sop / x509

lib/X509/Certificate/Validity.php

Indentation +75 added lines, -75 removed lines

@@ -13,86 +13,86 @@
  */
 class Validity
 {
-    /**
-     * Not before time.
-     *
-     * @var Time $_notBefore
-     */
-    protected $_notBefore;
+	/**
+	 * Not before time.
+	 *
+	 * @var Time $_notBefore
+	 */
+	protected $_notBefore;
     
-    /**
-     * Not after time.
-     *
-     * @var Time $_notAfter
-     */
-    protected $_notAfter;
+	/**
+	 * Not after time.
+	 *
+	 * @var Time $_notAfter
+	 */
+	protected $_notAfter;
     
-    /**
-     * Constructor.
-     *
-     * @param Time $not_before
-     * @param Time $not_after
-     */
-    public function __construct(Time $not_before, Time $not_after)
-    {
-        $this->_notBefore = $not_before;
-        $this->_notAfter = $not_after;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Time $not_before
+	 * @param Time $not_after
+	 */
+	public function __construct(Time $not_before, Time $not_after)
+	{
+		$this->_notBefore = $not_before;
+		$this->_notAfter = $not_after;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $nb = Time::fromASN1($seq->at(0)->asTime());
-        $na = Time::fromASN1($seq->at(1)->asTime());
-        return new self($nb, $na);
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$nb = Time::fromASN1($seq->at(0)->asTime());
+		$na = Time::fromASN1($seq->at(1)->asTime());
+		return new self($nb, $na);
+	}
     
-    /**
-     * Initialize from date strings.
-     *
-     * @param string|null $nb_date Not before date
-     * @param string|null $na_date Not after date
-     * @param string|null $tz Timezone string
-     * @return self
-     */
-    public static function fromStrings($nb_date, $na_date, $tz = null): self
-    {
-        return new self(Time::fromString($nb_date, $tz),
-            Time::fromString($na_date, $tz));
-    }
+	/**
+	 * Initialize from date strings.
+	 *
+	 * @param string|null $nb_date Not before date
+	 * @param string|null $na_date Not after date
+	 * @param string|null $tz Timezone string
+	 * @return self
+	 */
+	public static function fromStrings($nb_date, $na_date, $tz = null): self
+	{
+		return new self(Time::fromString($nb_date, $tz),
+			Time::fromString($na_date, $tz));
+	}
     
-    /**
-     * Get not before time.
-     *
-     * @return Time
-     */
-    public function notBefore(): Time
-    {
-        return $this->_notBefore;
-    }
+	/**
+	 * Get not before time.
+	 *
+	 * @return Time
+	 */
+	public function notBefore(): Time
+	{
+		return $this->_notBefore;
+	}
     
-    /**
-     * Get not after time.
-     *
-     * @return Time
-     */
-    public function notAfter(): Time
-    {
-        return $this->_notAfter;
-    }
+	/**
+	 * Get not after time.
+	 *
+	 * @return Time
+	 */
+	public function notAfter(): Time
+	{
+		return $this->_notAfter;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        return new Sequence($this->_notBefore->toASN1(),
-            $this->_notAfter->toASN1());
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		return new Sequence($this->_notBefore->toASN1(),
+			$this->_notAfter->toASN1());
+	}
 }

lib/X509/Certificate/CertificateBundle.php

Indentation +189 added lines, -189 removed lines

@@ -12,208 +12,208 @@
  */
 class CertificateBundle implements \Countable, \IteratorAggregate
 {
-    /**
-     * Certificates.
-     *
-     * @var Certificate[] $_certs
-     */
-    protected $_certs;
+	/**
+	 * Certificates.
+	 *
+	 * @var Certificate[] $_certs
+	 */
+	protected $_certs;
     
-    /**
-     * Mapping from public key id to array of certificates.
-     *
-     * @var null|(Certificate[])[]
-     */
-    private $_keyIdMap;
+	/**
+	 * Mapping from public key id to array of certificates.
+	 *
+	 * @var null|(Certificate[])[]
+	 */
+	private $_keyIdMap;
     
-    /**
-     * Constructor.
-     *
-     * @param Certificate[] $certs Certificate objects
-     */
-    public function __construct(Certificate ...$certs)
-    {
-        $this->_certs = $certs;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Certificate[] $certs Certificate objects
+	 */
+	public function __construct(Certificate ...$certs)
+	{
+		$this->_certs = $certs;
+	}
     
-    /**
-     * Reset internal cached variables on clone.
-     */
-    public function __clone()
-    {
-        $this->_keyIdMap = null;
-    }
+	/**
+	 * Reset internal cached variables on clone.
+	 */
+	public function __clone()
+	{
+		$this->_keyIdMap = null;
+	}
     
-    /**
-     * Initialize from PEMs.
-     *
-     * @param PEM[] $pems PEM objects
-     * @return self
-     */
-    public static function fromPEMs(PEM ...$pems): self
-    {
-        $certs = array_map(
-            function ($pem) {
-                return Certificate::fromPEM($pem);
-            }, $pems);
-        return new self(...$certs);
-    }
+	/**
+	 * Initialize from PEMs.
+	 *
+	 * @param PEM[] $pems PEM objects
+	 * @return self
+	 */
+	public static function fromPEMs(PEM ...$pems): self
+	{
+		$certs = array_map(
+			function ($pem) {
+				return Certificate::fromPEM($pem);
+			}, $pems);
+		return new self(...$certs);
+	}
     
-    /**
-     * Initialize from PEM bundle.
-     *
-     * @param PEMBundle $pem_bundle
-     * @return self
-     */
-    public static function fromPEMBundle(PEMBundle $pem_bundle): self
-    {
-        return self::fromPEMs(...$pem_bundle->all());
-    }
+	/**
+	 * Initialize from PEM bundle.
+	 *
+	 * @param PEMBundle $pem_bundle
+	 * @return self
+	 */
+	public static function fromPEMBundle(PEMBundle $pem_bundle): self
+	{
+		return self::fromPEMs(...$pem_bundle->all());
+	}
     
-    /**
-     * Get self with certificates added.
-     *
-     * @param Certificate[] $cert
-     * @return self
-     */
-    public function withCertificates(Certificate ...$cert): self
-    {
-        $obj = clone $this;
-        $obj->_certs = array_merge($obj->_certs, $cert);
-        return $obj;
-    }
+	/**
+	 * Get self with certificates added.
+	 *
+	 * @param Certificate[] $cert
+	 * @return self
+	 */
+	public function withCertificates(Certificate ...$cert): self
+	{
+		$obj = clone $this;
+		$obj->_certs = array_merge($obj->_certs, $cert);
+		return $obj;
+	}
     
-    /**
-     * Get self with certificates from PEMBundle added.
-     *
-     * @param PEMBundle $pem_bundle
-     * @return self
-     */
-    public function withPEMBundle(PEMBundle $pem_bundle): self
-    {
-        $certs = $this->_certs;
-        foreach ($pem_bundle as $pem) {
-            $certs[] = Certificate::fromPEM($pem);
-        }
-        return new self(...$certs);
-    }
+	/**
+	 * Get self with certificates from PEMBundle added.
+	 *
+	 * @param PEMBundle $pem_bundle
+	 * @return self
+	 */
+	public function withPEMBundle(PEMBundle $pem_bundle): self
+	{
+		$certs = $this->_certs;
+		foreach ($pem_bundle as $pem) {
+			$certs[] = Certificate::fromPEM($pem);
+		}
+		return new self(...$certs);
+	}
     
-    /**
-     * Get self with single certificate from PEM added.
-     *
-     * @param PEM $pem
-     * @return self
-     */
-    public function withPEM(PEM $pem): self
-    {
-        $certs = $this->_certs;
-        $certs[] = Certificate::fromPEM($pem);
-        return new self(...$certs);
-    }
+	/**
+	 * Get self with single certificate from PEM added.
+	 *
+	 * @param PEM $pem
+	 * @return self
+	 */
+	public function withPEM(PEM $pem): self
+	{
+		$certs = $this->_certs;
+		$certs[] = Certificate::fromPEM($pem);
+		return new self(...$certs);
+	}
     
-    /**
-     * Check whether bundle contains a given certificate.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    public function contains(Certificate $cert): bool
-    {
-        $id = self::_getCertKeyId($cert);
-        $map = $this->_getKeyIdMap();
-        if (!isset($map[$id])) {
-            return false;
-        }
-        foreach ($map[$id] as $c) {
-            /** @var Certificate $c */
-            if ($cert->equals($c)) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether bundle contains a given certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	public function contains(Certificate $cert): bool
+	{
+		$id = self::_getCertKeyId($cert);
+		$map = $this->_getKeyIdMap();
+		if (!isset($map[$id])) {
+			return false;
+		}
+		foreach ($map[$id] as $c) {
+			/** @var Certificate $c */
+			if ($cert->equals($c)) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Get all certificates that have given subject key identifier.
-     *
-     * @param string $id
-     * @return Certificate[]
-     */
-    public function allBySubjectKeyIdentifier(string $id): array
-    {
-        $map = $this->_getKeyIdMap();
-        if (!isset($map[$id])) {
-            return array();
-        }
-        return $map[$id];
-    }
+	/**
+	 * Get all certificates that have given subject key identifier.
+	 *
+	 * @param string $id
+	 * @return Certificate[]
+	 */
+	public function allBySubjectKeyIdentifier(string $id): array
+	{
+		$map = $this->_getKeyIdMap();
+		if (!isset($map[$id])) {
+			return array();
+		}
+		return $map[$id];
+	}
     
