sop / x509

lib/X509/AttributeCertificate/AttributeCertificateInfo.php

Indentation +431 added lines, -431 removed lines

@@ -22,435 +22,435 @@
  */
 class AttributeCertificateInfo
 {
-    const VERSION_2 = 1;
-    
-    /**
-     * AC version.
-     *
-     * @var int $_version
-     */
-    protected $_version;
-    
-    /**
-     * AC holder.
-     *
-     * @var Holder $_holder
-     */
-    protected $_holder;
-    
-    /**
-     * AC issuer.
-     *
-     * @var AttCertIssuer $_issuer
-     */
-    protected $_issuer;
-    
-    /**
-     * Signature algorithm identifier.
-     *
-     * @var SignatureAlgorithmIdentifier $_signature
-     */
-    protected $_signature;
-    
-    /**
-     * AC serial number.
-     *
-     * @var string $_serialNumber
-     */
-    protected $_serialNumber;
-    
-    /**
-     * Validity period.
-     *
-     * @var AttCertValidityPeriod $_attrCertValidityPeriod
-     */
-    protected $_attrCertValidityPeriod;
-    
-    /**
-     * Attributes.
-     *
-     * @var Attributes $_attributes
-     */
-    protected $_attributes;
-    
-    /**
-     * Issuer unique identifier.
-     *
-     * @var UniqueIdentifier|null $_issuerUniqueID
-     */
-    protected $_issuerUniqueID;
-    
-    /**
-     * Extensions.
-     *
-     * @var Extensions $_extensions
-     */
-    protected $_extensions;
-    
-    /**
-     * Constructor.
-     *
-     * @param Holder $holder AC holder
-     * @param AttCertIssuer $issuer AC issuer
-     * @param AttCertValidityPeriod $validity Validity
-     * @param Attributes $attribs Attributes
-     */
-    public function __construct(Holder $holder, AttCertIssuer $issuer,
-        AttCertValidityPeriod $validity, Attributes $attribs)
-    {
-        $this->_version = self::VERSION_2;
-        $this->_holder = $holder;
-        $this->_issuer = $issuer;
-        $this->_attrCertValidityPeriod = $validity;
-        $this->_attributes = $attribs;
-        $this->_extensions = new Extensions();
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $version = $seq->at(0)
-            ->asInteger()
-            ->intNumber();
-        if ($version != self::VERSION_2) {
-            throw new \UnexpectedValueException("Version must be 2.");
-        }
-        $holder = Holder::fromASN1($seq->at(1)->asSequence());
-        $issuer = AttCertIssuer::fromASN1($seq->at(2));
-        $signature = AlgorithmIdentifier::fromASN1($seq->at(3)->asSequence());
-        if (!$signature instanceof SignatureAlgorithmIdentifier) {
-            throw new \UnexpectedValueException(
-                "Unsupported signature algorithm " . $signature->oid() . ".");
-        }
-        $serial = $seq->at(4)
-            ->asInteger()
-            ->number();
-        $validity = AttCertValidityPeriod::fromASN1($seq->at(5)->asSequence());
-        $attribs = Attributes::fromASN1($seq->at(6)->asSequence());
-        $obj = new self($holder, $issuer, $validity, $attribs);
-        $obj->_signature = $signature;
-        $obj->_serialNumber = $serial;
-        $idx = 7;
-        if ($seq->has($idx, Element::TYPE_BIT_STRING)) {
-            $obj->_issuerUniqueID = UniqueIdentifier::fromASN1(
-                $seq->at($idx++)->asBitString());
-        }
-        if ($seq->has($idx, Element::TYPE_SEQUENCE)) {
-            $obj->_extensions = Extensions::fromASN1(
-                $seq->at($idx++)->asSequence());
-        }
-        return $obj;
-    }
-    
-    /**
-     * Get self with holder.
-     *
-     * @param Holder $holder
-     * @return self
-     */
-    public function withHolder(Holder $holder): self
-    {
-        $obj = clone $this;
-        $obj->_holder = $holder;
-        return $obj;
-    }
-    
-    /**
-     * Get self with issuer.
-     *
-     * @param AttCertIssuer $issuer
-     * @return self
-     */
-    public function withIssuer(AttCertIssuer $issuer): self
-    {
-        $obj = clone $this;
-        $obj->_issuer = $issuer;
-        return $obj;
-    }
-    
-    /**
-     * Get self with signature algorithm identifier.
-     *
-     * @param SignatureAlgorithmIdentifier $algo
-     * @return self
-     */
-    public function withSignature(SignatureAlgorithmIdentifier $algo): self
-    {
-        $obj = clone $this;
-        $obj->_signature = $algo;
-        return $obj;
-    }
-    
-    /**
-     * Get self with serial number.
-     *
-     * @param int|string $serial
-     * @return self
-     */
-    public function withSerialNumber($serial): self
-    {
-        $obj = clone $this;
-        $obj->_serialNumber = strval($serial);
-        return $obj;
-    }
-    
-    /**
-     * Get self with random positive serial number.
-     *
-     * @param int $size Number of random bytes
-     * @return self
-     */
-    public function withRandomSerialNumber(int $size = 16): self
-    {
-        // ensure that first byte is always non-zero and having first bit unset
-        $num = gmp_init(mt_rand(1, 0x7f), 10);
-        for ($i = 1; $i < $size; ++$i) {
-            $num <<= 8;
-            $num += mt_rand(0, 0xff);
-        }
-        return $this->withSerialNumber(gmp_strval($num, 10));
-    }
-    
-    /**
-     * Get self with validity period.
-     *
-     * @param AttCertValidityPeriod $validity
-     * @return self
-     */
-    public function withValidity(AttCertValidityPeriod $validity): self
-    {
-        $obj = clone $this;
-        $obj->_attrCertValidityPeriod = $validity;
-        return $obj;
-    }
-    
-    /**
-     * Get self with attributes.
-     *
-     * @param Attributes $attribs
-     * @return self
-     */
-    public function withAttributes(Attributes $attribs): self
-    {
-        $obj = clone $this;
-        $obj->_attributes = $attribs;
-        return $obj;
-    }
-    
-    /**
-     * Get self with issuer unique identifier.
-     *
-     * @param UniqueIdentifier $uid
-     * @return self
-     */
-    public function withIssuerUniqueID(UniqueIdentifier $uid): self
-    {
-        $obj = clone $this;
-        $obj->_issuerUniqueID = $uid;
-        return $obj;
-    }
-    
-    /**
-     * Get self with extensions.
-     *
-     * @param Extensions $extensions
-     * @return self
-     */
-    public function withExtensions(Extensions $extensions): self
-    {
-        $obj = clone $this;
-        $obj->_extensions = $extensions;
-        return $obj;
-    }
-    
-    /**
-     * Get self with extensions added.
-     *
-     * @param Extension ...$exts One or more Extension objects
-     * @return self
-     */
-    public function withAdditionalExtensions(Extension ...$exts): self
-    {
-        $obj = clone $this;
-        $obj->_extensions = $obj->_extensions->withExtensions(...$exts);
-        return $obj;
-    }
-    
-    /**
-     * Get version.
-     *
-     * @return int
-     */
-    public function version(): int
-    {
-        return $this->_version;
-    }
-    
-    /**
-     * Get AC holder.
-     *
-     * @return Holder
-     */
-    public function holder(): Holder
-    {
-        return $this->_holder;
-    }
-    
-    /**
-     * Get AC issuer.
-     *
-     * @return AttCertIssuer
-     */
-    public function issuer(): AttCertIssuer
-    {
-        return $this->_issuer;
-    }
-    
-    /**
-     * Check whether signature is set.
-     *
-     * @return bool
-     */
-    public function hasSignature(): bool
-    {
-        return isset($this->_signature);
-    }
-    
-    /**
-     * Get signature algorithm identifier.
-     *
-     * @return SignatureAlgorithmIdentifier
-     */
-    public function signature(): SignatureAlgorithmIdentifier
-    {
-        if (!$this->hasSignature()) {
-            throw new \LogicException("signature not set.");
-        }
-        return $this->_signature;
-    }
-    
-    /**
-     * Check whether serial number is present.
-     *
-     * @return bool
-     */
-    public function hasSerialNumber(): bool
-    {
-        return isset($this->_serialNumber);
-    }
-    
-    /**
-     * Get AC serial number.
-     *
-     * @return string
-     */
-    public function serialNumber(): string
-    {
-        if (!$this->hasSerialNumber()) {
-            throw new \LogicException("serialNumber not set.");
-        }
-        return $this->_serialNumber;
-    }
-    
-    /**
-     * Get validity period.
-     *
-     * @return AttCertValidityPeriod
-     */
-    public function validityPeriod(): AttCertValidityPeriod
-    {
-        return $this->_attrCertValidityPeriod;
-    }
-    
-    /**
-     * Get attributes.
-     *
-     * @return Attributes
-     */
-    public function attributes(): Attributes
-    {
-        return $this->_attributes;
-    }
-    
-    /**
-     * Check whether issuer unique identifier is present.
-     *
-     * @return bool
-     */
-    public function hasIssuerUniqueID(): bool
-    {
-        return isset($this->_issuerUniqueID);
-    }
-    
-    /**
-     * Get issuer unique identifier.
-     *
-     * @return UniqueIdentifier
-     */
-    public function issuerUniqueID(): UniqueIdentifier
-    {
-        if (!$this->hasIssuerUniqueID()) {
-            throw new \LogicException("issuerUniqueID not set.");
-        }
-        return $this->_issuerUniqueID;
-    }
-    
-    /**
-     * Get extensions.
-     *
-     * @return Extensions
-     */
-    public function extensions(): Extensions
-    {
-        return $this->_extensions;
-    }
-    
-    /**
-     * Get ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array(new Integer($this->_version), $this->_holder->toASN1(),
-            $this->_issuer->toASN1(), $this->signature()->toASN1(),
-            new Integer($this->serialNumber()),
-            $this->_attrCertValidityPeriod->toASN1(),
-            $this->_attributes->toASN1());
-        if (isset($this->_issuerUniqueID)) {
-            $elements[] = $this->_issuerUniqueID->toASN1();
-        }
-        if (count($this->_extensions)) {
-            $elements[] = $this->_extensions->toASN1();
-        }
-        return new Sequence(...$elements);
