sop / x509

lib/X509/AttributeCertificate/Attribute/GroupAttributeValue.php

Indentation +11 added lines, -11 removed lines

@@ -11,16 +11,16 @@
  */
 class GroupAttributeValue extends IetfAttrSyntax
 {
-    const OID = "1.3.6.1.5.5.7.10.4";
+	const OID = "1.3.6.1.5.5.7.10.4";
     
-    /**
-     * Constructor.
-     *
-     * @param IetfAttrValue[] $values
-     */
-    public function __construct(IetfAttrValue ...$values)
-    {
-        parent::__construct(...$values);
-        $this->_oid = self::OID;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param IetfAttrValue[] $values
+	 */
+	public function __construct(IetfAttrValue ...$values)
+	{
+		parent::__construct(...$values);
+		$this->_oid = self::OID;
+	}
 }

lib/X509/AttributeCertificate/Attribute/ChargingIdentityAttributeValue.php

Indentation +11 added lines, -11 removed lines

@@ -11,16 +11,16 @@
  */
 class ChargingIdentityAttributeValue extends IetfAttrSyntax
 {
-    const OID = "1.3.6.1.5.5.7.10.3";
+	const OID = "1.3.6.1.5.5.7.10.3";
     
-    /**
-     * Constructor.
-     *
-     * @param IetfAttrValue[] $values
-     */
-    public function __construct(IetfAttrValue ...$values)
-    {
-        parent::__construct(...$values);
-        $this->_oid = self::OID;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param IetfAttrValue[] $values
+	 */
+	public function __construct(IetfAttrValue ...$values)
+	{
+		parent::__construct(...$values);
+		$this->_oid = self::OID;
+	}
 }

lib/X509/Certificate/Extension/FreshestCRLExtension.php

Indentation +12 added lines, -12 removed lines

@@ -13,16 +13,16 @@
  */
 class FreshestCRLExtension extends CRLDistributionPointsExtension
 {
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param DistributionPoint ...$distribution_points
-     */
-    public function __construct(bool $critical,
-        DistributionPoint ...$distribution_points)
-    {
-        Extension::__construct(self::OID_FRESHEST_CRL, $critical);
-        $this->_distributionPoints = $distribution_points;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param DistributionPoint ...$distribution_points
+	 */
+	public function __construct(bool $critical,
+		DistributionPoint ...$distribution_points)
+	{
+		Extension::__construct(self::OID_FRESHEST_CRL, $critical);
+		$this->_distributionPoints = $distribution_points;
+	}
 }

lib/X509/CertificationPath/PathValidation/PathValidationResult.php

Indentation +74 added lines, -74 removed lines

@@ -16,85 +16,85 @@
  */
 class PathValidationResult
 {
-    /**
-     * Certificates in a certification path.
-     *
-     * @var \X509\Certificate\Certificate[] $_certificates
-     */
-    protected $_certificates;
+	/**
+	 * Certificates in a certification path.
+	 *
+	 * @var \X509\Certificate\Certificate[] $_certificates
+	 */
+	protected $_certificates;
     
-    /**
-     * Valid policy tree.
-     *
-     * @var \X509\CertificationPath\Policy\PolicyTree|null $_policyTree
-     */
-    protected $_policyTree;
+	/**
+	 * Valid policy tree.
+	 *
+	 * @var \X509\CertificationPath\Policy\PolicyTree|null $_policyTree
+	 */
+	protected $_policyTree;
     
-    /**
-     * End-entity certificate's public key.
-     *
-     * @var PublicKeyInfo
-     */
-    protected $_publicKeyInfo;
+	/**
+	 * End-entity certificate's public key.
+	 *
+	 * @var PublicKeyInfo
+	 */
+	protected $_publicKeyInfo;
     
-    /**
-     * Public key algorithm.
-     *
-     * @var AlgorithmIdentifierType
-     */
-    protected $_publicKeyAlgo;
+	/**
+	 * Public key algorithm.
+	 *
+	 * @var AlgorithmIdentifierType
+	 */
+	protected $_publicKeyAlgo;
     
-    /**
-     * Public key parameters.
-     *
-     * @var Element|null $_publicKeyParameters
-     */
-    protected $_publicKeyParameters;
+	/**
+	 * Public key parameters.
+	 *
+	 * @var Element|null $_publicKeyParameters
+	 */
+	protected $_publicKeyParameters;
     
