+	private static function _getCertKeyId(Certificate $cert): string
+	{
+		$exts = $cert->tbsCertificate()->extensions();
+		if ($exts->hasSubjectKeyIdentifier()) {
+			return $exts->subjectKeyIdentifier()->keyIdentifier();
+		}
+		return $cert->tbsCertificate()
+			->subjectPublicKeyInfo()
+			->keyIdentifier();
+	}
     
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_certs);
-    }
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_certs);
+	}
     
-    /**
-     * Get iterator for certificates.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_certs);
-    }
+	/**
+	 * Get iterator for certificates.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_certs);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/Extensions.php 2 patches

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -47,7 +47,7 @@  discard block
 block discarded – undo
     public static function fromASN1(Sequence $seq): self
     {
         $extensions = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return Ext\Extension::fromASN1($el->asSequence());
             }, $seq->elements());
         return new self(...$extensions);
@@ -62,7 +62,7 @@  discard block
 block discarded – undo
     {
         $elements = array_values(
             array_map(
-                function ($ext) {
+                function($ext) {
                     return $ext->toASN1();
                 }, $this->_extensions));
         return new Sequence(...$elements);

Please login to merge, or discard this patch.

Indentation +410 added lines, -410 removed lines patch added patch discarded remove patch

@@ -18,414 +18,414 @@
 block discarded – undo
  */
 class Extensions implements \Countable, \IteratorAggregate
 {
-    /**
-     * Extensions.
-     *
-     * @var Extension\Extension[] $_extensions
-     */
-    protected $_extensions;
-    
-    /**
-     * Constructor.
-     *
-     * @param Ext\Extension ...$extensions Extension objects
-     */
-    public function __construct(Ext\Extension ...$extensions)
-    {
-        $this->_extensions = array();
-        foreach ($extensions as $ext) {
-            $this->_extensions[$ext->oid()] = $ext;
-        }
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $extensions = array_map(
-            function (UnspecifiedType $el) {
-                return Ext\Extension::fromASN1($el->asSequence());
-            }, $seq->elements());
-        return new self(...$extensions);
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array_values(
-            array_map(
-                function ($ext) {
-                    return $ext->toASN1();
-                }, $this->_extensions));
-        return new Sequence(...$elements);
-    }
-    
-    /**
-     * Get self with extensions added.
-     *
-     * @param Ext\Extension ...$exts One or more extensions to add
-     * @return self
-     */
-    public function withExtensions(Ext\Extension ...$exts): self
-    {
-        $obj = clone $this;
-        foreach ($exts as $ext) {
-            $obj->_extensions[$ext->oid()] = $ext;
-        }
-        return $obj;
-    }
-    
-    /**
-     * Check whether extension is present.
-     *
-     * @param string $oid Extensions OID
-     * @return bool
-     */
-    public function has(string $oid): bool
-    {
-        return isset($this->_extensions[$oid]);
-    }
-    
-    /**
-     * Get extension by OID.
-     *
-     * @param string $oid
-     * @throws \LogicException If extension is not present
-     * @return Extension\Extension
-     */
-    public function get(string $oid): Ext\Extension
-    {
-        if (!$this->has($oid)) {
-            throw new \LogicException("No extension by OID $oid.");
-        }
-        return $this->_extensions[$oid];
-    }
-    
-    /**
-     * Check whether 'Authority Key Identifier' extension is present.
-     *
-     * @return bool
-     */
-    public function hasAuthorityKeyIdentifier(): bool
-    {
-        return $this->has(Ext\Extension::OID_AUTHORITY_KEY_IDENTIFIER);
-    }
-    
-    /**
-     * Get 'Authority Key Identifier' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\AuthorityKeyIdentifierExtension
-     */
-    public function authorityKeyIdentifier(): Ext\AuthorityKeyIdentifierExtension
-    {
-        /** @var Extension\AuthorityKeyIdentifierExtension $keyIdentifier */
-        $keyIdentifier = $this->get(Ext\Extension::OID_AUTHORITY_KEY_IDENTIFIER);
-        return $keyIdentifier;
-    }
-    
-    /**
-     * Check whether 'Subject Key Identifier' extension is present.
-     *
-     * @return bool
-     */
-    public function hasSubjectKeyIdentifier(): bool
-    {
-        return $this->has(Ext\Extension::OID_SUBJECT_KEY_IDENTIFIER);
-    }
-    
-    /**
-     * Get 'Subject Key Identifier' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\SubjectKeyIdentifierExtension
-     */
-    public function subjectKeyIdentifier(): Ext\SubjectKeyIdentifierExtension
-    {
-        /** @var Extension\SubjectKeyIdentifierExtension $subjectKeyIdentifier */
-        $subjectKeyIdentifier = $this->get(
-            Ext\Extension::OID_SUBJECT_KEY_IDENTIFIER);
-        return $subjectKeyIdentifier;
-    }
-    
-    /**
-     * Check whether 'Key Usage' extension is present.
-     *
-     * @return bool
-     */
-    public function hasKeyUsage(): bool
-    {
-        return $this->has(Ext\Extension::OID_KEY_USAGE);
-    }
-    
-    /**
-     * Get 'Key Usage' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\KeyUsageExtension
-     */
-    public function keyUsage(): Ext\KeyUsageExtension
-    {
-        /** @var Extension\KeyUsageExtension $keyUsage */
-        $keyUsage = $this->get(Ext\Extension::OID_KEY_USAGE);
-        return $keyUsage;
-    }
-    
-    /**
-     * Check whether 'Certificate Policies' extension is present.
-     *
-     * @return bool
-     */
-    public function hasCertificatePolicies(): bool
-    {
-        return $this->has(Ext\Extension::OID_CERTIFICATE_POLICIES);
-    }
-    
-    /**
-     * Get 'Certificate Policies' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\CertificatePoliciesExtension
-     */
-    public function certificatePolicies(): Ext\CertificatePoliciesExtension
-    {
-        /** @var Extension\CertificatePoliciesExtension $certPolicies */
-        $certPolicies = $this->get(Ext\Extension::OID_CERTIFICATE_POLICIES);
-        return $certPolicies;
-    }
-    
-    /**
-     * Check whether 'Policy Mappings' extension is present.
-     *
-     * @return bool
-     */
-    public function hasPolicyMappings(): bool
-    {
-        return $this->has(Ext\Extension::OID_POLICY_MAPPINGS);
-    }
-    
-    /**
-     * Get 'Policy Mappings' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\PolicyMappingsExtension
-     */
-    public function policyMappings(): Ext\PolicyMappingsExtension
-    {
-        /** @var Extension\PolicyMappingsExtension $policyMappings */
-        $policyMappings = $this->get(Ext\Extension::OID_POLICY_MAPPINGS);
-        return $policyMappings;
-    }
-    
-    /**
-     * Check whether 'Subject Alternative Name' extension is present.
-     *
-     * @return bool
-     */
-    public function hasSubjectAlternativeName(): bool
-    {
-        return $this->has(Ext\Extension::OID_SUBJECT_ALT_NAME);
-    }
-    
-    /**
-     * Get 'Subject Alternative Name' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\SubjectAlternativeNameExtension
-     */
-    public function subjectAlternativeName(): Ext\SubjectAlternativeNameExtension
-    {
-        /** @var Extension\SubjectAlternativeNameExtension $subjectAltName */
-        $subjectAltName = $this->get(Ext\Extension::OID_SUBJECT_ALT_NAME);
-        return $subjectAltName;
-    }
-    
-    /**
-     * Check whether 'Issuer Alternative Name' extension is present.
-     *
-     * @return bool
-     */
-    public function hasIssuerAlternativeName(): bool
-    {
-        return $this->has(Ext\Extension::OID_ISSUER_ALT_NAME);
-    }
-    
-    /**
-     * Get 'Issuer Alternative Name' extension.
-     *
-     * @return \X509\Certificate\Extension\IssuerAlternativeNameExtension
-     */
-    public function issuerAlternativeName(): Ext\IssuerAlternativeNameExtension
-    {
-        /** @var Extension\IssuerAlternativeNameExtension $issuerAltName */
-        $issuerAltName = $this->get(Ext\Extension::OID_ISSUER_ALT_NAME);
-        return $issuerAltName;
-    }
-    
-    /**
-     * Check whether 'Basic Constraints' extension is present.
-     *
-     * @return bool
-     */
-    public function hasBasicConstraints(): bool
-    {
-        return $this->has(Ext\Extension::OID_BASIC_CONSTRAINTS);
-    }
-    
-    /**
-     * Get 'Basic Constraints' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\BasicConstraintsExtension
-     */
-    public function basicConstraints(): Ext\BasicConstraintsExtension
-    {
-        /** @var Extension\BasicConstraintsExtension $basicConstraints */
-        $basicConstraints = $this->get(Ext\Extension::OID_BASIC_CONSTRAINTS);
-        return $basicConstraints;
-    }
-    
-    /**
-     * Check whether 'Name Constraints' extension is present.
-     *
-     * @return bool
-     */
-    public function hasNameConstraints(): bool
-    {
-        return $this->has(Ext\Extension::OID_NAME_CONSTRAINTS);
-    }
-    
-    /**
-     * Get 'Name Constraints' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\NameConstraintsExtension
-     */
-    public function nameConstraints(): Ext\NameConstraintsExtension
-    {
-        /** @var Extension\NameConstraintsExtension $nameConstraints */
-        $nameConstraints = $this->get(Ext\Extension::OID_NAME_CONSTRAINTS);
-        return $nameConstraints;
-    }
-    
-    /**
-     * Check whether 'Policy Constraints' extension is present.
-     *
-     * @return bool
-     */
-    public function hasPolicyConstraints(): bool
-    {
-        return $this->has(Ext\Extension::OID_POLICY_CONSTRAINTS);
-    }
-    
-    /**
-     * Get 'Policy Constraints' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\PolicyConstraintsExtension
-     */
-    public function policyConstraints(): Ext\PolicyConstraintsExtension
-    {
-        /** @var Extension\PolicyConstraintsExtension $policyConstraints */
-        $policyConstraints = $this->get(Ext\Extension::OID_POLICY_CONSTRAINTS);
-        return $policyConstraints;
-    }
-    
-    /**
-     * Check whether 'Extended Key Usage' extension is present.
-     *
-     * @return bool
-     */
-    public function hasExtendedKeyUsage(): bool
-    {
-        return $this->has(Ext\Extension::OID_EXT_KEY_USAGE);
-    }
-    
-    /**
-     * Get 'Extended Key Usage' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\ExtendedKeyUsageExtension
-     */
-    public function extendedKeyUsage(): Ext\ExtendedKeyUsageExtension
-    {
-        /** @var Extension\ExtendedKeyUsageExtension $keyUsage */
-        $keyUsage = $this->get(Ext\Extension::OID_EXT_KEY_USAGE);
-        return $keyUsage;
-    }
-    
-    /**
-     * Check whether 'CRL Distribution Points' extension is present.
-     *
-     * @return bool
-     */
-    public function hasCRLDistributionPoints(): bool
-    {
-        return $this->has(Ext\Extension::OID_CRL_DISTRIBUTION_POINTS);
-    }
-    
-    /**
-     * Get 'CRL Distribution Points' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\CRLDistributionPointsExtension
-     */
-    public function crlDistributionPoints(): Ext\CRLDistributionPointsExtension
-    {
-        /** @var Extension\CRLDistributionPointsExtension $crlDist */
-        $crlDist = $this->get(Ext\Extension::OID_CRL_DISTRIBUTION_POINTS);
-        return $crlDist;
-    }
-    
-    /**
-     * Check whether 'Inhibit anyPolicy' extension is present.
-     *
-     * @return bool
-     */
-    public function hasInhibitAnyPolicy(): bool
-    {
-        return $this->has(Ext\Extension::OID_INHIBIT_ANY_POLICY);
-    }
-    
-    /**
-     * Get 'Inhibit anyPolicy' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\InhibitAnyPolicyExtension
-     */
-    public function inhibitAnyPolicy(): Ext\InhibitAnyPolicyExtension
-    {
-        /** @var Extension\InhibitAnyPolicyExtension $inhibitAny */
-        $inhibitAny = $this->get(Ext\Extension::OID_INHIBIT_ANY_POLICY);
-        return $inhibitAny;
-    }
-    
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_extensions);
-    }
-    
-    /**
-     * Get iterator for extensions.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \Traversable
-     */
-    public function getIterator(): \Traversable
-    {
-        return new \ArrayIterator($this->_extensions);
-    }
+	/**
+	 * Extensions.
+	 *
+	 * @var Extension\Extension[] $_extensions
+	 */
+	protected $_extensions;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Ext\Extension ...$extensions Extension objects
+	 */
+	public function __construct(Ext\Extension ...$extensions)
+	{
+		$this->_extensions = array();
+		foreach ($extensions as $ext) {
+			$this->_extensions[$ext->oid()] = $ext;
+		}
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$extensions = array_map(
+			function (UnspecifiedType $el) {
+				return Ext\Extension::fromASN1($el->asSequence());
+			}, $seq->elements());
+		return new self(...$extensions);
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array_values(
+			array_map(
+				function ($ext) {
+					return $ext->toASN1();
+				}, $this->_extensions));
+		return new Sequence(...$elements);
+	}
+    
+	/**
+	 * Get self with extensions added.
+	 *
+	 * @param Ext\Extension ...$exts One or more extensions to add
+	 * @return self
+	 */
+	public function withExtensions(Ext\Extension ...$exts): self
+	{
+		$obj = clone $this;
+		foreach ($exts as $ext) {
+			$obj->_extensions[$ext->oid()] = $ext;
+		}
+		return $obj;
+	}
+    
+	/**
+	 * Check whether extension is present.
+	 *
+	 * @param string $oid Extensions OID
+	 * @return bool
+	 */
+	public function has(string $oid): bool
+	{
+		return isset($this->_extensions[$oid]);
+	}
+    
+	/**
+	 * Get extension by OID.
+	 *
+	 * @param string $oid
+	 * @throws \LogicException If extension is not present
+	 * @return Extension\Extension
+	 */
+	public function get(string $oid): Ext\Extension
+	{
+		if (!$this->has($oid)) {
+			throw new \LogicException("No extension by OID $oid.");
+		}
+		return $this->_extensions[$oid];
+	}
+    
+	/**
+	 * Check whether 'Authority Key Identifier' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthorityKeyIdentifier(): bool
+	{
+		return $this->has(Ext\Extension::OID_AUTHORITY_KEY_IDENTIFIER);
+	}
+    
+	/**
+	 * Get 'Authority Key Identifier' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\AuthorityKeyIdentifierExtension
+	 */
+	public function authorityKeyIdentifier(): Ext\AuthorityKeyIdentifierExtension
+	{
+		/** @var Extension\AuthorityKeyIdentifierExtension $keyIdentifier */
+		$keyIdentifier = $this->get(Ext\Extension::OID_AUTHORITY_KEY_IDENTIFIER);
+		return $keyIdentifier;
+	}
+    
+	/**
+	 * Check whether 'Subject Key Identifier' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSubjectKeyIdentifier(): bool
+	{
+		return $this->has(Ext\Extension::OID_SUBJECT_KEY_IDENTIFIER);
+	}
+    
+	/**
+	 * Get 'Subject Key Identifier' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\SubjectKeyIdentifierExtension
+	 */
+	public function subjectKeyIdentifier(): Ext\SubjectKeyIdentifierExtension
+	{
+		/** @var Extension\SubjectKeyIdentifierExtension $subjectKeyIdentifier */
+		$subjectKeyIdentifier = $this->get(
+			Ext\Extension::OID_SUBJECT_KEY_IDENTIFIER);
+		return $subjectKeyIdentifier;
+	}
+    
+	/**
+	 * Check whether 'Key Usage' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasKeyUsage(): bool
+	{
+		return $this->has(Ext\Extension::OID_KEY_USAGE);
+	}
+    
+	/**
+	 * Get 'Key Usage' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\KeyUsageExtension
+	 */
+	public function keyUsage(): Ext\KeyUsageExtension
+	{
+		/** @var Extension\KeyUsageExtension $keyUsage */
+		$keyUsage = $this->get(Ext\Extension::OID_KEY_USAGE);
+		return $keyUsage;
+	}
+    
+	/**
+	 * Check whether 'Certificate Policies' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasCertificatePolicies(): bool
+	{
+		return $this->has(Ext\Extension::OID_CERTIFICATE_POLICIES);
+	}
+    
+	/**
+	 * Get 'Certificate Policies' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\CertificatePoliciesExtension
+	 */
+	public function certificatePolicies(): Ext\CertificatePoliciesExtension
+	{
+		/** @var Extension\CertificatePoliciesExtension $certPolicies */
+		$certPolicies = $this->get(Ext\Extension::OID_CERTIFICATE_POLICIES);
+		return $certPolicies;
+	}
+    
+	/**
+	 * Check whether 'Policy Mappings' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPolicyMappings(): bool
+	{
+		return $this->has(Ext\Extension::OID_POLICY_MAPPINGS);
+	}
+    
+	/**
+	 * Get 'Policy Mappings' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\PolicyMappingsExtension
+	 */
+	public function policyMappings(): Ext\PolicyMappingsExtension
+	{
+		/** @var Extension\PolicyMappingsExtension $policyMappings */
+		$policyMappings = $this->get(Ext\Extension::OID_POLICY_MAPPINGS);
+		return $policyMappings;
+	}
+    
+	/**
+	 * Check whether 'Subject Alternative Name' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSubjectAlternativeName(): bool
+	{
+		return $this->has(Ext\Extension::OID_SUBJECT_ALT_NAME);
+	}
+    
+	/**
+	 * Get 'Subject Alternative Name' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\SubjectAlternativeNameExtension
+	 */
+	public function subjectAlternativeName(): Ext\SubjectAlternativeNameExtension
+	{
+		/** @var Extension\SubjectAlternativeNameExtension $subjectAltName */
+		$subjectAltName = $this->get(Ext\Extension::OID_SUBJECT_ALT_NAME);
+		return $subjectAltName;
+	}
+    
+	/**
+	 * Check whether 'Issuer Alternative Name' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerAlternativeName(): bool
+	{
+		return $this->has(Ext\Extension::OID_ISSUER_ALT_NAME);
+	}
+    
+	/**
+	 * Get 'Issuer Alternative Name' extension.
+	 *
+	 * @return \X509\Certificate\Extension\IssuerAlternativeNameExtension
+	 */
+	public function issuerAlternativeName(): Ext\IssuerAlternativeNameExtension
+	{
+		/** @var Extension\IssuerAlternativeNameExtension $issuerAltName */
+		$issuerAltName = $this->get(Ext\Extension::OID_ISSUER_ALT_NAME);
+		return $issuerAltName;
+	}
+    
+	/**
+	 * Check whether 'Basic Constraints' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasBasicConstraints(): bool
+	{
+		return $this->has(Ext\Extension::OID_BASIC_CONSTRAINTS);
+	}
+    
+	/**
+	 * Get 'Basic Constraints' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\BasicConstraintsExtension
+	 */
+	public function basicConstraints(): Ext\BasicConstraintsExtension
+	{
+		/** @var Extension\BasicConstraintsExtension $basicConstraints */
+		$basicConstraints = $this->get(Ext\Extension::OID_BASIC_CONSTRAINTS);
+		return $basicConstraints;
+	}
+    
+	/**
+	 * Check whether 'Name Constraints' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasNameConstraints(): bool
+	{
+		return $this->has(Ext\Extension::OID_NAME_CONSTRAINTS);
+	}
+    
+	/**
+	 * Get 'Name Constraints' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\NameConstraintsExtension
+	 */
+	public function nameConstraints(): Ext\NameConstraintsExtension
+	{
+		/** @var Extension\NameConstraintsExtension $nameConstraints */
+		$nameConstraints = $this->get(Ext\Extension::OID_NAME_CONSTRAINTS);
+		return $nameConstraints;
+	}
+    
+	/**
+	 * Check whether 'Policy Constraints' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPolicyConstraints(): bool
+	{
+		return $this->has(Ext\Extension::OID_POLICY_CONSTRAINTS);
+	}
+    
+	/**
+	 * Get 'Policy Constraints' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\PolicyConstraintsExtension
+	 */
+	public function policyConstraints(): Ext\PolicyConstraintsExtension
+	{
+		/** @var Extension\PolicyConstraintsExtension $policyConstraints */
+		$policyConstraints = $this->get(Ext\Extension::OID_POLICY_CONSTRAINTS);
+		return $policyConstraints;
+	}
+    
+	/**
+	 * Check whether 'Extended Key Usage' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasExtendedKeyUsage(): bool
+	{
+		return $this->has(Ext\Extension::OID_EXT_KEY_USAGE);
+	}
+    
+	/**
+	 * Get 'Extended Key Usage' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\ExtendedKeyUsageExtension
+	 */
+	public function extendedKeyUsage(): Ext\ExtendedKeyUsageExtension
+	{
+		/** @var Extension\ExtendedKeyUsageExtension $keyUsage */
+		$keyUsage = $this->get(Ext\Extension::OID_EXT_KEY_USAGE);
+		return $keyUsage;
+	}
+    
+	/**
+	 * Check whether 'CRL Distribution Points' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasCRLDistributionPoints(): bool
+	{
+		return $this->has(Ext\Extension::OID_CRL_DISTRIBUTION_POINTS);
+	}
+    
+	/**
+	 * Get 'CRL Distribution Points' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\CRLDistributionPointsExtension
+	 */
+	public function crlDistributionPoints(): Ext\CRLDistributionPointsExtension
+	{
+		/** @var Extension\CRLDistributionPointsExtension $crlDist */
+		$crlDist = $this->get(Ext\Extension::OID_CRL_DISTRIBUTION_POINTS);
+		return $crlDist;
+	}
+    
+	/**
+	 * Check whether 'Inhibit anyPolicy' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasInhibitAnyPolicy(): bool
+	{
+		return $this->has(Ext\Extension::OID_INHIBIT_ANY_POLICY);
+	}
+    
+	/**
+	 * Get 'Inhibit anyPolicy' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\InhibitAnyPolicyExtension
+	 */
+	public function inhibitAnyPolicy(): Ext\InhibitAnyPolicyExtension
+	{
+		/** @var Extension\InhibitAnyPolicyExtension $inhibitAny */
+		$inhibitAny = $this->get(Ext\Extension::OID_INHIBIT_ANY_POLICY);
+		return $inhibitAny;
+	}
+    
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_extensions);
+	}
+    
+	/**
+	 * Get iterator for extensions.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \Traversable
+	 */
+	public function getIterator(): \Traversable
+	{
+		return new \ArrayIterator($this->_extensions);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/Certificate.php 1 patch

