Inspection of "Update deps" - sop/x509 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 584877...f7ba31 )

by Joni

created 2017-11-07 09:01 UTC

Status

Indentation +123 added lines, -123 removed lines patch added patch discarded remove patch

@@ -19,139 +19,139 @@
 block discarded – undo
  * @link https://tools.ietf.org/html/rfc5755#section-4.3.2
  */
 class TargetInformationExtension extends Extension implements 
-    \Countable,
-    \IteratorAggregate
+	\Countable,
+	\IteratorAggregate
 {
-    /**
-     * Targets elements.
-     *
-     * @var Targets[] $_targets
-     */
-    protected $_targets;
+	/**
+	 * Targets elements.
+	 *
+	 * @var Targets[] $_targets
+	 */
+	protected $_targets;
     
-    /**
-     * Targets[] merged to single Targets.
-     *
-     * @var Targets|null
-     */
-    private $_merged;
+	/**
+	 * Targets[] merged to single Targets.
+	 *
+	 * @var Targets|null
+	 */
+	private $_merged;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param Targets[] $targets
-     */
-    public function __construct(bool $critical, Targets ...$targets)
-    {
-        parent::__construct(self::OID_TARGET_INFORMATION, $critical);
-        $this->_targets = $targets;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param Targets[] $targets
+	 */
+	public function __construct(bool $critical, Targets ...$targets)
+	{
+		parent::__construct(self::OID_TARGET_INFORMATION, $critical);
+		$this->_targets = $targets;
+	}
     
-    /**
-     * Initialize from one or more Target objects.
-     *
-     * Extension criticality shall be set to true as specified by RFC 5755.
-     *
-     * @param Target[] $target
-     * @return TargetInformationExtension
-     */
-    public static function fromTargets(Target ...$target): self
-    {
-        return new self(true, new Targets(...$target));
-    }
+	/**
+	 * Initialize from one or more Target objects.
+	 *
+	 * Extension criticality shall be set to true as specified by RFC 5755.
+	 *
+	 * @param Target[] $target
+	 * @return TargetInformationExtension
+	 */
+	public static function fromTargets(Target ...$target): self
+	{
+		return new self(true, new Targets(...$target));
+	}
     
-    /**
-     * Reset internal state on clone.
-     */
-    public function __clone()
-    {
-        $this->_merged = null;
-    }
+	/**
+	 * Reset internal state on clone.
+	 */
+	public function __clone()
+	{
+		$this->_merged = null;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER(string $data, bool $critical): self
-    {
-        $targets = array_map(
-            function (UnspecifiedType $el) {
-                return Targets::fromASN1($el->asSequence());
-            }, Sequence::fromDER($data)->elements());
-        return new self($critical, ...$targets);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER(string $data, bool $critical): self
+	{
+		$targets = array_map(
+			function (UnspecifiedType $el) {
+				return Targets::fromASN1($el->asSequence());
+			}, Sequence::fromDER($data)->elements());
+		return new self($critical, ...$targets);
+	}
     
-    /**
-     * Get all targets.
-     *
-     * @return Targets
-     */
-    public function targets(): Targets
-    {
-        if (!isset($this->_merged)) {
-            $a = array();
-            foreach ($this->_targets as $targets) {
-                $a = array_merge($a, $targets->all());
-            }
-            $this->_merged = new Targets(...$a);
-        }
-        return $this->_merged;
-    }
+	/**
+	 * Get all targets.
+	 *
+	 * @return Targets
+	 */
+	public function targets(): Targets
+	{
+		if (!isset($this->_merged)) {
+			$a = array();
+			foreach ($this->_targets as $targets) {
+				$a = array_merge($a, $targets->all());
+			}
+			$this->_merged = new Targets(...$a);
+		}
+		return $this->_merged;
+	}
     
-    /**
-     * Get all name targets.
-     *
-     * @return Target[]
-     */
-    public function names(): array
-    {
-        return $this->targets()->nameTargets();
-    }
+	/**
+	 * Get all name targets.
+	 *
+	 * @return Target[]
+	 */
+	public function names(): array
+	{
+		return $this->targets()->nameTargets();
+	}
     
-    /**
-     * Get all group targets.
-     *
-     * @return Target[]
-     */
-    public function groups(): array
-    {
-        return $this->targets()->groupTargets();
-    }
+	/**
+	 * Get all group targets.
+	 *
+	 * @return Target[]
+	 */
+	public function groups(): array
+	{
+		return $this->targets()->groupTargets();
+	}
     
-    /**
-     *
-     * @see \X509\Certificate\Extension\Extension::_valueASN1()
-     * @return Sequence
-     */
-    protected function _valueASN1(): Sequence
-    {
-        $elements = array_map(
-            function (Targets $targets) {
-                return $targets->toASN1();
-            }, $this->_targets);
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * @see \X509\Certificate\Extension\Extension::_valueASN1()
+	 * @return Sequence
+	 */
+	protected function _valueASN1(): Sequence
+	{
+		$elements = array_map(
+			function (Targets $targets) {
+				return $targets->toASN1();
+			}, $this->_targets);
+		return new Sequence(...$elements);
+	}
     
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->targets());
-    }
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->targets());
+	}
     
-    /**
-     * Get iterator for targets.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->targets()->all());
-    }
+	/**
+	 * Get iterator for targets.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->targets()->all());
+	}
 }

Please login to merge, or discard this patch.

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -77,7 +77,7 @@  discard block
 block discarded – undo
     protected static function _fromDER(string $data, bool $critical): self
     {
         $targets = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return Targets::fromASN1($el->asSequence());
             }, Sequence::fromDER($data)->elements());
         return new self($critical, ...$targets);
@@ -128,7 +128,7 @@  discard block
 block discarded – undo
     protected function _valueASN1(): Sequence
     {
         $elements = array_map(
-            function (Targets $targets) {
+            function(Targets $targets) {
                 return $targets->toASN1();
             }, $this->_targets);
         return new Sequence(...$elements);

Please login to merge, or discard this patch.

lib/X509/CertificationPath/Policy/PolicyNode.php 1 patch

Indentation +238 added lines, -238 removed lines patch added patch discarded remove patch

@@ -14,265 +14,265 @@
 block discarded – undo
  */
 class PolicyNode implements \IteratorAggregate, \Countable
 {
-    /**
-     * Policy OID.
-     *
-     * @var string
-     */
-    protected $_validPolicy;
+	/**
+	 * Policy OID.
+	 *
+	 * @var string
+	 */
+	protected $_validPolicy;
     
-    /**
-     * List of qualifiers.
-     *
-     * @var \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
-     */
-    protected $_qualifiers;
+	/**
+	 * List of qualifiers.
+	 *
+	 * @var \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
+	 */
+	protected $_qualifiers;
     
-    /**
-     * List of expected policy OIDs.
-     *
-     * @var string[]
-     */
-    protected $_expectedPolicies;
+	/**
+	 * List of expected policy OIDs.
+	 *
+	 * @var string[]
+	 */
+	protected $_expectedPolicies;
     
-    /**
-     * List of child nodes.
-     *
-     * @var PolicyNode[]
-     */
-    protected $_children;
+	/**
+	 * List of child nodes.
+	 *
+	 * @var PolicyNode[]
+	 */
+	protected $_children;
     
-    /**
-     * Reference to the parent node.
-     *
-     * @var PolicyNode|null
-     */
-    protected $_parent;
+	/**
+	 * Reference to the parent node.
+	 *
+	 * @var PolicyNode|null
+	 */
+	protected $_parent;
     
-    /**
-     * Constructor.
-     *
-     * @param string $valid_policy Policy OID
-     * @param \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[] $qualifiers
-     * @param string[] $expected_policies
-     */
-    public function __construct(string $valid_policy, array $qualifiers,
-        array $expected_policies)
-    {
-        $this->_validPolicy = $valid_policy;
-        $this->_qualifiers = $qualifiers;
-        $this->_expectedPolicies = $expected_policies;
-        $this->_children = array();
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $valid_policy Policy OID
+	 * @param \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[] $qualifiers
+	 * @param string[] $expected_policies
+	 */
+	public function __construct(string $valid_policy, array $qualifiers,
+		array $expected_policies)
+	{
+		$this->_validPolicy = $valid_policy;
+		$this->_qualifiers = $qualifiers;
+		$this->_expectedPolicies = $expected_policies;
+		$this->_children = array();
+	}
     
-    /**
-     * Create initial node for the policy tree.
-     *
-     * @return self
-     */
-    public static function anyPolicyNode(): self
-    {
-        return new self(PolicyInformation::OID_ANY_POLICY, array(),
-            array(PolicyInformation::OID_ANY_POLICY));
-    }
+	/**
+	 * Create initial node for the policy tree.
+	 *
+	 * @return self
+	 */
+	public static function anyPolicyNode(): self
+	{
+		return new self(PolicyInformation::OID_ANY_POLICY, array(),
+			array(PolicyInformation::OID_ANY_POLICY));
+	}
     
-    /**
-     * Get the valid policy OID.
-     *
-     * @return string
-     */
-    public function validPolicy(): string
-    {
-        return $this->_validPolicy;
-    }
+	/**
+	 * Get the valid policy OID.
+	 *
+	 * @return string
+	 */
+	public function validPolicy(): string
+	{
+		return $this->_validPolicy;
+	}
     
-    /**
-     * Check whether node has anyPolicy as a valid policy.
-     *
-     * @return boolean
-     */
-    public function isAnyPolicy(): bool
-    {
-        return PolicyInformation::OID_ANY_POLICY == $this->_validPolicy;
-    }
+	/**
+	 * Check whether node has anyPolicy as a valid policy.
+	 *
+	 * @return boolean
+	 */
+	public function isAnyPolicy(): bool
+	{
+		return PolicyInformation::OID_ANY_POLICY == $this->_validPolicy;
+	}
     
-    /**
-     * Get the qualifier set.
-     *
-     * @return \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
-     */
-    public function qualifiers(): array
-    {
-        return $this->_qualifiers;
-    }
+	/**
+	 * Get the qualifier set.
+	 *
+	 * @return \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
+	 */
+	public function qualifiers(): array
+	{
+		return $this->_qualifiers;
+	}
     
-    /**
-     * Check whether node has OID as an expected policy.
-     *
-     * @param string $oid
-     * @return boolean
-     */
-    public function hasExpectedPolicy(string $oid): bool
-    {
-        return in_array($oid, $this->_expectedPolicies);
-    }
+	/**
+	 * Check whether node has OID as an expected policy.
+	 *
+	 * @param string $oid
+	 * @return boolean
+	 */
+	public function hasExpectedPolicy(string $oid): bool
+	{
+		return in_array($oid, $this->_expectedPolicies);
+	}
     
-    /**
-     * Get the expected policy set.
-     *
-     * @return string[]
-     */
-    public function expectedPolicies(): array
-    {
-        return $this->_expectedPolicies;
-    }
+	/**
+	 * Get the expected policy set.
+	 *
+	 * @return string[]
+	 */
+	public function expectedPolicies(): array
+	{
+		return $this->_expectedPolicies;
+	}
     
-    /**
-     * Set expected policies.
-     *
-     * @param string ...$oids Policy OIDs
-     */
-    public function setExpectedPolicies(string ...$oids)
-    {
-        $this->_expectedPolicies = $oids;
-    }
+	/**
+	 * Set expected policies.
+	 *
+	 * @param string ...$oids Policy OIDs
+	 */
+	public function setExpectedPolicies(string ...$oids)
+	{
+		$this->_expectedPolicies = $oids;
+	}
     
-    /**
-     * Check whether node has a child node with given valid policy OID.
-     *
-     * @param string $oid
-     * @return boolean
-     */
-    public function hasChildWithValidPolicy(string $oid): bool
-    {
-        foreach ($this->_children as $node) {
-            if ($node->validPolicy() == $oid) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether node has a child node with given valid policy OID.
+	 *
+	 * @param string $oid
+	 * @return boolean
+	 */
+	public function hasChildWithValidPolicy(string $oid): bool
+	{
+		foreach ($this->_children as $node) {
+			if ($node->validPolicy() == $oid) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Add child node.
-     *
-     * @param PolicyNode $node
-     * @return self
-     */
-    public function addChild(PolicyNode $node): self
-    {
-        $id = spl_object_hash($node);
-        $node->_parent = $this;
-        $this->_children[$id] = $node;
-        return $this;
-    }
+	/**
+	 * Add child node.
+	 *
+	 * @param PolicyNode $node
+	 * @return self
+	 */
+	public function addChild(PolicyNode $node): self
+	{
+		$id = spl_object_hash($node);
+		$node->_parent = $this;
+		$this->_children[$id] = $node;
+		return $this;
+	}
     
-    /**
-     * Get the child nodes.
-     *
-     * @return PolicyNode[]
-     */
-    public function children(): array
-    {
-        return array_values($this->_children);
-    }
+	/**
+	 * Get the child nodes.
+	 *
+	 * @return PolicyNode[]
+	 */
+	public function children(): array
+	{
+		return array_values($this->_children);
+	}
     
-    /**
-     * Remove this node from the tree.
-     *
-     * @return self The removed node
-     */
-    public function remove(): self
-    {
-        if ($this->_parent) {
-            $id = spl_object_hash($this);
-            unset($this->_parent->_children[$id]);
-            unset($this->_parent);
-        }
-        return $this;
-    }
+	/**
+	 * Remove this node from the tree.
+	 *
+	 * @return self The removed node
+	 */
+	public function remove(): self
+	{
+		if ($this->_parent) {
+			$id = spl_object_hash($this);
+			unset($this->_parent->_children[$id]);
+			unset($this->_parent);
+		}
+		return $this;
+	}
     
-    /**
-     * Check whether node has a parent.
-     *
-     * @return bool
-     */
-    public function hasParent(): bool
-    {
-        return isset($this->_parent);
-    }
+	/**
+	 * Check whether node has a parent.
+	 *
+	 * @return bool
+	 */
+	public function hasParent(): bool
+	{
+		return isset($this->_parent);
+	}
     
-    /**
-     * Get the parent node.
-     *
-     * @return PolicyNode|null
-     */
-    public function parent()
-    {
-        return $this->_parent;
-    }
+	/**
+	 * Get the parent node.
+	 *
+	 * @return PolicyNode|null
+	 */
+	public function parent()
+	{
+		return $this->_parent;
+	}
     
-    /**
-     * Get chain of parent nodes from this node's parent to the root node.
-     *
-     * @return PolicyNode[]
-     */
-    public function parents(): array
-    {
-        if (!$this->_parent) {
-            return array();
-        }
-        $nodes = $this->_parent->parents();
-        $nodes[] = $this->_parent;
-        return array_reverse($nodes);
-    }
+	/**
+	 * Get chain of parent nodes from this node's parent to the root node.
+	 *
+	 * @return PolicyNode[]
+	 */
+	public function parents(): array
+	{
+		if (!$this->_parent) {
+			return array();
+		}
+		$nodes = $this->_parent->parents();
+		$nodes[] = $this->_parent;
+		return array_reverse($nodes);
+	}
     
-    /**
-     * Walk tree from this node, applying a callback for each node.
-     *
-     * Nodes are traversed depth-first and callback shall be applied post-order.
-     *
-     * @param callable $fn
-     */
-    public function walkNodes(callable $fn)
-    {
-        foreach ($this->_children as $node) {
-            $node->walkNodes($fn);
-        }
-        $fn($this);
-    }
+	/**
+	 * Walk tree from this node, applying a callback for each node.
+	 *
+	 * Nodes are traversed depth-first and callback shall be applied post-order.
+	 *
+	 * @param callable $fn
+	 */
+	public function walkNodes(callable $fn)
+	{
+		foreach ($this->_children as $node) {
+			$node->walkNodes($fn);
+		}
+		$fn($this);
+	}
     
-    /**
-     * Get the total number of nodes in a tree.
-     *
-     * @return int
-     */
-    public function nodeCount(): int
-    {
-        $c = 1;
-        foreach ($this->_children as $child) {
-            $c += $child->nodeCount();
-        }
-        return $c;
-    }
+	/**
+	 * Get the total number of nodes in a tree.
+	 *
+	 * @return int
+	 */
+	public function nodeCount(): int
+	{
+		$c = 1;
+		foreach ($this->_children as $child) {
+			$c += $child->nodeCount();
+		}
+		return $c;
+	}
     
-    /**
-     * Get the number of child nodes.
-     *
-     * @see \Countable::count()
-     */
-    public function count(): int
-    {
-        return count($this->_children);
-    }
+	/**
+	 * Get the number of child nodes.
+	 *
+	 * @see \Countable::count()
+	 */
+	public function count(): int
+	{
+		return count($this->_children);
+	}
     
-    /**
-     * Get iterator for the child nodes.
-     *
-     * @see \IteratorAggregate::getIterator()
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_children);
-    }
+	/**
+	 * Get iterator for the child nodes.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_children);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/CertificationPath/Policy/PolicyTree.php 1 patch

Indentation +393 added lines, -393 removed lines patch added patch discarded remove patch

@@ -10,411 +10,411 @@
 block discarded – undo
 
 class PolicyTree
 {
-    /**
-     * Root node at depth zero.
-     *
-     * @var PolicyNode|null
-     */
-    protected $_root;
+	/**
+	 * Root node at depth zero.
+	 *
+	 * @var PolicyNode|null
+	 */
+	protected $_root;
     
-    /**
-     * Constructor.
-     *
-     * @param PolicyNode $root Initial root node
-     */
-    public function __construct(PolicyNode $root)
-    {
-        $this->_root = $root;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param PolicyNode $root Initial root node
+	 */
+	public function __construct(PolicyNode $root)
+	{
+		$this->_root = $root;
+	}
     
-    /**
-     * Process policy information from the certificate.
-     *
-     * Certificate policies extension must be present.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    public function processPolicies(ValidatorState $state, Certificate $cert): ValidatorState
-    {
-        $policies = $cert->tbsCertificate()
-            ->extensions()
-            ->certificatePolicies();
-        $tree = clone $this;
-        // (d.1) for each policy P not equal to anyPolicy
-        foreach ($policies as $policy) {
-            if ($policy->isAnyPolicy()) {
-                $tree->_processAnyPolicy($policy, $cert, $state);
-            } else {
-                $tree->_processPolicy($policy, $state);
-            }
-        }
-        // if whole tree is pruned
-        if (!$tree->_pruneTree($state->index() - 1)) {
-            return $state->withoutValidPolicyTree();
-        }
-        return $state->withValidPolicyTree($tree);
-    }
+	/**
+	 * Process policy information from the certificate.
+	 *
+	 * Certificate policies extension must be present.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	public function processPolicies(ValidatorState $state, Certificate $cert): ValidatorState
+	{
+		$policies = $cert->tbsCertificate()
+			->extensions()
+			->certificatePolicies();
+		$tree = clone $this;
+		// (d.1) for each policy P not equal to anyPolicy
+		foreach ($policies as $policy) {
+			if ($policy->isAnyPolicy()) {
+				$tree->_processAnyPolicy($policy, $cert, $state);
+			} else {
+				$tree->_processPolicy($policy, $state);
+			}
+		}
+		// if whole tree is pruned
+		if (!$tree->_pruneTree($state->index() - 1)) {
+			return $state->withoutValidPolicyTree();
+		}
+		return $state->withValidPolicyTree($tree);
+	}
     
-    /**
-     * Process policy mappings from the certificate.
-     *
-     * @param ValidatorState $state
-     * @param Certificate $cert
-     * @return ValidatorState
-     */
-    public function processMappings(ValidatorState $state, Certificate $cert): ValidatorState
-    {
-        $tree = clone $this;
-        if ($state->policyMapping() > 0) {
-            $tree->_applyMappings($cert, $state);
-        } else if ($state->policyMapping() == 0) {
-            $tree->_deleteMappings($cert, $state);
-        }
-        // if whole tree is pruned
-        if (!$tree->_root) {
-            return $state->withoutValidPolicyTree();
-        }
-        return $state->withValidPolicyTree($tree);
-    }
+	/**
+	 * Process policy mappings from the certificate.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate $cert
+	 * @return ValidatorState
+	 */
+	public function processMappings(ValidatorState $state, Certificate $cert): ValidatorState
+	{
+		$tree = clone $this;
+		if ($state->policyMapping() > 0) {
+			$tree->_applyMappings($cert, $state);
+		} else if ($state->policyMapping() == 0) {
+			$tree->_deleteMappings($cert, $state);
+		}
+		// if whole tree is pruned
+		if (!$tree->_root) {
+			return $state->withoutValidPolicyTree();
+		}
+		return $state->withValidPolicyTree($tree);
+	}
     
