mirror of
https://github.com/danog/phpseclib.git
synced 2024-12-11 16:49:42 +01:00
X509: fix issue with explicit time tags whose maps expect implicit
This commit is contained in:
parent
19ad5d27da
commit
511f55de3d
@ -787,7 +787,14 @@ class File_ASN1
|
|||||||
case FILE_ASN1_TYPE_UTC_TIME:
|
case FILE_ASN1_TYPE_UTC_TIME:
|
||||||
case FILE_ASN1_TYPE_GENERALIZED_TIME:
|
case FILE_ASN1_TYPE_GENERALIZED_TIME:
|
||||||
if (class_exists('DateTime')) {
|
if (class_exists('DateTime')) {
|
||||||
if (isset($mapping['implicit'])) {
|
// for explicitly tagged optional stuff
|
||||||
|
if (is_array($decoded['content'])) {
|
||||||
|
$decoded['content'] = $decoded['content'][0]['content'];
|
||||||
|
}
|
||||||
|
// for implicitly tagged optional stuff
|
||||||
|
// in theory, doing isset($mapping['implicit']) would work but malformed certs do exist
|
||||||
|
// in the wild that OpenSSL decodes without issue so we'll support them as well
|
||||||
|
if (!is_object($decoded['content'])) {
|
||||||
$decoded['content'] = $this->_decodeDateTime($decoded['content'], $decoded['type']);
|
$decoded['content'] = $this->_decodeDateTime($decoded['content'], $decoded['type']);
|
||||||
}
|
}
|
||||||
if (!$decoded['content']) {
|
if (!$decoded['content']) {
|
||||||
@ -795,7 +802,10 @@ class File_ASN1
|
|||||||
}
|
}
|
||||||
return $decoded['content']->format($this->format);
|
return $decoded['content']->format($this->format);
|
||||||
} else {
|
} else {
|
||||||
if (isset($mapping['implicit'])) {
|
if (is_array($decoded['content'])) {
|
||||||
|
$decoded['content'] = $decoded['content'][0]['content'];
|
||||||
|
}
|
||||||
|
if (!is_int($decoded['content'])) {
|
||||||
$decoded['content'] = $this->_decodeUnixTime($decoded['content'], $decoded['type']);
|
$decoded['content'] = $this->_decodeUnixTime($decoded['content'], $decoded['type']);
|
||||||
}
|
}
|
||||||
return @date($this->format, $decoded['content']);
|
return @date($this->format, $decoded['content']);
|
||||||
|
@ -982,6 +982,13 @@ class File_X509
|
|||||||
'children' => $AccessDescription
|
'children' => $AccessDescription
|
||||||
);
|
);
|
||||||
|
|
||||||
|
$this->SubjectInfoAccessSyntax = array(
|
||||||
|
'type' => FILE_ASN1_TYPE_SEQUENCE,
|
||||||
|
'min' => 1,
|
||||||
|
'max' => -1,
|
||||||
|
'children' => $AccessDescription
|
||||||
|
);
|
||||||
|
|
||||||
$this->SubjectAltName = $GeneralNames;
|
$this->SubjectAltName = $GeneralNames;
|
||||||
|
|
||||||
$this->PrivateKeyUsagePeriod = array(
|
$this->PrivateKeyUsagePeriod = array(
|
||||||
@ -1922,6 +1929,8 @@ class File_X509
|
|||||||
return $this->ExtKeyUsageSyntax;
|
return $this->ExtKeyUsageSyntax;
|
||||||
case 'id-pe-authorityInfoAccess':
|
case 'id-pe-authorityInfoAccess':
|
||||||
return $this->AuthorityInfoAccessSyntax;
|
return $this->AuthorityInfoAccessSyntax;
|
||||||
|
case 'id-pe-subjectInfoAccess':
|
||||||
|
return $this->SubjectInfoAccessSyntax;
|
||||||
case 'id-ce-subjectAltName':
|
case 'id-ce-subjectAltName':
|
||||||
return $this->SubjectAltName;
|
return $this->SubjectAltName;
|
||||||
case 'id-ce-subjectDirectoryAttributes':
|
case 'id-ce-subjectDirectoryAttributes':
|
||||||
|
@ -363,4 +363,33 @@ class Unit_File_ASN1Test extends PhpseclibTestCase
|
|||||||
$this->assertSame(pack('H*', '6983f09da7ebcfdee0c7a1a7b2c0948cc8f9d776'), $new);
|
$this->assertSame(pack('H*', '6983f09da7ebcfdee0c7a1a7b2c0948cc8f9d776'), $new);
|
||||||
$this->assertSame($orig, $asn1->_decodeOID($new));
|
$this->assertSame($orig, $asn1->_decodeOID($new));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @group github1388
|
||||||
|
*/
|
||||||
|
public function testExplicitImplicitDate()
|
||||||
|
{
|
||||||
|
$map = [
|
||||||
|
'type' => FILE_ASN1_TYPE_SEQUENCE,
|
||||||
|
'children' => [
|
||||||
|
'notBefore' => [
|
||||||
|
'constant' => 0,
|
||||||
|
'optional' => true,
|
||||||
|
'implicit' => true,
|
||||||
|
'type' => FILE_ASN1_TYPE_GENERALIZED_TIME],
|
||||||
|
'notAfter' => [
|
||||||
|
'constant' => 1,
|
||||||
|
'optional' => true,
|
||||||
|
'implicit' => true,
|
||||||
|
'type' => FILE_ASN1_TYPE_GENERALIZED_TIME]
|
||||||
|
]
|
||||||
|
];
|
||||||
|
|
||||||
|
$asn1 = new File_ASN1();
|
||||||
|
$a = pack('H*', '3026a011180f32303137303432313039303535305aa111180f32303138303432313230353935395a');
|
||||||
|
$a = $asn1->decodeBER($a);
|
||||||
|
$a = $asn1->asn1map($a[0], $map);
|
||||||
|
|
||||||
|
$this->assertInternalType('array', $a);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user