-    /**
-     * Constructor.
-     *
-     * @param \X509\Certificate\Certificate[] $certificates Certificates in a
-     *        certification path
-     * @param \X509\CertificationPath\Policy\PolicyTree|null $policy_tree Valid
-     *        policy tree
-     * @param PublicKeyInfo $pubkey_info Public key of the end-entity
-     *        certificate
-     * @param AlgorithmIdentifierType $algo Public key algorithm of the
-     *        end-entity certificate
-     * @param Element|null $params Algorithm parameters
-     */
-    public function __construct(array $certificates, $policy_tree,
-        PublicKeyInfo $pubkey_info, AlgorithmIdentifierType $algo,
-        Element $params = null)
-    {
-        $this->_certificates = array_values($certificates);
-        $this->_policyTree = $policy_tree;
-        $this->_publicKeyInfo = $pubkey_info;
-        $this->_publicKeyAlgo = $algo;
-        $this->_publicKeyParameters = $params;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param \X509\Certificate\Certificate[] $certificates Certificates in a
+	 *        certification path
+	 * @param \X509\CertificationPath\Policy\PolicyTree|null $policy_tree Valid
+	 *        policy tree
+	 * @param PublicKeyInfo $pubkey_info Public key of the end-entity
+	 *        certificate
+	 * @param AlgorithmIdentifierType $algo Public key algorithm of the
+	 *        end-entity certificate
+	 * @param Element|null $params Algorithm parameters
+	 */
+	public function __construct(array $certificates, $policy_tree,
+		PublicKeyInfo $pubkey_info, AlgorithmIdentifierType $algo,
+		Element $params = null)
+	{
+		$this->_certificates = array_values($certificates);
+		$this->_policyTree = $policy_tree;
+		$this->_publicKeyInfo = $pubkey_info;
+		$this->_publicKeyAlgo = $algo;
+		$this->_publicKeyParameters = $params;
+	}
     
-    /**
-     * Get end-entity certificate.
-     *
-     * @return \X509\Certificate\Certificate
-     */
-    public function certificate(): Certificate
-    {
-        return $this->_certificates[count($this->_certificates) - 1];
-    }
+	/**
+	 * Get end-entity certificate.
+	 *
+	 * @return \X509\Certificate\Certificate
+	 */
+	public function certificate(): Certificate
+	{
+		return $this->_certificates[count($this->_certificates) - 1];
+	}
     
-    /**
-     * Get certificate policies of the end-entity certificate.
-     *
-     * @return \X509\Certificate\Extension\CertificatePolicy\PolicyInformation[]
-     */
-    public function policies(): array
-    {
-        if (!$this->_policyTree) {
-            return array();
-        }
-        return $this->_policyTree->policiesAtDepth(count($this->_certificates));
-    }
+	/**
+	 * Get certificate policies of the end-entity certificate.
+	 *
+	 * @return \X509\Certificate\Extension\CertificatePolicy\PolicyInformation[]
+	 */
+	public function policies(): array
+	{
+		if (!$this->_policyTree) {
+			return array();
+		}
+		return $this->_policyTree->policiesAtDepth(count($this->_certificates));
+	}
 }

lib/X509/CertificationPath/PathBuilding/CertificationPathBuilder.php

Indentation +128 added lines, -128 removed lines

@@ -16,137 +16,137 @@
  */
 class CertificationPathBuilder
 {
-    /**
-     * Trust anchors.
-     *
-     * @var CertificateBundle
-     */
-    protected $_trustList;
+	/**
+	 * Trust anchors.
+	 *
+	 * @var CertificateBundle
+	 */
+	protected $_trustList;
     
-    /**
-     * Constructor.
-     *
-     * @param CertificateBundle $trust_list List of trust anchors
-     */
-    public function __construct(CertificateBundle $trust_list)
-    {
-        $this->_trustList = $trust_list;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param CertificateBundle $trust_list List of trust anchors
+	 */
+	public function __construct(CertificateBundle $trust_list)
+	{
+		$this->_trustList = $trust_list;
+	}
     
-    /**
-     * Get all certification paths to given target certificate from
-     * any trust anchor.
-     *
-     * @param Certificate $target Target certificate
-     * @param CertificateBundle|null $intermediate Optional intermediate
-     *        certificates
-     * @return CertificationPath[]
-     */
-    public function allPathsToTarget(Certificate $target,
-        CertificateBundle $intermediate = null): array
-    {
-        $paths = $this->_resolvePathsToTarget($target, $intermediate);
-        // map paths to CertificationPath objects
-        return array_map(
-            function ($certs) {
-                return new CertificationPath(...$certs);
-            }, $paths);
-    }
+	/**
+	 * Get all certification paths to given target certificate from
+	 * any trust anchor.
+	 *
+	 * @param Certificate $target Target certificate
+	 * @param CertificateBundle|null $intermediate Optional intermediate
+	 *        certificates
+	 * @return CertificationPath[]
+	 */
+	public function allPathsToTarget(Certificate $target,
+		CertificateBundle $intermediate = null): array
+	{
+		$paths = $this->_resolvePathsToTarget($target, $intermediate);
+		// map paths to CertificationPath objects
+		return array_map(
+			function ($certs) {
+				return new CertificationPath(...$certs);
+			}, $paths);
+	}
     
