1
0
mirror of https://github.com/danog/tgseclib.git synced 2024-12-15 18:37:00 +01:00
Commit Graph

266 Commits

Author SHA1 Message Date
terrafrost
01bb284119 X509: adjust case of id-at-stateorprovinceName
Re: https://github.com/phpseclib/phpseclib/issues/130
2013-07-14 04:40:12 -05:00
Patrick Monnerat
23d48c4fc5 ASN1: Integers should by at least 1 byte long.
Fixes https://github.com/phpseclib/phpseclib/issues/126.
2013-07-01 14:38:35 +02:00
terrafrost
fe3765fe17 X509: don't validate self-signed certs by default 2013-06-08 12:40:39 -05:00
Andreas Fischer
727dba5905 [remove-svn-version-lines] Remove useless @version: $Id$ lines.
These lines served some purpose on SVN, but are now useless on Git. They
actually do harm as they might make people think their files are older
than they actually are.
2013-06-02 18:50:46 +02:00
Andreas Fischer
aa2e1ff177 [sourceforge-url-typo] {htp:// -> http://}phpseclib.sourceforge.net 2013-06-02 17:56:05 +02:00
terrafrost
b2262f731d Merge branch 'master' of https://github.com/phpseclib/phpseclib 2013-05-14 11:02:45 -05:00
terrafrost
ff88b7e685 ASN1: CS adjustments 2013-05-14 10:38:01 -05:00
Hans-Jürgen Petrich
b242259d17 optimizations 2013-05-13 12:41:52 +07:00
Veres Lajos
ddaf520b3b typofixes 2013-05-10 11:51:49 +01:00
Veres Lajos
dd2a4ddff2 typofixes 2013-05-08 15:34:07 +01:00
terrafrost
1c7fb5bd67 Merge branch 'master' of https://github.com/phpseclib/phpseclib 2013-04-02 19:37:36 -05:00
terrafrost
fae87be6f5 X509: Revamp base64 handling 2013-04-02 19:36:52 -05:00
terrafrost
147c3ebea4 ASN1: if an int val would be '' make it be "\0" 2013-03-26 19:50:24 -05:00
terrafrost
a3e3682feb ASN.1: Add headerlength and fix start 2013-03-23 12:12:29 -05:00
terrafrost
d7b348771c ANSI: Use user_error instead of echo 2013-02-22 08:29:17 -06:00
terrafrost
1231f58aa3 ANSI: Add support for more codes
Thanks chubby!
2013-02-22 01:50:46 -06:00
Patrick Monnerat
6b49b7d108 X509: Fix private key identifier computation on a File_ASN1_Element 2013-02-21 15:46:10 +01:00
Patrick Monnerat
90ff746ad1 Make all sources 7-bit ASCII. 2013-02-20 19:25:47 +01:00
Gemorroj
8d5e7a3945 Fixed broken characters. 2013-02-20 18:11:23 +03:00
Gemorroj
1e3e44e3c6 revert == instead === 2013-02-20 17:55:44 +03:00
Gemorroj
cc2c844d0e some minor fixes 2013-02-20 16:46:13 +03:00
terrafrost
5910f7c14f Update date format in File/X509.php
Update it to be consistent with bdd42c448b