Indentation +231 added lines, -231 removed lines patch added patch discarded remove patch

@@ -19,235 +19,235 @@
 block discarded – undo
  */
 class Certificate
 {
-    /**
-     * "To be signed" certificate information.
-     *
-     * @var TBSCertificate $_tbsCertificate
-     */
-    protected $_tbsCertificate;
-    
-    /**
-     * Signature algorithm.
-     *
-     * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
-     */
-    protected $_signatureAlgorithm;
-    
-    /**
-     * Signature value.
-     *
-     * @var Signature $_signatureValue
-     */
-    protected $_signatureValue;
-    
-    /**
-     * Constructor.
-     *
-     * @param TBSCertificate $tbsCert
-     * @param SignatureAlgorithmIdentifier $algo
-     * @param Signature $signature
-     */
-    public function __construct(TBSCertificate $tbsCert,
-        SignatureAlgorithmIdentifier $algo, Signature $signature)
-    {
-        $this->_tbsCertificate = $tbsCert;
-        $this->_signatureAlgorithm = $algo;
-        $this->_signatureValue = $signature;
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
-        $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
-        if (!$algo instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                "Unsupported signature algorithm " . $algo->oid() . ".");
-        }
-        $signature = Signature::fromSignatureData(
-            $seq->at(2)
-                ->asBitString()
-                ->string(), $algo);
-        return new self($tbsCert, $algo, $signature);
-    }
-    
-    /**
-     * Initialize from DER.
-     *
-     * @param string $data
-     * @return self
-     */
-    public static function fromDER(string $data): self
-    {
-        return self::fromASN1(Sequence::fromDER($data));
-    }
-    
-    /**
-     * Initialize from PEM.
-     *
-     * @param PEM $pem
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromPEM(PEM $pem): self
-    {
-        if ($pem->type() != PEM::TYPE_CERTIFICATE) {
-            throw new \UnexpectedValueException("Invalid PEM type.");
-        }
-        return self::fromDER($pem->data());
-    }
-    
-    /**
-     * Get certificate information.
-     *
-     * @return TBSCertificate
-     */
-    public function tbsCertificate(): TBSCertificate
-    {
-        return $this->_tbsCertificate;
-    }
-    
-    /**
-     * Get signature algorithm.
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signatureAlgorithm(): SignatureAlgorithmIdentifier
-    {
-        return $this->_signatureAlgorithm;
-    }
-    
-    /**
-     * Get signature value.
-     *
-     * @return Signature
-     */
-    public function signatureValue(): Signature
-    {
-        return $this->_signatureValue;
-    }
-    
-    /**
-     * Check whether certificate is self-issued.
-     *
-     * @return bool
-     */
-    public function isSelfIssued(): bool
-    {
-        return $this->_tbsCertificate->subject()->equals(
-            $this->_tbsCertificate->issuer());
-    }
-    
-    /**
-     * Check whether certificate is semantically equal to another.
-     *
-     * @param Certificate $cert Certificate to compare to
-     * @return bool
-     */
-    public function equals(Certificate $cert): bool
-    {
-        return $this->_hasEqualSerialNumber($cert) &&
-             $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
-    }
-    
-    /**
-     * Check whether certificate has serial number equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualSerialNumber(Certificate $cert): bool
-    {
-        $sn1 = $this->_tbsCertificate->serialNumber();
-        $sn2 = $cert->_tbsCertificate->serialNumber();
-        return $sn1 == $sn2;
-    }
-    
-    /**
-     * Check whether certificate has public key equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualPublicKey(Certificate $cert): bool
-    {
-        $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        return $kid1 == $kid2;
-    }
-    
-    /**
-     * Check whether certificate has subject equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualSubject(Certificate $cert): bool
-    {
-        $dn1 = $this->_tbsCertificate->subject();
-        $dn2 = $cert->_tbsCertificate->subject();
-        return $dn1->equals($dn2);
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        return new Sequence($this->_tbsCertificate->toASN1(),
-            $this->_signatureAlgorithm->toASN1(),
-            $this->_signatureValue->bitString());
-    }
-    
-    /**
-     * Get certificate as a DER.
-     *
-     * @return string
-     */
-    public function toDER(): string
-    {
-        return $this->toASN1()->toDER();
-    }
-    
-    /**
-     * Get certificate as a PEM.
-     *
-     * @return PEM
-     */
-    public function toPEM(): PEM
-    {
-        return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
-    }
-    
-    /**
-     * Verify certificate signature.
-     *
-     * @param PublicKeyInfo $pubkey_info Issuer's public key
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @return bool True if certificate signature is valid
-     */
-    public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $data = $this->_tbsCertificate->toASN1()->toDER();
-        return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
-            $this->_signatureAlgorithm);
-    }
-    
-    /**
-     * Get certificate as a PEM formatted string.
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->toPEM()->string();
-    }
+	/**
+	 * "To be signed" certificate information.
+	 *
+	 * @var TBSCertificate $_tbsCertificate
+	 */
+	protected $_tbsCertificate;
+    
+	/**
+	 * Signature algorithm.
+	 *
+	 * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
+	 */
+	protected $_signatureAlgorithm;
+    
+	/**
+	 * Signature value.
+	 *
+	 * @var Signature $_signatureValue
+	 */
+	protected $_signatureValue;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param TBSCertificate $tbsCert
+	 * @param SignatureAlgorithmIdentifier $algo
+	 * @param Signature $signature
+	 */
+	public function __construct(TBSCertificate $tbsCert,
+		SignatureAlgorithmIdentifier $algo, Signature $signature)
+	{
+		$this->_tbsCertificate = $tbsCert;
+		$this->_signatureAlgorithm = $algo;
+		$this->_signatureValue = $signature;
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
+		$algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
+		if (!$algo instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				"Unsupported signature algorithm " . $algo->oid() . ".");
+		}
+		$signature = Signature::fromSignatureData(
+			$seq->at(2)
+				->asBitString()
+				->string(), $algo);
+		return new self($tbsCert, $algo, $signature);
+	}
+    
+	/**
+	 * Initialize from DER.
+	 *
+	 * @param string $data
+	 * @return self
+	 */
+	public static function fromDER(string $data): self
+	{
+		return self::fromASN1(Sequence::fromDER($data));
+	}
+    
+	/**
+	 * Initialize from PEM.
+	 *
+	 * @param PEM $pem
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromPEM(PEM $pem): self
+	{
+		if ($pem->type() != PEM::TYPE_CERTIFICATE) {
+			throw new \UnexpectedValueException("Invalid PEM type.");
+		}
+		return self::fromDER($pem->data());
+	}
+    
+	/**
+	 * Get certificate information.
+	 *
+	 * @return TBSCertificate
+	 */
+	public function tbsCertificate(): TBSCertificate
+	{
+		return $this->_tbsCertificate;
+	}
+    
+	/**
+	 * Get signature algorithm.
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signatureAlgorithm(): SignatureAlgorithmIdentifier
+	{
+		return $this->_signatureAlgorithm;
+	}
+    
+	/**
+	 * Get signature value.
+	 *
+	 * @return Signature
+	 */
+	public function signatureValue(): Signature
+	{
+		return $this->_signatureValue;
+	}
+    
+	/**
+	 * Check whether certificate is self-issued.
+	 *
+	 * @return bool
+	 */
+	public function isSelfIssued(): bool
+	{
+		return $this->_tbsCertificate->subject()->equals(
+			$this->_tbsCertificate->issuer());
+	}
+    
+	/**
+	 * Check whether certificate is semantically equal to another.
+	 *
+	 * @param Certificate $cert Certificate to compare to
+	 * @return bool
+	 */
+	public function equals(Certificate $cert): bool
+	{
+		return $this->_hasEqualSerialNumber($cert) &&
+			 $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
+	}
+    
+	/**
+	 * Check whether certificate has serial number equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualSerialNumber(Certificate $cert): bool
+	{
+		$sn1 = $this->_tbsCertificate->serialNumber();
+		$sn2 = $cert->_tbsCertificate->serialNumber();
+		return $sn1 == $sn2;
+	}
+    
+	/**
+	 * Check whether certificate has public key equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualPublicKey(Certificate $cert): bool
+	{
+		$kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		$kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		return $kid1 == $kid2;
+	}
+    
+	/**
+	 * Check whether certificate has subject equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualSubject(Certificate $cert): bool
+	{
+		$dn1 = $this->_tbsCertificate->subject();
+		$dn2 = $cert->_tbsCertificate->subject();
+		return $dn1->equals($dn2);
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		return new Sequence($this->_tbsCertificate->toASN1(),
+			$this->_signatureAlgorithm->toASN1(),
+			$this->_signatureValue->bitString());
+	}
+    
+	/**
+	 * Get certificate as a DER.
+	 *
+	 * @return string
+	 */
+	public function toDER(): string
+	{
+		return $this->toASN1()->toDER();
+	}
+    
+	/**
+	 * Get certificate as a PEM.
+	 *
+	 * @return PEM
+	 */
+	public function toPEM(): PEM
+	{
+		return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
+	}
+    
+	/**
+	 * Verify certificate signature.
+	 *
+	 * @param PublicKeyInfo $pubkey_info Issuer's public key
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @return bool True if certificate signature is valid
+	 */
+	public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$data = $this->_tbsCertificate->toASN1()->toDER();
+		return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
+			$this->_signatureAlgorithm);
+	}
+    
+	/**
+	 * Get certificate as a PEM formatted string.
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->toPEM()->string();
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/TBSCertificate.php 2 patches

Indentation +606 added lines, -606 removed lines patch added patch discarded remove patch

@@ -27,610 +27,610 @@
 block discarded – undo
  */
 class TBSCertificate
 {
-    // Certificate version enumerations
-    const VERSION_1 = 0;
-    const VERSION_2 = 1;
-    const VERSION_3 = 2;
-    
-    /**
-     * Certificate version.
-     *
-     * @var int|null
-     */
-    protected $_version;
-    
-    /**
-     * Serial number.
-     *
-     * @var string|null
-     */
-    protected $_serialNumber;
-    
-    /**
-     * Signature algorithm.
-     *
-     * @var SignatureAlgorithmIdentifier|null
-     */
-    protected $_signature;
-    
-    /**
-     * Certificate issuer.
-     *
-     * @var Name $_issuer
-     */
-    protected $_issuer;
-    
-    /**
-     * Certificate validity period.
-     *
-     * @var Validity $_validity
-     */
-    protected $_validity;
-    
-    /**
-     * Certificate subject.
-     *
-     * @var Name $_subject
-     */
-    protected $_subject;
-    
-    /**
-     * Subject public key.
-     *
-     * @var PublicKeyInfo $_subjectPublicKeyInfo
-     */
-    protected $_subjectPublicKeyInfo;
-    
-    /**
-     * Issuer unique identifier.
-     *
-     * @var UniqueIdentifier|null $_issuerUniqueID
-     */
-    protected $_issuerUniqueID;
-    
-    /**
-     * Subject unique identifier.
-     *
-     * @var UniqueIdentifier|null $_subjectUniqueID
-     */
-    protected $_subjectUniqueID;
-    
-    /**
-     * Extensions.
-     *
-     * @var Extensions $_extensions
-     */
-    protected $_extensions;
-    
-    /**
-     * Constructor.
-     *
-     * @param Name $subject Certificate subject
-     * @param PublicKeyInfo $pki Subject public key
-     * @param Name $issuer Certificate issuer
-     * @param Validity $validity Validity period
-     */
-    public function __construct(Name $subject, PublicKeyInfo $pki, Name $issuer,
-        Validity $validity)
-    {
-        $this->_subject = $subject;
-        $this->_subjectPublicKeyInfo = $pki;
-        $this->_issuer = $issuer;
-        $this->_validity = $validity;
-        $this->_extensions = new Extensions();
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $idx = 0;
-        if ($seq->hasTagged(0)) {
-            $idx++;
-            $version = $seq->getTagged(0)
-                ->asExplicit()
-                ->asInteger()
-                ->intNumber();
-        } else {
-            $version = self::VERSION_1;
-        }
-        $serial = $seq->at($idx++)
-            ->asInteger()
-            ->number();
-        $algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
-        if (!$algo instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                "Unsupported signature algorithm " . $algo->name() . ".");
-        }
-        $issuer = Name::fromASN1($seq->at($idx++)->asSequence());
-        $validity = Validity::fromASN1($seq->at($idx++)->asSequence());
-        $subject = Name::fromASN1($seq->at($idx++)->asSequence());
-        $pki = PublicKeyInfo::fromASN1($seq->at($idx++)->asSequence());
-        $tbs_cert = new self($subject, $pki, $issuer, $validity);
-        $tbs_cert->_version = $version;
-        $tbs_cert->_serialNumber = $serial;
-        $tbs_cert->_signature = $algo;
-        if ($seq->hasTagged(1)) {
-            $tbs_cert->_issuerUniqueID = UniqueIdentifier::fromASN1(
-                $seq->getTagged(1)
-                    ->asImplicit(Element::TYPE_BIT_STRING)
-                    ->asBitString());
-        }
-        if ($seq->hasTagged(2)) {
-            $tbs_cert->_subjectUniqueID = UniqueIdentifier::fromASN1(
-                $seq->getTagged(2)
-                    ->asImplicit(Element::TYPE_BIT_STRING)
-                    ->asBitString());
-        }
-        if ($seq->hasTagged(3)) {
-            $tbs_cert->_extensions = Extensions::fromASN1(
-                $seq->getTagged(3)
-                    ->asExplicit()
-                    ->asSequence());
-        }
-        return $tbs_cert;
-    }
-    
-    /**
-     * Initialize from certification request.
-     *
-     * Note that signature is not verified and must be done by the caller.
-     *
-     * @param CertificationRequest $cr
-     * @return self
-     */
-    public static function fromCSR(CertificationRequest $cr): self
-    {
-        $cri = $cr->certificationRequestInfo();
-        $tbs_cert = new self($cri->subject(), $cri->subjectPKInfo(), new Name(),
-            Validity::fromStrings(null, null));
-        // if CSR has Extension Request attribute
-        if ($cri->hasAttributes()) {
-            $attribs = $cri->attributes();
-            if ($attribs->hasExtensionRequest()) {
-                $tbs_cert = $tbs_cert->withExtensions(
-                    $attribs->extensionRequest()
-                        ->extensions());
-            }
-        }
-        // add Subject Key Identifier extension
-        $tbs_cert = $tbs_cert->withAdditionalExtensions(
-            new SubjectKeyIdentifierExtension(false,
-                $cri->subjectPKInfo()
-                    ->keyIdentifier()));
-        return $tbs_cert;
-    }
-    
-    /**
-     * Get self with fields set from the issuer's certificate.
-     *
-     * Issuer shall be set to issuing certificate's subject.
-     * Authority key identifier extensions shall be added with a key identifier
-     * set to issuing certificate's public key identifier.
-     *
-     * @param Certificate $cert Issuing party's certificate
-     * @return self
-     */
-    public function withIssuerCertificate(Certificate $cert): self
-    {
-        $obj = clone $this;
-        // set issuer DN from cert's subject
-        $obj->_issuer = $cert->tbsCertificate()->subject();
-        // add authority key identifier extension
-        $key_id = $cert->tbsCertificate()
-            ->subjectPublicKeyInfo()
-            ->keyIdentifier();
-        $obj->_extensions = $obj->_extensions->withExtensions(
-            new AuthorityKeyIdentifierExtension(false, $key_id));
-        return $obj;
-    }
-    
-    /**
-     * Get self with given version.
-     *
-     * If version is not set, appropriate version is automatically
-     * determined during signing.
-     *
-     * @param int $version
-     * @return self
-     */
-    public function withVersion(int $version): self
-    {
-        $obj = clone $this;
-        $obj->_version = $version;
-        return $obj;
-    }
-    
-    /**
-     * Get self with given serial number.
-     *
-     * @param int|string $serial Base 10 number
-     * @return self
-     */
-    public function withSerialNumber($serial): self
-    {
-        $obj = clone $this;
-        $obj->_serialNumber = strval($serial);
-        return $obj;
-    }
-    
-    /**
-     * Get self with random positive serial number.
-     *
-     * @param int $size Number of random bytes
-     * @return self
-     */
-    public function withRandomSerialNumber(int $size = 16): self
-    {
-        // ensure that first byte is always non-zero and having first bit unset
-        $num = gmp_init(mt_rand(1, 0x7f), 10);
-        for ($i = 1; $i < $size; ++$i) {
-            $num <<= 8;
-            $num += mt_rand(0, 0xff);
-        }
-        return $this->withSerialNumber(gmp_strval($num, 10));
-    }
-    
-    /**
-     * Get self with given signature algorithm.
-     *
-     * @param SignatureAlgorithmIdentifier $algo
-     * @return self
-     */
-    public function withSignature(SignatureAlgorithmIdentifier $algo): self
-    {
-        $obj = clone $this;
-        $obj->_signature = $algo;
-        return $obj;
-    }
-    
-    /**
-     * Get self with given issuer.
-     *
-     * @param Name $issuer
-     * @return self
-     */
-    public function withIssuer(Name $issuer): self
-    {
-        $obj = clone $this;
-        $obj->_issuer = $issuer;
-        return $obj;
-    }
-    
-    /**
-     * Get self with given validity.
-     *
-     * @param Validity $validity
-     * @return self
-     */
-    public function withValidity(Validity $validity): self
-    {
-        $obj = clone $this;
-        $obj->_validity = $validity;
-        return $obj;
-    }
-    
-    /**
-     * Get self with given subject.
-     *
-     * @param Name $subject
-     * @return self
-     */
-    public function withSubject(Name $subject): self
-    {
-        $obj = clone $this;
-        $obj->_subject = $subject;
-        return $obj;
-    }
-    
-    /**
-     * Get self with given subject public key info.
-     *
-     * @param PublicKeyInfo $pub_key_info
-     * @return self
-     */
-    public function withSubjectPublicKeyInfo(PublicKeyInfo $pub_key_info): self
-    {
-        $obj = clone $this;
-        $obj->_subjectPublicKeyInfo = $pub_key_info;
-        return $obj;
-    }
-    
-    /**
-     * Get self with issuer unique ID.
-     *
-     * @param UniqueIdentifier $id
-     * @return self
-     */
-    public function withIssuerUniqueID(UniqueIdentifier $id): self
-    {
-        $obj = clone $this;
-        $obj->_issuerUniqueID = $id;
-        return $obj;
-    }
-    
-    /**
-     * Get self with subject unique ID.
-     *
-     * @param UniqueIdentifier $id
-     * @return self
-     */
-    public function withSubjectUniqueID(UniqueIdentifier $id): self
-    {
-        $obj = clone $this;
-        $obj->_subjectUniqueID = $id;
-        return $obj;
-    }
-    
-    /**
-     * Get self with given extensions.
-     *
-     * @param Extensions $extensions
-     * @return self
-     */
-    public function withExtensions(Extensions $extensions): self
-    {
-        $obj = clone $this;
-        $obj->_extensions = $extensions;
-        return $obj;
-    }
-    
-    /**
-     * Get self with extensions added.
-     *
-     * @param Extension ...$exts One or more Extension objects
-     * @return self
-     */
-    public function withAdditionalExtensions(Extension ...$exts): self
-    {
-        $obj = clone $this;
-        $obj->_extensions = $obj->_extensions->withExtensions(...$exts);
-        return $obj;
-    }
-    
-    /**
-     * Check whether version is set.
-     *
-     * @return bool
-     */
-    public function hasVersion(): bool
-    {
-        return isset($this->_version);
-    }
-    
-    /**
-     * Get certificate version.
-     *
-     * @return int
-     */
-    public function version(): int
-    {
-        if (!$this->hasVersion()) {
-            throw new \LogicException("version not set.");
-        }
-        return $this->_version;
-    }
-    
-    /**
-     * Check whether serial number is set.
-     *
-     * @return bool
-     */
-    public function hasSerialNumber(): bool
-    {
-        return isset($this->_serialNumber);
-    }
-    
-    /**
-     * Get serial number.
-     *
-     * @return string Base 10 integer
-     */
-    public function serialNumber(): string
-    {
-        if (!$this->hasSerialNumber()) {
-            throw new \LogicException("serialNumber not set.");
-        }
-        return $this->_serialNumber;
-    }
-    
-    /**
-     * Check whether signature algorithm is set.
-     *
-     * @return bool
-     */
-    public function hasSignature(): bool
-    {
-        return isset($this->_signature);
-    }
-    
-    /**
-     * Get signature algorithm.
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signature(): SignatureAlgorithmIdentifier
-    {
-        if (!$this->hasSignature()) {
-            throw new \LogicException("signature not set.");
-        }
-        return $this->_signature;
-    }
-    
-    /**
-     * Get issuer.
-     *
-     * @return Name
-     */
-    public function issuer(): Name
-    {
-        return $this->_issuer;
-    }
-    
-    /**
-     * Get validity period.
-     *
-     * @return Validity
-     */
-    public function validity(): Validity
-    {
-        return $this->_validity;
-    }
-    
-    /**
-     * Get subject.
-     *
-     * @return Name
-     */
-    public function subject(): Name
-    {
-        return $this->_subject;
-    }
-    
-    /**
-     * Get subject public key.
-     *
-     * @return PublicKeyInfo
-     */
-    public function subjectPublicKeyInfo(): PublicKeyInfo
-    {
-        return $this->_subjectPublicKeyInfo;
-    }
-    
-    /**
-     * Whether issuer unique identifier is present.
-     *
-     * @return bool
-     */
-    public function hasIssuerUniqueID(): bool
-    {
-        return isset($this->_issuerUniqueID);
-    }
-    
-    /**
-     * Get issuerUniqueID.
-     *
-     * @return UniqueIdentifier
-     */
-    public function issuerUniqueID(): UniqueIdentifier
-    {
-        if (!$this->hasIssuerUniqueID()) {
-            throw new \LogicException("issuerUniqueID not set.");
-        }
-        return $this->_issuerUniqueID;
-    }
-    
-    /**
-     * Whether subject unique identifier is present.
-     *
-     * @return bool
-     */
-    public function hasSubjectUniqueID(): bool
-    {
-        return isset($this->_subjectUniqueID);
-    }
-    
-    /**
-     * Get subjectUniqueID.
-     *
-     * @return UniqueIdentifier
-     */
-    public function subjectUniqueID(): UniqueIdentifier
-    {
-        if (!$this->hasSubjectUniqueID()) {
-            throw new \LogicException("subjectUniqueID not set.");
-        }
-        return $this->_subjectUniqueID;
-    }
-    
-    /**
-     * Get extensions.
-     *
-     * @return Extensions
-     */
-    public function extensions(): Extensions
-    {
-        return $this->_extensions;
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array();
-        $version = $this->version();
-        // if version is not default
-        if ($version != self::VERSION_1) {
-            $elements[] = new ExplicitlyTaggedType(0, new Integer($version));
-        }
-        $serial = $this->serialNumber();
-        $signature = $this->signature();
-        // add required elements
-        array_push($elements, new Integer($serial), $signature->toASN1(),
-            $this->_issuer->toASN1(), $this->_validity->toASN1(),
-            $this->_subject->toASN1(), $this->_subjectPublicKeyInfo->toASN1());
-        if (isset($this->_issuerUniqueID)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                $this->_issuerUniqueID->toASN1());
-        }
-        if (isset($this->_subjectUniqueID)) {
-            $elements[] = new ImplicitlyTaggedType(2,
-                $this->_subjectUniqueID->toASN1());
-        }
-        if (count($this->_extensions)) {
-            $elements[] = new ExplicitlyTaggedType(3,
-                $this->_extensions->toASN1());
-        }
-        return new Sequence(...$elements);
-    }
-    
-    /**
-     * Create signed certificate.
-     *
-     * @param SignatureAlgorithmIdentifier $algo Algorithm used for signing
-     * @param PrivateKeyInfo $privkey_info Private key used for signing
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @return Certificate
-     */
-    public function sign(SignatureAlgorithmIdentifier $algo,
-        PrivateKeyInfo $privkey_info, Crypto $crypto = null): Certificate
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $tbs_cert = clone $this;
-        if (!isset($tbs_cert->_version)) {
-            $tbs_cert->_version = $tbs_cert->_determineVersion();
-        }
-        if (!isset($tbs_cert->_serialNumber)) {
-            $tbs_cert->_serialNumber = strval(0);
-        }
-        $tbs_cert->_signature = $algo;
-        $data = $tbs_cert->toASN1()->toDER();
-        $signature = $crypto->sign($data, $privkey_info, $algo);
-        return new Certificate($tbs_cert, $algo, $signature);
-    }
-    
-    /**
-     * Determine minimum version for the certificate.
-     *
-     * @return int
-     */
-    protected function _determineVersion(): int
-    {
-        // if extensions are present
-        if (count($this->_extensions)) {
-            return self::VERSION_3;
-        }
-        // if UniqueIdentifier is present
-        if (isset($this->_issuerUniqueID) || isset($this->_subjectUniqueID)) {
-            return self::VERSION_2;
-        }
-        return self::VERSION_1;
-    }
+	// Certificate version enumerations
+	const VERSION_1 = 0;
+	const VERSION_2 = 1;
+	const VERSION_3 = 2;
+    
+	/**
+	 * Certificate version.
+	 *
+	 * @var int|null
+	 */
+	protected $_version;
+    
+	/**
+	 * Serial number.
+	 *
+	 * @var string|null
+	 */
+	protected $_serialNumber;
+    
+	/**
+	 * Signature algorithm.
+	 *
+	 * @var SignatureAlgorithmIdentifier|null
+	 */
+	protected $_signature;
+    
+	/**
+	 * Certificate issuer.
+	 *
+	 * @var Name $_issuer
+	 */
+	protected $_issuer;
+    
+	/**
+	 * Certificate validity period.
+	 *
+	 * @var Validity $_validity
+	 */
+	protected $_validity;
+    
+	/**
+	 * Certificate subject.
+	 *
+	 * @var Name $_subject
+	 */
+	protected $_subject;
+    
+	/**
+	 * Subject public key.
+	 *
+	 * @var PublicKeyInfo $_subjectPublicKeyInfo
+	 */
+	protected $_subjectPublicKeyInfo;
+    
+	/**
+	 * Issuer unique identifier.
+	 *
+	 * @var UniqueIdentifier|null $_issuerUniqueID
+	 */
+	protected $_issuerUniqueID;
+    
+	/**
+	 * Subject unique identifier.
+	 *
+	 * @var UniqueIdentifier|null $_subjectUniqueID
+	 */
+	protected $_subjectUniqueID;
+    
+	/**
+	 * Extensions.
+	 *
+	 * @var Extensions $_extensions
+	 */
+	protected $_extensions;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Name $subject Certificate subject
+	 * @param PublicKeyInfo $pki Subject public key
+	 * @param Name $issuer Certificate issuer
+	 * @param Validity $validity Validity period
+	 */
+	public function __construct(Name $subject, PublicKeyInfo $pki, Name $issuer,
+		Validity $validity)
+	{
+		$this->_subject = $subject;
+		$this->_subjectPublicKeyInfo = $pki;
+		$this->_issuer = $issuer;
+		$this->_validity = $validity;
+		$this->_extensions = new Extensions();
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$idx = 0;
+		if ($seq->hasTagged(0)) {
+			$idx++;
+			$version = $seq->getTagged(0)
+				->asExplicit()
+				->asInteger()
+				->intNumber();
+		} else {
+			$version = self::VERSION_1;
+		}
+		$serial = $seq->at($idx++)
+			->asInteger()
+			->number();
+		$algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
+		if (!$algo instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				"Unsupported signature algorithm " . $algo->name() . ".");
+		}
+		$issuer = Name::fromASN1($seq->at($idx++)->asSequence());
+		$validity = Validity::fromASN1($seq->at($idx++)->asSequence());
+		$subject = Name::fromASN1($seq->at($idx++)->asSequence());
+		$pki = PublicKeyInfo::fromASN1($seq->at($idx++)->asSequence());
+		$tbs_cert = new self($subject, $pki, $issuer, $validity);
+		$tbs_cert->_version = $version;
+		$tbs_cert->_serialNumber = $serial;
+		$tbs_cert->_signature = $algo;
+		if ($seq->hasTagged(1)) {
+			$tbs_cert->_issuerUniqueID = UniqueIdentifier::fromASN1(
+				$seq->getTagged(1)
+					->asImplicit(Element::TYPE_BIT_STRING)
+					->asBitString());
+		}
+		if ($seq->hasTagged(2)) {
+			$tbs_cert->_subjectUniqueID = UniqueIdentifier::fromASN1(
+				$seq->getTagged(2)
+					->asImplicit(Element::TYPE_BIT_STRING)
+					->asBitString());
+		}
+		if ($seq->hasTagged(3)) {
+			$tbs_cert->_extensions = Extensions::fromASN1(
+				$seq->getTagged(3)
+					->asExplicit()
+					->asSequence());
+		}
+		return $tbs_cert;
+	}
+    
+	/**
+	 * Initialize from certification request.
+	 *
+	 * Note that signature is not verified and must be done by the caller.
+	 *
+	 * @param CertificationRequest $cr
+	 * @return self
+	 */
+	public static function fromCSR(CertificationRequest $cr): self
+	{
+		$cri = $cr->certificationRequestInfo();
+		$tbs_cert = new self($cri->subject(), $cri->subjectPKInfo(), new Name(),
+			Validity::fromStrings(null, null));
+		// if CSR has Extension Request attribute
+		if ($cri->hasAttributes()) {
+			$attribs = $cri->attributes();
+			if ($attribs->hasExtensionRequest()) {
+				$tbs_cert = $tbs_cert->withExtensions(
+					$attribs->extensionRequest()
+						->extensions());
+			}
+		}
+		// add Subject Key Identifier extension
+		$tbs_cert = $tbs_cert->withAdditionalExtensions(
+			new SubjectKeyIdentifierExtension(false,
+				$cri->subjectPKInfo()
+					->keyIdentifier()));
+		return $tbs_cert;
+	}
+    
+	/**
+	 * Get self with fields set from the issuer's certificate.
+	 *
+	 * Issuer shall be set to issuing certificate's subject.
+	 * Authority key identifier extensions shall be added with a key identifier
+	 * set to issuing certificate's public key identifier.
+	 *
+	 * @param Certificate $cert Issuing party's certificate
+	 * @return self
+	 */
+	public function withIssuerCertificate(Certificate $cert): self
+	{
+		$obj = clone $this;
+		// set issuer DN from cert's subject
+		$obj->_issuer = $cert->tbsCertificate()->subject();
+		// add authority key identifier extension
+		$key_id = $cert->tbsCertificate()
+			->subjectPublicKeyInfo()
+			->keyIdentifier();
+		$obj->_extensions = $obj->_extensions->withExtensions(
+			new AuthorityKeyIdentifierExtension(false, $key_id));
+		return $obj;
+	}
+    
+	/**
+	 * Get self with given version.
+	 *
+	 * If version is not set, appropriate version is automatically
+	 * determined during signing.
+	 *
+	 * @param int $version
+	 * @return self
+	 */
+	public function withVersion(int $version): self
+	{
+		$obj = clone $this;
+		$obj->_version = $version;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with given serial number.
+	 *
+	 * @param int|string $serial Base 10 number
+	 * @return self
+	 */
+	public function withSerialNumber($serial): self
+	{
+		$obj = clone $this;
+		$obj->_serialNumber = strval($serial);
+		return $obj;
+	}
+    
+	/**
+	 * Get self with random positive serial number.
+	 *
+	 * @param int $size Number of random bytes
+	 * @return self
+	 */
+	public function withRandomSerialNumber(int $size = 16): self
+	{
+		// ensure that first byte is always non-zero and having first bit unset
+		$num = gmp_init(mt_rand(1, 0x7f), 10);
+		for ($i = 1; $i < $size; ++$i) {
+			$num <<= 8;
+			$num += mt_rand(0, 0xff);
+		}
+		return $this->withSerialNumber(gmp_strval($num, 10));
+	}
+    
+	/**
+	 * Get self with given signature algorithm.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo
+	 * @return self
+	 */
+	public function withSignature(SignatureAlgorithmIdentifier $algo): self
+	{
+		$obj = clone $this;
+		$obj->_signature = $algo;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with given issuer.
+	 *
+	 * @param Name $issuer
+	 * @return self
+	 */
+	public function withIssuer(Name $issuer): self
+	{
+		$obj = clone $this;
+		$obj->_issuer = $issuer;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with given validity.
+	 *
+	 * @param Validity $validity
+	 * @return self
+	 */
+	public function withValidity(Validity $validity): self
+	{
+		$obj = clone $this;
+		$obj->_validity = $validity;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with given subject.
+	 *
+	 * @param Name $subject
+	 * @return self
+	 */
+	public function withSubject(Name $subject): self
+	{
+		$obj = clone $this;
+		$obj->_subject = $subject;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with given subject public key info.
+	 *
+	 * @param PublicKeyInfo $pub_key_info
+	 * @return self
+	 */
+	public function withSubjectPublicKeyInfo(PublicKeyInfo $pub_key_info): self
+	{
+		$obj = clone $this;
+		$obj->_subjectPublicKeyInfo = $pub_key_info;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with issuer unique ID.
+	 *
+	 * @param UniqueIdentifier $id
+	 * @return self
+	 */
+	public function withIssuerUniqueID(UniqueIdentifier $id): self
+	{
+		$obj = clone $this;
+		$obj->_issuerUniqueID = $id;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with subject unique ID.
+	 *
+	 * @param UniqueIdentifier $id
+	 * @return self
+	 */
+	public function withSubjectUniqueID(UniqueIdentifier $id): self
+	{
+		$obj = clone $this;
+		$obj->_subjectUniqueID = $id;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with given extensions.
+	 *
+	 * @param Extensions $extensions
+	 * @return self
+	 */
+	public function withExtensions(Extensions $extensions): self
+	{
+		$obj = clone $this;
+		$obj->_extensions = $extensions;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with extensions added.
+	 *
+	 * @param Extension ...$exts One or more Extension objects
+	 * @return self
+	 */
+	public function withAdditionalExtensions(Extension ...$exts): self
+	{
+		$obj = clone $this;
+		$obj->_extensions = $obj->_extensions->withExtensions(...$exts);
+		return $obj;
+	}
+    
+	/**
+	 * Check whether version is set.
+	 *
+	 * @return bool
+	 */
+	public function hasVersion(): bool
+	{
+		return isset($this->_version);
+	}
+    
+	/**
+	 * Get certificate version.
+	 *
+	 * @return int
+	 */
+	public function version(): int
+	{
+		if (!$this->hasVersion()) {
+			throw new \LogicException("version not set.");
+		}
+		return $this->_version;
+	}
+    
+	/**
+	 * Check whether serial number is set.
+	 *
+	 * @return bool
+	 */
+	public function hasSerialNumber(): bool
+	{
+		return isset($this->_serialNumber);
+	}
+    
+	/**
+	 * Get serial number.
+	 *
+	 * @return string Base 10 integer
+	 */
+	public function serialNumber(): string
+	{
+		if (!$this->hasSerialNumber()) {
+			throw new \LogicException("serialNumber not set.");
+		}
+		return $this->_serialNumber;
+	}
+    
+	/**
+	 * Check whether signature algorithm is set.
+	 *
+	 * @return bool
+	 */
+	public function hasSignature(): bool
+	{
+		return isset($this->_signature);
+	}
+    
+	/**
+	 * Get signature algorithm.
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signature(): SignatureAlgorithmIdentifier
+	{
+		if (!$this->hasSignature()) {
+			throw new \LogicException("signature not set.");
+		}
+		return $this->_signature;
+	}
+    
+	/**
+	 * Get issuer.
+	 *
+	 * @return Name
+	 */
+	public function issuer(): Name
+	{
+		return $this->_issuer;
+	}
+    
+	/**
+	 * Get validity period.
+	 *
+	 * @return Validity
+	 */
+	public function validity(): Validity
+	{
+		return $this->_validity;
+	}
+    
+	/**
+	 * Get subject.
+	 *
+	 * @return Name
+	 */
+	public function subject(): Name
+	{
+		return $this->_subject;
+	}
+    
+	/**
+	 * Get subject public key.
+	 *
+	 * @return PublicKeyInfo
+	 */
+	public function subjectPublicKeyInfo(): PublicKeyInfo
+	{
+		return $this->_subjectPublicKeyInfo;
+	}
+    
+	/**
+	 * Whether issuer unique identifier is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerUniqueID(): bool
+	{
+		return isset($this->_issuerUniqueID);
+	}
+    
+	/**
+	 * Get issuerUniqueID.
+	 *
+	 * @return UniqueIdentifier
+	 */
+	public function issuerUniqueID(): UniqueIdentifier
+	{
+		if (!$this->hasIssuerUniqueID()) {
+			throw new \LogicException("issuerUniqueID not set.");
+		}
+		return $this->_issuerUniqueID;
+	}
+    
+	/**
+	 * Whether subject unique identifier is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSubjectUniqueID(): bool
+	{
+		return isset($this->_subjectUniqueID);
+	}
+    
+	/**
+	 * Get subjectUniqueID.
+	 *
+	 * @return UniqueIdentifier
+	 */
+	public function subjectUniqueID(): UniqueIdentifier
+	{
+		if (!$this->hasSubjectUniqueID()) {
+			throw new \LogicException("subjectUniqueID not set.");
+		}
+		return $this->_subjectUniqueID;
+	}
+    
+	/**
+	 * Get extensions.
+	 *
+	 * @return Extensions
+	 */
+	public function extensions(): Extensions
+	{
+		return $this->_extensions;
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array();
+		$version = $this->version();
+		// if version is not default
+		if ($version != self::VERSION_1) {
+			$elements[] = new ExplicitlyTaggedType(0, new Integer($version));
+		}
+		$serial = $this->serialNumber();
+		$signature = $this->signature();
+		// add required elements
+		array_push($elements, new Integer($serial), $signature->toASN1(),
+			$this->_issuer->toASN1(), $this->_validity->toASN1(),
+			$this->_subject->toASN1(), $this->_subjectPublicKeyInfo->toASN1());
+		if (isset($this->_issuerUniqueID)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				$this->_issuerUniqueID->toASN1());
+		}
+		if (isset($this->_subjectUniqueID)) {
+			$elements[] = new ImplicitlyTaggedType(2,
+				$this->_subjectUniqueID->toASN1());
+		}
+		if (count($this->_extensions)) {
+			$elements[] = new ExplicitlyTaggedType(3,
+				$this->_extensions->toASN1());
+		}
+		return new Sequence(...$elements);
+	}
+    
+	/**
+	 * Create signed certificate.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo Algorithm used for signing
+	 * @param PrivateKeyInfo $privkey_info Private key used for signing
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @return Certificate
+	 */
+	public function sign(SignatureAlgorithmIdentifier $algo,
+		PrivateKeyInfo $privkey_info, Crypto $crypto = null): Certificate
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$tbs_cert = clone $this;
+		if (!isset($tbs_cert->_version)) {
+			$tbs_cert->_version = $tbs_cert->_determineVersion();
+		}
+		if (!isset($tbs_cert->_serialNumber)) {
+			$tbs_cert->_serialNumber = strval(0);
+		}
+		$tbs_cert->_signature = $algo;
+		$data = $tbs_cert->toASN1()->toDER();
+		$signature = $crypto->sign($data, $privkey_info, $algo);
+		return new Certificate($tbs_cert, $algo, $signature);
+	}
+    
+	/**
+	 * Determine minimum version for the certificate.
+	 *
+	 * @return int
+	 */
+	protected function _determineVersion(): int
+	{
+		// if extensions are present
+		if (count($this->_extensions)) {
+			return self::VERSION_3;
+		}
+		// if UniqueIdentifier is present
+		if (isset($this->_issuerUniqueID) || isset($this->_subjectUniqueID)) {
+			return self::VERSION_2;
+		}
+		return self::VERSION_1;
+	}
 }

Please login to merge, or discard this patch.

Doc Comments +1 added lines patch added patch discarded remove patch

@@ -273,6 +273,7 @@
 block discarded – undo
      * Get self with extensions added.
      *
      * @param Extension ...$exts One or more Extension objects
+     * @param Extension[] $exts
      * @return self
      */
     public function withAdditionalExtensions(Extension ...$exts): self

Please login to merge, or discard this patch.

lib/X509/Certificate/Extension/PolicyMappingsExtension.php 2 patches

Spacing +3 added lines, -3 removed lines patch added patch discarded remove patch

@@ -45,7 +45,7 @@  discard block
 block discarded – undo
     protected static function _fromDER(string $data, bool $critical): self
     {
         $mappings = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return PolicyMapping::fromASN1($el->asSequence());
             }, Sequence::fromDER($data)->elements());
         if (!count($mappings)) {
@@ -66,7 +66,7 @@  discard block
 block discarded – undo
             throw new \LogicException("No mappings.");
         }
         $elements = array_map(
-            function (PolicyMapping $mapping) {
+            function(PolicyMapping $mapping) {
                 return $mapping->toASN1();
             }, $this->_mappings);
         return new Sequence(...$elements);
@@ -131,7 +131,7 @@  discard block
 block discarded – undo
     public function issuerDomainPolicies(): array
     {
         $idps = array_map(
-            function (PolicyMapping $mapping) {
+            function(PolicyMapping $mapping) {
                 return $mapping->issuerDomainPolicy();
             }, $this->_mappings);
         return array_values(array_unique($idps));

Please login to merge, or discard this patch.

Indentation +155 added lines, -155 removed lines patch added patch discarded remove patch

@@ -15,170 +15,170 @@
 block discarded – undo
  * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.5
  */
 class PolicyMappingsExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Policy mappings.
-     *
-     * @var PolicyMapping[] $_mappings
-     */
-    protected $_mappings;
+	/**
+	 * Policy mappings.
+	 *
+	 * @var PolicyMapping[] $_mappings
+	 */
+	protected $_mappings;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param PolicyMapping ...$mappings One or more PolicyMapping objects
-     */
-    public function __construct(bool $critical, PolicyMapping ...$mappings)
-    {
-        parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
-        $this->_mappings = $mappings;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param PolicyMapping ...$mappings One or more PolicyMapping objects
+	 */
+	public function __construct(bool $critical, PolicyMapping ...$mappings)
+	{
+		parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
+		$this->_mappings = $mappings;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $mappings = array_map(
-            function (UnspecifiedType $el) {
-                return PolicyMapping::fromASN1($el->asSequence());
-            }, Sequence::fromDER($data)->elements());
-        if (!count($mappings)) {
-            throw new \UnexpectedValueException(
-                "PolicyMappings must have at least one mapping.");
-        }
-        return new self($critical, ...$mappings);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$mappings = array_map(
+			function (UnspecifiedType $el) {
+				return PolicyMapping::fromASN1($el->asSequence());
+			}, Sequence::fromDER($data)->elements());
+		if (!count($mappings)) {
+			throw new \UnexpectedValueException(
+				"PolicyMappings must have at least one mapping.");
+		}
+		return new self($critical, ...$mappings);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        if (!count($this->_mappings)) {
-            throw new \LogicException("No mappings.");
-        }
-        $elements = array_map(
-            function (PolicyMapping $mapping) {
-                return $mapping->toASN1();
-            }, $this->_mappings);
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		if (!count($this->_mappings)) {
+			throw new \LogicException("No mappings.");
+		}
+		$elements = array_map(
+			function (PolicyMapping $mapping) {
+				return $mapping->toASN1();
+			}, $this->_mappings);
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Get all mappings.
-     *
-     * @return PolicyMapping[]
-     */
-    public function mappings(): array
-    {
-        return $this->_mappings;
-    }
+	/**
+	 * Get all mappings.
+	 *
+	 * @return PolicyMapping[]
+	 */
+	public function mappings(): array
+	{
+		return $this->_mappings;
+	}
     
-    /**
-     * Get mappings flattened into a single array of arrays of subject domains
-     * keyed by issuer domain.
-     *
-     * Eg. if policy mappings contains multiple mappings with the same issuer
-     * domain policy, their corresponding subject domain policies are placed
-     * under the same key.
-     *
-     * @return (string[])[]
-     */
-    public function flattenedMappings(): array
-    {
-        $mappings = array();
-        foreach ($this->_mappings as $mapping) {
-            $idp = $mapping->issuerDomainPolicy();
-            if (!isset($mappings[$idp])) {
-                $mappings[$idp] = array();
-            }
-            array_push($mappings[$idp], $mapping->subjectDomainPolicy());
-        }
-        return $mappings;
-    }
+	/**
+	 * Get mappings flattened into a single array of arrays of subject domains
+	 * keyed by issuer domain.
+	 *
+	 * Eg. if policy mappings contains multiple mappings with the same issuer
+	 * domain policy, their corresponding subject domain policies are placed
+	 * under the same key.
+	 *
+	 * @return (string[])[]
+	 */
+	public function flattenedMappings(): array
+	{
+		$mappings = array();
+		foreach ($this->_mappings as $mapping) {
+			$idp = $mapping->issuerDomainPolicy();
+			if (!isset($mappings[$idp])) {
+				$mappings[$idp] = array();
+			}
+			array_push($mappings[$idp], $mapping->subjectDomainPolicy());
+		}
+		return $mappings;
+	}
     
-    /**
-     * Get all subject domain policy OIDs that are mapped to given issuer
-     * domain policy OID.
-     *
-     * @param string $oid Issuer domain policy
-     * @return string[] List of OIDs in dotted format
-     */
-    public function issuerMappings(string $oid): array
-    {
-        $oids = array();
-        foreach ($this->_mappings as $mapping) {
-            if ($mapping->issuerDomainPolicy() == $oid) {
-                $oids[] = $mapping->subjectDomainPolicy();
-            }
-        }
-        return $oids;
-    }
+	/**
+	 * Get all subject domain policy OIDs that are mapped to given issuer
+	 * domain policy OID.
+	 *
+	 * @param string $oid Issuer domain policy
+	 * @return string[] List of OIDs in dotted format
+	 */
+	public function issuerMappings(string $oid): array
+	{
+		$oids = array();
+		foreach ($this->_mappings as $mapping) {
+			if ($mapping->issuerDomainPolicy() == $oid) {
+				$oids[] = $mapping->subjectDomainPolicy();
+			}
+		}
+		return $oids;
+	}
     
-    /**
-     * Get all mapped issuer domain policy OIDs.
-     *
-     * @return string[]
-     */
-    public function issuerDomainPolicies(): array
-    {
-        $idps = array_map(
-            function (PolicyMapping $mapping) {
-                return $mapping->issuerDomainPolicy();
-            }, $this->_mappings);
-        return array_values(array_unique($idps));
-    }
+	/**
+	 * Get all mapped issuer domain policy OIDs.
+	 *
+	 * @return string[]
+	 */
+	public function issuerDomainPolicies(): array
+	{
+		$idps = array_map(
+			function (PolicyMapping $mapping) {
+				return $mapping->issuerDomainPolicy();
+			}, $this->_mappings);
+		return array_values(array_unique($idps));
+	}
     
-    /**
-     * Check whether policy mappings have anyPolicy mapped.
-     *
-     * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
-     * to or from the special value anyPolicy".
-     *
-     * @return bool
-     */
-    public function hasAnyPolicyMapping(): bool
-    {
-        foreach ($this->_mappings as $mapping) {
-            if ($mapping->issuerDomainPolicy() ==
-                 PolicyInformation::OID_ANY_POLICY) {
-                return true;
-            }
-            if ($mapping->subjectDomainPolicy() ==
-                 PolicyInformation::OID_ANY_POLICY) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether policy mappings have anyPolicy mapped.
+	 *
+	 * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
+	 * to or from the special value anyPolicy".
+	 *
+	 * @return bool
+	 */
+	public function hasAnyPolicyMapping(): bool
+	{
+		foreach ($this->_mappings as $mapping) {
+			if ($mapping->issuerDomainPolicy() ==
+				 PolicyInformation::OID_ANY_POLICY) {
+				return true;
+			}
+			if ($mapping->subjectDomainPolicy() ==
+				 PolicyInformation::OID_ANY_POLICY) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Get the number of mappings.
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_mappings);
-    }
+	/**
+	 * Get the number of mappings.
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_mappings);
+	}
     
-    /**
-     * Get iterator for policy mappings.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_mappings);
-    }
+	/**
+	 * Get iterator for policy mappings.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_mappings);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/Extension/SubjectKeyIdentifierExtension.php 1 patch

Indentation +44 added lines, -44 removed lines patch added patch discarded remove patch

@@ -13,52 +13,52 @@
 block discarded – undo
  */
 class SubjectKeyIdentifierExtension extends Extension
 {
-    /**
-     * Key identifier.
-     *
-     * @var string $_keyIdentifier
-     */
-    protected $_keyIdentifier;
+	/**
+	 * Key identifier.
+	 *
+	 * @var string $_keyIdentifier
+	 */
+	protected $_keyIdentifier;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param string $keyIdentifier
-     */
-    public function __construct(bool $critical, string $keyIdentifier)
-    {
-        parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical);
-        $this->_keyIdentifier = $keyIdentifier;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param string $keyIdentifier
+	 */
+	public function __construct(bool $critical, string $keyIdentifier)
+	{
+		parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical);
+		$this->_keyIdentifier = $keyIdentifier;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        return new self($critical, OctetString::fromDER($data)->string());
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		return new self($critical, OctetString::fromDER($data)->string());
+	}
     
-    /**
-     * Get key identifier.
-     *
-     * @return string
-     */
-    public function keyIdentifier(): string
-    {
-        return $this->_keyIdentifier;
-    }
+	/**
+	 * Get key identifier.
+	 *
+	 * @return string
+	 */
+	public function keyIdentifier(): string
+	{
+		return $this->_keyIdentifier;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return OctetString
-     */
-    protected function _valueASN1(): OctetString
-    {
-        return new OctetString($this->_keyIdentifier);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return OctetString
+	 */
+	protected function _valueASN1(): OctetString
+	{
+		return new OctetString($this->_keyIdentifier);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/Extension/PolicyConstraintsExtension.php 1 patch

Indentation +113 added lines, -113 removed lines patch added patch discarded remove patch

@@ -16,125 +16,125 @@
 block discarded – undo
  */
 class PolicyConstraintsExtension extends Extension
 {
-    /**
-     *
-     * @var int $_requireExplicitPolicy
-     */
-    protected $_requireExplicitPolicy;
+	/**
+	 *
+	 * @var int $_requireExplicitPolicy
+	 */
+	protected $_requireExplicitPolicy;
     
-    /**
-     *
-     * @var int $_inhibitPolicyMapping
-     */
-    protected $_inhibitPolicyMapping;
+	/**
+	 *
+	 * @var int $_inhibitPolicyMapping
+	 */
+	protected $_inhibitPolicyMapping;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param int|null $require_explicit_policy
-     * @param int|null $inhibit_policy_mapping
-     */
-    public function __construct(bool $critical, $require_explicit_policy = null,
-        $inhibit_policy_mapping = null)
-    {
-        parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
-        $this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval(
-            $require_explicit_policy) : null;
-        $this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval(
-            $inhibit_policy_mapping) : null;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param int|null $require_explicit_policy
+	 * @param int|null $inhibit_policy_mapping
+	 */
+	public function __construct(bool $critical, $require_explicit_policy = null,
+		$inhibit_policy_mapping = null)
+	{
+		parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
+		$this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval(
+			$require_explicit_policy) : null;
+		$this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval(
+			$inhibit_policy_mapping) : null;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $seq = Sequence::fromDER($data);
-        $require_explicit_policy = null;
-        $inhibit_policy_mapping = null;
-        if ($seq->hasTagged(0)) {
-            $require_explicit_policy = $seq->getTagged(0)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->intNumber();
-        }
-        if ($seq->hasTagged(1)) {
-            $inhibit_policy_mapping = $seq->getTagged(1)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->intNumber();
-        }
-        return new self($critical, $require_explicit_policy,
-            $inhibit_policy_mapping);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$seq = Sequence::fromDER($data);
+		$require_explicit_policy = null;
+		$inhibit_policy_mapping = null;
+		if ($seq->hasTagged(0)) {
+			$require_explicit_policy = $seq->getTagged(0)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->intNumber();
+		}
+		if ($seq->hasTagged(1)) {
+			$inhibit_policy_mapping = $seq->getTagged(1)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->intNumber();
+		}
+		return new self($critical, $require_explicit_policy,
+			$inhibit_policy_mapping);
+	}
     
-    /**
-     * Whether requireExplicitPolicy is present.
-     *
-     * @return bool
-     */
-    public function hasRequireExplicitPolicy(): bool
-    {
-        return isset($this->_requireExplicitPolicy);
-    }
+	/**
+	 * Whether requireExplicitPolicy is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRequireExplicitPolicy(): bool
+	{
+		return isset($this->_requireExplicitPolicy);
+	}
     
-    /**
-     * Get requireExplicitPolicy.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function requireExplicitPolicy(): int
-    {
-        if (!$this->hasRequireExplicitPolicy()) {
-            throw new \LogicException("requireExplicitPolicy not set.");
-        }
-        return $this->_requireExplicitPolicy;
-    }
+	/**
+	 * Get requireExplicitPolicy.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function requireExplicitPolicy(): int
+	{
+		if (!$this->hasRequireExplicitPolicy()) {
+			throw new \LogicException("requireExplicitPolicy not set.");
+		}
+		return $this->_requireExplicitPolicy;
+	}
     
-    /**
-     * Whether inhibitPolicyMapping is present.
-     *
-     * @return bool
-     */
-    public function hasInhibitPolicyMapping(): bool
-    {
-        return isset($this->_inhibitPolicyMapping);
-    }
+	/**
+	 * Whether inhibitPolicyMapping is present.
+	 *
+	 * @return bool
+	 */
+	public function hasInhibitPolicyMapping(): bool
+	{
+		return isset($this->_inhibitPolicyMapping);
+	}
     
-    /**
-     * Get inhibitPolicyMapping.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function inhibitPolicyMapping(): int
-    {
-        if (!$this->hasInhibitPolicyMapping()) {
-            throw new \LogicException("inhibitPolicyMapping not set.");
-        }
-        return $this->_inhibitPolicyMapping;
-    }
+	/**
+	 * Get inhibitPolicyMapping.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function inhibitPolicyMapping(): int
+	{
+		if (!$this->hasInhibitPolicyMapping()) {
+			throw new \LogicException("inhibitPolicyMapping not set.");
+		}
+		return $this->_inhibitPolicyMapping;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        $elements = array();
-        if (isset($this->_requireExplicitPolicy)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                new Integer($this->_requireExplicitPolicy));
-        }
-        if (isset($this->_inhibitPolicyMapping)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                new Integer($this->_inhibitPolicyMapping));
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		$elements = array();
+		if (isset($this->_requireExplicitPolicy)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				new Integer($this->_requireExplicitPolicy));
+		}
+		if (isset($this->_inhibitPolicyMapping)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				new Integer($this->_inhibitPolicyMapping));
+		}
+		return new Sequence(...$elements);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/Extension/CertificatePoliciesExtension.php 2 patches

Indentation +122 added lines, -122 removed lines patch added patch discarded remove patch

@@ -14,136 +14,136 @@
 block discarded – undo
  * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.4
  */
 class CertificatePoliciesExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Policy information terms.
-     *
-     * @var PolicyInformation[] $_policies
-     */
-    protected $_policies;
+	/**
+	 * Policy information terms.
+	 *
+	 * @var PolicyInformation[] $_policies
+	 */
+	protected $_policies;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param PolicyInformation ...$policies
-     */
-    public function __construct(bool $critical, PolicyInformation ...$policies)
-    {
-        parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
-        $this->_policies = [];
-        foreach ($policies as $policy) {
-            $this->_policies[$policy->oid()] = $policy;
-        }
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param PolicyInformation ...$policies
+	 */
+	public function __construct(bool $critical, PolicyInformation ...$policies)
+	{
+		parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
+		$this->_policies = [];
+		foreach ($policies as $policy) {
+			$this->_policies[$policy->oid()] = $policy;
+		}
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $policies = array_map(
-            function (UnspecifiedType $el) {
-                return PolicyInformation::fromASN1($el->asSequence());
-            }, Sequence::fromDER($data)->elements());
-        if (!count($policies)) {
-            throw new \UnexpectedValueException(
-                "certificatePolicies must contain" .
-                     " at least one PolicyInformation.");
-        }
-        return new self($critical, ...$policies);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$policies = array_map(
+			function (UnspecifiedType $el) {
+				return PolicyInformation::fromASN1($el->asSequence());
+			}, Sequence::fromDER($data)->elements());
+		if (!count($policies)) {
+			throw new \UnexpectedValueException(
+				"certificatePolicies must contain" .
+					 " at least one PolicyInformation.");
+		}
+		return new self($critical, ...$policies);
+	}
     
-    /**
-     * Check whether policy information by OID is present.
-     *
-     * @param string $oid
-     * @return bool
-     */
-    public function has(string $oid): bool
-    {
-        return isset($this->_policies[$oid]);
-    }
+	/**
+	 * Check whether policy information by OID is present.
+	 *
+	 * @param string $oid
+	 * @return bool
+	 */
+	public function has(string $oid): bool
+	{
+		return isset($this->_policies[$oid]);
+	}
     
-    /**
-     * Get policy information by OID.
-     *
-     * @param string $oid
-     * @throws \LogicException
-     * @return PolicyInformation
-     */
-    public function get(string $oid): PolicyInformation
-    {
-        if (!$this->has($oid)) {
-            throw new \LogicException("Not certificate policy by OID $oid.");
-        }
-        return $this->_policies[$oid];
-    }
+	/**
+	 * Get policy information by OID.
+	 *
+	 * @param string $oid
+	 * @throws \LogicException
+	 * @return PolicyInformation
+	 */
+	public function get(string $oid): PolicyInformation
+	{
+		if (!$this->has($oid)) {
+			throw new \LogicException("Not certificate policy by OID $oid.");
+		}
+		return $this->_policies[$oid];
+	}
     
-    /**
-     * Check whether anyPolicy is present.
-     *
-     * @return bool
-     */
-    public function hasAnyPolicy(): bool
-    {
-        return $this->has(PolicyInformation::OID_ANY_POLICY);
-    }
+	/**
+	 * Check whether anyPolicy is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAnyPolicy(): bool
+	{
+		return $this->has(PolicyInformation::OID_ANY_POLICY);
+	}
     
-    /**
-     * Get anyPolicy information.
-     *
-     * @throws \LogicException If anyPolicy is not present.
-     * @return PolicyInformation
-     */
-    public function anyPolicy(): PolicyInformation
-    {
-        if (!$this->hasAnyPolicy()) {
-            throw new \LogicException("No anyPolicy.");
-        }
-        return $this->get(PolicyInformation::OID_ANY_POLICY);
-    }
+	/**
+	 * Get anyPolicy information.
+	 *
+	 * @throws \LogicException If anyPolicy is not present.
+	 * @return PolicyInformation
+	 */
+	public function anyPolicy(): PolicyInformation
+	{
+		if (!$this->hasAnyPolicy()) {
+			throw new \LogicException("No anyPolicy.");
+		}
+		return $this->get(PolicyInformation::OID_ANY_POLICY);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        if (!count($this->_policies)) {
-            throw new \LogicException("No policies.");
-        }
-        $elements = array_map(
-            function (PolicyInformation $pi) {
-                return $pi->toASN1();
-            }, array_values($this->_policies));
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		if (!count($this->_policies)) {
+			throw new \LogicException("No policies.");
+		}
+		$elements = array_map(
+			function (PolicyInformation $pi) {
+				return $pi->toASN1();
+			}, array_values($this->_policies));
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Get the number of policies.
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_policies);
-    }
+	/**
+	 * Get the number of policies.
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_policies);
+	}
     
-    /**
-     * Get iterator for policy information terms.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_policies);
-    }
+	/**
+	 * Get iterator for policy information terms.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_policies);
+	}
 }

Please login to merge, or discard this patch.

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -47,7 +47,7 @@  discard block
 block discarded – undo
     protected static function _fromDER(string $data, bool $critical): self
     {
         $policies = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return PolicyInformation::fromASN1($el->asSequence());
             }, Sequence::fromDER($data)->elements());
         if (!count($policies)) {
@@ -119,7 +119,7 @@  discard block
 block discarded – undo
             throw new \LogicException("No policies.");
         }
         $elements = array_map(
-            function (PolicyInformation $pi) {
+            function(PolicyInformation $pi) {
                 return $pi->toASN1();
             }, array_values($this->_policies));
         return new Sequence(...$elements);

Please login to merge, or discard this patch.

		@@ -273,6 +273,7 @@
		block discarded – undo
273	273	* Get self with extensions added.
274	274	*
275	275	* @param Extension ...$exts One or more Extension objects
	276	+ * @param Extension[] $exts
276	277	* @return self
277	278	*/
278	279	public function withAdditionalExtensions(Extension ...$exts): self

GitHub Access Token became invalid

Push — master ( f7ba31...da62d3 )

Status

Category

Indentation +75 added lines, -75 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Indentation +189 added lines, -189 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +410 added lines, -410 removed lines patch added patch discarded remove patch

Indentation +231 added lines, -231 removed lines patch added patch discarded remove patch

Indentation +606 added lines, -606 removed lines patch added patch discarded remove patch

Doc Comments +1 added lines patch added patch discarded remove patch

Spacing +3 added lines, -3 removed lines patch added patch discarded remove patch

Indentation +155 added lines, -155 removed lines patch added patch discarded remove patch

Indentation +44 added lines, -44 removed lines patch added patch discarded remove patch

Indentation +113 added lines, -113 removed lines patch added patch discarded remove patch

Indentation +122 added lines, -122 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

		@@ -13,86 +13,86 @@
		block discarded – undo
13	13	*/
14	14	class Validity
15	15	{
16		- /**
17		- * Not before time.
18		- *
19		- * @var Time $_notBefore
20		- */
21		- protected $_notBefore;
	16	+ /**
	17	+ * Not before time.
	18	+ *
	19	+ * @var Time $_notBefore
	20	+ */
	21	+ protected $_notBefore;
22	22
23		- /**
24		- * Not after time.
25		- *
26		- * @var Time $_notAfter
27		- */
28		- protected $_notAfter;
	23	+ /**
	24	+ * Not after time.
	25	+ *
	26	+ * @var Time $_notAfter
	27	+ */
	28	+ protected $_notAfter;
29	29
30		- /**
31		- * Constructor.
32		- *
33		- * @param Time $not_before
34		- * @param Time $not_after
35		- */
36		- public function __construct(Time $not_before, Time $not_after)
37		- {
38		- $this->_notBefore = $not_before;
39		- $this->_notAfter = $not_after;
40		- }
	30	+ /**
	31	+ * Constructor.
	32	+ *
	33	+ * @param Time $not_before
	34	+ * @param Time $not_after
	35	+ */
	36	+ public function __construct(Time $not_before, Time $not_after)
	37	+ {
	38	+ $this->_notBefore = $not_before;
	39	+ $this->_notAfter = $not_after;
	40	+ }
41	41
42		- /**
43		- * Initialize from ASN.1.
44		- *
45		- * @param Sequence $seq
46		- */
47		- public static function fromASN1(Sequence $seq): self
48		- {
49		- $nb = Time::fromASN1($seq->at(0)->asTime());
50		- $na = Time::fromASN1($seq->at(1)->asTime());
51		- return new self($nb, $na);
52		- }
	42	+ /**
	43	+ * Initialize from ASN.1.
	44	+ *
	45	+ * @param Sequence $seq
	46	+ */
	47	+ public static function fromASN1(Sequence $seq): self
	48	+ {
	49	+ $nb = Time::fromASN1($seq->at(0)->asTime());
	50	+ $na = Time::fromASN1($seq->at(1)->asTime());
	51	+ return new self($nb, $na);
	52	+ }
53	53
54		- /**
55		- * Initialize from date strings.
56		- *
57		- * @param string\|null $nb_date Not before date
58		- * @param string\|null $na_date Not after date
59		- * @param string\|null $tz Timezone string
60		- * @return self
61		- */
62		- public static function fromStrings($nb_date, $na_date, $tz = null): self
63		- {
64		- return new self(Time::fromString($nb_date, $tz),
65		- Time::fromString($na_date, $tz));
66		- }
	54	+ /**
	55	+ * Initialize from date strings.
	56	+ *
	57	+ * @param string\|null $nb_date Not before date
	58	+ * @param string\|null $na_date Not after date
	59	+ * @param string\|null $tz Timezone string
	60	+ * @return self
	61	+ */
	62	+ public static function fromStrings($nb_date, $na_date, $tz = null): self
	63	+ {
	64	+ return new self(Time::fromString($nb_date, $tz),
	65	+ Time::fromString($na_date, $tz));
	66	+ }
67	67
68		- /**
69		- * Get not before time.
70		- *
71		- * @return Time
72		- */
73		- public function notBefore(): Time
74		- {
75		- return $this->_notBefore;
76		- }
	68	+ /**
	69	+ * Get not before time.
	70	+ *
	71	+ * @return Time
	72	+ */
	73	+ public function notBefore(): Time
	74	+ {
	75	+ return $this->_notBefore;
	76	+ }
77	77
78		- /**
79		- * Get not after time.
80		- *
81		- * @return Time
82		- */
83		- public function notAfter(): Time
84		- {
85		- return $this->_notAfter;
86		- }
	78	+ /**
	79	+ * Get not after time.
	80	+ *
	81	+ * @return Time
	82	+ */
	83	+ public function notAfter(): Time
	84	+ {
	85	+ return $this->_notAfter;
	86	+ }
87	87
88		- /**
89		- * Generate ASN.1 structure.
90		- *
91		- * @return Sequence
92		- */
93		- public function toASN1(): Sequence
94		- {
95		- return new Sequence($this->_notBefore->toASN1(),
96		- $this->_notAfter->toASN1());
97		- }
	88	+ /**
	89	+ * Generate ASN.1 structure.
	90	+ *
	91	+ * @return Sequence
	92	+ */
	93	+ public function toASN1(): Sequence
	94	+ {
	95	+ return new Sequence($this->_notBefore->toASN1(),
	96	+ $this->_notAfter->toASN1());
	97	+ }
98	98	}

		@@ -53,7 +53,7 @@
		block discarded – undo
53	53	public static function fromPEMs(PEM ...$pems): self
54	54	{
55	55	$certs = array_map(
56		- function ($pem) {
	56	+ function($pem) {
57	57	return Certificate::fromPEM($pem);
58	58	}, $pems);
59	59	return new self(...$certs);

		@@ -12,208 +12,208 @@
		block discarded – undo
12	12	*/
13	13	class CertificateBundle implements \Countable, \IteratorAggregate
14	14	{
15		- /**
16		- * Certificates.
17		- *
18		- * @var Certificate[] $_certs
19		- */
20		- protected $_certs;
	15	+ /**
	16	+ * Certificates.
	17	+ *
	18	+ * @var Certificate[] $_certs
	19	+ */
	20	+ protected $_certs;
21	21
22		- /**
23		- * Mapping from public key id to array of certificates.
24		- *
25		- * @var null\|(Certificate[])[]
26		- */
27		- private $_keyIdMap;
	22	+ /**
	23	+ * Mapping from public key id to array of certificates.
	24	+ *
	25	+ * @var null\|(Certificate[])[]
	26	+ */
	27	+ private $_keyIdMap;
28	28
29		- /**
30		- * Constructor.
31		- *
32		- * @param Certificate ...$certs Certificate objects
33		- */
34		- public function __construct(Certificate ...$certs)
35		- {
36		- $this->_certs = $certs;
37		- }
	29	+ /**
	30	+ * Constructor.
	31	+ *
	32	+ * @param Certificate ...$certs Certificate objects
	33	+ */
	34	+ public function __construct(Certificate ...$certs)
	35	+ {
	36	+ $this->_certs = $certs;
	37	+ }
38	38
39		- /**
40		- * Reset internal cached variables on clone.
41		- */
42		- public function __clone()
43		- {
44		- $this->_keyIdMap = null;
45		- }
	39	+ /**
	40	+ * Reset internal cached variables on clone.
	41	+ */
	42	+ public function __clone()
	43	+ {
	44	+ $this->_keyIdMap = null;
	45	+ }
46	46
47		- /**
48		- * Initialize from PEMs.
49		- *
50		- * @param PEM ...$pems PEM objects
51		- * @return self
52		- */
53		- public static function fromPEMs(PEM ...$pems): self
54		- {
55		- $certs = array_map(
56		- function ($pem) {
57		- return Certificate::fromPEM($pem);
58		- }, $pems);
59		- return new self(...$certs);
60		- }
	47	+ /**
	48	+ * Initialize from PEMs.
	49	+ *
	50	+ * @param PEM ...$pems PEM objects
	51	+ * @return self
	52	+ */
	53	+ public static function fromPEMs(PEM ...$pems): self
	54	+ {
	55	+ $certs = array_map(
	56	+ function ($pem) {
	57	+ return Certificate::fromPEM($pem);
	58	+ }, $pems);
	59	+ return new self(...$certs);
	60	+ }
61	61
62		- /**
63		- * Initialize from PEM bundle.
64		- *
65		- * @param PEMBundle $pem_bundle
66		- * @return self
67		- */
68		- public static function fromPEMBundle(PEMBundle $pem_bundle): self
69		- {
70		- return self::fromPEMs(...$pem_bundle->all());
71		- }
	62	+ /**
	63	+ * Initialize from PEM bundle.
	64	+ *
	65	+ * @param PEMBundle $pem_bundle
	66	+ * @return self
	67	+ */
	68	+ public static function fromPEMBundle(PEMBundle $pem_bundle): self
	69	+ {
	70	+ return self::fromPEMs(...$pem_bundle->all());
	71	+ }
72	72
73		- /**
74		- * Get self with certificates added.
75		- *
76		- * @param Certificate ...$cert
77		- * @return self
78		- */
79		- public function withCertificates(Certificate ...$cert): self
80		- {
81		- $obj = clone $this;
82		- $obj->_certs = array_merge($obj->_certs, $cert);
83		- return $obj;
84		- }
	73	+ /**
	74	+ * Get self with certificates added.
	75	+ *
	76	+ * @param Certificate ...$cert
	77	+ * @return self
	78	+ */
	79	+ public function withCertificates(Certificate ...$cert): self
	80	+ {
	81	+ $obj = clone $this;
	82	+ $obj->_certs = array_merge($obj->_certs, $cert);
	83	+ return $obj;
	84	+ }
85	85
86		- /**
87		- * Get self with certificates from PEMBundle added.
88		- *
89		- * @param PEMBundle $pem_bundle
90		- * @return self
91		- */
92		- public function withPEMBundle(PEMBundle $pem_bundle): self
93		- {
94		- $certs = $this->_certs;
95		- foreach ($pem_bundle as $pem) {
96		- $certs[] = Certificate::fromPEM($pem);
97		- }
98		- return new self(...$certs);
99		- }
	86	+ /**
	87	+ * Get self with certificates from PEMBundle added.
	88	+ *
	89	+ * @param PEMBundle $pem_bundle
	90	+ * @return self
	91	+ */
	92	+ public function withPEMBundle(PEMBundle $pem_bundle): self
	93	+ {
	94	+ $certs = $this->_certs;
	95	+ foreach ($pem_bundle as $pem) {
	96	+ $certs[] = Certificate::fromPEM($pem);
	97	+ }
	98	+ return new self(...$certs);
	99	+ }
100	100
101		- /**
102		- * Get self with single certificate from PEM added.
103		- *
104		- * @param PEM $pem
105		- * @return self
106		- */
107		- public function withPEM(PEM $pem): self
108		- {
109		- $certs = $this->_certs;
110		- $certs[] = Certificate::fromPEM($pem);
111		- return new self(...$certs);
112		- }
	101	+ /**
	102	+ * Get self with single certificate from PEM added.
	103	+ *
	104	+ * @param PEM $pem
	105	+ * @return self
	106	+ */
	107	+ public function withPEM(PEM $pem): self
	108	+ {
	109	+ $certs = $this->_certs;
	110	+ $certs[] = Certificate::fromPEM($pem);
	111	+ return new self(...$certs);
	112	+ }
113	113
114		- /**
115		- * Check whether bundle contains a given certificate.
116		- *
117		- * @param Certificate $cert
118		- * @return bool
119		- */
120		- public function contains(Certificate $cert): bool
121		- {
122		- $id = self::_getCertKeyId($cert);
123		- $map = $this->_getKeyIdMap();
124		- if (!isset($map[$id])) {
125		- return false;
126		- }
127		- foreach ($map[$id] as $c) {
128		- /** @var Certificate $c */
129		- if ($cert->equals($c)) {
130		- return true;
131		- }
132		- }
133		- return false;
134		- }
	114	+ /**
	115	+ * Check whether bundle contains a given certificate.
	116	+ *
	117	+ * @param Certificate $cert
	118	+ * @return bool
	119	+ */
	120	+ public function contains(Certificate $cert): bool
	121	+ {
	122	+ $id = self::_getCertKeyId($cert);
	123	+ $map = $this->_getKeyIdMap();
	124	+ if (!isset($map[$id])) {
	125	+ return false;
	126	+ }
	127	+ foreach ($map[$id] as $c) {
	128	+ /** @var Certificate $c */
	129	+ if ($cert->equals($c)) {
	130	+ return true;
	131	+ }
	132	+ }
	133	+ return false;
	134	+ }
135	135
136		- /**
137		- * Get all certificates that have given subject key identifier.
138		- *
139		- * @param string $id
140		- * @return Certificate[]
141		- */
142		- public function allBySubjectKeyIdentifier(string $id): array
143		- {
144		- $map = $this->_getKeyIdMap();
145		- if (!isset($map[$id])) {
146		- return array();
147		- }
148		- return $map[$id];
149		- }
	136	+ /**
	137	+ * Get all certificates that have given subject key identifier.
	138	+ *
	139	+ * @param string $id
	140	+ * @return Certificate[]
	141	+ */
	142	+ public function allBySubjectKeyIdentifier(string $id): array
	143	+ {
	144	+ $map = $this->_getKeyIdMap();
	145	+ if (!isset($map[$id])) {
	146	+ return array();
	147	+ }
	148	+ return $map[$id];
	149	+ }
150	150
151		- /**
152		- * Get all certificates in a bundle.
153		- *
154		- * @return Certificate[]
155		- */
156		- public function all(): array
157		- {
158		- return $this->_certs;
159		- }
	151	+ /**
	152	+ * Get all certificates in a bundle.
	153	+ *
	154	+ * @return Certificate[]
	155	+ */
	156	+ public function all(): array
	157	+ {
	158	+ return $this->_certs;
	159	+ }
160	160
161		- /**
162		- * Get certificate mapping by public key id.
163		- *
164		- * @return (Certificate[])[]
165		- */
166		- private function _getKeyIdMap(): array
167		- {
168		- // lazily build mapping
169		- if (!isset($this->_keyIdMap)) {
170		- $this->_keyIdMap = array();
171		- foreach ($this->_certs as $cert) {
172		- $id = self::_getCertKeyId($cert);
173		- if (!isset($this->_keyIdMap[$id])) {
174		- $this->_keyIdMap[$id] = array();
175		- }
176		- array_push($this->_keyIdMap[$id], $cert);
177		- }
178		- }
179		- return $this->_keyIdMap;
180		- }
	161	+ /**
	162	+ * Get certificate mapping by public key id.
	163	+ *
	164	+ * @return (Certificate[])[]
	165	+ */
	166	+ private function _getKeyIdMap(): array
	167	+ {
	168	+ // lazily build mapping
	169	+ if (!isset($this->_keyIdMap)) {
	170	+ $this->_keyIdMap = array();
	171	+ foreach ($this->_certs as $cert) {
	172	+ $id = self::_getCertKeyId($cert);
	173	+ if (!isset($this->_keyIdMap[$id])) {
	174	+ $this->_keyIdMap[$id] = array();
	175	+ }
	176	+ array_push($this->_keyIdMap[$id], $cert);
	177	+ }
	178	+ }
	179	+ return $this->_keyIdMap;
	180	+ }
181	181
182		- /**
183		- * Get public key id for the certificate.
184		- *
185		- * @param Certificate $cert
186		- * @return string
187		- */
188		- private static function _getCertKeyId(Certificate $cert): string
189		- {
190		- $exts = $cert->tbsCertificate()->extensions();
191		- if ($exts->hasSubjectKeyIdentifier()) {
192		- return $exts->subjectKeyIdentifier()->keyIdentifier();
193		- }
194		- return $cert->tbsCertificate()
195		- ->subjectPublicKeyInfo()
196		- ->keyIdentifier();
197		- }
	182	+ /**
	183	+ * Get public key id for the certificate.
	184	+ *
	185	+ * @param Certificate $cert
	186	+ * @return string
	187	+ */
	188	+ private static function _getCertKeyId(Certificate $cert): string
	189	+ {
	190	+ $exts = $cert->tbsCertificate()->extensions();
	191	+ if ($exts->hasSubjectKeyIdentifier()) {
	192	+ return $exts->subjectKeyIdentifier()->keyIdentifier();
	193	+ }
	194	+ return $cert->tbsCertificate()
	195	+ ->subjectPublicKeyInfo()
	196	+ ->keyIdentifier();
	197	+ }
198	198
199		- /**
200		- *
201		- * @see \Countable::count()
202		- * @return int
203		- */
204		- public function count(): int
205		- {
206		- return count($this->_certs);
207		- }
	199	+ /**
	200	+ *
	201	+ * @see \Countable::count()
	202	+ * @return int
	203	+ */
	204	+ public function count(): int
	205	+ {
	206	+ return count($this->_certs);
	207	+ }
208	208
209		- /**
210		- * Get iterator for certificates.
211		- *
212		- * @see \IteratorAggregate::getIterator()
213		- * @return \ArrayIterator
214		- */
215		- public function getIterator(): \ArrayIterator
216		- {
217		- return new \ArrayIterator($this->_certs);
218		- }
	209	+ /**
	210	+ * Get iterator for certificates.
	211	+ *
	212	+ * @see \IteratorAggregate::getIterator()
	213	+ * @return \ArrayIterator
	214	+ */
	215	+ public function getIterator(): \ArrayIterator
	216	+ {
	217	+ return new \ArrayIterator($this->_certs);
	218	+ }
219	219	}

		@@ -47,7 +47,7 @@ discard block
		block discarded – undo
47	47	public static function fromASN1(Sequence $seq): self
48	48	{
49	49	$extensions = array_map(
50		- function (UnspecifiedType $el) {
	50	+ function(UnspecifiedType $el) {
51	51	return Ext\Extension::fromASN1($el->asSequence());
52	52	}, $seq->elements());
53	53	return new self(...$extensions);
		@@ -62,7 +62,7 @@ discard block
		block discarded – undo
62	62	{
63	63	$elements = array_values(
64	64	array_map(
65		- function ($ext) {
	65	+ function($ext) {
66	66	return $ext->toASN1();
67	67	}, $this->_extensions));
68	68	return new Sequence(...$elements);

		@@ -19,235 +19,235 @@
		block discarded – undo
19	19	*/
20	20	class Certificate
21	21	{
22		- /**
23		- * "To be signed" certificate information.
24		- *
25		- * @var TBSCertificate $_tbsCertificate
26		- */
27		- protected $_tbsCertificate;
28		-
29		- /**
30		- * Signature algorithm.
31		- *
32		- * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
33		- */
34		- protected $_signatureAlgorithm;
35		-
36		- /**
37		- * Signature value.
38		- *
39		- * @var Signature $_signatureValue
40		- */
41		- protected $_signatureValue;
42		-
43		- /**
44		- * Constructor.
45		- *
46		- * @param TBSCertificate $tbsCert
47		- * @param SignatureAlgorithmIdentifier $algo
48		- * @param Signature $signature
49		- */
50		- public function __construct(TBSCertificate $tbsCert,
51		- SignatureAlgorithmIdentifier $algo, Signature $signature)
52		- {
53		- $this->_tbsCertificate = $tbsCert;
54		- $this->_signatureAlgorithm = $algo;
55		- $this->_signatureValue = $signature;
56		- }
57		-
58		- /**
59		- * Initialize from ASN.1.
60		- *
61		- * @param Sequence $seq
62		- * @return self
63		- */
64		- public static function fromASN1(Sequence $seq): self
65		- {
66		- $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
67		- $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
68		- if (!$algo instanceof SignatureAlgorithmIdentifier) {
69		- throw new \UnexpectedValueException(
70		- "Unsupported signature algorithm " . $algo->oid() . ".");
71		- }
72		- $signature = Signature::fromSignatureData(
73		- $seq->at(2)
74		- ->asBitString()
75		- ->string(), $algo);
76		- return new self($tbsCert, $algo, $signature);
77		- }
78		-
79		- /**
80		- * Initialize from DER.
81		- *
82		- * @param string $data
83		- * @return self
84		- */
85		- public static function fromDER(string $data): self
86		- {
87		- return self::fromASN1(Sequence::fromDER($data));
88		- }
89		-
90		- /**
91		- * Initialize from PEM.
92		- *
93		- * @param PEM $pem
94		- * @throws \UnexpectedValueException
95		- * @return self
96		- */
97		- public static function fromPEM(PEM $pem): self
98		- {
99		- if ($pem->type() != PEM::TYPE_CERTIFICATE) {
100		- throw new \UnexpectedValueException("Invalid PEM type.");
101		- }
102		- return self::fromDER($pem->data());
103		- }
104		-
105		- /**
106		- * Get certificate information.
107		- *
108		- * @return TBSCertificate
109		- */
110		- public function tbsCertificate(): TBSCertificate
111		- {
112		- return $this->_tbsCertificate;
113		- }
114		-
115		- /**
116		- * Get signature algorithm.
117		- *
118		- * @return SignatureAlgorithmIdentifier
119		- */
120		- public function signatureAlgorithm(): SignatureAlgorithmIdentifier
121		- {
122		- return $this->_signatureAlgorithm;
123		- }
124		-
125		- /**
126		- * Get signature value.
127		- *
128		- * @return Signature
129		- */
130		- public function signatureValue(): Signature
131		- {
132		- return $this->_signatureValue;
133		- }
134		-
135		- /**
136		- * Check whether certificate is self-issued.
137		- *
138		- * @return bool
139		- */
140		- public function isSelfIssued(): bool
141		- {
142		- return $this->_tbsCertificate->subject()->equals(
143		- $this->_tbsCertificate->issuer());
144		- }
145		-
146		- /**
147		- * Check whether certificate is semantically equal to another.
148		- *
149		- * @param Certificate $cert Certificate to compare to
150		- * @return bool
151		- */
152		- public function equals(Certificate $cert): bool
153		- {
154		- return $this->_hasEqualSerialNumber($cert) &&
155		- $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
156		- }
157		-
158		- /**
159		- * Check whether certificate has serial number equal to another.
160		- *
161		- * @param Certificate $cert
162		- * @return bool
163		- */
164		- private function _hasEqualSerialNumber(Certificate $cert): bool
165		- {
166		- $sn1 = $this->_tbsCertificate->serialNumber();
167		- $sn2 = $cert->_tbsCertificate->serialNumber();
168		- return $sn1 == $sn2;
169		- }
170		-
171		- /**
172		- * Check whether certificate has public key equal to another.
173		- *
174		- * @param Certificate $cert
175		- * @return bool
176		- */
177		- private function _hasEqualPublicKey(Certificate $cert): bool
178		- {
179		- $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
180		- $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
181		- return $kid1 == $kid2;
182		- }
183		-
184		- /**
185		- * Check whether certificate has subject equal to another.
186		- *
187		- * @param Certificate $cert
188		- * @return bool
189		- */
190		- private function _hasEqualSubject(Certificate $cert): bool
191		- {
192		- $dn1 = $this->_tbsCertificate->subject();
193		- $dn2 = $cert->_tbsCertificate->subject();
194		- return $dn1->equals($dn2);
195		- }
196		-
197		- /**
198		- * Generate ASN.1 structure.
199		- *
200		- * @return Sequence
201		- */
202		- public function toASN1(): Sequence
203		- {
204		- return new Sequence($this->_tbsCertificate->toASN1(),
205		- $this->_signatureAlgorithm->toASN1(),
206		- $this->_signatureValue->bitString());
207		- }
208		-
209		- /**
210		- * Get certificate as a DER.
211		- *
212		- * @return string
213		- */
214		- public function toDER(): string
215		- {
216		- return $this->toASN1()->toDER();
217		- }
218		-
219		- /**
220		- * Get certificate as a PEM.
221		- *
222		- * @return PEM
223		- */
224		- public function toPEM(): PEM
225		- {
226		- return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
227		- }
228		-
229		- /**
230		- * Verify certificate signature.
231		- *
232		- * @param PublicKeyInfo $pubkey_info Issuer's public key
233		- * @param Crypto\|null $crypto Crypto engine, use default if not set
234		- * @return bool True if certificate signature is valid
235		- */
236		- public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool
237		- {
238		- $crypto = $crypto ?: Crypto::getDefault();
239		- $data = $this->_tbsCertificate->toASN1()->toDER();
240		- return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
241		- $this->_signatureAlgorithm);
242		- }
243		-
244		- /**
245		- * Get certificate as a PEM formatted string.
246		- *
247		- * @return string
248		- */
249		- public function __toString()
250		- {
251		- return $this->toPEM()->string();
252		- }
	22	+ /**
	23	+ * "To be signed" certificate information.
	24	+ *
	25	+ * @var TBSCertificate $_tbsCertificate
	26	+ */
	27	+ protected $_tbsCertificate;
	28	+
	29	+ /**
	30	+ * Signature algorithm.
	31	+ *
	32	+ * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
	33	+ */
	34	+ protected $_signatureAlgorithm;
	35	+
	36	+ /**
	37	+ * Signature value.
	38	+ *
	39	+ * @var Signature $_signatureValue
	40	+ */
	41	+ protected $_signatureValue;
	42	+
	43	+ /**
	44	+ * Constructor.
	45	+ *
	46	+ * @param TBSCertificate $tbsCert
	47	+ * @param SignatureAlgorithmIdentifier $algo
	48	+ * @param Signature $signature
	49	+ */
	50	+ public function __construct(TBSCertificate $tbsCert,
	51	+ SignatureAlgorithmIdentifier $algo, Signature $signature)
	52	+ {
	53	+ $this->_tbsCertificate = $tbsCert;
	54	+ $this->_signatureAlgorithm = $algo;
	55	+ $this->_signatureValue = $signature;
	56	+ }
	57	+
	58	+ /**
	59	+ * Initialize from ASN.1.
	60	+ *
	61	+ * @param Sequence $seq
	62	+ * @return self
	63	+ */
	64	+ public static function fromASN1(Sequence $seq): self
	65	+ {
	66	+ $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
	67	+ $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
	68	+ if (!$algo instanceof SignatureAlgorithmIdentifier) {
	69	+ throw new \UnexpectedValueException(
	70	+ "Unsupported signature algorithm " . $algo->oid() . ".");
	71	+ }
	72	+ $signature = Signature::fromSignatureData(
	73	+ $seq->at(2)
	74	+ ->asBitString()
	75	+ ->string(), $algo);
	76	+ return new self($tbsCert, $algo, $signature);
	77	+ }
	78	+
	79	+ /**
	80	+ * Initialize from DER.
	81	+ *
	82	+ * @param string $data
	83	+ * @return self
	84	+ */
	85	+ public static function fromDER(string $data): self
	86	+ {
	87	+ return self::fromASN1(Sequence::fromDER($data));
	88	+ }
	89	+
	90	+ /**
	91	+ * Initialize from PEM.
	92	+ *
	93	+ * @param PEM $pem
	94	+ * @throws \UnexpectedValueException
	95	+ * @return self
	96	+ */
	97	+ public static function fromPEM(PEM $pem): self
	98	+ {
	99	+ if ($pem->type() != PEM::TYPE_CERTIFICATE) {
	100	+ throw new \UnexpectedValueException("Invalid PEM type.");
	101	+ }
	102	+ return self::fromDER($pem->data());
	103	+ }
	104	+
	105	+ /**
	106	+ * Get certificate information.
	107	+ *
	108	+ * @return TBSCertificate
	109	+ */
	110	+ public function tbsCertificate(): TBSCertificate
	111	+ {
	112	+ return $this->_tbsCertificate;
	113	+ }
	114	+
	115	+ /**
	116	+ * Get signature algorithm.
	117	+ *
	118	+ * @return SignatureAlgorithmIdentifier
	119	+ */
	120	+ public function signatureAlgorithm(): SignatureAlgorithmIdentifier
	121	+ {
	122	+ return $this->_signatureAlgorithm;
	123	+ }
	124	+
	125	+ /**
	126	+ * Get signature value.
	127	+ *
	128	+ * @return Signature
	129	+ */
	130	+ public function signatureValue(): Signature
	131	+ {
	132	+ return $this->_signatureValue;
	133	+ }
	134	+
	135	+ /**
	136	+ * Check whether certificate is self-issued.
	137	+ *
	138	+ * @return bool
	139	+ */
	140	+ public function isSelfIssued(): bool
	141	+ {
	142	+ return $this->_tbsCertificate->subject()->equals(
	143	+ $this->_tbsCertificate->issuer());
	144	+ }
	145	+
	146	+ /**
	147	+ * Check whether certificate is semantically equal to another.
	148	+ *
	149	+ * @param Certificate $cert Certificate to compare to
	150	+ * @return bool
	151	+ */
	152	+ public function equals(Certificate $cert): bool
	153	+ {
	154	+ return $this->_hasEqualSerialNumber($cert) &&
	155	+ $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
	156	+ }
	157	+
	158	+ /**
	159	+ * Check whether certificate has serial number equal to another.
	160	+ *
	161	+ * @param Certificate $cert
	162	+ * @return bool
	163	+ */
	164	+ private function _hasEqualSerialNumber(Certificate $cert): bool
	165	+ {
	166	+ $sn1 = $this->_tbsCertificate->serialNumber();
	167	+ $sn2 = $cert->_tbsCertificate->serialNumber();
	168	+ return $sn1 == $sn2;
	169	+ }
	170	+
	171	+ /**
	172	+ * Check whether certificate has public key equal to another.
	173	+ *
	174	+ * @param Certificate $cert
	175	+ * @return bool
	176	+ */
	177	+ private function _hasEqualPublicKey(Certificate $cert): bool
	178	+ {
	179	+ $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
	180	+ $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
	181	+ return $kid1 == $kid2;
	182	+ }
	183	+
	184	+ /**
	185	+ * Check whether certificate has subject equal to another.
	186	+ *
	187	+ * @param Certificate $cert
	188	+ * @return bool
	189	+ */
	190	+ private function _hasEqualSubject(Certificate $cert): bool
	191	+ {
	192	+ $dn1 = $this->_tbsCertificate->subject();
	193	+ $dn2 = $cert->_tbsCertificate->subject();
	194	+ return $dn1->equals($dn2);
	195	+ }
	196	+
	197	+ /**
	198	+ * Generate ASN.1 structure.
	199	+ *
	200	+ * @return Sequence
	201	+ */
	202	+ public function toASN1(): Sequence
	203	+ {
	204	+ return new Sequence($this->_tbsCertificate->toASN1(),
	205	+ $this->_signatureAlgorithm->toASN1(),
	206	+ $this->_signatureValue->bitString());
	207	+ }
	208	+
	209	+ /**
	210	+ * Get certificate as a DER.
	211	+ *
	212	+ * @return string
	213	+ */
	214	+ public function toDER(): string
	215	+ {
	216	+ return $this->toASN1()->toDER();
	217	+ }
	218	+
	219	+ /**
	220	+ * Get certificate as a PEM.
	221	+ *
	222	+ * @return PEM
	223	+ */
	224	+ public function toPEM(): PEM
	225	+ {
	226	+ return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
	227	+ }
	228	+
	229	+ /**
	230	+ * Verify certificate signature.
	231	+ *
	232	+ * @param PublicKeyInfo $pubkey_info Issuer's public key
	233	+ * @param Crypto\|null $crypto Crypto engine, use default if not set
	234	+ * @return bool True if certificate signature is valid
	235	+ */
	236	+ public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool
	237	+ {
	238	+ $crypto = $crypto ?: Crypto::getDefault();
	239	+ $data = $this->_tbsCertificate->toASN1()->toDER();
	240	+ return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
	241	+ $this->_signatureAlgorithm);
	242	+ }
	243	+
	244	+ /**
	245	+ * Get certificate as a PEM formatted string.
	246	+ *
	247	+ * @return string
	248	+ */
	249	+ public function __toString()
	250	+ {
	251	+ return $this->toPEM()->string();
	252	+ }
253	253	}

		@@ -45,7 +45,7 @@ discard block
		block discarded – undo
45	45	protected static function _fromDER(string $data, bool $critical): self
46	46	{
47	47	$mappings = array_map(
48		- function (UnspecifiedType $el) {
	48	+ function(UnspecifiedType $el) {
49	49	return PolicyMapping::fromASN1($el->asSequence());
50	50	}, Sequence::fromDER($data)->elements());
51	51	if (!count($mappings)) {
		@@ -66,7 +66,7 @@ discard block
		block discarded – undo
66	66	throw new \LogicException("No mappings.");
67	67	}
68	68	$elements = array_map(
69		- function (PolicyMapping $mapping) {
	69	+ function(PolicyMapping $mapping) {
70	70	return $mapping->toASN1();
71	71	}, $this->_mappings);
72	72	return new Sequence(...$elements);
		@@ -131,7 +131,7 @@ discard block
		block discarded – undo
131	131	public function issuerDomainPolicies(): array
132	132	{
133	133	$idps = array_map(
134		- function (PolicyMapping $mapping) {
	134	+ function(PolicyMapping $mapping) {
135	135	return $mapping->issuerDomainPolicy();
136	136	}, $this->_mappings);
137	137	return array_values(array_unique($idps));

		@@ -15,170 +15,170 @@
		block discarded – undo
15	15	* @link https://tools.ietf.org/html/rfc5280#section-4.2.1.5
16	16	*/
17	17	class PolicyMappingsExtension extends Extension implements
18		- \Countable,
19		- \IteratorAggregate
	18	+ \Countable,
	19	+ \IteratorAggregate
20	20	{
21		- /**
22		- * Policy mappings.
23		- *
24		- * @var PolicyMapping[] $_mappings
25		- */
26		- protected $_mappings;
	21	+ /**
	22	+ * Policy mappings.
	23	+ *
	24	+ * @var PolicyMapping[] $_mappings
	25	+ */
	26	+ protected $_mappings;
27	27
28		- /**
29		- * Constructor.
30		- *
31		- * @param bool $critical
32		- * @param PolicyMapping ...$mappings One or more PolicyMapping objects
33		- */
34		- public function __construct(bool $critical, PolicyMapping ...$mappings)
35		- {
36		- parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
37		- $this->_mappings = $mappings;
38		- }
	28	+ /**
	29	+ * Constructor.
	30	+ *
	31	+ * @param bool $critical
	32	+ * @param PolicyMapping ...$mappings One or more PolicyMapping objects
	33	+ */
	34	+ public function __construct(bool $critical, PolicyMapping ...$mappings)
	35	+ {
	36	+ parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
	37	+ $this->_mappings = $mappings;
	38	+ }
39	39
40		- /**
41		- *
42		- * {@inheritdoc}
43		- * @return self
44		- */
45		- protected static function _fromDER(string $data, bool $critical): self
46		- {
47		- $mappings = array_map(
48		- function (UnspecifiedType $el) {
49		- return PolicyMapping::fromASN1($el->asSequence());
50		- }, Sequence::fromDER($data)->elements());
51		- if (!count($mappings)) {
52		- throw new \UnexpectedValueException(
53		- "PolicyMappings must have at least one mapping.");
54		- }
55		- return new self($critical, ...$mappings);
56		- }
	40	+ /**
	41	+ *
	42	+ * {@inheritdoc}
	43	+ * @return self
	44	+ */
	45	+ protected static function _fromDER(string $data, bool $critical): self
	46	+ {
	47	+ $mappings = array_map(
	48	+ function (UnspecifiedType $el) {
	49	+ return PolicyMapping::fromASN1($el->asSequence());
	50	+ }, Sequence::fromDER($data)->elements());
	51	+ if (!count($mappings)) {
	52	+ throw new \UnexpectedValueException(
	53	+ "PolicyMappings must have at least one mapping.");
	54	+ }
	55	+ return new self($critical, ...$mappings);
	56	+ }
57	57
58		- /**
59		- *
60		- * {@inheritdoc}
61		- * @return Sequence
62		- */
63		- protected function _valueASN1(): Sequence
64		- {
65		- if (!count($this->_mappings)) {
66		- throw new \LogicException("No mappings.");
67		- }
68		- $elements = array_map(
69		- function (PolicyMapping $mapping) {
70		- return $mapping->toASN1();
71		- }, $this->_mappings);
72		- return new Sequence(...$elements);
73		- }
	58	+ /**
	59	+ *
	60	+ * {@inheritdoc}
	61	+ * @return Sequence
	62	+ */
	63	+ protected function _valueASN1(): Sequence
	64	+ {
	65	+ if (!count($this->_mappings)) {
	66	+ throw new \LogicException("No mappings.");
	67	+ }
	68	+ $elements = array_map(
	69	+ function (PolicyMapping $mapping) {
	70	+ return $mapping->toASN1();
	71	+ }, $this->_mappings);
	72	+ return new Sequence(...$elements);
	73	+ }
74	74
75		- /**
76		- * Get all mappings.
77		- *
78		- * @return PolicyMapping[]
79		- */
80		- public function mappings(): array
81		- {
82		- return $this->_mappings;
83		- }
	75	+ /**
	76	+ * Get all mappings.
	77	+ *
	78	+ * @return PolicyMapping[]
	79	+ */
	80	+ public function mappings(): array
	81	+ {
	82	+ return $this->_mappings;
	83	+ }
84	84
85		- /**
86		- * Get mappings flattened into a single array of arrays of subject domains
87		- * keyed by issuer domain.
88		- *
89		- * Eg. if policy mappings contains multiple mappings with the same issuer
90		- * domain policy, their corresponding subject domain policies are placed
91		- * under the same key.
92		- *
93		- * @return (string[])[]
94		- */
95		- public function flattenedMappings(): array
96		- {
97		- $mappings = array();
98		- foreach ($this->_mappings as $mapping) {
99		- $idp = $mapping->issuerDomainPolicy();
100		- if (!isset($mappings[$idp])) {
101		- $mappings[$idp] = array();
102		- }
103		- array_push($mappings[$idp], $mapping->subjectDomainPolicy());
104		- }
105		- return $mappings;
106		- }
	85	+ /**
	86	+ * Get mappings flattened into a single array of arrays of subject domains
	87	+ * keyed by issuer domain.
	88	+ *
	89	+ * Eg. if policy mappings contains multiple mappings with the same issuer
	90	+ * domain policy, their corresponding subject domain policies are placed
	91	+ * under the same key.
	92	+ *
	93	+ * @return (string[])[]
	94	+ */
	95	+ public function flattenedMappings(): array
	96	+ {
	97	+ $mappings = array();
	98	+ foreach ($this->_mappings as $mapping) {
	99	+ $idp = $mapping->issuerDomainPolicy();
	100	+ if (!isset($mappings[$idp])) {
	101	+ $mappings[$idp] = array();
	102	+ }
	103	+ array_push($mappings[$idp], $mapping->subjectDomainPolicy());
	104	+ }
	105	+ return $mappings;
	106	+ }
107	107
108		- /**
109		- * Get all subject domain policy OIDs that are mapped to given issuer
110		- * domain policy OID.
111		- *
112		- * @param string $oid Issuer domain policy
113		- * @return string[] List of OIDs in dotted format
114		- */
115		- public function issuerMappings(string $oid): array
116		- {
117		- $oids = array();
118		- foreach ($this->_mappings as $mapping) {
119		- if ($mapping->issuerDomainPolicy() == $oid) {
120		- $oids[] = $mapping->subjectDomainPolicy();
121		- }
122		- }
123		- return $oids;
124		- }
	108	+ /**
	109	+ * Get all subject domain policy OIDs that are mapped to given issuer
	110	+ * domain policy OID.
	111	+ *
	112	+ * @param string $oid Issuer domain policy
	113	+ * @return string[] List of OIDs in dotted format
	114	+ */
	115	+ public function issuerMappings(string $oid): array
	116	+ {
	117	+ $oids = array();
	118	+ foreach ($this->_mappings as $mapping) {
	119	+ if ($mapping->issuerDomainPolicy() == $oid) {
	120	+ $oids[] = $mapping->subjectDomainPolicy();
	121	+ }
	122	+ }
	123	+ return $oids;
	124	+ }
125	125
126		- /**
127		- * Get all mapped issuer domain policy OIDs.
128		- *
129		- * @return string[]
130		- */
131		- public function issuerDomainPolicies(): array
132		- {
133		- $idps = array_map(
134		- function (PolicyMapping $mapping) {
135		- return $mapping->issuerDomainPolicy();
136		- }, $this->_mappings);
137		- return array_values(array_unique($idps));
138		- }
	126	+ /**
	127	+ * Get all mapped issuer domain policy OIDs.
	128	+ *
	129	+ * @return string[]
	130	+ */
	131	+ public function issuerDomainPolicies(): array
	132	+ {
	133	+ $idps = array_map(
	134	+ function (PolicyMapping $mapping) {
	135	+ return $mapping->issuerDomainPolicy();
	136	+ }, $this->_mappings);
	137	+ return array_values(array_unique($idps));
	138	+ }
139	139
140		- /**
141		- * Check whether policy mappings have anyPolicy mapped.
142		- *
143		- * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
144		- * to or from the special value anyPolicy".
145		- *
146		- * @return bool
147		- */
148		- public function hasAnyPolicyMapping(): bool
149		- {
150		- foreach ($this->_mappings as $mapping) {
151		- if ($mapping->issuerDomainPolicy() ==
152		- PolicyInformation::OID_ANY_POLICY) {
153		- return true;
154		- }
155		- if ($mapping->subjectDomainPolicy() ==
156		- PolicyInformation::OID_ANY_POLICY) {
157		- return true;
158		- }
159		- }
160		- return false;
161		- }
	140	+ /**
	141	+ * Check whether policy mappings have anyPolicy mapped.
	142	+ *
	143	+ * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
	144	+ * to or from the special value anyPolicy".
	145	+ *
	146	+ * @return bool
	147	+ */
	148	+ public function hasAnyPolicyMapping(): bool
	149	+ {
	150	+ foreach ($this->_mappings as $mapping) {
	151	+ if ($mapping->issuerDomainPolicy() ==
	152	+ PolicyInformation::OID_ANY_POLICY) {
	153	+ return true;
	154	+ }
	155	+ if ($mapping->subjectDomainPolicy() ==
	156	+ PolicyInformation::OID_ANY_POLICY) {
	157	+ return true;
	158	+ }
	159	+ }
	160	+ return false;
	161	+ }
162	162
163		- /**
164		- * Get the number of mappings.
165		- *
166		- * @see \Countable::count()
167		- * @return int
168		- */
169		- public function count(): int
170		- {
171		- return count($this->_mappings);
172		- }
	163	+ /**
	164	+ * Get the number of mappings.
	165	+ *
	166	+ * @see \Countable::count()
	167	+ * @return int
	168	+ */
	169	+ public function count(): int
	170	+ {
	171	+ return count($this->_mappings);
	172	+ }
173	173
174		- /**
175		- * Get iterator for policy mappings.
176		- *
177		- * @see \IteratorAggregate::getIterator()
178		- * @return \ArrayIterator
179		- */
180		- public function getIterator(): \ArrayIterator
181		- {
182		- return new \ArrayIterator($this->_mappings);
183		- }
	174	+ /**
	175	+ * Get iterator for policy mappings.
	176	+ *
	177	+ * @see \IteratorAggregate::getIterator()
	178	+ * @return \ArrayIterator
	179	+ */
	180	+ public function getIterator(): \ArrayIterator
	181	+ {
	182	+ return new \ArrayIterator($this->_mappings);
	183	+ }
184	184	}

		@@ -13,52 +13,52 @@
		block discarded – undo
13	13	*/
14	14	class SubjectKeyIdentifierExtension extends Extension
15	15	{
16		- /**
17		- * Key identifier.
18		- *
19		- * @var string $_keyIdentifier
20		- */
21		- protected $_keyIdentifier;
	16	+ /**
	17	+ * Key identifier.
	18	+ *
	19	+ * @var string $_keyIdentifier
	20	+ */
	21	+ protected $_keyIdentifier;
22	22
23		- /**
24		- * Constructor.
25		- *
26		- * @param bool $critical
27		- * @param string $keyIdentifier
28		- */
29		- public function __construct(bool $critical, string $keyIdentifier)
30		- {
31		- parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical);
32		- $this->_keyIdentifier = $keyIdentifier;
33		- }
	23	+ /**
	24	+ * Constructor.
	25	+ *
	26	+ * @param bool $critical
	27	+ * @param string $keyIdentifier
	28	+ */
	29	+ public function __construct(bool $critical, string $keyIdentifier)
	30	+ {
	31	+ parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical);
	32	+ $this->_keyIdentifier = $keyIdentifier;
	33	+ }
34	34
35		- /**
36		- *
37		- * {@inheritdoc}
38		- * @return self
39		- */
40		- protected static function _fromDER(string $data, bool $critical): self
41		- {
42		- return new self($critical, OctetString::fromDER($data)->string());
43		- }
	35	+ /**
	36	+ *
	37	+ * {@inheritdoc}
	38	+ * @return self
	39	+ */
	40	+ protected static function _fromDER(string $data, bool $critical): self
	41	+ {
	42	+ return new self($critical, OctetString::fromDER($data)->string());
	43	+ }
44	44
45		- /**
46		- * Get key identifier.
47		- *
48		- * @return string
49		- */
50		- public function keyIdentifier(): string
51		- {
52		- return $this->_keyIdentifier;
53		- }
	45	+ /**
	46	+ * Get key identifier.
	47	+ *
	48	+ * @return string
	49	+ */
	50	+ public function keyIdentifier(): string
	51	+ {
	52	+ return $this->_keyIdentifier;
	53	+ }
54	54
55		- /**
56		- *
57		- * {@inheritdoc}
58		- * @return OctetString
59		- */
60		- protected function _valueASN1(): OctetString
61		- {
62		- return new OctetString($this->_keyIdentifier);
63		- }
	55	+ /**
	56	+ *
	57	+ * {@inheritdoc}
	58	+ * @return OctetString
	59	+ */
	60	+ protected function _valueASN1(): OctetString
	61	+ {
	62	+ return new OctetString($this->_keyIdentifier);
	63	+ }
64	64	}

		@@ -16,125 +16,125 @@
		block discarded – undo
16	16	*/
17	17	class PolicyConstraintsExtension extends Extension
18	18	{
19		- /**
20		- *
21		- * @var int $_requireExplicitPolicy
22		- */
23		- protected $_requireExplicitPolicy;
	19	+ /**
	20	+ *
	21	+ * @var int $_requireExplicitPolicy
	22	+ */
	23	+ protected $_requireExplicitPolicy;
24	24
25		- /**
26		- *
27		- * @var int $_inhibitPolicyMapping
28		- */
29		- protected $_inhibitPolicyMapping;
	25	+ /**
	26	+ *
	27	+ * @var int $_inhibitPolicyMapping
	28	+ */
	29	+ protected $_inhibitPolicyMapping;
30	30
31		- /**
32		- * Constructor.
33		- *
34		- * @param bool $critical
35		- * @param int\|null $require_explicit_policy
36		- * @param int\|null $inhibit_policy_mapping
37		- */
38		- public function __construct(bool $critical, $require_explicit_policy = null,
39		- $inhibit_policy_mapping = null)
40		- {
41		- parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
42		- $this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval(
43		- $require_explicit_policy) : null;
44		- $this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval(
45		- $inhibit_policy_mapping) : null;
46		- }
	31	+ /**
	32	+ * Constructor.
	33	+ *
	34	+ * @param bool $critical
	35	+ * @param int\|null $require_explicit_policy
	36	+ * @param int\|null $inhibit_policy_mapping
	37	+ */
	38	+ public function __construct(bool $critical, $require_explicit_policy = null,
	39	+ $inhibit_policy_mapping = null)
	40	+ {
	41	+ parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
	42	+ $this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval(
	43	+ $require_explicit_policy) : null;
	44	+ $this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval(
	45	+ $inhibit_policy_mapping) : null;
	46	+ }
47	47
48		- /**
49		- *
50		- * {@inheritdoc}
51		- * @return self
52		- */
53		- protected static function _fromDER(string $data, bool $critical): self
54		- {
55		- $seq = Sequence::fromDER($data);
56		- $require_explicit_policy = null;
57		- $inhibit_policy_mapping = null;
58		- if ($seq->hasTagged(0)) {
59		- $require_explicit_policy = $seq->getTagged(0)
60		- ->asImplicit(Element::TYPE_INTEGER)
61		- ->asInteger()
62		- ->intNumber();
63		- }
64		- if ($seq->hasTagged(1)) {
65		- $inhibit_policy_mapping = $seq->getTagged(1)
66		- ->asImplicit(Element::TYPE_INTEGER)
67		- ->asInteger()
68		- ->intNumber();
69		- }
70		- return new self($critical, $require_explicit_policy,
71		- $inhibit_policy_mapping);
72		- }
	48	+ /**
	49	+ *
	50	+ * {@inheritdoc}
	51	+ * @return self
	52	+ */
	53	+ protected static function _fromDER(string $data, bool $critical): self
	54	+ {
	55	+ $seq = Sequence::fromDER($data);
	56	+ $require_explicit_policy = null;
	57	+ $inhibit_policy_mapping = null;
	58	+ if ($seq->hasTagged(0)) {
	59	+ $require_explicit_policy = $seq->getTagged(0)
	60	+ ->asImplicit(Element::TYPE_INTEGER)
	61	+ ->asInteger()
	62	+ ->intNumber();
	63	+ }
	64	+ if ($seq->hasTagged(1)) {
	65	+ $inhibit_policy_mapping = $seq->getTagged(1)
	66	+ ->asImplicit(Element::TYPE_INTEGER)
	67	+ ->asInteger()
	68	+ ->intNumber();
	69	+ }
	70	+ return new self($critical, $require_explicit_policy,
	71	+ $inhibit_policy_mapping);
	72	+ }
73	73
74		- /**
75		- * Whether requireExplicitPolicy is present.
76		- *
77		- * @return bool
78		- */
79		- public function hasRequireExplicitPolicy(): bool
80		- {
81		- return isset($this->_requireExplicitPolicy);
82		- }
	74	+ /**
	75	+ * Whether requireExplicitPolicy is present.
	76	+ *
	77	+ * @return bool
	78	+ */
	79	+ public function hasRequireExplicitPolicy(): bool
	80	+ {
	81	+ return isset($this->_requireExplicitPolicy);
	82	+ }
83	83
84		- /**
85		- * Get requireExplicitPolicy.
86		- *
87		- * @throws \LogicException
88		- * @return int
89		- */
90		- public function requireExplicitPolicy(): int
91		- {
92		- if (!$this->hasRequireExplicitPolicy()) {
93		- throw new \LogicException("requireExplicitPolicy not set.");
94		- }
95		- return $this->_requireExplicitPolicy;
96		- }
	84	+ /**
	85	+ * Get requireExplicitPolicy.
	86	+ *
	87	+ * @throws \LogicException
	88	+ * @return int
	89	+ */
	90	+ public function requireExplicitPolicy(): int
	91	+ {
	92	+ if (!$this->hasRequireExplicitPolicy()) {
	93	+ throw new \LogicException("requireExplicitPolicy not set.");
	94	+ }
	95	+ return $this->_requireExplicitPolicy;
	96	+ }
97	97
98		- /**
99		- * Whether inhibitPolicyMapping is present.
100		- *
101		- * @return bool
102		- */
103		- public function hasInhibitPolicyMapping(): bool
104		- {
105		- return isset($this->_inhibitPolicyMapping);
106		- }
	98	+ /**
	99	+ * Whether inhibitPolicyMapping is present.
	100	+ *
	101	+ * @return bool
	102	+ */
	103	+ public function hasInhibitPolicyMapping(): bool
	104	+ {
	105	+ return isset($this->_inhibitPolicyMapping);
	106	+ }
107	107
108		- /**
109		- * Get inhibitPolicyMapping.
110		- *
111		- * @throws \LogicException
112		- * @return int
113		- */
114		- public function inhibitPolicyMapping(): int
115		- {
116		- if (!$this->hasInhibitPolicyMapping()) {
117		- throw new \LogicException("inhibitPolicyMapping not set.");
118		- }
119		- return $this->_inhibitPolicyMapping;
120		- }
	108	+ /**
	109	+ * Get inhibitPolicyMapping.
	110	+ *
	111	+ * @throws \LogicException
	112	+ * @return int
	113	+ */
	114	+ public function inhibitPolicyMapping(): int
	115	+ {
	116	+ if (!$this->hasInhibitPolicyMapping()) {
	117	+ throw new \LogicException("inhibitPolicyMapping not set.");
	118	+ }
	119	+ return $this->_inhibitPolicyMapping;
	120	+ }
121	121
122		- /**
123		- *
124		- * {@inheritdoc}
125		- * @return Sequence
126		- */
127		- protected function _valueASN1(): Sequence
128		- {
129		- $elements = array();
130		- if (isset($this->_requireExplicitPolicy)) {
131		- $elements[] = new ImplicitlyTaggedType(0,
132		- new Integer($this->_requireExplicitPolicy));
133		- }
134		- if (isset($this->_inhibitPolicyMapping)) {
135		- $elements[] = new ImplicitlyTaggedType(1,
136		- new Integer($this->_inhibitPolicyMapping));
137		- }
138		- return new Sequence(...$elements);
139		- }
	122	+ /**
	123	+ *
	124	+ * {@inheritdoc}
	125	+ * @return Sequence
	126	+ */
	127	+ protected function _valueASN1(): Sequence
	128	+ {
	129	+ $elements = array();
	130	+ if (isset($this->_requireExplicitPolicy)) {
	131	+ $elements[] = new ImplicitlyTaggedType(0,
	132	+ new Integer($this->_requireExplicitPolicy));
	133	+ }
	134	+ if (isset($this->_inhibitPolicyMapping)) {
	135	+ $elements[] = new ImplicitlyTaggedType(1,
	136	+ new Integer($this->_inhibitPolicyMapping));
	137	+ }
	138	+ return new Sequence(...$elements);
	139	+ }
140	140	}

		@@ -14,136 +14,136 @@
		block discarded – undo
14	14	* @link https://tools.ietf.org/html/rfc5280#section-4.2.1.4
15	15	*/
16	16	class CertificatePoliciesExtension extends Extension implements
17		- \Countable,
18		- \IteratorAggregate
	17	+ \Countable,
	18	+ \IteratorAggregate
19	19	{
20		- /**
21		- * Policy information terms.
22		- *
23		- * @var PolicyInformation[] $_policies
24		- */
25		- protected $_policies;
	20	+ /**
	21	+ * Policy information terms.
	22	+ *
	23	+ * @var PolicyInformation[] $_policies
	24	+ */
	25	+ protected $_policies;
26	26
27		- /**
28		- * Constructor.
29		- *
30		- * @param bool $critical
31		- * @param PolicyInformation ...$policies
32		- */
33		- public function __construct(bool $critical, PolicyInformation ...$policies)
34		- {
35		- parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
36		- $this->_policies = [];
37		- foreach ($policies as $policy) {
38		- $this->_policies[$policy->oid()] = $policy;
39		- }
40		- }
	27	+ /**
	28	+ * Constructor.
	29	+ *
	30	+ * @param bool $critical
	31	+ * @param PolicyInformation ...$policies
	32	+ */
	33	+ public function __construct(bool $critical, PolicyInformation ...$policies)
	34	+ {
	35	+ parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
	36	+ $this->_policies = [];
	37	+ foreach ($policies as $policy) {
	38	+ $this->_policies[$policy->oid()] = $policy;
	39	+ }
	40	+ }
41	41
42		- /**
43		- *
44		- * {@inheritdoc}
45		- * @return self
46		- */
47		- protected static function _fromDER(string $data, bool $critical): self
48		- {
49		- $policies = array_map(
50		- function (UnspecifiedType $el) {
51		- return PolicyInformation::fromASN1($el->asSequence());
52		- }, Sequence::fromDER($data)->elements());
53		- if (!count($policies)) {
54		- throw new \UnexpectedValueException(
55		- "certificatePolicies must contain" .
56		- " at least one PolicyInformation.");
57		- }
58		- return new self($critical, ...$policies);
59		- }
	42	+ /**
	43	+ *
	44	+ * {@inheritdoc}
	45	+ * @return self
	46	+ */
	47	+ protected static function _fromDER(string $data, bool $critical): self
	48	+ {
	49	+ $policies = array_map(
	50	+ function (UnspecifiedType $el) {
	51	+ return PolicyInformation::fromASN1($el->asSequence());
	52	+ }, Sequence::fromDER($data)->elements());
	53	+ if (!count($policies)) {
	54	+ throw new \UnexpectedValueException(
	55	+ "certificatePolicies must contain" .
	56	+ " at least one PolicyInformation.");
	57	+ }
	58	+ return new self($critical, ...$policies);
	59	+ }
60	60
61		- /**
62		- * Check whether policy information by OID is present.
63		- *
64		- * @param string $oid
65		- * @return bool
66		- */
67		- public function has(string $oid): bool
68		- {
69		- return isset($this->_policies[$oid]);
70		- }
	61	+ /**
	62	+ * Check whether policy information by OID is present.
	63	+ *
	64	+ * @param string $oid
	65	+ * @return bool
	66	+ */
	67	+ public function has(string $oid): bool
	68	+ {
	69	+ return isset($this->_policies[$oid]);
	70	+ }
71	71
72		- /**
73		- * Get policy information by OID.
74		- *
75		- * @param string $oid
76		- * @throws \LogicException
77		- * @return PolicyInformation
78		- */
79		- public function get(string $oid): PolicyInformation
80		- {
81		- if (!$this->has($oid)) {
82		- throw new \LogicException("Not certificate policy by OID $oid.");
83		- }
84		- return $this->_policies[$oid];
85		- }
	72	+ /**
	73	+ * Get policy information by OID.
	74	+ *
	75	+ * @param string $oid
	76	+ * @throws \LogicException
	77	+ * @return PolicyInformation
	78	+ */
	79	+ public function get(string $oid): PolicyInformation
	80	+ {
	81	+ if (!$this->has($oid)) {
	82	+ throw new \LogicException("Not certificate policy by OID $oid.");
	83	+ }
	84	+ return $this->_policies[$oid];
	85	+ }
86	86
87		- /**
88		- * Check whether anyPolicy is present.
89		- *
90		- * @return bool
91		- */
92		- public function hasAnyPolicy(): bool
93		- {
94		- return $this->has(PolicyInformation::OID_ANY_POLICY);
95		- }
	87	+ /**
	88	+ * Check whether anyPolicy is present.
	89	+ *
	90	+ * @return bool
	91	+ */
	92	+ public function hasAnyPolicy(): bool
	93	+ {
	94	+ return $this->has(PolicyInformation::OID_ANY_POLICY);
	95	+ }
96	96
97		- /**
98		- * Get anyPolicy information.
99		- *
100		- * @throws \LogicException If anyPolicy is not present.
101		- * @return PolicyInformation
102		- */
103		- public function anyPolicy(): PolicyInformation
104		- {
105		- if (!$this->hasAnyPolicy()) {
106		- throw new \LogicException("No anyPolicy.");
107		- }
108		- return $this->get(PolicyInformation::OID_ANY_POLICY);
109		- }
	97	+ /**
	98	+ * Get anyPolicy information.
	99	+ *
	100	+ * @throws \LogicException If anyPolicy is not present.
	101	+ * @return PolicyInformation
	102	+ */
	103	+ public function anyPolicy(): PolicyInformation
	104	+ {
	105	+ if (!$this->hasAnyPolicy()) {
	106	+ throw new \LogicException("No anyPolicy.");
	107	+ }
	108	+ return $this->get(PolicyInformation::OID_ANY_POLICY);
	109	+ }
110	110
111		- /**
112		- *
113		- * {@inheritdoc}
114		- * @return Sequence
115		- */
116		- protected function _valueASN1(): Sequence
117		- {
118		- if (!count($this->_policies)) {
119		- throw new \LogicException("No policies.");
120		- }
121		- $elements = array_map(
122		- function (PolicyInformation $pi) {
123		- return $pi->toASN1();
124		- }, array_values($this->_policies));
125		- return new Sequence(...$elements);
126		- }
	111	+ /**
	112	+ *
	113	+ * {@inheritdoc}
	114	+ * @return Sequence
	115	+ */
	116	+ protected function _valueASN1(): Sequence
	117	+ {
	118	+ if (!count($this->_policies)) {
	119	+ throw new \LogicException("No policies.");
	120	+ }
	121	+ $elements = array_map(
	122	+ function (PolicyInformation $pi) {
	123	+ return $pi->toASN1();
	124	+ }, array_values($this->_policies));
	125	+ return new Sequence(...$elements);
	126	+ }
127	127
128		- /**
129		- * Get the number of policies.
130		- *
131		- * @see \Countable::count()
132		- * @return int
133		- */
134		- public function count(): int
135		- {
136		- return count($this->_policies);
137		- }
	128	+ /**
	129	+ * Get the number of policies.
	130	+ *
	131	+ * @see \Countable::count()
	132	+ * @return int
	133	+ */
	134	+ public function count(): int
	135	+ {
	136	+ return count($this->_policies);
	137	+ }
138	138
139		- /**
140		- * Get iterator for policy information terms.
141		- *
142		- * @see \IteratorAggregate::getIterator()
143		- * @return \ArrayIterator
144		- */
145		- public function getIterator(): \ArrayIterator
146		- {
147		- return new \ArrayIterator($this->_policies);
148		- }
	139	+ /**
	140	+ * Get iterator for policy information terms.
	141	+ *
	142	+ * @see \IteratorAggregate::getIterator()
	143	+ * @return \ArrayIterator
	144	+ */
	145	+ public function getIterator(): \ArrayIterator
	146	+ {
	147	+ return new \ArrayIterator($this->_policies);
	148	+ }
149	149	}

sop / x509

GitHub Access Token became invalid

Push — master ( f7ba31...da62d3 )

Status

Category

Indentation +75 added lines, -75 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Indentation +189 added lines, -189 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +410 added lines, -410 removed lines patch added patch discarded remove patch

Indentation +231 added lines, -231 removed lines patch added patch discarded remove patch

Indentation +606 added lines, -606 removed lines patch added patch discarded remove patch

Doc Comments +1 added lines patch added patch discarded remove patch

Spacing +3 added lines, -3 removed lines patch added patch discarded remove patch

Indentation +155 added lines, -155 removed lines patch added patch discarded remove patch

Indentation +44 added lines, -44 removed lines patch added patch discarded remove patch

Indentation +113 added lines, -113 removed lines patch added patch discarded remove patch

Indentation +122 added lines, -122 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch