Certificate::fromASN1() - Code Metrics - Inspection of "Add tests" - sop/x509 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 96d802...e5ec4d )

by Joni

created 2016-06-07 10:08 UTC

Certificate::fromASN1() A

↳ Parent: Certificate

Complexity

Conditions	2
Paths	2

Size

Total Lines	10
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	8
CRAP Score	2

Importance

Changes	3
Bugs	0	Features	0

Metric	Value
c	3
b	0
f	0
dl	0
loc	10
ccs	8
cts	8
cp	1
rs	9.4285
cc	2
eloc	8
nc	2
nop	1
crap	2

<?php

namespace X509\Certificate;

use ASN1\Type\Constructed\Sequence;
use CryptoUtil\ASN1\AlgorithmIdentifier;
use CryptoUtil\ASN1\AlgorithmIdentifier\Feature\SignatureAlgorithmIdentifier;
use CryptoUtil\ASN1\PublicKeyInfo;
use CryptoUtil\Crypto\Crypto;
use CryptoUtil\Crypto\Signature;
use CryptoUtil\PEM\PEM;
use X509\Certificate\TBSCertificate;


/**
 * Implements <i>Certificate</i> ASN.1 type.
 *
 * @link https://tools.ietf.org/html/rfc5280#section-4.1
 */
class Certificate
{
	/**
	 * "To be signed" certificate information.
	 *
	 * @var TBSCertificate $_tbsCertificate
	 */
	protected $_tbsCertificate;
	
	/**
	 * Signature algorithm.
	 *
	 * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
	 */
	protected $_signatureAlgorithm;
	
	/**
	 * Signature value.
	 *
	 * @var Signature $_signatureValue
	 */
	protected $_signatureValue;
	
	/**
	 * Constructor
	 *
	 * @param TBSCertificate $tbsCert
	 * @param SignatureAlgorithmIdentifier $algo
	 * @param Signature $signature
	 */
	public function __construct(TBSCertificate $tbsCert, 
			SignatureAlgorithmIdentifier $algo, Signature $signature) {
		$this->_tbsCertificate = $tbsCert;
		$this->_signatureAlgorithm = $algo;
		$this->_signatureValue = $signature;
	}
	
	/**
	 * Initialize from ASN.1.
	 *
	 * @param Sequence $seq
	 * @return self
	 */
	public static function fromASN1(Sequence $seq) {
		$tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
		$algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
		if (!$algo instanceof SignatureAlgorithmIdentifier) {
			throw new \UnexpectedValueException(
				"Unsupported signature algorithm " . $algo->oid() . ".");
		}
		$signature = Signature::fromASN1($seq->at(2)->asBitString());
		return new self($tbsCert, $algo, $signature);
	}
	
	/**
	 * Initialize from DER.
	 *
	 * @param string $data
	 * @return self
	 */
	public static function fromDER($data) {
		return self::fromASN1(Sequence::fromDER($data));
	}
	
	/**
	 * Initialize from PEM.
	 *
	 * @param PEM $pem
	 * @throws \UnexpectedValueException
	 * @return self
	 */
	public static function fromPEM(PEM $pem) {
		if ($pem->type() != PEM::TYPE_CERTIFICATE) {
			throw new \UnexpectedValueException("Invalid PEM type.");
		}
		return self::fromDER($pem->data());
	}
	
	/**
	 * Get certificate information.
	 *
	 * @return TBSCertificate
	 */
	public function tbsCertificate() {
		return $this->_tbsCertificate;
	}
	
	/**
	 * Get signature algorithm.
	 *
	 * @return SignatureAlgorithmIdentifier
	 */
	public function signatureAlgorithm() {
		return $this->_signatureAlgorithm;
	}
	
	/**
	 * Get signature value.
	 *
	 * @return Signature
	 */
	public function signatureValue() {
		return $this->_signatureValue;
	}
	
	/**
	 * Check whether certificate is self-issued.
	 *
	 * @return bool
	 */
	public function isSelfIssued() {
		return $this->_tbsCertificate->subject()->equals(
			$this->_tbsCertificate->issuer());
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
	}
	