-    /**
-     * Calculate policy intersection as specified in Wrap-Up Procedure 6.1.5.g.
-     *
-     * @param ValidatorState $state
-     * @param array $policies
-     * @return ValidatorState
-     */
-    public function calculateIntersection(ValidatorState $state, array $policies): ValidatorState
-    {
-        $tree = clone $this;
-        $valid_policy_node_set = $tree->_validPolicyNodeSet();
-        // 2. If the valid_policy of any node in the valid_policy_node_set
-        // is not in the user-initial-policy-set and is not anyPolicy,
-        // delete this node and all its children.
-        $valid_policy_node_set = array_filter($valid_policy_node_set,
-            function (PolicyNode $node) use ($policies) {
-                if ($node->isAnyPolicy()) {
-                    return true;
-                }
-                if (in_array($node->validPolicy(), $policies)) {
-                    return true;
-                }
-                $node->remove();
-                return false;
-            });
-        // array of valid policy OIDs
-        $valid_policy_set = array_map(
-            function (PolicyNode $node) {
-                return $node->validPolicy();
-            }, $valid_policy_node_set);
-        // 3. If the valid_policy_tree includes a node of depth n with
-        // the valid_policy anyPolicy and the user-initial-policy-set 
-        // is not any-policy
-        foreach ($tree->_nodesAtDepth($state->index()) as $node) {
-            if ($node->hasParent() && $node->isAnyPolicy()) {
-                // a. Set P-Q to the qualifier_set in the node of depth n
-                // with valid_policy anyPolicy.
-                $pq = $node->qualifiers();
-                // b. For each P-OID in the user-initial-policy-set that is not
-                // the valid_policy of a node in the valid_policy_node_set,
-                // create a child node whose parent is the node of depth n-1
-                // with the valid_policy anyPolicy.
-                $poids = array_diff($policies, $valid_policy_set);
-                foreach ($tree->_nodesAtDepth($state->index() - 1) as $parent) {
-                    if ($parent->isAnyPolicy()) {
-                        // Set the values in the child node as follows: 
-                        // set the valid_policy to P-OID, set the qualifier_set
-                        // to P-Q, and set the expected_policy_set to {P-OID}.
-                        foreach ($poids as $poid) {
-                            $parent->addChild(
-                                new PolicyNode($poid, $pq, array($poid)));
-                        }
-                        break;
-                    }
-                }
-                // c. Delete the node of depth n with the
-                // valid_policy anyPolicy.
-                $node->remove();
-            }
-        }
-        // 4. If there is a node in the valid_policy_tree of depth n-1 or less
-        // without any child nodes, delete that node. Repeat this step until
-        // there are no nodes of depth n-1 or less without children.
-        if (!$tree->_pruneTree($state->index() - 1)) {
-            return $state->withoutValidPolicyTree();
-        }
-        return $state->withValidPolicyTree($tree);
-    }
+	/**
+	 * Calculate policy intersection as specified in Wrap-Up Procedure 6.1.5.g.
+	 *
+	 * @param ValidatorState $state
+	 * @param array $policies
+	 * @return ValidatorState
+	 */
+	public function calculateIntersection(ValidatorState $state, array $policies): ValidatorState
+	{
+		$tree = clone $this;
+		$valid_policy_node_set = $tree->_validPolicyNodeSet();
+		// 2. If the valid_policy of any node in the valid_policy_node_set
+		// is not in the user-initial-policy-set and is not anyPolicy,
+		// delete this node and all its children.
+		$valid_policy_node_set = array_filter($valid_policy_node_set,
+			function (PolicyNode $node) use ($policies) {
+				if ($node->isAnyPolicy()) {
+					return true;
+				}
+				if (in_array($node->validPolicy(), $policies)) {
+					return true;
+				}
+				$node->remove();
+				return false;
+			});
+		// array of valid policy OIDs
+		$valid_policy_set = array_map(
+			function (PolicyNode $node) {
+				return $node->validPolicy();
+			}, $valid_policy_node_set);
+		// 3. If the valid_policy_tree includes a node of depth n with
+		// the valid_policy anyPolicy and the user-initial-policy-set 
+		// is not any-policy
+		foreach ($tree->_nodesAtDepth($state->index()) as $node) {
+			if ($node->hasParent() && $node->isAnyPolicy()) {
+				// a. Set P-Q to the qualifier_set in the node of depth n
+				// with valid_policy anyPolicy.
+				$pq = $node->qualifiers();
+				// b. For each P-OID in the user-initial-policy-set that is not
+				// the valid_policy of a node in the valid_policy_node_set,
+				// create a child node whose parent is the node of depth n-1
+				// with the valid_policy anyPolicy.
+				$poids = array_diff($policies, $valid_policy_set);
+				foreach ($tree->_nodesAtDepth($state->index() - 1) as $parent) {
+					if ($parent->isAnyPolicy()) {
+						// Set the values in the child node as follows: 
+						// set the valid_policy to P-OID, set the qualifier_set
+						// to P-Q, and set the expected_policy_set to {P-OID}.
+						foreach ($poids as $poid) {
+							$parent->addChild(
+								new PolicyNode($poid, $pq, array($poid)));
+						}
+						break;
+					}
+				}
+				// c. Delete the node of depth n with the
+				// valid_policy anyPolicy.
+				$node->remove();
+			}
+		}
+		// 4. If there is a node in the valid_policy_tree of depth n-1 or less
+		// without any child nodes, delete that node. Repeat this step until
+		// there are no nodes of depth n-1 or less without children.
+		if (!$tree->_pruneTree($state->index() - 1)) {
+			return $state->withoutValidPolicyTree();
+		}
+		return $state->withValidPolicyTree($tree);
+	}
     
-    /**
-     * Get policies at given policy tree depth.
-     *
-     * @param int $i Depth in range 1..n
-     * @return PolicyInformation[]
-     */
-    public function policiesAtDepth(int $i): array
-    {
-        $policies = array();
-        foreach ($this->_nodesAtDepth($i) as $node) {
-            $policies[] = new PolicyInformation($node->validPolicy(),
-                ...$node->qualifiers());
-        }
-        return $policies;
-    }
+	/**
+	 * Get policies at given policy tree depth.
+	 *
+	 * @param int $i Depth in range 1..n
+	 * @return PolicyInformation[]
+	 */
+	public function policiesAtDepth(int $i): array
+	{
+		$policies = array();
+		foreach ($this->_nodesAtDepth($i) as $node) {
+			$policies[] = new PolicyInformation($node->validPolicy(),
+				...$node->qualifiers());
+		}
+		return $policies;
+	}
     
-    /**
-     * Process single policy information.
-     *
-     * @param PolicyInformation $policy
-     * @param ValidatorState $state
-     */
-    protected function _processPolicy(PolicyInformation $policy,
-        ValidatorState $state)
-    {
-        $p_oid = $policy->oid();
-        $i = $state->index();
-        $match_count = 0;
-        // (d.1.i) for each node of depth i-1 in the valid_policy_tree...
-        foreach ($this->_nodesAtDepth($i - 1) as $node) {
-            // ...where P-OID is in the expected_policy_set
-            if ($node->hasExpectedPolicy($p_oid)) {
-                $node->addChild(
-                    new PolicyNode($p_oid, $policy->qualifiers(), array($p_oid)));
-                ++$match_count;
-            }
-        }
-        // (d.1.ii) if there was no match in step (i)...
-        if (!$match_count) {
-            // ...and the valid_policy_tree includes a node of depth i-1 with
-            // the valid_policy anyPolicy
-            foreach ($this->_nodesAtDepth($i - 1) as $node) {
-                if ($node->isAnyPolicy()) {
-                    $node->addChild(
-                        new PolicyNode($p_oid, $policy->qualifiers(),
-                            array($p_oid)));
-                }
-            }
-        }
-    }
+	/**
+	 * Process single policy information.
+	 *
+	 * @param PolicyInformation $policy
+	 * @param ValidatorState $state
+	 */
+	protected function _processPolicy(PolicyInformation $policy,
+		ValidatorState $state)
+	{
+		$p_oid = $policy->oid();
+		$i = $state->index();
+		$match_count = 0;
+		// (d.1.i) for each node of depth i-1 in the valid_policy_tree...
+		foreach ($this->_nodesAtDepth($i - 1) as $node) {
+			// ...where P-OID is in the expected_policy_set
+			if ($node->hasExpectedPolicy($p_oid)) {
+				$node->addChild(
+					new PolicyNode($p_oid, $policy->qualifiers(), array($p_oid)));
+				++$match_count;
+			}
+		}
+		// (d.1.ii) if there was no match in step (i)...
+		if (!$match_count) {
+			// ...and the valid_policy_tree includes a node of depth i-1 with
+			// the valid_policy anyPolicy
+			foreach ($this->_nodesAtDepth($i - 1) as $node) {
+				if ($node->isAnyPolicy()) {
+					$node->addChild(
+						new PolicyNode($p_oid, $policy->qualifiers(),
+							array($p_oid)));
+				}
+			}
+		}
+	}
     
-    /**
-     * Process anyPolicy policy information.
-     *
-     * @param PolicyInformation $policy
-     * @param Certificate $cert
-     * @param ValidatorState $state
-     */
-    protected function _processAnyPolicy(PolicyInformation $policy,
-        Certificate $cert, ValidatorState $state)
-    {
-        $i = $state->index();
-        // if (a) inhibit_anyPolicy is greater than 0 or
-        // (b) i<n and the certificate is self-issued
-        if (!($state->inhibitAnyPolicy() > 0 ||
-             ($i < $state->pathLength() && $cert->isSelfIssued()))) {
-            return;
-        }
-        // for each node in the valid_policy_tree of depth i-1
-        foreach ($this->_nodesAtDepth($i - 1) as $node) {
-            // for each value in the expected_policy_set
-            foreach ($node->expectedPolicies() as $p_oid) {
-                // that does not appear in a child node
-                if (!$node->hasChildWithValidPolicy($p_oid)) {
-                    $node->addChild(
-                        new PolicyNode($p_oid, $policy->qualifiers(),
-                            array($p_oid)));
-                }
-            }
-        }
-    }
+	/**
+	 * Process anyPolicy policy information.
+	 *
+	 * @param PolicyInformation $policy
+	 * @param Certificate $cert
+	 * @param ValidatorState $state
+	 */
+	protected function _processAnyPolicy(PolicyInformation $policy,
+		Certificate $cert, ValidatorState $state)
+	{
+		$i = $state->index();
+		// if (a) inhibit_anyPolicy is greater than 0 or
+		// (b) i<n and the certificate is self-issued
+		if (!($state->inhibitAnyPolicy() > 0 ||
+			 ($i < $state->pathLength() && $cert->isSelfIssued()))) {
+			return;
+		}
+		// for each node in the valid_policy_tree of depth i-1
+		foreach ($this->_nodesAtDepth($i - 1) as $node) {
+			// for each value in the expected_policy_set
+			foreach ($node->expectedPolicies() as $p_oid) {
+				// that does not appear in a child node
+				if (!$node->hasChildWithValidPolicy($p_oid)) {
+					$node->addChild(
+						new PolicyNode($p_oid, $policy->qualifiers(),
+							array($p_oid)));
+				}
+			}
+		}
+	}
     
-    /**
-     * Apply policy mappings to the policy tree.
-     *
-     * @param Certificate $cert
-     * @param ValidatorState $state
-     */
-    protected function _applyMappings(Certificate $cert, ValidatorState $state)
-    {
-        $policy_mappings = $cert->tbsCertificate()
-            ->extensions()
-            ->policyMappings();
-        // (6.1.4. b.1.) for each node in the valid_policy_tree of depth i...
-        foreach ($policy_mappings->flattenedMappings() as $idp => $sdps) {
-            $match_count = 0;
-            foreach ($this->_nodesAtDepth($state->index()) as $node) {
-                // ...where ID-P is the valid_policy
-                if ($node->validPolicy() == $idp) {
-                    // set expected_policy_set to the set of subjectDomainPolicy
-                    // values that are specified as equivalent to ID-P by
-                    // the policy mappings extension
-                    $node->setExpectedPolicies(...$sdps);
-                    ++$match_count;
-                }
-            }
-            // if no node of depth i in the valid_policy_tree has
-            // a valid_policy of ID-P...
-            if (!$match_count) {
-                $this->_applyAnyPolicyMapping($cert, $state, $idp, $sdps);
-            }
-        }
-    }
+	/**
+	 * Apply policy mappings to the policy tree.
+	 *
+	 * @param Certificate $cert
+	 * @param ValidatorState $state
+	 */
+	protected function _applyMappings(Certificate $cert, ValidatorState $state)
+	{
+		$policy_mappings = $cert->tbsCertificate()
+			->extensions()
+			->policyMappings();
+		// (6.1.4. b.1.) for each node in the valid_policy_tree of depth i...
+		foreach ($policy_mappings->flattenedMappings() as $idp => $sdps) {
+			$match_count = 0;
+			foreach ($this->_nodesAtDepth($state->index()) as $node) {
+				// ...where ID-P is the valid_policy
+				if ($node->validPolicy() == $idp) {
+					// set expected_policy_set to the set of subjectDomainPolicy
+					// values that are specified as equivalent to ID-P by
+					// the policy mappings extension
+					$node->setExpectedPolicies(...$sdps);
+					++$match_count;
+				}
+			}
+			// if no node of depth i in the valid_policy_tree has
+			// a valid_policy of ID-P...
+			if (!$match_count) {
+				$this->_applyAnyPolicyMapping($cert, $state, $idp, $sdps);
+			}
+		}
+	}
     
-    /**
-     * Apply anyPolicy mapping to the policy tree as specified in 6.1.4 (b)(1).
-     *
-     * @param Certificate $cert
-     * @param ValidatorState $state
-     * @param string $idp OID of the issuer domain policy
-     * @param array $sdps Array of subject domain policy OIDs
-     */
-    protected function _applyAnyPolicyMapping(Certificate $cert,
-        ValidatorState $state, $idp, array $sdps)
-    {
-        // (6.1.4. b.1.) ...but there is a node of depth i with
-        // a valid_policy of anyPolicy
-        foreach ($this->_nodesAtDepth($state->index()) as $node) {
-            if ($node->isAnyPolicy()) {
-                // then generate a child node of the node of depth i-1
-                // that has a valid_policy of anyPolicy as follows...
-                foreach ($this->_nodesAtDepth($state->index() - 1) as $node) {
-                    if ($node->isAnyPolicy()) {
-                        // try to fetch qualifiers of anyPolicy certificate policy
-                        $qualifiers = array();
-                        try {
-                            $qualifiers = $cert->tbsCertificate()
-                                ->extensions()
-                                ->certificatePolicies()
-                                ->anyPolicy()
-                                ->qualifiers();
-                        } catch (\LogicException $e) {
-                            // if there's no policies or no qualifiers
-                        }
-                        $node->addChild(
-                            new PolicyNode($idp, $qualifiers, $sdps));
-                        // bail after first anyPolicy has been processed
-                        break;
-                    }
-                }
-                // bail after first anyPolicy has been processed
-                break;
-            }
-        }
-    }
+	/**
+	 * Apply anyPolicy mapping to the policy tree as specified in 6.1.4 (b)(1).
+	 *
+	 * @param Certificate $cert
+	 * @param ValidatorState $state
+	 * @param string $idp OID of the issuer domain policy
+	 * @param array $sdps Array of subject domain policy OIDs
+	 */
+	protected function _applyAnyPolicyMapping(Certificate $cert,
+		ValidatorState $state, $idp, array $sdps)
+	{
+		// (6.1.4. b.1.) ...but there is a node of depth i with
+		// a valid_policy of anyPolicy
+		foreach ($this->_nodesAtDepth($state->index()) as $node) {
+			if ($node->isAnyPolicy()) {
+				// then generate a child node of the node of depth i-1
+				// that has a valid_policy of anyPolicy as follows...
+				foreach ($this->_nodesAtDepth($state->index() - 1) as $node) {
+					if ($node->isAnyPolicy()) {
+						// try to fetch qualifiers of anyPolicy certificate policy
+						$qualifiers = array();
+						try {
+							$qualifiers = $cert->tbsCertificate()
+								->extensions()
+								->certificatePolicies()
+								->anyPolicy()
+								->qualifiers();
+						} catch (\LogicException $e) {
+							// if there's no policies or no qualifiers
+						}
+						$node->addChild(
+							new PolicyNode($idp, $qualifiers, $sdps));
+						// bail after first anyPolicy has been processed
+						break;
+					}
+				}
+				// bail after first anyPolicy has been processed
+				break;
+			}
+		}
+	}
     
-    /**
-     * Delete nodes as specified in 6.1.4 (b)(2).
-     *
-     * @param Certificate $cert
-     * @param ValidatorState $state
-     */
-    protected function _deleteMappings(Certificate $cert, ValidatorState $state)
-    {
-        $idps = $cert->tbsCertificate()
-            ->extensions()
-            ->policyMappings()
-            ->issuerDomainPolicies();
-        // delete each node of depth i in the valid_policy_tree
-        // where ID-P is the valid_policy
-        foreach ($this->_nodesAtDepth($state->index()) as $node) {
-            if (in_array($node->validPolicy(), $idps)) {
-                $node->remove();
-            }
-        }
-        $this->_pruneTree($state->index() - 1);
-    }
+	/**
+	 * Delete nodes as specified in 6.1.4 (b)(2).
+	 *
+	 * @param Certificate $cert
+	 * @param ValidatorState $state
+	 */
+	protected function _deleteMappings(Certificate $cert, ValidatorState $state)
+	{
+		$idps = $cert->tbsCertificate()
+			->extensions()
+			->policyMappings()
+			->issuerDomainPolicies();
+		// delete each node of depth i in the valid_policy_tree
+		// where ID-P is the valid_policy
+		foreach ($this->_nodesAtDepth($state->index()) as $node) {
+			if (in_array($node->validPolicy(), $idps)) {
+				$node->remove();
+			}
+		}
+		$this->_pruneTree($state->index() - 1);
+	}
     
-    /**
-     * Prune tree starting from given depth.
-     *
-     * @param int $depth
-     * @return int The number of nodes left in a tree
-     */
-    protected function _pruneTree(int $depth): int
-    {
-        for ($i = $depth; $i > 0; --$i) {
-            foreach ($this->_nodesAtDepth($i) as $node) {
-                if (!count($node)) {
-                    $node->remove();
-                }
-            }
-        }
-        // if root has no children left
-        if (!count($this->_root)) {
-            $this->_root = null;
-            return 0;
-        }
-        return $this->_root->nodeCount();
-    }
+	/**
+	 * Prune tree starting from given depth.
+	 *
+	 * @param int $depth
+	 * @return int The number of nodes left in a tree
+	 */
+	protected function _pruneTree(int $depth): int
+	{
+		for ($i = $depth; $i > 0; --$i) {
+			foreach ($this->_nodesAtDepth($i) as $node) {
+				if (!count($node)) {
+					$node->remove();
+				}
+			}
+		}
+		// if root has no children left
+		if (!count($this->_root)) {
+			$this->_root = null;
+			return 0;
+		}
+		return $this->_root->nodeCount();
+	}
     
-    /**
-     * Get all nodes at given depth.
-     *
-     * @param int $i
-     * @return PolicyNode[]
-     */
-    protected function _nodesAtDepth(int $i): array
-    {
-        if (!$this->_root) {
-            return array();
-        }
-        $depth = 0;
-        $nodes = array($this->_root);
-        while ($depth < $i) {
-            $nodes = self::_gatherChildren(...$nodes);
-            if (!count($nodes)) {
-                break;
-            }
-            ++$depth;
-        }
-        return $nodes;
-    }
+	/**
+	 * Get all nodes at given depth.
+	 *
+	 * @param int $i
+	 * @return PolicyNode[]
+	 */
+	protected function _nodesAtDepth(int $i): array
+	{
+		if (!$this->_root) {
+			return array();
+		}
+		$depth = 0;
+		$nodes = array($this->_root);
+		while ($depth < $i) {
+			$nodes = self::_gatherChildren(...$nodes);
+			if (!count($nodes)) {
+				break;
+			}
+			++$depth;
+		}
+		return $nodes;
+	}
     
-    /**
-     * Get the valid policy node set as specified in spec 6.1.5.(g)(iii)1.
-     *
-     * @return PolicyNode[]
-     */
-    protected function _validPolicyNodeSet(): array
-    {
-        // 1. Determine the set of policy nodes whose parent nodes have
-        // a valid_policy of anyPolicy. This is the valid_policy_node_set.
-        $set = array();
-        if (!$this->_root) {
-            return $set;
-        }
-        // for each node in a tree
-        $this->_root->walkNodes(
-            function (PolicyNode $node) use (&$set) {
-                $parents = $node->parents();
-                // node has parents
-                if (count($parents)) {
-                    // check that each ancestor is an anyPolicy node
-                    foreach ($parents as $ancestor) {
-                        if (!$ancestor->isAnyPolicy()) {
-                            return;
-                        }
-                    }
-                    $set[] = $node;
-                }
-            });
-        return $set;
-    }
+	/**
+	 * Get the valid policy node set as specified in spec 6.1.5.(g)(iii)1.
+	 *
+	 * @return PolicyNode[]
+	 */
+	protected function _validPolicyNodeSet(): array
+	{
+		// 1. Determine the set of policy nodes whose parent nodes have
+		// a valid_policy of anyPolicy. This is the valid_policy_node_set.
+		$set = array();
+		if (!$this->_root) {
+			return $set;
+		}
+		// for each node in a tree
+		$this->_root->walkNodes(
+			function (PolicyNode $node) use (&$set) {
+				$parents = $node->parents();
+				// node has parents
+				if (count($parents)) {
+					// check that each ancestor is an anyPolicy node
+					foreach ($parents as $ancestor) {
+						if (!$ancestor->isAnyPolicy()) {
+							return;
+						}
+					}
+					$set[] = $node;
+				}
+			});
+		return $set;
+	}
     
-    /**
-     * Gather all children of given nodes to a flattened array.
-     *
-     * @param PolicyNode ...$nodes
-     * @return PolicyNode[]
-     */
-    private static function _gatherChildren(PolicyNode ...$nodes): array
-    {
-        $children = array();
-        foreach ($nodes as $node) {
-            $children = array_merge($children, $node->children());
-        }
-        return $children;
-    }
+	/**
+	 * Gather all children of given nodes to a flattened array.
+	 *
+	 * @param PolicyNode ...$nodes
+	 * @return PolicyNode[]
+	 */
+	private static function _gatherChildren(PolicyNode ...$nodes): array
+	{
+		$children = array();
+		foreach ($nodes as $node) {
+			$children = array_merge($children, $node->children());
+		}
+		return $children;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/CertificationPath/CertificationPath.php 1 patch

Indentation +155 added lines, -155 removed lines patch added patch discarded remove patch

@@ -23,171 +23,171 @@
 block discarded – undo
  */
 class CertificationPath implements \Countable, \IteratorAggregate
 {
-    /**
-     * Certification path.
-     *
-     * @var Certificate[] $_certificates
-     */
-    protected $_certificates;
+	/**
+	 * Certification path.
+	 *
+	 * @var Certificate[] $_certificates
+	 */
+	protected $_certificates;
     
