diff --git a/.travis.yml b/.travis.yml index b27e484c..09bee687 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,8 +1,10 @@ language: php php: + - 5.6 - 7.0 - 7.1 + - hhvm env: global: diff --git a/phpseclib/Crypt/Common/PKCS8.php b/phpseclib/Crypt/Common/PKCS8.php index 08095e0b..58c29627 100644 --- a/phpseclib/Crypt/Common/PKCS8.php +++ b/phpseclib/Crypt/Common/PKCS8.php @@ -39,138 +39,6 @@ use phpseclib\Math\BigInteger; use phpseclib\File\ASN1; use phpseclib\Exception\UnsupportedAlgorithmException; -// version is the syntax version number, for compatibility with -// future revisions of this document. It shall be 0 for this version -// of the document. -define(__NAMESPACE__ . '\Version', [ - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => ['v1'] -]); - -// we can replace this later once the X509 definitions are rewritten -define(__NAMESPACE__ . '\AlgorithmIdentifier', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'algorithm' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], - 'parameters' => [ - 'type' => ASN1::TYPE_ANY, - 'optional' => true - ] - ] -]); - -define(__NAMESPACE__ . '\PrivateKey', ['type' => ASN1::TYPE_OCTET_STRING]); - -// we can replace this later once the X509 definitions are rewritten -define(__NAMESPACE__ . '\AttributeType', ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]); - -// we can replace this later once the X509 definitions are rewritten -define(__NAMESPACE__ . '\AttributeValue', ['type' => ASN1::TYPE_ANY]); - -// we can replace this later once the X509 definitions are rewritten -define(__NAMESPACE__ . '\Attribute', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'type' => AttributeType, - 'value'=> [ - 'type' => ASN1::TYPE_SET, - 'min' => 1, - 'max' => -1, - 'children' => AttributeValue - ] - ] -]); - -define(__NAMESPACE__ . '\Attributes', [ - 'type' => ASN1::TYPE_SET, - 'children' => Attribute -]); - -define(__NAMESPACE__ . '\PrivateKeyInfo', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => Version, - 'privateKeyAlgorithm'=> AlgorithmIdentifier, - 'privateKey' => PrivateKey, - 'attributes' => [ - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ] + Attributes - ] -]); - -define(__NAMESPACE__ . '\EncryptedData', ['type' => ASN1::TYPE_OCTET_STRING]); - -define(__NAMESPACE__ . '\EncryptedPrivateKeyInfo', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'encryptionAlgorithm' => AlgorithmIdentifier, - 'encryptedData' => EncryptedData - ] -]); - -// this format is not formally defined anywhere but is none-the-less the form you -// get when you do "openssl rsa -in private.pem -outform PEM -pubout" -define(__NAMESPACE__ . '\PublicKeyInfo', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'publicKeyAlgorithm'=> AlgorithmIdentifier, - 'publicKey' => ['type' => ASN1::TYPE_BIT_STRING] - ] -]); - -// from https://tools.ietf.org/html/rfc2898#appendix-A.3 -define(__NAMESPACE__ . '\PBEParameter', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'salt' => ['type' => ASN1::TYPE_OCTET_STRING], - 'iterationCount' => ['type' => ASN1::TYPE_INTEGER] - ] -]); - -define(__NAMESPACE__ . '\PBES2params', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'keyDerivationFunc'=> AlgorithmIdentifier, - 'encryptionScheme' => AlgorithmIdentifier - ] -]); - -define(__NAMESPACE__ . '\PBMAC1params', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'keyDerivationFunc'=> AlgorithmIdentifier, - 'messageAuthScheme'=> AlgorithmIdentifier - ] -]); - -define(__NAMESPACE__ . '\RC2CBCParameter', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'rc2ParametersVersion'=> [ - 'type' => ASN1::TYPE_INTEGER, - 'optional' => true - ], - 'iv'=> ['type' => ASN1::TYPE_OCTET_STRING] - ] -]); - -define(__NAMESPACE__ . '\PBKDF2params', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - // technically, this is a CHOICE in RFC2898 but the other "choice" is, currently, more of a placeholder - // in the RFC - 'salt'=> ['type' => ASN1::TYPE_OCTET_STRING], - 'iterationCount'=> ['type' => ASN1::TYPE_INTEGER], - 'keyLength' => [ - 'type' => ASN1::TYPE_INTEGER, - 'optional' => true - ], - 'prf' => AlgorithmIdentifier + ['optional' => true] - ] -]); - // from https://tools.ietf.org/html/rfc2898 define(__NAMESPACE__ . '\oids', [ // PBES1 encryption schemes @@ -455,7 +323,7 @@ class PKCS8 extends PKCS $meta = []; $asn1->loadOIDs(oids); - $decrypted = $asn1->asn1map($decoded[0], EncryptedPrivateKeyInfo); + $decrypted = $asn1->asn1map($decoded[0], ASN1\EncryptedPrivateKeyInfo::MAP); if (strlen($password) && is_array($decrypted)) { $algorithm = $decrypted['encryptionAlgorithm']['algorithm']; switch ($algorithm) { @@ -479,7 +347,7 @@ class PKCS8 extends PKCS $meta['meta']['algorithm'] = $algorithm; $temp = $asn1->decodeBER($decrypted['encryptionAlgorithm']['parameters']); - extract($asn1->asn1map($temp[0], PBEParameter)); + extract($asn1->asn1map($temp[0], ASN1\PBEParameter::MAP)); $iterationCount = (int) $iterationCount->toString(); $cipher->setPassword($password, $kdf, $hash, Base64::decode($salt), $iterationCount); $key = $cipher->decrypt(Base64::decode($decrypted['encryptedData'])); @@ -493,21 +361,21 @@ class PKCS8 extends PKCS $meta['meta']['algorithm'] = $algorithm; $temp = $asn1->decodeBER($decrypted['encryptionAlgorithm']['parameters']); - $temp = $asn1->asn1map($temp[0], PBES2params); + $temp = $asn1->asn1map($temp[0], ASN1\PBES2params::MAP); extract($temp); $cipher = self::getPBES2EncryptionObject($encryptionScheme['algorithm']); $meta['meta']['cipher'] = $encryptionScheme['algorithm']; $temp = $asn1->decodeBER($decrypted['encryptionAlgorithm']['parameters']); - $temp = $asn1->asn1map($temp[0], PBES2params); + $temp = $asn1->asn1map($temp[0], ASN1\PBES2params::MAP); extract($temp); if (!$cipher instanceof RC2) { $cipher->setIV(Base64::decode($encryptionScheme['parameters']['octetString'])); } else { $temp = $asn1->decodeBER($encryptionScheme['parameters']); - extract($asn1->asn1map($temp[0], RC2CBCParameter)); + extract($asn1->asn1map($temp[0], ASN1\RC2CBCParameter::MAP)); $effectiveKeyLength = (int) $rc2ParametersVersion->toString(); switch ($effectiveKeyLength) { case 160: @@ -530,7 +398,7 @@ class PKCS8 extends PKCS case 'id-PBKDF2': $temp = $asn1->decodeBER($keyDerivationFunc['parameters']); $prf = ['algorithm' => 'id-hmacWithSHA1']; - $params = $asn1->asn1map($temp[0], PBKDF2params); + $params = $asn1->asn1map($temp[0], ASN1\PBKDF2params::MAP); extract($params); $meta['meta']['prf'] = $prf['algorithm']; $hash = str_replace('-', '/', substr($prf['algorithm'], 11)); @@ -557,14 +425,14 @@ class PKCS8 extends PKCS break; case 'id-PBMAC1': //$temp = $asn1->decodeBER($decrypted['encryptionAlgorithm']['parameters']); - //$value = $asn1->asn1map($temp[0], PBMAC1params); + //$value = $asn1->asn1map($temp[0], ASN1\PBMAC1params::MAP); // since i can't find any implementation that does PBMAC1 it is unsupported throw new UnsupportedAlgorithmException('Only PBES1 and PBES2 PKCS#8 keys are supported.'); // at this point we'll assume that the key conforms to PublicKeyInfo } } - $private = $asn1->asn1map($decoded[0], PrivateKeyInfo); + $private = $asn1->asn1map($decoded[0], ASN1\PrivateKeyInfo::MAP); if (is_array($private)) { return $private + $meta; } @@ -573,7 +441,7 @@ class PKCS8 extends PKCS // is that the former has an octet string and the later has a bit string. the first byte of a bit // string represents the number of bits in the last byte that are to be ignored but, currently, // bit strings wanting a non-zero amount of bits trimmed are not supported - $public = $asn1->asn1map($decoded[0], PublicKeyInfo); + $public = $asn1->asn1map($decoded[0], ASN1\PublicKeyInfo::MAP); if (is_array($public)) { $public['publicKey'] = base64_decode($public['publicKey']); if ($public['publicKey'][0] != "\0") { @@ -609,7 +477,7 @@ class PKCS8 extends PKCS if (!empty($attr)) { $key['attributes'] = $attr; } - $key = $asn1->encodeDER($key, PrivateKeyInfo); + $key = $asn1->encodeDER($key, ASN1\PrivateKeyInfo::MAP); if (!empty($password) && is_string($password)) { $salt = Random::string(8); $iterationCount = self::$defaultIterationCount; @@ -625,7 +493,7 @@ class PKCS8 extends PKCS 'iterationCount' => $iterationCount, 'prf' => ['algorithm' => self::$defaultPRF, 'parameters' => null] ]; - $PBKDF2params = $asn1->encodeDER($PBKDF2params, PBKDF2params); + $PBKDF2params = $asn1->encodeDER($PBKDF2params, ASN1\PBKDF2params::MAP); if (!$crypto instanceof RC2) { $params = ['octetString' => Base64::encode($iv)]; @@ -634,7 +502,7 @@ class PKCS8 extends PKCS 'rc2ParametersVersion' => 58, 'iv' => Base64::encode($iv) ]; - $params = $asn1->encodeDER($params, RC2CBCParameter); + $params = $asn1->encodeDER($params, ASN1\RC2CBCParameter::MAP); $params = new ASN1\Element($params); } @@ -648,7 +516,7 @@ class PKCS8 extends PKCS 'parameters' => $params ] ]; - $params = $asn1->encodeDER($params, PBES2params); + $params = $asn1->encodeDER($params, ASN1\PBES2params::MAP); $crypto->setIV($iv); } else { @@ -660,7 +528,7 @@ class PKCS8 extends PKCS 'salt' => Base64::encode($salt), 'iterationCount' => $iterationCount ]; - $params = $asn1->encodeDER($params, PBEParameter); + $params = $asn1->encodeDER($params, ASN1\PBEParameter::MAP); } $crypto->setPassword($password, $kdf, $hash, $salt, $iterationCount); $key = $crypto->encrypt($key); @@ -673,7 +541,7 @@ class PKCS8 extends PKCS 'encryptedData' => Base64::encode($key) ]; - $key = $asn1->encodeDER($key, EncryptedPrivateKeyInfo); + $key = $asn1->encodeDER($key, ASN1\EncryptedPrivateKeyInfo::MAP); return "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . chunk_split(Base64::encode($key), 64) . @@ -704,7 +572,7 @@ class PKCS8 extends PKCS 'publicKey' => Base64::encode("\0" . $key) ]; - $key = $asn1->encodeDER($key, PublicKeyInfo); + $key = $asn1->encodeDER($key, ASN1\PublicKeyInfo::MAP); return "-----BEGIN PUBLIC KEY-----\r\n" . chunk_split(Base64::encode($key), 64) . diff --git a/phpseclib/Crypt/RSA/PKCS1.php b/phpseclib/Crypt/RSA/PKCS1.php index f79d30a1..50b0427b 100644 --- a/phpseclib/Crypt/RSA/PKCS1.php +++ b/phpseclib/Crypt/RSA/PKCS1.php @@ -28,52 +28,6 @@ use phpseclib\Math\BigInteger; use phpseclib\Crypt\Common\PKCS1 as Progenitor; use phpseclib\File\ASN1; -// version must be multi if otherPrimeInfos present -define(__NAMESPACE__ . '\Version', [ - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => ['two-prime', 'multi'] -]); - -define(__NAMESPACE__ . '\OtherPrimeInfo', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'prime' => ['type' => ASN1::TYPE_INTEGER], // ri - 'exponent' => ['type' => ASN1::TYPE_INTEGER], // di - 'coefficient' => ['type' => ASN1::TYPE_INTEGER] // ti - ] -]); - -define(__NAMESPACE__ . '\OtherPrimeInfos', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => OtherPrimeInfo -]); - -define(__NAMESPACE__ . '\RSAPrivateKey', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'version' => Version, - 'modulus' => ['type' => ASN1::TYPE_INTEGER], // n - 'publicExponent' => ['type' => ASN1::TYPE_INTEGER], // e - 'privateExponent' => ['type' => ASN1::TYPE_INTEGER], // d - 'prime1' => ['type' => ASN1::TYPE_INTEGER], // p - 'prime2' => ['type' => ASN1::TYPE_INTEGER], // q - 'exponent1' => ['type' => ASN1::TYPE_INTEGER], // d mod (p-1) - 'exponent2' => ['type' => ASN1::TYPE_INTEGER], // d mod (q-1) - 'coefficient' => ['type' => ASN1::TYPE_INTEGER], // (inverse of q) mod p - 'otherPrimeInfos' => OtherPrimeInfos + ['optional' => true] - ] -]); - -define(__NAMESPACE__ . '\RSAPublicKey', [ - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => [ - 'modulus' => ['type' => ASN1::TYPE_INTEGER], - 'publicExponent' => ['type' => ASN1::TYPE_INTEGER] - ] -]); - /** * PKCS#1 Formatted RSA Key Handler * @@ -110,7 +64,7 @@ class PKCS1 extends Progenitor return false; } - $key = $asn1->asn1map($decoded[0], RSAPrivateKey); + $key = $asn1->asn1map($decoded[0], ASN1\RSAPrivateKey::MAP); if (is_array($key)) { $components+= [ 'modulus' => $key['modulus'], @@ -130,7 +84,7 @@ class PKCS1 extends Progenitor return $components; } - $key = $asn1->asn1map($decoded[0], RSAPublicKey); + $key = $asn1->asn1map($decoded[0], ASN1\RSAPublicKey::MAP); return is_array($key) ? $components + $key : false; } @@ -171,7 +125,7 @@ class PKCS1 extends Progenitor } $asn1 = new ASN1(); - $key = $asn1->encodeDER($key, RSAPrivateKey); + $key = $asn1->encodeDER($key, ASN1\RSAPrivateKey::MAP); return self::wrapPrivateKey($key, 'RSA', $password); } @@ -192,7 +146,7 @@ class PKCS1 extends Progenitor ]; $asn1 = new ASN1(); - $key = $asn1->encodeDER($key, RSAPublicKey); + $key = $asn1->encodeDER($key, ASN1\RSAPublicKey::MAP); return self::wrapPublicKey($key, 'RSA'); } diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index f20d70b7..92239b85 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -616,7 +616,14 @@ class ASN1 $map[$key] = $candidate; $i++; } elseif (isset($child['default'])) { - $map[$key] = $child['default']; // Use default. + switch ($child['type']) { + case ASN1::TYPE_INTEGER: + $map[$key] = new BigInteger($child['default']); + break; + //case ASN1::TYPE_BOOLEAN: + default: + $map[$key] = $child['type']; + } } elseif (!isset($child['optional'])) { return null; // Syntax error. } diff --git a/phpseclib/File/ASN1/AccessDescription.php b/phpseclib/File/ASN1/AccessDescription.php new file mode 100644 index 00000000..b2c3c4c2 --- /dev/null +++ b/phpseclib/File/ASN1/AccessDescription.