-    /**
-     * Get all certificates in a bundle.
-     *
-     * @return Certificate[]
-     */
-    public function all(): array
-    {
-        return $this->_certs;
-    }
+	/**
+	 * Get all certificates in a bundle.
+	 *
+	 * @return Certificate[]
+	 */
+	public function all(): array
+	{
+		return $this->_certs;
+	}
     
-    /**
-     * Get certificate mapping by public key id.
-     *
-     * @return (Certificate[])[]
-     */
-    private function _getKeyIdMap(): array
-    {
-        // lazily build mapping
-        if (!isset($this->_keyIdMap)) {
-            $this->_keyIdMap = array();
-            foreach ($this->_certs as $cert) {
-                $id = self::_getCertKeyId($cert);
-                if (!isset($this->_keyIdMap[$id])) {
-                    $this->_keyIdMap[$id] = array();
-                }
-                array_push($this->_keyIdMap[$id], $cert);
-            }
-        }
-        return $this->_keyIdMap;
-    }
+	/**
+	 * Get certificate mapping by public key id.
+	 *
+	 * @return (Certificate[])[]
+	 */
+	private function _getKeyIdMap(): array
+	{
+		// lazily build mapping
+		if (!isset($this->_keyIdMap)) {
+			$this->_keyIdMap = array();
+			foreach ($this->_certs as $cert) {
+				$id = self::_getCertKeyId($cert);
+				if (!isset($this->_keyIdMap[$id])) {
+					$this->_keyIdMap[$id] = array();
+				}
+				array_push($this->_keyIdMap[$id], $cert);
+			}
+		}
+		return $this->_keyIdMap;
+	}
     
-    /**
-     * Get public key id for the certificate.
-     *
-     * @param Certificate $cert
-     * @return string
-     */
-    private static function _getCertKeyId(Certificate $cert): string
-    {
-        $exts = $cert->tbsCertificate()->extensions();
-        if ($exts->hasSubjectKeyIdentifier()) {
-            return $exts->subjectKeyIdentifier()->keyIdentifier();
-        }
-        return $cert->tbsCertificate()
-            ->subjectPublicKeyInfo()
-            ->keyIdentifier();
-    }
+	/**
+	 * Get public key id for the certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return string
+	 */
+	private static function _getCertKeyId(Certificate $cert): string
+	{
+		$exts = $cert->tbsCertificate()->extensions();
+		if ($exts->hasSubjectKeyIdentifier()) {
+			return $exts->subjectKeyIdentifier()->keyIdentifier();
+		}
+		return $cert->tbsCertificate()
+			->subjectPublicKeyInfo()
+			->keyIdentifier();
+	}
     
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_certs);
-    }
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_certs);
+	}
     
-    /**
-     * Get iterator for certificates.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_certs);
-    }
+	/**
+	 * Get iterator for certificates.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_certs);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -53,7 +53,7 @@
     public static function fromPEMs(PEM ...$pems): self
     {
         $certs = array_map(
-            function ($pem) {
+            function($pem) {
                 return Certificate::fromPEM($pem);
             }, $pems);
         return new self(...$certs);

