These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace X509\AttributeCertificate; |
||
4 | |||
5 | use ASN1\Type\Constructed\Sequence; |
||
6 | use CryptoUtil\ASN1\AlgorithmIdentifier; |
||
7 | use CryptoUtil\ASN1\AlgorithmIdentifier\Feature\SignatureAlgorithmIdentifier; |
||
8 | use CryptoUtil\ASN1\PublicKeyInfo; |
||
9 | use CryptoUtil\Crypto\Crypto; |
||
10 | use CryptoUtil\Crypto\Signature; |
||
11 | use CryptoUtil\PEM\PEM; |
||
12 | use X509\Certificate\Certificate; |
||
13 | |||
14 | |||
15 | /** |
||
16 | * Implements <i>AttributeCertificate</i> ASN.1 type. |
||
17 | * |
||
18 | * @link https://tools.ietf.org/html/rfc5755#section-4.1 |
||
19 | */ |
||
20 | class AttributeCertificate |
||
21 | { |
||
22 | /** |
||
23 | * Attribute certificate info. |
||
24 | * |
||
25 | * @var AttributeCertificateInfo $_acinfo |
||
26 | */ |
||
27 | protected $_acinfo; |
||
28 | |||
29 | /** |
||
30 | * Signature algorithm identifier. |
||
31 | * |
||
32 | * @var SignatureAlgorithmIdentifier $_signatureAlgorithm |
||
33 | */ |
||
34 | protected $_signatureAlgorithm; |
||
35 | |||
36 | /** |
||
37 | * Signature value. |
||
38 | * |
||
39 | * @var Signature $_signatureValue |
||
40 | */ |
||
41 | protected $_signatureValue; |
||
42 | |||
43 | /** |
||
44 | * Constructor |
||
45 | * |
||
46 | * @param AttributeCertificateInfo $acinfo |
||
47 | * @param SignatureAlgorithmIdentifier $algo |
||
48 | * @param Signature $signature |
||
49 | */ |
||
50 | 5 | public function __construct(AttributeCertificateInfo $acinfo, |
|
51 | SignatureAlgorithmIdentifier $algo, Signature $signature) { |
||
52 | 5 | $this->_acinfo = $acinfo; |
|
53 | 5 | $this->_signatureAlgorithm = $algo; |
|
54 | 5 | $this->_signatureValue = $signature; |
|
55 | 5 | } |
|
56 | |||
57 | /** |
||
58 | * Initialize from ASN.1. |
||
59 | * |
||
60 | * @param Sequence $seq |
||
61 | * @return self |
||
62 | */ |
||
63 | 4 | View Code Duplication | public static function fromASN1(Sequence $seq) { |
0 ignored issues
–
show
|
|||
64 | 4 | $acinfo = AttributeCertificateInfo::fromASN1($seq->at(0)->asSequence()); |
|
65 | 4 | $algo = AlgorithmIdentifier::fromASN1($seq->at(1)->asSequence()); |
|
66 | 4 | if (!$algo instanceof SignatureAlgorithmIdentifier) { |
|
67 | 1 | throw new \UnexpectedValueException( |
|
68 | 1 | "Unsupported signature algorithm " . $algo->oid() . "."); |
|
69 | } |
||
70 | 3 | $signature = Signature::fromASN1($seq->at(2)->asBitString()); |
|
71 | 3 | return new self($acinfo, $algo, $signature); |
|
72 | } |
||
73 | |||
74 | /** |
||
75 | * Initialize from DER data. |
||
76 | * |
||
77 | * @param string $data |
||
78 | * @return self |
||
79 | */ |
||
80 | 1 | public static function fromDER($data) { |
|
81 | 1 | return self::fromASN1(Sequence::fromDER($data)); |
|
82 | } |
||
83 | |||
84 | /** |
||
85 | * Initialize from PEM. |
||
86 | * |
||
87 | * @param PEM $pem |
||
88 | * @throws \UnexpectedValueException |
||
89 | * @return self |
||
90 | */ |
||
91 | 2 | public static function fromPEM(PEM $pem) { |
|
92 | 2 | if ($pem->type() !== PEM::TYPE_ATTRIBUTE_CERTIFICATE) { |
|
93 | 1 | throw new \UnexpectedValueException("Invalid PEM type."); |
|
94 | } |
||
95 | 1 | return self::fromDER($pem->data()); |
|
96 | } |
||
97 | |||
98 | /** |
