首頁 探索 說明
登入
trxbot
/
job
2
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
分支: main
分支列表 標籤列表
job
/
vendor
/
fgrosse
/
phpasn1
/
lib
/
X509
/
CertificateExtensions.php

CertificateExtensions.php 3.6 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 
  1. <?php
    2. 

  2. /*
    3. 

  3.  * This file is part of the PHPASN1 library.
    4. 

  4.  *
    5. 

  5.  * Copyright © Friedrich Große <friedrich.grosse@gmail.com>
    6. 

  6.  *
    7. 

  7.  * For the full copyright and license information, please view the LICENSE
    8. 

  8.  * file that was distributed with this source code.
    9. 

  9.  */
    10. 

  10. 

  11. namespace FG\X509;
    12. 

  12. 

  13. use FG\ASN1\Exception\ParserException;
    14. 

  14. use FG\ASN1\OID;
    15. 

  15. use FG\ASN1\ASNObject;
    16. 

  16. use FG\ASN1\Parsable;
    17. 

  17. use FG\ASN1\Identifier;
    18. 

  18. use FG\ASN1\Universal\OctetString;
    19. 

  19. use FG\ASN1\Universal\Set;
    20. 

  20. use FG\ASN1\Universal\Sequence;
    21. 

  21. use FG\ASN1\Universal\ObjectIdentifier;
    22. 

  22. use FG\X509\SAN\SubjectAlternativeNames;
    23. 

  23. 

  24. class CertificateExtensions extends Set implements Parsable
    25. 

  25. {
    26. 

  26.     private $innerSequence;
    27. 

  27.     private $extensions = [];
    28. 

  28. 

  29.     public function __construct()
    30. 

  30.     {
    31. 

  31.         $this->innerSequence = new Sequence();
    32. 

  32.         parent::__construct($this->innerSequence);
    33. 

  33.     }
    34. 

  34. 

  35.     public function addSubjectAlternativeNames(SubjectAlternativeNames $sans)
    36. 

  36.     {
    37. 

  37.         $this->addExtension(OID::CERT_EXT_SUBJECT_ALT_NAME, $sans);
    38. 

  38.     }
    39. 

  39. 

  40.     private function addExtension($oidString, ASNObject $extension)
    41. 

  41.     {
    42. 

  42.         $sequence = new Sequence();
    43. 

  43.         $sequence->addChild(new ObjectIdentifier($oidString));
    44. 

  44.         $sequence->addChild($extension);
    45. 

  45. 

  46.         $this->innerSequence->addChild($sequence);
    47. 

  47.         $this->extensions[] = $extension;
    48. 

  48.     }
    49. 

  49. 

  50.     public function getContent()
    51. 

  51.     {
    52. 

  52.         return $this->extensions;
    53. 

  53.     }
    54. 

  54. 

  55.     public static function fromBinary(&$binaryData, &$offsetIndex = 0)
    56. 

  56.     {
    57. 

  57.         self::parseIdentifier($binaryData[$offsetIndex], Identifier::SET, $offsetIndex++);
    58. 

  58.         self::parseContentLength($binaryData, $offsetIndex);
    59. 

  59. 

  60.         $tmpOffset = $offsetIndex;
    61. 

  61.         $extensions = Sequence::fromBinary($binaryData, $offsetIndex);
    62. 

  62.         $tmpOffset += 1 + $extensions->getNumberOfLengthOctets();
    63. 

  63. 

  64.         $parsedObject = new self();
    65. 

  65.         foreach ($extensions as $extension) {
    66. 

  66.             if ($extension->getType() != Identifier::SEQUENCE) {
    67. 

  67.                 //FIXME wrong offset index
    68. 

  68.                 throw new ParserException('Could not parse Certificate Extensions: Expected ASN.1 Sequence but got '.$extension->getTypeName(), $offsetIndex);
    69. 

  69.             }
    70. 

  70. 

  71.             $tmpOffset += 1 + $extension->getNumberOfLengthOctets();
    72. 

  72.             $children = $extension->getChildren();
    73. 

  73.             if (count($children) < 2) {
    74. 

  74.                 throw new ParserException('Could not parse Certificate Extensions: Needs at least two child elements per extension sequence (object identifier and octet string)', $tmpOffset);
    75. 

  75.             }
    76. 

  76.             /** @var \FG\ASN1\ASNObject $objectIdentifier */
    77. 

  77.             $objectIdentifier = $children[0];
    78. 

  78. 

  79.             /** @var OctetString $octetString */
    80. 

  80.             $octetString = $children[1];
    81. 

  81. 

  82.             if ($objectIdentifier->getType() != Identifier::OBJECT_IDENTIFIER) {
    83. 

  83.                 throw new ParserException('Could not parse Certificate Extensions: Expected ASN.1 Object Identifier but got '.$extension->getTypeName(), $tmpOffset);
    84. 

  84.             }
    85. 

  85. 

  86.             $tmpOffset += $objectIdentifier->getObjectLength();
    87. 

  87. 

  88.             if ($objectIdentifier->getContent() == OID::CERT_EXT_SUBJECT_ALT_NAME) {
    89. 

  89.                 $sans = SubjectAlternativeNames::fromBinary($binaryData, $tmpOffset);
    90. 

  90.                 $parsedObject->addSubjectAlternativeNames($sans);
    91. 

  91.             } else {
    92. 

  92.                 // can now only parse SANs. There might be more in the future
    93. 

  93.                 $tmpOffset += $octetString->getObjectLength();
    94. 

  94.             }
    95. 

  95.         }
    96. 

  96. 

  97.         $parsedObject->getBinary(); // Determine the number of content octets and object sizes once (just to let the equality unit tests pass :/ )
    98. 

  98.         return $parsedObject;
    99. 

  99.     }
    100. 

  100. }
    101.