lib/X509/Certificate/Extensions.php

Indentation +410 added lines, -410 removed lines

@@ -18,414 +18,414 @@
  */
 class Extensions implements \Countable, \IteratorAggregate
 {
-    /**
-     * Extensions.
-     *
-     * @var Extension\Extension[] $_extensions
-     */
-    protected $_extensions;
-    
-    /**
-     * Constructor.
-     *
-     * @param Extension\Extension[] ...$extensions Extension objects
-     */
-    public function __construct(Ext\Extension ...$extensions)
-    {
-        $this->_extensions = array();
-        foreach ($extensions as $ext) {
-            $this->_extensions[$ext->oid()] = $ext;
-        }
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $extensions = array_map(
-            function (UnspecifiedType $el) {
-                return Ext\Extension::fromASN1($el->asSequence());
-            }, $seq->elements());
-        return new self(...$extensions);
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array_values(
-            array_map(
-                function ($ext) {
-                    return $ext->toASN1();
-                }, $this->_extensions));
-        return new Sequence(...$elements);
-    }
-    
-    /**
-     * Get self with extensions added.
-     *
-     * @param Extension\Extension ...$ext One or more extensions to add
-     * @return self
-     */
-    public function withExtensions(Ext\Extension ...$exts): self
-    {
-        $obj = clone $this;
-        foreach ($exts as $ext) {
-            $obj->_extensions[$ext->oid()] = $ext;
-        }
-        return $obj;
-    }
-    
-    /**
-     * Check whether extension is present.
-     *
-     * @param string $oid Extensions OID
-     * @return bool
-     */
-    public function has(string $oid): bool
-    {
-        return isset($this->_extensions[$oid]);
-    }
-    
-    /**
-     * Get extension by OID.
-     *
-     * @param string $oid
-     * @throws \LogicException If extension is not present
-     * @return Extension\Extension
-     */
-    public function get(string $oid): Ext\Extension
-    {
-        if (!$this->has($oid)) {
-            throw new \LogicException("No extension by OID $oid.");
-        }
-        return $this->_extensions[$oid];
-    }
-    
-    /**
-     * Check whether 'Authority Key Identifier' extension is present.
-     *
-     * @return bool
-     */
-    public function hasAuthorityKeyIdentifier(): bool
-    {
-        return $this->has(Ext\Extension::OID_AUTHORITY_KEY_IDENTIFIER);
-    }
-    
-    /**
-     * Get 'Authority Key Identifier' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\AuthorityKeyIdentifierExtension
-     */
-    public function authorityKeyIdentifier(): Ext\AuthorityKeyIdentifierExtension
-    {
-        /** @var Extension\AuthorityKeyIdentifierExtension $keyIdentifier */
-        $keyIdentifier = $this->get(Ext\Extension::OID_AUTHORITY_KEY_IDENTIFIER);
-        return $keyIdentifier;
-    }
-    
-    /**
-     * Check whether 'Subject Key Identifier' extension is present.
-     *
-     * @return bool
-     */
-    public function hasSubjectKeyIdentifier(): bool
-    {
-        return $this->has(Ext\Extension::OID_SUBJECT_KEY_IDENTIFIER);
-    }
-    
-    /**
-     * Get 'Subject Key Identifier' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\SubjectKeyIdentifierExtension
-     */
-    public function subjectKeyIdentifier(): Ext\SubjectKeyIdentifierExtension
-    {
-        /** @var Extension\SubjectKeyIdentifierExtension $subjectKeyIdentifier */
-        $subjectKeyIdentifier = $this->get(
-            Ext\Extension::OID_SUBJECT_KEY_IDENTIFIER);
-        return $subjectKeyIdentifier;
-    }
-    
-    /**
-     * Check whether 'Key Usage' extension is present.
-     *
-     * @return bool
-     */
-    public function hasKeyUsage(): bool
-    {
-        return $this->has(Ext\Extension::OID_KEY_USAGE);
-    }
-    
-    /**
-     * Get 'Key Usage' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\KeyUsageExtension
-     */
-    public function keyUsage(): Ext\KeyUsageExtension
-    {
-        /** @var Extension\KeyUsageExtension $keyUsage */
-        $keyUsage = $this->get(Ext\Extension::OID_KEY_USAGE);
-        return $keyUsage;
-    }
-    
-    /**
-     * Check whether 'Certificate Policies' extension is present.
-     *
-     * @return bool
-     */
-    public function hasCertificatePolicies(): bool
-    {
-        return $this->has(Ext\Extension::OID_CERTIFICATE_POLICIES);
-    }
-    
-    /**
-     * Get 'Certificate Policies' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\CertificatePoliciesExtension
-     */
-    public function certificatePolicies(): Ext\CertificatePoliciesExtension
-    {
-        /** @var Extension\CertificatePoliciesExtension $certPolicies */
-        $certPolicies = $this->get(Ext\Extension::OID_CERTIFICATE_POLICIES);
-        return $certPolicies;
-    }
-    
-    /**
-     * Check whether 'Policy Mappings' extension is present.
-     *
-     * @return bool
-     */
-    public function hasPolicyMappings(): bool
-    {
-        return $this->has(Ext\Extension::OID_POLICY_MAPPINGS);
-    }
-    
-    /**
-     * Get 'Policy Mappings' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\PolicyMappingsExtension
-     */
-    public function policyMappings(): Ext\PolicyMappingsExtension
-    {
-        /** @var Extension\PolicyMappingsExtension $policyMappings */
-        $policyMappings = $this->get(Ext\Extension::OID_POLICY_MAPPINGS);
-        return $policyMappings;
-    }
-    
-    /**
-     * Check whether 'Subject Alternative Name' extension is present.
-     *
-     * @return bool
-     */
-    public function hasSubjectAlternativeName(): bool
-    {
-        return $this->has(Ext\Extension::OID_SUBJECT_ALT_NAME);
-    }
-    
-    /**
-     * Get 'Subject Alternative Name' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\SubjectAlternativeNameExtension
-     */
-    public function subjectAlternativeName(): Ext\SubjectAlternativeNameExtension
-    {
-        /** @var Extension\SubjectAlternativeNameExtension $subjectAltName */
-        $subjectAltName = $this->get(Ext\Extension::OID_SUBJECT_ALT_NAME);
-        return $subjectAltName;
-    }
-    
-    /**
-     * Check whether 'Issuer Alternative Name' extension is present.
-     *
-     * @return bool
-     */
-    public function hasIssuerAlternativeName(): bool
-    {
-        return $this->has(Ext\Extension::OID_ISSUER_ALT_NAME);
-    }
-    
-    /**
-     * Get 'Issuer Alternative Name' extension.
-     *
-     * @return \X509\Certificate\Extension\IssuerAlternativeNameExtension
-     */
-    public function issuerAlternativeName(): Ext\IssuerAlternativeNameExtension
-    {
-        /** @var Extension\IssuerAlternativeNameExtension $issuerAltName */
-        $issuerAltName = $this->get(Ext\Extension::OID_ISSUER_ALT_NAME);
-        return $issuerAltName;
-    }
-    
-    /**
-     * Check whether 'Basic Constraints' extension is present.
-     *
-     * @return bool
-     */
-    public function hasBasicConstraints(): bool
-    {
-        return $this->has(Ext\Extension::OID_BASIC_CONSTRAINTS);
-    }
-    
-    /**
-     * Get 'Basic Constraints' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\BasicConstraintsExtension
-     */
-    public function basicConstraints(): Ext\BasicConstraintsExtension
-    {
-        /** @var Extension\BasicConstraintsExtension $basicConstraints */
-        $basicConstraints = $this->get(Ext\Extension::OID_BASIC_CONSTRAINTS);
-        return $basicConstraints;
-    }
-    
-    /**
-     * Check whether 'Name Constraints' extension is present.
-     *
-     * @return bool
-     */
-    public function hasNameConstraints(): bool
-    {
-        return $this->has(Ext\Extension::OID_NAME_CONSTRAINTS);
-    }
-    
-    /**
-     * Get 'Name Constraints' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\NameConstraintsExtension
-     */
-    public function nameConstraints(): Ext\NameConstraintsExtension
-    {
-        /** @var Extension\NameConstraintsExtension $nameConstraints */
-        $nameConstraints = $this->get(Ext\Extension::OID_NAME_CONSTRAINTS);
-        return $nameConstraints;
-    }
-    
-    /**
-     * Check whether 'Policy Constraints' extension is present.
-     *
-     * @return bool
-     */
-    public function hasPolicyConstraints(): bool
-    {
-        return $this->has(Ext\Extension::OID_POLICY_CONSTRAINTS);
-    }
-    
-    /**
-     * Get 'Policy Constraints' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\PolicyConstraintsExtension
-     */
-    public function policyConstraints(): Ext\PolicyConstraintsExtension
-    {
-        /** @var Extension\PolicyConstraintsExtension $policyConstraints */
-        $policyConstraints = $this->get(Ext\Extension::OID_POLICY_CONSTRAINTS);
-        return $policyConstraints;
-    }
-    
-    /**
-     * Check whether 'Extended Key Usage' extension is present.
-     *
-     * @return bool
-     */
-    public function hasExtendedKeyUsage(): bool
-    {
-        return $this->has(Ext\Extension::OID_EXT_KEY_USAGE);
-    }
-    
-    /**
-     * Get 'Extended Key Usage' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\ExtendedKeyUsageExtension
-     */
-    public function extendedKeyUsage(): Ext\ExtendedKeyUsageExtension
-    {
-        /** @var Extension\ExtendedKeyUsageExtension $keyUsage */
-        $keyUsage = $this->get(Ext\Extension::OID_EXT_KEY_USAGE);
-        return $keyUsage;
-    }
-    
-    /**
-     * Check whether 'CRL Distribution Points' extension is present.
-     *
-     * @return bool
-     */
-    public function hasCRLDistributionPoints(): bool
-    {
-        return $this->has(Ext\Extension::OID_CRL_DISTRIBUTION_POINTS);
-    }
-    
-    /**
-     * Get 'CRL Distribution Points' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\CRLDistributionPointsExtension
-     */
-    public function crlDistributionPoints(): Ext\CRLDistributionPointsExtension
-    {
-        /** @var Extension\CRLDistributionPointsExtension $crlDist */
-        $crlDist = $this->get(Ext\Extension::OID_CRL_DISTRIBUTION_POINTS);
-        return $crlDist;
-    }
-    
-    /**
-     * Check whether 'Inhibit anyPolicy' extension is present.
-     *
-     * @return bool
-     */
-    public function hasInhibitAnyPolicy(): bool
-    {
-        return $this->has(Ext\Extension::OID_INHIBIT_ANY_POLICY);
-    }
-    
-    /**
-     * Get 'Inhibit anyPolicy' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\InhibitAnyPolicyExtension
-     */
-    public function inhibitAnyPolicy(): Ext\InhibitAnyPolicyExtension
