1
0
mirror of https://github.com/danog/phpseclib.git synced 2025-01-22 04:51:19 +01:00

X509: Suppress {get|set|remove}CRLExtension() functions: non *CRL* functions are now polymorphic.

This commit is contained in:
Patrick Monnerat 2012-11-07 15:18:55 +01:00
parent 1a0ae1ff76
commit bf2107eaa8

View File

@ -1853,7 +1853,7 @@ class File_X509 {
for ($i = 0; $i < count($this->CAs); $i++) {
$ca = $this->CAs[$i];
if ($this->currentCert['tbsCertList']['issuer'] === $ca['tbsCertificate']['subject']) {
$authorityKey = $this->getCRLExtension('id-ce-authorityKeyIdentifier');
$authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier');
$subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca);
switch (true) {
case !is_array($authorityKey):
@ -2959,12 +2959,12 @@ class File_X509 {
$crlNumber = $this->serialNumber;
}
else {
$crlNumber = $this->getCRLExtension('id-ce-cRLNumber');
$crlNumber = $this->getExtension('id-ce-cRLNumber');
$crlNumber = $crlNumber !== false ? $crlNumber->add(new Math_BigInteger(1)) : NULL;
}
$this->removeCRLExtension('id-ce-authorityKeyIdentifier');
$this->removeCRLExtension('id-ce-issuerAltName');
$this->removeExtension('id-ce-authorityKeyIdentifier');
$this->removeExtension('id-ce-issuerAltName');
// Be sure version >= v2 if some extension found.
$version = isset($tbsCertList['version']) ? $tbsCertList['version'] : 0;
@ -2988,11 +2988,11 @@ class File_X509 {
// Store additional extensions.
if (!empty($tbsCertList['version'])) { // At least v2.
if (!empty($crlNumber)) {
$this->setCRLExtension('id-ce-cRLNumber', $crlNumber);
$this->setExtension('id-ce-cRLNumber', $crlNumber);
}
if (isset($issuer->currentKeyIdentifier)) {
$this->setCRLExtension('id-ce-authorityKeyIdentifier', array(
$this->setExtension('id-ce-authorityKeyIdentifier', array(
//'authorityCertIssuer' => array(
// array(
// 'directoryName' => $issuer->dn
@ -3011,7 +3011,7 @@ class File_X509 {
$issuerAltName = $this->getExtension('id-ce-subjectAltName', $issuer->currentCert);
if ($issuerAltName !== false) {
$this->setCRLExtension('id-ce-issuerAltName', $issuerAltName);
$this->setExtension('id-ce-issuerAltName', $issuerAltName);
}
}
@ -3161,17 +3161,54 @@ class File_X509 {
return $root;
}
/**
* Get a reference to an extension subarray
*
* @param array $root
* @param String $path optional absolute path with / as component separator
* @param Boolean $create optional
* @access private
* @return array ref or false
*/
function &_extensions(&$root, $path = NULL, $create = false)
{
if (!isset($root)) {
$root = $this->currentCert;
}
switch (true) {
case !empty($path):
case !is_array($root):
break;
case isset($root['tbsCertificate']):
$path = 'tbsCertificate/extensions';
break;
case isset($root['tbsCertList']):
$path = 'tbsCertList/crlExtensions';
break;
}
$extensions = &$this->_subArray($root, $path, $create);
if (!is_array($extensions)) {
$false = false;
return $false;
}
return $extensions;
}
/**
* Remove an Extension
*
* @param String $id
* @param String $path optional
* @access public
* @access private
* @return Boolean
*/
function removeExtension($id, $path = 'tbsCertificate/extensions')
function _removeExtension($id, $path = NULL)
{
$extensions = &$this->_subArray($this->currentCert, $path);
$extensions = &$this->_extensions($this->currentCert, $path);
if (!is_array($extensions)) {
return false;
@ -3186,22 +3223,9 @@ class File_X509 {
}
$extensions = array_values($extensions);
return $result;
}
/**
* Remove a CRL Extension
*
* @param String $id
* @access public
* @return Boolean
*/
function removeCRLExtension($id)
{
return $this->removeExtension($id, 'tbsCertList/crlExtensions');
}
/**
* Get an Extension
*
@ -3210,16 +3234,12 @@ class File_X509 {
* @param String $id
* @param Array $cert optional
* @param String $path optional
* @access public
* @access private
* @return Mixed
*/
function getExtension($id, $cert = NULL, $path = 'tbsCertificate/extensions')
function _getExtension($id, $cert = NULL, $path = NULL)
{
if (!isset($cert)) {
$cert = $this->currentCert;
}
$extensions = $this->_subArray($cert, $path);
$extensions = $this->_extensions($cert, $path);
if (!is_array($extensions)) {
return false;
@ -3234,36 +3254,17 @@ class File_X509 {
return false;
}
/**
* Get a CRL Extension
*
* Returns the extension if it exists and false if not
*
* @param String $id
* @param Array $crl optional
* @access public
* @return Mixed
*/
function getCRLExtension($id, $crl = NULL)
{
return $this->getExtension($id, $crl, 'tbsCertList/crlExtensions');
}
/**
* Returns a list of all extensions in use
*
* @param array $cert optional
* @param String $path optional
* @access public
* @access private
* @return Array
*/
function getExtensions($cert = NULL, $path = 'tbsCertificate/extensions')
function _getExtensions($cert = NULL, $path = NULL)
{
if (!isset($cert)) {
$cert = $this->currentCert;
}
$exts = $this->_subArray($cert, $path);
$exts = $this->_extensions($cert, $path);
$extensions = array();
if (is_array($exts)) {
@ -3275,18 +3276,6 @@ class File_X509 {
return $extensions;
}
/**
* Returns a list of all CRL extensions in use
*
* @param array $crl optional
* @access public
* @return Array
*/
function getCRLExtensions($crl = NULL)
{
return $this->getExtensions($crl, 'tbsCertList/crlExtensions');
}
/**
* Set an Extension
*
@ -3295,12 +3284,12 @@ class File_X509 {
* @param Boolean $critical optional
* @param Boolean $replace optional
* @param String $path optional
* @access public
* @access private
* @return Boolean
*/
function setExtension($id, $value, $critical = false, $replace = true, $path = 'tbsCertificate/extensions')
function _setExtension($id, $value, $critical = false, $replace = true, $path = NULL)
{
$extensions = &$this->_subArray($this->currentCert, $path, true);
$extensions = &$this->_extensions($this->currentCert, $path, true);
if (!is_array($extensions)) {
return false;
@ -3324,18 +3313,57 @@ class File_X509 {
}
/**
* Set a CRL Extension
* Remove a certificate or CRL Extension
*
* @param String $id
* @access public
* @return Boolean
*/
function removeExtension($id)
{
return $this->_removeExtension($id);
}
/**
* Get a certificate or CRL Extension
*
* Returns the extension if it exists and false if not
*
* @param String $id
* @param Array $cert optional
* @access public
* @return Mixed
*/
function getExtension($id, $cert = NULL)
{
return $this->_getExtension($id, $cert);
}
/**
* Returns a list of all extensions in use in certificate or CRL
*
* @param array $cert optional
* @access public
* @return Array
*/
function getExtensions($cert = NULL)
{
return $this->_getExtensions($cert);
}
/**
* Set a certificate or CRL Extension
*
* @param String $id
* @param Mixed $value
* @param Boolean $critical optional
* @param Boolean $replace optional
* @access public
* @access private
* @return Boolean
*/
function setCRLExtension($id, $value, $critical = false, $replace = true)
function setExtension($id, $value, $critical = false, $replace = true)
{
return $this->setExtension($id, $value, $critical, $replace, 'tbsCertList/crlExtensions');
return $this->_setExtension($id, $value, $critical, $replace);
}
/**
@ -3607,7 +3635,7 @@ class File_X509 {
{
if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) {
if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) {
return $this->removeExtension($id, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
return $this->_removeExtension($id, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
}
}
@ -3633,7 +3661,7 @@ class File_X509 {
if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) {
if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) {
return $this->getExtension($id, $crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
return $this->_getExtension($id, $crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
}
}
@ -3656,7 +3684,7 @@ class File_X509 {
if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) {
if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) {
return $this->getExtensions($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
return $this->_getExtensions($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
}
}
@ -3679,7 +3707,7 @@ class File_X509 {
if (isset($this->currentCert['tbsCertList'])) {
if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) {
if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) {
return $this->setExtension($id, $value, $critical, $replace, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
return $this->_setExtension($id, $value, $critical, $replace, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
}
}
}