-    }
-    
-    /**
-     * Create signed attribute certificate.
-     *
-     * @param SignatureAlgorithmIdentifier $algo Signature algorithm
-     * @param PrivateKeyInfo $privkey_info Private key
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     * @return AttributeCertificate
-     */
-    public function sign(SignatureAlgorithmIdentifier $algo,
-        PrivateKeyInfo $privkey_info, Crypto $crypto = null): AttributeCertificate
-    {
-        $crypto = $crypto ?: Crypto::getDefault();
-        $aci = clone $this;
-        if (!isset($aci->_serialNumber)) {
-            $aci->_serialNumber = "0";
-        }
-        $aci->_signature = $algo;
-        $data = $aci->toASN1()->toDER();
-        $signature = $crypto->sign($data, $privkey_info, $algo);
-        return new AttributeCertificate($aci, $algo, $signature);
-    }
+	const VERSION_2 = 1;
+    
+	/**
+	 * AC version.
+	 *
+	 * @var int $_version
+	 */
+	protected $_version;
+    
+	/**
+	 * AC holder.
+	 *
+	 * @var Holder $_holder
+	 */
+	protected $_holder;
+    
+	/**
+	 * AC issuer.
+	 *
+	 * @var AttCertIssuer $_issuer
+	 */
+	protected $_issuer;
+    
+	/**
+	 * Signature algorithm identifier.
+	 *
+	 * @var SignatureAlgorithmIdentifier $_signature
+	 */
+	protected $_signature;
+    
+	/**
+	 * AC serial number.
+	 *
+	 * @var string $_serialNumber
+	 */
+	protected $_serialNumber;
+    
+	/**
+	 * Validity period.
+	 *
+	 * @var AttCertValidityPeriod $_attrCertValidityPeriod
+	 */
+	protected $_attrCertValidityPeriod;
+    
+	/**
+	 * Attributes.
+	 *
+	 * @var Attributes $_attributes
+	 */
+	protected $_attributes;
+    
+	/**
+	 * Issuer unique identifier.
+	 *
+	 * @var UniqueIdentifier|null $_issuerUniqueID
+	 */
+	protected $_issuerUniqueID;
+    
+	/**
+	 * Extensions.
+	 *
+	 * @var Extensions $_extensions
+	 */
+	protected $_extensions;
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Holder $holder AC holder
+	 * @param AttCertIssuer $issuer AC issuer
+	 * @param AttCertValidityPeriod $validity Validity
+	 * @param Attributes $attribs Attributes
+	 */
+	public function __construct(Holder $holder, AttCertIssuer $issuer,
+		AttCertValidityPeriod $validity, Attributes $attribs)
+	{
+		$this->_version = self::VERSION_2;
+		$this->_holder = $holder;
+		$this->_issuer = $issuer;
+		$this->_attrCertValidityPeriod = $validity;
+		$this->_attributes = $attribs;
+		$this->_extensions = new Extensions();
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$version = $seq->at(0)
+			->asInteger()
+			->intNumber();
+		if ($version != self::VERSION_2) {
+			throw new \UnexpectedValueException("Version must be 2.");
+		}
+		$holder = Holder::fromASN1($seq->at(1)->asSequence());
+		$issuer = AttCertIssuer::fromASN1($seq->at(2));
+		$signature = AlgorithmIdentifier::fromASN1($seq->at(3)->asSequence());
+		if (!$signature instanceof SignatureAlgorithmIdentifier) {
+			throw new \UnexpectedValueException(
+				"Unsupported signature algorithm " . $signature->oid() . ".");
+		}
+		$serial = $seq->at(4)
+			->asInteger()
+			->number();
+		$validity = AttCertValidityPeriod::fromASN1($seq->at(5)->asSequence());
+		$attribs = Attributes::fromASN1($seq->at(6)->asSequence());
+		$obj = new self($holder, $issuer, $validity, $attribs);
+		$obj->_signature = $signature;
+		$obj->_serialNumber = $serial;
+		$idx = 7;
+		if ($seq->has($idx, Element::TYPE_BIT_STRING)) {
+			$obj->_issuerUniqueID = UniqueIdentifier::fromASN1(
+				$seq->at($idx++)->asBitString());
+		}
+		if ($seq->has($idx, Element::TYPE_SEQUENCE)) {
+			$obj->_extensions = Extensions::fromASN1(
+				$seq->at($idx++)->asSequence());
+		}
+		return $obj;
+	}
+    
+	/**
+	 * Get self with holder.
+	 *
+	 * @param Holder $holder
+	 * @return self
+	 */
+	public function withHolder(Holder $holder): self
+	{
+		$obj = clone $this;
+		$obj->_holder = $holder;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with issuer.
+	 *
+	 * @param AttCertIssuer $issuer
+	 * @return self
+	 */
+	public function withIssuer(AttCertIssuer $issuer): self
+	{
+		$obj = clone $this;
+		$obj->_issuer = $issuer;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with signature algorithm identifier.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo
+	 * @return self
+	 */
+	public function withSignature(SignatureAlgorithmIdentifier $algo): self
+	{
+		$obj = clone $this;
+		$obj->_signature = $algo;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with serial number.
+	 *
+	 * @param int|string $serial
+	 * @return self
+	 */
+	public function withSerialNumber($serial): self
+	{
+		$obj = clone $this;
+		$obj->_serialNumber = strval($serial);
+		return $obj;
+	}
+    
+	/**
+	 * Get self with random positive serial number.
+	 *
+	 * @param int $size Number of random bytes
+	 * @return self
+	 */
+	public function withRandomSerialNumber(int $size = 16): self
+	{
+		// ensure that first byte is always non-zero and having first bit unset
+		$num = gmp_init(mt_rand(1, 0x7f), 10);
+		for ($i = 1; $i < $size; ++$i) {
+			$num <<= 8;
+			$num += mt_rand(0, 0xff);
+		}
+		return $this->withSerialNumber(gmp_strval($num, 10));
+	}
+    
+	/**
+	 * Get self with validity period.
+	 *
+	 * @param AttCertValidityPeriod $validity
+	 * @return self
+	 */
+	public function withValidity(AttCertValidityPeriod $validity): self
+	{
+		$obj = clone $this;
+		$obj->_attrCertValidityPeriod = $validity;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with attributes.
+	 *
+	 * @param Attributes $attribs
+	 * @return self
+	 */
+	public function withAttributes(Attributes $attribs): self
+	{
+		$obj = clone $this;
+		$obj->_attributes = $attribs;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with issuer unique identifier.
+	 *
+	 * @param UniqueIdentifier $uid
+	 * @return self
+	 */
+	public function withIssuerUniqueID(UniqueIdentifier $uid): self
+	{
+		$obj = clone $this;
+		$obj->_issuerUniqueID = $uid;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with extensions.
+	 *
+	 * @param Extensions $extensions
+	 * @return self
+	 */
+	public function withExtensions(Extensions $extensions): self
+	{
+		$obj = clone $this;
+		$obj->_extensions = $extensions;
+		return $obj;
+	}
+    
+	/**
+	 * Get self with extensions added.
+	 *
+	 * @param Extension ...$exts One or more Extension objects
+	 * @return self
+	 */
+	public function withAdditionalExtensions(Extension ...$exts): self
+	{
+		$obj = clone $this;
+		$obj->_extensions = $obj->_extensions->withExtensions(...$exts);
+		return $obj;
+	}
+    
+	/**
+	 * Get version.
+	 *
+	 * @return int
+	 */
+	public function version(): int
+	{
+		return $this->_version;
+	}
+    
+	/**
+	 * Get AC holder.
+	 *
+	 * @return Holder
+	 */
+	public function holder(): Holder
+	{
+		return $this->_holder;
+	}
+    
+	/**
+	 * Get AC issuer.
+	 *
+	 * @return AttCertIssuer
+	 */
+	public function issuer(): AttCertIssuer
+	{
+		return $this->_issuer;
+	}
+    
+	/**
+	 * Check whether signature is set.
+	 *
+	 * @return bool
+	 */
+	public function hasSignature(): bool
+	{
+		return isset($this->_signature);
+	}
+    
+	/**
+	 * Get signature algorithm identifier.
+	 *
+	 * @return SignatureAlgorithmIdentifier
+	 */
+	public function signature(): SignatureAlgorithmIdentifier
+	{
+		if (!$this->hasSignature()) {
+			throw new \LogicException("signature not set.");
+		}
+		return $this->_signature;
+	}
+    
+	/**
+	 * Check whether serial number is present.
+	 *
+	 * @return bool
+	 */
+	public function hasSerialNumber(): bool
+	{
+		return isset($this->_serialNumber);
+	}
+    
+	/**
+	 * Get AC serial number.
+	 *
+	 * @return string
+	 */
+	public function serialNumber(): string
+	{
+		if (!$this->hasSerialNumber()) {
+			throw new \LogicException("serialNumber not set.");
+		}
+		return $this->_serialNumber;
+	}
+    
+	/**
+	 * Get validity period.
+	 *
+	 * @return AttCertValidityPeriod
+	 */
+	public function validityPeriod(): AttCertValidityPeriod
+	{
+		return $this->_attrCertValidityPeriod;
+	}
+    
+	/**
+	 * Get attributes.
+	 *
+	 * @return Attributes
+	 */
+	public function attributes(): Attributes
+	{
+		return $this->_attributes;
+	}
+    
+	/**
+	 * Check whether issuer unique identifier is present.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerUniqueID(): bool
+	{
+		return isset($this->_issuerUniqueID);
+	}
+    
+	/**
+	 * Get issuer unique identifier.
+	 *
+	 * @return UniqueIdentifier
+	 */
+	public function issuerUniqueID(): UniqueIdentifier
+	{
+		if (!$this->hasIssuerUniqueID()) {
+			throw new \LogicException("issuerUniqueID not set.");
+		}
+		return $this->_issuerUniqueID;
+	}
+    
+	/**
+	 * Get extensions.
+	 *
+	 * @return Extensions
+	 */
+	public function extensions(): Extensions
+	{
+		return $this->_extensions;
+	}
+    
+	/**
+	 * Get ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array(new Integer($this->_version), $this->_holder->toASN1(),
+			$this->_issuer->toASN1(), $this->signature()->toASN1(),
+			new Integer($this->serialNumber()),
+			$this->_attrCertValidityPeriod->toASN1(),
+			$this->_attributes->toASN1());
+		if (isset($this->_issuerUniqueID)) {
+			$elements[] = $this->_issuerUniqueID->toASN1();
+		}
+		if (count($this->_extensions)) {
+			$elements[] = $this->_extensions->toASN1();
+		}
+		return new Sequence(...$elements);
+	}
+    
+	/**
+	 * Create signed attribute certificate.
+	 *
+	 * @param SignatureAlgorithmIdentifier $algo Signature algorithm
+	 * @param PrivateKeyInfo $privkey_info Private key
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 * @return AttributeCertificate
+	 */
+	public function sign(SignatureAlgorithmIdentifier $algo,
+		PrivateKeyInfo $privkey_info, Crypto $crypto = null): AttributeCertificate
+	{
+		$crypto = $crypto ?: Crypto::getDefault();
+		$aci = clone $this;
+		if (!isset($aci->_serialNumber)) {
+			$aci->_serialNumber = "0";
+		}
+		$aci->_signature = $algo;
+		$data = $aci->toASN1()->toDER();
+		$signature = $crypto->sign($data, $privkey_info, $algo);
+		return new AttributeCertificate($aci, $algo, $signature);
+	}
 }