-    {
-        /** @var Extension\InhibitAnyPolicyExtension $inhibitAny */
-        $inhibitAny = $this->get(Ext\Extension::OID_INHIBIT_ANY_POLICY);
-        return $inhibitAny;
-    }
-    
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_extensions);
-    }
-    
-    /**
-     * Get iterator for extensions.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \Traversable
-     */
-    public function getIterator(): \Traversable
-    {
-        return new \ArrayIterator($this->_extensions);
-    }
+	/**
+	 * Extensions.
+	 *
+	 * @var Extension\Extension[] $_extensions
+	 */
+	protected $_extensions;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Extension\Extension[] ...$extensions Extension objects
+	 */
+	public function __construct(Ext\Extension ...$extensions)
+	{
+		$this->_extensions = array();
+		foreach ($extensions as $ext) {
+			$this->_extensions[$ext->oid()] = $ext;
+		}
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$extensions = array_map(
+			function (UnspecifiedType $el) {
+				return Ext\Extension::fromASN1($el->asSequence());
+			}, $seq->elements());
+		return new self(...$extensions);
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array_values(
+			array_map(
+				function ($ext) {
+					return $ext->toASN1();
+				}, $this->_extensions));
+		return new Sequence(...$elements);
+	}
+    
+	/**
+	 * Get self with extensions added.
+	 *
+	 * @param Extension\Extension ...$ext One or more extensions to add
+	 * @return self
+	 */
+	public function withExtensions(Ext\Extension ...$exts): self
+	{
+		$obj = clone $this;
+		foreach ($exts as $ext) {
+			$obj->_extensions[$ext->oid()] = $ext;
+		}
+		return $obj;
+	}
+    
+	/**
+	 * Check whether extension is present.
+	 *
+	 * @param string $oid Extensions OID
+	 * @return bool
+	 */
+	public function has(string $oid): bool
+	{
+		return isset($this->_extensions[$oid]);
+	}
+    
+	/**
+	 * Get extension by OID.
+	 *
+	 * @param string $oid
+	 * @throws \LogicException If extension is not present
+	 * @return Extension\Extension
+	 */
+	public function get(string $oid): Ext\Extension
+	{
+		if (!$this->has($oid)) {
+			throw new \LogicException("No extension by OID $oid.");
+		}
+		return $this->_extensions[$oid];
+	}
+    
+	/**
+	 * Check whether 'Authority Key Identifier' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthorityKeyIdentifier(): bool
+	{
+		return $this->has(Ext\Extension::OID_AUTHORITY_KEY_IDENTIFIER);
+	}
+    
+	/**
+	 * Get 'Authority Key Identifier' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\AuthorityKeyIdentifierExtension
+	 */
+	public function authorityKeyIdentifier(): Ext\AuthorityKeyIdentifierExtension
+	{
+		/** @var Extension\AuthorityKeyIdentifierExtension $keyIdentifier */
+		$keyIdentifier = $this->get(Ext\Extension::OID_AUTHORITY_KEY_IDENTIFIER);
+		return $keyIdentifier;
+	}
+    
+	/**
+	 * Check whether 'Subject Key Identifier' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSubjectKeyIdentifier(): bool
+	{
+		return $this->has(Ext\Extension::OID_SUBJECT_KEY_IDENTIFIER);
+	}
+    
+	/**
+	 * Get 'Subject Key Identifier' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\SubjectKeyIdentifierExtension
+	 */
+	public function subjectKeyIdentifier(): Ext\SubjectKeyIdentifierExtension
+	{
+		/** @var Extension\SubjectKeyIdentifierExtension $subjectKeyIdentifier */
+		$subjectKeyIdentifier = $this->get(
+			Ext\Extension::OID_SUBJECT_KEY_IDENTIFIER);
+		return $subjectKeyIdentifier;
+	}
+    
+	/**
+	 * Check whether 'Key Usage' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasKeyUsage(): bool
+	{
+		return $this->has(Ext\Extension::OID_KEY_USAGE);
+	}
+    
+	/**
+	 * Get 'Key Usage' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\KeyUsageExtension
+	 */
+	public function keyUsage(): Ext\KeyUsageExtension
+	{
+		/** @var Extension\KeyUsageExtension $keyUsage */
+		$keyUsage = $this->get(Ext\Extension::OID_KEY_USAGE);
+		return $keyUsage;
+	}
+    
+	/**
+	 * Check whether 'Certificate Policies' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasCertificatePolicies(): bool
+	{
+		return $this->has(Ext\Extension::OID_CERTIFICATE_POLICIES);
+	}
+    
+	/**
+	 * Get 'Certificate Policies' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\CertificatePoliciesExtension
+	 */
+	public function certificatePolicies(): Ext\CertificatePoliciesExtension
+	{
+		/** @var Extension\CertificatePoliciesExtension $certPolicies */
+		$certPolicies = $this->get(Ext\Extension::OID_CERTIFICATE_POLICIES);
+		return $certPolicies;
+	}
+    
+	/**
+	 * Check whether 'Policy Mappings' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPolicyMappings(): bool
+	{
+		return $this->has(Ext\Extension::OID_POLICY_MAPPINGS);
+	}
+    
+	/**
+	 * Get 'Policy Mappings' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\PolicyMappingsExtension
+	 */
+	public function policyMappings(): Ext\PolicyMappingsExtension
+	{
+		/** @var Extension\PolicyMappingsExtension $policyMappings */
+		$policyMappings = $this->get(Ext\Extension::OID_POLICY_MAPPINGS);
+		return $policyMappings;
+	}
+    
+	/**
+	 * Check whether 'Subject Alternative Name' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSubjectAlternativeName(): bool
+	{
+		return $this->has(Ext\Extension::OID_SUBJECT_ALT_NAME);
+	}
+    
+	/**
+	 * Get 'Subject Alternative Name' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\SubjectAlternativeNameExtension
+	 */
+	public function subjectAlternativeName(): Ext\SubjectAlternativeNameExtension
+	{
+		/** @var Extension\SubjectAlternativeNameExtension $subjectAltName */
+		$subjectAltName = $this->get(Ext\Extension::OID_SUBJECT_ALT_NAME);
+		return $subjectAltName;
+	}
+    
+	/**
+	 * Check whether 'Issuer Alternative Name' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerAlternativeName(): bool
+	{
+		return $this->has(Ext\Extension::OID_ISSUER_ALT_NAME);
+	}
+    
+	/**
+	 * Get 'Issuer Alternative Name' extension.
+	 *
+	 * @return \X509\Certificate\Extension\IssuerAlternativeNameExtension
+	 */
+	public function issuerAlternativeName(): Ext\IssuerAlternativeNameExtension
+	{
+		/** @var Extension\IssuerAlternativeNameExtension $issuerAltName */
+		$issuerAltName = $this->get(Ext\Extension::OID_ISSUER_ALT_NAME);
+		return $issuerAltName;
+	}
+    
+	/**
+	 * Check whether 'Basic Constraints' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasBasicConstraints(): bool
+	{
+		return $this->has(Ext\Extension::OID_BASIC_CONSTRAINTS);
+	}
+    
+	/**
+	 * Get 'Basic Constraints' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\BasicConstraintsExtension
+	 */
+	public function basicConstraints(): Ext\BasicConstraintsExtension
+	{
+		/** @var Extension\BasicConstraintsExtension $basicConstraints */
+		$basicConstraints = $this->get(Ext\Extension::OID_BASIC_CONSTRAINTS);
+		return $basicConstraints;
+	}
+    
+	/**
+	 * Check whether 'Name Constraints' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasNameConstraints(): bool
+	{
+		return $this->has(Ext\Extension::OID_NAME_CONSTRAINTS);
+	}
+    
+	/**
+	 * Get 'Name Constraints' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\NameConstraintsExtension
+	 */
+	public function nameConstraints(): Ext\NameConstraintsExtension
+	{
+		/** @var Extension\NameConstraintsExtension $nameConstraints */
+		$nameConstraints = $this->get(Ext\Extension::OID_NAME_CONSTRAINTS);
+		return $nameConstraints;
+	}
+    
+	/**
+	 * Check whether 'Policy Constraints' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPolicyConstraints(): bool
+	{
+		return $this->has(Ext\Extension::OID_POLICY_CONSTRAINTS);
+	}
+    
+	/**
+	 * Get 'Policy Constraints' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\PolicyConstraintsExtension
+	 */
+	public function policyConstraints(): Ext\PolicyConstraintsExtension
+	{
+		/** @var Extension\PolicyConstraintsExtension $policyConstraints */
+		$policyConstraints = $this->get(Ext\Extension::OID_POLICY_CONSTRAINTS);
+		return $policyConstraints;
+	}
+    
+	/**
+	 * Check whether 'Extended Key Usage' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasExtendedKeyUsage(): bool
+	{
+		return $this->has(Ext\Extension::OID_EXT_KEY_USAGE);
+	}
+    
+	/**
+	 * Get 'Extended Key Usage' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\ExtendedKeyUsageExtension
+	 */
+	public function extendedKeyUsage(): Ext\ExtendedKeyUsageExtension
+	{
+		/** @var Extension\ExtendedKeyUsageExtension $keyUsage */
+		$keyUsage = $this->get(Ext\Extension::OID_EXT_KEY_USAGE);
+		return $keyUsage;
+	}
+    
+	/**
+	 * Check whether 'CRL Distribution Points' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasCRLDistributionPoints(): bool
+	{
+		return $this->has(Ext\Extension::OID_CRL_DISTRIBUTION_POINTS);
+	}
+    
+	/**
+	 * Get 'CRL Distribution Points' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\CRLDistributionPointsExtension
+	 */
+	public function crlDistributionPoints(): Ext\CRLDistributionPointsExtension
+	{
+		/** @var Extension\CRLDistributionPointsExtension $crlDist */
+		$crlDist = $this->get(Ext\Extension::OID_CRL_DISTRIBUTION_POINTS);
+		return $crlDist;
+	}
+    
+	/**
+	 * Check whether 'Inhibit anyPolicy' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasInhibitAnyPolicy(): bool
+	{
+		return $this->has(Ext\Extension::OID_INHIBIT_ANY_POLICY);
+	}
+    
+	/**
+	 * Get 'Inhibit anyPolicy' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\InhibitAnyPolicyExtension
+	 */
+	public function inhibitAnyPolicy(): Ext\InhibitAnyPolicyExtension
+	{
+		/** @var Extension\InhibitAnyPolicyExtension $inhibitAny */
+		$inhibitAny = $this->get(Ext\Extension::OID_INHIBIT_ANY_POLICY);
+		return $inhibitAny;
+	}
+    
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_extensions);
+	}
+    
+	/**
+	 * Get iterator for extensions.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \Traversable
+	 */
+	public function getIterator(): \Traversable
+	{
+		return new \ArrayIterator($this->_extensions);
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -47,7 +47,7 @@ 
     public static function fromASN1(Sequence $seq): self
     {
         $extensions = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return Ext\Extension::fromASN1($el->asSequence());
             }, $seq->elements());
         return new self(...$extensions);
@@ -62,7 +62,7 @@ 
     {
         $elements = array_values(
             array_map(
-                function ($ext) {
+                function($ext) {
                     return $ext->toASN1();
                 }, $this->_extensions));
         return new Sequence(...$elements);

