From a9925941b0b1599dcb7fd067beadfb916a081c5f Mon Sep 17 00:00:00 2001 From: Clint Nelissen Date: Wed, 3 Dec 2014 18:08:22 -0800 Subject: [PATCH 1/2] Moved global constants into class constants and updated all references --- phpseclib/File/ASN1.php | 408 +++++++++++++------------- phpseclib/File/X509.php | 550 +++++++++++++++++------------------ tests/Unit/File/ASN1Test.php | 62 ++-- 3 files changed, 510 insertions(+), 510 deletions(-) diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index 9fbfc57d..30eb80a5 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -23,72 +23,6 @@ use \phpseclib\Math\BigInteger; -/**#@+ - * Tag Classes - * - * @access private - * @link http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=12 - */ -define('FILE_ASN1_CLASS_UNIVERSAL', 0); -define('FILE_ASN1_CLASS_APPLICATION', 1); -define('FILE_ASN1_CLASS_CONTEXT_SPECIFIC', 2); -define('FILE_ASN1_CLASS_PRIVATE', 3); -/**#@-*/ - -/**#@+ - * Tag Classes - * - * @access private - * @link http://www.obj-sys.com/asn1tutorial/node124.html - */ -define('FILE_ASN1_TYPE_BOOLEAN', 1); -define('FILE_ASN1_TYPE_INTEGER', 2); -define('FILE_ASN1_TYPE_BIT_STRING', 3); -define('FILE_ASN1_TYPE_OCTET_STRING', 4); -define('FILE_ASN1_TYPE_NULL', 5); -define('FILE_ASN1_TYPE_OBJECT_IDENTIFIER', 6); -//define('FILE_ASN1_TYPE_OBJECT_DESCRIPTOR', 7); -//define('FILE_ASN1_TYPE_INSTANCE_OF', 8); // EXTERNAL -define('FILE_ASN1_TYPE_REAL', 9); -define('FILE_ASN1_TYPE_ENUMERATED', 10); -//define('FILE_ASN1_TYPE_EMBEDDED', 11); -define('FILE_ASN1_TYPE_UTF8_STRING', 12); -//define('FILE_ASN1_TYPE_RELATIVE_OID', 13); -define('FILE_ASN1_TYPE_SEQUENCE', 16); // SEQUENCE OF -define('FILE_ASN1_TYPE_SET', 17); // SET OF -/**#@-*/ -/**#@+ - * More Tag Classes - * - * @access private - * @link http://www.obj-sys.com/asn1tutorial/node10.html - */ -define('FILE_ASN1_TYPE_NUMERIC_STRING', 18); -define('FILE_ASN1_TYPE_PRINTABLE_STRING', 19); -define('FILE_ASN1_TYPE_TELETEX_STRING', 20); // T61String -define('FILE_ASN1_TYPE_VIDEOTEX_STRING', 21); -define('FILE_ASN1_TYPE_IA5_STRING', 22); -define('FILE_ASN1_TYPE_UTC_TIME', 23); -define('FILE_ASN1_TYPE_GENERALIZED_TIME', 24); -define('FILE_ASN1_TYPE_GRAPHIC_STRING', 25); -define('FILE_ASN1_TYPE_VISIBLE_STRING', 26); // ISO646String -define('FILE_ASN1_TYPE_GENERAL_STRING', 27); -define('FILE_ASN1_TYPE_UNIVERSAL_STRING', 28); -//define('FILE_ASN1_TYPE_CHARACTER_STRING', 29); -define('FILE_ASN1_TYPE_BMP_STRING', 30); -/**#@-*/ - -/**#@+ - * Tag Aliases - * - * These tags are kinda place holders for other tags. - * - * @access private - */ -define('FILE_ASN1_TYPE_CHOICE', -1); -define('FILE_ASN1_TYPE_ANY', -2); -/**#@-*/ - /** * Include File_ASN1_Element */ @@ -105,6 +39,72 @@ if (!class_exists('File_ASN1_Element')) { */ class File_ASN1 { + /**#@+ + * Tag Classes + * + * @access private + * @link http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=12 + */ + const CLASS_UNIVERSAL = 0; + const CLASS_APPLICATION = 1; + const CLASS_CONTEXT_SPECIFIC = 2; + const CLASS_PRIVATE = 3; + /**#@-*/ + + /**#@+ + * Tag Classes + * + * @access private + * @link http://www.obj-sys.com/asn1tutorial/node124.html + */ + const TYPE_BOOLEAN = 1; + const TYPE_INTEGER = 2; + const TYPE_BIT_STRING = 3; + const TYPE_OCTET_STRING = 4; + const TYPE_NULL = 5; + const TYPE_OBJECT_IDENTIFIER = 6; + //const TYPE_OBJECT_DESCRIPTOR = 7; + //const TYPE_INSTANCE_OF = 8; // EXTERNAL + const TYPE_REAL = 9; + const TYPE_ENUMERATED = 10; + //const TYPE_EMBEDDED = 11; + const TYPE_UTF8_STRING = 12; + //const TYPE_RELATIVE_OID = 13; + const TYPE_SEQUENCE = 16; // SEQUENCE OF + const TYPE_SET = 17; // SET OF + /**#@-*/ + /**#@+ + * More Tag Classes + * + * @access private + * @link http://www.obj-sys.com/asn1tutorial/node10.html + */ + const TYPE_NUMERIC_STRING = 18; + const TYPE_PRINTABLE_STRING = 19; + const TYPE_TELETEX_STRING = 20; // T61String + const TYPE_VIDEOTEX_STRING = 21; + const TYPE_IA5_STRING = 22; + const TYPE_UTC_TIME = 23; + const TYPE_GENERALIZED_TIME = 24; + const TYPE_GRAPHIC_STRING = 25; + const TYPE_VISIBLE_STRING = 26; // ISO646String + const TYPE_GENERAL_STRING = 27; + const TYPE_UNIVERSAL_STRING = 28; + //const TYPE_CHARACTER_STRING = 29; + const TYPE_BMP_STRING = 30; + /**#@-*/ + + /**#@+ + * Tag Aliases + * + * These tags are kinda place holders for other tags. + * + * @access private + */ + const TYPE_CHOICE = -1; + const TYPE_ANY = -2; + /**#@-*/ + /** * ASN.1 object identifier * @@ -137,7 +137,7 @@ class File_ASN1 /** * Filters * - * If the mapping type is FILE_ASN1_TYPE_ANY what do we actually encode it as? + * If the mapping type is self::TYPE_ANY what do we actually encode it as? * * @var Array * @access private @@ -148,7 +148,7 @@ class File_ASN1 /** * Type mapping table for the ANY type. * - * Structured or unknown types are mapped to a FILE_ASN1_Element. + * Structured or unknown types are mapped to a File\ASN1\Element. * Unambiguous types get the direct mapping (int/real/bool). * Others are mapped as a choice, with an extra indexing level. * @@ -156,28 +156,28 @@ class File_ASN1 * @access public */ var $ANYmap = array( - FILE_ASN1_TYPE_BOOLEAN => true, - FILE_ASN1_TYPE_INTEGER => true, - FILE_ASN1_TYPE_BIT_STRING => 'bitString', - FILE_ASN1_TYPE_OCTET_STRING => 'octetString', - FILE_ASN1_TYPE_NULL => 'null', - FILE_ASN1_TYPE_OBJECT_IDENTIFIER => 'objectIdentifier', - FILE_ASN1_TYPE_REAL => true, - FILE_ASN1_TYPE_ENUMERATED => 'enumerated', - FILE_ASN1_TYPE_UTF8_STRING => 'utf8String', - FILE_ASN1_TYPE_NUMERIC_STRING => 'numericString', - FILE_ASN1_TYPE_PRINTABLE_STRING => 'printableString', - FILE_ASN1_TYPE_TELETEX_STRING => 'teletexString', - FILE_ASN1_TYPE_VIDEOTEX_STRING => 'videotexString', - FILE_ASN1_TYPE_IA5_STRING => 'ia5String', - FILE_ASN1_TYPE_UTC_TIME => 'utcTime', - FILE_ASN1_TYPE_GENERALIZED_TIME => 'generalTime', - FILE_ASN1_TYPE_GRAPHIC_STRING => 'graphicString', - FILE_ASN1_TYPE_VISIBLE_STRING => 'visibleString', - FILE_ASN1_TYPE_GENERAL_STRING => 'generalString', - FILE_ASN1_TYPE_UNIVERSAL_STRING => 'universalString', - //FILE_ASN1_TYPE_CHARACTER_STRING => 'characterString', - FILE_ASN1_TYPE_BMP_STRING => 'bmpString' + self::TYPE_BOOLEAN => true, + self::TYPE_INTEGER => true, + self::TYPE_BIT_STRING => 'bitString', + self::TYPE_OCTET_STRING => 'octetString', + self::TYPE_NULL => 'null', + self::TYPE_OBJECT_IDENTIFIER => 'objectIdentifier', + self::TYPE_REAL => true, + self::TYPE_ENUMERATED => 'enumerated', + self::TYPE_UTF8_STRING => 'utf8String', + self::TYPE_NUMERIC_STRING => 'numericString', + self::TYPE_PRINTABLE_STRING => 'printableString', + self::TYPE_TELETEX_STRING => 'teletexString', + self::TYPE_VIDEOTEX_STRING => 'videotexString', + self::TYPE_IA5_STRING => 'ia5String', + self::TYPE_UTC_TIME => 'utcTime', + self::TYPE_GENERALIZED_TIME => 'generalTime', + self::TYPE_GRAPHIC_STRING => 'graphicString', + self::TYPE_VISIBLE_STRING => 'visibleString', + self::TYPE_GENERAL_STRING => 'generalString', + self::TYPE_UNIVERSAL_STRING => 'universalString', + //self::TYPE_CHARACTER_STRING => 'characterString', + self::TYPE_BMP_STRING => 'bmpString' ); /** @@ -190,13 +190,13 @@ class File_ASN1 * @access public */ var $stringTypeSize = array( - FILE_ASN1_TYPE_UTF8_STRING => 0, - FILE_ASN1_TYPE_BMP_STRING => 2, - FILE_ASN1_TYPE_UNIVERSAL_STRING => 4, - FILE_ASN1_TYPE_PRINTABLE_STRING => 1, - FILE_ASN1_TYPE_TELETEX_STRING => 1, - FILE_ASN1_TYPE_IA5_STRING => 1, - FILE_ASN1_TYPE_VISIBLE_STRING => 1, + self::TYPE_UTF8_STRING => 0, + self::TYPE_BMP_STRING => 2, + self::TYPE_UNIVERSAL_STRING => 4, + self::TYPE_PRINTABLE_STRING => 1, + self::TYPE_TELETEX_STRING => 1, + self::TYPE_IA5_STRING => 1, + self::TYPE_VISIBLE_STRING => 1, ); /** @@ -223,8 +223,8 @@ class File_ASN1 * Parse BER-encoding (Helper function) * * Sometimes we want to get the BER encoding of a particular tag. $start lets us do that without having to reencode. - * $encoded is passed by reference for the recursive calls done for FILE_ASN1_TYPE_BIT_STRING and - * FILE_ASN1_TYPE_OCTET_STRING. In those cases, the indefinite length is used. + * $encoded is passed by reference for the recursive calls done for self::TYPE_BIT_STRING and + * self::TYPE_OCTET_STRING. In those cases, the indefinite length is used. * * @param String $encoded * @param Integer $start @@ -287,9 +287,9 @@ class File_ASN1 -- http://www.obj-sys.com/asn1tutorial/node12.html */ $class = ($type >> 6) & 3; switch ($class) { - case FILE_ASN1_CLASS_APPLICATION: - case FILE_ASN1_CLASS_PRIVATE: - case FILE_ASN1_CLASS_CONTEXT_SPECIFIC: + case self::CLASS_APPLICATION: + case self::CLASS_PRIVATE: + case self::CLASS_CONTEXT_SPECIFIC: if ($constructed) { $newcontent = $this->_decode_ber($content, $start); $length = $newcontent['length']; @@ -319,20 +319,20 @@ class File_ASN1 // decode UNIVERSAL tags switch ($tag) { - case FILE_ASN1_TYPE_BOOLEAN: + case self::TYPE_BOOLEAN: // "The contents octets shall consist of a single octet." -- paragraph 8.2.1 //if (strlen($content) != 1) { // return false; //} $current['content'] = (bool) ord($content[0]); break; - case FILE_ASN1_TYPE_INTEGER: - case FILE_ASN1_TYPE_ENUMERATED: + case self::TYPE_INTEGER: + case self::TYPE_ENUMERATED: $current['content'] = new BigInteger($content, -256); break; - case FILE_ASN1_TYPE_REAL: // not currently supported + case self::TYPE_REAL: // not currently supported return false; - case FILE_ASN1_TYPE_BIT_STRING: + case self::TYPE_BIT_STRING: // The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, // the number of unused bits in the final subsequent octet. The number shall be in the range zero to // seven. @@ -344,19 +344,19 @@ class File_ASN1 $last = count($temp) - 1; for ($i = 0; $i < $last; $i++) { // all subtags should be bit strings - //if ($temp[$i]['type'] != FILE_ASN1_TYPE_BIT_STRING) { + //if ($temp[$i]['type'] != self::TYPE_BIT_STRING) { // return false; //} $current['content'].