mirror of
https://github.com/phpseclib/phpseclib.git
synced 2025-01-13 18:02:58 +00:00
Merge remote-tracking branch 'michael/fix_cert_time_encoding'
This commit is contained in:
commit
ea4dc53a06
@ -162,7 +162,7 @@ class File_ASN1
|
|||||||
* @access private
|
* @access private
|
||||||
* @link http://php.net/class.datetime
|
* @link http://php.net/class.datetime
|
||||||
*/
|
*/
|
||||||
var $format = 'D, d M y H:i:s O';
|
var $format = 'D, d M Y H:i:s O';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default date format
|
* Default date format
|
||||||
|
@ -3116,6 +3116,28 @@ class File_X509
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Helper function to build a time field according to RFC 3280 section
|
||||||
|
* - 4.1.2.5 Validity
|
||||||
|
* - 5.1.2.4 This Update
|
||||||
|
* - 5.1.2.5 Next Update
|
||||||
|
* - 5.1.2.6 Revoked Certificates
|
||||||
|
* by choosing utcTime iff year of date given is before 2050 and generalTime else.
|
||||||
|
*
|
||||||
|
* @param String $date in format date('D, d M Y H:i:s O')
|
||||||
|
* @access private
|
||||||
|
* @return Array
|
||||||
|
*/
|
||||||
|
function _timeField($date)
|
||||||
|
{
|
||||||
|
$year = @gmdate("Y", @strtotime($date)); // the same way ASN1.php parses this
|
||||||
|
if ($year < 2050) {
|
||||||
|
return Array('utcTime' => $date);
|
||||||
|
} else {
|
||||||
|
return Array('generalTime' => $date);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sign an X.509 certificate
|
* Sign an X.509 certificate
|
||||||
*
|
*
|
||||||
@ -3148,12 +3170,10 @@ class File_X509
|
|||||||
$this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm;
|
$this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm;
|
||||||
|
|
||||||
if (!empty($this->startDate)) {
|
if (!empty($this->startDate)) {
|
||||||
$this->currentCert['tbsCertificate']['validity']['notBefore']['generalTime'] = $this->startDate;
|
$this->currentCert['tbsCertificate']['validity']['notBefore'] = $this->_timeField($this->startDate);
|
||||||
unset($this->currentCert['tbsCertificate']['validity']['notBefore']['utcTime']);
|
|
||||||
}
|
}
|
||||||
if (!empty($this->endDate)) {
|
if (!empty($this->endDate)) {
|
||||||
$this->currentCert['tbsCertificate']['validity']['notAfter']['generalTime'] = $this->endDate;
|
$this->currentCert['tbsCertificate']['validity']['notAfter'] = $this->_timeField($this->endDate);
|
||||||
unset($this->currentCert['tbsCertificate']['validity']['notAfter']['utcTime']);
|
|
||||||
}
|
}
|
||||||
if (!empty($this->serialNumber)) {
|
if (!empty($this->serialNumber)) {
|
||||||
$this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber;
|
$this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber;
|
||||||
@ -3175,8 +3195,8 @@ class File_X509
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$startDate = !empty($this->startDate) ? $this->startDate : @date('D, d M y H:i:s O');
|
$startDate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O');
|
||||||
$endDate = !empty($this->endDate) ? $this->endDate : @date('D, d M y H:i:s O', strtotime('+1 year'));
|
$endDate = !empty($this->endDate) ? $this->endDate : @date('D, d M Y H:i:s O', strtotime('+1 year'));
|
||||||
$serialNumber = !empty($this->serialNumber) ? $this->serialNumber : new Math_BigInteger();
|
$serialNumber = !empty($this->serialNumber) ? $this->serialNumber : new Math_BigInteger();
|
||||||
|
|
||||||
$this->currentCert = array(
|
$this->currentCert = array(
|
||||||
@ -3187,8 +3207,8 @@ class File_X509
|
|||||||
'signature' => array('algorithm' => $signatureAlgorithm),
|
'signature' => array('algorithm' => $signatureAlgorithm),
|
||||||
'issuer' => false, // this is going to be overwritten later
|
'issuer' => false, // this is going to be overwritten later
|
||||||
'validity' => array(
|
'validity' => array(
|
||||||
'notBefore' => array('generalTime' => $startDate), // $this->setStartDate()
|
'notBefore' => $this->_timeField($startDate), // $this->setStartDate()
|
||||||
'notAfter' => array('generalTime' => $endDate) // $this->setEndDate()
|
'notAfter' => $this->_timeField($endDate) // $this->setEndDate()
|
||||||
),
|
),
|
||||||
'subject' => $subject->dn,
|
'subject' => $subject->dn,
|
||||||
'subjectPublicKeyInfo' => $subjectPublicKey
