From 1b161ece260cc975dbeb92c4523209a395968a1e Mon Sep 17 00:00:00 2001 From: Jim Wigginton Date: Sun, 11 Mar 2012 08:41:06 +0000 Subject: [PATCH] - add support for id-ce-nameConstraints git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@202 21d32557-59b3-4da0-833f-c5933fad653e --- phpseclib/File/X509.php | 45 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 4375684c..f633018a 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -738,6 +738,49 @@ class File_X509 { ) ); + $BaseDistance = array('type' => FILE_ASN1_TYPE_INTEGER); + + $GeneralSubtree = array( + 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'children' => array( + 'base' => $GeneralName, + 'minimum' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true, + 'default' => new Math_BigInteger(0) + ) + $BaseDistance, + 'maximum' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true, + ) + $BaseDistance + ) + ); + + $GeneralSubtrees = array( + 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => $GeneralSubtree + ); + + $this->NameConstraints = array( + 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'children' => array( + 'permittedSubtrees' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ) + $GeneralSubtrees, + 'excludedSubtrees' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ) + $GeneralSubtrees + ) + ); + // mapping is from $this->netscape_cert_type = array( 'type' => FILE_ASN1_TYPE_BIT_STRING, @@ -1033,6 +1076,8 @@ class File_X509 { return $this->IssuerAltName; case 'id-ce-policyMappings': return $this->PolicyMappings; + case 'id-ce-nameConstraints': + return $this->NameConstraints; case 'netscape-cert-type': return $this->netscape_cert_type;