sop / x509

lib/X509/Feature/DateTimeHelper.php

Indentation +69 added lines, -69 removed lines

@@ -9,76 +9,76 @@
  */
 trait DateTimeHelper
 {
-    /**
-     * Create DateTime object from time string and timezone.
-     *
-     * @param null|string $time Time string, default to 'now'
-     * @param null|string $tz   Timezone, default if omitted
-     *
-     * @throws \RuntimeException
-     *
-     * @return \DateTimeImmutable
-     */
-    private static function _createDateTime(
-        ?string $time = null, ?string $tz = null): \DateTimeImmutable
-    {
-        if (!isset($time)) {
-            $time = 'now';
-        }
-        if (!isset($tz)) {
-            $tz = date_default_timezone_get();
-        }
-        try {
-            $dt = new \DateTimeImmutable($time, self::_createTimeZone($tz));
-            return self::_roundDownFractionalSeconds($dt);
-        } catch (\Exception $e) {
-            throw new \RuntimeException(
-                'Failed to create DateTime: ' .
-                     self::_getLastDateTimeImmutableErrorsStr(), 0, $e);
-        }
-    }
+	/**
+	 * Create DateTime object from time string and timezone.
+	 *
+	 * @param null|string $time Time string, default to 'now'
+	 * @param null|string $tz   Timezone, default if omitted
+	 *
+	 * @throws \RuntimeException
+	 *
+	 * @return \DateTimeImmutable
+	 */
+	private static function _createDateTime(
+		?string $time = null, ?string $tz = null): \DateTimeImmutable
+	{
+		if (!isset($time)) {
+			$time = 'now';
+		}
+		if (!isset($tz)) {
+			$tz = date_default_timezone_get();
+		}
+		try {
+			$dt = new \DateTimeImmutable($time, self::_createTimeZone($tz));
+			return self::_roundDownFractionalSeconds($dt);
+		} catch (\Exception $e) {
+			throw new \RuntimeException(
+				'Failed to create DateTime: ' .
+					 self::_getLastDateTimeImmutableErrorsStr(), 0, $e);
+		}
+	}
 
-    /**
-     * Rounds a \DateTimeImmutable value such that fractional
-     * seconds are removed.
-     *
-     * @param \DateTimeImmutable $dt
-     *
-     * @return \DateTimeImmutable
-     */
-    private static function _roundDownFractionalSeconds(
-        \DateTimeImmutable $dt): \DateTimeImmutable
-    {
-        return \DateTimeImmutable::createFromFormat('Y-m-d H:i:s',
-            $dt->format('Y-m-d H:i:s'), $dt->getTimezone());
-    }
+	/**
+	 * Rounds a \DateTimeImmutable value such that fractional
+	 * seconds are removed.
+	 *
+	 * @param \DateTimeImmutable $dt
+	 *
+	 * @return \DateTimeImmutable
+	 */
+	private static function _roundDownFractionalSeconds(
+		\DateTimeImmutable $dt): \DateTimeImmutable
+	{
+		return \DateTimeImmutable::createFromFormat('Y-m-d H:i:s',
+			$dt->format('Y-m-d H:i:s'), $dt->getTimezone());
+	}
 
-    /**
-     * Create DateTimeZone object from string.
-     *
-     * @param string $tz
-     *
-     * @throws \UnexpectedValueException
-     *
-     * @return \DateTimeZone
-     */
-    private static function _createTimeZone(string $tz): \DateTimeZone
-    {
-        try {
-            return new \DateTimeZone($tz);
-        } catch (\Exception $e) {
-            throw new \UnexpectedValueException('Invalid timezone.', 0, $e);
-        }
-    }
+	/**
+	 * Create DateTimeZone object from string.
+	 *
+	 * @param string $tz
+	 *
+	 * @throws \UnexpectedValueException
+	 *
+	 * @return \DateTimeZone
+	 */
+	private static function _createTimeZone(string $tz): \DateTimeZone
+	{
+		try {
+			return new \DateTimeZone($tz);
+		} catch (\Exception $e) {
+			throw new \UnexpectedValueException('Invalid timezone.', 0, $e);
+		}
+	}
 
-    /**
-     * Get last error caused by DateTimeImmutable.
-     *
-     * @return string
-     */
-    private static function _getLastDateTimeImmutableErrorsStr(): string
-    {
-        $errors = \DateTimeImmutable::getLastErrors()['errors'];
-        return implode(', ', $errors);
-    }
+	/**
+	 * Get last error caused by DateTimeImmutable.
+	 *
+	 * @return string
+	 */
+	private static function _getLastDateTimeImmutableErrorsStr(): string
+	{
+		$errors = \DateTimeImmutable::getLastErrors()['errors'];
+		return implode(', ', $errors);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\X509\Feature;
 

lib/X509/Feature/AttributeContainer.php

Indentation +132 added lines, -132 removed lines

@@ -14,145 +14,145 @@
  */
 trait AttributeContainer
 {
-    /**
-     * Array of attributes.
-     *
-     * @var Attribute[]
-     */
-    protected $_attributes;
+	/**
+	 * Array of attributes.
+	 *
+	 * @var Attribute[]
+	 */
+	protected $_attributes;
 
-    /**
-     * Check whether attribute is present.
-     *
-     * @param string $name OID or attribute name
-     *
-     * @return bool
-     */
-    public function has(string $name): bool
-    {
-        return null !== $this->_findFirst($name);
-    }
+	/**
+	 * Check whether attribute is present.
+	 *
+	 * @param string $name OID or attribute name
+	 *
+	 * @return bool
+	 */
+	public function has(string $name): bool
+	{
+		return null !== $this->_findFirst($name);
+	}
 
-    /**
-     * Get first attribute by OID or attribute name.
-     *
-     * @param string $name OID or attribute name
-     *
-     * @throws \OutOfBoundsException
-     *
-     * @return Attribute
-     */
-    public function firstOf(string $name): Attribute
-    {
-        $attr = $this->_findFirst($name);
-        if (!$attr) {
-            throw new \UnexpectedValueException("No {$name} attribute.");
-        }
-        return $attr;
-    }
+	/**
+	 * Get first attribute by OID or attribute name.
+	 *
+	 * @param string $name OID or attribute name
+	 *
+	 * @throws \OutOfBoundsException
+	 *
+	 * @return Attribute
+	 */
+	public function firstOf(string $name): Attribute
+	{
+		$attr = $this->_findFirst($name);
+		if (!$attr) {
+			throw new \UnexpectedValueException("No {$name} attribute.");
+		}
+		return $attr;
+	}
 
-    /**
-     * Get all attributes of given name.
-     *
-     * @param string $name OID or attribute name
-     *
-     * @return Attribute[]
-     */
-    public function allOf(string $name): array
-    {
-        $oid = AttributeType::attrNameToOID($name);
-        $attrs = array_filter($this->_attributes,
-            function (Attribute $attr) use ($oid) {
-                return $attr->oid() === $oid;
-            });
-        return array_values($attrs);
-    }
+	/**
+	 * Get all attributes of given name.
+	 *
+	 * @param string $name OID or attribute name
+	 *
+	 * @return Attribute[]
+	 */
+	public function allOf(string $name): array
+	{
+		$oid = AttributeType::attrNameToOID($name);
+		$attrs = array_filter($this->_attributes,
+			function (Attribute $attr) use ($oid) {
+				return $attr->oid() === $oid;
+			});
+		return array_values($attrs);
+	}
 
-    /**
-     * Get all attributes.
-     *
-     * @return Attribute[]
-     */
-    public function all(): array
-    {
-        return $this->_attributes;
-    }
+	/**
+	 * Get all attributes.
+	 *
+	 * @return Attribute[]
+	 */
+	public function all(): array
+	{
+		return $this->_attributes;
+	}
 
-    /**
-     * Get self with additional attributes added.
-     *
-     * @param Attribute ...$attribs
-     *
-     * @return self
-     */
-    public function withAdditional(Attribute ...$attribs): self
-    {
-        $obj = clone $this;
-        foreach ($attribs as $attr) {
-            $obj->_attributes[] = $attr;
-        }
-        return $obj;
-    }
+	/**
+	 * Get self with additional attributes added.
+	 *
+	 * @param Attribute ...$attribs
+	 *
+	 * @return self
+	 */
+	public function withAdditional(Attribute ...$attribs): self
+	{
+		$obj = clone $this;
+		foreach ($attribs as $attr) {
+			$obj->_attributes[] = $attr;
+		}
+		return $obj;
+	}
 
-    /**
-     * Get self with single unique attribute added.
-     *
-     * All previous attributes of the same type are removed.
-     *
-     * @param Attribute $attr
-     *
-     * @return self
-     */
-    public function withUnique(Attribute $attr): self
-    {
-        $obj = clone $this;
-        $obj->_attributes = array_filter($obj->_attributes,
-            function (Attribute $a) use ($attr) {
-                return $a->oid() !== $attr->oid();
-            });
-        $obj->_attributes[] = $attr;
-        return $obj;
-    }
+	/**
+	 * Get self with single unique attribute added.
+	 *
+	 * All previous attributes of the same type are removed.
+	 *
+	 * @param Attribute $attr
+	 *
+	 * @return self
+	 */
+	public function withUnique(Attribute $attr): self
+	{
+		$obj = clone $this;
+		$obj->_attributes = array_filter($obj->_attributes,
+			function (Attribute $a) use ($attr) {
+				return $a->oid() !== $attr->oid();
+			});
+		$obj->_attributes[] = $attr;
+		return $obj;
+	}
 
-    /**
-     * Get number of attributes.
-     *
-     * @see \Countable::count()
-     *
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_attributes);
-    }
+	/**
+	 * Get number of attributes.
+	 *
+	 * @see \Countable::count()
+	 *
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_attributes);
+	}
 
-    /**
-     * Get iterator for attributes.
-     *
-     * @see \IteratorAggregate::getIterator()
-     *
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_attributes);
-    }
+	/**
+	 * Get iterator for attributes.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 *
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_attributes);
+	}
 
-    /**
-     * Find first attribute of given name or OID.
-     *
-     * @param string $name
-     *
-     * @return null|Attribute
-     */
-    protected function _findFirst(string $name): ?Attribute
-    {
-        $oid = AttributeType::attrNameToOID($name);
-        foreach ($this->_attributes as $attr) {
-            if ($attr->oid() === $oid) {
-                return $attr;
-            }
-        }
-        return null;
-    }
+	/**
+	 * Find first attribute of given name or OID.
+	 *
+	 * @param string $name
+	 *
+	 * @return null|Attribute
+	 */
+	protected function _findFirst(string $name): ?Attribute
+	{
+		$oid = AttributeType::attrNameToOID($name);
+		foreach ($this->_attributes as $attr) {
+			if ($attr->oid() === $oid) {
+				return $attr;
+			}
+		}
+		return null;
+	}
 }

Spacing +3 added lines, -3 removed lines

@@ -1,6 +1,6 @@ 
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\X509\Feature;
 
@@ -62,7 +62,7 @@ 
     {
         $oid = AttributeType::attrNameToOID($name);
         $attrs = array_filter($this->_attributes,
-            function (Attribute $attr) use ($oid) {
+            function(Attribute $attr) use ($oid) {
                 return $attr->oid() === $oid;
             });
         return array_values($attrs);
@@ -107,7 +107,7 @@ 
     {
         $obj = clone $this;
         $obj->_attributes = array_filter($obj->_attributes,
-            function (Attribute $a) use ($attr) {
+            function(Attribute $a) use ($attr) {
                 return $a->oid() !== $attr->oid();
             });
         $obj->_attributes[] = $attr;

examples/create-csr.php

Indentation +2 added lines, -2 removed lines

@@ -18,7 +18,7 @@ 
 
 // load EC private key from PEM
 $private_key_info = PrivateKeyInfo::fromPEM(
-    PEM::fromFile(dirname(__DIR__) . '/test/assets/ec/private_key.pem'));
+	PEM::fromFile(dirname(__DIR__) . '/test/assets/ec/private_key.pem'));
 // extract public key from private key
 $public_key_info = $private_key_info->publicKeyInfo();
 // DN of the subject
@@ -27,6 +27,6 @@ 
 $cri = new CertificationRequestInfo($subject, $public_key_info);
 // sign certificate request with private key
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
-    $private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
+	$private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
 $csr = $cri->sign($algo, $private_key_info);
 echo $csr;

Spacing +1 added lines, -1 removed lines

@@ -5,7 +5,7 @@
  * php create-csr.php
  */
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 use Sop\CryptoEncoding\PEM;
 use Sop\CryptoTypes\AlgorithmIdentifier\Hash\SHA256AlgorithmIdentifier;

examples/path-validate.php

Spacing +1 added lines, -1 removed lines

@@ -5,7 +5,7 @@
  * php path-validate.php
  */
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 use Sop\CryptoEncoding\PEM;
 use Sop\X509\Certificate\Certificate;

examples/ac-example.php

Indentation +68 added lines, -68 removed lines

@@ -38,106 +38,106 @@ 
 
 // CA private key
 openssl_pkey_export(
-    openssl_pkey_new(
-        ['private_key_type' => OPENSSL_KEYTYPE_RSA,
-            'private_key_bits' => 2048, ]), $pkey);
+	openssl_pkey_new(
+		['private_key_type' => OPENSSL_KEYTYPE_RSA,
+			'private_key_bits' => 2048, ]), $pkey);
 $ca_private_key = PrivateKeyInfo::fromPEM(PEM::fromString($pkey));
 // Issuer private key
 openssl_pkey_export(
-    openssl_pkey_new(
-        ['private_key_type' => OPENSSL_KEYTYPE_RSA,
-            'private_key_bits' => 2048, ]), $pkey);
+	openssl_pkey_new(
+		['private_key_type' => OPENSSL_KEYTYPE_RSA,
+			'private_key_bits' => 2048, ]), $pkey);
 $issuer_private_key = PrivateKeyInfo::fromPEM(PEM::fromString($pkey));
 // Holder private key
 openssl_pkey_export(
-    openssl_pkey_new(
-        ['private_key_type' => OPENSSL_KEYTYPE_RSA,
-            'private_key_bits' => 2048, ]), $pkey);
+	openssl_pkey_new(
+		['private_key_type' => OPENSSL_KEYTYPE_RSA,
+			'private_key_bits' => 2048, ]), $pkey);
 $holder_private_key = PrivateKeyInfo::fromPEM(PEM::fromString($pkey));
 
 // create trust anchor certificate (self signed)
 $tbs_cert = new TBSCertificate(
-    Name::fromString('cn=CA'),
-    $ca_private_key->publicKeyInfo(),
-    Name::fromString('cn=CA'),
-    Validity::fromStrings('now', 'now + 1 year'));
+	Name::fromString('cn=CA'),
+	$ca_private_key->publicKeyInfo(),
+	Name::fromString('cn=CA'),
+	Validity::fromStrings('now', 'now + 1 year'));
 $tbs_cert = $tbs_cert->withRandomSerialNumber()
-    ->withAdditionalExtensions(
-        new BasicConstraintsExtension(true, true),
-        new SubjectKeyIdentifierExtension(false,
-            $ca_private_key->publicKeyInfo()->keyIdentifier()),
-        new KeyUsageExtension(true,
-            KeyUsageExtension::DIGITAL_SIGNATURE |
-            KeyUsageExtension::KEY_CERT_SIGN));
+	->withAdditionalExtensions(
+		new BasicConstraintsExtension(true, true),
+		new SubjectKeyIdentifierExtension(false,
+			$ca_private_key->publicKeyInfo()->keyIdentifier()),
+		new KeyUsageExtension(true,
+			KeyUsageExtension::DIGITAL_SIGNATURE |
+			KeyUsageExtension::KEY_CERT_SIGN));
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
-    $ca_private_key->algorithmIdentifier(),
-    new SHA256AlgorithmIdentifier());
+	$ca_private_key->algorithmIdentifier(),
+	new SHA256AlgorithmIdentifier());
 $ca_cert = $tbs_cert->sign($algo, $ca_private_key);
 
 // create AC issuer certificate
 $tbs_cert = new TBSCertificate(
-    Name::fromString('cn=Issuer'),
-    $issuer_private_key->publicKeyInfo(),
-    new Name(),
-    Validity::fromStrings('now', 'now + 6 months'));
+	Name::fromString('cn=Issuer'),
+	$issuer_private_key->publicKeyInfo(),
+	new Name(),
+	Validity::fromStrings('now', 'now + 6 months'));
 $tbs_cert = $tbs_cert->withIssuerCertificate($ca_cert)
-    ->withRandomSerialNumber()
-    ->withAdditionalExtensions(
-        // issuer must not be a CA
-        new BasicConstraintsExtension(true, false),
-        new KeyUsageExtension(true,
-            KeyUsageExtension::DIGITAL_SIGNATURE |
-             KeyUsageExtension::KEY_ENCIPHERMENT));
+	->withRandomSerialNumber()
+	->withAdditionalExtensions(
+		// issuer must not be a CA
+		new BasicConstraintsExtension(true, false),
+		new KeyUsageExtension(true,
+			KeyUsageExtension::DIGITAL_SIGNATURE |
+			 KeyUsageExtension::KEY_ENCIPHERMENT));
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
-    $ca_private_key->algorithmIdentifier(),
-    new SHA256AlgorithmIdentifier());
+	$ca_private_key->algorithmIdentifier(),
+	new SHA256AlgorithmIdentifier());
 $issuer_cert = $tbs_cert->sign($algo, $ca_private_key);
 
 // create AC holder certificate
 $tbs_cert = new TBSCertificate(
-    Name::fromString('cn=Holder, gn=John, sn=Doe'),
-    $holder_private_key->publicKeyInfo(),
-    new Name(),
-    Validity::fromStrings('now', 'now + 6 months'));
+	Name::fromString('cn=Holder, gn=John, sn=Doe'),
+	$holder_private_key->publicKeyInfo(),
+	new Name(),
+	Validity::fromStrings('now', 'now + 6 months'));
 $tbs_cert = $tbs_cert->withIssuerCertificate($ca_cert)
-    ->withRandomSerialNumber()
-    ->withAdditionalExtensions(
-        new BasicConstraintsExtension(true, false),
-        new KeyUsageExtension(true,
-            KeyUsageExtension::DIGITAL_SIGNATURE |
-             KeyUsageExtension::KEY_ENCIPHERMENT));
+	->withRandomSerialNumber()
+	->withAdditionalExtensions(
+		new BasicConstraintsExtension(true, false),
+		new KeyUsageExtension(true,
+			KeyUsageExtension::DIGITAL_SIGNATURE |
+			 KeyUsageExtension::KEY_ENCIPHERMENT));
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
-    $ca_private_key->algorithmIdentifier(),
-    new SHA256AlgorithmIdentifier());
+	$ca_private_key->algorithmIdentifier(),
+	new SHA256AlgorithmIdentifier());
 $holder_cert = $tbs_cert->sign($algo, $ca_private_key);
 
 // named authority that grants the attributes
 $authority = new GeneralNames(
-    new UniformResourceIdentifier('uri:trusted_authority'));
+	new UniformResourceIdentifier('uri:trusted_authority'));
 // role attribute
 $attribs = new Attributes(
-    Attribute::fromAttributeValues(
-        RoleAttributeValue::fromString('role-name', $authority)));
+	Attribute::fromAttributeValues(
+		RoleAttributeValue::fromString('role-name', $authority)));
 $aci = new AttributeCertificateInfo(
-    // holder is identified by the holder's public key certificate
-    new Holder(IssuerSerial::fromPKC($holder_cert)),
-    AttCertIssuer::fromPKC($issuer_cert),
-    AttCertValidityPeriod::fromStrings('now - 1 hour', 'now + 3 months'),
-    $attribs);
+	// holder is identified by the holder's public key certificate
+	new Holder(IssuerSerial::fromPKC($holder_cert)),
+	AttCertIssuer::fromPKC($issuer_cert),
+	AttCertValidityPeriod::fromStrings('now - 1 hour', 'now + 3 months'),
+	$attribs);
 $aci = $aci->withRandomSerialNumber()
-    ->withAdditionalExtensions(
-        // named target identifier
-        TargetInformationExtension::fromTargets(
-            new TargetName(
-                new UniformResourceIdentifier('uri:target_identifier'))),
-        // key identifier of the AC issuer
-        new AuthorityKeyIdentifierExtension(false,
-            $issuer_cert->tbsCertificate()
-                ->subjectPublicKeyInfo()
-                ->keyIdentifier()));
+	->withAdditionalExtensions(
+		// named target identifier
+		TargetInformationExtension::fromTargets(
+			new TargetName(
+				new UniformResourceIdentifier('uri:target_identifier'))),
+		// key identifier of the AC issuer
+		new AuthorityKeyIdentifierExtension(false,
+			$issuer_cert->tbsCertificate()
+				->subjectPublicKeyInfo()
+				->keyIdentifier()));
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
-    $issuer_private_key->algorithmIdentifier(),
-    new SHA256AlgorithmIdentifier());
+	$issuer_private_key->algorithmIdentifier(),
+	new SHA256AlgorithmIdentifier());
 $ac = $aci->sign($algo, $issuer_private_key);
 
 // validate AC
@@ -149,7 +149,7 @@ 
 $validator_config = $validator_config->withTargets($target);
 $validator = new ACValidator($ac, $validator_config);
 if ($validator->validate()) {
-    fprintf(STDERR, "AC validation succeeded.\n");
+	fprintf(STDERR, "AC validation succeeded.\n");
 }
 
 fprintf(STDERR, "Root certificate:\n");

Spacing +1 added lines, -1 removed lines

@@ -5,7 +5,7 @@
  * php ac-example.php
  */
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 use Sop\CryptoEncoding\PEM;
 use Sop\CryptoTypes\AlgorithmIdentifier\Hash\SHA256AlgorithmIdentifier;

examples/issue-cert.php

Indentation +9 added lines, -9 removed lines

@@ -27,27 +27,27 @@
 $csr = CertificationRequest::fromPEM(PEM::fromFile($argv[2]));
 // verify CSR
 if (!$csr->verify()) {
-    echo "Failed to verify certification request signature.\n";
-    exit(1);
+	echo "Failed to verify certification request signature.\n";
+	exit(1);
 }
 // load CA's private key from PEM
 $private_key_info = PrivateKeyInfo::fromPEM(
-    PEM::fromFile(dirname(__DIR__) . '/test/assets/rsa/private_key.pem'));
+	PEM::fromFile(dirname(__DIR__) . '/test/assets/rsa/private_key.pem'));
 // initialize certificate from CSR and issuer's certificate
 $tbs_cert = TBSCertificate::fromCSR($csr)->withIssuerCertificate($issuer_cert);
 // set random serial number
 $tbs_cert = $tbs_cert->withRandomSerialNumber();
 // set validity period
 $tbs_cert = $tbs_cert->withValidity(
-    Validity::fromStrings('now', 'now + 3 months'));
+	Validity::fromStrings('now', 'now + 3 months'));
 // add extensions
 $tbs_cert = $tbs_cert->withAdditionalExtensions(
-    new KeyUsageExtension(true,
-        KeyUsageExtension::DIGITAL_SIGNATURE |
-             KeyUsageExtension::KEY_ENCIPHERMENT),
-    new BasicConstraintsExtension(true, false));
+	new KeyUsageExtension(true,
+		KeyUsageExtension::DIGITAL_SIGNATURE |
+			 KeyUsageExtension::KEY_ENCIPHERMENT),
+	new BasicConstraintsExtension(true, false));
 // sign certificate with issuer's private key
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
-    $private_key_info->algorithmIdentifier(), new SHA512AlgorithmIdentifier());
+	$private_key_info->algorithmIdentifier(), new SHA512AlgorithmIdentifier());
 $cert = $tbs_cert->sign($algo, $private_key_info);
 echo $cert;

Spacing +1 added lines, -1 removed lines

@@ -5,7 +5,7 @@
  * php issue-cert.php <(php create-ca-cert.php) <(php create-csr.php)
  */
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 use Sop\CryptoEncoding\PEM;
 use Sop\CryptoTypes\AlgorithmIdentifier\Hash\SHA512AlgorithmIdentifier;

examples/create-ca-cert.php

Indentation +6 added lines, -6 removed lines

@@ -22,7 +22,7 @@ 
 
 // load RSA private key from PEM
 $private_key_info = PrivateKeyInfo::fromPEM(
-    PEM::fromFile(dirname(__DIR__) . '/test/assets/rsa/private_key.pem'));
+	PEM::fromFile(dirname(__DIR__) . '/test/assets/rsa/private_key.pem'));
 // extract public key from private key
 $public_key_info = $private_key_info->publicKeyInfo();
 // DN of the certification authority
@@ -32,12 +32,12 @@ 
 // create "to be signed" certificate object with extensions
 $tbs_cert = new TBSCertificate($name, $public_key_info, $name, $validity);
 $tbs_cert = $tbs_cert->withRandomSerialNumber()->withAdditionalExtensions(
-    new BasicConstraintsExtension(true, true),
-    new SubjectKeyIdentifierExtension(false, $public_key_info->keyIdentifier()),
-    new KeyUsageExtension(true,
-        KeyUsageExtension::DIGITAL_SIGNATURE | KeyUsageExtension::KEY_CERT_SIGN));
+	new BasicConstraintsExtension(true, true),
+	new SubjectKeyIdentifierExtension(false, $public_key_info->keyIdentifier()),
+	new KeyUsageExtension(true,
+		KeyUsageExtension::DIGITAL_SIGNATURE | KeyUsageExtension::KEY_CERT_SIGN));
 // sign certificate with private key
 $algo = SignatureAlgorithmIdentifierFactory::algoForAsymmetricCrypto(
-    $private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
+	$private_key_info->algorithmIdentifier(), new SHA256AlgorithmIdentifier());
 $cert = $tbs_cert->sign($algo, $private_key_info);
 echo $cert;

Spacing +1 added lines, -1 removed lines

@@ -5,7 +5,7 @@
  * php create-ca-cert.php
  */
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 use Sop\CryptoEncoding\PEM;
 use Sop\CryptoTypes\AlgorithmIdentifier\Hash\SHA256AlgorithmIdentifier;

lib/X509/AttributeCertificate/IssuerSerial.php

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\X509\AttributeCertificate;
 

Indentation +169 added lines, -169 removed lines

@@ -19,173 +19,173 @@
  */
 class IssuerSerial
 {
-    /**
-     * Issuer name.
-     *
-     * @var GeneralNames
-     */
-    protected $_issuer;
-
-    /**
-     * Serial number as a base 10 integer.
-     *
-     * @var string
-     */
-    protected $_serial;
-
-    /**
-     * Issuer unique ID.
-     *
-     * @var null|UniqueIdentifier
-     */
-    protected $_issuerUID;
-
-    /**
-     * Constructor.
-     *
-     * @param GeneralNames          $issuer
-     * @param int|string            $serial
-     * @param null|UniqueIdentifier $uid
-     */
-    public function __construct(GeneralNames $issuer, $serial,
-        ?UniqueIdentifier $uid = null)
-    {
-        $this->_issuer = $issuer;
-        $this->_serial = strval($serial);
-        $this->_issuerUID = $uid;
-    }
-
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     *
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): IssuerSerial
-    {
-        $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
-        $serial = $seq->at(1)->asInteger()->number();
-        $uid = null;
-        if ($seq->has(2, Element::TYPE_BIT_STRING)) {
-            $uid = UniqueIdentifier::fromASN1($seq->at(2)->asBitString());
-        }
-        return new self($issuer, $serial, $uid);
-    }
-
-    /**
-     * Initialize from a public key certificate.
-     *
-     * @param Certificate $cert
-     *
-     * @return self
-     */
-    public static function fromPKC(Certificate $cert): IssuerSerial
-    {
-        $tbsCert = $cert->tbsCertificate();
-        $issuer = new GeneralNames(new DirectoryName($tbsCert->issuer()));
-        $serial = $tbsCert->serialNumber();
-        $uid = $tbsCert->hasIssuerUniqueID() ? $tbsCert->issuerUniqueID() : null;
-        return new self($issuer, $serial, $uid);
-    }
-
-    /**
-     * Get issuer name.
-     *
-     * @return GeneralNames
-     */
-    public function issuer(): GeneralNames
-    {
-        return $this->_issuer;
-    }
-
-    /**
-     * Get serial number.
-     *
-     * @return string
-     */
-    public function serial(): string
-    {
-        return $this->_serial;
-    }
-
-    /**
-     * Check whether issuer unique identifier is present.
-     *
-     * @return bool
-     */
-    public function hasIssuerUID(): bool
-    {
-        return isset($this->_issuerUID);
-    }
-
-    /**
-     * Get issuer unique identifier.
-     *
-     * @throws \LogicException If not set
-     *
-     * @return UniqueIdentifier
-     */
-    public function issuerUID(): UniqueIdentifier
-    {
-        if (!$this->hasIssuerUID()) {
-            throw new \LogicException('issuerUID not set.');
-        }
-        return $this->_issuerUID;
-    }
-
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = [$this->_issuer->toASN1(), new Integer($this->_serial)];
-        if (isset($this->_issuerUID)) {
-            $elements[] = $this->_issuerUID->toASN1();
-        }
-        return new Sequence(...$elements);
-    }
-
-    /**
-     * Check whether this IssuerSerial identifies given certificate.
-     *
-     * @param Certificate $cert
-     *
-     * @return bool
-     */
-    public function identifiesPKC(Certificate $cert): bool
-    {
-        $tbs = $cert->tbsCertificate();
-        if (!$tbs->issuer()->equals($this->_issuer->firstDN())) {
-            return false;
-        }
-        if ($tbs->serialNumber() !== $this->_serial) {
-            return false;
-        }
-        if ($this->_issuerUID && !$this->_checkUniqueID($cert)) {
-            return false;
-        }
-        return true;
-    }
-
-    /**
-     * Check whether issuerUID matches given certificate.
-     *
-     * @param Certificate $cert
-     *
-     * @return bool
-     */
-    private function _checkUniqueID(Certificate $cert): bool
-    {
-        if (!$cert->tbsCertificate()->hasIssuerUniqueID()) {
-            return false;
-        }
-        $uid = $cert->tbsCertificate()->issuerUniqueID()->string();
-        if ($this->_issuerUID->string() !== $uid) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 * Issuer name.
+	 *
+	 * @var GeneralNames
+	 */
+	protected $_issuer;
+
+	/**
+	 * Serial number as a base 10 integer.
+	 *
+	 * @var string
+	 */
+	protected $_serial;
+
+	/**
+	 * Issuer unique ID.
+	 *
+	 * @var null|UniqueIdentifier
+	 */
+	protected $_issuerUID;
+
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralNames          $issuer
+	 * @param int|string            $serial
+	 * @param null|UniqueIdentifier $uid
+	 */
+	public function __construct(GeneralNames $issuer, $serial,
+		?UniqueIdentifier $uid = null)
+	{
+		$this->_issuer = $issuer;
+		$this->_serial = strval($serial);
+		$this->_issuerUID = $uid;
+	}
+
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 *
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): IssuerSerial
+	{
+		$issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
+		$serial = $seq->at(1)->asInteger()->number();
+		$uid = null;
+		if ($seq->has(2, Element::TYPE_BIT_STRING)) {
+			$uid = UniqueIdentifier::fromASN1($seq->at(2)->asBitString());
+		}
+		return new self($issuer, $serial, $uid);
+	}
+
+	/**
+	 * Initialize from a public key certificate.
+	 *
+	 * @param Certificate $cert
+	 *
+	 * @return self
+	 */
+	public static function fromPKC(Certificate $cert): IssuerSerial
+	{
+		$tbsCert = $cert->tbsCertificate();
+		$issuer = new GeneralNames(new DirectoryName($tbsCert->issuer()));
+		$serial = $tbsCert->serialNumber();
+		$uid = $tbsCert->hasIssuerUniqueID() ? $tbsCert->issuerUniqueID() : null;
+		return new self($issuer, $serial, $uid);
+	}
+
+	/**
+	 * Get issuer name.
+	 *
+	 * @return GeneralNames
+	 */
+	public function issuer(): GeneralNames
+	{
+		return $this->_issuer;
+	}
+
+	/**
+	 * Get serial number.
+	 *
+	 * @return string
+	 */
+	public function serial(): string
+	{
+		return $this->_serial;
+	}
+
+	/**
+	 * Check whether issuer unique identifier is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerUID(): bool
+	{
+		return isset($this->_issuerUID);
+	}
+
+	/**
+	 * Get issuer unique identifier.
+	 *
+	 * @throws \LogicException If not set
+	 *
+	 * @return UniqueIdentifier
+	 */
+	public function issuerUID(): UniqueIdentifier
+	{
+		if (!$this->hasIssuerUID()) {
+			throw new \LogicException('issuerUID not set.');
+		}
+		return $this->_issuerUID;
+	}
+
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = [$this->_issuer->toASN1(), new Integer($this->_serial)];
+		if (isset($this->_issuerUID)) {
+			$elements[] = $this->_issuerUID->toASN1();
+		}
+		return new Sequence(...$elements);
+	}
+
+	/**
+	 * Check whether this IssuerSerial identifies given certificate.
+	 *
+	 * @param Certificate $cert
+	 *
+	 * @return bool
+	 */
+	public function identifiesPKC(Certificate $cert): bool
+	{
+		$tbs = $cert->tbsCertificate();
+		if (!$tbs->issuer()->equals($this->_issuer->firstDN())) {
+			return false;
+		}
+		if ($tbs->serialNumber() !== $this->_serial) {
+			return false;
+		}
+		if ($this->_issuerUID && !$this->_checkUniqueID($cert)) {
+			return false;
+		}
+		return true;
+	}
+
+	/**
+	 * Check whether issuerUID matches given certificate.
+	 *
+	 * @param Certificate $cert
+	 *
+	 * @return bool
+	 */
+	private function _checkUniqueID(Certificate $cert): bool
+	{
+		if (!$cert->tbsCertificate()->hasIssuerUniqueID()) {
+			return false;
+		}
+		$uid = $cert->tbsCertificate()->issuerUniqueID()->string();
+		if ($this->_issuerUID->string() !== $uid) {
+			return false;
+		}
+		return true;
+	}
 }

lib/X509/CertificationRequest/CertificationRequestInfo.php

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\X509\CertificationRequest;
 

Indentation +202 added lines, -202 removed lines

@@ -24,206 +24,206 @@
  */
 class CertificationRequestInfo
 {
-    const VERSION_1 = 0;
-
-    /**
-     * Version.
-     *
-     * @var int
-     */
-    protected $_version;
-
-    /**
-     * Subject.
-     *
-     * @var Name
-     */
-    protected $_subject;
-
-    /**
-     * Public key info.
-     *
-     * @var PublicKeyInfo
-     */
-    protected $_subjectPKInfo;
-
-    /**
-     * Attributes.
-     *
-     * @var null|Attributes
-     */
-    protected $_attributes;
-
-    /**
-     * Constructor.
-     *
-     * @param Name          $subject Subject
-     * @param PublicKeyInfo $pkinfo  Public key info
-     */
-    public function __construct(Name $subject, PublicKeyInfo $pkinfo)
-    {
-        $this->_version = self::VERSION_1;
-        $this->_subject = $subject;
-        $this->_subjectPKInfo = $pkinfo;
-    }
-
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     *
-     * @throws \UnexpectedValueException
-     *
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $version = $seq->at(0)->asInteger()->intNumber();
-        if (self::VERSION_1 !== $version) {
-            throw new \UnexpectedValueException(
-                "Version {$version} not supported.");
-        }
-        $subject = Name::fromASN1($seq->at(1)->asSequence());
-        $pkinfo = PublicKeyInfo::fromASN1($seq->at(2)->asSequence());
-        $obj = new self($subject, $pkinfo);
-        if ($seq->hasTagged(0)) {
-            $obj->_attributes = Attributes::fromASN1(
-                $seq->getTagged(0)->asImplicit(Element::TYPE_SET)->asSet());
-        }
-        return $obj;
-    }
-
-    /**
-     * Get version.
-     *
-     * @return int
-     */
-    public function version(): int
-    {
-        return $this->_version;
-    }
-
-    /**
-     * Get self with subject.
-     *
-     * @param Name $subject
-     *
-     * @return self
-     */
-    public function withSubject(Name $subject): self
-    {
-        $obj = clone $this;
-        $obj->_subject = $subject;
-        return $obj;
-    }
-
-    /**
-     * Get subject.
-     *
-     * @return Name
-     */
-    public function subject(): Name
-    {
-        return $this->_subject;
-    }
-
-    /**
-     * Get subject public key info.
-     *
-     * @return PublicKeyInfo
-     */
-    public function subjectPKInfo(): PublicKeyInfo
-    {
-        return $this->_subjectPKInfo;
-    }
-
-    /**
-     * Whether certification request info has attributes.
-     *
-     * @return bool
-     */
-    public function hasAttributes(): bool
-    {
-        return isset($this->_attributes);
-    }
-
-    /**
-     * Get attributes.
-     *
-     * @throws \LogicException If not set
-     *
-     * @return Attributes
-     */
-    public function attributes(): Attributes
-    {
-        if (!$this->hasAttributes()) {
-            throw new \LogicException('No attributes.');
-        }
-        return $this->_attributes;
-    }
-
-    /**
-     * Get instance of self with attributes.
-     *
-     * @param Attributes $attribs
-     */
-    public function withAttributes(Attributes $attribs): self
-    {
-        $obj = clone $this;
-        $obj->_attributes = $attribs;
-        return $obj;
-    }
-
-    /**
-     * Get self with extension request attribute.
-     *
-     * @param Extensions $extensions Extensions to request
-     *
-     * @return self
-     */
-    public function withExtensionRequest(Extensions $extensions): self
-    {
-        $obj = clone $this;
-        if (!isset($obj->_attributes)) {
-            $obj->_attributes = new Attributes();
-        }
-        $obj->_attributes = $obj->_attributes->withUnique(
-            Attribute::fromAttributeValues(
-                new ExtensionRequestValue($extensions)));
-        return $obj;
-    }
-
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = [new Integer($this->_version),
-            $this->_subject->toASN1(), $this->_subjectPKInfo->toASN1(), ];
-        if (isset($this->_attributes)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_attributes->toASN1());
-        }
-        return new Sequence(...$elements);
-    }
-
-    /**
-     * Create signed CertificationRequest.
-     *
-     * @param SignatureAlgorithmIdentifier $algo         Algorithm used for signing
-     * @param PrivateKeyInfo               $privkey_info Private key used for signing
-     * @param null|Crypto                  $crypto       Crypto engine, use default if not set
-     *
-     * @return CertificationRequest
-     */
-    public function sign(SignatureAlgorithmIdentifier $algo,
-        PrivateKeyInfo $privkey_info, ?Crypto $crypto = null): CertificationRequest
-    {
-        $crypto = $crypto ?? Crypto::getDefault();
-        $data = $this->toASN1()->toDER();
-        $signature = $crypto->sign($data, $privkey_info, $algo);
-        return new CertificationRequest($this, $algo, $signature);
-    }
+	const VERSION_1 = 0;
+
+	/**
+	 * Version.
+	 *
+	 * @var int
+	 */
+	protected $_version;
+
+	/**
+	 * Subject.
+	 *
+	 * @var Name
+	 */
+	protected $_subject;
+
+	/**
+	 * Public key info.
+	 *
+	 * @var PublicKeyInfo
+	 */
+	protected $_subjectPKInfo;
+
+	/**
+	 * Attributes.
+	 *
+	 * @var null|Attributes
+	 */
+	protected $_attributes;
+
+	/**
+	 * Constructor.
+	 *
+	 * @param Name          $subject Subject
+	 * @param PublicKeyInfo $pkinfo  Public key info
+	 */
+	public function __construct(Name $subject, PublicKeyInfo $pkinfo)
+	{
+		$this->_version = self::VERSION_1;
+		$this->_subject = $subject;
+		$this->_subjectPKInfo = $pkinfo;
+	}
+
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 *
+	 * @throws \UnexpectedValueException
+	 *
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$version = $seq->at(0)->asInteger()->intNumber();
+		if (self::VERSION_1 !== $version) {
+			throw new \UnexpectedValueException(
+				"Version {$version} not supported.");
+		}
+		$subject = Name::fromASN1($seq->at(1)->asSequence());
+		$pkinfo = PublicKeyInfo::fromASN1($seq->at(2)->asSequence());
+		$obj = new self($subject, $pkinfo);
+		if ($seq->hasTagged(0)) {
+			$obj->_attributes = Attributes::fromASN1(
+				$seq->getTagged(0)->asImplicit(Element::TYPE_SET)->asSet());
+		}
+		return $obj;
+	}
+
+	/**
+	 * Get version.
+	 *
+	 * @return int
+	 */
+	public function version(): int
+	{
+		return $this->_version;
+	}
+
+	/**
+	 * Get self with subject.
+	 *
+	 * @param Name $subject
+	 *
+	 * @return self
+	 */
+	public function withSubject(Name $subject): self
+	{
+		$obj = clone $this;
+		$obj->_subject = $subject;
+		return $obj;
+	}
+
+	/**
+	 * Get subject.
+	 *
+	 * @return Name
+	 */
+	public function subject(): Name
+	{
+		return $this->_subject;
+	}
+
+	/**
+	 * Get subject public key info.
+	 *
+	 * @return PublicKeyInfo
+	 */
+	public function subjectPKInfo(): PublicKeyInfo
+	{
+		return $this->_subjectPKInfo;
+	}
+
+	/**
+	 * Whether certification request info has attributes.
+	 *
+	 * @return bool
+	 */
+	public function hasAttributes(): bool
+	{
+		return isset($this->_attributes);
+	}
+
+	/**
+	 * Get attributes.
+	 *
+	 * @throws \LogicException If not set
+	 *
+	 * @return Attributes
+	 */
+	public function attributes(): Attributes
+	{
+		if (!$this->hasAttributes()) {
+			throw new \LogicException('No attributes.');
+		}
+		return $this->_attributes;
+	}
+
+	/**
+	 * Get instance of self with attributes.
+	 *
+	 * @param Attributes $attribs
+	 */
+	public function withAttributes(Attributes $attribs): self
+	{
+		$obj = clone $this;
+		$obj->_attributes = $attribs;
+		return $obj;
+	}
+
+	/**
+	 * Get self with extension request attribute.
+	 *
+	 * @param Extensions $extensions Extensions to request
+	 *
+	 * @return self
+	 */
+	public function withExtensionRequest(Extensions $extensions): self
+	{
+		$obj = clone $this;
+		if (!isset($obj->_attributes)) {
+			$obj->_attributes = new Attributes();
+		}
+		$obj->_attributes = $obj->_attributes->withUnique(
+			Attribute::fromAttributeValues(
+				new ExtensionRequestValue($extensions)));
+		return $obj;
+	}
+
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = [new Integer($this->_version),
+			$this->_subject->toASN1(), $this->_subjectPKInfo->toASN1(), ];
+		if (isset($this->_attributes)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_attributes->toASN1());
+		}
+		return new Sequence(...$elements);
+	}
+
+	/**
+	 * Create signed CertificationRequest.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo         Algorithm used for signing
+	 * @param PrivateKeyInfo               $privkey_info Private key used for signing
+	 * @param null|Crypto                  $crypto       Crypto engine, use default if not set
+	 *
+	 * @return CertificationRequest
+	 */
+	public function sign(SignatureAlgorithmIdentifier $algo,
+		PrivateKeyInfo $privkey_info, ?Crypto $crypto = null): CertificationRequest
+	{
+		$crypto = $crypto ?? Crypto::getDefault();
+		$data = $this->toASN1()->toDER();
+		$signature = $crypto->sign($data, $privkey_info, $algo);
+		return new CertificationRequest($this, $algo, $signature);
+	}
 }