lib/X509/Certificate/Certificate.php

Indentation +231 added lines, -231 removed lines

@@ -19,235 +19,235 @@
  */
 class Certificate
 {
-    /**
-     * "To be signed" certificate information.
-     *
-     * @var TBSCertificate $_tbsCertificate
-     */
-    protected $_tbsCertificate;
-    
-    /**
-     * Signature algorithm.
-     *
-     * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
-     */
-    protected $_signatureAlgorithm;
-    
-    /**
-     * Signature value.
-     *
-     * @var Signature $_signatureValue
-     */
-    protected $_signatureValue;
-    
-    /**
-     * Constructor.
-     *
-     * @param TBSCertificate $tbsCert
-     * @param SignatureAlgorithmIdentifier $algo
-     * @param Signature $signature
-     */
-    public function __construct(TBSCertificate $tbsCert,
-        SignatureAlgorithmIdentifier $algo, Signature $signature)
-    {
-        $this->_tbsCertificate = $tbsCert;
-        $this->_signatureAlgorithm = $algo;
-        $this->_signatureValue = $signature;
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
-        $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
-        if (!$algo instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                "Unsupported signature algorithm " . $algo->oid() . ".");
-        }
-        $signature = Signature::fromSignatureData(
-            $seq->at(2)
-                ->asBitString()
-                ->string(), $algo);
-        return new self($tbsCert, $algo, $signature);
-    }
-    
-    /**
-     * Initialize from DER.
-     *
-     * @param string $data
-     * @return self
-     */
-    public static function fromDER(string $data): self
-    {
-        return self::fromASN1(Sequence::fromDER($data));
-    }
-    
-    /**
-     * Initialize from PEM.
-     *
-     * @param PEM $pem
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromPEM(PEM $pem): self
-    {
-        if ($pem->type() != PEM::TYPE_CERTIFICATE) {
-            throw new \UnexpectedValueException("Invalid PEM type.");
-        }
-        return self::fromDER($pem->data());
-    }
-    
-    /**
-     * Get certificate information.
-     *
-     * @return TBSCertificate
-     */
-    public function tbsCertificate(): TBSCertificate
-    {
-        return $this->_tbsCertificate;
-    }
-    
-    /**
-     * Get signature algorithm.
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signatureAlgorithm(): SignatureAlgorithmIdentifier
-    {
-        return $this->_signatureAlgorithm;
-    }
-    
-    /**
-     * Get signature value.
-     *
-     * @return Signature
-     */
-    public function signatureValue(): Signature
-    {
-        return $this->_signatureValue;
-    }
-    
-    /**
-     * Check whether certificate is self-issued.
-     *
-     * @return bool
-     */
-    public function isSelfIssued(): bool
-    {
-        return $this->_tbsCertificate->subject()->equals(
-            $this->_tbsCertificate->issuer());
-    }
-    
-    /**
-     * Check whether certificate is semantically equal to another.
-     *
-     * @param Certificate $cert Certificate to compare to
-     * @return bool
-     */
-    public function equals(Certificate $cert): bool
-    {
-        return $this->_hasEqualSerialNumber($cert) &&
-             $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
-    }
-    
-    /**
-     * Check whether certificate has serial number equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualSerialNumber(Certificate $cert): bool
-    {
-        $sn1 = $this->_tbsCertificate->serialNumber();
-        $sn2 = $cert->_tbsCertificate->serialNumber();
-        return $sn1 == $sn2;
-    }
-    
-    /**
-     * Check whether certificate has public key equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualPublicKey(Certificate $cert): bool
-    {
-        $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        return $kid1 == $kid2;
-    }
-    
-    /**
-     * Check whether certificate has subject equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualSubject(Certificate $cert): bool
-    {
-        $dn1 = $this->_tbsCertificate->subject();
-        $dn2 = $cert->_tbsCertificate->subject();
-        return $dn1->equals($dn2);
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        return new Sequence($this->_tbsCertificate->toASN1(),
-            $this->_signatureAlgorithm->toASN1(),
-            $this->_signatureValue->bitString());
-    }
-    
-    /**
-     * Get certificate as a DER.
-     *
-     * @return string
-     */
-    public function toDER(): string
-    {
-        return $this->toASN1()->toDER();
-    }
-    
-    /**
-     * Get certificate as a PEM.
-     *
-     * @return PEM
-     */
-    public function toPEM(): PEM
-    {
-        return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
-    }
-    
-    /**
-     * Verify certificate signature.
-     *
-     * @param PublicKeyInfo $pubkey_info Issuer's public key
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @return bool True if certificate signature is valid
-     */
-    public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $data = $this->_tbsCertificate->toASN1()->toDER();
-        return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
-            $this->_signatureAlgorithm);
-    }
-    
-    /**
-     * Get certificate as a PEM formatted string.
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->toPEM()->string();
-    }
+	/**
+	 * "To be signed" certificate information.
+	 *
+	 * @var TBSCertificate $_tbsCertificate
+	 */
+	protected $_tbsCertificate;
+    
+	/**
+	 * Signature algorithm.
+	 *
+	 * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
+	 */
+	protected $_signatureAlgorithm;
+    
+	/**
+	 * Signature value.
+	 *
+	 * @var Signature $_signatureValue
+	 */
+	protected $_signatureValue;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param TBSCertificate $tbsCert
+	 * @param SignatureAlgorithmIdentifier $algo
+	 * @param Signature $signature
+	 */
+	public function __construct(TBSCertificate $tbsCert,
+		SignatureAlgorithmIdentifier $algo, Signature $signature)
+	{
+		$this->_tbsCertificate = $tbsCert;
+		$this->_signatureAlgorithm = $algo;
+		$this->_signatureValue = $signature;
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
+		$algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
+		if (!$algo instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				"Unsupported signature algorithm " . $algo->oid() . ".");
+		}
+		$signature = Signature::fromSignatureData(
+			$seq->at(2)
+				->asBitString()
+				->string(), $algo);
+		return new self($tbsCert, $algo, $signature);
+	}
+    
+	/**
+	 * Initialize from DER.
+	 *
+	 * @param string $data
+	 * @return self
+	 */
+	public static function fromDER(string $data): self
+	{
+		return self::fromASN1(Sequence::fromDER($data));
+	}
+    
+	/**
+	 * Initialize from PEM.
+	 *
+	 * @param PEM $pem
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromPEM(PEM $pem): self
+	{
+		if ($pem->type() != PEM::TYPE_CERTIFICATE) {
+			throw new \UnexpectedValueException("Invalid PEM type.");
+		}
+		return self::fromDER($pem->data());
+	}
+    
+	/**
+	 * Get certificate information.
+	 *
+	 * @return TBSCertificate
+	 */
+	public function tbsCertificate(): TBSCertificate
+	{
+		return $this->_tbsCertificate;
+	}
+    
+	/**
+	 * Get signature algorithm.
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signatureAlgorithm(): SignatureAlgorithmIdentifier
+	{
+		return $this->_signatureAlgorithm;
+	}
+    
+	/**
+	 * Get signature value.
+	 *
+	 * @return Signature
+	 */
+	public function signatureValue(): Signature
+	{
+		return $this->_signatureValue;
+	}
+    
+	/**
+	 * Check whether certificate is self-issued.
+	 *
+	 * @return bool
+	 */
+	public function isSelfIssued(): bool
+	{
+		return $this->_tbsCertificate->subject()->equals(
+			$this->_tbsCertificate->issuer());
+	}
+    
+	/**
+	 * Check whether certificate is semantically equal to another.
+	 *
+	 * @param Certificate $cert Certificate to compare to
+	 * @return bool
+	 */
+	public function equals(Certificate $cert): bool
+	{
+		return $this->_hasEqualSerialNumber($cert) &&
+			 $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
+	}
+    
+	/**
+	 * Check whether certificate has serial number equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualSerialNumber(Certificate $cert): bool
+	{
+		$sn1 = $this->_tbsCertificate->serialNumber();
+		$sn2 = $cert->_tbsCertificate->serialNumber();
+		return $sn1 == $sn2;
+	}
+    
+	/**
+	 * Check whether certificate has public key equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualPublicKey(Certificate $cert): bool
+	{
+		$kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		$kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		return $kid1 == $kid2;
+	}
+    
+	/**
+	 * Check whether certificate has subject equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualSubject(Certificate $cert): bool
+	{
+		$dn1 = $this->_tbsCertificate->subject();
+		$dn2 = $cert->_tbsCertificate->subject();
+		return $dn1->equals($dn2);
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		return new Sequence($this->_tbsCertificate->toASN1(),
+			$this->_signatureAlgorithm->toASN1(),
+			$this->_signatureValue->bitString());
+	}
+    
+	/**
+	 * Get certificate as a DER.
+	 *
+	 * @return string
+	 */
+	public function toDER(): string
+	{
+		return $this->toASN1()->toDER();
+	}
+    
+	/**
+	 * Get certificate as a PEM.
+	 *
+	 * @return PEM
+	 */
+	public function toPEM(): PEM
+	{
+		return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
+	}
+    
+	/**
+	 * Verify certificate signature.
+	 *
+	 * @param PublicKeyInfo $pubkey_info Issuer's public key
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @return bool True if certificate signature is valid
+	 */
+	public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null): bool
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$data = $this->_tbsCertificate->toASN1()->toDER();
+		return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
+			$this->_signatureAlgorithm);
+	}
+    
+	/**
+	 * Get certificate as a PEM formatted string.
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->toPEM()->string();
+	}
 }

