octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2025-01-28 01:28:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

X509: new setExtension() method.

Browse Source
This commit is contained in:
monnerat 2012-10-12 03:03:21 +01:00
parent bc7a59bc8c
commit 6da490d00a
1 changed files with 47 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
phpseclib/File/X509.php
View File

@ -2347,11 +2347,7 @@ class File_X509 {
$this->currentCert['tbsCertificate']['issuer'] = $issuer->dn; $this->currentCert['tbsCertificate']['issuer'] = $issuer->dn;
if (isset($issuer->keyIdentifier)) { if (isset($issuer->keyIdentifier)) {
$extensions = &$this->currentCert['tbsCertificate']['extensions']; $this->setExtension('id-ce-authorityKeyIdentifier', array(
$extensions[] = array(
'extnId' => 'id-ce-authorityKeyIdentifier',
'critical' => false,
'extnValue'=> array(
//'authorityCertIssuer' => array( //'authorityCertIssuer' => array(
// array( // array(
// 'directoryName' => $issuer->dn // 'directoryName' => $issuer->dn
@ -2360,31 +2356,21 @@ class File_X509 {
'keyIdentifier' => $issuer->keyIdentifier 'keyIdentifier' => $issuer->keyIdentifier
) )
); );
//$extensions = &$this->currentCert['tbsCertificate']['extensions'];
//if (isset($issuer->serialNumber)) { //if (isset($issuer->serialNumber)) {
// $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber; // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber;
//} //}
unset($extensions); //unset($extensions);
} }
if (isset($subject->keyIdentifier)) { if (isset($subject->keyIdentifier)) {
$this->removeExtension('id-ce-subjectKeyIdentifier'); $this->setExtension('id-ce-subjectKeyIdentifier', $subject->keyIdentifier);
$this->currentCert['tbsCertificate']['extensions'][] = array(
'extnId' => 'id-ce-subjectKeyIdentifier',
'critical' => false,
'extnValue'=> $subject->keyIdentifier
);
} }
if (isset($subject->domains) && count($subject->domains) > 1) { if (isset($subject->domains) && count($subject->domains) > 1) {
$this->currentCert['tbsCertificate']['extensions'][] = array( $this->setExtension('id-ce-subjectAltName',
'extnId' => 'id-ce-subjectAltName', array_map(create_function('$domain',
'critical' => false, 'return array("dNSName" => $domain);'), $subject->domains));
'extnValue' => array()
);
$last = count($this->currentCert['tbsCertificate']['extensions']) - 1;
foreach ($subject->domains as $domain) {
$this->currentCert['tbsCertificate']['extensions'][$last]['extnValue'][] = array('dNSName' => $domain);
}
} }
if ($this->caFlag) { if ($this->caFlag) {
@ -2392,25 +2378,18 @@ class File_X509 {
if (!$keyUsage) { if (!$keyUsage) {
$keyUsage = array(); $keyUsage = array();
} }
$this->removeExtension('id-ce-keyUsage');
$this->currentCert['tbsCertificate']['extensions'][] = array( $this->setExtension('id-ce-keyUsage',
'extnId' => 'id-ce-keyUsage', array_values(array_unique(array_merge($keyUsage, array('cRLSign', 'keyCertSign'))))
'critical' => false,
'extnValue' => array_values(array_unique(array_merge($keyUsage, array('cRLSign', 'keyCertSign'))))
); );
$basicConstraints = $this->getExtension('id-ce-basicConstraints'); $basicConstraints = $this->getExtension('id-ce-basicConstraints');
if (!$basicConstraints) { if (!$basicConstraints) {
$basicConstraints = array(); $basicConstraints = array();
} }
$this->removeExtension('id-ce-basicConstraints');
$this->currentCert['tbsCertificate']['extensions'][] = array( $this->setExtension('id-ce-basicConstraints',
'extnId' => 'id-ce-basicConstraints', array_unique(array_merge(array('cA' => true), $basicConstraints)), true);
'critical' => true,
'extnValue' => array_unique(array_merge(array('cA' => true), $basicConstraints))
);
} }
// resync $this->signatureSubject // resync $this->signatureSubject
@ -2698,6 +2677,42 @@ class File_X509 {
return $extensions; return $extensions;
} }
/**
* Set an Extension
*
* @param String $id
* @param Mixed $value
* @param Boolean $critical optional
* @param Boolean $replace optional
* @param String $path optional
* @access public
* @return Boolean
*/
function setExtension($id, $value, $critical = false, $replace = true, $path = 'tbsCertificate/extensions')
{
$extensions = &$this->_subArray($this->currentCert, $path, true);
if (!is_array($extensions)) {
return false;
}
$newext = array('extnId' => $id, 'critical' => $critical, 'extnValue' => $value);
foreach ($extensions as $key => $value) {
if ($value['extnId'] == $id) {
if (!$replace) {
return false;
}
$extensions[$key] = $newext;
return true;
}
}
$extensions[] = $newext;
return true;
}
/** /**
* Sets the authority key identifier * Sets the authority key identifier
* *