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * AccessDescription + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class AccessDescription +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'accessMethod' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'accessLocation' => GeneralName::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/AdministrationDomainName.php b/phpseclib/File/ASN1/AdministrationDomainName.php new file mode 100644 index 00000000..88fbb674 --- /dev/null +++ b/phpseclib/File/ASN1/AdministrationDomainName.php @@ -0,0 +1,40 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * AdministrationDomainName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class AdministrationDomainName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + // if class isn't present it's assumed to be \phpseclib\File\ASN1::CLASS_UNIVERSAL or + // (if constant is present) \phpseclib\File\ASN1::CLASS_CONTEXT_SPECIFIC + 'class' => ASN1::CLASS_APPLICATION, + 'cast' => 2, + 'children' => [ + 'numeric' => ['type' => ASN1::TYPE_NUMERIC_STRING], + 'printable' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/AlgorithmIdentifier.php b/phpseclib/File/ASN1/AlgorithmIdentifier.php new file mode 100644 index 00000000..7a0a773c --- /dev/null +++ b/phpseclib/File/ASN1/AlgorithmIdentifier.php @@ -0,0 +1,39 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * AlgorithmIdentifier + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class AlgorithmIdentifier +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'algorithm' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'parameters' => [ + 'type' => ASN1::TYPE_ANY, + 'optional' => true + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/AnotherName.php b/phpseclib/File/ASN1/AnotherName.php new file mode 100644 index 00000000..56ef3264 --- /dev/null +++ b/phpseclib/File/ASN1/AnotherName.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * AnotherName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class AnotherName +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'type-id' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'value' => [ + 'type' => ASN1::TYPE_ANY, + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/Attribute.php b/phpseclib/File/ASN1/Attribute.php new file mode 100644 index 00000000..4c539415 --- /dev/null +++ b/phpseclib/File/ASN1/Attribute.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * Attribute + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class Attribute +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'type' => AttributeType::MAP, + 'value'=> [ + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => -1, + 'children' => AttributeValue::MAP + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/AttributeType.php b/phpseclib/File/ASN1/AttributeType.php new file mode 100644 index 00000000..61db5c37 --- /dev/null +++ b/phpseclib/File/ASN1/AttributeType.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * AttributeType + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class AttributeType +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/phpseclib/File/ASN1/AttributeTypeAndValue.php b/phpseclib/File/ASN1/AttributeTypeAndValue.php new file mode 100644 index 00000000..39400979 --- /dev/null +++ b/phpseclib/File/ASN1/AttributeTypeAndValue.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * AttributeTypeAndValue + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class AttributeTypeAndValue +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'type' => AttributeType::MAP, + 'value'=> AttributeValue::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/AttributeValue.php b/phpseclib/File/ASN1/AttributeValue.php new file mode 100644 index 00000000..89f1b210 --- /dev/null +++ b/phpseclib/File/ASN1/AttributeValue.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * AttributeValue + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class AttributeValue +{ + const MAP = ['type' => ASN1::TYPE_ANY]; +} diff --git a/phpseclib/File/ASN1/Attributes.php b/phpseclib/File/ASN1/Attributes.php new file mode 100644 index 00000000..dc4d63ec --- /dev/null +++ b/phpseclib/File/ASN1/Attributes.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * Attributes + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class Attributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => -1, + 'children' => Attribute::MAP + ]; +} diff --git a/phpseclib/File/ASN1/AuthorityInfoAccessSyntax.php b/phpseclib/File/ASN1/AuthorityInfoAccessSyntax.php new file mode 100644 index 00000000..d9008649 --- /dev/null +++ b/phpseclib/File/ASN1/AuthorityInfoAccessSyntax.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * AuthorityInfoAccessSyntax + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class AuthorityInfoAccessSyntax +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => AccessDescription::MAP + ]; +} diff --git a/phpseclib/File/ASN1/AuthorityKeyIdentifier.php b/phpseclib/File/ASN1/AuthorityKeyIdentifier.php new file mode 100644 index 00000000..254d7073 --- /dev/null +++ b/phpseclib/File/ASN1/AuthorityKeyIdentifier.php @@ -0,0 +1,49 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * AuthorityKeyIdentifier + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class AuthorityKeyIdentifier +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'keyIdentifier' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + KeyIdentifier::MAP, + 'authorityCertIssuer' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + GeneralNames::MAP, + 'authorityCertSerialNumber' => [ + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ] + CertificateSerialNumber::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/BaseDistance.php b/phpseclib/File/ASN1/BaseDistance.php new file mode 100644 index 00000000..2496519c --- /dev/null +++ b/phpseclib/File/ASN1/BaseDistance.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * BaseDistance + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class BaseDistance +{ + const MAP = ['type' => ASN1::TYPE_INTEGER]; +} diff --git a/phpseclib/File/ASN1/BasicConstraints.php b/phpseclib/File/ASN1/BasicConstraints.php new file mode 100644 index 00000000..46bc279a --- /dev/null +++ b/phpseclib/File/ASN1/BasicConstraints.php @@ -0,0 +1,43 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * BasicConstraints + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class BasicConstraints +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'cA' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'optional' => true, + 'default' => false + ], + 'pathLenConstraint' => [ + 'type' => ASN1::TYPE_INTEGER, + 'optional' => true + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/BuiltInDomainDefinedAttribute.php b/phpseclib/File/ASN1/BuiltInDomainDefinedAttribute.php new file mode 100644 index 00000000..690cf3b1 --- /dev/null +++ b/phpseclib/File/ASN1/BuiltInDomainDefinedAttribute.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * BuiltInDomainDefinedAttribute + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class BuiltInDomainDefinedAttribute +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'type' => ['type' => ASN1::TYPE_PRINTABLE_STRING], + 'value' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/BuiltInDomainDefinedAttributes.php b/phpseclib/File/ASN1/BuiltInDomainDefinedAttributes.php new file mode 100644 index 00000000..258582b7 --- /dev/null +++ b/phpseclib/File/ASN1/BuiltInDomainDefinedAttributes.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * BuiltInDomainDefinedAttributes + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class BuiltInDomainDefinedAttributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => 4, // ub-domain-defined-attributes + 'children' => BuiltInDomainDefinedAttribute::MAP + ]; +} diff --git a/phpseclib/File/ASN1/BuiltInStandardAttributes.php b/phpseclib/File/ASN1/BuiltInStandardAttributes.php new file mode 100644 index 00000000..58c588aa --- /dev/null +++ b/phpseclib/File/ASN1/BuiltInStandardAttributes.php @@ -0,0 +1,71 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * BuiltInStandardAttributes + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class BuiltInStandardAttributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'country-name' => ['optional' => true] + CountryName::MAP, + 'administration-domain-name' => ['optional' => true] + AdministrationDomainName::MAP, + 'network-address' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + NetworkAddress::MAP, + 'terminal-identifier' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + TerminalIdentifier::MAP, + 'private-domain-name' => [ + 'constant' => 2, + 'optional' => true, + 'explicit' => true + ] + PrivateDomainName::MAP, + 'organization-name' => [ + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ] + OrganizationName::MAP, + 'numeric-user-identifier' => [ + 'constant' => 4, + 'optional' => true, + 'implicit' => true + ] + NumericUserIdentifier::MAP, + 'personal-name' => [ + 'constant' => 5, + 'optional' => true, + 'implicit' => true + ] + PersonalName::MAP, + 'organizational-unit-names' => [ + 'constant' => 6, + 'optional' => true, + 'implicit' => true + ] + OrganizationalUnitNames::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/CPSuri.php b/phpseclib/File/ASN1/CPSuri.php new file mode 100644 index 00000000..64c8f48b --- /dev/null +++ b/phpseclib/File/ASN1/CPSuri.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CPSuri + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CPSuri +{ + const MAP = ['type' => ASN1::TYPE_IA5_STRING]; +} diff --git a/phpseclib/File/ASN1/CRLDistributionPoints.php b/phpseclib/File/ASN1/CRLDistributionPoints.php new file mode 100644 index 00000000..384da1d5 --- /dev/null +++ b/phpseclib/File/ASN1/CRLDistributionPoints.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CRLDistributionPoints + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CRLDistributionPoints +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => DistributionPoint::MAP + ]; +} diff --git a/phpseclib/File/ASN1/CRLNumber.php b/phpseclib/File/ASN1/CRLNumber.php new file mode 100644 index 00000000..16ee6d36 --- /dev/null +++ b/phpseclib/File/ASN1/CRLNumber.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CRLNumber + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CRLNumber +{ + const MAP = ['type' => ASN1::TYPE_INTEGER]; +} diff --git a/phpseclib/File/ASN1/CRLReason.php b/phpseclib/File/ASN1/CRLReason.php new file mode 100644 index 00000000..0c3ce8e4 --- /dev/null +++ b/phpseclib/File/ASN1/CRLReason.php @@ -0,0 +1,45 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CRLReason + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CRLReason +{ + const MAP = [ + 'type' => ASN1::TYPE_ENUMERATED, + 'mapping' => [ + 'unspecified', + 'keyCompromise', + 'cACompromise', + 'affiliationChanged', + 'superseded', + 'cessationOfOperation', + 'certificateHold', + // Value 7 is not used. + 8 => 'removeFromCRL', + 'privilegeWithdrawn', + 'aACompromise' + ] + ]; +} diff --git a/phpseclib/File/ASN1/CertPolicyId.php b/phpseclib/File/ASN1/CertPolicyId.php new file mode 100644 index 00000000..b2aa2ad3 --- /dev/null +++ b/phpseclib/File/ASN1/CertPolicyId.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CertPolicyId + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CertPolicyId +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/phpseclib/File/ASN1/Certificate.php b/phpseclib/File/ASN1/Certificate.php new file mode 100644 index 00000000..29a0a11d --- /dev/null +++ b/phpseclib/File/ASN1/Certificate.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * Certificate + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class Certificate +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'tbsCertificate' => TBSCertificate::MAP, + 'signatureAlgorithm' => AlgorithmIdentifier::MAP, + 'signature' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/CertificateIssuer.php b/phpseclib/File/ASN1/CertificateIssuer.php new file mode 100644 index 00000000..9b667b25 --- /dev/null +++ b/phpseclib/File/ASN1/CertificateIssuer.