mirror of
https://github.com/danog/phpseclib.git
synced 2025-01-22 04:51:19 +01:00
Merge remote-tracking branch 'michael/fix_cert_time_encoding'
This commit is contained in:
commit
ea4dc53a06
@ -162,7 +162,7 @@ class File_ASN1
|
||||
* @access private
|
||||
* @link http://php.net/class.datetime
|
||||
*/
|
||||
var $format = 'D, d M y H:i:s O';
|
||||
var $format = 'D, d M Y H:i:s O';
|
||||
|
||||
/**
|
||||
* Default date format
|
||||
|
@ -3116,6 +3116,28 @@ class File_X509
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Helper function to build a time field according to RFC 3280 section
|
||||
* - 4.1.2.5 Validity
|
||||
* - 5.1.2.4 This Update
|
||||
* - 5.1.2.5 Next Update
|
||||
* - 5.1.2.6 Revoked Certificates
|
||||
* by choosing utcTime iff year of date given is before 2050 and generalTime else.
|
||||
*
|
||||
* @param String $date in format date('D, d M Y H:i:s O')
|
||||
* @access private
|
||||
* @return Array
|
||||
*/
|
||||
function _timeField($date)
|
||||
{
|
||||
$year = @gmdate("Y", @strtotime($date)); // the same way ASN1.php parses this
|
||||
if ($year < 2050) {
|
||||
return Array('utcTime' => $date);
|
||||
} else {
|
||||
return Array('generalTime' => $date);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sign an X.509 certificate
|
||||
*
|
||||
@ -3148,12 +3170,10 @@ class File_X509
|
||||
$this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm;
|
||||
|
||||
if (!empty($this->startDate)) {
|
||||
$this->currentCert['tbsCertificate']['validity']['notBefore']['generalTime'] = $this->startDate;
|
||||
unset($this->currentCert['tbsCertificate']['validity']['notBefore']['utcTime']);
|
||||
$this->currentCert['tbsCertificate']['validity']['notBefore'] = $this->_timeField($this->startDate);
|
||||
}
|
||||
if (!empty($this->endDate)) {
|
||||
$this->currentCert['tbsCertificate']['validity']['notAfter']['generalTime'] = $this->endDate;
|
||||
unset($this->currentCert['tbsCertificate']['validity']['notAfter']['utcTime']);
|
||||
$this->currentCert['tbsCertificate']['validity']['notAfter'] = $this->_timeField($this->endDate);
|
||||
}
|
||||
if (!empty($this->serialNumber)) {
|
||||
$this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber;
|
||||
@ -3175,8 +3195,8 @@ class File_X509
|
||||
return false;
|
||||
}
|
||||
|
||||
$startDate = !empty($this->startDate) ? $this->startDate : @date('D, d M y H:i:s O');
|
||||
$endDate = !empty($this->endDate) ? $this->endDate : @date('D, d M y H:i:s O', strtotime('+1 year'));
|
||||
$startDate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O');
|
||||
$endDate = !empty($this->endDate) ? $this->endDate : @date('D, d M Y H:i:s O', strtotime('+1 year'));
|
||||
$serialNumber = !empty($this->serialNumber) ? $this->serialNumber : new Math_BigInteger();
|
||||
|
||||
$this->currentCert = array(
|
||||
@ -3187,8 +3207,8 @@ class File_X509
|
||||
'signature' => array('algorithm' => $signatureAlgorithm),
|
||||
'issuer' => false, // this is going to be overwritten later
|
||||
'validity' => array(
|
||||
'notBefore' => array('generalTime' => $startDate), // $this->setStartDate()
|
||||
'notAfter' => array('generalTime' => $endDate) // $this->setEndDate()
|
||||
'notBefore' => $this->_timeField($startDate), // $this->setStartDate()
|
||||
'notAfter' => $this->_timeField($endDate) // $this->setEndDate()
|
||||
),
|
||||
'subject' => $subject->dn,
|
||||
'subjectPublicKeyInfo' => $subjectPublicKey
|
||||
@ -3367,7 +3387,7 @@ class File_X509
|
||||
|
||||
$currentCert = isset($this->currentCert) ? $this->currentCert : null;
|
||||
$signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null;
|
||||
$thisUpdate = !empty($this->startDate) ? $this->startDate : @date('D, d M y H:i:s O');
|
||||
$thisUpdate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O');
|
||||
|
||||
if (isset($crl->currentCert) && is_array($crl->currentCert) && isset($crl->currentCert['tbsCertList'])) {
|
||||
$this->currentCert = $crl->currentCert;
|
||||
@ -3380,7 +3400,7 @@ class File_X509
|
||||
'version' => 'v2',
|
||||
'signature' => array('algorithm' => $signatureAlgorithm),
|
||||
'issuer' => false, // this is going to be overwritten later
|
||||
'thisUpdate' => array('generalTime' => $thisUpdate) // $this->setStartDate()
|
||||
'thisUpdate' => $this->_timeField($thisUpdate) // $this->setStartDate()
|
||||
),
|
||||
'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm),
|
||||
'signature' => false // this is going to be overwritten later
|
||||
@ -3389,10 +3409,10 @@ class File_X509
|
||||
|
||||
$tbsCertList = &$this->currentCert['tbsCertList'];
|
||||
$tbsCertList['issuer'] = $issuer->dn;
|
||||
$tbsCertList['thisUpdate'] = array('generalTime' => $thisUpdate);
|
||||
$tbsCertList['thisUpdate'] = $this->_timeField($thisUpdate);
|
||||
|
||||
if (!empty($this->endDate)) {
|
||||
$tbsCertList['nextUpdate'] = array('generalTime' => $this->endDate); // $this->setEndDate()
|
||||
$tbsCertList['nextUpdate'] = $this->_timeField($this->endDate); // $this->setEndDate()
|
||||
} else {
|
||||
unset($tbsCertList['nextUpdate']);
|
||||
}
|
||||
@ -3515,7 +3535,7 @@ class File_X509
|
||||
*/
|
||||
function setStartDate($date)
|
||||
{
|
||||
$this->startDate = @date('D, d M y H:i:s O', @strtotime($date));
|
||||
$this->startDate = @date('D, d M Y H:i:s O', @strtotime($date));
|
||||
}
|
||||
|
||||
/**
|
||||
@ -3539,7 +3559,7 @@ class File_X509
|
||||
$temp = chr(FILE_ASN1_TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp;
|
||||
$this->endDate = new File_ASN1_Element($temp);
|
||||
} else {
|
||||
$this->endDate = @date('D, d M y H:i:s O', @strtotime($date));
|
||||
$this->endDate = @date('D, d M Y H:i:s O', @strtotime($date));
|
||||
}
|
||||
}
|
||||
|
||||
@ -4213,7 +4233,7 @@ class File_X509
|
||||
|
||||
$i = count($rclist);
|
||||
$rclist[] = array('userCertificate' => $serial,
|
||||
'revocationDate' => array('generalTime' => @date('D, d M y H:i:s O')));
|
||||
'revocationDate' => $this->_timeField(@date('D, d M Y H:i:s O')));
|
||||
return $i;
|
||||
}
|
||||
|
||||
@ -4233,7 +4253,7 @@ class File_X509
|
||||
if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) {
|
||||
|
||||
if (!empty($date)) {
|
||||
$rclist[$i]['revocationDate'] = array('generalTime' => $date);
|
||||
$rclist[$i]['revocationDate'] = $this->_timeField($date);
|
||||
}
|
||||
|
||||
return true;
|
||||
|
Loading…
x
Reference in New Issue
Block a user