Thanks runaway518!
2013-02-05 07:53:36 -06:00
terrafrost
248e3bb085 Undo last commit 2013-01-30 08:37:50 -06:00
terrafrost
bfb04dcf4d Add __construct() constructor to make namespace'ing easier for those wishing to do it 2013-01-29 22:09:31 -06:00
terrafrost
e71fc97913 Revamp SSH1 logging and go back to using user_error
(_handle_error returned the line number in _handle_error - not the line number triggering the error)
2013-01-08 22:09:27 -06:00
terrafrost
aa3da09747 Add limited SPKAC support 2012-12-19 00:21:55 -06:00
terrafrost
e4ccaef7bf Make PEM lines be 64 bytes long instead of 72
Also, add more notes to Crypt_Random's comments
2012-12-18 07:11:24 -06:00
Patrick Monnerat
18fc6b7712 X509: Fix typo: ';' --> ':' 2012-12-10 12:27:07 +01:00
Patrick Monnerat
06779a92de Merge branch 'master' of https://github.com/phpseclib/phpseclib into pmexts 2012-12-10 12:10:06 +01:00
Patrick Monnerat
f039a6ebc2 RSA: Allow changing openssl configuration file. X509: process HoldInstructionCode.
Also fixes HoldInstruction* OIDs.
2012-12-10 12:07:49 +01:00
terrafrost
27f6012d62 Make it so extension OIDs can be File_ASN1_Elements 2012-12-01 10:52:10 -06:00
terrafrost
d130d2274d Make the save*() functions save in multiple formats
Currently only PEM and DER supported.

Also make fuzzing enhancements
2012-11-30 08:31:16 -06:00
terrafrost
3c6ae4312f The user_error in _handle_error shouldn't be replaced.. 2012-11-29 00:19:09 -06:00
terrafrost
3caaa91160 Replace user_error() with new _handle_error() function
To use exceptions do define('PHPSECLIB_USE_EXCEPTIONS', true).

To have the exceptions thrown by phpseclib be of a certain class define PHPSECLIB_EXCEPTION_CLASS.
2012-11-28 23:33:15 -06:00
terrafrost
8ea452ed31 type in comment
(testing out github.com's edit via web interface)
2012-11-27 10:11:49 -06:00
terrafrost
0b9f743343 Add getChain() function
Also improve loading of raw certs
2012-11-25 23:06:58 -06:00
terrafrost
76cb693d62 CS adjustments, make it so PEM-encoded CRLs can be read (again) and make it so already decoded CSRs and CRLs can be read 2012-11-23 19:04:04 -06:00
terrafrost
7e120a0f30 Make validateSignature() behave more intuitively 2012-11-19 21:10:22 -06:00
terrafrost
126c396a51 More CS adjustments 2012-11-18 16:29:15 -06:00
terrafrost
406e7e90e9 CS adjustments 2012-11-18 16:16:11 -06:00
Patrick Monnerat
a61d7ba29b X509: *Attribute() functions may now handle single values. 2012-11-14 16:33:32 +01:00
terrafrost
691f4d1e62 Make it so loadCA() doesn't have to be called before loadX509() or loadCRL() 2012-11-13 00:43:45 -06:00
terrafrost
d492d19748 X509: Missing $ 2012-11-13 00:37:54 -06:00
terrafrost
1fd87dcd35 Fix bug in listRevoked() and make it so getSubjectDN() doesn't return issuer DN for CRLs 2012-11-13 00:33:15 -06:00