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CertificateIssuer + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CertificateIssuer +{ + const MAP = GeneralNames::MAP; +} diff --git a/phpseclib/File/ASN1/CertificateList.php b/phpseclib/File/ASN1/CertificateList.php new file mode 100644 index 00000000..507b2638 --- /dev/null +++ b/phpseclib/File/ASN1/CertificateList.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CertificateList + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CertificateList +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'tbsCertList' => TBSCertList::MAP, + 'signatureAlgorithm' => AlgorithmIdentifier::MAP, + 'signature' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/CertificatePolicies.php b/phpseclib/File/ASN1/CertificatePolicies.php new file mode 100644 index 00000000..8c4f7782 --- /dev/null +++ b/phpseclib/File/ASN1/CertificatePolicies.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CertificatePolicies + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CertificatePolicies +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => PolicyInformation::MAP + ]; +} diff --git a/phpseclib/File/ASN1/CertificateSerialNumber.php b/phpseclib/File/ASN1/CertificateSerialNumber.php new file mode 100644 index 00000000..51c14302 --- /dev/null +++ b/phpseclib/File/ASN1/CertificateSerialNumber.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CertificateSerialNumber + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CertificateSerialNumber +{ + const MAP = ['type' => ASN1::TYPE_INTEGER]; +} diff --git a/phpseclib/File/ASN1/CertificationRequest.php b/phpseclib/File/ASN1/CertificationRequest.php new file mode 100644 index 00000000..8bd3b8cc --- /dev/null +++ b/phpseclib/File/ASN1/CertificationRequest.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CertificationRequest + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CertificationRequest +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'certificationRequestInfo' => CertificationRequestInfo::MAP, + 'signatureAlgorithm' => AlgorithmIdentifier::MAP, + 'signature' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/CertificationRequestInfo.php b/phpseclib/File/ASN1/CertificationRequestInfo.php new file mode 100644 index 00000000..23828cb6 --- /dev/null +++ b/phpseclib/File/ASN1/CertificationRequestInfo.php @@ -0,0 +1,45 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CertificationRequestInfo + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CertificationRequestInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => ['v1'] + ], + 'subject' => Name::MAP, + 'subjectPKInfo' => SubjectPublicKeyInfo::MAP, + 'attributes' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + Attributes::MAP, + ] + ]; +} diff --git a/phpseclib/File/ASN1/CountryName.php b/phpseclib/File/ASN1/CountryName.php new file mode 100644 index 00000000..09c55ecb --- /dev/null +++ b/phpseclib/File/ASN1/CountryName.php @@ -0,0 +1,40 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * CountryName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class CountryName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + // if class isn't present it's assumed to be \phpseclib\File\ASN1::CLASS_UNIVERSAL or + // (if constant is present) \phpseclib\File\ASN1::CLASS_CONTEXT_SPECIFIC + 'class' => ASN1::CLASS_APPLICATION, + 'cast' => 1, + 'children' => [ + 'x121-dcc-code' => ['type' => ASN1::TYPE_NUMERIC_STRING], + 'iso-3166-alpha2-code' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/DirectoryString.php b/phpseclib/File/ASN1/DirectoryString.php new file mode 100644 index 00000000..d7ee2cd5 --- /dev/null +++ b/phpseclib/File/ASN1/DirectoryString.php @@ -0,0 +1,39 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * DirectoryString + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class DirectoryString +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'teletexString' => ['type' => ASN1::TYPE_TELETEX_STRING], + 'printableString' => ['type' => ASN1::TYPE_PRINTABLE_STRING], + 'universalString' => ['type' => ASN1::TYPE_UNIVERSAL_STRING], + 'utf8String' => ['type' => ASN1::TYPE_UTF8_STRING], + 'bmpString' => ['type' => ASN1::TYPE_BMP_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/DisplayText.php b/phpseclib/File/ASN1/DisplayText.php new file mode 100644 index 00000000..d5d156f0 --- /dev/null +++ b/phpseclib/File/ASN1/DisplayText.php @@ -0,0 +1,38 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * DisplayText + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class DisplayText +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'ia5String' => ['type' => ASN1::TYPE_IA5_STRING], + 'visibleString' => ['type' => ASN1::TYPE_VISIBLE_STRING], + 'bmpString' => ['type' => ASN1::TYPE_BMP_STRING], + 'utf8String' => ['type' => ASN1::TYPE_UTF8_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/DistributionPoint.php b/phpseclib/File/ASN1/DistributionPoint.php new file mode 100644 index 00000000..f6361057 --- /dev/null +++ b/phpseclib/File/ASN1/DistributionPoint.php @@ -0,0 +1,49 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * DistributionPoint + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class DistributionPoint +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'distributionPoint' => [ + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ] + DistributionPointName::MAP, + 'reasons' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + ReasonFlags::MAP, + 'cRLIssuer' => [ + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ] + GeneralNames::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/DistributionPointName.php b/phpseclib/File/ASN1/DistributionPointName.php new file mode 100644 index 00000000..94c9f80a --- /dev/null +++ b/phpseclib/File/ASN1/DistributionPointName.php @@ -0,0 +1,44 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * DistributionPointName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class DistributionPointName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'fullName' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + GeneralNames::MAP, + 'nameRelativeToCRLIssuer' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + RelativeDistinguishedName::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/EDIPartyName.php b/phpseclib/File/ASN1/EDIPartyName.php new file mode 100644 index 00000000..d42a9619 --- /dev/null +++ b/phpseclib/File/ASN1/EDIPartyName.php @@ -0,0 +1,46 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * EDIPartyName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class EDIPartyName +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'nameAssigner' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + DirectoryString::MAP, + // partyName is technically required but \phpseclib\File\ASN1 doesn't currently support non-optional constants and + // setting it to optional gets the job done in any event. + 'partyName' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + DirectoryString::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/EncryptedData.php b/phpseclib/File/ASN1/EncryptedData.php new file mode 100644 index 00000000..c2884a12 --- /dev/null +++ b/phpseclib/File/ASN1/EncryptedData.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * EncryptedData + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class EncryptedData +{ + const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; +} diff --git a/phpseclib/File/ASN1/EncryptedPrivateKeyInfo.php b/phpseclib/File/ASN1/EncryptedPrivateKeyInfo.php new file mode 100644 index 00000000..6a70b740 --- /dev/null +++ b/phpseclib/File/ASN1/EncryptedPrivateKeyInfo.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * EncryptedPrivateKeyInfo + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class EncryptedPrivateKeyInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'encryptionAlgorithm' => AlgorithmIdentifier::MAP, + 'encryptedData' => EncryptedData::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/ExtKeyUsageSyntax.php b/phpseclib/File/ASN1/ExtKeyUsageSyntax.php new file mode 100644 index 00000000..2acccd33 --- /dev/null +++ b/phpseclib/File/ASN1/ExtKeyUsageSyntax.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * ExtKeyUsageSyntax + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class ExtKeyUsageSyntax +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => KeyPurposeId::MAP + ]; +} diff --git a/phpseclib/File/ASN1/Extension.php b/phpseclib/File/ASN1/Extension.php new file mode 100644 index 00000000..25f3ad72 --- /dev/null +++ b/phpseclib/File/ASN1/Extension.php @@ -0,0 +1,47 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * Extension + * + * A certificate using system MUST reject the certificate if it encounters + * a critical extension it does not recognize; however, a non-critical + * extension may be ignored if it is not recognized. + * + * http://tools.ietf.org/html/rfc5280#section-4.2 + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class Extension +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'extnId' => ['type' => ASN1::TYPE_OBJECT_IDENTIFIER], + 'critical' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'optional' => true, + 'default' => false + ], + 'extnValue' => ['type' => ASN1::TYPE_OCTET_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/ExtensionAttribute.php b/phpseclib/File/ASN1/ExtensionAttribute.php new file mode 100644 index 00000000..a79a5c91 --- /dev/null +++ b/phpseclib/File/ASN1/ExtensionAttribute.php @@ -0,0 +1,46 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * ExtensionAttribute + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class ExtensionAttribute +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'extension-attribute-type' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ], + 'extension-attribute-value' => [ + 'type' => ASN1::TYPE_ANY, + 'constant' => 1, + 'optional' => true, + 'explicit' => true + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/ExtensionAttributes.php b/phpseclib/File/ASN1/ExtensionAttributes.php new file mode 100644 index 00000000..3b6ecc5d --- /dev/null +++ b/phpseclib/File/ASN1/ExtensionAttributes.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * ExtensionAttributes + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class ExtensionAttributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => 256, // ub-extension-attributes + 'children' => ExtensionAttribute::MAP + ]; +} diff --git a/phpseclib/File/ASN1/Extensions.php b/phpseclib/File/ASN1/Extensions.php new file mode 100644 index 00000000..c8e4bd3b --- /dev/null +++ b/phpseclib/File/ASN1/Extensions.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * Extensions + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class Extensions +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + // technically, it's MAX, but we'll assume anything < 0 is MAX + 'max' => -1, + // if 'children' isn't an array then 'min' and 'max' must be defined + 'children' => Extension::MAP + ]; +} diff --git a/phpseclib/File/ASN1/GeneralName.php b/phpseclib/File/ASN1/GeneralName.php new file mode 100644 index 00000000..d1cd8e86 --- /dev/null +++ b/phpseclib/File/ASN1/GeneralName.php @@ -0,0 +1,84 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * GeneralName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class GeneralName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'otherName' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + AnotherName::MAP, + 'rfc822Name' => [ + 'type' => ASN1::TYPE_IA5_STRING, + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ], + 'dNSName' => [ + 'type' => ASN1::TYPE_IA5_STRING, + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ], + 'x400Address' => [ + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ] + ORAddress::MAP, + 'directoryName' => [ + 'constant' => 4, + 'optional' => true, + 'explicit' => true + ] + Name::MAP, + 'ediPartyName' => [ + 'constant' => 5, + 'optional' => true, + 'implicit' => true + ] + EDIPartyName::MAP, + 'uniformResourceIdentifier' => [ + 'type' => ASN1::TYPE_IA5_STRING, + 'constant' => 6, + 'optional' => true, + 'implicit' => true + ], + 'iPAddress' => [ + 'type' => ASN1::TYPE_OCTET_STRING, + 'constant' => 7, + 'optional' => true, + 'implicit' => true + ], + 'registeredID' => [ + 'type' => ASN1::TYPE_OBJECT_IDENTIFIER, + 'constant' => 8, + 'optional' => true, + 'implicit' => true + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/GeneralNames.php b/phpseclib/File/ASN1/GeneralNames.php new file mode 100644 index 00000000..695575b8 --- /dev/null +++ b/phpseclib/File/ASN1/GeneralNames.