mirror of
https://github.com/danog/phpseclib.git
synced 2024-11-27 04:46:26 +01:00
X509: improve base64-encoded detection rules
This commit is contained in:
parent
dd34eb1c30
commit
46bb95a265
@ -3104,7 +3104,7 @@ class Crypt_RSA
|
||||
* subject=/O=organization/OU=org unit/CN=common name
|
||||
* issuer=/O=organization/CN=common name
|
||||
*/
|
||||
$temp = preg_replace('#.*?^-+[^-]+-+#ms', '', $str, 1);
|
||||
$temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1);
|
||||
// remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff
|
||||
$temp = preg_replace('#-+[^-]+-+#', '', $temp);
|
||||
// remove new lines
|
||||
|
@ -110,6 +110,12 @@ define('FILE_X509_FORMAT_DER', 1);
|
||||
* Only works on CSRs. Not currently supported.
|
||||
*/
|
||||
define('FILE_X509_FORMAT_SPKAC', 2);
|
||||
/**
|
||||
* Auto-detect the format
|
||||
*
|
||||
* Used only by the load*() functions
|
||||
*/
|
||||
define('FILE_X509_FORMAT_AUTO_DETECT', 3);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
@ -1423,10 +1429,11 @@ class File_X509
|
||||
* Returns an associative array describing the X.509 cert or a false if the cert failed to load
|
||||
*
|
||||
* @param string $cert
|
||||
* @param int $mode
|
||||
* @access public
|
||||
* @return mixed
|
||||
*/
|
||||
function loadX509($cert)
|
||||
function loadX509($cert, $mode = FILE_X509_FORMAT_AUTO_DETECT)
|
||||
{
|
||||
if (is_array($cert) && isset($cert['tbsCertificate'])) {
|
||||
unset($this->currentCert);
|
||||
@ -1447,7 +1454,13 @@ class File_X509
|
||||
|
||||
$asn1 = new File_ASN1();
|
||||
|
||||
$cert = $this->_extractBER($cert);
|
||||
if ($mode != FILE_X509_FORMAT_DER) {
|
||||
$newcert = $this->_extractBER($cert);
|
||||
if ($mode == FILE_X509_FORMAT_PEM && $cert == $newcert) {
|
||||
return false;
|
||||
}
|
||||
$cert = $newcert;
|
||||
}
|
||||
|
||||
if ($cert === false) {
|
||||
$this->currentCert = false;
|
||||
@ -2846,7 +2859,7 @@ class File_X509
|
||||
* @access public
|
||||
* @return mixed
|
||||
*/
|
||||
function loadCSR($csr)
|
||||
function loadCSR($csr, $mode = FILE_X509_FORMAT_AUTO_DETECT)
|
||||
{
|
||||
if (is_array($csr) && isset($csr['certificationRequestInfo'])) {
|
||||
unset($this->currentCert);
|
||||
@ -2865,7 +2878,13 @@ class File_X509
|
||||
|
||||
$asn1 = new File_ASN1();
|
||||
|
||||
$csr = $this->_extractBER($csr);
|
||||
if ($mode != FILE_X509_FORMAT_DER) {
|
||||
$newcsr = $this->_extractBER($csr);
|
||||
if ($mode == FILE_X509_FORMAT_PEM && $csr == $newcsr) {
|
||||
return false;
|
||||
}
|
||||
$csr = $newcsr;
|
||||
}
|
||||
$orig = $csr;
|
||||
|
||||
if ($csr === false) {
|
||||
@ -3091,7 +3110,7 @@ class File_X509
|
||||
* @access public
|
||||
* @return mixed
|
||||
*/
|
||||
function loadCRL($crl)
|
||||
function loadCRL($crl, $mode = FILE_X509_FORMAT_AUTO_DETECT)
|
||||
{
|
||||
if (is_array($crl) && isset($crl['tbsCertList'])) {
|
||||
$this->currentCert = $crl;
|
||||
@ -3101,7 +3120,13 @@ class File_X509
|
||||
|
||||
$asn1 = new File_ASN1();
|
||||
|
||||
$crl = $this->_extractBER($crl);
|
||||
if ($mode != FILE_X509_FORMAT_DER) {
|
||||
$newcrl = $this->_extractBER($crl);
|
||||
if ($mode == FILE_X509_FORMAT_PEM && $crl == $newcrl) {
|
||||
return false;
|
||||
}
|
||||
$crl = $newcrl;
|
||||
}
|
||||
$orig = $crl;
|
||||
|
||||
if ($crl === false) {
|
||||
@ -4606,7 +4631,7 @@ class File_X509
|
||||
* subject=/O=organization/OU=org unit/CN=common name
|
||||
* issuer=/O=organization/CN=common name
|
||||
*/
|
||||
$temp = preg_replace('#.*?^-+[^-]+-+#ms', '', $str, 1);
|
||||
$temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1);
|
||||
// remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff
|
||||
$temp = preg_replace('#-+[^-]+-+#', '', $temp);
|
||||
// remove new lines
|
||||
|
@ -68,4 +68,29 @@ draiRBZruwMPwPIP
|
||||
|
||||
$this->assertInternalType('array', $csr);
|
||||
}
|
||||
|
||||
public function testCSRDER()
|
||||
{
|
||||
$csr = 'MIICdzCCAV8CAQEwDDEKMAgGA1UEAwwBeDCCASIwDQYJKoZIhvcNAQEBBQADggEP' .
|
||||
'ADCCAQoCggEBALtcrFDD2AHe3x2bR00wPDsPH6FJLxr5uc1ybb+ldDB5xNVImC8P' .
|
||||
'LU6VXDZ5z68KjSovs1q0OWJWfCjlAuGLzqO35s86LI1CFuTFdkScVHMwh8zUVFoP' .
|
||||
'pG7/9rKaNxCgaHs4evxjxQP2+Ny7tBqPLb/KV0exm6Twocf963jC/Tyn57G5erRf' .
|
||||
'zpFrfK7DozhxY7znumJ4FuSn0TVkD6PPwZFn9VoTjv2ZoJmacGK+0r5yNKG799F5' .
|
||||
'K8EgDrOCfbzCZjX6GJctyn2SNPTeBuXS9piH21FGnJAryv80zG+zUqFdEyoLUGJt' .
|
||||
'4Vy6+tDP9cW68fiwTZS1Oc1VeFdL1G/CrjkCAwEAAaAmMCQGCSqGSIb3DQEJDjEX' .
|
||||
'MBUwEwYKKwYBBAGCqlsBCQQFMAOCAQEwDQYJKoZIhvcNAQELBQADggEBAF4XOd+1' .
|
||||
'jkJOYRInNpHfhzSD/ktDY50gpLPuDvl4f/ZBlKrb1eDYQG5F3bnYzoZWHN4n+6Zs' .
|
||||
'CkljXs5ZPUZ5LuVpASumoG/aHXGz8c8NC3asJ1V73ljEPAfIXwqoIUoaP9jLL+Ee' .
|
||||
'zy/ZCi2NKWVo2D7ocnn79oblAem9ksSeQl4z3Gvhuug6MsMqn96NU/ZY/vjYzAjb' .
|
||||
'MAvJIVRY0rbCxbFa0K+XNJtF7GLyBxyPNFWCvADhvm9C4uPmoypYg7MY6EewJInN' .
|
||||
'xzMH7I4xDLjNu0VBa6lAxTvflp0joQHKlTYX0SDIKPbQivjZMuObPuxDtkVZ0rQl' .
|
||||
'AjmgMowaN5otTXM=';
|
||||
$csr = base64_decode($csr);
|
||||
|
||||
$x509 = new File_X509();
|
||||
|
||||
$csr = $x509->loadCSR($csr);
|
||||
|
||||
$this->assertInternalType('array', $csr);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user