lib/X509/Certificate/Extension/PolicyMappingsExtension.php

Indentation +155 added lines, -155 removed lines

@@ -15,170 +15,170 @@
  * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.5
  */
 class PolicyMappingsExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Policy mappings.
-     *
-     * @var PolicyMapping[] $_mappings
-     */
-    protected $_mappings;
+	/**
+	 * Policy mappings.
+	 *
+	 * @var PolicyMapping[] $_mappings
+	 */
+	protected $_mappings;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param PolicyMapping[] $mappings One or more PolicyMapping objects
-     */
-    public function __construct(bool $critical, PolicyMapping ...$mappings)
-    {
-        parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
-        $this->_mappings = $mappings;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param PolicyMapping[] $mappings One or more PolicyMapping objects
+	 */
+	public function __construct(bool $critical, PolicyMapping ...$mappings)
+	{
+		parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
+		$this->_mappings = $mappings;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $mappings = array_map(
-            function (UnspecifiedType $el) {
-                return PolicyMapping::fromASN1($el->asSequence());
-            }, Sequence::fromDER($data)->elements());
-        if (!count($mappings)) {
-            throw new \UnexpectedValueException(
-                "PolicyMappings must have at least one mapping.");
-        }
-        return new self($critical, ...$mappings);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$mappings = array_map(
+			function (UnspecifiedType $el) {
+				return PolicyMapping::fromASN1($el->asSequence());
+			}, Sequence::fromDER($data)->elements());
+		if (!count($mappings)) {
+			throw new \UnexpectedValueException(
+				"PolicyMappings must have at least one mapping.");
+		}
+		return new self($critical, ...$mappings);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        if (!count($this->_mappings)) {
-            throw new \LogicException("No mappings.");
-        }
-        $elements = array_map(
-            function (PolicyMapping $mapping) {
-                return $mapping->toASN1();
-            }, $this->_mappings);
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		if (!count($this->_mappings)) {
+			throw new \LogicException("No mappings.");
+		}
+		$elements = array_map(
+			function (PolicyMapping $mapping) {
+				return $mapping->toASN1();
+			}, $this->_mappings);
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Get all mappings.
-     *
-     * @return PolicyMapping[]
-     */
-    public function mappings(): array
-    {
-        return $this->_mappings;
-    }
+	/**
+	 * Get all mappings.
+	 *
+	 * @return PolicyMapping[]
+	 */
+	public function mappings(): array
+	{
+		return $this->_mappings;
+	}
     
-    /**
-     * Get mappings flattened into a single array of arrays of subject domains
-     * keyed by issuer domain.
-     *
-     * Eg. if policy mappings contains multiple mappings with the same issuer
-     * domain policy, their corresponding subject domain policies are placed
-     * under the same key.
-     *
-     * @return (string[])[]
-     */
-    public function flattenedMappings(): array
-    {
-        $mappings = array();
-        foreach ($this->_mappings as $mapping) {
-            $idp = $mapping->issuerDomainPolicy();
-            if (!isset($mappings[$idp])) {
-                $mappings[$idp] = array();
-            }
-            array_push($mappings[$idp], $mapping->subjectDomainPolicy());
-        }
-        return $mappings;
-    }
+	/**
+	 * Get mappings flattened into a single array of arrays of subject domains
+	 * keyed by issuer domain.
+	 *
+	 * Eg. if policy mappings contains multiple mappings with the same issuer
+	 * domain policy, their corresponding subject domain policies are placed
+	 * under the same key.
+	 *
+	 * @return (string[])[]
+	 */
+	public function flattenedMappings(): array
+	{
+		$mappings = array();
+		foreach ($this->_mappings as $mapping) {
+			$idp = $mapping->issuerDomainPolicy();
+			if (!isset($mappings[$idp])) {
+				$mappings[$idp] = array();
+			}
+			array_push($mappings[$idp], $mapping->subjectDomainPolicy());
+		}
+		return $mappings;
+	}
     
-    /**
-     * Get all subject domain policy OIDs that are mapped to given issuer
-     * domain policy OID.
-     *
-     * @param string $oid Issuer domain policy
-     * @return string[] List of OIDs in dotted format
-     */
-    public function issuerMappings(string $oid): array
-    {
-        $oids = array();
-        foreach ($this->_mappings as $mapping) {
-            if ($mapping->issuerDomainPolicy() == $oid) {
-                $oids[] = $mapping->subjectDomainPolicy();
-            }
-        }
-        return $oids;
-    }
+	/**
+	 * Get all subject domain policy OIDs that are mapped to given issuer
+	 * domain policy OID.
+	 *
+	 * @param string $oid Issuer domain policy
+	 * @return string[] List of OIDs in dotted format
+	 */
+	public function issuerMappings(string $oid): array
+	{
+		$oids = array();
+		foreach ($this->_mappings as $mapping) {
+			if ($mapping->issuerDomainPolicy() == $oid) {
+				$oids[] = $mapping->subjectDomainPolicy();
+			}
+		}
+		return $oids;
+	}
     
-    /**
-     * Get all mapped issuer domain policy OIDs.
-     *
-     * @return string[]
-     */
-    public function issuerDomainPolicies(): array
-    {
-        $idps = array_map(
-            function (PolicyMapping $mapping) {
-                return $mapping->issuerDomainPolicy();
-            }, $this->_mappings);
-        return array_values(array_unique($idps));
-    }
+	/**
+	 * Get all mapped issuer domain policy OIDs.
+	 *
+	 * @return string[]
+	 */
+	public function issuerDomainPolicies(): array
+	{
+		$idps = array_map(
+			function (PolicyMapping $mapping) {
+				return $mapping->issuerDomainPolicy();
+			}, $this->_mappings);
+		return array_values(array_unique($idps));
+	}
     
-    /**
-     * Check whether policy mappings have anyPolicy mapped.
-     *
-     * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
-     * to or from the special value anyPolicy".
-     *
-     * @return bool
-     */
-    public function hasAnyPolicyMapping(): bool
-    {
-        foreach ($this->_mappings as $mapping) {
-            if ($mapping->issuerDomainPolicy() ==
-                 PolicyInformation::OID_ANY_POLICY) {
-                return true;
-            }
-            if ($mapping->subjectDomainPolicy() ==
-                 PolicyInformation::OID_ANY_POLICY) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether policy mappings have anyPolicy mapped.
+	 *
+	 * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
+	 * to or from the special value anyPolicy".
+	 *
+	 * @return bool
+	 */
+	public function hasAnyPolicyMapping(): bool
+	{
+		foreach ($this->_mappings as $mapping) {
+			if ($mapping->issuerDomainPolicy() ==
+				 PolicyInformation::OID_ANY_POLICY) {
+				return true;
+			}
+			if ($mapping->subjectDomainPolicy() ==
+				 PolicyInformation::OID_ANY_POLICY) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Get the number of mappings.
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_mappings);
-    }
+	/**
+	 * Get the number of mappings.
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_mappings);
+	}
     
-    /**
-     * Get iterator for policy mappings.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_mappings);
-    }
+	/**
+	 * Get iterator for policy mappings.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_mappings);
+	}
 }

Spacing +3 added lines, -3 removed lines

@@ -45,7 +45,7 @@ 
     protected static function _fromDER(string $data, bool $critical): self
     {
         $mappings = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return PolicyMapping::fromASN1($el->asSequence());
             }, Sequence::fromDER($data)->elements());
         if (!count($mappings)) {
@@ -66,7 +66,7 @@ 
             throw new \LogicException("No mappings.");
         }
         $elements = array_map(
-            function (PolicyMapping $mapping) {
+            function(PolicyMapping $mapping) {
                 return $mapping->toASN1();
             }, $this->_mappings);
         return new Sequence(...$elements);
@@ -131,7 +131,7 @@ 
     public function issuerDomainPolicies(): array
     {
         $idps = array_map(
-            function (PolicyMapping $mapping) {
+            function(PolicyMapping $mapping) {
                 return $mapping->issuerDomainPolicy();
             }, $this->_mappings);
         return array_values(array_unique($idps));

lib/X509/Certificate/Extension/SubjectKeyIdentifierExtension.php

Indentation +44 added lines, -44 removed lines

@@ -13,52 +13,52 @@
  */
 class SubjectKeyIdentifierExtension extends Extension
 {
-    /**
-     * Key identifier.
-     *
-     * @var string $_keyIdentifier
-     */
-    protected $_keyIdentifier;
+	/**
+	 * Key identifier.
+	 *
+	 * @var string $_keyIdentifier
+	 */
+	protected $_keyIdentifier;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param string $keyIdentifier
-     */
-    public function __construct(bool $critical, string $keyIdentifier)
-    {
-        parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical);
-        $this->_keyIdentifier = $keyIdentifier;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param string $keyIdentifier
+	 */
+	public function __construct(bool $critical, string $keyIdentifier)
+	{
+		parent::__construct(self::OID_SUBJECT_KEY_IDENTIFIER, $critical);
+		$this->_keyIdentifier = $keyIdentifier;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        return new self($critical, OctetString::fromDER($data)->string());
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		return new self($critical, OctetString::fromDER($data)->string());
+	}
     