||
99 | * Get attribute certificate info. |
||
100 | * |
||
101 | * @return AttributeCertificateInfo |
||
102 | */ |
||
103 | 7 | public function acinfo() { |
|
104 | 7 | return $this->_acinfo; |
|
105 | } |
||
106 | |||
107 | /** |
||
108 | * Get signature algorithm identifier. |
||
109 | * |
||
110 | * @return SignatureAlgorithmIdentifier |
||
111 | */ |
||
112 | 2 | public function signatureAlgorithm() { |
|
113 | 2 | return $this->_signatureAlgorithm; |
|
114 | } |
||
115 | |||
116 | /** |
||
117 | * Get signature value. |
||
118 | * |
||
119 | * @return Signature |
||
120 | */ |
||
121 | 1 | public function signatureValue() { |
|
122 | 1 | return $this->_signatureValue; |
|
123 | } |
||
124 | |||
125 | /** |
||
126 | * Get ASN.1 structure. |
||
127 | * |
||
128 | * @return Sequence |
||
129 | */ |
||
130 | 4 | public function toASN1() { |
|
131 | 4 | return new Sequence($this->_acinfo->toASN1(), |
|
132 | 4 | $this->_signatureAlgorithm->toASN1(), |
|
133 | 4 | $this->_signatureValue->toBitString()); |
|
134 | } |
||
135 | |||
136 | /** |
||
137 | * Get attribute certificate as a DER. |
||
138 | * |
||
139 | * @return string |
||
140 | */ |
||
141 | 2 | public function toDER() { |
|
142 | 2 | return $this->toASN1()->toDER(); |
|
143 | } |
||
144 | |||
145 | /** |
||
146 | * Get attribute certificate as a PEM. |
||
147 | * |
||
148 | * @return PEM |
||
149 | */ |
||
150 | 2 | public function toPEM() { |
|
151 | 2 | return new PEM(PEM::TYPE_ATTRIBUTE_CERTIFICATE, $this->toDER()); |
|
152 | } |
||
153 | |||
154 | /** |
||
155 | * Check whether attribute certificate is issued to the subject identified |
||
156 | * by given public key certificate. |
||
157 | * |
||
158 | * @param Certificate $cert Certificate |
||
159 | * @return boolean |
||
160 | */ |
||
161 | 13 | public function isHeldBy(Certificate $cert) { |
|
162 | 13 | if (!$this->_acinfo->holder()->identifiesPKC($cert)) { |
|
163 | 2 | return false; |
|
164 | } |
||
165 | 11 | return true; |
|
166 | } |
||
167 | |||
168 | /** |
||
169 | * Check whether attribute certificate is issued by given public key |
||
170 | * certificate. |
||
171 | * |
||
172 | * @param Certificate $cert Certificate |
||
173 | * @return boolean |
||
174 | */ |
||
175 | 11 | public function isIssuedBy(Certificate $cert) { |
|
176 | 11 | if (!$this->_acinfo->issuer()->identifiesPKC($cert)) { |
|
177 | 2 | return false; |
|
178 | } |
||
179 | 9 | return true; |
|
180 | } |
||
181 | |||
182 | /** |
||
183 | * Verify signature. |
||
184 | * |
||
185 | * @param Crypto $crypto |
||
186 | * @param PublicKeyInfo $pubkey_info Signer's public key |
||
187 | * @return bool |
||
188 | */ |
||
189 | 10 | public function verify(Crypto $crypto, PublicKeyInfo $pubkey_info) { |
|
190 | 10 | $data = $this->_acinfo->toASN1()->toDER(); |
|
191 | 10 | return $crypto->verify($data, $this->_signatureValue, $pubkey_info, |
|
192 | 10 | $this->_signatureAlgorithm); |
|
193 | } |
||
194 | |||
195 | /** |
||
196 | * Get attribute certificate as a PEM formatted string. |
||
197 | * |
||
198 | * @return string |
||
199 | */ |
||
200 | 1 | public function __toString() { |
|
201 | 1 | return $this->toPEM()->string(); |
|
202 | } |
||
203 | } |
||
204 |
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.