= substr($temp[$i]['content'], 1); } // all subtags should be bit strings - //if ($temp[$last]['type'] != FILE_ASN1_TYPE_BIT_STRING) { + //if ($temp[$last]['type'] != self::TYPE_BIT_STRING) { // return false; //} $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1); } break; - case FILE_ASN1_TYPE_OCTET_STRING: + case self::TYPE_OCTET_STRING: if (!$constructed) { $current['content'] = $content; } else { @@ -366,7 +366,7 @@ class File_ASN1 $temp = $this->_decode_ber($content, $length + $start); $this->_string_shift($content, $temp['length']); // all subtags should be octet strings - //if ($temp['type'] != FILE_ASN1_TYPE_OCTET_STRING) { + //if ($temp['type'] != self::TYPE_OCTET_STRING) { // return false; //} $current['content'].= $temp['content']; @@ -377,14 +377,14 @@ class File_ASN1 } } break; - case FILE_ASN1_TYPE_NULL: + case self::TYPE_NULL: // "The contents octets shall not contain any octets." -- paragraph 8.8.2 //if (strlen($content)) { // return false; //} break; - case FILE_ASN1_TYPE_SEQUENCE: - case FILE_ASN1_TYPE_SET: + case self::TYPE_SEQUENCE: + case self::TYPE_SET: $offset = 0; $current['content'] = array(); while (strlen($content)) { @@ -400,7 +400,7 @@ class File_ASN1 $offset+= $temp['length']; } break; - case FILE_ASN1_TYPE_OBJECT_IDENTIFIER: + case self::TYPE_OBJECT_IDENTIFIER: $temp = ord($this->_string_shift($content)); $current['content'] = sprintf('%d.%d', floor($temp / 40), $temp % 40); $valuen = 0; @@ -426,31 +426,31 @@ class File_ASN1 Per that, we're not going to do any validation. If there are any illegal characters in the string, we don't really care */ - case FILE_ASN1_TYPE_NUMERIC_STRING: + case self::TYPE_NUMERIC_STRING: // 0,1,2,3,4,5,6,7,8,9, and space - case FILE_ASN1_TYPE_PRINTABLE_STRING: + case self::TYPE_PRINTABLE_STRING: // Upper and lower case letters, digits, space, apostrophe, left/right parenthesis, plus sign, comma, // hyphen, full stop, solidus, colon, equal sign, question mark - case FILE_ASN1_TYPE_TELETEX_STRING: + case self::TYPE_TELETEX_STRING: // The Teletex character set in CCITT's T61, space, and delete // see http://en.wikipedia.org/wiki/Teletex#Character_sets - case FILE_ASN1_TYPE_VIDEOTEX_STRING: + case self::TYPE_VIDEOTEX_STRING: // The Videotex character set in CCITT's T.100 and T.101, space, and delete - case FILE_ASN1_TYPE_VISIBLE_STRING: + case self::TYPE_VISIBLE_STRING: // Printing character sets of international ASCII, and space - case FILE_ASN1_TYPE_IA5_STRING: + case self::TYPE_IA5_STRING: // International Alphabet 5 (International ASCII) - case FILE_ASN1_TYPE_GRAPHIC_STRING: + case self::TYPE_GRAPHIC_STRING: // All registered G sets, and space - case FILE_ASN1_TYPE_GENERAL_STRING: + case self::TYPE_GENERAL_STRING: // All registered C and G sets, space and delete - case FILE_ASN1_TYPE_UTF8_STRING: + case self::TYPE_UTF8_STRING: // ???? - case FILE_ASN1_TYPE_BMP_STRING: + case self::TYPE_BMP_STRING: $current['content'] = $content; break; - case FILE_ASN1_TYPE_UTC_TIME: - case FILE_ASN1_TYPE_GENERALIZED_TIME: + case self::TYPE_UTC_TIME: + case self::TYPE_GENERALIZED_TIME: $current['content'] = $this->_decodeTime($content, $tag); default: } @@ -481,7 +481,7 @@ class File_ASN1 } switch (true) { - case $mapping['type'] == FILE_ASN1_TYPE_ANY: + case $mapping['type'] == self::TYPE_ANY: $intype = $decoded['type']; if (isset($decoded['constant']) || !isset($this->ANYmap[$intype]) || ($this->encoded[$decoded['start']] & 0x20)) { return new File_ASN1_Element(substr($this->encoded, $decoded['start'], $decoded['length'])); @@ -491,14 +491,14 @@ class File_ASN1 return array($inmap => $this->asn1map($decoded, array('type' => $intype) + $mapping, $special)); } break; - case $mapping['type'] == FILE_ASN1_TYPE_CHOICE: + case $mapping['type'] == self::TYPE_CHOICE: foreach ($mapping['children'] as $key => $option) { switch (true) { case isset($option['constant']) && $option['constant'] == $decoded['constant']: case !isset($option['constant']) && $option['type'] == $decoded['type']: $value = $this->asn1map($decoded, $option, $special); break; - case !isset($option['constant']) && $option['type'] == FILE_ASN1_TYPE_CHOICE: + case !isset($option['constant']) && $option['type'] == self::TYPE_CHOICE: $v = $this->asn1map($decoded, $option, $special); if (isset($v)) { $value = $v; @@ -520,8 +520,8 @@ class File_ASN1 // if $decoded['type'] and $mapping['type'] are both strings, but different types of strings, // let it through switch (true) { - case $decoded['type'] < 18: // FILE_ASN1_TYPE_NUMERIC_STRING == 18 - case $decoded['type'] > 30: // FILE_ASN1_TYPE_BMP_STRING == 30 + case $decoded['type'] < 18: // self::TYPE_NUMERIC_STRING == 18 + case $decoded['type'] > 30: // self::TYPE_BMP_STRING == 30 case $mapping['type'] < 18: case $mapping['type'] > 30: return null; @@ -533,7 +533,7 @@ class File_ASN1 } switch ($decoded['type']) { - case FILE_ASN1_TYPE_SEQUENCE: + case self::TYPE_SEQUENCE: $map = array(); // ignore the min and max @@ -556,18 +556,18 @@ class File_ASN1 if ($maymatch) { $temp = $decoded['content'][$i]; - if ($child['type'] != FILE_ASN1_TYPE_CHOICE) { + if ($child['type'] != self::TYPE_CHOICE) { // Get the mapping and input class & constant. - $childClass = $tempClass = FILE_ASN1_CLASS_UNIVERSAL; + $childClass = $tempClass = self::CLASS_UNIVERSAL; $constant = null; if (isset($temp['constant'])) { - $tempClass = isset($temp['class']) ? $temp['class'] : FILE_ASN1_CLASS_CONTEXT_SPECIFIC; + $tempClass = isset($temp['class']) ? $temp['class'] : self::CLASS_CONTEXT_SPECIFIC; } if (isset($child['class'])) { $childClass = $child['class']; $constant = $child['cast']; } elseif (isset($child['constant'])) { - $childClass = FILE_ASN1_CLASS_CONTEXT_SPECIFIC; + $childClass = self::CLASS_CONTEXT_SPECIFIC; $constant = $child['constant']; } @@ -576,7 +576,7 @@ class File_ASN1 $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; } else { // Can only match if no constant expected and type matches or is generic. - $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], FILE_ASN1_TYPE_ANY, FILE_ASN1_TYPE_CHOICE)) !== false; + $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], self::TYPE_ANY, self::TYPE_CHOICE)) !== false; } } } @@ -605,7 +605,7 @@ class File_ASN1 return $i < $n? null: $map; // the main diff between sets and sequences is the encapsulation of the foreach in another for loop - case FILE_ASN1_TYPE_SET: + case self::TYPE_SET: $map = array(); // ignore the min and max @@ -622,9 +622,9 @@ class File_ASN1 for ($i = 0; $i < count($decoded['content']); $i++) { $temp = $decoded['content'][$i]; - $tempClass = FILE_ASN1_CLASS_UNIVERSAL; + $tempClass = self::CLASS_UNIVERSAL; if (isset($temp['constant'])) { - $tempClass = isset($temp['class']) ? $temp['class'] : FILE_ASN1_CLASS_CONTEXT_SPECIFIC; + $tempClass = isset($temp['class']) ? $temp['class'] : self::CLASS_CONTEXT_SPECIFIC; } foreach ($mapping['children'] as $key => $child) { @@ -632,14 +632,14 @@ class File_ASN1 continue; } $maymatch = true; - if ($child['type'] != FILE_ASN1_TYPE_CHOICE) { - $childClass = FILE_ASN1_CLASS_UNIVERSAL; + if ($child['type'] != self::TYPE_CHOICE) { + $childClass = self::CLASS_UNIVERSAL; $constant = null; if (isset($child['class'])) { $childClass = $child['class']; $constant = $child['cast']; } elseif (isset($child['constant'])) { - $childClass = FILE_ASN1_CLASS_CONTEXT_SPECIFIC; + $childClass = self::CLASS_CONTEXT_SPECIFIC; $constant = $child['constant']; } @@ -648,7 +648,7 @@ class File_ASN1 $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; } else { // Can only match if no constant expected and type matches or is generic. - $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], FILE_ASN1_TYPE_ANY, FILE_ASN1_TYPE_CHOICE)) !