-    /**
-     * Constructor.
-     *
-     * @param Certificate ...$certificates Certificates from the trust anchor
-     *        to the target end-entity certificate
-     */
-    public function __construct(Certificate ...$certificates)
-    {
-        $this->_certificates = $certificates;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Certificate ...$certificates Certificates from the trust anchor
+	 *        to the target end-entity certificate
+	 */
+	public function __construct(Certificate ...$certificates)
+	{
+		$this->_certificates = $certificates;
+	}
     
-    /**
-     * Initialize from a certificate chain.
-     *
-     * @param CertificateChain $chain
-     * @return self
-     */
-    public static function fromCertificateChain(CertificateChain $chain): self
-    {
-        return new self(...array_reverse($chain->certificates(), false));
-    }
+	/**
+	 * Initialize from a certificate chain.
+	 *
+	 * @param CertificateChain $chain
+	 * @return self
+	 */
+	public static function fromCertificateChain(CertificateChain $chain): self
+	{
+		return new self(...array_reverse($chain->certificates(), false));
+	}
     
-    /**
-     * Build certification path to given target.
-     *
-     * @param Certificate $target Target end-entity certificate
-     * @param CertificateBundle $trust_anchors List of trust anchors
-     * @param CertificateBundle|null $intermediate Optional intermediate
-     *        certificates
-     * @return self
-     */
-    public static function toTarget(Certificate $target,
-        CertificateBundle $trust_anchors, CertificateBundle $intermediate = null): self
-    {
-        $builder = new CertificationPathBuilder($trust_anchors);
-        return $builder->shortestPathToTarget($target, $intermediate);
-    }
+	/**
+	 * Build certification path to given target.
+	 *
+	 * @param Certificate $target Target end-entity certificate
+	 * @param CertificateBundle $trust_anchors List of trust anchors
+	 * @param CertificateBundle|null $intermediate Optional intermediate
+	 *        certificates
+	 * @return self
+	 */
+	public static function toTarget(Certificate $target,
+		CertificateBundle $trust_anchors, CertificateBundle $intermediate = null): self
+	{
+		$builder = new CertificationPathBuilder($trust_anchors);
+		return $builder->shortestPathToTarget($target, $intermediate);
+	}
     
-    /**
-     * Build certification path from given trust anchor to target certificate,
-     * using intermediate certificates from given bundle.
-     *
-     * @param Certificate $trust_anchor Trust anchor certificate
-     * @param Certificate $target Target end-entity certificate
-     * @param CertificateBundle|null $intermediate Optional intermediate
-     *        certificates
-     * @return self
-     */
-    public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
-        Certificate $target, CertificateBundle $intermediate = null): self
-    {
-        return self::toTarget($target, new CertificateBundle($trust_anchor),
-            $intermediate);
-    }
+	/**
+	 * Build certification path from given trust anchor to target certificate,
+	 * using intermediate certificates from given bundle.
+	 *
+	 * @param Certificate $trust_anchor Trust anchor certificate
+	 * @param Certificate $target Target end-entity certificate
+	 * @param CertificateBundle|null $intermediate Optional intermediate
+	 *        certificates
+	 * @return self
+	 */
+	public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
+		Certificate $target, CertificateBundle $intermediate = null): self
+	{
+		return self::toTarget($target, new CertificateBundle($trust_anchor),
+			$intermediate);
+	}
     
-    /**
-     * Get certificates.
-     *
-     * @return Certificate[]
-     */
-    public function certificates(): array
-    {
-        return $this->_certificates;
-    }
+	/**
+	 * Get certificates.
+	 *
+	 * @return Certificate[]
+	 */
+	public function certificates(): array
+	{
+		return $this->_certificates;
+	}
     
-    /**
-     * Get the trust anchor certificate from the path.
-     *
-     * @throws \LogicException If path is empty
-     * @return Certificate
-     */
-    public function trustAnchorCertificate(): Certificate
-    {
-        if (!count($this->_certificates)) {
-            throw new \LogicException("No certificates.");
-        }
-        return $this->_certificates[0];
-    }
+	/**
+	 * Get the trust anchor certificate from the path.
+	 *
+	 * @throws \LogicException If path is empty
+	 * @return Certificate
+	 */
+	public function trustAnchorCertificate(): Certificate
+	{
+		if (!count($this->_certificates)) {
+			throw new \LogicException("No certificates.");
+		}
+		return $this->_certificates[0];
+	}
     
-    /**
-     * Get the end-entity certificate from the path.
-     *
-     * @throws \LogicException If path is empty
-     * @return Certificate
-     */
-    public function endEntityCertificate(): Certificate
-    {
-        if (!count($this->_certificates)) {
-            throw new \LogicException("No certificates.");
-        }
-        return $this->_certificates[count($this->_certificates) - 1];
-    }
+	/**
+	 * Get the end-entity certificate from the path.
+	 *
+	 * @throws \LogicException If path is empty
+	 * @return Certificate
+	 */
+	public function endEntityCertificate(): Certificate
+	{
+		if (!count($this->_certificates)) {
+			throw new \LogicException("No certificates.");
+		}
+		return $this->_certificates[count($this->_certificates) - 1];
+	}
     
-    /**
-     * Get certification path as a certificate chain.
-     *
-     * @return CertificateChain
-     */
-    public function certificateChain(): CertificateChain
-    {
-        return new CertificateChain(
-            ...array_reverse($this->_certificates, false));
-    }
+	/**
+	 * Get certification path as a certificate chain.
+	 *
+	 * @return CertificateChain
+	 */
+	public function certificateChain(): CertificateChain
+	{
+		return new CertificateChain(
+			...array_reverse($this->_certificates, false));
+	}
     
-    /**
-     * Check whether certification path starts with one ore more given
-     * certificates in parameter order.
-     *
-     * @param Certificate ...$certs Certificates
-     * @return true
-     */
-    public function startsWith(Certificate ...$certs): bool
-    {
-        $n = count($certs);
-        if ($n > count($this->_certificates)) {
-            return false;
-        }
-        for ($i = 0; $i < $n; ++$i) {
-            if (!$certs[$i]->equals($this->_certificates[$i])) {
-                return false;
-            }
-        }
-        return true;
-    }
+	/**
+	 * Check whether certification path starts with one ore more given
+	 * certificates in parameter order.
+	 *
+	 * @param Certificate ...$certs Certificates
+	 * @return true
+	 */
+	public function startsWith(Certificate ...$certs): bool
+	{
+		$n = count($certs);
+		if ($n > count($this->_certificates)) {
+			return false;
+		}
+		for ($i = 0; $i < $n; ++$i) {
+			if (!$certs[$i]->equals($this->_certificates[$i])) {
+				return false;
+			}
+		}
+		return true;
+	}
     
-    /**
-     * Validate certification path.
-     *
-     * @param PathValidationConfig $config
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @throws Exception\PathValidationException
-     * @return PathValidation\PathValidationResult
-     */
-    public function validate(PathValidationConfig $config, Crypto $crypto = null): PathValidation\PathValidationResult
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $validator = new PathValidator($crypto, $config, ...$this->_certificates);
-        return $validator->validate();
-    }
+	/**
+	 * Validate certification path.
+	 *
+	 * @param PathValidationConfig $config
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @throws Exception\PathValidationException
+	 * @return PathValidation\PathValidationResult
+	 */
+	public function validate(PathValidationConfig $config, Crypto $crypto = null): PathValidation\PathValidationResult
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$validator = new PathValidator($crypto, $config, ...$this->_certificates);
+		return $validator->validate();
+	}
     
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_certificates);
-    }
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_certificates);
+	}
     
-    /**
-     * Get iterator for certificates.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_certificates);
-    }
+	/**
+	 * Get iterator for certificates.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_certificates);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/CertificationPath/PathValidation/PathValidationConfig.php 1 patch

Indentation +245 added lines, -245 removed lines patch added patch discarded remove patch

@@ -14,274 +14,274 @@
 block discarded – undo
  */
 class PathValidationConfig
 {
-    /**
-     * Maximum allowed certification path length.
-     *
-     * @var int $_maxLength
-     */
-    protected $_maxLength;
+	/**
+	 * Maximum allowed certification path length.
+	 *
+	 * @var int $_maxLength
+	 */
+	protected $_maxLength;
     
-    /**
-     * Reference time.
-     *
-     * @var \DateTimeImmutable $_dateTime
-     */
-    protected $_dateTime;
+	/**
+	 * Reference time.
+	 *
+	 * @var \DateTimeImmutable $_dateTime
+	 */
+	protected $_dateTime;
     
-    /**
-     * List of acceptable policy identifiers.
-     *
-     * @var string[] $_policySet
-     */
-    protected $_policySet;
+	/**
+	 * List of acceptable policy identifiers.
+	 *
+	 * @var string[] $_policySet
+	 */
+	protected $_policySet;
     
-    /**
-     * Trust anchor certificate.
-     *
-     * If not set, path validation uses the first certificate of the path.
-     *
-     * @var Certificate|null $_trustAnchor
-     */
-    protected $_trustAnchor;
+	/**
+	 * Trust anchor certificate.
+	 *
+	 * If not set, path validation uses the first certificate of the path.
+	 *
+	 * @var Certificate|null $_trustAnchor
+	 */
+	protected $_trustAnchor;
     
-    /**
-     * Whether policy mapping in inhibited.
-     *
-     * Setting this to true disallows policy mapping.
-     *
-     * @var bool $_policyMappingInhibit
-     */
-    protected $_policyMappingInhibit;
+	/**
+	 * Whether policy mapping in inhibited.
+	 *
+	 * Setting this to true disallows policy mapping.
+	 *
+	 * @var bool $_policyMappingInhibit
+	 */
+	protected $_policyMappingInhibit;
     
-    /**
-     * Whether the path must be valid for at least one policy in the
-     * initial policy set.
-     *
-     * @var bool $_explicitPolicy
-     */
-    protected $_explicitPolicy;
+	/**
+	 * Whether the path must be valid for at least one policy in the
+	 * initial policy set.
+	 *
+	 * @var bool $_explicitPolicy
+	 */
+	protected $_explicitPolicy;
     
-    /**
-     * Whether anyPolicy OID processing should be inhibited.
-     *
-     * Setting this to true disallows the usage of anyPolicy.
-     *
-     * @var bool $_anyPolicyInhibit
-     */
-    protected $_anyPolicyInhibit;
+	/**
+	 * Whether anyPolicy OID processing should be inhibited.
+	 *
+	 * Setting this to true disallows the usage of anyPolicy.
+	 *
+	 * @var bool $_anyPolicyInhibit
+	 */
+	protected $_anyPolicyInhibit;
     
-    /**
-     *
-     * @todo Implement
-     * @var mixed $_permittedSubtrees
-     */
-    protected $_permittedSubtrees;
+	/**
+	 *
+	 * @todo Implement
+	 * @var mixed $_permittedSubtrees
+	 */
+	protected $_permittedSubtrees;
     
-    /**
-     *
-     * @todo Implement
-     * @var mixed $_excludedSubtrees
-     */
-    protected $_excludedSubtrees;
+	/**
+	 *
+	 * @todo Implement
+	 * @var mixed $_excludedSubtrees
+	 */
+	protected $_excludedSubtrees;
     
-    /**
-     * Constructor.
-     *
-     * @param \DateTimeImmutable $dt Reference date and time
-     * @param int $max_length Maximum certification path length
-     */
-    public function __construct(\DateTimeImmutable $dt, int $max_length)
-    {
-        $this->_dateTime = $dt;
-        $this->_maxLength = (int) $max_length;
-        $this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
-        $this->_policyMappingInhibit = false;
-        $this->_explicitPolicy = false;
-        $this->_anyPolicyInhibit = false;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param \DateTimeImmutable $dt Reference date and time
+	 * @param int $max_length Maximum certification path length
+	 */
+	public function __construct(\DateTimeImmutable $dt, int $max_length)
+	{
+		$this->_dateTime = $dt;
+		$this->_maxLength = (int) $max_length;
+		$this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
+		$this->_policyMappingInhibit = false;
+		$this->_explicitPolicy = false;
+		$this->_anyPolicyInhibit = false;
+	}
     
-    /**
-     * Get default configuration.
-     *
-     * @return self
-     */
-    public static function defaultConfig(): self
-    {
-        return new self(new \DateTimeImmutable(), 3);
-    }
+	/**
+	 * Get default configuration.
+	 *
+	 * @return self
+	 */
+	public static function defaultConfig(): self
+	{
+		return new self(new \DateTimeImmutable(), 3);
+	}
     
-    /**
-     * Get self with maximum path length.
-     *
-     * @param int $length
-     * @return self
-     */
-    public function withMaxLength(int $length): self
-    {
-        $obj = clone $this;
-        $obj->_maxLength = $length;
-        return $obj;
-    }
+	/**
+	 * Get self with maximum path length.
+	 *
+	 * @param int $length
+	 * @return self
+	 */
+	public function withMaxLength(int $length): self
+	{
+		$obj = clone $this;
+		$obj->_maxLength = $length;
+		return $obj;
+	}
     
-    /**
-     * Get self with reference date and time.
-     *
-     * @param \DateTimeImmutable $dt
-     * @return self
-     */
-    public function withDateTime(\DateTimeImmutable $dt): self
-    {
-        $obj = clone $this;
-        $obj->_dateTime = $dt;
-        return $obj;
-    }
+	/**
+	 * Get self with reference date and time.
+	 *
+	 * @param \DateTimeImmutable $dt
+	 * @return self
+	 */
+	public function withDateTime(\DateTimeImmutable $dt): self
+	{
+		$obj = clone $this;
+		$obj->_dateTime = $dt;
+		return $obj;
+	}
     
-    /**
-     * Get self with trust anchor certificate.
-     *
-     * @param Certificate $ca
-     * @return self
-     */
-    public function withTrustAnchor(Certificate $ca): self
-    {
-        $obj = clone $this;
-        $obj->_trustAnchor = $ca;
-        return $obj;
-    }
+	/**
+	 * Get self with trust anchor certificate.
+	 *
+	 * @param Certificate $ca
+	 * @return self
+	 */
+	public function withTrustAnchor(Certificate $ca): self
+	{
+		$obj = clone $this;
+		$obj->_trustAnchor = $ca;
+		return $obj;
+	}
     
-    /**
-     * Get self with initial-policy-mapping-inhibit set.
-     *
-     * @param bool $flag
-     * @return self
-     */
-    public function withPolicyMappingInhibit(bool $flag): self
-    {
-        $obj = clone $this;
-        $obj->_policyMappingInhibit = $flag;
-        return $obj;
-    }
+	/**
+	 * Get self with initial-policy-mapping-inhibit set.
+	 *
+	 * @param bool $flag
+	 * @return self
+	 */
+	public function withPolicyMappingInhibit(bool $flag): self
+	{
+		$obj = clone $this;
+		$obj->_policyMappingInhibit = $flag;
+		return $obj;
+	}
     
-    /**
-     * Get self with initial-explicit-policy set.
-     *
-     * @param bool $flag
-     * @return self
-     */
-    public function withExplicitPolicy(bool $flag): self
-    {
-        $obj = clone $this;
-        $obj->_explicitPolicy = $flag;
-        return $obj;
-    }
+	/**
+	 * Get self with initial-explicit-policy set.
+	 *
+	 * @param bool $flag
+	 * @return self
+	 */
+	public function withExplicitPolicy(bool $flag): self
+	{
+		$obj = clone $this;
+		$obj->_explicitPolicy = $flag;
+		return $obj;
+	}
     
-    /**
-     * Get self with initial-any-policy-inhibit set.
-     *
-     * @param bool $flag
-     * @return self
-     */
-    public function withAnyPolicyInhibit(bool $flag): self
-    {
-        $obj = clone $this;
-        $obj->_anyPolicyInhibit = $flag;
-        return $obj;
-    }
+	/**
+	 * Get self with initial-any-policy-inhibit set.
+	 *
+	 * @param bool $flag
+	 * @return self
+	 */
+	public function withAnyPolicyInhibit(bool $flag): self
+	{
+		$obj = clone $this;
+		$obj->_anyPolicyInhibit = $flag;
+		return $obj;
+	}
     
-    /**
-     * Get self with user-initial-policy-set set to policy OIDs.
-     *
-     * @param string ...$policies List of policy OIDs
-     * @return self
-     */
-    public function withPolicySet(string ...$policies): self
-    {
-        $obj = clone $this;
-        $obj->_policySet = $policies;
-        return $obj;
-    }
+	/**
+	 * Get self with user-initial-policy-set set to policy OIDs.
+	 *
+	 * @param string ...$policies List of policy OIDs
+	 * @return self
+	 */
+	public function withPolicySet(string ...$policies): self
+	{
+		$obj = clone $this;
+		$obj->_policySet = $policies;
+		return $obj;
+	}
     
-    /**
-     * Get maximum certification path length.
-     *
-     * @return int
-     */
-    public function maxLength(): int
-    {
-        return $this->_maxLength;
-    }
+	/**
+	 * Get maximum certification path length.
+	 *
+	 * @return int
+	 */
+	public function maxLength(): int
+	{
+		return $this->_maxLength;
+	}
     
-    /**
-     * Get reference date and time.
-     *
-     * @return \DateTimeImmutable
-     */
-    public function dateTime(): \DateTimeImmutable
-    {
-        return $this->_dateTime;
-    }
+	/**
+	 * Get reference date and time.
+	 *
+	 * @return \DateTimeImmutable
+	 */
+	public function dateTime(): \DateTimeImmutable
+	{
+		return $this->_dateTime;
+	}
     
-    /**
-     * Get user-initial-policy-set.
-     *
-     * @return string[] Array of OID's
-     */
-    public function policySet(): array
-    {
-        return $this->_policySet;
-    }
+	/**
+	 * Get user-initial-policy-set.
+	 *
+	 * @return string[] Array of OID's
+	 */
+	public function policySet(): array
+	{
+		return $this->_policySet;
+	}
     
-    /**
-     * Check whether trust anchor certificate is set.
-     *
-     * @return bool
-     */
-    public function hasTrustAnchor(): bool
-    {
-        return isset($this->_trustAnchor);
-    }
+	/**
+	 * Check whether trust anchor certificate is set.
+	 *
+	 * @return bool
+	 */
+	public function hasTrustAnchor(): bool
+	{
+		return isset($this->_trustAnchor);
+	}
     
-    /**
-     * Get trust anchor certificate.
-     *
-     * @throws \LogicException
-     * @return Certificate
-     */
-    public function trustAnchor(): Certificate
-    {
-        if (!$this->hasTrustAnchor()) {
-            throw new \LogicException("No trust anchor.");
-        }
-        return $this->_trustAnchor;
-    }
+	/**
+	 * Get trust anchor certificate.
+	 *
+	 * @throws \LogicException
+	 * @return Certificate
+	 */
+	public function trustAnchor(): Certificate
+	{
+		if (!$this->hasTrustAnchor()) {
+			throw new \LogicException("No trust anchor.");
+		}
+		return $this->_trustAnchor;
+	}
     
-    /**
-     * Get initial-policy-mapping-inhibit.
-     *
-     * @return bool
-     */
-    public function policyMappingInhibit(): bool
-    {
-        return $this->_policyMappingInhibit;
-    }
+	/**
+	 * Get initial-policy-mapping-inhibit.
+	 *
+	 * @return bool
+	 */
+	public function policyMappingInhibit(): bool
+	{
+		return $this->_policyMappingInhibit;
+	}
     
-    /**
-     * Get initial-explicit-policy.
-     *
-     * @return bool
-     */
-    public function explicitPolicy(): bool
-    {
-        return $this->_explicitPolicy;
-    }
+	/**
+	 * Get initial-explicit-policy.
+	 *
+	 * @return bool
+	 */
+	public function explicitPolicy(): bool
+	{
+		return $this->_explicitPolicy;
+	}
     
-    /**
-     * Get initial-any-policy-inhibit.
-     *
-     * @return bool
-     */
-    public function anyPolicyInhibit(): bool
-    {
-        return $this->_anyPolicyInhibit;
-    }
+	/**
+	 * Get initial-any-policy-inhibit.
+	 *
+	 * @return bool
+	 */
+	public function anyPolicyInhibit(): bool
+	{
+		return $this->_anyPolicyInhibit;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/CertificationPath/PathValidation/ValidatorState.php 1 patch

Indentation +480 added lines, -480 removed lines patch added patch discarded remove patch