-    /**
-     * Resolve all possible certification paths from any trust anchor to
-     * the target certificate, using optional intermediate certificates.
-     *
-     * Helper method for allPathsToTarget to be called recursively.
-     *
-     * @todo Implement loop detection
-     * @param Certificate $target
-     * @param CertificateBundle $intermediate
-     * @return array[] Array of arrays containing path certificates
-     */
-    private function _resolvePathsToTarget(Certificate $target,
-        CertificateBundle $intermediate = null): array
-    {
-        // array of possible paths
-        $paths = array();
-        // signed by certificate in the trust list
-        foreach ($this->_findIssuers($target, $this->_trustList) as $issuer) {
-            // if target is self-signed, path consists of only
-            // the target certificate
-            if ($target->equals($issuer)) {
-                $paths[] = array($target);
-            } else {
-                $paths[] = array($issuer, $target);
-            }
-        }
-        if (isset($intermediate)) {
-            // signed by intermediate certificate
-            foreach ($this->_findIssuers($target, $intermediate) as $issuer) {
-                // intermediate certificate must not be self-signed
-                if ($issuer->isSelfIssued()) {
-                    continue;
-                }
-                // resolve paths to issuer
-                $subpaths = $this->_resolvePathsToTarget($issuer, $intermediate);
-                foreach ($subpaths as $path) {
-                    $paths[] = array_merge($path, array($target));
-                }
-            }
-        }
-        return $paths;
-    }
+	/**
+	 * Resolve all possible certification paths from any trust anchor to
+	 * the target certificate, using optional intermediate certificates.
+	 *
+	 * Helper method for allPathsToTarget to be called recursively.
+	 *
+	 * @todo Implement loop detection
+	 * @param Certificate $target
+	 * @param CertificateBundle $intermediate
+	 * @return array[] Array of arrays containing path certificates
+	 */
+	private function _resolvePathsToTarget(Certificate $target,
+		CertificateBundle $intermediate = null): array
+	{
+		// array of possible paths
+		$paths = array();
+		// signed by certificate in the trust list
+		foreach ($this->_findIssuers($target, $this->_trustList) as $issuer) {
+			// if target is self-signed, path consists of only
+			// the target certificate
+			if ($target->equals($issuer)) {
+				$paths[] = array($target);
+			} else {
+				$paths[] = array($issuer, $target);
+			}
+		}
+		if (isset($intermediate)) {
+			// signed by intermediate certificate
+			foreach ($this->_findIssuers($target, $intermediate) as $issuer) {
+				// intermediate certificate must not be self-signed
+				if ($issuer->isSelfIssued()) {
+					continue;
+				}
+				// resolve paths to issuer
+				$subpaths = $this->_resolvePathsToTarget($issuer, $intermediate);
+				foreach ($subpaths as $path) {
+					$paths[] = array_merge($path, array($target));
+				}
+			}
+		}
+		return $paths;
+	}
     
-    /**
-     * Get shortest path to given target certificate from any trust anchor.
-     *
-     * @param Certificate $target Target certificate
-     * @param CertificateBundle|null $intermediate Optional intermediate
-     *        certificates
-     * @throws PathBuildingException
-     * @return CertificationPath
-     */
-    public function shortestPathToTarget(Certificate $target,
-        CertificateBundle $intermediate = null): CertificationPath
-    {
-        $paths = $this->allPathsToTarget($target, $intermediate);
-        if (!count($paths)) {
-            throw new PathBuildingException("No certification paths.");
-        }
-        usort($paths,
-            function ($a, $b) {
-                return count($a) < count($b) ? -1 : 1;
-            });
-        return reset($paths);
-    }
+	/**
+	 * Get shortest path to given target certificate from any trust anchor.
+	 *
+	 * @param Certificate $target Target certificate
+	 * @param CertificateBundle|null $intermediate Optional intermediate
+	 *        certificates
+	 * @throws PathBuildingException
+	 * @return CertificationPath
+	 */
+	public function shortestPathToTarget(Certificate $target,
+		CertificateBundle $intermediate = null): CertificationPath
+	{
+		$paths = $this->allPathsToTarget($target, $intermediate);
+		if (!count($paths)) {
+			throw new PathBuildingException("No certification paths.");
+		}
+		usort($paths,
+			function ($a, $b) {
+				return count($a) < count($b) ? -1 : 1;
+			});
+		return reset($paths);
+	}
     
