From 0dabb0c090a9f8c98f1a822a79787f4f36a774ea Mon Sep 17 00:00:00 2001 From: Bastien Miclo Date: Tue, 13 Apr 2021 23:18:26 +0200 Subject: [PATCH 1/3] Allow to specify extension value as critical --- phpseclib/Crypt/DH/PrivateKey.php | 2 +- phpseclib/Crypt/EC/Curves/Ed25519.php | 2 +- phpseclib/Crypt/EC/Formats/Keys/Common.php | 4 ++-- phpseclib/File/X509.php | 8 +++++--- 4 files changed, 9 insertions(+), 7 deletions(-) diff --git a/phpseclib/Crypt/DH/PrivateKey.php b/phpseclib/Crypt/DH/PrivateKey.php index 8756b419..fd92165a 100644 --- a/phpseclib/Crypt/DH/PrivateKey.php +++ b/phpseclib/Crypt/DH/PrivateKey.php @@ -47,7 +47,7 @@ class PrivateKey extends DH * Returns the public key * * @access public - * @return DH + * @return DH\PublicKey */ public function getPublicKey() { diff --git a/phpseclib/Crypt/EC/Curves/Ed25519.php b/phpseclib/Crypt/EC/Curves/Ed25519.php index d4c3e37a..a34494ce 100644 --- a/phpseclib/Crypt/EC/Curves/Ed25519.php +++ b/phpseclib/Crypt/EC/Curves/Ed25519.php @@ -331,4 +331,4 @@ class Ed25519 extends TwistedEdwards return [$x3, $y3, $z3, $t3]; } -} \ No newline at end of file +} diff --git a/phpseclib/Crypt/EC/Formats/Keys/Common.php b/phpseclib/Crypt/EC/Formats/Keys/Common.php index 1993002f..c8a63be1 100644 --- a/phpseclib/Crypt/EC/Formats/Keys/Common.php +++ b/phpseclib/Crypt/EC/Formats/Keys/Common.php @@ -449,7 +449,7 @@ trait Common * - neither the curve or the base point are generated verifiably randomly. * ecdpVer2: * - curve and base point are generated verifiably at random and curve.seed is present - * ecdpVer3: + * ecdpVer3: * - base point is generated verifiably at random but curve is not. curve.seed is present */ // other (optional) parameters can be calculated using the methods discused at @@ -552,4 +552,4 @@ trait Common { self::$useNamedCurves = true; } -} \ No newline at end of file +} diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index fdd12a21..304b8386 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -670,10 +670,11 @@ class X509 */ private function mapOutExtensions(&$root, $path) { - foreach ($this->extensionValues as $id => $value) { + foreach ($this->extensionValues as $id => [$critical, $value]) { $root['tbsCertificate']['extensions'][] = [ 'extnId' => $id, 'extnValue' => $value, + 'critical' => $critical, ]; } @@ -4079,9 +4080,10 @@ class X509 * * @param string $id * @param mixed $value + * @param bool $critical */ - public function setExtensionValue($id, $value) + public function setExtensionValue($id, $value, $critical = false) { - $this->extensionValues[$id] = $value; + $this->extensionValues[$id] = [$critical, $value]; } } From acc26575111e276982775f4cb26c57ccbd30394b Mon Sep 17 00:00:00 2001 From: terrafrost Date: Thu, 15 Apr 2021 21:24:35 -0500 Subject: [PATCH 2/3] X509: symmetric array destructuring requires PHP 7.1+ --- phpseclib/File/X509.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 304b8386..dac4cfca 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -670,7 +670,8 @@ class X509 */ private function mapOutExtensions(&$root, $path) { - foreach ($this->extensionValues as $id => [$critical, $value]) { + foreach ($this->extensionValues as $id => $value) { + list($critical, $value) = $value; $root['tbsCertificate']['extensions'][] = [ 'extnId' => $id, 'extnValue' => $value, From 07f728546b4a1d7ce8a79a086c8998fbed2863e0 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 16 Apr 2021 09:06:52 -0500 Subject: [PATCH 3/3] X509: apparently list() works differently in 5.6 than in 7.0+ --- phpseclib/File/X509.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index dac4cfca..1e333293 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -671,11 +671,10 @@ class X509 private function mapOutExtensions(&$root, $path) { foreach ($this->extensionValues as $id => $value) { - list($critical, $value) = $value; $root['tbsCertificate']['extensions'][] = [ 'extnId' => $id, - 'extnValue' => $value, - 'critical' => $critical, + 'extnValue' => $value[1], + 'critical' => $value[0], ]; }