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * GeneralNames + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class GeneralNames +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => GeneralName::MAP + ]; +} diff --git a/phpseclib/File/ASN1/GeneralSubtree.php b/phpseclib/File/ASN1/GeneralSubtree.php new file mode 100644 index 00000000..715cf7b8 --- /dev/null +++ b/phpseclib/File/ASN1/GeneralSubtree.php @@ -0,0 +1,46 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * GeneralSubtree + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class GeneralSubtree +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'base' => GeneralName::MAP, + 'minimum' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true, + 'default' => '0' + ] + BaseDistance::MAP, + 'maximum' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true, + ] + BaseDistance::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/GeneralSubtrees.php b/phpseclib/File/ASN1/GeneralSubtrees.php new file mode 100644 index 00000000..60196b1b --- /dev/null +++ b/phpseclib/File/ASN1/GeneralSubtrees.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * GeneralSubtrees + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class GeneralSubtrees +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => GeneralSubtree::MAP + ]; +} diff --git a/phpseclib/File/ASN1/HoldInstructionCode.php b/phpseclib/File/ASN1/HoldInstructionCode.php new file mode 100644 index 00000000..374d287e --- /dev/null +++ b/phpseclib/File/ASN1/HoldInstructionCode.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * HoldInstructionCode + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class HoldInstructionCode +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/phpseclib/File/ASN1/InvalidityDate.php b/phpseclib/File/ASN1/InvalidityDate.php new file mode 100644 index 00000000..5d248c45 --- /dev/null +++ b/phpseclib/File/ASN1/InvalidityDate.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * InvalidityDate + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class InvalidityDate +{ + const MAP = ['type' => ASN1::TYPE_GENERALIZED_TIME]; +} diff --git a/phpseclib/File/ASN1/IssuerAltName.php b/phpseclib/File/ASN1/IssuerAltName.php new file mode 100644 index 00000000..586c0912 --- /dev/null +++ b/phpseclib/File/ASN1/IssuerAltName.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * IssuerAltName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class IssuerAltName +{ + const MAP = GeneralNames::MAP; +} diff --git a/phpseclib/File/ASN1/IssuingDistributionPoint.php b/phpseclib/File/ASN1/IssuingDistributionPoint.php new file mode 100644 index 00000000..d124ef1a --- /dev/null +++ b/phpseclib/File/ASN1/IssuingDistributionPoint.php @@ -0,0 +1,72 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * IssuingDistributionPoint + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class IssuingDistributionPoint +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'distributionPoint' => [ + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ] + DistributionPointName::MAP, + 'onlyContainsUserCerts' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 1, + 'optional' => true, + 'default' => false, + 'implicit' => true + ], + 'onlyContainsCACerts' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 2, + 'optional' => true, + 'default' => false, + 'implicit' => true + ], + 'onlySomeReasons' => [ + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ] + ReasonFlags::MAP, + 'indirectCRL' => [ + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 4, + 'optional' => true, + 'default' => false, + 'implicit' => true + ], + 'onlyContainsAttributeCerts' =>[ + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 5, + 'optional' => true, + 'default' => false, + 'implicit' => true + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/KeyIdentifier.php b/phpseclib/File/ASN1/KeyIdentifier.php new file mode 100644 index 00000000..7e02c3f7 --- /dev/null +++ b/phpseclib/File/ASN1/KeyIdentifier.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * KeyIdentifier + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class KeyIdentifier +{ + const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; +} diff --git a/phpseclib/File/ASN1/KeyPurposeId.php b/phpseclib/File/ASN1/KeyPurposeId.php new file mode 100644 index 00000000..3376c91f --- /dev/null +++ b/phpseclib/File/ASN1/KeyPurposeId.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * KeyPurposeId + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class KeyPurposeId +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/phpseclib/File/ASN1/KeyUsage.php b/phpseclib/File/ASN1/KeyUsage.php new file mode 100644 index 00000000..a41dd761 --- /dev/null +++ b/phpseclib/File/ASN1/KeyUsage.php @@ -0,0 +1,43 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * KeyUsage + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class KeyUsage +{ + const MAP = [ + 'type' => ASN1::TYPE_BIT_STRING, + 'mapping' => [ + 'digitalSignature', + 'nonRepudiation', + 'keyEncipherment', + 'dataEncipherment', + 'keyAgreement', + 'keyCertSign', + 'cRLSign', + 'encipherOnly', + 'decipherOnly' + ] + ]; +} diff --git a/phpseclib/File/ASN1/Name.php b/phpseclib/File/ASN1/Name.php new file mode 100644 index 00000000..cf108cea --- /dev/null +++ b/phpseclib/File/ASN1/Name.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * Name + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class Name +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'rdnSequence' => RDNSequence::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/NameConstraints.php b/phpseclib/File/ASN1/NameConstraints.php new file mode 100644 index 00000000..927b1c4c --- /dev/null +++ b/phpseclib/File/ASN1/NameConstraints.php @@ -0,0 +1,44 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * NameConstraints + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class NameConstraints +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'permittedSubtrees' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + GeneralSubtrees::MAP, + 'excludedSubtrees' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + GeneralSubtrees::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/NetworkAddress.php b/phpseclib/File/ASN1/NetworkAddress.php new file mode 100644 index 00000000..590a3063 --- /dev/null +++ b/phpseclib/File/ASN1/NetworkAddress.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * NetworkAddress + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class NetworkAddress +{ + const MAP = ['type' => ASN1::TYPE_NUMERIC_STRING]; +} diff --git a/phpseclib/File/ASN1/NoticeReference.php b/phpseclib/File/ASN1/NoticeReference.php new file mode 100644 index 00000000..eb40857b --- /dev/null +++ b/phpseclib/File/ASN1/NoticeReference.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * NoticeReference + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class NoticeReference +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'organization' => DisplayText::MAP, + 'noticeNumbers' => [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => 200, + 'children' => ['type' => ASN1::TYPE_INTEGER] + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/NumericUserIdentifier.php b/phpseclib/File/ASN1/NumericUserIdentifier.php new file mode 100644 index 00000000..11eaa286 --- /dev/null +++ b/phpseclib/File/ASN1/NumericUserIdentifier.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * NumericUserIdentifier + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class NumericUserIdentifier +{ + const MAP = ['type' => ASN1::TYPE_NUMERIC_STRING]; +} diff --git a/phpseclib/File/ASN1/ORAddress.php b/phpseclib/File/ASN1/ORAddress.php new file mode 100644 index 00000000..0ca0afa5 --- /dev/null +++ b/phpseclib/File/ASN1/ORAddress.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * ORAddress + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class ORAddress +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'built-in-standard-attributes' => BuiltInStandardAttributes::MAP, + 'built-in-domain-defined-attributes' => ['optional' => true] + BuiltInDomainDefinedAttributes::MAP, + 'extension-attributes' => ['optional' => true] + ExtensionAttributes::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/OrganizationName.php b/phpseclib/File/ASN1/OrganizationName.php new file mode 100644 index 00000000..06d89110 --- /dev/null +++ b/phpseclib/File/ASN1/OrganizationName.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * OrganizationName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class OrganizationName +{ + const MAP = ['type' => ASN1::TYPE_PRINTABLE_STRING]; +} diff --git a/phpseclib/File/ASN1/OrganizationalUnitNames.php b/phpseclib/File/ASN1/OrganizationalUnitNames.php new file mode 100644 index 00000000..ce72272a --- /dev/null +++ b/phpseclib/File/ASN1/OrganizationalUnitNames.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * OrganizationalUnitNames + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class OrganizationalUnitNames +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => 4, // ub-organizational-units + 'children' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ]; +} diff --git a/phpseclib/File/ASN1/OtherPrimeInfo.php b/phpseclib/File/ASN1/OtherPrimeInfo.php new file mode 100644 index 00000000..0105c7de --- /dev/null +++ b/phpseclib/File/ASN1/OtherPrimeInfo.php @@ -0,0 +1,38 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * OtherPrimeInfo + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class OtherPrimeInfo +{ + // version must be multi if otherPrimeInfos present + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'prime' => ['type' => ASN1::TYPE_INTEGER], // ri + 'exponent' => ['type' => ASN1::TYPE_INTEGER], // di + 'coefficient' => ['type' => ASN1::TYPE_INTEGER] // ti + ] + ]; +} diff --git a/phpseclib/File/ASN1/OtherPrimeInfos.php b/phpseclib/File/ASN1/OtherPrimeInfos.php new file mode 100644 index 00000000..282b01f9 --- /dev/null +++ b/phpseclib/File/ASN1/OtherPrimeInfos.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * OtherPrimeInfos + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class OtherPrimeInfos +{ + // version must be multi if otherPrimeInfos present + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => OtherPrimeInfo::MAP + ]; +} diff --git a/phpseclib/File/ASN1/PBEParameter.php b/phpseclib/File/ASN1/PBEParameter.php new file mode 100644 index 00000000..a863cdef --- /dev/null +++ b/phpseclib/File/ASN1/PBEParameter.php @@ -0,0 +1,38 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PBEParameter + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PBEParameter +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'salt' => ['type' => ASN1::TYPE_OCTET_STRING], + 'iterationCount' => ['type' => ASN1::TYPE_INTEGER] + ] + ]; +} diff --git a/phpseclib/File/ASN1/PBES2params.php b/phpseclib/File/ASN1/PBES2params.php new file mode 100644 index 00000000..664b3a14 --- /dev/null +++ b/phpseclib/File/ASN1/PBES2params.php @@ -0,0 +1,38 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PBES2params + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PBES2params +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'keyDerivationFunc'=> AlgorithmIdentifier::MAP, + 'encryptionScheme' => AlgorithmIdentifier::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/PBKDF2params.php b/phpseclib/File/ASN1/PBKDF2params.php new file mode 100644 index 00000000..65d24e65 --- /dev/null +++ b/phpseclib/File/ASN1/PBKDF2params.php @@ -0,0 +1,45 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PBKDF2params + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PBKDF2params +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + // technically, this is a CHOICE in RFC2898 but the other "choice" is, currently, more of a placeholder + // in the RFC + 'salt'=> ['type' => ASN1::TYPE_OCTET_STRING], + 'iterationCount'=> ['type' => ASN1::TYPE_INTEGER], + 'keyLength' => [ + 'type' => ASN1::TYPE_INTEGER, + 'optional' => true + ], + 'prf' => AlgorithmIdentifier::MAP + ['optional' => true] + ] + ]; +} diff --git a/phpseclib/File/ASN1/PBMAC1params.php b/phpseclib/File/ASN1/PBMAC1params.php new file mode 100644 index 00000000..91942ee0 --- /dev/null +++ b/phpseclib/File/ASN1/PBMAC1params.php @@ -0,0 +1,38 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PBMAC1params + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PBMAC1params +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'keyDerivationFunc'=> AlgorithmIdentifier::MAP, + 'messageAuthScheme'=> AlgorithmIdentifier::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/PKCS9String.php b/phpseclib/File/ASN1/PKCS9String.php new file mode 100644 index 00000000..c6ab04d3 --- /dev/null +++ b/phpseclib/File/ASN1/PKCS9String.