diff options
Diffstat (limited to 'vendor/web-token/jwt-signature-algorithm-ecdsa')
6 files changed, 232 insertions, 0 deletions
diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/ECDSA.php b/vendor/web-token/jwt-signature-algorithm-ecdsa/ECDSA.php new file mode 100644 index 0000000..f3e2790 --- /dev/null +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/ECDSA.php @@ -0,0 +1,79 @@ +<?php + +declare(strict_types=1); + +/* + * The MIT License (MIT) + * + * Copyright (c) 2014-2018 Spomky-Labs + * + * This software may be modified and distributed under the terms + * of the MIT license. See the LICENSE file for details. + */ + +namespace Jose\Component\Signature\Algorithm; + +use Jose\Component\Core\JWK; +use Jose\Component\Core\Util\ECKey; +use Jose\Component\Core\Util\ECSignature; + +abstract class ECDSA implements SignatureAlgorithm +{ + public function __construct() + { + if (!\defined('OPENSSL_KEYTYPE_EC')) { + throw new \RuntimeException('Elliptic Curve key type not supported by your environment.'); + } + } + + public function allowedKeyTypes(): array + { + return ['EC']; + } + + public function sign(JWK $key, string $input): string + { + $this->checkKey($key); + if (!$key->has('d')) { + throw new \InvalidArgumentException('The EC key is not private'); + } + + $pem = ECKey::convertPrivateKeyToPEM($key); + $result = \openssl_sign($input, $signature, $pem, $this->getHashAlgorithm()); + if (false === $result) { + throw new \RuntimeException('Signature failed.'); + } + + return ECSignature::fromDER($signature, $this->getSignaturePartLength()); + } + + public function verify(JWK $key, string $input, string $signature): bool + { + $this->checkKey($key); + + try { + $der = ECSignature::toDER($signature, $this->getSignaturePartLength()); + $pem = ECKey::convertPublicKeyToPEM($key); + + return 1 === \openssl_verify($input, $der, $pem, $this->getHashAlgorithm()); + } catch (\Exception $e) { + return false; + } + } + + abstract protected function getHashAlgorithm(): string; + + abstract protected function getSignaturePartLength(): int; + + private function checkKey(JWK $key) + { + if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) { + throw new \InvalidArgumentException('Wrong key type.'); + } + foreach (['x', 'y', 'crv'] as $k) { + if (!$key->has($k)) { + throw new \InvalidArgumentException(\sprintf('The key parameter "%s" is missing.', $k)); + } + } + } +} diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/ES256.php b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES256.php new file mode 100644 index 0000000..d4166b4 --- /dev/null +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES256.php @@ -0,0 +1,32 @@ +<?php + +declare(strict_types=1); + +/* + * The MIT License (MIT) + * + * Copyright (c) 2014-2018 Spomky-Labs + * + * This software may be modified and distributed under the terms + * of the MIT license. See the LICENSE file for details. + */ + +namespace Jose\Component\Signature\Algorithm; + +final class ES256 extends ECDSA +{ + protected function getHashAlgorithm(): string + { + return 'sha256'; + } + + protected function getSignaturePartLength(): int + { + return 64; + } + + public function name(): string + { + return 'ES256'; + } +} diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/ES384.php b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES384.php new file mode 100644 index 0000000..c8422bd --- /dev/null +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES384.php @@ -0,0 +1,32 @@ +<?php + +declare(strict_types=1); + +/* + * The MIT License (MIT) + * + * Copyright (c) 2014-2018 Spomky-Labs + * + * This software may be modified and distributed under the terms + * of the MIT license. See the LICENSE file for details. + */ + +namespace Jose\Component\Signature\Algorithm; + +final class ES384 extends ECDSA +{ + protected function getHashAlgorithm(): string + { + return 'sha384'; + } + + protected function getSignaturePartLength(): int + { + return 96; + } + + public function name(): string + { + return 'ES384'; + } +} diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/ES512.php b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES512.php new file mode 100644 index 0000000..b0ff651 --- /dev/null +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES512.php @@ -0,0 +1,32 @@ +<?php + +declare(strict_types=1); + +/* + * The MIT License (MIT) + * + * Copyright (c) 2014-2018 Spomky-Labs + * + * This software may be modified and distributed under the terms + * of the MIT license. See the LICENSE file for details. + */ + +namespace Jose\Component\Signature\Algorithm; + +final class ES512 extends ECDSA +{ + protected function getHashAlgorithm(): string + { + return 'sha512'; + } + + protected function getSignaturePartLength(): int + { + return 132; + } + + public function name(): string + { + return 'ES512'; + } +} diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/LICENSE b/vendor/web-token/jwt-signature-algorithm-ecdsa/LICENSE new file mode 100644 index 0000000..a098645 --- /dev/null +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2014-2018 Spomky-Labs + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/composer.json b/vendor/web-token/jwt-signature-algorithm-ecdsa/composer.json new file mode 100644 index 0000000..cd41da4 --- /dev/null +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/composer.json @@ -0,0 +1,36 @@ +{ + "name": "web-token/jwt-signature-algorithm-ecdsa", + "description": "ECDSA Based Signature Algorithms the JWT Framework.", + "type": "library", + "license": "MIT", + "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], + "homepage": "https://github.com/web-token", + "authors": [ + { + "name": "Florent Morselli", + "homepage": "https://github.com/Spomky" + },{ + "name": "All contributors", + "homepage": "https://github.com/web-token/jwt-core/contributors" + } + ], + "autoload": { + "psr-4": { + "Jose\\Component\\Signature\\Algorithm\\": "" + } + }, + "require": { + "web-token/jwt-signature": "^1.3" + }, + "require-dev": { + "phpunit/phpunit": "^6.0|^7.0" + }, + "extra": { + "branch-alias": { + "dev-master": "1.3.x-dev" + } + }, + "config": { + "sort-packages": true + } +} |