Inspection of "Tweak formatting" - sop/x509 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — php72 ( 6c57e4...f82e5a )

by Joni

created 2019-05-15 12:13 UTC

Status

Indentation +186 added lines, -186 removed lines patch added patch discarded remove patch

@@ -18,190 +18,190 @@
 block discarded – undo
  */
 class GeneralNames implements \Countable, \IteratorAggregate
 {
-    /**
-     * GeneralName objects.
-     *
-     * @var GeneralName[]
-     */
-    protected $_names;
-
-    /**
-     * Constructor.
-     *
-     * @param GeneralName ...$names One or more GeneralName objects
-     */
-    public function __construct(GeneralName ...$names)
-    {
-        $this->_names = $names;
-    }
-
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     *
-     * @throws \UnexpectedValueException
-     *
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): GeneralNames
-    {
-        if (!count($seq)) {
-            throw new \UnexpectedValueException(
-                'GeneralNames must have at least one GeneralName.');
-        }
-        $names = array_map(
-            function (UnspecifiedType $el) {
-                return GeneralName::fromASN1($el->asTagged());
-            }, $seq->elements());
-        return new self(...$names);
-    }
-
-    /**
-     * Check whether GeneralNames contains a GeneralName of given type.
-     *
-     * @param int $tag One of `GeneralName::TAG_*` enumerations
-     *
-     * @return bool
-     */
-    public function has(int $tag): bool
-    {
-        return null !== $this->_findFirst($tag);
-    }
-
-    /**
-     * Get first GeneralName of given type.
-     *
-     * @param int $tag One of `GeneralName::TAG_*` enumerations
-     *
-     * @throws \OutOfBoundsException
-     *
-     * @return GeneralName
-     */
-    public function firstOf(int $tag): GeneralName
-    {
-        $name = $this->_findFirst($tag);
-        if (!$name) {
-            throw new \UnexpectedValueException("No GeneralName by tag {$tag}.");
-        }
-        return $name;
-    }
-
-    /**
-     * Get all GeneralName objects of given type.
-     *
-     * @param int $tag One of `GeneralName::TAG_*` enumerations
-     *
-     * @return GeneralName[]
-     */
-    public function allOf(int $tag): array
-    {
-        $names = array_filter($this->_names,
-            function (GeneralName $name) use ($tag) {
-                return $name->tag() === $tag;
-            });
-        return array_values($names);
-    }
-
-    /**
-     * Get value of the first 'dNSName' type.
-     *
-     * @return string
-     */
-    public function firstDNS(): string
-    {
-        $gn = $this->firstOf(GeneralName::TAG_DNS_NAME);
-        if (!$gn instanceof DNSName) {
-            throw new \RuntimeException(
-                DNSName::class . ' expected, got ' . get_class($gn));
-        }
-        return $gn->name();
-    }
-
-    /**
-     * Get value of the first 'directoryName' type.
-     *
-     * @return Name
-     */
-    public function firstDN(): Name
-    {
-        $gn = $this->firstOf(GeneralName::TAG_DIRECTORY_NAME);
-        if (!$gn instanceof DirectoryName) {
-            throw new \RuntimeException(
-                DirectoryName::class . ' expected, got ' . get_class($gn));
-        }
-        return $gn->dn();
-    }
-
-    /**
-     * Get value of the first 'uniformResourceIdentifier' type.
-     *
-     * @return string
-     */
-    public function firstURI(): string
-    {
-        $gn = $this->firstOf(GeneralName::TAG_URI);
-        if (!$gn instanceof UniformResourceIdentifier) {
-            throw new \RuntimeException(
-                UniformResourceIdentifier::class . ' expected, got ' . get_class($gn));
-        }
-        return $gn->uri();
-    }
-
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        if (!count($this->_names)) {
-            throw new \LogicException(
-                'GeneralNames must have at least one GeneralName.');
-        }
-        $elements = array_map(
-            function (GeneralName $name) {
-                return $name->toASN1();
-            }, $this->_names);
-        return new Sequence(...$elements);
-    }
-
-    /**
-     * @see \Countable::count()
-     *
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_names);
-    }
-
-    /**
-     * Get iterator for GeneralName objects.
-     *
-     * @see \IteratorAggregate::getIterator()
-     *
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_names);
-    }
-
-    /**
-     * Find first GeneralName by given tag.
-     *
-     * @param int $tag
-     *
-     * @return null|GeneralName
-     */
-    protected function _findFirst(int $tag): ?GeneralName
-    {
-        foreach ($this->_names as $name) {
-            if ($name->tag() === $tag) {
-                return $name;
-            }
-        }
-        return null;
-    }
+	/**
+	 * GeneralName objects.
+	 *
+	 * @var GeneralName[]
+	 */
+	protected $_names;
+
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralName ...$names One or more GeneralName objects
+	 */
+	public function __construct(GeneralName ...$names)
+	{
+		$this->_names = $names;
+	}
+
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 *
+	 * @throws \UnexpectedValueException
+	 *
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): GeneralNames
+	{
+		if (!count($seq)) {
+			throw new \UnexpectedValueException(
+				'GeneralNames must have at least one GeneralName.');
+		}
+		$names = array_map(
+			function (UnspecifiedType $el) {
+				return GeneralName::fromASN1($el->asTagged());
+			}, $seq->elements());
+		return new self(...$names);
+	}
+
+	/**
+	 * Check whether GeneralNames contains a GeneralName of given type.
+	 *
+	 * @param int $tag One of `GeneralName::TAG_*` enumerations
+	 *
+	 * @return bool
+	 */
+	public function has(int $tag): bool
+	{
+		return null !== $this->_findFirst($tag);
+	}
+
+	/**
+	 * Get first GeneralName of given type.
+	 *
+	 * @param int $tag One of `GeneralName::TAG_*` enumerations
+	 *
+	 * @throws \OutOfBoundsException
+	 *
+	 * @return GeneralName
+	 */
+	public function firstOf(int $tag): GeneralName
+	{
+		$name = $this->_findFirst($tag);
+		if (!$name) {
+			throw new \UnexpectedValueException("No GeneralName by tag {$tag}.");
+		}
+		return $name;
+	}
+
+	/**
+	 * Get all GeneralName objects of given type.
+	 *
+	 * @param int $tag One of `GeneralName::TAG_*` enumerations
+	 *
+	 * @return GeneralName[]
+	 */
+	public function allOf(int $tag): array
+	{
+		$names = array_filter($this->_names,
+			function (GeneralName $name) use ($tag) {
+				return $name->tag() === $tag;
+			});
+		return array_values($names);
+	}
+
+	/**
+	 * Get value of the first 'dNSName' type.
+	 *
+	 * @return string
+	 */
+	public function firstDNS(): string
+	{
+		$gn = $this->firstOf(GeneralName::TAG_DNS_NAME);
+		if (!$gn instanceof DNSName) {
+			throw new \RuntimeException(
+				DNSName::class . ' expected, got ' . get_class($gn));
+		}
+		return $gn->name();
+	}
+
+	/**
+	 * Get value of the first 'directoryName' type.
+	 *
+	 * @return Name
+	 */
+	public function firstDN(): Name
+	{
+		$gn = $this->firstOf(GeneralName::TAG_DIRECTORY_NAME);
+		if (!$gn instanceof DirectoryName) {
+			throw new \RuntimeException(
+				DirectoryName::class . ' expected, got ' . get_class($gn));
+		}
+		return $gn->dn();
+	}
+
+	/**
+	 * Get value of the first 'uniformResourceIdentifier' type.
+	 *
+	 * @return string
+	 */
+	public function firstURI(): string
+	{
+		$gn = $this->firstOf(GeneralName::TAG_URI);
+		if (!$gn instanceof UniformResourceIdentifier) {
+			throw new \RuntimeException(
+				UniformResourceIdentifier::class . ' expected, got ' . get_class($gn));
+		}
+		return $gn->uri();
+	}
+
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		if (!count($this->_names)) {
+			throw new \LogicException(
+				'GeneralNames must have at least one GeneralName.');
+		}
+		$elements = array_map(
+			function (GeneralName $name) {
+				return $name->toASN1();
+			}, $this->_names);
+		return new Sequence(...$elements);
+	}
+
+	/**
+	 * @see \Countable::count()
+	 *
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_names);
+	}
+
+	/**
+	 * Get iterator for GeneralName objects.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 *
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_names);
+	}
+
+	/**
+	 * Find first GeneralName by given tag.
+	 *
+	 * @param int $tag
+	 *
+	 * @return null|GeneralName
+	 */
+	protected function _findFirst(int $tag): ?GeneralName
+	{
+		foreach ($this->_names as $name) {
+			if ($name->tag() === $tag) {
+				return $name;
+			}
+		}
+		return null;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/CertificationRequest/CertificationRequestInfo.php 1 patch

Indentation +202 added lines, -202 removed lines patch added patch discarded remove patch

@@ -24,206 +24,206 @@
 block discarded – undo
  */
 class CertificationRequestInfo
 {
-    const VERSION_1 = 0;
-
-    /**
-     * Version.
-     *
-     * @var int
-     */
-    protected $_version;
-
-    /**
-     * Subject.
-     *
-     * @var Name
-     */
-    protected $_subject;
-
-    /**
-     * Public key info.
-     *
-     * @var PublicKeyInfo
-     */
-    protected $_subjectPKInfo;
-
-    /**
-     * Attributes.
-     *
-     * @var null|Attributes
-     */
-    protected $_attributes;
-
-    /**
-     * Constructor.
-     *
-     * @param Name          $subject Subject
-     * @param PublicKeyInfo $pkinfo  Public key info
-     */
-    public function __construct(Name $subject, PublicKeyInfo $pkinfo)
-    {
-        $this->_version = self::VERSION_1;
-        $this->_subject = $subject;
-        $this->_subjectPKInfo = $pkinfo;
-    }
-
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     *
-     * @throws \UnexpectedValueException
-     *
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $version = $seq->at(0)->asInteger()->intNumber();
-        if (self::VERSION_1 !== $version) {
-            throw new \UnexpectedValueException(
-                "Version {$version} not supported.");
-        }
-        $subject = Name::fromASN1($seq->at(1)->asSequence());
-        $pkinfo = PublicKeyInfo::fromASN1($seq->at(2)->asSequence());
-        $obj = new self($subject, $pkinfo);
-        if ($seq->hasTagged(0)) {
-            $obj->_attributes = Attributes::fromASN1(
-                $seq->getTagged(0)->asImplicit(Element::TYPE_SET)->asSet());
-        }
-        return $obj;
-    }
-
-    /**
-     * Get version.
-     *
-     * @return int
-     */
-    public function version(): int
-    {
-        return $this->_version;
-    }
-
-    /**
-     * Get self with subject.
-     *
-     * @param Name $subject
-     *
-     * @return self
-     */
-    public function withSubject(Name $subject): self
-    {
-        $obj = clone $this;
-        $obj->_subject = $subject;
-        return $obj;
-    }
-
-    /**
-     * Get subject.
-     *
-     * @return Name
-     */
-    public function subject(): Name
-    {
-        return $this->_subject;
-    }
-
-    /**
-     * Get subject public key info.
-     *
-     * @return PublicKeyInfo
-     */
-    public function subjectPKInfo(): PublicKeyInfo
-    {
-        return $this->_subjectPKInfo;
-    }
-
-    /**
-     * Whether certification request info has attributes.
-     *
-     * @return bool
-     */
-    public function hasAttributes(): bool
-    {
-        return isset($this->_attributes);
-    }
-
-    /**
-     * Get attributes.
-     *
-     * @throws \LogicException If not set
-     *
-     * @return Attributes
-     */
-    public function attributes(): Attributes
-    {
-        if (!$this->hasAttributes()) {
-            throw new \LogicException('No attributes.');
-        }
-        return $this->_attributes;
-    }
-
-    /**
-     * Get instance of self with attributes.
-     *
-     * @param Attributes $attribs
-     */
-    public function withAttributes(Attributes $attribs): self
-    {
-        $obj = clone $this;
-        $obj->_attributes = $attribs;
-        return $obj;
-    }
-
-    /**
-     * Get self with extension request attribute.
-     *
-     * @param Extensions $extensions Extensions to request
-     *
-     * @return self
-     */
-    public function withExtensionRequest(Extensions $extensions): self
-    {
-        $obj = clone $this;
-        if (!isset($obj->_attributes)) {
-            $obj->_attributes = new Attributes();
-        }
-        $obj->_attributes = $obj->_attributes->withUnique(
-            Attribute::fromAttributeValues(
-                new ExtensionRequestValue($extensions)));
-        return $obj;
-    }
-
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = [new Integer($this->_version),
-            $this->_subject->toASN1(), $this->_subjectPKInfo->toASN1(), ];
-        if (isset($this->_attributes)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_attributes->toASN1());
-        }
-        return new Sequence(...$elements);
-    }
-
-    /**
-     * Create signed CertificationRequest.
-     *
-     * @param SignatureAlgorithmIdentifier $algo         Algorithm used for signing
-     * @param PrivateKeyInfo               $privkey_info Private key used for signing
-     * @param null|Crypto                  $crypto       Crypto engine, use default if not set
-     *
-     * @return CertificationRequest
-     */
-    public function sign(SignatureAlgorithmIdentifier $algo,
-        PrivateKeyInfo $privkey_info, ?Crypto $crypto = null): CertificationRequest
-    {
-        $crypto = $crypto ?? Crypto::getDefault();
-        $data = $this->toASN1()->toDER();
-        $signature = $crypto->sign($data, $privkey_info, $algo);
-        return new CertificationRequest($this, $algo, $signature);
-    }
+	const VERSION_1 = 0;
+
+	/**
+	 * Version.
+	 *
+	 * @var int
+	 */
+	protected $_version;
+
+	/**
+	 * Subject.
+	 *
+	 * @var Name
+	 */
+	protected $_subject;
+
+	/**
+	 * Public key info.
+	 *
+	 * @var PublicKeyInfo
+	 */
+	protected $_subjectPKInfo;
+
+	/**
+	 * Attributes.
+	 *
+	 * @var null|Attributes
+	 */
+	protected $_attributes;
+
+	/**
+	 * Constructor.
+	 *
+	 * @param Name          $subject Subject
+	 * @param PublicKeyInfo $pkinfo  Public key info
+	 */
+	public function __construct(Name $subject, PublicKeyInfo $pkinfo)
+	{
+		$this->_version = self::VERSION_1;
+		$this->_subject = $subject;
+		$this->_subjectPKInfo = $pkinfo;
+	}
+
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 *
+	 * @throws \UnexpectedValueException
+	 *
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$version = $seq->at(0)->asInteger()->intNumber();
+		if (self::VERSION_1 !== $version) {
+			throw new \UnexpectedValueException(
+				"Version {$version} not supported.");
+		}
+		$subject = Name::fromASN1($seq->at(1)->asSequence());
+		$pkinfo = PublicKeyInfo::fromASN1($seq->at(2)->asSequence());
+		$obj = new self($subject, $pkinfo);
+		if ($seq->hasTagged(0)) {
+			$obj->_attributes = Attributes::fromASN1(
+				$seq->getTagged(0)->asImplicit(Element::TYPE_SET)->asSet());
+		}
+		return $obj;
+	}
+
+	/**
+	 * Get version.
+	 *
+	 * @return int
+	 */
+	public function version(): int
+	{
+		return $this->_version;
+	}
+
+	/**
+	 * Get self with subject.
+	 *
+	 * @param Name $subject
+	 *
+	 * @return self
+	 */
+	public function withSubject(Name $subject): self
+	{
+		$obj = clone $this;
+		$obj->_subject = $subject;
+		return $obj;
+	}
+
+	/**
+	 * Get subject.
+	 *
+	 * @return Name
+	 */
+	public function subject(): Name
+	{
+		return $this->_subject;
+	}
+
+	/**
+	 * Get subject public key info.
+	 *
+	 * @return PublicKeyInfo
+	 */
+	public function subjectPKInfo(): PublicKeyInfo
+	{
+		return $this->_subjectPKInfo;
+	}
+
+	/**
+	 * Whether certification request info has attributes.
+	 *
+	 * @return bool
+	 */
+	public function hasAttributes(): bool
+	{
+		return isset($this->_attributes);
+	}
+
+	/**
+	 * Get attributes.
+	 *
+	 * @throws \LogicException If not set
+	 *
+	 * @return Attributes
+	 */
+	public function attributes(): Attributes
+	{
+		if (!$this->hasAttributes()) {
+			throw new \LogicException('No attributes.');
+		}
+		return $this->_attributes;
+	}
+
+	/**
+	 * Get instance of self with attributes.
+	 *
+	 * @param Attributes $attribs
+	 */
+	public function withAttributes(Attributes $attribs): self
+	{
+		$obj = clone $this;
+		$obj->_attributes = $attribs;
+		return $obj;
+	}
+
+	/**
+	 * Get self with extension request attribute.
+	 *
+	 * @param Extensions $extensions Extensions to request
+	 *
+	 * @return self
+	 */
+	public function withExtensionRequest(Extensions $extensions): self
+	{
+		$obj = clone $this;
+		if (!isset($obj->_attributes)) {
+			$obj->_attributes = new Attributes();
+		}
+		$obj->_attributes = $obj->_attributes->withUnique(
+			Attribute::fromAttributeValues(
+				new ExtensionRequestValue($extensions)));
+		return $obj;
+	}
+
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = [new Integer($this->_version),
+			$this->_subject->toASN1(), $this->_subjectPKInfo->toASN1(), ];
+		if (isset($this->_attributes)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_attributes->toASN1());
+		}
+		return new Sequence(...$elements);
+	}
+
+	/**
+	 * Create signed CertificationRequest.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo         Algorithm used for signing
+	 * @param PrivateKeyInfo               $privkey_info Private key used for signing
+	 * @param null|Crypto                  $crypto       Crypto engine, use default if not set
+	 *
+	 * @return CertificationRequest
+	 */
+	public function sign(SignatureAlgorithmIdentifier $algo,
+		PrivateKeyInfo $privkey_info, ?Crypto $crypto = null): CertificationRequest
+	{
+		$crypto = $crypto ?? Crypto::getDefault();
+		$data = $this->toASN1()->toDER();
+		$signature = $crypto->sign($data, $privkey_info, $algo);
+		return new CertificationRequest($this, $algo, $signature);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/CertificationPath/Policy/PolicyTree.php 1 patch

Indentation +395 added lines, -395 removed lines patch added patch discarded remove patch

@@ -10,413 +10,413 @@
 block discarded – undo
 
 class PolicyTree
 {
-    /**
-     * Root node at depth zero.
-     *
-     * @var null|PolicyNode
-     */
-    protected $_root;
+	/**
+	 * Root node at depth zero.
+	 *
+	 * @var null|PolicyNode
+	 */
+	protected $_root;
 
-    /**
-     * Constructor.
-     *
-     * @param PolicyNode $root Initial root node
-     */
-    public function __construct(PolicyNode $root)
-    {
-        $this->_root = $root;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param PolicyNode $root Initial root node
+	 */
+	public function __construct(PolicyNode $root)
+	{
+		$this->_root = $root;
+	}
 
-    /**
-     * Process policy information from the certificate.
-     *
-     * Certificate policies extension must be present.
-     *
-     * @param ValidatorState $state
-     * @param Certificate    $cert
-     *
-     * @return ValidatorState
-     */
-    public function processPolicies(ValidatorState $state,
-        Certificate $cert): ValidatorState
-    {
-        $policies = $cert->tbsCertificate()->extensions()->certificatePolicies();
-        $tree = clone $this;
-        // (d.1) for each policy P not equal to anyPolicy
-        foreach ($policies as $policy) {
-            if ($policy->isAnyPolicy()) {
-                $tree->_processAnyPolicy($policy, $cert, $state);
-            } else {
-                $tree->_processPolicy($policy, $state);
-            }
-        }
-        // if whole tree is pruned
-        if (!$tree->_pruneTree($state->index() - 1)) {
-            return $state->withoutValidPolicyTree();
-        }
-        return $state->withValidPolicyTree($tree);
-    }
+	/**
+	 * Process policy information from the certificate.
+	 *
+	 * Certificate policies extension must be present.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate    $cert
+	 *
+	 * @return ValidatorState
+	 */
+	public function processPolicies(ValidatorState $state,
+		Certificate $cert): ValidatorState
+	{
+		$policies = $cert->tbsCertificate()->extensions()->certificatePolicies();
+		$tree = clone $this;
+		// (d.1) for each policy P not equal to anyPolicy
+		foreach ($policies as $policy) {
+			if ($policy->isAnyPolicy()) {
+				$tree->_processAnyPolicy($policy, $cert, $state);
+			} else {
+				$tree->_processPolicy($policy, $state);
+			}
+		}
+		// if whole tree is pruned
+		if (!$tree->_pruneTree($state->index() - 1)) {
+			return $state->withoutValidPolicyTree();
+		}
+		return $state->withValidPolicyTree($tree);
+	}
 
-    /**
-     * Process policy mappings from the certificate.
-     *
-     * @param ValidatorState $state
-     * @param Certificate    $cert
-     *
-     * @return ValidatorState
-     */
-    public function processMappings(ValidatorState $state,
-        Certificate $cert): ValidatorState
-    {
-        $tree = clone $this;
-        if ($state->policyMapping() > 0) {
-            $tree->_applyMappings($cert, $state);
-        } elseif (0 === $state->policyMapping()) {
-            $tree->_deleteMappings($cert, $state);
-        }
-        // if whole tree is pruned
-        if (!$tree->_root) {
-            return $state->withoutValidPolicyTree();
-        }
-        return $state->withValidPolicyTree($tree);
-    }
+	/**
+	 * Process policy mappings from the certificate.
+	 *
+	 * @param ValidatorState $state
+	 * @param Certificate    $cert
+	 *
+	 * @return ValidatorState
+	 */
+	public function processMappings(ValidatorState $state,
+		Certificate $cert): ValidatorState
+	{
+		$tree = clone $this;
+		if ($state->policyMapping() > 0) {
+			$tree->_applyMappings($cert, $state);
+		} elseif (0 === $state->policyMapping()) {
+			$tree->_deleteMappings($cert, $state);
+		}
+		// if whole tree is pruned
+		if (!$tree->_root) {
+			return $state->withoutValidPolicyTree();
+		}
+		return $state->withValidPolicyTree($tree);
+	}
 
-    /**
-     * Calculate policy intersection as specified in Wrap-Up Procedure 6.1.5.g.
-     *
-     * @param ValidatorState $state
-     * @param array          $policies
-     *
-     * @return ValidatorState
-     */
-    public function calculateIntersection(ValidatorState $state,
-        array $policies): ValidatorState
-    {
-        $tree = clone $this;
-        $valid_policy_node_set = $tree->_validPolicyNodeSet();
-        // 2. If the valid_policy of any node in the valid_policy_node_set
-        // is not in the user-initial-policy-set and is not anyPolicy,
-        // delete this node and all its children.
-        $valid_policy_node_set = array_filter($valid_policy_node_set,
-            function (PolicyNode $node) use ($policies) {
-                if ($node->isAnyPolicy()) {
-                    return true;
-                }
-                if (in_array($node->validPolicy(), $policies)) {
-                    return true;
-                }
-                $node->remove();
-                return false;
-            });
-        // array of valid policy OIDs
-        $valid_policy_set = array_map(
-            function (PolicyNode $node) {
-                return $node->validPolicy();
-            }, $valid_policy_node_set);
-        // 3. If the valid_policy_tree includes a node of depth n with
-        // the valid_policy anyPolicy and the user-initial-policy-set
-        // is not any-policy
-        foreach ($tree->_nodesAtDepth($state->index()) as $node) {
-            if ($node->hasParent() && $node->isAnyPolicy()) {
-                // a. Set P-Q to the qualifier_set in the node of depth n
-                // with valid_policy anyPolicy.
-                $pq = $node->qualifiers();
-                // b. For each P-OID in the user-initial-policy-set that is not
-                // the valid_policy of a node in the valid_policy_node_set,
-                // create a child node whose parent is the node of depth n-1
-                // with the valid_policy anyPolicy.
-                $poids = array_diff($policies, $valid_policy_set);
-                foreach ($tree->_nodesAtDepth($state->index() - 1) as $parent) {
-                    if ($parent->isAnyPolicy()) {
-                        // Set the values in the child node as follows:
-                        // set the valid_policy to P-OID, set the qualifier_set
-                        // to P-Q, and set the expected_policy_set to {P-OID}.
-                        foreach ($poids as $poid) {
-                            $parent->addChild(new PolicyNode($poid, $pq, [$poid]));
-                        }
-                        break;
-                    }
-                }
-                // c. Delete the node of depth n with the
-                // valid_policy anyPolicy.
-                $node->remove();
-            }
-        }
-        // 4. If there is a node in the valid_policy_tree of depth n-1 or less
-        // without any child nodes, delete that node. Repeat this step until
-        // there are no nodes of depth n-1 or less without children.
-        if (!$tree->_pruneTree($state->index() - 1)) {
-            return $state->withoutValidPolicyTree();
-        }
-        return $state->withValidPolicyTree($tree);
-    }
+	/**
+	 * Calculate policy intersection as specified in Wrap-Up Procedure 6.1.5.g.
+	 *
+	 * @param ValidatorState $state
+	 * @param array          $policies
+	 *
+	 * @return ValidatorState
+	 */
+	public function calculateIntersection(ValidatorState $state,
+		array $policies): ValidatorState
+	{
+		$tree = clone $this;
+		$valid_policy_node_set = $tree->_validPolicyNodeSet();
+		// 2. If the valid_policy of any node in the valid_policy_node_set
+		// is not in the user-initial-policy-set and is not anyPolicy,
+		// delete this node and all its children.
+		$valid_policy_node_set = array_filter($valid_policy_node_set,
+			function (PolicyNode $node) use ($policies) {
+				if ($node->isAnyPolicy()) {
+					return true;
+				}
+				if (in_array($node->validPolicy(), $policies)) {
+					return true;
+				}
+				$node->remove();
+				return false;
+			});
+		// array of valid policy OIDs
+		$valid_policy_set = array_map(
+			function (PolicyNode $node) {
+				return $node->validPolicy();
+			}, $valid_policy_node_set);
+		// 3. If the valid_policy_tree includes a node of depth n with
+		// the valid_policy anyPolicy and the user-initial-policy-set
+		// is not any-policy
+		foreach ($tree->_nodesAtDepth($state->index()) as $node) {
+			if ($node->hasParent() && $node->isAnyPolicy()) {
+				// a. Set P-Q to the qualifier_set in the node of depth n
+				// with valid_policy anyPolicy.
+				$pq = $node->qualifiers();
+				// b. For each P-OID in the user-initial-policy-set that is not
+				// the valid_policy of a node in the valid_policy_node_set,
+				// create a child node whose parent is the node of depth n-1
+				// with the valid_policy anyPolicy.
+				$poids = array_diff($policies, $valid_policy_set);
+				foreach ($tree->_nodesAtDepth($state->index() - 1) as $parent) {
+					if ($parent->isAnyPolicy()) {
+						// Set the values in the child node as follows:
+						// set the valid_policy to P-OID, set the qualifier_set
+						// to P-Q, and set the expected_policy_set to {P-OID}.
+						foreach ($poids as $poid) {
+							$parent->addChild(new PolicyNode($poid, $pq, [$poid]));
+						}
+						break;
+					}
+				}
+				// c. Delete the node of depth n with the
+				// valid_policy anyPolicy.
+				$node->remove();
+			}
+		}
+		// 4. If there is a node in the valid_policy_tree of depth n-1 or less
+		// without any child nodes, delete that node. Repeat this step until
+		// there are no nodes of depth n-1 or less without children.
+		if (!$tree->_pruneTree($state->index() - 1)) {
+			return $state->withoutValidPolicyTree();
+		}
+		return $state->withValidPolicyTree($tree);
+	}
 
-    /**
-     * Get policies at given policy tree depth.
-     *
-     * @param int $i Depth in range 1..n
-     *
-     * @return PolicyInformation[]
-     */
-    public function policiesAtDepth(int $i): array
-    {
-        $policies = [];
-        foreach ($this->_nodesAtDepth($i) as $node) {
-            $policies[] = new PolicyInformation(
-                $node->validPolicy(), ...$node->qualifiers());
-        }
-        return $policies;
-    }
+	/**
+	 * Get policies at given policy tree depth.
+	 *
+	 * @param int $i Depth in range 1..n
+	 *
+	 * @return PolicyInformation[]
+	 */
+	public function policiesAtDepth(int $i): array
+	{
+		$policies = [];
+		foreach ($this->_nodesAtDepth($i) as $node) {
+			$policies[] = new PolicyInformation(
+				$node->validPolicy(), ...$node->qualifiers());
+		}
+		return $policies;
+	}
 
-    /**
-     * Process single policy information.
-     *
-     * @param PolicyInformation $policy
-     * @param ValidatorState    $state
-     */
-    protected function _processPolicy(PolicyInformation $policy,
-        ValidatorState $state): void
-    {
-        $p_oid = $policy->oid();
-        $i = $state->index();
-        $match_count = 0;
-        // (d.1.i) for each node of depth i-1 in the valid_policy_tree...
-        foreach ($this->_nodesAtDepth($i - 1) as $node) {
-            // ...where P-OID is in the expected_policy_set
-            if ($node->hasExpectedPolicy($p_oid)) {
-                $node->addChild(new PolicyNode(
-                    $p_oid, $policy->qualifiers(), [$p_oid]));
-                ++$match_count;
-            }
-        }
-        // (d.1.ii) if there was no match in step (i)...
-        if (!$match_count) {
-            // ...and the valid_policy_tree includes a node of depth i-1 with
-            // the valid_policy anyPolicy
-            foreach ($this->_nodesAtDepth($i - 1) as $node) {
-                if ($node->isAnyPolicy()) {
-                    $node->addChild(new PolicyNode(
-                        $p_oid, $policy->qualifiers(), [$p_oid]));
-                }
-            }
-        }
-    }
+	/**
+	 * Process single policy information.
+	 *
+	 * @param PolicyInformation $policy
+	 * @param ValidatorState    $state
+	 */
+	protected function _processPolicy(PolicyInformation $policy,
+		ValidatorState $state): void
+	{
+		$p_oid = $policy->oid();
+		$i = $state->index();
+		$match_count = 0;
+		// (d.1.i) for each node of depth i-1 in the valid_policy_tree...
+		foreach ($this->_nodesAtDepth($i - 1) as $node) {
+			// ...where P-OID is in the expected_policy_set
+			if ($node->hasExpectedPolicy($p_oid)) {
+				$node->addChild(new PolicyNode(
+					$p_oid, $policy->qualifiers(), [$p_oid]));
+				++$match_count;
+			}
+		}
+		// (d.1.ii) if there was no match in step (i)...
+		if (!$match_count) {
+			// ...and the valid_policy_tree includes a node of depth i-1 with
+			// the valid_policy anyPolicy
+			foreach ($this->_nodesAtDepth($i - 1) as $node) {
+				if ($node->isAnyPolicy()) {
+					$node->addChild(new PolicyNode(
+						$p_oid, $policy->qualifiers(), [$p_oid]));
+				}
+			}
+		}
+	}
 
-    /**
-     * Process anyPolicy policy information.
-     *
-     * @param PolicyInformation $policy
-     * @param Certificate       $cert
-     * @param ValidatorState    $state
-     */
-    protected function _processAnyPolicy(PolicyInformation $policy,
-        Certificate $cert, ValidatorState $state): void
-    {
-        $i = $state->index();
-        // if (a) inhibit_anyPolicy is greater than 0 or
-        // (b) i<n and the certificate is self-issued
-        if (!($state->inhibitAnyPolicy() > 0 ||
-            ($i < $state->pathLength() && $cert->isSelfIssued()))) {
-            return;
-        }
-        // for each node in the valid_policy_tree of depth i-1
-        foreach ($this->_nodesAtDepth($i - 1) as $node) {
-            // for each value in the expected_policy_set
-            foreach ($node->expectedPolicies() as $p_oid) {
-                // that does not appear in a child node
-                if (!$node->hasChildWithValidPolicy($p_oid)) {
-                    $node->addChild(new PolicyNode(
-                        $p_oid, $policy->qualifiers(), [$p_oid]));
-                }
-            }
-        }
-    }
+	/**
+	 * Process anyPolicy policy information.
+	 *
+	 * @param PolicyInformation $policy
+	 * @param Certificate       $cert
+	 * @param ValidatorState    $state
+	 */
+	protected function _processAnyPolicy(PolicyInformation $policy,
+		Certificate $cert, ValidatorState $state): void
+	{
+		$i = $state->index();
+		// if (a) inhibit_anyPolicy is greater than 0 or
+		// (b) i<n and the certificate is self-issued
+		if (!($state->inhibitAnyPolicy() > 0 ||
+			($i < $state->pathLength() && $cert->isSelfIssued()))) {
+			return;
+		}
+		// for each node in the valid_policy_tree of depth i-1
+		foreach ($this->_nodesAtDepth($i - 1) as $node) {
+			// for each value in the expected_policy_set
+			foreach ($node->expectedPolicies() as $p_oid) {
+				// that does not appear in a child node
+				if (!$node->hasChildWithValidPolicy($p_oid)) {
+					$node->addChild(new PolicyNode(
+						$p_oid, $policy->qualifiers(), [$p_oid]));
+				}
+			}
+		}
+	}
 
-    /**
-     * Apply policy mappings to the policy tree.
-     *
-     * @param Certificate    $cert
-     * @param ValidatorState $state
-     */
-    protected function _applyMappings(Certificate $cert, ValidatorState $state): void
-    {
-        $policy_mappings = $cert->tbsCertificate()->extensions()->policyMappings();
-        // (6.1.4. b.1.) for each node in the valid_policy_tree of depth i...
-        foreach ($policy_mappings->flattenedMappings() as $idp => $sdps) {
-            $match_count = 0;
-            foreach ($this->_nodesAtDepth($state->index()) as $node) {
-                // ...where ID-P is the valid_policy
-                if ($node->validPolicy() === $idp) {
-                    // set expected_policy_set to the set of subjectDomainPolicy
-                    // values that are specified as equivalent to ID-P by
-                    // the policy mappings extension
-                    $node->setExpectedPolicies(...$sdps);
-                    ++$match_count;
-                }
-            }
-            // if no node of depth i in the valid_policy_tree has
-            // a valid_policy of ID-P...
-            if (!$match_count) {
-                $this->_applyAnyPolicyMapping($cert, $state, $idp, $sdps);
-            }
-        }
-    }
+	/**
+	 * Apply policy mappings to the policy tree.
+	 *
+	 * @param Certificate    $cert
+	 * @param ValidatorState $state
+	 */
+	protected function _applyMappings(Certificate $cert, ValidatorState $state): void
+	{
+		$policy_mappings = $cert->tbsCertificate()->extensions()->policyMappings();
+		// (6.1.4. b.1.) for each node in the valid_policy_tree of depth i...
+		foreach ($policy_mappings->flattenedMappings() as $idp => $sdps) {
+			$match_count = 0;
+			foreach ($this->_nodesAtDepth($state->index()) as $node) {
+				// ...where ID-P is the valid_policy
+				if ($node->validPolicy() === $idp) {
+					// set expected_policy_set to the set of subjectDomainPolicy
+					// values that are specified as equivalent to ID-P by
+					// the policy mappings extension
+					$node->setExpectedPolicies(...$sdps);
+					++$match_count;
+				}
+			}
+			// if no node of depth i in the valid_policy_tree has
+			// a valid_policy of ID-P...
+			if (!$match_count) {
+				$this->_applyAnyPolicyMapping($cert, $state, $idp, $sdps);
+			}
+		}
+	}
 
-    /**
-     * Apply anyPolicy mapping to the policy tree as specified in 6.1.4 (b)(1).
-     *
-     * @param Certificate    $cert
-     * @param ValidatorState $state
-     * @param string         $idp   OID of the issuer domain policy
-     * @param array          $sdps  Array of subject domain policy OIDs
-     */
-    protected function _applyAnyPolicyMapping(Certificate $cert,
-        ValidatorState $state, string $idp, array $sdps): void
-    {
-        // (6.1.4. b.1.) ...but there is a node of depth i with
-        // a valid_policy of anyPolicy
-        foreach ($this->_nodesAtDepth($state->index()) as $node) {
-            if ($node->isAnyPolicy()) {
-                // then generate a child node of the node of depth i-1
-                // that has a valid_policy of anyPolicy as follows...
-                foreach ($this->_nodesAtDepth($state->index() - 1) as $subnode) {
-                    if ($subnode->isAnyPolicy()) {
-                        // try to fetch qualifiers of anyPolicy certificate policy
-                        try {
-                            $qualifiers = $cert->tbsCertificate()
-                                ->extensions()->certificatePolicies()
-                                ->anyPolicy()->qualifiers();
-                        } catch (\LogicException $e) {
-                            // if there's no policies or no qualifiers
-                            $qualifiers = [];
-                        }
-                        $subnode->addChild(new PolicyNode($idp, $qualifiers, $sdps));
-                        // bail after first anyPolicy has been processed
-                        break;
-                    }
-                }
-                // bail after first anyPolicy has been processed
-                break;
-            }
-        }
-    }
+	/**
+	 * Apply anyPolicy mapping to the policy tree as specified in 6.1.4 (b)(1).
+	 *
+	 * @param Certificate    $cert
+	 * @param ValidatorState $state
+	 * @param string         $idp   OID of the issuer domain policy
+	 * @param array          $sdps  Array of subject domain policy OIDs
+	 */
+	protected function _applyAnyPolicyMapping(Certificate $cert,
+		ValidatorState $state, string $idp, array $sdps): void
+	{
+		// (6.1.4. b.1.) ...but there is a node of depth i with
+		// a valid_policy of anyPolicy
+		foreach ($this->_nodesAtDepth($state->index()) as $node) {
+			if ($node->isAnyPolicy()) {
+				// then generate a child node of the node of depth i-1
+				// that has a valid_policy of anyPolicy as follows...
+				foreach ($this->_nodesAtDepth($state->index() - 1) as $subnode) {
+					if ($subnode->isAnyPolicy()) {
+						// try to fetch qualifiers of anyPolicy certificate policy
+						try {
+							$qualifiers = $cert->tbsCertificate()
+								->extensions()->certificatePolicies()
+								->anyPolicy()->qualifiers();
+						} catch (\LogicException $e) {
+							// if there's no policies or no qualifiers
+							$qualifiers = [];
+						}
+						$subnode->addChild(new PolicyNode($idp, $qualifiers, $sdps));
+						// bail after first anyPolicy has been processed
+						break;
+					}
+				}
+				// bail after first anyPolicy has been processed
+				break;
+			}
+		}
+	}
 
-    /**
-     * Delete nodes as specified in 6.1.4 (b)(2).
-     *
-     * @param Certificate    $cert
-     * @param ValidatorState $state
-     */
-    protected function _deleteMappings(Certificate $cert,
-        ValidatorState $state): void
-    {
-        $idps = $cert->tbsCertificate()->extensions()
-            ->policyMappings()->issuerDomainPolicies();
-        // delete each node of depth i in the valid_policy_tree
-        // where ID-P is the valid_policy
-        foreach ($this->_nodesAtDepth($state->index()) as $node) {
-            if (in_array($node->validPolicy(), $idps)) {
-                $node->remove();
-            }
-        }
-        $this->_pruneTree($state->index() - 1);
-    }
+	/**
+	 * Delete nodes as specified in 6.1.4 (b)(2).
+	 *
+	 * @param Certificate    $cert
+	 * @param ValidatorState $state
+	 */
+	protected function _deleteMappings(Certificate $cert,
+		ValidatorState $state): void
+	{
+		$idps = $cert->tbsCertificate()->extensions()
+			->policyMappings()->issuerDomainPolicies();
+		// delete each node of depth i in the valid_policy_tree
+		// where ID-P is the valid_policy
+		foreach ($this->_nodesAtDepth($state->index()) as $node) {
+			if (in_array($node->validPolicy(), $idps)) {
+				$node->remove();
+			}
+		}
+		$this->_pruneTree($state->index() - 1);
+	}
 
-    /**
-     * Prune tree starting from given depth.
-     *
-     * @param int $depth
-     *
-     * @return int The number of nodes left in a tree
-     */
-    protected function _pruneTree(int $depth): int
-    {
-        if (!$this->_root) {
-            return 0;
-        }
-        for ($i = $depth; $i > 0; --$i) {
-            foreach ($this->_nodesAtDepth($i) as $node) {
-                if (!count($node)) {
-                    $node->remove();
-                }
-            }
-        }
-        // if root has no children left
-        if (!count($this->_root)) {
-            $this->_root = null;
-            return 0;
-        }
-        return $this->_root->nodeCount();
-    }
+	/**
+	 * Prune tree starting from given depth.
+	 *
+	 * @param int $depth
+	 *
+	 * @return int The number of nodes left in a tree
+	 */
+	protected function _pruneTree(int $depth): int
+	{
+		if (!$this->_root) {
+			return 0;
+		}
+		for ($i = $depth; $i > 0; --$i) {
+			foreach ($this->_nodesAtDepth($i) as $node) {
+				if (!count($node)) {
+					$node->remove();
+				}
+			}
+		}
+		// if root has no children left
+		if (!count($this->_root)) {
+			$this->_root = null;
+			return 0;
+		}
+		return $this->_root->nodeCount();
+	}
 
-    /**
-     * Get all nodes at given depth.
-     *
-     * @param int $i
-     *
-     * @return PolicyNode[]
-     */
-    protected function _nodesAtDepth(int $i): array
-    {
-        if (!$this->_root) {
-            return [];
-        }
-        $depth = 0;
-        $nodes = [$this->_root];
-        while ($depth < $i) {
-            $nodes = self::_gatherChildren(...$nodes);
-            if (!count($nodes)) {
-                break;
-            }
-            ++$depth;
-        }
-        return $nodes;
-    }
+	/**
+	 * Get all nodes at given depth.
+	 *
+	 * @param int $i
+	 *
+	 * @return PolicyNode[]
+	 */
+	protected function _nodesAtDepth(int $i): array
+	{
+		if (!$this->_root) {
+			return [];
+		}
+		$depth = 0;
+		$nodes = [$this->_root];
+		while ($depth < $i) {
+			$nodes = self::_gatherChildren(...$nodes);
+			if (!count($nodes)) {
+				break;
+			}
+			++$depth;
+		}
+		return $nodes;
+	}
 
-    /**
-     * Get the valid policy node set as specified in spec 6.1.5.(g)(iii)1.
-     *
-     * @return PolicyNode[]
-     */
-    protected function _validPolicyNodeSet(): array
-    {
-        // 1. Determine the set of policy nodes whose parent nodes have
-        // a valid_policy of anyPolicy. This is the valid_policy_node_set.
-        $set = [];
-        if (!$this->_root) {
-            return $set;
-        }
-        // for each node in a tree
-        $this->_root->walkNodes(
-            function (PolicyNode $node) use (&$set) {
-                $parents = $node->parents();
-                // node has parents
-                if (count($parents)) {
-                    // check that each ancestor is an anyPolicy node
-                    foreach ($parents as $ancestor) {
-                        if (!$ancestor->isAnyPolicy()) {
-                            return;
-                        }
-                    }
-                    $set[] = $node;
-                }
-            });
-        return $set;
-    }
+	/**
+	 * Get the valid policy node set as specified in spec 6.1.5.(g)(iii)1.
+	 *
+	 * @return PolicyNode[]
+	 */
+	protected function _validPolicyNodeSet(): array
+	{
+		// 1. Determine the set of policy nodes whose parent nodes have
+		// a valid_policy of anyPolicy. This is the valid_policy_node_set.
+		$set = [];
+		if (!$this->_root) {
+			return $set;
+		}
+		// for each node in a tree
+		$this->_root->walkNodes(
+			function (PolicyNode $node) use (&$set) {
+				$parents = $node->parents();
+				// node has parents
+				if (count($parents)) {
+					// check that each ancestor is an anyPolicy node
+					foreach ($parents as $ancestor) {
+						if (!$ancestor->isAnyPolicy()) {
+							return;
+						}
+					}
+					$set[] = $node;
+				}
+			});
+		return $set;
+	}
 
-    /**
-     * Gather all children of given nodes to a flattened array.
-     *
-     * @param PolicyNode ...$nodes
-     *
-     * @return PolicyNode[]
-     */
-    private static function _gatherChildren(PolicyNode ...$nodes): array
-    {
-        $children = [];
-        foreach ($nodes as $node) {
-            $children = array_merge($children, $node->children());
-        }
-        return $children;
-    }
+	/**
+	 * Gather all children of given nodes to a flattened array.
+	 *
+	 * @param PolicyNode ...$nodes
+	 *
+	 * @return PolicyNode[]
+	 */
+	private static function _gatherChildren(PolicyNode ...$nodes): array
+	{
+		$children = [];
+		foreach ($nodes as $node) {
+			$children = array_merge($children, $node->children());
+		}
+		return $children;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/CertificationPath/Policy/PolicyNode.php 1 patch

Indentation +240 added lines, -240 removed lines patch added patch discarded remove patch

@@ -16,267 +16,267 @@
 block discarded – undo
  */
 class PolicyNode implements \IteratorAggregate, \Countable
 {
-    /**
-     * Policy OID.
-     *
-     * @var string
-     */
-    protected $_validPolicy;
+	/**
+	 * Policy OID.
+	 *
+	 * @var string
+	 */
+	protected $_validPolicy;
 
-    /**
-     * List of qualifiers.
-     *
-     * @var PolicyQualifierInfo[]
-     */
-    protected $_qualifiers;
+	/**
+	 * List of qualifiers.
+	 *
+	 * @var PolicyQualifierInfo[]
+	 */
+	protected $_qualifiers;
 
-    /**
-     * List of expected policy OIDs.
-     *
-     * @var string[]
-     */
-    protected $_expectedPolicies;
+	/**
+	 * List of expected policy OIDs.
+	 *
+	 * @var string[]
+	 */
+	protected $_expectedPolicies;
 
-    /**
-     * List of child nodes.
-     *
-     * @var PolicyNode[]
-     */
-    protected $_children;
+	/**
+	 * List of child nodes.
+	 *
+	 * @var PolicyNode[]
+	 */
+	protected $_children;
 
-    /**
-     * Reference to the parent node.
-     *
-     * @var null|PolicyNode
-     */
-    protected $_parent;
+	/**
+	 * Reference to the parent node.
+	 *
+	 * @var null|PolicyNode
+	 */
+	protected $_parent;
 
-    /**
-     * Constructor.
-     *
-     * @param string                $valid_policy      Policy OID
-     * @param PolicyQualifierInfo[] $qualifiers
-     * @param string[]              $expected_policies
-     */
-    public function __construct(string $valid_policy, array $qualifiers,
-        array $expected_policies)
-    {
-        $this->_validPolicy = $valid_policy;
-        $this->_qualifiers = $qualifiers;
-        $this->_expectedPolicies = $expected_policies;
-        $this->_children = [];
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string                $valid_policy      Policy OID
+	 * @param PolicyQualifierInfo[] $qualifiers
+	 * @param string[]              $expected_policies
+	 */
+	public function __construct(string $valid_policy, array $qualifiers,
+		array $expected_policies)
+	{
+		$this->_validPolicy = $valid_policy;
+		$this->_qualifiers = $qualifiers;
+		$this->_expectedPolicies = $expected_policies;
+		$this->_children = [];
+	}
 
-    /**
-     * Create initial node for the policy tree.
-     *
-     * @return self
-     */
-    public static function anyPolicyNode(): self
-    {
-        return new self(PolicyInformation::OID_ANY_POLICY, [],
-            [PolicyInformation::OID_ANY_POLICY]);
-    }
+	/**
+	 * Create initial node for the policy tree.
+	 *
+	 * @return self
+	 */
+	public static function anyPolicyNode(): self
+	{
+		return new self(PolicyInformation::OID_ANY_POLICY, [],
+			[PolicyInformation::OID_ANY_POLICY]);
+	}
 
-    /**
-     * Get the valid policy OID.
-     *
-     * @return string
-     */
-    public function validPolicy(): string
-    {
-        return $this->_validPolicy;
-    }
+	/**
+	 * Get the valid policy OID.
+	 *
+	 * @return string
+	 */
+	public function validPolicy(): string
+	{
+		return $this->_validPolicy;
+	}
 
-    /**
-     * Check whether node has anyPolicy as a valid policy.
-     *
-     * @return bool
-     */
-    public function isAnyPolicy(): bool
-    {
-        return PolicyInformation::OID_ANY_POLICY === $this->_validPolicy;
-    }
+	/**
+	 * Check whether node has anyPolicy as a valid policy.
+	 *
+	 * @return bool
+	 */
+	public function isAnyPolicy(): bool
+	{
+		return PolicyInformation::OID_ANY_POLICY === $this->_validPolicy;
+	}
 
-    /**
-     * Get the qualifier set.
-     *
-     * @return PolicyQualifierInfo[]
-     */
-    public function qualifiers(): array
-    {
-        return $this->_qualifiers;
-    }
+	/**
+	 * Get the qualifier set.
+	 *
+	 * @return PolicyQualifierInfo[]
+	 */
+	public function qualifiers(): array
+	{
+		return $this->_qualifiers;
+	}
 
-    /**
-     * Check whether node has OID as an expected policy.
-     *
-     * @param string $oid
-     *
-     * @return bool
-     */
-    public function hasExpectedPolicy(string $oid): bool
-    {
-        return in_array($oid, $this->_expectedPolicies);
-    }
+	/**
+	 * Check whether node has OID as an expected policy.
+	 *
+	 * @param string $oid
+	 *
+	 * @return bool
+	 */
+	public function hasExpectedPolicy(string $oid): bool
+	{
+		return in_array($oid, $this->_expectedPolicies);
+	}
 
-    /**
-     * Get the expected policy set.
-     *
-     * @return string[]
-     */
-    public function expectedPolicies(): array
-    {
-        return $this->_expectedPolicies;
-    }
+	/**
+	 * Get the expected policy set.
+	 *
+	 * @return string[]
+	 */
+	public function expectedPolicies(): array
+	{
+		return $this->_expectedPolicies;
+	}
 
-    /**
-     * Set expected policies.
-     *
-     * @param string ...$oids Policy OIDs
-     */
-    public function setExpectedPolicies(string ...$oids): void
-    {
-        $this->_expectedPolicies = $oids;
-    }
+	/**
+	 * Set expected policies.
+	 *
+	 * @param string ...$oids Policy OIDs
+	 */
+	public function setExpectedPolicies(string ...$oids): void
+	{
+		$this->_expectedPolicies = $oids;
+	}
 
-    /**
-     * Check whether node has a child node with given valid policy OID.
-     *
-     * @param string $oid
-     *
-     * @return bool
-     */
-    public function hasChildWithValidPolicy(string $oid): bool
-    {
-        foreach ($this->_children as $node) {
-            if ($node->validPolicy() === $oid) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether node has a child node with given valid policy OID.
+	 *
+	 * @param string $oid
+	 *
+	 * @return bool
+	 */
+	public function hasChildWithValidPolicy(string $oid): bool
+	{
+		foreach ($this->_children as $node) {
+			if ($node->validPolicy() === $oid) {
+				return true;
+			}
+		}
+		return false;
+	}
 
-    /**
-     * Add child node.
-     *
-     * @param PolicyNode $node
-     *
-     * @return self
-     */
-    public function addChild(PolicyNode $node): self
-    {
-        $id = spl_object_hash($node);
-        $node->_parent = $this;
-        $this->_children[$id] = $node;
-        return $this;
-    }
+	/**
+	 * Add child node.
+	 *
+	 * @param PolicyNode $node
+	 *
+	 * @return self
+	 */
+	public function addChild(PolicyNode $node): self
+	{
+		$id = spl_object_hash($node);
+		$node->_parent = $this;
+		$this->_children[$id] = $node;
+		return $this;
+	}
 
-    /**
-     * Get the child nodes.
-     *
-     * @return PolicyNode[]
-     */
-    public function children(): array
-    {
-        return array_values($this->_children);
-    }
+	/**
+	 * Get the child nodes.
+	 *
+	 * @return PolicyNode[]
+	 */
+	public function children(): array
+	{
+		return array_values($this->_children);
+	}
 
-    /**
-     * Remove this node from the tree.
-     *
-     * @return self The removed node
-     */
-    public function remove(): self
-    {
-        if ($this->_parent) {
-            $id = spl_object_hash($this);
-            unset($this->_parent->_children[$id], $this->_parent);
-        }
-        return $this;
-    }
+	/**
+	 * Remove this node from the tree.
+	 *
+	 * @return self The removed node
+	 */
+	public function remove(): self
+	{
+		if ($this->_parent) {
+			$id = spl_object_hash($this);
+			unset($this->_parent->_children[$id], $this->_parent);
+		}
+		return $this;
+	}
 
-    /**
-     * Check whether node has a parent.
-     *
-     * @return bool
-     */
-    public function hasParent(): bool
-    {
-        return isset($this->_parent);
-    }
+	/**
+	 * Check whether node has a parent.
+	 *
+	 * @return bool
+	 */
+	public function hasParent(): bool
+	{
+		return isset($this->_parent);
+	}
 
-    /**
-     * Get the parent node.
-     *
-     * @return null|PolicyNode
-     */
-    public function parent(): ?PolicyNode
-    {
-        return $this->_parent;
-    }
+	/**
+	 * Get the parent node.
+	 *
+	 * @return null|PolicyNode
+	 */
+	public function parent(): ?PolicyNode
+	{
+		return $this->_parent;
+	}
 
-    /**
-     * Get chain of parent nodes from this node's parent to the root node.
-     *
-     * @return PolicyNode[]
-     */
-    public function parents(): array
-    {
-        if (!$this->_parent) {
-            return [];
-        }
-        $nodes = $this->_parent->parents();
-        $nodes[] = $this->_parent;
-        return array_reverse($nodes);
-    }
+	/**
+	 * Get chain of parent nodes from this node's parent to the root node.
+	 *
+	 * @return PolicyNode[]
+	 */
+	public function parents(): array
+	{
+		if (!$this->_parent) {
+			return [];
+		}
+		$nodes = $this->_parent->parents();
+		$nodes[] = $this->_parent;
+		return array_reverse($nodes);
+	}
 
-    /**
-     * Walk tree from this node, applying a callback for each node.
-     *
-     * Nodes are traversed depth-first and callback shall be applied post-order.
-     *
-     * @param callable $fn
-     */
-    public function walkNodes(callable $fn): void
-    {
-        foreach ($this->_children as $node) {
-            $node->walkNodes($fn);
-        }
-        $fn($this);
-    }
+	/**
+	 * Walk tree from this node, applying a callback for each node.
+	 *
+	 * Nodes are traversed depth-first and callback shall be applied post-order.
+	 *
+	 * @param callable $fn
+	 */
+	public function walkNodes(callable $fn): void
+	{
+		foreach ($this->_children as $node) {
+			$node->walkNodes($fn);
+		}
+		$fn($this);
+	}
 
-    /**
-     * Get the total number of nodes in a tree.
-     *
-     * @return int
-     */
-    public function nodeCount(): int
-    {
-        $c = 1;
-        foreach ($this->_children as $child) {
-            $c += $child->nodeCount();
-        }
-        return $c;
-    }
+	/**
+	 * Get the total number of nodes in a tree.
+	 *
+	 * @return int
+	 */
+	public function nodeCount(): int
+	{
+		$c = 1;
+		foreach ($this->_children as $child) {
+			$c += $child->nodeCount();
+		}
+		return $c;
+	}
 
-    /**
-     * Get the number of child nodes.
-     *
-     * @see \Countable::count()
-     */
-    public function count(): int
-    {
-        return count($this->_children);
-    }
+	/**
+	 * Get the number of child nodes.
+	 *
+	 * @see \Countable::count()
+	 */
+	public function count(): int
+	{
+		return count($this->_children);
+	}
 
-    /**
-     * Get iterator for the child nodes.
-     *
-     * @see \IteratorAggregate::getIterator()
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_children);
-    }
+	/**
+	 * Get iterator for the child nodes.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_children);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/Certificate.php 1 patch

Indentation +219 added lines, -219 removed lines patch added patch discarded remove patch

@@ -20,242 +20,242 @@
 block discarded – undo
  */
 class Certificate
 {
-    /**
-     * "To be signed" certificate information.
-     *
-     * @var TBSCertificate
-     */
-    protected $_tbsCertificate;
+	/**
+	 * "To be signed" certificate information.
+	 *
+	 * @var TBSCertificate
+	 */
+	protected $_tbsCertificate;
 
-    /**
-     * Signature algorithm.
-     *
-     * @var SignatureAlgorithmIdentifier
-     */
-    protected $_signatureAlgorithm;
+	/**
+	 * Signature algorithm.
+	 *
+	 * @var SignatureAlgorithmIdentifier
+	 */
+	protected $_signatureAlgorithm;
 
-    /**
-     * Signature value.
-     *
-     * @var Signature
-     */
-    protected $_signatureValue;
+	/**
+	 * Signature value.
+	 *
+	 * @var Signature
+	 */
+	protected $_signatureValue;
 
-    /**
-     * Constructor.
-     *
-     * @param TBSCertificate               $tbsCert
-     * @param SignatureAlgorithmIdentifier $algo
-     * @param Signature                    $signature
-     */
-    public function __construct(TBSCertificate $tbsCert,
-        SignatureAlgorithmIdentifier $algo, Signature $signature)
-    {
-        $this->_tbsCertificate = $tbsCert;
-        $this->_signatureAlgorithm = $algo;
-        $this->_signatureValue = $signature;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param TBSCertificate               $tbsCert
+	 * @param SignatureAlgorithmIdentifier $algo
+	 * @param Signature                    $signature
+	 */
+	public function __construct(TBSCertificate $tbsCert,
+		SignatureAlgorithmIdentifier $algo, Signature $signature)
+	{
+		$this->_tbsCertificate = $tbsCert;
+		$this->_signatureAlgorithm = $algo;
+		$this->_signatureValue = $signature;
+	}
 
-    /**
-     * Get certificate as a PEM formatted string.
-     *
-     * @return string
-     */
-    public function __toString(): string
-    {
-        return $this->toPEM()->string();
-    }
+	/**
+	 * Get certificate as a PEM formatted string.
+	 *
+	 * @return string
+	 */
+	public function __toString(): string
+	{
+		return $this->toPEM()->string();
+	}
 
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     *
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
-        $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
-        if (!$algo instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                'Unsupported signature algorithm ' . $algo->oid() . '.');
-        }
-        $signature = Signature::fromSignatureData(
-            $seq->at(2)->asBitString()->string(), $algo);
-        return new self($tbsCert, $algo, $signature);
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 *
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
+		$algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
+		if (!$algo instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				'Unsupported signature algorithm ' . $algo->oid() . '.');
+		}
+		$signature = Signature::fromSignatureData(
+			$seq->at(2)->asBitString()->string(), $algo);
+		return new self($tbsCert, $algo, $signature);
+	}
 
-    /**
-     * Initialize from DER.
-     *
-     * @param string $data
-     *
-     * @return self
-     */
-    public static function fromDER(string $data): self
-    {
-        return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence());
-    }
+	/**
+	 * Initialize from DER.
+	 *
+	 * @param string $data
+	 *
+	 * @return self
+	 */
+	public static function fromDER(string $data): self
+	{
+		return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence());
+	}
 
-    /**
-     * Initialize from PEM.
-     *
-     * @param PEM $pem
-     *
-     * @throws \UnexpectedValueException
-     *
-     * @return self
-     */
-    public static function fromPEM(PEM $pem): self
-    {
-        if (PEM::TYPE_CERTIFICATE !== $pem->type()) {
-            throw new \UnexpectedValueException('Invalid PEM type.');
-        }
-        return self::fromDER($pem->data());
-    }
+	/**
+	 * Initialize from PEM.
+	 *
+	 * @param PEM $pem
+	 *
+	 * @throws \UnexpectedValueException
+	 *
+	 * @return self
+	 */
+	public static function fromPEM(PEM $pem): self
+	{
+		if (PEM::TYPE_CERTIFICATE !== $pem->type()) {
+			throw new \UnexpectedValueException('Invalid PEM type.');
+		}
+		return self::fromDER($pem->data());
+	}
 
-    /**
-     * Get certificate information.
-     *
-     * @return TBSCertificate
-     */
-    public function tbsCertificate(): TBSCertificate
-    {
-        return $this->_tbsCertificate;
-    }
+	/**
+	 * Get certificate information.
+	 *
+	 * @return TBSCertificate
+	 */
+	public function tbsCertificate(): TBSCertificate
+	{
+		return $this->_tbsCertificate;
+	}
 
-    /**
-     * Get signature algorithm.
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signatureAlgorithm(): SignatureAlgorithmIdentifier
-    {
-        return $this->_signatureAlgorithm;
-    }
+	/**
+	 * Get signature algorithm.
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signatureAlgorithm(): SignatureAlgorithmIdentifier
+	{
+		return $this->_signatureAlgorithm;
+	}
 
-    /**
-     * Get signature value.
-     *
-     * @return Signature
-     */
-    public function signatureValue(): Signature
-    {
-        return $this->_signatureValue;
-    }
+	/**
+	 * Get signature value.
+	 *
+	 * @return Signature
+	 */
+	public function signatureValue(): Signature
+	{
+		return $this->_signatureValue;
+	}
 
-    /**
-     * Check whether certificate is self-issued.
-     *
-     * @return bool
-     */
-    public function isSelfIssued(): bool
-    {
-        return $this->_tbsCertificate->subject()->equals(
-            $this->_tbsCertificate->issuer());
-    }
+	/**
+	 * Check whether certificate is self-issued.
+	 *
+	 * @return bool
+	 */
+	public function isSelfIssued(): bool
+	{
+		return $this->_tbsCertificate->subject()->equals(
+			$this->_tbsCertificate->issuer());
+	}
 
-    /**
-     * Check whether certificate is semantically equal to another.
-     *
-     * @param Certificate $cert Certificate to compare to
-     *
-     * @return bool
-     */
-    public function equals(Certificate $cert): bool
-    {
-        return $this->_hasEqualSerialNumber($cert) &&
-             $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
-    }
+	/**
+	 * Check whether certificate is semantically equal to another.
+	 *
+	 * @param Certificate $cert Certificate to compare to
+	 *
+	 * @return bool
+	 */
+	public function equals(Certificate $cert): bool
+	{
+		return $this->_hasEqualSerialNumber($cert) &&
+			 $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
+	}
 
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        return new Sequence($this->_tbsCertificate->toASN1(),
-            $this->_signatureAlgorithm->toASN1(),
-            $this->_signatureValue->bitString());
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		return new Sequence($this->_tbsCertificate->toASN1(),
+			$this->_signatureAlgorithm->toASN1(),
+			$this->_signatureValue->bitString());
+	}
 
-    /**
-     * Get certificate as a DER.
-     *
-     * @return string
-     */
-    public function toDER(): string
-    {
-        return $this->toASN1()->toDER();
-    }
+	/**
+	 * Get certificate as a DER.
+	 *
+	 * @return string
+	 */
+	public function toDER(): string
+	{
+		return $this->toASN1()->toDER();
+	}
 
-    /**
-     * Get certificate as a PEM.
-     *
-     * @return PEM
-     */
-    public function toPEM(): PEM
-    {
-        return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
-    }
+	/**
+	 * Get certificate as a PEM.
+	 *
+	 * @return PEM
+	 */
+	public function toPEM(): PEM
+	{
+		return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
+	}
 
-    /**
-     * Verify certificate signature.
-     *
-     * @param PublicKeyInfo $pubkey_info Issuer's public key
-     * @param null|Crypto   $crypto      Crypto engine, use default if not set
-     *
-     * @return bool True if certificate signature is valid
-     */
-    public function verify(PublicKeyInfo $pubkey_info, ?Crypto $crypto = null): bool
-    {
-        $crypto = $crypto ?? Crypto::getDefault();
-        $data = $this->_tbsCertificate->toASN1()->toDER();
-        return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
-            $this->_signatureAlgorithm);
-    }
+	/**
+	 * Verify certificate signature.
+	 *
+	 * @param PublicKeyInfo $pubkey_info Issuer's public key
+	 * @param null|Crypto   $crypto      Crypto engine, use default if not set
+	 *
+	 * @return bool True if certificate signature is valid
+	 */
+	public function verify(PublicKeyInfo $pubkey_info, ?Crypto $crypto = null): bool
+	{
+		$crypto = $crypto ?? Crypto::getDefault();
+		$data = $this->_tbsCertificate->toASN1()->toDER();
+		return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
+			$this->_signatureAlgorithm);
+	}
 
-    /**
-     * Check whether certificate has serial number equal to another.
-     *
-     * @param Certificate $cert
-     *
-     * @return bool
-     */
-    private function _hasEqualSerialNumber(Certificate $cert): bool
-    {
-        $sn1 = $this->_tbsCertificate->serialNumber();
-        $sn2 = $cert->_tbsCertificate->serialNumber();
-        return $sn1 === $sn2;
-    }
+	/**
+	 * Check whether certificate has serial number equal to another.
+	 *
+	 * @param Certificate $cert
+	 *
+	 * @return bool
+	 */
+	private function _hasEqualSerialNumber(Certificate $cert): bool
+	{
+		$sn1 = $this->_tbsCertificate->serialNumber();
+		$sn2 = $cert->_tbsCertificate->serialNumber();
+		return $sn1 === $sn2;
+	}
 
-    /**
-     * Check whether certificate has public key equal to another.
-     *
-     * @param Certificate $cert
-     *
-     * @return bool
-     */
-    private function _hasEqualPublicKey(Certificate $cert): bool
-    {
-        $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        return $kid1 === $kid2;
-    }
+	/**
+	 * Check whether certificate has public key equal to another.
+	 *
+	 * @param Certificate $cert
+	 *
+	 * @return bool
+	 */
+	private function _hasEqualPublicKey(Certificate $cert): bool
+	{
+		$kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		$kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		return $kid1 === $kid2;
+	}
 
-    /**
-     * Check whether certificate has subject equal to another.
-     *
-     * @param Certificate $cert
-     *
-     * @return bool
-     */
-    private function _hasEqualSubject(Certificate $cert): bool
-    {
-        $dn1 = $this->_tbsCertificate->subject();
-        $dn2 = $cert->_tbsCertificate->subject();
-        return $dn1->equals($dn2);
-    }
+	/**
+	 * Check whether certificate has subject equal to another.
+	 *
+	 * @param Certificate $cert
+	 *
+	 * @return bool
+	 */
+	private function _hasEqualSubject(Certificate $cert): bool
+	{
+		$dn1 = $this->_tbsCertificate->subject();
+		$dn2 = $cert->_tbsCertificate->subject();
+		return $dn1->equals($dn2);
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/Time.php 2 patches

Indentation +96 added lines, -96 removed lines patch added patch discarded remove patch

@@ -17,108 +17,108 @@
 block discarded – undo
  */
 class Time
 {
-    use DateTimeHelper;
+	use DateTimeHelper;
 
-    /**
-     * Datetime.
-     *
-     * @var \DateTimeImmutable
-     */
-    protected $_dt;
+	/**
+	 * Datetime.
+	 *
+	 * @var \DateTimeImmutable
+	 */
+	protected $_dt;
 
-    /**
-     * Time ASN.1 type tag.
-     *
-     * @var int
-     */
-    protected $_type;
+	/**
+	 * Time ASN.1 type tag.
+	 *
+	 * @var int
+	 */
+	protected $_type;
 
-    /**
-     * Constructor.
-     *
-     * @param \DateTimeImmutable $dt
-     */
-    public function __construct(\DateTimeImmutable $dt)
-    {
-        $this->_dt = $dt;
-        $this->_type = self::_determineType($dt);
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param \DateTimeImmutable $dt
+	 */
+	public function __construct(\DateTimeImmutable $dt)
+	{
+		$this->_dt = $dt;
+		$this->_type = self::_determineType($dt);
+	}
 
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param TimeType $el
-     *
-     * @return self
-     */
-    public static function fromASN1(TimeType $el): self
-    {
-        $obj = new self($el->dateTime());
-        $obj->_type = $el->tag();
-        return $obj;
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param TimeType $el
+	 *
+	 * @return self
+	 */
+	public static function fromASN1(TimeType $el): self
+	{
+		$obj = new self($el->dateTime());
+		$obj->_type = $el->tag();
+		return $obj;
+	}
 
-    /**
-     * Initialize from date string.
-     *
-     * @param null|string $time
-     * @param null|string $tz
-     *
-     * @return self
-     */
-    public static function fromString(?string $time, ?string $tz = null): self
-    {
-        return new self(self::_createDateTime($time, $tz));
-    }
+	/**
+	 * Initialize from date string.
+	 *
+	 * @param null|string $time
+	 * @param null|string $tz
+	 *
+	 * @return self
+	 */
+	public static function fromString(?string $time, ?string $tz = null): self
+	{
+		return new self(self::_createDateTime($time, $tz));
+	}
 
-    /**
-     * Get datetime.
-     *
-     * @return \DateTimeImmutable
-     */
-    public function dateTime(): \DateTimeImmutable
-    {
-        return $this->_dt;
-    }
+	/**
+	 * Get datetime.
+	 *
+	 * @return \DateTimeImmutable
+	 */
+	public function dateTime(): \DateTimeImmutable
+	{
+		return $this->_dt;
+	}
 
-    /**
-     * Generate ASN.1.
-     *
-     * @throws \UnexpectedValueException
-     *
-     * @return TimeType
-     */
-    public function toASN1(): TimeType
-    {
-        $dt = $this->_dt;
-        switch ($this->_type) {
-            case Element::TYPE_UTC_TIME:
-                return new UTCTime($dt);
-            case Element::TYPE_GENERALIZED_TIME:
-                // GeneralizedTime must not contain fractional seconds
-                // (rfc5280 4.1.2.5.2)
-                if (0 !== intval($dt->format('u'))) {
-                    // remove fractional seconds (round down)
-                    $dt = self::_roundDownFractionalSeconds($dt);
-                }
-                return new GeneralizedTime($dt);
-        }
-        throw new \UnexpectedValueException(
-            'Time type ' . Element::tagToName($this->_type) . ' not supported.');
-    }
+	/**
+	 * Generate ASN.1.
+	 *
+	 * @throws \UnexpectedValueException
+	 *
+	 * @return TimeType
+	 */
+	public function toASN1(): TimeType
+	{
+		$dt = $this->_dt;
+		switch ($this->_type) {
+			case Element::TYPE_UTC_TIME:
+				return new UTCTime($dt);
+			case Element::TYPE_GENERALIZED_TIME:
+				// GeneralizedTime must not contain fractional seconds
+				// (rfc5280 4.1.2.5.2)
+				if (0 !== intval($dt->format('u'))) {
+					// remove fractional seconds (round down)
+					$dt = self::_roundDownFractionalSeconds($dt);
+				}
+				return new GeneralizedTime($dt);
+		}
+		throw new \UnexpectedValueException(
+			'Time type ' . Element::tagToName($this->_type) . ' not supported.');
+	}
 
-    /**
-     * Determine whether to use UTCTime or GeneralizedTime ASN.1 type.
-     *
-     * @param \DateTimeImmutable $dt
-     *
-     * @return int Type tag
-     */
-    protected static function _determineType(\DateTimeImmutable $dt): int
-    {
-        if ($dt->format('Y') >= 2050) {
-            return Element::TYPE_GENERALIZED_TIME;
-        }
-        return Element::TYPE_UTC_TIME;
-    }
+	/**
+	 * Determine whether to use UTCTime or GeneralizedTime ASN.1 type.
+	 *
+	 * @param \DateTimeImmutable $dt
+	 *
+	 * @return int Type tag
+	 */
+	protected static function _determineType(\DateTimeImmutable $dt): int
+	{
+		if ($dt->format('Y') >= 2050) {
+			return Element::TYPE_GENERALIZED_TIME;
+		}
+		return Element::TYPE_UTC_TIME;
+	}
 }

Please login to merge, or discard this patch.

Switch Indentation +10 added lines, -10 removed lines patch added patch discarded remove patch

@@ -92,16 +92,16 @@
 block discarded – undo
     {
         $dt = $this->_dt;
         switch ($this->_type) {
-            case Element::TYPE_UTC_TIME:
-                return new UTCTime($dt);
-            case Element::TYPE_GENERALIZED_TIME:
-                // GeneralizedTime must not contain fractional seconds
-                // (rfc5280 4.1.2.5.2)
-                if (0 !== intval($dt->format('u'))) {
-                    // remove fractional seconds (round down)
-                    $dt = self::_roundDownFractionalSeconds($dt);
-                }
-                return new GeneralizedTime($dt);
+        case Element::TYPE_UTC_TIME:
+            return new UTCTime($dt);
+        case Element::TYPE_GENERALIZED_TIME:
+            // GeneralizedTime must not contain fractional seconds
+            // (rfc5280 4.1.2.5.2)
+            if (0 !== intval($dt->format('u'))) {
+                // remove fractional seconds (round down)
+                $dt = self::_roundDownFractionalSeconds($dt);
+            }
+            return new GeneralizedTime($dt);
         }
         throw new \UnexpectedValueException(
             'Time type ' . Element::tagToName($this->_type) . ' not supported.');

Please login to merge, or discard this patch.

lib/X509/Certificate/TBSCertificate.php 1 patch

Indentation +618 added lines, -618 removed lines patch added patch discarded remove patch

@@ -27,622 +27,622 @@
 block discarded – undo
  */
 class TBSCertificate
 {
-    // Certificate version enumerations
-    const VERSION_1 = 0;
-    const VERSION_2 = 1;
-    const VERSION_3 = 2;
-
-    /**
-     * Certificate version.
-     *
-     * @var null|int
-     */
-    protected $_version;
-
-    /**
-     * Serial number.
-     *
-     * @var null|string
-     */
-    protected $_serialNumber;
-
-    /**
-     * Signature algorithm.
-     *
-     * @var null|SignatureAlgorithmIdentifier
-     */
-    protected $_signature;
-
-    /**
-     * Certificate issuer.
-     *
-     * @var Name
-     */
-    protected $_issuer;
-
-    /**
-     * Certificate validity period.
-     *
-     * @var Validity
-     */
-    protected $_validity;
-
-    /**
-     * Certificate subject.
-     *
-     * @var Name
-     */
-    protected $_subject;
-
-    /**
-     * Subject public key.
-     *
-     * @var PublicKeyInfo
-     */
-    protected $_subjectPublicKeyInfo;
-
-    /**
-     * Issuer unique identifier.
-     *
-     * @var null|UniqueIdentifier
-     */
-    protected $_issuerUniqueID;
-
-    /**
-     * Subject unique identifier.
-     *
-     * @var null|UniqueIdentifier
-     */
-    protected $_subjectUniqueID;
-
-    /**
-     * Extensions.
-     *
-     * @var Extensions
-     */
-    protected $_extensions;
-
-    /**
-     * Constructor.
-     *
-     * @param Name          $subject  Certificate subject
-     * @param PublicKeyInfo $pki      Subject public key
-     * @param Name          $issuer   Certificate issuer
-     * @param Validity      $validity Validity period
-     */
-    public function __construct(Name $subject, PublicKeyInfo $pki, Name $issuer,
-        Validity $validity)
-    {
-        $this->_subject = $subject;
-        $this->_subjectPublicKeyInfo = $pki;
-        $this->_issuer = $issuer;
-        $this->_validity = $validity;
-        $this->_extensions = new Extensions();
-    }
-
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     *
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $idx = 0;
-        if ($seq->hasTagged(0)) {
-            ++$idx;
-            $version = $seq->getTagged(0)->asExplicit()->asInteger()->intNumber();
-        } else {
-            $version = self::VERSION_1;
-        }
-        $serial = $seq->at($idx++)->asInteger()->number();
-        $algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
-        if (!$algo instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                'Unsupported signature algorithm ' . $algo->name() . '.');
-        }
-        $issuer = Name::fromASN1($seq->at($idx++)->asSequence());
-        $validity = Validity::fromASN1($seq->at($idx++)->asSequence());
-        $subject = Name::fromASN1($seq->at($idx++)->asSequence());
-        $pki = PublicKeyInfo::fromASN1($seq->at($idx++)->asSequence());
-        $tbs_cert = new self($subject, $pki, $issuer, $validity);
-        $tbs_cert->_version = $version;
-        $tbs_cert->_serialNumber = $serial;
-        $tbs_cert->_signature = $algo;
-        if ($seq->hasTagged(1)) {
-            $tbs_cert->_issuerUniqueID = UniqueIdentifier::fromASN1(
-                $seq->getTagged(1)->asImplicit(Element::TYPE_BIT_STRING)
-                    ->asBitString());
-        }
-        if ($seq->hasTagged(2)) {
-            $tbs_cert->_subjectUniqueID = UniqueIdentifier::fromASN1(
-                $seq->getTagged(2)->asImplicit(Element::TYPE_BIT_STRING)
-                    ->asBitString());
-        }
-        if ($seq->hasTagged(3)) {
-            $tbs_cert->_extensions = Extensions::fromASN1(
-                $seq->getTagged(3)->asExplicit()->asSequence());
-        }
-        return $tbs_cert;
-    }
-
-    /**
-     * Initialize from certification request.
-     *
-     * Note that signature is not verified and must be done by the caller.
-     *
-     * @param CertificationRequest $cr
-     *
-     * @return self
-     */
-    public static function fromCSR(CertificationRequest $cr): self
-    {
-        $cri = $cr->certificationRequestInfo();
-        $tbs_cert = new self($cri->subject(), $cri->subjectPKInfo(), new Name(),
-            Validity::fromStrings(null, null));
-        // if CSR has Extension Request attribute
-        if ($cri->hasAttributes()) {
-            $attribs = $cri->attributes();
-            if ($attribs->hasExtensionRequest()) {
-                $tbs_cert = $tbs_cert->withExtensions(
-                    $attribs->extensionRequest()->extensions());
-            }
-        }
-        // add Subject Key Identifier extension
-        return $tbs_cert->withAdditionalExtensions(
-            new SubjectKeyIdentifierExtension(false,
-                $cri->subjectPKInfo()->keyIdentifier()));
-    }
-
-    /**
-     * Get self with fields set from the issuer's certificate.
-     *
-     * Issuer shall be set to issuing certificate's subject.
-     * Authority key identifier extensions shall be added with a key identifier
-     * set to issuing certificate's public key identifier.
-     *
-     * @param Certificate $cert Issuing party's certificate
-     *
-     * @return self
-     */
-    public function withIssuerCertificate(Certificate $cert): self
-    {
-        $obj = clone $this;
-        // set issuer DN from cert's subject
-        $obj->_issuer = $cert->tbsCertificate()->subject();
-        // add authority key identifier extension
-        $key_id = $cert->tbsCertificate()->subjectPublicKeyInfo()->keyIdentifier();
-        $obj->_extensions = $obj->_extensions->withExtensions(
-            new AuthorityKeyIdentifierExtension(false, $key_id));
-        return $obj;
-    }
-
-    /**
-     * Get self with given version.
-     *
-     * If version is not set, appropriate version is automatically
-     * determined during signing.
-     *
-     * @param int $version
-     *
-     * @return self
-     */
-    public function withVersion(int $version): self
-    {
-        $obj = clone $this;
-        $obj->_version = $version;
-        return $obj;
-    }
-
-    /**
-     * Get self with given serial number.
-     *
-     * @param int|string $serial Base 10 number
-     *
-     * @return self
-     */
-    public function withSerialNumber($serial): self
-    {
-        $obj = clone $this;
-        $obj->_serialNumber = strval($serial);
-        return $obj;
-    }
-
-    /**
-     * Get self with random positive serial number.
-     *
-     * @param int $size Number of random bytes
-     *
-     * @return self
-     */
-    public function withRandomSerialNumber(int $size = 16): self
-    {
-        // ensure that first byte is always non-zero and having first bit unset
-        $num = gmp_init(mt_rand(1, 0x7f), 10);
-        for ($i = 1; $i < $size; ++$i) {
-            $num <<= 8;
-            $num += mt_rand(0, 0xff);
-        }
-        return $this->withSerialNumber(gmp_strval($num, 10));
-    }
-
-    /**
-     * Get self with given signature algorithm.
-     *
-     * @param SignatureAlgorithmIdentifier $algo
-     *
-     * @return self
-     */
-    public function withSignature(SignatureAlgorithmIdentifier $algo): self
-    {
-        $obj = clone $this;
-        $obj->_signature = $algo;
-        return $obj;
-    }
-
-    /**
-     * Get self with given issuer.
-     *
-     * @param Name $issuer
-     *
-     * @return self
-     */
-    public function withIssuer(Name $issuer): self
-    {
-        $obj = clone $this;
-        $obj->_issuer = $issuer;
-        return $obj;
-    }
-
-    /**
-     * Get self with given validity.
-     *
-     * @param Validity $validity
-     *
-     * @return self
-     */
-    public function withValidity(Validity $validity): self
-    {
-        $obj = clone $this;
-        $obj->_validity = $validity;
-        return $obj;
-    }
-
-    /**
-     * Get self with given subject.
-     *
-     * @param Name $subject
-     *
-     * @return self
-     */
-    public function withSubject(Name $subject): self
-    {
-        $obj = clone $this;
-        $obj->_subject = $subject;
-        return $obj;
-    }
-
-    /**
-     * Get self with given subject public key info.
-     *
-     * @param PublicKeyInfo $pub_key_info
-     *
-     * @return self
-     */
-    public function withSubjectPublicKeyInfo(PublicKeyInfo $pub_key_info): self
-    {
-        $obj = clone $this;
-        $obj->_subjectPublicKeyInfo = $pub_key_info;
-        return $obj;
-    }
-
-    /**
-     * Get self with issuer unique ID.
-     *
-     * @param UniqueIdentifier $id
-     *
-     * @return self
-     */
-    public function withIssuerUniqueID(UniqueIdentifier $id): self
-    {
-        $obj = clone $this;
-        $obj->_issuerUniqueID = $id;
-        return $obj;
-    }
-
-    /**
-     * Get self with subject unique ID.
-     *
-     * @param UniqueIdentifier $id
-     *
-     * @return self
-     */
-    public function withSubjectUniqueID(UniqueIdentifier $id): self
-    {
-        $obj = clone $this;
-        $obj->_subjectUniqueID = $id;
-        return $obj;
-    }
-
-    /**
-     * Get self with given extensions.
-     *
-     * @param Extensions $extensions
-     *
-     * @return self
-     */
-    public function withExtensions(Extensions $extensions): self
-    {
-        $obj = clone $this;
-        $obj->_extensions = $extensions;
-        return $obj;
-    }
-
-    /**
-     * Get self with extensions added.
-     *
-     * @param Extension ...$exts One or more Extension objects
-     *
-     * @return self
-     */
-    public function withAdditionalExtensions(Extension ...$exts): self
-    {
-        $obj = clone $this;
-        $obj->_extensions = $obj->_extensions->withExtensions(...$exts);
-        return $obj;
-    }
-
-    /**
-     * Check whether version is set.
-     *
-     * @return bool
-     */
-    public function hasVersion(): bool
-    {
-        return isset($this->_version);
-    }
-
-    /**
-     * Get certificate version.
-     *
-     * @throws \LogicException If not set
-     *
-     * @return int
-     */
-    public function version(): int
-    {
-        if (!$this->hasVersion()) {
-            throw new \LogicException('version not set.');
-        }
-        return $this->_version;
-    }
-
-    /**
-     * Check whether serial number is set.
-     *
-     * @return bool
-     */
-    public function hasSerialNumber(): bool
-    {
-        return isset($this->_serialNumber);
-    }
-
-    /**
-     * Get serial number.
-     *
-     * @throws \LogicException If not set
-     *
-     * @return string Base 10 integer
-     */
-    public function serialNumber(): string
-    {
-        if (!$this->hasSerialNumber()) {
-            throw new \LogicException('serialNumber not set.');
-        }
-        return $this->_serialNumber;
-    }
-
-    /**
-     * Check whether signature algorithm is set.
-     *
-     * @return bool
-     */
-    public function hasSignature(): bool
-    {
-        return isset($this->_signature);
-    }
-
-    /**
-     * Get signature algorithm.
-     *
-     * @throws \LogicException If not set
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signature(): SignatureAlgorithmIdentifier
-    {
-        if (!$this->hasSignature()) {
-            throw new \LogicException('signature not set.');
-        }
-        return $this->_signature;
-    }
-
-    /**
-     * Get issuer.
-     *
-     * @return Name
-     */
-    public function issuer(): Name
-    {
-        return $this->_issuer;
-    }
-
-    /**
-     * Get validity period.
-     *
-     * @return Validity
-     */
-    public function validity(): Validity
-    {
-        return $this->_validity;
-    }
-
-    /**
-     * Get subject.
-     *
-     * @return Name
-     */
-    public function subject(): Name
-    {
-        return $this->_subject;
-    }
-
-    /**
-     * Get subject public key.
-     *
-     * @return PublicKeyInfo
-     */
-    public function subjectPublicKeyInfo(): PublicKeyInfo
-    {
-        return $this->_subjectPublicKeyInfo;
-    }
-
-    /**
-     * Whether issuer unique identifier is present.
-     *
-     * @return bool
-     */
-    public function hasIssuerUniqueID(): bool
-    {
-        return isset($this->_issuerUniqueID);
-    }
-
-    /**
-     * Get issuerUniqueID.
-     *
-     * @throws \LogicException If not set
-     *
-     * @return UniqueIdentifier
-     */
-    public function issuerUniqueID(): UniqueIdentifier
-    {
-        if (!$this->hasIssuerUniqueID()) {
-            throw new \LogicException('issuerUniqueID not set.');
-        }
-        return $this->_issuerUniqueID;
-    }
-
-    /**
-     * Whether subject unique identifier is present.
-     *
-     * @return bool
-     */
-    public function hasSubjectUniqueID(): bool
-    {
-        return isset($this->_subjectUniqueID);
-    }
-
-    /**
-     * Get subjectUniqueID.
-     *
-     * @throws \LogicException If not set
-     *
-     * @return UniqueIdentifier
-     */
-    public function subjectUniqueID(): UniqueIdentifier
-    {
-        if (!$this->hasSubjectUniqueID()) {
-            throw new \LogicException('subjectUniqueID not set.');
-        }
-        return $this->_subjectUniqueID;
-    }
-
-    /**
-     * Get extensions.
-     *
-     * @return Extensions
-     */
-    public function extensions(): Extensions
-    {
-        return $this->_extensions;
-    }
-
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = [];
-        $version = $this->version();
-        // if version is not default
-        if (self::VERSION_1 !== $version) {
-            $elements[] = new ExplicitlyTaggedType(0, new Integer($version));
-        }
-        $serial = $this->serialNumber();
-        $signature = $this->signature();
-        // add required elements
-        array_push($elements, new Integer($serial), $signature->toASN1(),
-            $this->_issuer->toASN1(), $this->_validity->toASN1(),
-            $this->_subject->toASN1(), $this->_subjectPublicKeyInfo->toASN1());
-        if (isset($this->_issuerUniqueID)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                $this->_issuerUniqueID->toASN1());
-        }
-        if (isset($this->_subjectUniqueID)) {
-            $elements[] = new ImplicitlyTaggedType(2,
-                $this->_subjectUniqueID->toASN1());
-        }
-        if (count($this->_extensions)) {
-            $elements[] = new ExplicitlyTaggedType(3,
-                $this->_extensions->toASN1());
-        }
-        return new Sequence(...$elements);
-    }
-
-    /**
-     * Create signed certificate.
-     *
-     * @param SignatureAlgorithmIdentifier $algo         Algorithm used for signing
-     * @param PrivateKeyInfo               $privkey_info Private key used for signing
-     * @param null|Crypto                  $crypto       Crypto engine, use default if not set
-     *
-     * @return Certificate
-     */
-    public function sign(SignatureAlgorithmIdentifier $algo,
-        PrivateKeyInfo $privkey_info, ?Crypto $crypto = null): Certificate
-    {
-        $crypto = $crypto ?? Crypto::getDefault();
-        $tbs_cert = clone $this;
-        if (!isset($tbs_cert->_version)) {
-            $tbs_cert->_version = $tbs_cert->_determineVersion();
-        }
-        if (!isset($tbs_cert->_serialNumber)) {
-            $tbs_cert->_serialNumber = strval(0);
-        }
-        $tbs_cert->_signature = $algo;
-        $data = $tbs_cert->toASN1()->toDER();
-        $signature = $crypto->sign($data, $privkey_info, $algo);
-        return new Certificate($tbs_cert, $algo, $signature);
-    }
-
-    /**
-     * Determine minimum version for the certificate.
-     *
-     * @return int
-     */
-    protected function _determineVersion(): int
-    {
-        // if extensions are present
-        if (count($this->_extensions)) {
-            return self::VERSION_3;
-        }
-        // if UniqueIdentifier is present
-        if (isset($this->_issuerUniqueID) || isset($this->_subjectUniqueID)) {
-            return self::VERSION_2;
-        }
-        return self::VERSION_1;
-    }
+	// Certificate version enumerations
+	const VERSION_1 = 0;
+	const VERSION_2 = 1;
+	const VERSION_3 = 2;
+
+	/**
+	 * Certificate version.
+	 *
+	 * @var null|int
+	 */
+	protected $_version;
+
+	/**
+	 * Serial number.
+	 *
+	 * @var null|string
+	 */
+	protected $_serialNumber;
+
+	/**
+	 * Signature algorithm.
+	 *
+	 * @var null|SignatureAlgorithmIdentifier
+	 */
+	protected $_signature;
+
+	/**
+	 * Certificate issuer.
+	 *
+	 * @var Name
+	 */
+	protected $_issuer;
+
+	/**
+	 * Certificate validity period.
+	 *
+	 * @var Validity
+	 */
+	protected $_validity;
+
+	/**
+	 * Certificate subject.
+	 *
+	 * @var Name
+	 */
+	protected $_subject;
+
+	/**
+	 * Subject public key.
+	 *
+	 * @var PublicKeyInfo
+	 */
+	protected $_subjectPublicKeyInfo;
+
+	/**
+	 * Issuer unique identifier.
+	 *
+	 * @var null|UniqueIdentifier
+	 */
+	protected $_issuerUniqueID;
+
+	/**
+	 * Subject unique identifier.
+	 *
+	 * @var null|UniqueIdentifier
+	 */
+	protected $_subjectUniqueID;
+
+	/**
+	 * Extensions.
+	 *
+	 * @var Extensions
+	 */
+	protected $_extensions;
+
+	/**
+	 * Constructor.
+	 *
+	 * @param Name          $subject  Certificate subject
+	 * @param PublicKeyInfo $pki      Subject public key
+	 * @param Name          $issuer   Certificate issuer
+	 * @param Validity      $validity Validity period
+	 */
+	public function __construct(Name $subject, PublicKeyInfo $pki, Name $issuer,
+		Validity $validity)
+	{
+		$this->_subject = $subject;
+		$this->_subjectPublicKeyInfo = $pki;
+		$this->_issuer = $issuer;
+		$this->_validity = $validity;
+		$this->_extensions = new Extensions();
+	}
+
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 *
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$idx = 0;
+		if ($seq->hasTagged(0)) {
+			++$idx;
+			$version = $seq->getTagged(0)->asExplicit()->asInteger()->intNumber();
+		} else {
+			$version = self::VERSION_1;
+		}
+		$serial = $seq->at($idx++)->asInteger()->number();
+		$algo = AlgorithmIdentifier::fromASN1($seq->at($idx++)->asSequence());
+		if (!$algo instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				'Unsupported signature algorithm ' . $algo->name() . '.');
+		}
+		$issuer = Name::fromASN1($seq->at($idx++)->asSequence());
+		$validity = Validity::fromASN1($seq->at($idx++)->asSequence());
+		$subject = Name::fromASN1($seq->at($idx++)->asSequence());
+		$pki = PublicKeyInfo::fromASN1($seq->at($idx++)->asSequence());
+		$tbs_cert = new self($subject, $pki, $issuer, $validity);
+		$tbs_cert->_version = $version;
+		$tbs_cert->_serialNumber = $serial;
+		$tbs_cert->_signature = $algo;
+		if ($seq->hasTagged(1)) {
+			$tbs_cert->_issuerUniqueID = UniqueIdentifier::fromASN1(
+				$seq->getTagged(1)->asImplicit(Element::TYPE_BIT_STRING)
+					->asBitString());
+		}
+		if ($seq->hasTagged(2)) {
+			$tbs_cert->_subjectUniqueID = UniqueIdentifier::fromASN1(
+				$seq->getTagged(2)->asImplicit(Element::TYPE_BIT_STRING)
+					->asBitString());
+		}
+		if ($seq->hasTagged(3)) {
+			$tbs_cert->_extensions = Extensions::fromASN1(
+				$seq->getTagged(3)->asExplicit()->asSequence());
+		}
+		return $tbs_cert;
+	}
+
+	/**
+	 * Initialize from certification request.
+	 *
+	 * Note that signature is not verified and must be done by the caller.
+	 *
+	 * @param CertificationRequest $cr
+	 *
+	 * @return self
+	 */
+	public static function fromCSR(CertificationRequest $cr): self
+	{
+		$cri = $cr->certificationRequestInfo();
+		$tbs_cert = new self($cri->subject(), $cri->subjectPKInfo(), new Name(),
+			Validity::fromStrings(null, null));
+		// if CSR has Extension Request attribute
+		if ($cri->hasAttributes()) {
+			$attribs = $cri->attributes();
+			if ($attribs->hasExtensionRequest()) {
+				$tbs_cert = $tbs_cert->withExtensions(
+					$attribs->extensionRequest()->extensions());
+			}
+		}
+		// add Subject Key Identifier extension
+		return $tbs_cert->withAdditionalExtensions(
+			new SubjectKeyIdentifierExtension(false,
+				$cri->subjectPKInfo()->keyIdentifier()));
+	}
+
+	/**
+	 * Get self with fields set from the issuer's certificate.
+	 *
+	 * Issuer shall be set to issuing certificate's subject.
+	 * Authority key identifier extensions shall be added with a key identifier
+	 * set to issuing certificate's public key identifier.
+	 *
+	 * @param Certificate $cert Issuing party's certificate
+	 *
+	 * @return self
+	 */
+	public function withIssuerCertificate(Certificate $cert): self
+	{
+		$obj = clone $this;
+		// set issuer DN from cert's subject
+		$obj->_issuer = $cert->tbsCertificate()->subject();
+		// add authority key identifier extension
+		$key_id = $cert->tbsCertificate()->subjectPublicKeyInfo()->keyIdentifier();
+		$obj->_extensions = $obj->_extensions->withExtensions(
+			new AuthorityKeyIdentifierExtension(false, $key_id));
+		return $obj;
+	}
+
+	/**
+	 * Get self with given version.
+	 *
+	 * If version is not set, appropriate version is automatically
+	 * determined during signing.
+	 *
+	 * @param int $version
+	 *
+	 * @return self
+	 */
+	public function withVersion(int $version): self
+	{
+		$obj = clone $this;
+		$obj->_version = $version;
+		return $obj;
+	}
+
+	/**
+	 * Get self with given serial number.
+	 *
+	 * @param int|string $serial Base 10 number
+	 *
+	 * @return self
+	 */
+	public function withSerialNumber($serial): self
+	{
+		$obj = clone $this;
+		$obj->_serialNumber = strval($serial);
+		return $obj;
+	}
+
+	/**
+	 * Get self with random positive serial number.
+	 *
+	 * @param int $size Number of random bytes
+	 *
+	 * @return self
+	 */
+	public function withRandomSerialNumber(int $size = 16): self
+	{
+		// ensure that first byte is always non-zero and having first bit unset
+		$num = gmp_init(mt_rand(1, 0x7f), 10);
+		for ($i = 1; $i < $size; ++$i) {
+			$num <<= 8;
+			$num += mt_rand(0, 0xff);
+		}
+		return $this->withSerialNumber(gmp_strval($num, 10));
+	}
+
+	/**
+	 * Get self with given signature algorithm.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo
+	 *
+	 * @return self
+	 */
+	public function withSignature(SignatureAlgorithmIdentifier $algo): self
+	{
+		$obj = clone $this;
+		$obj->_signature = $algo;
+		return $obj;
+	}
+
+	/**
+	 * Get self with given issuer.
+	 *
+	 * @param Name $issuer
+	 *
+	 * @return self
+	 */
+	public function withIssuer(Name $issuer): self
+	{
+		$obj = clone $this;
+		$obj->_issuer = $issuer;
+		return $obj;
+	}
+
+	/**
+	 * Get self with given validity.
+	 *
+	 * @param Validity $validity
+	 *
+	 * @return self
+	 */
+	public function withValidity(Validity $validity): self
+	{
+		$obj = clone $this;
+		$obj->_validity = $validity;
+		return $obj;
+	}
+
+	/**
+	 * Get self with given subject.
+	 *
+	 * @param Name $subject
+	 *
+	 * @return self
+	 */
+	public function withSubject(Name $subject): self
+	{
+		$obj = clone $this;
+		$obj->_subject = $subject;
+		return $obj;
+	}
+
+	/**
+	 * Get self with given subject public key info.
+	 *
+	 * @param PublicKeyInfo $pub_key_info
+	 *
+	 * @return self
+	 */
+	public function withSubjectPublicKeyInfo(PublicKeyInfo $pub_key_info): self
+	{
+		$obj = clone $this;
+		$obj->_subjectPublicKeyInfo = $pub_key_info;
+		return $obj;
+	}
+
+	/**
+	 * Get self with issuer unique ID.
+	 *
+	 * @param UniqueIdentifier $id
+	 *
+	 * @return self
+	 */
+	public function withIssuerUniqueID(UniqueIdentifier $id): self
+	{
+		$obj = clone $this;
+		$obj->_issuerUniqueID = $id;
+		return $obj;
+	}
+
+	/**
+	 * Get self with subject unique ID.
+	 *
+	 * @param UniqueIdentifier $id
+	 *
+	 * @return self
+	 */
+	public function withSubjectUniqueID(UniqueIdentifier $id): self
+	{
+		$obj = clone $this;
+		$obj->_subjectUniqueID = $id;
+		return $obj;
+	}
+
+	/**
+	 * Get self with given extensions.
+	 *
+	 * @param Extensions $extensions
+	 *
+	 * @return self
+	 */
+	public function withExtensions(Extensions $extensions): self
+	{
+		$obj = clone $this;
+		$obj->_extensions = $extensions;
+		return $obj;
+	}
+
+	/**
+	 * Get self with extensions added.
+	 *
+	 * @param Extension ...$exts One or more Extension objects
+	 *
+	 * @return self
+	 */
+	public function withAdditionalExtensions(Extension ...$exts): self
+	{
+		$obj = clone $this;
+		$obj->_extensions = $obj->_extensions->withExtensions(...$exts);
+		return $obj;
+	}
+
+	/**
+	 * Check whether version is set.
+	 *
+	 * @return bool
+	 */
+	public function hasVersion(): bool
+	{
+		return isset($this->_version);
+	}
+
+	/**
+	 * Get certificate version.
+	 *
+	 * @throws \LogicException If not set
+	 *
+	 * @return int
+	 */
+	public function version(): int
+	{
+		if (!$this->hasVersion()) {
+			throw new \LogicException('version not set.');
+		}
+		return $this->_version;
+	}
+
+	/**
+	 * Check whether serial number is set.
+	 *
+	 * @return bool
+	 */
+	public function hasSerialNumber(): bool
+	{
+		return isset($this->_serialNumber);
+	}
+
+	/**
+	 * Get serial number.
+	 *
+	 * @throws \LogicException If not set
+	 *
+	 * @return string Base 10 integer
+	 */
+	public function serialNumber(): string
+	{
+		if (!$this->hasSerialNumber()) {
+			throw new \LogicException('serialNumber not set.');
+		}
+		return $this->_serialNumber;
+	}
+
+	/**
+	 * Check whether signature algorithm is set.
+	 *
+	 * @return bool
+	 */
+	public function hasSignature(): bool
+	{
+		return isset($this->_signature);
+	}
+
+	/**
+	 * Get signature algorithm.
+	 *
+	 * @throws \LogicException If not set
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signature(): SignatureAlgorithmIdentifier
+	{
+		if (!$this->hasSignature()) {
+			throw new \LogicException('signature not set.');
+		}
+		return $this->_signature;
+	}
+
+	/**
+	 * Get issuer.
+	 *
+	 * @return Name
+	 */
+	public function issuer(): Name
+	{
+		return $this->_issuer;
+	}
+
+	/**
+	 * Get validity period.
+	 *
+	 * @return Validity
+	 */
+	public function validity(): Validity
+	{
+		return $this->_validity;
+	}
+
+	/**
+	 * Get subject.
+	 *
+	 * @return Name
+	 */
+	public function subject(): Name
+	{
+		return $this->_subject;
+	}
+
+	/**
+	 * Get subject public key.
+	 *
+	 * @return PublicKeyInfo
+	 */
+	public function subjectPublicKeyInfo(): PublicKeyInfo
+	{
+		return $this->_subjectPublicKeyInfo;
+	}
+
+	/**
+	 * Whether issuer unique identifier is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerUniqueID(): bool
+	{
+		return isset($this->_issuerUniqueID);
+	}
+
+	/**
+	 * Get issuerUniqueID.
+	 *
+	 * @throws \LogicException If not set
+	 *
+	 * @return UniqueIdentifier
+	 */
+	public function issuerUniqueID(): UniqueIdentifier
+	{
+		if (!$this->hasIssuerUniqueID()) {
+			throw new \LogicException('issuerUniqueID not set.');
+		}
+		return $this->_issuerUniqueID;
+	}
+
+	/**
+	 * Whether subject unique identifier is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSubjectUniqueID(): bool
+	{
+		return isset($this->_subjectUniqueID);
+	}
+
+	/**
+	 * Get subjectUniqueID.
+	 *
+	 * @throws \LogicException If not set
+	 *
+	 * @return UniqueIdentifier
+	 */
+	public function subjectUniqueID(): UniqueIdentifier
+	{
+		if (!$this->hasSubjectUniqueID()) {
+			throw new \LogicException('subjectUniqueID not set.');
+		}
+		return $this->_subjectUniqueID;
+	}
+
+	/**
+	 * Get extensions.
+	 *
+	 * @return Extensions
+	 */
+	public function extensions(): Extensions
+	{
+		return $this->_extensions;
+	}
+
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = [];
+		$version = $this->version();
+		// if version is not default
+		if (self::VERSION_1 !== $version) {
+			$elements[] = new ExplicitlyTaggedType(0, new Integer($version));
+		}
+		$serial = $this->serialNumber();
+		$signature = $this->signature();
+		// add required elements
+		array_push($elements, new Integer($serial), $signature->toASN1(),
+			$this->_issuer->toASN1(), $this->_validity->toASN1(),
+			$this->_subject->toASN1(), $this->_subjectPublicKeyInfo->toASN1());
+		if (isset($this->_issuerUniqueID)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				$this->_issuerUniqueID->toASN1());
+		}
+		if (isset($this->_subjectUniqueID)) {
+			$elements[] = new ImplicitlyTaggedType(2,
+				$this->_subjectUniqueID->toASN1());
+		}
+		if (count($this->_extensions)) {
+			$elements[] = new ExplicitlyTaggedType(3,
+				$this->_extensions->toASN1());
+		}
+		return new Sequence(...$elements);
+	}
+
+	/**
+	 * Create signed certificate.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo         Algorithm used for signing
+	 * @param PrivateKeyInfo               $privkey_info Private key used for signing
+	 * @param null|Crypto                  $crypto       Crypto engine, use default if not set
+	 *
+	 * @return Certificate
+	 */
+	public function sign(SignatureAlgorithmIdentifier $algo,
+		PrivateKeyInfo $privkey_info, ?Crypto $crypto = null): Certificate
+	{
+		$crypto = $crypto ?? Crypto::getDefault();
+		$tbs_cert = clone $this;
+		if (!isset($tbs_cert->_version)) {
+			$tbs_cert->_version = $tbs_cert->_determineVersion();
+		}
+		if (!isset($tbs_cert->_serialNumber)) {
+			$tbs_cert->_serialNumber = strval(0);
+		}
+		$tbs_cert->_signature = $algo;
+		$data = $tbs_cert->toASN1()->toDER();
+		$signature = $crypto->sign($data, $privkey_info, $algo);
+		return new Certificate($tbs_cert, $algo, $signature);
+	}
+
+	/**
+	 * Determine minimum version for the certificate.
+	 *
+	 * @return int
+	 */
+	protected function _determineVersion(): int
+	{
+		// if extensions are present
+		if (count($this->_extensions)) {
+			return self::VERSION_3;
+		}
+		// if UniqueIdentifier is present
+		if (isset($this->_issuerUniqueID) || isset($this->_subjectUniqueID)) {
+			return self::VERSION_2;
+		}
+		return self::VERSION_1;
+	}
 }

Please login to merge, or discard this patch.

lib/X509/Certificate/Extension/Target/Targets.php 2 patches

Indentation +121 added lines, -121 removed lines patch added patch discarded remove patch

@@ -14,135 +14,135 @@
 block discarded – undo
  */
 class Targets implements \Countable, \IteratorAggregate
 {
-    /**
-     * Target elements.
-     *
-     * @var Target[]
-     */
-    protected $_targets;
+	/**
+	 * Target elements.
+	 *
+	 * @var Target[]
+	 */
+	protected $_targets;
 
-    /**
-     * Constructor.
-     *
-     * @param Target ...$targets
-     */
-    public function __construct(Target ...$targets)
-    {
-        $this->_targets = $targets;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Target ...$targets
+	 */
+	public function __construct(Target ...$targets)
+	{
+		$this->_targets = $targets;
+	}
 
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     *
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $targets = array_map(
-            function (UnspecifiedType $el) {
-                return Target::fromASN1($el->asTagged());
-            }, $seq->elements());
-        return new self(...$targets);
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 *
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$targets = array_map(
+			function (UnspecifiedType $el) {
+				return Target::fromASN1($el->asTagged());
+			}, $seq->elements());
+		return new self(...$targets);
+	}
 
-    /**
-     * Get all targets.
-     *
-     * @return Target[]
-     */
-    public function all(): array
-    {
-        return $this->_targets;
-    }
+	/**
+	 * Get all targets.
+	 *
+	 * @return Target[]
+	 */
+	public function all(): array
+	{
+		return $this->_targets;
+	}
 
-    /**
-     * Get all name targets.
-     *
-     * @return Target[]
-     */
-    public function nameTargets(): array
-    {
-        return $this->_allOfType(Target::TYPE_NAME);
-    }
+	/**
+	 * Get all name targets.
+	 *
+	 * @return Target[]
+	 */
+	public function nameTargets(): array
+	{
+		return $this->_allOfType(Target::TYPE_NAME);
+	}
 
-    /**
-     * Get all group targets.
-     *
-     * @return Target[]
-     */
-    public function groupTargets(): array
-    {
-        return $this->_allOfType(Target::TYPE_GROUP);
-    }
+	/**
+	 * Get all group targets.
+	 *
+	 * @return Target[]
+	 */
+	public function groupTargets(): array
+	{
+		return $this->_allOfType(Target::TYPE_GROUP);
+	}
 
-    /**
-     * Check whether given target is present.
-     *
-     * @param Target $target
-     *
-     * @return bool
-     */
-    public function hasTarget(Target $target): bool
-    {
-        foreach ($this->_allOfType($target->type()) as $t) {
-            if ($target->equals($t)) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether given target is present.
+	 *
+	 * @param Target $target
+	 *
+	 * @return bool
+	 */
+	public function hasTarget(Target $target): bool
+	{
+		foreach ($this->_allOfType($target->type()) as $t) {
+			if ($target->equals($t)) {
+				return true;
+			}
+		}
+		return false;
+	}
 
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array_map(
-            function (Target $target) {
-                return $target->toASN1();
-            }, $this->_targets);
-        return new Sequence(...$elements);
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array_map(
+			function (Target $target) {
+				return $target->toASN1();
+			}, $this->_targets);
+		return new Sequence(...$elements);
+	}
 
-    /**
-     * @see \Countable::count()
-     *
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_targets);
-    }
+	/**
+	 * @see \Countable::count()
+	 *
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_targets);
+	}
 
-    /**
-     * Get iterator for targets.
-     *
-     * @see \IteratorAggregate::getIterator()
-     *
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_targets);
-    }
+	/**
+	 * Get iterator for targets.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 *
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_targets);
+	}
 
-    /**
-     * Get all targets of given type.
-     *
-     * @param int $type
-     *
-     * @return Target[]
-     */
-    protected function _allOfType(int $type): array
-    {
-        return array_values(
-            array_filter($this->_targets,
-                function (Target $target) use ($type) {
-                    return $target->type() === $type;
-                }));
-    }
+	/**
+	 * Get all targets of given type.
+	 *
+	 * @param int $type
+	 *
+	 * @return Target[]
+	 */
+	protected function _allOfType(int $type): array
+	{
+		return array_values(
+			array_filter($this->_targets,
+				function (Target $target) use ($type) {
+					return $target->type() === $type;
+				}));
+	}
 }

Please login to merge, or discard this patch.

Spacing +4 added lines, -4 removed lines patch added patch discarded remove patch

@@ -1,6 +1,6 @@  discard block
 block discarded – undo
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\X509\Certificate\Extension\Target;
 
@@ -41,7 +41,7 @@  discard block
 block discarded – undo
     public static function fromASN1(Sequence $seq): self
     {
         $targets = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return Target::fromASN1($el->asTagged());
             }, $seq->elements());
         return new self(...$targets);
@@ -102,7 +102,7 @@  discard block
 block discarded – undo
     public function toASN1(): Sequence
     {
         $elements = array_map(
-            function (Target $target) {
+            function(Target $target) {
                 return $target->toASN1();
             }, $this->_targets);
         return new Sequence(...$elements);
@@ -141,7 +141,7 @@  discard block
 block discarded – undo
     {
         return array_values(
             array_filter($this->_targets,
-                function (Target $target) use ($type) {
+                function(Target $target) use ($type) {
                     return $target->type() === $type;
                 }));
     }

Please login to merge, or discard this patch.

lib/X509/Certificate/Extension/PolicyMappingsExtension.php 1 patch

Indentation +150 added lines, -150 removed lines patch added patch discarded remove patch

@@ -17,164 +17,164 @@
 block discarded – undo
  */
 class PolicyMappingsExtension extends Extension implements \Countable, \IteratorAggregate
 {
-    /**
-     * Policy mappings.
-     *
-     * @var PolicyMapping[]
-     */
-    protected $_mappings;
+	/**
+	 * Policy mappings.
+	 *
+	 * @var PolicyMapping[]
+	 */
+	protected $_mappings;
 
-    /**
-     * Constructor.
-     *
-     * @param bool          $critical
-     * @param PolicyMapping ...$mappings One or more PolicyMapping objects
-     */
-    public function __construct(bool $critical, PolicyMapping ...$mappings)
-    {
-        parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
-        $this->_mappings = $mappings;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool          $critical
+	 * @param PolicyMapping ...$mappings One or more PolicyMapping objects
+	 */
+	public function __construct(bool $critical, PolicyMapping ...$mappings)
+	{
+		parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
+		$this->_mappings = $mappings;
+	}
 
-    /**
-     * Get all mappings.
-     *
-     * @return PolicyMapping[]
-     */
-    public function mappings(): array
-    {
-        return $this->_mappings;
-    }
+	/**
+	 * Get all mappings.
+	 *
+	 * @return PolicyMapping[]
+	 */
+	public function mappings(): array
+	{
+		return $this->_mappings;
+	}
 
-    /**
-     * Get mappings flattened into a single array of arrays of subject domains
-     * keyed by issuer domain.
-     *
-     * Eg. if policy mappings contains multiple mappings with the same issuer
-     * domain policy, their corresponding subject domain policies are placed
-     * under the same key.
-     *
-     * @return (string[])[]
-     */
-    public function flattenedMappings(): array
-    {
-        $mappings = [];
-        foreach ($this->_mappings as $mapping) {
-            $idp = $mapping->issuerDomainPolicy();
-            if (!isset($mappings[$idp])) {
-                $mappings[$idp] = [];
-            }
-            array_push($mappings[$idp], $mapping->subjectDomainPolicy());
-        }
-        return $mappings;
-    }
+	/**
+	 * Get mappings flattened into a single array of arrays of subject domains
+	 * keyed by issuer domain.
+	 *
+	 * Eg. if policy mappings contains multiple mappings with the same issuer
+	 * domain policy, their corresponding subject domain policies are placed
+	 * under the same key.
+	 *
+	 * @return (string[])[]
+	 */
+	public function flattenedMappings(): array
+	{
+		$mappings = [];
+		foreach ($this->_mappings as $mapping) {
+			$idp = $mapping->issuerDomainPolicy();
+			if (!isset($mappings[$idp])) {
+				$mappings[$idp] = [];
+			}
+			array_push($mappings[$idp], $mapping->subjectDomainPolicy());
+		}
+		return $mappings;
+	}
 
-    /**
-     * Get all subject domain policy OIDs that are mapped to given issuer
-     * domain policy OID.
-     *
-     * @param string $oid Issuer domain policy
-     *
-     * @return string[] List of OIDs in dotted format
-     */
-    public function issuerMappings(string $oid): array
-    {
-        $oids = [];
-        foreach ($this->_mappings as $mapping) {
-            if ($mapping->issuerDomainPolicy() === $oid) {
-                $oids[] = $mapping->subjectDomainPolicy();
-            }
-        }
-        return $oids;
-    }
+	/**
+	 * Get all subject domain policy OIDs that are mapped to given issuer
+	 * domain policy OID.
+	 *
+	 * @param string $oid Issuer domain policy
+	 *
+	 * @return string[] List of OIDs in dotted format
+	 */
+	public function issuerMappings(string $oid): array
+	{
+		$oids = [];
+		foreach ($this->_mappings as $mapping) {
+			if ($mapping->issuerDomainPolicy() === $oid) {
+				$oids[] = $mapping->subjectDomainPolicy();
+			}
+		}
+		return $oids;
+	}
 
-    /**
-     * Get all mapped issuer domain policy OIDs.
-     *
-     * @return string[]
-     */
-    public function issuerDomainPolicies(): array
-    {
-        $idps = array_map(
-            function (PolicyMapping $mapping) {
-                return $mapping->issuerDomainPolicy();
-            }, $this->_mappings);
-        return array_values(array_unique($idps));
-    }
+	/**
+	 * Get all mapped issuer domain policy OIDs.
+	 *
+	 * @return string[]
+	 */
+	public function issuerDomainPolicies(): array
+	{
+		$idps = array_map(
+			function (PolicyMapping $mapping) {
+				return $mapping->issuerDomainPolicy();
+			}, $this->_mappings);
+		return array_values(array_unique($idps));
+	}
 
-    /**
-     * Check whether policy mappings have anyPolicy mapped.
-     *
-     * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
-     * to or from the special value anyPolicy".
-     *
-     * @return bool
-     */
-    public function hasAnyPolicyMapping(): bool
-    {
-        foreach ($this->_mappings as $mapping) {
-            if (PolicyInformation::OID_ANY_POLICY === $mapping->issuerDomainPolicy()) {
-                return true;
-            }
-            if (PolicyInformation::OID_ANY_POLICY === $mapping->subjectDomainPolicy()) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether policy mappings have anyPolicy mapped.
+	 *
+	 * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
+	 * to or from the special value anyPolicy".
+	 *
+	 * @return bool
+	 */
+	public function hasAnyPolicyMapping(): bool
+	{
+		foreach ($this->_mappings as $mapping) {
+			if (PolicyInformation::OID_ANY_POLICY === $mapping->issuerDomainPolicy()) {
+				return true;
+			}
+			if (PolicyInformation::OID_ANY_POLICY === $mapping->subjectDomainPolicy()) {
+				return true;
+			}
+		}
+		return false;
+	}
 
-    /**
-     * Get the number of mappings.
-     *
-     * @see \Countable::count()
-     *
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_mappings);
-    }
+	/**
+	 * Get the number of mappings.
+	 *
+	 * @see \Countable::count()
+	 *
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_mappings);
+	}
 
-    /**
-     * Get iterator for policy mappings.
-     *
-     * @see \IteratorAggregate::getIterator()
-     *
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_mappings);
-    }
+	/**
+	 * Get iterator for policy mappings.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 *
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_mappings);
+	}
 
-    /**
-     * {@inheritdoc}
-     */
-    protected static function _fromDER(string $data, bool $critical): Extension
-    {
-        $mappings = array_map(
-            function (UnspecifiedType $el) {
-                return PolicyMapping::fromASN1($el->asSequence());
-            }, UnspecifiedType::fromDER($data)->asSequence()->elements());
-        if (!count($mappings)) {
-            throw new \UnexpectedValueException(
-                'PolicyMappings must have at least one mapping.');
-        }
-        return new self($critical, ...$mappings);
-    }
+	/**
+	 * {@inheritdoc}
+	 */
+	protected static function _fromDER(string $data, bool $critical): Extension
+	{
+		$mappings = array_map(
+			function (UnspecifiedType $el) {
+				return PolicyMapping::fromASN1($el->asSequence());
+			}, UnspecifiedType::fromDER($data)->asSequence()->elements());
+		if (!count($mappings)) {
+			throw new \UnexpectedValueException(
+				'PolicyMappings must have at least one mapping.');
+		}
+		return new self($critical, ...$mappings);
+	}
 
-    /**
-     * {@inheritdoc}
-     */
-    protected function _valueASN1(): Element
-    {
-        if (!count($this->_mappings)) {
-            throw new \LogicException('No mappings.');
-        }
-        $elements = array_map(
-            function (PolicyMapping $mapping) {
-                return $mapping->toASN1();
-            }, $this->_mappings);
-        return new Sequence(...$elements);
-    }
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function _valueASN1(): Element
+	{
+		if (!count($this->_mappings)) {
+			throw new \LogicException('No mappings.');
+		}
+		$elements = array_map(
+			function (PolicyMapping $mapping) {
+				return $mapping->toASN1();
+			}, $this->_mappings);
+		return new Sequence(...$elements);
+	}
 }

Please login to merge, or discard this patch.

GitHub Access Token became invalid

Push — php72 ( 6c57e4...f82e5a )

Status

Category

Indentation +186 added lines, -186 removed lines patch added patch discarded remove patch

Indentation +202 added lines, -202 removed lines patch added patch discarded remove patch

Indentation +395 added lines, -395 removed lines patch added patch discarded remove patch

Indentation +240 added lines, -240 removed lines patch added patch discarded remove patch

Indentation +219 added lines, -219 removed lines patch added patch discarded remove patch

Indentation +96 added lines, -96 removed lines patch added patch discarded remove patch

Switch Indentation +10 added lines, -10 removed lines patch added patch discarded remove patch

Indentation +618 added lines, -618 removed lines patch added patch discarded remove patch

Indentation +121 added lines, -121 removed lines patch added patch discarded remove patch

Spacing +4 added lines, -4 removed lines patch added patch discarded remove patch

Indentation +150 added lines, -150 removed lines patch added patch discarded remove patch

		@@ -18,190 +18,190 @@
		block discarded – undo
18	18	*/
19	19	class GeneralNames implements \Countable, \IteratorAggregate
20	20	{
21		- /**
22		- * GeneralName objects.
23		- *
24		- * @var GeneralName[]
25		- */
26		- protected $_names;
27		-
28		- /**
29		- * Constructor.
30		- *
31		- * @param GeneralName ...$names One or more GeneralName objects
32		- */
33		- public function __construct(GeneralName ...$names)
34		- {
35		- $this->_names = $names;
36		- }
37		-
38		- /**
39		- * Initialize from ASN.1.
40		- *
41		- * @param Sequence $seq
42		- *
43		- * @throws \UnexpectedValueException
44		- *
45		- * @return self
46		- */
47		- public static function fromASN1(Sequence $seq): GeneralNames
48		- {
49		- if (!count($seq)) {
50		- throw new \UnexpectedValueException(
51		- 'GeneralNames must have at least one GeneralName.');
52		- }
53		- $names = array_map(
54		- function (UnspecifiedType $el) {
55		- return GeneralName::fromASN1($el->asTagged());
56		- }, $seq->elements());
57		- return new self(...$names);
58		- }
59		-
60		- /**
61		- * Check whether GeneralNames contains a GeneralName of given type.
62		- *
63		- * @param int $tag One of `GeneralName::TAG_*` enumerations
64		- *
65		- * @return bool
66		- */
67		- public function has(int $tag): bool
68		- {
69		- return null !== $this->_findFirst($tag);
70		- }
71		-
72		- /**
73		- * Get first GeneralName of given type.
74		- *
75		- * @param int $tag One of `GeneralName::TAG_*` enumerations
76		- *
77		- * @throws \OutOfBoundsException
78		- *
79		- * @return GeneralName
80		- */
81		- public function firstOf(int $tag): GeneralName
82		- {
83		- $name = $this->_findFirst($tag);
84		- if (!$name) {
85		- throw new \UnexpectedValueException("No GeneralName by tag {$tag}.");
86		- }
87		- return $name;
88		- }
89		-
90		- /**
91		- * Get all GeneralName objects of given type.
92		- *
93		- * @param int $tag One of `GeneralName::TAG_*` enumerations
94		- *
95		- * @return GeneralName[]
96		- */
97		- public function allOf(int $tag): array
98		- {
99		- $names = array_filter($this->_names,
100		- function (GeneralName $name) use ($tag) {
101		- return $name->tag() === $tag;
102		- });
103		- return array_values($names);
104		- }
105		-
106		- /**
107		- * Get value of the first 'dNSName' type.
108		- *
109		- * @return string
110		- */
111		- public function firstDNS(): string
112		- {
113		- $gn = $this->firstOf(GeneralName::TAG_DNS_NAME);
114		- if (!$gn instanceof DNSName) {
115		- throw new \RuntimeException(
116		- DNSName::class . ' expected, got ' . get_class($gn));
117		- }
118		- return $gn->name();
119		- }
120		-
121		- /**
122		- * Get value of the first 'directoryName' type.
123		- *
124		- * @return Name
125		- */
126		- public function firstDN(): Name
127		- {
128		- $gn = $this->firstOf(GeneralName::TAG_DIRECTORY_NAME);
129		- if (!$gn instanceof DirectoryName) {
130		- throw new \RuntimeException(
131		- DirectoryName::class . ' expected, got ' . get_class($gn));
132		- }
133		- return $gn->dn();
134		- }
135		-
136		- /**
137		- * Get value of the first 'uniformResourceIdentifier' type.
138		- *
139		- * @return string
140		- */
141		- public function firstURI(): string
142		- {
143		- $gn = $this->firstOf(GeneralName::TAG_URI);
144		- if (!$gn instanceof UniformResourceIdentifier) {
145		- throw new \RuntimeException(
146		- UniformResourceIdentifier::class . ' expected, got ' . get_class($gn));
147		- }
148		- return $gn->uri();
149		- }
150		-
151		- /**
152		- * Generate ASN.1 structure.
153		- *
154		- * @return Sequence
155		- */
156		- public function toASN1(): Sequence
157		- {
158		- if (!count($this->_names)) {
159		- throw new \LogicException(
160		- 'GeneralNames must have at least one GeneralName.');
161		- }
162		- $elements = array_map(
163		- function (GeneralName $name) {
164		- return $name->toASN1();
165		- }, $this->_names);
166		- return new Sequence(...$elements);
167		- }
168		-
169		- /**
170		- * @see \Countable::count()
171		- *
172		- * @return int
173		- */
174		- public function count(): int
175		- {
176		- return count($this->_names);
177		- }
178		-
179		- /**
180		- * Get iterator for GeneralName objects.
181		- *
182		- * @see \IteratorAggregate::getIterator()
183		- *
184		- * @return \ArrayIterator
185		- */
186		- public function getIterator(): \ArrayIterator
187		- {
188		- return new \ArrayIterator($this->_names);
189		- }
190		-
191		- /**
192		- * Find first GeneralName by given tag.
193		- *
194		- * @param int $tag
195		- *
196		- * @return null\|GeneralName
197		- */
198		- protected function _findFirst(int $tag): ?GeneralName
199		- {
200		- foreach ($this->_names as $name) {
201		- if ($name->tag() === $tag) {
202		- return $name;
203		- }
204		- }
205		- return null;
206		- }
	21	+ /**
	22	+ * GeneralName objects.
	23	+ *
	24	+ * @var GeneralName[]
	25	+ */
	26	+ protected $_names;
	27	+
	28	+ /**
	29	+ * Constructor.
	30	+ *
	31	+ * @param GeneralName ...$names One or more GeneralName objects
	32	+ */
	33	+ public function __construct(GeneralName ...$names)
	34	+ {
	35	+ $this->_names = $names;
	36	+ }
	37	+
	38	+ /**
	39	+ * Initialize from ASN.1.
	40	+ *
	41	+ * @param Sequence $seq
	42	+ *
	43	+ * @throws \UnexpectedValueException
	44	+ *
	45	+ * @return self
	46	+ */
	47	+ public static function fromASN1(Sequence $seq): GeneralNames
	48	+ {
	49	+ if (!count($seq)) {
	50	+ throw new \UnexpectedValueException(
	51	+ 'GeneralNames must have at least one GeneralName.');
	52	+ }
	53	+ $names = array_map(
	54	+ function (UnspecifiedType $el) {
	55	+ return GeneralName::fromASN1($el->asTagged());
	56	+ }, $seq->elements());
	57	+ return new self(...$names);
	58	+ }
	59	+
	60	+ /**
	61	+ * Check whether GeneralNames contains a GeneralName of given type.
	62	+ *
	63	+ * @param int $tag One of `GeneralName::TAG_*` enumerations
	64	+ *
	65	+ * @return bool
	66	+ */
	67	+ public function has(int $tag): bool
	68	+ {
	69	+ return null !== $this->_findFirst($tag);
	70	+ }
	71	+
	72	+ /**
	73	+ * Get first GeneralName of given type.
	74	+ *
	75	+ * @param int $tag One of `GeneralName::TAG_*` enumerations
	76	+ *
	77	+ * @throws \OutOfBoundsException
	78	+ *
	79	+ * @return GeneralName
	80	+ */
	81	+ public function firstOf(int $tag): GeneralName
	82	+ {
	83	+ $name = $this->_findFirst($tag);
	84	+ if (!$name) {
	85	+ throw new \UnexpectedValueException("No GeneralName by tag {$tag}.");
	86	+ }
	87	+ return $name;
	88	+ }
	89	+
	90	+ /**
	91	+ * Get all GeneralName objects of given type.
	92	+ *
	93	+ * @param int $tag One of `GeneralName::TAG_*` enumerations
	94	+ *
	95	+ * @return GeneralName[]
	96	+ */
	97	+ public function allOf(int $tag): array
	98	+ {
	99	+ $names = array_filter($this->_names,
	100	+ function (GeneralName $name) use ($tag) {
	101	+ return $name->tag() === $tag;
	102	+ });
	103	+ return array_values($names);
	104	+ }
	105	+
	106	+ /**
	107	+ * Get value of the first 'dNSName' type.
	108	+ *
	109	+ * @return string
	110	+ */
	111	+ public function firstDNS(): string
	112	+ {
	113	+ $gn = $this->firstOf(GeneralName::TAG_DNS_NAME);
	114	+ if (!$gn instanceof DNSName) {
	115	+ throw new \RuntimeException(
	116	+ DNSName::class . ' expected, got ' . get_class($gn));
	117	+ }
	118	+ return $gn->name();
	119	+ }
	120	+
	121	+ /**
	122	+ * Get value of the first 'directoryName' type.
	123	+ *
	124	+ * @return Name
	125	+ */
	126	+ public function firstDN(): Name
	127	+ {
	128	+ $gn = $this->firstOf(GeneralName::TAG_DIRECTORY_NAME);
	129	+ if (!$gn instanceof DirectoryName) {
	130	+ throw new \RuntimeException(
	131	+ DirectoryName::class . ' expected, got ' . get_class($gn));
	132	+ }
	133	+ return $gn->dn();
	134	+ }
	135	+
	136	+ /**
	137	+ * Get value of the first 'uniformResourceIdentifier' type.
	138	+ *
	139	+ * @return string
	140	+ */
	141	+ public function firstURI(): string
	142	+ {
	143	+ $gn = $this->firstOf(GeneralName::TAG_URI);
	144	+ if (!$gn instanceof UniformResourceIdentifier) {
	145	+ throw new \RuntimeException(
	146	+ UniformResourceIdentifier::class . ' expected, got ' . get_class($gn));
	147	+ }
	148	+ return $gn->uri();
	149	+ }
	150	+
	151	+ /**
	152	+ * Generate ASN.1 structure.
	153	+ *
	154	+ * @return Sequence
	155	+ */
	156	+ public function toASN1(): Sequence
	157	+ {
	158	+ if (!count($this->_names)) {
	159	+ throw new \LogicException(
	160	+ 'GeneralNames must have at least one GeneralName.');
	161	+ }
	162	+ $elements = array_map(
	163	+ function (GeneralName $name) {
	164	+ return $name->toASN1();
	165	+ }, $this->_names);
	166	+ return new Sequence(...$elements);
	167	+ }
	168	+
	169	+ /**
	170	+ * @see \Countable::count()
	171	+ *
	172	+ * @return int
	173	+ */
	174	+ public function count(): int
	175	+ {
	176	+ return count($this->_names);
	177	+ }
	178	+
	179	+ /**
	180	+ * Get iterator for GeneralName objects.
	181	+ *
	182	+ * @see \IteratorAggregate::getIterator()
	183	+ *
	184	+ * @return \ArrayIterator
	185	+ */
	186	+ public function getIterator(): \ArrayIterator
	187	+ {
	188	+ return new \ArrayIterator($this->_names);
	189	+ }
	190	+
	191	+ /**
	192	+ * Find first GeneralName by given tag.
	193	+ *
	194	+ * @param int $tag
	195	+ *
	196	+ * @return null\|GeneralName
	197	+ */
	198	+ protected function _findFirst(int $tag): ?GeneralName
	199	+ {
	200	+ foreach ($this->_names as $name) {
	201	+ if ($name->tag() === $tag) {
	202	+ return $name;
	203	+ }
	204	+ }
	205	+ return null;
	206	+ }
207	207	}

		@@ -24,206 +24,206 @@
		block discarded – undo
24	24	*/
25	25	class CertificationRequestInfo
26	26	{
27		- const VERSION_1 = 0;
28		-
29		- /**
30		- * Version.
31		- *
32		- * @var int
33		- */
34		- protected $_version;
35		-
36		- /**
37		- * Subject.
38		- *
39		- * @var Name
40		- */
41		- protected $_subject;
42		-
43		- /**
44		- * Public key info.
45		- *
46		- * @var PublicKeyInfo
47		- */
48		- protected $_subjectPKInfo;
49		-
50		- /**
51		- * Attributes.
52		- *
53		- * @var null\|Attributes
54		- */
55		- protected $_attributes;
56		-
57		- /**
58		- * Constructor.
59		- *
60		- * @param Name $subject Subject
61		- * @param PublicKeyInfo $pkinfo Public key info
62		- */
63		- public function __construct(Name $subject, PublicKeyInfo $pkinfo)
64		- {
65		- $this->_version = self::VERSION_1;
66		- $this->_subject = $subject;
67		- $this->_subjectPKInfo = $pkinfo;
68		- }
69		-
70		- /**
71		- * Initialize from ASN.1.
72		- *
73		- * @param Sequence $seq
74		- *
75		- * @throws \UnexpectedValueException
76		- *
77		- * @return self
78		- */
79		- public static function fromASN1(Sequence $seq): self
80		- {
81		- $version = $seq->at(0)->asInteger()->intNumber();
82		- if (self::VERSION_1 !== $version) {
83		- throw new \UnexpectedValueException(
84		- "Version {$version} not supported.");
85		- }
86		- $subject = Name::fromASN1($seq->at(1)->asSequence());
87		- $pkinfo = PublicKeyInfo::fromASN1($seq->at(2)->asSequence());
88		- $obj = new self($subject, $pkinfo);
89		- if ($seq->hasTagged(0)) {
90		- $obj->_attributes = Attributes::fromASN1(
91		- $seq->getTagged(0)->asImplicit(Element::TYPE_SET)->asSet());
92		- }
93		- return $obj;
94		- }
95		-
96		- /**
97		- * Get version.
98		- *
99		- * @return int
100		- */
101		- public function version(): int
102		- {
103		- return $this->_version;
104		- }
105		-
106		- /**
107		- * Get self with subject.
108		- *
109		- * @param Name $subject
110		- *
111		- * @return self
112		- */
113		- public function withSubject(Name $subject): self
114		- {
115		- $obj = clone $this;
116		- $obj->_subject = $subject;
117		- return $obj;
118		- }
119		-
120		- /**
121		- * Get subject.
122		- *
123		- * @return Name
124		- */
125		- public function subject(): Name
126		- {
127		- return $this->_subject;
128		- }
129		-
130		- /**
131		- * Get subject public key info.
132		- *
133		- * @return PublicKeyInfo
134		- */
135		- public function subjectPKInfo(): PublicKeyInfo
136		- {
137		- return $this->_subjectPKInfo;
138		- }
139		-
140		- /**
141		- * Whether certification request info has attributes.
142		- *
143		- * @return bool
144		- */
145		- public function hasAttributes(): bool
146		- {
147		- return isset($this->_attributes);
148		- }
149		-
150		- /**
151		- * Get attributes.
152		- *
153		- * @throws \LogicException If not set
154		- *
155		- * @return Attributes
156		- */
157		- public function attributes(): Attributes
158		- {
159		- if (!$this->hasAttributes()) {
160		- throw new \LogicException('No attributes.');
161		- }
162		- return $this->_attributes;
163		- }
164		-
165		- /**
166		- * Get instance of self with attributes.
167		- *
168		- * @param Attributes $attribs
169		- */
170		- public function withAttributes(Attributes $attribs): self
171		- {
172		- $obj = clone $this;
173		- $obj->_attributes = $attribs;
174		- return $obj;
175		- }
176		-
177		- /**
178		- * Get self with extension request attribute.
179		- *
180		- * @param Extensions $extensions Extensions to request
181		- *
182		- * @return self
183		- */
184		- public function withExtensionRequest(Extensions $extensions): self
185		- {
186		- $obj = clone $this;
187		- if (!isset($obj->_attributes)) {
188		- $obj->_attributes = new Attributes();
189		- }
190		- $obj->_attributes = $obj->_attributes->withUnique(
191		- Attribute::fromAttributeValues(
192		- new ExtensionRequestValue($extensions)));
193		- return $obj;
194		- }
195		-
196		- /**
197		- * Generate ASN.1 structure.
198		- *
199		- * @return Sequence
200		- */
201		- public function toASN1(): Sequence
202		- {
203		- $elements = [new Integer($this->_version),
204		- $this->_subject->toASN1(), $this->_subjectPKInfo->toASN1(), ];
205		- if (isset($this->_attributes)) {
206		- $elements[] = new ImplicitlyTaggedType(0,
207		- $this->_attributes->toASN1());
208		- }
209		- return new Sequence(...$elements);
210		- }
211		-
212		- /**
213		- * Create signed CertificationRequest.
214		- *
215		- * @param SignatureAlgorithmIdentifier $algo Algorithm used for signing
216		- * @param PrivateKeyInfo $privkey_info Private key used for signing
217		- * @param null\|Crypto $crypto Crypto engine, use default if not set
218		- *
219		- * @return CertificationRequest
220		- */
221		- public function sign(SignatureAlgorithmIdentifier $algo,
222		- PrivateKeyInfo $privkey_info, ?Crypto $crypto = null): CertificationRequest
223		- {
224		- $crypto = $crypto ?? Crypto::getDefault();
225		- $data = $this->toASN1()->toDER();
226		- $signature = $crypto->sign($data, $privkey_info, $algo);
227		- return new CertificationRequest($this, $algo, $signature);
228		- }
	27	+ const VERSION_1 = 0;
	28	+
	29	+ /**
	30	+ * Version.
	31	+ *
	32	+ * @var int
	33	+ */
	34	+ protected $_version;
	35	+
	36	+ /**
	37	+ * Subject.
	38	+ *
	39	+ * @var Name
	40	+ */
	41	+ protected $_subject;
	42	+
	43	+ /**
	44	+ * Public key info.
	45	+ *
	46	+ * @var PublicKeyInfo
	47	+ */
	48	+ protected $_subjectPKInfo;
	49	+
	50	+ /**
	51	+ * Attributes.
	52	+ *
	53	+ * @var null\|Attributes
	54	+ */
	55	+ protected $_attributes;
	56	+
	57	+ /**
	58	+ * Constructor.
	59	+ *
	60	+ * @param Name $subject Subject
	61	+ * @param PublicKeyInfo $pkinfo Public key info
	62	+ */
	63	+ public function __construct(Name $subject, PublicKeyInfo $pkinfo)
	64	+ {
	65	+ $this->_version = self::VERSION_1;
	66	+ $this->_subject = $subject;
	67	+ $this->_subjectPKInfo = $pkinfo;
	68	+ }
	69	+
	70	+ /**
	71	+ * Initialize from ASN.1.
	72	+ *
	73	+ * @param Sequence $seq
	74	+ *
	75	+ * @throws \UnexpectedValueException
	76	+ *
	77	+ * @return self
	78	+ */
	79	+ public static function fromASN1(Sequence $seq): self
	80	+ {
	81	+ $version = $seq->at(0)->asInteger()->intNumber();
	82	+ if (self::VERSION_1 !== $version) {
	83	+ throw new \UnexpectedValueException(
	84	+ "Version {$version} not supported.");
	85	+ }
	86	+ $subject = Name::fromASN1($seq->at(1)->asSequence());
	87	+ $pkinfo = PublicKeyInfo::fromASN1($seq->at(2)->asSequence());
	88	+ $obj = new self($subject, $pkinfo);
	89	+ if ($seq->hasTagged(0)) {
	90	+ $obj->_attributes = Attributes::fromASN1(
	91	+ $seq->getTagged(0)->asImplicit(Element::TYPE_SET)->asSet());
	92	+ }
	93	+ return $obj;
	94	+ }
	95	+
	96	+ /**
	97	+ * Get version.
	98	+ *
	99	+ * @return int
	100	+ */
	101	+ public function version(): int
	102	+ {
	103	+ return $this->_version;
	104	+ }
	105	+
	106	+ /**
	107	+ * Get self with subject.
	108	+ *
	109	+ * @param Name $subject
	110	+ *
	111	+ * @return self
	112	+ */
	113	+ public function withSubject(Name $subject): self
	114	+ {
	115	+ $obj = clone $this;
	116	+ $obj->_subject = $subject;
	117	+ return $obj;
	118	+ }
	119	+
	120	+ /**
	121	+ * Get subject.
	122	+ *
	123	+ * @return Name
	124	+ */
	125	+ public function subject(): Name
	126	+ {
	127	+ return $this->_subject;
	128	+ }
	129	+
	130	+ /**
	131	+ * Get subject public key info.
	132	+ *
	133	+ * @return PublicKeyInfo
	134	+ */
	135	+ public function subjectPKInfo(): PublicKeyInfo
	136	+ {
	137	+ return $this->_subjectPKInfo;
	138	+ }
	139	+
	140	+ /**
	141	+ * Whether certification request info has attributes.
	142	+ *
	143	+ * @return bool
	144	+ */
	145	+ public function hasAttributes(): bool
	146	+ {
	147	+ return isset($this->_attributes);
	148	+ }
	149	+
	150	+ /**
	151	+ * Get attributes.
	152	+ *
	153	+ * @throws \LogicException If not set
	154	+ *
	155	+ * @return Attributes
	156	+ */
	157	+ public function attributes(): Attributes
	158	+ {
	159	+ if (!$this->hasAttributes()) {
	160	+ throw new \LogicException('No attributes.');
	161	+ }
	162	+ return $this->_attributes;
	163	+ }
	164	+
	165	+ /**
	166	+ * Get instance of self with attributes.
	167	+ *
	168	+ * @param Attributes $attribs
	169	+ */
	170	+ public function withAttributes(Attributes $attribs): self
	171	+ {
	172	+ $obj = clone $this;
	173	+ $obj->_attributes = $attribs;
	174	+ return $obj;
	175	+ }
	176	+
	177	+ /**
	178	+ * Get self with extension request attribute.
	179	+ *
	180	+ * @param Extensions $extensions Extensions to request
	181	+ *
	182	+ * @return self
	183	+ */
	184	+ public function withExtensionRequest(Extensions $extensions): self
	185	+ {
	186	+ $obj = clone $this;
	187	+ if (!isset($obj->_attributes)) {
	188	+ $obj->_attributes = new Attributes();
	189	+ }
	190	+ $obj->_attributes = $obj->_attributes->withUnique(
	191	+ Attribute::fromAttributeValues(
	192	+ new ExtensionRequestValue($extensions)));
	193	+ return $obj;
	194	+ }
	195	+
	196	+ /**
	197	+ * Generate ASN.1 structure.
	198	+ *
	199	+ * @return Sequence
	200	+ */
	201	+ public function toASN1(): Sequence
	202	+ {
	203	+ $elements = [new Integer($this->_version),
	204	+ $this->_subject->toASN1(), $this->_subjectPKInfo->toASN1(), ];
	205	+ if (isset($this->_attributes)) {
	206	+ $elements[] = new ImplicitlyTaggedType(0,
	207	+ $this->_attributes->toASN1());
	208	+ }
	209	+ return new Sequence(...$elements);
	210	+ }
	211	+
	212	+ /**
	213	+ * Create signed CertificationRequest.
	214	+ *
	215	+ * @param SignatureAlgorithmIdentifier $algo Algorithm used for signing
	216	+ * @param PrivateKeyInfo $privkey_info Private key used for signing
	217	+ * @param null\|Crypto $crypto Crypto engine, use default if not set
	218	+ *
	219	+ * @return CertificationRequest
	220	+ */
	221	+ public function sign(SignatureAlgorithmIdentifier $algo,
	222	+ PrivateKeyInfo $privkey_info, ?Crypto $crypto = null): CertificationRequest
	223	+ {
	224	+ $crypto = $crypto ?? Crypto::getDefault();
	225	+ $data = $this->toASN1()->toDER();
	226	+ $signature = $crypto->sign($data, $privkey_info, $algo);
	227	+ return new CertificationRequest($this, $algo, $signature);
	228	+ }
229	229	}

		@@ -16,267 +16,267 @@
		block discarded – undo
16	16	*/
17	17	class PolicyNode implements \IteratorAggregate, \Countable
18	18	{
19		- /**
20		- * Policy OID.
21		- *
22		- * @var string
23		- */
24		- protected $_validPolicy;
	19	+ /**
	20	+ * Policy OID.
	21	+ *
	22	+ * @var string
	23	+ */
	24	+ protected $_validPolicy;
25	25
26		- /**
27		- * List of qualifiers.
28		- *
29		- * @var PolicyQualifierInfo[]
30		- */
31		- protected $_qualifiers;
	26	+ /**
	27	+ * List of qualifiers.
	28	+ *
	29	+ * @var PolicyQualifierInfo[]
	30	+ */
	31	+ protected $_qualifiers;
32	32
33		- /**
34		- * List of expected policy OIDs.
35		- *
36		- * @var string[]
37		- */
38		- protected $_expectedPolicies;
	33	+ /**
	34	+ * List of expected policy OIDs.
	35	+ *
	36	+ * @var string[]
	37	+ */
	38	+ protected $_expectedPolicies;
39	39
40		- /**
41		- * List of child nodes.
42		- *
43		- * @var PolicyNode[]
44		- */
45		- protected $_children;
	40	+ /**
	41	+ * List of child nodes.
	42	+ *
	43	+ * @var PolicyNode[]
	44	+ */
	45	+ protected $_children;
46	46
47		- /**
48		- * Reference to the parent node.
49		- *
50		- * @var null\|PolicyNode
51		- */
52		- protected $_parent;
	47	+ /**
	48	+ * Reference to the parent node.
	49	+ *
	50	+ * @var null\|PolicyNode
	51	+ */
	52	+ protected $_parent;
53	53
54		- /**
55		- * Constructor.
56		- *
57		- * @param string $valid_policy Policy OID
58		- * @param PolicyQualifierInfo[] $qualifiers
59		- * @param string[] $expected_policies
60		- */
61		- public function __construct(string $valid_policy, array $qualifiers,
62		- array $expected_policies)
63		- {
64		- $this->_validPolicy = $valid_policy;
65		- $this->_qualifiers = $qualifiers;
66		- $this->_expectedPolicies = $expected_policies;
67		- $this->_children = [];
68		- }
	54	+ /**
	55	+ * Constructor.
	56	+ *
	57	+ * @param string $valid_policy Policy OID
	58	+ * @param PolicyQualifierInfo[] $qualifiers
	59	+ * @param string[] $expected_policies
	60	+ */
	61	+ public function __construct(string $valid_policy, array $qualifiers,
	62	+ array $expected_policies)
	63	+ {
	64	+ $this->_validPolicy = $valid_policy;
	65	+ $this->_qualifiers = $qualifiers;
	66	+ $this->_expectedPolicies = $expected_policies;
	67	+ $this->_children = [];
	68	+ }
69	69
70		- /**
71		- * Create initial node for the policy tree.
72		- *
73		- * @return self
74		- */
75		- public static function anyPolicyNode(): self
76		- {
77		- return new self(PolicyInformation::OID_ANY_POLICY, [],
78		- [PolicyInformation::OID_ANY_POLICY]);
79		- }
	70	+ /**
	71	+ * Create initial node for the policy tree.
	72	+ *
	73	+ * @return self
	74	+ */
	75	+ public static function anyPolicyNode(): self
	76	+ {
	77	+ return new self(PolicyInformation::OID_ANY_POLICY, [],
	78	+ [PolicyInformation::OID_ANY_POLICY]);
	79	+ }
80	80
81		- /**
82		- * Get the valid policy OID.
83		- *
84		- * @return string
85		- */
86		- public function validPolicy(): string
87		- {
88		- return $this->_validPolicy;
89		- }
	81	+ /**
	82	+ * Get the valid policy OID.
	83	+ *
	84	+ * @return string
	85	+ */
	86	+ public function validPolicy(): string
	87	+ {
	88	+ return $this->_validPolicy;
	89	+ }
90	90
91		- /**
92		- * Check whether node has anyPolicy as a valid policy.
93		- *
94		- * @return bool
95		- */
96		- public function isAnyPolicy(): bool
97		- {
98		- return PolicyInformation::OID_ANY_POLICY === $this->_validPolicy;
99		- }
	91	+ /**
	92	+ * Check whether node has anyPolicy as a valid policy.
	93	+ *
	94	+ * @return bool
	95	+ */
	96	+ public function isAnyPolicy(): bool
	97	+ {
	98	+ return PolicyInformation::OID_ANY_POLICY === $this->_validPolicy;
	99	+ }
100	100
101		- /**
102		- * Get the qualifier set.
103		- *
104		- * @return PolicyQualifierInfo[]
105		- */
106		- public function qualifiers(): array
107		- {
108		- return $this->_qualifiers;
109		- }
	101	+ /**
	102	+ * Get the qualifier set.
	103	+ *
	104	+ * @return PolicyQualifierInfo[]
	105	+ */
	106	+ public function qualifiers(): array
	107	+ {
	108	+ return $this->_qualifiers;
	109	+ }
110	110
111		- /**
112		- * Check whether node has OID as an expected policy.
113		- *
114		- * @param string $oid
115		- *
116		- * @return bool
117		- */
118		- public function hasExpectedPolicy(string $oid): bool
119		- {
120		- return in_array($oid, $this->_expectedPolicies);
121		- }
	111	+ /**
	112	+ * Check whether node has OID as an expected policy.
	113	+ *
	114	+ * @param string $oid
	115	+ *
	116	+ * @return bool
	117	+ */
	118	+ public function hasExpectedPolicy(string $oid): bool
	119	+ {
	120	+ return in_array($oid, $this->_expectedPolicies);
	121	+ }
122	122
123		- /**
124		- * Get the expected policy set.
125		- *
126		- * @return string[]
127		- */
128		- public function expectedPolicies(): array
129		- {
130		- return $this->_expectedPolicies;
131		- }
	123	+ /**
	124	+ * Get the expected policy set.
	125	+ *
	126	+ * @return string[]
	127	+ */
	128	+ public function expectedPolicies(): array
	129	+ {
	130	+ return $this->_expectedPolicies;
	131	+ }
132	132
133		- /**
134		- * Set expected policies.
135		- *
136		- * @param string ...$oids Policy OIDs
137		- */
138		- public function setExpectedPolicies(string ...$oids): void
139		- {
140		- $this->_expectedPolicies = $oids;
141		- }
	133	+ /**
	134	+ * Set expected policies.
	135	+ *
	136	+ * @param string ...$oids Policy OIDs
	137	+ */
	138	+ public function setExpectedPolicies(string ...$oids): void
	139	+ {
	140	+ $this->_expectedPolicies = $oids;
	141	+ }
142	142
143		- /**
144		- * Check whether node has a child node with given valid policy OID.
145		- *
146		- * @param string $oid
147		- *
148		- * @return bool
149		- */
150		- public function hasChildWithValidPolicy(string $oid): bool
151		- {
152		- foreach ($this->_children as $node) {
153		- if ($node->validPolicy() === $oid) {
154		- return true;
155		- }
156		- }
157		- return false;
158		- }
	143	+ /**
	144	+ * Check whether node has a child node with given valid policy OID.
	145	+ *
	146	+ * @param string $oid
	147	+ *
	148	+ * @return bool
	149	+ */
	150	+ public function hasChildWithValidPolicy(string $oid): bool
	151	+ {
	152	+ foreach ($this->_children as $node) {
	153	+ if ($node->validPolicy() === $oid) {
	154	+ return true;
	155	+ }
	156	+ }
	157	+ return false;
	158	+ }
159	159
160		- /**
161		- * Add child node.
162		- *
163		- * @param PolicyNode $node
164		- *
165		- * @return self
166		- */
167		- public function addChild(PolicyNode $node): self
168		- {
169		- $id = spl_object_hash($node);
170		- $node->_parent = $this;
171		- $this->_children[$id] = $node;
172		- return $this;
173		- }
	160	+ /**
	161	+ * Add child node.
	162	+ *
	163	+ * @param PolicyNode $node
	164	+ *
	165	+ * @return self
	166	+ */
	167	+ public function addChild(PolicyNode $node): self
	168	+ {
	169	+ $id = spl_object_hash($node);
	170	+ $node->_parent = $this;
	171	+ $this->_children[$id] = $node;
	172	+ return $this;
	173	+ }
174	174
175		- /**
176		- * Get the child nodes.
177		- *
178		- * @return PolicyNode[]
179		- */
180		- public function children(): array
181		- {
182		- return array_values($this->_children);
183		- }
	175	+ /**
	176	+ * Get the child nodes.
	177	+ *
	178	+ * @return PolicyNode[]
	179	+ */
	180	+ public function children(): array
	181	+ {
	182	+ return array_values($this->_children);
	183	+ }
184	184
185		- /**
186		- * Remove this node from the tree.
187		- *
188		- * @return self The removed node
189		- */
190		- public function remove(): self
191		- {
192		- if ($this->_parent) {
193		- $id = spl_object_hash($this);
194		- unset($this->_parent->_children[$id], $this->_parent);
195		- }
196		- return $this;
197		- }
	185	+ /**
	186	+ * Remove this node from the tree.
	187	+ *
	188	+ * @return self The removed node
	189	+ */
	190	+ public function remove(): self
	191	+ {
	192	+ if ($this->_parent) {
	193	+ $id = spl_object_hash($this);
	194	+ unset($this->_parent->_children[$id], $this->_parent);
	195	+ }
	196	+ return $this;
	197	+ }
198	198
199		- /**
200		- * Check whether node has a parent.
201		- *
202		- * @return bool
203		- */
204		- public function hasParent(): bool
205		- {
206		- return isset($this->_parent);
207		- }
	199	+ /**
	200	+ * Check whether node has a parent.
	201	+ *
	202	+ * @return bool
	203	+ */
	204	+ public function hasParent(): bool
	205	+ {
	206	+ return isset($this->_parent);
	207	+ }
208	208
209		- /**
210		- * Get the parent node.
211		- *
212		- * @return null\|PolicyNode
213		- */
214		- public function parent(): ?PolicyNode
215		- {
216		- return $this->_parent;
217		- }
	209	+ /**
	210	+ * Get the parent node.
	211	+ *
	212	+ * @return null\|PolicyNode
	213	+ */
	214	+ public function parent(): ?PolicyNode
	215	+ {
	216	+ return $this->_parent;
	217	+ }
218	218
219		- /**
220		- * Get chain of parent nodes from this node's parent to the root node.
221		- *
222		- * @return PolicyNode[]
223		- */
224		- public function parents(): array
225		- {
226		- if (!$this->_parent) {
227		- return [];
228		- }
229		- $nodes = $this->_parent->parents();
230		- $nodes[] = $this->_parent;
231		- return array_reverse($nodes);
232		- }
	219	+ /**
	220	+ * Get chain of parent nodes from this node's parent to the root node.
	221	+ *
	222	+ * @return PolicyNode[]
	223	+ */
	224	+ public function parents(): array
	225	+ {
	226	+ if (!$this->_parent) {
	227	+ return [];
	228	+ }
	229	+ $nodes = $this->_parent->parents();
	230	+ $nodes[] = $this->_parent;
	231	+ return array_reverse($nodes);
	232	+ }
233	233
234		- /**
235		- * Walk tree from this node, applying a callback for each node.
236		- *
237		- * Nodes are traversed depth-first and callback shall be applied post-order.
238		- *
239		- * @param callable $fn
240		- */
241		- public function walkNodes(callable $fn): void
242		- {
243		- foreach ($this->_children as $node) {
244		- $node->walkNodes($fn);
245		- }
246		- $fn($this);
247		- }
	234	+ /**
	235	+ * Walk tree from this node, applying a callback for each node.
	236	+ *
	237	+ * Nodes are traversed depth-first and callback shall be applied post-order.
	238	+ *
	239	+ * @param callable $fn
	240	+ */
	241	+ public function walkNodes(callable $fn): void
	242	+ {
	243	+ foreach ($this->_children as $node) {
	244	+ $node->walkNodes($fn);
	245	+ }
	246	+ $fn($this);
	247	+ }
248	248
249		- /**
250		- * Get the total number of nodes in a tree.
251		- *
252		- * @return int
253		- */
254		- public function nodeCount(): int
255		- {
256		- $c = 1;
257		- foreach ($this->_children as $child) {
258		- $c += $child->nodeCount();
259		- }
260		- return $c;
261		- }
	249	+ /**
	250	+ * Get the total number of nodes in a tree.
	251	+ *
	252	+ * @return int
	253	+ */
	254	+ public function nodeCount(): int
	255	+ {
	256	+ $c = 1;
	257	+ foreach ($this->_children as $child) {
	258	+ $c += $child->nodeCount();
	259	+ }
	260	+ return $c;
	261	+ }
262	262
263		- /**
264		- * Get the number of child nodes.
265		- *
266		- * @see \Countable::count()
267		- */
268		- public function count(): int
269		- {
270		- return count($this->_children);
271		- }
	263	+ /**
	264	+ * Get the number of child nodes.
	265	+ *
	266	+ * @see \Countable::count()
	267	+ */
	268	+ public function count(): int
	269	+ {
	270	+ return count($this->_children);
	271	+ }
272	272
273		- /**
274		- * Get iterator for the child nodes.
275		- *
276		- * @see \IteratorAggregate::getIterator()
277		- */
278		- public function getIterator(): \ArrayIterator
279		- {
280		- return new \ArrayIterator($this->_children);
281		- }
	273	+ /**
	274	+ * Get iterator for the child nodes.
	275	+ *
	276	+ * @see \IteratorAggregate::getIterator()
	277	+ */
	278	+ public function getIterator(): \ArrayIterator
	279	+ {
	280	+ return new \ArrayIterator($this->_children);
	281	+ }
282	282	}

		@@ -20,242 +20,242 @@
		block discarded – undo
20	20	*/
21	21	class Certificate
22	22	{
23		- /**
24		- * "To be signed" certificate information.
25		- *
26		- * @var TBSCertificate
27		- */
28		- protected $_tbsCertificate;
	23	+ /**
	24	+ * "To be signed" certificate information.
	25	+ *
	26	+ * @var TBSCertificate
	27	+ */
	28	+ protected $_tbsCertificate;
29	29
30		- /**
31		- * Signature algorithm.
32		- *
33		- * @var SignatureAlgorithmIdentifier
34		- */
35		- protected $_signatureAlgorithm;
	30	+ /**
	31	+ * Signature algorithm.
	32	+ *
	33	+ * @var SignatureAlgorithmIdentifier
	34	+ */
	35	+ protected $_signatureAlgorithm;
36	36
37		- /**
38		- * Signature value.
39		- *
40		- * @var Signature
41		- */
42		- protected $_signatureValue;
	37	+ /**
	38	+ * Signature value.
	39	+ *
	40	+ * @var Signature
	41	+ */
	42	+ protected $_signatureValue;
43	43
44		- /**
45		- * Constructor.
46		- *
47		- * @param TBSCertificate $tbsCert
48		- * @param SignatureAlgorithmIdentifier $algo
49		- * @param Signature $signature
50		- */
51		- public function __construct(TBSCertificate $tbsCert,
52		- SignatureAlgorithmIdentifier $algo, Signature $signature)
53		- {
54		- $this->_tbsCertificate = $tbsCert;
55		- $this->_signatureAlgorithm = $algo;
56		- $this->_signatureValue = $signature;
57		- }
	44	+ /**
	45	+ * Constructor.
	46	+ *
	47	+ * @param TBSCertificate $tbsCert
	48	+ * @param SignatureAlgorithmIdentifier $algo
	49	+ * @param Signature $signature
	50	+ */
	51	+ public function __construct(TBSCertificate $tbsCert,
	52	+ SignatureAlgorithmIdentifier $algo, Signature $signature)
	53	+ {
	54	+ $this->_tbsCertificate = $tbsCert;
	55	+ $this->_signatureAlgorithm = $algo;
	56	+ $this->_signatureValue = $signature;
	57	+ }
58	58
59		- /**
60		- * Get certificate as a PEM formatted string.
61		- *
62		- * @return string
63		- */
64		- public function __toString(): string
65		- {
66		- return $this->toPEM()->string();
67		- }
	59	+ /**
	60	+ * Get certificate as a PEM formatted string.
	61	+ *
	62	+ * @return string
	63	+ */
	64	+ public function __toString(): string
	65	+ {
	66	+ return $this->toPEM()->string();
	67	+ }
68	68
69		- /**
70		- * Initialize from ASN.1.
71		- *
72		- * @param Sequence $seq
73		- *
74		- * @return self
75		- */
76		- public static function fromASN1(Sequence $seq): self
77		- {
78		- $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
79		- $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
80		- if (!$algo instanceof SignatureAlgorithmIdentifier) {
81		- throw new \UnexpectedValueException(
82		- 'Unsupported signature algorithm ' . $algo->oid() . '.');
83		- }
84		- $signature = Signature::fromSignatureData(
85		- $seq->at(2)->asBitString()->string(), $algo);
86		- return new self($tbsCert, $algo, $signature);
87		- }
	69	+ /**
	70	+ * Initialize from ASN.1.
	71	+ *
	72	+ * @param Sequence $seq
	73	+ *
	74	+ * @return self
	75	+ */
	76	+ public static function fromASN1(Sequence $seq): self
	77	+ {
	78	+ $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
	79	+ $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
	80	+ if (!$algo instanceof SignatureAlgorithmIdentifier) {
	81	+ throw new \UnexpectedValueException(
	82	+ 'Unsupported signature algorithm ' . $algo->oid() . '.');
	83	+ }
	84	+ $signature = Signature::fromSignatureData(
	85	+ $seq->at(2)->asBitString()->string(), $algo);
	86	+ return new self($tbsCert, $algo, $signature);
	87	+ }
88	88
89		- /**
90		- * Initialize from DER.
91		- *
92		- * @param string $data
93		- *
94		- * @return self
95		- */
96		- public static function fromDER(string $data): self
97		- {
98		- return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence());
99		- }
	89	+ /**
	90	+ * Initialize from DER.
	91	+ *
	92	+ * @param string $data
	93	+ *
	94	+ * @return self
	95	+ */
	96	+ public static function fromDER(string $data): self
	97	+ {
	98	+ return self::fromASN1(UnspecifiedType::fromDER($data)->asSequence());
	99	+ }
100	100
101		- /**
102		- * Initialize from PEM.
103		- *
104		- * @param PEM $pem
105		- *
106		- * @throws \UnexpectedValueException
107		- *
108		- * @return self
109		- */
110		- public static function fromPEM(PEM $pem): self
111		- {
112		- if (PEM::TYPE_CERTIFICATE !== $pem->type()) {
113		- throw new \UnexpectedValueException('Invalid PEM type.');
114		- }
115		- return self::fromDER($pem->data());
116		- }
	101	+ /**
	102	+ * Initialize from PEM.
	103	+ *
	104	+ * @param PEM $pem
	105	+ *
	106	+ * @throws \UnexpectedValueException
	107	+ *
	108	+ * @return self
	109	+ */
	110	+ public static function fromPEM(PEM $pem): self
	111	+ {
	112	+ if (PEM::TYPE_CERTIFICATE !== $pem->type()) {
	113	+ throw new \UnexpectedValueException('Invalid PEM type.');
	114	+ }
	115	+ return self::fromDER($pem->data());
	116	+ }
117	117
118		- /**
119		- * Get certificate information.
120		- *
121		- * @return TBSCertificate
122		- */
123		- public function tbsCertificate(): TBSCertificate
124		- {
125		- return $this->_tbsCertificate;
126		- }
	118	+ /**
	119	+ * Get certificate information.
	120	+ *
	121	+ * @return TBSCertificate
	122	+ */
	123	+ public function tbsCertificate(): TBSCertificate
	124	+ {
	125	+ return $this->_tbsCertificate;
	126	+ }
127	127
128		- /**
129		- * Get signature algorithm.
130		- *
131		- * @return SignatureAlgorithmIdentifier
132		- */
133		- public function signatureAlgorithm(): SignatureAlgorithmIdentifier
134		- {
135		- return $this->_signatureAlgorithm;
136		- }
	128	+ /**
	129	+ * Get signature algorithm.
	130	+ *
	131	+ * @return SignatureAlgorithmIdentifier
	132	+ */
	133	+ public function signatureAlgorithm(): SignatureAlgorithmIdentifier
	134	+ {
	135	+ return $this->_signatureAlgorithm;
	136	+ }
137	137
138		- /**
139		- * Get signature value.
140		- *
141		- * @return Signature
142		- */
143		- public function signatureValue(): Signature
144		- {
145		- return $this->_signatureValue;
146		- }
	138	+ /**
	139	+ * Get signature value.
	140	+ *
	141	+ * @return Signature
	142	+ */
	143	+ public function signatureValue(): Signature
	144	+ {
	145	+ return $this->_signatureValue;
	146	+ }
147	147
148		- /**
149		- * Check whether certificate is self-issued.
150		- *
151		- * @return bool
152		- */
153		- public function isSelfIssued(): bool
154		- {
155		- return $this->_tbsCertificate->subject()->equals(
156		- $this->_tbsCertificate->issuer());
157		- }
	148	+ /**
	149	+ * Check whether certificate is self-issued.
	150	+ *
	151	+ * @return bool
	152	+ */
	153	+ public function isSelfIssued(): bool
	154	+ {
	155	+ return $this->_tbsCertificate->subject()->equals(
	156	+ $this->_tbsCertificate->issuer());
	157	+ }
158	158
159		- /**
160		- * Check whether certificate is semantically equal to another.
161		- *
162		- * @param Certificate $cert Certificate to compare to
163		- *
164		- * @return bool
165		- */
166		- public function equals(Certificate $cert): bool
167		- {
168		- return $this->_hasEqualSerialNumber($cert) &&
169		- $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
170		- }
	159	+ /**
	160	+ * Check whether certificate is semantically equal to another.
	161	+ *
	162	+ * @param Certificate $cert Certificate to compare to
	163	+ *
	164	+ * @return bool
	165	+ */
	166	+ public function equals(Certificate $cert): bool
	167	+ {
	168	+ return $this->_hasEqualSerialNumber($cert) &&
	169	+ $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
	170	+ }
171	171
172		- /**
173		- * Generate ASN.1 structure.
174		- *
175		- * @return Sequence
176		- */
177		- public function toASN1(): Sequence
178		- {
179		- return new Sequence($this->_tbsCertificate->toASN1(),
180		- $this->_signatureAlgorithm->toASN1(),
181		- $this->_signatureValue->bitString());
182		- }
	172	+ /**
	173	+ * Generate ASN.1 structure.
	174	+ *
	175	+ * @return Sequence
	176	+ */
	177	+ public function toASN1(): Sequence
	178	+ {
	179	+ return new Sequence($this->_tbsCertificate->toASN1(),
	180	+ $this->_signatureAlgorithm->toASN1(),
	181	+ $this->_signatureValue->bitString());
	182	+ }
183	183
184		- /**
185		- * Get certificate as a DER.
186		- *
187		- * @return string
188		- */
189		- public function toDER(): string
190		- {
191		- return $this->toASN1()->toDER();
192		- }
	184	+ /**
	185	+ * Get certificate as a DER.
	186	+ *
	187	+ * @return string
	188	+ */
	189	+ public function toDER(): string
	190	+ {
	191	+ return $this->toASN1()->toDER();
	192	+ }
193	193
194		- /**
195		- * Get certificate as a PEM.
196		- *
197		- * @return PEM
198		- */
199		- public function toPEM(): PEM
200		- {
201		- return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
202		- }
	194	+ /**
	195	+ * Get certificate as a PEM.
	196	+ *
	197	+ * @return PEM
	198	+ */
	199	+ public function toPEM(): PEM
	200	+ {
	201	+ return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
	202	+ }
203	203
204		- /**
205		- * Verify certificate signature.
206		- *
207		- * @param PublicKeyInfo $pubkey_info Issuer's public key
208		- * @param null\|Crypto $crypto Crypto engine, use default if not set
209		- *
210		- * @return bool True if certificate signature is valid
211		- */
212		- public function verify(PublicKeyInfo $pubkey_info, ?Crypto $crypto = null): bool
213		- {
214		- $crypto = $crypto ?? Crypto::getDefault();
215		- $data = $this->_tbsCertificate->toASN1()->toDER();
216		- return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
217		- $this->_signatureAlgorithm);
218		- }
	204	+ /**
	205	+ * Verify certificate signature.
	206	+ *
	207	+ * @param PublicKeyInfo $pubkey_info Issuer's public key
	208	+ * @param null\|Crypto $crypto Crypto engine, use default if not set
	209	+ *
	210	+ * @return bool True if certificate signature is valid
	211	+ */
	212	+ public function verify(PublicKeyInfo $pubkey_info, ?Crypto $crypto = null): bool
	213	+ {
	214	+ $crypto = $crypto ?? Crypto::getDefault();
	215	+ $data = $this->_tbsCertificate->toASN1()->toDER();
	216	+ return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
	217	+ $this->_signatureAlgorithm);
	218	+ }
219	219
220		- /**
221		- * Check whether certificate has serial number equal to another.
222		- *
223		- * @param Certificate $cert
224		- *
225		- * @return bool
226		- */
227		- private function _hasEqualSerialNumber(Certificate $cert): bool
228		- {
229		- $sn1 = $this->_tbsCertificate->serialNumber();
230		- $sn2 = $cert->_tbsCertificate->serialNumber();
231		- return $sn1 === $sn2;
232		- }
	220	+ /**
	221	+ * Check whether certificate has serial number equal to another.
	222	+ *
	223	+ * @param Certificate $cert
	224	+ *
	225	+ * @return bool
	226	+ */
	227	+ private function _hasEqualSerialNumber(Certificate $cert): bool
	228	+ {
	229	+ $sn1 = $this->_tbsCertificate->serialNumber();
	230	+ $sn2 = $cert->_tbsCertificate->serialNumber();
	231	+ return $sn1 === $sn2;
	232	+ }
233	233
234		- /**
235		- * Check whether certificate has public key equal to another.
236		- *
237		- * @param Certificate $cert
238		- *
239		- * @return bool
240		- */
241		- private function _hasEqualPublicKey(Certificate $cert): bool
242		- {
243		- $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
244		- $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
245		- return $kid1 === $kid2;
246		- }
	234	+ /**
	235	+ * Check whether certificate has public key equal to another.
	236	+ *
	237	+ * @param Certificate $cert
	238	+ *
	239	+ * @return bool
	240	+ */
	241	+ private function _hasEqualPublicKey(Certificate $cert): bool
	242	+ {
	243	+ $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
	244	+ $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
	245	+ return $kid1 === $kid2;
	246	+ }
247	247
248		- /**
249		- * Check whether certificate has subject equal to another.
250		- *
251		- * @param Certificate $cert
252		- *
253		- * @return bool
254		- */
255		- private function _hasEqualSubject(Certificate $cert): bool
256		- {
257		- $dn1 = $this->_tbsCertificate->subject();
258		- $dn2 = $cert->_tbsCertificate->subject();
259		- return $dn1->equals($dn2);
260		- }
	248	+ /**
	249	+ * Check whether certificate has subject equal to another.
	250	+ *
	251	+ * @param Certificate $cert
	252	+ *
	253	+ * @return bool
	254	+ */
	255	+ private function _hasEqualSubject(Certificate $cert): bool
	256	+ {
	257	+ $dn1 = $this->_tbsCertificate->subject();
	258	+ $dn2 = $cert->_tbsCertificate->subject();
	259	+ return $dn1->equals($dn2);
	260	+ }
261	261	}

		@@ -17,108 +17,108 @@
		block discarded – undo
17	17	*/
18	18	class Time
19	19	{
20		- use DateTimeHelper;
	20	+ use DateTimeHelper;
21	21
22		- /**
23		- * Datetime.
24		- *
25		- * @var \DateTimeImmutable
26		- */
27		- protected $_dt;
	22	+ /**
	23	+ * Datetime.
	24	+ *
	25	+ * @var \DateTimeImmutable
	26	+ */
	27	+ protected $_dt;
28	28
29		- /**
30		- * Time ASN.1 type tag.
31		- *
32		- * @var int
33		- */
34		- protected $_type;
	29	+ /**
	30	+ * Time ASN.1 type tag.
	31	+ *
	32	+ * @var int
	33	+ */
	34	+ protected $_type;
35	35
36		- /**
37		- * Constructor.
38		- *
39		- * @param \DateTimeImmutable $dt
40		- */
41		- public function __construct(\DateTimeImmutable $dt)
42		- {
43		- $this->_dt = $dt;
44		- $this->_type = self::_determineType($dt);
45		- }
	36	+ /**
	37	+ * Constructor.
	38	+ *
	39	+ * @param \DateTimeImmutable $dt
	40	+ */
	41	+ public function __construct(\DateTimeImmutable $dt)
	42	+ {
	43	+ $this->_dt = $dt;
	44	+ $this->_type = self::_determineType($dt);
	45	+ }
46	46
47		- /**
48		- * Initialize from ASN.1.
49		- *
50		- * @param TimeType $el
51		- *
52		- * @return self
53		- */
54		- public static function fromASN1(TimeType $el): self
55		- {
56		- $obj = new self($el->dateTime());
57		- $obj->_type = $el->tag();
58		- return $obj;
59		- }
	47	+ /**
	48	+ * Initialize from ASN.1.
	49	+ *
	50	+ * @param TimeType $el
	51	+ *
	52	+ * @return self
	53	+ */
	54	+ public static function fromASN1(TimeType $el): self
	55	+ {
	56	+ $obj = new self($el->dateTime());
	57	+ $obj->_type = $el->tag();
	58	+ return $obj;
	59	+ }
60	60
61		- /**
62		- * Initialize from date string.
63		- *
64		- * @param null\|string $time
65		- * @param null\|string $tz
66		- *
67		- * @return self
68		- */
69		- public static function fromString(?string $time, ?string $tz = null): self
70		- {
71		- return new self(self::_createDateTime($time, $tz));
72		- }
	61	+ /**
	62	+ * Initialize from date string.
	63	+ *
	64	+ * @param null\|string $time
	65	+ * @param null\|string $tz
	66	+ *
	67	+ * @return self
	68	+ */
	69	+ public static function fromString(?string $time, ?string $tz = null): self
	70	+ {
	71	+ return new self(self::_createDateTime($time, $tz));
	72	+ }
73	73
74		- /**
75		- * Get datetime.
76		- *
77		- * @return \DateTimeImmutable
78		- */
79		- public function dateTime(): \DateTimeImmutable
80		- {
81		- return $this->_dt;
82		- }
	74	+ /**
	75	+ * Get datetime.
	76	+ *
	77	+ * @return \DateTimeImmutable
	78	+ */
	79	+ public function dateTime(): \DateTimeImmutable
	80	+ {
	81	+ return $this->_dt;
	82	+ }
83	83
84		- /**
85		- * Generate ASN.1.
86		- *
87		- * @throws \UnexpectedValueException
88		- *
89		- * @return TimeType
90		- */
91		- public function toASN1(): TimeType
92		- {
93		- $dt = $this->_dt;
94		- switch ($this->_type) {
95		- case Element::TYPE_UTC_TIME:
96		- return new UTCTime($dt);
97		- case Element::TYPE_GENERALIZED_TIME:
98		- // GeneralizedTime must not contain fractional seconds
99		- // (rfc5280 4.1.2.5.2)
100		- if (0 !== intval($dt->format('u'))) {
101		- // remove fractional seconds (round down)
102		- $dt = self::_roundDownFractionalSeconds($dt);
103		- }
104		- return new GeneralizedTime($dt);
105		- }
106		- throw new \UnexpectedValueException(
107		- 'Time type ' . Element::tagToName($this->_type) . ' not supported.');
108		- }
	84	+ /**
	85	+ * Generate ASN.1.
	86	+ *
	87	+ * @throws \UnexpectedValueException
	88	+ *
	89	+ * @return TimeType
	90	+ */
	91	+ public function toASN1(): TimeType
	92	+ {
	93	+ $dt = $this->_dt;
	94	+ switch ($this->_type) {
	95	+ case Element::TYPE_UTC_TIME:
	96	+ return new UTCTime($dt);
	97	+ case Element::TYPE_GENERALIZED_TIME:
	98	+ // GeneralizedTime must not contain fractional seconds
	99	+ // (rfc5280 4.1.2.5.2)
	100	+ if (0 !== intval($dt->format('u'))) {
	101	+ // remove fractional seconds (round down)
	102	+ $dt = self::_roundDownFractionalSeconds($dt);
	103	+ }
	104	+ return new GeneralizedTime($dt);
	105	+ }
	106	+ throw new \UnexpectedValueException(
	107	+ 'Time type ' . Element::tagToName($this->_type) . ' not supported.');
	108	+ }
109	109
110		- /**
111		- * Determine whether to use UTCTime or GeneralizedTime ASN.1 type.
112		- *
113		- * @param \DateTimeImmutable $dt
114		- *
115		- * @return int Type tag
116		- */
117		- protected static function _determineType(\DateTimeImmutable $dt): int
118		- {
119		- if ($dt->format('Y') >= 2050) {
120		- return Element::TYPE_GENERALIZED_TIME;
121		- }
122		- return Element::TYPE_UTC_TIME;
123		- }
	110	+ /**
	111	+ * Determine whether to use UTCTime or GeneralizedTime ASN.1 type.
	112	+ *
	113	+ * @param \DateTimeImmutable $dt
	114	+ *
	115	+ * @return int Type tag
	116	+ */
	117	+ protected static function _determineType(\DateTimeImmutable $dt): int
	118	+ {
	119	+ if ($dt->format('Y') >= 2050) {
	120	+ return Element::TYPE_GENERALIZED_TIME;
	121	+ }
	122	+ return Element::TYPE_UTC_TIME;
	123	+ }
124	124	}

		@@ -92,16 +92,16 @@
		block discarded – undo
92	92	{
93	93	$dt = $this->_dt;
94	94	switch ($this->_type) {
95		- case Element::TYPE_UTC_TIME:
96		- return new UTCTime($dt);
97		- case Element::TYPE_GENERALIZED_TIME:
98		- // GeneralizedTime must not contain fractional seconds
99		- // (rfc5280 4.1.2.5.2)
100		- if (0 !== intval($dt->format('u'))) {
101		- // remove fractional seconds (round down)
102		- $dt = self::_roundDownFractionalSeconds($dt);
103		- }
104		- return new GeneralizedTime($dt);
	95	+ case Element::TYPE_UTC_TIME:
	96	+ return new UTCTime($dt);
	97	+ case Element::TYPE_GENERALIZED_TIME:
	98	+ // GeneralizedTime must not contain fractional seconds
	99	+ // (rfc5280 4.1.2.5.2)
	100	+ if (0 !== intval($dt->format('u'))) {
	101	+ // remove fractional seconds (round down)
	102	+ $dt = self::_roundDownFractionalSeconds($dt);
	103	+ }
	104	+ return new GeneralizedTime($dt);
105	105	}
106	106	throw new \UnexpectedValueException(
107	107	'Time type ' . Element::tagToName($this->_type) . ' not supported.');

		@@ -14,135 +14,135 @@
		block discarded – undo
14	14	*/
15	15	class Targets implements \Countable, \IteratorAggregate
16	16	{
17		- /**
18		- * Target elements.
19		- *
20		- * @var Target[]
21		- */
22		- protected $_targets;
	17	+ /**
	18	+ * Target elements.
	19	+ *
	20	+ * @var Target[]
	21	+ */
	22	+ protected $_targets;
23	23
24		- /**
25		- * Constructor.
26		- *
27		- * @param Target ...$targets
28		- */
29		- public function __construct(Target ...$targets)
30		- {
31		- $this->_targets = $targets;
32		- }
	24	+ /**
	25	+ * Constructor.
	26	+ *
	27	+ * @param Target ...$targets
	28	+ */
	29	+ public function __construct(Target ...$targets)
	30	+ {
	31	+ $this->_targets = $targets;
	32	+ }
33	33
34		- /**
35		- * Initialize from ASN.1.
36		- *
37		- * @param Sequence $seq
38		- *
39		- * @return self
40		- */
41		- public static function fromASN1(Sequence $seq): self
42		- {
43		- $targets = array_map(
44		- function (UnspecifiedType $el) {
45		- return Target::fromASN1($el->asTagged());
46		- }, $seq->elements());
47		- return new self(...$targets);
48		- }
	34	+ /**
	35	+ * Initialize from ASN.1.
	36	+ *
	37	+ * @param Sequence $seq
	38	+ *
	39	+ * @return self
	40	+ */
	41	+ public static function fromASN1(Sequence $seq): self
	42	+ {
	43	+ $targets = array_map(
	44	+ function (UnspecifiedType $el) {
	45	+ return Target::fromASN1($el->asTagged());
	46	+ }, $seq->elements());
	47	+ return new self(...$targets);
	48	+ }
49	49
50		- /**
51		- * Get all targets.
52		- *
53		- * @return Target[]
54		- */
55		- public function all(): array
56		- {
57		- return $this->_targets;
58		- }
	50	+ /**
	51	+ * Get all targets.
	52	+ *
	53	+ * @return Target[]
	54	+ */
	55	+ public function all(): array
	56	+ {
	57	+ return $this->_targets;
	58	+ }
59	59
60		- /**
61		- * Get all name targets.
62		- *
63		- * @return Target[]
64		- */
65		- public function nameTargets(): array
66		- {
67		- return $this->_allOfType(Target::TYPE_NAME);
68		- }
	60	+ /**
	61	+ * Get all name targets.
	62	+ *
	63	+ * @return Target[]
	64	+ */
	65	+ public function nameTargets(): array
	66	+ {
	67	+ return $this->_allOfType(Target::TYPE_NAME);
	68	+ }
69	69
70		- /**
71		- * Get all group targets.
72		- *
73		- * @return Target[]
74		- */
75		- public function groupTargets(): array
76		- {
77		- return $this->_allOfType(Target::TYPE_GROUP);
78		- }
	70	+ /**
	71	+ * Get all group targets.
	72	+ *
	73	+ * @return Target[]
	74	+ */
	75	+ public function groupTargets(): array
	76	+ {
	77	+ return $this->_allOfType(Target::TYPE_GROUP);
	78	+ }
79	79
80		- /**
81		- * Check whether given target is present.
82		- *
83		- * @param Target $target
84		- *
85		- * @return bool
86		- */
87		- public function hasTarget(Target $target): bool
88		- {
89		- foreach ($this->_allOfType($target->type()) as $t) {
90		- if ($target->equals($t)) {
91		- return true;
92		- }
93		- }
94		- return false;
95		- }
	80	+ /**
	81	+ * Check whether given target is present.
	82	+ *
	83	+ * @param Target $target
	84	+ *
	85	+ * @return bool
	86	+ */
	87	+ public function hasTarget(Target $target): bool
	88	+ {
	89	+ foreach ($this->_allOfType($target->type()) as $t) {
	90	+ if ($target->equals($t)) {
	91	+ return true;
	92	+ }
	93	+ }
	94	+ return false;
	95	+ }
96	96
97		- /**
98		- * Generate ASN.1 structure.
99		- *
100		- * @return Sequence
101		- */
102		- public function toASN1(): Sequence
103		- {
104		- $elements = array_map(
105		- function (Target $target) {
106		- return $target->toASN1();
107		- }, $this->_targets);
108		- return new Sequence(...$elements);
109		- }
	97	+ /**
	98	+ * Generate ASN.1 structure.
	99	+ *
	100	+ * @return Sequence
	101	+ */
	102	+ public function toASN1(): Sequence
	103	+ {
	104	+ $elements = array_map(
	105	+ function (Target $target) {
	106	+ return $target->toASN1();
	107	+ }, $this->_targets);
	108	+ return new Sequence(...$elements);
	109	+ }
110	110
111		- /**
112		- * @see \Countable::count()
113		- *
114		- * @return int
115		- */
116		- public function count(): int
117		- {
118		- return count($this->_targets);
119		- }
	111	+ /**
	112	+ * @see \Countable::count()
	113	+ *
	114	+ * @return int
	115	+ */
	116	+ public function count(): int
	117	+ {
	118	+ return count($this->_targets);
	119	+ }
120	120
121		- /**
122		- * Get iterator for targets.
123		- *
124		- * @see \IteratorAggregate::getIterator()
125		- *
126		- * @return \ArrayIterator
127		- */
128		- public function getIterator(): \ArrayIterator
129		- {
130		- return new \ArrayIterator($this->_targets);
131		- }
	121	+ /**
	122	+ * Get iterator for targets.
	123	+ *
	124	+ * @see \IteratorAggregate::getIterator()
	125	+ *
	126	+ * @return \ArrayIterator
	127	+ */
	128	+ public function getIterator(): \ArrayIterator
	129	+ {
	130	+ return new \ArrayIterator($this->_targets);
	131	+ }
132	132
133		- /**
134		- * Get all targets of given type.
135		- *
136		- * @param int $type
137		- *
138		- * @return Target[]
139		- */
140		- protected function _allOfType(int $type): array
141		- {
142		- return array_values(
143		- array_filter($this->_targets,
144		- function (Target $target) use ($type) {
145		- return $target->type() === $type;
146		- }));
147		- }
	133	+ /**
	134	+ * Get all targets of given type.
	135	+ *
	136	+ * @param int $type
	137	+ *
	138	+ * @return Target[]
	139	+ */
	140	+ protected function _allOfType(int $type): array
	141	+ {
	142	+ return array_values(
	143	+ array_filter($this->_targets,
	144	+ function (Target $target) use ($type) {
	145	+ return $target->type() === $type;
	146	+ }));
	147	+ }
148	148	}

		@@ -1,6 +1,6 @@ discard block
		block discarded – undo
1	1	<?php
2	2
3		-declare(strict_types = 1);
	3	+declare(strict_types=1);
4	4
5	5	namespace Sop\X509\Certificate\Extension\Target;
6	6
		@@ -41,7 +41,7 @@ discard block
		block discarded – undo
41	41	public static function fromASN1(Sequence $seq): self
42	42	{
43	43	$targets = array_map(
44		- function (UnspecifiedType $el) {
	44	+ function(UnspecifiedType $el) {
45	45	return Target::fromASN1($el->asTagged());
46	46	}, $seq->elements());
47	47	return new self(...$targets);
		@@ -102,7 +102,7 @@ discard block
		block discarded – undo
102	102	public function toASN1(): Sequence
103	103	{
104	104	$elements = array_map(
105		- function (Target $target) {
	105	+ function(Target $target) {
106	106	return $target->toASN1();
107	107	}, $this->_targets);
108	108	return new Sequence(...$elements);
		@@ -141,7 +141,7 @@ discard block
		block discarded – undo
141	141	{
142	142	return array_values(
143	143	array_filter($this->_targets,
144		- function (Target $target) use ($type) {
	144	+ function(Target $target) use ($type) {
145	145	return $target->type() === $type;
146	146	}));
147	147	}

		@@ -17,164 +17,164 @@
		block discarded – undo
17	17	*/
18	18	class PolicyMappingsExtension extends Extension implements \Countable, \IteratorAggregate
19	19	{
20		- /**
21		- * Policy mappings.
22		- *
23		- * @var PolicyMapping[]
24		- */
25		- protected $_mappings;
	20	+ /**
	21	+ * Policy mappings.
	22	+ *
	23	+ * @var PolicyMapping[]
	24	+ */
	25	+ protected $_mappings;
26	26
27		- /**
28		- * Constructor.
29		- *
30		- * @param bool $critical
31		- * @param PolicyMapping ...$mappings One or more PolicyMapping objects
32		- */
33		- public function __construct(bool $critical, PolicyMapping ...$mappings)
34		- {
35		- parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
36		- $this->_mappings = $mappings;
37		- }
	27	+ /**
	28	+ * Constructor.
	29	+ *
	30	+ * @param bool $critical
	31	+ * @param PolicyMapping ...$mappings One or more PolicyMapping objects
	32	+ */
	33	+ public function __construct(bool $critical, PolicyMapping ...$mappings)
	34	+ {
	35	+ parent::__construct(self::OID_POLICY_MAPPINGS, $critical);
	36	+ $this->_mappings = $mappings;
	37	+ }
38	38
39		- /**
40		- * Get all mappings.
41		- *
42		- * @return PolicyMapping[]
43		- */
44		- public function mappings(): array
45		- {
46		- return $this->_mappings;
47		- }
	39	+ /**
	40	+ * Get all mappings.
	41	+ *
	42	+ * @return PolicyMapping[]
	43	+ */
	44	+ public function mappings(): array
	45	+ {
	46	+ return $this->_mappings;
	47	+ }
48	48
49		- /**
50		- * Get mappings flattened into a single array of arrays of subject domains
51		- * keyed by issuer domain.
52		- *
53		- * Eg. if policy mappings contains multiple mappings with the same issuer
54		- * domain policy, their corresponding subject domain policies are placed
55		- * under the same key.
56		- *
57		- * @return (string[])[]
58		- */
59		- public function flattenedMappings(): array
60		- {
61		- $mappings = [];
62		- foreach ($this->_mappings as $mapping) {
63		- $idp = $mapping->issuerDomainPolicy();
64		- if (!isset($mappings[$idp])) {
65		- $mappings[$idp] = [];
66		- }
67		- array_push($mappings[$idp], $mapping->subjectDomainPolicy());
68		- }
69		- return $mappings;
70		- }
	49	+ /**
	50	+ * Get mappings flattened into a single array of arrays of subject domains
	51	+ * keyed by issuer domain.
	52	+ *
	53	+ * Eg. if policy mappings contains multiple mappings with the same issuer
	54	+ * domain policy, their corresponding subject domain policies are placed
	55	+ * under the same key.
	56	+ *
	57	+ * @return (string[])[]
	58	+ */
	59	+ public function flattenedMappings(): array
	60	+ {
	61	+ $mappings = [];
	62	+ foreach ($this->_mappings as $mapping) {
	63	+ $idp = $mapping->issuerDomainPolicy();
	64	+ if (!isset($mappings[$idp])) {
	65	+ $mappings[$idp] = [];
	66	+ }
	67	+ array_push($mappings[$idp], $mapping->subjectDomainPolicy());
	68	+ }
	69	+ return $mappings;
	70	+ }
71	71
72		- /**
73		- * Get all subject domain policy OIDs that are mapped to given issuer
74		- * domain policy OID.
75		- *
76		- * @param string $oid Issuer domain policy
77		- *
78		- * @return string[] List of OIDs in dotted format
79		- */
80		- public function issuerMappings(string $oid): array
81		- {
82		- $oids = [];
83		- foreach ($this->_mappings as $mapping) {
84		- if ($mapping->issuerDomainPolicy() === $oid) {
85		- $oids[] = $mapping->subjectDomainPolicy();
86		- }
87		- }
88		- return $oids;
89		- }
	72	+ /**
	73	+ * Get all subject domain policy OIDs that are mapped to given issuer
	74	+ * domain policy OID.
	75	+ *
	76	+ * @param string $oid Issuer domain policy
	77	+ *
	78	+ * @return string[] List of OIDs in dotted format
	79	+ */
	80	+ public function issuerMappings(string $oid): array
	81	+ {
	82	+ $oids = [];
	83	+ foreach ($this->_mappings as $mapping) {
	84	+ if ($mapping->issuerDomainPolicy() === $oid) {
	85	+ $oids[] = $mapping->subjectDomainPolicy();
	86	+ }
	87	+ }
	88	+ return $oids;
	89	+ }
90	90
91		- /**
92		- * Get all mapped issuer domain policy OIDs.
93		- *
94		- * @return string[]
95		- */
96		- public function issuerDomainPolicies(): array
97		- {
98		- $idps = array_map(
99		- function (PolicyMapping $mapping) {
100		- return $mapping->issuerDomainPolicy();
101		- }, $this->_mappings);
102		- return array_values(array_unique($idps));
103		- }
	91	+ /**
	92	+ * Get all mapped issuer domain policy OIDs.
	93	+ *
	94	+ * @return string[]
	95	+ */
	96	+ public function issuerDomainPolicies(): array
	97	+ {
	98	+ $idps = array_map(
	99	+ function (PolicyMapping $mapping) {
	100	+ return $mapping->issuerDomainPolicy();
	101	+ }, $this->_mappings);
	102	+ return array_values(array_unique($idps));
	103	+ }
104	104
105		- /**
106		- * Check whether policy mappings have anyPolicy mapped.
107		- *
108		- * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
109		- * to or from the special value anyPolicy".
110		- *
111		- * @return bool
112		- */
113		- public function hasAnyPolicyMapping(): bool
114		- {
115		- foreach ($this->_mappings as $mapping) {
116		- if (PolicyInformation::OID_ANY_POLICY === $mapping->issuerDomainPolicy()) {
117		- return true;
118		- }
119		- if (PolicyInformation::OID_ANY_POLICY === $mapping->subjectDomainPolicy()) {
120		- return true;
121		- }
122		- }
123		- return false;
124		- }
	105	+ /**
	106	+ * Check whether policy mappings have anyPolicy mapped.
	107	+ *
	108	+ * RFC 5280 section 4.2.1.5 states that "Policies MUST NOT be mapped either
	109	+ * to or from the special value anyPolicy".
	110	+ *
	111	+ * @return bool
	112	+ */
	113	+ public function hasAnyPolicyMapping(): bool
	114	+ {
	115	+ foreach ($this->_mappings as $mapping) {
	116	+ if (PolicyInformation::OID_ANY_POLICY === $mapping->issuerDomainPolicy()) {
	117	+ return true;
	118	+ }
	119	+ if (PolicyInformation::OID_ANY_POLICY === $mapping->subjectDomainPolicy()) {
	120	+ return true;
	121	+ }
	122	+ }
	123	+ return false;
	124	+ }
125	125
126		- /**
127		- * Get the number of mappings.
128		- *
129		- * @see \Countable::count()
130		- *
131		- * @return int
132		- */
133		- public function count(): int
134		- {
135		- return count($this->_mappings);
136		- }
	126	+ /**
	127	+ * Get the number of mappings.
	128	+ *
	129	+ * @see \Countable::count()
	130	+ *
	131	+ * @return int
	132	+ */
	133	+ public function count(): int
	134	+ {
	135	+ return count($this->_mappings);
	136	+ }
137	137
138		- /**
139		- * Get iterator for policy mappings.
140		- *
141		- * @see \IteratorAggregate::getIterator()
142		- *
143		- * @return \ArrayIterator
144		- */
145		- public function getIterator(): \ArrayIterator
146		- {
147		- return new \ArrayIterator($this->_mappings);
148		- }
	138	+ /**
	139	+ * Get iterator for policy mappings.
	140	+ *
	141	+ * @see \IteratorAggregate::getIterator()
	142	+ *
	143	+ * @return \ArrayIterator
	144	+ */
	145	+ public function getIterator(): \ArrayIterator
	146	+ {
	147	+ return new \ArrayIterator($this->_mappings);
	148	+ }
149	149
150		- /**
151		- * {@inheritdoc}
152		- */
153		- protected static function _fromDER(string $data, bool $critical): Extension
154		- {
155		- $mappings = array_map(
156		- function (UnspecifiedType $el) {
157		- return PolicyMapping::fromASN1($el->asSequence());
158		- }, UnspecifiedType::fromDER($data)->asSequence()->elements());
159		- if (!count($mappings)) {
160		- throw new \UnexpectedValueException(
161		- 'PolicyMappings must have at least one mapping.');
162		- }
163		- return new self($critical, ...$mappings);
164		- }
	150	+ /**
	151	+ * {@inheritdoc}
	152	+ */
	153	+ protected static function _fromDER(string $data, bool $critical): Extension
	154	+ {
	155	+ $mappings = array_map(
	156	+ function (UnspecifiedType $el) {
	157	+ return PolicyMapping::fromASN1($el->asSequence());
	158	+ }, UnspecifiedType::fromDER($data)->asSequence()->elements());
	159	+ if (!count($mappings)) {
	160	+ throw new \UnexpectedValueException(
	161	+ 'PolicyMappings must have at least one mapping.');
	162	+ }
	163	+ return new self($critical, ...$mappings);
	164	+ }
165	165
166		- /**
167		- * {@inheritdoc}
168		- */
169		- protected function _valueASN1(): Element
170		- {
171		- if (!count($this->_mappings)) {
172		- throw new \LogicException('No mappings.');
173		- }
174		- $elements = array_map(
175		- function (PolicyMapping $mapping) {
176		- return $mapping->toASN1();
177		- }, $this->_mappings);
178		- return new Sequence(...$elements);
179		- }
	166	+ /**
	167	+ * {@inheritdoc}
	168	+ */
	169	+ protected function _valueASN1(): Element
	170	+ {
	171	+ if (!count($this->_mappings)) {
	172	+ throw new \LogicException('No mappings.');
	173	+ }
	174	+ $elements = array_map(
	175	+ function (PolicyMapping $mapping) {
	176	+ return $mapping->toASN1();
	177	+ }, $this->_mappings);
	178	+ return new Sequence(...$elements);
	179	+ }
180	180	}

sop / x509

GitHub Access Token became invalid

Push — php72 ( 6c57e4...f82e5a )

Status

Category

Indentation +186 added lines, -186 removed lines patch added patch discarded remove patch

Indentation +202 added lines, -202 removed lines patch added patch discarded remove patch

Indentation +395 added lines, -395 removed lines patch added patch discarded remove patch

Indentation +240 added lines, -240 removed lines patch added patch discarded remove patch

Indentation +219 added lines, -219 removed lines patch added patch discarded remove patch

Indentation +96 added lines, -96 removed lines patch added patch discarded remove patch

Switch Indentation +10 added lines, -10 removed lines patch added patch discarded remove patch

Indentation +618 added lines, -618 removed lines patch added patch discarded remove patch

Indentation +121 added lines, -121 removed lines patch added patch discarded remove patch

Spacing +4 added lines, -4 removed lines patch added patch discarded remove patch

Indentation +150 added lines, -150 removed lines patch added patch discarded remove patch