-    /**
-     * Find all issuers of the target certificate from a given bundle.
-     *
-     * @param Certificate $target Target certificate
-     * @param CertificateBundle $bundle Certificates to search
-     * @return Certificate[]
-     */
-    protected function _findIssuers(Certificate $target,
-        CertificateBundle $bundle): array
-    {
-        $issuers = array();
-        $issuer_name = $target->tbsCertificate()->issuer();
-        $extensions = $target->tbsCertificate()->extensions();
-        // find by authority key identifier
-        if ($extensions->hasAuthorityKeyIdentifier()) {
-            $ext = $extensions->authorityKeyIdentifier();
-            if ($ext->hasKeyIdentifier()) {
-                foreach ($bundle->allBySubjectKeyIdentifier(
-                    $ext->keyIdentifier()) as $issuer) {
-                    // check that issuer name matches
-                    if ($issuer->tbsCertificate()
-                        ->subject()
-                        ->equals($issuer_name)) {
-                        $issuers[] = $issuer;
-                    }
-                }
-            }
-        }
-        return $issuers;
-    }
+	/**
+	 * Find all issuers of the target certificate from a given bundle.
+	 *
+	 * @param Certificate $target Target certificate
+	 * @param CertificateBundle $bundle Certificates to search
+	 * @return Certificate[]
+	 */
+	protected function _findIssuers(Certificate $target,
+		CertificateBundle $bundle): array
+	{
+		$issuers = array();
+		$issuer_name = $target->tbsCertificate()->issuer();
+		$extensions = $target->tbsCertificate()->extensions();
+		// find by authority key identifier
+		if ($extensions->hasAuthorityKeyIdentifier()) {
+			$ext = $extensions->authorityKeyIdentifier();
+			if ($ext->hasKeyIdentifier()) {
+				foreach ($bundle->allBySubjectKeyIdentifier(
+					$ext->keyIdentifier()) as $issuer) {
+					// check that issuer name matches
+					if ($issuer->tbsCertificate()
+						->subject()
+						->equals($issuer_name)) {
+						$issuers[] = $issuer;
+					}
+				}
+			}
+		}
+		return $issuers;
+	}
 }