@@ -20,484 +20,484 @@
 block discarded – undo
  */
 class ValidatorState
 {
-    /**
-     * Length of the certification path (n).
-     *
-     * @var int $_pathLength
-     */
-    protected $_pathLength;
-    
-    /**
-     * Current index in the certification path in the range of 1..n (i).
-     *
-     * @var int $_index
-     */
-    protected $_index;
-    
-    /**
-     * Valid policy tree (valid_policy_tree).
-     *
-     * A tree of certificate policies with their optional qualifiers.
-     * Each of the leaves of the tree represents a valid policy at this stage in
-     * the certification path validation.
-     * Once the tree is set to NULL, policy processing ceases.
-     *
-     * @var PolicyTree|null $_validPolicyTree
-     */
-    protected $_validPolicyTree;
-    
-    /**
-     * Permitted subtrees (permitted_subtrees).
-     *
-     * A set of root names for each name type defining a set of subtrees within
-     * which all subject names in subsequent certificates in the certification
-     * path must fall.
-     *
-     * @var mixed $_permittedSubtrees
-     */
-    protected $_permittedSubtrees;
-    
-    /**
-     * Excluded subtrees (excluded_subtrees).
-     *
-     * A set of root names for each name type defining a set of subtrees within
-     * which no subject name in subsequent certificates in the certification
-     * path may fall.
-     *
-     * @var mixed $_excludedSubtrees
-     */
-    protected $_excludedSubtrees;
-    
-    /**
-     * Explicit policy (explicit_policy).
-     *
-     * An integer that indicates if a non-NULL valid_policy_tree is required.
-     *
-     * @var int $_explicitPolicy
-     */
-    protected $_explicitPolicy;
-    
-    /**
-     * Inhibit anyPolicy (inhibit_anyPolicy).
-     *
-     * An integer that indicates whether the anyPolicy policy identifier is
-     * considered a match.
-     *
-     * @var int $_inhibitAnyPolicy
-     */
-    protected $_inhibitAnyPolicy;
-    
-    /**
-     * Policy mapping (policy_mapping).
-     *
-     * An integer that indicates if policy mapping is permitted.
-     *
-     * @var int $_policyMapping
-     */
-    protected $_policyMapping;
-    
-    /**
-     * Working public key algorithm (working_public_key_algorithm).
-     *
-     * The digital signature algorithm used to verify the signature of a
-     * certificate.
-     *
-     * @var AlgorithmIdentifierType $_workingPublicKeyAlgorithm
-     */
-    protected $_workingPublicKeyAlgorithm;
-    
-    /**
-     * Working public key (working_public_key).
-     *
-     * The public key used to verify the signature of a certificate.
-     *
-     * @var PublicKeyInfo $_workingPublicKey
-     */
-    protected $_workingPublicKey;
-    
-    /**
-     * Working public key parameters (working_public_key_parameters).
-     *
-     * Parameters associated with the current public key that may be required to
-     * verify a signature.
-     *
-     * @var Element|null $_workingPublicKeyParameters
-     */
-    protected $_workingPublicKeyParameters;
-    
-    /**
-     * Working issuer name (working_issuer_name).
-     *
-     * The issuer distinguished name expected in the next certificate in the
-     * chain.
-     *
-     * @var Name $_workingIssuerName
-     */
-    protected $_workingIssuerName;
-    
-    /**
-     * Maximum certification path length (max_path_length).
-     *
-     * @var int $_maxPathLength
-     */
-    protected $_maxPathLength;
-    
-    /**
-     * Constructor.
-     */
-    protected function __construct()
-    {
-    }
-    
-    /**
-     * Initialize variables according to RFC 5280 6.1.2.
-     *
-     * @link https://tools.ietf.org/html/rfc5280#section-6.1.2
-     * @param PathValidationConfig $config
-     * @param Certificate $trust_anchor Trust anchor certificate
-     * @param int $n Number of certificates in the certification path
-     * @return self
-     */
-    public static function initialize(PathValidationConfig $config,
-        Certificate $trust_anchor, $n)
-    {
-        $state = new self();
-        $state->_pathLength = $n;
-        $state->_index = 1;
-        $state->_validPolicyTree = new PolicyTree(PolicyNode::anyPolicyNode());
-        $state->_permittedSubtrees = null;
-        $state->_excludedSubtrees = null;
-        $state->_explicitPolicy = $config->explicitPolicy() ? 0 : $n + 1;
-        $state->_inhibitAnyPolicy = $config->anyPolicyInhibit() ? 0 : $n + 1;
-        $state->_policyMapping = $config->policyMappingInhibit() ? 0 : $n + 1;
-        $state->_workingPublicKeyAlgorithm = $trust_anchor->signatureAlgorithm();
-        $tbsCert = $trust_anchor->tbsCertificate();
-        $state->_workingPublicKey = $tbsCert->subjectPublicKeyInfo();
-        $state->_workingPublicKeyParameters = self::getAlgorithmParameters(
-            $state->_workingPublicKey->algorithmIdentifier());
-        $state->_workingIssuerName = $tbsCert->issuer();
-        $state->_maxPathLength = $config->maxLength();
-        return $state;
-    }
-    
-    /**
-     * Get self with current certification path index set.
-     *
-     * @param int $index
-     * @return self
-     */
-    public function withIndex(int $index): self
-    {
-        $state = clone $this;
-        $state->_index = $index;
-        return $state;
-    }
-    
-    /**
-     * Get self with valid_policy_tree.
-     *
-     * @param PolicyTree $policy_tree
-     * @return self
-     */
-    public function withValidPolicyTree(PolicyTree $policy_tree): self
-    {
-        $state = clone $this;
-        $state->_validPolicyTree = $policy_tree;
-        return $state;
-    }
-    
-    /**
-     * Get self with valid_policy_tree set to null.
-     *
-     * @return self
-     */
-    public function withoutValidPolicyTree(): self
-    {
-        $state = clone $this;
-        $state->_validPolicyTree = null;
-        return $state;
-    }
-    
-    /**
-     * Get self with explicit_policy.
-     *
-     * @param int $num
-     * @return self
-     */
-    public function withExplicitPolicy(int $num): self
-    {
-        $state = clone $this;
-        $state->_explicitPolicy = $num;
-        return $state;
-    }
-    
-    /**
-     * Get self with inhibit_anyPolicy.
-     *
-     * @param int $num
-     * @return self
-     */
-    public function withInhibitAnyPolicy(int $num): self
-    {
-        $state = clone $this;
-        $state->_inhibitAnyPolicy = $num;
-        return $state;
-    }
-    
-    /**
-     * Get self with policy_mapping.
-     *
-     * @param int $num
-     * @return self
-     */
-    public function withPolicyMapping(int $num): self
-    {
-        $state = clone $this;
-        $state->_policyMapping = $num;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_public_key_algorithm.
-     *
-     * @param AlgorithmIdentifierType $algo
-     * @return self
-     */
-    public function withWorkingPublicKeyAlgorithm(AlgorithmIdentifierType $algo): self
-    {
-        $state = clone $this;
-        $state->_workingPublicKeyAlgorithm = $algo;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_public_key.
-     *
-     * @param PublicKeyInfo $pubkey_info
-     * @return self
-     */
-    public function withWorkingPublicKey(PublicKeyInfo $pubkey_info): self
-    {
-        $state = clone $this;
-        $state->_workingPublicKey = $pubkey_info;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_public_key_parameters.
-     *
-     * @param Element|null $params
-     * @return self
-     */
-    public function withWorkingPublicKeyParameters(Element $params = null): self
-    {
-        $state = clone $this;
-        $state->_workingPublicKeyParameters = $params;
-        return $state;
-    }
-    
-    /**
-     * Get self with working_issuer_name.
-     *
-     * @param Name $issuer
-     * @return self
-     */
-    public function withWorkingIssuerName(Name $issuer): self
-    {
-        $state = clone $this;
-        $state->_workingIssuerName = $issuer;
-        return $state;
-    }
-    
-    /**
-     * Get self with max_path_length.
-     *
-     * @param int $length
-     * @return self
-     */
-    public function withMaxPathLength(int $length): self
-    {
-        $state = clone $this;
-        $state->_maxPathLength = $length;
-        return $state;
-    }
-    
-    /**
-     * Get the certification path length (n).
-     *
-     * @return int
-     */
-    public function pathLength(): int
-    {
-        return $this->_pathLength;
-    }
-    
-    /**
-     * Get the current index in certification path in the range of 1..n.
-     *
-     * @return int
-     */
-    public function index(): int
-    {
-        return $this->_index;
-    }
-    
-    /**
-     * Check whether valid_policy_tree is present.
-     *
-     * @return bool
-     */
-    public function hasValidPolicyTree(): bool
-    {
-        return isset($this->_validPolicyTree);
-    }
-    
-    /**
-     * Get valid_policy_tree.
-     *
-     * @throws \LogicException
-     * @return PolicyTree
-     */
-    public function validPolicyTree(): PolicyTree
-    {
-        if (!$this->hasValidPolicyTree()) {
-            throw new \LogicException("valid_policy_tree not set.");
-        }
-        return $this->_validPolicyTree;
-    }
-    
-    /**
-     * Get permitted_subtrees.
-     *
-     * @return mixed
-     */
-    public function permittedSubtrees()
-    {
-        return $this->_permittedSubtrees;
-    }
-    
-    /**
-     * Get excluded_subtrees.
-     *
-     * @return mixed
-     */
-    public function excludedSubtrees()
-    {
-        return $this->_excludedSubtrees;
-    }
-    
-    /**
-     * Get explicit_policy.
-     *
-     * @return int
-     */
-    public function explicitPolicy(): int
-    {
-        return $this->_explicitPolicy;
-    }
-    
-    /**
-     * Get inhibit_anyPolicy.
-     *
-     * @return int
-     */
-    public function inhibitAnyPolicy(): int
-    {
-        return $this->_inhibitAnyPolicy;
-    }
-    
-    /**
-     * Get policy_mapping.
-     *
-     * @return int
-     */
-    public function policyMapping(): int
-    {
-        return $this->_policyMapping;
-    }
-    
-    /**
-     * Get working_public_key_algorithm.
-     *
-     * @return AlgorithmIdentifierType
-     */
-    public function workingPublicKeyAlgorithm(): AlgorithmIdentifierType
-    {
-        return $this->_workingPublicKeyAlgorithm;
-    }
-    
-    /**
-     * Get working_public_key.
-     *
-     * @return PublicKeyInfo
-     */
-    public function workingPublicKey(): PublicKeyInfo
-    {
-        return $this->_workingPublicKey;
-    }
-    
-    /**
-     * Get working_public_key_parameters.
-     *
-     * @return Element|null
-     */
-    public function workingPublicKeyParameters()
-    {
-        return $this->_workingPublicKeyParameters;
-    }
-    
-    /**
-     * Get working_issuer_name.
-     *
-     * @return Name
-     */
-    public function workingIssuerName(): Name
-    {
-        return $this->_workingIssuerName;
-    }
-    
-    /**
-     * Get maximum certification path length.
-     *
-     * @return int
-     */
-    public function maxPathLength(): int
-    {
-        return $this->_maxPathLength;
-    }
-    
-    /**
-     * Check whether processing the final certificate of the certification path.
-     *
-     * @return bool
-     */
-    public function isFinal(): bool
-    {
-        return $this->_index == $this->_pathLength;
-    }
-    
-    /**
-     * Get the path validation result.
-     *
-     * @param Certificate[] $certificates Certificates in a certification path
-     * @return PathValidationResult
-     */
-    public function getResult(array $certificates): PathValidationResult
-    {
-        return new PathValidationResult($certificates, $this->_validPolicyTree,
-            $this->_workingPublicKey, $this->_workingPublicKeyAlgorithm,
-            $this->_workingPublicKeyParameters);
-    }
-    
-    /**
-     * Get ASN.1 parameters from algorithm identifier.
-     *
-     * @param AlgorithmIdentifierType $algo
-     * @return Element|null ASN.1 element or null if parameters are omitted
-     */
-    public static function getAlgorithmParameters(AlgorithmIdentifierType $algo)
-    {
-        $seq = $algo->toASN1();
-        return $seq->has(1) ? $seq->at(1)->asElement() : null;
-    }
+	/**
+	 * Length of the certification path (n).
+	 *
+	 * @var int $_pathLength
+	 */
+	protected $_pathLength;
+    
+	/**
+	 * Current index in the certification path in the range of 1..n (i).
+	 *
+	 * @var int $_index
+	 */
+	protected $_index;
+    
+	/**
+	 * Valid policy tree (valid_policy_tree).
+	 *
+	 * A tree of certificate policies with their optional qualifiers.
+	 * Each of the leaves of the tree represents a valid policy at this stage in
+	 * the certification path validation.
+	 * Once the tree is set to NULL, policy processing ceases.
+	 *
+	 * @var PolicyTree|null $_validPolicyTree
+	 */
+	protected $_validPolicyTree;
+    
+	/**
+	 * Permitted subtrees (permitted_subtrees).
+	 *
+	 * A set of root names for each name type defining a set of subtrees within
+	 * which all subject names in subsequent certificates in the certification
+	 * path must fall.
+	 *
+	 * @var mixed $_permittedSubtrees
+	 */
+	protected $_permittedSubtrees;
+    
+	/**
+	 * Excluded subtrees (excluded_subtrees).
+	 *
+	 * A set of root names for each name type defining a set of subtrees within
+	 * which no subject name in subsequent certificates in the certification
+	 * path may fall.
+	 *
+	 * @var mixed $_excludedSubtrees
+	 */
+	protected $_excludedSubtrees;
+    
+	/**
+	 * Explicit policy (explicit_policy).
+	 *
+	 * An integer that indicates if a non-NULL valid_policy_tree is required.
+	 *
+	 * @var int $_explicitPolicy
+	 */
+	protected $_explicitPolicy;
+    
+	/**
+	 * Inhibit anyPolicy (inhibit_anyPolicy).
+	 *
+	 * An integer that indicates whether the anyPolicy policy identifier is
+	 * considered a match.
+	 *
+	 * @var int $_inhibitAnyPolicy
+	 */
+	protected $_inhibitAnyPolicy;
+    
+	/**
+	 * Policy mapping (policy_mapping).
+	 *
+	 * An integer that indicates if policy mapping is permitted.
+	 *
+	 * @var int $_policyMapping
+	 */
+	protected $_policyMapping;
+    
+	/**
+	 * Working public key algorithm (working_public_key_algorithm).
+	 *
+	 * The digital signature algorithm used to verify the signature of a
+	 * certificate.
+	 *
+	 * @var AlgorithmIdentifierType $_workingPublicKeyAlgorithm
+	 */
+	protected $_workingPublicKeyAlgorithm;
+    
+	/**
+	 * Working public key (working_public_key).
+	 *
+	 * The public key used to verify the signature of a certificate.
+	 *
+	 * @var PublicKeyInfo $_workingPublicKey
+	 */
+	protected $_workingPublicKey;
+    
+	/**
+	 * Working public key parameters (working_public_key_parameters).
+	 *
+	 * Parameters associated with the current public key that may be required to
+	 * verify a signature.
+	 *
+	 * @var Element|null $_workingPublicKeyParameters
+	 */
+	protected $_workingPublicKeyParameters;
+    
+	/**
+	 * Working issuer name (working_issuer_name).
+	 *
+	 * The issuer distinguished name expected in the next certificate in the
+	 * chain.
+	 *
+	 * @var Name $_workingIssuerName
+	 */
+	protected $_workingIssuerName;
+    
+	/**
+	 * Maximum certification path length (max_path_length).
+	 *
+	 * @var int $_maxPathLength
+	 */
+	protected $_maxPathLength;
+    
+	/**
+	 * Constructor.
+	 */
+	protected function __construct()
+	{
+	}
+    
+	/**
+	 * Initialize variables according to RFC 5280 6.1.2.
+	 *
+	 * @link https://tools.ietf.org/html/rfc5280#section-6.1.2
+	 * @param PathValidationConfig $config
+	 * @param Certificate $trust_anchor Trust anchor certificate
+	 * @param int $n Number of certificates in the certification path
+	 * @return self
+	 */
+	public static function initialize(PathValidationConfig $config,
+		Certificate $trust_anchor, $n)
+	{
+		$state = new self();
+		$state->_pathLength = $n;
+		$state->_index = 1;
+		$state->_validPolicyTree = new PolicyTree(PolicyNode::anyPolicyNode());
+		$state->_permittedSubtrees = null;
+		$state->_excludedSubtrees = null;
+		$state->_explicitPolicy = $config->explicitPolicy() ? 0 : $n + 1;
+		$state->_inhibitAnyPolicy = $config->anyPolicyInhibit() ? 0 : $n + 1;
+		$state->_policyMapping = $config->policyMappingInhibit() ? 0 : $n + 1;
+		$state->_workingPublicKeyAlgorithm = $trust_anchor->signatureAlgorithm();
+		$tbsCert = $trust_anchor->tbsCertificate();
+		$state->_workingPublicKey = $tbsCert->subjectPublicKeyInfo();
+		$state->_workingPublicKeyParameters = self::getAlgorithmParameters(
+			$state->_workingPublicKey->algorithmIdentifier());
+		$state->_workingIssuerName = $tbsCert->issuer();
+		$state->_maxPathLength = $config->maxLength();
+		return $state;
+	}
+    
+	/**
+	 * Get self with current certification path index set.
+	 *
+	 * @param int $index
+	 * @return self
+	 */
+	public function withIndex(int $index): self
+	{
+		$state = clone $this;
+		$state->_index = $index;
+		return $state;
+	}
+    
+	/**
+	 * Get self with valid_policy_tree.
+	 *
+	 * @param PolicyTree $policy_tree
+	 * @return self
+	 */
+	public function withValidPolicyTree(PolicyTree $policy_tree): self
+	{
+		$state = clone $this;
+		$state->_validPolicyTree = $policy_tree;
+		return $state;
+	}
+    
+	/**
+	 * Get self with valid_policy_tree set to null.
+	 *
+	 * @return self
+	 */
+	public function withoutValidPolicyTree(): self
+	{
+		$state = clone $this;
+		$state->_validPolicyTree = null;
+		return $state;
+	}
+    
+	/**
+	 * Get self with explicit_policy.
+	 *
+	 * @param int $num
+	 * @return self
+	 */
+	public function withExplicitPolicy(int $num): self
+	{
+		$state = clone $this;
+		$state->_explicitPolicy = $num;
+		return $state;
+	}
+    
+	/**
+	 * Get self with inhibit_anyPolicy.
+	 *
+	 * @param int $num
+	 * @return self
+	 */
+	public function withInhibitAnyPolicy(int $num): self
+	{
+		$state = clone $this;
+		$state->_inhibitAnyPolicy = $num;
+		return $state;
+	}
+    
+	/**
+	 * Get self with policy_mapping.
+	 *
+	 * @param int $num
+	 * @return self
+	 */
+	public function withPolicyMapping(int $num): self
+	{
+		$state = clone $this;
+		$state->_policyMapping = $num;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_public_key_algorithm.
+	 *
+	 * @param AlgorithmIdentifierType $algo
+	 * @return self
+	 */
+	public function withWorkingPublicKeyAlgorithm(AlgorithmIdentifierType $algo): self
+	{
+		$state = clone $this;
+		$state->_workingPublicKeyAlgorithm = $algo;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_public_key.
+	 *
+	 * @param PublicKeyInfo $pubkey_info
+	 * @return self
+	 */
+	public function withWorkingPublicKey(PublicKeyInfo $pubkey_info): self
+	{
+		$state = clone $this;
+		$state->_workingPublicKey = $pubkey_info;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_public_key_parameters.
+	 *
+	 * @param Element|null $params
+	 * @return self
+	 */
+	public function withWorkingPublicKeyParameters(Element $params = null): self
+	{
+		$state = clone $this;
+		$state->_workingPublicKeyParameters = $params;
+		return $state;
+	}
+    
+	/**
+	 * Get self with working_issuer_name.
+	 *
+	 * @param Name $issuer
+	 * @return self
+	 */
+	public function withWorkingIssuerName(Name $issuer): self
+	{
+		$state = clone $this;
+		$state->_workingIssuerName = $issuer;
+		return $state;
+	}
+    
+	/**
+	 * Get self with max_path_length.
+	 *
+	 * @param int $length
+	 * @return self
+	 */
+	public function withMaxPathLength(int $length): self
+	{
+		$state = clone $this;
+		$state->_maxPathLength = $length;
+		return $state;
+	}
+    
+	/**
+	 * Get the certification path length (n).
+	 *
+	 * @return int
+	 */
+	public function pathLength(): int
+	{
+		return $this->_pathLength;
+	}
+    
+	/**
+	 * Get the current index in certification path in the range of 1..n.
+	 *
+	 * @return int
+	 */
+	public function index(): int
+	{
+		return $this->_index;
+	}
+    
+	/**
+	 * Check whether valid_policy_tree is present.
+	 *
+	 * @return bool
+	 */
+	public function hasValidPolicyTree(): bool
+	{
+		return isset($this->_validPolicyTree);
+	}
+    
+	/**
+	 * Get valid_policy_tree.
+	 *
+	 * @throws \LogicException
+	 * @return PolicyTree
+	 */
+	public function validPolicyTree(): PolicyTree
+	{
+		if (!$this->hasValidPolicyTree()) {
+			throw new \LogicException("valid_policy_tree not set.");
+		}
+		return $this->_validPolicyTree;
+	}
+    
+	/**
+	 * Get permitted_subtrees.
+	 *
+	 * @return mixed
+	 */
+	public function permittedSubtrees()
+	{
+		return $this->_permittedSubtrees;
+	}
+    
+	/**
+	 * Get excluded_subtrees.
+	 *
+	 * @return mixed
+	 */
+	public function excludedSubtrees()
+	{
+		return $this->_excludedSubtrees;
+	}
+    
+	/**
+	 * Get explicit_policy.
+	 *
+	 * @return int
+	 */
+	public function explicitPolicy(): int
+	{
+		return $this->_explicitPolicy;
+	}
+    
+	/**
+	 * Get inhibit_anyPolicy.
+	 *
+	 * @return int
+	 */
+	public function inhibitAnyPolicy(): int
+	{
+		return $this->_inhibitAnyPolicy;
+	}
+    
+	/**
+	 * Get policy_mapping.
+	 *
+	 * @return int
+	 */
+	public function policyMapping(): int
+	{
+		return $this->_policyMapping;
+	}
+    
+	/**
+	 * Get working_public_key_algorithm.
+	 *
+	 * @return AlgorithmIdentifierType
+	 */
+	public function workingPublicKeyAlgorithm(): AlgorithmIdentifierType
+	{
+		return $this->_workingPublicKeyAlgorithm;
+	}
+    
+	/**
+	 * Get working_public_key.
+	 *
+	 * @return PublicKeyInfo
+	 */
+	public function workingPublicKey(): PublicKeyInfo
+	{
+		return $this->_workingPublicKey;
+	}
+    
+	/**
+	 * Get working_public_key_parameters.
+	 *
+	 * @return Element|null
+	 */
+	public function workingPublicKeyParameters()
+	{
+		return $this->_workingPublicKeyParameters;
+	}
+    
+	/**
+	 * Get working_issuer_name.
+	 *
+	 * @return Name
+	 */
+	public function workingIssuerName(): Name
+	{
+		return $this->_workingIssuerName;
+	}
+    
+	/**
+	 * Get maximum certification path length.
+	 *
+	 * @return int
+	 */
+	public function maxPathLength(): int
+	{
+		return $this->_maxPathLength;
+	}
+    
+	/**
+	 * Check whether processing the final certificate of the certification path.
+	 *
+	 * @return bool
+	 */
+	public function isFinal(): bool
+	{
+		return $this->_index == $this->_pathLength;
+	}
+    
+	/**
+	 * Get the path validation result.
+	 *
+	 * @param Certificate[] $certificates Certificates in a certification path
+	 * @return PathValidationResult
+	 */
+	public function getResult(array $certificates): PathValidationResult
+	{
+		return new PathValidationResult($certificates, $this->_validPolicyTree,
+			$this->_workingPublicKey, $this->_workingPublicKeyAlgorithm,
+			$this->_workingPublicKeyParameters);
+	}
+    
+	/**
+	 * Get ASN.1 parameters from algorithm identifier.
+	 *
+	 * @param AlgorithmIdentifierType $algo
+	 * @return Element|null ASN.1 element or null if parameters are omitted
+	 */
+	public static function getAlgorithmParameters(AlgorithmIdentifierType $algo)
+	{
+		$seq = $algo->toASN1();
+		return $seq->has(1) ? $seq->at(1)->asElement() : null;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/AttributeCertificate/ObjectDigestInfo.php 1 patch

