/**
* Verify maximum certification path length for the preparation step.
*
* @param ValidatorState $state
* @param Certificate $cert
* @throws PathValidationException
* @return ValidatorState
*/
private function _verifyMaxPathLength(ValidatorState $state, Certificate $cert)
{
if (!$cert->isSelfIssued()) {
if ($state->maxPathLength() <= 0) {
throw new PathValidationException("Certification path length exceeded.");
}
$state = $state->withMaxPathLength($state->maxPathLength() - 1);
}
return $state;
}
/**
* Process anyPolicy policy information.
*
* @param PolicyInformation $policy
* @param Certificate $cert
* @param ValidatorState $state
*/
protected function _processAnyPolicy(PolicyInformation $policy, Certificate $cert, ValidatorState $state)
{
$i = $state->index();
// if (a) inhibit_anyPolicy is greater than 0 or
// (b) i<n and the certificate is self-issued
if (!($state->inhibitAnyPolicy() > 0 || $i < $state->pathLength() && $cert->isSelfIssued())) {
return;
}
// for each node in the valid_policy_tree of depth i-1
foreach ($this->_nodesAtDepth($i - 1) as $node) {
// for each value in the expected_policy_set
foreach ($node->expectedPolicies() as $p_oid) {
// that does not appear in a child node
if (!$node->hasChildWithValidPolicy($p_oid)) {
$node->addChild(new PolicyNode($p_oid, $policy->qualifiers(), array($p_oid)));
}
}
}
}