GitHub Access Token became invalid

It seems like the GitHub access token used for retrieving details about this repository from GitHub became invalid. This might prevent certain types of inspections from being run (in particular, everything related to pull requests).
Please ask an admin of your repository to re-new the access token on this website.
Completed
Push — php72 ( 84962a...e2a8e9 )
by Joni
02:36
created
examples/create-csr.php 2 patches
Indentation   +2 added lines, -2 removed lines patch added patch discarded remove patch
@@ -18,7 +18,7 @@  discard block
 block discarded – undo
18 18
 
19 19
 // load EC private key from PEM
20 20
 $private_key_info = PrivateKeyInfo::fromPEM(
21
-    PEM::fromFile(dirname(__DIR__) . '/test/assets/ec/private_key.pem'));
21
+	PEM::fromFile(dirname(__DIR__) . '/test/assets/ec/private_key.pem'));
22 22
 // extract public key from private key
23 23
 $public_key_info = $private_key_info->publicKeyInfo();
24 24
 // DN of the subject
@@ -27,6 +27,6 @@  discard block
 block discarded – undo
27 27
 $cri = new CertificationRequestInfo($subject, $public_key_info);
28 28
 // sign certificate request with private key
29 29
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
30
-    $private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
30
+	$private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
31 31
 $csr = $cri->sign($algo, $private_key_info);
32 32
 echo $csr;
Please login to merge, or discard this patch.
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch
@@ -5,7 +5,7 @@
 block discarded – undo
5 5
  * php create-csr.php
6 6
  */
7 7
 
8
-declare(strict_types = 1);
8
+declare(strict_types=1);
9 9
 
10 10
 use Sop\CryptoEncoding\PEM;
11 11
 use Sop\CryptoTypes\AlgorithmIdentifier\Hash\SHA256AlgorithmIdentifier;
Please login to merge, or discard this patch.
examples/ac-example.php 2 patches
Indentation   +68 added lines, -68 removed lines patch added patch discarded remove patch
@@ -38,106 +38,106 @@  discard block
 block discarded – undo
38 38
 
39 39
 // CA private key
40 40
 openssl_pkey_export(
41
-    openssl_pkey_new(
42
-        ['private_key_type' => OPENSSL_KEYTYPE_RSA,
43
-            'private_key_bits' => 2048, ]), $pkey);
41
+	openssl_pkey_new(
42
+		['private_key_type' => OPENSSL_KEYTYPE_RSA,
43
+			'private_key_bits' => 2048, ]), $pkey);
44 44
 $ca_private_key = PrivateKeyInfo::fromPEM(PEM::fromString($pkey));
45 45
 // Issuer private key
46 46
 openssl_pkey_export(
47
-    openssl_pkey_new(
48
-        ['private_key_type' => OPENSSL_KEYTYPE_RSA,
49
-            'private_key_bits' => 2048, ]), $pkey);
47
+	openssl_pkey_new(
48
+		['private_key_type' => OPENSSL_KEYTYPE_RSA,
49
+			'private_key_bits' => 2048, ]), $pkey);
50 50
 $issuer_private_key = PrivateKeyInfo::fromPEM(PEM::fromString($pkey));
51 51
 // Holder private key
52 52
 openssl_pkey_export(
53
-    openssl_pkey_new(
54
-        ['private_key_type' => OPENSSL_KEYTYPE_RSA,
55
-            'private_key_bits' => 2048, ]), $pkey);
53
+	openssl_pkey_new(
54
+		['private_key_type' => OPENSSL_KEYTYPE_RSA,
55
+			'private_key_bits' => 2048, ]), $pkey);
56 56
 $holder_private_key = PrivateKeyInfo::fromPEM(PEM::fromString($pkey));
57 57
 
58 58
 // create trust anchor certificate (self signed)
59 59
 $tbs_cert = new TBSCertificate(
60
-    Name::fromString('cn=CA'),
61
-    $ca_private_key->publicKeyInfo(),
62
-    Name::fromString('cn=CA'),
63
-    Validity::fromStrings('now', 'now + 1 year'));
60
+	Name::fromString('cn=CA'),
61
+	$ca_private_key->publicKeyInfo(),
62
+	Name::fromString('cn=CA'),
63
+	Validity::fromStrings('now', 'now + 1 year'));
64 64
 $tbs_cert = $tbs_cert->withRandomSerialNumber()
65
-    ->withAdditionalExtensions(
66
-        new BasicConstraintsExtension(true, true),
67
-        new SubjectKeyIdentifierExtension(false,
68
-            $ca_private_key->publicKeyInfo()->keyIdentifier()),
69
-        new KeyUsageExtension(true,
70
-            KeyUsageExtension::DIGITAL_SIGNATURE |
71
-            KeyUsageExtension::KEY_CERT_SIGN));
65
+	->withAdditionalExtensions(
66
+		new BasicConstraintsExtension(true, true),
67
+		new SubjectKeyIdentifierExtension(false,
68
+			$ca_private_key->publicKeyInfo()->keyIdentifier()),
69
+		new KeyUsageExtension(true,
70
+			KeyUsageExtension::DIGITAL_SIGNATURE |
71
+			KeyUsageExtension::KEY_CERT_SIGN));
72 72
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
73
-    $ca_private_key->algorithmIdentifier(),
74
-    new SHA256AlgorithmIdentifier());
73
+	$ca_private_key->algorithmIdentifier(),
74
+	new SHA256AlgorithmIdentifier());
75 75
 $ca_cert = $tbs_cert->sign($algo, $ca_private_key);
76 76
 
77 77
 // create AC issuer certificate
78 78
 $tbs_cert = new TBSCertificate(
79
-    Name::fromString('cn=Issuer'),
80
-    $issuer_private_key->publicKeyInfo(),
81
-    new Name(),
82
-    Validity::fromStrings('now', 'now + 6 months'));
79
+	Name::fromString('cn=Issuer'),
80
+	$issuer_private_key->publicKeyInfo(),
81
+	new Name(),
82
+	Validity::fromStrings('now', 'now + 6 months'));
83 83
 $tbs_cert = $tbs_cert->withIssuerCertificate($ca_cert)
84
-    ->withRandomSerialNumber()
85
-    ->withAdditionalExtensions(
86
-        // issuer must not be a CA
87
-        new BasicConstraintsExtension(true, false),
88
-        new KeyUsageExtension(true,
89
-            KeyUsageExtension::DIGITAL_SIGNATURE |
90
-             KeyUsageExtension::KEY_ENCIPHERMENT));
84
+	->withRandomSerialNumber()
85
+	->withAdditionalExtensions(
86
+		// issuer must not be a CA
87
+		new BasicConstraintsExtension(true, false),
88
+		new KeyUsageExtension(true,
89
+			KeyUsageExtension::DIGITAL_SIGNATURE |
90
+			 KeyUsageExtension::KEY_ENCIPHERMENT));
91 91
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
92
-    $ca_private_key->algorithmIdentifier(),
93
-    new SHA256AlgorithmIdentifier());
92
+	$ca_private_key->algorithmIdentifier(),
93
+	new SHA256AlgorithmIdentifier());
94 94
 $issuer_cert = $tbs_cert->sign($algo, $ca_private_key);
95 95
 
96 96
 // create AC holder certificate
97 97
 $tbs_cert = new TBSCertificate(
98
-    Name::fromString('cn=Holder, gn=John, sn=Doe'),
99
-    $holder_private_key->publicKeyInfo(),
100
-    new Name(),
101
-    Validity::fromStrings('now', 'now + 6 months'));
98
+	Name::fromString('cn=Holder, gn=John, sn=Doe'),
99
+	$holder_private_key->publicKeyInfo(),
100
+	new Name(),
101
+	Validity::fromStrings('now', 'now + 6 months'));
102 102
 $tbs_cert = $tbs_cert->withIssuerCertificate($ca_cert)
103
-    ->withRandomSerialNumber()
104
-    ->withAdditionalExtensions(
105
-        new BasicConstraintsExtension(true, false),
106
-        new KeyUsageExtension(true,
107
-            KeyUsageExtension::DIGITAL_SIGNATURE |
108
-             KeyUsageExtension::KEY_ENCIPHERMENT));
103
+	->withRandomSerialNumber()
104
+	->withAdditionalExtensions(
105
+		new BasicConstraintsExtension(true, false),
106
+		new KeyUsageExtension(true,
107
+			KeyUsageExtension::DIGITAL_SIGNATURE |
108
+			 KeyUsageExtension::KEY_ENCIPHERMENT));
109 109
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
110
-    $ca_private_key->algorithmIdentifier(),
111
-    new SHA256AlgorithmIdentifier());
110
+	$ca_private_key->algorithmIdentifier(),
111
+	new SHA256AlgorithmIdentifier());
112 112
 $holder_cert = $tbs_cert->sign($algo, $ca_private_key);
113 113
 
114 114
 // named authority that grants the attributes
115 115
 $authority = new GeneralNames(
116
-    new UniformResourceIdentifier('uri:trusted_authority'));
116
+	new UniformResourceIdentifier('uri:trusted_authority'));
117 117
 // role attribute
118 118
 $attribs = new Attributes(
119
-    Attribute::fromAttributeValues(
120
-        RoleAttributeValue::fromString('role-name', $authority)));
119
+	Attribute::fromAttributeValues(
120
+		RoleAttributeValue::fromString('role-name', $authority)));
121 121
 $aci = new AttributeCertificateInfo(
122
-    // holder is identified by the holder's public key certificate
123
-    new Holder(IssuerSerial::fromPKC($holder_cert)),
124
-    AttCertIssuer::fromPKC($issuer_cert),
125
-    AttCertValidityPeriod::fromStrings('now - 1 hour', 'now + 3 months'),
126
-    $attribs);
122
+	// holder is identified by the holder's public key certificate
123
+	new Holder(IssuerSerial::fromPKC($holder_cert)),
124
+	AttCertIssuer::fromPKC($issuer_cert),
125
+	AttCertValidityPeriod::fromStrings('now - 1 hour', 'now + 3 months'),
126
+	$attribs);
127 127
 $aci = $aci->withRandomSerialNumber()
128
-    ->withAdditionalExtensions(
129
-        // named target identifier
130
-        TargetInformationExtension::fromTargets(
131
-            new TargetName(
132
-                new UniformResourceIdentifier('uri:target_identifier'))),
133
-        // key identifier of the AC issuer
134
-        new AuthorityKeyIdentifierExtension(false,
135
-            $issuer_cert->tbsCertificate()
136
-                ->subjectPublicKeyInfo()
137
-                ->keyIdentifier()));
128
+	->withAdditionalExtensions(
129
+		// named target identifier
130
+		TargetInformationExtension::fromTargets(
131
+			new TargetName(
132
+				new UniformResourceIdentifier('uri:target_identifier'))),
133
+		// key identifier of the AC issuer
134
+		new AuthorityKeyIdentifierExtension(false,
135
+			$issuer_cert->tbsCertificate()
136
+				->subjectPublicKeyInfo()
137
+				->keyIdentifier()));
138 138
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
139
-    $issuer_private_key->algorithmIdentifier(),
140
-    new SHA256AlgorithmIdentifier());
139
+	$issuer_private_key->algorithmIdentifier(),
140
+	new SHA256AlgorithmIdentifier());
141 141
 $ac = $aci->sign($algo, $issuer_private_key);
142 142
 
143 143
 // validate AC
@@ -149,7 +149,7 @@  discard block
 block discarded – undo
149 149
 $validator_config = $validator_config->withTargets($target);
150 150
 $validator = new ACValidator($ac, $validator_config);
151 151
 if ($validator->validate()) {
152
-    fprintf(STDERR, "AC validation succeeded.\n");
152
+	fprintf(STDERR, "AC validation succeeded.\n");
153 153
 }
154 154
 
155 155
 fprintf(STDERR, "Root certificate:\n");
Please login to merge, or discard this patch.
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch
@@ -5,7 +5,7 @@
 block discarded – undo
5 5
  * php ac-example.php
6 6
  */
7 7
 
8
-declare(strict_types = 1);
8
+declare(strict_types=1);
9 9
 
10 10
 use Sop\CryptoEncoding\PEM;
11 11
 use Sop\CryptoTypes\AlgorithmIdentifier\Hash\SHA256AlgorithmIdentifier;
Please login to merge, or discard this patch.
examples/issue-cert.php 2 patches
Indentation   +9 added lines, -9 removed lines patch added patch discarded remove patch
@@ -27,27 +27,27 @@
 block discarded – undo
27 27
 $csr = CertificationRequest::fromPEM(PEM::fromFile($argv[2]));
28 28
 // verify CSR
29 29
 if (!$csr->verify()) {
30
-    echo "Failed to verify certification request signature.\n";
31
-    exit(1);
30
+	echo "Failed to verify certification request signature.\n";
31
+	exit(1);
32 32
 }
33 33
 // load CA's private key from PEM
34 34
 $private_key_info = PrivateKeyInfo::fromPEM(
35
-    PEM::fromFile(dirname(__DIR__) . '/test/assets/rsa/private_key.pem'));
35
+	PEM::fromFile(dirname(__DIR__) . '/test/assets/rsa/private_key.pem'));
36 36
 // initialize certificate from CSR and issuer's certificate
37 37
 $tbs_cert = TBSCertificate::fromCSR($csr)->withIssuerCertificate($issuer_cert);
38 38
 // set random serial number
39 39
 $tbs_cert = $tbs_cert->withRandomSerialNumber();
40 40
 // set validity period
41 41
 $tbs_cert = $tbs_cert->withValidity(
42
-    Validity::fromStrings('now', 'now + 3 months'));
42
+	Validity::fromStrings('now', 'now + 3 months'));
43 43
 // add extensions
44 44
 $tbs_cert = $tbs_cert->withAdditionalExtensions(
45
-    new KeyUsageExtension(true,
46
-        KeyUsageExtension::DIGITAL_SIGNATURE |
47
-             KeyUsageExtension::KEY_ENCIPHERMENT),
48
-    new BasicConstraintsExtension(true, false));
45
+	new KeyUsageExtension(true,
46
+		KeyUsageExtension::DIGITAL_SIGNATURE |
47
+			 KeyUsageExtension::KEY_ENCIPHERMENT),
48
+	new BasicConstraintsExtension(true, false));
49 49
 // sign certificate with issuer's private key
50 50
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
51
-    $private_key_info->algorithmIdentifier(), new SHA512AlgorithmIdentifier());
51
+	$private_key_info->algorithmIdentifier(), new SHA512AlgorithmIdentifier());
52 52
 $cert = $tbs_cert->sign($algo, $private_key_info);
53 53
 echo $cert;
Please login to merge, or discard this patch.
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch
@@ -5,7 +5,7 @@
 block discarded – undo
5 5
  * php issue-cert.php <(php create-ca-cert.php) <(php create-csr.php)
6 6
  */
7 7
 
8
-declare(strict_types = 1);
8
+declare(strict_types=1);
9 9
 
10 10
 use Sop\CryptoEncoding\PEM;
11 11
 use Sop\CryptoTypes\AlgorithmIdentifier\Hash\SHA512AlgorithmIdentifier;
Please login to merge, or discard this patch.
examples/create-ca-cert.php 2 patches
Indentation   +6 added lines, -6 removed lines patch added patch discarded remove patch
@@ -22,7 +22,7 @@  discard block
 block discarded – undo
22 22
 
23 23
 // load RSA private key from PEM
24 24
 $private_key_info = PrivateKeyInfo::fromPEM(
25
-    PEM::fromFile(dirname(__DIR__) . '/test/assets/rsa/private_key.pem'));
25
+	PEM::fromFile(dirname(__DIR__) . '/test/assets/rsa/private_key.pem'));
26 26
 // extract public key from private key
27 27
 $public_key_info = $private_key_info->publicKeyInfo();
28 28
 // DN of the certification authority
@@ -32,12 +32,12 @@  discard block
 block discarded – undo
32 32
 // create "to be signed" certificate object with extensions
33 33
 $tbs_cert = new TBSCertificate($name, $public_key_info, $name, $validity);
34 34
 $tbs_cert = $tbs_cert->withRandomSerialNumber()->withAdditionalExtensions(
35
-    new BasicConstraintsExtension(true, true),
36
-    new SubjectKeyIdentifierExtension(false, $public_key_info->keyIdentifier()),
37
-    new KeyUsageExtension(true,
38
-        KeyUsageExtension::DIGITAL_SIGNATURE | KeyUsageExtension::KEY_CERT_SIGN));
35
+	new BasicConstraintsExtension(true, true),
36
+	new SubjectKeyIdentifierExtension(false, $public_key_info->keyIdentifier()),
37
+	new KeyUsageExtension(true,
38
+		KeyUsageExtension::DIGITAL_SIGNATURE | KeyUsageExtension::KEY_CERT_SIGN));
39 39
 // sign certificate with private key
40 40
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
41
-    $private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
41
+	$private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
42 42
 $cert = $tbs_cert->sign($algo, $private_key_info);
43 43
 echo $cert;
Please login to merge, or discard this patch.
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch
@@ -5,7 +5,7 @@
 block discarded – undo
5 5
  * php create-ca-cert.php
6 6
  */
7 7
 
8
-declare(strict_types = 1);
8
+declare(strict_types=1);
9 9
 
10 10
 use Sop\CryptoEncoding\PEM;
11 11
 use Sop\CryptoTypes\AlgorithmIdentifier\Hash\SHA256AlgorithmIdentifier;
Please login to merge, or discard this patch.
lib/X509/Certificate/Extension/AuthorityKeyIdentifierExtension.php 2 patches
Indentation   +181 added lines, -181 removed lines patch added patch discarded remove patch
@@ -20,185 +20,185 @@
 block discarded – undo
20 20
  */
21 21
 class AuthorityKeyIdentifierExtension extends Extension
22 22
 {
23
-    /**
24
-     * Key identifier.
25
-     *
26
-     * @var null|string
27
-     */
28
-    protected $_keyIdentifier;
29
-
30
-    /**
31
-     * Issuer name.
32
-     *
33
-     * @var null|GeneralNames
34
-     */
35
-    protected $_authorityCertIssuer;
36
-
37
-    /**
38
-     * Issuer serial number as a base 10 integer.
39
-     *
40
-     * @var null|string
41
-     */
42
-    protected $_authorityCertSerialNumber;
43
-
44
-    /**
45
-     * Constructor.
46
-     *
47
-     * @param bool              $critical      Conforming CA's must mark as non-critical (false)
48
-     * @param null|string       $keyIdentifier Key identifier
49
-     * @param null|GeneralNames $issuer        Issuer name
50
-     * @param null|int|string   $serial        Issuer serial number as a base 10 integer
51
-     */
52
-    public function __construct(bool $critical, ?string $keyIdentifier,
53
-        ?GeneralNames $issuer = null, $serial = null)
54
-    {
55
-        parent::__construct(self::OID_AUTHORITY_KEY_IDENTIFIER, $critical);
56
-        $this->_keyIdentifier = $keyIdentifier;
57
-        $this->_authorityCertIssuer = $issuer;
58
-        $this->_authorityCertSerialNumber = isset($serial) ? strval($serial) : null;
59
-    }
60
-
61
-    /**
62
-     * Create from public key info.
63
-     *
64
-     * @param PublicKeyInfo $pki
65
-     *
66
-     * @return AuthorityKeyIdentifierExtension
67
-     */
68
-    public static function fromPublicKeyInfo(PublicKeyInfo $pki): self
69
-    {
70
-        return new self(false, $pki->keyIdentifier());
71
-    }
72
-
73
-    /**
74
-     * Whether key identifier is present.
75
-     *
76
-     * @return bool
77
-     */
78
-    public function hasKeyIdentifier(): bool
79
-    {
80
-        return isset($this->_keyIdentifier);
81
-    }
82
-
83
-    /**
84
-     * Get key identifier.
85
-     *
86
-     * @throws \LogicException If not set
87
-     *
88
-     * @return string
89
-     */
90
-    public function keyIdentifier(): string
91
-    {
92
-        if (!$this->hasKeyIdentifier()) {
93
-            throw new \LogicException('keyIdentifier not set.');
94
-        }
95
-        return $this->_keyIdentifier;
96
-    }
97
-
98
-    /**
99
-     * Whether issuer is present.
100
-     *
101
-     * @return bool
102
-     */
103
-    public function hasIssuer(): bool
104
-    {
105
-        return isset($this->_authorityCertIssuer);
106
-    }
107
-
108
-    /**
109
-     * Get issuer.
110
-     *
111
-     * @throws \LogicException If not set
112
-     *
113
-     * @return GeneralNames
114
-     */
115
-    public function issuer(): GeneralNames
116
-    {
117
-        if (!$this->hasIssuer()) {
118
-            throw new \LogicException('authorityCertIssuer not set.');
119
-        }
120
-        return $this->_authorityCertIssuer;
121
-    }
122
-
123
-    /**
124
-     * Whether serial is present.
125
-     *
126
-     * @return bool
127
-     */
128
-    public function hasSerial(): bool
129
-    {
130
-        return isset($this->_authorityCertSerialNumber);
131
-    }
132
-
133
-    /**
134
-     * Get serial number.
135
-     *
136
-     * @throws \LogicException If not set
137
-     *
138
-     * @return string Base 10 integer string
139
-     */
140
-    public function serial(): string
141
-    {
142
-        if (!$this->hasSerial()) {
143
-            throw new \LogicException('authorityCertSerialNumber not set.');
144
-        }
145
-        return $this->_authorityCertSerialNumber;
146
-    }
147
-
148
-    /**
149
-     * {@inheritdoc}
150
-     */
151
-    protected static function _fromDER(string $data, bool $critical): Extension
152
-    {
153
-        $seq = UnspecifiedType::fromDER($data)->asSequence();
154
-        $keyIdentifier = null;
155
-        $issuer = null;
156
-        $serial = null;
157
-        if ($seq->hasTagged(0)) {
158
-            $keyIdentifier = $seq->getTagged(0)
159
-                ->asImplicit(Element::TYPE_OCTET_STRING)
160
-                ->asOctetString()->string();
161
-        }
162
-        if ($seq->hasTagged(1) || $seq->hasTagged(2)) {
163
-            if (!$seq->hasTagged(1) || !$seq->hasTagged(2)) {
164
-                throw new \UnexpectedValueException(
165
-                    'AuthorityKeyIdentifier must have both' .
166
-                        ' authorityCertIssuer and authorityCertSerialNumber' .
167
-                        ' present or both absent.');
168
-            }
169
-            $issuer = GeneralNames::fromASN1($seq->getTagged(1)
170
-                ->asImplicit(Element::TYPE_SEQUENCE)->asSequence());
171
-            $serial = $seq->getTagged(2)->asImplicit(Element::TYPE_INTEGER)
172
-                ->asInteger()->number();
173
-        }
174
-        return new self($critical, $keyIdentifier, $issuer, $serial);
175
-    }
176
-
177
-    /**
178
-     * {@inheritdoc}
179
-     */
180
-    protected function _valueASN1(): Element
181
-    {
182
-        $elements = [];
183
-        if (isset($this->_keyIdentifier)) {
184
-            $elements[] = new ImplicitlyTaggedType(0,
185
-                new OctetString($this->_keyIdentifier));
186
-        }
187
-        // if either issuer or serial is set, both must be set
188
-        if (isset($this->_authorityCertIssuer) ||
189
-             isset($this->_authorityCertSerialNumber)) {
190
-            if (!isset($this->_authorityCertIssuer,
191
-                $this->_authorityCertSerialNumber)) {
192
-                throw new \LogicException(
193
-                    'AuthorityKeyIdentifier must have both' .
194
-                        ' authorityCertIssuer and authorityCertSerialNumber' .
195
-                        ' present or both absent.');
196
-            }
197
-            $elements[] = new ImplicitlyTaggedType(1,
198
-                $this->_authorityCertIssuer->toASN1());
199
-            $elements[] = new ImplicitlyTaggedType(2,
200
-                new Integer($this->_authorityCertSerialNumber));
201
-        }
202
-        return new Sequence(...$elements);
203
-    }
23
+	/**
24
+	 * Key identifier.
25
+	 *
26
+	 * @var null|string
27
+	 */
28
+	protected $_keyIdentifier;
29
+
30
+	/**
31
+	 * Issuer name.
32
+	 *
33
+	 * @var null|GeneralNames
34
+	 */
35
+	protected $_authorityCertIssuer;
36
+
37
+	/**
38
+	 * Issuer serial number as a base 10 integer.
39
+	 *
40
+	 * @var null|string
41
+	 */
42
+	protected $_authorityCertSerialNumber;
43
+
44
+	/**
45
+	 * Constructor.
46
+	 *
47
+	 * @param bool              $critical      Conforming CA's must mark as non-critical (false)
48
+	 * @param null|string       $keyIdentifier Key identifier
49
+	 * @param null|GeneralNames $issuer        Issuer name
50
+	 * @param null|int|string   $serial        Issuer serial number as a base 10 integer
51
+	 */
52
+	public function __construct(bool $critical, ?string $keyIdentifier,
53
+		?GeneralNames $issuer = null, $serial = null)
54
+	{
55
+		parent::__construct(self::OID_AUTHORITY_KEY_IDENTIFIER, $critical);
56
+		$this->_keyIdentifier = $keyIdentifier;
57
+		$this->_authorityCertIssuer = $issuer;
58
+		$this->_authorityCertSerialNumber = isset($serial) ? strval($serial) : null;
59
+	}
60
+
61
+	/**
62
+	 * Create from public key info.
63
+	 *
64
+	 * @param PublicKeyInfo $pki
65
+	 *
66
+	 * @return AuthorityKeyIdentifierExtension
67
+	 */
68
+	public static function fromPublicKeyInfo(PublicKeyInfo $pki): self
69
+	{
70
+		return new self(false, $pki->keyIdentifier());
71
+	}
72
+
73
+	/**
74
+	 * Whether key identifier is present.
75
+	 *
76
+	 * @return bool
77
+	 */
78
+	public function hasKeyIdentifier(): bool
79
+	{
80
+		return isset($this->_keyIdentifier);
81
+	}
82
+
83
+	/**
84
+	 * Get key identifier.
85
+	 *
86
+	 * @throws \LogicException If not set
87
+	 *
88
+	 * @return string
89
+	 */
90
+	public function keyIdentifier(): string
91
+	{
92
+		if (!$this->hasKeyIdentifier()) {
93
+			throw new \LogicException('keyIdentifier not set.');
94
+		}
95
+		return $this->_keyIdentifier;
96
+	}
97
+
98
+	/**
99
+	 * Whether issuer is present.
100
+	 *
101
+	 * @return bool
102
+	 */
103
+	public function hasIssuer(): bool
104
+	{
105
+		return isset($this->_authorityCertIssuer);
106
+	}
107
+
108
+	/**
109
+	 * Get issuer.
110
+	 *
111
+	 * @throws \LogicException If not set
112
+	 *
113
+	 * @return GeneralNames
114
+	 */
115
+	public function issuer(): GeneralNames
116
+	{
117
+		if (!$this->hasIssuer()) {
118
+			throw new \LogicException('authorityCertIssuer not set.');
119
+		}
120
+		return $this->_authorityCertIssuer;
121
+	}
122
+
123
+	/**
124
+	 * Whether serial is present.
125
+	 *
126
+	 * @return bool
127
+	 */
128
+	public function hasSerial(): bool
129
+	{
130
+		return isset($this->_authorityCertSerialNumber);
131
+	}
132
+
133
+	/**
134
+	 * Get serial number.
135
+	 *
136
+	 * @throws \LogicException If not set
137
+	 *
138
+	 * @return string Base 10 integer string
139
+	 */
140
+	public function serial(): string
141
+	{
142
+		if (!$this->hasSerial()) {
143
+			throw new \LogicException('authorityCertSerialNumber not set.');
144
+		}
145
+		return $this->_authorityCertSerialNumber;
146
+	}
147
+
148
+	/**
149
+	 * {@inheritdoc}
150
+	 */
151
+	protected static function _fromDER(string $data, bool $critical): Extension
152
+	{
153
+		$seq = UnspecifiedType::fromDER($data)->asSequence();
154
+		$keyIdentifier = null;
155
+		$issuer = null;
156
+		$serial = null;
157
+		if ($seq->hasTagged(0)) {
158
+			$keyIdentifier = $seq->getTagged(0)
159
+				->asImplicit(Element::TYPE_OCTET_STRING)
160
+				->asOctetString()->string();
161
+		}
162
+		if ($seq->hasTagged(1) || $seq->hasTagged(2)) {
163
+			if (!$seq->hasTagged(1) || !$seq->hasTagged(2)) {
164
+				throw new \UnexpectedValueException(
165
+					'AuthorityKeyIdentifier must have both' .
166
+						' authorityCertIssuer and authorityCertSerialNumber' .
167
+						' present or both absent.');
168
+			}
169
+			$issuer = GeneralNames::fromASN1($seq->getTagged(1)
170
+				->asImplicit(Element::TYPE_SEQUENCE)->asSequence());
171
+			$serial = $seq->getTagged(2)->asImplicit(Element::TYPE_INTEGER)
172
+				->asInteger()->number();
173
+		}
174
+		return new self($critical, $keyIdentifier, $issuer, $serial);
175
+	}
176
+
177
+	/**
178
+	 * {@inheritdoc}
179
+	 */
180
+	protected function _valueASN1(): Element
181
+	{
182
+		$elements = [];
183
+		if (isset($this->_keyIdentifier)) {
184
+			$elements[] = new ImplicitlyTaggedType(0,
185
+				new OctetString($this->_keyIdentifier));
186
+		}
187
+		// if either issuer or serial is set, both must be set
188
+		if (isset($this->_authorityCertIssuer) ||
189
+			 isset($this->_authorityCertSerialNumber)) {
190
+			if (!isset($this->_authorityCertIssuer,
191
+				$this->_authorityCertSerialNumber)) {
192
+				throw new \LogicException(
193
+					'AuthorityKeyIdentifier must have both' .
194
+						' authorityCertIssuer and authorityCertSerialNumber' .
195
+						' present or both absent.');
196
+			}
197
+			$elements[] = new ImplicitlyTaggedType(1,
198
+				$this->_authorityCertIssuer->toASN1());
199
+			$elements[] = new ImplicitlyTaggedType(2,
200
+				new Integer($this->_authorityCertSerialNumber));
201
+		}
202
+		return new Sequence(...$elements);
203
+	}
204 204
 }
Please login to merge, or discard this patch.
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch
@@ -1,6 +1,6 @@
 block discarded – undo
1 1
 <?php
2 2
 
3
-declare(strict_types = 1);
3
+declare(strict_types=1);
4 4
 
5 5
 namespace Sop\X509\Certificate\Extension;
6 6
 
Please login to merge, or discard this patch.
lib/X509/CertificationPath/Exception/PathValidationException.php 1 patch
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch
@@ -1,6 +1,6 @@
 block discarded – undo
1 1
 <?php
2 2
 
3
-declare(strict_types = 1);
3
+declare(strict_types=1);
4 4
 
5 5
 namespace Sop\X509\CertificationPath\Exception;
6 6
 
Please login to merge, or discard this patch.