	/**
	 * Check whether certificate is semantically equal to another.
	 *
	 * @param Certificate $cert Certificate to compare to
	 * @return bool
	 */
	public function equals(Certificate $cert) {
		// if subjects differ
		$s1 = $this->_tbsCertificate->subject();
		$s2 = $cert->_tbsCertificate->subject();
		if (!$s1->equals($s2)) {
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
			return false;
		}
		// if public keys differ
		$kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
		$kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
		if ($kid1 != $kid2) {
			return false;
		}
		return true;
	}
	
	/**
	 * Generate ASN.1 structure.
	 *
	 * @return Sequence
	 */
	public function toASN1() {
		return new Sequence($this->_tbsCertificate->toASN1(), 
			$this->_signatureAlgorithm->toASN1(), 
			$this->_signatureValue->toBitString());
	}
	
	/**
	 * Get certificate as a DER.
	 *
	 * @return string
	 */
	public function toDER() {
		return $this->toASN1()->toDER();
	}
	
	/**
	 * Get certificate as a PEM.
	 *
	 * @return PEM
	 */
	public function toPEM() {
		return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
	}
	
	/**
	 * Verify certificate signature.
	 *
	 * @param Crypto $crypto
	 * @param PublicKeyInfo $pubkey_info Issuer's public key
	 * @return bool True if certificate signature is valid
	 */
	public function verify(Crypto $crypto, PublicKeyInfo $pubkey_info) {
		$data = $this->_tbsCertificate->toASN1()->toDER();
		return $crypto->verify($data, $this->_signatureValue, $pubkey_info, 
			$this->_signatureAlgorithm);
	}
	
	/**
	 * Get certificate as a PEM formatted string.
	 *
	 * @return string
	 */
	public function __toString() {
		return $this->toPEM()->string();
	}
}


1		<?php
2
3		namespace X509\Certificate;
4
5		use ASN1\Type\Constructed\Sequence;
6		use CryptoUtil\ASN1\AlgorithmIdentifier;
7		use CryptoUtil\ASN1\AlgorithmIdentifier\Feature\SignatureAlgorithmIdentifier;
8		use CryptoUtil\ASN1\PublicKeyInfo;
9		use CryptoUtil\Crypto\Crypto;
10		use CryptoUtil\Crypto\Signature;
11		use CryptoUtil\PEM\PEM;
12		use X509\Certificate\TBSCertificate;
13
14
15		/**
16		* Implements <i>Certificate</i> ASN.1 type.
17		*
18		* @link https://tools.ietf.org/html/rfc5280#section-4.1
19		*/
20		class Certificate
21		{
22		/**
23		* "To be signed" certificate information.
24		*
25		* @var TBSCertificate $_tbsCertificate
26		*/
27		protected $_tbsCertificate;
28
29		/**
30		* Signature algorithm.
31		*
32		* @var SignatureAlgorithmIdentifier $_signatureAlgorithm
33		*/
34		protected $_signatureAlgorithm;
35
36		/**
37		* Signature value.
38		*
39		* @var Signature $_signatureValue
40		*/
41		protected $_signatureValue;
42
43		/**
44		* Constructor
45		*
46		* @param TBSCertificate $tbsCert
47		* @param SignatureAlgorithmIdentifier $algo
48		* @param Signature $signature
49		*/
50	20	public function __construct(TBSCertificate $tbsCert,
51		SignatureAlgorithmIdentifier $algo, Signature $signature) {
52	20	$this->_tbsCertificate = $tbsCert;
53	20	$this->_signatureAlgorithm = $algo;
54	20	$this->_signatureValue = $signature;
55	20	}
56
57		/**
58		* Initialize from ASN.1.
59		*
60		* @param Sequence $seq
61		* @return self
62		*/
63	11	public static function fromASN1(Sequence $seq) {
64	11	$tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
65	11	$algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
66	11	if (!$algo instanceof SignatureAlgorithmIdentifier) {
67	1	throw new \UnexpectedValueException(
68	1	"Unsupported signature algorithm " . $algo->oid() . ".");
69		}
70	10	$signature = Signature::fromASN1($seq->at(2)->asBitString());
71	10	return new self($tbsCert, $algo, $signature);
72		}
73
74		/**
75		* Initialize from DER.
76		*
77		* @param string $data
78		* @return self
79		*/
80	9	public static function fromDER($data) {
81	9	return self::fromASN1(Sequence::fromDER($data));
82		}
83
84		/**
85		* Initialize from PEM.
86		*
87		* @param PEM $pem
88		* @throws \UnexpectedValueException
89		* @return self
90		*/
91	10	public static function fromPEM(PEM $pem) {
92	10	if ($pem->type() != PEM::TYPE_CERTIFICATE) {
93	1	throw new \UnexpectedValueException("Invalid PEM type.");
94		}
95	9	return self::fromDER($pem->data());
96		}
97
98		/**
99		* Get certificate information.
100		*
101		* @return TBSCertificate
102		*/
103	49	public function tbsCertificate() {
104	49	return $this->_tbsCertificate;
105		}
106
107		/**
108		* Get signature algorithm.
109		*
110		* @return SignatureAlgorithmIdentifier
111		*/
112	28	public function signatureAlgorithm() {
113	28	return $this->_signatureAlgorithm;
114		}
115
116		/**
117		* Get signature value.
118		*
119		* @return Signature
120		*/
121	2	public function signatureValue() {
122	2	return $this->_signatureValue;
123		}
124
125		/**
126		* Check whether certificate is self-issued.
127		*
128		* @return bool
129		*/
130	28	public function isSelfIssued() {
131	28	return $this->_tbsCertificate->subject()->equals(
132	28	$this->_tbsCertificate->issuer());
		0 ignored issues – show Documentation introduced 2016-06-01 09:53 UTC by Report Bug Copy Issue Report `$this->_tbsCertificate->issuer()` is of type `object<X501\ASN1\Name>`, but the function expects a `object<self>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
133		}
134
135		/**
136		* Check whether certificate is semantically equal to another.
137		*
138		* @param Certificate $cert Certificate to compare to
139		* @return bool
140		*/
141	11	public function equals(Certificate $cert) {
142		// if subjects differ
143	11	$s1 = $this->_tbsCertificate->subject();
144	11	$s2 = $cert->_tbsCertificate->subject();
145	11	if (!$s1->equals($s2)) {
		0 ignored issues – show Documentation introduced 2016-06-01 09:53 UTC by Report Bug Copy Issue Report `$s2` is of type `object<X501\ASN1\Name>`, but the function expects a `object<self>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
146	8	return false;
147		}
148		// if public keys differ
149	3	$kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
150	3	$kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
151	3	if ($kid1 != $kid2) {
152	1	return false;
153		}
154	2	return true;
155		}
156
157		/**
158		* Generate ASN.1 structure.
159		*
160		* @return Sequence
161		*/
162	4	public function toASN1() {
163	4	return new Sequence($this->_tbsCertificate->toASN1(),
164	4	$this->_signatureAlgorithm->toASN1(),
165	4	$this->_signatureValue->toBitString());
166		}
167
168		/**
169		* Get certificate as a DER.
170		*
171		* @return string
172		*/
173	2	public function toDER() {
174	2	return $this->toASN1()->toDER();
175		}
176
177		/**
178		* Get certificate as a PEM.
179		*
180		* @return PEM
181		*/
182	2	public function toPEM() {
183	2	return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
184		}
185
186		/**
187		* Verify certificate signature.
188		*
189		* @param Crypto $crypto
190		* @param PublicKeyInfo $pubkey_info Issuer's public key
191		* @return bool True if certificate signature is valid
192		*/
193	24	public function verify(Crypto $crypto, PublicKeyInfo $pubkey_info) {
194	24	$data = $this->_tbsCertificate->toASN1()->toDER();
195	24	return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
196	24	$this->_signatureAlgorithm);
197		}
198
199		/**
200		* Get certificate as a PEM formatted string.
201		*
202		* @return string
203		*/
204	1	public function __toString() {
205	1	return $this->toPEM()->string();
206		}
207		}
208

sop / x509

GitHub Access Token became invalid

Push — master ( 96d802...e5ec4d )

Certificate::fromASN1() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like