== false; + $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], self::TYPE_ANY, self::TYPE_CHOICE)) !== false; } } @@ -681,15 +681,15 @@ class File_ASN1 } } return $map; - case FILE_ASN1_TYPE_OBJECT_IDENTIFIER: + case self::TYPE_OBJECT_IDENTIFIER: return isset($this->oids[$decoded['content']]) ? $this->oids[$decoded['content']] : $decoded['content']; - case FILE_ASN1_TYPE_UTC_TIME: - case FILE_ASN1_TYPE_GENERALIZED_TIME: + case self::TYPE_UTC_TIME: + case self::TYPE_GENERALIZED_TIME: if (isset($mapping['implicit'])) { $decoded['content'] = $this->_decodeTime($decoded['content'], $decoded['type']); } return @date($this->format, $decoded['content']); - case FILE_ASN1_TYPE_BIT_STRING: + case self::TYPE_BIT_STRING: if (isset($mapping['mapping'])) { $offset = ord($decoded['content'][0]); $size = (strlen($decoded['content']) - 1) * 8 - $offset; @@ -718,26 +718,26 @@ class File_ASN1 } return $values; } - case FILE_ASN1_TYPE_OCTET_STRING: + case self::TYPE_OCTET_STRING: return base64_encode($decoded['content']); - case FILE_ASN1_TYPE_NULL: + case self::TYPE_NULL: return ''; - case FILE_ASN1_TYPE_BOOLEAN: + case self::TYPE_BOOLEAN: return $decoded['content']; - case FILE_ASN1_TYPE_NUMERIC_STRING: - case FILE_ASN1_TYPE_PRINTABLE_STRING: - case FILE_ASN1_TYPE_TELETEX_STRING: - case FILE_ASN1_TYPE_VIDEOTEX_STRING: - case FILE_ASN1_TYPE_IA5_STRING: - case FILE_ASN1_TYPE_GRAPHIC_STRING: - case FILE_ASN1_TYPE_VISIBLE_STRING: - case FILE_ASN1_TYPE_GENERAL_STRING: - case FILE_ASN1_TYPE_UNIVERSAL_STRING: - case FILE_ASN1_TYPE_UTF8_STRING: - case FILE_ASN1_TYPE_BMP_STRING: + case self::TYPE_NUMERIC_STRING: + case self::TYPE_PRINTABLE_STRING: + case self::TYPE_TELETEX_STRING: + case self::TYPE_VIDEOTEX_STRING: + case self::TYPE_IA5_STRING: + case self::TYPE_GRAPHIC_STRING: + case self::TYPE_VISIBLE_STRING: + case self::TYPE_GENERAL_STRING: + case self::TYPE_UNIVERSAL_STRING: + case self::TYPE_UTF8_STRING: + case self::TYPE_BMP_STRING: return $decoded['content']; - case FILE_ASN1_TYPE_INTEGER: - case FILE_ASN1_TYPE_ENUMERATED: + case self::TYPE_INTEGER: + case self::TYPE_ENUMERATED: $temp = $decoded['content']; if (isset($mapping['implicit'])) { $temp = new BigInteger($decoded['content'], -256); @@ -802,8 +802,8 @@ class File_ASN1 $tag = $mapping['type']; switch ($tag) { - case FILE_ASN1_TYPE_SET: // Children order is not important, thus process in sequence. - case FILE_ASN1_TYPE_SEQUENCE: + case self::TYPE_SET: // Children order is not important, thus process in sequence. + case self::TYPE_SEQUENCE: $tag|= 0x20; // set the constructed bit $value = ''; @@ -851,18 +851,18 @@ class File_ASN1 AUTOMATIC TAGS, but the type defined by "Type" is an untagged choice type, an untagged open type, or an untagged "DummyReference" (see ITU-T Rec. X.683 | ISO/IEC 8824-4, 8.3)." */ - if (isset($child['explicit']) || $child['type'] == FILE_ASN1_TYPE_CHOICE) { - $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); + if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); $temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp; } else { - $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); $temp = $subtag . substr($temp, 1); } } $value.= $temp; } break; - case FILE_ASN1_TYPE_CHOICE: + case self::TYPE_CHOICE: $temp = false; foreach ($mapping['children'] as $key => $child) { @@ -885,11 +885,11 @@ class File_ASN1 // if isset($child['constant']) is true then isset($child['optional']) should be true as well if (isset($child['constant'])) { - if (isset($child['explicit']) || $child['type'] == FILE_ASN1_TYPE_CHOICE) { - $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); + if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); $temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp; } else { - $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); $temp = $subtag . substr($temp, 1); } } @@ -904,8 +904,8 @@ class File_ASN1 } return $temp; - case FILE_ASN1_TYPE_INTEGER: - case FILE_ASN1_TYPE_ENUMERATED: + case self::TYPE_INTEGER: + case self::TYPE_ENUMERATED: if (!isset($mapping['mapping'])) { if (is_numeric($source)) { $source = new BigInteger($source); @@ -923,13 +923,13 @@ class File_ASN1 $value = chr(0); } break; - case FILE_ASN1_TYPE_UTC_TIME: - case FILE_ASN1_TYPE_GENERALIZED_TIME: - $format = $mapping['type'] == FILE_ASN1_TYPE_UTC_TIME ? 'y' : 'Y'; + case self::TYPE_UTC_TIME: + case self::TYPE_GENERALIZED_TIME: + $format = $mapping['type'] == self::TYPE_UTC_TIME ? 'y' : 'Y'; $format.= 'mdHis'; $value = @gmdate($format, strtotime($source)) . 'Z'; break; - case FILE_ASN1_TYPE_BIT_STRING: + case self::TYPE_BIT_STRING: if (isset($mapping['mapping'])) { $bits = array_fill(0, count($mapping['mapping']), 0); $size = 0; @@ -961,14 +961,14 @@ class File_ASN1 break; } - case FILE_ASN1_TYPE_OCTET_STRING: + case self::TYPE_OCTET_STRING: /* The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, the number of unused bits in the final subsequent octet. The number shall be in the range zero to seven. -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=16 */ $value = base64_decode($source); break; - case FILE_ASN1_TYPE_OBJECT_IDENTIFIER: + case self::TYPE_OBJECT_IDENTIFIER: $oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids); if ($oid === false) { user_error('Invalid OID'); @@ -991,7 +991,7 @@ class File_ASN1 $value.= $temp; } break; - case FILE_ASN1_TYPE_ANY: + case self::TYPE_ANY: $loc = $this->location; if (isset($idx)) { array_pop($this->location); @@ -999,14 +999,14 @@ class File_ASN1 switch (true) { case !isset($source): - return $this->_encode_der(null, array('type' => FILE_ASN1_TYPE_NULL) + $mapping, null, $special); + return $this->_encode_der(null, array('type' => self::TYPE_NULL) + $mapping, null, $special); case is_int($source): case $source instanceof \phpseclib\Math\BigInteger: - return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_INTEGER) + $mapping, null, $special); + return $this->_encode_der($source, array('type' => self::TYPE_INTEGER) + $mapping, null, $special); case is_float($source): - return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_REAL) + $mapping, null, $special); + return $this->_encode_der($source, array('type' => self::TYPE_REAL) + $mapping, null, $special); case is_bool($source): - return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_BOOLEAN) + $mapping, null, $special); + return $this->_encode_der($source, array('type' => self::TYPE_BOOLEAN) + $mapping, null, $special); case is_array($source) && count($source) == 1: $typename = implode('', array_keys($source)); $outtype = array_search($typename, $this->ANYmap, true); @@ -1028,23 +1028,23 @@ class File_ASN1 return false; } return $this->_encode_der($source, $filters + $mapping, null, $special); - case FILE_ASN1_TYPE_NULL: + case self::TYPE_NULL: $value = ''; break; - case FILE_ASN1_TYPE_NUMERIC_STRING: - case FILE_ASN1_TYPE_TELETEX_STRING: - case FILE_ASN1_TYPE_PRINTABLE_STRING: - case FILE_ASN1_TYPE_UNIVERSAL_STRING: - case FILE_ASN1_TYPE_UTF8_STRING: - case FILE_ASN1_TYPE_BMP_STRING: - case FILE_ASN1_TYPE_IA5_STRING: - case FILE_ASN1_TYPE_VISIBLE_STRING: - case FILE_ASN1_TYPE_VIDEOTEX_STRING: - case FILE_ASN1_TYPE_GRAPHIC_STRING: - case FILE_ASN1_TYPE_GENERAL_STRING: + case self::TYPE_NUMERIC_STRING: + case self::TYPE_TELETEX_STRING: + case self::TYPE_PRINTABLE_STRING: + case self::TYPE_UNIVERSAL_STRING: + case self::TYPE_UTF8_STRING: + case self::TYPE_BMP_STRING: + case self::TYPE_IA5_STRING: + case self::TYPE_VISIBLE_STRING: + case self::TYPE_VIDEOTEX_STRING: + case self::TYPE_GRAPHIC_STRING: + case self::TYPE_GENERAL_STRING: $value = $source; break; - case FILE_ASN1_TYPE_BOOLEAN: + case self::TYPE_BOOLEAN: $value = $source ? "\xFF" : "\x00"; break; default: @@ -1057,7 +1057,7 @@ class File_ASN1 } if (isset($mapping['cast'])) { - if (isset($mapping['explicit']) || $mapping['type'] == FILE_ASN1_TYPE_CHOICE) { + if (isset($mapping['explicit']) || $mapping['type'] == self::TYPE_CHOICE) { $value = chr($tag) . $this->_encodeLength(strlen($value)) . $value; $tag = ($mapping['class'] << 6) | 0x20 | $mapping['cast']; } else { @@ -1108,7 +1108,7 @@ class File_ASN1 http://tools.ietf.org/html/rfc5280#section-4.1.2.5.2 http://www.obj-sys.com/asn1tutorial/node14.html */ - $pattern = $tag == FILE_ASN1_TYPE_UTC_TIME ? + $pattern = $tag == self::TYPE_UTC_TIME ? '#(..)(..)(..)(..)(..)(..)(.*)#' : '#(....)(..)(..)(..)(..)(..).*([Z+-].