terrafrost
1abc7e742b X509: CSRs and CRLs didn't have the signatureSubject variable saved properly 2012-11-12 23:51:41 -06:00
terrafrost
661eb8db3f Missing ; 2012-11-12 01:05:24 -06:00
terrafrost
0e0eebf456 CS adjustments, make loadXXX() take in binary data, and make getDN() == getIssuerDN() for CRLs 2012-11-12 00:46:03 -06:00
Patrick Monnerat
ac8d0172eb Merge branch 'master' of https://github.com/phpseclib/phpseclib into pmexts 2012-11-08 12:51:07 +01:00
Patrick Monnerat
7fbf089e32 X509: Do not use memory-wasting create_function() 2012-11-08 12:45:17 +01:00
Patrick Monnerat
dde23464a1 X509: Fix typo. 2012-11-07 16:29:18 +01:00
Patrick Monnerat
5ef4f9900a X509: Suppress {get|set|remove}CRLExtension() functions: non *CRL* functions are now polymorphic. 2012-11-07 16:23:01 +01:00
Patrick Monnerat
d980a91360 X509: Fix DirectoryString syntax 2012-11-07 16:21:23 +01:00
Patrick Monnerat
9860f020c3 X509: Fix typo. 2012-11-07 15:41:41 +01:00
Patrick Monnerat
9b2a6d68f4 X509: Add CSR attributes handling support and CSR extension requests. 2012-11-07 15:35:10 +01:00
Patrick Monnerat
d9ab2d7f10 ASN1: Improve input SEQUENCE and SET mapping, better syntax error detection. 2012-11-07 15:23:54 +01:00
Patrick Monnerat
bf2107eaa8 X509: Suppress {get|set|remove}CRLExtension() functions: non *CRL* functions are now polymorphic. 2012-11-07 15:18:55 +01:00
Patrick Monnerat
1a0ae1ff76 X509: Fix DirectoryString syntax. 2012-11-07 15:03:58 +01:00
Patrick Monnerat
0afed5b65b X509: adjust comments 2012-11-05 12:08:20 +01:00
Patrick Monnerat
916dcff8a8 ASN1/X509: implement limited string conversion. Add getDN() options.
Warning: converted strings must not be used for matching DNs.
2012-11-02 16:53:32 +01:00
Patrick Monnerat
26b842be5b X509: compute public key identifiers.
Force subject public key identifier when signing a CA.
2012-10-29 18:21:25 +01:00
Patrick Monnerat
64c3b309bd ASN1: little optimization for better performance. 2012-10-25 17:54:02 +02:00
Patrick Monnerat
c1c9c38fe6 X509: Avoid an "undefined" error and define netscape-ca-policy-url OID. 2012-10-24 13:36:18 +02:00
Patrick Monnerat
2d34c291f0 ASN1: _decode_ber should now accept a FILE_ASN1_Element object as source. 2012-10-24 11:42:13 +02:00
Patrick Monnerat
340ee0cd2d ASN1/X509: latch effective type of ANY fields as an additional indexing level. 2012-10-23 13:37:51 +02:00
terrafrost
9e803fe374 Return $this->publicKey if it's available in getPublicKey() function 2012-10-22 00:27:26 -05:00
terrafrost
bdd42c448b Change default date format
This change stems from the fact that date('T') on PHP 4 (and possibly 5.0/5.1/etc) returns "Central Daylight Time" vs PHP 5, which returns "CDT".  "CDT" is parsable by strtotime - "Central Daylight Time" is not.