-    /**
-     * Get key identifier.
-     *
-     * @return string
-     */
-    public function keyIdentifier(): string
-    {
-        return $this->_keyIdentifier;
-    }
+	/**
+	 * Get key identifier.
+	 *
+	 * @return string
+	 */
+	public function keyIdentifier(): string
+	{
+		return $this->_keyIdentifier;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return OctetString
-     */
-    protected function _valueASN1(): OctetString
-    {
-        return new OctetString($this->_keyIdentifier);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return OctetString
+	 */
+	protected function _valueASN1(): OctetString
+	{
+		return new OctetString($this->_keyIdentifier);
+	}
 }

lib/X509/Certificate/Extension/PolicyConstraintsExtension.php

Indentation +113 added lines, -113 removed lines

@@ -16,125 +16,125 @@
  */
 class PolicyConstraintsExtension extends Extension
 {
-    /**
-     *
-     * @var int $_requireExplicitPolicy
-     */
-    protected $_requireExplicitPolicy;
+	/**
+	 *
+	 * @var int $_requireExplicitPolicy
+	 */
+	protected $_requireExplicitPolicy;
     
-    /**
-     *
-     * @var int $_inhibitPolicyMapping
-     */
-    protected $_inhibitPolicyMapping;
+	/**
+	 *
+	 * @var int $_inhibitPolicyMapping
+	 */
+	protected $_inhibitPolicyMapping;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param int|null $require_explicit_policy
-     * @param int|null $inhibit_policy_mapping
-     */
-    public function __construct(bool $critical, $require_explicit_policy = null,
-        $inhibit_policy_mapping = null)
-    {
-        parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
-        $this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval(
-            $require_explicit_policy) : null;
-        $this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval(
-            $inhibit_policy_mapping) : null;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param int|null $require_explicit_policy
+	 * @param int|null $inhibit_policy_mapping
+	 */
+	public function __construct(bool $critical, $require_explicit_policy = null,
+		$inhibit_policy_mapping = null)
+	{
+		parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
+		$this->_requireExplicitPolicy = isset($require_explicit_policy) ? intval(
+			$require_explicit_policy) : null;
+		$this->_inhibitPolicyMapping = isset($inhibit_policy_mapping) ? intval(
+			$inhibit_policy_mapping) : null;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $seq = Sequence::fromDER($data);
-        $require_explicit_policy = null;
-        $inhibit_policy_mapping = null;
-        if ($seq->hasTagged(0)) {
-            $require_explicit_policy = $seq->getTagged(0)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->intNumber();
-        }
-        if ($seq->hasTagged(1)) {
-            $inhibit_policy_mapping = $seq->getTagged(1)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->intNumber();
-        }
-        return new self($critical, $require_explicit_policy,
-            $inhibit_policy_mapping);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$seq = Sequence::fromDER($data);
+		$require_explicit_policy = null;
+		$inhibit_policy_mapping = null;
+		if ($seq->hasTagged(0)) {
+			$require_explicit_policy = $seq->getTagged(0)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->intNumber();
+		}
+		if ($seq->hasTagged(1)) {
+			$inhibit_policy_mapping = $seq->getTagged(1)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->intNumber();
+		}
+		return new self($critical, $require_explicit_policy,
+			$inhibit_policy_mapping);
+	}
     
-    /**
-     * Whether requireExplicitPolicy is present.
-     *
-     * @return bool
-     */
-    public function hasRequireExplicitPolicy(): bool
-    {
-        return isset($this->_requireExplicitPolicy);
-    }
+	/**
+	 * Whether requireExplicitPolicy is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRequireExplicitPolicy(): bool
+	{
+		return isset($this->_requireExplicitPolicy);
+	}
     
-    /**
-     * Get requireExplicitPolicy.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function requireExplicitPolicy(): int
-    {
-        if (!$this->hasRequireExplicitPolicy()) {
-            throw new \LogicException("requireExplicitPolicy not set.");
-        }
-        return $this->_requireExplicitPolicy;
-    }
+	/**
+	 * Get requireExplicitPolicy.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function requireExplicitPolicy(): int
+	{
+		if (!$this->hasRequireExplicitPolicy()) {
+			throw new \LogicException("requireExplicitPolicy not set.");
+		}
+		return $this->_requireExplicitPolicy;
+	}
     
-    /**
-     * Whether inhibitPolicyMapping is present.
-     *
-     * @return bool
-     */
-    public function hasInhibitPolicyMapping(): bool
-    {
-        return isset($this->_inhibitPolicyMapping);
-    }
+	/**
+	 * Whether inhibitPolicyMapping is present.
+	 *
+	 * @return bool
+	 */
+	public function hasInhibitPolicyMapping(): bool
+	{
+		return isset($this->_inhibitPolicyMapping);
+	}
     
-    /**
-     * Get inhibitPolicyMapping.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function inhibitPolicyMapping(): int
-    {
-        if (!$this->hasInhibitPolicyMapping()) {
-            throw new \LogicException("inhibitPolicyMapping not set.");
-        }
-        return $this->_inhibitPolicyMapping;
-    }
+	/**
+	 * Get inhibitPolicyMapping.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function inhibitPolicyMapping(): int
+	{
+		if (!$this->hasInhibitPolicyMapping()) {
+			throw new \LogicException("inhibitPolicyMapping not set.");
+		}
+		return $this->_inhibitPolicyMapping;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        $elements = array();
-        if (isset($this->_requireExplicitPolicy)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                new Integer($this->_requireExplicitPolicy));
-        }
-        if (isset($this->_inhibitPolicyMapping)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                new Integer($this->_inhibitPolicyMapping));
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		$elements = array();
+		if (isset($this->_requireExplicitPolicy)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				new Integer($this->_requireExplicitPolicy));
+		}
+		if (isset($this->_inhibitPolicyMapping)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				new Integer($this->_inhibitPolicyMapping));
+		}
+		return new Sequence(...$elements);
+	}
 }

lib/X509/Certificate/Extension/CertificatePoliciesExtension.php

Indentation +122 added lines, -122 removed lines

@@ -14,136 +14,136 @@
  * @link https://tools.ietf.org/html/rfc5280#section-4.2.1.4
  */
 class CertificatePoliciesExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Policy information terms.
-     *
-     * @var PolicyInformation[] $_policies
-     */
-    protected $_policies;
+	/**
+	 * Policy information terms.
+	 *
+	 * @var PolicyInformation[] $_policies
+	 */
+	protected $_policies;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param PolicyInformation ...$policies
-     */
-    public function __construct(bool $critical, PolicyInformation ...$policies)
-    {
-        parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
-        $this->_policies = [];
-        foreach ($policies as $policy) {
-            $this->_policies[$policy->oid()] = $policy;
-        }
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param PolicyInformation ...$policies
+	 */
+	public function __construct(bool $critical, PolicyInformation ...$policies)
+	{
+		parent::__construct(Extension::OID_CERTIFICATE_POLICIES, $critical);
+		$this->_policies = [];
+		foreach ($policies as $policy) {
+			$this->_policies[$policy->oid()] = $policy;
+		}
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $policies = array_map(
-            function (UnspecifiedType $el) {
-                return PolicyInformation::fromASN1($el->asSequence());
-            }, Sequence::fromDER($data)->elements());
-        if (!count($policies)) {
-            throw new \UnexpectedValueException(
-                "certificatePolicies must contain" .
-                     " at least one PolicyInformation.");
-        }
-        return new self($critical, ...$policies);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$policies = array_map(
+			function (UnspecifiedType $el) {
+				return PolicyInformation::fromASN1($el->asSequence());
+			}, Sequence::fromDER($data)->elements());
+		if (!count($policies)) {
+			throw new \UnexpectedValueException(
+				"certificatePolicies must contain" .
+					 " at least one PolicyInformation.");
+		}
+		return new self($critical, ...$policies);
+	}
     
-    /**
-     * Check whether policy information by OID is present.
-     *
-     * @param string $oid
-     * @return bool
-     */
-    public function has(string $oid): bool
-    {
-        return isset($this->_policies[$oid]);
-    }
+	/**
+	 * Check whether policy information by OID is present.
+	 *
+	 * @param string $oid
+	 * @return bool
+	 */
+	public function has(string $oid): bool
+	{
+		return isset($this->_policies[$oid]);
+	}
     
-    /**
-     * Get policy information by OID.
-     *
-     * @param string $oid
-     * @throws \LogicException
-     * @return PolicyInformation
-     */
-    public function get(string $oid): PolicyInformation
-    {
-        if (!$this->has($oid)) {
-            throw new \LogicException("Not certificate policy by OID $oid.");
-        }
-        return $this->_policies[$oid];
-    }
+	/**
+	 * Get policy information by OID.
+	 *
+	 * @param string $oid
+	 * @throws \LogicException
+	 * @return PolicyInformation
+	 */
+	public function get(string $oid): PolicyInformation
+	{
+		if (!$this->has($oid)) {
+			throw new \LogicException("Not certificate policy by OID $oid.");
+		}
+		return $this->_policies[$oid];
+	}
     
-    /**
-     * Check whether anyPolicy is present.
-     *
-     * @return bool
-     */
-    public function hasAnyPolicy(): bool
-    {
-        return $this->has(PolicyInformation::OID_ANY_POLICY);
-    }
+	/**
+	 * Check whether anyPolicy is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAnyPolicy(): bool
+	{
+		return $this->has(PolicyInformation::OID_ANY_POLICY);
+	}
     