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PKCS9String + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PKCS9String +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'ia5String' => ['type' => ASN1::TYPE_IA5_STRING], + 'directoryString' => DirectoryString::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/PersonalName.php b/phpseclib/File/ASN1/PersonalName.php new file mode 100644 index 00000000..003669b3 --- /dev/null +++ b/phpseclib/File/ASN1/PersonalName.php @@ -0,0 +1,58 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PersonalName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PersonalName +{ + const MAP = [ + 'type' => ASN1::TYPE_SET, + 'children' => [ + 'surname' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ], + 'given-name' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ], + 'initials' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ], + 'generation-qualifier' => [ + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/PolicyInformation.php b/phpseclib/File/ASN1/PolicyInformation.php new file mode 100644 index 00000000..d9d30294 --- /dev/null +++ b/phpseclib/File/ASN1/PolicyInformation.php @@ -0,0 +1,42 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PolicyInformation + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PolicyInformation +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'policyIdentifier' => CertPolicyId::MAP, + 'policyQualifiers' => [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 0, + 'max' => -1, + 'optional' => true, + 'children' => PolicyQualifierInfo::MAP + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/PolicyMappings.php b/phpseclib/File/ASN1/PolicyMappings.php new file mode 100644 index 00000000..13f86ce8 --- /dev/null +++ b/phpseclib/File/ASN1/PolicyMappings.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PolicyMappings + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PolicyMappings +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'issuerDomainPolicy' => CertPolicyId::MAP, + 'subjectDomainPolicy' => CertPolicyId::MAP + ] + ] + ]; +} diff --git a/phpseclib/File/ASN1/PolicyQualifierId.php b/phpseclib/File/ASN1/PolicyQualifierId.php new file mode 100644 index 00000000..45a1a73a --- /dev/null +++ b/phpseclib/File/ASN1/PolicyQualifierId.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PolicyQualifierId + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PolicyQualifierId +{ + const MAP = ['type' => ASN1::TYPE_OBJECT_IDENTIFIER]; +} diff --git a/phpseclib/File/ASN1/PolicyQualifierInfo.php b/phpseclib/File/ASN1/PolicyQualifierInfo.php new file mode 100644 index 00000000..47d304c0 --- /dev/null +++ b/phpseclib/File/ASN1/PolicyQualifierInfo.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PolicyQualifierInfo + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PolicyQualifierInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'policyQualifierId' => PolicyQualifierId::MAP, + 'qualifier' => ['type' => ASN1::TYPE_ANY] + ] + ]; +} diff --git a/phpseclib/File/ASN1/PostalAddress.php b/phpseclib/File/ASN1/PostalAddress.php new file mode 100644 index 00000000..87d564c2 --- /dev/null +++ b/phpseclib/File/ASN1/PostalAddress.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PostalAddress + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PostalAddress +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'optional' => true, + 'min' => 1, + 'max' => -1, + 'children' => DirectoryString::MAP + ]; +} diff --git a/phpseclib/File/ASN1/PrivateDomainName.php b/phpseclib/File/ASN1/PrivateDomainName.php new file mode 100644 index 00000000..6291a404 --- /dev/null +++ b/phpseclib/File/ASN1/PrivateDomainName.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PrivateDomainName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PrivateDomainName +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'numeric' => ['type' => ASN1::TYPE_NUMERIC_STRING], + 'printable' => ['type' => ASN1::TYPE_PRINTABLE_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/PrivateKey.php b/phpseclib/File/ASN1/PrivateKey.php new file mode 100644 index 00000000..966eecbf --- /dev/null +++ b/phpseclib/File/ASN1/PrivateKey.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PrivateKey + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PrivateKey +{ + const MAP = ['type' => ASN1::TYPE_OCTET_STRING]; +} diff --git a/phpseclib/File/ASN1/PrivateKeyInfo.php b/phpseclib/File/ASN1/PrivateKeyInfo.php new file mode 100644 index 00000000..74b28ebb --- /dev/null +++ b/phpseclib/File/ASN1/PrivateKeyInfo.php @@ -0,0 +1,45 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PrivateKeyInfo + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PrivateKeyInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => ['v1'] + ], + 'privateKeyAlgorithm'=> AlgorithmIdentifier::MAP, + 'privateKey' => PrivateKey::MAP, + 'attributes' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ] + Attributes::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/PrivateKeyUsagePeriod.php b/phpseclib/File/ASN1/PrivateKeyUsagePeriod.php new file mode 100644 index 00000000..cac9f861 --- /dev/null +++ b/phpseclib/File/ASN1/PrivateKeyUsagePeriod.php @@ -0,0 +1,44 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PrivateKeyUsagePeriod + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PrivateKeyUsagePeriod +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'notBefore' => [ + 'constant' => 0, + 'optional' => true, + 'implicit' => true, + 'type' => ASN1::TYPE_GENERALIZED_TIME], + 'notAfter' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true, + 'type' => ASN1::TYPE_GENERALIZED_TIME] + ] + ]; +} diff --git a/phpseclib/File/ASN1/PublicKeyAndChallenge.php b/phpseclib/File/ASN1/PublicKeyAndChallenge.php new file mode 100644 index 00000000..2b4738e9 --- /dev/null +++ b/phpseclib/File/ASN1/PublicKeyAndChallenge.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PublicKeyAndChallenge + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PublicKeyAndChallenge +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'spki' => SubjectPublicKeyInfo::MAP, + 'challenge' => ['type' => ASN1::TYPE_IA5_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/PublicKeyInfo.php b/phpseclib/File/ASN1/PublicKeyInfo.php new file mode 100644 index 00000000..4d906dce --- /dev/null +++ b/phpseclib/File/ASN1/PublicKeyInfo.php @@ -0,0 +1,39 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * PublicKeyInfo + * + * this format is not formally defined anywhere but is none-the-less the form you + * get when you do "openssl rsa -in private.pem -outform PEM -pubout" + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class PublicKeyInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'publicKeyAlgorithm'=> AlgorithmIdentifier::MAP, + 'publicKey' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/RC2CBCParameter.php b/phpseclib/File/ASN1/RC2CBCParameter.php new file mode 100644 index 00000000..9a4f22bb --- /dev/null +++ b/phpseclib/File/ASN1/RC2CBCParameter.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * RC2CBCParameter + * + * from https://tools.ietf.org/html/rfc2898#appendix-A.3 + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class RC2CBCParameter +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'rc2ParametersVersion'=> [ + 'type' => ASN1::TYPE_INTEGER, + 'optional' => true + ], + 'iv'=> ['type' => ASN1::TYPE_OCTET_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/RDNSequence.php b/phpseclib/File/ASN1/RDNSequence.php new file mode 100644 index 00000000..8f2db03c --- /dev/null +++ b/phpseclib/File/ASN1/RDNSequence.php @@ -0,0 +1,42 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * RDNSequence + * + * In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare, + * but they can be useful at times when either there is no unique attribute in the entry or you + * want to ensure that the entry's DN contains some useful identifying information. + * + * - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class RDNSequence +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + // RDNSequence does not define a min or a max, which means it doesn't have one + 'min' => 0, + 'max' => -1, + 'children' => RelativeDistinguishedName::MAP + ]; +} diff --git a/phpseclib/File/ASN1/RSAPrivateKey.php b/phpseclib/File/ASN1/RSAPrivateKey.php new file mode 100644 index 00000000..9ed67b38 --- /dev/null +++ b/phpseclib/File/ASN1/RSAPrivateKey.php @@ -0,0 +1,48 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * RSAPrivateKey + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class RSAPrivateKey +{ + // version must be multi if otherPrimeInfos present + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => ['two-prime', 'multi'] + ], + 'modulus' => ['type' => ASN1::TYPE_INTEGER], // n + 'publicExponent' => ['type' => ASN1::TYPE_INTEGER], // e + 'privateExponent' => ['type' => ASN1::TYPE_INTEGER], // d + 'prime1' => ['type' => ASN1::TYPE_INTEGER], // p + 'prime2' => ['type' => ASN1::TYPE_INTEGER], // q + 'exponent1' => ['type' => ASN1::TYPE_INTEGER], // d mod (p-1) + 'exponent2' => ['type' => ASN1::TYPE_INTEGER], // d mod (q-1) + 'coefficient' => ['type' => ASN1::TYPE_INTEGER], // (inverse of q) mod p + 'otherPrimeInfos' => OtherPrimeInfos::MAP + ['optional' => true] + ] + ]; +} diff --git a/phpseclib/File/ASN1/RSAPublicKey.php b/phpseclib/File/ASN1/RSAPublicKey.php new file mode 100644 index 00000000..7eda110a --- /dev/null +++ b/phpseclib/File/ASN1/RSAPublicKey.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * RSAPublicKey + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class RSAPublicKey +{ + // version must be multi if otherPrimeInfos present + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'modulus' => ['type' => ASN1::TYPE_INTEGER], + 'publicExponent' => ['type' => ASN1::TYPE_INTEGER] + ] + ]; +} diff --git a/phpseclib/File/ASN1/ReasonFlags.php b/phpseclib/File/ASN1/ReasonFlags.php new file mode 100644 index 00000000..bdcf9006 --- /dev/null +++ b/phpseclib/File/ASN1/ReasonFlags.php @@ -0,0 +1,43 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * ReasonFlags + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class ReasonFlags +{ + const MAP = [ + 'type' => ASN1::TYPE_BIT_STRING, + 'mapping' => [ + 'unused', + 'keyCompromise', + 'cACompromise', + 'affiliationChanged', + 'superseded', + 'cessationOfOperation', + 'certificateHold', + 'privilegeWithdrawn', + 'aACompromise' + ] + ]; +} diff --git a/phpseclib/File/ASN1/RelativeDistinguishedName.php b/phpseclib/File/ASN1/RelativeDistinguishedName.php new file mode 100644 index 00000000..a4910a0b --- /dev/null +++ b/phpseclib/File/ASN1/RelativeDistinguishedName.php @@ -0,0 +1,41 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * RelativeDistinguishedName + * + * In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare, + * but they can be useful at times when either there is no unique attribute in the entry or you + * want to ensure that the entry's DN contains some useful identifying information. + * + * - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class RelativeDistinguishedName +{ + const MAP = [ + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => -1, + 'children' => AttributeTypeAndValue::MAP + ]; +} diff --git a/phpseclib/File/ASN1/RevokedCertificate.php b/phpseclib/File/ASN1/RevokedCertificate.php new file mode 100644 index 00000000..8090b017 --- /dev/null +++ b/phpseclib/File/ASN1/RevokedCertificate.php @@ -0,0 +1,39 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * RevokedCertificate + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class RevokedCertificate +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'userCertificate' => CertificateSerialNumber::MAP, + 'revocationDate' => Time::MAP, + 'crlEntryExtensions' => [ + 'optional' => true + ] + Extensions::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/SignedPublicKeyAndChallenge.php b/phpseclib/File/ASN1/SignedPublicKeyAndChallenge.php new file mode 100644 index 00000000..3e277c13 --- /dev/null +++ b/phpseclib/File/ASN1/SignedPublicKeyAndChallenge.php @@ -0,0 +1,37 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * SignedPublicKeyAndChallenge + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class SignedPublicKeyAndChallenge +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'publicKeyAndChallenge' => PublicKeyAndChallenge::MAP, + 'signatureAlgorithm' => AlgorithmIdentifier::MAP, + 'signature' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/SubjectAltName.php b/phpseclib/File/ASN1/SubjectAltName.php new file mode 100644 index 00000000..4f96838d --- /dev/null +++ b/phpseclib/File/ASN1/SubjectAltName.