There will still be some dates that won't properly decode, however, on PHP 4.  Those dates would seem to be due to this (from php.net):

"On systems where time_t is a 32bit signed integer, as most common today, the valid range for year is somewhere between 1901 and 2038. However, before PHP 5.1.0 this range was limited from 1970 to 2038 on some systems (e.g. Windows)."
2012-10-19 07:19:22 -05:00
Patrick Monnerat
4c5163234b ASN1: Fix default value optimization upon encoding.
Also encode SETs as SEQUENCEs since order is not important.
2012-10-18 12:38:43 +02:00
terrafrost
ce250ea546 Rename $keyIdentifier to $currentKeyIdentifier
$KeyIdentifier (upper case) is already defined and although it doesn't cause any problems with $keyIdentifier (lower case) I still think it's poor practice
2012-10-18 00:37:48 -05:00
Patrick Monnerat
2c7c7b9679 X509, ASN1: Fix CS and indent. Remove tabs. 2012-10-12 16:17:34 +02:00
monnerat
ef96f777c3 X509: setSerialNumber(): new optional parameter $base 2012-10-12 03:29:25 +01:00
monnerat
711d44f0e5 X509: implement CRLs. 2012-10-12 03:13:39 +01:00
monnerat
6da490d00a X509: new setExtension() method. 2012-10-12 03:03:21 +01:00
monnerat
bc7a59bc8c X509: factorize some code in prevision of CRL support. 2012-10-12 02:56:23 +01:00
monnerat
73b0d05ddc X509: set-up key identifier upon certificate loading. 2012-10-12 02:42:19 +01:00
monnerat
4f634aaca8 X509: avoid some "undefined" errors. 2012-10-12 02:37:55 +01:00
monnerat
2c8ad5ee72 ASN1: _encode_der(): do not encode optional fields with value set to default. 2012-10-12 01:07:01 +01:00
monnerat
a75de60478 ASN1: asn1map(): fix handling of optional CHOICE and ANY children in SEQUENCE. 2012-10-12 01:04:24 +01:00
monnerat
b05cff1320 ASN1: process input NULL fields. 2012-10-12 01:01:20 +01:00
monnerat
50962f9cd3 ASN1: asn1map(): do not rely on input fields to determine mapping parameters. 2012-10-12 00:58:36 +01:00
monnerat
d9a3dafa0a ASN1: Support enumerated types by processing them as integers. 2012-10-12 00:51:42 +01:00
terrafrost
7d1e714a08 Remove extra white space 2012-10-07 09:48:58 -05:00
terrafrost
32857c5e7f CS adjustment 2012-10-06 10:50:19 -05:00
Patrick Monnerat
f4b03722fd X509: handle multiple-valued attributes in setDNProp(). Fix setDN(). 2012-10-01 12:35:43 +02:00
Patrick Monnerat
45512c7a50 X509: Fix emailAddress attribute name mapping. 2012-09-27 16:50:58 +02:00
Patrick Monnerat
1377d56a4e X509: fix typo: improve new DN attrs handling. 2012-09-27 15:15:12 +02:00
Patrick Monnerat
29b9642965 X509: Fix 'OU' attribute mapping, add 'SN' (surname) short name, add 'role', 'title', 'description', 'x500UniqueIdentifier' DN attributes. 2012-09-27 14:38:37 +02:00
terrafrost
076050cc19 Ignore white spaces in CSRs and X.509 certs 2012-09-26 00:34:37 -05:00
terrafrost
a3781bd172 Changing the public key format broke File_X509 2012-09-03 01:32:57 -05:00
terrafrost
e2ae5100c2 Fix a few E_NOTICEs 2012-08-28 03:04:15 -05:00
terrafrost
6c4fcd34d3 Misc fixes
- make it so '' is a legit password and doesn't unset the pw to pass bantu's unit tests (unit test could have been updated too but whatever)
- make it so not passing in any parameters to Crypt_RSA::setPassword() works without E_NOTICE or E_WARNING as per example in docs
- add missing phpdoc headers to File_ANSI
- cryan -> cyan in File_ANSI
2012-08-23 08:59:49 -05:00
terrafrost
c2850cd36a - certs couldn't be signed since setDNProp didn't work as it should 2012-08-06 23:00:34 -05:00
terrafrost
8d34cb11e9 - validateDate didn't work 2012-08-05 10:55:47 -05:00
terrafrost
30391fe2b6 - add getSubjectDN and getSubjectDNProp as aliases 2012-08-02 16:04:11 -05:00
terrafrost
de2691a281 - add autoloading support to ASN1.php 2012-08-01 23:57:11 -05:00
terrafrost
8f2994349c - fix getDNProp(), add getIssuerDNProp() 2012-07-24 08:15:54 -05:00
terrafrost
1417463eba - make Crypt_RSA use openssl for key generation (if openssl is available) and make it so File_X509 can create CSRs 2012-07-01 12:07:42 -05:00
Andreas Fischer
eb64dfef7d [feature/consistent-file-endings] Make sure files have empty line at the end. 2012-06-11 10:34:07 +02:00
terrafrost
5999f93ce3 - attempt to make it so File/ANSI.php doesn't always show up with git status 2012-06-09 14:29:03 -05:00
Rob Loach
7e9a975296 Add Composer support to phpseclib 2012-06-08 15:38:27 -04:00
Andreas Fischer
3e450fa978 [topic/36062] Change unconditional includes to require_once in ASN1 and X509. 2012-06-06 13:14:06 +02:00
Jim Wigginton
e5ee7809c4 - add partial VT100 terminal emulator to decode ANSI escape codes from Net_SSH2::read()
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@223 21d32557-59b3-4da0-833f-c5933fad653e
2012-05-27 22:20:42 +00:00
Jim Wigginton
5a4595ab56 - when the child is an optional CHOICE it needs to be explicit and not implicit
- make asn1map more accurate

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@219 21d32557-59b3-4da0-833f-c5933fad653e
2012-05-13 17:52:12 +00:00
Jim Wigginton
5db0f88218 - add blinded rsa equality test (thanks singpolyma!)
- make validateSignature behave more like openssl_verify()

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@218 21d32557-59b3-4da0-833f-c5933fad653e
2012-05-05 23:57:30 +00:00
Jim Wigginton
da8614a511 - add getIssuerDN()
- fill in getPublicKey() stub
- add 'lifetime' option to setEndDate()
- fix a bug that'd prevent certs with File_ASN1_Element being saved

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@215 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-23 03:57:34 +00:00
Jim Wigginton
a90bba115c - make it so certs can be setup as CA's
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@214 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-22 17:11:29 +00:00
Jim Wigginton
3dd9e2b318 - id-at-organizationalUnitName was misnamed as id-at-dnQualifier
- make it so CA's can't be loaded if the keyusage extension doesn't permit their being loaded
- implement validateURL() function stub
- add support for a few more DN attributes
- add removeDNProp(), getDNProp() and setDomain()
- fixed some issues preventing new certs from being signed

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@213 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-22 06:00:55 +00:00
Jim Wigginton
392ff50c00 - sign() didn't save subjectPublicKeyInfo correctly
- sign() could erase the subject's DN from an existing X.509 cert
- setSerialNumber didn't save the serial number correctly

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@212 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-17 06:47:39 +00:00
Jim Wigginton
960dd01fe1 - add full support for the id-ce-authorityKeyIdentifier and id-ce-subjectKeyIdentifier extensions via setKeyIdentifier() function
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@210 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-16 04:35:37 +00:00
Jim Wigginton
3f9aa1ad6a - make it so an array returned by loadX509() can be reloaded by loadX509()
- validateDate() didn't work
- add postalCode and streetAddress as supported DN attributes
- add getDN()
- split setKey() out into setPrivateKey() and setPublicKey()
- add sign(), setStartDate(), setEndDate(), setSerialNumber(), removeExtension(), getExtension() and getExtensions()

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@209 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-15 17:17:16 +00:00
Jim Wigginton
09f4bef2f1 - add loadCSR(), setKey(), setDN() and setDNProp()
- refactor some code

git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@208 21d32557-59b3-4da0-833f-c5933fad653e
2012-04-09 03:13:53 +00:00
Jim Wigginton
42e5ad80f7 - BMPString's should be decoded via decodeBER(), use UTF8 strings for everything but policy qualifiers and make policy qualifiers optional
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@207 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-25 00:24:03 +00:00
Jim Wigginton
5cc327e0c3 - fix a bunch of E_NOTICEs, add support for the id-ce-certificatePolicies extension, add limited validation
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@206 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-20 05:25:43 +00:00
Jim Wigginton
81beb6e2e2 - fix E_NOTICES
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@205 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-12 03:23:04 +00:00
Jim Wigginton
1b2dde6e7d - encode the subjectPublicKey in a format Crypt_RSA can use (assuming the algorithm is rsaEncryption)
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@203 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-11 19:00:28 +00:00
Jim Wigginton
1b161ece26 - add support for id-ce-nameConstraints
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@202 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-11 08:41:06 +00:00
Jim Wigginton
441ada0502 - add an X.509 encoder / decoder
git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@201 21d32557-59b3-4da0-833f-c5933fad653e
2012-03-11 07:54:41 +00:00