-    /**
-     * Get anyPolicy information.
-     *
-     * @throws \LogicException If anyPolicy is not present.
-     * @return PolicyInformation
-     */
-    public function anyPolicy(): PolicyInformation
-    {
-        if (!$this->hasAnyPolicy()) {
-            throw new \LogicException("No anyPolicy.");
-        }
-        return $this->get(PolicyInformation::OID_ANY_POLICY);
-    }
+	/**
+	 * Get anyPolicy information.
+	 *
+	 * @throws \LogicException If anyPolicy is not present.
+	 * @return PolicyInformation
+	 */
+	public function anyPolicy(): PolicyInformation
+	{
+		if (!$this->hasAnyPolicy()) {
+			throw new \LogicException("No anyPolicy.");
+		}
+		return $this->get(PolicyInformation::OID_ANY_POLICY);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        if (!count($this->_policies)) {
-            throw new \LogicException("No policies.");
-        }
-        $elements = array_map(
-            function (PolicyInformation $pi) {
-                return $pi->toASN1();
-            }, array_values($this->_policies));
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		if (!count($this->_policies)) {
+			throw new \LogicException("No policies.");
+		}
+		$elements = array_map(
+			function (PolicyInformation $pi) {
+				return $pi->toASN1();
+			}, array_values($this->_policies));
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Get the number of policies.
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_policies);
-    }
+	/**
+	 * Get the number of policies.
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_policies);
+	}
     
-    /**
-     * Get iterator for policy information terms.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_policies);
-    }
+	/**
+	 * Get iterator for policy information terms.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_policies);
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -47,7 +47,7 @@ 
     protected static function _fromDER(string $data, bool $critical): self
     {
         $policies = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return PolicyInformation::fromASN1($el->asSequence());
             }, Sequence::fromDER($data)->elements());
         if (!count($policies)) {
@@ -119,7 +119,7 @@ 
             throw new \LogicException("No policies.");
         }
         $elements = array_map(
-            function (PolicyInformation $pi) {
+            function(PolicyInformation $pi) {
                 return $pi->toASN1();
             }, array_values($this->_policies));
         return new Sequence(...$elements);

lib/X509/Certificate/Extension/KeyUsageExtension.php

Indentation +137 added lines, -137 removed lines

@@ -14,155 +14,155 @@
  */
 class KeyUsageExtension extends Extension
 {
-    const DIGITAL_SIGNATURE = 0x100;
-    const NON_REPUDIATION = 0x080;
-    const KEY_ENCIPHERMENT = 0x040;
-    const DATA_ENCIPHERMENT = 0x020;
-    const KEY_AGREEMENT = 0x010;
-    const KEY_CERT_SIGN = 0x008;
-    const CRL_SIGN = 0x004;
-    const ENCIPHER_ONLY = 0x002;
-    const DECIPHER_ONLY = 0x001;
+	const DIGITAL_SIGNATURE = 0x100;
+	const NON_REPUDIATION = 0x080;
+	const KEY_ENCIPHERMENT = 0x040;
+	const DATA_ENCIPHERMENT = 0x020;
+	const KEY_AGREEMENT = 0x010;
+	const KEY_CERT_SIGN = 0x008;
+	const CRL_SIGN = 0x004;
+	const ENCIPHER_ONLY = 0x002;
+	const DECIPHER_ONLY = 0x001;
     
-    /**
-     * Key usage flags.
-     *
-     * @var int $_keyUsage
-     */
-    protected $_keyUsage;
+	/**
+	 * Key usage flags.
+	 *
+	 * @var int $_keyUsage
+	 */
+	protected $_keyUsage;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param int $keyUsage
-     */
-    public function __construct(bool $critical, int $keyUsage)
-    {
-        parent::__construct(self::OID_KEY_USAGE, $critical);
-        $this->_keyUsage = $keyUsage;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param int $keyUsage
+	 */
+	public function __construct(bool $critical, int $keyUsage)
+	{
+		parent::__construct(self::OID_KEY_USAGE, $critical);
+		$this->_keyUsage = $keyUsage;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        return new self($critical,
-            Flags::fromBitString(BitString::fromDER($data), 9)->intNumber());
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		return new self($critical,
+			Flags::fromBitString(BitString::fromDER($data), 9)->intNumber());
+	}
     
-    /**
-     * Check whether digitalSignature flag is set.
-     *
-     * @return bool
-     */
-    public function isDigitalSignature(): bool
-    {
-        return $this->_flagSet(self::DIGITAL_SIGNATURE);
-    }
+	/**
+	 * Check whether digitalSignature flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isDigitalSignature(): bool
+	{
+		return $this->_flagSet(self::DIGITAL_SIGNATURE);
+	}
     
-    /**
-     * Check whether nonRepudiation/contentCommitment flag is set.
-     *
-     * @return bool
-     */
-    public function isNonRepudiation(): bool
-    {
-        return $this->_flagSet(self::NON_REPUDIATION);
-    }
+	/**
+	 * Check whether nonRepudiation/contentCommitment flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isNonRepudiation(): bool
+	{
+		return $this->_flagSet(self::NON_REPUDIATION);
+	}
     
-    /**
-     * Check whether keyEncipherment flag is set.
-     *
-     * @return bool
-     */
-    public function isKeyEncipherment(): bool
-    {
-        return $this->_flagSet(self::KEY_ENCIPHERMENT);
-    }
+	/**
+	 * Check whether keyEncipherment flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isKeyEncipherment(): bool
+	{
+		return $this->_flagSet(self::KEY_ENCIPHERMENT);
+	}
     
-    /**
-     * Check whether dataEncipherment flag is set.
-     *
-     * @return bool
-     */
-    public function isDataEncipherment(): bool
-    {
-        return $this->_flagSet(self::DATA_ENCIPHERMENT);
-    }
+	/**
+	 * Check whether dataEncipherment flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isDataEncipherment(): bool
+	{
+		return $this->_flagSet(self::DATA_ENCIPHERMENT);
+	}
     
-    /**
-     * Check whether keyAgreement flag is set.
-     *
-     * @return bool
-     */
-    public function isKeyAgreement(): bool
-    {
-        return $this->_flagSet(self::KEY_AGREEMENT);
-    }
+	/**
+	 * Check whether keyAgreement flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isKeyAgreement(): bool
+	{
+		return $this->_flagSet(self::KEY_AGREEMENT);
+	}
     
-    /**
-     * Check whether keyCertSign flag is set.
-     *
-     * @return bool
-     */
-    public function isKeyCertSign(): bool
-    {
-        return $this->_flagSet(self::KEY_CERT_SIGN);
-    }
+	/**
+	 * Check whether keyCertSign flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isKeyCertSign(): bool
+	{
+		return $this->_flagSet(self::KEY_CERT_SIGN);
+	}
     
-    /**
-     * Check whether cRLSign flag is set.
-     *
-     * @return bool
-     */
-    public function isCRLSign(): bool
-    {
-        return $this->_flagSet(self::CRL_SIGN);
-    }
+	/**
+	 * Check whether cRLSign flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isCRLSign(): bool
+	{
+		return $this->_flagSet(self::CRL_SIGN);
+	}
     
-    /**
-     * Check whether encipherOnly flag is set.
-     *
-     * @return bool
-     */
-    public function isEncipherOnly(): bool
-    {
-        return $this->_flagSet(self::ENCIPHER_ONLY);
-    }
+	/**
+	 * Check whether encipherOnly flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isEncipherOnly(): bool
+	{
+		return $this->_flagSet(self::ENCIPHER_ONLY);
+	}
     
-    /**
-     * Check whether decipherOnly flag is set.
-     *
-     * @return bool
-     */
-    public function isDecipherOnly(): bool
-    {
-        return $this->_flagSet(self::DECIPHER_ONLY);
-    }
+	/**
+	 * Check whether decipherOnly flag is set.
+	 *
+	 * @return bool
+	 */
+	public function isDecipherOnly(): bool
+	{
+		return $this->_flagSet(self::DECIPHER_ONLY);
+	}
     
-    /**
-     * Check whether given flag is set.
-     *
-     * @param int $flag
-     * @return boolean
-     */
-    protected function _flagSet(int $flag): bool
-    {
-        return (bool) ($this->_keyUsage & $flag);
-    }
+	/**
+	 * Check whether given flag is set.
+	 *
+	 * @param int $flag
+	 * @return boolean
+	 */
+	protected function _flagSet(int $flag): bool
+	{
+		return (bool) ($this->_keyUsage & $flag);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return BitString
-     */
-    protected function _valueASN1(): BitString
-    {
-        $flags = new Flags($this->_keyUsage, 9);
-        return $flags->bitString()->withoutTrailingZeroes();
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return BitString
+	 */
+	protected function _valueASN1(): BitString
+	{
+		$flags = new Flags($this->_keyUsage, 9);
+		return $flags->bitString()->withoutTrailingZeroes();
+	}
 }