lib/X509/CertificationRequest/CertificationRequestInfo.php

Indentation +200 added lines, -200 removed lines

@@ -24,204 +24,204 @@
  */
 class CertificationRequestInfo
 {
-    const VERSION_1 = 0;
-    
-    /**
-     * Version.
-     *
-     * @var int
-     */
-    protected $_version;
-    
-    /**
-     * Subject.
-     *
-     * @var Name $_subject
-     */
-    protected $_subject;
-    
-    /**
-     * Public key info.
-     *
-     * @var PublicKeyInfo $_subjectPKInfo
-     */
-    protected $_subjectPKInfo;
-    
-    /**
-     * Attributes.
-     *
-     * @var Attributes|null $_attributes
-     */
-    protected $_attributes;
-    
-    /**
-     * Constructor.
-     *
-     * @param Name $subject Subject
-     * @param PublicKeyInfo $pkinfo Public key info
-     */
-    public function __construct(Name $subject, PublicKeyInfo $pkinfo)
-    {
-        $this->_version = self::VERSION_1;
-        $this->_subject = $subject;
-        $this->_subjectPKInfo = $pkinfo;
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $version = $seq->at(0)
-            ->asInteger()
-            ->intNumber();
-        if ($version != self::VERSION_1) {
-            throw new \UnexpectedValueException(
-                "Version $version not supported.");
-        }
-        $subject = Name::fromASN1($seq->at(1)->asSequence());
-        $pkinfo = PublicKeyInfo::fromASN1($seq->at(2)->asSequence());
-        $obj = new self($subject, $pkinfo);
-        if ($seq->hasTagged(0)) {
-            $obj->_attributes = Attributes::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SET)
-                    ->asSet());
-        }
-        return $obj;
-    }
-    
-    /**
-     * Get version.
-     *
-     * @return int
-     */
-    public function version(): int
-    {
-        return $this->_version;
-    }
-    
-    /**
-     * Get self with subject.
-     *
-     * @param Name $subject
-     * @return self
-     */
-    public function withSubject(Name $subject): self
-    {
-        $obj = clone $this;
-        $obj->_subject = $subject;
-        return $obj;
-    }
-    
-    /**
-     * Get subject.
-     *
-     * @return Name
-     */
-    public function subject(): Name
-    {
-        return $this->_subject;
-    }
-    
-    /**
-     * Get subject public key info.
-     *
-     * @return PublicKeyInfo
-     */
-    public function subjectPKInfo(): PublicKeyInfo
-    {
-        return $this->_subjectPKInfo;
-    }
-    
-    /**
-     * Whether certification request info has attributes.
-     *
-     * @return bool
-     */
-    public function hasAttributes(): bool
-    {
-        return isset($this->_attributes);
-    }
-    
-    /**
-     * Get attributes.
-     *
-     * @throws \LogicException
-     * @return Attributes
-     */
-    public function attributes(): Attributes
-    {
-        if (!$this->hasAttributes()) {
-            throw new \LogicException("No attributes.");
-        }
-        return $this->_attributes;
-    }
-    
-    /**
-     * Get instance of self with attributes.
-     *
-     * @param Attributes $attribs
-     */
-    public function withAttributes(Attributes $attribs): self
-    {
-        $obj = clone $this;
-        $obj->_attributes = $attribs;
-        return $obj;
-    }
-    
-    /**
-     * Get self with extension request attribute.
-     *
-     * @param Extensions $extensions Extensions to request
-     * @return self
-     */
-    public function withExtensionRequest(Extensions $extensions): self
-    {
-        $obj = clone $this;
-        if (!isset($obj->_attributes)) {
-            $obj->_attributes = new Attributes();
-        }
-        $obj->_attributes = $obj->_attributes->withUnique(
-            Attribute::fromAttributeValues(
-                new ExtensionRequestValue($extensions)));
-        return $obj;
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array(new Integer($this->_version),
-            $this->_subject->toASN1(), $this->_subjectPKInfo->toASN1());
-        if (isset($this->_attributes)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_attributes->toASN1());
-        }
-        return new Sequence(...$elements);
-    }
-    
-    /**
-     * Create signed CertificationRequest.
-     *
-     * @param SignatureAlgorithmIdentifier $algo Algorithm used for signing
-     * @param PrivateKeyInfo $privkey_info Private key used for signing
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @return CertificationRequest
-     */
-    public function sign(SignatureAlgorithmIdentifier $algo,
-        PrivateKeyInfo $privkey_info, Crypto $crypto = null): CertificationRequest
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $data = $this->toASN1()->toDER();
-        $signature = $crypto->sign($data, $privkey_info, $algo);
-        return new CertificationRequest($this, $algo, $signature);
-    }
+	const VERSION_1 = 0;
+    
+	/**
+	 * Version.
+	 *
+	 * @var int
+	 */
+	protected $_version;
+    
+	/**
+	 * Subject.
+	 *
+	 * @var Name $_subject
+	 */
+	protected $_subject;
+    
+	/**
+	 * Public key info.
+	 *
+	 * @var PublicKeyInfo $_subjectPKInfo
+	 */
+	protected $_subjectPKInfo;
+    
+	/**
+	 * Attributes.
+	 *
+	 * @var Attributes|null $_attributes
+	 */
+	protected $_attributes;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Name $subject Subject
+	 * @param PublicKeyInfo $pkinfo Public key info
+	 */
+	public function __construct(Name $subject, PublicKeyInfo $pkinfo)
+	{
+		$this->_version = self::VERSION_1;
+		$this->_subject = $subject;
+		$this->_subjectPKInfo = $pkinfo;
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$version = $seq->at(0)
+			->asInteger()
+			->intNumber();
+		if ($version != self::VERSION_1) {
+			throw new \UnexpectedValueException(
+				"Version $version not supported.");
+		}
+		$subject = Name::fromASN1($seq->at(1)->asSequence());
+		$pkinfo = PublicKeyInfo::fromASN1($seq->at(2)->asSequence());
+		$obj = new self($subject, $pkinfo);
+		if ($seq->hasTagged(0)) {
+			$obj->_attributes = Attributes::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SET)
+					->asSet());
+		}
+		return $obj;
+	}
+    
+	/**
+	 * Get version.
+	 *
+	 * @return int
+	 */
+	public function version(): int
+	{
+		return $this->_version;
+	}
+    
+	/**
+	 * Get self with subject.
+	 *
+	 * @param Name $subject
+	 * @return self
+	 */
+	public function withSubject(Name $subject): self
+	{
+		$obj = clone $this;
+		$obj->_subject = $subject;
+		return $obj;
+	}
+    
+	/**
+	 * Get subject.
+	 *
+	 * @return Name
+	 */
+	public function subject(): Name
+	{
+		return $this->_subject;
+	}
+    
+	/**
+	 * Get subject public key info.
+	 *
+	 * @return PublicKeyInfo
+	 */
+	public function subjectPKInfo(): PublicKeyInfo
+	{
+		return $this->_subjectPKInfo;
+	}
+    
+	/**
+	 * Whether certification request info has attributes.
+	 *
+	 * @return bool
+	 */
+	public function hasAttributes(): bool
+	{
+		return isset($this->_attributes);
+	}
+    
+	/**
+	 * Get attributes.
+	 *
+	 * @throws \LogicException
+	 * @return Attributes
+	 */
+	public function attributes(): Attributes
+	{
+		if (!$this->hasAttributes()) {
+			throw new \LogicException("No attributes.");
+		}
+		return $this->_attributes;
+	}
+    
+	/**
+	 * Get instance of self with attributes.
+	 *
+	 * @param Attributes $attribs
+	 */
+	public function withAttributes(Attributes $attribs): self
+	{
+		$obj = clone $this;
+		$obj->_attributes = $attribs;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with extension request attribute.
+	 *
+	 * @param Extensions $extensions Extensions to request
+	 * @return self
+	 */
+	public function withExtensionRequest(Extensions $extensions): self
+	{
+		$obj = clone $this;
+		if (!isset($obj->_attributes)) {
+			$obj->_attributes = new Attributes();
+		}
+		$obj->_attributes = $obj->_attributes->withUnique(
+			Attribute::fromAttributeValues(
+				new ExtensionRequestValue($extensions)));
+		return $obj;
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array(new Integer($this->_version),
+			$this->_subject->toASN1(), $this->_subjectPKInfo->toASN1());
+		if (isset($this->_attributes)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_attributes->toASN1());
+		}
+		return new Sequence(...$elements);
+	}
+    
+	/**
+	 * Create signed CertificationRequest.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo Algorithm used for signing
+	 * @param PrivateKeyInfo $privkey_info Private key used for signing
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @return CertificationRequest
+	 */
+	public function sign(SignatureAlgorithmIdentifier $algo,
+		PrivateKeyInfo $privkey_info, Crypto $crypto = null): CertificationRequest
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$data = $this->toASN1()->toDER();
+		$signature = $crypto->sign($data, $privkey_info, $algo);
+		return new CertificationRequest($this, $algo, $signature);
+	}
 }

