Merge branch 'extractber-fix' into extractber-fix-2.0

Conflicts: phpseclib/File/X509.php
2024-11-05 21:17:53 +00:00 · 2015-10-22 09:56:07 -05:00 · 2015-10-22 09:56:07 -05:00 · 96dd14fd6f
commit 96dd14fd6f
parent 1cf70d27e8 46bb95a265
3 changed files with 58 additions and 8 deletions
--- a/phpseclib/Crypt/RSA.php
+++ b/phpseclib/Crypt/RSA.php
@ -3033,7 +3033,7 @@ class RSA
         * subject=/O=organization/OU=org unit/CN=common name
         * issuer=/O=organization/CN=common name
         */
-        $temp = preg_replace('#.*?^-+[^-]+-+#ms', '', $str, 1);
+        $temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1);
        // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff
        $temp = preg_replace('#-+[^-]+-+#', '', $temp);
        // remove new lines
--- a/phpseclib/File/X509.php
+++ b/phpseclib/File/X509.php
@ -103,6 +103,12 @@ class X509
     * Only works on CSRs. Not currently supported.
     */
    const FORMAT_SPKAC = 2;
+    /**
+     * Auto-detect the format
+     *
+     * Used only by the load*() functions
+     */
+    const FORMAT_AUTO_DETECT = 3;
    /**#@-*/

    /**
@ -1403,10 +1409,11 @@ class X509
     * Returns an associative array describing the X.509 cert or a false if the cert failed to load
     *
     * @param string $cert
+     * @param int $mode
     * @access public
     * @return mixed
     */
-    function loadX509($cert)
+    function loadX509($cert, $mode = self::FORMAT_AUTO_DETECT)
    {
        if (is_array($cert) && isset($cert['tbsCertificate'])) {
            unset($this->currentCert);
@ -1427,7 +1434,13 @@ class X509

        $asn1 = new ASN1();

-        $cert = $this->_extractBER($cert);
+        if ($mode != self::FORMAT_DER) {
+            $newcert = $this->_extractBER($cert);
+            if ($mode == self::FORMAT_PEM && $cert == $newcert) {
+                return false;
+            }
+            $cert = $newcert;
+        }

        if ($cert === false) {
            $this->currentCert = false;
@ -2817,7 +2830,7 @@ class X509
     * @access public
     * @return mixed
     */
-    function loadCSR($csr)
+    function loadCSR($csr, $mode = self::FORMAT_AUTO_DETECT)
    {
        if (is_array($csr) && isset($csr['certificationRequestInfo'])) {
            unset($this->currentCert);
@ -2836,7 +2849,13 @@ class X509

        $asn1 = new ASN1();

-        $csr = $this->_extractBER($csr);
+        if ($mode != self::FORMAT_DER) {
+            $newcsr = $this->_extractBER($csr);
+            if ($mode == self::FORMAT_PEM && $csr == $newcsr) {
+                return false;
+            }
+            $csr = $newcsr;
+        }
        $orig = $csr;

        if ($csr === false) {
@ -3056,7 +3075,7 @@ class X509
     * @access public
     * @return mixed
     */
-    function loadCRL($crl)
+    function loadCRL($crl, $mode = self::FORMAT_AUTO_DETECT)
    {
        if (is_array($crl) && isset($crl['tbsCertList'])) {
            $this->currentCert = $crl;
@ -3066,7 +3085,13 @@ class X509

        $asn1 = new ASN1();

-        $crl = $this->_extractBER($crl);
+        if ($mode != self::FORMAT_DER) {
+            $newcrl = $this->_extractBER($crl);
+            if ($mode == self::FORMAT_PEM && $crl == $newcrl) {
+                return false;
+            }
+            $crl = $newcrl;
+        }
        $orig = $crl;

        if ($crl === false) {
@ -4554,7 +4579,7 @@ class X509
         * subject=/O=organization/OU=org unit/CN=common name
         * issuer=/O=organization/CN=common name
         */
-        $temp = preg_replace('#.*?^-+[^-]+-+#ms', '', $str, 1);
+        $temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1);
        // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff
        $temp = preg_replace('#-+[^-]+-+#', '', $temp);
        // remove new lines
--- a/tests/Unit/File/X509/CSRTest.php
+++ b/tests/Unit/File/X509/CSRTest.php
@ -68,4 +68,29 @@ draiRBZruwMPwPIP

        $this->assertInternalType('array', $csr);
    }
+
+    public function testCSRDER()
+    {
+        $csr = 'MIICdzCCAV8CAQEwDDEKMAgGA1UEAwwBeDCCASIwDQYJKoZIhvcNAQEBBQADggEP' .
+               'ADCCAQoCggEBALtcrFDD2AHe3x2bR00wPDsPH6FJLxr5uc1ybb+ldDB5xNVImC8P' .
+               'LU6VXDZ5z68KjSovs1q0OWJWfCjlAuGLzqO35s86LI1CFuTFdkScVHMwh8zUVFoP' .
+               'pG7/9rKaNxCgaHs4evxjxQP2+Ny7tBqPLb/KV0exm6Twocf963jC/Tyn57G5erRf' .
+               'zpFrfK7DozhxY7znumJ4FuSn0TVkD6PPwZFn9VoTjv2ZoJmacGK+0r5yNKG799F5' .
+               'K8EgDrOCfbzCZjX6GJctyn2SNPTeBuXS9piH21FGnJAryv80zG+zUqFdEyoLUGJt' .
+               '4Vy6+tDP9cW68fiwTZS1Oc1VeFdL1G/CrjkCAwEAAaAmMCQGCSqGSIb3DQEJDjEX' .
+               'MBUwEwYKKwYBBAGCqlsBCQQFMAOCAQEwDQYJKoZIhvcNAQELBQADggEBAF4XOd+1' .
+               'jkJOYRInNpHfhzSD/ktDY50gpLPuDvl4f/ZBlKrb1eDYQG5F3bnYzoZWHN4n+6Zs' .
+               'CkljXs5ZPUZ5LuVpASumoG/aHXGz8c8NC3asJ1V73ljEPAfIXwqoIUoaP9jLL+Ee' .
+               'zy/ZCi2NKWVo2D7ocnn79oblAem9ksSeQl4z3Gvhuug6MsMqn96NU/ZY/vjYzAjb' .
+               'MAvJIVRY0rbCxbFa0K+XNJtF7GLyBxyPNFWCvADhvm9C4uPmoypYg7MY6EewJInN' .
+               'xzMH7I4xDLjNu0VBa6lAxTvflp0joQHKlTYX0SDIKPbQivjZMuObPuxDtkVZ0rQl' .
+               'AjmgMowaN5otTXM=';
+        $csr = base64_decode($csr);
+
+        $x509 = new X509();
+
+        $csr = $x509->loadCSR($csr);
+
+        $this->assertInternalType('array', $csr);
+    }
 }