sop / x509

lib/X509/GeneralName/IPv6Address.php

Indentation +51 added lines, -51 removed lines

@@ -4,57 +4,57 @@
 
 class IPv6Address extends IPAddress
 {
-    /**
-     * Initialize from octets.
-     *
-     * @param string $octets
-     * @throws \InvalidArgumentException
-     * @return self
-     */
-    public static function fromOctets($octets)
-    {
-        $mask = null;
-        $words = unpack("n*", $octets);
-        switch (count($words)) {
-            case 8:
-                $ip = self::_wordsToIPv6String($words);
-                break;
-            case 16:
-                $ip = self::_wordsToIPv6String(array_slice($words, 0, 8));
-                $mask = self::_wordsToIPv6String(array_slice($words, 8, 8));
-                break;
-            default:
-                throw new \UnexpectedValueException("Invalid IPv6 octet length.");
-        }
-        return new self($ip, $mask);
-    }
+	/**
+	 * Initialize from octets.
+	 *
+	 * @param string $octets
+	 * @throws \InvalidArgumentException
+	 * @return self
+	 */
+	public static function fromOctets($octets)
+	{
+		$mask = null;
+		$words = unpack("n*", $octets);
+		switch (count($words)) {
+			case 8:
+				$ip = self::_wordsToIPv6String($words);
+				break;
+			case 16:
+				$ip = self::_wordsToIPv6String(array_slice($words, 0, 8));
+				$mask = self::_wordsToIPv6String(array_slice($words, 8, 8));
+				break;
+			default:
+				throw new \UnexpectedValueException("Invalid IPv6 octet length.");
+		}
+		return new self($ip, $mask);
+	}
     
-    /**
-     * Convert an array of 16 bit words to an IPv6 string representation.
-     *
-     * @param int[] $words
-     * @return string
-     */
-    protected static function _wordsToIPv6String(array $words)
-    {
-        $groups = array_map(
-            function ($word) {
-                return sprintf("%04x", $word);
-            }, $words);
-        return implode(":", $groups);
-    }
+	/**
+	 * Convert an array of 16 bit words to an IPv6 string representation.
+	 *
+	 * @param int[] $words
+	 * @return string
+	 */
+	protected static function _wordsToIPv6String(array $words)
+	{
+		$groups = array_map(
+			function ($word) {
+				return sprintf("%04x", $word);
+			}, $words);
+		return implode(":", $groups);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _octets()
-    {
-        $words = array_map("hexdec", explode(":", $this->_ip));
-        if (isset($this->_mask)) {
-            $words = array_merge($words,
-                array_map("hexdec", explode(":", $this->_mask)));
-        }
-        return pack("n*", ...$words);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _octets()
+	{
+		$words = array_map("hexdec", explode(":", $this->_ip));
+		if (isset($this->_mask)) {
+			$words = array_merge($words,
+				array_map("hexdec", explode(":", $this->_mask)));
+		}
+		return pack("n*", ...$words);
+	}
 }

Switch Indentation +9 added lines, -9 removed lines

@@ -16,15 +16,15 @@
         $mask = null;
         $words = unpack("n*", $octets);
         switch (count($words)) {
-            case 8:
-                $ip = self::_wordsToIPv6String($words);
-                break;
-            case 16:
-                $ip = self::_wordsToIPv6String(array_slice($words, 0, 8));
-                $mask = self::_wordsToIPv6String(array_slice($words, 8, 8));
-                break;
-            default:
-                throw new \UnexpectedValueException("Invalid IPv6 octet length.");
+        case 8:
+            $ip = self::_wordsToIPv6String($words);
+            break;
+        case 16:
+            $ip = self::_wordsToIPv6String(array_slice($words, 0, 8));
+            $mask = self::_wordsToIPv6String(array_slice($words, 8, 8));
+            break;
+        default:
+            throw new \UnexpectedValueException("Invalid IPv6 octet length.");
         }
         return new self($ip, $mask);
     }

Spacing +1 added lines, -1 removed lines

@@ -38,7 +38,7 @@
     protected static function _wordsToIPv6String(array $words)
     {
         $groups = array_map(
-            function ($word) {
+            function($word) {
                 return sprintf("%04x", $word);
             }, $words);
         return implode(":", $groups);

lib/X509/GeneralName/RegisteredID.php

Indentation +51 added lines, -51 removed lines

@@ -13,60 +13,60 @@
  */
 class RegisteredID extends GeneralName
 {
-    /**
-     * Object identifier.
-     *
-     * @var string $_oid
-     */
-    protected $_oid;
+	/**
+	 * Object identifier.
+	 *
+	 * @var string $_oid
+	 */
+	protected $_oid;
     
-    /**
-     * Constructor.
-     *
-     * @param string $oid OID in dotted format
-     */
-    public function __construct($oid)
-    {
-        $this->_tag = self::TAG_REGISTERED_ID;
-        $this->_oid = $oid;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $oid OID in dotted format
+	 */
+	public function __construct($oid)
+	{
+		$this->_tag = self::TAG_REGISTERED_ID;
+		$this->_oid = $oid;
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromChosenASN1(UnspecifiedType $el)
-    {
-        return new self($el->asObjectIdentifier()->oid());
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromChosenASN1(UnspecifiedType $el)
+	{
+		return new self($el->asObjectIdentifier()->oid());
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function string()
-    {
-        return $this->_oid;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function string()
+	{
+		return $this->_oid;
+	}
     
-    /**
-     * Get object identifier in dotted format.
-     *
-     * @return string OID
-     */
-    public function oid()
-    {
-        return $this->_oid;
-    }
+	/**
+	 * Get object identifier in dotted format.
+	 *
+	 * @return string OID
+	 */
+	public function oid()
+	{
+		return $this->_oid;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _choiceASN1()
-    {
-        return new ImplicitlyTaggedType($this->_tag,
-            new ObjectIdentifier($this->_oid));
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _choiceASN1()
+	{
+		return new ImplicitlyTaggedType($this->_tag,
+			new ObjectIdentifier($this->_oid));
+	}
 }

lib/X509/GeneralName/GeneralName.php

Indentation +134 added lines, -134 removed lines

@@ -13,147 +13,147 @@
  */
 abstract class GeneralName
 {
-    // GeneralName CHOICE tags
-    const TAG_OTHER_NAME = 0;
-    const TAG_RFC822_NAME = 1;
-    const TAG_DNS_NAME = 2;
-    const TAG_X400_ADDRESS = 3;
-    const TAG_DIRECTORY_NAME = 4;
-    const TAG_EDI_PARTY_NAME = 5;
-    const TAG_URI = 6;
-    const TAG_IP_ADDRESS = 7;
-    const TAG_REGISTERED_ID = 8;
+	// GeneralName CHOICE tags
+	const TAG_OTHER_NAME = 0;
+	const TAG_RFC822_NAME = 1;
+	const TAG_DNS_NAME = 2;
+	const TAG_X400_ADDRESS = 3;
+	const TAG_DIRECTORY_NAME = 4;
+	const TAG_EDI_PARTY_NAME = 5;
+	const TAG_URI = 6;
+	const TAG_IP_ADDRESS = 7;
+	const TAG_REGISTERED_ID = 8;
     
-    /**
-     * Chosen tag.
-     *
-     * @var int $_tag
-     */
-    protected $_tag;
+	/**
+	 * Chosen tag.
+	 *
+	 * @var int $_tag
+	 */
+	protected $_tag;
     
-    /**
-     * Get string value of the type.
-     *
-     * @return string
-     */
-    abstract public function string();
+	/**
+	 * Get string value of the type.
+	 *
+	 * @return string
+	 */
+	abstract public function string();
     
-    /**
-     * Get ASN.1 value in GeneralName CHOICE context.
-     *
-     * @return TaggedType
-     */
-    abstract protected function _choiceASN1();
+	/**
+	 * Get ASN.1 value in GeneralName CHOICE context.
+	 *
+	 * @return TaggedType
+	 */
+	abstract protected function _choiceASN1();
     
-    /**
-     * Initialize concrete object from the chosen ASN.1 element.
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromChosenASN1(UnspecifiedType $el)
-    {
-        throw new \BadMethodCallException(
-            __FUNCTION__ . " must be implemented in the derived class.");
-    }
+	/**
+	 * Initialize concrete object from the chosen ASN.1 element.
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromChosenASN1(UnspecifiedType $el)
+	{
+		throw new \BadMethodCallException(
+			__FUNCTION__ . " must be implemented in the derived class.");
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param TaggedType $el
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromASN1(TaggedType $el)
-    {
-        switch ($el->tag()) {
-            // otherName
-            case self::TAG_OTHER_NAME:
-                return OtherName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // rfc822Name
-            case self::TAG_RFC822_NAME:
-                return RFC822Name::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // dNSName
-            case self::TAG_DNS_NAME:
-                return DNSName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // x400Address
-            case self::TAG_X400_ADDRESS:
-                return X400Address::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // directoryName
-            case self::TAG_DIRECTORY_NAME:
-                // because Name is a CHOICE, albeit having only one option,
-                // explicit tagging must be used
-                // (see X.680 07/2002 30.6.c)
-                return DirectoryName::fromChosenASN1($el->asExplicit());
-            // ediPartyName
-            case self::TAG_EDI_PARTY_NAME:
-                return EDIPartyName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // uniformResourceIdentifier
-            case self::TAG_URI:
-                return UniformResourceIdentifier::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // iPAddress
-            case self::TAG_IP_ADDRESS:
-                return IPAddress::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_OCTET_STRING));
-            // registeredID
-            case self::TAG_REGISTERED_ID:
-                return RegisteredID::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_OBJECT_IDENTIFIER));
-        }
-        throw new \UnexpectedValueException(
-            "GeneralName type " . $el->tag() . " not supported.");
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param TaggedType $el
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromASN1(TaggedType $el)
+	{
+		switch ($el->tag()) {
+			// otherName
+			case self::TAG_OTHER_NAME:
+				return OtherName::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_SEQUENCE));
+			// rfc822Name
+			case self::TAG_RFC822_NAME:
+				return RFC822Name::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_IA5_STRING));
+			// dNSName
+			case self::TAG_DNS_NAME:
+				return DNSName::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_IA5_STRING));
+			// x400Address
+			case self::TAG_X400_ADDRESS:
+				return X400Address::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_SEQUENCE));
+			// directoryName
+			case self::TAG_DIRECTORY_NAME:
+				// because Name is a CHOICE, albeit having only one option,
+				// explicit tagging must be used
+				// (see X.680 07/2002 30.6.c)
+				return DirectoryName::fromChosenASN1($el->asExplicit());
+			// ediPartyName
+			case self::TAG_EDI_PARTY_NAME:
+				return EDIPartyName::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_SEQUENCE));
+			// uniformResourceIdentifier
+			case self::TAG_URI:
+				return UniformResourceIdentifier::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_IA5_STRING));
+			// iPAddress
+			case self::TAG_IP_ADDRESS:
+				return IPAddress::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_OCTET_STRING));
+			// registeredID
+			case self::TAG_REGISTERED_ID:
+				return RegisteredID::fromChosenASN1(
+					$el->asImplicit(Element::TYPE_OBJECT_IDENTIFIER));
+		}
+		throw new \UnexpectedValueException(
+			"GeneralName type " . $el->tag() . " not supported.");
+	}
     
-    /**
-     * Get type tag.
-     *
-     * @return int
-     */
-    public function tag()
-    {
-        return $this->_tag;
-    }
+	/**
+	 * Get type tag.
+	 *
+	 * @return int
+	 */
+	public function tag()
+	{
+		return $this->_tag;
+	}
     
-    /**
-     * Generate ASN.1 element.
-     *
-     * @return Element
-     */
-    public function toASN1()
-    {
-        return $this->_choiceASN1();
-    }
+	/**
+	 * Generate ASN.1 element.
+	 *
+	 * @return Element
+	 */
+	public function toASN1()
+	{
+		return $this->_choiceASN1();
+	}
     
-    /**
-     * Check whether GeneralName is equal to other.
-     *
-     * @param GeneralName $other GeneralName to compare to
-     * @return boolean True if names are equal
-     */
-    public function equals(GeneralName $other)
-    {
-        if ($this->_tag != $other->_tag) {
-            return false;
-        }
-        if ($this->_choiceASN1()->toDER() != $other->_choiceASN1()->toDER()) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 * Check whether GeneralName is equal to other.
+	 *
+	 * @param GeneralName $other GeneralName to compare to
+	 * @return boolean True if names are equal
+	 */
+	public function equals(GeneralName $other)
+	{
+		if ($this->_tag != $other->_tag) {
+			return false;
+		}
+		if ($this->_choiceASN1()->toDER() != $other->_choiceASN1()->toDER()) {
+			return false;
+		}
+		return true;
+	}
     
-    /**
-     * Get general name as a string.
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->string();
-    }
+	/**
+	 * Get general name as a string.
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->string();
+	}
 }

Switch Indentation +37 added lines, -37 removed lines

@@ -68,43 +68,43 @@
     {
         switch ($el->tag()) {
             // otherName
-            case self::TAG_OTHER_NAME:
-                return OtherName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // rfc822Name
-            case self::TAG_RFC822_NAME:
-                return RFC822Name::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // dNSName
-            case self::TAG_DNS_NAME:
-                return DNSName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // x400Address
-            case self::TAG_X400_ADDRESS:
-                return X400Address::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // directoryName
-            case self::TAG_DIRECTORY_NAME:
-                // because Name is a CHOICE, albeit having only one option,
-                // explicit tagging must be used
-                // (see X.680 07/2002 30.6.c)
-                return DirectoryName::fromChosenASN1($el->asExplicit());
-            // ediPartyName
-            case self::TAG_EDI_PARTY_NAME:
-                return EDIPartyName::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_SEQUENCE));
-            // uniformResourceIdentifier
-            case self::TAG_URI:
-                return UniformResourceIdentifier::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_IA5_STRING));
-            // iPAddress
-            case self::TAG_IP_ADDRESS:
-                return IPAddress::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_OCTET_STRING));
-            // registeredID
-            case self::TAG_REGISTERED_ID:
-                return RegisteredID::fromChosenASN1(
-                    $el->asImplicit(Element::TYPE_OBJECT_IDENTIFIER));
+        case self::TAG_OTHER_NAME:
+            return OtherName::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_SEQUENCE));
+        // rfc822Name
+        case self::TAG_RFC822_NAME:
+            return RFC822Name::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_IA5_STRING));
+        // dNSName
+        case self::TAG_DNS_NAME:
+            return DNSName::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_IA5_STRING));
+        // x400Address
+        case self::TAG_X400_ADDRESS:
+            return X400Address::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_SEQUENCE));
+        // directoryName
+        case self::TAG_DIRECTORY_NAME:
+            // because Name is a CHOICE, albeit having only one option,
+            // explicit tagging must be used
+            // (see X.680 07/2002 30.6.c)
+            return DirectoryName::fromChosenASN1($el->asExplicit());
+        // ediPartyName
+        case self::TAG_EDI_PARTY_NAME:
+            return EDIPartyName::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_SEQUENCE));
+        // uniformResourceIdentifier
+        case self::TAG_URI:
+            return UniformResourceIdentifier::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_IA5_STRING));
+        // iPAddress
+        case self::TAG_IP_ADDRESS:
+            return IPAddress::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_OCTET_STRING));
+        // registeredID
+        case self::TAG_REGISTERED_ID:
+            return RegisteredID::fromChosenASN1(
+                $el->asImplicit(Element::TYPE_OBJECT_IDENTIFIER));
         }
         throw new \UnexpectedValueException(
             "GeneralName type " . $el->tag() . " not supported.");

lib/X509/GeneralName/DirectoryName.php

Indentation +62 added lines, -62 removed lines

@@ -13,72 +13,72 @@
  */
 class DirectoryName extends GeneralName
 {
-    /**
-     * Directory name.
-     *
-     * @var Name $_dn
-     */
-    protected $_dn;
+	/**
+	 * Directory name.
+	 *
+	 * @var Name $_dn
+	 */
+	protected $_dn;
     
-    /**
-     * Constructor.
-     *
-     * @param Name $dn
-     */
-    public function __construct(Name $dn)
-    {
-        $this->_tag = self::TAG_DIRECTORY_NAME;
-        $this->_dn = $dn;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Name $dn
+	 */
+	public function __construct(Name $dn)
+	{
+		$this->_tag = self::TAG_DIRECTORY_NAME;
+		$this->_dn = $dn;
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromChosenASN1(UnspecifiedType $el)
-    {
-        return new self(Name::fromASN1($el->asSequence()));
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromChosenASN1(UnspecifiedType $el)
+	{
+		return new self(Name::fromASN1($el->asSequence()));
+	}
     
-    /**
-     * Initialize from distinguished name string.
-     *
-     * @param string $str
-     * @return self
-     */
-    public static function fromDNString($str)
-    {
-        return new self(Name::fromString($str));
-    }
+	/**
+	 * Initialize from distinguished name string.
+	 *
+	 * @param string $str
+	 * @return self
+	 */
+	public static function fromDNString($str)
+	{
+		return new self(Name::fromString($str));
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function string()
-    {
-        return $this->_dn->toString();
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function string()
+	{
+		return $this->_dn->toString();
+	}
     
-    /**
-     * Get directory name.
-     *
-     * @return Name
-     */
-    public function dn()
-    {
-        return $this->_dn;
-    }
+	/**
+	 * Get directory name.
+	 *
+	 * @return Name
+	 */
+	public function dn()
+	{
+		return $this->_dn;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _choiceASN1()
-    {
-        // Name type is itself a CHOICE, so explicit tagging must be
-        // employed to avoid ambiguities
-        return new ExplicitlyTaggedType($this->_tag, $this->_dn->toASN1());
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _choiceASN1()
+	{
+		// Name type is itself a CHOICE, so explicit tagging must be
+		// employed to avoid ambiguities
+		return new ExplicitlyTaggedType($this->_tag, $this->_dn->toASN1());
+	}
 }

lib/X509/Certificate/Certificate.php

Indentation +231 added lines, -231 removed lines

@@ -17,235 +17,235 @@
  */
 class Certificate
 {
-    /**
-     * "To be signed" certificate information.
-     *
-     * @var TBSCertificate $_tbsCertificate
-     */
-    protected $_tbsCertificate;
-    
-    /**
-     * Signature algorithm.
-     *
-     * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
-     */
-    protected $_signatureAlgorithm;
-    
-    /**
-     * Signature value.
-     *
-     * @var Signature $_signatureValue
-     */
-    protected $_signatureValue;
-    
-    /**
-     * Constructor.
-     *
-     * @param TBSCertificate $tbsCert
-     * @param SignatureAlgorithmIdentifier $algo
-     * @param Signature $signature
-     */
-    public function __construct(TBSCertificate $tbsCert,
-        SignatureAlgorithmIdentifier $algo, Signature $signature)
-    {
-        $this->_tbsCertificate = $tbsCert;
-        $this->_signatureAlgorithm = $algo;
-        $this->_signatureValue = $signature;
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq)
-    {
-        $tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
-        $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
-        if (!$algo instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                "Unsupported signature algorithm " . $algo->oid() . ".");
-        }
-        $signature = Signature::fromSignatureData(
-            $seq->at(2)
-                ->asBitString()
-                ->string(), $algo);
-        return new self($tbsCert, $algo, $signature);
-    }
-    
-    /**
-     * Initialize from DER.
-     *
-     * @param string $data
-     * @return self
-     */
-    public static function fromDER($data)
-    {
-        return self::fromASN1(Sequence::fromDER($data));
-    }
-    
-    /**
-     * Initialize from PEM.
-     *
-     * @param PEM $pem
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromPEM(PEM $pem)
-    {
-        if ($pem->type() != PEM::TYPE_CERTIFICATE) {
-            throw new \UnexpectedValueException("Invalid PEM type.");
-        }
-        return self::fromDER($pem->data());
-    }
-    
-    /**
-     * Get certificate information.
-     *
-     * @return TBSCertificate
-     */
-    public function tbsCertificate()
-    {
-        return $this->_tbsCertificate;
-    }
-    
-    /**
-     * Get signature algorithm.
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signatureAlgorithm()
-    {
-        return $this->_signatureAlgorithm;
-    }
-    
-    /**
-     * Get signature value.
-     *
-     * @return Signature
-     */
-    public function signatureValue()
-    {
-        return $this->_signatureValue;
-    }
-    
-    /**
-     * Check whether certificate is self-issued.
-     *
-     * @return bool
-     */
-    public function isSelfIssued()
-    {
-        return $this->_tbsCertificate->subject()->equals(
-            $this->_tbsCertificate->issuer());
-    }
-    
-    /**
-     * Check whether certificate is semantically equal to another.
-     *
-     * @param Certificate $cert Certificate to compare to
-     * @return bool
-     */
-    public function equals(Certificate $cert)
-    {
-        return $this->_hasEqualSerialNumber($cert) &&
-             $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
-    }
-    
-    /**
-     * Check whether certificate has serial number equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualSerialNumber(Certificate $cert)
-    {
-        $sn1 = $this->_tbsCertificate->serialNumber();
-        $sn2 = $cert->_tbsCertificate->serialNumber();
-        return $sn1 == $sn2;
-    }
-    
-    /**
-     * Check whether certificate has public key equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualPublicKey(Certificate $cert)
-    {
-        $kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        $kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
-        return $kid1 == $kid2;
-    }
-    
-    /**
-     * Check whether certificate has subject equal to another.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    private function _hasEqualSubject(Certificate $cert)
-    {
-        $dn1 = $this->_tbsCertificate->subject();
-        $dn2 = $cert->_tbsCertificate->subject();
-        return $dn1->equals($dn2);
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1()
-    {
-        return new Sequence($this->_tbsCertificate->toASN1(),
-            $this->_signatureAlgorithm->toASN1(),
-            $this->_signatureValue->bitString());
-    }
-    
-    /**
-     * Get certificate as a DER.
-     *
-     * @return string
-     */
-    public function toDER()
-    {
-        return $this->toASN1()->toDER();
-    }
-    
-    /**
-     * Get certificate as a PEM.
-     *
-     * @return PEM
-     */
-    public function toPEM()
-    {
-        return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
-    }
-    
-    /**
-     * Verify certificate signature.
-     *
-     * @param PublicKeyInfo $pubkey_info Issuer's public key
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @return bool True if certificate signature is valid
-     */
-    public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null)
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $data = $this->_tbsCertificate->toASN1()->toDER();
-        return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
-            $this->_signatureAlgorithm);
-    }
-    
-    /**
-     * Get certificate as a PEM formatted string.
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->toPEM()->string();
-    }
+	/**
+	 * "To be signed" certificate information.
+	 *
+	 * @var TBSCertificate $_tbsCertificate
+	 */
+	protected $_tbsCertificate;
+    
+	/**
+	 * Signature algorithm.
+	 *
+	 * @var SignatureAlgorithmIdentifier $_signatureAlgorithm
+	 */
+	protected $_signatureAlgorithm;
+    
+	/**
+	 * Signature value.
+	 *
+	 * @var Signature $_signatureValue
+	 */
+	protected $_signatureValue;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param TBSCertificate $tbsCert
+	 * @param SignatureAlgorithmIdentifier $algo
+	 * @param Signature $signature
+	 */
+	public function __construct(TBSCertificate $tbsCert,
+		SignatureAlgorithmIdentifier $algo, Signature $signature)
+	{
+		$this->_tbsCertificate = $tbsCert;
+		$this->_signatureAlgorithm = $algo;
+		$this->_signatureValue = $signature;
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq)
+	{
+		$tbsCert = TBSCertificate::fromASN1($seq->at(0)->asSequence());
+		$algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence());
+		if (!$algo instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				"Unsupported signature algorithm " . $algo->oid() . ".");
+		}
+		$signature = Signature::fromSignatureData(
+			$seq->at(2)
+				->asBitString()
+				->string(), $algo);
+		return new self($tbsCert, $algo, $signature);
+	}
+    
+	/**
+	 * Initialize from DER.
+	 *
+	 * @param string $data
+	 * @return self
+	 */
+	public static function fromDER($data)
+	{
+		return self::fromASN1(Sequence::fromDER($data));
+	}
+    
+	/**
+	 * Initialize from PEM.
+	 *
+	 * @param PEM $pem
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromPEM(PEM $pem)
+	{
+		if ($pem->type() != PEM::TYPE_CERTIFICATE) {
+			throw new \UnexpectedValueException("Invalid PEM type.");
+		}
+		return self::fromDER($pem->data());
+	}
+    
+	/**
+	 * Get certificate information.
+	 *
+	 * @return TBSCertificate
+	 */
+	public function tbsCertificate()
+	{
+		return $this->_tbsCertificate;
+	}
+    
+	/**
+	 * Get signature algorithm.
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signatureAlgorithm()
+	{
+		return $this->_signatureAlgorithm;
+	}
+    
+	/**
+	 * Get signature value.
+	 *
+	 * @return Signature
+	 */
+	public function signatureValue()
+	{
+		return $this->_signatureValue;
+	}
+    
+	/**
+	 * Check whether certificate is self-issued.
+	 *
+	 * @return bool
+	 */
+	public function isSelfIssued()
+	{
+		return $this->_tbsCertificate->subject()->equals(
+			$this->_tbsCertificate->issuer());
+	}
+    
+	/**
+	 * Check whether certificate is semantically equal to another.
+	 *
+	 * @param Certificate $cert Certificate to compare to
+	 * @return bool
+	 */
+	public function equals(Certificate $cert)
+	{
+		return $this->_hasEqualSerialNumber($cert) &&
+			 $this->_hasEqualPublicKey($cert) && $this->_hasEqualSubject($cert);
+	}
+    
+	/**
+	 * Check whether certificate has serial number equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualSerialNumber(Certificate $cert)
+	{
+		$sn1 = $this->_tbsCertificate->serialNumber();
+		$sn2 = $cert->_tbsCertificate->serialNumber();
+		return $sn1 == $sn2;
+	}
+    
+	/**
+	 * Check whether certificate has public key equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualPublicKey(Certificate $cert)
+	{
+		$kid1 = $this->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		$kid2 = $cert->_tbsCertificate->subjectPublicKeyInfo()->keyIdentifier();
+		return $kid1 == $kid2;
+	}
+    
+	/**
+	 * Check whether certificate has subject equal to another.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	private function _hasEqualSubject(Certificate $cert)
+	{
+		$dn1 = $this->_tbsCertificate->subject();
+		$dn2 = $cert->_tbsCertificate->subject();
+		return $dn1->equals($dn2);
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1()
+	{
+		return new Sequence($this->_tbsCertificate->toASN1(),
+			$this->_signatureAlgorithm->toASN1(),
+			$this->_signatureValue->bitString());
+	}
+    
+	/**
+	 * Get certificate as a DER.
+	 *
+	 * @return string
+	 */
+	public function toDER()
+	{
+		return $this->toASN1()->toDER();
+	}
+    
+	/**
+	 * Get certificate as a PEM.
+	 *
+	 * @return PEM
+	 */
+	public function toPEM()
+	{
+		return new PEM(PEM::TYPE_CERTIFICATE, $this->toDER());
+	}
+    
+	/**
+	 * Verify certificate signature.
+	 *
+	 * @param PublicKeyInfo $pubkey_info Issuer's public key
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @return bool True if certificate signature is valid
+	 */
+	public function verify(PublicKeyInfo $pubkey_info, Crypto $crypto = null)
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$data = $this->_tbsCertificate->toASN1()->toDER();
+		return $crypto->verify($data, $this->_signatureValue, $pubkey_info,
+			$this->_signatureAlgorithm);
+	}
+    
+	/**
+	 * Get certificate as a PEM formatted string.
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->toPEM()->string();
+	}
 }

lib/X509/Certificate/CertificateChain.php

Indentation +117 added lines, -117 removed lines

@@ -11,131 +11,131 @@
  */
 class CertificateChain implements \Countable, \IteratorAggregate
 {
-    /**
-     * List of certificates in a chain.
-     *
-     * @var Certificate[]
-     */
-    protected $_certs;
+	/**
+	 * List of certificates in a chain.
+	 *
+	 * @var Certificate[]
+	 */
+	protected $_certs;
     
-    /**
-     * Constructor.
-     *
-     * @param Certificate ...$certs List of certificates, end-entity first
-     */
-    public function __construct(Certificate ...$certs)
-    {
-        $this->_certs = $certs;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Certificate ...$certs List of certificates, end-entity first
+	 */
+	public function __construct(Certificate ...$certs)
+	{
+		$this->_certs = $certs;
+	}
     
-    /**
-     * Initialize from a list of PEMs.
-     *
-     * @param PEM ...$pems
-     * @return self
-     */
-    public static function fromPEMs(PEM ...$pems)
-    {
-        $certs = array_map(
-            function (PEM $pem) {
-                return Certificate::fromPEM($pem);
-            }, $pems);
-        return new self(...$certs);
-    }
+	/**
+	 * Initialize from a list of PEMs.
+	 *
+	 * @param PEM ...$pems
+	 * @return self
+	 */
+	public static function fromPEMs(PEM ...$pems)
+	{
+		$certs = array_map(
+			function (PEM $pem) {
+				return Certificate::fromPEM($pem);
+			}, $pems);
+		return new self(...$certs);
+	}
     
-    /**
-     * Initialize from a string containing multiple PEM blocks.
-     *
-     * @param string $str
-     * @return self
-     */
-    public static function fromPEMString($str)
-    {
-        $pems = PEMBundle::fromString($str)->all();
-        return self::fromPEMs(...$pems);
-    }
+	/**
+	 * Initialize from a string containing multiple PEM blocks.
+	 *
+	 * @param string $str
+	 * @return self
+	 */
+	public static function fromPEMString($str)
+	{
+		$pems = PEMBundle::fromString($str)->all();
+		return self::fromPEMs(...$pems);
+	}
     
-    /**
-     * Get all certificates in a chain ordered from the end-entity certificate
-     * to the trust anchor.
-     *
-     * @return Certificate[]
-     */
-    public function certificates()
-    {
-        return $this->_certs;
-    }
+	/**
+	 * Get all certificates in a chain ordered from the end-entity certificate
+	 * to the trust anchor.
+	 *
+	 * @return Certificate[]
+	 */
+	public function certificates()
+	{
+		return $this->_certs;
+	}
     
-    /**
-     * Get the end-entity certificate.
-     *
-     * @throws \LogicException
-     * @return Certificate
-     */
-    public function endEntityCertificate()
-    {
-        if (!count($this->_certs)) {
-            throw new \LogicException("No certificates.");
-        }
-        return $this->_certs[0];
-    }
+	/**
+	 * Get the end-entity certificate.
+	 *
+	 * @throws \LogicException
+	 * @return Certificate
+	 */
+	public function endEntityCertificate()
+	{
+		if (!count($this->_certs)) {
+			throw new \LogicException("No certificates.");
+		}
+		return $this->_certs[0];
+	}
     
-    /**
-     * Get the trust anchor certificate.
-     *
-     * @throws \LogicException
-     * @return Certificate
-     */
-    public function trustAnchorCertificate()
-    {
-        if (!count($this->_certs)) {
-            throw new \LogicException("No certificates.");
-        }
-        return $this->_certs[count($this->_certs) - 1];
-    }
+	/**
+	 * Get the trust anchor certificate.
+	 *
+	 * @throws \LogicException
+	 * @return Certificate
+	 */
+	public function trustAnchorCertificate()
+	{
+		if (!count($this->_certs)) {
+			throw new \LogicException("No certificates.");
+		}
+		return $this->_certs[count($this->_certs) - 1];
+	}
     
-    /**
-     * Convert certificate chain to certification path.
-     *
-     * @return CertificationPath
-     */
-    public function certificationPath()
-    {
-        return CertificationPath::fromCertificateChain($this);
-    }
+	/**
+	 * Convert certificate chain to certification path.
+	 *
+	 * @return CertificationPath
+	 */
+	public function certificationPath()
+	{
+		return CertificationPath::fromCertificateChain($this);
+	}
     
-    /**
-     * Convert certificate chain to string of PEM blocks.
-     *
-     * @return string
-     */
-    public function toPEMString()
-    {
-        return implode("\n",
-            array_map(
-                function (Certificate $cert) {
-                    return $cert->toPEM()->string();
-                }, $this->_certs));
-    }
+	/**
+	 * Convert certificate chain to string of PEM blocks.
+	 *
+	 * @return string
+	 */
+	public function toPEMString()
+	{
+		return implode("\n",
+			array_map(
+				function (Certificate $cert) {
+					return $cert->toPEM()->string();
+				}, $this->_certs));
+	}
     
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count()
-    {
-        return count($this->_certs);
-    }
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count()
+	{
+		return count($this->_certs);
+	}
     
-    /**
-     * Get iterator for certificates.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator()
-    {
-        return new \ArrayIterator($this->_certs);
-    }
+	/**
+	 * Get iterator for certificates.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator()
+	{
+		return new \ArrayIterator($this->_certs);
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -37,7 +37,7 @@ 
     public static function fromPEMs(PEM ...$pems)
     {
         $certs = array_map(
-            function (PEM $pem) {
+            function(PEM $pem) {
                 return Certificate::fromPEM($pem);
             }, $pems);
         return new self(...$certs);
@@ -113,7 +113,7 @@ 
     {
         return implode("\n",
             array_map(
-                function (Certificate $cert) {
+                function(Certificate $cert) {
                     return $cert->toPEM()->string();
                 }, $this->_certs));
     }

lib/X509/Certificate/Extensions.php

Indentation +383 added lines, -383 removed lines

@@ -16,387 +16,387 @@
  */
 class Extensions implements \Countable, \IteratorAggregate
 {
-    /**
-     * Extensions.
-     *
-     * @var Extension[] $_extensions
-     */
-    protected $_extensions;
-    
-    /**
-     * Constructor.
-     *
-     * @param Extension ...$extensions Extension objects
-     */
-    public function __construct(Extension ...$extensions)
-    {
-        $this->_extensions = array();
-        foreach ($extensions as $ext) {
-            $this->_extensions[$ext->oid()] = $ext;
-        }
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq)
-    {
-        $extensions = array_map(
-            function (UnspecifiedType $el) {
-                return Extension::fromASN1($el->asSequence());
-            }, $seq->elements());
-        return new self(...$extensions);
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1()
-    {
-        $elements = array_values(
-            array_map(
-                function ($ext) {
-                    return $ext->toASN1();
-                }, $this->_extensions));
-        return new Sequence(...$elements);
-    }
-    
-    /**
-     * Get self with extensions added.
-     *
-     * @param Extension ...$ext One or more extensions to add
-     * @return self
-     */
-    public function withExtensions(Extension ...$exts)
-    {
-        $obj = clone $this;
-        foreach ($exts as $ext) {
-            $obj->_extensions[$ext->oid()] = $ext;
-        }
-        return $obj;
-    }
-    
-    /**
-     * Check whether extension is present.
-     *
-     * @param string $oid Extensions OID
-     * @return bool
-     */
-    public function has($oid)
-    {
-        return isset($this->_extensions[$oid]);
-    }
-    
-    /**
-     * Get extension by OID.
-     *
-     * @param string $oid
-     * @throws \LogicException If extension is not present
-     * @return Extension
-     */
-    public function get($oid)
-    {
-        if (!$this->has($oid)) {
-            throw new \LogicException("No extension by OID $oid.");
-        }
-        return $this->_extensions[$oid];
-    }
-    
-    /**
-     * Check whether 'Authority Key Identifier' extension is present.
-     *
-     * @return bool
-     */
-    public function hasAuthorityKeyIdentifier()
-    {
-        return $this->has(Extension::OID_AUTHORITY_KEY_IDENTIFIER);
-    }
-    
-    /**
-     * Get 'Authority Key Identifier' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\AuthorityKeyIdentifierExtension
-     */
-    public function authorityKeyIdentifier()
-    {
-        return $this->get(Extension::OID_AUTHORITY_KEY_IDENTIFIER);
-    }
-    
-    /**
-     * Check whether 'Subject Key Identifier' extension is present.
-     *
-     * @return bool
-     */
-    public function hasSubjectKeyIdentifier()
-    {
-        return $this->has(Extension::OID_SUBJECT_KEY_IDENTIFIER);
-    }
-    
-    /**
-     * Get 'Subject Key Identifier' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\SubjectKeyIdentifierExtension
-     */
-    public function subjectKeyIdentifier()
-    {
-        return $this->get(Extension::OID_SUBJECT_KEY_IDENTIFIER);
-    }
-    
-    /**
-     * Check whether 'Key Usage' extension is present.
-     *
-     * @return bool
-     */
-    public function hasKeyUsage()
-    {
-        return $this->has(Extension::OID_KEY_USAGE);
-    }
-    
-    /**
-     * Get 'Key Usage' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\KeyUsageExtension
-     */
-    public function keyUsage()
-    {
-        return $this->get(Extension::OID_KEY_USAGE);
-    }
-    
-    /**
-     * Check whether 'Certificate Policies' extension is present.
-     *
-     * @return bool
-     */
-    public function hasCertificatePolicies()
-    {
-        return $this->has(Extension::OID_CERTIFICATE_POLICIES);
-    }
-    
-    /**
-     * Get 'Certificate Policies' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\CertificatePoliciesExtension
-     */
-    public function certificatePolicies()
-    {
-        return $this->get(Extension::OID_CERTIFICATE_POLICIES);
-    }
-    
-    /**
-     * Check whether 'Policy Mappings' extension is present.
-     *
-     * @return bool
-     */
-    public function hasPolicyMappings()
-    {
-        return $this->has(Extension::OID_POLICY_MAPPINGS);
-    }
-    
-    /**
-     * Get 'Policy Mappings' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\PolicyMappingsExtension
-     */
-    public function policyMappings()
-    {
-        return $this->get(Extension::OID_POLICY_MAPPINGS);
-    }
-    
-    /**
-     * Check whether 'Subject Alternative Name' extension is present.
-     *
-     * @return bool
-     */
-    public function hasSubjectAlternativeName()
-    {
-        return $this->has(Extension::OID_SUBJECT_ALT_NAME);
-    }
-    
-    /**
-     * Get 'Subject Alternative Name' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\SubjectAlternativeNameExtension
-     */
-    public function subjectAlternativeName()
-    {
-        return $this->get(Extension::OID_SUBJECT_ALT_NAME);
-    }
-    
-    /**
-     * Check whether 'Issuer Alternative Name' extension is present.
-     *
-     * @return bool
-     */
-    public function hasIssuerAlternativeName()
-    {
-        return $this->has(Extension::OID_ISSUER_ALT_NAME);
-    }
-    
-    /**
-     * Get 'Issuer Alternative Name' extension.
-     *
-     * @return \X509\Certificate\Extension\IssuerAlternativeNameExtension
-     */
-    public function issuerAlternativeName()
-    {
-        return $this->get(Extension::OID_ISSUER_ALT_NAME);
-    }
-    
-    /**
-     * Check whether 'Basic Constraints' extension is present.
-     *
-     * @return bool
-     */
-    public function hasBasicConstraints()
-    {
-        return $this->has(Extension::OID_BASIC_CONSTRAINTS);
-    }
-    
-    /**
-     * Get 'Basic Constraints' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\BasicConstraintsExtension
-     */
-    public function basicConstraints()
-    {
-        return $this->get(Extension::OID_BASIC_CONSTRAINTS);
-    }
-    
-    /**
-     * Check whether 'Name Constraints' extension is present.
-     *
-     * @return bool
-     */
-    public function hasNameConstraints()
-    {
-        return $this->has(Extension::OID_NAME_CONSTRAINTS);
-    }
-    
-    /**
-     * Get 'Name Constraints' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\NameConstraintsExtension
-     */
-    public function nameConstraints()
-    {
-        return $this->get(Extension::OID_NAME_CONSTRAINTS);
-    }
-    
-    /**
-     * Check whether 'Policy Constraints' extension is present.
-     *
-     * @return bool
-     */
-    public function hasPolicyConstraints()
-    {
-        return $this->has(Extension::OID_POLICY_CONSTRAINTS);
-    }
-    
-    /**
-     * Get 'Policy Constraints' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\PolicyConstraintsExtension
-     */
-    public function policyConstraints()
-    {
-        return $this->get(Extension::OID_POLICY_CONSTRAINTS);
-    }
-    
-    /**
-     * Check whether 'Extended Key Usage' extension is present.
-     *
-     * @return bool
-     */
-    public function hasExtendedKeyUsage()
-    {
-        return $this->has(Extension::OID_EXT_KEY_USAGE);
-    }
-    
-    /**
-     * Get 'Extended Key Usage' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\ExtendedKeyUsageExtension
-     */
-    public function extendedKeyUsage()
-    {
-        return $this->get(Extension::OID_EXT_KEY_USAGE);
-    }
-    
-    /**
-     * Check whether 'CRL Distribution Points' extension is present.
-     *
-     * @return bool
-     */
-    public function hasCRLDistributionPoints()
-    {
-        return $this->has(Extension::OID_CRL_DISTRIBUTION_POINTS);
-    }
-    
-    /**
-     * Get 'CRL Distribution Points' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\CRLDistributionPointsExtension
-     */
-    public function crlDistributionPoints()
-    {
-        return $this->get(Extension::OID_CRL_DISTRIBUTION_POINTS);
-    }
-    
-    /**
-     * Check whether 'Inhibit anyPolicy' extension is present.
-     *
-     * @return bool
-     */
-    public function hasInhibitAnyPolicy()
-    {
-        return $this->has(Extension::OID_INHIBIT_ANY_POLICY);
-    }
-    
-    /**
-     * Get 'Inhibit anyPolicy' extension.
-     *
-     * @throws \LogicException If extension is not present
-     * @return \X509\Certificate\Extension\InhibitAnyPolicyExtension
-     */
-    public function inhibitAnyPolicy()
-    {
-        return $this->get(Extension::OID_INHIBIT_ANY_POLICY);
-    }
-    
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count()
-    {
-        return count($this->_extensions);
-    }
-    
-    /**
-     * Get iterator for extensions.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \Traversable
-     */
-    public function getIterator()
-    {
-        return new \ArrayIterator($this->_extensions);
-    }
+	/**
+	 * Extensions.
+	 *
+	 * @var Extension[] $_extensions
+	 */
+	protected $_extensions;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Extension ...$extensions Extension objects
+	 */
+	public function __construct(Extension ...$extensions)
+	{
+		$this->_extensions = array();
+		foreach ($extensions as $ext) {
+			$this->_extensions[$ext->oid()] = $ext;
+		}
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq)
+	{
+		$extensions = array_map(
+			function (UnspecifiedType $el) {
+				return Extension::fromASN1($el->asSequence());
+			}, $seq->elements());
+		return new self(...$extensions);
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1()
+	{
+		$elements = array_values(
+			array_map(
+				function ($ext) {
+					return $ext->toASN1();
+				}, $this->_extensions));
+		return new Sequence(...$elements);
+	}
+    
+	/**
+	 * Get self with extensions added.
+	 *
+	 * @param Extension ...$ext One or more extensions to add
+	 * @return self
+	 */
+	public function withExtensions(Extension ...$exts)
+	{
+		$obj = clone $this;
+		foreach ($exts as $ext) {
+			$obj->_extensions[$ext->oid()] = $ext;
+		}
+		return $obj;
+	}
+    
+	/**
+	 * Check whether extension is present.
+	 *
+	 * @param string $oid Extensions OID
+	 * @return bool
+	 */
+	public function has($oid)
+	{
+		return isset($this->_extensions[$oid]);
+	}
+    
+	/**
+	 * Get extension by OID.
+	 *
+	 * @param string $oid
+	 * @throws \LogicException If extension is not present
+	 * @return Extension
+	 */
+	public function get($oid)
+	{
+		if (!$this->has($oid)) {
+			throw new \LogicException("No extension by OID $oid.");
+		}
+		return $this->_extensions[$oid];
+	}
+    
+	/**
+	 * Check whether 'Authority Key Identifier' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthorityKeyIdentifier()
+	{
+		return $this->has(Extension::OID_AUTHORITY_KEY_IDENTIFIER);
+	}
+    
+	/**
+	 * Get 'Authority Key Identifier' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\AuthorityKeyIdentifierExtension
+	 */
+	public function authorityKeyIdentifier()
+	{
+		return $this->get(Extension::OID_AUTHORITY_KEY_IDENTIFIER);
+	}
+    
+	/**
+	 * Check whether 'Subject Key Identifier' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSubjectKeyIdentifier()
+	{
+		return $this->has(Extension::OID_SUBJECT_KEY_IDENTIFIER);
+	}
+    
+	/**
+	 * Get 'Subject Key Identifier' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\SubjectKeyIdentifierExtension
+	 */
+	public function subjectKeyIdentifier()
+	{
+		return $this->get(Extension::OID_SUBJECT_KEY_IDENTIFIER);
+	}
+    
+	/**
+	 * Check whether 'Key Usage' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasKeyUsage()
+	{
+		return $this->has(Extension::OID_KEY_USAGE);
+	}
+    
+	/**
+	 * Get 'Key Usage' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\KeyUsageExtension
+	 */
+	public function keyUsage()
+	{
+		return $this->get(Extension::OID_KEY_USAGE);
+	}
+    
+	/**
+	 * Check whether 'Certificate Policies' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasCertificatePolicies()
+	{
+		return $this->has(Extension::OID_CERTIFICATE_POLICIES);
+	}
+    
+	/**
+	 * Get 'Certificate Policies' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\CertificatePoliciesExtension
+	 */
+	public function certificatePolicies()
+	{
+		return $this->get(Extension::OID_CERTIFICATE_POLICIES);
+	}
+    
+	/**
+	 * Check whether 'Policy Mappings' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPolicyMappings()
+	{
+		return $this->has(Extension::OID_POLICY_MAPPINGS);
+	}
+    
+	/**
+	 * Get 'Policy Mappings' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\PolicyMappingsExtension
+	 */
+	public function policyMappings()
+	{
+		return $this->get(Extension::OID_POLICY_MAPPINGS);
+	}
+    
+	/**
+	 * Check whether 'Subject Alternative Name' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSubjectAlternativeName()
+	{
+		return $this->has(Extension::OID_SUBJECT_ALT_NAME);
+	}
+    
+	/**
+	 * Get 'Subject Alternative Name' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\SubjectAlternativeNameExtension
+	 */
+	public function subjectAlternativeName()
+	{
+		return $this->get(Extension::OID_SUBJECT_ALT_NAME);
+	}
+    
+	/**
+	 * Check whether 'Issuer Alternative Name' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerAlternativeName()
+	{
+		return $this->has(Extension::OID_ISSUER_ALT_NAME);
+	}
+    
+	/**
+	 * Get 'Issuer Alternative Name' extension.
+	 *
+	 * @return \X509\Certificate\Extension\IssuerAlternativeNameExtension
+	 */
+	public function issuerAlternativeName()
+	{
+		return $this->get(Extension::OID_ISSUER_ALT_NAME);
+	}
+    
+	/**
+	 * Check whether 'Basic Constraints' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasBasicConstraints()
+	{
+		return $this->has(Extension::OID_BASIC_CONSTRAINTS);
+	}
+    
+	/**
+	 * Get 'Basic Constraints' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\BasicConstraintsExtension
+	 */
+	public function basicConstraints()
+	{
+		return $this->get(Extension::OID_BASIC_CONSTRAINTS);
+	}
+    
+	/**
+	 * Check whether 'Name Constraints' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasNameConstraints()
+	{
+		return $this->has(Extension::OID_NAME_CONSTRAINTS);
+	}
+    
+	/**
+	 * Get 'Name Constraints' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\NameConstraintsExtension
+	 */
+	public function nameConstraints()
+	{
+		return $this->get(Extension::OID_NAME_CONSTRAINTS);
+	}
+    
+	/**
+	 * Check whether 'Policy Constraints' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPolicyConstraints()
+	{
+		return $this->has(Extension::OID_POLICY_CONSTRAINTS);
+	}
+    
+	/**
+	 * Get 'Policy Constraints' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\PolicyConstraintsExtension
+	 */
+	public function policyConstraints()
+	{
+		return $this->get(Extension::OID_POLICY_CONSTRAINTS);
+	}
+    
+	/**
+	 * Check whether 'Extended Key Usage' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasExtendedKeyUsage()
+	{
+		return $this->has(Extension::OID_EXT_KEY_USAGE);
+	}
+    
+	/**
+	 * Get 'Extended Key Usage' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\ExtendedKeyUsageExtension
+	 */
+	public function extendedKeyUsage()
+	{
+		return $this->get(Extension::OID_EXT_KEY_USAGE);
+	}
+    
+	/**
+	 * Check whether 'CRL Distribution Points' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasCRLDistributionPoints()
+	{
+		return $this->has(Extension::OID_CRL_DISTRIBUTION_POINTS);
+	}
+    
+	/**
+	 * Get 'CRL Distribution Points' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\CRLDistributionPointsExtension
+	 */
+	public function crlDistributionPoints()
+	{
+		return $this->get(Extension::OID_CRL_DISTRIBUTION_POINTS);
+	}
+    
+	/**
+	 * Check whether 'Inhibit anyPolicy' extension is present.
+	 *
+	 * @return bool
+	 */
+	public function hasInhibitAnyPolicy()
+	{
+		return $this->has(Extension::OID_INHIBIT_ANY_POLICY);
+	}
+    
+	/**
+	 * Get 'Inhibit anyPolicy' extension.
+	 *
+	 * @throws \LogicException If extension is not present
+	 * @return \X509\Certificate\Extension\InhibitAnyPolicyExtension
+	 */
+	public function inhibitAnyPolicy()
+	{
+		return $this->get(Extension::OID_INHIBIT_ANY_POLICY);
+	}
+    
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count()
+	{
+		return count($this->_extensions);
+	}
+    
+	/**
+	 * Get iterator for extensions.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \Traversable
+	 */
+	public function getIterator()
+	{
+		return new \ArrayIterator($this->_extensions);
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -45,7 +45,7 @@ 
     public static function fromASN1(Sequence $seq)
     {
         $extensions = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return Extension::fromASN1($el->asSequence());
             }, $seq->elements());
         return new self(...$extensions);
@@ -60,7 +60,7 @@ 
     {
         $elements = array_values(
             array_map(
-                function ($ext) {
+                function($ext) {
                     return $ext->toASN1();
                 }, $this->_extensions));
         return new Sequence(...$elements);

lib/X509/Certificate/CertificateBundle.php

Indentation +189 added lines, -189 removed lines

@@ -10,208 +10,208 @@
  */
 class CertificateBundle implements \Countable, \IteratorAggregate
 {
-    /**
-     * Certificates.
-     *
-     * @var Certificate[] $_certs
-     */
-    protected $_certs;
+	/**
+	 * Certificates.
+	 *
+	 * @var Certificate[] $_certs
+	 */
+	protected $_certs;
     
-    /**
-     * Mapping from public key id to array of certificates.
-     *
-     * @var null|(Certificate[])[]
-     */
-    private $_keyIdMap;
+	/**
+	 * Mapping from public key id to array of certificates.
+	 *
+	 * @var null|(Certificate[])[]
+	 */
+	private $_keyIdMap;
     
-    /**
-     * Constructor.
-     *
-     * @param Certificate ...$certs Certificate objects
-     */
-    public function __construct(Certificate ...$certs)
-    {
-        $this->_certs = $certs;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Certificate ...$certs Certificate objects
+	 */
+	public function __construct(Certificate ...$certs)
+	{
+		$this->_certs = $certs;
+	}
     
-    /**
-     * Reset internal cached variables on clone.
-     */
-    public function __clone()
-    {
-        $this->_keyIdMap = null;
-    }
+	/**
+	 * Reset internal cached variables on clone.
+	 */
+	public function __clone()
+	{
+		$this->_keyIdMap = null;
+	}
     
-    /**
-     * Initialize from PEMs.
-     *
-     * @param PEM ...$pems PEM objects
-     * @return self
-     */
-    public static function fromPEMs(PEM ...$pems)
-    {
-        $certs = array_map(
-            function ($pem) {
-                return Certificate::fromPEM($pem);
-            }, $pems);
-        return new self(...$certs);
-    }
+	/**
+	 * Initialize from PEMs.
+	 *
+	 * @param PEM ...$pems PEM objects
+	 * @return self
+	 */
+	public static function fromPEMs(PEM ...$pems)
+	{
+		$certs = array_map(
+			function ($pem) {
+				return Certificate::fromPEM($pem);
+			}, $pems);
+		return new self(...$certs);
+	}
     
-    /**
-     * Initialize from PEM bundle.
-     *
-     * @param PEMBundle $pem_bundle
-     * @return self
-     */
-    public static function fromPEMBundle(PEMBundle $pem_bundle)
-    {
-        return self::fromPEMs(...$pem_bundle->all());
-    }
+	/**
+	 * Initialize from PEM bundle.
+	 *
+	 * @param PEMBundle $pem_bundle
+	 * @return self
+	 */
+	public static function fromPEMBundle(PEMBundle $pem_bundle)
+	{
+		return self::fromPEMs(...$pem_bundle->all());
+	}
     
-    /**
-     * Get self with certificates added.
-     *
-     * @param Certificate ...$cert
-     * @return self
-     */
-    public function withCertificates(Certificate ...$cert)
-    {
-        $obj = clone $this;
-        $obj->_certs = array_merge($obj->_certs, $cert);
-        return $obj;
-    }
+	/**
+	 * Get self with certificates added.
+	 *
+	 * @param Certificate ...$cert
+	 * @return self
+	 */
+	public function withCertificates(Certificate ...$cert)
+	{
+		$obj = clone $this;
+		$obj->_certs = array_merge($obj->_certs, $cert);
+		return $obj;
+	}
     
-    /**
-     * Get self with certificates from PEMBundle added.
-     *
-     * @param PEMBundle $pem_bundle
-     * @return self
-     */
-    public function withPEMBundle(PEMBundle $pem_bundle)
-    {
-        $certs = $this->_certs;
-        foreach ($pem_bundle as $pem) {
-            $certs[] = Certificate::fromPEM($pem);
-        }
-        return new self(...$certs);
-    }
+	/**
+	 * Get self with certificates from PEMBundle added.
+	 *
+	 * @param PEMBundle $pem_bundle
+	 * @return self
+	 */
+	public function withPEMBundle(PEMBundle $pem_bundle)
+	{
+		$certs = $this->_certs;
+		foreach ($pem_bundle as $pem) {
+			$certs[] = Certificate::fromPEM($pem);
+		}
+		return new self(...$certs);
+	}
     
-    /**
-     * Get self with single certificate from PEM added.
-     *
-     * @param PEM $pem
-     * @return self
-     */
-    public function withPEM(PEM $pem)
-    {
-        $certs = $this->_certs;
-        $certs[] = Certificate::fromPEM($pem);
-        return new self(...$certs);
-    }
+	/**
+	 * Get self with single certificate from PEM added.
+	 *
+	 * @param PEM $pem
+	 * @return self
+	 */
+	public function withPEM(PEM $pem)
+	{
+		$certs = $this->_certs;
+		$certs[] = Certificate::fromPEM($pem);
+		return new self(...$certs);
+	}
     
-    /**
-     * Check whether bundle contains a given certificate.
-     *
-     * @param Certificate $cert
-     * @return bool
-     */
-    public function contains(Certificate $cert)
-    {
-        $id = self::_getCertKeyId($cert);
-        $map = $this->_getKeyIdMap();
-        if (!isset($map[$id])) {
-            return false;
-        }
-        foreach ($map[$id] as $c) {
-            /** @var Certificate $c */
-            if ($cert->equals($c)) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether bundle contains a given certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return bool
+	 */
+	public function contains(Certificate $cert)
+	{
+		$id = self::_getCertKeyId($cert);
+		$map = $this->_getKeyIdMap();
+		if (!isset($map[$id])) {
+			return false;
+		}
+		foreach ($map[$id] as $c) {
+			/** @var Certificate $c */
+			if ($cert->equals($c)) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Get all certificates that have given subject key identifier.
-     *
-     * @param string $id
-     * @return Certificate[]
-     */
-    public function allBySubjectKeyIdentifier($id)
-    {
-        $map = $this->_getKeyIdMap();
-        if (!isset($map[$id])) {
-            return array();
-        }
-        return $map[$id];
-    }
+	/**
+	 * Get all certificates that have given subject key identifier.
+	 *
+	 * @param string $id
+	 * @return Certificate[]
+	 */
+	public function allBySubjectKeyIdentifier($id)
+	{
+		$map = $this->_getKeyIdMap();
+		if (!isset($map[$id])) {
+			return array();
+		}
+		return $map[$id];
+	}
     
-    /**
-     * Get all certificates in a bundle.
-     *
-     * @return Certificate[]
-     */
-    public function all()
-    {
-        return $this->_certs;
-    }
+	/**
+	 * Get all certificates in a bundle.
+	 *
+	 * @return Certificate[]
+	 */
+	public function all()
+	{
+		return $this->_certs;
+	}
     
-    /**
-     * Get certificate mapping by public key id.
-     *
-     * @return (Certificate[])[]
-     */
-    private function _getKeyIdMap()
-    {
-        // lazily build mapping
-        if (!isset($this->_keyIdMap)) {
-            $this->_keyIdMap = array();
-            foreach ($this->_certs as $cert) {
-                $id = self::_getCertKeyId($cert);
-                if (!isset($this->_keyIdMap[$id])) {
-                    $this->_keyIdMap[$id] = array();
-                }
-                array_push($this->_keyIdMap[$id], $cert);
-            }
-        }
-        return $this->_keyIdMap;
-    }
+	/**
+	 * Get certificate mapping by public key id.
+	 *
+	 * @return (Certificate[])[]
+	 */
+	private function _getKeyIdMap()
+	{
+		// lazily build mapping
+		if (!isset($this->_keyIdMap)) {
+			$this->_keyIdMap = array();
+			foreach ($this->_certs as $cert) {
+				$id = self::_getCertKeyId($cert);
+				if (!isset($this->_keyIdMap[$id])) {
+					$this->_keyIdMap[$id] = array();
+				}
+				array_push($this->_keyIdMap[$id], $cert);
+			}
+		}
+		return $this->_keyIdMap;
+	}
     
-    /**
-     * Get public key id for the certificate.
-     *
-     * @param Certificate $cert
-     * @return string
-     */
-    private static function _getCertKeyId(Certificate $cert)
-    {
-        $exts = $cert->tbsCertificate()->extensions();
-        if ($exts->hasSubjectKeyIdentifier()) {
-            return $exts->subjectKeyIdentifier()->keyIdentifier();
-        }
-        return $cert->tbsCertificate()
-            ->subjectPublicKeyInfo()
-            ->keyIdentifier();
-    }
+	/**
+	 * Get public key id for the certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return string
+	 */
+	private static function _getCertKeyId(Certificate $cert)
+	{
+		$exts = $cert->tbsCertificate()->extensions();
+		if ($exts->hasSubjectKeyIdentifier()) {
+			return $exts->subjectKeyIdentifier()->keyIdentifier();
+		}
+		return $cert->tbsCertificate()
+			->subjectPublicKeyInfo()
+			->keyIdentifier();
+	}
     
-    /**
-     *
-     * @see \Countable::count()
-     * @return int
-     */
-    public function count()
-    {
-        return count($this->_certs);
-    }
+	/**
+	 *
+	 * @see \Countable::count()
+	 * @return int
+	 */
+	public function count()
+	{
+		return count($this->_certs);
+	}
     
-    /**
-     * Get iterator for certificates.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator()
-    {
-        return new \ArrayIterator($this->_certs);
-    }
+	/**
+	 * Get iterator for certificates.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator()
+	{
+		return new \ArrayIterator($this->_certs);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -51,7 +51,7 @@
     public static function fromPEMs(PEM ...$pems)
     {
         $certs = array_map(
-            function ($pem) {
+            function($pem) {
                 return Certificate::fromPEM($pem);
             }, $pems);
         return new self(...$certs);

lib/X509/Certificate/Extension/PolicyConstraintsExtension.php

Indentation +111 added lines, -111 removed lines

@@ -14,123 +14,123 @@
  */
 class PolicyConstraintsExtension extends Extension
 {
-    /**
-     *
-     * @var int $_requireExplicitPolicy
-     */
-    protected $_requireExplicitPolicy;
+	/**
+	 *
+	 * @var int $_requireExplicitPolicy
+	 */
+	protected $_requireExplicitPolicy;
     
-    /**
-     *
-     * @var int $_inhibitPolicyMapping
-     */
-    protected $_inhibitPolicyMapping;
+	/**
+	 *
+	 * @var int $_inhibitPolicyMapping
+	 */
+	protected $_inhibitPolicyMapping;
     
-    /**
-     * Constructor.
-     *
-     * @param bool $critical
-     * @param int|null $require_explicit_policy
-     * @param int|null $inhibit_policy_mapping
-     */
-    public function __construct($critical, $require_explicit_policy = null,
-        $inhibit_policy_mapping = null)
-    {
-        parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
-        $this->_requireExplicitPolicy = $require_explicit_policy;
-        $this->_inhibitPolicyMapping = $inhibit_policy_mapping;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param bool $critical
+	 * @param int|null $require_explicit_policy
+	 * @param int|null $inhibit_policy_mapping
+	 */
+	public function __construct($critical, $require_explicit_policy = null,
+		$inhibit_policy_mapping = null)
+	{
+		parent::__construct(self::OID_POLICY_CONSTRAINTS, $critical);
+		$this->_requireExplicitPolicy = $require_explicit_policy;
+		$this->_inhibitPolicyMapping = $inhibit_policy_mapping;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return self
-     */
-    protected static function _fromDER($data, $critical)
-    {
-        $seq = Sequence::fromDER($data);
-        $require_explicit_policy = null;
-        $inhibit_policy_mapping = null;
-        if ($seq->hasTagged(0)) {
-            $require_explicit_policy = $seq->getTagged(0)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->number();
-        }
-        if ($seq->hasTagged(1)) {
-            $inhibit_policy_mapping = $seq->getTagged(1)
-                ->asImplicit(Element::TYPE_INTEGER)
-                ->asInteger()
-                ->number();
-        }
-        return new self($critical, $require_explicit_policy,
-            $inhibit_policy_mapping);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return self
+	 */
+	protected static function _fromDER($data, $critical)
+	{
+		$seq = Sequence::fromDER($data);
+		$require_explicit_policy = null;
+		$inhibit_policy_mapping = null;
+		if ($seq->hasTagged(0)) {
+			$require_explicit_policy = $seq->getTagged(0)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->number();
+		}
+		if ($seq->hasTagged(1)) {
+			$inhibit_policy_mapping = $seq->getTagged(1)
+				->asImplicit(Element::TYPE_INTEGER)
+				->asInteger()
+				->number();
+		}
+		return new self($critical, $require_explicit_policy,
+			$inhibit_policy_mapping);
+	}
     
-    /**
-     * Whether requireExplicitPolicy is present.
-     *
-     * @return bool
-     */
-    public function hasRequireExplicitPolicy()
-    {
-        return isset($this->_requireExplicitPolicy);
-    }
+	/**
+	 * Whether requireExplicitPolicy is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRequireExplicitPolicy()
+	{
+		return isset($this->_requireExplicitPolicy);
+	}
     
-    /**
-     * Get requireExplicitPolicy.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function requireExplicitPolicy()
-    {
-        if (!$this->hasRequireExplicitPolicy()) {
-            throw new \LogicException("requireExplicitPolicy not set.");
-        }
-        return $this->_requireExplicitPolicy;
-    }
+	/**
+	 * Get requireExplicitPolicy.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function requireExplicitPolicy()
+	{
+		if (!$this->hasRequireExplicitPolicy()) {
+			throw new \LogicException("requireExplicitPolicy not set.");
+		}
+		return $this->_requireExplicitPolicy;
+	}
     
-    /**
-     * Whether inhibitPolicyMapping is present.
-     *
-     * @return bool
-     */
-    public function hasInhibitPolicyMapping()
-    {
-        return isset($this->_inhibitPolicyMapping);
-    }
+	/**
+	 * Whether inhibitPolicyMapping is present.
+	 *
+	 * @return bool
+	 */
+	public function hasInhibitPolicyMapping()
+	{
+		return isset($this->_inhibitPolicyMapping);
+	}
     
-    /**
-     * Get inhibitPolicyMapping.
-     *
-     * @throws \LogicException
-     * @return int
-     */
-    public function inhibitPolicyMapping()
-    {
-        if (!$this->hasInhibitPolicyMapping()) {
-            throw new \LogicException("inhibitPolicyMapping not set.");
-        }
-        return $this->_inhibitPolicyMapping;
-    }
+	/**
+	 * Get inhibitPolicyMapping.
+	 *
+	 * @throws \LogicException
+	 * @return int
+	 */
+	public function inhibitPolicyMapping()
+	{
+		if (!$this->hasInhibitPolicyMapping()) {
+			throw new \LogicException("inhibitPolicyMapping not set.");
+		}
+		return $this->_inhibitPolicyMapping;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @return Sequence
-     */
-    protected function _valueASN1()
-    {
-        $elements = array();
-        if (isset($this->_requireExplicitPolicy)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                new Integer($this->_requireExplicitPolicy));
-        }
-        if (isset($this->_inhibitPolicyMapping)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                new Integer($this->_inhibitPolicyMapping));
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @return Sequence
+	 */
+	protected function _valueASN1()
+	{
+		$elements = array();
+		if (isset($this->_requireExplicitPolicy)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				new Integer($this->_requireExplicitPolicy));
+		}
+		if (isset($this->_inhibitPolicyMapping)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				new Integer($this->_inhibitPolicyMapping));
+		}
+		return new Sequence(...$elements);
+	}
 }