lib/X509/AttributeCertificate/V2Form.php

Indentation +131 added lines, -131 removed lines

@@ -19,144 +19,144 @@
  */
 class V2Form extends AttCertIssuer
 {
-    /**
-     * Issuer name.
-     *
-     * @var GeneralNames $_issuerName
-     */
-    protected $_issuerName;
+	/**
+	 * Issuer name.
+	 *
+	 * @var GeneralNames $_issuerName
+	 */
+	protected $_issuerName;
     
-    /**
-     * Issuer PKC's issuer and serial.
-     *
-     * @var IssuerSerial $_baseCertificateID
-     */
-    protected $_baseCertificateID;
+	/**
+	 * Issuer PKC's issuer and serial.
+	 *
+	 * @var IssuerSerial $_baseCertificateID
+	 */
+	protected $_baseCertificateID;
     
-    /**
-     * Linked object.
-     *
-     * @var ObjectDigestInfo $_objectDigestInfo
-     */
-    protected $_objectDigestInfo;
+	/**
+	 * Linked object.
+	 *
+	 * @var ObjectDigestInfo $_objectDigestInfo
+	 */
+	protected $_objectDigestInfo;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralNames|null $names
-     */
-    public function __construct(GeneralNames $names = null)
-    {
-        $this->_issuerName = $names;
-        $this->_baseCertificateID = null;
-        $this->_objectDigestInfo = null;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralNames|null $names
+	 */
+	public function __construct(GeneralNames $names = null)
+	{
+		$this->_issuerName = $names;
+		$this->_baseCertificateID = null;
+		$this->_objectDigestInfo = null;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromV2ASN1(Sequence $seq): self
-    {
-        $issuer = null;
-        $cert_id = null;
-        $digest_info = null;
-        if ($seq->has(0, Element::TYPE_SEQUENCE)) {
-            $issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
-        }
-        if ($seq->hasTagged(0)) {
-            $cert_id = IssuerSerial::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        if ($seq->hasTagged(1)) {
-            $digest_info = ObjectDigestInfo::fromASN1(
-                $seq->getTagged(1)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        $obj = new self($issuer);
-        $obj->_baseCertificateID = $cert_id;
-        $obj->_objectDigestInfo = $digest_info;
-        return $obj;
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromV2ASN1(Sequence $seq): self
+	{
+		$issuer = null;
+		$cert_id = null;
+		$digest_info = null;
+		if ($seq->has(0, Element::TYPE_SEQUENCE)) {
+			$issuer = GeneralNames::fromASN1($seq->at(0)->asSequence());
+		}
+		if ($seq->hasTagged(0)) {
+			$cert_id = IssuerSerial::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		if ($seq->hasTagged(1)) {
+			$digest_info = ObjectDigestInfo::fromASN1(
+				$seq->getTagged(1)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		$obj = new self($issuer);
+		$obj->_baseCertificateID = $cert_id;
+		$obj->_objectDigestInfo = $digest_info;
+		return $obj;
+	}
     
-    /**
-     * Check whether issuer name is set.
-     *
-     * @return bool
-     */
-    public function hasIssuerName(): bool
-    {
-        return isset($this->_issuerName);
-    }
+	/**
+	 * Check whether issuer name is set.
+	 *
+	 * @return bool
+	 */
+	public function hasIssuerName(): bool
+	{
+		return isset($this->_issuerName);
+	}
     
-    /**
-     * Get issuer name.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function issuerName(): GeneralNames
-    {
-        if (!$this->hasIssuerName()) {
-            throw new \LogicException("issuerName not set.");
-        }
-        return $this->_issuerName;
-    }
+	/**
+	 * Get issuer name.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function issuerName(): GeneralNames
+	{
+		if (!$this->hasIssuerName()) {
+			throw new \LogicException("issuerName not set.");
+		}
+		return $this->_issuerName;
+	}
     
-    /**
-     * Get DN of the issuer.
-     *
-     * This is a convenience method conforming to RFC 5755, which states
-     * that Issuer must contain only one non-empty distinguished name.
-     *
-     * @return \X501\ASN1\Name
-     */
-    public function name(): Name
-    {
-        return $this->issuerName()->firstDN();
-    }
+	/**
+	 * Get DN of the issuer.
+	 *
+	 * This is a convenience method conforming to RFC 5755, which states
+	 * that Issuer must contain only one non-empty distinguished name.
+	 *
+	 * @return \X501\ASN1\Name
+	 */
+	public function name(): Name
+	{
+		return $this->issuerName()->firstDN();
+	}
     
-    /**
-     *
-     * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
-     * @return ImplicitlyTaggedType Tagged Sequence
-     */
-    public function toASN1(): TaggedType
-    {
-        $elements = array();
-        if (isset($this->_issuerName)) {
-            $elements[] = $this->_issuerName->toASN1();
-        }
-        if (isset($this->_baseCertificateID)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_baseCertificateID->toASN1());
-        }
-        if (isset($this->_objectDigestInfo)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                $this->_objectDigestInfo->toASN1());
-        }
-        return new ImplicitlyTaggedType(0, new Sequence(...$elements));
-    }
+	/**
+	 *
+	 * @see \X509\AttributeCertificate\AttCertIssuer::ASN1()
+	 * @return ImplicitlyTaggedType Tagged Sequence
+	 */
+	public function toASN1(): TaggedType
+	{
+		$elements = array();
+		if (isset($this->_issuerName)) {
+			$elements[] = $this->_issuerName->toASN1();
+		}
+		if (isset($this->_baseCertificateID)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_baseCertificateID->toASN1());
+		}
+		if (isset($this->_objectDigestInfo)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				$this->_objectDigestInfo->toASN1());
+		}
+		return new ImplicitlyTaggedType(0, new Sequence(...$elements));
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
-     * @return bool
-     */
-    public function identifiesPKC(Certificate $cert): bool
-    {
-        $name = $this->_issuerName->firstDN();
-        if (!$cert->tbsCertificate()
-            ->subject()
-            ->equals($name)) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 * @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
+	 * @return bool
+	 */
+	public function identifiesPKC(Certificate $cert): bool
+	{
+		$name = $this->_issuerName->firstDN();
+		if (!$cert->tbsCertificate()
+			->subject()
+			->equals($name)) {
+			return false;
+		}
+		return true;
+	}
 }

lib/X509/AttributeCertificate/Attribute/RoleAttributeValue.php

Indentation +139 added lines, -139 removed lines

@@ -23,155 +23,155 @@
  */
 class RoleAttributeValue extends AttributeValue
 {
-    /**
-     * Issuing authority.
-     *
-     * @var GeneralNames $_roleAuthority
-     */
-    protected $_roleAuthority;
+	/**
+	 * Issuing authority.
+	 *
+	 * @var GeneralNames $_roleAuthority
+	 */
+	protected $_roleAuthority;
     
-    /**
-     * Role name.
-     *
-     * @var GeneralName $_roleName
-     */
-    protected $_roleName;
+	/**
+	 * Role name.
+	 *
+	 * @var GeneralName $_roleName
+	 */
+	protected $_roleName;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralName $name Role name
-     * @param GeneralNames|null $authority Issuing authority
-     */
-    public function __construct(GeneralName $name, GeneralNames $authority = null)
-    {
-        $this->_roleAuthority = $authority;
-        $this->_roleName = $name;
-        $this->_oid = AttributeType::OID_ROLE;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralName $name Role name
+	 * @param GeneralNames|null $authority Issuing authority
+	 */
+	public function __construct(GeneralName $name, GeneralNames $authority = null)
+	{
+		$this->_roleAuthority = $authority;
+		$this->_roleName = $name;
+		$this->_oid = AttributeType::OID_ROLE;
+	}
     
-    /**
-     * Initialize from a role string.
-     *
-     * @param string $role_name Role name in URI format
-     * @param GeneralNames|null $authority Issuing authority
-     * @return self
-     */
-    public static function fromString(string $role_name,
-        GeneralNames $authority = null): self
-    {
-        return new self(new UniformResourceIdentifier($role_name), $authority);
-    }
+	/**
+	 * Initialize from a role string.
+	 *
+	 * @param string $role_name Role name in URI format
+	 * @param GeneralNames|null $authority Issuing authority
+	 * @return self
+	 */
+	public static function fromString(string $role_name,
+		GeneralNames $authority = null): self
+	{
+		return new self(new UniformResourceIdentifier($role_name), $authority);
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el): self
-    {
-        $seq = $el->asSequence();
-        $authority = null;
-        if ($seq->hasTagged(0)) {
-            $authority = GeneralNames::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        $name = GeneralName::fromASN1(
-            $seq->getTagged(1)
-                ->asExplicit()
-                ->asTagged());
-        return new self($name, $authority);
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el): self
+	{
+		$seq = $el->asSequence();
+		$authority = null;
+		if ($seq->hasTagged(0)) {
+			$authority = GeneralNames::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		$name = GeneralName::fromASN1(
+			$seq->getTagged(1)
+				->asExplicit()
+				->asTagged());
+		return new self($name, $authority);
+	}
     
-    /**
-     * Check whether issuing authority is present.
-     *
-     * @return bool
-     */
-    public function hasRoleAuthority(): bool
-    {
-        return isset($this->_roleAuthority);
-    }
+	/**
+	 * Check whether issuing authority is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRoleAuthority(): bool
+	{
+		return isset($this->_roleAuthority);
+	}
     
-    /**
-     * Get issuing authority.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function roleAuthority(): GeneralNames
-    {
-        if (!$this->hasRoleAuthority()) {
-            throw new \LogicException("roleAuthority not set.");
-        }
-        return $this->_roleAuthority;
-    }
+	/**
+	 * Get issuing authority.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function roleAuthority(): GeneralNames
+	{
+		if (!$this->hasRoleAuthority()) {
+			throw new \LogicException("roleAuthority not set.");
+		}
+		return $this->_roleAuthority;
+	}
     
-    /**
-     * Get role name.
-     *
-     * @return GeneralName
-     */
-    public function roleName(): GeneralName
-    {
-        return $this->_roleName;
-    }
+	/**
+	 * Get role name.
+	 *
+	 * @return GeneralName
+	 */
+	public function roleName(): GeneralName
+	{
+		return $this->_roleName;
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array();
-        if (isset($this->_roleAuthority)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_roleAuthority->toASN1());
-        }
-        $elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array();
+		if (isset($this->_roleAuthority)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_roleAuthority->toASN1());
+		}
+		$elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
+		return new Sequence(...$elements);
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
-     * @return string
-     */
-    public function stringValue(): string
-    {
-        return "#" . bin2hex($this->toASN1()->toDER());
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
+	 * @return string
+	 */
+	public function stringValue(): string
+	{
+		return "#" . bin2hex($this->toASN1()->toDER());
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
-     * @return BinaryMatch
-     */
-    public function equalityMatchingRule(): BinaryMatch
-    {
-        return new BinaryMatch();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
+	 * @return BinaryMatch
+	 */
+	public function equalityMatchingRule(): BinaryMatch
+	{
+		return new BinaryMatch();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
-     * @return string
-     */
-    public function rfc2253String(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
+	 * @return string
+	 */
+	public function rfc2253String(): string
+	{
+		return $this->stringValue();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
-     * @return string
-     */
-    protected function _transcodedString(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
+	 * @return string
+	 */
+	protected function _transcodedString(): string
+	{
+		return $this->stringValue();
+	}
 }

lib/X509/AttributeCertificate/Attribute/SvceAuthInfo.php

Indentation +139 added lines, -139 removed lines

@@ -20,156 +20,156 @@
  */
 abstract class SvceAuthInfo extends AttributeValue
 {
-    /**
-     * Service.
-     *
-     * @var GeneralName $_service
-     */
-    protected $_service;
+	/**
+	 * Service.
+	 *
+	 * @var GeneralName $_service
+	 */
+	protected $_service;
     
