1
0
mirror of https://github.com/danog/tgseclib.git synced 2024-12-11 16:49:41 +01:00
Commit Graph

122 Commits

Author SHA1 Message Date
Patrick Monnerat
18fc6b7712 X509: Fix typo: ';' --> ':' 2012-12-10 12:27:07 +01:00
Patrick Monnerat
06779a92de Merge branch 'master' of https://github.com/phpseclib/phpseclib into pmexts 2012-12-10 12:10:06 +01:00
Patrick Monnerat
f039a6ebc2 RSA: Allow changing openssl configuration file. X509: process HoldInstructionCode.
Also fixes HoldInstruction* OIDs.
2012-12-10 12:07:49 +01:00
terrafrost
27f6012d62 Make it so extension OIDs can be File_ASN1_Elements 2012-12-01 10:52:10 -06:00
terrafrost
d130d2274d Make the save*() functions save in multiple formats
Currently only PEM and DER supported.

Also make fuzzing enhancements
2012-11-30 08:31:16 -06:00
terrafrost
3c6ae4312f The user_error in _handle_error shouldn't be replaced.. 2012-11-29 00:19:09 -06:00
terrafrost
3caaa91160 Replace user_error() with new _handle_error() function
To use exceptions do define('PHPSECLIB_USE_EXCEPTIONS', true).

To have the exceptions thrown by phpseclib be of a certain class define PHPSECLIB_EXCEPTION_CLASS.
2012-11-28 23:33:15 -06:00
terrafrost
8ea452ed31 type in comment
(testing out github.com's edit via web interface)
2012-11-27 10:11:49 -06:00
terrafrost
0b9f743343 Add getChain() function
Also improve loading of raw certs
2012-11-25 23:06:58 -06:00
terrafrost
76cb693d62 CS adjustments, make it so PEM-encoded CRLs can be read (again) and make it so already decoded CSRs and CRLs can be read 2012-11-23 19:04:04 -06:00
terrafrost
7e120a0f30 Make validateSignature() behave more intuitively 2012-11-19 21:10:22 -06:00
terrafrost
406e7e90e9 CS adjustments 2012-11-18 16:16:11 -06:00
Patrick Monnerat
a61d7ba29b X509: *Attribute() functions may now handle single values. 2012-11-14 16:33:32 +01:00
terrafrost
691f4d1e62 Make it so loadCA() doesn't have to be called before loadX509() or loadCRL() 2012-11-13 00:43:45 -06:00
terrafrost
d492d19748 X509: Missing $ 2012-11-13 00:37:54 -06:00
terrafrost
1fd87dcd35 Fix bug in listRevoked() and make it so getSubjectDN() doesn't return issuer DN for CRLs 2012-11-13 00:33:15 -06:00
terrafrost
1abc7e742b X509: CSRs and CRLs didn't have the signatureSubject variable saved properly 2012-11-12 23:51:41 -06:00
terrafrost
661eb8db3f Missing ; 2012-11-12 01:05:24 -06:00
terrafrost
0e0eebf456 CS adjustments, make loadXXX() take in binary data, and make getDN() == getIssuerDN() for CRLs 2012-11-12 00:46:03 -06:00
Patrick Monnerat
ac8d0172eb Merge branch 'master' of https://github.com/phpseclib/phpseclib into pmexts 2012-11-08 12:51:07 +01:00
Patrick Monnerat
7fbf089e32 X509: Do not use memory-wasting create_function() 2012-11-08 12:45:17 +01:00
Patrick Monnerat
dde23464a1 X509: Fix typo. 2012-11-07 16:29:18 +01:00
Patrick Monnerat
5ef4f9900a X509: Suppress {get|set|remove}CRLExtension() functions: non *CRL* functions are now polymorphic. 2012-11-07 16:23:01 +01:00
Patrick Monnerat
d980a91360 X509: Fix DirectoryString syntax 2012-11-07 16:21:23 +01:00
Patrick Monnerat
9860f020c3 X509: Fix typo. 2012-11-07 15:41:41 +01:00
Patrick Monnerat
9b2a6d68f4 X509: Add CSR attributes handling support and CSR extension requests. 2012-11-07 15:35:10 +01:00
Patrick Monnerat
bf2107eaa8 X509: Suppress {get|set|remove}CRLExtension() functions: non *CRL* functions are now polymorphic. 2012-11-07 15:18:55 +01:00
Patrick Monnerat
1a0ae1ff76 X509: Fix DirectoryString syntax. 2012-11-07 15:03:58 +01:00
Patrick Monnerat
0afed5b65b X509: adjust comments 2012-11-05 12:08:20 +01:00
Patrick Monnerat
916dcff8a8 ASN1/X509: implement limited string conversion. Add getDN() options.
Warning: converted strings must not be used for matching DNs.
2012-11-02 16:53:32 +01:00
Patrick Monnerat
26b842be5b X509: compute public key identifiers.
Force subject public key identifier when signing a CA.
2012-10-29 18:21:25 +01:00
Patrick Monnerat
c1c9c38fe6 X509: Avoid an "undefined" error and define netscape-ca-policy-url OID. 2012-10-24 13:36:18 +02:00
Patrick Monnerat
340ee0cd2d ASN1/X509: latch effective type of ANY fields as an additional indexing level. 2012-10-23 13:37:51 +02:00
terrafrost
9e803fe374 Return $this->publicKey if it's available in getPublicKey() function 2012-10-22 00:27:26 -05:00
terrafrost
ce250ea546 Rename $keyIdentifier to $currentKeyIdentifier
$KeyIdentifier (upper case) is already defined and although it doesn't cause any problems with $keyIdentifier (lower case) I still think it's poor practice
2012-10-18 00:37:48 -05:00
Patrick Monnerat
2c7c7b9679 X509, ASN1: Fix CS and indent. Remove tabs. 2012-10-12 16:17:34 +02:00
monnerat
ef96f777c3 X509: setSerialNumber(): new optional parameter $base 2012-10-12 03:29:25 +01:00
monnerat
711d44f0e5 X509: implement CRLs. 2012-10-12 03:13:39 +01:00
monnerat
6da490d00a X509: new setExtension() method. 2012-10-12 03:03:21 +01:00
monnerat
bc7a59bc8c X509: factorize some code in prevision of CRL support. 2012-10-12 02:56:23 +01:00
monnerat
73b0d05ddc X509: set-up key identifier upon certificate loading. 2012-10-12 02:42:19 +01:00
monnerat
4f634aaca8 X509: avoid some "undefined" errors. 2012-10-12 02:37:55 +01:00
terrafrost
7d1e714a08 Remove extra white space 2012-10-07 09:48:58 -05:00
terrafrost
32857c5e7f CS adjustment 2012-10-06 10:50:19 -05:00
Patrick Monnerat
f4b03722fd X509: handle multiple-valued attributes in setDNProp(). Fix setDN(). 2012-10-01 12:35:43 +02:00
Patrick Monnerat
45512c7a50 X509: Fix emailAddress attribute name mapping. 2012-09-27 16:50:58 +02:00
Patrick Monnerat
1377d56a4e X509: fix typo: improve new DN attrs handling. 2012-09-27 15:15:12 +02:00
Patrick Monnerat
29b9642965 X509: Fix 'OU' attribute mapping, add 'SN' (surname) short name, add 'role', 'title', 'description', 'x500UniqueIdentifier' DN attributes. 2012-09-27 14:38:37 +02:00
terrafrost
076050cc19 Ignore white spaces in CSRs and X.509 certs 2012-09-26 00:34:37 -05:00
terrafrost
a3781bd172 Changing the public key format broke File_X509 2012-09-03 01:32:57 -05:00
terrafrost
e2ae5100c2 Fix a few E_NOTICEs 2012-08-28 03:04:15 -05:00
terrafrost
c2850cd36a - certs couldn't be signed since setDNProp didn't work as it should 2012-08-06 23:00:34 -05:00
terrafrost
8d34cb11e9 - validateDate didn't work 2012-08-05 10:55:47 -05:00
terrafrost
30391fe2b6 - add getSubjectDN and getSubjectDNProp as aliases 2012-08-02 16:04:11 -05:00
terrafrost
8f2994349c - fix getDNProp(), add getIssuerDNProp() 2012-07-24 08:15:54 -05:00
terrafrost
1417463eba - make Crypt_RSA use openssl for key generation (if openssl is available) and make it so File_X509 can create CSRs 2012-07-01 12:07:42 -05:00
Rob Loach
7e9a975296 Add Composer support to phpseclib 2012-06-08 15:38:27 -04:00
Andreas Fischer
3e450fa978 [topic/36062] Change unconditional includes to require_once in ASN1 and X509. 2012-06-06 13:14:06 +02:00
Jim Wigginton
5a4595ab56 - when the child is an optional CHOICE it needs to be explicit and not implicit
- make asn1map more accurate

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@219 21d32557-59b3-4da0-833f-c5933fad653e
2012-05-13 17:52:12 +00:00
Jim Wigginton
5db0f88218 - add blinded rsa equality test (thanks singpolyma!)
- make validateSignature behave more like openssl_verify()

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@218 21d32557-59b3-4da0-833f-c5933fad653e
2012-05-05 23:57:30 +00:00
Jim Wigginton
da8614a511 - add getIssuerDN()
- fill in getPublicKey() stub
- add 'lifetime' option to setEndDate()
- fix a bug that'd prevent certs with File_ASN1_Element being saved

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@215 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-23 03:57:34 +00:00
Jim Wigginton
a90bba115c - make it so certs can be setup as CA's
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@214 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-22 17:11:29 +00:00
Jim Wigginton
3dd9e2b318 - id-at-organizationalUnitName was misnamed as id-at-dnQualifier
- make it so CA's can't be loaded if the keyusage extension doesn't permit their being loaded
- implement validateURL() function stub
- add support for a few more DN attributes
- add removeDNProp(), getDNProp() and setDomain()
- fixed some issues preventing new certs from being signed

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@213 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-22 06:00:55 +00:00
Jim Wigginton
392ff50c00 - sign() didn't save subjectPublicKeyInfo correctly
- sign() could erase the subject's DN from an existing X.509 cert
- setSerialNumber didn't save the serial number correctly

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@212 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-17 06:47:39 +00:00
Jim Wigginton
960dd01fe1 - add full support for the id-ce-authorityKeyIdentifier and id-ce-subjectKeyIdentifier extensions via setKeyIdentifier() function
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@210 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-16 04:35:37 +00:00
Jim Wigginton
3f9aa1ad6a - make it so an array returned by loadX509() can be reloaded by loadX509()
- validateDate() didn't work
- add postalCode and streetAddress as supported DN attributes
- add getDN()
- split setKey() out into setPrivateKey() and setPublicKey()
- add sign(), setStartDate(), setEndDate(), setSerialNumber(), removeExtension(), getExtension() and getExtensions()

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@209 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-15 17:17:16 +00:00
Jim Wigginton
09f4bef2f1 - add loadCSR(), setKey(), setDN() and setDNProp()
- refactor some code

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@208 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-09 03:13:53 +00:00
Jim Wigginton
42e5ad80f7 - BMPString's should be decoded via decodeBER(), use UTF8 strings for everything but policy qualifiers and make policy qualifiers optional
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@207 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-25 00:24:03 +00:00
Jim Wigginton
5cc327e0c3 - fix a bunch of E_NOTICEs, add support for the id-ce-certificatePolicies extension, add limited validation
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@206 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-20 05:25:43 +00:00
Jim Wigginton
1b2dde6e7d - encode the subjectPublicKey in a format Crypt_RSA can use (assuming the algorithm is rsaEncryption)
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@203 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-11 19:00:28 +00:00
Jim Wigginton
1b161ece26 - add support for id-ce-nameConstraints
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@202 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-11 08:41:06 +00:00
Jim Wigginton
441ada0502 - add an X.509 encoder / decoder
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@201 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-11 07:54:41 +00:00