1
0
mirror of https://github.com/danog/tgseclib.git synced 2024-12-13 17:47:33 +01:00
Commit Graph

246 Commits

Author SHA1 Message Date
Patrick Monnerat
bf2107eaa8 X509: Suppress {get|set|remove}CRLExtension() functions: non *CRL* functions are now polymorphic. 2012-11-07 15:18:55 +01:00
Patrick Monnerat
1a0ae1ff76 X509: Fix DirectoryString syntax. 2012-11-07 15:03:58 +01:00
Patrick Monnerat
0afed5b65b X509: adjust comments 2012-11-05 12:08:20 +01:00
Patrick Monnerat
916dcff8a8 ASN1/X509: implement limited string conversion. Add getDN() options.
Warning: converted strings must not be used for matching DNs.
2012-11-02 16:53:32 +01:00
Patrick Monnerat
26b842be5b X509: compute public key identifiers.
Force subject public key identifier when signing a CA.
2012-10-29 18:21:25 +01:00
Patrick Monnerat
c1c9c38fe6 X509: Avoid an "undefined" error and define netscape-ca-policy-url OID. 2012-10-24 13:36:18 +02:00
Patrick Monnerat
340ee0cd2d ASN1/X509: latch effective type of ANY fields as an additional indexing level. 2012-10-23 13:37:51 +02:00
terrafrost
9e803fe374 Return $this->publicKey if it's available in getPublicKey() function 2012-10-22 00:27:26 -05:00
terrafrost
ce250ea546 Rename $keyIdentifier to $currentKeyIdentifier
$KeyIdentifier (upper case) is already defined and although it doesn't cause any problems with $keyIdentifier (lower case) I still think it's poor practice
2012-10-18 00:37:48 -05:00
Patrick Monnerat
2c7c7b9679 X509, ASN1: Fix CS and indent. Remove tabs. 2012-10-12 16:17:34 +02:00
monnerat
ef96f777c3 X509: setSerialNumber(): new optional parameter $base 2012-10-12 03:29:25 +01:00
monnerat
711d44f0e5 X509: implement CRLs. 2012-10-12 03:13:39 +01:00
monnerat
6da490d00a X509: new setExtension() method. 2012-10-12 03:03:21 +01:00
monnerat
bc7a59bc8c X509: factorize some code in prevision of CRL support. 2012-10-12 02:56:23 +01:00
monnerat
73b0d05ddc X509: set-up key identifier upon certificate loading. 2012-10-12 02:42:19 +01:00
monnerat
4f634aaca8 X509: avoid some "undefined" errors. 2012-10-12 02:37:55 +01:00
terrafrost
7d1e714a08 Remove extra white space 2012-10-07 09:48:58 -05:00
terrafrost
32857c5e7f CS adjustment 2012-10-06 10:50:19 -05:00
Patrick Monnerat
f4b03722fd X509: handle multiple-valued attributes in setDNProp(). Fix setDN(). 2012-10-01 12:35:43 +02:00
Patrick Monnerat
45512c7a50 X509: Fix emailAddress attribute name mapping. 2012-09-27 16:50:58 +02:00
Patrick Monnerat
1377d56a4e X509: fix typo: improve new DN attrs handling. 2012-09-27 15:15:12 +02:00
Patrick Monnerat
29b9642965 X509: Fix 'OU' attribute mapping, add 'SN' (surname) short name, add 'role', 'title', 'description', 'x500UniqueIdentifier' DN attributes. 2012-09-27 14:38:37 +02:00
terrafrost
076050cc19 Ignore white spaces in CSRs and X.509 certs 2012-09-26 00:34:37 -05:00
terrafrost
a3781bd172 Changing the public key format broke File_X509 2012-09-03 01:32:57 -05:00
terrafrost
e2ae5100c2 Fix a few E_NOTICEs 2012-08-28 03:04:15 -05:00
terrafrost
c2850cd36a - certs couldn't be signed since setDNProp didn't work as it should 2012-08-06 23:00:34 -05:00
terrafrost
8d34cb11e9 - validateDate didn't work 2012-08-05 10:55:47 -05:00
terrafrost
30391fe2b6 - add getSubjectDN and getSubjectDNProp as aliases 2012-08-02 16:04:11 -05:00
terrafrost
8f2994349c - fix getDNProp(), add getIssuerDNProp() 2012-07-24 08:15:54 -05:00
terrafrost
1417463eba - make Crypt_RSA use openssl for key generation (if openssl is available) and make it so File_X509 can create CSRs 2012-07-01 12:07:42 -05:00
Rob Loach
7e9a975296 Add Composer support to phpseclib 2012-06-08 15:38:27 -04:00
Andreas Fischer
3e450fa978 [topic/36062] Change unconditional includes to require_once in ASN1 and X509. 2012-06-06 13:14:06 +02:00
Jim Wigginton
5a4595ab56 - when the child is an optional CHOICE it needs to be explicit and not implicit
- make asn1map more accurate

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@219 21d32557-59b3-4da0-833f-c5933fad653e
2012-05-13 17:52:12 +00:00
Jim Wigginton
5db0f88218 - add blinded rsa equality test (thanks singpolyma!)
- make validateSignature behave more like openssl_verify()

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@218 21d32557-59b3-4da0-833f-c5933fad653e
2012-05-05 23:57:30 +00:00
Jim Wigginton
da8614a511 - add getIssuerDN()
- fill in getPublicKey() stub
- add 'lifetime' option to setEndDate()
- fix a bug that'd prevent certs with File_ASN1_Element being saved

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@215 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-23 03:57:34 +00:00
Jim Wigginton
a90bba115c - make it so certs can be setup as CA's
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@214 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-22 17:11:29 +00:00
Jim Wigginton
3dd9e2b318 - id-at-organizationalUnitName was misnamed as id-at-dnQualifier
- make it so CA's can't be loaded if the keyusage extension doesn't permit their being loaded
- implement validateURL() function stub
- add support for a few more DN attributes
- add removeDNProp(), getDNProp() and setDomain()
- fixed some issues preventing new certs from being signed

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@213 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-22 06:00:55 +00:00
Jim Wigginton
392ff50c00 - sign() didn't save subjectPublicKeyInfo correctly
- sign() could erase the subject's DN from an existing X.509 cert
- setSerialNumber didn't save the serial number correctly

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@212 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-17 06:47:39 +00:00
Jim Wigginton
960dd01fe1 - add full support for the id-ce-authorityKeyIdentifier and id-ce-subjectKeyIdentifier extensions via setKeyIdentifier() function
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@210 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-16 04:35:37 +00:00
Jim Wigginton
3f9aa1ad6a - make it so an array returned by loadX509() can be reloaded by loadX509()
- validateDate() didn't work
- add postalCode and streetAddress as supported DN attributes
- add getDN()
- split setKey() out into setPrivateKey() and setPublicKey()
- add sign(), setStartDate(), setEndDate(), setSerialNumber(), removeExtension(), getExtension() and getExtensions()

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@209 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-15 17:17:16 +00:00
Jim Wigginton
09f4bef2f1 - add loadCSR(), setKey(), setDN() and setDNProp()
- refactor some code

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@208 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-09 03:13:53 +00:00
Jim Wigginton
42e5ad80f7 - BMPString's should be decoded via decodeBER(), use UTF8 strings for everything but policy qualifiers and make policy qualifiers optional
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@207 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-25 00:24:03 +00:00
Jim Wigginton
5cc327e0c3 - fix a bunch of E_NOTICEs, add support for the id-ce-certificatePolicies extension, add limited validation
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@206 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-20 05:25:43 +00:00
Jim Wigginton
1b2dde6e7d - encode the subjectPublicKey in a format Crypt_RSA can use (assuming the algorithm is rsaEncryption)
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@203 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-11 19:00:28 +00:00
Jim Wigginton
1b161ece26 - add support for id-ce-nameConstraints
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@202 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-11 08:41:06 +00:00
Jim Wigginton
441ada0502 - add an X.509 encoder / decoder
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@201 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-11 07:54:41 +00:00