*)$#'; @@ -1116,7 +1116,7 @@ class File_ASN1 list(, $year, $month, $day, $hour, $minute, $second, $timezone) = $matches; - if ($tag == FILE_ASN1_TYPE_UTC_TIME) { + if ($tag == self::TYPE_UTC_TIME) { $year = $year >= 50 ? "19$year" : "20$year"; } @@ -1205,7 +1205,7 @@ class File_ASN1 * @return String * @access public */ - function convert($in, $from = FILE_ASN1_TYPE_UTF8_STRING, $to = FILE_ASN1_TYPE_UTF8_STRING) + function convert($in, $from = self::TYPE_UTF8_STRING, $to = self::TYPE_UTF8_STRING) { if (!isset($this->stringTypeSize[$from]) || !isset($this->stringTypeSize[$to])) { return false; diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index ad77f431..cccc49a5 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -33,77 +33,6 @@ if (!class_exists('File_ASN1')) { include_once 'ASN1.php'; } -/** - * Flag to only accept signatures signed by certificate authorities - * - * Not really used anymore but retained all the same to suppress E_NOTICEs from old installs - * - * @access public - */ -define('FILE_X509_VALIDATE_SIGNATURE_BY_CA', 1); - -/**#@+ - * @access public - * @see File_X509::getDN() - */ -/** - * Return internal array representation - */ -define('FILE_X509_DN_ARRAY', 0); -/** - * Return string - */ -define('FILE_X509_DN_STRING', 1); -/** - * Return ASN.1 name string - */ -define('FILE_X509_DN_ASN1', 2); -/** - * Return OpenSSL compatible array - */ -define('FILE_X509_DN_OPENSSL', 3); -/** - * Return canonical ASN.1 RDNs string - */ -define('FILE_X509_DN_CANON', 4); -/** - * Return name hash for file indexing - */ -define('FILE_X509_DN_HASH', 5); -/**#@-*/ - -/**#@+ - * @access public - * @see File_X509::saveX509() - * @see File_X509::saveCSR() - * @see File_X509::saveCRL() - */ -/** - * Save as PEM - * - * ie. a base64-encoded PEM with a header and a footer - */ -define('FILE_X509_FORMAT_PEM', 0); -/** - * Save as DER - */ -define('FILE_X509_FORMAT_DER', 1); -/** - * Save as a SPKAC - * - * Only works on CSRs. Not currently supported. - */ -define('FILE_X509_FORMAT_SPKAC', 2); -/**#@-*/ - -/** - * Attribute value disposition. - * If disposition is >= 0, this is the index of the target value. - */ -define('FILE_X509_ATTR_ALL', -1); // All attribute values (array). -define('FILE_X509_ATTR_APPEND', -2); // Add a value. -define('FILE_X509_ATTR_REPLACE', -3); // Clear first, then add a value. - /** * Pure-PHP X.509 Parser * @@ -113,6 +42,77 @@ define('FILE_X509_ATTR_REPLACE', -3); // Clear first, then add a value. */ class File_X509 { + /** + * Flag to only accept signatures signed by certificate authorities + * + * Not really used anymore but retained all the same to suppress E_NOTICEs from old installs + * + * @access public + */ + const VALIDATE_SIGNATURE_BY_CA = 1; + + /**#@+ + * @access public + * @see File_X509::getDN() + */ + /** + * Return internal array representation + */ + const DN_ARRAY = 0; + /** + * Return string + */ + const DN_STRING = 1; + /** + * Return ASN.1 name string + */ + const DN_ASN1 = 2; + /** + * Return OpenSSL compatible array + */ + const DN_OPENSSL = 3; + /** + * Return canonical ASN.1 RDNs string + */ + const DN_CANON = 4; + /** + * Return name hash for file indexing + */ + const DN_HASH = 5; + /**#@-*/ + + /**#@+ + * @access public + * @see File_X509::saveX509() + * @see File_X509::saveCSR() + * @see File_X509::saveCRL() + */ + /** + * Save as PEM + * + * ie. a base64-encoded PEM with a header and a footer + */ + const FORMAT_PEM = 0; + /** + * Save as DER + */ + const FORMAT_DER = 1; + /** + * Save as a SPKAC + * + * Only works on CSRs. Not currently supported. + */ + const FORMAT_SPKAC = 2; + /**#@-*/ + + /** + * Attribute value disposition. + * If disposition is >= 0, this is the index of the target value. + */ + const ATTR_ALL = -1; // All attribute values (array). + const ATTR_APPEND = -2; // Add a value. + const ATTR_REPLACE = -3; // Clear first, then add a value. + /** * ASN.1 syntax for X.509 certificates * @@ -301,30 +301,30 @@ class File_X509 // http://tools.ietf.org/html/rfc5280#appendix-A.1 $this->DirectoryString = array( - 'type' => FILE_ASN1_TYPE_CHOICE, + 'type' => File_ASN1::TYPE_CHOICE, 'children' => array( - 'teletexString' => array('type' => FILE_ASN1_TYPE_TELETEX_STRING), - 'printableString' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING), - 'universalString' => array('type' => FILE_ASN1_TYPE_UNIVERSAL_STRING), - 'utf8String' => array('type' => FILE_ASN1_TYPE_UTF8_STRING), - 'bmpString' => array('type' => FILE_ASN1_TYPE_BMP_STRING) + 'teletexString' => array('type' => File_ASN1::TYPE_TELETEX_STRING), + 'printableString' => array('type' => File_ASN1::TYPE_PRINTABLE_STRING), + 'universalString' => array('type' => File_ASN1::TYPE_UNIVERSAL_STRING), + 'utf8String' => array('type' => File_ASN1::TYPE_UTF8_STRING), + 'bmpString' => array('type' => File_ASN1::TYPE_BMP_STRING) ) ); $this->PKCS9String = array( - 'type' => FILE_ASN1_TYPE_CHOICE, + 'type' => File_ASN1::TYPE_CHOICE, 'children' => array( - 'ia5String' => array('type' => FILE_ASN1_TYPE_IA5_STRING), + 'ia5String' => array('type' => File_ASN1::TYPE_IA5_STRING), 'directoryString' => $this->DirectoryString ) ); - $this->AttributeValue = array('type' => FILE_ASN1_TYPE_ANY); + $this->AttributeValue = array('type' => File_ASN1::TYPE_ANY); - $AttributeType = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); + $AttributeType = array('type' => File_ASN1::TYPE_OBJECT_IDENTIFIER); $AttributeTypeAndValue = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'type' => $AttributeType, 'value'=> $this->AttributeValue @@ -339,7 +339,7 @@ class File_X509 - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName */ $this->RelativeDistinguishedName = array( - 'type' => FILE_ASN1_TYPE_SET, + 'type' => File_ASN1::TYPE_SET, 'min' => 1, 'max' => -1, 'children' => $AttributeTypeAndValue @@ -347,7 +347,7 @@ class File_X509 // http://tools.ietf.org/html/rfc5280#section-4.1.2.4 $RDNSequence = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, // RDNSequence does not define a min or a max, which means it doesn't have one 'min' => 0, 'max' => -1, @@ -355,7 +355,7 @@ class File_X509 ); $this->Name = array( - 'type' => FILE_ASN1_TYPE_CHOICE, + 'type' => File_ASN1::TYPE_CHOICE, 'children' => array( 'rdnSequence' => $RDNSequence ) @@ -363,11 +363,11 @@ class File_X509 // http://tools.ietf.org/html/rfc5280#section-4.1.1.2 $AlgorithmIdentifier = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( - 'algorithm' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER), + 'algorithm' => array('type' => File_ASN1::TYPE_OBJECT_IDENTIFIER), 'parameters' => array( - 'type' => FILE_ASN1_TYPE_ANY, + 'type' => File_ASN1::TYPE_ANY, 'optional' => true ) ) @@ -381,20 +381,20 @@ class File_X509 http://tools.ietf.org/html/rfc5280#section-4.2 */ $Extension = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( - 'extnId' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER), + 'extnId' => array('type' => File_ASN1::TYPE_OBJECT_IDENTIFIER), 'critical' => array( - 'type' => FILE_ASN1_TYPE_BOOLEAN, + 'type' => File_ASN1::TYPE_BOOLEAN, 'optional' => true, 'default' => false ), - 'extnValue' => array('type' => FILE_ASN1_TYPE_OCTET_STRING) + 'extnValue' => array('type' => File_ASN1::TYPE_OCTET_STRING) ) ); $this->Extensions = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, // technically, it's MAX, but we'll assume anything < 0 is MAX 'max' => -1, @@ -403,42 +403,42 @@ class File_X509 ); $SubjectPublicKeyInfo = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'algorithm' => $AlgorithmIdentifier, - 'subjectPublicKey' => array('type' => FILE_ASN1_TYPE_BIT_STRING) + 'subjectPublicKey' => array('type' => File_ASN1::TYPE_BIT_STRING) ) ); - $UniqueIdentifier = array('type' => FILE_ASN1_TYPE_BIT_STRING); + $UniqueIdentifier = array('type' => File_ASN1::TYPE_BIT_STRING); $Time = array( - 'type' => FILE_ASN1_TYPE_CHOICE, + 'type' => File_ASN1::TYPE_CHOICE, 'children' => array( - 'utcTime' => array('type' => FILE_ASN1_TYPE_UTC_TIME), - 'generalTime' => array('type' => FILE_ASN1_TYPE_GENERALIZED_TIME) + 'utcTime' => array('type' => File_ASN1::TYPE_UTC_TIME), + 'generalTime' => array('type' => File_ASN1::TYPE_GENERALIZED_TIME) ) ); // http://tools.ietf.org/html/rfc5280#section-4.1.2.5 $Validity = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'notBefore' => $Time, 'notAfter' => $Time ) ); - $CertificateSerialNumber = array('type' => FILE_ASN1_TYPE_INTEGER); + $CertificateSerialNumber = array('type' => File_ASN1::TYPE_INTEGER); $Version = array( - 'type' => FILE_ASN1_TYPE_INTEGER, + 'type' => File_ASN1::TYPE_INTEGER, 'mapping' => array('v1', 'v2', 'v3') ); // assert($TBSCertificate['children']['signature'] == $Certificate['children']['signatureAlgorithm']) $TBSCertificate = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( // technically, default implies optional, but we'll define it as being optional, none-the-less, just to // reenforce that fact @@ -476,16 +476,16 @@ class File_X509 ); $this->Certificate = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'tbsCertificate' => $TBSCertificate, 'signatureAlgorithm' => $AlgorithmIdentifier, - 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING) + 'signature' => array('type' => File_ASN1::TYPE_BIT_STRING) ) ); $this->KeyUsage = array( - 'type' => FILE_ASN1_TYPE_BIT_STRING, + 'type' => File_ASN1::TYPE_BIT_STRING, 'mapping' => array( 'digitalSignature', 'nonRepudiation', @@ -500,52 +500,52 @@ class File_X509 ); $this->BasicConstraints = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'cA' => array( - 'type' => FILE_ASN1_TYPE_BOOLEAN, + 'type' => File_ASN1::TYPE_BOOLEAN, 'optional' => true, 'default' => false ), 'pathLenConstraint' => array( - 'type' => FILE_ASN1_TYPE_INTEGER, + 'type' => File_ASN1::TYPE_INTEGER, 'optional' => true ) ) ); - $this->KeyIdentifier = array('type' => FILE_ASN1_TYPE_OCTET_STRING); + $this->KeyIdentifier = array('type' => File_ASN1::TYPE_OCTET_STRING); $OrganizationalUnitNames = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => 4, // ub-organizational-units - 'children' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) + 'children' => array('type' => File_ASN1::TYPE_PRINTABLE_STRING) ); $PersonalName = array( - 'type' => FILE_ASN1_TYPE_SET, + 'type' => File_ASN1::TYPE_SET, 'children' => array( 'surname' => array( - 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, + 'type' => File_ASN1::TYPE_PRINTABLE_STRING, 'constant' => 0, 'optional' => true, 'implicit' => true ), 'given-name' => array( - 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, + 'type' => File_ASN1::TYPE_PRINTABLE_STRING, 'constant' => 1, 'optional' => true, 'implicit' => true ), 'initials' => array( - 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, + 'type' => File_ASN1::TYPE_PRINTABLE_STRING, 'constant' => 2, 'optional' => true, 'implicit' => true ), 'generation-qualifier' => array( - 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, + 'type' => File_ASN1::TYPE_PRINTABLE_STRING, 'constant' => 3, 'optional' => true, 'implicit' => true @@ -553,52 +553,52 @@ class File_X509 ) ); - $NumericUserIdentifier = array('type' => FILE_ASN1_TYPE_NUMERIC_STRING); + $NumericUserIdentifier = array('type' => File_ASN1::TYPE_NUMERIC_STRING); - $OrganizationName = array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING); + $OrganizationName = array('type' => File_ASN1::TYPE_PRINTABLE_STRING); $PrivateDomainName = array( - 'type' => FILE_ASN1_TYPE_CHOICE, + 'type' => File_ASN1::TYPE_CHOICE, 'children' => array( - 'numeric' => array('type' => FILE_ASN1_TYPE_NUMERIC_STRING), - 'printable' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) + 'numeric' => array('type' => File_ASN1::TYPE_NUMERIC_STRING), + 'printable' => array('type' => File_ASN1::TYPE_PRINTABLE_STRING) ) ); - $TerminalIdentifier = array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING); + $TerminalIdentifier = array('type' => File_ASN1::TYPE_PRINTABLE_STRING); - $NetworkAddress = array('type' => FILE_ASN1_TYPE_NUMERIC_STRING); + $NetworkAddress = array('type' => File_ASN1::TYPE_NUMERIC_STRING); $AdministrationDomainName = array( - 'type' => FILE_ASN1_TYPE_CHOICE, - // if class isn't present it's assumed to be FILE_ASN1_CLASS_UNIVERSAL or - // (if constant is present) FILE_ASN1_CLASS_CONTEXT_SPECIFIC - 'class' => FILE_ASN1_CLASS_APPLICATION, + 'type' => File_ASN1::TYPE_CHOICE, + // if class isn't present it's assumed to be File_ASN1::CLASS_UNIVERSAL or + // (if constant is present) File_ASN1::CLASS_CONTEXT_SPECIFIC + 'class' => File_ASN1::CLASS_APPLICATION, 'cast' => 2, 'children' => array( - 'numeric' => array('type' => FILE_ASN1_TYPE_NUMERIC_STRING), - 'printable' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) + 'numeric' => array('type' => File_ASN1::TYPE_NUMERIC_STRING), + 'printable' => array('type' => File_ASN1::TYPE_PRINTABLE_STRING) ) ); $CountryName = array( - 'type' => FILE_ASN1_TYPE_CHOICE, - // if class isn't present it's assumed to be FILE_ASN1_CLASS_UNIVERSAL or - // (if constant is present) FILE_ASN1_CLASS_CONTEXT_SPECIFIC - 'class' => FILE_ASN1_CLASS_APPLICATION, + 'type' => File_ASN1::TYPE_CHOICE, + // if class isn't present it's assumed to be File_ASN1::CLASS_UNIVERSAL or + // (if constant is present) File_ASN1::CLASS_CONTEXT_SPECIFIC + 'class' => File_ASN1::CLASS_APPLICATION, 'cast' => 1, 'children' => array( - 'x121-dcc-code' => array('type' => FILE_ASN1_TYPE_NUMERIC_STRING), - 'iso-3166-alpha2-code' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) + 'x121-dcc-code' => array('type' => File_ASN1::TYPE_NUMERIC_STRING), + 'iso-3166-alpha2-code' => array('type' => File_ASN1::TYPE_PRINTABLE_STRING) ) ); $AnotherName = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( - 'type-id' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER), + 'type-id' => array('type' => File_ASN1::TYPE_OBJECT_IDENTIFIER), 'value' => array( - 'type' => FILE_ASN1_TYPE_ANY, + 'type' => File_ASN1::TYPE_ANY, 'constant' => 0, 'optional' => true, 'explicit' => true @@ -607,16 +607,16 @@ class File_X509 ); $ExtensionAttribute = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'extension-attribute-type' => array( - 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING, + 'type' => File_ASN1::TYPE_PRINTABLE_STRING, 'constant' => 0, 'optional' => true, 'implicit' => true ), 'extension-attribute-value' => array( - 'type' => FILE_ASN1_TYPE_ANY, + 'type' => File_ASN1::TYPE_ANY, 'constant' => 1, 'optional' => true, 'explicit' => true @@ -625,29 +625,29 @@ class File_X509 ); $ExtensionAttributes = array( - 'type' => FILE_ASN1_TYPE_SET, + 'type' => File_ASN1::TYPE_SET, 'min' => 1, 'max' => 256, // ub-extension-attributes 'children' => $ExtensionAttribute ); $BuiltInDomainDefinedAttribute = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( - 'type' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING), - 'value' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING) + 'type' => array('type' => File_ASN1::TYPE_PRINTABLE_STRING), + 'value' => array('type' => File_ASN1::TYPE_PRINTABLE_STRING) ) ); $BuiltInDomainDefinedAttributes = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => 4, // ub-domain-defined-attributes 'children' => $BuiltInDomainDefinedAttribute ); $BuiltInStandardAttributes = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'country-name' => array('optional' => true) + $CountryName, 'administration-domain-name' => array('optional' => true) + $AdministrationDomainName, @@ -690,7 +690,7 @@ class File_X509 ); $ORAddress = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'built-in-standard-attributes' => $BuiltInStandardAttributes, 'built-in-domain-defined-attributes' => array('optional' => true) + $BuiltInDomainDefinedAttributes, @@ -699,7 +699,7 @@ class File_X509 ); $EDIPartyName = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'nameAssigner' => array( 'constant' => 0, @@ -717,7 +717,7 @@ class File_X509 ); $GeneralName = array( - 'type' => FILE_ASN1_TYPE_CHOICE, + 'type' => File_ASN1::TYPE_CHOICE, 'children' => array( 'otherName' => array( 'constant' => 0, @@ -725,13 +725,13 @@ class File_X509 'implicit' => true ) + $AnotherName, 'rfc822Name' => array( - 'type' => FILE_ASN1_TYPE_IA5_STRING, + 'type' => File_ASN1::TYPE_IA5_STRING, 'constant' => 1, 'optional' => true, 'implicit' => true ), 'dNSName' => array( - 'type' => FILE_ASN1_TYPE_IA5_STRING, + 'type' => File_ASN1::TYPE_IA5_STRING, 'constant' => 2, 'optional' => true, 'implicit' => true @@ -752,19 +752,19 @@ class File_X509 'implicit' => true ) + $EDIPartyName, 'uniformResourceIdentifier' => array( - 'type' => FILE_ASN1_TYPE_IA5_STRING, + 'type' => File_ASN1::TYPE_IA5_STRING, 'constant' => 6, 'optional' => true, 'implicit' => true ), 'iPAddress' => array( - 'type' => FILE_ASN1_TYPE_OCTET_STRING, + 'type' => File_ASN1::TYPE_OCTET_STRING, 'constant' => 7, 'optional' => true, 'implicit' => true ), 'registeredID' => array( - 'type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER, + 'type' => File_ASN1::TYPE_OBJECT_IDENTIFIER, 'constant' => 8, 'optional' => true, 'implicit' => true @@ -773,7 +773,7 @@ class File_X509 ); $GeneralNames = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $GeneralName @@ -782,7 +782,7 @@ class File_X509 $this->IssuerAltName = $GeneralNames; $ReasonFlags = array( - 'type' => FILE_ASN1_TYPE_BIT_STRING, + 'type' => File_ASN1::TYPE_BIT_STRING, 'mapping' => array( 'unused', 'keyCompromise', @@ -797,7 +797,7 @@ class File_X509 ); $DistributionPointName = array( - 'type' => FILE_ASN1_TYPE_CHOICE, + 'type' => File_ASN1::TYPE_CHOICE, 'children' => array( 'fullName' => array( 'constant' => 0, @@ -813,7 +813,7 @@ class File_X509 ); $DistributionPoint = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'distributionPoint' => array( 'constant' => 0, @@ -834,14 +834,14 @@ class File_X509 ); $this->CRLDistributionPoints = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $DistributionPoint ); $this->AuthorityKeyIdentifier = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'keyIdentifier' => array( 'constant' => 0, @@ -861,24 +861,24 @@ class File_X509 ) ); - $PolicyQualifierId = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); + $PolicyQualifierId = array('type' => File_ASN1::TYPE_OBJECT_IDENTIFIER); $PolicyQualifierInfo = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'policyQualifierId' => $PolicyQualifierId, - 'qualifier' => array('type' => FILE_ASN1_TYPE_ANY) + 'qualifier' => array('type' => File_ASN1::TYPE_ANY) ) ); - $CertPolicyId = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); + $CertPolicyId = array('type' => File_ASN1::TYPE_OBJECT_IDENTIFIER); $PolicyInformation = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'policyIdentifier' => $CertPolicyId, 'policyQualifiers' => array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 0, 'max' => -1, 'optional' => true, @@ -888,18 +888,18 @@ class File_X509 ); $this->CertificatePolicies = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $PolicyInformation ); $this->PolicyMappings = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'issuerDomainPolicy' => $CertPolicyId, 'subjectDomainPolicy' => $CertPolicyId @@ -907,25 +907,25 @@ class File_X509 ) ); - $KeyPurposeId = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); + $KeyPurposeId = array('type' => File_ASN1::TYPE_OBJECT_IDENTIFIER); $this->ExtKeyUsageSyntax = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $KeyPurposeId ); $AccessDescription = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( - 'accessMethod' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER), + 'accessMethod' => array('type' => File_ASN1::TYPE_OBJECT_IDENTIFIER), 'accessLocation' => $GeneralName ) ); $this->AuthorityInfoAccessSyntax = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $AccessDescription @@ -934,25 +934,25 @@ class File_X509 $this->SubjectAltName = $GeneralNames; $this->PrivateKeyUsagePeriod = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'notBefore' => array( 'constant' => 0, 'optional' => true, 'implicit' => true, - 'type' => FILE_ASN1_TYPE_GENERALIZED_TIME), + 'type' => File_ASN1::TYPE_GENERALIZED_TIME), 'notAfter' => array( 'constant' => 1, 'optional' => true, 'implicit' => true, - 'type' => FILE_ASN1_TYPE_GENERALIZED_TIME) + 'type' => File_ASN1::TYPE_GENERALIZED_TIME) ) ); - $BaseDistance = array('type' => FILE_ASN1_TYPE_INTEGER); + $BaseDistance = array('type' => File_ASN1::TYPE_INTEGER); $GeneralSubtree = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'base' => $GeneralName, 'minimum' => array( @@ -970,14 +970,14 @@ class File_X509 ); $GeneralSubtrees = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => -1, 'children' => $GeneralSubtree ); $this->NameConstraints = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'permittedSubtrees' => array( 'constant' => 0, @@ -992,33 +992,33 @@ class File_X509 ) ); - $this->CPSuri = array('type' => FILE_ASN1_TYPE_IA5_STRING); + $this->CPSuri = array('type' => File_ASN1::TYPE_IA5_STRING); $DisplayText = array( - 'type' => FILE_ASN1_TYPE_CHOICE, + 'type' => File_ASN1::TYPE_CHOICE, 'children' => array( - 'ia5String' => array('type' => FILE_ASN1_TYPE_IA5_STRING), - 'visibleString' => array('type' => FILE_ASN1_TYPE_VISIBLE_STRING), - 'bmpString' => array('type' => FILE_ASN1_TYPE_BMP_STRING), - 'utf8String' => array('type' => FILE_ASN1_TYPE_UTF8_STRING) + 'ia5String' => array('type' => File_ASN1::TYPE_IA5_STRING), + 'visibleString' => array('type' => File_ASN1::TYPE_VISIBLE_STRING), + 'bmpString' => array('type' => File_ASN1::TYPE_BMP_STRING), + 'utf8String' => array('type' => File_ASN1::TYPE_UTF8_STRING) ) ); $NoticeReference = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'organization' => $DisplayText, 'noticeNumbers' => array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'min' => 1, 'max' => 200, - 'children' => array('type' => FILE_ASN1_TYPE_INTEGER) + 'children' => array('type' => File_ASN1::TYPE_INTEGER) ) ) ); $this->UserNotice = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'noticeRef' => array( 'optional' => true, @@ -1033,7 +1033,7 @@ class File_X509 // mapping is from $this->netscape_cert_type = array( - 'type' => FILE_ASN1_TYPE_BIT_STRING, + 'type' => File_ASN1::TYPE_BIT_STRING, 'mapping' => array( 'SSLClient', 'SSLServer', @@ -1046,17 +1046,17 @@ class File_X509 ) ); - $this->netscape_comment = array('type' => FILE_ASN1_TYPE_IA5_STRING); - $this->netscape_ca_policy_url = array('type' => FILE_ASN1_TYPE_IA5_STRING); + $this->netscape_comment = array('type' => File_ASN1::TYPE_IA5_STRING); + $this->netscape_ca_policy_url = array('type' => File_ASN1::TYPE_IA5_STRING); // attribute is used in RFC2986 but we're using the RFC5280 definition $Attribute = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'type' => $AttributeType, 'value'=> array( - 'type' => FILE_ASN1_TYPE_SET, + 'type' => File_ASN1::TYPE_SET, 'min' => 1, 'max' => -1, 'children' => $this->AttributeValue @@ -1067,17 +1067,17 @@ class File_X509 // adapted from $Attributes = array( - 'type' => FILE_ASN1_TYPE_SET, + 'type' => File_ASN1::TYPE_SET, 'min' => 1, 'max' => -1, 'children' => $Attribute ); $CertificationRequestInfo = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'version' => array( - 'type' => FILE_ASN1_TYPE_INTEGER, + 'type' => File_ASN1::TYPE_INTEGER, 'mapping' => array('v1') ), 'subject' => $this->Name, @@ -1091,16 +1091,16 @@ class File_X509 ); $this->CertificationRequest = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'certificationRequestInfo' => $CertificationRequestInfo, 'signatureAlgorithm' => $AlgorithmIdentifier, - 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING) + 'signature' => array('type' => File_ASN1::TYPE_BIT_STRING) ) ); $RevokedCertificate = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'userCertificate' => $CertificateSerialNumber, 'revocationDate' => $Time, @@ -1111,7 +1111,7 @@ class File_X509 ); $TBSCertList = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'version' => array( 'optional' => true, @@ -1124,7 +1124,7 @@ class File_X509 'optional' => true ) + $Time, 'revokedCertificates' => array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'optional' => true, 'min' => 0, 'max' => -1, @@ -1139,17 +1139,17 @@ class File_X509 ); $this->CertificateList = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'tbsCertList' => $TBSCertList, 'signatureAlgorithm' => $AlgorithmIdentifier, - 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING) + 'signature' => array('type' => File_ASN1::TYPE_BIT_STRING) ) ); - $this->CRLNumber = array('type' => FILE_ASN1_TYPE_INTEGER); + $this->CRLNumber = array('type' => File_ASN1::TYPE_INTEGER); - $this->CRLReason = array('type' => FILE_ASN1_TYPE_ENUMERATED, + $this->CRLReason = array('type' => File_ASN1::TYPE_ENUMERATED, 'mapping' => array( 'unspecified', 'keyCompromise', @@ -1165,7 +1165,7 @@ class File_X509 ) ); - $this->IssuingDistributionPoint = array('type' => FILE_ASN1_TYPE_SEQUENCE, + $this->IssuingDistributionPoint = array('type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'distributionPoint' => array( 'constant' => 0, @@ -1173,14 +1173,14 @@ class File_X509 'explicit' => true ) + $DistributionPointName, 'onlyContainsUserCerts' => array( - 'type' => FILE_ASN1_TYPE_BOOLEAN, + 'type' => File_ASN1::TYPE_BOOLEAN, 'constant' => 1, 'optional' => true, 'default' => false, 'implicit' => true ), 'onlyContainsCACerts' => array( - 'type' => FILE_ASN1_TYPE_BOOLEAN, + 'type' => File_ASN1::TYPE_BOOLEAN, 'constant' => 2, 'optional' => true, 'default' => false, @@ -1192,14 +1192,14 @@ class File_X509 'implicit' => true ) + $ReasonFlags, 'indirectCRL' => array( - 'type' => FILE_ASN1_TYPE_BOOLEAN, + 'type' => File_ASN1::TYPE_BOOLEAN, 'constant' => 4, 'optional' => true, 'default' => false, 'implicit' => true ), 'onlyContainsAttributeCerts' => array( - 'type' => FILE_ASN1_TYPE_BOOLEAN, + 'type' => File_ASN1::TYPE_BOOLEAN, 'constant' => 5, 'optional' => true, 'default' => false, @@ -1208,26 +1208,26 @@ class File_X509 ) ); - $this->InvalidityDate = array('type' => FILE_ASN1_TYPE_GENERALIZED_TIME); + $this->InvalidityDate = array('type' => File_ASN1::TYPE_GENERALIZED_TIME); $this->CertificateIssuer = $GeneralNames; - $this->HoldInstructionCode = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER); + $this->HoldInstructionCode = array('type' => File_ASN1::TYPE_OBJECT_IDENTIFIER); $PublicKeyAndChallenge = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'spki' => $SubjectPublicKeyInfo, - 'challenge' => array('type' => FILE_ASN1_TYPE_IA5_STRING) + 'challenge' => array('type' => File_ASN1::TYPE_IA5_STRING) ) ); $this->SignedPublicKeyAndChallenge = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'publicKeyAndChallenge' => $PublicKeyAndChallenge, 'signatureAlgorithm' => $AlgorithmIdentifier, - 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING) + 'signature' => array('type' => File_ASN1::TYPE_BIT_STRING) ) ); @@ -1469,7 +1469,7 @@ class File_X509 * @access public * @return String */ - function saveX509($cert, $format = FILE_X509_FORMAT_PEM) + function saveX509($cert, $format = self::FORMAT_PEM) { if (!is_array($cert) || !isset($cert['tbsCertificate'])) { return false; @@ -1492,7 +1492,7 @@ class File_X509 $asn1->loadOIDs($this->oids); $filters = array(); - $type_utf8_string = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + $type_utf8_string = array('type' => File_ASN1::TYPE_UTF8_STRING); $filters['tbsCertificate']['signature']['parameters'] = $type_utf8_string; $filters['tbsCertificate']['signature']['issuer']['rdnSequence']['value'] = $type_utf8_string; $filters['tbsCertificate']['issuer']['rdnSequence']['value'] = $type_utf8_string; @@ -1504,12 +1504,12 @@ class File_X509 $filters['distributionPoint']['fullName']['directoryName']['rdnSequence']['value'] = $type_utf8_string; $filters['directoryName']['rdnSequence']['value'] = $type_utf8_string; - /* in the case of policyQualifiers/qualifier, the type has to be FILE_ASN1_TYPE_IA5_STRING. - FILE_ASN1_TYPE_PRINTABLE_STRING will cause OpenSSL's X.509 parser to spit out random + /* in the case of policyQualifiers/qualifier, the type has to be File_ASN1::TYPE_IA5_STRING. + File_ASN1::TYPE_PRINTABLE_STRING will cause OpenSSL's X.509 parser to spit out random characters. */ $filters['policyQualifiers']['qualifier'] - = array('type' => FILE_ASN1_TYPE_IA5_STRING); + = array('type' => File_ASN1::TYPE_IA5_STRING); $asn1->loadFilters($filters); @@ -1518,9 +1518,9 @@ class File_X509 $cert = $asn1->encodeDER($cert, $this->Certificate); switch ($format) { - case FILE_X509_FORMAT_DER: + case self::FORMAT_DER: return $cert; - // case FILE_X509_FORMAT_PEM: + // case self::FORMAT_PEM: default: return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(base64_encode($cert), 64) . '-----END CERTIFICATE-----'; } @@ -1606,8 +1606,8 @@ class File_X509 $map = $this->_getMapping($subid); $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; if ($map !== false) { - // by default File_ASN1 will try to render qualifier as a FILE_ASN1_TYPE_IA5_STRING since it's - // actual type is FILE_ASN1_TYPE_ANY + // by default File_ASN1 will try to render qualifier as a File_ASN1::TYPE_IA5_STRING since it's + // actual type is File_ASN1::TYPE_ANY $subvalue = new File_ASN1_Element($asn1->encodeDER($subvalue, $map)); } } @@ -1616,7 +1616,7 @@ class File_X509 case 'id-ce-authorityKeyIdentifier': // use 00 as the serial number instead of an empty string if (isset($value['authorityCertSerialNumber'])) { if ($value['authorityCertSerialNumber']->toBytes() == '') { - $temp = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | 2) . "\1\0"; + $temp = chr((File_ASN1::CLASS_CONTEXT_SPECIFIC << 6) | 2) . "\1\0"; $value['authorityCertSerialNumber'] = new File_ASN1_Element($temp); } } @@ -2446,24 +2446,24 @@ class File_X509 * @access public * @return Boolean */ - function getDN($format = FILE_X509_DN_ARRAY, $dn = null) + function getDN($format = self::DN_ARRAY, $dn = null) { if (!isset($dn)) { $dn = isset($this->currentCert['tbsCertList']) ? $this->currentCert['tbsCertList']['issuer'] : $this->dn; } switch ((int) $format) { - case FILE_X509_DN_ARRAY: + case self::DN_ARRAY: return $dn; - case FILE_X509_DN_ASN1: + case self::DN_ASN1: $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $filters = array(); - $filters['rdnSequence']['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + $filters['rdnSequence']['value'] = array('type' => File_ASN1::TYPE_UTF8_STRING); $asn1->loadFilters($filters); return $asn1->encodeDER($dn, $this->Name); - case FILE_X509_DN_OPENSSL: - $dn = $this->getDN(FILE_X509_DN_STRING, $dn); + case self::DN_OPENSSL: + $dn = $this->getDN(self::DN_STRING, $dn); if ($dn === false) { return false; } @@ -2479,13 +2479,13 @@ class File_X509 } } return $dn; - case FILE_X509_DN_CANON: + case self::DN_CANON: // No SEQUENCE around RDNs and all string values normalized as // trimmed lowercase UTF-8 with all spacing as one blank. $asn1 = new File_ASN1(); $asn1->loadOIDs($this->oids); $filters = array(); - $filters['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + $filters['value'] = array('type' => File_ASN1::TYPE_UTF8_STRING); $asn1->loadFilters($filters); $result = ''; foreach ($dn['rdnSequence'] as $rdn) { @@ -2508,8 +2508,8 @@ class File_X509 $result .= $asn1->encodeDER($rdn, $this->RelativeDistinguishedName); } return $result; - case FILE_X509_DN_HASH: - $dn = $this->getDN(FILE_X509_DN_CANON, $dn); + case self::DN_HASH: + $dn = $this->getDN(self::DN_CANON, $dn); if (!class_exists('Crypt_Hash')) { include_once 'Crypt/Hash.php'; } @@ -2591,7 +2591,7 @@ class File_X509 * @access public * @return Mixed */ - function getIssuerDN($format = FILE_X509_DN_ARRAY) + function getIssuerDN($format = self::DN_ARRAY) { switch (true) { case !isset($this->currentCert) || !is_array($this->currentCert): @@ -2613,7 +2613,7 @@ class File_X509 * @access public * @return Mixed */ - function getSubjectDN($format = FILE_X509_DN_ARRAY) + function getSubjectDN($format = self::DN_ARRAY) { switch (true) { case !empty($this->dn): @@ -2889,7 +2889,7 @@ class File_X509 * @access public * @return String */ - function saveCSR($csr, $format = FILE_X509_FORMAT_PEM) + function saveCSR($csr, $format = self::FORMAT_PEM) { if (!is_array($csr) || !isset($csr['certificationRequestInfo'])) { return false; @@ -2913,7 +2913,7 @@ class File_X509 $filters = array(); $filters['certificationRequestInfo']['subject']['rdnSequence']['value'] - = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + = array('type' => File_ASN1::TYPE_UTF8_STRING); $asn1->loadFilters($filters); @@ -2921,9 +2921,9 @@ class File_X509 $csr = $asn1->encodeDER($csr, $this->CertificationRequest); switch ($format) { - case FILE_X509_FORMAT_DER: + case self::FORMAT_DER: return $csr; - // case FILE_X509_FORMAT_PEM: + // case self::FORMAT_PEM: default: return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(base64_encode($csr), 64) . '-----END CERTIFICATE REQUEST-----'; } @@ -3015,7 +3015,7 @@ class File_X509 * @access public * @return String */ - function saveSPKAC($spkac, $format = FILE_X509_FORMAT_PEM) + function saveSPKAC($spkac, $format = self::FORMAT_PEM) { if (!is_array($spkac) || !isset($spkac['publicKeyAndChallenge'])) { return false; @@ -3040,9 +3040,9 @@ class File_X509 $spkac = $asn1->encodeDER($spkac, $this->SignedPublicKeyAndChallenge); switch ($format) { - case FILE_X509_FORMAT_DER: + case self::FORMAT_DER: return $spkac; - // case FILE_X509_FORMAT_PEM: + // case self::FORMAT_PEM: default: // OpenSSL's implementation of SPKAC requires the SPKAC be preceeded by SPKAC= and since there are pretty much // no other SPKAC decoders phpseclib will use that same format @@ -3113,7 +3113,7 @@ class File_X509 * @access public * @return String */ - function saveCRL($crl, $format = FILE_X509_FORMAT_PEM) + function saveCRL($crl, $format = self::FORMAT_PEM) { if (!is_array($crl) || !isset($crl['tbsCertList'])) { return false; @@ -3125,20 +3125,20 @@ class File_X509 $filters = array(); $filters['tbsCertList']['issuer']['rdnSequence']['value'] - = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + = array('type' => File_ASN1::TYPE_UTF8_STRING); $filters['tbsCertList']['signature']['parameters'] - = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + = array('type' => File_ASN1::TYPE_UTF8_STRING); $filters['signatureAlgorithm']['parameters'] - = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + = array('type' => File_ASN1::TYPE_UTF8_STRING); if (empty($crl['tbsCertList']['signature']['parameters'])) { $filters['tbsCertList']['signature']['parameters'] - = array('type' => FILE_ASN1_TYPE_NULL); + = array('type' => File_ASN1::TYPE_NULL); } if (empty($crl['signatureAlgorithm']['parameters'])) { $filters['signatureAlgorithm']['parameters'] - = array('type' => FILE_ASN1_TYPE_NULL); + = array('type' => File_ASN1::TYPE_NULL); } $asn1->loadFilters($filters); @@ -3154,9 +3154,9 @@ class File_X509 $crl = $asn1->encodeDER($crl, $this->CertificateList); switch ($format) { - case FILE_X509_FORMAT_DER: + case self::FORMAT_DER: return $crl; - // case FILE_X509_FORMAT_PEM: + // case self::FORMAT_PEM: default: return "-----BEGIN X509 CRL-----\r\n" . chunk_split(base64_encode($crl), 64) . '-----END X509 CRL-----'; } @@ -3667,7 +3667,7 @@ class File_X509 if (strtolower($date) == 'lifetime') { $temp = '99991231235959Z'; $asn1 = new File_ASN1(); - $temp = chr(FILE_ASN1_TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp; + $temp = chr(File_ASN1::TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp; $this->endDate = new File_ASN1_Element($temp); } else { $this->endDate = @date('D, d M Y H:i:s O', @strtotime($date)); @@ -3963,7 +3963,7 @@ class File_X509 * @access public * @return Boolean */ - function removeAttribute($id, $disposition = FILE_X509_ATTR_ALL) + function removeAttribute($id, $disposition = self::ATTR_ALL) { $attributes = &$this->_subArray($this->currentCert, 'certificationRequestInfo/attributes'); @@ -3976,13 +3976,13 @@ class File_X509 if ($attribute['type'] == $id) { $n = count($attribute['value']); switch (true) { - case $disposition == FILE_X509_ATTR_APPEND: - case $disposition == FILE_X509_ATTR_REPLACE: + case $disposition == self::ATTR_APPEND: + case $disposition == self::ATTR_REPLACE: return false; case $disposition >= $n: $disposition -= $n; break; - case $disposition == FILE_X509_ATTR_ALL: + case $disposition == self::ATTR_ALL: case $n == 1: unset($attributes[$key]); $result = true; @@ -3993,7 +3993,7 @@ class File_X509 $result = true; break; } - if ($result && $disposition != FILE_X509_ATTR_ALL) { + if ($result && $disposition != self::ATTR_ALL) { break; } } @@ -4014,7 +4014,7 @@ class File_X509 * @access public * @return Mixed */ - function getAttribute($id, $disposition = FILE_X509_ATTR_ALL, $csr = null) + function getAttribute($id, $disposition = self::ATTR_ALL, $csr = null) { if (empty($csr)) { $csr = $this->currentCert; @@ -4030,10 +4030,10 @@ class File_X509 if ($attribute['type'] == $id) { $n = count($attribute['value']); switch (true) { - case $disposition == FILE_X509_ATTR_APPEND: - case $disposition == FILE_X509_ATTR_REPLACE: + case $disposition == self::ATTR_APPEND: + case $disposition == self::ATTR_REPLACE: return false; - case $disposition == FILE_X509_ATTR_ALL: + case $disposition == self::ATTR_ALL: return $attribute['value']; case $disposition >= $n: $disposition -= $n; @@ -4081,7 +4081,7 @@ class File_X509 * @access public * @return Boolean */ - function setAttribute($id, $value, $disposition = FILE_X509_ATTR_ALL) + function setAttribute($id, $value, $disposition = self::ATTR_ALL) { $attributes = &$this->_subArray($this->currentCert, 'certificationRequestInfo/attributes', true); @@ -4090,9 +4090,9 @@ class File_X509 } switch ($disposition) { - case FILE_X509_ATTR_REPLACE: - $disposition = FILE_X509_ATTR_APPEND; - case FILE_X509_ATTR_ALL: + case self::ATTR_REPLACE: + $disposition = self::ATTR_APPEND; + case self::ATTR_ALL: $this->removeAttribute($id); break; } @@ -4101,7 +4101,7 @@ class File_X509 if ($attribute['type'] == $id) { $n = count($attribute['value']); switch (true) { - case $disposition == FILE_X509_ATTR_APPEND: + case $disposition == self::ATTR_APPEND: $last = $key; break; case $disposition >= $n; @@ -4121,7 +4121,7 @@ class File_X509 $attributes[$last]['value'][] = $value; break; default: - $attributes[] = array('type' => $id, 'value' => $disposition == FILE_X509_ATTR_ALL ? $value: array($value)); + $attributes[] = array('type' => $id, 'value' => $disposition == self::ATTR_ALL ? $value: array($value)); break; } @@ -4185,7 +4185,7 @@ class File_X509 if (empty($decoded)) { return false; } - $raw = $asn1->asn1map($decoded[0], array('type' => FILE_ASN1_TYPE_BIT_STRING)); + $raw = $asn1->asn1map($decoded[0], array('type' => File_ASN1::TYPE_BIT_STRING)); if (empty($raw)) { return false; } diff --git a/tests/Unit/File/ASN1Test.php b/tests/Unit/File/ASN1Test.php index 5a5e6efb..b9114638 100644 --- a/tests/Unit/File/ASN1Test.php +++ b/tests/Unit/File/ASN1Test.php @@ -16,48 +16,48 @@ class Unit_File_ASN1Test extends PhpseclibTestCase public function testAnyString() { $KDC_REP = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'pvno' => array( 'constant' => 0, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY), + 'type' => File_ASN1::TYPE_ANY), 'msg-type' => array( 'constant' => 1, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY), + 'type' => File_ASN1::TYPE_ANY), 'padata' => array( 'constant' => 2, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY), + 'type' => File_ASN1::TYPE_ANY), 'crealm' => array( 'constant' => 3, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY), + 'type' => File_ASN1::TYPE_ANY), 'cname' => array( 'constant' => 4, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY), + 'type' => File_ASN1::TYPE_ANY), 'ticket' => array( 'constant' => 5, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY), + 'type' => File_ASN1::TYPE_ANY), 'enc-part' => array( 'constant' => 6, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY) + 'type' => File_ASN1::TYPE_ANY) ) ); $AS_REP = array( - 'class' => FILE_ASN1_CLASS_APPLICATION, + 'class' => File_ASN1::CLASS_APPLICATION, 'cast' => 11, 'optional' => true, 'explicit' => true @@ -89,31 +89,31 @@ class Unit_File_ASN1Test extends PhpseclibTestCase public function testIncorrectString() { $PA_DATA = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'padata-type' => array( 'constant' => 1, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_INTEGER + 'type' => File_ASN1::TYPE_INTEGER ), 'padata-value' => array( 'constant' => 2, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_OCTET_STRING + 'type' => File_ASN1::TYPE_OCTET_STRING ) ) ); $PrincipalName = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'name-type' => array( 'constant' => 0, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_INTEGER + 'type' => File_ASN1::TYPE_INTEGER ), 'name-string' => array( 'constant' => 1, @@ -121,95 +121,95 @@ class Unit_File_ASN1Test extends PhpseclibTestCase 'explicit' => true, 'min' => 0, 'max' => -1, - 'type' => FILE_ASN1_TYPE_SEQUENCE, - 'children' => array('type' => FILE_ASN1_TYPE_IA5_STRING) // should be FILE_ASN1_TYPE_GENERAL_STRING + 'type' => File_ASN1::TYPE_SEQUENCE, + 'children' => array('type' => File_ASN1::TYPE_IA5_STRING) // should be File_ASN1::TYPE_GENERAL_STRING ) ) ); $Ticket = array( - 'class' => FILE_ASN1_CLASS_APPLICATION, + 'class' => File_ASN1::CLASS_APPLICATION, 'cast' => 1, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'tkt-vno' => array( 'constant' => 0, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_INTEGER + 'type' => File_ASN1::TYPE_INTEGER ), 'realm' => array( 'constant' => 1, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY + 'type' => File_ASN1::TYPE_ANY ), 'sname' => array( 'constant' => 2, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY + 'type' => File_ASN1::TYPE_ANY ), 'enc-part' => array( 'constant' => 3, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY + 'type' => File_ASN1::TYPE_ANY ) ) ); $KDC_REP = array( - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => array( 'pvno' => array( 'constant' => 0, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_INTEGER), + 'type' => File_ASN1::TYPE_INTEGER), 'msg-type' => array( 'constant' => 1, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_INTEGER), + 'type' => File_ASN1::TYPE_INTEGER), 'padata' => array( 'constant' => 2, 'optional' => true, 'explicit' => true, 'min' => 0, 'max' => -1, - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => $PA_DATA), 'crealm' => array( 'constant' => 3, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_OCTET_STRING), + 'type' => File_ASN1::TYPE_OCTET_STRING), 'cname' => array( 'constant' => 4, 'optional' => true, 'explicit' => true) + $PrincipalName, - //'type' => FILE_ASN1_TYPE_ANY), + //'type' => File_ASN1::TYPE_ANY), 'ticket' => array( 'constant' => 5, 'optional' => true, 'implicit' => true, 'min' => 0, 'max' => 1, - 'type' => FILE_ASN1_TYPE_SEQUENCE, + 'type' => File_ASN1::TYPE_SEQUENCE, 'children' => $Ticket), 'enc-part' => array( 'constant' => 6, 'optional' => true, 'explicit' => true, - 'type' => FILE_ASN1_TYPE_ANY) + 'type' => File_ASN1::TYPE_ANY) ) ); $AS_REP = array( - 'class' => FILE_ASN1_CLASS_APPLICATION, + 'class' => File_ASN1::CLASS_APPLICATION, 'cast' => 11, 'optional' => true, 'explicit' => true From e8c93d8cfe4c620322a791e509514bbbffe627c1 Mon Sep 17 00:00:00 2001 From: Clint Nelissen Date: Thu, 4 Dec 2014 08:30:07 -0800 Subject: [PATCH 2/2] Docblock fix --- phpseclib/File/ASN1.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index 30eb80a5..3d95b9fc 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -148,7 +148,7 @@ class File_ASN1 /** * Type mapping table for the ANY type. * - * Structured or unknown types are mapped to a File\ASN1\Element. + * Structured or unknown types are mapped to a File_ASN1_Element. * Unambiguous types get the direct mapping (int/real/bool). * Others are mapped as a choice, with an extra indexing level. *