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * SubjectAltName + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class SubjectAltName +{ + const MAP = GeneralNames::MAP; +} diff --git a/phpseclib/File/ASN1/SubjectDirectoryAttributes.php b/phpseclib/File/ASN1/SubjectDirectoryAttributes.php new file mode 100644 index 00000000..ae41195e --- /dev/null +++ b/phpseclib/File/ASN1/SubjectDirectoryAttributes.php @@ -0,0 +1,35 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * SubjectDirectoryAttributes + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class SubjectDirectoryAttributes +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => Attribute::MAP + ]; +} diff --git a/phpseclib/File/ASN1/SubjectPublicKeyInfo.php b/phpseclib/File/ASN1/SubjectPublicKeyInfo.php new file mode 100644 index 00000000..372cb4ba --- /dev/null +++ b/phpseclib/File/ASN1/SubjectPublicKeyInfo.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * SubjectPublicKeyInfo + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class SubjectPublicKeyInfo +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'algorithm' => AlgorithmIdentifier::MAP, + 'subjectPublicKey' => ['type' => ASN1::TYPE_BIT_STRING] + ] + ]; +} diff --git a/phpseclib/File/ASN1/TBSCertList.php b/phpseclib/File/ASN1/TBSCertList.php new file mode 100644 index 00000000..61210ff7 --- /dev/null +++ b/phpseclib/File/ASN1/TBSCertList.php @@ -0,0 +1,56 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * TBSCertList + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class TBSCertList +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'version' => [ + 'optional' => true, + 'default' => 'v1' + ] + Version::MAP, + 'signature' => AlgorithmIdentifier::MAP, + 'issuer' => Name::MAP, + 'thisUpdate' => Time::MAP, + 'nextUpdate' => [ + 'optional' => true + ] + Time, + 'revokedCertificates' => [ + 'type' => ASN1::TYPE_SEQUENCE, + 'optional' => true, + 'min' => 0, + 'max' => -1, + 'children' => RevokedCertificate::MAP + ], + 'crlExtensions' => [ + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ] + Extensions::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/TBSCertificate.php b/phpseclib/File/ASN1/TBSCertificate.php new file mode 100644 index 00000000..84996779 --- /dev/null +++ b/phpseclib/File/ASN1/TBSCertificate.php @@ -0,0 +1,69 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * TBSCertificate + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class TBSCertificate +{ + // assert($TBSCertificate['children']['signature'] == $Certificate['children']['signatureAlgorithm']) + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + // technically, default implies optional, but we'll define it as being optional, none-the-less, just to + // reenforce that fact + 'version' => [ + 'type' => ASN1::TYPE_INTEGER, + 'constant' => 0, + 'optional' => true, + 'explicit' => true, + 'mapping' => ['v1', 'v2', 'v3'], + 'default' => 'v1' + ], + 'serialNumber' => CertificateSerialNumber::MAP, + 'signature' => AlgorithmIdentifier::MAP, + 'issuer' => Name::MAP, + 'validity' => Validity::MAP, + 'subject' => Name::MAP, + 'subjectPublicKeyInfo' => SubjectPublicKeyInfo::MAP, + // implicit means that the T in the TLV structure is to be rewritten, regardless of the type + 'issuerUniqueID' => [ + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ] + UniqueIdentifier::MAP, + 'subjectUniqueID' => [ + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ] + UniqueIdentifier::MAP, + // doesn't use the EXPLICIT keyword but if + // it's not IMPLICIT, it's EXPLICIT + 'extensions' => [ + 'constant' => 3, + 'optional' => true, + 'explicit' => true + ] + Extensions::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/TerminalIdentifier.php b/phpseclib/File/ASN1/TerminalIdentifier.php new file mode 100644 index 00000000..fb191772 --- /dev/null +++ b/phpseclib/File/ASN1/TerminalIdentifier.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * TerminalIdentifier + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class TerminalIdentifier +{ + const MAP = ['type' => ASN1::TYPE_PRINTABLE_STRING]; +} diff --git a/phpseclib/File/ASN1/Time.php b/phpseclib/File/ASN1/Time.php new file mode 100644 index 00000000..1becef50 --- /dev/null +++ b/phpseclib/File/ASN1/Time.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * Time + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class Time +{ + const MAP = [ + 'type' => ASN1::TYPE_CHOICE, + 'children' => [ + 'utcTime' => ['type' => ASN1::TYPE_UTC_TIME], + 'generalTime' => ['type' => ASN1::TYPE_GENERALIZED_TIME] + ] + ]; +} diff --git a/phpseclib/File/ASN1/UniqueIdentifier.php b/phpseclib/File/ASN1/UniqueIdentifier.php new file mode 100644 index 00000000..c27c92ba --- /dev/null +++ b/phpseclib/File/ASN1/UniqueIdentifier.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * UniqueIdentifier + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class UniqueIdentifier +{ + const MAP = ['type' => ASN1::TYPE_BIT_STRING]; +} diff --git a/phpseclib/File/ASN1/UserNotice.php b/phpseclib/File/ASN1/UserNotice.php new file mode 100644 index 00000000..c9d02ae2 --- /dev/null +++ b/phpseclib/File/ASN1/UserNotice.php @@ -0,0 +1,42 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * UserNotice + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class UserNotice +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'noticeRef' => [ + 'optional' => true, + 'implicit' => true + ] + NoticeReference::MAP, + 'explicitText' => [ + 'optional' => true, + 'implicit' => true + ] + DisplayText::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/Validity.php b/phpseclib/File/ASN1/Validity.php new file mode 100644 index 00000000..42029558 --- /dev/null +++ b/phpseclib/File/ASN1/Validity.php @@ -0,0 +1,36 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * Validity + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class Validity +{ + const MAP = [ + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => [ + 'notBefore' => Time::MAP, + 'notAfter' => Time::MAP + ] + ]; +} diff --git a/phpseclib/File/ASN1/netscape_ca_policy_url.php b/phpseclib/File/ASN1/netscape_ca_policy_url.php new file mode 100644 index 00000000..3c0161f4 --- /dev/null +++ b/phpseclib/File/ASN1/netscape_ca_policy_url.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * netscape_ca_policy_url + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class netscape_ca_policy_url +{ + const MAP = ['type' => ASN1::TYPE_IA5_STRING]; +} diff --git a/phpseclib/File/ASN1/netscape_cert_type.php b/phpseclib/File/ASN1/netscape_cert_type.php new file mode 100644 index 00000000..06b4d0b5 --- /dev/null +++ b/phpseclib/File/ASN1/netscape_cert_type.php @@ -0,0 +1,44 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * netscape_cert_type + * + * mapping is from + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class netscape_cert_type +{ + const MAP = [ + 'type' => ASN1::TYPE_BIT_STRING, + 'mapping' => [ + 'SSLClient', + 'SSLServer', + 'Email', + 'ObjectSigning', + 'Reserved', + 'SSLCA', + 'EmailCA', + 'ObjectSigningCA' + ] + ]; +} diff --git a/phpseclib/File/ASN1/netscape_comment.php b/phpseclib/File/ASN1/netscape_comment.php new file mode 100644 index 00000000..cc1fc79d --- /dev/null +++ b/phpseclib/File/ASN1/netscape_comment.php @@ -0,0 +1,30 @@ + + * @copyright 2016 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +use phpseclib\File\ASN1; + +/** + * netscape_comment + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class netscape_comment +{ + const MAP = ['type' => ASN1::TYPE_IA5_STRING]; +} diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php index 735f6bb5..5a797a5b 100644 --- a/phpseclib/File/X509.php +++ b/phpseclib/File/X509.php @@ -121,80 +121,6 @@ class X509 const ATTR_APPEND = -2; // Add a value. const ATTR_REPLACE = -3; // Clear first, then add a value. - /** - * ASN.1 syntax for X.509 certificates - * - * @var array - * @access private - */ - var $Certificate; - - /**#@+ - * ASN.1 syntax for various extensions - * - * @access private - */ - var $DirectoryString; - var $PKCS9String; - var $AttributeValue; - var $Extensions; - var $KeyUsage; - var $ExtKeyUsageSyntax; - var $BasicConstraints; - var $KeyIdentifier; - var $CRLDistributionPoints; - var $AuthorityKeyIdentifier; - var $CertificatePolicies; - var $AuthorityInfoAccessSyntax; - var $SubjectAltName; - var $SubjectDirectoryAttributes; - var $PrivateKeyUsagePeriod; - var $IssuerAltName; - var $PolicyMappings; - var $NameConstraints; - - var $CPSuri; - var $UserNotice; - - var $netscape_cert_type; - var $netscape_comment; - var $netscape_ca_policy_url; - - var $Name; - var $RelativeDistinguishedName; - var $CRLNumber; - var $CRLReason; - var $IssuingDistributionPoint; - var $InvalidityDate; - var $CertificateIssuer; - var $HoldInstructionCode; - var $SignedPublicKeyAndChallenge; - /**#@-*/ - - /**#@+ - * ASN.1 syntax for various DN attributes - * - * @access private - */ - var $PostalAddress; - /**#@-*/ - - /** - * ASN.1 syntax for Certificate Signing Requests (RFC2986) - * - * @var array - * @access private - */ - var $CertificationRequest; - - /** - * ASN.1 syntax for Certificate Revocation Lists (RFC5280) - * - * @var array - * @access private - */ - var $CertificateList; - /** * Distinguished Name * @@ -315,953 +241,7 @@ class X509 function __construct() { // Explicitly Tagged Module, 1988 Syntax - // http://tools.ietf.org/html/rfc5280#appendix-A.1 - - $this->DirectoryString = array( - 'type' => ASN1::TYPE_CHOICE, - 'children' => array( - 'teletexString' => array('type' => ASN1::TYPE_TELETEX_STRING), - 'printableString' => array('type' => ASN1::TYPE_PRINTABLE_STRING), - 'universalString' => array('type' => ASN1::TYPE_UNIVERSAL_STRING), - 'utf8String' => array('type' => ASN1::TYPE_UTF8_STRING), - 'bmpString' => array('type' => ASN1::TYPE_BMP_STRING) - ) - ); - - $this->PKCS9String = array( - 'type' => ASN1::TYPE_CHOICE, - 'children' => array( - 'ia5String' => array('type' => ASN1::TYPE_IA5_STRING), - 'directoryString' => $this->DirectoryString - ) - ); - - $this->AttributeValue = array('type' => ASN1::TYPE_ANY); - - $AttributeType = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); - - $AttributeTypeAndValue = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'type' => $AttributeType, - 'value'=> $this->AttributeValue - ) - ); - - /* - In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare, - but they can be useful at times when either there is no unique attribute in the entry or you - want to ensure that the entry's DN contains some useful identifying information. - - - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName - */ - $this->RelativeDistinguishedName = array( - 'type' => ASN1::TYPE_SET, - 'min' => 1, - 'max' => -1, - 'children' => $AttributeTypeAndValue - ); - - // http://tools.ietf.org/html/rfc5280#section-4.1.2.4 - $RDNSequence = array( - 'type' => ASN1::TYPE_SEQUENCE, - // RDNSequence does not define a min or a max, which means it doesn't have one - 'min' => 0, - 'max' => -1, - 'children' => $this->RelativeDistinguishedName - ); - - $this->Name = array( - 'type' => ASN1::TYPE_CHOICE, - 'children' => array( - 'rdnSequence' => $RDNSequence - ) - ); - - // http://tools.ietf.org/html/rfc5280#section-4.1.1.2 - $AlgorithmIdentifier = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'algorithm' => array('type' => ASN1::TYPE_OBJECT_IDENTIFIER), - 'parameters' => array( - 'type' => ASN1::TYPE_ANY, - 'optional' => true - ) - ) - ); - - /* - A certificate using system MUST reject the certificate if it encounters - a critical extension it does not recognize; however, a non-critical - extension may be ignored if it is not recognized. - - http://tools.ietf.org/html/rfc5280#section-4.2 - */ - $Extension = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'extnId' => array('type' => ASN1::TYPE_OBJECT_IDENTIFIER), - 'critical' => array( - 'type' => ASN1::TYPE_BOOLEAN, - 'optional' => true, - 'default' => false - ), - 'extnValue' => array('type' => ASN1::TYPE_OCTET_STRING) - ) - ); - - $this->Extensions = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - // technically, it's MAX, but we'll assume anything < 0 is MAX - 'max' => -1, - // if 'children' isn't an array then 'min' and 'max' must be defined - 'children' => $Extension - ); - - $SubjectPublicKeyInfo = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'algorithm' => $AlgorithmIdentifier, - 'subjectPublicKey' => array('type' => ASN1::TYPE_BIT_STRING) - ) - ); - - $UniqueIdentifier = array('type' => ASN1::TYPE_BIT_STRING); - - $Time = array( - 'type' => ASN1::TYPE_CHOICE, - 'children' => array( - 'utcTime' => array('type' => ASN1::TYPE_UTC_TIME), - 'generalTime' => array('type' => ASN1::TYPE_GENERALIZED_TIME) - ) - ); - - // http://tools.ietf.org/html/rfc5280#section-4.1.2.5 - $Validity = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'notBefore' => $Time, - 'notAfter' => $Time - ) - ); - - $CertificateSerialNumber = array('type' => ASN1::TYPE_INTEGER); - - $Version = array( - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => array('v1', 'v2', 