-    /**
-     * Ident.
-     *
-     * @var GeneralName $_ident
-     */
-    protected $_ident;
+	/**
+	 * Ident.
+	 *
+	 * @var GeneralName $_ident
+	 */
+	protected $_ident;
     
-    /**
-     * Auth info.
-     *
-     * @var string|null $_authInfo
-     */
-    protected $_authInfo;
+	/**
+	 * Auth info.
+	 *
+	 * @var string|null $_authInfo
+	 */
+	protected $_authInfo;
     
-    /**
-     * Constructor.
-     *
-     * @param GeneralName $service
-     * @param GeneralName $ident
-     * @param string|null $auth_info
-     */
-    public function __construct(GeneralName $service, GeneralName $ident,
-        $auth_info = null)
-    {
-        $this->_service = $service;
-        $this->_ident = $ident;
-        $this->_authInfo = $auth_info;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param GeneralName $service
+	 * @param GeneralName $ident
+	 * @param string|null $auth_info
+	 */
+	public function __construct(GeneralName $service, GeneralName $ident,
+		$auth_info = null)
+	{
+		$this->_service = $service;
+		$this->_ident = $ident;
+		$this->_authInfo = $auth_info;
+	}
     
-    /**
-     *
-     * @param UnspecifiedType $el
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el): self
-    {
-        $seq = $el->asSequence();
-        $service = GeneralName::fromASN1($seq->at(0)->asTagged());
-        $ident = GeneralName::fromASN1($seq->at(1)->asTagged());
-        $auth_info = null;
-        if ($seq->has(2, Element::TYPE_OCTET_STRING)) {
-            $auth_info = $seq->at(2)
-                ->asString()
-                ->string();
-        }
-        return new static($service, $ident, $auth_info);
-    }
+	/**
+	 *
+	 * @param UnspecifiedType $el
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el): self
+	{
+		$seq = $el->asSequence();
+		$service = GeneralName::fromASN1($seq->at(0)->asTagged());
+		$ident = GeneralName::fromASN1($seq->at(1)->asTagged());
+		$auth_info = null;
+		if ($seq->has(2, Element::TYPE_OCTET_STRING)) {
+			$auth_info = $seq->at(2)
+				->asString()
+				->string();
+		}
+		return new static($service, $ident, $auth_info);
+	}
     
-    /**
-     * Get service name.
-     *
-     * @return GeneralName
-     */
-    public function service(): GeneralName
-    {
-        return $this->_service;
-    }
+	/**
+	 * Get service name.
+	 *
+	 * @return GeneralName
+	 */
+	public function service(): GeneralName
+	{
+		return $this->_service;
+	}
     
-    /**
-     * Get ident.
-     *
-     * @return GeneralName
-     */
-    public function ident(): GeneralName
-    {
-        return $this->_ident;
-    }
+	/**
+	 * Get ident.
+	 *
+	 * @return GeneralName
+	 */
+	public function ident(): GeneralName
+	{
+		return $this->_ident;
+	}
     
-    /**
-     * Check whether authentication info is present.
-     *
-     * @return bool
-     */
-    public function hasAuthInfo(): bool
-    {
-        return isset($this->_authInfo);
-    }
+	/**
+	 * Check whether authentication info is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthInfo(): bool
+	{
+		return isset($this->_authInfo);
+	}
     
-    /**
-     * Get authentication info.
-     *
-     * @throws \LogicException
-     * @return string
-     */
-    public function authInfo(): string
-    {
-        if (!$this->hasAuthInfo()) {
-            throw new \LogicException("authInfo not set.");
-        }
-        return $this->_authInfo;
-    }
+	/**
+	 * Get authentication info.
+	 *
+	 * @throws \LogicException
+	 * @return string
+	 */
+	public function authInfo(): string
+	{
+		if (!$this->hasAuthInfo()) {
+			throw new \LogicException("authInfo not set.");
+		}
+		return $this->_authInfo;
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array($this->_service->toASN1(), $this->_ident->toASN1());
-        if (isset($this->_authInfo)) {
-            $elements[] = new OctetString($this->_authInfo);
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array($this->_service->toASN1(), $this->_ident->toASN1());
+		if (isset($this->_authInfo)) {
+			$elements[] = new OctetString($this->_authInfo);
+		}
+		return new Sequence(...$elements);
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
-     * @return string
-     */
-    public function stringValue(): string
-    {
-        return "#" . bin2hex($this->toASN1()->toDER());
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::stringValue()
+	 * @return string
+	 */
+	public function stringValue(): string
+	{
+		return "#" . bin2hex($this->toASN1()->toDER());
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
-     * @return BinaryMatch
-     */
-    public function equalityMatchingRule(): BinaryMatch
-    {
-        return new BinaryMatch();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::equalityMatchingRule()
+	 * @return BinaryMatch
+	 */
+	public function equalityMatchingRule(): BinaryMatch
+	{
+		return new BinaryMatch();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
-     * @return string
-     */
-    public function rfc2253String(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::rfc2253String()
+	 * @return string
+	 */
+	public function rfc2253String(): string
+	{
+		return $this->stringValue();
+	}
     
-    /**
-     *
-     * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
-     * @return string
-     */
-    protected function _transcodedString(): string
-    {
-        return $this->stringValue();
-    }
+	/**
+	 *
+	 * @see \X501\ASN1\AttributeValue\AttributeValue::_transcodedString()
+	 * @return string
+	 */
+	protected function _transcodedString(): string
+	{
+		return $this->stringValue();
+	}
 }

lib/X509/AttributeCertificate/Attribute/IetfAttrValue.php

Indentation +144 added lines, -144 removed lines

@@ -17,161 +17,161 @@
  */
 class IetfAttrValue
 {
-    /**
-     * Element type tag.
-     *
-     * @var int $_type
-     */
-    protected $_type;
+	/**
+	 * Element type tag.
+	 *
+	 * @var int $_type
+	 */
+	protected $_type;
     
-    /**
-     * Value.
-     *
-     * @var string $_value
-     */
-    protected $_value;
+	/**
+	 * Value.
+	 *
+	 * @var string $_value
+	 */
+	protected $_value;
     
-    /**
-     * Constructor.
-     *
-     * @param string $value
-     * @param int $type
-     */
-    public function __construct(string $value, int $type)
-    {
-        $this->_type = $type;
-        $this->_value = $value;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $value
+	 * @param int $type
+	 */
+	public function __construct(string $value, int $type)
+	{
+		$this->_type = $type;
+		$this->_value = $value;
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param UnspecifiedType $el
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromASN1(UnspecifiedType $el): self
-    {
-        switch ($el->tag()) {
-            case Element::TYPE_OCTET_STRING:
-            case Element::TYPE_UTF8_STRING:
-                return new self($el->asString()->string(), $el->tag());
-            case Element::TYPE_OBJECT_IDENTIFIER:
-                return new self($el->asObjectIdentifier()->oid(), $el->tag());
-        }
-        throw new \UnexpectedValueException(
-            "Type " . Element::tagToName($el->tag()) . " not supported.");
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param UnspecifiedType $el
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromASN1(UnspecifiedType $el): self
+	{
+		switch ($el->tag()) {
+			case Element::TYPE_OCTET_STRING:
+			case Element::TYPE_UTF8_STRING:
+				return new self($el->asString()->string(), $el->tag());
+			case Element::TYPE_OBJECT_IDENTIFIER:
+				return new self($el->asObjectIdentifier()->oid(), $el->tag());
+		}
+		throw new \UnexpectedValueException(
+			"Type " . Element::tagToName($el->tag()) . " not supported.");
+	}
     
-    /**
-     * Initialize from octet string.
-     *
-     * @param string $octets
-     * @return self
-     */
-    public static function fromOctets(string $octets): self
-    {
-        return new self($octets, Element::TYPE_OCTET_STRING);
-    }
+	/**
+	 * Initialize from octet string.
+	 *
+	 * @param string $octets
+	 * @return self
+	 */
+	public static function fromOctets(string $octets): self
+	{
+		return new self($octets, Element::TYPE_OCTET_STRING);
+	}
     
-    /**
-     * Initialize from UTF-8 string.
-     *
-     * @param string $str
-     * @return self
-     */
-    public static function fromString(string $str): self
-    {
-        return new self($str, Element::TYPE_UTF8_STRING);
-    }
+	/**
+	 * Initialize from UTF-8 string.
+	 *
+	 * @param string $str
+	 * @return self
+	 */
+	public static function fromString(string $str): self
+	{
+		return new self($str, Element::TYPE_UTF8_STRING);
+	}
     
-    /**
-     * Initialize from OID.
-     *
-     * @param string $oid
-     * @return self
-     */
-    public static function fromOID(string $oid): self
-    {
-        return new self($oid, Element::TYPE_OBJECT_IDENTIFIER);
-    }
+	/**
+	 * Initialize from OID.
+	 *
+	 * @param string $oid
+	 * @return self
+	 */
+	public static function fromOID(string $oid): self
+	{
+		return new self($oid, Element::TYPE_OBJECT_IDENTIFIER);
+	}
     
-    /**
-     * Get type tag.
-     *
-     * @return int
-     */
-    public function type(): int
-    {
-        return $this->_type;
-    }
+	/**
+	 * Get type tag.
+	 *
+	 * @return int
+	 */
+	public function type(): int
+	{
+		return $this->_type;
+	}
     
-    /**
-     * Whether value type is octets.
-     *
-     * @return bool
-     */
-    public function isOctets(): bool
-    {
-        return $this->_type === Element::TYPE_OCTET_STRING;
-    }
+	/**
+	 * Whether value type is octets.
+	 *
+	 * @return bool
+	 */
+	public function isOctets(): bool
+	{
+		return $this->_type === Element::TYPE_OCTET_STRING;
+	}
     
-    /**
-     * Whether value type is OID.
-     *
-     * @return bool
-     */
-    public function isOID(): bool
-    {
-        return $this->_type === Element::TYPE_OBJECT_IDENTIFIER;
-    }
+	/**
+	 * Whether value type is OID.
+	 *
+	 * @return bool
+	 */
+	public function isOID(): bool
+	{
+		return $this->_type === Element::TYPE_OBJECT_IDENTIFIER;
+	}
     
-    /**
-     * Whether value type is string.
-     *
-     * @return bool
-     */
-    public function isString(): bool
-    {
-        return $this->_type === Element::TYPE_UTF8_STRING;
-    }
+	/**
+	 * Whether value type is string.
+	 *
+	 * @return bool
+	 */
+	public function isString(): bool
+	{
+		return $this->_type === Element::TYPE_UTF8_STRING;
+	}
     