Indentation +81 added lines, -81 removed lines patch added patch discarded remove patch

@@ -20,92 +20,92 @@
 block discarded – undo
  */
 class ObjectDigestInfo
 {
-    const TYPE_PUBLIC_KEY = 0;
-    const TYPE_PUBLIC_KEY_CERT = 1;
-    const TYPE_OTHER_OBJECT_TYPES = 2;
+	const TYPE_PUBLIC_KEY = 0;
+	const TYPE_PUBLIC_KEY_CERT = 1;
+	const TYPE_OTHER_OBJECT_TYPES = 2;
     
-    /**
-     * Object type.
-     *
-     * @var int $_digestedObjectType
-     */
-    protected $_digestedObjectType;
+	/**
+	 * Object type.
+	 *
+	 * @var int $_digestedObjectType
+	 */
+	protected $_digestedObjectType;
     
-    /**
-     * OID of other object type.
-     *
-     * @var string|null $_otherObjectTypeID
-     */
-    protected $_otherObjectTypeID;
+	/**
+	 * OID of other object type.
+	 *
+	 * @var string|null $_otherObjectTypeID
+	 */
+	protected $_otherObjectTypeID;
     
-    /**
-     * Digest algorithm.
-     *
-     * @var AlgorithmIdentifierType $_digestAlgorithm
-     */
-    protected $_digestAlgorithm;
+	/**
+	 * Digest algorithm.
+	 *
+	 * @var AlgorithmIdentifierType $_digestAlgorithm
+	 */
+	protected $_digestAlgorithm;
     
-    /**
-     * Object digest.
-     *
-     * @var BitString $_objectDigest
-     */
-    protected $_objectDigest;
+	/**
+	 * Object digest.
+	 *
+	 * @var BitString $_objectDigest
+	 */
+	protected $_objectDigest;
     
-    /**
-     * Constructor.
-     *
-     * @param int $type
-     * @param AlgorithmIdentifierType $algo
-     * @param BitString $digest
-     */
-    public function __construct(int $type, AlgorithmIdentifierType $algo,
-        BitString $digest)
-    {
-        $this->_digestedObjectType = $type;
-        $this->_otherObjectTypeID = null;
-        $this->_digestAlgorithm = $algo;
-        $this->_objectDigest = $digest;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param int $type
+	 * @param AlgorithmIdentifierType $algo
+	 * @param BitString $digest
+	 */
+	public function __construct(int $type, AlgorithmIdentifierType $algo,
+		BitString $digest)
+	{
+		$this->_digestedObjectType = $type;
+		$this->_otherObjectTypeID = null;
+		$this->_digestAlgorithm = $algo;
+		$this->_objectDigest = $digest;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $type = $seq->at(0)
-            ->asEnumerated()
-            ->intNumber();
-        $oid = null;
-        $idx = 1;
-        if ($seq->has($idx, Element::TYPE_OBJECT_IDENTIFIER)) {
-            $oid = $seq->at($idx++)
-                ->asObjectIdentifier()
-                ->oid();
-        }
-        $algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
-        $digest = $seq->at($idx)->asBitString();
-        $obj = new self($type, $algo, $digest);
-        $obj->_otherObjectTypeID = $oid;
-        return $obj;
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$type = $seq->at(0)
+			->asEnumerated()
+			->intNumber();
+		$oid = null;
+		$idx = 1;
+		if ($seq->has($idx, Element::TYPE_OBJECT_IDENTIFIER)) {
+			$oid = $seq->at($idx++)
+				->asObjectIdentifier()
+				->oid();
+		}
+		$algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
+		$digest = $seq->at($idx)->asBitString();
+		$obj = new self($type, $algo, $digest);
+		$obj->_otherObjectTypeID = $oid;
+		return $obj;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array(new Enumerated($this->_digestedObjectType));
-        if (isset($this->_otherObjectTypeID)) {
-            $elements[] = new ObjectIdentifier($this->_otherObjectTypeID);
-        }
-        $elements[] = $this->_digestAlgorithm->toASN1();
-        $elements[] = $this->_objectDigest;
-        return new Sequence(...$elements);
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array(new Enumerated($this->_digestedObjectType));
+		if (isset($this->_otherObjectTypeID)) {
+			$elements[] = new ObjectIdentifier($this->_otherObjectTypeID);
+		}
+		$elements[] = $this->_digestAlgorithm->toASN1();
+		$elements[] = $this->_objectDigest;
+		return new Sequence(...$elements);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/AttributeCertificate/V2Form.php 1 patch

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

@@ -19,144 +19,144 @@
 block discarded – undo
  */
 class V2Form extends AttCertIssuer
 {
-    /**
-     * Issuer name.
-     *
-     * @var GeneralNames $_issuerName
-     */
-    protected $_issuerName;
+	/**
+	 * Issuer name.
+	 *
+	 * @var GeneralNames $_issuerName
+	 */
+	protected $_issuerName;
     
-    /**
-     * Issuer PKC's issuer and serial.
-     *
-     * @var IssuerSerial $_baseCertificateID
-     */
-    protected $_baseCertificateID;
+	/**
+	 * Issuer PKC's issuer and serial.
+	 *
+	 * @var IssuerSerial $_baseCertificateID
+	 */
+	protected $_baseCertificateID;
     
-    /**
-     * Linked object.
-     *
-     * @var ObjectDigestInfo $_objectDigestInfo
-     */
-    protected $_objectDigestInfo;
+	/**
+	 * Linked object.
+	 *
+	 * @var ObjectDigestInfo $_objectDigestInfo
+	 */
+	protected $_objectDigestInfo;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralNames|null $names
-     */
-    public function __construct(GeneralNames $names = null)
-    {
-        $this->_issuerName = $names;
-        $this->_baseCertificateID = null;
-        $this->_objectDigestInfo = null;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralNames|null $names
+	 */
+	public function __construct(GeneralNames $names = null)
+	{
+		$this->_issuerName = $names;
+		$this->_baseCertificateID = null;
+		$this->_objectDigestInfo = null;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromV2ASN1(Sequence $seq): self
-    {
-        $issuer = null;
-        $cert_id = null;
-        $digest_info = null;
-        if ($seq->has(0, Element::TYPE_SEQUENCE)) {
-            $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
-        }
-        if ($seq->hasTagged(0)) {
-            $cert_id = IssuerSerial::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        if ($seq->hasTagged(1)) {
-            $digest_info = ObjectDigestInfo::fromASN1(
-                $seq->getTagged(1)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        $obj = new self($issuer);
-        $obj->_baseCertificateID = $cert_id;
-        $obj->_objectDigestInfo = $digest_info;
-        return $obj;
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromV2ASN1(Sequence $seq): self
+	{
+		$issuer = null;
+		$cert_id = null;
+		$digest_info = null;
+		if ($seq->has(0, Element::TYPE_SEQUENCE)) {
+			$issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
+		}
+		if ($seq->hasTagged(0)) {
+			$cert_id = IssuerSerial::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		if ($seq->hasTagged(1)) {
+			$digest_info = ObjectDigestInfo::fromASN1(
+				$seq->getTagged(1)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		$obj = new self($issuer);
+		$obj->_baseCertificateID = $cert_id;
+		$obj->_objectDigestInfo = $digest_info;
+		return $obj;
+	}
     
-    /**
-     * Check whether issuer name is set.
-     *
-     * @return bool
-     */
-    public function hasIssuerName(): bool
-    {
-        return isset($this->_issuerName);
-    }
+	/**
+	 * Check whether issuer name is set.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerName(): bool
+	{
+		return isset($this->_issuerName);
+	}
     
-    /**
-     * Get issuer name.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function issuerName(): GeneralNames
-    {
-        if (!$this->hasIssuerName()) {
-            throw new \LogicException("issuerName not set.");
-        }
-        return $this->_issuerName;
-    }
+	/**
+	 * Get issuer name.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function issuerName(): GeneralNames
+	{
+		if (!$this->hasIssuerName()) {
+			throw new \LogicException("issuerName not set.");
+		}
+		return $this->_issuerName;
+	}
     
-    /**
-     * Get DN of the issuer.
-     *
-     * This is a convenience method conforming to RFC 5755, which states
-     * that Issuer must contain only one non-empty distinguished name.
-     *
-     * @return \X501\ASN1\Name
-     */
-    public function name(): Name
-    {
-        return $this->issuerName()->firstDN();
-    }
+	/**
+	 * Get DN of the issuer.
+	 *
+	 * This is a convenience method conforming to RFC 5755, which states
+	 * that Issuer must contain only one non-empty distinguished name.
+	 *
+	 * @return \X501\ASN1\Name
+	 */
+	public function name(): Name
+	{
+		return $this->issuerName()->firstDN();
+	}
     
-    /**
-     *
-     * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
-     * @return ImplicitlyTaggedType Tagged Sequence
-     */
-    public function toASN1(): TaggedType
-    {
-        $elements = array();
-        if (isset($this->_issuerName)) {
-            $elements[] = $this->_issuerName->toASN1();
-        }
-        if (isset($this->_baseCertificateID)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_baseCertificateID->toASN1());
-        }
-        if (isset($this->_objectDigestInfo)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                $this->_objectDigestInfo->toASN1());
-        }
-        return new ImplicitlyTaggedType(0, new Sequence(...$elements));
-    }
+	/**
+	 *
+	 * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
+	 * @return ImplicitlyTaggedType Tagged Sequence
+	 */
+	public function toASN1(): TaggedType
+	{
+		$elements = array();
+		if (isset($this->_issuerName)) {
+			$elements[] = $this->_issuerName->toASN1();
+		}
+		if (isset($this->_baseCertificateID)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_baseCertificateID->toASN1());
+		}
+		if (isset($this->_objectDigestInfo)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				$this->_objectDigestInfo->toASN1());
+		}
+		return new ImplicitlyTaggedType(0, new Sequence(...$elements));
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
-     * @return bool
-     */
-    public function identifiesPKC(Certificate $cert): bool
-    {
-        $name = $this->_issuerName->firstDN();
-        if (!$cert->tbsCertificate()
-            ->subject()
-            ->equals($name)) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
+	 * @return bool
+	 */
+	public function identifiesPKC(Certificate $cert): bool
+	{
+		$name = $this->_issuerName->firstDN();
+		if (!$cert->tbsCertificate()
+			->subject()
+			->equals($name)) {
+			return false;
+		}
+		return true;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/AttributeCertificate/Attribute/RoleAttributeValue.php 1 patch

Indentation +139 added lines, -139 removed lines patch added patch discarded remove patch

@@ -23,155 +23,155 @@
 block discarded – undo
  */
 class RoleAttributeValue extends AttributeValue
 {
-    /**
-     * Issuing authority.
-     *
-     * @var GeneralNames $_roleAuthority
-     */
-    protected $_roleAuthority;
+	/**
+	 * Issuing authority.
+	 *
+	 * @var GeneralNames $_roleAuthority
+	 */
+	protected $_roleAuthority;
     
-    /**
-     * Role name.
-     *
-     * @var GeneralName $_roleName
-     */
-    protected $_roleName;
+	/**
+	 * Role name.
+	 *
+	 * @var GeneralName $_roleName
+	 */
+	protected $_roleName;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralName $name Role name
-     * @param GeneralNames|null $authority Issuing authority
-     */
-    public function __construct(GeneralName $name, GeneralNames $authority = null)
-    {
-        $this->_roleAuthority = $authority;
-        $this->_roleName = $name;
-        $this->_oid = AttributeType::OID_ROLE;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralName $name Role name
+	 * @param GeneralNames|null $authority Issuing authority
+	 */
+	public function __construct(GeneralName $name, GeneralNames $authority = null)
+	{
+		$this->_roleAuthority = $authority;
+		$this->_roleName = $name;
+		$this->_oid = AttributeType::OID_ROLE;
+	}
     
-    /**
-     * Initialize from a role string.
-     *
-     * @param string $role_name Role name in URI format
-     * @param GeneralNames|null $authority Issuing authority
-     * @return self
-     */
-    public static function fromString(string $role_name,
-        GeneralNames $authority = null): self
-    {
-        return new self(new UniformResourceIdentifier($role_name), $authority);
-    }
+	/**
+	 * Initialize from a role string.
+	 *
+	 * @param string $role_name Role name in URI format
+	 * @param GeneralNames|null $authority Issuing authority
+	 * @return self
+	 */
+	public static function fromString(string $role_name,
+		GeneralNames $authority = null): self
+	{
+		return new self(new UniformResourceIdentifier($role_name), $authority);
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el): self
-    {
-        $seq = $el->asSequence();
-        $authority = null;
-        if ($seq->hasTagged(0)) {
-            $authority = GeneralNames::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        $name = GeneralName::fromASN1(
-            $seq->getTagged(1)
-                ->asExplicit()
-                ->asTagged());
-        return new self($name, $authority);
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el): self
+	{
+		$seq = $el->asSequence();
+		$authority = null;
+		if ($seq->hasTagged(0)) {
+			$authority = GeneralNames::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		$name = GeneralName::fromASN1(
+			$seq->getTagged(1)
+				->asExplicit()
+				->asTagged());
+		return new self($name, $authority);
+	}
     
-    /**
-     * Check whether issuing authority is present.
-     *
-     * @return bool
-     */
-    public function hasRoleAuthority(): bool
-    {
-        return isset($this->_roleAuthority);
-    }
+	/**
+	 * Check whether issuing authority is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRoleAuthority(): bool
+	{
+		return isset($this->_roleAuthority);
+	}
     
-    /**
-     * Get issuing authority.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function roleAuthority(): GeneralNames
-    {
-        if (!$this->hasRoleAuthority()) {
-            throw new \LogicException("roleAuthority not set.");
-        }
-        return $this->_roleAuthority;
-    }
+	/**
+	 * Get issuing authority.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function roleAuthority(): GeneralNames
+	{
+		if (!$this->hasRoleAuthority()) {
+			throw new \LogicException("roleAuthority not set.");
+		}
+		return $this->_roleAuthority;
+	}
     
-    /**
-     * Get role name.
-     *
-     * @return GeneralName
-     */
-    public function roleName(): GeneralName
-    {
-        return $this->_roleName;
-    }
+	/**
+	 * Get role name.
+	 *
+	 * @return GeneralName
+	 */
+	public function roleName(): GeneralName
+	{
+		return $this->_roleName;
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array();
-        if (isset($this->_roleAuthority)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_roleAuthority->toASN1());
-        }
-        $elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array();
+		if (isset($this->_roleAuthority)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_roleAuthority->toASN1());
+		}
+		$elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
+		return new Sequence(...$elements);
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
-     * @return string
-     */
-    public function stringValue(): string
-    {
-        return "#" . bin2hex($this->toASN1()->toDER());
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
+	 * @return string
+	 */
+	public function stringValue(): string
+	{
+		return "#" . bin2hex($this->toASN1()->toDER());
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
-     * @return BinaryMatch
-     */
-    public function equalityMatchingRule(): BinaryMatch
-    {
-        return new BinaryMatch();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
+	 * @return BinaryMatch
+	 */
+	public function equalityMatchingRule(): BinaryMatch
+	{
+		return new BinaryMatch();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
-     * @return string
-     */
-    public function rfc2253String(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
+	 * @return string
+	 */
+	public function rfc2253String(): string
+	{
+		return $this->stringValue();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
-     * @return string
-     */
-    protected function _transcodedString(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
+	 * @return string
+	 */
+	protected function _transcodedString(): string
+	{
+		return $this->stringValue();
+	}
 }

Please login to merge, or discard this patch.

GitHub Access Token became invalid

Push — master ( 584877...f7ba31 )

Status

Category

Indentation +123 added lines, -123 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +238 added lines, -238 removed lines patch added patch discarded remove patch

Indentation +393 added lines, -393 removed lines patch added patch discarded remove patch

Indentation +155 added lines, -155 removed lines patch added patch discarded remove patch

Indentation +245 added lines, -245 removed lines patch added patch discarded remove patch

Indentation +480 added lines, -480 removed lines patch added patch discarded remove patch

Indentation +81 added lines, -81 removed lines patch added patch discarded remove patch

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

Indentation +139 added lines, -139 removed lines patch added patch discarded remove patch

		@@ -19,139 +19,139 @@
		block discarded – undo
19	19	* @link https://tools.ietf.org/html/rfc5755#section-4.3.2
20	20	*/
21	21	class TargetInformationExtension extends Extension implements
22		- \Countable,
23		- \IteratorAggregate
	22	+ \Countable,
	23	+ \IteratorAggregate
24	24	{
25		- /**
26		- * Targets elements.
27		- *
28		- * @var Targets[] $_targets
29		- */
30		- protected $_targets;
	25	+ /**
	26	+ * Targets elements.
	27	+ *
	28	+ * @var Targets[] $_targets
	29	+ */
	30	+ protected $_targets;
31	31
32		- /**
33		- * Targets[] merged to single Targets.
34		- *
35		- * @var Targets\|null
36		- */
37		- private $_merged;
	32	+ /**
	33	+ * Targets[] merged to single Targets.
	34	+ *
	35	+ * @var Targets\|null
	36	+ */
	37	+ private $_merged;
38	38
39		- /**
40		- * Constructor.
41		- *
42		- * @param bool $critical
43		- * @param Targets[] $targets
44		- */
45		- public function __construct(bool $critical, Targets ...$targets)
46		- {
47		- parent::__construct(self::OID_TARGET_INFORMATION, $critical);
48		- $this->_targets = $targets;
49		- }
	39	+ /**
	40	+ * Constructor.
	41	+ *
	42	+ * @param bool $critical
	43	+ * @param Targets[] $targets
	44	+ */
	45	+ public function __construct(bool $critical, Targets ...$targets)
	46	+ {
	47	+ parent::__construct(self::OID_TARGET_INFORMATION, $critical);
	48	+ $this->_targets = $targets;
	49	+ }
50	50
51		- /**
52		- * Initialize from one or more Target objects.
53		- *
54		- * Extension criticality shall be set to true as specified by RFC 5755.
55		- *
56		- * @param Target[] $target
57		- * @return TargetInformationExtension
58		- */
59		- public static function fromTargets(Target ...$target): self
60		- {
61		- return new self(true, new Targets(...$target));
62		- }
	51	+ /**
	52	+ * Initialize from one or more Target objects.
	53	+ *
	54	+ * Extension criticality shall be set to true as specified by RFC 5755.
	55	+ *
	56	+ * @param Target[] $target
	57	+ * @return TargetInformationExtension
	58	+ */
	59	+ public static function fromTargets(Target ...$target): self
	60	+ {
	61	+ return new self(true, new Targets(...$target));
	62	+ }
63	63
64		- /**
65		- * Reset internal state on clone.
66		- */
67		- public function __clone()
68		- {
69		- $this->_merged = null;
70		- }
	64	+ /**
	65	+ * Reset internal state on clone.
	66	+ */
	67	+ public function __clone()
	68	+ {
	69	+ $this->_merged = null;
	70	+ }
71	71
72		- /**
73		- *
74		- * {@inheritdoc}
75		- * @return self
76		- */
77		- protected static function _fromDER(string $data, bool $critical): self
78		- {
79		- $targets = array_map(
80		- function (UnspecifiedType $el) {
81		- return Targets::fromASN1($el->asSequence());
82		- }, Sequence::fromDER($data)->elements());
83		- return new self($critical, ...$targets);
84		- }
	72	+ /**
	73	+ *
	74	+ * {@inheritdoc}
	75	+ * @return self
	76	+ */
	77	+ protected static function _fromDER(string $data, bool $critical): self
	78	+ {
	79	+ $targets = array_map(
	80	+ function (UnspecifiedType $el) {
	81	+ return Targets::fromASN1($el->asSequence());
	82	+ }, Sequence::fromDER($data)->elements());
	83	+ return new self($critical, ...$targets);
	84	+ }
85	85
86		- /**
87		- * Get all targets.
88		- *
89		- * @return Targets
90		- */
91		- public function targets(): Targets
92		- {
93		- if (!isset($this->_merged)) {
94		- $a = array();
95		- foreach ($this->_targets as $targets) {
96		- $a = array_merge($a, $targets->all());
97		- }
98		- $this->_merged = new Targets(...$a);
99		- }
100		- return $this->_merged;
101		- }
	86	+ /**
	87	+ * Get all targets.
	88	+ *
	89	+ * @return Targets
	90	+ */
	91	+ public function targets(): Targets
	92	+ {
	93	+ if (!isset($this->_merged)) {
	94	+ $a = array();
	95	+ foreach ($this->_targets as $targets) {
	96	+ $a = array_merge($a, $targets->all());
	97	+ }
	98	+ $this->_merged = new Targets(...$a);
	99	+ }
	100	+ return $this->_merged;
	101	+ }
102	102
103		- /**
104		- * Get all name targets.
105		- *
106		- * @return Target[]
107		- */
108		- public function names(): array
109		- {
110		- return $this->targets()->nameTargets();
111		- }
	103	+ /**
	104	+ * Get all name targets.
	105	+ *
	106	+ * @return Target[]
	107	+ */
	108	+ public function names(): array
	109	+ {
	110	+ return $this->targets()->nameTargets();
	111	+ }
112	112
113		- /**
114		- * Get all group targets.
115		- *
116		- * @return Target[]
117		- */
118		- public function groups(): array
119		- {
120		- return $this->targets()->groupTargets();
121		- }
	113	+ /**
	114	+ * Get all group targets.
	115	+ *
	116	+ * @return Target[]
	117	+ */
	118	+ public function groups(): array
	119	+ {
	120	+ return $this->targets()->groupTargets();
	121	+ }
122	122
123		- /**
124		- *
125		- * @see \X509\Certificate\Extension\Extension::_valueASN1()
126		- * @return Sequence
127		- */
128		- protected function _valueASN1(): Sequence
129		- {
130		- $elements = array_map(
131		- function (Targets $targets) {
132		- return $targets->toASN1();
133		- }, $this->_targets);
134		- return new Sequence(...$elements);
135		- }
	123	+ /**
	124	+ *
	125	+ * @see \X509\Certificate\Extension\Extension::_valueASN1()
	126	+ * @return Sequence
	127	+ */
	128	+ protected function _valueASN1(): Sequence
	129	+ {
	130	+ $elements = array_map(
	131	+ function (Targets $targets) {
	132	+ return $targets->toASN1();
	133	+ }, $this->_targets);
	134	+ return new Sequence(...$elements);
	135	+ }
136	136
137		- /**
138		- *
139		- * @see \Countable::count()
140		- * @return int
141		- */
142		- public function count(): int
143		- {
144		- return count($this->targets());
145		- }
	137	+ /**
	138	+ *
	139	+ * @see \Countable::count()
	140	+ * @return int
	141	+ */
	142	+ public function count(): int
	143	+ {
	144	+ return count($this->targets());
	145	+ }
146	146
147		- /**
148		- * Get iterator for targets.
149		- *
150		- * @see \IteratorAggregate::getIterator()
151		- * @return \ArrayIterator
152		- */
153		- public function getIterator(): \ArrayIterator
154		- {
155		- return new \ArrayIterator($this->targets()->all());
156		- }
	147	+ /**
	148	+ * Get iterator for targets.
	149	+ *
	150	+ * @see \IteratorAggregate::getIterator()
	151	+ * @return \ArrayIterator
	152	+ */
	153	+ public function getIterator(): \ArrayIterator
	154	+ {
	155	+ return new \ArrayIterator($this->targets()->all());
	156	+ }
157	157	}

		@@ -77,7 +77,7 @@ discard block
		block discarded – undo
77	77	protected static function _fromDER(string $data, bool $critical): self
78	78	{
79	79	$targets = array_map(
80		- function (UnspecifiedType $el) {
	80	+ function(UnspecifiedType $el) {
81	81	return Targets::fromASN1($el->asSequence());
82	82	}, Sequence::fromDER($data)->elements());
83	83	return new self($critical, ...$targets);
		@@ -128,7 +128,7 @@ discard block
		block discarded – undo
128	128	protected function _valueASN1(): Sequence
129	129	{
130	130	$elements = array_map(
131		- function (Targets $targets) {
	131	+ function(Targets $targets) {
132	132	return $targets->toASN1();
133	133	}, $this->_targets);
134	134	return new Sequence(...$elements);

		@@ -14,265 +14,265 @@
		block discarded – undo
14	14	*/
15	15	class PolicyNode implements \IteratorAggregate, \Countable
16	16	{
17		- /**
18		- * Policy OID.
19		- *
20		- * @var string
21		- */
22		- protected $_validPolicy;
	17	+ /**
	18	+ * Policy OID.
	19	+ *
	20	+ * @var string
	21	+ */
	22	+ protected $_validPolicy;
23	23
24		- /**
25		- * List of qualifiers.
26		- *
27		- * @var \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
28		- */
29		- protected $_qualifiers;
	24	+ /**
	25	+ * List of qualifiers.
	26	+ *
	27	+ * @var \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
	28	+ */
	29	+ protected $_qualifiers;
30	30
31		- /**
32		- * List of expected policy OIDs.
33		- *
34		- * @var string[]
35		- */
36		- protected $_expectedPolicies;
	31	+ /**
	32	+ * List of expected policy OIDs.
	33	+ *
	34	+ * @var string[]
	35	+ */
	36	+ protected $_expectedPolicies;
37	37
38		- /**
39		- * List of child nodes.
40		- *
41		- * @var PolicyNode[]
42		- */
43		- protected $_children;
	38	+ /**
	39	+ * List of child nodes.
	40	+ *
	41	+ * @var PolicyNode[]
	42	+ */
	43	+ protected $_children;
44	44
45		- /**
46		- * Reference to the parent node.
47		- *
48		- * @var PolicyNode\|null
49		- */
50		- protected $_parent;
	45	+ /**
	46	+ * Reference to the parent node.
	47	+ *
	48	+ * @var PolicyNode\|null
	49	+ */
	50	+ protected $_parent;
51	51
52		- /**
53		- * Constructor.
54		- *
55		- * @param string $valid_policy Policy OID
56		- * @param \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[] $qualifiers
57		- * @param string[] $expected_policies
58		- */
59		- public function __construct(string $valid_policy, array $qualifiers,
60		- array $expected_policies)
61		- {
62		- $this->_validPolicy = $valid_policy;
63		- $this->_qualifiers = $qualifiers;
64		- $this->_expectedPolicies = $expected_policies;
65		- $this->_children = array();
66		- }
	52	+ /**
	53	+ * Constructor.
	54	+ *
	55	+ * @param string $valid_policy Policy OID
	56	+ * @param \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[] $qualifiers
	57	+ * @param string[] $expected_policies
	58	+ */
	59	+ public function __construct(string $valid_policy, array $qualifiers,
	60	+ array $expected_policies)
	61	+ {
	62	+ $this->_validPolicy = $valid_policy;
	63	+ $this->_qualifiers = $qualifiers;
	64	+ $this->_expectedPolicies = $expected_policies;
	65	+ $this->_children = array();
	66	+ }
67	67
68		- /**
69		- * Create initial node for the policy tree.
70		- *
71		- * @return self
72		- */
73		- public static function anyPolicyNode(): self
74		- {
75		- return new self(PolicyInformation::OID_ANY_POLICY, array(),
76		- array(PolicyInformation::OID_ANY_POLICY));
77		- }
	68	+ /**
	69	+ * Create initial node for the policy tree.
	70	+ *
	71	+ * @return self
	72	+ */
	73	+ public static function anyPolicyNode(): self
	74	+ {
	75	+ return new self(PolicyInformation::OID_ANY_POLICY, array(),
	76	+ array(PolicyInformation::OID_ANY_POLICY));
	77	+ }
78	78
79		- /**
80		- * Get the valid policy OID.
81		- *
82		- * @return string
83		- */
84		- public function validPolicy(): string
85		- {
86		- return $this->_validPolicy;
87		- }
	79	+ /**
	80	+ * Get the valid policy OID.
	81	+ *
	82	+ * @return string
	83	+ */
	84	+ public function validPolicy(): string
	85	+ {
	86	+ return $this->_validPolicy;
	87	+ }
88	88
89		- /**
90		- * Check whether node has anyPolicy as a valid policy.
91		- *
92		- * @return boolean
93		- */
94		- public function isAnyPolicy(): bool
95		- {
96		- return PolicyInformation::OID_ANY_POLICY == $this->_validPolicy;
97		- }
	89	+ /**
	90	+ * Check whether node has anyPolicy as a valid policy.
	91	+ *
	92	+ * @return boolean
	93	+ */
	94	+ public function isAnyPolicy(): bool
	95	+ {
	96	+ return PolicyInformation::OID_ANY_POLICY == $this->_validPolicy;
	97	+ }
98	98
99		- /**
100		- * Get the qualifier set.
101		- *
102		- * @return \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
103		- */
104		- public function qualifiers(): array
105		- {
106		- return $this->_qualifiers;
107		- }
	99	+ /**
	100	+ * Get the qualifier set.
	101	+ *
	102	+ * @return \X509\Certificate\Extension\CertificatePolicy\PolicyQualifierInfo[]
	103	+ */
	104	+ public function qualifiers(): array
	105	+ {
	106	+ return $this->_qualifiers;
	107	+ }
108	108
109		- /**
110		- * Check whether node has OID as an expected policy.
111		- *
112		- * @param string $oid
113		- * @return boolean
114		- */
115		- public function hasExpectedPolicy(string $oid): bool
116		- {
117		- return in_array($oid, $this->_expectedPolicies);
118		- }
	109	+ /**
	110	+ * Check whether node has OID as an expected policy.
	111	+ *
	112	+ * @param string $oid
	113	+ * @return boolean
	114	+ */
	115	+ public function hasExpectedPolicy(string $oid): bool
	116	+ {
	117	+ return in_array($oid, $this->_expectedPolicies);
	118	+ }
119	119
120		- /**
121		- * Get the expected policy set.
122		- *
123		- * @return string[]
124		- */
125		- public function expectedPolicies(): array
126		- {
127		- return $this->_expectedPolicies;
128		- }
	120	+ /**
	121	+ * Get the expected policy set.
	122	+ *
	123	+ * @return string[]
	124	+ */
	125	+ public function expectedPolicies(): array
	126	+ {
	127	+ return $this->_expectedPolicies;
	128	+ }
129	129
130		- /**
131		- * Set expected policies.
132		- *
133		- * @param string ...$oids Policy OIDs
134		- */
135		- public function setExpectedPolicies(string ...$oids)
136		- {
137		- $this->_expectedPolicies = $oids;
138		- }
	130	+ /**
	131	+ * Set expected policies.
	132	+ *
	133	+ * @param string ...$oids Policy OIDs
	134	+ */
	135	+ public function setExpectedPolicies(string ...$oids)
	136	+ {
	137	+ $this->_expectedPolicies = $oids;
	138	+ }
139	139
140		- /**
141		- * Check whether node has a child node with given valid policy OID.
142		- *
143		- * @param string $oid
144		- * @return boolean
145		- */
146		- public function hasChildWithValidPolicy(string $oid): bool
147		- {
148		- foreach ($this->_children as $node) {
149		- if ($node->validPolicy() == $oid) {
150		- return true;
151		- }
152		- }
153		- return false;
154		- }
	140	+ /**
	141	+ * Check whether node has a child node with given valid policy OID.
	142	+ *
	143	+ * @param string $oid
	144	+ * @return boolean
	145	+ */
	146	+ public function hasChildWithValidPolicy(string $oid): bool
	147	+ {
	148	+ foreach ($this->_children as $node) {
	149	+ if ($node->validPolicy() == $oid) {
	150	+ return true;
	151	+ }
	152	+ }
	153	+ return false;
	154	+ }
155	155
156		- /**
157		- * Add child node.
158		- *
159		- * @param PolicyNode $node
160		- * @return self
161		- */
162		- public function addChild(PolicyNode $node): self
163		- {
164		- $id = spl_object_hash($node);
165		- $node->_parent = $this;
166		- $this->_children[$id] = $node;
167		- return $this;
168		- }
	156	+ /**
	157	+ * Add child node.
	158	+ *
	159	+ * @param PolicyNode $node
	160	+ * @return self
	161	+ */
	162	+ public function addChild(PolicyNode $node): self
	163	+ {
	164	+ $id = spl_object_hash($node);
	165	+ $node->_parent = $this;
	166	+ $this->_children[$id] = $node;
	167	+ return $this;
	168	+ }
169	169
170		- /**
171		- * Get the child nodes.
172		- *
173		- * @return PolicyNode[]
174		- */
175		- public function children(): array
176		- {
177		- return array_values($this->_children);
178		- }
	170	+ /**
	171	+ * Get the child nodes.
	172	+ *
	173	+ * @return PolicyNode[]
	174	+ */
	175	+ public function children(): array
	176	+ {
	177	+ return array_values($this->_children);
	178	+ }
179	179
180		- /**
181		- * Remove this node from the tree.
182		- *
183		- * @return self The removed node
184		- */
185		- public function remove(): self
186		- {
187		- if ($this->_parent) {
188		- $id = spl_object_hash($this);
189		- unset($this->_parent->_children[$id]);
190		- unset($this->_parent);
191		- }
192		- return $this;
193		- }
	180	+ /**
	181	+ * Remove this node from the tree.
	182	+ *
	183	+ * @return self The removed node
	184	+ */
	185	+ public function remove(): self
	186	+ {
	187	+ if ($this->_parent) {
	188	+ $id = spl_object_hash($this);
	189	+ unset($this->_parent->_children[$id]);
	190	+ unset($this->_parent);
	191	+ }
	192	+ return $this;
	193	+ }
194	194
195		- /**
196		- * Check whether node has a parent.
197		- *
198		- * @return bool
199		- */
200		- public function hasParent(): bool
201		- {
202		- return isset($this->_parent);
203		- }
	195	+ /**
	196	+ * Check whether node has a parent.
	197	+ *
	198	+ * @return bool
	199	+ */
	200	+ public function hasParent(): bool
	201	+ {
	202	+ return isset($this->_parent);
	203	+ }
204	204
205		- /**
206		- * Get the parent node.
207		- *
208		- * @return PolicyNode\|null
209		- */
210		- public function parent()
211		- {
212		- return $this->_parent;
213		- }
	205	+ /**
	206	+ * Get the parent node.
	207	+ *
	208	+ * @return PolicyNode\|null
	209	+ */
	210	+ public function parent()
	211	+ {
	212	+ return $this->_parent;
	213	+ }
214	214
215		- /**
216		- * Get chain of parent nodes from this node's parent to the root node.
217		- *
218		- * @return PolicyNode[]
219		- */
220		- public function parents(): array
221		- {
222		- if (!$this->_parent) {
223		- return array();
224		- }
225		- $nodes = $this->_parent->parents();
226		- $nodes[] = $this->_parent;
227		- return array_reverse($nodes);
228		- }
	215	+ /**
	216	+ * Get chain of parent nodes from this node's parent to the root node.
	217	+ *
	218	+ * @return PolicyNode[]
	219	+ */
	220	+ public function parents(): array
	221	+ {
	222	+ if (!$this->_parent) {
	223	+ return array();
	224	+ }
	225	+ $nodes = $this->_parent->parents();
	226	+ $nodes[] = $this->_parent;
	227	+ return array_reverse($nodes);
	228	+ }
229	229
230		- /**
231		- * Walk tree from this node, applying a callback for each node.
232		- *
233		- * Nodes are traversed depth-first and callback shall be applied post-order.
234		- *
235		- * @param callable $fn
236		- */
237		- public function walkNodes(callable $fn)
238		- {
239		- foreach ($this->_children as $node) {
240		- $node->walkNodes($fn);
241		- }
242		- $fn($this);
243		- }
	230	+ /**
	231	+ * Walk tree from this node, applying a callback for each node.
	232	+ *
	233	+ * Nodes are traversed depth-first and callback shall be applied post-order.
	234	+ *
	235	+ * @param callable $fn
	236	+ */
	237	+ public function walkNodes(callable $fn)
	238	+ {
	239	+ foreach ($this->_children as $node) {
	240	+ $node->walkNodes($fn);
	241	+ }
	242	+ $fn($this);
	243	+ }
244	244
245		- /**
246		- * Get the total number of nodes in a tree.
247		- *
248		- * @return int
249		- */
250		- public function nodeCount(): int
251		- {
252		- $c = 1;
253		- foreach ($this->_children as $child) {
254		- $c += $child->nodeCount();
255		- }
256		- return $c;
257		- }
	245	+ /**
	246	+ * Get the total number of nodes in a tree.
	247	+ *
	248	+ * @return int
	249	+ */
	250	+ public function nodeCount(): int
	251	+ {
	252	+ $c = 1;
	253	+ foreach ($this->_children as $child) {
	254	+ $c += $child->nodeCount();
	255	+ }
	256	+ return $c;
	257	+ }
258	258
259		- /**
260		- * Get the number of child nodes.
261		- *
262		- * @see \Countable::count()
263		- */
264		- public function count(): int
265		- {
266		- return count($this->_children);
267		- }
	259	+ /**
	260	+ * Get the number of child nodes.
	261	+ *
	262	+ * @see \Countable::count()
	263	+ */
	264	+ public function count(): int
	265	+ {
	266	+ return count($this->_children);
	267	+ }
268	268
269		- /**
270		- * Get iterator for the child nodes.
271		- *
272		- * @see \IteratorAggregate::getIterator()
273		- */
274		- public function getIterator(): \ArrayIterator
275		- {
276		- return new \ArrayIterator($this->_children);
277		- }
	269	+ /**
	270	+ * Get iterator for the child nodes.
	271	+ *
	272	+ * @see \IteratorAggregate::getIterator()
	273	+ */
	274	+ public function getIterator(): \ArrayIterator
	275	+ {
	276	+ return new \ArrayIterator($this->_children);
	277	+ }
278	278	}

