sop / x509

lib/X509/AttributeCertificate/Attribute/ChargingIdentityAttributeValue.php

Indentation +11 added lines, -11 removed lines

@@ -9,16 +9,16 @@
  */
 class ChargingIdentityAttributeValue extends IetfAttrSyntax
 {
-    const OID = "1.3.6.1.5.5.7.10.3";
+	const OID = "1.3.6.1.5.5.7.10.3";
     
-    /**
-     * Constructor.
-     *
-     * @param IetfAttrValue ...$values
-     */
-    public function __construct(IetfAttrValue ...$values)
-    {
-        parent::__construct(...$values);
-        $this->_oid = self::OID;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param IetfAttrValue ...$values
+	 */
+	public function __construct(IetfAttrValue ...$values)
+	{
+		parent::__construct(...$values);
+		$this->_oid = self::OID;
+	}
 }

lib/X509/AttributeCertificate/Attribute/IetfAttrSyntax.php

Indentation +183 added lines, -183 removed lines

@@ -17,203 +17,203 @@
  * @link https://tools.ietf.org/html/rfc5755#section-4.4
  */
 abstract class IetfAttrSyntax extends AttributeValue implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Policy authority.
-     *
-     * @var GeneralNames|null $_policyAuthority
-     */
-    protected $_policyAuthority;
+	/**
+	 * Policy authority.
+	 *
+	 * @var GeneralNames|null $_policyAuthority
+	 */
+	protected $_policyAuthority;
     
-    /**
-     * Values.
-     *
-     * @var IetfAttrValue[] $_values
-     */
-    protected $_values;
+	/**
+	 * Values.
+	 *
+	 * @var IetfAttrValue[] $_values
+	 */
+	protected $_values;
     
-    /**
-     * Constructor.
-     *
-     * @param IetfAttrValue ...$values
-     */
-    public function __construct(IetfAttrValue ...$values)
-    {
-        $this->_policyAuthority = null;
-        $this->_values = $values;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param IetfAttrValue ...$values
+	 */
+	public function __construct(IetfAttrValue ...$values)
+	{
+		$this->_policyAuthority = null;
+		$this->_values = $values;
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el)
-    {
-        $seq = $el->asSequence();
-        $authority = null;
-        $idx = 0;
-        if ($seq->hasTagged(0)) {
-            $authority = GeneralNames::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-            ++$idx;
-        }
-        $values = array_map(
-            function (UnspecifiedType $el) {
-                return IetfAttrValue::fromASN1($el);
-            },
-            $seq->at($idx)
-                ->asSequence()
-                ->elements());
-        $obj = new static(...$values);
-        $obj->_policyAuthority = $authority;
-        return $obj;
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el)
+	{
+		$seq = $el->asSequence();
+		$authority = null;
+		$idx = 0;
+		if ($seq->hasTagged(0)) {
+			$authority = GeneralNames::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+			++$idx;
+		}
+		$values = array_map(
+			function (UnspecifiedType $el) {
+				return IetfAttrValue::fromASN1($el);
+			},
+			$seq->at($idx)
+				->asSequence()
+				->elements());
+		$obj = new static(...$values);
+		$obj->_policyAuthority = $authority;
+		return $obj;
+	}
     
-    /**
-     * Get self with policy authority.
-     *
-     * @param GeneralNames $names
-     * @return self
-     */
-    public function withPolicyAuthority(GeneralNames $names)
-    {
-        $obj = clone $this;
-        $obj->_policyAuthority = $names;
-        return $obj;
-    }
+	/**
+	 * Get self with policy authority.
+	 *
+	 * @param GeneralNames $names
+	 * @return self
+	 */
+	public function withPolicyAuthority(GeneralNames $names)
+	{
+		$obj = clone $this;
+		$obj->_policyAuthority = $names;
+		return $obj;
+	}
     
-    /**
-     * Check whether policy authority is present.
-     *
-     * @return bool
-     */
-    public function hasPolicyAuthority()
-    {
-        return isset($this->_policyAuthority);
-    }
+	/**
+	 * Check whether policy authority is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPolicyAuthority()
+	{
+		return isset($this->_policyAuthority);
+	}
     
-    /**
-     * Get policy authority.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function policyAuthority()
-    {
-        if (!$this->hasPolicyAuthority()) {
-            throw new \LogicException("policyAuthority not set.");
-        }
-        return $this->_policyAuthority;
-    }
+	/**
+	 * Get policy authority.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function policyAuthority()
+	{
+		if (!$this->hasPolicyAuthority()) {
+			throw new \LogicException("policyAuthority not set.");
+		}
+		return $this->_policyAuthority;
+	}
     
-    /**
-     * Get values.
-     *
-     * @return IetfAttrValue[]
-     */
-    public function values()
-    {
-        return $this->_values;
-    }
+	/**
+	 * Get values.
+	 *
+	 * @return IetfAttrValue[]
+	 */
+	public function values()
+	{
+		return $this->_values;
+	}
     
-    /**
-     * Get first value.
-     *
-     * @throws \LogicException
-     * @return IetfAttrValue
-     */
-    public function first()
-    {
-        if (!count($this->_values)) {
-            throw new \LogicException("No values.");
-        }
-        return $this->_values[0];
-    }
+	/**
+	 * Get first value.
+	 *
+	 * @throws \LogicException
+	 * @return IetfAttrValue
+	 */
+	public function first()
+	{
+		if (!count($this->_values)) {
+			throw new \LogicException("No values.");
+		}
+		return $this->_values[0];
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
-     * @return Sequence
-     */
-    public function toASN1()
-    {
-        $elements = array();
-        if (isset($this->_policyAuthority)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_policyAuthority->toASN1());
-        }
-        $values = array_map(
-            function (IetfAttrValue $val) {
-                return $val->toASN1();
-            }, $this->_values);
-        $elements[] = new Sequence(...$values);
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
+	 * @return Sequence
+	 */
+	public function toASN1()
+	{
+		$elements = array();
+		if (isset($this->_policyAuthority)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_policyAuthority->toASN1());
+		}
+		$values = array_map(
+			function (IetfAttrValue $val) {
+				return $val->toASN1();
+			}, $this->_values);
+		$elements[] = new Sequence(...$values);
+		return new Sequence(...$elements);
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
-     * @return string
-     */
-    public function stringValue()
-    {
-        return "#" . bin2hex($this->toASN1()->toDER());
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
+	 * @return string
+	 */
+	public function stringValue()
+	{
+		return "#" . bin2hex($this->toASN1()->toDER());
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
-     * @return BinaryMatch
-     */
-    public function equalityMatchingRule()
-    {
-        return new BinaryMatch();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
+	 * @return BinaryMatch
+	 */
+	public function equalityMatchingRule()
+	{
+		return new BinaryMatch();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
-     * @return string
-     */
-    public function rfc2253String()
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
+	 * @return string
+	 */
+	public function rfc2253String()
+	{
+		return $this->stringValue();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
-     * @return string
-     */
-    protected function _transcodedString()
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
+	 * @return string
+	 */
+	protected function _transcodedString()
+	{
+		return $this->stringValue();
+	}
     
-    /**
-     * Get number of values.
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count()
-    {
-        return count($this->_values);
-    }
+	/**
+	 * Get number of values.
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count()
+	{
+		return count($this->_values);
+	}
     
-    /**
-     * Get iterator for values.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator()
-    {
-        return new \ArrayIterator($this->_values);
-    }
+	/**
+	 * Get iterator for values.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator()
+	{
+		return new \ArrayIterator($this->_values);
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -63,7 +63,7 @@ 
             ++$idx;
         }
         $values = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return IetfAttrValue::fromASN1($el);
             },
             $seq->at($idx)
@@ -148,7 +148,7 @@ 
                 $this->_policyAuthority->toASN1());
         }
         $values = array_map(
-            function (IetfAttrValue $val) {
+            function(IetfAttrValue $val) {
                 return $val->toASN1();
             }, $this->_values);
         $elements[] = new Sequence(...$values);

lib/X509/AttributeCertificate/Attribute/SvceAuthInfo.php

Indentation +139 added lines, -139 removed lines

@@ -18,156 +18,156 @@
  */
 abstract class SvceAuthInfo extends AttributeValue
 {
-    /**
-     * Service.
-     *
-     * @var GeneralName $_service
-     */
-    protected $_service;
+	/**
+	 * Service.
+	 *
+	 * @var GeneralName $_service
+	 */
+	protected $_service;
     
