octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-12-29 04:23:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

X509: Revamp base64 handling

Browse Source
This commit is contained in:
terrafrost 2013-04-02 19:36:52 -05:00
parent c5bd12dd14
commit fae87be6f5
1 changed files with 31 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
phpseclib/File/X509.php
View File

@ -1436,18 +1436,7 @@ class File_X509 {
$asn1 = new File_ASN1(); $asn1 = new File_ASN1();
/* $cert = $this->_extractBER($cert);
X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them above and beyond the ceritificate. ie.
some may have the following preceeding the -----BEGIN CERTIFICATE----- line:
subject=/O=organization/OU=org unit/CN=common name
issuer=/O=organization/CN=common name
*/
$temp = preg_replace('#^(?:[^-].+[\r\n]+)+|-.+-|[\r\n]| #', '', $cert);
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
if ($temp != false) {
$cert = $temp;
}
if ($cert === false) { if ($cert === false) {
$this->currentCert = false; $this->currentCert = false;
@ -2804,11 +2793,7 @@ class File_X509 {
$asn1 = new File_ASN1(); $asn1 = new File_ASN1();
$temp = preg_replace('#^(?:[^-].+[\r\n]+)+|-.+-|[\r\n]| #', '', $csr); $csr = $this->_extractBER($csr);
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
if ($temp != false) {
$csr = $temp;
}
$orig = $csr; $orig = $csr;
if ($csr === false) { if ($csr === false) {
@ -3000,11 +2985,7 @@ class File_X509 {
$asn1 = new File_ASN1(); $asn1 = new File_ASN1();
$temp = preg_replace('#^(?:[^-].+[\r\n]+)+|-.+-|[\r\n]| #', '', $crl); $crl = $this->_extractBER($crl);
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
if ($temp != false) {
$crl = $temp;
}
$orig = $crl; $orig = $crl;
if ($crl === false) { if ($crl === false) {
@ -4337,4 +4318,31 @@ class File_X509 {
return false; return false;
} }
}
/**
* Extract raw BER from Base64 encoding
*
* @access private
* @param String $str
* @return String
*/
function _extractBER($str)
{
/*
X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them above and beyond the ceritificate. ie.
some may have the following preceeding the -----BEGIN CERTIFICATE----- line:
Bag Attributes
localKeyID: 01 00 00 00
subject=/O=organization/OU=org unit/CN=common name
issuer=/O=organization/CN=common name
*/
$temp = preg_replace('#.*?^-+[^-]+-+#ms', '', $str, 1);
// remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff
$temp = preg_replace('#-+[^-]+-+#', '', $temp);
// remove new lines
$temp = str_replace(array("\r", "\n", ' '), '', $temp);
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
return $temp != false ? $temp : $str;
}
}