|
'subjectPublicKeyInfo' => $subjectPublicKey
|
||||||
@ -3367,7 +3387,7 @@ class File_X509
|
|||||||
|
|
||||||
$currentCert = isset($this->currentCert) ? $this->currentCert : null;
|
$currentCert = isset($this->currentCert) ? $this->currentCert : null;
|
||||||
$signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null;
|
$signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null;
|
||||||
$thisUpdate = !empty($this->startDate) ? $this->startDate : @date('D, d M y H:i:s O');
|
$thisUpdate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O');
|
||||||
|
|
||||||
if (isset($crl->currentCert) && is_array($crl->currentCert) && isset($crl->currentCert['tbsCertList'])) {
|
if (isset($crl->currentCert) && is_array($crl->currentCert) && isset($crl->currentCert['tbsCertList'])) {
|
||||||
$this->currentCert = $crl->currentCert;
|
$this->currentCert = $crl->currentCert;
|
||||||
@ -3380,7 +3400,7 @@ class File_X509
|
|||||||
'version' => 'v2',
|
'version' => 'v2',
|
||||||
'signature' => array('algorithm' => $signatureAlgorithm),
|
'signature' => array('algorithm' => $signatureAlgorithm),
|
||||||
'issuer' => false, // this is going to be overwritten later
|
'issuer' => false, // this is going to be overwritten later
|
||||||
'thisUpdate' => array('generalTime' => $thisUpdate) // $this->setStartDate()
|
'thisUpdate' => $this->_timeField($thisUpdate) // $this->setStartDate()
|
||||||
),
|
),
|
||||||
'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm),
|
'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm),
|
||||||
'signature' => false // this is going to be overwritten later
|
'signature' => false // this is going to be overwritten later
|
||||||
@ -3389,10 +3409,10 @@ class File_X509
|
|||||||
|
|
||||||
$tbsCertList = &$this->currentCert['tbsCertList'];
|
$tbsCertList = &$this->currentCert['tbsCertList'];
|
||||||
$tbsCertList['issuer'] = $issuer->dn;
|
$tbsCertList['issuer'] = $issuer->dn;
|
||||||
$tbsCertList['thisUpdate'] = array('generalTime' => $thisUpdate);
|
$tbsCertList['thisUpdate'] = $this->_timeField($thisUpdate);
|
||||||
|
|
||||||
if (!empty($this->endDate)) {
|
if (!empty($this->endDate)) {
|
||||||
$tbsCertList['nextUpdate'] = array('generalTime' => $this->endDate); // $this->setEndDate()
|
$tbsCertList['nextUpdate'] = $this->_timeField($this->endDate); // $this->setEndDate()
|
||||||
} else {
|
} else {
|
||||||
unset($tbsCertList['nextUpdate']);
|
unset($tbsCertList['nextUpdate']);
|
||||||
}
|
}
|
||||||
@ -3515,7 +3535,7 @@ class File_X509
|
|||||||
*/
|
*/
|
||||||
function setStartDate($date)
|
function setStartDate($date)
|
||||||
{
|
{
|
||||||
$this->startDate = @date('D, d M y H:i:s O', @strtotime($date));
|
$this->startDate = @date('D, d M Y H:i:s O', @strtotime($date));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -3539,7 +3559,7 @@ class File_X509
|
|||||||
$temp = chr(FILE_ASN1_TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp;
|
$temp = chr(FILE_ASN1_TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp;
|
||||||
$this->endDate = new File_ASN1_Element($temp);
|
$this->endDate = new File_ASN1_Element($temp);
|
||||||
} else {
|
} else {
|
||||||
$this->endDate = @date('D, d M y H:i:s O', @strtotime($date));
|
$this->endDate = @date('D, d M Y H:i:s O', @strtotime($date));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -4213,7 +4233,7 @@ class File_X509
|
|||||||
|
|
||||||
$i = count($rclist);
|
$i = count($rclist);
|
||||||
$rclist[] = array('userCertificate' => $serial,
|
$rclist[] = array('userCertificate' => $serial,
|
||||||
'revocationDate' => array('generalTime' => @date('D, d M y H:i:s O')));
|
'revocationDate' => $this->_timeField(@date('D, d M Y H:i:s O')));
|
||||||
return $i;
|
return $i;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -4233,7 +4253,7 @@ class File_X509
|
|||||||
if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) {
|
if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) {
|
||||||
|
|
||||||
if (!empty($date)) {
|
if (!empty($date)) {
|
||||||
$rclist[$i]['revocationDate'] = array('generalTime' => $date);
|
$rclist[$i]['revocationDate'] = $this->_timeField($date);
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
Loading…
Reference in New Issue
Block a user