-    /**
-     * Ident.
-     *
-     * @var GeneralName $_ident
-     */
-    protected $_ident;
+	/**
+	 * Ident.
+	 *
+	 * @var GeneralName $_ident
+	 */
+	protected $_ident;
     
-    /**
-     * Auth info.
-     *
-     * @var string|null $_authInfo
-     */
-    protected $_authInfo;
+	/**
+	 * Auth info.
+	 *
+	 * @var string|null $_authInfo
+	 */
+	protected $_authInfo;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralName $service
-     * @param GeneralName $ident
-     * @param string|null $auth_info
-     */
-    public function __construct(GeneralName $service, GeneralName $ident,
-        $auth_info = null)
-    {
-        $this->_service = $service;
-        $this->_ident = $ident;
-        $this->_authInfo = $auth_info;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralName $service
+	 * @param GeneralName $ident
+	 * @param string|null $auth_info
+	 */
+	public function __construct(GeneralName $service, GeneralName $ident,
+		$auth_info = null)
+	{
+		$this->_service = $service;
+		$this->_ident = $ident;
+		$this->_authInfo = $auth_info;
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el)
-    {
-        $seq = $el->asSequence();
-        $service = GeneralName::fromASN1($seq->at(0)->asTagged());
-        $ident = GeneralName::fromASN1($seq->at(1)->asTagged());
-        $auth_info = null;
-        if ($seq->has(2, Element::TYPE_OCTET_STRING)) {
-            $auth_info = $seq->at(2)
-                ->asString()
-                ->string();
-        }
-        return new static($service, $ident, $auth_info);
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el)
+	{
+		$seq = $el->asSequence();
+		$service = GeneralName::fromASN1($seq->at(0)->asTagged());
+		$ident = GeneralName::fromASN1($seq->at(1)->asTagged());
+		$auth_info = null;
+		if ($seq->has(2, Element::TYPE_OCTET_STRING)) {
+			$auth_info = $seq->at(2)
+				->asString()
+				->string();
+		}
+		return new static($service, $ident, $auth_info);
+	}
     
-    /**
-     * Get service name.
-     *
-     * @return GeneralName
-     */
-    public function service()
-    {
-        return $this->_service;
-    }
+	/**
+	 * Get service name.
+	 *
+	 * @return GeneralName
+	 */
+	public function service()
+	{
+		return $this->_service;
+	}
     
-    /**
-     * Get ident.
-     *
-     * @return GeneralName
-     */
-    public function ident()
-    {
-        return $this->_ident;
-    }
+	/**
+	 * Get ident.
+	 *
+	 * @return GeneralName
+	 */
+	public function ident()
+	{
+		return $this->_ident;
+	}
     
-    /**
-     * Check whether authentication info is present.
-     *
-     * @return bool
-     */
-    public function hasAuthInfo()
-    {
-        return isset($this->_authInfo);
-    }
+	/**
+	 * Check whether authentication info is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthInfo()
+	{
+		return isset($this->_authInfo);
+	}
     
-    /**
-     * Get authentication info.
-     *
-     * @throws \LogicException
-     * @return string
-     */
-    public function authInfo()
-    {
-        if (!$this->hasAuthInfo()) {
-            throw new \LogicException("authInfo not set.");
-        }
-        return $this->_authInfo;
-    }
+	/**
+	 * Get authentication info.
+	 *
+	 * @throws \LogicException
+	 * @return string
+	 */
+	public function authInfo()
+	{
+		if (!$this->hasAuthInfo()) {
+			throw new \LogicException("authInfo not set.");
+		}
+		return $this->_authInfo;
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
-     * @return Sequence
-     */
-    public function toASN1()
-    {
-        $elements = array($this->_service->toASN1(), $this->_ident->toASN1());
-        if (isset($this->_authInfo)) {
-            $elements[] = new OctetString($this->_authInfo);
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
+	 * @return Sequence
+	 */
+	public function toASN1()
+	{
+		$elements = array($this->_service->toASN1(), $this->_ident->toASN1());
+		if (isset($this->_authInfo)) {
+			$elements[] = new OctetString($this->_authInfo);
+		}
+		return new Sequence(...$elements);
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
-     * @return string
-     */
-    public function stringValue()
-    {
-        return "#" . bin2hex($this->toASN1()->toDER());
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
+	 * @return string
+	 */
+	public function stringValue()
+	{
+		return "#" . bin2hex($this->toASN1()->toDER());
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
-     * @return BinaryMatch
-     */
-    public function equalityMatchingRule()
-    {
-        return new BinaryMatch();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
+	 * @return BinaryMatch
+	 */
+	public function equalityMatchingRule()
+	{
+		return new BinaryMatch();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
-     * @return string
-     */
-    public function rfc2253String()
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
+	 * @return string
+	 */
+	public function rfc2253String()
+	{
+		return $this->stringValue();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
-     * @return string
-     */
-    protected function _transcodedString()
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
+	 * @return string
+	 */
+	protected function _transcodedString()
+	{
+		return $this->stringValue();
+	}
 }

lib/X509/AttributeCertificate/Attribute/AccessIdentityAttributeValue.php

Indentation +12 added lines, -12 removed lines

@@ -11,17 +11,17 @@
  */
 class AccessIdentityAttributeValue extends SvceAuthInfo
 {
-    const OID = "1.3.6.1.5.5.7.10.2";
+	const OID = "1.3.6.1.5.5.7.10.2";
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralName $service
-     * @param GeneralName $ident
-     */
-    public function __construct(GeneralName $service, GeneralName $ident)
-    {
-        parent::__construct($service, $ident, null);
-        $this->_oid = self::OID;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralName $service
+	 * @param GeneralName $ident
+	 */
+	public function __construct(GeneralName $service, GeneralName $ident)
+	{
+		parent::__construct($service, $ident, null);
+		$this->_oid = self::OID;
+	}
 }

lib/X509/AttributeCertificate/Attribute/GroupAttributeValue.php

Indentation +11 added lines, -11 removed lines

@@ -9,16 +9,16 @@
  */
 class GroupAttributeValue extends IetfAttrSyntax
 {
-    const OID = "1.3.6.1.5.5.7.10.4";
+	const OID = "1.3.6.1.5.5.7.10.4";
     
-    /**
-     * Constructor.
-     *
-     * @param IetfAttrValue ...$values
-     */
-    public function __construct(IetfAttrValue ...$values)
-    {
-        parent::__construct(...$values);
-        $this->_oid = self::OID;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param IetfAttrValue ...$values
+	 */
+	public function __construct(IetfAttrValue ...$values)
+	{
+		parent::__construct(...$values);
+		$this->_oid = self::OID;
+	}
 }

lib/X509/AttributeCertificate/Attributes.php

Indentation +196 added lines, -196 removed lines

@@ -24,200 +24,200 @@
  */
 class Attributes implements \Countable, \IteratorAggregate
 {
-    use AttributeContainer;
-    
-    /**
-     * Mapping from OID to attribute value class name.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const MAP_OID_TO_CLASS = array(
-        /* @formatter:off */
-        AccessIdentityAttributeValue::OID => AccessIdentityAttributeValue::class,
-        AuthenticationInfoAttributeValue::OID => AuthenticationInfoAttributeValue::class,
-        ChargingIdentityAttributeValue::OID => ChargingIdentityAttributeValue::class,
-        GroupAttributeValue::OID => GroupAttributeValue::class,
-        AttributeType::OID_ROLE => RoleAttributeValue::class
-        /* @formatter:on */
-    );
-    
-    /**
-     * Constructor.
-     *
-     * @param Attribute ...$attribs
-     */
-    public function __construct(Attribute ...$attribs)
-    {
-        $this->_attributes = $attribs;
-    }
-    
-    /**
-     * Initialize from attribute values.
-     *
-     * @param AttributeValue ...$values
-     * @return self
-     */
-    public static function fromAttributeValues(AttributeValue ...$values)
-    {
-        $attribs = array_map(
-            function (AttributeValue $value) {
-                return $value->toAttribute();
-            }, $values);
-        return new self(...$attribs);
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq)
-    {
-        $attribs = array_map(
-            function (UnspecifiedType $el) {
-                return Attribute::fromASN1($el->asSequence());
-            }, $seq->elements());
-        // cast attributes
-        $attribs = array_map(
-            function (Attribute $attr) {
-                $oid = $attr->oid();
-                if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
-                    $cls = self::MAP_OID_TO_CLASS[$oid];
-                    $attr = $attr->castValues($cls);
-                }
-                return $attr;
-            }, $attribs);
-        return new self(...$attribs);
-    }
-    
-    /**
-     * Check whether 'Access Identity' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasAccessIdentity()
-    {
-        return $this->has(AccessIdentityAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Access Identity' attribute value.
-     *
-     * @return AccessIdentityAttributeValue
-     */
-    public function accessIdentity()
-    {
-        return $this->firstOf(AccessIdentityAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Service Authentication Information' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasAuthenticationInformation()
-    {
-        return $this->has(AuthenticationInfoAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Service Authentication Information' attribute value.
-     *
-     * @return AuthenticationInfoAttributeValue
-     */
-    public function authenticationInformation()
-    {
-        return $this->firstOf(AuthenticationInfoAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Charging Identity' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasChargingIdentity()
-    {
-        return $this->has(ChargingIdentityAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Charging Identity' attribute value.
-     *
-     * @return ChargingIdentityAttributeValue
-     */
-    public function chargingIdentity()
-    {
-        return $this->firstOf(ChargingIdentityAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Group' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasGroup()
-    {
-        return $this->has(GroupAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Group' attribute value.
-     *
-     * @return GroupAttributeValue
-     */
-    public function group()
-    {
-        return $this->firstOf(GroupAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Role' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasRole()
-    {
-        return $this->has(AttributeType::OID_ROLE);
-    }
-    
-    /**
-     * Get the first 'Role' attribute value.
-     *
-     * @return RoleAttributeValue
-     */
-    public function role()
-    {
-        return $this->firstOf(AttributeType::OID_ROLE)->first();
-    }
-    
-    /**
-     * Get all 'Role' attribute values.
-     *
-     * @return RoleAttributeValue[]
-     */
-    public function roles()
-    {
-        return array_merge(array(),
-            ...array_map(
-                function (Attribute $attr) {
-                    return $attr->values();
-                }, $this->allOf(AttributeType::OID_ROLE)));
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1()
-    {
-        $elements = array_map(
-            function (Attribute $attr) {
-                return $attr->toASN1();
-            }, array_values($this->_attributes));
-        return new Sequence(...$elements);
-    }
+	use AttributeContainer;
+    
+	/**
+	 * Mapping from OID to attribute value class name.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const MAP_OID_TO_CLASS = array(
+		/* @formatter:off */
+		AccessIdentityAttributeValue::OID => AccessIdentityAttributeValue::class,
+		AuthenticationInfoAttributeValue::OID => AuthenticationInfoAttributeValue::class,
+		ChargingIdentityAttributeValue::OID => ChargingIdentityAttributeValue::class,
+		GroupAttributeValue::OID => GroupAttributeValue::class,
+		AttributeType::OID_ROLE => RoleAttributeValue::class
+		/* @formatter:on */
+	);
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Attribute ...$attribs
+	 */
+	public function __construct(Attribute ...$attribs)
+	{
+		$this->_attributes = $attribs;
+	}
+    
+	/**
+	 * Initialize from attribute values.
+	 *
+	 * @param AttributeValue ...$values
+	 * @return self
+	 */
+	public static function fromAttributeValues(AttributeValue ...$values)
+	{
+		$attribs = array_map(
+			function (AttributeValue $value) {
+				return $value->toAttribute();
+			}, $values);
+		return new self(...$attribs);
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq)
+	{
+		$attribs = array_map(
+			function (UnspecifiedType $el) {
+				return Attribute::fromASN1($el->asSequence());
+			}, $seq->elements());
+		// cast attributes
+		$attribs = array_map(
+			function (Attribute $attr) {
+				$oid = $attr->oid();
+				if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
+					$cls = self::MAP_OID_TO_CLASS[$oid];
+					$attr = $attr->castValues($cls);
+				}
+				return $attr;
+			}, $attribs);
+		return new self(...$attribs);
+	}
+    
+	/**
+	 * Check whether 'Access Identity' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAccessIdentity()
+	{
+		return $this->has(AccessIdentityAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Access Identity' attribute value.
+	 *
+	 * @return AccessIdentityAttributeValue
+	 */
+	public function accessIdentity()
+	{
+		return $this->firstOf(AccessIdentityAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Service Authentication Information' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthenticationInformation()
+	{
+		return $this->has(AuthenticationInfoAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Service Authentication Information' attribute value.
+	 *
+	 * @return AuthenticationInfoAttributeValue
+	 */
+	public function authenticationInformation()
+	{
+		return $this->firstOf(AuthenticationInfoAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Charging Identity' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasChargingIdentity()
+	{
+		return $this->has(ChargingIdentityAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Charging Identity' attribute value.
+	 *
+	 * @return ChargingIdentityAttributeValue
+	 */
+	public function chargingIdentity()
+	{
+		return $this->firstOf(ChargingIdentityAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Group' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasGroup()
+	{
+		return $this->has(GroupAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Group' attribute value.
+	 *
+	 * @return GroupAttributeValue
+	 */
+	public function group()
+	{
+		return $this->firstOf(GroupAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Role' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRole()
+	{
+		return $this->has(AttributeType::OID_ROLE);
+	}
+    
+	/**
+	 * Get the first 'Role' attribute value.
+	 *
+	 * @return RoleAttributeValue
+	 */
+	public function role()
+	{
+		return $this->firstOf(AttributeType::OID_ROLE)->first();
+	}
+    
+	/**
+	 * Get all 'Role' attribute values.
+	 *
+	 * @return RoleAttributeValue[]
+	 */
+	public function roles()
+	{
+		return array_merge(array(),
+			...array_map(
+				function (Attribute $attr) {
+					return $attr->values();
+				}, $this->allOf(AttributeType::OID_ROLE)));
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1()
+	{
+		$elements = array_map(
+			function (Attribute $attr) {
+				return $attr->toASN1();
+			}, array_values($this->_attributes));
+		return new Sequence(...$elements);
+	}
 }

Spacing +5 added lines, -5 removed lines

@@ -62,7 +62,7 @@ 
     public static function fromAttributeValues(AttributeValue ...$values)
     {
         $attribs = array_map(
-            function (AttributeValue $value) {
+            function(AttributeValue $value) {
                 return $value->toAttribute();
             }, $values);
         return new self(...$attribs);
@@ -77,12 +77,12 @@ 
     public static function fromASN1(Sequence $seq)
     {
         $attribs = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return Attribute::fromASN1($el->asSequence());
             }, $seq->elements());
         // cast attributes
         $attribs = array_map(
-            function (Attribute $attr) {
+            function(Attribute $attr) {
                 $oid = $attr->oid();
                 if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
                     $cls = self::MAP_OID_TO_CLASS[$oid];
@@ -202,7 +202,7 @@ 
     {
         return array_merge(array(),
             ...array_map(
-                function (Attribute $attr) {
+                function(Attribute $attr) {
                     return $attr->values();
                 }, $this->allOf(AttributeType::OID_ROLE)));
     }
@@ -215,7 +215,7 @@ 
     public function toASN1()
     {
         $elements = array_map(
-            function (Attribute $attr) {
+            function(Attribute $attr) {
                 return $attr->toASN1();
             }, array_values($this->_attributes));
         return new Sequence(...$elements);

lib/X509/CertificationPath/Policy/PolicyNode.php

Indentation +238 added lines, -238 removed lines

@@ -11,265 +11,265 @@
  */
 class PolicyNode implements \IteratorAggregate, \Countable
 {
-    /**
-     * Policy OID.
-     *
-     * @var string
-     */
-    protected $_validPolicy;
+	/**
+	 * Policy OID.
+	 *
+	 * @var string
+	 */
+	protected $_validPolicy;
     
-    /**
-     * List of qualifiers.
-     *
-     * @var \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
-     */
-    protected $_qualifiers;
+	/**
+	 * List of qualifiers.
+	 *
+	 * @var \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
+	 */
+	protected $_qualifiers;
     
-    /**
-     * List of expected policy OIDs.
-     *
-     * @var string[]
-     */
-    protected $_expectedPolicies;
+	/**
+	 * List of expected policy OIDs.
+	 *
+	 * @var string[]
+	 */
+	protected $_expectedPolicies;
     
-    /**
-     * List of child nodes.
-     *
-     * @var PolicyNode[]
-     */
-    protected $_children;
+	/**
+	 * List of child nodes.
+	 *
+	 * @var PolicyNode[]
+	 */
+	protected $_children;
     
-    /**
-     * Reference to the parent node.
-     *
-     * @var PolicyNode|null
-     */
-    protected $_parent;
+	/**
+	 * Reference to the parent node.
+	 *
+	 * @var PolicyNode|null
+	 */
+	protected $_parent;
     
-    /**
-     * Constructor.
-     *
-     * @param string $valid_policy Policy OID
-     * @param \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[] $qualifiers
-     * @param string[] $expected_policies
-     */
-    public function __construct($valid_policy, array $qualifiers,
-        array $expected_policies)
-    {
-        $this->_validPolicy = $valid_policy;
-        $this->_qualifiers = $qualifiers;
-        $this->_expectedPolicies = $expected_policies;
-        $this->_children = array();
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $valid_policy Policy OID
+	 * @param \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[] $qualifiers
+	 * @param string[] $expected_policies
+	 */
+	public function __construct($valid_policy, array $qualifiers,
+		array $expected_policies)
+	{
+		$this->_validPolicy = $valid_policy;
+		$this->_qualifiers = $qualifiers;
+		$this->_expectedPolicies = $expected_policies;
+		$this->_children = array();
+	}
     
-    /**
-     * Create initial node for the policy tree.
-     *
-     * @return self
-     */
-    public static function anyPolicyNode()
-    {
-        return new self(PolicyInformation::OID_ANY_POLICY, array(),
-            array(PolicyInformation::OID_ANY_POLICY));
-    }
+	/**
+	 * Create initial node for the policy tree.
+	 *
+	 * @return self
+	 */
+	public static function anyPolicyNode()
+	{
+		return new self(PolicyInformation::OID_ANY_POLICY, array(),
+			array(PolicyInformation::OID_ANY_POLICY));
+	}
     
-    /**
-     * Get the valid policy OID.
-     *
-     * @return string
-     */
-    public function validPolicy()
-    {
-        return $this->_validPolicy;
-    }
+	/**
+	 * Get the valid policy OID.
+	 *
+	 * @return string
+	 */
+	public function validPolicy()
+	{
+		return $this->_validPolicy;
+	}
     
-    /**
-     * Check whether node has anyPolicy as a valid policy.
-     *
-     * @return boolean
-     */
-    public function isAnyPolicy()
-    {
-        return PolicyInformation::OID_ANY_POLICY == $this->_validPolicy;
-    }
+	/**
+	 * Check whether node has anyPolicy as a valid policy.
+	 *
+	 * @return boolean
+	 */
+	public function isAnyPolicy()
+	{
+		return PolicyInformation::OID_ANY_POLICY == $this->_validPolicy;
+	}
     
-    /**
-     * Get the qualifier set.
-     *
-     * @return \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
-     */
-    public function qualifiers()
-    {
-        return $this->_qualifiers;
-    }
+	/**
+	 * Get the qualifier set.
+	 *
+	 * @return \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
+	 */
+	public function qualifiers()
+	{
+		return $this->_qualifiers;
+	}
     
-    /**
-     * Check whether node has OID as an expected policy.
-     *
-     * @param string $oid
-     * @return boolean
-     */
-    public function hasExpectedPolicy($oid)
-    {
-        return in_array($oid, $this->_expectedPolicies);
-    }
+	/**
+	 * Check whether node has OID as an expected policy.
+	 *
+	 * @param string $oid
+	 * @return boolean
+	 */
+	public function hasExpectedPolicy($oid)
+	{
+		return in_array($oid, $this->_expectedPolicies);
+	}
     
-    /**
-     * Get the expected policy set.
-     *
-     * @return string[]
-     */
-    public function expectedPolicies()
-    {
-        return $this->_expectedPolicies;
-    }
+	/**
+	 * Get the expected policy set.
+	 *
+	 * @return string[]
+	 */
+	public function expectedPolicies()
+	{
+		return $this->_expectedPolicies;
+	}
     
-    /**
-     * Set expected policies.
-     *
-     * @param string ...$oids Policy OIDs
-     */
-    public function setExpectedPolicies(...$oids)
-    {
-        $this->_expectedPolicies = $oids;
-    }
+	/**
+	 * Set expected policies.
+	 *
+	 * @param string ...$oids Policy OIDs
+	 */
+	public function setExpectedPolicies(...$oids)
+	{
+		$this->_expectedPolicies = $oids;
+	}
     
-    /**
-     * Check whether node has a child node with given valid policy OID.
-     *
-     * @param string $oid
-     * @return boolean
-     */
-    public function hasChildWithValidPolicy($oid)
-    {
-        foreach ($this->_children as $node) {
-            if ($node->validPolicy() == $oid) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether node has a child node with given valid policy OID.
+	 *
+	 * @param string $oid
+	 * @return boolean
+	 */
+	public function hasChildWithValidPolicy($oid)
+	{
+		foreach ($this->_children as $node) {
+			if ($node->validPolicy() == $oid) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Add child node.
-     *
-     * @param PolicyNode $node
-     * @return self
-     */
-    public function addChild(PolicyNode $node)
-    {
-        $id = spl_object_hash($node);
-        $node->_parent = $this;
-        $this->_children[$id] = $node;
-        return $this;
-    }
+	/**
+	 * Add child node.
+	 *
+	 * @param PolicyNode $node
+	 * @return self
+	 */
+	public function addChild(PolicyNode $node)
+	{
+		$id = spl_object_hash($node);
+		$node->_parent = $this;
+		$this->_children[$id] = $node;
+		return $this;
+	}
     
-    /**
-     * Get the child nodes.
-     *
-     * @return PolicyNode[]
-     */
-    public function children()
-    {
-        return array_values($this->_children);
-    }
+	/**
+	 * Get the child nodes.
+	 *
+	 * @return PolicyNode[]
+	 */
+	public function children()
+	{
+		return array_values($this->_children);
+	}
     
-    /**
-     * Remove this node from the tree.
-     *
-     * @return self The removed node
-     */
-    public function remove()
-    {
-        if ($this->_parent) {
-            $id = spl_object_hash($this);
-            unset($this->_parent->_children[$id]);
-            unset($this->_parent);
-        }
-        return $this;
-    }
+	/**
+	 * Remove this node from the tree.
+	 *
+	 * @return self The removed node
+	 */
+	public function remove()
+	{
+		if ($this->_parent) {
+			$id = spl_object_hash($this);
+			unset($this->_parent->_children[$id]);
+			unset($this->_parent);
+		}
+		return $this;
+	}
     
-    /**
-     * Check whether node has a parent.
-     *
-     * @return bool
-     */
-    public function hasParent()
-    {
-        return isset($this->_parent);
-    }
+	/**
+	 * Check whether node has a parent.
+	 *
+	 * @return bool
+	 */
+	public function hasParent()
+	{
+		return isset($this->_parent);
+	}
     
-    /**
-     * Get the parent node.
-     *
-     * @return PolicyNode|null
-     */
-    public function parent()
-    {
-        return $this->_parent;
-    }
+	/**
+	 * Get the parent node.
+	 *
+	 * @return PolicyNode|null
+	 */
+	public function parent()
+	{
+		return $this->_parent;
+	}
     
-    /**
-     * Get chain of parent nodes from this node's parent to the root node.
-     *
-     * @return PolicyNode[]
-     */
-    public function parents()
-    {
-        if (!$this->_parent) {
-            return array();
-        }
-        $nodes = $this->_parent->parents();
-        $nodes[] = $this->_parent;
-        return array_reverse($nodes);
-    }
+	/**
+	 * Get chain of parent nodes from this node's parent to the root node.
+	 *
+	 * @return PolicyNode[]
+	 */
+	public function parents()
+	{
+		if (!$this->_parent) {
+			return array();
+		}
+		$nodes = $this->_parent->parents();
+		$nodes[] = $this->_parent;
+		return array_reverse($nodes);
+	}
     
-    /**
-     * Walk tree from this node, applying a callback for each node.
-     *
-     * Nodes are traversed depth-first and callback shall be applied post-order.
-     *
-     * @param callable $fn
-     */
-    public function walkNodes(callable $fn)
-    {
-        foreach ($this->_children as $node) {
-            $node->walkNodes($fn);
-        }
-        $fn($this);
-    }
+	/**
+	 * Walk tree from this node, applying a callback for each node.
+	 *
+	 * Nodes are traversed depth-first and callback shall be applied post-order.
+	 *
+	 * @param callable $fn
+	 */
+	public function walkNodes(callable $fn)
+	{
+		foreach ($this->_children as $node) {
+			$node->walkNodes($fn);
+		}
+		$fn($this);
+	}
     
-    /**
-     * Get the total number of nodes in a tree.
-     *
-     * @return int
-     */
-    public function nodeCount()
-    {
-        $c = 1;
-        foreach ($this->_children as $child) {
-            $c += $child->nodeCount();
-        }
-        return $c;
-    }
+	/**
+	 * Get the total number of nodes in a tree.
+	 *
+	 * @return int
+	 */
+	public function nodeCount()
+	{
+		$c = 1;
+		foreach ($this->_children as $child) {
+			$c += $child->nodeCount();
+		}
+		return $c;
+	}
     
-    /**
-     * Get the number of child nodes.
-     *
-     * @see \Countable::count()
-     */
-    public function count()
-    {
-        return count($this->_children);
-    }
+	/**
+	 * Get the number of child nodes.
+	 *
+	 * @see \Countable::count()
+	 */
+	public function count()
+	{
+		return count($this->_children);
+	}
     
-    /**
-     * Get iterator for the child nodes.
-     *
-     * @see \IteratorAggregate::getIterator()
-     */
-    public function getIterator()
-    {
-        return new \ArrayIterator($this->_children);
-    }
+	/**
+	 * Get iterator for the child nodes.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 */
+	public function getIterator()
+	{
+		return new \ArrayIterator($this->_children);
+	}
 }

lib/X509/CertificationPath/CertificationPath.php

Indentation +155 added lines, -155 removed lines

@@ -21,171 +21,171 @@
  */
 class CertificationPath implements \Countable, \IteratorAggregate
 {
-    /**
-     * Certification path.
-     *
-     * @var Certificate[] $_certificates
-     */
-    protected $_certificates;
+	/**
+	 * Certification path.
+	 *
+	 * @var Certificate[] $_certificates
+	 */
+	protected $_certificates;
     
-    /**
-     * Constructor.
-     *
-     * @param Certificate ...$certificates Certificates from the trust anchor
-     *        to the target end-entity certificate
-     */
-    public function __construct(Certificate ...$certificates)
-    {
-        $this->_certificates = $certificates;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Certificate ...$certificates Certificates from the trust anchor
+	 *        to the target end-entity certificate
+	 */
+	public function __construct(Certificate ...$certificates)
+	{
+		$this->_certificates = $certificates;
+	}
     
-    /**
-     * Initialize from a certificate chain.
-     *
-     * @param CertificateChain $chain
-     * @return self
-     */
-    public static function fromCertificateChain(CertificateChain $chain)
-    {
-        return new self(...array_reverse($chain->certificates(), false));
-    }
+	/**
+	 * Initialize from a certificate chain.
+	 *
+	 * @param CertificateChain $chain
+	 * @return self
+	 */
+	public static function fromCertificateChain(CertificateChain $chain)
+	{
+		return new self(...array_reverse($chain->certificates(), false));
+	}
     
-    /**
-     * Build certification path to given target.
-     *
-     * @param Certificate $target Target end-entity certificate
-     * @param CertificateBundle $trust_anchors List of trust anchors
-     * @param CertificateBundle|null $intermediate Optional intermediate
-     *        certificates
-     * @return self
-     */
-    public static function toTarget(Certificate $target,
-        CertificateBundle $trust_anchors, CertificateBundle $intermediate = null)
-    {
-        $builder = new CertificationPathBuilder($trust_anchors);
-        return $builder->shortestPathToTarget($target, $intermediate);
-    }
+	/**
+	 * Build certification path to given target.
+	 *
+	 * @param Certificate $target Target end-entity certificate
+	 * @param CertificateBundle $trust_anchors List of trust anchors
+	 * @param CertificateBundle|null $intermediate Optional intermediate
+	 *        certificates
+	 * @return self
+	 */
+	public static function toTarget(Certificate $target,
+		CertificateBundle $trust_anchors, CertificateBundle $intermediate = null)
+	{
+		$builder = new CertificationPathBuilder($trust_anchors);
+		return $builder->shortestPathToTarget($target, $intermediate);
+	}
     
-    /**
-     * Build certification path from given trust anchor to target certificate,
-     * using intermediate certificates from given bundle.
-     *
-     * @param Certificate $trust_anchor Trust anchor certificate
-     * @param Certificate $target Target end-entity certificate
-     * @param CertificateBundle|null $intermediate Optional intermediate
-     *        certificates
-     * @return self
-     */
-    public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
-        Certificate $target, CertificateBundle $intermediate = null)
-    {
-        return self::toTarget($target, new CertificateBundle($trust_anchor),
-            $intermediate);
-    }
+	/**
+	 * Build certification path from given trust anchor to target certificate,
+	 * using intermediate certificates from given bundle.
+	 *
+	 * @param Certificate $trust_anchor Trust anchor certificate
+	 * @param Certificate $target Target end-entity certificate
+	 * @param CertificateBundle|null $intermediate Optional intermediate
+	 *        certificates
+	 * @return self
+	 */
+	public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
+		Certificate $target, CertificateBundle $intermediate = null)
+	{
+		return self::toTarget($target, new CertificateBundle($trust_anchor),
+			$intermediate);
+	}
     
-    /**
-     * Get certificates.
-     *
-     * @return Certificate[]
-     */
-    public function certificates()
-    {
-        return $this->_certificates;
-    }
+	/**
+	 * Get certificates.
+	 *
+	 * @return Certificate[]
+	 */
+	public function certificates()
+	{
+		return $this->_certificates;
+	}
     
-    /**
-     * Get the trust anchor certificate from the path.
-     *
-     * @throws \LogicException If path is empty
-     * @return Certificate
-     */
-    public function trustAnchorCertificate()
-    {
-        if (!count($this->_certificates)) {
-            throw new \LogicException("No certificates.");
-        }
-        return $this->_certificates[0];
-    }
+	/**
+	 * Get the trust anchor certificate from the path.
+	 *
+	 * @throws \LogicException If path is empty
+	 * @return Certificate
+	 */
+	public function trustAnchorCertificate()
+	{
+		if (!count($this->_certificates)) {
+			throw new \LogicException("No certificates.");
+		}
+		return $this->_certificates[0];
+	}
     
-    /**
-     * Get the end-entity certificate from the path.
-     *
-     * @throws \LogicException If path is empty
-     * @return Certificate
-     */
-    public function endEntityCertificate()
-    {
-        if (!count($this->_certificates)) {
-            throw new \LogicException("No certificates.");
-        }
-        return $this->_certificates[count($this->_certificates) - 1];
-    }
+	/**
+	 * Get the end-entity certificate from the path.
+	 *
+	 * @throws \LogicException If path is empty
+	 * @return Certificate
+	 */
+	public function endEntityCertificate()
+	{
+		if (!count($this->_certificates)) {
+			throw new \LogicException("No certificates.");
+		}
+		return $this->_certificates[count($this->_certificates) - 1];
+	}
     
-    /**
-     * Get certification path as a certificate chain.
-     *
-     * @return CertificateChain
-     */
-    public function certificateChain()
-    {
-        return new CertificateChain(
-            ...array_reverse($this->_certificates, false));
-    }
+	/**
+	 * Get certification path as a certificate chain.
+	 *
+	 * @return CertificateChain
+	 */
+	public function certificateChain()
+	{
+		return new CertificateChain(
+			...array_reverse($this->_certificates, false));
+	}
     
-    /**
-     * Check whether certification path starts with one ore more given
-     * certificates in parameter order.
-     *
-     * @param Certificate ...$certs Certificates
-     * @return true
-     */
-    public function startsWith(Certificate ...$certs)
-    {
-        $n = count($certs);
-        if ($n > count($this->_certificates)) {
-            return false;
-        }
-        for ($i = 0; $i < $n; ++$i) {
-            if (!$certs[$i]->equals($this->_certificates[$i])) {
-                return false;
-            }
-        }
-        return true;
-    }
+	/**
+	 * Check whether certification path starts with one ore more given
+	 * certificates in parameter order.
+	 *
+	 * @param Certificate ...$certs Certificates
+	 * @return true
+	 */
+	public function startsWith(Certificate ...$certs)
+	{
+		$n = count($certs);
+		if ($n > count($this->_certificates)) {
+			return false;
+		}
+		for ($i = 0; $i < $n; ++$i) {
+			if (!$certs[$i]->equals($this->_certificates[$i])) {
+				return false;
+			}
+		}
+		return true;
+	}
     
-    /**
-     * Validate certification path.
-     *
-     * @param PathValidationConfig $config
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @throws Exception\PathValidationException
-     * @return PathValidation\PathValidationResult
-     */
-    public function validate(PathValidationConfig $config, Crypto $crypto = null)
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $validator = new PathValidator($crypto, $config, ...$this->_certificates);
-        return $validator->validate();
-    }
+	/**
+	 * Validate certification path.
+	 *
+	 * @param PathValidationConfig $config
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @throws Exception\PathValidationException
+	 * @return PathValidation\PathValidationResult
+	 */
+	public function validate(PathValidationConfig $config, Crypto $crypto = null)
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$validator = new PathValidator($crypto, $config, ...$this->_certificates);
+		return $validator->validate();
+	}
     
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count()
-    {
-        return count($this->_certificates);
-    }
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count()
+	{
+		return count($this->_certificates);
+	}
     
-    /**
-     * Get iterator for certificates.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator()
-    {
-        return new \ArrayIterator($this->_certificates);
-    }
+	/**
+	 * Get iterator for certificates.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator()
+	{
+		return new \ArrayIterator($this->_certificates);
+	}
 }

lib/X509/CertificationPath/PathValidation/ValidatorState.php

Indentation +480 added lines, -480 removed lines

@@ -18,484 +18,484 @@
  */
 class ValidatorState
 {
-    /**
-     * Length of the certification path (n).
-     *
-     * @var int $_pathLength
-     */
-    protected $_pathLength;
-    
-    /**
-     * Current index in the certification path in the range of 1..n (i).
-     *
-     * @var int $_index
-     */
-    protected $_index;
-    
-    /**
-     * Valid policy tree (valid_policy_tree).
-     *
-     * A tree of certificate policies with their optional qualifiers.
-     * Each of the leaves of the tree represents a valid policy at this stage in
-     * the certification path validation.
-     * Once the tree is set to NULL, policy processing ceases.
-     *
-     * @var PolicyTree|null $_validPolicyTree
-     */
-    protected $_validPolicyTree;
-    
-    /**
-     * Permitted subtrees (permitted_subtrees).
-     *
-     * A set of root names for each name type defining a set of subtrees within
-     * which all subject names in subsequent certificates in the certification
-     * path must fall.
-     *
-     * @var mixed $_permittedSubtrees
-     */
-    protected $_permittedSubtrees;
-    
-    /**
-     * Excluded subtrees (excluded_subtrees).
-     *
-     * A set of root names for each name type defining a set of subtrees within
-     * which no subject name in subsequent certificates in the certification
-     * path may fall.
-     *
-     * @var mixed $_excludedSubtrees
-     */
-    protected $_excludedSubtrees;
-    
-    /**
-     * Explicit policy (explicit_policy).
-     *
-     * An integer that indicates if a non-NULL valid_policy_tree is required.
-     *
-     * @var int $_explicitPolicy
-     */
-    protected $_explicitPolicy;
-    
-    /**
-     * Inhibit anyPolicy (inhibit_anyPolicy).
-     *
-     * An integer that indicates whether the anyPolicy policy identifier is
-     * considered a match.
-     *
-     * @var int $_inhibitAnyPolicy
-     */
-    protected $_inhibitAnyPolicy;
-    
-    /**
-     * Policy mapping (policy_mapping).
-     *
-     * An integer that indicates if policy mapping is permitted.
-     *
-     * @var int $_policyMapping
-     */
-    protected $_policyMapping;
-    
-    /**
-     * Working public key algorithm (working_public_key_algorithm).
-     *
-     * The digital signature algorithm used to verify the signature of a
-     * certificate.
-     *
-     * @var AlgorithmIdentifierType $_workingPublicKeyAlgorithm
-     */
-    protected $_workingPublicKeyAlgorithm;
-    
-    /**
-     * Working public key (working_public_key).
-     *
-     * The public key used to verify the signature of a certificate.
-     *
-     * @var PublicKeyInfo $_workingPublicKey
-     */
-    protected $_workingPublicKey;
-    
-    /**
-     * Working public key parameters (working_public_key_parameters).
-     *
-     * Parameters associated with the current public key that may be required to
-     * verify a signature.
-     *
-     * @var Element|null $_workingPublicKeyParameters
-     */
-    protected $_workingPublicKeyParameters;
-    
-    /**
-     * Working issuer name (working_issuer_name).
-     *
-     * The issuer distinguished name expected in the next certificate in the
-     * chain.
-     *
-     * @var Name $_workingIssuerName
-     */
-    protected $_workingIssuerName;
-    
-    /**
-     * Maximum certification path length (max_path_length).
-     *
-     * @var int $_maxPathLength
-     */
-    protected $_maxPathLength;
-    
-    /**
-     * Constructor.
-     */
-    protected function __construct()
-    {
-    }
-    
-    /**
-     * Initialize variables according to RFC 5280 6.1.2.
-     *
-     * @link https://tools.ietf.org/html/rfc5280#section-6.1.2
-     * @param PathValidationConfig $config
-     * @param Certificate $trust_anchor Trust anchor certificate
-     * @param int $n Number of certificates in the certification path
-     * @return self
-     */
-    public static function initialize(PathValidationConfig $config,
-        Certificate $trust_anchor, $n)
-    {
-        $state = new self();
-        $state->_pathLength = $n;
-        $state->_index = 1;
-        $state->_validPolicyTree = new PolicyTree(PolicyNode::anyPolicyNode());
-        $state->_permittedSubtrees = null;
-        $state->_excludedSubtrees = null;
-        $state->_explicitPolicy = $config->explicitPolicy() ? 0 : $n + 1;
-        $state->_inhibitAnyPolicy = $config->anyPolicyInhibit() ? 0 : $n + 1;
-        $state->_policyMapping = $config->policyMappingInhibit() ? 0 : $n + 1;
-        $state->_workingPublicKeyAlgorithm = $trust_anchor->signatureAlgorithm();
-        $tbsCert = $trust_anchor->tbsCertificate();
-        $state->_workingPublicKey = $tbsCert->subjectPublicKeyInfo();
-        $state->_workingPublicKeyParameters = self::getAlgorithmParameters(
-            $state->_workingPublicKey->algorithmIdentifier());
-        $state->_workingIssuerName = $tbsCert->issuer();
-        $state->_maxPathLength = $config->maxLength();
-        return $state;
-    }
-    
-    /**
-     * Get self with current certification path index set.
-     *
-     * @param int $index
-     * @return self
-     */
-    public function withIndex($index)
-    {
-        $state = clone $this;
-        $state->_index = $index;
-        return $state;
-    }
-    
-    /**
-     * Get self with valid_policy_tree.
-     *
-     * @param PolicyTree $policy_tree
-     * @return self
-     */
-    public function withValidPolicyTree(PolicyTree $policy_tree)
-    {
-        $state = clone $this;
-        $state->_validPolicyTree = $policy_tree;
-        return $state;
-    }
-    
-    /**
-     * Get self with valid_policy_tree set to null.
-     *
-     * @return self
-     */
-    public function withoutValidPolicyTree()
-    {
-        $state = clone $this;
-        $state->_validPolicyTree = null;
-        return $state;
-    }
-    
-    /**
-     * Get self with explicit_policy.
-     *
-     * @param int $num
-     * @return self
-     */
-    public function withExplicitPolicy($num)
-    {
-        $state = clone $this;
-        $state->_explicitPolicy = $num;
-        return $state;
-    }
-    
-    /**
-     * Get self with inhibit_anyPolicy.
-     *
-     * @param int $num
-     * @return self
-     */
-    public function withInhibitAnyPolicy($num)
-    {
-        $state = clone $this;
-        $state->_inhibitAnyPolicy = $num;
-        return $state;
-    }
-    
-    /**