-    /**
-     * Get value.
-     *
-     * @return string
-     */
-    public function value(): string
-    {
-        return $this->_value;
-    }
+	/**
+	 * Get value.
+	 *
+	 * @return string
+	 */
+	public function value(): string
+	{
+		return $this->_value;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @throws \LogicException
-     * @return Element
-     */
-    public function toASN1(): Element
-    {
-        switch ($this->_type) {
-            case Element::TYPE_OCTET_STRING:
-                return new OctetString($this->_value);
-            case Element::TYPE_UTF8_STRING:
-                return new UTF8String($this->_value);
-            case Element::TYPE_OBJECT_IDENTIFIER:
-                return new ObjectIdentifier($this->_value);
-        }
-        throw new \LogicException(
-            "Type " . Element::tagToName($this->_type) . " not supported.");
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @throws \LogicException
+	 * @return Element
+	 */
+	public function toASN1(): Element
+	{
+		switch ($this->_type) {
+			case Element::TYPE_OCTET_STRING:
+				return new OctetString($this->_value);
+			case Element::TYPE_UTF8_STRING:
+				return new UTF8String($this->_value);
+			case Element::TYPE_OBJECT_IDENTIFIER:
+				return new ObjectIdentifier($this->_value);
+		}
+		throw new \LogicException(
+			"Type " . Element::tagToName($this->_type) . " not supported.");
+	}
     
-    /**
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->_value;
-    }
+	/**
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->_value;
+	}
 }

Switch Indentation +11 added lines, -11 removed lines

@@ -53,11 +53,11 @@ 
     public static function fromASN1(UnspecifiedType $el): self
     {
         switch ($el->tag()) {
-            case Element::TYPE_OCTET_STRING:
-            case Element::TYPE_UTF8_STRING:
-                return new self($el->asString()->string(), $el->tag());
-            case Element::TYPE_OBJECT_IDENTIFIER:
-                return new self($el->asObjectIdentifier()->oid(), $el->tag());
+        case Element::TYPE_OCTET_STRING:
+        case Element::TYPE_UTF8_STRING:
+            return new self($el->asString()->string(), $el->tag());
+        case Element::TYPE_OBJECT_IDENTIFIER:
+            return new self($el->asObjectIdentifier()->oid(), $el->tag());
         }
         throw new \UnexpectedValueException(
             "Type " . Element::tagToName($el->tag()) . " not supported.");
@@ -155,12 +155,12 @@ 
     public function toASN1(): Element
     {
         switch ($this->_type) {
-            case Element::TYPE_OCTET_STRING:
-                return new OctetString($this->_value);
-            case Element::TYPE_UTF8_STRING:
-                return new UTF8String($this->_value);
-            case Element::TYPE_OBJECT_IDENTIFIER:
-                return new ObjectIdentifier($this->_value);
+        case Element::TYPE_OCTET_STRING:
+            return new OctetString($this->_value);
+        case Element::TYPE_UTF8_STRING:
+            return new UTF8String($this->_value);
+        case Element::TYPE_OBJECT_IDENTIFIER:
+            return new ObjectIdentifier($this->_value);
         }
         throw new \LogicException(
             "Type " . Element::tagToName($this->_type) . " not supported.");

lib/X509/AttributeCertificate/Holder.php

Indentation +259 added lines, -259 removed lines

@@ -19,281 +19,281 @@
  */
 class Holder
 {
-    /**
-     * Holder PKC's issuer and serial.
-     *
-     * @var IssuerSerial|null $_baseCertificateID
-     */
-    protected $_baseCertificateID;
+	/**
+	 * Holder PKC's issuer and serial.
+	 *
+	 * @var IssuerSerial|null $_baseCertificateID
+	 */
+	protected $_baseCertificateID;
     
-    /**
-     * Holder PKC's subject.
-     *
-     * @var GeneralNames|null $_entityName
-     */
-    protected $_entityName;
+	/**
+	 * Holder PKC's subject.
+	 *
+	 * @var GeneralNames|null $_entityName
+	 */
+	protected $_entityName;
     
-    /**
-     * Linked object.
-     *
-     * @var ObjectDigestInfo|null $_objectDigestInfo
-     */
-    protected $_objectDigestInfo;
+	/**
+	 * Linked object.
+	 *
+	 * @var ObjectDigestInfo|null $_objectDigestInfo
+	 */
+	protected $_objectDigestInfo;
     
-    /**
-     * Constructor.
-     *
-     * @param IssuerSerial|null $issuer_serial
-     * @param GeneralNames|null $entity_name
-     */
-    public function __construct(IssuerSerial $issuer_serial = null,
-        GeneralNames $entity_name = null)
-    {
-        $this->_baseCertificateID = $issuer_serial;
-        $this->_entityName = $entity_name;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param IssuerSerial|null $issuer_serial
+	 * @param GeneralNames|null $entity_name
+	 */
+	public function __construct(IssuerSerial $issuer_serial = null,
+		GeneralNames $entity_name = null)
+	{
+		$this->_baseCertificateID = $issuer_serial;
+		$this->_entityName = $entity_name;
+	}
     
-    /**
-     * Initialize from a holder's public key certificate.
-     *
-     * @param Certificate $cert
-     * @return self
-     */
-    public static function fromPKC(Certificate $cert): self
-    {
-        return new self(IssuerSerial::fromPKC($cert));
-    }
+	/**
+	 * Initialize from a holder's public key certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return self
+	 */
+	public static function fromPKC(Certificate $cert): self
+	{
+		return new self(IssuerSerial::fromPKC($cert));
+	}
     
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $cert_id = null;
-        $entity_name = null;
-        $digest_info = null;
-        if ($seq->hasTagged(0)) {
-            $cert_id = IssuerSerial::fromASN1(
-                $seq->getTagged(0)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        if ($seq->hasTagged(1)) {
-            $entity_name = GeneralNames::fromASN1(
-                $seq->getTagged(1)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        if ($seq->hasTagged(2)) {
-            $digest_info = ObjectDigestInfo::fromASN1(
-                $seq->getTagged(2)
-                    ->asImplicit(Element::TYPE_SEQUENCE)
-                    ->asSequence());
-        }
-        $obj = new self($cert_id, $entity_name);
-        $obj->_objectDigestInfo = $digest_info;
-        return $obj;
-    }
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$cert_id = null;
+		$entity_name = null;
+		$digest_info = null;
+		if ($seq->hasTagged(0)) {
+			$cert_id = IssuerSerial::fromASN1(
+				$seq->getTagged(0)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		if ($seq->hasTagged(1)) {
+			$entity_name = GeneralNames::fromASN1(
+				$seq->getTagged(1)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		if ($seq->hasTagged(2)) {
+			$digest_info = ObjectDigestInfo::fromASN1(
+				$seq->getTagged(2)
+					->asImplicit(Element::TYPE_SEQUENCE)
+					->asSequence());
+		}
+		$obj = new self($cert_id, $entity_name);
+		$obj->_objectDigestInfo = $digest_info;
+		return $obj;
+	}
     
-    /**
-     * Get self with base certificate ID.
-     *
-     * @param IssuerSerial $issuer
-     * @return self
-     */
-    public function withBaseCertificateID(IssuerSerial $issuer): self
-    {
-        $obj = clone $this;
-        $obj->_baseCertificateID = $issuer;
-        return $obj;
-    }
+	/**
+	 * Get self with base certificate ID.
+	 *
+	 * @param IssuerSerial $issuer
+	 * @return self
+	 */
+	public function withBaseCertificateID(IssuerSerial $issuer): self
+	{
+		$obj = clone $this;
+		$obj->_baseCertificateID = $issuer;
+		return $obj;
+	}
     
-    /**
-     * Get self with entity name.
-     *
-     * @param GeneralNames $names
-     * @return self
-     */
-    public function withEntityName(GeneralNames $names): self
-    {
-        $obj = clone $this;
-        $obj->_entityName = $names;
-        return $obj;
-    }
+	/**
+	 * Get self with entity name.
+	 *
+	 * @param GeneralNames $names
+	 * @return self
+	 */
+	public function withEntityName(GeneralNames $names): self
+	{
+		$obj = clone $this;
+		$obj->_entityName = $names;
+		return $obj;
+	}
     
-    /**
-     * Get self with object digest info.
-     *
-     * @param ObjectDigestInfo $odi
-     * @return self
-     */
-    public function withObjectDigestInfo(ObjectDigestInfo $odi): self
-    {
-        $obj = clone $this;
-        $obj->_objectDigestInfo = $odi;
-        return $obj;
-    }
+	/**
+	 * Get self with object digest info.
+	 *
+	 * @param ObjectDigestInfo $odi
+	 * @return self
+	 */
+	public function withObjectDigestInfo(ObjectDigestInfo $odi): self
+	{
+		$obj = clone $this;
+		$obj->_objectDigestInfo = $odi;
+		return $obj;
+	}
     
-    /**
-     * Check whether base certificate ID is present.
-     *
-     * @return bool
-     */
-    public function hasBaseCertificateID(): bool
-    {
-        return isset($this->_baseCertificateID);
-    }
+	/**
+	 * Check whether base certificate ID is present.
+	 *
+	 * @return bool
+	 */
+	public function hasBaseCertificateID(): bool
+	{
+		return isset($this->_baseCertificateID);
+	}
     
-    /**
-     * Get base certificate ID.
-     *
-     * @throws \LogicException
-     * @return IssuerSerial
-     */
-    public function baseCertificateID(): IssuerSerial
-    {
-        if (!$this->hasBaseCertificateID()) {
-            throw new \LogicException("baseCertificateID not set.");
-        }
-        return $this->_baseCertificateID;
-    }
+	/**
+	 * Get base certificate ID.
+	 *
+	 * @throws \LogicException
+	 * @return IssuerSerial
+	 */
+	public function baseCertificateID(): IssuerSerial
+	{
+		if (!$this->hasBaseCertificateID()) {
+			throw new \LogicException("baseCertificateID not set.");
+		}
+		return $this->_baseCertificateID;
+	}
     
-    /**
-     * Check whether entity name is present.
-     *
-     * @return bool
-     */
-    public function hasEntityName(): bool
-    {
-        return isset($this->_entityName);
-    }
+	/**
+	 * Check whether entity name is present.
+	 *
+	 * @return bool
+	 */
+	public function hasEntityName(): bool
+	{
+		return isset($this->_entityName);
+	}
     
-    /**
-     * Get entity name.
-     *
-     * @throws \LogicException
-     * @return GeneralNames
-     */
-    public function entityName(): GeneralNames
-    {
-        if (!$this->hasEntityName()) {
-            throw new \LogicException("entityName not set.");
-        }
-        return $this->_entityName;
-    }
+	/**
+	 * Get entity name.
+	 *
+	 * @throws \LogicException
+	 * @return GeneralNames
+	 */
+	public function entityName(): GeneralNames
+	{
+		if (!$this->hasEntityName()) {
+			throw new \LogicException("entityName not set.");
+		}
+		return $this->_entityName;
+	}
     
