- encode the subjectPublicKey in a format Crypt_RSA can use (assuming the algorithm is rsaEncryption)

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@203 21d32557-59b3-4da0-833f-c5933fad653e
2024-11-09 15:20:58 +00:00 · 2012-03-11 19:00:28 +00:00 · 2012-03-11 19:00:28 +00:00 · 1b2dde6e7d
commit 1b2dde6e7d
parent 1b161ece26
1 changed files with 41 additions and 0 deletions
--- a/phpseclib/File/X509.php
+++ b/phpseclib/File/X509.php
@ -74,6 +74,12 @@ class File_X509 {
    var $CertificatePolicies;
    var $AuthorityInfoAccessSyntax;
    var $SubjectAltName;
+    var $PrivateKeyUsagePeriod;
+    var $IssuerAltName;
+    var $PolicyMappings;
+    var $NameConstraints;
+    var $netscape_cert_type;
+    var $netscape_comment;
    /**#@-*/

    /**
@ -85,6 +91,22 @@ class File_X509 {
     */
    var $oids;

+    /**
+     * The certificate authorities
+     *
+     * @var Array
+     * @access private
+     */
+    var $CAs;
+
+    /**
+     * The currently loaded certificate
+     *
+     * @var Array
+     * @access private
+     */
+    var $certificate;
+
    /**
     * Default Constructor.
     *
@ -987,6 +1009,19 @@ class File_X509 {
            }
        }

+        switch ($x509['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm']) {
+            case 'rsaEncryption':
+                $x509['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] =
+                    "-----BEGIN PUBLIC KEY-----\r\n" .
+                    // subjectPublicKey is stored as a bit string in X.509 certs.  the first byte of a bit string represents how many bits
+                    // in the last byte should be ignored.  the following only supports non-zero stuff but as none of the X.509 certs Firefox
+                    // uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do.
+                    chunk_split(base64_encode(substr(base64_decode($x509['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']), 1))) .
+                    '-----END PUBLIC KEY-----';
+        }
+
+        $this->currentCert = $x509;
+
        return $x509;
    }

@ -998,6 +1033,12 @@ class File_X509 {
     */
    function saveX509($cert)
    {
+        switch ($cert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm']) {
+            case 'rsaEncryption':
+                $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] = 
+                    base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'])));
+        }
+
        $asn1 = new File_ASN1();

        $asn1->loadOIDs($this->oids);