-     * Get self with policy_mapping.
-     *
-     * @param int $num
-     * @return self
-     */
-    public function withPolicyMapping($num)
-    {
-        $state = clone $this;
-        $state->_policyMapping = $num;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_public_key_algorithm.
-     *
-     * @param AlgorithmIdentifierType $algo
-     * @return self
-     */
-    public function withWorkingPublicKeyAlgorithm(AlgorithmIdentifierType $algo)
-    {
-        $state = clone $this;
-        $state->_workingPublicKeyAlgorithm = $algo;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_public_key.
-     *
-     * @param PublicKeyInfo $pubkey_info
-     * @return self
-     */
-    public function withWorkingPublicKey(PublicKeyInfo $pubkey_info)
-    {
-        $state = clone $this;
-        $state->_workingPublicKey = $pubkey_info;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_public_key_parameters.
-     *
-     * @param Element|null $params
-     * @return self
-     */
-    public function withWorkingPublicKeyParameters(Element $params = null)
-    {
-        $state = clone $this;
-        $state->_workingPublicKeyParameters = $params;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_issuer_name.
-     *
-     * @param Name $issuer
-     * @return self
-     */
-    public function withWorkingIssuerName(Name $issuer)
-    {
-        $state = clone $this;
-        $state->_workingIssuerName = $issuer;
-        return $state;
-    }
-    
-    /**
-     * Get self with max_path_length.
-     *
-     * @param int $length
-     * @return self
-     */
-    public function withMaxPathLength($length)
-    {
-        $state = clone $this;
-        $state->_maxPathLength = $length;
-        return $state;
-    }
-    
-    /**
-     * Get the certification path length (n).
-     *
-     * @return int
-     */
-    public function pathLength()
-    {
-        return $this->_pathLength;
-    }
-    
-    /**
-     * Get the current index in certification path in the range of 1..n.
-     *
-     * @return int
-     */
-    public function index()
-    {
-        return $this->_index;
-    }
-    
-    /**
-     * Check whether valid_policy_tree is present.
-     *
-     * @return bool
-     */
-    public function hasValidPolicyTree()
-    {
-        return isset($this->_validPolicyTree);
-    }
-    
-    /**
-     * Get valid_policy_tree.
-     *
-     * @throws \LogicException
-     * @return PolicyTree
-     */
-    public function validPolicyTree()
-    {
-        if (!$this->hasValidPolicyTree()) {
-            throw new \LogicException("valid_policy_tree not set.");
-        }
-        return $this->_validPolicyTree;
-    }
-    
-    /**
-     * Get permitted_subtrees.
-     *
-     * @return mixed
-     */
-    public function permittedSubtrees()
-    {
-        return $this->_permittedSubtrees;
-    }
-    
-    /**
-     * Get excluded_subtrees.
-     *
-     * @return mixed
-     */
-    public function excludedSubtrees()
-    {
-        return $this->_excludedSubtrees;
-    }
-    
-    /**
-     * Get explicit_policy.
-     *
-     * @return int
-     */
-    public function explicitPolicy()
-    {
-        return $this->_explicitPolicy;
-    }
-    
-    /**
-     * Get inhibit_anyPolicy.
-     *
-     * @return int
-     */
-    public function inhibitAnyPolicy()
-    {
-        return $this->_inhibitAnyPolicy;
-    }
-    
-    /**
-     * Get policy_mapping.
-     *
-     * @return int
-     */
-    public function policyMapping()
-    {
-        return $this->_policyMapping;
-    }
-    
-    /**
-     * Get working_public_key_algorithm.
-     *
-     * @return AlgorithmIdentifierType
-     */
-    public function workingPublicKeyAlgorithm()
-    {
-        return $this->_workingPublicKeyAlgorithm;
-    }
-    
-    /**
-     * Get working_public_key.
-     *
-     * @return PublicKeyInfo
-     */
-    public function workingPublicKey()
-    {
-        return $this->_workingPublicKey;
-    }
-    
-    /**
-     * Get working_public_key_parameters.
-     *
-     * @return Element|null
-     */
-    public function workingPublicKeyParameters()
-    {
-        return $this->_workingPublicKeyParameters;
-    }
-    
-    /**
-     * Get working_issuer_name.
-     *
-     * @return Name
-     */
-    public function workingIssuerName()
-    {
-        return $this->_workingIssuerName;
-    }
-    
-    /**
-     * Get maximum certification path length.
-     *
-     * @return int
-     */
-    public function maxPathLength()
-    {
-        return $this->_maxPathLength;
-    }
-    
-    /**
-     * Check whether processing the final certificate of the certification path.
-     *
-     * @return bool
-     */
-    public function isFinal()
-    {
-        return $this->_index == $this->_pathLength;
-    }
-    
-    /**
-     * Get the path validation result.
-     *
-     * @param Certificate[] $certificates Certificates in a certification path
-     * @return PathValidationResult
-     */
-    public function getResult(array $certificates)
-    {
-        return new PathValidationResult($certificates, $this->_validPolicyTree,
-            $this->_workingPublicKey, $this->_workingPublicKeyAlgorithm,
-            $this->_workingPublicKeyParameters);
-    }
-    
-    /**
-     * Get ASN.1 parameters from algorithm identifier.
-     *
-     * @param AlgorithmIdentifierType $algo
-     * @return Element|null ASN.1 element or null if parameters are omitted
-     */
-    public static function getAlgorithmParameters(AlgorithmIdentifierType $algo)
-    {
-        $seq = $algo->toASN1();
-        return $seq->has(1) ? $seq->at(1)->asElement() : null;
-    }
+	/**
+	 * Length of the certification path (n).
+	 *
+	 * @var int $_pathLength
+	 */
+	protected $_pathLength;
+    
+	/**
+	 * Current index in the certification path in the range of 1..n (i).
+	 *
+	 * @var int $_index
+	 */
+	protected $_index;
+    
+	/**
+	 * Valid policy tree (valid_policy_tree).
+	 *
+	 * A tree of certificate policies with their optional qualifiers.
+	 * Each of the leaves of the tree represents a valid policy at this stage in
+	 * the certification path validation.
+	 * Once the tree is set to NULL, policy processing ceases.
+	 *
+	 * @var PolicyTree|null $_validPolicyTree
+	 */
+	protected $_validPolicyTree;
+    
+	/**
+	 * Permitted subtrees (permitted_subtrees).
+	 *
+	 * A set of root names for each name type defining a set of subtrees within
+	 * which all subject names in subsequent certificates in the certification
+	 * path must fall.
+	 *
+	 * @var mixed $_permittedSubtrees
+	 */
+	protected $_permittedSubtrees;
+    
+	/**
+	 * Excluded subtrees (excluded_subtrees).
+	 *
+	 * A set of root names for each name type defining a set of subtrees within
+	 * which no subject name in subsequent certificates in the certification
+	 * path may fall.
+	 *
+	 * @var mixed $_excludedSubtrees
+	 */
+	protected $_excludedSubtrees;
+    
+	/**
+	 * Explicit policy (explicit_policy).
+	 *
+	 * An integer that indicates if a non-NULL valid_policy_tree is required.
+	 *
+	 * @var int $_explicitPolicy
+	 */
+	protected $_explicitPolicy;
+    
+	/**
+	 * Inhibit anyPolicy (inhibit_anyPolicy).
+	 *
+	 * An integer that indicates whether the anyPolicy policy identifier is
+	 * considered a match.
+	 *
+	 * @var int $_inhibitAnyPolicy
+	 */
+	protected $_inhibitAnyPolicy;
+    
+	/**
+	 * Policy mapping (policy_mapping).
+	 *
+	 * An integer that indicates if policy mapping is permitted.
+	 *
+	 * @var int $_policyMapping
+	 */
+	protected $_policyMapping;
+    
+	/**
+	 * Working public key algorithm (working_public_key_algorithm).
+	 *
+	 * The digital signature algorithm used to verify the signature of a
+	 * certificate.
+	 *
+	 * @var AlgorithmIdentifierType $_workingPublicKeyAlgorithm
+	 */
+	protected $_workingPublicKeyAlgorithm;
+    
+	/**
+	 * Working public key (working_public_key).
+	 *
+	 * The public key used to verify the signature of a certificate.
+	 *
+	 * @var PublicKeyInfo $_workingPublicKey
+	 */
+	protected $_workingPublicKey;
+    
+	/**
+	 * Working public key parameters (working_public_key_parameters).
+	 *
+	 * Parameters associated with the current public key that may be required to
+	 * verify a signature.
+	 *
+	 * @var Element|null $_workingPublicKeyParameters
+	 */
+	protected $_workingPublicKeyParameters;
+    
+	/**
+	 * Working issuer name (working_issuer_name).
+	 *
+	 * The issuer distinguished name expected in the next certificate in the
+	 * chain.
+	 *
+	 * @var Name $_workingIssuerName
+	 */
+	protected $_workingIssuerName;
+    
+	/**
+	 * Maximum certification path length (max_path_length).
+	 *
+	 * @var int $_maxPathLength
+	 */
+	protected $_maxPathLength;
+    
+	/**
+	 * Constructor.
+	 */
+	protected function __construct()
+	{
+	}
+    
+	/**
+	 * Initialize variables according to RFC 5280 6.1.2.
+	 *
+	 * @link https://tools.ietf.org/html/rfc5280#section-6.1.2
+	 * @param PathValidationConfig $config
+	 * @param Certificate $trust_anchor Trust anchor certificate
+	 * @param int $n Number of certificates in the certification path
+	 * @return self
+	 */
+	public static function initialize(PathValidationConfig $config,
+		Certificate $trust_anchor, $n)
+	{
+		$state = new self();
+		$state->_pathLength = $n;
+		$state->_index = 1;
+		$state->_validPolicyTree = new PolicyTree(PolicyNode::anyPolicyNode());
+		$state->_permittedSubtrees = null;
+		$state->_excludedSubtrees = null;
+		$state->_explicitPolicy = $config->explicitPolicy() ? 0 : $n + 1;
+		$state->_inhibitAnyPolicy = $config->anyPolicyInhibit() ? 0 : $n + 1;
+		$state->_policyMapping = $config->policyMappingInhibit() ? 0 : $n + 1;
+		$state->_workingPublicKeyAlgorithm = $trust_anchor->signatureAlgorithm();
+		$tbsCert = $trust_anchor->tbsCertificate();
+		$state->_workingPublicKey = $tbsCert->subjectPublicKeyInfo();
+		$state->_workingPublicKeyParameters = self::getAlgorithmParameters(
+			$state->_workingPublicKey->algorithmIdentifier());
+		$state->_workingIssuerName = $tbsCert->issuer();
+		$state->_maxPathLength = $config->maxLength();
+		return $state;
+	}
+    
+	/**
+	 * Get self with current certification path index set.
+	 *
+	 * @param int $index
+	 * @return self
+	 */
+	public function withIndex($index)
+	{
+		$state = clone $this;
+		$state->_index = $index;
+		return $state;
+	}
+    
+	/**
+	 * Get self with valid_policy_tree.
+	 *
+	 * @param PolicyTree $policy_tree
+	 * @return self
+	 */
+	public function withValidPolicyTree(PolicyTree $policy_tree)
+	{
+		$state = clone $this;
+		$state->_validPolicyTree = $policy_tree;
+		return $state;
+	}
+    
+	/**
+	 * Get self with valid_policy_tree set to null.
+	 *
+	 * @return self
+	 */
+	public function withoutValidPolicyTree()
+	{
+		$state = clone $this;
+		$state->_validPolicyTree = null;
+		return $state;
+	}
+    
+	/**
+	 * Get self with explicit_policy.
+	 *
+	 * @param int $num
+	 * @return self
+	 */
+	public function withExplicitPolicy($num)
+	{
+		$state = clone $this;
+		$state->_explicitPolicy = $num;
+		return $state;
+	}
+    
+	/**
+	 * Get self with inhibit_anyPolicy.
+	 *
+	 * @param int $num
+	 * @return self
+	 */
+	public function withInhibitAnyPolicy($num)
+	{
+		$state = clone $this;
+		$state->_inhibitAnyPolicy = $num;
+		return $state;
+	}
+    
+	/**
+	 * Get self with policy_mapping.
+	 *
+	 * @param int $num
+	 * @return self
+	 */
+	public function withPolicyMapping($num)
+	{
+		$state = clone $this;
+		$state->_policyMapping = $num;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_public_key_algorithm.
+	 *
+	 * @param AlgorithmIdentifierType $algo
+	 * @return self
+	 */
+	public function withWorkingPublicKeyAlgorithm(AlgorithmIdentifierType $algo)
+	{
+		$state = clone $this;
+		$state->_workingPublicKeyAlgorithm = $algo;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_public_key.
+	 *
+	 * @param PublicKeyInfo $pubkey_info
+	 * @return self
+	 */
+	public function withWorkingPublicKey(PublicKeyInfo $pubkey_info)
+	{
+		$state = clone $this;
+		$state->_workingPublicKey = $pubkey_info;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_public_key_parameters.
+	 *
+	 * @param Element|null $params
+	 * @return self
+	 */
+	public function withWorkingPublicKeyParameters(Element $params = null)
+	{
+		$state = clone $this;
+		$state->_workingPublicKeyParameters = $params;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_issuer_name.
+	 *
+	 * @param Name $issuer
+	 * @return self
+	 */
+	public function withWorkingIssuerName(Name $issuer)
+	{
+		$state = clone $this;
+		$state->_workingIssuerName = $issuer;
+		return $state;
+	}
+    
+	/**
+	 * Get self with max_path_length.
+	 *
+	 * @param int $length
+	 * @return self
+	 */
+	public function withMaxPathLength($length)
+	{
+		$state = clone $this;
+		$state->_maxPathLength = $length;
+		return $state;
+	}
+    
+	/**
+	 * Get the certification path length (n).
+	 *
+	 * @return int
+	 */
+	public function pathLength()
+	{
+		return $this->_pathLength;
+	}
+    
+	/**
+	 * Get the current index in certification path in the range of 1..n.
+	 *
+	 * @return int
+	 */
+	public function index()
+	{
+		return $this->_index;
+	}
+    
+	/**
+	 * Check whether valid_policy_tree is present.
+	 *
+	 * @return bool
+	 */
+	public function hasValidPolicyTree()
+	{
+		return isset($this->_validPolicyTree);
+	}
+    
+	/**
+	 * Get valid_policy_tree.
+	 *
+	 * @throws \LogicException
+	 * @return PolicyTree
+	 */
+	public function validPolicyTree()
+	{
+		if (!$this->hasValidPolicyTree()) {
+			throw new \LogicException("valid_policy_tree not set.");
+		}
+		return $this->_validPolicyTree;
+	}
+    
+	/**
+	 * Get permitted_subtrees.
+	 *
+	 * @return mixed
+	 */
+	public function permittedSubtrees()
+	{
+		return $this->_permittedSubtrees;
+	}
+    
+	/**
+	 * Get excluded_subtrees.
+	 *
+	 * @return mixed
+	 */
+	public function excludedSubtrees()
+	{
+		return $this->_excludedSubtrees;
+	}
+    
+	/**
+	 * Get explicit_policy.
+	 *
+	 * @return int
+	 */
+	public function explicitPolicy()
+	{
+		return $this->_explicitPolicy;
+	}
+    
+	/**
+	 * Get inhibit_anyPolicy.
+	 *
+	 * @return int
+	 */
+	public function inhibitAnyPolicy()
+	{
+		return $this->_inhibitAnyPolicy;
+	}
+    
+	/**
+	 * Get policy_mapping.
+	 *
+	 * @return int
+	 */
+	public function policyMapping()
+	{
+		return $this->_policyMapping;
+	}
+    
+	/**
+	 * Get working_public_key_algorithm.
+	 *
+	 * @return AlgorithmIdentifierType
+	 */
+	public function workingPublicKeyAlgorithm()
+	{
+		return $this->_workingPublicKeyAlgorithm;
+	}
+    
+	/**
+	 * Get working_public_key.
+	 *
+	 * @return PublicKeyInfo
+	 */
+	public function workingPublicKey()
+	{
+		return $this->_workingPublicKey;
+	}
+    
+	/**
+	 * Get working_public_key_parameters.
+	 *
+	 * @return Element|null
+	 */
+	public function workingPublicKeyParameters()
+	{
+		return $this->_workingPublicKeyParameters;
+	}
+    
+	/**
+	 * Get working_issuer_name.
+	 *
+	 * @return Name
+	 */
+	public function workingIssuerName()
+	{
+		return $this->_workingIssuerName;
+	}
+    
+	/**
+	 * Get maximum certification path length.
+	 *
+	 * @return int
+	 */
+	public function maxPathLength()
+	{
+		return $this->_maxPathLength;
+	}
+    
+	/**
+	 * Check whether processing the final certificate of the certification path.
+	 *
+	 * @return bool
+	 */
+	public function isFinal()
+	{
+		return $this->_index == $this->_pathLength;
+	}
+    
+	/**
+	 * Get the path validation result.
+	 *
+	 * @param Certificate[] $certificates Certificates in a certification path
+	 * @return PathValidationResult
+	 */
+	public function getResult(array $certificates)
+	{
+		return new PathValidationResult($certificates, $this->_validPolicyTree,
+			$this->_workingPublicKey, $this->_workingPublicKeyAlgorithm,
+			$this->_workingPublicKeyParameters);
+	}
+    
+	/**
+	 * Get ASN.1 parameters from algorithm identifier.
+	 *
+	 * @param AlgorithmIdentifierType $algo
+	 * @return Element|null ASN.1 element or null if parameters are omitted
+	 */
+	public static function getAlgorithmParameters(AlgorithmIdentifierType $algo)
+	{
+		$seq = $algo->toASN1();
+		return $seq->has(1) ? $seq->at(1)->asElement() : null;
+	}
 }