		@@ -23,171 +23,171 @@
		block discarded – undo
23	23	*/
24	24	class CertificationPath implements \Countable, \IteratorAggregate
25	25	{
26		- /**
27		- * Certification path.
28		- *
29		- * @var Certificate[] $_certificates
30		- */
31		- protected $_certificates;
	26	+ /**
	27	+ * Certification path.
	28	+ *
	29	+ * @var Certificate[] $_certificates
	30	+ */
	31	+ protected $_certificates;
32	32
33		- /**
34		- * Constructor.
35		- *
36		- * @param Certificate ...$certificates Certificates from the trust anchor
37		- * to the target end-entity certificate
38		- */
39		- public function __construct(Certificate ...$certificates)
40		- {
41		- $this->_certificates = $certificates;
42		- }
	33	+ /**
	34	+ * Constructor.
	35	+ *
	36	+ * @param Certificate ...$certificates Certificates from the trust anchor
	37	+ * to the target end-entity certificate
	38	+ */
	39	+ public function __construct(Certificate ...$certificates)
	40	+ {
	41	+ $this->_certificates = $certificates;
	42	+ }
43	43
44		- /**
45		- * Initialize from a certificate chain.
46		- *
47		- * @param CertificateChain $chain
48		- * @return self
49		- */
50		- public static function fromCertificateChain(CertificateChain $chain): self
51		- {
52		- return new self(...array_reverse($chain->certificates(), false));
53		- }
	44	+ /**
	45	+ * Initialize from a certificate chain.
	46	+ *
	47	+ * @param CertificateChain $chain
	48	+ * @return self
	49	+ */
	50	+ public static function fromCertificateChain(CertificateChain $chain): self
	51	+ {
	52	+ return new self(...array_reverse($chain->certificates(), false));
	53	+ }
54	54
55		- /**
56		- * Build certification path to given target.
57		- *
58		- * @param Certificate $target Target end-entity certificate
59		- * @param CertificateBundle $trust_anchors List of trust anchors
60		- * @param CertificateBundle\|null $intermediate Optional intermediate
61		- * certificates
62		- * @return self
63		- */
64		- public static function toTarget(Certificate $target,
65		- CertificateBundle $trust_anchors, CertificateBundle $intermediate = null): self
66		- {
67		- $builder = new CertificationPathBuilder($trust_anchors);
68		- return $builder->shortestPathToTarget($target, $intermediate);
69		- }
	55	+ /**
	56	+ * Build certification path to given target.
	57	+ *
	58	+ * @param Certificate $target Target end-entity certificate
	59	+ * @param CertificateBundle $trust_anchors List of trust anchors
	60	+ * @param CertificateBundle\|null $intermediate Optional intermediate
	61	+ * certificates
	62	+ * @return self
	63	+ */
	64	+ public static function toTarget(Certificate $target,
	65	+ CertificateBundle $trust_anchors, CertificateBundle $intermediate = null): self
	66	+ {
	67	+ $builder = new CertificationPathBuilder($trust_anchors);
	68	+ return $builder->shortestPathToTarget($target, $intermediate);
	69	+ }
70	70
71		- /**
72		- * Build certification path from given trust anchor to target certificate,
73		- * using intermediate certificates from given bundle.
74		- *
75		- * @param Certificate $trust_anchor Trust anchor certificate
76		- * @param Certificate $target Target end-entity certificate
77		- * @param CertificateBundle\|null $intermediate Optional intermediate
78		- * certificates
79		- * @return self
80		- */
81		- public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
82		- Certificate $target, CertificateBundle $intermediate = null): self
83		- {
84		- return self::toTarget($target, new CertificateBundle($trust_anchor),
85		- $intermediate);
86		- }
	71	+ /**
	72	+ * Build certification path from given trust anchor to target certificate,
	73	+ * using intermediate certificates from given bundle.
	74	+ *
	75	+ * @param Certificate $trust_anchor Trust anchor certificate
	76	+ * @param Certificate $target Target end-entity certificate
	77	+ * @param CertificateBundle\|null $intermediate Optional intermediate
	78	+ * certificates
	79	+ * @return self
	80	+ */
	81	+ public static function fromTrustAnchorToTarget(Certificate $trust_anchor,
	82	+ Certificate $target, CertificateBundle $intermediate = null): self
	83	+ {
	84	+ return self::toTarget($target, new CertificateBundle($trust_anchor),
	85	+ $intermediate);
	86	+ }
87	87
88		- /**
89		- * Get certificates.
90		- *
91		- * @return Certificate[]
92		- */
93		- public function certificates(): array
94		- {
95		- return $this->_certificates;
96		- }
	88	+ /**
	89	+ * Get certificates.
	90	+ *
	91	+ * @return Certificate[]
	92	+ */
	93	+ public function certificates(): array
	94	+ {
	95	+ return $this->_certificates;
	96	+ }
97	97
98		- /**
99		- * Get the trust anchor certificate from the path.
100		- *
101		- * @throws \LogicException If path is empty
102		- * @return Certificate
103		- */
104		- public function trustAnchorCertificate(): Certificate
105		- {
106		- if (!count($this->_certificates)) {
107		- throw new \LogicException("No certificates.");
108		- }
109		- return $this->_certificates[0];
110		- }
	98	+ /**
	99	+ * Get the trust anchor certificate from the path.
	100	+ *
	101	+ * @throws \LogicException If path is empty
	102	+ * @return Certificate
	103	+ */
	104	+ public function trustAnchorCertificate(): Certificate
	105	+ {
	106	+ if (!count($this->_certificates)) {
	107	+ throw new \LogicException("No certificates.");
	108	+ }
	109	+ return $this->_certificates[0];
	110	+ }
111	111
112		- /**
113		- * Get the end-entity certificate from the path.
114		- *
115		- * @throws \LogicException If path is empty
116		- * @return Certificate
117		- */
118		- public function endEntityCertificate(): Certificate
119		- {
120		- if (!count($this->_certificates)) {
121		- throw new \LogicException("No certificates.");
122		- }
123		- return $this->_certificates[count($this->_certificates) - 1];
124		- }
	112	+ /**
	113	+ * Get the end-entity certificate from the path.
	114	+ *
	115	+ * @throws \LogicException If path is empty
	116	+ * @return Certificate
	117	+ */
	118	+ public function endEntityCertificate(): Certificate
	119	+ {
	120	+ if (!count($this->_certificates)) {
	121	+ throw new \LogicException("No certificates.");
	122	+ }
	123	+ return $this->_certificates[count($this->_certificates) - 1];
	124	+ }
125	125
126		- /**
127		- * Get certification path as a certificate chain.
128		- *
129		- * @return CertificateChain
130		- */
131		- public function certificateChain(): CertificateChain
132		- {
133		- return new CertificateChain(
134		- ...array_reverse($this->_certificates, false));
135		- }
	126	+ /**
	127	+ * Get certification path as a certificate chain.
	128	+ *
	129	+ * @return CertificateChain
	130	+ */
	131	+ public function certificateChain(): CertificateChain
	132	+ {
	133	+ return new CertificateChain(
	134	+ ...array_reverse($this->_certificates, false));
	135	+ }
136	136
137		- /**
138		- * Check whether certification path starts with one ore more given
139		- * certificates in parameter order.
140		- *
141		- * @param Certificate ...$certs Certificates
142		- * @return true
143		- */
144		- public function startsWith(Certificate ...$certs): bool
145		- {
146		- $n = count($certs);
147		- if ($n > count($this->_certificates)) {
148		- return false;
149		- }
150		- for ($i = 0; $i < $n; ++$i) {
151		- if (!$certs[$i]->equals($this->_certificates[$i])) {
152		- return false;
153		- }
154		- }
155		- return true;
156		- }
	137	+ /**
	138	+ * Check whether certification path starts with one ore more given
	139	+ * certificates in parameter order.
	140	+ *
	141	+ * @param Certificate ...$certs Certificates
	142	+ * @return true
	143	+ */
	144	+ public function startsWith(Certificate ...$certs): bool
	145	+ {
	146	+ $n = count($certs);
	147	+ if ($n > count($this->_certificates)) {
	148	+ return false;
	149	+ }
	150	+ for ($i = 0; $i < $n; ++$i) {
	151	+ if (!$certs[$i]->equals($this->_certificates[$i])) {
	152	+ return false;
	153	+ }
	154	+ }
	155	+ return true;
	156	+ }
157	157
158		- /**
159		- * Validate certification path.
160		- *
161		- * @param PathValidationConfig $config
162		- * @param Crypto\|null $crypto Crypto engine, use default if not set
163		- * @throws Exception\PathValidationException
164		- * @return PathValidation\PathValidationResult
165		- */
166		- public function validate(PathValidationConfig $config, Crypto $crypto = null): PathValidation\PathValidationResult
167		- {
168		- $crypto = $crypto ?: Crypto::getDefault();
169		- $validator = new PathValidator($crypto, $config, ...$this->_certificates);
170		- return $validator->validate();
171		- }
	158	+ /**
	159	+ * Validate certification path.
	160	+ *
	161	+ * @param PathValidationConfig $config
	162	+ * @param Crypto\|null $crypto Crypto engine, use default if not set
	163	+ * @throws Exception\PathValidationException
	164	+ * @return PathValidation\PathValidationResult
	165	+ */
	166	+ public function validate(PathValidationConfig $config, Crypto $crypto = null): PathValidation\PathValidationResult
	167	+ {
	168	+ $crypto = $crypto ?: Crypto::getDefault();
	169	+ $validator = new PathValidator($crypto, $config, ...$this->_certificates);
	170	+ return $validator->validate();
	171	+ }
172	172
173		- /**
174		- *
175		- * @see \Countable::count()
176		- * @return int
177		- */
178		- public function count(): int
179		- {
180		- return count($this->_certificates);
181		- }
	173	+ /**
	174	+ *
	175	+ * @see \Countable::count()
	176	+ * @return int
	177	+ */
	178	+ public function count(): int
	179	+ {
	180	+ return count($this->_certificates);
	181	+ }
182	182
183		- /**
184		- * Get iterator for certificates.
185		- *
186		- * @see \IteratorAggregate::getIterator()
187		- * @return \ArrayIterator
188		- */
189		- public function getIterator(): \ArrayIterator
190		- {
191		- return new \ArrayIterator($this->_certificates);
192		- }
	183	+ /**
	184	+ * Get iterator for certificates.
	185	+ *
	186	+ * @see \IteratorAggregate::getIterator()
	187	+ * @return \ArrayIterator
	188	+ */
	189	+ public function getIterator(): \ArrayIterator
	190	+ {
	191	+ return new \ArrayIterator($this->_certificates);
	192	+ }
193	193	}

		@@ -14,274 +14,274 @@
		block discarded – undo
14	14	*/
15	15	class PathValidationConfig
16	16	{
17		- /**
18		- * Maximum allowed certification path length.
19		- *
20		- * @var int $_maxLength
21		- */
22		- protected $_maxLength;
	17	+ /**
	18	+ * Maximum allowed certification path length.
	19	+ *
	20	+ * @var int $_maxLength
	21	+ */
	22	+ protected $_maxLength;
23	23
24		- /**
25		- * Reference time.
26		- *
27		- * @var \DateTimeImmutable $_dateTime
28		- */
29		- protected $_dateTime;
	24	+ /**
	25	+ * Reference time.
	26	+ *
	27	+ * @var \DateTimeImmutable $_dateTime
	28	+ */
	29	+ protected $_dateTime;
30	30
31		- /**
32		- * List of acceptable policy identifiers.
33		- *
34		- * @var string[] $_policySet
35		- */
36		- protected $_policySet;
	31	+ /**
	32	+ * List of acceptable policy identifiers.
	33	+ *
	34	+ * @var string[] $_policySet
	35	+ */
	36	+ protected $_policySet;
37	37
38		- /**
39		- * Trust anchor certificate.
40		- *
41		- * If not set, path validation uses the first certificate of the path.
42		- *
43		- * @var Certificate\|null $_trustAnchor
44		- */
45		- protected $_trustAnchor;
	38	+ /**
	39	+ * Trust anchor certificate.
	40	+ *
	41	+ * If not set, path validation uses the first certificate of the path.
	42	+ *
	43	+ * @var Certificate\|null $_trustAnchor
	44	+ */
	45	+ protected $_trustAnchor;
46	46
47		- /**
48		- * Whether policy mapping in inhibited.
49		- *
50		- * Setting this to true disallows policy mapping.
51		- *
52		- * @var bool $_policyMappingInhibit
53		- */
54		- protected $_policyMappingInhibit;
	47	+ /**
	48	+ * Whether policy mapping in inhibited.
	49	+ *
	50	+ * Setting this to true disallows policy mapping.
	51	+ *
	52	+ * @var bool $_policyMappingInhibit
	53	+ */
	54	+ protected $_policyMappingInhibit;
55	55
56		- /**
57		- * Whether the path must be valid for at least one policy in the
58		- * initial policy set.
59		- *
60		- * @var bool $_explicitPolicy
61		- */
62		- protected $_explicitPolicy;
	56	+ /**
	57	+ * Whether the path must be valid for at least one policy in the
	58	+ * initial policy set.
	59	+ *
	60	+ * @var bool $_explicitPolicy
	61	+ */
	62	+ protected $_explicitPolicy;
63	63
64		- /**
65		- * Whether anyPolicy OID processing should be inhibited.
66		- *
67		- * Setting this to true disallows the usage of anyPolicy.
68		- *
69		- * @var bool $_anyPolicyInhibit
70		- */
71		- protected $_anyPolicyInhibit;
	64	+ /**
	65	+ * Whether anyPolicy OID processing should be inhibited.
	66	+ *
	67	+ * Setting this to true disallows the usage of anyPolicy.
	68	+ *
	69	+ * @var bool $_anyPolicyInhibit
	70	+ */
	71	+ protected $_anyPolicyInhibit;
72	72
73		- /**
74		- *
75		- * @todo Implement
76		- * @var mixed $_permittedSubtrees
77		- */
78		- protected $_permittedSubtrees;
	73	+ /**
	74	+ *
	75	+ * @todo Implement
	76	+ * @var mixed $_permittedSubtrees
	77	+ */
	78	+ protected $_permittedSubtrees;
79	79
80		- /**
81		- *
82		- * @todo Implement
83		- * @var mixed $_excludedSubtrees
84		- */
85		- protected $_excludedSubtrees;
	80	+ /**
	81	+ *
	82	+ * @todo Implement
	83	+ * @var mixed $_excludedSubtrees
	84	+ */
	85	+ protected $_excludedSubtrees;
86	86
87		- /**
88		- * Constructor.
89		- *
90		- * @param \DateTimeImmutable $dt Reference date and time
91		- * @param int $max_length Maximum certification path length
92		- */
93		- public function __construct(\DateTimeImmutable $dt, int $max_length)
94		- {
95		- $this->_dateTime = $dt;
96		- $this->_maxLength = (int) $max_length;
97		- $this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
98		- $this->_policyMappingInhibit = false;
99		- $this->_explicitPolicy = false;
100		- $this->_anyPolicyInhibit = false;
101		- }
	87	+ /**
	88	+ * Constructor.
	89	+ *
	90	+ * @param \DateTimeImmutable $dt Reference date and time
	91	+ * @param int $max_length Maximum certification path length
	92	+ */
	93	+ public function __construct(\DateTimeImmutable $dt, int $max_length)
	94	+ {
	95	+ $this->_dateTime = $dt;
	96	+ $this->_maxLength = (int) $max_length;
	97	+ $this->_policySet = array((string) PolicyInformation::OID_ANY_POLICY);
	98	+ $this->_policyMappingInhibit = false;
	99	+ $this->_explicitPolicy = false;
	100	+ $this->_anyPolicyInhibit = false;
	101	+ }
102	102
103		- /**
104		- * Get default configuration.
105		- *
106		- * @return self
107		- */
108		- public static function defaultConfig(): self
109		- {
110		- return new self(new \DateTimeImmutable(), 3);
111		- }
	103	+ /**
	104	+ * Get default configuration.
	105	+ *
	106	+ * @return self
	107	+ */
	108	+ public static function defaultConfig(): self
	109	+ {
	110	+ return new self(new \DateTimeImmutable(), 3);
	111	+ }
112	112
113		- /**
114		- * Get self with maximum path length.
115		- *
116		- * @param int $length
117		- * @return self
118		- */
119		- public function withMaxLength(int $length): self
120		- {
121		- $obj = clone $this;
122		- $obj->_maxLength = $length;
123		- return $obj;
124		- }
	113	+ /**
	114	+ * Get self with maximum path length.
	115	+ *
	116	+ * @param int $length
	117	+ * @return self
	118	+ */
	119	+ public function withMaxLength(int $length): self
	120	+ {
	121	+ $obj = clone $this;
	122	+ $obj->_maxLength = $length;
	123	+ return $obj;
	124	+ }
125	125
126		- /**
127		- * Get self with reference date and time.
128		- *
129		- * @param \DateTimeImmutable $dt
130		- * @return self
131		- */
132		- public function withDateTime(\DateTimeImmutable $dt): self
133		- {
134		- $obj = clone $this;
135		- $obj->_dateTime = $dt;
136		- return $obj;
137		- }
	126	+ /**
	127	+ * Get self with reference date and time.
	128	+ *
	129	+ * @param \DateTimeImmutable $dt
	130	+ * @return self
	131	+ */
	132	+ public function withDateTime(\DateTimeImmutable $dt): self
	133	+ {
	134	+ $obj = clone $this;
	135	+ $obj->_dateTime = $dt;
	136	+ return $obj;
	137	+ }
138	138
139		- /**
140		- * Get self with trust anchor certificate.
141		- *
142		- * @param Certificate $ca
143		- * @return self
144		- */
145		- public function withTrustAnchor(Certificate $ca): self
146		- {
147		- $obj = clone $this;
148		- $obj->_trustAnchor = $ca;
149		- return $obj;
150		- }
	139	+ /**
	140	+ * Get self with trust anchor certificate.
	141	+ *
	142	+ * @param Certificate $ca
	143	+ * @return self
	144	+ */
	145	+ public function withTrustAnchor(Certificate $ca): self
	146	+ {
	147	+ $obj = clone $this;
	148	+ $obj->_trustAnchor = $ca;
	149	+ return $obj;
	150	+ }
151	151
152		- /**
153		- * Get self with initial-policy-mapping-inhibit set.
154		- *
155		- * @param bool $flag
156		- * @return self
157		- */
158		- public function withPolicyMappingInhibit(bool $flag): self
159		- {
160		- $obj = clone $this;
161		- $obj->_policyMappingInhibit = $flag;
162		- return $obj;
163		- }
	152	+ /**
	153	+ * Get self with initial-policy-mapping-inhibit set.
	154	+ *
	155	+ * @param bool $flag
	156	+ * @return self
	157	+ */
	158	+ public function withPolicyMappingInhibit(bool $flag): self
	159	+ {
	160	+ $obj = clone $this;
	161	+ $obj->_policyMappingInhibit = $flag;
	162	+ return $obj;
	163	+ }
164	164
165		- /**
166		- * Get self with initial-explicit-policy set.
167		- *
168		- * @param bool $flag
169		- * @return self
170		- */
171		- public function withExplicitPolicy(bool $flag): self
172		- {
173		- $obj = clone $this;
174		- $obj->_explicitPolicy = $flag;
175		- return $obj;
176		- }
	165	+ /**
	166	+ * Get self with initial-explicit-policy set.
	167	+ *
	168	+ * @param bool $flag
	169	+ * @return self
	170	+ */
	171	+ public function withExplicitPolicy(bool $flag): self
	172	+ {
	173	+ $obj = clone $this;
	174	+ $obj->_explicitPolicy = $flag;
	175	+ return $obj;
	176	+ }
177	177
178		- /**
179		- * Get self with initial-any-policy-inhibit set.
180		- *
181		- * @param bool $flag
182		- * @return self
183		- */
184		- public function withAnyPolicyInhibit(bool $flag): self
185		- {
186		- $obj = clone $this;
187		- $obj->_anyPolicyInhibit = $flag;
188		- return $obj;
189		- }
	178	+ /**
	179	+ * Get self with initial-any-policy-inhibit set.
	180	+ *
	181	+ * @param bool $flag
	182	+ * @return self
	183	+ */
	184	+ public function withAnyPolicyInhibit(bool $flag): self
	185	+ {
	186	+ $obj = clone $this;
	187	+ $obj->_anyPolicyInhibit = $flag;
	188	+ return $obj;
	189	+ }
190	190
191		- /**
192		- * Get self with user-initial-policy-set set to policy OIDs.
193		- *
194		- * @param string ...$policies List of policy OIDs
195		- * @return self
196		- */
197		- public function withPolicySet(string ...$policies): self
198		- {
199		- $obj = clone $this;
200		- $obj->_policySet = $policies;
201		- return $obj;
202		- }
	191	+ /**
	192	+ * Get self with user-initial-policy-set set to policy OIDs.
	193	+ *
	194	+ * @param string ...$policies List of policy OIDs
	195	+ * @return self
	196	+ */
	197	+ public function withPolicySet(string ...$policies): self
	198	+ {
	199	+ $obj = clone $this;
	200	+ $obj->_policySet = $policies;
	201	+ return $obj;
	202	+ }
203	203
204		- /**
205		- * Get maximum certification path length.
206		- *
207		- * @return int
208		- */
209		- public function maxLength(): int
210		- {
211		- return $this->_maxLength;
212		- }
	204	+ /**
	205	+ * Get maximum certification path length.
	206	+ *
	207	+ * @return int
	208	+ */
	209	+ public function maxLength(): int
	210	+ {
	211	+ return $this->_maxLength;
	212	+ }
213	213
214		- /**
215		- * Get reference date and time.
216		- *
217		- * @return \DateTimeImmutable
218		- */
219		- public function dateTime(): \DateTimeImmutable
220		- {
221		- return $this->_dateTime;
222		- }
	214	+ /**
	215	+ * Get reference date and time.
	216	+ *
	217	+ * @return \DateTimeImmutable
	218	+ */
	219	+ public function dateTime(): \DateTimeImmutable
	220	+ {
	221	+ return $this->_dateTime;
	222	+ }
223	223
224		- /**
225		- * Get user-initial-policy-set.
226		- *
227		- * @return string[] Array of OID's
228		- */
229		- public function policySet(): array
230		- {
231		- return $this->_policySet;
232		- }
	224	+ /**
	225	+ * Get user-initial-policy-set.
	226	+ *
	227	+ * @return string[] Array of OID's
	228	+ */
	229	+ public function policySet(): array
	230	+ {
	231	+ return $this->_policySet;
	232	+ }
233	233
234		- /**
235		- * Check whether trust anchor certificate is set.
236		- *
237		- * @return bool
238		- */
239		- public function hasTrustAnchor(): bool
240		- {
241		- return isset($this->_trustAnchor);
242		- }
	234	+ /**
	235	+ * Check whether trust anchor certificate is set.
	236	+ *
	237	+ * @return bool
	238	+ */
	239	+ public function hasTrustAnchor(): bool
	240	+ {
	241	+ return isset($this->_trustAnchor);
	242	+ }
243	243
244		- /**
245		- * Get trust anchor certificate.
246		- *
247		- * @throws \LogicException
248		- * @return Certificate
249		- */
250		- public function trustAnchor(): Certificate
251		- {
252		- if (!$this->hasTrustAnchor()) {
253		- throw new \LogicException("No trust anchor.");
254		- }
255		- return $this->_trustAnchor;
256		- }
	244	+ /**
	245	+ * Get trust anchor certificate.
	246	+ *
	247	+ * @throws \LogicException
	248	+ * @return Certificate
	249	+ */
	250	+ public function trustAnchor(): Certificate
	251	+ {
	252	+ if (!$this->hasTrustAnchor()) {
	253	+ throw new \LogicException("No trust anchor.");
	254	+ }
	255	+ return $this->_trustAnchor;
	256	+ }
257	257
258		- /**
259		- * Get initial-policy-mapping-inhibit.
260		- *
261		- * @return bool
262		- */
263		- public function policyMappingInhibit(): bool
264		- {
265		- return $this->_policyMappingInhibit;
266		- }
	258	+ /**
	259	+ * Get initial-policy-mapping-inhibit.
	260	+ *
	261	+ * @return bool
	262	+ */
	263	+ public function policyMappingInhibit(): bool
	264	+ {
	265	+ return $this->_policyMappingInhibit;
	266	+ }
267	267
268		- /**
269		- * Get initial-explicit-policy.
270		- *
271		- * @return bool
272		- */
273		- public function explicitPolicy(): bool
274		- {
275		- return $this->_explicitPolicy;
276		- }
	268	+ /**
	269	+ * Get initial-explicit-policy.
	270	+ *
	271	+ * @return bool
	272	+ */
	273	+ public function explicitPolicy(): bool
	274	+ {
	275	+ return $this->_explicitPolicy;
	276	+ }
277	277
278		- /**
279		- * Get initial-any-policy-inhibit.
280		- *
281		- * @return bool
282		- */
283		- public function anyPolicyInhibit(): bool
284		- {
285		- return $this->_anyPolicyInhibit;
286		- }
	278	+ /**
	279	+ * Get initial-any-policy-inhibit.
	280	+ *
	281	+ * @return bool
	282	+ */
	283	+ public function anyPolicyInhibit(): bool
	284	+ {
	285	+ return $this->_anyPolicyInhibit;
	286	+ }
287	287	}

		@@ -20,92 +20,92 @@
		block discarded – undo
20	20	*/
21	21	class ObjectDigestInfo
22	22	{
23		- const TYPE_PUBLIC_KEY = 0;
24		- const TYPE_PUBLIC_KEY_CERT = 1;
25		- const TYPE_OTHER_OBJECT_TYPES = 2;
	23	+ const TYPE_PUBLIC_KEY = 0;
	24	+ const TYPE_PUBLIC_KEY_CERT = 1;
	25	+ const TYPE_OTHER_OBJECT_TYPES = 2;
26	26
27		- /**
28		- * Object type.
29		- *
30		- * @var int $_digestedObjectType
31		- */
32		- protected $_digestedObjectType;
	27	+ /**
	28	+ * Object type.
	29	+ *
	30	+ * @var int $_digestedObjectType
	31	+ */
	32	+ protected $_digestedObjectType;
33	33
34		- /**
35		- * OID of other object type.
36		- *
37		- * @var string\|null $_otherObjectTypeID
38		- */
39		- protected $_otherObjectTypeID;
	34	+ /**
	35	+ * OID of other object type.
	36	+ *
	37	+ * @var string\|null $_otherObjectTypeID
	38	+ */
	39	+ protected $_otherObjectTypeID;
40	40
41		- /**
42		- * Digest algorithm.
43		- *
44		- * @var AlgorithmIdentifierType $_digestAlgorithm
45		- */
46		- protected $_digestAlgorithm;
	41	+ /**
	42	+ * Digest algorithm.
	43	+ *
	44	+ * @var AlgorithmIdentifierType $_digestAlgorithm
	45	+ */
	46	+ protected $_digestAlgorithm;
47	47
48		- /**
49		- * Object digest.
50		- *
51		- * @var BitString $_objectDigest
52		- */
53		- protected $_objectDigest;
	48	+ /**
	49	+ * Object digest.
	50	+ *
	51	+ * @var BitString $_objectDigest
	52	+ */
	53	+ protected $_objectDigest;
54	54
55		- /**
56		- * Constructor.
57		- *
58		- * @param int $type
59		- * @param AlgorithmIdentifierType $algo
60		- * @param BitString $digest
61		- */
62		- public function __construct(int $type, AlgorithmIdentifierType $algo,
63		- BitString $digest)
64		- {
65		- $this->_digestedObjectType = $type;
66		- $this->_otherObjectTypeID = null;
67		- $this->_digestAlgorithm = $algo;
68		- $this->_objectDigest = $digest;
69		- }
	55	+ /**
	56	+ * Constructor.
	57	+ *
	58	+ * @param int $type
	59	+ * @param AlgorithmIdentifierType $algo
	60	+ * @param BitString $digest
	61	+ */
	62	+ public function __construct(int $type, AlgorithmIdentifierType $algo,
	63	+ BitString $digest)
	64	+ {
	65	+ $this->_digestedObjectType = $type;
	66	+ $this->_otherObjectTypeID = null;
	67	+ $this->_digestAlgorithm = $algo;
	68	+ $this->_objectDigest = $digest;
	69	+ }
70	70
71		- /**
72		- * Initialize from ASN.1.
73		- *
74		- * @param Sequence $seq
75		- * @return self
76		- */
77		- public static function fromASN1(Sequence $seq): self
78		- {
79		- $type = $seq->at(0)
80		- ->asEnumerated()
81		- ->intNumber();
82		- $oid = null;
83		- $idx = 1;
84		- if ($seq->has($idx, Element::TYPE_OBJECT_IDENTIFIER)) {
85		- $oid = $seq->at($idx++)
86		- ->asObjectIdentifier()
87		- ->oid();
88		- }
89		- $algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
90		- $digest = $seq->at($idx)->asBitString();
91		- $obj = new self($type, $algo, $digest);
92		- $obj->_otherObjectTypeID = $oid;
93		- return $obj;
94		- }
	71	+ /**
	72	+ * Initialize from ASN.1.
	73	+ *
	74	+ * @param Sequence $seq
	75	+ * @return self
	76	+ */
	77	+ public static function fromASN1(Sequence $seq): self
	78	+ {
	79	+ $type = $seq->at(0)
	80	+ ->asEnumerated()
	81	+ ->intNumber();
	82	+ $oid = null;
	83	+ $idx = 1;
	84	+ if ($seq->has($idx, Element::TYPE_OBJECT_IDENTIFIER)) {
	85	+ $oid = $seq->at($idx++)
	86	+ ->asObjectIdentifier()
	87	+ ->oid();
	88	+ }
	89	+ $algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
	90	+ $digest = $seq->at($idx)->asBitString();
	91	+ $obj = new self($type, $algo, $digest);
	92	+ $obj->_otherObjectTypeID = $oid;
	93	+ return $obj;
	94	+ }
95	95
96		- /**
97		- * Generate ASN.1 structure.
98		- *
99		- * @return Sequence
100		- */
101		- public function toASN1(): Sequence
102		- {
103		- $elements = array(new Enumerated($this->_digestedObjectType));
104		- if (isset($this->_otherObjectTypeID)) {
105		- $elements[] = new ObjectIdentifier($this->_otherObjectTypeID);
106		- }
107		- $elements[] = $this->_digestAlgorithm->toASN1();
108		- $elements[] = $this->_objectDigest;
109		- return new Sequence(...$elements);
110		- }
	96	+ /**
	97	+ * Generate ASN.1 structure.
	98	+ *
	99	+ * @return Sequence
	100	+ */
	101	+ public function toASN1(): Sequence
	102	+ {
	103	+ $elements = array(new Enumerated($this->_digestedObjectType));
	104	+ if (isset($this->_otherObjectTypeID)) {
	105	+ $elements[] = new ObjectIdentifier($this->_otherObjectTypeID);
	106	+ }
	107	+ $elements[] = $this->_digestAlgorithm->toASN1();
	108	+ $elements[] = $this->_objectDigest;
	109	+ return new Sequence(...$elements);
	110	+ }
111	111	}

		@@ -19,144 +19,144 @@
		block discarded – undo
19	19	*/
20	20	class V2Form extends AttCertIssuer
21	21	{
22		- /**
23		- * Issuer name.
24		- *
25		- * @var GeneralNames $_issuerName
26		- */
27		- protected $_issuerName;
	22	+ /**
	23	+ * Issuer name.
	24	+ *
	25	+ * @var GeneralNames $_issuerName
	26	+ */
	27	+ protected $_issuerName;
28	28
29		- /**
30		- * Issuer PKC's issuer and serial.
31		- *
32		- * @var IssuerSerial $_baseCertificateID
33		- */
34		- protected $_baseCertificateID;
	29	+ /**
	30	+ * Issuer PKC's issuer and serial.
	31	+ *
	32	+ * @var IssuerSerial $_baseCertificateID
	33	+ */
	34	+ protected $_baseCertificateID;
35	35
36		- /**
37		- * Linked object.
38		- *
39		- * @var ObjectDigestInfo $_objectDigestInfo
40		- */
41		- protected $_objectDigestInfo;
	36	+ /**
	37	+ * Linked object.
	38	+ *
	39	+ * @var ObjectDigestInfo $_objectDigestInfo
	40	+ */
	41	+ protected $_objectDigestInfo;
42	42
43		- /**
44		- * Constructor.
45		- *
46		- * @param GeneralNames\|null $names
47		- */
48		- public function __construct(GeneralNames $names = null)
49		- {
50		- $this->_issuerName = $names;
51		- $this->_baseCertificateID = null;
52		- $this->_objectDigestInfo = null;
53		- }
	43	+ /**
	44	+ * Constructor.
	45	+ *
	46	+ * @param GeneralNames\|null $names
	47	+ */
	48	+ public function __construct(GeneralNames $names = null)
	49	+ {
	50	+ $this->_issuerName = $names;
	51	+ $this->_baseCertificateID = null;
	52	+ $this->_objectDigestInfo = null;
	53	+ }
54	54
55		- /**
56		- * Initialize from ASN.1.
57		- *
58		- * @param Sequence $seq
59		- * @return self
60		- */
61		- public static function fromV2ASN1(Sequence $seq): self
62		- {
63		- $issuer = null;
64		- $cert_id = null;
65		- $digest_info = null;
66		- if ($seq->has(0, Element::TYPE_SEQUENCE)) {
67		- $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
68		- }
69		- if ($seq->hasTagged(0)) {
70		- $cert_id = IssuerSerial::fromASN1(
71		- $seq->getTagged(0)
72		- ->asImplicit(Element::TYPE_SEQUENCE)
73		- ->asSequence());
74		- }
75		- if ($seq->hasTagged(1)) {
76		- $digest_info = ObjectDigestInfo::fromASN1(
77		- $seq->getTagged(1)
78		- ->asImplicit(Element::TYPE_SEQUENCE)
79		- ->asSequence());
80		- }
81		- $obj = new self($issuer);
82		- $obj->_baseCertificateID = $cert_id;
83		- $obj->_objectDigestInfo = $digest_info;
84		- return $obj;
85		- }
	55	+ /**
	56	+ * Initialize from ASN.1.
	57	+ *
	58	+ * @param Sequence $seq
	59	+ * @return self
	60	+ */
	61	+ public static function fromV2ASN1(Sequence $seq): self
	62	+ {
	63	+ $issuer = null;
	64	+ $cert_id = null;
	65	+ $digest_info = null;
	66	+ if ($seq->has(0, Element::TYPE_SEQUENCE)) {
	67	+ $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
	68	+ }
	69	+ if ($seq->hasTagged(0)) {
	70	+ $cert_id = IssuerSerial::fromASN1(
	71	+ $seq->getTagged(0)
	72	+ ->asImplicit(Element::TYPE_SEQUENCE)
	73	+ ->asSequence());
	74	+ }
	75	+ if ($seq->hasTagged(1)) {
	76	+ $digest_info = ObjectDigestInfo::fromASN1(
	77	+ $seq->getTagged(1)
	78	+ ->asImplicit(Element::TYPE_SEQUENCE)
	79	+ ->asSequence());
	80	+ }
	81	+ $obj = new self($issuer);
	82	+ $obj->_baseCertificateID = $cert_id;
	83	+ $obj->_objectDigestInfo = $digest_info;
	84	+ return $obj;
	85	+ }
86	86
87		- /**
88		- * Check whether issuer name is set.
89		- *
90		- * @return bool
91		- */
92		- public function hasIssuerName(): bool
93		- {
94		- return isset($this->_issuerName);
95		- }
	87	+ /**
	88	+ * Check whether issuer name is set.
	89	+ *
	90	+ * @return bool
	91	+ */
	92	+ public function hasIssuerName(): bool
	93	+ {
	94	+ return isset($this->_issuerName);
	95	+ }
96	96
97		- /**
98		- * Get issuer name.
99		- *
100		- * @throws \LogicException
101		- * @return GeneralNames
102		- */
103		- public function issuerName(): GeneralNames
104		- {
105		- if (!$this->hasIssuerName()) {
106		- throw new \LogicException("issuerName not set.");
107		- }
108		- return $this->_issuerName;
109		- }
	97	+ /**
	98	+ * Get issuer name.
	99	+ *
	100	+ * @throws \LogicException
	101	+ * @return GeneralNames
	102	+ */
	103	+ public function issuerName(): GeneralNames
	104	+ {
	105	+ if (!$this->hasIssuerName()) {
	106	+ throw new \LogicException("issuerName not set.");
	107	+ }
	108	+ return $this->_issuerName;
	109	+ }
110	110
111		- /**
112		- * Get DN of the issuer.
113		- *
114		- * This is a convenience method conforming to RFC 5755, which states
115		- * that Issuer must contain only one non-empty distinguished name.
116		- *
117		- * @return \X501\ASN1\Name
118		- */
119		- public function name(): Name
120		- {
121		- return $this->issuerName()->firstDN();
122		- }
	111	+ /**
	112	+ * Get DN of the issuer.
	113	+ *
	114	+ * This is a convenience method conforming to RFC 5755, which states
	115	+ * that Issuer must contain only one non-empty distinguished name.
	116	+ *
	117	+ * @return \X501\ASN1\Name
	118	+ */
	119	+ public function name(): Name
	120	+ {
	121	+ return $this->issuerName()->firstDN();
	122	+ }
123	123
124		- /**
125		- *
126		- * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
127		- * @return ImplicitlyTaggedType Tagged Sequence
128		- */
129		- public function toASN1(): TaggedType
130		- {
131		- $elements = array();
132		- if (isset($this->_issuerName)) {
133		- $elements[] = $this->_issuerName->toASN1();
134		- }
135		- if (isset($this->_baseCertificateID)) {
136		- $elements[] = new ImplicitlyTaggedType(0,
137		- $this->_baseCertificateID->toASN1());
138		- }
139		- if (isset($this->_objectDigestInfo)) {
140		- $elements[] = new ImplicitlyTaggedType(1,
141		- $this->_objectDigestInfo->toASN1());
142		- }
143		- return new ImplicitlyTaggedType(0, new Sequence(...$elements));
144		- }
	124	+ /**
	125	+ *
	126	+ * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
	127	+ * @return ImplicitlyTaggedType Tagged Sequence
	128	+ */
	129	+ public function toASN1(): TaggedType
	130	+ {
	131	+ $elements = array();
	132	+ if (isset($this->_issuerName)) {
	133	+ $elements[] = $this->_issuerName->toASN1();
	134	+ }
	135	+ if (isset($this->_baseCertificateID)) {
	136	+ $elements[] = new ImplicitlyTaggedType(0,
	137	+ $this->_baseCertificateID->toASN1());
	138	+ }
	139	+ if (isset($this->_objectDigestInfo)) {
	140	+ $elements[] = new ImplicitlyTaggedType(1,
	141	+ $this->_objectDigestInfo->toASN1());
	142	+ }
	143	+ return new ImplicitlyTaggedType(0, new Sequence(...$elements));
	144	+ }
145	145
146		- /**
147		- *
148		- * {@inheritdoc}
149		- * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
150		- * @return bool
151		- */
152		- public function identifiesPKC(Certificate $cert): bool
153		- {
154		- $name = $this->_issuerName->firstDN();
155		- if (!$cert->tbsCertificate()
156		- ->subject()
157		- ->equals($name)) {
158		- return false;
159		- }
160		- return true;
161		- }
	146	+ /**
	147	+ *
	148	+ * {@inheritdoc}
	149	+ * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
	150	+ * @return bool
	151	+ */
	152	+ public function identifiesPKC(Certificate $cert): bool
	153	+ {
	154	+ $name = $this->_issuerName->firstDN();
	155	+ if (!$cert->tbsCertificate()
	156	+ ->subject()
	157	+ ->equals($name)) {
	158	+ return false;
	159	+ }
	160	+ return true;
	161	+ }
162	162	}

		@@ -23,155 +23,155 @@
		block discarded – undo
23	23	*/
24	24	class RoleAttributeValue extends AttributeValue
25	25	{
26		- /**
27		- * Issuing authority.
28		- *
29		- * @var GeneralNames $_roleAuthority
30		- */
31		- protected $_roleAuthority;
	26	+ /**
	27	+ * Issuing authority.
	28	+ *
	29	+ * @var GeneralNames $_roleAuthority
	30	+ */
	31	+ protected $_roleAuthority;
32	32
33		- /**
34		- * Role name.
35		- *
36		- * @var GeneralName $_roleName
37		- */
38		- protected $_roleName;
	33	+ /**
	34	+ * Role name.
	35	+ *
	36	+ * @var GeneralName $_roleName
	37	+ */
	38	+ protected $_roleName;
39	39
40		- /**
41		- * Constructor.
42		- *
43		- * @param GeneralName $name Role name
44		- * @param GeneralNames\|null $authority Issuing authority
45		- */
46		- public function __construct(GeneralName $name, GeneralNames $authority = null)
47		- {
48		- $this->_roleAuthority = $authority;
49		- $this->_roleName = $name;
50		- $this->_oid = AttributeType::OID_ROLE;
51		- }
	40	+ /**
	41	+ * Constructor.
	42	+ *
	43	+ * @param GeneralName $name Role name
	44	+ * @param GeneralNames\|null $authority Issuing authority
	45	+ */
	46	+ public function __construct(GeneralName $name, GeneralNames $authority = null)
	47	+ {
	48	+ $this->_roleAuthority = $authority;
	49	+ $this->_roleName = $name;
	50	+ $this->_oid = AttributeType::OID_ROLE;
	51	+ }
52	52
53		- /**
54		- * Initialize from a role string.
55		- *
56		- * @param string $role_name Role name in URI format
57		- * @param GeneralNames\|null $authority Issuing authority
58		- * @return self
59		- */
60		- public static function fromString(string $role_name,
61		- GeneralNames $authority = null): self
62		- {
63		- return new self(new UniformResourceIdentifier($role_name), $authority);
64		- }
	53	+ /**
	54	+ * Initialize from a role string.
	55	+ *
	56	+ * @param string $role_name Role name in URI format
	57	+ * @param GeneralNames\|null $authority Issuing authority
	58	+ * @return self
	59	+ */
	60	+ public static function fromString(string $role_name,
	61	+ GeneralNames $authority = null): self
	62	+ {
	63	+ return new self(new UniformResourceIdentifier($role_name), $authority);
	64	+ }
65	65
66		- /**
67		- *
68		- * @param UnspecifiedType $el
69		- * @return self
70		- */
71		- public static function fromASN1(UnspecifiedType $el): self
72		- {
73		- $seq = $el->asSequence();
74		- $authority = null;
75		- if ($seq->hasTagged(0)) {
76		- $authority = GeneralNames::fromASN1(
77		- $seq->getTagged(0)
78		- ->asImplicit(Element::TYPE_SEQUENCE)
79		- ->asSequence());
80		- }
81		- $name = GeneralName::fromASN1(
82		- $seq->getTagged(1)
83		- ->asExplicit()
84		- ->asTagged());
85		- return new self($name, $authority);
86		- }
	66	+ /**
	67	+ *
	68	+ * @param UnspecifiedType $el
	69	+ * @return self
	70	+ */
	71	+ public static function fromASN1(UnspecifiedType $el): self
	72	+ {
	73	+ $seq = $el->asSequence();
	74	+ $authority = null;
	75	+ if ($seq->hasTagged(0)) {
	76	+ $authority = GeneralNames::fromASN1(
	77	+ $seq->getTagged(0)
	78	+ ->asImplicit(Element::TYPE_SEQUENCE)
	79	+ ->asSequence());
	80	+ }
	81	+ $name = GeneralName::fromASN1(
	82	+ $seq->getTagged(1)
	83	+ ->asExplicit()
	84	+ ->asTagged());
	85	+ return new self($name, $authority);
	86	+ }
87	87
88		- /**
89		- * Check whether issuing authority is present.
90		- *
91		- * @return bool
92		- */
93		- public function hasRoleAuthority(): bool
94		- {
95		- return isset($this->_roleAuthority);
96		- }
	88	+ /**
	89	+ * Check whether issuing authority is present.
	90	+ *
	91	+ * @return bool
	92	+ */
	93	+ public function hasRoleAuthority(): bool
	94	+ {
	95	+ return isset($this->_roleAuthority);
	96	+ }
97	97
98		- /**
99		- * Get issuing authority.
100		- *
101		- * @throws \LogicException
102		- * @return GeneralNames
103		- */
104		- public function roleAuthority(): GeneralNames
105		- {
106		- if (!$this->hasRoleAuthority()) {
107		- throw new \LogicException("roleAuthority not set.");
108		- }
109		- return $this->_roleAuthority;
110		- }
	98	+ /**
	99	+ * Get issuing authority.
	100	+ *
	101	+ * @throws \LogicException
	102	+ * @return GeneralNames
	103	+ */
	104	+ public function roleAuthority(): GeneralNames
	105	+ {
	106	+ if (!$this->hasRoleAuthority()) {
	107	+ throw new \LogicException("roleAuthority not set.");
	108	+ }
	109	+ return $this->_roleAuthority;
	110	+ }
111	111
112		- /**
113		- * Get role name.
114		- *
115		- * @return GeneralName
116		- */
117		- public function roleName(): GeneralName
118		- {
119		- return $this->_roleName;
120		- }
	112	+ /**
	113	+ * Get role name.
	114	+ *
	115	+ * @return GeneralName
	116	+ */
	117	+ public function roleName(): GeneralName
	118	+ {
	119	+ return $this->_roleName;
	120	+ }
121	121
122		- /**
123		- *
124		- * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
125		- * @return Sequence
126		- */
127		- public function toASN1(): Sequence
128		- {
129		- $elements = array();
130		- if (isset($this->_roleAuthority)) {
131		- $elements[] = new ImplicitlyTaggedType(0,
132		- $this->_roleAuthority->toASN1());
133		- }
134		- $elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
135		- return new Sequence(...$elements);
136		- }
	122	+ /**
	123	+ *
	124	+ * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
	125	+ * @return Sequence
	126	+ */
	127	+ public function toASN1(): Sequence
	128	+ {
	129	+ $elements = array();
	130	+ if (isset($this->_roleAuthority)) {
	131	+ $elements[] = new ImplicitlyTaggedType(0,
	132	+ $this->_roleAuthority->toASN1());
	133	+ }
	134	+ $elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
	135	+ return new Sequence(...$elements);
	136	+ }
137	137
138		- /**
139		- *
140		- * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
141		- * @return string
142		- */
143		- public function stringValue(): string
144		- {
145		- return "#" . bin2hex($this->toASN1()->toDER());
146		- }
	138	+ /**
	139	+ *
	140	+ * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
	141	+ * @return string
	142	+ */
	143	+ public function stringValue(): string
	144	+ {
	145	+ return "#" . bin2hex($this->toASN1()->toDER());
	146	+ }
147	147
148		- /**
149		- *
150		- * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
151		- * @return BinaryMatch
152		- */
153		- public function equalityMatchingRule(): BinaryMatch
154		- {
155		- return new BinaryMatch();
156		- }
	148	+ /**
	149	+ *
	150	+ * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
	151	+ * @return BinaryMatch
	152	+ */
	153	+ public function equalityMatchingRule(): BinaryMatch
	154	+ {
	155	+ return new BinaryMatch();
	156	+ }
157	157
158		- /**
159		- *
160		- * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
161		- * @return string
162		- */
163		- public function rfc2253String(): string
164		- {
165		- return $this->stringValue();
166		- }
	158	+ /**
	159	+ *
	160	+ * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
	161	+ * @return string
	162	+ */
	163	+ public function rfc2253String(): string
	164	+ {
	165	+ return $this->stringValue();
	166	+ }
167	167
168		- /**
169		- *
170		- * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
171		- * @return string
172		- */
173		- protected function _transcodedString(): string
174		- {
175		- return $this->stringValue();
176		- }
	168	+ /**
	169	+ *
	170	+ * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
	171	+ * @return string
	172	+ */
	173	+ protected function _transcodedString(): string
	174	+ {
	175	+ return $this->stringValue();
	176	+ }
177	177	}

sop / x509

GitHub Access Token became invalid

Push — master ( 584877...f7ba31 )

Status

Category

Indentation +123 added lines, -123 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +238 added lines, -238 removed lines patch added patch discarded remove patch

Indentation +393 added lines, -393 removed lines patch added patch discarded remove patch

Indentation +155 added lines, -155 removed lines patch added patch discarded remove patch

Indentation +245 added lines, -245 removed lines patch added patch discarded remove patch

Indentation +480 added lines, -480 removed lines patch added patch discarded remove patch

Indentation +81 added lines, -81 removed lines patch added patch discarded remove patch

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

Indentation +139 added lines, -139 removed lines patch added patch discarded remove patch