'v3') - ); - - // assert($TBSCertificate['children']['signature'] == $Certificate['children']['signatureAlgorithm']) - $TBSCertificate = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - // technically, default implies optional, but we'll define it as being optional, none-the-less, just to - // reenforce that fact - 'version' => array( - 'constant' => 0, - 'optional' => true, - 'explicit' => true, - 'default' => 'v1' - ) + $Version, - 'serialNumber' => $CertificateSerialNumber, - 'signature' => $AlgorithmIdentifier, - 'issuer' => $this->Name, - 'validity' => $Validity, - 'subject' => $this->Name, - 'subjectPublicKeyInfo' => $SubjectPublicKeyInfo, - // implicit means that the T in the TLV structure is to be rewritten, regardless of the type - 'issuerUniqueID' => array( - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ) + $UniqueIdentifier, - 'subjectUniqueID' => array( - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ) + $UniqueIdentifier, - // doesn't use the EXPLICIT keyword but if - // it's not IMPLICIT, it's EXPLICIT - 'extensions' => array( - 'constant' => 3, - 'optional' => true, - 'explicit' => true - ) + $this->Extensions - ) - ); - - $this->Certificate = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'tbsCertificate' => $TBSCertificate, - 'signatureAlgorithm' => $AlgorithmIdentifier, - 'signature' => array('type' => ASN1::TYPE_BIT_STRING) - ) - ); - - $this->KeyUsage = array( - 'type' => ASN1::TYPE_BIT_STRING, - 'mapping' => array( - 'digitalSignature', - 'nonRepudiation', - 'keyEncipherment', - 'dataEncipherment', - 'keyAgreement', - 'keyCertSign', - 'cRLSign', - 'encipherOnly', - 'decipherOnly' - ) - ); - - $this->BasicConstraints = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'cA' => array( - 'type' => ASN1::TYPE_BOOLEAN, - 'optional' => true, - 'default' => false - ), - 'pathLenConstraint' => array( - 'type' => ASN1::TYPE_INTEGER, - 'optional' => true - ) - ) - ); - - $this->KeyIdentifier = array('type' => ASN1::TYPE_OCTET_STRING); - - $OrganizationalUnitNames = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => 4, // ub-organizational-units - 'children' => array('type' => ASN1::TYPE_PRINTABLE_STRING) - ); - - $PersonalName = array( - 'type' => ASN1::TYPE_SET, - 'children' => array( - 'surname' => array( - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ), - 'given-name' => array( - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ), - 'initials' => array( - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ), - 'generation-qualifier' => array( - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 3, - 'optional' => true, - 'implicit' => true - ) - ) - ); - - $NumericUserIdentifier = array('type' => ASN1::TYPE_NUMERIC_STRING); - - $OrganizationName = array('type' => ASN1::TYPE_PRINTABLE_STRING); - - $PrivateDomainName = array( - 'type' => ASN1::TYPE_CHOICE, - 'children' => array( - 'numeric' => array('type' => ASN1::TYPE_NUMERIC_STRING), - 'printable' => array('type' => ASN1::TYPE_PRINTABLE_STRING) - ) - ); - - $TerminalIdentifier = array('type' => ASN1::TYPE_PRINTABLE_STRING); - - $NetworkAddress = array('type' => ASN1::TYPE_NUMERIC_STRING); - - $AdministrationDomainName = array( - 'type' => ASN1::TYPE_CHOICE, - // if class isn't present it's assumed to be \phpseclib\File\ASN1::CLASS_UNIVERSAL or - // (if constant is present) \phpseclib\File\ASN1::CLASS_CONTEXT_SPECIFIC - 'class' => ASN1::CLASS_APPLICATION, - 'cast' => 2, - 'children' => array( - 'numeric' => array('type' => ASN1::TYPE_NUMERIC_STRING), - 'printable' => array('type' => ASN1::TYPE_PRINTABLE_STRING) - ) - ); - - $CountryName = array( - 'type' => ASN1::TYPE_CHOICE, - // if class isn't present it's assumed to be \phpseclib\File\ASN1::CLASS_UNIVERSAL or - // (if constant is present) \phpseclib\File\ASN1::CLASS_CONTEXT_SPECIFIC - 'class' => ASN1::CLASS_APPLICATION, - 'cast' => 1, - 'children' => array( - 'x121-dcc-code' => array('type' => ASN1::TYPE_NUMERIC_STRING), - 'iso-3166-alpha2-code' => array('type' => ASN1::TYPE_PRINTABLE_STRING) - ) - ); - - $AnotherName = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'type-id' => array('type' => ASN1::TYPE_OBJECT_IDENTIFIER), - 'value' => array( - 'type' => ASN1::TYPE_ANY, - 'constant' => 0, - 'optional' => true, - 'explicit' => true - ) - ) - ); - - $ExtensionAttribute = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'extension-attribute-type' => array( - 'type' => ASN1::TYPE_PRINTABLE_STRING, - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ), - 'extension-attribute-value' => array( - 'type' => ASN1::TYPE_ANY, - 'constant' => 1, - 'optional' => true, - 'explicit' => true - ) - ) - ); - - $ExtensionAttributes = array( - 'type' => ASN1::TYPE_SET, - 'min' => 1, - 'max' => 256, // ub-extension-attributes - 'children' => $ExtensionAttribute - ); - - $BuiltInDomainDefinedAttribute = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'type' => array('type' => ASN1::TYPE_PRINTABLE_STRING), - 'value' => array('type' => ASN1::TYPE_PRINTABLE_STRING) - ) - ); - - $BuiltInDomainDefinedAttributes = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => 4, // ub-domain-defined-attributes - 'children' => $BuiltInDomainDefinedAttribute - ); - - $BuiltInStandardAttributes = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'country-name' => array('optional' => true) + $CountryName, - 'administration-domain-name' => array('optional' => true) + $AdministrationDomainName, - 'network-address' => array( - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ) + $NetworkAddress, - 'terminal-identifier' => array( - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ) + $TerminalIdentifier, - 'private-domain-name' => array( - 'constant' => 2, - 'optional' => true, - 'explicit' => true - ) + $PrivateDomainName, - 'organization-name' => array( - 'constant' => 3, - 'optional' => true, - 'implicit' => true - ) + $OrganizationName, - 'numeric-user-identifier' => array( - 'constant' => 4, - 'optional' => true, - 'implicit' => true - ) + $NumericUserIdentifier, - 'personal-name' => array( - 'constant' => 5, - 'optional' => true, - 'implicit' => true - ) + $PersonalName, - 'organizational-unit-names' => array( - 'constant' => 6, - 'optional' => true, - 'implicit' => true - ) + $OrganizationalUnitNames - ) - ); - - $ORAddress = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'built-in-standard-attributes' => $BuiltInStandardAttributes, - 'built-in-domain-defined-attributes' => array('optional' => true) + $BuiltInDomainDefinedAttributes, - 'extension-attributes' => array('optional' => true) + $ExtensionAttributes - ) - ); - - $EDIPartyName = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'nameAssigner' => array( - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ) + $this->DirectoryString, - // partyName is technically required but \phpseclib\File\ASN1 doesn't currently support non-optional constants and - // setting it to optional gets the job done in any event. - 'partyName' => array( - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ) + $this->DirectoryString - ) - ); - - $GeneralName = array( - 'type' => ASN1::TYPE_CHOICE, - 'children' => array( - 'otherName' => array( - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ) + $AnotherName, - 'rfc822Name' => array( - 'type' => ASN1::TYPE_IA5_STRING, - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ), - 'dNSName' => array( - 'type' => ASN1::TYPE_IA5_STRING, - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ), - 'x400Address' => array( - 'constant' => 3, - 'optional' => true, - 'implicit' => true - ) + $ORAddress, - 'directoryName' => array( - 'constant' => 4, - 'optional' => true, - 'explicit' => true - ) + $this->Name, - 'ediPartyName' => array( - 'constant' => 5, - 'optional' => true, - 'implicit' => true - ) + $EDIPartyName, - 'uniformResourceIdentifier' => array( - 'type' => ASN1::TYPE_IA5_STRING, - 'constant' => 6, - 'optional' => true, - 'implicit' => true - ), - 'iPAddress' => array( - 'type' => ASN1::TYPE_OCTET_STRING, - 'constant' => 7, - 'optional' => true, - 'implicit' => true - ), - 'registeredID' => array( - 'type' => ASN1::TYPE_OBJECT_IDENTIFIER, - 'constant' => 8, - 'optional' => true, - 'implicit' => true - ) - ) - ); - - $GeneralNames = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => $GeneralName - ); - - $this->IssuerAltName = $GeneralNames; - - $ReasonFlags = array( - 'type' => ASN1::TYPE_BIT_STRING, - 'mapping' => array( - 'unused', - 'keyCompromise', - 'cACompromise', - 'affiliationChanged', - 'superseded', - 'cessationOfOperation', - 'certificateHold', - 'privilegeWithdrawn', - 'aACompromise' - ) - ); - - $DistributionPointName = array( - 'type' => ASN1::TYPE_CHOICE, - 'children' => array( - 'fullName' => array( - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ) + $GeneralNames, - 'nameRelativeToCRLIssuer' => array( - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ) + $this->RelativeDistinguishedName - ) - ); - - $DistributionPoint = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'distributionPoint' => array( - 'constant' => 0, - 'optional' => true, - 'explicit' => true - ) + $DistributionPointName, - 'reasons' => array( - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ) + $ReasonFlags, - 'cRLIssuer' => array( - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ) + $GeneralNames - ) - ); - - $this->CRLDistributionPoints = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => $DistributionPoint - ); - - $this->AuthorityKeyIdentifier = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'keyIdentifier' => array( - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ) + $this->KeyIdentifier, - 'authorityCertIssuer' => array( - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ) + $GeneralNames, - 'authorityCertSerialNumber' => array( - 'constant' => 2, - 'optional' => true, - 'implicit' => true - ) + $CertificateSerialNumber - ) - ); - - $PolicyQualifierId = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); - - $PolicyQualifierInfo = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'policyQualifierId' => $PolicyQualifierId, - 'qualifier' => array('type' => ASN1::TYPE_ANY) - ) - ); - - $CertPolicyId = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); - - $PolicyInformation = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'policyIdentifier' => $CertPolicyId, - 'policyQualifiers' => array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 0, - 'max' => -1, - 'optional' => true, - 'children' => $PolicyQualifierInfo - ) - ) - ); - - $this->CertificatePolicies = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => $PolicyInformation - ); - - $this->PolicyMappings = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'issuerDomainPolicy' => $CertPolicyId, - 'subjectDomainPolicy' => $CertPolicyId - ) - ) - ); - - $KeyPurposeId = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); - - $this->ExtKeyUsageSyntax = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => $KeyPurposeId - ); - - $AccessDescription = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'accessMethod' => array('type' => ASN1::TYPE_OBJECT_IDENTIFIER), - 'accessLocation' => $GeneralName - ) - ); - - $this->AuthorityInfoAccessSyntax = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => $AccessDescription - ); - - $this->SubjectAltName = $GeneralNames; - - $this->PrivateKeyUsagePeriod = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'notBefore' => array( - 'constant' => 0, - 'optional' => true, - 'implicit' => true, - 'type' => ASN1::TYPE_GENERALIZED_TIME), - 'notAfter' => array( - 'constant' => 1, - 'optional' => true, - 'implicit' => true, - 'type' => ASN1::TYPE_GENERALIZED_TIME) - ) - ); - - $BaseDistance = array('type' => ASN1::TYPE_INTEGER); - - $GeneralSubtree = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'base' => $GeneralName, - 'minimum' => array( - 'constant' => 0, - 'optional' => true, - 'implicit' => true, - 'default' => new BigInteger(0) - ) + $BaseDistance, - 'maximum' => array( - 'constant' => 1, - 'optional' => true, - 'implicit' => true, - ) + $BaseDistance - ) - ); - - $GeneralSubtrees = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => $GeneralSubtree - ); - - $this->NameConstraints = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'permittedSubtrees' => array( - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ) + $GeneralSubtrees, - 'excludedSubtrees' => array( - 'constant' => 1, - 'optional' => true, - 'implicit' => true - ) + $GeneralSubtrees - ) - ); - - $this->CPSuri = array('type' => ASN1::TYPE_IA5_STRING); - - $DisplayText = array( - 'type' => ASN1::TYPE_CHOICE, - 'children' => array( - 'ia5String' => array('type' => ASN1::TYPE_IA5_STRING), - 'visibleString' => array('type' => ASN1::TYPE_VISIBLE_STRING), - 