lib/X509/CertificationRequest/CertificationRequest.php

Indentation +154 added lines, -154 removed lines

@@ -18,172 +18,172 @@
  */
 class CertificationRequest
 {
-    /**
-     * Certification request info.
-     *
-     * @var CertificationRequestInfo $_certificationRequestInfo
-     */
-    protected $_certificationRequestInfo;
+	/**
+	 * Certification request info.
+	 *
+	 * @var CertificationRequestInfo $_certificationRequestInfo
+	 */
+	protected $_certificationRequestInfo;
     
-    /**
-     * Signature algorithm.
-     *
-     * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
-     */
-    protected $_signatureAlgorithm;
+	/**
+	 * Signature algorithm.
+	 *
+	 * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
+	 */
+	protected $_signatureAlgorithm;
     
-    /**
-     * Signature.
-     *
-     * @var Signature $_signature
-     */
-    protected $_signature;
+	/**
+	 * Signature.
+	 *
+	 * @var Signature $_signature
+	 */
+	protected $_signature;
     
-    /**
-     * Constructor.
-     *
-     * @param CertificationRequestInfo $info
-     * @param SignatureAlgorithmIdentifier $algo
-     * @param Signature $signature
-     */
-    public function __construct(CertificationRequestInfo $info,
-        SignatureAlgorithmIdentifier $algo, Signature $signature)
-    {
-        $this->_certificationRequestInfo = $info;
-        $this->_signatureAlgorithm = $algo;
-        $this->_signature = $signature;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param CertificationRequestInfo $info
+	 * @param SignatureAlgorithmIdentifier $algo
+	 * @param Signature $signature
+	 */
+	public function __construct(CertificationRequestInfo $info,
+		SignatureAlgorithmIdentifier $algo, Signature $signature)
+	{
+		$this->_certificationRequestInfo = $info;
+		$this->_signatureAlgorithm = $algo;
+		$this->_signature = $signature;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $info = CertificationRequestInfo::fromASN1($seq->at(0)->asSequence());
-        $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
-        if (!$algo instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                "Unsupported signature algorithm " . $algo->oid() . ".");
-        }
-        $signature = Signature::fromSignatureData(
-            $seq->at(2)
-                ->asBitString()
-                ->string(), $algo);
-        return new self($info, $algo, $signature);
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$info = CertificationRequestInfo::fromASN1($seq->at(0)->asSequence());
+		$algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
+		if (!$algo instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				"Unsupported signature algorithm " . $algo->oid() . ".");
+		}
+		$signature = Signature::fromSignatureData(
+			$seq->at(2)
+				->asBitString()
+				->string(), $algo);
+		return new self($info, $algo, $signature);
+	}
     
-    /**
-     * Initialize from DER.
-     *
-     * @param string $data
-     * @return self
-     */
-    public static function fromDER(string $data): self
-    {
-        return self::fromASN1(Sequence::fromDER($data));
-    }
+	/**
+	 * Initialize from DER.
+	 *
+	 * @param string $data
+	 * @return self
+	 */
+	public static function fromDER(string $data): self
+	{
+		return self::fromASN1(Sequence::fromDER($data));
+	}
     
-    /**
-     * Initialize from PEM.
-     *
-     * @param PEM $pem
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromPEM(PEM $pem): self
-    {
-        if ($pem->type() !== PEM::TYPE_CERTIFICATE_REQUEST) {
-            throw new \UnexpectedValueException("Invalid PEM type.");
-        }
-        return self::fromDER($pem->data());
-    }
+	/**
+	 * Initialize from PEM.
+	 *
+	 * @param PEM $pem
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromPEM(PEM $pem): self
+	{
+		if ($pem->type() !== PEM::TYPE_CERTIFICATE_REQUEST) {
+			throw new \UnexpectedValueException("Invalid PEM type.");
+		}
+		return self::fromDER($pem->data());
+	}
     
-    /**
-     * Get certification request info.
-     *
-     * @return CertificationRequestInfo
-     */
-    public function certificationRequestInfo(): CertificationRequestInfo
-    {
-        return $this->_certificationRequestInfo;
-    }
+	/**
+	 * Get certification request info.
+	 *
+	 * @return CertificationRequestInfo
+	 */
+	public function certificationRequestInfo(): CertificationRequestInfo
+	{
+		return $this->_certificationRequestInfo;
+	}
     
-    /**
-     * Get signature algorithm.
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signatureAlgorithm(): SignatureAlgorithmIdentifier
-    {
-        return $this->_signatureAlgorithm;
-    }
+	/**
+	 * Get signature algorithm.
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signatureAlgorithm(): SignatureAlgorithmIdentifier
+	{
+		return $this->_signatureAlgorithm;
+	}
     
-    /**
-     * Get signature.
-     *
-     * @return Signature
-     */
-    public function signature(): Signature
-    {
-        return $this->_signature;
-    }
+	/**
+	 * Get signature.
+	 *
+	 * @return Signature
+	 */
+	public function signature(): Signature
+	{
+		return $this->_signature;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        return new Sequence($this->_certificationRequestInfo->toASN1(),
-            $this->_signatureAlgorithm->toASN1(), $this->_signature->bitString());
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		return new Sequence($this->_certificationRequestInfo->toASN1(),
+			$this->_signatureAlgorithm->toASN1(), $this->_signature->bitString());
+	}
     
-    /**
-     * Get certification request as a DER.
-     *
-     * @return string
-     */
-    public function toDER(): string
-    {
-        return $this->toASN1()->toDER();
-    }
+	/**
+	 * Get certification request as a DER.
+	 *
+	 * @return string
+	 */
+	public function toDER(): string
+	{
+		return $this->toASN1()->toDER();
+	}
     
-    /**
-     * Get certification request as a PEM.
-     *
-     * @return PEM
-     */
-    public function toPEM(): PEM
-    {
-        return new PEM(PEM::TYPE_CERTIFICATE_REQUEST, $this->toDER());
-    }
+	/**
+	 * Get certification request as a PEM.
+	 *
+	 * @return PEM
+	 */
+	public function toPEM(): PEM
+	{
+		return new PEM(PEM::TYPE_CERTIFICATE_REQUEST, $this->toDER());
+	}
     
-    /**
-     * Verify certification request signature.
-     *
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @return bool True if signature matches
-     */
-    public function verify(Crypto $crypto = null): bool
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $data = $this->_certificationRequestInfo->toASN1()->toDER();
-        $pk_info = $this->_certificationRequestInfo->subjectPKInfo();
-        return $crypto->verify($data, $this->_signature, $pk_info,
-            $this->_signatureAlgorithm);
-    }
+	/**
+	 * Verify certification request signature.
+	 *
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @return bool True if signature matches
+	 */
+	public function verify(Crypto $crypto = null): bool
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$data = $this->_certificationRequestInfo->toASN1()->toDER();
+		$pk_info = $this->_certificationRequestInfo->subjectPKInfo();
+		return $crypto->verify($data, $this->_signature, $pk_info,
+			$this->_signatureAlgorithm);
+	}
     
-    /**
-     * Get certification request as a PEM formatted string.
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->toPEM()->string();
-    }
+	/**
+	 * Get certification request as a PEM formatted string.
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->toPEM()->string();
+	}
 }

lib/X509/CertificationRequest/Attribute/ExtensionRequestValue.php

Indentation +81 added lines, -81 removed lines

@@ -17,94 +17,94 @@
  */
 class ExtensionRequestValue extends AttributeValue
 {
-    const OID = "1.2.840.113549.1.9.14";
+	const OID = "1.2.840.113549.1.9.14";
     
-    /**
-     * Extensions.
-     *
-     * @var Extensions $_extensions
-     */
-    protected $_extensions;
+	/**
+	 * Extensions.
+	 *
+	 * @var Extensions $_extensions
+	 */
+	protected $_extensions;
     
-    /**
-     * Constructor.
-     *
-     * @param Extensions $extensions
-     */
-    public function __construct(Extensions $extensions)
-    {
-        $this->_extensions = $extensions;
-        $this->_oid = self::OID;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Extensions $extensions
+	 */
+	public function __construct(Extensions $extensions)
+	{
+		$this->_extensions = $extensions;
+		$this->_oid = self::OID;
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::fromASN1()
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el): self
-    {
-        return new self(Extensions::fromASN1($el->asSequence()));
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::fromASN1()
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el): self
+	{
+		return new self(Extensions::fromASN1($el->asSequence()));
+	}
     
-    /**
-     * Get requested extensions.
-     *
-     * @return Extensions
-     */
-    public function extensions(): Extensions
-    {
-        return $this->_extensions;
-    }
+	/**
+	 * Get requested extensions.
+	 *
+	 * @return Extensions
+	 */
+	public function extensions(): Extensions
+	{
+		return $this->_extensions;
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        return $this->_extensions->toASN1();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		return $this->_extensions->toASN1();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
-     * @return string
-     */
-    public function stringValue(): string
-    {
-        return "#" . bin2hex($this->toASN1()->toDER());
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
+	 * @return string
+	 */
+	public function stringValue(): string
+	{
+		return "#" . bin2hex($this->toASN1()->toDER());
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
-     * @return BinaryMatch
-     */
-    public function equalityMatchingRule(): BinaryMatch
-    {
-        return new BinaryMatch();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
+	 * @return BinaryMatch
+	 */
+	public function equalityMatchingRule(): BinaryMatch
+	{
+		return new BinaryMatch();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
-     * @return string
-     */
-    public function rfc2253String(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
+	 * @return string
+	 */
+	public function rfc2253String(): string
+	{
+		return $this->stringValue();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
-     * @return string
-     */
-    protected function _transcodedString(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
+	 * @return string
+	 */
+	protected function _transcodedString(): string
+	{
+		return $this->stringValue();
+	}
 }

lib/X509/CertificationRequest/Attributes.php

Indentation +96 added lines, -96 removed lines

@@ -20,107 +20,107 @@
  */
 class Attributes implements \Countable, \IteratorAggregate
 {
-    use AttributeContainer;
+	use AttributeContainer;
     
-    /**
-     * Mapping from OID to attribute value class name.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const MAP_OID_TO_CLASS = array(
-        /* @formatter:off */
-        ExtensionRequestValue::OID => ExtensionRequestValue::class
-        /* @formatter:on */
-    );
+	/**
+	 * Mapping from OID to attribute value class name.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const MAP_OID_TO_CLASS = array(
+		/* @formatter:off */
+		ExtensionRequestValue::OID => ExtensionRequestValue::class
+		/* @formatter:on */
+	);
     
-    /**
-     * Constructor.
-     *
-     * @param Attribute ...$attribs Attribute objects
-     */
-    public function __construct(Attribute ...$attribs)
-    {
-        $this->_attributes = $attribs;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Attribute ...$attribs Attribute objects
+	 */
+	public function __construct(Attribute ...$attribs)
+	{
+		$this->_attributes = $attribs;
+	}
     
-    /**
-     * Initialize from attribute values.
-     *
-     * @param AttributeValue ...$values
-     * @return self
-     */
-    public static function fromAttributeValues(AttributeValue ...$values): self
-    {
-        $attribs = array_map(
-            function (AttributeValue $value) {
-                return $value->toAttribute();
-            }, $values);
-        return new self(...$attribs);
-    }
+	/**
+	 * Initialize from attribute values.
+	 *
+	 * @param AttributeValue ...$values
+	 * @return self
+	 */
+	public static function fromAttributeValues(AttributeValue ...$values): self
+	{
+		$attribs = array_map(
+			function (AttributeValue $value) {
+				return $value->toAttribute();
+			}, $values);
+		return new self(...$attribs);
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Set $set
-     * @return self
-     */
-    public static function fromASN1(Set $set): self
-    {
-        $attribs = array_map(
-            function (UnspecifiedType $el) {
-                return Attribute::fromASN1($el->asSequence());
-            }, $set->elements());
-        // cast attributes
-        $attribs = array_map(
-            function (Attribute $attr) {
-                $oid = $attr->oid();
-                if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
-                    $cls = self::MAP_OID_TO_CLASS[$oid];
-                    return $attr->castValues($cls);
-                }
-                return $attr;
-            }, $attribs);
-        return new self(...$attribs);
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Set $set
+	 * @return self
+	 */
+	public static function fromASN1(Set $set): self
+	{
+		$attribs = array_map(
+			function (UnspecifiedType $el) {
+				return Attribute::fromASN1($el->asSequence());
+			}, $set->elements());
+		// cast attributes
+		$attribs = array_map(
+			function (Attribute $attr) {
+				$oid = $attr->oid();
+				if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
+					$cls = self::MAP_OID_TO_CLASS[$oid];
+					return $attr->castValues($cls);
+				}
+				return $attr;
+			}, $attribs);
+		return new self(...$attribs);
+	}
     
-    /**
-     * Check whether extension request attribute is present.
-     *
-     * @return bool
-     */
-    public function hasExtensionRequest(): bool
-    {
-        return $this->has(ExtensionRequestValue::OID);
-    }
+	/**
+	 * Check whether extension request attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasExtensionRequest(): bool
+	{
+		return $this->has(ExtensionRequestValue::OID);
+	}
     
-    /**
-     * Get extension request attribute value.
-     *
-     * @throws \LogicException
-     * @return ExtensionRequestValue
-     */
-    public function extensionRequest(): ExtensionRequestValue
-    {
-        if (!$this->hasExtensionRequest()) {
-            throw new \LogicException("No extension request attribute.");
-        }
-        return $this->firstOf(ExtensionRequestValue::OID)->first();
-    }
+	/**
+	 * Get extension request attribute value.
+	 *
+	 * @throws \LogicException
+	 * @return ExtensionRequestValue
+	 */
+	public function extensionRequest(): ExtensionRequestValue
+	{
+		if (!$this->hasExtensionRequest()) {
+			throw new \LogicException("No extension request attribute.");
+		}
+		return $this->firstOf(ExtensionRequestValue::OID)->first();
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Set
-     */
-    public function toASN1(): Set
-    {
-        $elements = array_map(
-            function (Attribute $attr) {
-                return $attr->toASN1();
-            }, array_values($this->_attributes));
-        $set = new Set(...$elements);
-        return $set->sortedSetOf();
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Set
+	 */
+	public function toASN1(): Set
+	{
+		$elements = array_map(
+			function (Attribute $attr) {
+				return $attr->toASN1();
+			}, array_values($this->_attributes));
+		$set = new Set(...$elements);
+		return $set->sortedSetOf();
+	}
 }