mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-12-28 04:05:15 +00:00
- add getIssuerDN()
- fill in getPublicKey() stub - add 'lifetime' option to setEndDate() - fix a bug that'd prevent certs with File_ASN1_Element being saved git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@215 21d32557-59b3-4da0-833f-c5933fad653e
This commit is contained in:
parent
a90bba115c
commit
da8614a511
@ -1961,6 +1961,22 @@ class File_X509 {
|
|||||||
return $output;
|
return $output;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the Distinguished Name for a certificates issuer
|
||||||
|
*
|
||||||
|
* @param Boolean $string optional
|
||||||
|
* @access public
|
||||||
|
* @return Boolean
|
||||||
|
*/
|
||||||
|
function getIssuerDN($string = false)
|
||||||
|
{
|
||||||
|
if (!isset($this->currentCert) || !is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->getDN($string, $this->currentCert['tbsCertificate']['issuer']);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set public key
|
* Set public key
|
||||||
*
|
*
|
||||||
@ -1991,12 +2007,33 @@ class File_X509 {
|
|||||||
/**
|
/**
|
||||||
* Gets the public key
|
* Gets the public key
|
||||||
*
|
*
|
||||||
|
* Returns a Crypt_RSA object or a false.
|
||||||
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @return Object
|
* @return Mixed
|
||||||
*/
|
*/
|
||||||
function getPublicKey()
|
function getPublicKey()
|
||||||
{
|
{
|
||||||
//return
|
if (!isset($this->currentCert) || !is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$key = $this->currentCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'];
|
||||||
|
|
||||||
|
switch ($this->currentCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm']) {
|
||||||
|
case 'rsaEncryption':
|
||||||
|
if (!class_exists('Crypt_RSA')) {
|
||||||
|
require_once('Crypt/RSA.php');
|
||||||
|
}
|
||||||
|
$publicKey = new Crypt_RSA();
|
||||||
|
$publicKey->loadKey($key);
|
||||||
|
$publicKey->setPublicKey();
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $publicKey;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -2041,6 +2078,8 @@ class File_X509 {
|
|||||||
}
|
}
|
||||||
$this->publicKey = new Crypt_RSA();
|
$this->publicKey = new Crypt_RSA();
|
||||||
$this->publicKey->loadKey($key);
|
$this->publicKey->loadKey($key);
|
||||||
|
$this->publicKey->setPublicKey();
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
$this->publicKey = NULL;
|
$this->publicKey = NULL;
|
||||||
}
|
}
|
||||||
@ -2082,12 +2121,12 @@ class File_X509 {
|
|||||||
$signatureAlgorithm;
|
$signatureAlgorithm;
|
||||||
$this->currentCert = $subject->currentCert;
|
$this->currentCert = $subject->currentCert;
|
||||||
if (!empty($this->startDate)) {
|
if (!empty($this->startDate)) {
|
||||||
$this->currentCert['tbsCertificate']['validity']['notBefore']['utcTime'] = $this->startDate;
|
$this->currentCert['tbsCertificate']['validity']['notBefore']['generalTime'] = $this->startDate;
|
||||||
unset($this->currentCert['tbsCertificate']['validity']['notBefore']['generalTime']);
|
unset($this->currentCert['tbsCertificate']['validity']['notBefore']['utcTime']);
|
||||||
}
|
}
|
||||||
if (!empty($this->endDate)) {
|
if (!empty($this->endDate)) {
|
||||||
$this->currentCert['tbsCertificate']['validity']['notAfter']['utcTime'] = $this->endDate;
|
$this->currentCert['tbsCertificate']['validity']['notAfter']['generalTime'] = $this->endDate;
|
||||||
unset($this->currentCert['tbsCertificate']['validity']['notAfter']['generalTime']);
|
unset($this->currentCert['tbsCertificate']['validity']['notAfter']['utcTime']);
|
||||||
}
|
}
|
||||||
if (!empty($this->serialNumber)) {
|
if (!empty($this->serialNumber)) {
|
||||||
$this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber;
|
$this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber;
|
||||||
@ -2119,8 +2158,8 @@ class File_X509 {
|
|||||||
'signature' => array('algorithm' => $signatureAlgorithm),
|
'signature' => array('algorithm' => $signatureAlgorithm),
|
||||||
'issuer' => false, // this is going to be overwritten later
|
'issuer' => false, // this is going to be overwritten later
|
||||||
'validity' => array(
|
'validity' => array(
|
||||||
'notBefore' => array('utcTime' => $startDate), // $this->setStartDate()
|
'notBefore' => array('generalTime' => $startDate), // $this->setStartDate()
|
||||||
'notAfter' => array('utcTime' => $endDate) // $this->setEndDate()
|
'notAfter' => array('generalTime' => $endDate) // $this->setEndDate()
|
||||||
),
|
),
|
||||||
'subject' => $subject->dn,
|
'subject' => $subject->dn,
|
||||||
'subjectPublicKeyInfo' => $subjectPublicKey
|
'subjectPublicKeyInfo' => $subjectPublicKey
|
||||||
@ -2200,9 +2239,12 @@ class File_X509 {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// resync $this->signatureSubject
|
// resync $this->signatureSubject
|
||||||
|
// save $tbsCertificate in case there are any File_ASN1_Element objects in it
|
||||||
|
$tbsCertificate = $this->currentCert['tbsCertificate'];
|
||||||
$this->loadX509($this->saveX509($this->currentCert));
|
$this->loadX509($this->saveX509($this->currentCert));
|
||||||
|
|
||||||
$result = $this->_sign($issuer->privateKey, $signatureAlgorithm);
|
$result = $this->_sign($issuer->privateKey, $signatureAlgorithm);
|
||||||
|
$result['tbsCertificate'] = $tbsCertificate;
|
||||||
|
|
||||||
$this->currentCert = $currentCert;
|
$this->currentCert = $currentCert;
|
||||||
$this->signatureSubject = $signatureSubject;
|
$this->signatureSubject = $signatureSubject;
|
||||||
@ -2261,8 +2303,22 @@ class File_X509 {
|
|||||||
*/
|
*/
|
||||||
function setEndDate($date)
|
function setEndDate($date)
|
||||||
{
|
{
|
||||||
|
/*
|
||||||
|
To indicate that a certificate has no well-defined expiration date,
|
||||||
|
the notAfter SHOULD be assigned the GeneralizedTime value of
|
||||||
|
99991231235959Z.
|
||||||
|
|
||||||
|
-- http://tools.ietf.org/html/rfc5280#section-4.1.2.5
|
||||||
|
*/
|
||||||
|
if (strtolower($date) == 'lifetime') {
|
||||||
|
$temp = '99991231235959Z';
|
||||||
|
$asn1 = new File_ASN1();
|
||||||
|
$temp = chr(FILE_ASN1_TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp;
|
||||||
|
$this->endDate = new File_ASN1_Element($temp);
|
||||||
|
} else {
|
||||||
$this->endDate = @date('M j H:i:s Y T', @strtotime($date));
|
$this->endDate = @date('M j H:i:s Y T', @strtotime($date));
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set Serial Number
|
* Set Serial Number
|
||||||
|
Loading…
Reference in New Issue
Block a user