-    /**
-     * Check whether object digest info is present.
-     *
-     * @return bool
-     */
-    public function hasObjectDigestInfo(): bool
-    {
-        return isset($this->_objectDigestInfo);
-    }
+	/**
+	 * Check whether object digest info is present.
+	 *
+	 * @return bool
+	 */
+	public function hasObjectDigestInfo(): bool
+	{
+		return isset($this->_objectDigestInfo);
+	}
     
-    /**
-     * Get object digest info.
-     *
-     * @throws \LogicException
-     * @return ObjectDigestInfo
-     */
-    public function objectDigestInfo(): ObjectDigestInfo
-    {
-        if (!$this->hasObjectDigestInfo()) {
-            throw new \LogicException("objectDigestInfo not set.");
-        }
-        return $this->_objectDigestInfo;
-    }
+	/**
+	 * Get object digest info.
+	 *
+	 * @throws \LogicException
+	 * @return ObjectDigestInfo
+	 */
+	public function objectDigestInfo(): ObjectDigestInfo
+	{
+		if (!$this->hasObjectDigestInfo()) {
+			throw new \LogicException("objectDigestInfo not set.");
+		}
+		return $this->_objectDigestInfo;
+	}
     
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = [];
-        if (isset($this->_baseCertificateID)) {
-            $elements[] = new ImplicitlyTaggedType(0,
-                $this->_baseCertificateID->toASN1());
-        }
-        if (isset($this->_entityName)) {
-            $elements[] = new ImplicitlyTaggedType(1,
-                $this->_entityName->toASN1());
-        }
-        if (isset($this->_objectDigestInfo)) {
-            $elements[] = new ImplicitlyTaggedType(2,
-                $this->_objectDigestInfo->toASN1());
-        }
-        return new Sequence(...$elements);
-    }
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = [];
+		if (isset($this->_baseCertificateID)) {
+			$elements[] = new ImplicitlyTaggedType(0,
+				$this->_baseCertificateID->toASN1());
+		}
+		if (isset($this->_entityName)) {
+			$elements[] = new ImplicitlyTaggedType(1,
+				$this->_entityName->toASN1());
+		}
+		if (isset($this->_objectDigestInfo)) {
+			$elements[] = new ImplicitlyTaggedType(2,
+				$this->_objectDigestInfo->toASN1());
+		}
+		return new Sequence(...$elements);
+	}
     
-    /**
-     * Check whether Holder identifies given certificate.
-     *
-     * @param Certificate $cert
-     * @return boolean
-     */
-    public function identifiesPKC(Certificate $cert): bool
-    {
-        // if neither baseCertificateID nor entityName are present
-        if (!$this->_baseCertificateID && !$this->_entityName) {
-            return false;
-        }
-        // if baseCertificateID is present, but doesn't match
-        if ($this->_baseCertificateID &&
-             !$this->_baseCertificateID->identifiesPKC($cert)) {
-            return false;
-        }
-        // if entityName is present, but doesn't match
-        if ($this->_entityName && !$this->_checkEntityName($cert)) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 * Check whether Holder identifies given certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return boolean
+	 */
+	public function identifiesPKC(Certificate $cert): bool
+	{
+		// if neither baseCertificateID nor entityName are present
+		if (!$this->_baseCertificateID && !$this->_entityName) {
+			return false;
+		}
+		// if baseCertificateID is present, but doesn't match
+		if ($this->_baseCertificateID &&
+			 !$this->_baseCertificateID->identifiesPKC($cert)) {
+			return false;
+		}
+		// if entityName is present, but doesn't match
+		if ($this->_entityName && !$this->_checkEntityName($cert)) {
+			return false;
+		}
+		return true;
+	}
     
-    /**
-     * Check whether entityName matches the given certificate.
-     *
-     * @param Certificate $cert
-     * @return boolean
-     */
-    private function _checkEntityName(Certificate $cert): bool
-    {
-        $name = $this->_entityName->firstDN();
-        if ($cert->tbsCertificate()
-            ->subject()
-            ->equals($name)) {
-            return true;
-        }
-        $exts = $cert->tbsCertificate()->extensions();
-        if ($exts->hasSubjectAlternativeName()) {
-            $ext = $exts->subjectAlternativeName();
-            if ($this->_checkEntityAlternativeNames($ext->names())) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether entityName matches the given certificate.
+	 *
+	 * @param Certificate $cert
+	 * @return boolean
+	 */
+	private function _checkEntityName(Certificate $cert): bool
+	{
+		$name = $this->_entityName->firstDN();
+		if ($cert->tbsCertificate()
+			->subject()
+			->equals($name)) {
+			return true;
+		}
+		$exts = $cert->tbsCertificate()->extensions();
+		if ($exts->hasSubjectAlternativeName()) {
+			$ext = $exts->subjectAlternativeName();
+			if ($this->_checkEntityAlternativeNames($ext->names())) {
+				return true;
+			}
+		}
+		return false;
+	}
     
-    /**
-     * Check whether any of the subject alternative names match entityName.
-     *
-     * @param GeneralNames $san
-     * @return boolean
-     */
-    private function _checkEntityAlternativeNames(GeneralNames $san): bool
-    {
-        // only directory names supported for now
-        $name = $this->_entityName->firstDN();
-        foreach ($san->allOf(GeneralName::TAG_DIRECTORY_NAME) as $dn) {
-            if ($dn instanceof DirectoryName && $dn->dn()->equals($name)) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether any of the subject alternative names match entityName.
+	 *
+	 * @param GeneralNames $san
+	 * @return boolean
+	 */
+	private function _checkEntityAlternativeNames(GeneralNames $san): bool
+	{
+		// only directory names supported for now
+		$name = $this->_entityName->firstDN();
+		foreach ($san->allOf(GeneralName::TAG_DIRECTORY_NAME) as $dn) {
+			if ($dn instanceof DirectoryName && $dn->dn()->equals($name)) {
+				return true;
+			}
+		}
+		return false;
+	}
 }

lib/X509/AttributeCertificate/Attributes.php

Spacing +5 added lines, -5 removed lines

@@ -64,7 +64,7 @@ 
     public static function fromAttributeValues(AttributeValue ...$values): self
     {
         $attribs = array_map(
-            function (AttributeValue $value) {
+            function(AttributeValue $value) {
                 return $value->toAttribute();
             }, $values);
         return new self(...$attribs);
@@ -79,12 +79,12 @@ 
     public static function fromASN1(Sequence $seq): self
     {
         $attribs = array_map(
-            function (UnspecifiedType $el) {
+            function(UnspecifiedType $el) {
                 return Attribute::fromASN1($el->asSequence());
             }, $seq->elements());
         // cast attributes
         $attribs = array_map(
-            function (Attribute $attr) {
+            function(Attribute $attr) {
                 $oid = $attr->oid();
                 if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
                     $cls = self::MAP_OID_TO_CLASS[$oid];
@@ -204,7 +204,7 @@ 
     {
         return array_merge(array(),
             ...array_map(
-                function (Attribute $attr) {
+                function(Attribute $attr) {
                     return $attr->values();
                 }, $this->allOf(AttributeType::OID_ROLE)));
     }
@@ -217,7 +217,7 @@ 
     public function toASN1(): Sequence
     {
         $elements = array_map(
-            function (Attribute $attr) {
+            function(Attribute $attr) {
                 return $attr->toASN1();
             }, array_values($this->_attributes));
         return new Sequence(...$elements);

Indentation +196 added lines, -196 removed lines

@@ -26,200 +26,200 @@
  */
 class Attributes implements \Countable, \IteratorAggregate
 {
-    use AttributeContainer;
-    
-    /**
-     * Mapping from OID to attribute value class name.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const MAP_OID_TO_CLASS = array(
-        /* @formatter:off */
-        AccessIdentityAttributeValue::OID => AccessIdentityAttributeValue::class,
-        AuthenticationInfoAttributeValue::OID => AuthenticationInfoAttributeValue::class,
-        ChargingIdentityAttributeValue::OID => ChargingIdentityAttributeValue::class,
-        GroupAttributeValue::OID => GroupAttributeValue::class,
-        AttributeType::OID_ROLE => RoleAttributeValue::class
-        /* @formatter:on */
-    );
-    
-    /**
-     * Constructor.
-     *
-     * @param Attribute ...$attribs
-     */
-    public function __construct(Attribute ...$attribs)
-    {
-        $this->_attributes = $attribs;
-    }
-    
-    /**
-     * Initialize from attribute values.
-     *
-     * @param AttributeValue ...$values
-     * @return self
-     */
-    public static function fromAttributeValues(AttributeValue ...$values): self
-    {
-        $attribs = array_map(
-            function (AttributeValue $value) {
-                return $value->toAttribute();
-            }, $values);
-        return new self(...$attribs);
-    }
-    
-    /**
-     * Initialize from ASN.1.
-     *
-     * @param Sequence $seq
-     * @return self
-     */
-    public static function fromASN1(Sequence $seq): self
-    {
-        $attribs = array_map(
-            function (UnspecifiedType $el) {
-                return Attribute::fromASN1($el->asSequence());
-            }, $seq->elements());
-        // cast attributes
-        $attribs = array_map(
-            function (Attribute $attr) {
-                $oid = $attr->oid();
-                if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
-                    $cls = self::MAP_OID_TO_CLASS[$oid];
-                    $attr = $attr->castValues($cls);
-                }
-                return $attr;
-            }, $attribs);
-        return new self(...$attribs);
-    }
-    
-    /**
-     * Check whether 'Access Identity' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasAccessIdentity(): bool
-    {
-        return $this->has(AccessIdentityAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Access Identity' attribute value.
-     *
-     * @return AccessIdentityAttributeValue
-     */
-    public function accessIdentity(): AccessIdentityAttributeValue
-    {
-        return $this->firstOf(AccessIdentityAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Service Authentication Information' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasAuthenticationInformation(): bool
-    {
-        return $this->has(AuthenticationInfoAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Service Authentication Information' attribute value.
-     *
-     * @return AuthenticationInfoAttributeValue
-     */
-    public function authenticationInformation(): AuthenticationInfoAttributeValue
-    {
-        return $this->firstOf(AuthenticationInfoAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Charging Identity' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasChargingIdentity(): bool
-    {
-        return $this->has(ChargingIdentityAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Charging Identity' attribute value.
-     *
-     * @return ChargingIdentityAttributeValue
-     */
-    public function chargingIdentity(): ChargingIdentityAttributeValue
-    {
-        return $this->firstOf(ChargingIdentityAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Group' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasGroup(): bool
-    {
-        return $this->has(GroupAttributeValue::OID);
-    }
-    
-    /**
-     * Get the first 'Group' attribute value.
-     *
-     * @return GroupAttributeValue
-     */
-    public function group(): GroupAttributeValue
-    {
-        return $this->firstOf(GroupAttributeValue::OID)->first();
-    }
-    
-    /**
-     * Check whether 'Role' attribute is present.
-     *
-     * @return bool
-     */
-    public function hasRole(): bool
-    {
-        return $this->has(AttributeType::OID_ROLE);
-    }
-    
-    /**
-     * Get the first 'Role' attribute value.
-     *
-     * @return RoleAttributeValue
-     */
-    public function role(): RoleAttributeValue
-    {
-        return $this->firstOf(AttributeType::OID_ROLE)->first();
-    }
-    
-    /**
-     * Get all 'Role' attribute values.
-     *
-     * @return RoleAttributeValue[]
-     */
-    public function roles(): array
-    {
-        return array_merge(array(),
-            ...array_map(
-                function (Attribute $attr) {
-                    return $attr->values();
-                }, $this->allOf(AttributeType::OID_ROLE)));
-    }
-    
-    /**
-     * Generate ASN.1 structure.
-     *
-     * @return Sequence
-     */
-    public function toASN1(): Sequence
-    {
-        $elements = array_map(
-            function (Attribute $attr) {
-                return $attr->toASN1();
-            }, array_values($this->_attributes));
-        return new Sequence(...$elements);
-    }
+	use AttributeContainer;
+    
+	/**
+	 * Mapping from OID to attribute value class name.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const MAP_OID_TO_CLASS = array(
+		/* @formatter:off */
+		AccessIdentityAttributeValue::OID => AccessIdentityAttributeValue::class,
+		AuthenticationInfoAttributeValue::OID => AuthenticationInfoAttributeValue::class,
+		ChargingIdentityAttributeValue::OID => ChargingIdentityAttributeValue::class,
+		GroupAttributeValue::OID => GroupAttributeValue::class,
+		AttributeType::OID_ROLE => RoleAttributeValue::class
+		/* @formatter:on */
+	);
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param Attribute ...$attribs
+	 */
+	public function __construct(Attribute ...$attribs)
+	{
+		$this->_attributes = $attribs;
+	}
+    
+	/**
+	 * Initialize from attribute values.
+	 *
+	 * @param AttributeValue ...$values
+	 * @return self
+	 */
+	public static function fromAttributeValues(AttributeValue ...$values): self
+	{
+		$attribs = array_map(
+			function (AttributeValue $value) {
+				return $value->toAttribute();
+			}, $values);
+		return new self(...$attribs);
+	}
+    
+	/**
+	 * Initialize from ASN.1.
+	 *
+	 * @param Sequence $seq
+	 * @return self
+	 */
+	public static function fromASN1(Sequence $seq): self
+	{
+		$attribs = array_map(
+			function (UnspecifiedType $el) {
+				return Attribute::fromASN1($el->asSequence());
+			}, $seq->elements());
+		// cast attributes
+		$attribs = array_map(
+			function (Attribute $attr) {
+				$oid = $attr->oid();
+				if (array_key_exists($oid, self::MAP_OID_TO_CLASS)) {
+					$cls = self::MAP_OID_TO_CLASS[$oid];
+					$attr = $attr->castValues($cls);
+				}
+				return $attr;
+			}, $attribs);
+		return new self(...$attribs);
+	}
+    
+	/**
+	 * Check whether 'Access Identity' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAccessIdentity(): bool
+	{
+		return $this->has(AccessIdentityAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Access Identity' attribute value.
+	 *
+	 * @return AccessIdentityAttributeValue
+	 */
+	public function accessIdentity(): AccessIdentityAttributeValue
+	{
+		return $this->firstOf(AccessIdentityAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Service Authentication Information' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthenticationInformation(): bool
+	{
+		return $this->has(AuthenticationInfoAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Service Authentication Information' attribute value.
+	 *
+	 * @return AuthenticationInfoAttributeValue
+	 */
+	public function authenticationInformation(): AuthenticationInfoAttributeValue
+	{
+		return $this->firstOf(AuthenticationInfoAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Charging Identity' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasChargingIdentity(): bool
+	{
+		return $this->has(ChargingIdentityAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Charging Identity' attribute value.
+	 *
+	 * @return ChargingIdentityAttributeValue
+	 */
+	public function chargingIdentity(): ChargingIdentityAttributeValue
+	{
+		return $this->firstOf(ChargingIdentityAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Group' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasGroup(): bool
+	{
+		return $this->has(GroupAttributeValue::OID);
+	}
+    
+	/**
+	 * Get the first 'Group' attribute value.
+	 *
+	 * @return GroupAttributeValue
+	 */
+	public function group(): GroupAttributeValue
+	{
+		return $this->firstOf(GroupAttributeValue::OID)->first();
+	}
+    
+	/**
+	 * Check whether 'Role' attribute is present.
+	 *
+	 * @return bool
+	 */
+	public function hasRole(): bool
+	{
+		return $this->has(AttributeType::OID_ROLE);
+	}
+    
+	/**
+	 * Get the first 'Role' attribute value.
+	 *
+	 * @return RoleAttributeValue
+	 */
+	public function role(): RoleAttributeValue
+	{
+		return $this->firstOf(AttributeType::OID_ROLE)->first();
+	}
+    
+	/**
+	 * Get all 'Role' attribute values.
+	 *
+	 * @return RoleAttributeValue[]
+	 */
+	public function roles(): array
+	{
+		return array_merge(array(),
+			...array_map(
+				function (Attribute $attr) {
+					return $attr->values();
+				}, $this->allOf(AttributeType::OID_ROLE)));
+	}
+    
+	/**
+	 * Generate ASN.1 structure.
+	 *
+	 * @return Sequence
+	 */
+	public function toASN1(): Sequence
+	{
+		$elements = array_map(
+			function (Attribute $attr) {
+				return $attr->toASN1();
+			}, array_values($this->_attributes));
+		return new Sequence(...$elements);
+	}
 }

lib/X509/AttributeCertificate/Validation/ACValidationConfig.php

Indentation +98 added lines, -98 removed lines

@@ -12,112 +12,112 @@
  */
 class ACValidationConfig
 {
-    /**
-     * Certification path of the AC holder.
-     *
-     * @var CertificationPath
-     */
-    protected $_holderPath;
+	/**
+	 * Certification path of the AC holder.
+	 *
+	 * @var CertificationPath
+	 */
+	protected $_holderPath;
     
-    /**
-     * Certification path of the AC issuer.
-     *
-     * @var CertificationPath
-     */
-    protected $_issuerPath;
+	/**
+	 * Certification path of the AC issuer.
+	 *
+	 * @var CertificationPath
+	 */
+	protected $_issuerPath;
     
-    /**
-     * Evaluation reference time.
-     *
-     * @var \DateTimeImmutable
-     */
-    protected $_evalTime;
+	/**
+	 * Evaluation reference time.
+	 *
+	 * @var \DateTimeImmutable
+	 */
+	protected $_evalTime;
     
-    /**
-     * Permitted targets.
-     *
-     * @var Target[]
-     */
-    protected $_targets;
+	/**
+	 * Permitted targets.
+	 *
+	 * @var Target[]
+	 */
+	protected $_targets;
     
-    /**
-     * Constructor.
-     *
-     * @param CertificationPath $holder_path Certification path of the AC holder
-     * @param CertificationPath $issuer_path Certification path of the AC issuer
-     */
-    public function __construct(CertificationPath $holder_path,
-        CertificationPath $issuer_path)
-    {
-        $this->_holderPath = $holder_path;
-        $this->_issuerPath = $issuer_path;
-        $this->_evalTime = new \DateTimeImmutable();
-        $this->_targets = array();
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param CertificationPath $holder_path Certification path of the AC holder
+	 * @param CertificationPath $issuer_path Certification path of the AC issuer
+	 */
+	public function __construct(CertificationPath $holder_path,
+		CertificationPath $issuer_path)
+	{
+		$this->_holderPath = $holder_path;
+		$this->_issuerPath = $issuer_path;
+		$this->_evalTime = new \DateTimeImmutable();
+		$this->_targets = array();
+	}
     
-    /**
-     * Get certification path of the AC's holder.
-     *
-     * @return CertificationPath
-     */
-    public function holderPath(): CertificationPath
-    {
-        return $this->_holderPath;
-    }
+	/**
+	 * Get certification path of the AC's holder.
+	 *
+	 * @return CertificationPath
+	 */
+	public function holderPath(): CertificationPath
+	{
+		return $this->_holderPath;
+	}
     
-    /**
-     * Get certification path of the AC's issuer.
-     *
-     * @return CertificationPath
-     */
-    public function issuerPath(): CertificationPath
-    {
-        return $this->_issuerPath;
-    }
+	/**
+	 * Get certification path of the AC's issuer.
+	 *
+	 * @return CertificationPath
+	 */
+	public function issuerPath(): CertificationPath
+	{
+		return $this->_issuerPath;
+	}
     
-    /**
-     * Get self with given evaluation reference time.
-     *
-     * @param \DateTimeImmutable $dt
-     * @return self
-     */
-    public function withEvaluationTime(\DateTimeImmutable $dt): self
-    {
-        $obj = clone $this;
-        $obj->_evalTime = $dt;
-        return $obj;
-    }
+	/**
+	 * Get self with given evaluation reference time.
+	 *
+	 * @param \DateTimeImmutable $dt
+	 * @return self
+	 */
+	public function withEvaluationTime(\DateTimeImmutable $dt): self
+	{
+		$obj = clone $this;
+		$obj->_evalTime = $dt;
+		return $obj;
+	}
     
-    /**
-     * Get the evaluation reference time.
-     *
-     * @return \DateTimeImmutable
-     */
-    public function evaluationTime(): \DateTimeImmutable
-    {
-        return $this->_evalTime;
-    }
+	/**
+	 * Get the evaluation reference time.
+	 *
+	 * @return \DateTimeImmutable
+	 */
+	public function evaluationTime(): \DateTimeImmutable
+	{
+		return $this->_evalTime;
+	}
     
-    /**
-     * Get self with permitted targets.
-     *
-     * @param Target ...$targets
-     * @return self
-     */
-    public function withTargets(Target ...$targets): self
-    {
-        $obj = clone $this;
-        $obj->_targets = $targets;
-        return $obj;
-    }
+	/**
+	 * Get self with permitted targets.
+	 *
+	 * @param Target ...$targets
+	 * @return self
+	 */
+	public function withTargets(Target ...$targets): self
+	{
+		$obj = clone $this;
+		$obj->_targets = $targets;
+		return $obj;
+	}
     
-    /**
-     * Get array of permitted targets
-     *
-     * @return Target[]
-     */
-    public function targets(): array
-    {
-        return $this->_targets;
-    }
+	/**
+	 * Get array of permitted targets
+	 *
+	 * @return Target[]
+	 */
+	public function targets(): array
+	{
+		return $this->_targets;
+	}
 }

lib/X509/AttributeCertificate/Validation/ACValidator.php

Indentation +164 added lines, -164 removed lines

@@ -21,178 +21,178 @@
  */
 class ACValidator
 {
-    /**
-     * Attribute certificate.
-     *
-     * @var AttributeCertificate
-     */
-    protected $_ac;
+	/**
+	 * Attribute certificate.
+	 *
+	 * @var AttributeCertificate
+	 */
+	protected $_ac;
     
-    /**
-     * Validation configuration.
-     *
-     * @var ACValidationConfig
-     */
-    protected $_config;
+	/**
+	 * Validation configuration.
+	 *
+	 * @var ACValidationConfig
+	 */
+	protected $_config;
     
-    /**
-     * Crypto engine.
-     *
-     * @var Crypto
-     */
-    protected $_crypto;
+	/**
+	 * Crypto engine.
+	 *
+	 * @var Crypto
+	 */
+	protected $_crypto;
     
-    /**
-     * Constructor.
-     *
-     * @param AttributeCertificate $ac Attribute certificate to validate
-     * @param ACValidationConfig $config Validation configuration
-     * @param Crypto|null $crypto Crypto engine, use default if not set
-     */
-    public function __construct(AttributeCertificate $ac,
-        ACValidationConfig $config, Crypto $crypto = null)
-    {
-        $this->_ac = $ac;
-        $this->_config = $config;
-        $this->_crypto = $crypto ?: Crypto::getDefault();
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param AttributeCertificate $ac Attribute certificate to validate
+	 * @param ACValidationConfig $config Validation configuration
+	 * @param Crypto|null $crypto Crypto engine, use default if not set
+	 */
+	public function __construct(AttributeCertificate $ac,
+		ACValidationConfig $config, Crypto $crypto = null)
+	{
+		$this->_ac = $ac;
+		$this->_config = $config;
+		$this->_crypto = $crypto ?: Crypto::getDefault();
+	}
     
-    /**
-     * Validate attribute certificate.
-     *
-     * @throws ACValidationException If validation fails
-     * @return AttributeCertificate Validated AC
-     */
-    public function validate(): AttributeCertificate
-    {
-        $this->_validateHolder();
-        $issuer = $this->_verifyIssuer();
-        $this->_validateIssuerProfile($issuer);
-        $this->_validateTime();
-        $this->_validateTargeting();
-        return $this->_ac;
-    }
+	/**
+	 * Validate attribute certificate.
+	 *
+	 * @throws ACValidationException If validation fails
+	 * @return AttributeCertificate Validated AC
+	 */
+	public function validate(): AttributeCertificate
+	{
+		$this->_validateHolder();
+		$issuer = $this->_verifyIssuer();
+		$this->_validateIssuerProfile($issuer);
+		$this->_validateTime();
+		$this->_validateTargeting();
+		return $this->_ac;
+	}
     
-    /**
-     * Validate AC holder's certification.
-     *
-     * @throws ACValidationException
-     * @return Certificate Certificate of the AC's holder
-     */
-    private function _validateHolder(): Certificate
-    {
-        $path = $this->_config->holderPath();
-        $config = PathValidationConfig::defaultConfig()->withMaxLength(
-            count($path))->withDateTime($this->_config->evaluationTime());
-        try {
-            $holder = $path->validate($config, $this->_crypto)->certificate();
-        } catch (PathValidationException $e) {
-            throw new ACValidationException(
-                "Failed to validate holder PKC's certification path.", 0, $e);
-        }
-        if (!$this->_ac->isHeldBy($holder)) {
-            throw new ACValidationException("Name mismatch of AC's holder PKC.");
-        }
-        return $holder;
-    }
+	/**
+	 * Validate AC holder's certification.
+	 *
+	 * @throws ACValidationException
+	 * @return Certificate Certificate of the AC's holder
+	 */
+	private function _validateHolder(): Certificate
+	{
+		$path = $this->_config->holderPath();
+		$config = PathValidationConfig::defaultConfig()->withMaxLength(
+			count($path))->withDateTime($this->_config->evaluationTime());
+		try {
+			$holder = $path->validate($config, $this->_crypto)->certificate();
+		} catch (PathValidationException $e) {
+			throw new ACValidationException(
+				"Failed to validate holder PKC's certification path.", 0, $e);
+		}
+		if (!$this->_ac->isHeldBy($holder)) {
+			throw new ACValidationException("Name mismatch of AC's holder PKC.");
+		}
+		return $holder;
+	}
     
-    /**
-     * Verify AC's signature and issuer's certification.
-     *
-     * @throws ACValidationException
-     * @return Certificate Certificate of the AC's issuer
-     */
-    private function _verifyIssuer(): Certificate
-    {
-        $path = $this->_config->issuerPath();
-        $config = PathValidationConfig::defaultConfig()->withMaxLength(
-            count($path))->withDateTime($this->_config->evaluationTime());
-        try {
-            $issuer = $path->validate($config, $this->_crypto)->certificate();
-        } catch (PathValidationException $e) {
-            throw new ACValidationException(
-                "Failed to validate issuer PKC's certification path.", 0, $e);
-        }
-        if (!$this->_ac->isIssuedBy($issuer)) {
-            throw new ACValidationException("Name mismatch of AC's issuer PKC.");
-        }
-        $pubkey_info = $issuer->tbsCertificate()->subjectPublicKeyInfo();
-        if (!$this->_ac->verify($pubkey_info, $this->_crypto)) {
-            throw new ACValidationException("Failed to verify signature.");
-        }
-        return $issuer;
-    }
+	/**
+	 * Verify AC's signature and issuer's certification.
+	 *
+	 * @throws ACValidationException
+	 * @return Certificate Certificate of the AC's issuer
+	 */
+	private function _verifyIssuer(): Certificate
+	{
+		$path = $this->_config->issuerPath();
+		$config = PathValidationConfig::defaultConfig()->withMaxLength(
+			count($path))->withDateTime($this->_config->evaluationTime());
+		try {
+			$issuer = $path->validate($config, $this->_crypto)->certificate();
+		} catch (PathValidationException $e) {
+			throw new ACValidationException(
+				"Failed to validate issuer PKC's certification path.", 0, $e);
+		}
+		if (!$this->_ac->isIssuedBy($issuer)) {
+			throw new ACValidationException("Name mismatch of AC's issuer PKC.");
+		}
+		$pubkey_info = $issuer->tbsCertificate()->subjectPublicKeyInfo();
+		if (!$this->_ac->verify($pubkey_info, $this->_crypto)) {
+			throw new ACValidationException("Failed to verify signature.");
+		}
+		return $issuer;
+	}
     
-    /**
-     * Validate AC issuer's profile.
-     *
-     * @link https://tools.ietf.org/html/rfc5755#section-4.5
-     * @param Certificate $cert
-     * @throws ACValidationException
-     */
-    private function _validateIssuerProfile(Certificate $cert)
-    {
-        $exts = $cert->tbsCertificate()->extensions();
-        if ($exts->hasKeyUsage() && !$exts->keyUsage()->isDigitalSignature()) {
-            throw new ACValidationException(
-                "Issuer PKC's Key Usage extension doesn't permit" .
-                     " verification of digital signatures.");
-        }
-        if ($exts->hasBasicConstraints() && $exts->basicConstraints()->isCA()) {
-            throw new ACValidationException("Issuer PKC must not be a CA.");
-        }
-    }
+	/**
+	 * Validate AC issuer's profile.
+	 *
+	 * @link https://tools.ietf.org/html/rfc5755#section-4.5
+	 * @param Certificate $cert
+	 * @throws ACValidationException
+	 */
+	private function _validateIssuerProfile(Certificate $cert)
+	{
+		$exts = $cert->tbsCertificate()->extensions();
+		if ($exts->hasKeyUsage() && !$exts->keyUsage()->isDigitalSignature()) {
+			throw new ACValidationException(
+				"Issuer PKC's Key Usage extension doesn't permit" .
+					 " verification of digital signatures.");
+		}
+		if ($exts->hasBasicConstraints() && $exts->basicConstraints()->isCA()) {
+			throw new ACValidationException("Issuer PKC must not be a CA.");
+		}
+	}
     
-    /**
-     * Validate AC's validity period.
-     *
-     * @throws ACValidationException
-     */
-    private function _validateTime()
-    {
-        $t = $this->_config->evaluationTime();
-        $validity = $this->_ac->acinfo()->validityPeriod();
-        if ($validity->notBeforeTime()->diff($t)->invert) {
-            throw new ACValidationException("Validity period has not started.");
-        }
-        if ($t->diff($validity->notAfterTime())->invert) {
-            throw new ACValidationException("Attribute certificate has expired.");
-        }
-    }
+	/**
+	 * Validate AC's validity period.
+	 *
+	 * @throws ACValidationException
+	 */
+	private function _validateTime()
+	{
+		$t = $this->_config->evaluationTime();
+		$validity = $this->_ac->acinfo()->validityPeriod();
+		if ($validity->notBeforeTime()->diff($t)->invert) {
+			throw new ACValidationException("Validity period has not started.");
+		}
+		if ($t->diff($validity->notAfterTime())->invert) {
+			throw new ACValidationException("Attribute certificate has expired.");
+		}
+	}
     
-    /**
-     * Validate AC's target information.
-     *
-     * @throws ACValidationException
-     */
-    private function _validateTargeting()
-    {
-        $exts = $this->_ac->acinfo()->extensions();
-        // if target information extension is not present
-        if (!$exts->has(Extension::OID_TARGET_INFORMATION)) {
-            return;
-        }
-        $ext = $exts->get(Extension::OID_TARGET_INFORMATION);
-        if ($ext instanceof TargetInformationExtension &&
-             !$this->_hasMatchingTarget($ext->targets())) {
-            throw new ACValidationException(
-                "Attribute certificate doesn't have a matching target.");
-        }
-    }
+	/**
+	 * Validate AC's target information.
+	 *
+	 * @throws ACValidationException
+	 */
+	private function _validateTargeting()
+	{
+		$exts = $this->_ac->acinfo()->extensions();
+		// if target information extension is not present
+		if (!$exts->has(Extension::OID_TARGET_INFORMATION)) {
+			return;
+		}
+		$ext = $exts->get(Extension::OID_TARGET_INFORMATION);
+		if ($ext instanceof TargetInformationExtension &&
+			 !$this->_hasMatchingTarget($ext->targets())) {
+			throw new ACValidationException(
+				"Attribute certificate doesn't have a matching target.");
+		}
+	}
     
-    /**
-     * Check whether validation configuration has matching targets.
-     *
-     * @param Targets $targets Set of eligible targets
-     * @return boolean
-     */
-    private function _hasMatchingTarget(Targets $targets): bool
-    {
-        foreach ($this->_config->targets() as $target) {
-            if ($targets->hasTarget($target)) {
-                return true;
-            }
-        }
-        return false;
-    }
+	/**
+	 * Check whether validation configuration has matching targets.
+	 *
+	 * @param Targets $targets Set of eligible targets
+	 * @return boolean
+	 */
+	private function _hasMatchingTarget(Targets $targets): bool
+	{
+		foreach ($this->_config->targets() as $target) {
+			if ($targets->hasTarget($target)) {
+				return true;
+			}
+		}
+		return false;
+	}
 }