'bmpString' => array('type' => ASN1::TYPE_BMP_STRING), - 'utf8String' => array('type' => ASN1::TYPE_UTF8_STRING) - ) - ); - - $NoticeReference = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'organization' => $DisplayText, - 'noticeNumbers' => array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => 200, - 'children' => array('type' => ASN1::TYPE_INTEGER) - ) - ) - ); - - $this->UserNotice = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'noticeRef' => array( - 'optional' => true, - 'implicit' => true - ) + $NoticeReference, - 'explicitText' => array( - 'optional' => true, - 'implicit' => true - ) + $DisplayText - ) - ); - - // mapping is from - $this->netscape_cert_type = array( - 'type' => ASN1::TYPE_BIT_STRING, - 'mapping' => array( - 'SSLClient', - 'SSLServer', - 'Email', - 'ObjectSigning', - 'Reserved', - 'SSLCA', - 'EmailCA', - 'ObjectSigningCA' - ) - ); - - $this->netscape_comment = array('type' => ASN1::TYPE_IA5_STRING); - $this->netscape_ca_policy_url = array('type' => ASN1::TYPE_IA5_STRING); - - // attribute is used in RFC2986 but we're using the RFC5280 definition - - $Attribute = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'type' => $AttributeType, - 'value'=> array( - 'type' => ASN1::TYPE_SET, - 'min' => 1, - 'max' => -1, - 'children' => $this->AttributeValue - ) - ) - ); - - $this->SubjectDirectoryAttributes = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'min' => 1, - 'max' => -1, - 'children' => $Attribute - ); - - // adapted from - - $Attributes = array( - 'type' => ASN1::TYPE_SET, - 'min' => 1, - 'max' => -1, - 'children' => $Attribute - ); - - $CertificationRequestInfo = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'version' => array( - 'type' => ASN1::TYPE_INTEGER, - 'mapping' => array('v1') - ), - 'subject' => $this->Name, - 'subjectPKInfo' => $SubjectPublicKeyInfo, - 'attributes' => array( - 'constant' => 0, - 'optional' => true, - 'implicit' => true - ) + $Attributes, - ) - ); - - $this->CertificationRequest = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'certificationRequestInfo' => $CertificationRequestInfo, - 'signatureAlgorithm' => $AlgorithmIdentifier, - 'signature' => array('type' => ASN1::TYPE_BIT_STRING) - ) - ); - - $RevokedCertificate = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'userCertificate' => $CertificateSerialNumber, - 'revocationDate' => $Time, - 'crlEntryExtensions' => array( - 'optional' => true - ) + $this->Extensions - ) - ); - - $TBSCertList = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'version' => array( - 'optional' => true, - 'default' => 'v1' - ) + $Version, - 'signature' => $AlgorithmIdentifier, - 'issuer' => $this->Name, - 'thisUpdate' => $Time, - 'nextUpdate' => array( - 'optional' => true - ) + $Time, - 'revokedCertificates' => array( - 'type' => ASN1::TYPE_SEQUENCE, - 'optional' => true, - 'min' => 0, - 'max' => -1, - 'children' => $RevokedCertificate - ), - 'crlExtensions' => array( - 'constant' => 0, - 'optional' => true, - 'explicit' => true - ) + $this->Extensions - ) - ); - - $this->CertificateList = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'tbsCertList' => $TBSCertList, - 'signatureAlgorithm' => $AlgorithmIdentifier, - 'signature' => array('type' => ASN1::TYPE_BIT_STRING) - ) - ); - - $this->CRLNumber = array('type' => ASN1::TYPE_INTEGER); - - $this->CRLReason = array('type' => ASN1::TYPE_ENUMERATED, - 'mapping' => array( - 'unspecified', - 'keyCompromise', - 'cACompromise', - 'affiliationChanged', - 'superseded', - 'cessationOfOperation', - 'certificateHold', - // Value 7 is not used. - 8 => 'removeFromCRL', - 'privilegeWithdrawn', - 'aACompromise' - ) - ); - - $this->IssuingDistributionPoint = array('type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'distributionPoint' => array( - 'constant' => 0, - 'optional' => true, - 'explicit' => true - ) + $DistributionPointName, - 'onlyContainsUserCerts' => array( - 'type' => ASN1::TYPE_BOOLEAN, - 'constant' => 1, - 'optional' => true, - 'default' => false, - 'implicit' => true - ), - 'onlyContainsCACerts' => array( - 'type' => ASN1::TYPE_BOOLEAN, - 'constant' => 2, - 'optional' => true, - 'default' => false, - 'implicit' => true - ), - 'onlySomeReasons' => array( - 'constant' => 3, - 'optional' => true, - 'implicit' => true - ) + $ReasonFlags, - 'indirectCRL' => array( - 'type' => ASN1::TYPE_BOOLEAN, - 'constant' => 4, - 'optional' => true, - 'default' => false, - 'implicit' => true - ), - 'onlyContainsAttributeCerts' => array( - 'type' => ASN1::TYPE_BOOLEAN, - 'constant' => 5, - 'optional' => true, - 'default' => false, - 'implicit' => true - ) - ) - ); - - $this->InvalidityDate = array('type' => ASN1::TYPE_GENERALIZED_TIME); - - $this->CertificateIssuer = $GeneralNames; - - $this->HoldInstructionCode = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); - - $PublicKeyAndChallenge = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'spki' => $SubjectPublicKeyInfo, - 'challenge' => array('type' => ASN1::TYPE_IA5_STRING) - ) - ); - - $this->SignedPublicKeyAndChallenge = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'children' => array( - 'publicKeyAndChallenge' => $PublicKeyAndChallenge, - 'signatureAlgorithm' => $AlgorithmIdentifier, - 'signature' => array('type' => ASN1::TYPE_BIT_STRING) - ) - ); - - $this->PostalAddress = array( - 'type' => ASN1::TYPE_SEQUENCE, - 'optional' => true, - 'min' => 1, - 'max' => -1, - 'children' => $this->DirectoryString - ); + // http://tools.ietf.org/html/rfc5280#appendix-A.1= // OIDs from RFC5280 and those RFCs mentioned in RFC5280#section-4.1.1.2 $this->oids = array( @@ -1478,7 +458,7 @@ class X509 $decoded = $asn1->decodeBER($cert); if (!empty($decoded)) { - $x509 = $asn1->asn1map($decoded[0], $this->Certificate); + $x509 = $asn1->asn1map($decoded[0], ASN1\Certificate::MAP); } if (!isset($x509) || $x509 === false) { $this->currentCert = false; @@ -1571,7 +551,7 @@ class X509 $this->_mapOutDNs($cert, 'tbsCertificate/issuer/rdnSequence', $asn1); $this->_mapOutDNs($cert, 'tbsCertificate/subject/rdnSequence', $asn1); - $cert = $asn1->encodeDER($cert, $this->Certificate); + $cert = $asn1->encodeDER($cert, ASN1\Certificate::MAP); switch ($format) { case self::FORMAT_DER: @@ -1720,7 +700,7 @@ class X509 if (is_array($attributes[$i]['value'])) { $values = &$attributes[$i]['value']; for ($j = 0; $j < count($values); $j++) { - $value = $asn1->encodeDER($values[$j], $this->AttributeValue); + $value = $asn1->encodeDER($values[$j], ASN1\AttributeValue::MAP); $decoded = $asn1->decodeBER($value); if (!is_bool($map)) { $mapped = $asn1->asn1map($decoded[0], $map); @@ -1774,7 +754,7 @@ class X509 if (!is_bool($map)) { $temp = $asn1->encodeDER($values[$j], $map); $decoded = $asn1->decodeBER($temp); - $values[$j] = $asn1->asn1map($decoded[0], $this->AttributeValue); + $values[$j] = $asn1->asn1map($decoded[0], ASN1\AttributeValue::MAP); } } } @@ -1859,47 +839,47 @@ class X509 switch ($extnId) { case 'id-ce-keyUsage': - return $this->KeyUsage; + return ASN1\KeyUsage::MAP; case 'id-ce-basicConstraints': - return $this->BasicConstraints; + return ASN1\BasicConstraints::MAP; case 'id-ce-subjectKeyIdentifier': - return $this->KeyIdentifier; + return ASN1\KeyIdentifier::MAP; case 'id-ce-cRLDistributionPoints': - return $this->CRLDistributionPoints; + return ASN1\CRLDistributionPoints::MAP; case 'id-ce-authorityKeyIdentifier': - return $this->AuthorityKeyIdentifier; + return ASN1\AuthorityKeyIdentifier::MAP; case 'id-ce-certificatePolicies': - return $this->CertificatePolicies; + return ASN1\CertificatePolicies::MAP; case 'id-ce-extKeyUsage': - return $this->ExtKeyUsageSyntax; + return ASN1\ExtKeyUsageSyntax::MAP; case 'id-pe-authorityInfoAccess': - return $this->AuthorityInfoAccessSyntax; + return ASN1\AuthorityInfoAccessSyntax::MAP; case 'id-ce-subjectAltName': - return $this->SubjectAltName; + return ASN1\SubjectAltName::MAP; case 'id-ce-subjectDirectoryAttributes': - return $this->SubjectDirectoryAttributes; + return ASN1\SubjectDirectoryAttributes::MAP; case 'id-ce-privateKeyUsagePeriod': - return $this->PrivateKeyUsagePeriod; + return ASN1\PrivateKeyUsagePeriod::MAP; case 'id-ce-issuerAltName': - return $this->IssuerAltName; + return ASN1\IssuerAltName::MAP; case 'id-ce-policyMappings': - return $this->PolicyMappings; + return ASN1\PolicyMappings::MAP; case 'id-ce-nameConstraints': - return $this->NameConstraints; + return ASN1\NameConstraints::MAP; case 'netscape-cert-type': - return $this->netscape_cert_type; + return ASN1\netscape_cert_type::MAP; case 'netscape-comment': - return $this->netscape_comment; + return ASN1\netscape_comment::MAP; case 'netscape-ca-policy-url': - return $this->netscape_ca_policy_url; + return ASN1\netscape_ca_policy_url::MAP; // since id-qt-cps isn't a constructed type it will have already been decoded as a string by the time it gets // back around to asn1map() and we don't want it decoded again. //case 'id-qt-cps': - // return $this->CPSuri; + // return ASN1\CPSuri::MAP; case 'id-qt-unotice': - return $this->UserNotice; + return ASN1\UserNotice::MAP; // the following OIDs are unsupported but we don't want them to give notices when calling saveX509(). case 'id-pe-logotype': // http://www.ietf.org/rfc/rfc3709.txt @@ -1914,31 +894,31 @@ class X509 // CSR attributes case 'pkcs-9-at-unstructuredName': - return $this->PKCS9String; + return ASN1\PKCS9String::MAP; case 'pkcs-9-at-challengePassword': - return $this->DirectoryString; + return ASN1\DirectoryString::MAP; case 'pkcs-9-at-extensionRequest': - return $this->Extensions; + return ASN1\Extensions::MAP; // CRL extensions. case 'id-ce-cRLNumber': - return $this->CRLNumber; + return ASN1\CRLNumber::MAP; case 'id-ce-deltaCRLIndicator': - return $this->CRLNumber; + return ASN1\CRLNumber::MAP; case 'id-ce-issuingDistributionPoint': - return $this->IssuingDistributionPoint; + return ASN1\IssuingDistributionPoint::MAP; case 'id-ce-freshestCRL': - return $this->CRLDistributionPoints; + return ASN1\CRLDistributionPoints::MAP; case 'id-ce-cRLReasons': - return $this->CRLReason; + return ASN1\CRLReason::MAP; case 'id-ce-invalidityDate': - return $this->InvalidityDate; + return ASN1\InvalidityDate::MAP; case 'id-ce-certificateIssuer': - return $this->CertificateIssuer; + return ASN1\CertificateIssuer::MAP; case 'id-ce-holdInstructionCode': - return $this->HoldInstructionCode; + return ASN1\HoldInstructionCode::MAP; case 'id-at-postalAddress': - return $this->PostalAddress; + return ASN1\PostalAddress::MAP; } return false; @@ -2606,7 +1586,7 @@ class X509 $filters['rdnSequence']['value'] = array('type' => ASN1::TYPE_UTF8_STRING); $asn1->loadFilters($filters); $this->_mapOutDNs($dn, 'rdnSequence', $asn1); - return $asn1->encodeDER($dn, $this->Name); + return $asn1->encodeDER($dn, ASN1\Name::MAP); case self::DN_CANON: // No SEQUENCE around RDNs and all string values normalized as // trimmed lowercase UTF-8 with all spacing as one blank. @@ -2635,7 +1615,7 @@ class X509 } } } - $result .= $asn1->encodeDER($rdn, $this->RelativeDistinguishedName); + $result .= $asn1->encodeDER($rdn, ASN1\RelativeDistinguishedName::MAP); } return $result; case self::DN_HASH: @@ -2995,7 +1975,7 @@ class X509 return false; } - $csr = $asn1->asn1map($decoded[0], $this->CertificationRequest); + $csr = $asn1->asn1map($decoded[0], ASN1\CertificationRequest::MAP); if (!isset($csr) || $csr === false) { $this->currentCert = false; return false; @@ -3069,7 +2049,7 @@ class X509 $this->_mapOutDNs($csr, 'certificationRequestInfo/subject/rdnSequence', $asn1); $this->_mapOutAttributes($csr, 'certificationRequestInfo/attributes', $asn1); - $csr = $asn1->encodeDER($csr, $this->CertificationRequest); + $csr = $asn1->encodeDER($csr, ASN1\CertificationRequest::MAP); switch ($format) { case self::FORMAT_DER: @@ -3126,7 +2106,7 @@ class X509 return false; } - $spkac = $asn1->asn1map($decoded[0], $this->SignedPublicKeyAndChallenge); + $spkac = $asn1->asn1map($decoded[0], ASN1\SignedPublicKeyAndChallenge::MAP); if (!isset($spkac) || $spkac === false) { $this->currentCert = false; @@ -3185,7 +2165,7 @@ class X509 $asn1 = new ASN1(); $asn1->loadOIDs($this->oids); - $spkac = $asn1->encodeDER($spkac, $this->SignedPublicKeyAndChallenge); + $spkac = $asn1->encodeDER($spkac, ASN1\SignedPublicKeyAndChallenge::MAP); switch ($format) { case self::FORMAT_DER: @@ -3237,7 +2217,7 @@ class X509 return false; } - $crl = $asn1->asn1map($decoded[0], $this->CertificateList); + $crl = $asn1->asn1map($decoded[0], ASN1\CertificateList::MAP); if (!isset($crl) || $crl === false) { $this->currentCert = false; return false; @@ -3314,7 +2294,7 @@ class X509 } } - $crl = $asn1->encodeDER($crl, $this->CertificateList); + $crl = $asn1->encodeDER($crl, ASN1\CertificateList::MAP); switch ($format) { case self::FORMAT_DER: