protected static function _fromDER($data, $critical)
{
$seq = Sequence::fromDER($data);
$path_len = null;
$permitted = null;
$excluded = null;
$permit_unspecified = true;
$idx = 0;
if ($seq->has($idx, Element::TYPE_INTEGER)) {
$path_len = $seq->at($idx++)->asInteger()->number();
}
if ($seq->hasTagged(0)) {
$attr_seq = $seq->getTagged(0)->asImplicit(Element::TYPE_SEQUENCE)->asSequence();
$permitted = array_map(function (UnspecifiedType $el) {
return $el->asObjectIdentifier()->oid();
}, $attr_seq->elements());
$idx++;
}
if ($seq->hasTagged(1)) {
$attr_seq = $seq->getTagged(1)->asImplicit(Element::TYPE_SEQUENCE)->asSequence();
$excluded = array_map(function (UnspecifiedType $el) {
return $el->asObjectIdentifier()->oid();
}, $attr_seq->elements());
$idx++;
}
if ($seq->has($idx, Element::TYPE_BOOLEAN)) {
$permit_unspecified = $seq->at($idx++)->asBoolean()->value();
}
return new self($critical, $path_len, $permitted, $excluded, $permit_unspecified);
}
protected static function _fromDER($data, $critical)
{
$purposes = array_map(function (UnspecifiedType $el) {
return $el->asObjectIdentifier()->oid();
}, Sequence::fromDER($data)->elements());
return new self($critical, ...$purposes);
}
/**
*
* @param string $data
* @param bool $critical
* @return self
*/
protected static function _fromDER($data, $critical)
{
$targets = array_map(function (UnspecifiedType $el) {
return Targets::fromASN1($el->asSequence());
}, Sequence::fromDER($data)->elements());
return new self($critical, ...$targets);
}
protected static function _fromDER($data, $critical)
{
$attribs = array_map(function (UnspecifiedType $el) {
return Attribute::fromASN1($el->asSequence());
}, Sequence::fromDER($data)->elements());
if (!count($attribs)) {
throw new \UnexpectedValueException("SubjectDirectoryAttributes must have at least one Attribute.");
}
return new self($critical, ...$attribs);
}
protected static function _fromDER($data, $critical)
{
$policies = array_map(function (UnspecifiedType $el) {
return PolicyInformation::fromASN1($el->asSequence());
}, Sequence::fromDER($data)->elements());
if (!count($policies)) {
throw new \UnexpectedValueException("certificatePolicies must contain" . " at least one PolicyInformation.");
}
return new self($critical, ...$policies);
}
protected static function _fromDER($data, $critical)
{
$mappings = array_map(function (UnspecifiedType $el) {
return PolicyMapping::fromASN1($el->asSequence());
}, Sequence::fromDER($data)->elements());
if (!count($mappings)) {
throw new \UnexpectedValueException("PolicyMappings must have at least one mapping.");
}
return new self($critical, ...$mappings);
}
protected static function _fromDER($data, $critical)
{
$dps = array_map(function (UnspecifiedType $el) {
return DistributionPoint::fromASN1($el->asSequence());
}, Sequence::fromDER($data)->elements());
if (!count($dps)) {
throw new \UnexpectedValueException("CRLDistributionPoints must have" . " at least one DistributionPoint.");
}
// late static bound, extended by Freshest CRL extension
return new static($critical, ...$dps);
}
protected static function _fromDER($data, $critical)
{
$seq = Sequence::fromDER($data);
$permitted = null;
$excluded = null;
if ($seq->hasTagged(0)) {
$permitted = GeneralSubtrees::fromASN1($seq->getTagged(0)->asImplicit(Element::TYPE_SEQUENCE)->asSequence());
}
if ($seq->hasTagged(1)) {
$excluded = GeneralSubtrees::fromASN1($seq->getTagged(1)->asImplicit(Element::TYPE_SEQUENCE)->asSequence());
}
return new self($critical, $permitted, $excluded);
}
protected static function _fromDER($data, $critical)
{
$seq = Sequence::fromDER($data);
$require_explicit_policy = null;
$inhibit_policy_mapping = null;
if ($seq->hasTagged(0)) {
$require_explicit_policy = $seq->getTagged(0)->asImplicit(Element::TYPE_INTEGER)->asInteger()->number();
}
if ($seq->hasTagged(1)) {
$inhibit_policy_mapping = $seq->getTagged(1)->asImplicit(Element::TYPE_INTEGER)->asInteger()->number();
}
return new self($critical, $require_explicit_policy, $inhibit_policy_mapping);
}
protected static function _fromDER($data, $critical)
{
$seq = Sequence::fromDER($data);
$ca = false;
$path_len = null;
$idx = 0;
if ($seq->has($idx, Element::TYPE_BOOLEAN)) {
$ca = $seq->at($idx++)->asBoolean()->value();
}
if ($seq->has($idx, Element::TYPE_INTEGER)) {
$path_len = $seq->at($idx)->asInteger()->number();
}
return new self($critical, $ca, $path_len);
}
protected static function _fromDER($data, $critical)
{
$seq = Sequence::fromDER($data);
$keyIdentifier = null;
$issuer = null;
$serial = null;
if ($seq->hasTagged(0)) {
$keyIdentifier = $seq->getTagged(0)->asImplicit(Element::TYPE_OCTET_STRING)->asOctetString()->string();
}
if ($seq->hasTagged(1) || $seq->hasTagged(2)) {
if (!$seq->hasTagged(1) || !$seq->hasTagged(2)) {
throw new \UnexpectedValueException("AuthorityKeyIdentifier must have both" . " authorityCertIssuer and authorityCertSerialNumber" . " present or both absent.");
}
$issuer = GeneralNames::fromASN1($seq->getTagged(1)->asImplicit(Element::TYPE_SEQUENCE)->asSequence());
$serial = $seq->getTagged(2)->asImplicit(Element::TYPE_INTEGER)->asInteger()->number();
}
return new self($critical, $keyIdentifier, $issuer, $serial);
}
/**
* Initialize from DER.
*
* @param string $data
* @return self
*/
public static function fromDER($data)
{
return self::fromASN1(Sequence::fromDER($data));
}
protected static function _fromDER($data, $critical)
{
return new self($critical, GeneralNames::fromASN1(Sequence::fromDER($data)));
}
/**
* Decrypt PrivateKeyInfo from the encrypted data.
*
* @param string $password
* @param Crypto $crypto
* @return PrivateKeyInfo
*/
public function decryptPrivateKeyInfo($password, Crypto $crypto)
{
try {
$scheme = PBEScheme::fromAlgorithmIdentifier($this->_algo, $crypto);
$data = $scheme->decrypt($this->_data, $password);
return PrivateKeyInfo::fromASN1(Sequence::fromDER($data));
} catch (\RuntimeException $e) {
throw new \RuntimeException("Failed to decrypt private key.", 0, $e);
}
}
