diff options
| author | Anton Luka Šijanec <anton@sijanec.eu> | 2024-05-27 13:08:29 +0200 |
|---|---|---|
| committer | Anton Luka Šijanec <anton@sijanec.eu> | 2024-05-27 13:08:29 +0200 |
| commit | 75160b12821f7f4299cce7f0b69c83c1502ae071 (patch) | |
| tree | 27e25e4ccaef45f0c58b22831164050d1af1d4db /vendor/web-token | |
| parent | prvi-commit (diff) | |
| download | 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.gz 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.bz2 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.lz 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.xz 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.zst 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.zip | |
Diffstat (limited to 'vendor/web-token')
92 files changed, 7565 insertions, 7565 deletions
diff --git a/vendor/web-token/jwt-core/Algorithm.php b/vendor/web-token/jwt-core/Algorithm.php index 7ae0f15..55a7867 100644 --- a/vendor/web-token/jwt-core/Algorithm.php +++ b/vendor/web-token/jwt-core/Algorithm.php @@ -1,29 +1,29 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core; - -interface Algorithm -{ - /** - * Returns the name of the algorithm. - */ - public function name(): string; - - /** - * Returns the key types suitable for this algorithm (e.g. "oct", "RSA"...). - * - * @return string[] - */ - public function allowedKeyTypes(): array; -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core;
+
+interface Algorithm
+{
+ /**
+ * Returns the name of the algorithm.
+ */
+ public function name(): string;
+
+ /**
+ * Returns the key types suitable for this algorithm (e.g. "oct", "RSA"...).
+ *
+ * @return string[]
+ */
+ public function allowedKeyTypes(): array;
+}
diff --git a/vendor/web-token/jwt-core/AlgorithmManager.php b/vendor/web-token/jwt-core/AlgorithmManager.php index 88beee4..df558a4 100644 --- a/vendor/web-token/jwt-core/AlgorithmManager.php +++ b/vendor/web-token/jwt-core/AlgorithmManager.php @@ -1,95 +1,95 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core; - -class AlgorithmManager -{ - /** - * @var array - */ - private $algorithms = []; - - /** - * AlgorithmManager constructor. - * - * @param Algorithm[] $algorithms - */ - public function __construct(array $algorithms) - { - foreach ($algorithms as $algorithm) { - $this->add($algorithm); - } - } - - /** - * This method creates an alogithm manager using the given algorithms. - * - * @deprecated Will be removed in v2.0. Please use constructor instead - * - * @param Algorithm[] $algorithms - * - * @return AlgorithmManager - */ - public static function create(array $algorithms): self - { - return new self($algorithms); - } - - /** - * Returns true if the algorithm is supported. - * - * @param string $algorithm The algorithm - */ - public function has(string $algorithm): bool - { - return \array_key_exists($algorithm, $this->algorithms); - } - - /** - * Returns the list of names of supported algorithms. - * - * @return string[] - */ - public function list(): array - { - return \array_keys($this->algorithms); - } - - /** - * Returns the algorithm if supported, otherwise throw an exception. - * - * @param string $algorithm The algorithm - */ - public function get(string $algorithm): Algorithm - { - if (!$this->has($algorithm)) { - throw new \InvalidArgumentException(\sprintf('The algorithm "%s" is not supported.', $algorithm)); - } - - return $this->algorithms[$algorithm]; - } - - /** - * Adds an algorithm to the manager. - * - * @return AlgorithmManager - */ - private function add(Algorithm $algorithm): self - { - $name = $algorithm->name(); - $this->algorithms[$name] = $algorithm; - - return $this; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core;
+
+class AlgorithmManager
+{
+ /**
+ * @var array
+ */
+ private $algorithms = [];
+
+ /**
+ * AlgorithmManager constructor.
+ *
+ * @param Algorithm[] $algorithms
+ */
+ public function __construct(array $algorithms)
+ {
+ foreach ($algorithms as $algorithm) {
+ $this->add($algorithm);
+ }
+ }
+
+ /**
+ * This method creates an alogithm manager using the given algorithms.
+ *
+ * @deprecated Will be removed in v2.0. Please use constructor instead
+ *
+ * @param Algorithm[] $algorithms
+ *
+ * @return AlgorithmManager
+ */
+ public static function create(array $algorithms): self
+ {
+ return new self($algorithms);
+ }
+
+ /**
+ * Returns true if the algorithm is supported.
+ *
+ * @param string $algorithm The algorithm
+ */
+ public function has(string $algorithm): bool
+ {
+ return \array_key_exists($algorithm, $this->algorithms);
+ }
+
+ /**
+ * Returns the list of names of supported algorithms.
+ *
+ * @return string[]
+ */
+ public function list(): array
+ {
+ return \array_keys($this->algorithms);
+ }
+
+ /**
+ * Returns the algorithm if supported, otherwise throw an exception.
+ *
+ * @param string $algorithm The algorithm
+ */
+ public function get(string $algorithm): Algorithm
+ {
+ if (!$this->has($algorithm)) {
+ throw new \InvalidArgumentException(\sprintf('The algorithm "%s" is not supported.', $algorithm));
+ }
+
+ return $this->algorithms[$algorithm];
+ }
+
+ /**
+ * Adds an algorithm to the manager.
+ *
+ * @return AlgorithmManager
+ */
+ private function add(Algorithm $algorithm): self
+ {
+ $name = $algorithm->name();
+ $this->algorithms[$name] = $algorithm;
+
+ return $this;
+ }
+}
diff --git a/vendor/web-token/jwt-core/AlgorithmManagerFactory.php b/vendor/web-token/jwt-core/AlgorithmManagerFactory.php index 0526374..c14a3ca 100644 --- a/vendor/web-token/jwt-core/AlgorithmManagerFactory.php +++ b/vendor/web-token/jwt-core/AlgorithmManagerFactory.php @@ -1,77 +1,77 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core; - -class AlgorithmManagerFactory -{ - /** - * @var array - */ - private $algorithms = []; - - /** - * Adds an algorithm. - * - * Each algorithm is identified by an alias hence it is allowed to have the same algorithm twice (or more). - * This can be helpful when an algorithm have several configuration options. - * - * @return AlgorithmManagerFactory - */ - public function add(string $alias, Algorithm $algorithm): self - { - $this->algorithms[$alias] = $algorithm; - - return $this; - } - - /** - * Returns the list of aliases. - * - * @return string[] - */ - public function aliases(): array - { - return \array_keys($this->algorithms); - } - - /** - * Returns all algorithms supported by this factory. - * This is an associative array. Keys are the aliases of the algorithms. - * - * @return Algorithm[] - */ - public function all(): array - { - return $this->algorithms; - } - - /** - * Create an algorithm manager using the given aliases. - * - * @param string[] $aliases - */ - public function create(array $aliases): AlgorithmManager - { - $algorithms = []; - foreach ($aliases as $alias) { - if (\array_key_exists($alias, $this->algorithms)) { - $algorithms[] = $this->algorithms[$alias]; - } else { - throw new \InvalidArgumentException(\sprintf('The algorithm with the alias "%s" is not supported.', $alias)); - } - } - - return AlgorithmManager::create($algorithms); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core;
+
+class AlgorithmManagerFactory
+{
+ /**
+ * @var array
+ */
+ private $algorithms = [];
+
+ /**
+ * Adds an algorithm.
+ *
+ * Each algorithm is identified by an alias hence it is allowed to have the same algorithm twice (or more).
+ * This can be helpful when an algorithm have several configuration options.
+ *
+ * @return AlgorithmManagerFactory
+ */
+ public function add(string $alias, Algorithm $algorithm): self
+ {
+ $this->algorithms[$alias] = $algorithm;
+
+ return $this;
+ }
+
+ /**
+ * Returns the list of aliases.
+ *
+ * @return string[]
+ */
+ public function aliases(): array
+ {
+ return \array_keys($this->algorithms);
+ }
+
+ /**
+ * Returns all algorithms supported by this factory.
+ * This is an associative array. Keys are the aliases of the algorithms.
+ *
+ * @return Algorithm[]
+ */
+ public function all(): array
+ {
+ return $this->algorithms;
+ }
+
+ /**
+ * Create an algorithm manager using the given aliases.
+ *
+ * @param string[] $aliases
+ */
+ public function create(array $aliases): AlgorithmManager
+ {
+ $algorithms = [];
+ foreach ($aliases as $alias) {
+ if (\array_key_exists($alias, $this->algorithms)) {
+ $algorithms[] = $this->algorithms[$alias];
+ } else {
+ throw new \InvalidArgumentException(\sprintf('The algorithm with the alias "%s" is not supported.', $alias));
+ }
+ }
+
+ return AlgorithmManager::create($algorithms);
+ }
+}
diff --git a/vendor/web-token/jwt-core/Converter/JsonConverter.php b/vendor/web-token/jwt-core/Converter/JsonConverter.php index 97fe176..64d3d35 100644 --- a/vendor/web-token/jwt-core/Converter/JsonConverter.php +++ b/vendor/web-token/jwt-core/Converter/JsonConverter.php @@ -1,30 +1,30 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Converter; - -/** - * @deprecated This interface is deprecated in v1.3 and will be removed in v2.0. - */ -interface JsonConverter -{ - /** - * Convert the payload into a string. - */ - public function encode($payload): string; - - /** - * Convert a string into payload. - */ - public function decode(string $payload, bool $associativeArray = true); -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Converter;
+
+/**
+ * @deprecated This interface is deprecated in v1.3 and will be removed in v2.0.
+ */
+interface JsonConverter
+{
+ /**
+ * Convert the payload into a string.
+ */
+ public function encode($payload): string;
+
+ /**
+ * Convert a string into payload.
+ */
+ public function decode(string $payload, bool $associativeArray = true);
+}
diff --git a/vendor/web-token/jwt-core/Converter/StandardConverter.php b/vendor/web-token/jwt-core/Converter/StandardConverter.php index 87a45e1..4721b9e 100644 --- a/vendor/web-token/jwt-core/Converter/StandardConverter.php +++ b/vendor/web-token/jwt-core/Converter/StandardConverter.php @@ -1,50 +1,50 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Converter; - -/** - * @deprecated This class is deprecated in v1.3 and will be removed in v2.0 - */ -final class StandardConverter implements JsonConverter -{ - /** - * @var int - */ - private $options; - - /** - * @var int - */ - private $depth; - - /** - * StandardJsonEncoder constructor. - * See also json_encode and json_decode parameters. - */ - public function __construct(int $options = JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE, int $depth = 512) - { - $this->options = $options; - $this->depth = $depth; - } - - public function encode($payload): string - { - return \json_encode($payload, $this->options, $this->depth); - } - - public function decode(string $payload, bool $associativeArray = true) - { - return \json_decode($payload, $associativeArray, $this->depth, $this->options); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Converter;
+
+/**
+ * @deprecated This class is deprecated in v1.3 and will be removed in v2.0
+ */
+final class StandardConverter implements JsonConverter
+{
+ /**
+ * @var int
+ */
+ private $options;
+
+ /**
+ * @var int
+ */
+ private $depth;
+
+ /**
+ * StandardJsonEncoder constructor.
+ * See also json_encode and json_decode parameters.
+ */
+ public function __construct(int $options = JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE, int $depth = 512)
+ {
+ $this->options = $options;
+ $this->depth = $depth;
+ }
+
+ public function encode($payload): string
+ {
+ return \json_encode($payload, $this->options, $this->depth);
+ }
+
+ public function decode(string $payload, bool $associativeArray = true)
+ {
+ return \json_decode($payload, $associativeArray, $this->depth, $this->options);
+ }
+}
diff --git a/vendor/web-token/jwt-core/JWK.php b/vendor/web-token/jwt-core/JWK.php index c1ff481..99a9287 100644 --- a/vendor/web-token/jwt-core/JWK.php +++ b/vendor/web-token/jwt-core/JWK.php @@ -1,148 +1,148 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core; - -use Base64Url\Base64Url; - -class JWK implements \JsonSerializable -{ - /** - * @var array - */ - private $values = []; - - /** - * JWK constructor. - */ - public function __construct(array $values) - { - if (!\array_key_exists('kty', $values)) { - throw new \InvalidArgumentException('The parameter "kty" is mandatory.'); - } - - $this->values = $values; - } - - /** - * Creates a JWK object using the given values. - * The member "kty" is mandatory. Other members are NOT checked. - * - * @deprecated Will be removed in v2.0. Please use constructor instead - * - * @return JWK - */ - public static function create(array $values): self - { - return new self($values); - } - - /** - * Creates a JWK object using the given Json string. - * - * @return JWK - */ - public static function createFromJson(string $json): self - { - $data = \json_decode($json, true); - if (!\is_array($data)) { - throw new \InvalidArgumentException('Invalid argument.'); - } - - return self::create($data); - } - - /** - * Returns the values to be serialized. - */ - public function jsonSerialize() - { - return $this->values; - } - - /** - * Get the value with a specific key. - * - * @param string $key The key - * - * @throws \InvalidArgumentException - * - * @return mixed|null - */ - public function get(string $key) - { - if (!$this->has($key)) { - throw new \InvalidArgumentException(\sprintf('The value identified by "%s" does not exist.', $key)); - } - - return $this->values[$key]; - } - - /** - * Returns true if the JWK has the value identified by. - * - * @param string $key The key - */ - public function has(string $key): bool - { - return \array_key_exists($key, $this->values); - } - - /** - * Get all values stored in the JWK object. - * - * @return array Values of the JWK object - */ - public function all(): array - { - return $this->values; - } - - /** - * Returns the thumbprint of the key. - * - * @see https://tools.ietf.org/html/rfc7638 - * - * @throws \InvalidArgumentException - */ - public function thumbprint(string $hash_algorithm): string - { - if (!\in_array($hash_algorithm, \hash_algos(), true)) { - throw new \InvalidArgumentException(\sprintf('The hash algorithm "%s" is not supported.', $hash_algorithm)); - } - - $values = \array_intersect_key($this->values, \array_flip(['kty', 'n', 'e', 'crv', 'x', 'y', 'k'])); - \ksort($values); - $input = \json_encode($values, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); - - return Base64Url::encode(\hash($hash_algorithm, $input, true)); - } - - /** - * Returns the associated public key. - * This method has no effect for: - * - public keys - * - shared keys - * - unknown keys. - * - * Known keys are "oct", "RSA", "EC" and "OKP". - * - * @return JWK - */ - public function toPublic(): self - { - $values = \array_diff_key($this->values, \array_flip(['p', 'd', 'q', 'dp', 'dq', 'qi'])); - - return new self($values); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core;
+
+use Base64Url\Base64Url;
+
+class JWK implements \JsonSerializable
+{
+ /**
+ * @var array
+ */
+ private $values = [];
+
+ /**
+ * JWK constructor.
+ */
+ public function __construct(array $values)
+ {
+ if (!\array_key_exists('kty', $values)) {
+ throw new \InvalidArgumentException('The parameter "kty" is mandatory.');
+ }
+
+ $this->values = $values;
+ }
+
+ /**
+ * Creates a JWK object using the given values.
+ * The member "kty" is mandatory. Other members are NOT checked.
+ *
+ * @deprecated Will be removed in v2.0. Please use constructor instead
+ *
+ * @return JWK
+ */
+ public static function create(array $values): self
+ {
+ return new self($values);
+ }
+
+ /**
+ * Creates a JWK object using the given Json string.
+ *
+ * @return JWK
+ */
+ public static function createFromJson(string $json): self
+ {
+ $data = \json_decode($json, true);
+ if (!\is_array($data)) {
+ throw new \InvalidArgumentException('Invalid argument.');
+ }
+
+ return self::create($data);
+ }
+
+ /**
+ * Returns the values to be serialized.
+ */
+ public function jsonSerialize()
+ {
+ return $this->values;
+ }
+
+ /**
+ * Get the value with a specific key.
+ *
+ * @param string $key The key
+ *
+ * @throws \InvalidArgumentException
+ *
+ * @return mixed|null
+ */
+ public function get(string $key)
+ {
+ if (!$this->has($key)) {
+ throw new \InvalidArgumentException(\sprintf('The value identified by "%s" does not exist.', $key));
+ }
+
+ return $this->values[$key];
+ }
+
+ /**
+ * Returns true if the JWK has the value identified by.
+ *
+ * @param string $key The key
+ */
+ public function has(string $key): bool
+ {
+ return \array_key_exists($key, $this->values);
+ }
+
+ /**
+ * Get all values stored in the JWK object.
+ *
+ * @return array Values of the JWK object
+ */
+ public function all(): array
+ {
+ return $this->values;
+ }
+
+ /**
+ * Returns the thumbprint of the key.
+ *
+ * @see https://tools.ietf.org/html/rfc7638
+ *
+ * @throws \InvalidArgumentException
+ */
+ public function thumbprint(string $hash_algorithm): string
+ {
+ if (!\in_array($hash_algorithm, \hash_algos(), true)) {
+ throw new \InvalidArgumentException(\sprintf('The hash algorithm "%s" is not supported.', $hash_algorithm));
+ }
+
+ $values = \array_intersect_key($this->values, \array_flip(['kty', 'n', 'e', 'crv', 'x', 'y', 'k']));
+ \ksort($values);
+ $input = \json_encode($values, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+
+ return Base64Url::encode(\hash($hash_algorithm, $input, true));
+ }
+
+ /**
+ * Returns the associated public key.
+ * This method has no effect for:
+ * - public keys
+ * - shared keys
+ * - unknown keys.
+ *
+ * Known keys are "oct", "RSA", "EC" and "OKP".
+ *
+ * @return JWK
+ */
+ public function toPublic(): self
+ {
+ $values = \array_diff_key($this->values, \array_flip(['p', 'd', 'q', 'dp', 'dq', 'qi']));
+
+ return new self($values);
+ }
+}
diff --git a/vendor/web-token/jwt-core/JWKSet.php b/vendor/web-token/jwt-core/JWKSet.php index efcd417..149f484 100644 --- a/vendor/web-token/jwt-core/JWKSet.php +++ b/vendor/web-token/jwt-core/JWKSet.php @@ -1,321 +1,321 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core; - -use InvalidArgumentException; - -class JWKSet implements \Countable, \IteratorAggregate, \JsonSerializable -{ - /** - * @var array - */ - private $keys = []; - - /** - * JWKSet constructor. - * - * @param JWK[] $keys - */ - public function __construct(array $keys) - { - foreach ($keys as $k => $key) { - if (!$key instanceof JWK) { - throw new InvalidArgumentException('Invalid list. Should only contains JWK objects'); - } - if ($key->has('kid')) { - unset($keys[$k]); - $this->keys[$key->get('kid')] = $key; - } else { - $this->keys[] = $key; - } - } - } - - /** - * Creates a JWKSet object using the given values. - * - * @return JWKSet - */ - public static function createFromKeyData(array $data): self - { - if (!isset($data['keys'])) { - throw new InvalidArgumentException('Invalid data.'); - } - if (!\is_array($data['keys'])) { - throw new InvalidArgumentException('Invalid data.'); - } - $jwkset = new self([]); - foreach ($data['keys'] as $key) { - $jwk = new JWK($key); - if ($jwk->has('kid')) { - $jwkset->keys[$jwk->get('kid')] = $jwk; - } else { - $jwkset->keys[] = $jwk; - } - } - - return $jwkset; - } - - /** - * Creates a JWKSet object using the given JWK objects. - * - * @deprecated Will be removed in v2.0. Please use constructor instead. - * - * @param JWK[] $keys - * - * @return JWKSet - */ - public static function createFromKeys(array $keys): self - { - return new self($keys); - } - - /** - * Creates a JWKSet object using the given Json string. - * - * @return JWKSet - */ - public static function createFromJson(string $json): self - { - $data = \json_decode($json, true); - if (!\is_array($data)) { - throw new InvalidArgumentException('Invalid argument.'); - } - - return self::createFromKeyData($data); - } - - /** - * Returns an array of keys stored in the key set. - * - * @return JWK[] - */ - public function all(): array - { - return $this->keys; - } - - /** - * Add key to store in the key set. - * This method is immutable and will return a new object. - * - * @return JWKSet - */ - public function with(JWK $jwk): self - { - $clone = clone $this; - - if ($jwk->has('kid')) { - $clone->keys[$jwk->get('kid')] = $jwk; - } else { - $clone->keys[] = $jwk; - } - - return $clone; - } - - /** - * Remove key from the key set. - * This method is immutable and will return a new object. - * - * @param int|string $key Key to remove from the key set - * - * @return JWKSet - */ - public function without($key): self - { - if (!$this->has($key)) { - return $this; - } - - $clone = clone $this; - unset($clone->keys[$key]); - - return $clone; - } - - /** - * Returns true if the key set contains a key with the given index. - * - * @param int|string $index - */ - public function has($index): bool - { - return \array_key_exists($index, $this->keys); - } - - /** - * Returns the key with the given index. Throws an exception if the index is not present in the key store. - * - * @param int|string $index - */ - public function get($index): JWK - { - if (!$this->has($index)) { - throw new InvalidArgumentException('Undefined index.'); - } - - return $this->keys[$index]; - } - - /** - * Returns the values to be serialized. - */ - public function jsonSerialize(): array - { - return ['keys' => \array_values($this->keys)]; - } - - /** - * Returns the number of keys in the key set. - * - * @param int $mode - */ - public function count($mode = COUNT_NORMAL): int - { - return \count($this->keys, $mode); - } - - /** - * Try to find a key that fits on the selected requirements. - * Returns null if not found. - * - * @param string $type Must be 'sig' (signature) or 'enc' (encryption) - * @param Algorithm|null $algorithm Specifies the algorithm to be used - * @param array $restrictions More restrictions such as 'kid' or 'kty' - */ - public function selectKey(string $type, ?Algorithm $algorithm = null, array $restrictions = []): ?JWK - { - if (!\in_array($type, ['enc', 'sig'], true)) { - throw new InvalidArgumentException('Allowed key types are "sig" or "enc".'); - } - - $result = []; - foreach ($this->keys as $key) { - $ind = 0; - - $can_use = $this->canKeyBeUsedFor($type, $key); - if (false === $can_use) { - continue; - } - $ind += $can_use; - - $alg = $this->canKeyBeUsedWithAlgorithm($algorithm, $key); - if (false === $alg) { - continue; - } - $ind += $alg; - - if (false === $this->doesKeySatisfyRestrictions($restrictions, $key)) { - continue; - } - - $result[] = ['key' => $key, 'ind' => $ind]; - } - - if (empty($result)) { - return null; - } - - \usort($result, [$this, 'sortKeys']); - - return $result[0]['key']; - } - - /** - * @return bool|int - */ - private function canKeyBeUsedFor(string $type, JWK $key) - { - if ($key->has('use')) { - return $type === $key->get('use') ? 1 : false; - } - if ($key->has('key_ops')) { - return $type === self::convertKeyOpsToKeyUse($key->get('use')) ? 1 : false; - } - - return 0; - } - - /** - * @return bool|int - */ - private function canKeyBeUsedWithAlgorithm(?Algorithm $algorithm, JWK $key) - { - if (null === $algorithm) { - return 0; - } - if (!\in_array($key->get('kty'), $algorithm->allowedKeyTypes(), true)) { - return false; - } - if ($key->has('alg')) { - return $algorithm->name() === $key->get('alg') ? 2 : false; - } - - return 1; - } - - private function doesKeySatisfyRestrictions(array $restrictions, JWK $key): bool - { - foreach ($restrictions as $k => $v) { - if (!$key->has($k) || $v !== $key->get($k)) { - return false; - } - } - - return true; - } - - private static function convertKeyOpsToKeyUse(string $key_ops): string - { - switch ($key_ops) { - case 'verify': - case 'sign': - return 'sig'; - case 'encrypt': - case 'decrypt': - case 'wrapKey': - case 'unwrapKey': - return 'enc'; - default: - throw new InvalidArgumentException(\sprintf('Unsupported key operation value "%s"', $key_ops)); - } - } - - /** - * Internal method only. Should not be used. - * - * @internal - * @internal - */ - public static function sortKeys(array $a, array $b): int - { - if ($a['ind'] === $b['ind']) { - return 0; - } - - return ($a['ind'] > $b['ind']) ? -1 : 1; - } - - /** - * Internal method only. Should not be used. - * - * @internal - */ - public function getIterator() - { - return new \ArrayIterator($this->keys); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core;
+
+use InvalidArgumentException;
+
+class JWKSet implements \Countable, \IteratorAggregate, \JsonSerializable
+{
+ /**
+ * @var array
+ */
+ private $keys = [];
+
+ /**
+ * JWKSet constructor.
+ *
+ * @param JWK[] $keys
+ */
+ public function __construct(array $keys)
+ {
+ foreach ($keys as $k => $key) {
+ if (!$key instanceof JWK) {
+ throw new InvalidArgumentException('Invalid list. Should only contains JWK objects');
+ }
+ if ($key->has('kid')) {
+ unset($keys[$k]);
+ $this->keys[$key->get('kid')] = $key;
+ } else {
+ $this->keys[] = $key;
+ }
+ }
+ }
+
+ /**
+ * Creates a JWKSet object using the given values.
+ *
+ * @return JWKSet
+ */
+ public static function createFromKeyData(array $data): self
+ {
+ if (!isset($data['keys'])) {
+ throw new InvalidArgumentException('Invalid data.');
+ }
+ if (!\is_array($data['keys'])) {
+ throw new InvalidArgumentException('Invalid data.');
+ }
+ $jwkset = new self([]);
+ foreach ($data['keys'] as $key) {
+ $jwk = new JWK($key);
+ if ($jwk->has('kid')) {
+ $jwkset->keys[$jwk->get('kid')] = $jwk;
+ } else {
+ $jwkset->keys[] = $jwk;
+ }
+ }
+
+ return $jwkset;
+ }
+
+ /**
+ * Creates a JWKSet object using the given JWK objects.
+ *
+ * @deprecated Will be removed in v2.0. Please use constructor instead.
+ *
+ * @param JWK[] $keys
+ *
+ * @return JWKSet
+ */
+ public static function createFromKeys(array $keys): self
+ {
+ return new self($keys);
+ }
+
+ /**
+ * Creates a JWKSet object using the given Json string.
+ *
+ * @return JWKSet
+ */
+ public static function createFromJson(string $json): self
+ {
+ $data = \json_decode($json, true);
+ if (!\is_array($data)) {
+ throw new InvalidArgumentException('Invalid argument.');
+ }
+
+ return self::createFromKeyData($data);
+ }
+
+ /**
+ * Returns an array of keys stored in the key set.
+ *
+ * @return JWK[]
+ */
+ public function all(): array
+ {
+ return $this->keys;
+ }
+
+ /**
+ * Add key to store in the key set.
+ * This method is immutable and will return a new object.
+ *
+ * @return JWKSet
+ */
+ public function with(JWK $jwk): self
+ {
+ $clone = clone $this;
+
+ if ($jwk->has('kid')) {
+ $clone->keys[$jwk->get('kid')] = $jwk;
+ } else {
+ $clone->keys[] = $jwk;
+ }
+
+ return $clone;
+ }
+
+ /**
+ * Remove key from the key set.
+ * This method is immutable and will return a new object.
+ *
+ * @param int|string $key Key to remove from the key set
+ *
+ * @return JWKSet
+ */
+ public function without($key): self
+ {
+ if (!$this->has($key)) {
+ return $this;
+ }
+
+ $clone = clone $this;
+ unset($clone->keys[$key]);
+
+ return $clone;
+ }
+
+ /**
+ * Returns true if the key set contains a key with the given index.
+ *
+ * @param int|string $index
+ */
+ public function has($index): bool
+ {
+ return \array_key_exists($index, $this->keys);
+ }
+
+ /**
+ * Returns the key with the given index. Throws an exception if the index is not present in the key store.
+ *
+ * @param int|string $index
+ */
+ public function get($index): JWK
+ {
+ if (!$this->has($index)) {
+ throw new InvalidArgumentException('Undefined index.');
+ }
+
+ return $this->keys[$index];
+ }
+
+ /**
+ * Returns the values to be serialized.
+ */
+ public function jsonSerialize(): array
+ {
+ return ['keys' => \array_values($this->keys)];
+ }
+
+ /**
+ * Returns the number of keys in the key set.
+ *
+ * @param int $mode
+ */
+ public function count($mode = COUNT_NORMAL): int
+ {
+ return \count($this->keys, $mode);
+ }
+
+ /**
+ * Try to find a key that fits on the selected requirements.
+ * Returns null if not found.
+ *
+ * @param string $type Must be 'sig' (signature) or 'enc' (encryption)
+ * @param Algorithm|null $algorithm Specifies the algorithm to be used
+ * @param array $restrictions More restrictions such as 'kid' or 'kty'
+ */
+ public function selectKey(string $type, ?Algorithm $algorithm = null, array $restrictions = []): ?JWK
+ {
+ if (!\in_array($type, ['enc', 'sig'], true)) {
+ throw new InvalidArgumentException('Allowed key types are "sig" or "enc".');
+ }
+
+ $result = [];
+ foreach ($this->keys as $key) {
+ $ind = 0;
+
+ $can_use = $this->canKeyBeUsedFor($type, $key);
+ if (false === $can_use) {
+ continue;
+ }
+ $ind += $can_use;
+
+ $alg = $this->canKeyBeUsedWithAlgorithm($algorithm, $key);
+ if (false === $alg) {
+ continue;
+ }
+ $ind += $alg;
+
+ if (false === $this->doesKeySatisfyRestrictions($restrictions, $key)) {
+ continue;
+ }
+
+ $result[] = ['key' => $key, 'ind' => $ind];
+ }
+
+ if (empty($result)) {
+ return null;
+ }
+
+ \usort($result, [$this, 'sortKeys']);
+
+ return $result[0]['key'];
+ }
+
+ /**
+ * @return bool|int
+ */
+ private function canKeyBeUsedFor(string $type, JWK $key)
+ {
+ if ($key->has('use')) {
+ return $type === $key->get('use') ? 1 : false;
+ }
+ if ($key->has('key_ops')) {
+ return $type === self::convertKeyOpsToKeyUse($key->get('use')) ? 1 : false;
+ }
+
+ return 0;
+ }
+
+ /**
+ * @return bool|int
+ */
+ private function canKeyBeUsedWithAlgorithm(?Algorithm $algorithm, JWK $key)
+ {
+ if (null === $algorithm) {
+ return 0;
+ }
+ if (!\in_array($key->get('kty'), $algorithm->allowedKeyTypes(), true)) {
+ return false;
+ }
+ if ($key->has('alg')) {
+ return $algorithm->name() === $key->get('alg') ? 2 : false;
+ }
+
+ return 1;
+ }
+
+ private function doesKeySatisfyRestrictions(array $restrictions, JWK $key): bool
+ {
+ foreach ($restrictions as $k => $v) {
+ if (!$key->has($k) || $v !== $key->get($k)) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ private static function convertKeyOpsToKeyUse(string $key_ops): string
+ {
+ switch ($key_ops) {
+ case 'verify':
+ case 'sign':
+ return 'sig';
+ case 'encrypt':
+ case 'decrypt':
+ case 'wrapKey':
+ case 'unwrapKey':
+ return 'enc';
+ default:
+ throw new InvalidArgumentException(\sprintf('Unsupported key operation value "%s"', $key_ops));
+ }
+ }
+
+ /**
+ * Internal method only. Should not be used.
+ *
+ * @internal
+ * @internal
+ */
+ public static function sortKeys(array $a, array $b): int
+ {
+ if ($a['ind'] === $b['ind']) {
+ return 0;
+ }
+
+ return ($a['ind'] > $b['ind']) ? -1 : 1;
+ }
+
+ /**
+ * Internal method only. Should not be used.
+ *
+ * @internal
+ */
+ public function getIterator()
+ {
+ return new \ArrayIterator($this->keys);
+ }
+}
diff --git a/vendor/web-token/jwt-core/JWT.php b/vendor/web-token/jwt-core/JWT.php index b2cecf1..902b9a1 100644 --- a/vendor/web-token/jwt-core/JWT.php +++ b/vendor/web-token/jwt-core/JWT.php @@ -1,23 +1,23 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core; - -interface JWT -{ - /** - * Returns the payload of the JWT. - * null is a valid payload (e.g. JWS with detached payload). - */ - public function getPayload(): ?string; -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core;
+
+interface JWT
+{
+ /**
+ * Returns the payload of the JWT.
+ * null is a valid payload (e.g. JWS with detached payload).
+ */
+ public function getPayload(): ?string;
+}
diff --git a/vendor/web-token/jwt-core/LICENSE b/vendor/web-token/jwt-core/LICENSE index a098645..ce18b6a 100644 --- a/vendor/web-token/jwt-core/LICENSE +++ b/vendor/web-token/jwt-core/LICENSE @@ -1,21 +1,21 @@ -The MIT License (MIT) - -Copyright (c) 2014-2018 Spomky-Labs - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/web-token/jwt-core/Util/BigInteger.php b/vendor/web-token/jwt-core/Util/BigInteger.php index 2513670..3b719e6 100644 --- a/vendor/web-token/jwt-core/Util/BigInteger.php +++ b/vendor/web-token/jwt-core/Util/BigInteger.php @@ -1,232 +1,232 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util; - -/** - * @internal - */ -class BigInteger -{ - /** - * Holds the BigInteger's value. - * - * @var \GMP - */ - private $value; - - private function __construct(\GMP $value) - { - $this->value = $value; - } - - /** - * @return BigInteger - */ - public static function createFromGMPResource(\GMP $value): self - { - return new self($value); - } - - /** - * @return BigInteger - */ - public static function createFromBinaryString(string $value): self - { - $value = '0x'.\unpack('H*', $value)[1]; - $value = \gmp_init($value, 16); - - return new self($value); - } - - /** - * @return BigInteger - */ - public static function createFromDecimal(int $value): self - { - $value = \gmp_init($value, 10); - - return new self($value); - } - - /** - * Converts a BigInteger to a binary string. - */ - public function toBytes(): string - { - if (0 === \gmp_cmp($this->value, \gmp_init(0))) { - return ''; - } - - $temp = \gmp_strval(\gmp_abs($this->value), 16); - $temp = \mb_strlen($temp, '8bit') & 1 ? '0'.$temp : $temp; - $temp = \hex2bin($temp); - - return \ltrim($temp, \chr(0)); - } - - /** - * Adds two BigIntegers. - * - * @param BigInteger $y - * - * @return BigInteger - */ - public function add(self $y): self - { - $value = \gmp_add($this->value, $y->value); - - return self::createFromGMPResource($value); - } - - /** - * Subtracts two BigIntegers. - * - * @param BigInteger $y - * - * @return BigInteger - */ - public function subtract(self $y): self - { - $value = \gmp_sub($this->value, $y->value); - - return self::createFromGMPResource($value); - } - - /** - * Multiplies two BigIntegers. - * - * @param BigInteger $x - * - * @return BigInteger - */ - public function multiply(self $x): self - { - $value = \gmp_mul($this->value, $x->value); - - return self::createFromGMPResource($value); - } - - /** - * Divides two BigIntegers. - * - * @param BigInteger $x - * - * @return BigInteger - */ - public function divide(self $x): self - { - $value = \gmp_div($this->value, $x->value); - - return self::createFromGMPResource($value); - } - - /** - * Performs modular exponentiation. - * - * @param BigInteger $e - * @param BigInteger $n - * - * @return BigInteger - */ - public function modPow(self $e, self $n): self - { - $value = \gmp_powm($this->value, $e->value, $n->value); - - return self::createFromGMPResource($value); - } - - /** - * Performs modular exponentiation. - * - * @param BigInteger $d - * - * @return BigInteger - */ - public function mod(self $d): self - { - $value = \gmp_mod($this->value, $d->value); - - return self::createFromGMPResource($value); - } - - /** - * Calculates modular inverses. - * - * @param BigInteger $n - * - * @return BigInteger - */ - public function modInverse(self $n): self - { - $value = \gmp_invert($this->value, $n->value); - - return self::createFromGMPResource($value); - } - - /** - * Compares two numbers. - * - * @param BigInteger $y - */ - public function compare(self $y): int - { - return \gmp_cmp($this->value, $y->value); - } - - /** - * @param BigInteger $y - */ - public function equals(self $y): bool - { - return 0 === $this->compare($y); - } - - /** - * @param BigInteger $y - * - * @return BigInteger - */ - public static function random(self $y): self - { - $zero = self::createFromDecimal(0); - - return self::createFromGMPResource(\gmp_random_range($zero->value, $y->value)); - } - - /** - * @param BigInteger $y - * - * @return BigInteger - */ - public function gcd(self $y): self - { - return self::createFromGMPResource(\gmp_gcd($this->value, $y->value)); - } - - /** - * @param BigInteger $y - */ - public function lowerThan(self $y): bool - { - return 0 > $this->compare($y); - } - - public function isEven(): bool - { - $zero = self::createFromDecimal(0); - $two = self::createFromDecimal(2); - - return $this->mod($two)->equals($zero); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util;
+
+/**
+ * @internal
+ */
+class BigInteger
+{
+ /**
+ * Holds the BigInteger's value.
+ *
+ * @var \GMP
+ */
+ private $value;
+
+ private function __construct(\GMP $value)
+ {
+ $this->value = $value;
+ }
+
+ /**
+ * @return BigInteger
+ */
+ public static function createFromGMPResource(\GMP $value): self
+ {
+ return new self($value);
+ }
+
+ /**
+ * @return BigInteger
+ */
+ public static function createFromBinaryString(string $value): self
+ {
+ $value = '0x'.\unpack('H*', $value)[1];
+ $value = \gmp_init($value, 16);
+
+ return new self($value);
+ }
+
+ /**
+ * @return BigInteger
+ */
+ public static function createFromDecimal(int $value): self
+ {
+ $value = \gmp_init($value, 10);
+
+ return new self($value);
+ }
+
+ /**
+ * Converts a BigInteger to a binary string.
+ */
+ public function toBytes(): string
+ {
+ if (0 === \gmp_cmp($this->value, \gmp_init(0))) {
+ return '';
+ }
+
+ $temp = \gmp_strval(\gmp_abs($this->value), 16);
+ $temp = \mb_strlen($temp, '8bit') & 1 ? '0'.$temp : $temp;
+ $temp = \hex2bin($temp);
+
+ return \ltrim($temp, \chr(0));
+ }
+
+ /**
+ * Adds two BigIntegers.
+ *
+ * @param BigInteger $y
+ *
+ * @return BigInteger
+ */
+ public function add(self $y): self
+ {
+ $value = \gmp_add($this->value, $y->value);
+
+ return self::createFromGMPResource($value);
+ }
+
+ /**
+ * Subtracts two BigIntegers.
+ *
+ * @param BigInteger $y
+ *
+ * @return BigInteger
+ */
+ public function subtract(self $y): self
+ {
+ $value = \gmp_sub($this->value, $y->value);
+
+ return self::createFromGMPResource($value);
+ }
+
+ /**
+ * Multiplies two BigIntegers.
+ *
+ * @param BigInteger $x
+ *
+ * @return BigInteger
+ */
+ public function multiply(self $x): self
+ {
+ $value = \gmp_mul($this->value, $x->value);
+
+ return self::createFromGMPResource($value);
+ }
+
+ /**
+ * Divides two BigIntegers.
+ *
+ * @param BigInteger $x
+ *
+ * @return BigInteger
+ */
+ public function divide(self $x): self
+ {
+ $value = \gmp_div($this->value, $x->value);
+
+ return self::createFromGMPResource($value);
+ }
+
+ /**
+ * Performs modular exponentiation.
+ *
+ * @param BigInteger $e
+ * @param BigInteger $n
+ *
+ * @return BigInteger
+ */
+ public function modPow(self $e, self $n): self
+ {
+ $value = \gmp_powm($this->value, $e->value, $n->value);
+
+ return self::createFromGMPResource($value);
+ }
+
+ /**
+ * Performs modular exponentiation.
+ *
+ * @param BigInteger $d
+ *
+ * @return BigInteger
+ */
+ public function mod(self $d): self
+ {
+ $value = \gmp_mod($this->value, $d->value);
+
+ return self::createFromGMPResource($value);
+ }
+
+ /**
+ * Calculates modular inverses.
+ *
+ * @param BigInteger $n
+ *
+ * @return BigInteger
+ */
+ public function modInverse(self $n): self
+ {
+ $value = \gmp_invert($this->value, $n->value);
+
+ return self::createFromGMPResource($value);
+ }
+
+ /**
+ * Compares two numbers.
+ *
+ * @param BigInteger $y
+ */
+ public function compare(self $y): int
+ {
+ return \gmp_cmp($this->value, $y->value);
+ }
+
+ /**
+ * @param BigInteger $y
+ */
+ public function equals(self $y): bool
+ {
+ return 0 === $this->compare($y);
+ }
+
+ /**
+ * @param BigInteger $y
+ *
+ * @return BigInteger
+ */
+ public static function random(self $y): self
+ {
+ $zero = self::createFromDecimal(0);
+
+ return self::createFromGMPResource(\gmp_random_range($zero->value, $y->value));
+ }
+
+ /**
+ * @param BigInteger $y
+ *
+ * @return BigInteger
+ */
+ public function gcd(self $y): self
+ {
+ return self::createFromGMPResource(\gmp_gcd($this->value, $y->value));
+ }
+
+ /**
+ * @param BigInteger $y
+ */
+ public function lowerThan(self $y): bool
+ {
+ return 0 > $this->compare($y);
+ }
+
+ public function isEven(): bool
+ {
+ $zero = self::createFromDecimal(0);
+ $two = self::createFromDecimal(2);
+
+ return $this->mod($two)->equals($zero);
+ }
+}
diff --git a/vendor/web-token/jwt-core/Util/ECKey.php b/vendor/web-token/jwt-core/Util/ECKey.php index da409ba..6460084 100644 --- a/vendor/web-token/jwt-core/Util/ECKey.php +++ b/vendor/web-token/jwt-core/Util/ECKey.php @@ -1,306 +1,306 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util; - -use Base64Url\Base64Url; -use InvalidArgumentException; -use Jose\Component\Core\JWK; -use Jose\Component\Core\Util\Ecc\Curve; -use Jose\Component\Core\Util\Ecc\NistCurve; -use RuntimeException; -use Throwable; - -/** - * @internal - */ -class ECKey -{ - public static function convertToPEM(JWK $jwk): string - { - if ($jwk->has('d')) { - return self::convertPrivateKeyToPEM($jwk); - } - - return self::convertPublicKeyToPEM($jwk); - } - - public static function convertPublicKeyToPEM(JWK $jwk): string - { - switch ($jwk->get('crv')) { - case 'P-256': - $der = self::p256PublicKey(); - - break; - case 'P-384': - $der = self::p384PublicKey(); - - break; - case 'P-521': - $der = self::p521PublicKey(); - - break; - default: - throw new InvalidArgumentException('Unsupported curve.'); - } - $der .= self::getKey($jwk); - $pem = '-----BEGIN PUBLIC KEY-----'.PHP_EOL; - $pem .= chunk_split(base64_encode($der), 64, PHP_EOL); - $pem .= '-----END PUBLIC KEY-----'.PHP_EOL; - - return $pem; - } - - public static function convertPrivateKeyToPEM(JWK $jwk): string - { - switch ($jwk->get('crv')) { - case 'P-256': - $der = self::p256PrivateKey($jwk); - - break; - case 'P-384': - $der = self::p384PrivateKey($jwk); - - break; - case 'P-521': - $der = self::p521PrivateKey($jwk); - - break; - default: - throw new InvalidArgumentException('Unsupported curve.'); - } - $der .= self::getKey($jwk); - $pem = '-----BEGIN EC PRIVATE KEY-----'.PHP_EOL; - $pem .= chunk_split(base64_encode($der), 64, PHP_EOL); - $pem .= '-----END EC PRIVATE KEY-----'.PHP_EOL; - - return $pem; - } - - /** - * Creates a EC key with the given curve and additional values. - * - * @param string $curve The curve - * @param array $values values to configure the key - */ - public static function createECKey(string $curve, array $values = []): JWK - { - try { - $jwk = self::createECKeyUsingOpenSSL($curve); - } catch (Throwable $e) { - $jwk = self::createECKeyUsingPurePhp($curve); - } - $values = array_merge($values, $jwk); - - return new JWK($values); - } - - private static function getNistCurve(string $curve): Curve - { - switch ($curve) { - case 'P-256': - return NistCurve::curve256(); - case 'P-384': - return NistCurve::curve384(); - case 'P-521': - return NistCurve::curve521(); - default: - throw new InvalidArgumentException(sprintf('The curve "%s" is not supported.', $curve)); - } - } - - private static function getNistCurveSize(string $curve): int - { - switch ($curve) { - case 'P-256': - return 256; - case 'P-384': - return 384; - case 'P-521': - return 521; - default: - throw new InvalidArgumentException(sprintf('The curve "%s" is not supported.', $curve)); - } - } - - private static function createECKeyUsingPurePhp(string $curve): array - { - $nistCurve = self::getNistCurve($curve); - $privateKey = $nistCurve->createPrivateKey(); - $publicKey = $nistCurve->createPublicKey($privateKey); - - return [ - 'kty' => 'EC', - 'crv' => $curve, - 'x' => Base64Url::encode(str_pad(gmp_export($publicKey->getPoint()->getX()), (int) ceil($nistCurve->getSize() / 8), "\0", STR_PAD_LEFT)), - 'y' => Base64Url::encode(str_pad(gmp_export($publicKey->getPoint()->getY()), (int) ceil($nistCurve->getSize() / 8), "\0", STR_PAD_LEFT)), - 'd' => Base64Url::encode(str_pad(gmp_export($privateKey->getSecret()), (int) ceil($nistCurve->getSize() / 8), "\0", STR_PAD_LEFT)), - ]; - } - - private static function createECKeyUsingOpenSSL(string $curve): array - { - $key = openssl_pkey_new([ - 'curve_name' => self::getOpensslCurveName($curve), - 'private_key_type' => OPENSSL_KEYTYPE_EC, - ]); - if (false === $key) { - throw new RuntimeException('Unable to create the key'); - } - $result = openssl_pkey_export($key, $out); - if (false === $result) { - throw new RuntimeException('Unable to create the key'); - } - $res = openssl_pkey_get_private($out); - if (false === $res) { - throw new RuntimeException('Unable to create the key'); - } - $details = openssl_pkey_get_details($res); - $nistCurveSize = self::getNistCurveSize($curve); - - return [ - 'kty' => 'EC', - 'crv' => $curve, - 'd' => Base64Url::encode(str_pad($details['ec']['d'], (int) ceil($nistCurveSize / 8), "\0", STR_PAD_LEFT)), - 'x' => Base64Url::encode(str_pad($details['ec']['x'], (int) ceil($nistCurveSize / 8), "\0", STR_PAD_LEFT)), - 'y' => Base64Url::encode(str_pad($details['ec']['y'], (int) ceil($nistCurveSize / 8), "\0", STR_PAD_LEFT)), - ]; - } - - private static function getOpensslCurveName(string $curve): string - { - switch ($curve) { - case 'P-256': - return 'prime256v1'; - case 'P-384': - return 'secp384r1'; - case 'P-521': - return 'secp521r1'; - default: - throw new InvalidArgumentException(sprintf('The curve "%s" is not supported.', $curve)); - } - } - - private static function p256PublicKey(): string - { - return pack( - 'H*', - '3059' // SEQUENCE, length 89 - .'3013' // SEQUENCE, length 19 - .'0607' // OID, length 7 - .'2a8648ce3d0201' // 1.2.840.10045.2.1 = EC Public Key - .'0608' // OID, length 8 - .'2a8648ce3d030107' // 1.2.840.10045.3.1.7 = P-256 Curve - .'0342' // BIT STRING, length 66 - .'00' // prepend with NUL - pubkey will follow - ); - } - - private static function p384PublicKey(): string - { - return pack( - 'H*', - '3076' // SEQUENCE, length 118 - .'3010' // SEQUENCE, length 16 - .'0607' // OID, length 7 - .'2a8648ce3d0201' // 1.2.840.10045.2.1 = EC Public Key - .'0605' // OID, length 5 - .'2b81040022' // 1.3.132.0.34 = P-384 Curve - .'0362' // BIT STRING, length 98 - .'00' // prepend with NUL - pubkey will follow - ); - } - - private static function p521PublicKey(): string - { - return pack( - 'H*', - '30819b' // SEQUENCE, length 154 - .'3010' // SEQUENCE, length 16 - .'0607' // OID, length 7 - .'2a8648ce3d0201' // 1.2.840.10045.2.1 = EC Public Key - .'0605' // OID, length 5 - .'2b81040023' // 1.3.132.0.35 = P-521 Curve - .'038186' // BIT STRING, length 134 - .'00' // prepend with NUL - pubkey will follow - ); - } - - private static function p256PrivateKey(JWK $jwk): string - { - $d = unpack('H*', str_pad(Base64Url::decode($jwk->get('d')), 32, "\0", STR_PAD_LEFT))[1]; - - return pack( - 'H*', - '3077' // SEQUENCE, length 87+length($d)=32 - .'020101' // INTEGER, 1 - .'0420' // OCTET STRING, length($d) = 32 - .$d - .'a00a' // TAGGED OBJECT #0, length 10 - .'0608' // OID, length 8 - .'2a8648ce3d030107' // 1.3.132.0.34 = P-384 Curve - .'a144' // TAGGED OBJECT #1, length 68 - .'0342' // BIT STRING, length 66 - .'00' // prepend with NUL - pubkey will follow - ); - } - - private static function p384PrivateKey(JWK $jwk): string - { - $d = unpack('H*', str_pad(Base64Url::decode($jwk->get('d')), 48, "\0", STR_PAD_LEFT))[1]; - - return pack( - 'H*', - '3081a4' // SEQUENCE, length 116 + length($d)=48 - .'020101' // INTEGER, 1 - .'0430' // OCTET STRING, length($d) = 30 - .$d - .'a007' // TAGGED OBJECT #0, length 7 - .'0605' // OID, length 5 - .'2b81040022' // 1.3.132.0.34 = P-384 Curve - .'a164' // TAGGED OBJECT #1, length 100 - .'0362' // BIT STRING, length 98 - .'00' // prepend with NUL - pubkey will follow - ); - } - - private static function p521PrivateKey(JWK $jwk): string - { - $d = unpack('H*', str_pad(Base64Url::decode($jwk->get('d')), 66, "\0", STR_PAD_LEFT))[1]; - - return pack( - 'H*', - '3081dc' // SEQUENCE, length 154 + length($d)=66 - .'020101' // INTEGER, 1 - .'0442' // OCTET STRING, length(d) = 66 - .$d - .'a007' // TAGGED OBJECT #0, length 7 - .'0605' // OID, length 5 - .'2b81040023' // 1.3.132.0.35 = P-521 Curve - .'a18189' // TAGGED OBJECT #1, length 137 - .'038186' // BIT STRING, length 134 - .'00' // prepend with NUL - pubkey will follow - ); - } - - private static function getKey(JWK $jwk): string - { - $nistCurveSize = self::getNistCurveSize($jwk->get('crv')); - $length = (int) ceil($nistCurveSize / 8); - - return - "\04" - .str_pad(Base64Url::decode($jwk->get('x')), $length, "\0", STR_PAD_LEFT) - .str_pad(Base64Url::decode($jwk->get('y')), $length, "\0", STR_PAD_LEFT); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util;
+
+use Base64Url\Base64Url;
+use InvalidArgumentException;
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\Util\Ecc\Curve;
+use Jose\Component\Core\Util\Ecc\NistCurve;
+use RuntimeException;
+use Throwable;
+
+/**
+ * @internal
+ */
+class ECKey
+{
+ public static function convertToPEM(JWK $jwk): string
+ {
+ if ($jwk->has('d')) {
+ return self::convertPrivateKeyToPEM($jwk);
+ }
+
+ return self::convertPublicKeyToPEM($jwk);
+ }
+
+ public static function convertPublicKeyToPEM(JWK $jwk): string
+ {
+ switch ($jwk->get('crv')) {
+ case 'P-256':
+ $der = self::p256PublicKey();
+
+ break;
+ case 'P-384':
+ $der = self::p384PublicKey();
+
+ break;
+ case 'P-521':
+ $der = self::p521PublicKey();
+
+ break;
+ default:
+ throw new InvalidArgumentException('Unsupported curve.');
+ }
+ $der .= self::getKey($jwk);
+ $pem = '-----BEGIN PUBLIC KEY-----'.PHP_EOL;
+ $pem .= chunk_split(base64_encode($der), 64, PHP_EOL);
+ $pem .= '-----END PUBLIC KEY-----'.PHP_EOL;
+
+ return $pem;
+ }
+
+ public static function convertPrivateKeyToPEM(JWK $jwk): string
+ {
+ switch ($jwk->get('crv')) {
+ case 'P-256':
+ $der = self::p256PrivateKey($jwk);
+
+ break;
+ case 'P-384':
+ $der = self::p384PrivateKey($jwk);
+
+ break;
+ case 'P-521':
+ $der = self::p521PrivateKey($jwk);
+
+ break;
+ default:
+ throw new InvalidArgumentException('Unsupported curve.');
+ }
+ $der .= self::getKey($jwk);
+ $pem = '-----BEGIN EC PRIVATE KEY-----'.PHP_EOL;
+ $pem .= chunk_split(base64_encode($der), 64, PHP_EOL);
+ $pem .= '-----END EC PRIVATE KEY-----'.PHP_EOL;
+
+ return $pem;
+ }
+
+ /**
+ * Creates a EC key with the given curve and additional values.
+ *
+ * @param string $curve The curve
+ * @param array $values values to configure the key
+ */
+ public static function createECKey(string $curve, array $values = []): JWK
+ {
+ try {
+ $jwk = self::createECKeyUsingOpenSSL($curve);
+ } catch (Throwable $e) {
+ $jwk = self::createECKeyUsingPurePhp($curve);
+ }
+ $values = array_merge($values, $jwk);
+
+ return new JWK($values);
+ }
+
+ private static function getNistCurve(string $curve): Curve
+ {
+ switch ($curve) {
+ case 'P-256':
+ return NistCurve::curve256();
+ case 'P-384':
+ return NistCurve::curve384();
+ case 'P-521':
+ return NistCurve::curve521();
+ default:
+ throw new InvalidArgumentException(sprintf('The curve "%s" is not supported.', $curve));
+ }
+ }
+
+ private static function getNistCurveSize(string $curve): int
+ {
+ switch ($curve) {
+ case 'P-256':
+ return 256;
+ case 'P-384':
+ return 384;
+ case 'P-521':
+ return 521;
+ default:
+ throw new InvalidArgumentException(sprintf('The curve "%s" is not supported.', $curve));
+ }
+ }
+
+ private static function createECKeyUsingPurePhp(string $curve): array
+ {
+ $nistCurve = self::getNistCurve($curve);
+ $privateKey = $nistCurve->createPrivateKey();
+ $publicKey = $nistCurve->createPublicKey($privateKey);
+
+ return [
+ 'kty' => 'EC',
+ 'crv' => $curve,
+ 'x' => Base64Url::encode(str_pad(gmp_export($publicKey->getPoint()->getX()), (int) ceil($nistCurve->getSize() / 8), "\0", STR_PAD_LEFT)),
+ 'y' => Base64Url::encode(str_pad(gmp_export($publicKey->getPoint()->getY()), (int) ceil($nistCurve->getSize() / 8), "\0", STR_PAD_LEFT)),
+ 'd' => Base64Url::encode(str_pad(gmp_export($privateKey->getSecret()), (int) ceil($nistCurve->getSize() / 8), "\0", STR_PAD_LEFT)),
+ ];
+ }
+
+ private static function createECKeyUsingOpenSSL(string $curve): array
+ {
+ $key = openssl_pkey_new([
+ 'curve_name' => self::getOpensslCurveName($curve),
+ 'private_key_type' => OPENSSL_KEYTYPE_EC,
+ ]);
+ if (false === $key) {
+ throw new RuntimeException('Unable to create the key');
+ }
+ $result = openssl_pkey_export($key, $out);
+ if (false === $result) {
+ throw new RuntimeException('Unable to create the key');
+ }
+ $res = openssl_pkey_get_private($out);
+ if (false === $res) {
+ throw new RuntimeException('Unable to create the key');
+ }
+ $details = openssl_pkey_get_details($res);
+ $nistCurveSize = self::getNistCurveSize($curve);
+
+ return [
+ 'kty' => 'EC',
+ 'crv' => $curve,
+ 'd' => Base64Url::encode(str_pad($details['ec']['d'], (int) ceil($nistCurveSize / 8), "\0", STR_PAD_LEFT)),
+ 'x' => Base64Url::encode(str_pad($details['ec']['x'], (int) ceil($nistCurveSize / 8), "\0", STR_PAD_LEFT)),
+ 'y' => Base64Url::encode(str_pad($details['ec']['y'], (int) ceil($nistCurveSize / 8), "\0", STR_PAD_LEFT)),
+ ];
+ }
+
+ private static function getOpensslCurveName(string $curve): string
+ {
+ switch ($curve) {
+ case 'P-256':
+ return 'prime256v1';
+ case 'P-384':
+ return 'secp384r1';
+ case 'P-521':
+ return 'secp521r1';
+ default:
+ throw new InvalidArgumentException(sprintf('The curve "%s" is not supported.', $curve));
+ }
+ }
+
+ private static function p256PublicKey(): string
+ {
+ return pack(
+ 'H*',
+ '3059' // SEQUENCE, length 89
+ .'3013' // SEQUENCE, length 19
+ .'0607' // OID, length 7
+ .'2a8648ce3d0201' // 1.2.840.10045.2.1 = EC Public Key
+ .'0608' // OID, length 8
+ .'2a8648ce3d030107' // 1.2.840.10045.3.1.7 = P-256 Curve
+ .'0342' // BIT STRING, length 66
+ .'00' // prepend with NUL - pubkey will follow
+ );
+ }
+
+ private static function p384PublicKey(): string
+ {
+ return pack(
+ 'H*',
+ '3076' // SEQUENCE, length 118
+ .'3010' // SEQUENCE, length 16
+ .'0607' // OID, length 7
+ .'2a8648ce3d0201' // 1.2.840.10045.2.1 = EC Public Key
+ .'0605' // OID, length 5
+ .'2b81040022' // 1.3.132.0.34 = P-384 Curve
+ .'0362' // BIT STRING, length 98
+ .'00' // prepend with NUL - pubkey will follow
+ );
+ }
+
+ private static function p521PublicKey(): string
+ {
+ return pack(
+ 'H*',
+ '30819b' // SEQUENCE, length 154
+ .'3010' // SEQUENCE, length 16
+ .'0607' // OID, length 7
+ .'2a8648ce3d0201' // 1.2.840.10045.2.1 = EC Public Key
+ .'0605' // OID, length 5
+ .'2b81040023' // 1.3.132.0.35 = P-521 Curve
+ .'038186' // BIT STRING, length 134
+ .'00' // prepend with NUL - pubkey will follow
+ );
+ }
+
+ private static function p256PrivateKey(JWK $jwk): string
+ {
+ $d = unpack('H*', str_pad(Base64Url::decode($jwk->get('d')), 32, "\0", STR_PAD_LEFT))[1];
+
+ return pack(
+ 'H*',
+ '3077' // SEQUENCE, length 87+length($d)=32
+ .'020101' // INTEGER, 1
+ .'0420' // OCTET STRING, length($d) = 32
+ .$d
+ .'a00a' // TAGGED OBJECT #0, length 10
+ .'0608' // OID, length 8
+ .'2a8648ce3d030107' // 1.3.132.0.34 = P-384 Curve
+ .'a144' // TAGGED OBJECT #1, length 68
+ .'0342' // BIT STRING, length 66
+ .'00' // prepend with NUL - pubkey will follow
+ );
+ }
+
+ private static function p384PrivateKey(JWK $jwk): string
+ {
+ $d = unpack('H*', str_pad(Base64Url::decode($jwk->get('d')), 48, "\0", STR_PAD_LEFT))[1];
+
+ return pack(
+ 'H*',
+ '3081a4' // SEQUENCE, length 116 + length($d)=48
+ .'020101' // INTEGER, 1
+ .'0430' // OCTET STRING, length($d) = 30
+ .$d
+ .'a007' // TAGGED OBJECT #0, length 7
+ .'0605' // OID, length 5
+ .'2b81040022' // 1.3.132.0.34 = P-384 Curve
+ .'a164' // TAGGED OBJECT #1, length 100
+ .'0362' // BIT STRING, length 98
+ .'00' // prepend with NUL - pubkey will follow
+ );
+ }
+
+ private static function p521PrivateKey(JWK $jwk): string
+ {
+ $d = unpack('H*', str_pad(Base64Url::decode($jwk->get('d')), 66, "\0", STR_PAD_LEFT))[1];
+
+ return pack(
+ 'H*',
+ '3081dc' // SEQUENCE, length 154 + length($d)=66
+ .'020101' // INTEGER, 1
+ .'0442' // OCTET STRING, length(d) = 66
+ .$d
+ .'a007' // TAGGED OBJECT #0, length 7
+ .'0605' // OID, length 5
+ .'2b81040023' // 1.3.132.0.35 = P-521 Curve
+ .'a18189' // TAGGED OBJECT #1, length 137
+ .'038186' // BIT STRING, length 134
+ .'00' // prepend with NUL - pubkey will follow
+ );
+ }
+
+ private static function getKey(JWK $jwk): string
+ {
+ $nistCurveSize = self::getNistCurveSize($jwk->get('crv'));
+ $length = (int) ceil($nistCurveSize / 8);
+
+ return
+ "\04"
+ .str_pad(Base64Url::decode($jwk->get('x')), $length, "\0", STR_PAD_LEFT)
+ .str_pad(Base64Url::decode($jwk->get('y')), $length, "\0", STR_PAD_LEFT);
+ }
+}
diff --git a/vendor/web-token/jwt-core/Util/ECSignature.php b/vendor/web-token/jwt-core/Util/ECSignature.php index 5bfa5b0..14cb15d 100644 --- a/vendor/web-token/jwt-core/Util/ECSignature.php +++ b/vendor/web-token/jwt-core/Util/ECSignature.php @@ -1,93 +1,93 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util; - -/** - * @internal - */ -class ECSignature -{ - public static function toDER(string $signature, int $partLength): string - { - $signature = \unpack('H*', $signature)[1]; - if (\mb_strlen($signature, '8bit') !== 2 * $partLength) { - throw new \InvalidArgumentException('Invalid length.'); - } - $R = \mb_substr($signature, 0, $partLength, '8bit'); - $S = \mb_substr($signature, $partLength, null, '8bit'); - - $R = self::preparePositiveInteger($R); - $Rl = \mb_strlen($R, '8bit') / 2; - $S = self::preparePositiveInteger($S); - $Sl = \mb_strlen($S, '8bit') / 2; - $der = \pack('H*', - '30'.($Rl + $Sl + 4 > 128 ? '81' : '').\dechex($Rl + $Sl + 4) - .'02'.\dechex($Rl).$R - .'02'.\dechex($Sl).$S - ); - - return $der; - } - - public static function fromDER(string $der, int $partLength): string - { - $hex = \unpack('H*', $der)[1]; - if ('30' !== \mb_substr($hex, 0, 2, '8bit')) { // SEQUENCE - throw new \RuntimeException(); - } - if ('81' === \mb_substr($hex, 2, 2, '8bit')) { // LENGTH > 128 - $hex = \mb_substr($hex, 6, null, '8bit'); - } else { - $hex = \mb_substr($hex, 4, null, '8bit'); - } - if ('02' !== \mb_substr($hex, 0, 2, '8bit')) { // INTEGER - throw new \RuntimeException(); - } - - $Rl = \hexdec(\mb_substr($hex, 2, 2, '8bit')); - $R = self::retrievePositiveInteger(\mb_substr($hex, 4, $Rl * 2, '8bit')); - $R = \str_pad($R, $partLength, '0', STR_PAD_LEFT); - - $hex = \mb_substr($hex, 4 + $Rl * 2, null, '8bit'); - if ('02' !== \mb_substr($hex, 0, 2, '8bit')) { // INTEGER - throw new \RuntimeException(); - } - $Sl = \hexdec(\mb_substr($hex, 2, 2, '8bit')); - $S = self::retrievePositiveInteger(\mb_substr($hex, 4, $Sl * 2, '8bit')); - $S = \str_pad($S, $partLength, '0', STR_PAD_LEFT); - - return \pack('H*', $R.$S); - } - - private static function preparePositiveInteger(string $data): string - { - if (\mb_substr($data, 0, 2, '8bit') > '7f') { - return '00'.$data; - } - while ('00' === \mb_substr($data, 0, 2, '8bit') && \mb_substr($data, 2, 2, '8bit') <= '7f') { - $data = \mb_substr($data, 2, null, '8bit'); - } - - return $data; - } - - private static function retrievePositiveInteger(string $data): string - { - while ('00' === \mb_substr($data, 0, 2, '8bit') && \mb_substr($data, 2, 2, '8bit') > '7f') { - $data = \mb_substr($data, 2, null, '8bit'); - } - - return $data; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util;
+
+/**
+ * @internal
+ */
+class ECSignature
+{
+ public static function toDER(string $signature, int $partLength): string
+ {
+ $signature = \unpack('H*', $signature)[1];
+ if (\mb_strlen($signature, '8bit') !== 2 * $partLength) {
+ throw new \InvalidArgumentException('Invalid length.');
+ }
+ $R = \mb_substr($signature, 0, $partLength, '8bit');
+ $S = \mb_substr($signature, $partLength, null, '8bit');
+
+ $R = self::preparePositiveInteger($R);
+ $Rl = \mb_strlen($R, '8bit') / 2;
+ $S = self::preparePositiveInteger($S);
+ $Sl = \mb_strlen($S, '8bit') / 2;
+ $der = \pack('H*',
+ '30'.($Rl + $Sl + 4 > 128 ? '81' : '').\dechex($Rl + $Sl + 4)
+ .'02'.\dechex($Rl).$R
+ .'02'.\dechex($Sl).$S
+ );
+
+ return $der;
+ }
+
+ public static function fromDER(string $der, int $partLength): string
+ {
+ $hex = \unpack('H*', $der)[1];
+ if ('30' !== \mb_substr($hex, 0, 2, '8bit')) { // SEQUENCE
+ throw new \RuntimeException();
+ }
+ if ('81' === \mb_substr($hex, 2, 2, '8bit')) { // LENGTH > 128
+ $hex = \mb_substr($hex, 6, null, '8bit');
+ } else {
+ $hex = \mb_substr($hex, 4, null, '8bit');
+ }
+ if ('02' !== \mb_substr($hex, 0, 2, '8bit')) { // INTEGER
+ throw new \RuntimeException();
+ }
+
+ $Rl = \hexdec(\mb_substr($hex, 2, 2, '8bit'));
+ $R = self::retrievePositiveInteger(\mb_substr($hex, 4, $Rl * 2, '8bit'));
+ $R = \str_pad($R, $partLength, '0', STR_PAD_LEFT);
+
+ $hex = \mb_substr($hex, 4 + $Rl * 2, null, '8bit');
+ if ('02' !== \mb_substr($hex, 0, 2, '8bit')) { // INTEGER
+ throw new \RuntimeException();
+ }
+ $Sl = \hexdec(\mb_substr($hex, 2, 2, '8bit'));
+ $S = self::retrievePositiveInteger(\mb_substr($hex, 4, $Sl * 2, '8bit'));
+ $S = \str_pad($S, $partLength, '0', STR_PAD_LEFT);
+
+ return \pack('H*', $R.$S);
+ }
+
+ private static function preparePositiveInteger(string $data): string
+ {
+ if (\mb_substr($data, 0, 2, '8bit') > '7f') {
+ return '00'.$data;
+ }
+ while ('00' === \mb_substr($data, 0, 2, '8bit') && \mb_substr($data, 2, 2, '8bit') <= '7f') {
+ $data = \mb_substr($data, 2, null, '8bit');
+ }
+
+ return $data;
+ }
+
+ private static function retrievePositiveInteger(string $data): string
+ {
+ while ('00' === \mb_substr($data, 0, 2, '8bit') && \mb_substr($data, 2, 2, '8bit') > '7f') {
+ $data = \mb_substr($data, 2, null, '8bit');
+ }
+
+ return $data;
+ }
+}
diff --git a/vendor/web-token/jwt-core/Util/Hash.php b/vendor/web-token/jwt-core/Util/Hash.php index 105c865..ecf0438 100644 --- a/vendor/web-token/jwt-core/Util/Hash.php +++ b/vendor/web-token/jwt-core/Util/Hash.php @@ -1,90 +1,90 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util; - -/** - * @internal - */ -class Hash -{ - /** - * Hash Parameter. - * - * @var string - */ - private $hash; - - /** - * Hash Length. - * - * @var int - */ - private $length; - - /** - * @return Hash - */ - public static function sha1(): self - { - return new self('sha1', 20); - } - - /** - * @return Hash - */ - public static function sha256(): self - { - return new self('sha256', 32); - } - - /** - * @return Hash - */ - public static function sha384(): self - { - return new self('sha384', 48); - } - - /** - * @return Hash - */ - public static function sha512(): self - { - return new self('sha512', 64); - } - - private function __construct(string $hash, int $length) - { - $this->hash = $hash; - $this->length = $length; - } - - public function getLength(): int - { - return $this->length; - } - - /** - * Compute the HMAC. - */ - public function hash(string $text): string - { - return \hash($this->hash, $text, true); - } - - public function name(): string - { - return $this->hash; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util;
+
+/**
+ * @internal
+ */
+class Hash
+{
+ /**
+ * Hash Parameter.
+ *
+ * @var string
+ */
+ private $hash;
+
+ /**
+ * Hash Length.
+ *
+ * @var int
+ */
+ private $length;
+
+ /**
+ * @return Hash
+ */
+ public static function sha1(): self
+ {
+ return new self('sha1', 20);
+ }
+
+ /**
+ * @return Hash
+ */
+ public static function sha256(): self
+ {
+ return new self('sha256', 32);
+ }
+
+ /**
+ * @return Hash
+ */
+ public static function sha384(): self
+ {
+ return new self('sha384', 48);
+ }
+
+ /**
+ * @return Hash
+ */
+ public static function sha512(): self
+ {
+ return new self('sha512', 64);
+ }
+
+ private function __construct(string $hash, int $length)
+ {
+ $this->hash = $hash;
+ $this->length = $length;
+ }
+
+ public function getLength(): int
+ {
+ return $this->length;
+ }
+
+ /**
+ * Compute the HMAC.
+ */
+ public function hash(string $text): string
+ {
+ return \hash($this->hash, $text, true);
+ }
+
+ public function name(): string
+ {
+ return $this->hash;
+ }
+}
diff --git a/vendor/web-token/jwt-core/Util/JsonConverter.php b/vendor/web-token/jwt-core/Util/JsonConverter.php index ef95126..2d1faad 100644 --- a/vendor/web-token/jwt-core/Util/JsonConverter.php +++ b/vendor/web-token/jwt-core/Util/JsonConverter.php @@ -1,27 +1,27 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util; - -final class JsonConverter -{ - public static function encode($payload): string - { - return \json_encode($payload, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); - } - - public static function decode(string $payload) - { - return \json_decode($payload, true, 512, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util;
+
+final class JsonConverter
+{
+ public static function encode($payload): string
+ {
+ return \json_encode($payload, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+ }
+
+ public static function decode(string $payload)
+ {
+ return \json_decode($payload, true, 512, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+ }
+}
diff --git a/vendor/web-token/jwt-core/Util/KeyChecker.php b/vendor/web-token/jwt-core/Util/KeyChecker.php index 09385a4..38cf581 100644 --- a/vendor/web-token/jwt-core/Util/KeyChecker.php +++ b/vendor/web-token/jwt-core/Util/KeyChecker.php @@ -1,107 +1,107 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util; - -use Jose\Component\Core\JWK; - -/** - * @internal - */ -class KeyChecker -{ - /** - * @throws \InvalidArgumentException - */ - public static function checkKeyUsage(JWK $key, string $usage): bool - { - if ($key->has('use')) { - return self::checkUsage($key, $usage); - } - if ($key->has('key_ops')) { - return self::checkOperation($key, $usage); - } - - return true; - } - - private static function checkOperation(JWK $key, string $usage): bool - { - $ops = $key->get('key_ops'); - if (!\is_array($ops)) { - $ops = [$ops]; - } - switch ($usage) { - case 'verification': - if (!\in_array('verify', $ops, true)) { - throw new \InvalidArgumentException('Key cannot be used to verify a signature'); - } - - return true; - case 'signature': - if (!\in_array('sign', $ops, true)) { - throw new \InvalidArgumentException('Key cannot be used to sign'); - } - - return true; - case 'encryption': - if (!\in_array('encrypt', $ops, true) && !\in_array('wrapKey', $ops, true)) { - throw new \InvalidArgumentException('Key cannot be used to encrypt'); - } - - return true; - case 'decryption': - if (!\in_array('decrypt', $ops, true) && !\in_array('unwrapKey', $ops, true)) { - throw new \InvalidArgumentException('Key cannot be used to decrypt'); - } - - return true; - default: - throw new \InvalidArgumentException('Unsupported key usage.'); - } - } - - private static function checkUsage(JWK $key, string $usage): bool - { - $use = $key->get('use'); - switch ($usage) { - case 'verification': - case 'signature': - if ('sig' !== $use) { - throw new \InvalidArgumentException('Key cannot be used to sign or verify a signature.'); - } - - return true; - case 'encryption': - case 'decryption': - if ('enc' !== $use) { - throw new \InvalidArgumentException('Key cannot be used to encrypt or decrypt.'); - } - - return true; - default: - throw new \InvalidArgumentException('Unsupported key usage.'); - } - } - - public static function checkKeyAlgorithm(JWK $key, string $algorithm) - { - if (!$key->has('alg')) { - return; - } - - if ($key->get('alg') !== $algorithm) { - throw new \InvalidArgumentException(\sprintf('Key is only allowed for algorithm "%s".', $key->get('alg'))); - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util;
+
+use Jose\Component\Core\JWK;
+
+/**
+ * @internal
+ */
+class KeyChecker
+{
+ /**
+ * @throws \InvalidArgumentException
+ */
+ public static function checkKeyUsage(JWK $key, string $usage): bool
+ {
+ if ($key->has('use')) {
+ return self::checkUsage($key, $usage);
+ }
+ if ($key->has('key_ops')) {
+ return self::checkOperation($key, $usage);
+ }
+
+ return true;
+ }
+
+ private static function checkOperation(JWK $key, string $usage): bool
+ {
+ $ops = $key->get('key_ops');
+ if (!\is_array($ops)) {
+ $ops = [$ops];
+ }
+ switch ($usage) {
+ case 'verification':
+ if (!\in_array('verify', $ops, true)) {
+ throw new \InvalidArgumentException('Key cannot be used to verify a signature');
+ }
+
+ return true;
+ case 'signature':
+ if (!\in_array('sign', $ops, true)) {
+ throw new \InvalidArgumentException('Key cannot be used to sign');
+ }
+
+ return true;
+ case 'encryption':
+ if (!\in_array('encrypt', $ops, true) && !\in_array('wrapKey', $ops, true)) {
+ throw new \InvalidArgumentException('Key cannot be used to encrypt');
+ }
+
+ return true;
+ case 'decryption':
+ if (!\in_array('decrypt', $ops, true) && !\in_array('unwrapKey', $ops, true)) {
+ throw new \InvalidArgumentException('Key cannot be used to decrypt');
+ }
+
+ return true;
+ default:
+ throw new \InvalidArgumentException('Unsupported key usage.');
+ }
+ }
+
+ private static function checkUsage(JWK $key, string $usage): bool
+ {
+ $use = $key->get('use');
+ switch ($usage) {
+ case 'verification':
+ case 'signature':
+ if ('sig' !== $use) {
+ throw new \InvalidArgumentException('Key cannot be used to sign or verify a signature.');
+ }
+
+ return true;
+ case 'encryption':
+ case 'decryption':
+ if ('enc' !== $use) {
+ throw new \InvalidArgumentException('Key cannot be used to encrypt or decrypt.');
+ }
+
+ return true;
+ default:
+ throw new \InvalidArgumentException('Unsupported key usage.');
+ }
+ }
+
+ public static function checkKeyAlgorithm(JWK $key, string $algorithm)
+ {
+ if (!$key->has('alg')) {
+ return;
+ }
+
+ if ($key->get('alg') !== $algorithm) {
+ throw new \InvalidArgumentException(\sprintf('Key is only allowed for algorithm "%s".', $key->get('alg')));
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-core/Util/RSAKey.php b/vendor/web-token/jwt-core/Util/RSAKey.php index 3670034..8f6a0d6 100644 --- a/vendor/web-token/jwt-core/Util/RSAKey.php +++ b/vendor/web-token/jwt-core/Util/RSAKey.php @@ -1,322 +1,322 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util; - -use Base64Url\Base64Url; -use FG\ASN1\Universal\BitString; -use FG\ASN1\Universal\Integer; -use FG\ASN1\Universal\NullObject; -use FG\ASN1\Universal\ObjectIdentifier; -use FG\ASN1\Universal\OctetString; -use FG\ASN1\Universal\Sequence; -use Jose\Component\Core\JWK; - -/** - * @internal - */ -class RSAKey -{ - /** - * @var Sequence - */ - private $sequence; - - /** - * @var bool - */ - private $private = false; - - /** - * @var array - */ - private $values = []; - - /** - * @var BigInteger - */ - private $modulus; - - /** - * @var int - */ - private $modulus_length; - - /** - * @var BigInteger - */ - private $public_exponent; - - /** - * @var BigInteger|null - */ - private $private_exponent = null; - - /** - * @var BigInteger[] - */ - private $primes = []; - - /** - * @var BigInteger[] - */ - private $exponents = []; - - /** - * @var BigInteger|null - */ - private $coefficient = null; - - private function __construct(JWK $data) - { - $this->loadJWK($data->all()); - $this->populateBigIntegers(); - $this->private = \array_key_exists('d', $this->values); - } - - /** - * @return RSAKey - */ - public static function createFromJWK(JWK $jwk): self - { - return new self($jwk); - } - - public function getModulus(): BigInteger - { - return $this->modulus; - } - - public function getModulusLength(): int - { - return $this->modulus_length; - } - - public function getExponent(): BigInteger - { - $d = $this->getPrivateExponent(); - if (null !== $d) { - return $d; - } - - return $this->getPublicExponent(); - } - - public function getPublicExponent(): BigInteger - { - return $this->public_exponent; - } - - public function getPrivateExponent(): ?BigInteger - { - return $this->private_exponent; - } - - /** - * @return BigInteger[] - */ - public function getPrimes(): array - { - return $this->primes; - } - - /** - * @return BigInteger[] - */ - public function getExponents(): array - { - return $this->exponents; - } - - public function getCoefficient(): ?BigInteger - { - return $this->coefficient; - } - - public function isPublic(): bool - { - return !\array_key_exists('d', $this->values); - } - - /** - * @param RSAKey $private - * - * @return RSAKey - */ - public static function toPublic(self $private): self - { - $data = $private->toArray(); - $keys = ['p', 'd', 'q', 'dp', 'dq', 'qi']; - foreach ($keys as $key) { - if (\array_key_exists($key, $data)) { - unset($data[$key]); - } - } - - return new self(new JWK($data)); - } - - public function toArray(): array - { - return $this->values; - } - - private function loadJWK(array $jwk) - { - if (!\array_key_exists('kty', $jwk)) { - throw new \InvalidArgumentException('The key parameter "kty" is missing.'); - } - if ('RSA' !== $jwk['kty']) { - throw new \InvalidArgumentException('The JWK is not a RSA key.'); - } - - $this->values = $jwk; - } - - private function populateBigIntegers() - { - $this->modulus = $this->convertBase64StringToBigInteger($this->values['n']); - $this->modulus_length = \mb_strlen($this->getModulus()->toBytes(), '8bit'); - $this->public_exponent = $this->convertBase64StringToBigInteger($this->values['e']); - - if (!$this->isPublic()) { - $this->private_exponent = $this->convertBase64StringToBigInteger($this->values['d']); - - if (\array_key_exists('p', $this->values) && \array_key_exists('q', $this->values)) { - $this->primes = [ - $this->convertBase64StringToBigInteger($this->values['p']), - $this->convertBase64StringToBigInteger($this->values['q']), - ]; - if (\array_key_exists('dp', $this->values) && \array_key_exists('dq', $this->values) && \array_key_exists('qi', $this->values)) { - $this->exponents = [ - $this->convertBase64StringToBigInteger($this->values['dp']), - $this->convertBase64StringToBigInteger($this->values['dq']), - ]; - $this->coefficient = $this->convertBase64StringToBigInteger($this->values['qi']); - } - } - } - } - - private function convertBase64StringToBigInteger(string $value): BigInteger - { - return BigInteger::createFromBinaryString(Base64Url::decode($value)); - } - - /** - * @throws \Exception - */ - public function toPEM(): string - { - if (null === $this->sequence) { - $this->sequence = new Sequence(); - if (\array_key_exists('d', $this->values)) { - $this->initPrivateKey(); - } else { - $this->initPublicKey(); - } - } - $result = '-----BEGIN '.($this->private ? 'RSA PRIVATE' : 'PUBLIC').' KEY-----'.PHP_EOL; - $result .= \chunk_split(\base64_encode($this->sequence->getBinary()), 64, PHP_EOL); - $result .= '-----END '.($this->private ? 'RSA PRIVATE' : 'PUBLIC').' KEY-----'.PHP_EOL; - - return $result; - } - - /** - * @throws \Exception - */ - private function initPublicKey() - { - $oid_sequence = new Sequence(); - $oid_sequence->addChild(new ObjectIdentifier('1.2.840.113549.1.1.1')); - $oid_sequence->addChild(new NullObject()); - $this->sequence->addChild($oid_sequence); - $n = new Integer($this->fromBase64ToInteger($this->values['n'])); - $e = new Integer($this->fromBase64ToInteger($this->values['e'])); - $key_sequence = new Sequence(); - $key_sequence->addChild($n); - $key_sequence->addChild($e); - $key_bit_string = new BitString(\bin2hex($key_sequence->getBinary())); - $this->sequence->addChild($key_bit_string); - } - - private function initPrivateKey() - { - $this->sequence->addChild(new Integer(0)); - $oid_sequence = new Sequence(); - $oid_sequence->addChild(new ObjectIdentifier('1.2.840.113549.1.1.1')); - $oid_sequence->addChild(new NullObject()); - $this->sequence->addChild($oid_sequence); - $v = new Integer(0); - $n = new Integer($this->fromBase64ToInteger($this->values['n'])); - $e = new Integer($this->fromBase64ToInteger($this->values['e'])); - $d = new Integer($this->fromBase64ToInteger($this->values['d'])); - $p = new Integer($this->fromBase64ToInteger($this->values['p'])); - $q = new Integer($this->fromBase64ToInteger($this->values['q'])); - $dp = \array_key_exists('dp', $this->values) ? new Integer($this->fromBase64ToInteger($this->values['dp'])) : new Integer(0); - $dq = \array_key_exists('dq', $this->values) ? new Integer($this->fromBase64ToInteger($this->values['dq'])) : new Integer(0); - $qi = \array_key_exists('qi', $this->values) ? new Integer($this->fromBase64ToInteger($this->values['qi'])) : new Integer(0); - $key_sequence = new Sequence(); - $key_sequence->addChild($v); - $key_sequence->addChild($n); - $key_sequence->addChild($e); - $key_sequence->addChild($d); - $key_sequence->addChild($p); - $key_sequence->addChild($q); - $key_sequence->addChild($dp); - $key_sequence->addChild($dq); - $key_sequence->addChild($qi); - $key_octet_string = new OctetString(\bin2hex($key_sequence->getBinary())); - $this->sequence->addChild($key_octet_string); - } - - /** - * @param string $value - * - * @return string - */ - private function fromBase64ToInteger($value) - { - return \gmp_strval(\gmp_init(\current(\unpack('H*', Base64Url::decode($value))), 16), 10); - } - - /** - * Exponentiate with or without Chinese Remainder Theorem. - * Operation with primes 'p' and 'q' is appox. 2x faster. - * - * @param RSAKey $key - */ - public static function exponentiate(self $key, BigInteger $c): BigInteger - { - if ($c->compare(BigInteger::createFromDecimal(0)) < 0 || $c->compare($key->getModulus()) > 0) { - throw new \RuntimeException(); - } - if ($key->isPublic() || empty($key->getPrimes()) || empty($key->getExponents()) || null === $key->getCoefficient()) { - return $c->modPow($key->getExponent(), $key->getModulus()); - } - - $p = $key->getPrimes()[0]; - $q = $key->getPrimes()[1]; - $dP = $key->getExponents()[0]; - $dQ = $key->getExponents()[1]; - $qInv = $key->getCoefficient(); - - $m1 = $c->modPow($dP, $p); - $m2 = $c->modPow($dQ, $q); - $h = $qInv->multiply($m1->subtract($m2)->add($p))->mod($p); - $m = $m2->add($h->multiply($q)); - - return $m; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util;
+
+use Base64Url\Base64Url;
+use FG\ASN1\Universal\BitString;
+use FG\ASN1\Universal\Integer;
+use FG\ASN1\Universal\NullObject;
+use FG\ASN1\Universal\ObjectIdentifier;
+use FG\ASN1\Universal\OctetString;
+use FG\ASN1\Universal\Sequence;
+use Jose\Component\Core\JWK;
+
+/**
+ * @internal
+ */
+class RSAKey
+{
+ /**
+ * @var Sequence
+ */
+ private $sequence;
+
+ /**
+ * @var bool
+ */
+ private $private = false;
+
+ /**
+ * @var array
+ */
+ private $values = [];
+
+ /**
+ * @var BigInteger
+ */
+ private $modulus;
+
+ /**
+ * @var int
+ */
+ private $modulus_length;
+
+ /**
+ * @var BigInteger
+ */
+ private $public_exponent;
+
+ /**
+ * @var BigInteger|null
+ */
+ private $private_exponent = null;
+
+ /**
+ * @var BigInteger[]
+ */
+ private $primes = [];
+
+ /**
+ * @var BigInteger[]
+ */
+ private $exponents = [];
+
+ /**
+ * @var BigInteger|null
+ */
+ private $coefficient = null;
+
+ private function __construct(JWK $data)
+ {
+ $this->loadJWK($data->all());
+ $this->populateBigIntegers();
+ $this->private = \array_key_exists('d', $this->values);
+ }
+
+ /**
+ * @return RSAKey
+ */
+ public static function createFromJWK(JWK $jwk): self
+ {
+ return new self($jwk);
+ }
+
+ public function getModulus(): BigInteger
+ {
+ return $this->modulus;
+ }
+
+ public function getModulusLength(): int
+ {
+ return $this->modulus_length;
+ }
+
+ public function getExponent(): BigInteger
+ {
+ $d = $this->getPrivateExponent();
+ if (null !== $d) {
+ return $d;
+ }
+
+ return $this->getPublicExponent();
+ }
+
+ public function getPublicExponent(): BigInteger
+ {
+ return $this->public_exponent;
+ }
+
+ public function getPrivateExponent(): ?BigInteger
+ {
+ return $this->private_exponent;
+ }
+
+ /**
+ * @return BigInteger[]
+ */
+ public function getPrimes(): array
+ {
+ return $this->primes;
+ }
+
+ /**
+ * @return BigInteger[]
+ */
+ public function getExponents(): array
+ {
+ return $this->exponents;
+ }
+
+ public function getCoefficient(): ?BigInteger
+ {
+ return $this->coefficient;
+ }
+
+ public function isPublic(): bool
+ {
+ return !\array_key_exists('d', $this->values);
+ }
+
+ /**
+ * @param RSAKey $private
+ *
+ * @return RSAKey
+ */
+ public static function toPublic(self $private): self
+ {
+ $data = $private->toArray();
+ $keys = ['p', 'd', 'q', 'dp', 'dq', 'qi'];
+ foreach ($keys as $key) {
+ if (\array_key_exists($key, $data)) {
+ unset($data[$key]);
+ }
+ }
+
+ return new self(new JWK($data));
+ }
+
+ public function toArray(): array
+ {
+ return $this->values;
+ }
+
+ private function loadJWK(array $jwk)
+ {
+ if (!\array_key_exists('kty', $jwk)) {
+ throw new \InvalidArgumentException('The key parameter "kty" is missing.');
+ }
+ if ('RSA' !== $jwk['kty']) {
+ throw new \InvalidArgumentException('The JWK is not a RSA key.');
+ }
+
+ $this->values = $jwk;
+ }
+
+ private function populateBigIntegers()
+ {
+ $this->modulus = $this->convertBase64StringToBigInteger($this->values['n']);
+ $this->modulus_length = \mb_strlen($this->getModulus()->toBytes(), '8bit');
+ $this->public_exponent = $this->convertBase64StringToBigInteger($this->values['e']);
+
+ if (!$this->isPublic()) {
+ $this->private_exponent = $this->convertBase64StringToBigInteger($this->values['d']);
+
+ if (\array_key_exists('p', $this->values) && \array_key_exists('q', $this->values)) {
+ $this->primes = [
+ $this->convertBase64StringToBigInteger($this->values['p']),
+ $this->convertBase64StringToBigInteger($this->values['q']),
+ ];
+ if (\array_key_exists('dp', $this->values) && \array_key_exists('dq', $this->values) && \array_key_exists('qi', $this->values)) {
+ $this->exponents = [
+ $this->convertBase64StringToBigInteger($this->values['dp']),
+ $this->convertBase64StringToBigInteger($this->values['dq']),
+ ];
+ $this->coefficient = $this->convertBase64StringToBigInteger($this->values['qi']);
+ }
+ }
+ }
+ }
+
+ private function convertBase64StringToBigInteger(string $value): BigInteger
+ {
+ return BigInteger::createFromBinaryString(Base64Url::decode($value));
+ }
+
+ /**
+ * @throws \Exception
+ */
+ public function toPEM(): string
+ {
+ if (null === $this->sequence) {
+ $this->sequence = new Sequence();
+ if (\array_key_exists('d', $this->values)) {
+ $this->initPrivateKey();
+ } else {
+ $this->initPublicKey();
+ }
+ }
+ $result = '-----BEGIN '.($this->private ? 'RSA PRIVATE' : 'PUBLIC').' KEY-----'.PHP_EOL;
+ $result .= \chunk_split(\base64_encode($this->sequence->getBinary()), 64, PHP_EOL);
+ $result .= '-----END '.($this->private ? 'RSA PRIVATE' : 'PUBLIC').' KEY-----'.PHP_EOL;
+
+ return $result;
+ }
+
+ /**
+ * @throws \Exception
+ */
+ private function initPublicKey()
+ {
+ $oid_sequence = new Sequence();
+ $oid_sequence->addChild(new ObjectIdentifier('1.2.840.113549.1.1.1'));
+ $oid_sequence->addChild(new NullObject());
+ $this->sequence->addChild($oid_sequence);
+ $n = new Integer($this->fromBase64ToInteger($this->values['n']));
+ $e = new Integer($this->fromBase64ToInteger($this->values['e']));
+ $key_sequence = new Sequence();
+ $key_sequence->addChild($n);
+ $key_sequence->addChild($e);
+ $key_bit_string = new BitString(\bin2hex($key_sequence->getBinary()));
+ $this->sequence->addChild($key_bit_string);
+ }
+
+ private function initPrivateKey()
+ {
+ $this->sequence->addChild(new Integer(0));
+ $oid_sequence = new Sequence();
+ $oid_sequence->addChild(new ObjectIdentifier('1.2.840.113549.1.1.1'));
+ $oid_sequence->addChild(new NullObject());
+ $this->sequence->addChild($oid_sequence);
+ $v = new Integer(0);
+ $n = new Integer($this->fromBase64ToInteger($this->values['n']));
+ $e = new Integer($this->fromBase64ToInteger($this->values['e']));
+ $d = new Integer($this->fromBase64ToInteger($this->values['d']));
+ $p = new Integer($this->fromBase64ToInteger($this->values['p']));
+ $q = new Integer($this->fromBase64ToInteger($this->values['q']));
+ $dp = \array_key_exists('dp', $this->values) ? new Integer($this->fromBase64ToInteger($this->values['dp'])) : new Integer(0);
+ $dq = \array_key_exists('dq', $this->values) ? new Integer($this->fromBase64ToInteger($this->values['dq'])) : new Integer(0);
+ $qi = \array_key_exists('qi', $this->values) ? new Integer($this->fromBase64ToInteger($this->values['qi'])) : new Integer(0);
+ $key_sequence = new Sequence();
+ $key_sequence->addChild($v);
+ $key_sequence->addChild($n);
+ $key_sequence->addChild($e);
+ $key_sequence->addChild($d);
+ $key_sequence->addChild($p);
+ $key_sequence->addChild($q);
+ $key_sequence->addChild($dp);
+ $key_sequence->addChild($dq);
+ $key_sequence->addChild($qi);
+ $key_octet_string = new OctetString(\bin2hex($key_sequence->getBinary()));
+ $this->sequence->addChild($key_octet_string);
+ }
+
+ /**
+ * @param string $value
+ *
+ * @return string
+ */
+ private function fromBase64ToInteger($value)
+ {
+ return \gmp_strval(\gmp_init(\current(\unpack('H*', Base64Url::decode($value))), 16), 10);
+ }
+
+ /**
+ * Exponentiate with or without Chinese Remainder Theorem.
+ * Operation with primes 'p' and 'q' is appox. 2x faster.
+ *
+ * @param RSAKey $key
+ */
+ public static function exponentiate(self $key, BigInteger $c): BigInteger
+ {
+ if ($c->compare(BigInteger::createFromDecimal(0)) < 0 || $c->compare($key->getModulus()) > 0) {
+ throw new \RuntimeException();
+ }
+ if ($key->isPublic() || empty($key->getPrimes()) || empty($key->getExponents()) || null === $key->getCoefficient()) {
+ return $c->modPow($key->getExponent(), $key->getModulus());
+ }
+
+ $p = $key->getPrimes()[0];
+ $q = $key->getPrimes()[1];
+ $dP = $key->getExponents()[0];
+ $dQ = $key->getExponents()[1];
+ $qInv = $key->getCoefficient();
+
+ $m1 = $c->modPow($dP, $p);
+ $m2 = $c->modPow($dQ, $q);
+ $h = $qInv->multiply($m1->subtract($m2)->add($p))->mod($p);
+ $m = $m2->add($h->multiply($q));
+
+ return $m;
+ }
+}
diff --git a/vendor/web-token/jwt-core/composer.json b/vendor/web-token/jwt-core/composer.json index 37c4ce0..67ed1e8 100644 --- a/vendor/web-token/jwt-core/composer.json +++ b/vendor/web-token/jwt-core/composer.json @@ -1,44 +1,44 @@ -{ - "name": "web-token/jwt-core", - "description": "Core component of the JWT Framework.", - "type": "library", - "license": "MIT", - "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], - "homepage": "https://github.com/web-token", - "authors": [ - { - "name": "Florent Morselli", - "homepage": "https://github.com/Spomky" - },{ - "name": "All contributors", - "homepage": "https://github.com/web-token/jwt-core/contributors" - } - ], - "autoload": { - "psr-4": { - "Jose\\Component\\Core\\": "" - } - }, - "require": { - "php": "^7.1", - "ext-gmp": "*", - "ext-mbstring": "*", - "fgrosse/phpasn1": "^2.0", - "spomky-labs/base64url": "^1.0|^2.0", - "web-token/jwt-util-ecc": "^1.3" - }, - "require-dev": { - "phpunit/phpunit": "^6.0|^7.0" - }, - "conflict": { - "spomky-labs/jose": "*" - }, - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "config": { - "sort-packages": true - } -} +{
+ "name": "web-token/jwt-core",
+ "description": "Core component of the JWT Framework.",
+ "type": "library",
+ "license": "MIT",
+ "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+ "homepage": "https://github.com/web-token",
+ "authors": [
+ {
+ "name": "Florent Morselli",
+ "homepage": "https://github.com/Spomky"
+ },{
+ "name": "All contributors",
+ "homepage": "https://github.com/web-token/jwt-core/contributors"
+ }
+ ],
+ "autoload": {
+ "psr-4": {
+ "Jose\\Component\\Core\\": ""
+ }
+ },
+ "require": {
+ "php": "^7.1",
+ "ext-gmp": "*",
+ "ext-mbstring": "*",
+ "fgrosse/phpasn1": "^2.0",
+ "spomky-labs/base64url": "^1.0|^2.0",
+ "web-token/jwt-util-ecc": "^1.3"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^6.0|^7.0"
+ },
+ "conflict": {
+ "spomky-labs/jose": "*"
+ },
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.3.x-dev"
+ }
+ },
+ "config": {
+ "sort-packages": true
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/JKUFactory.php b/vendor/web-token/jwt-key-mgmt/JKUFactory.php index 16d24bc..8997ed9 100644 --- a/vendor/web-token/jwt-key-mgmt/JKUFactory.php +++ b/vendor/web-token/jwt-key-mgmt/JKUFactory.php @@ -1,50 +1,50 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement; - -use Http\Client\HttpClient; -use Http\Message\RequestFactory; -use Jose\Component\Core\Converter\JsonConverter; -use Jose\Component\Core\JWKSet; - -class JKUFactory extends UrlKeySetFactory -{ - private $jsonConverter; - - /** - * JKUFactory constructor. - */ - public function __construct(?JsonConverter $jsonConverter, HttpClient $client, RequestFactory $requestFactory) - { - parent::__construct($client, $requestFactory); - $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter(); - } - - /** - * This method will try to fetch the url a retrieve the key set. - * Throws an exception in case of failure. - * - * @throws \InvalidArgumentException - */ - public function loadFromUrl(string $url, array $header = []): JWKSet - { - $content = $this->getContent($url, $header); - $data = $this->jsonConverter->decode($content); - if (!\is_array($data)) { - throw new \RuntimeException('Invalid content.'); - } - - return JWKSet::createFromKeyData($data); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement;
+
+use Http\Client\HttpClient;
+use Http\Message\RequestFactory;
+use Jose\Component\Core\Converter\JsonConverter;
+use Jose\Component\Core\JWKSet;
+
+class JKUFactory extends UrlKeySetFactory
+{
+ private $jsonConverter;
+
+ /**
+ * JKUFactory constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter, HttpClient $client, RequestFactory $requestFactory)
+ {
+ parent::__construct($client, $requestFactory);
+ $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter();
+ }
+
+ /**
+ * This method will try to fetch the url a retrieve the key set.
+ * Throws an exception in case of failure.
+ *
+ * @throws \InvalidArgumentException
+ */
+ public function loadFromUrl(string $url, array $header = []): JWKSet
+ {
+ $content = $this->getContent($url, $header);
+ $data = $this->jsonConverter->decode($content);
+ if (!\is_array($data)) {
+ throw new \RuntimeException('Invalid content.');
+ }
+
+ return JWKSet::createFromKeyData($data);
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/JWKFactory.php b/vendor/web-token/jwt-key-mgmt/JWKFactory.php index 3748938..1ef40b3 100644 --- a/vendor/web-token/jwt-key-mgmt/JWKFactory.php +++ b/vendor/web-token/jwt-key-mgmt/JWKFactory.php @@ -1,304 +1,304 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement; - -use Base64Url\Base64Url; -use InvalidArgumentException; -use Jose\Component\Core\JWK; -use Jose\Component\Core\JWKSet; -use Jose\Component\Core\Util\Ecc\Curve; -use Jose\Component\Core\Util\ECKey; -use Jose\Component\KeyManagement\KeyConverter\KeyConverter; -use Jose\Component\KeyManagement\KeyConverter\RSAKey; -use function openssl_pkey_get_details; -use function openssl_pkey_new; -use RuntimeException; - -class JWKFactory -{ - /** - * Creates a RSA key with the given key size and additional values. - * - * @param int $size The key size in bits - * @param array $values values to configure the key - */ - public static function createRSAKey(int $size, array $values = []): JWK - { - if (0 !== $size % 8) { - throw new InvalidArgumentException('Invalid key size.'); - } - - if (512 > $size) { - throw new InvalidArgumentException('Key length is too short. It needs to be at least 512 bits.'); - } - - $key = openssl_pkey_new([ - 'private_key_bits' => $size, - 'private_key_type' => OPENSSL_KEYTYPE_RSA, - ]); - $details = openssl_pkey_get_details($key); - \openssl_free_key($key); - $rsa = RSAKey::createFromKeyDetails($details['rsa']); - $values = \array_merge( - $values, - $rsa->toArray() - ); - - return new JWK($values); - } - - /** - * Creates a EC key with the given curve and additional values. - * - * @param string $curve The curve - * @param array $values values to configure the key - */ - public static function createECKey(string $curve, array $values = []): JWK - { - return ECKey::createECKey($curve, $values); - } - - /** - * Creates a octet key with the given key size and additional values. - * - * @param int $size The key size in bits - * @param array $values values to configure the key - */ - public static function createOctKey(int $size, array $values = []): JWK - { - if (0 !== $size % 8) { - throw new InvalidArgumentException('Invalid key size.'); - } - $values = \array_merge( - $values, - [ - 'kty' => 'oct', - 'k' => Base64Url::encode(\random_bytes($size / 8)), - ] - ); - - return new JWK($values); - } - - /** - * Creates a OKP key with the given curve and additional values. - * - * @param string $curve The curve - * @param array $values values to configure the key - */ - public static function createOKPKey(string $curve, array $values = []): JWK - { - switch ($curve) { - case 'X25519': - $keyPair = \sodium_crypto_box_keypair(); - $secret = \sodium_crypto_box_secretkey($keyPair); - $x = \sodium_crypto_box_publickey($keyPair); - - break; - case 'Ed25519': - $keyPair = \sodium_crypto_sign_keypair(); - $secret = \sodium_crypto_sign_secretkey($keyPair); - $x = \sodium_crypto_sign_publickey($keyPair); - - break; - default: - throw new InvalidArgumentException(\sprintf('Unsupported "%s" curve', $curve)); - } - $secretLength = mb_strlen($secret, '8bit'); - $d = mb_substr($secret, 0, -$secretLength / 2, '8bit'); - - $values = \array_merge( - $values, - [ - 'kty' => 'OKP', - 'crv' => $curve, - 'd' => Base64Url::encode($d), - 'x' => Base64Url::encode($x), - ] - ); - - return new JWK($values); - } - - /** - * Creates a none key with the given additional values. - * Please note that this key type is not pat of any specification. - * It is used to prevent the use of the "none" algorithm with other key types. - * - * @param array $values values to configure the key - */ - public static function createNoneKey(array $values = []): JWK - { - $values = \array_merge( - $values, - [ - 'kty' => 'none', - 'alg' => 'none', - 'use' => 'sig', - ] - ); - - return new JWK($values); - } - - /** - * Creates a key from a Json string. - * - * @return JWK|JWKSet - */ - public static function createFromJsonObject(string $value) - { - $json = \json_decode($value, true); - if (!\is_array($json)) { - throw new InvalidArgumentException('Invalid key or key set.'); - } - - return self::createFromValues($json); - } - - /** - * Creates a key or key set from the given input. - * - * @return JWK|JWKSet - */ - public static function createFromValues(array $values) - { - if (\array_key_exists('keys', $values) && \is_array($values['keys'])) { - return JWKSet::createFromKeyData($values); - } - - return new JWK($values); - } - - /** - * This method create a JWK object using a shared secret. - */ - public static function createFromSecret(string $secret, array $additional_values = []): JWK - { - $values = \array_merge( - $additional_values, - [ - 'kty' => 'oct', - 'k' => Base64Url::encode($secret), - ] - ); - - return new JWK($values); - } - - /** - * This method will try to load a X.509 certificate and convert it into a public key. - */ - public static function createFromCertificateFile(string $file, array $additional_values = []): JWK - { - $values = KeyConverter::loadKeyFromCertificateFile($file); - $values = \array_merge($values, $additional_values); - - return new JWK($values); - } - - /** - * Extract a keyfrom a key set identified by the given index . - * - * @param int|string $index - */ - public static function createFromKeySet(JWKSet $jwkset, $index): JWK - { - return $jwkset->get($index); - } - - /** - * This method will try to load a PKCS#12 file and convert it into a public key. - * - * @throws \Exception - */ - public static function createFromPKCS12CertificateFile(string $file, ?string $secret = '', array $additional_values = []): JWK - { - $res = \openssl_pkcs12_read(\file_get_contents($file), $certs, $secret); - if (false === $res || !\is_array($certs) || !\array_key_exists('pkey', $certs)) { - throw new RuntimeException('Unable to load the certificates.'); - } - - return self::createFromKey($certs['pkey'], null, $additional_values); - } - - /** - * This method will try to convert a X.509 certificate into a public key. - */ - public static function createFromCertificate(string $certificate, array $additional_values = []): JWK - { - $values = KeyConverter::loadKeyFromCertificate($certificate); - $values = \array_merge($values, $additional_values); - - return new JWK($values); - } - - /** - * This method will try to convert a X.509 certificate resource into a public key. - * - * @param resource $res - * - * @throws \Exception - */ - public static function createFromX509Resource($res, array $additional_values = []): JWK - { - $values = KeyConverter::loadKeyFromX509Resource($res); - $values = \array_merge($values, $additional_values); - - return new JWK($values); - } - - /** - * This method will try to load and convert a key file into a JWK object. - * If the key is encrypted, the password must be set. - * - * @throws \Exception - */ - public static function createFromKeyFile(string $file, ?string $password = null, array $additional_values = []): JWK - { - $values = KeyConverter::loadFromKeyFile($file, $password); - $values = \array_merge($values, $additional_values); - - return new JWK($values); - } - - /** - * This method will try to load and convert a key into a JWK object. - * If the key is encrypted, the password must be set. - * - * @throws \Exception - */ - public static function createFromKey(string $key, ?string $password = null, array $additional_values = []): JWK - { - $values = KeyConverter::loadFromKey($key, $password); - $values = \array_merge($values, $additional_values); - - return new JWK($values); - } - - /** - * This method will try to load and convert a X.509 certificate chain into a public key. - * - * Be careful! The certificate chain is loaded, but it is NOT VERIFIED by any mean! - * It is mandatory to verify the root CA or intermediate CA are trusted. - * If not done, it may lead to potential security issues. - */ - public static function createFromX5C(array $x5c, array $additional_values = []): JWK - { - $values = KeyConverter::loadFromX5C($x5c); - $values = \array_merge($values, $additional_values); - - return new JWK($values); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement;
+
+use Base64Url\Base64Url;
+use InvalidArgumentException;
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\JWKSet;
+use Jose\Component\Core\Util\Ecc\Curve;
+use Jose\Component\Core\Util\ECKey;
+use Jose\Component\KeyManagement\KeyConverter\KeyConverter;
+use Jose\Component\KeyManagement\KeyConverter\RSAKey;
+use function openssl_pkey_get_details;
+use function openssl_pkey_new;
+use RuntimeException;
+
+class JWKFactory
+{
+ /**
+ * Creates a RSA key with the given key size and additional values.
+ *
+ * @param int $size The key size in bits
+ * @param array $values values to configure the key
+ */
+ public static function createRSAKey(int $size, array $values = []): JWK
+ {
+ if (0 !== $size % 8) {
+ throw new InvalidArgumentException('Invalid key size.');
+ }
+
+ if (512 > $size) {
+ throw new InvalidArgumentException('Key length is too short. It needs to be at least 512 bits.');
+ }
+
+ $key = openssl_pkey_new([
+ 'private_key_bits' => $size,
+ 'private_key_type' => OPENSSL_KEYTYPE_RSA,
+ ]);
+ $details = openssl_pkey_get_details($key);
+ \openssl_free_key($key);
+ $rsa = RSAKey::createFromKeyDetails($details['rsa']);
+ $values = \array_merge(
+ $values,
+ $rsa->toArray()
+ );
+
+ return new JWK($values);
+ }
+
+ /**
+ * Creates a EC key with the given curve and additional values.
+ *
+ * @param string $curve The curve
+ * @param array $values values to configure the key
+ */
+ public static function createECKey(string $curve, array $values = []): JWK
+ {
+ return ECKey::createECKey($curve, $values);
+ }
+
+ /**
+ * Creates a octet key with the given key size and additional values.
+ *
+ * @param int $size The key size in bits
+ * @param array $values values to configure the key
+ */
+ public static function createOctKey(int $size, array $values = []): JWK
+ {
+ if (0 !== $size % 8) {
+ throw new InvalidArgumentException('Invalid key size.');
+ }
+ $values = \array_merge(
+ $values,
+ [
+ 'kty' => 'oct',
+ 'k' => Base64Url::encode(\random_bytes($size / 8)),
+ ]
+ );
+
+ return new JWK($values);
+ }
+
+ /**
+ * Creates a OKP key with the given curve and additional values.
+ *
+ * @param string $curve The curve
+ * @param array $values values to configure the key
+ */
+ public static function createOKPKey(string $curve, array $values = []): JWK
+ {
+ switch ($curve) {
+ case 'X25519':
+ $keyPair = \sodium_crypto_box_keypair();
+ $secret = \sodium_crypto_box_secretkey($keyPair);
+ $x = \sodium_crypto_box_publickey($keyPair);
+
+ break;
+ case 'Ed25519':
+ $keyPair = \sodium_crypto_sign_keypair();
+ $secret = \sodium_crypto_sign_secretkey($keyPair);
+ $x = \sodium_crypto_sign_publickey($keyPair);
+
+ break;
+ default:
+ throw new InvalidArgumentException(\sprintf('Unsupported "%s" curve', $curve));
+ }
+ $secretLength = mb_strlen($secret, '8bit');
+ $d = mb_substr($secret, 0, -$secretLength / 2, '8bit');
+
+ $values = \array_merge(
+ $values,
+ [
+ 'kty' => 'OKP',
+ 'crv' => $curve,
+ 'd' => Base64Url::encode($d),
+ 'x' => Base64Url::encode($x),
+ ]
+ );
+
+ return new JWK($values);
+ }
+
+ /**
+ * Creates a none key with the given additional values.
+ * Please note that this key type is not pat of any specification.
+ * It is used to prevent the use of the "none" algorithm with other key types.
+ *
+ * @param array $values values to configure the key
+ */
+ public static function createNoneKey(array $values = []): JWK
+ {
+ $values = \array_merge(
+ $values,
+ [
+ 'kty' => 'none',
+ 'alg' => 'none',
+ 'use' => 'sig',
+ ]
+ );
+
+ return new JWK($values);
+ }
+
+ /**
+ * Creates a key from a Json string.
+ *
+ * @return JWK|JWKSet
+ */
+ public static function createFromJsonObject(string $value)
+ {
+ $json = \json_decode($value, true);
+ if (!\is_array($json)) {
+ throw new InvalidArgumentException('Invalid key or key set.');
+ }
+
+ return self::createFromValues($json);
+ }
+
+ /**
+ * Creates a key or key set from the given input.
+ *
+ * @return JWK|JWKSet
+ */
+ public static function createFromValues(array $values)
+ {
+ if (\array_key_exists('keys', $values) && \is_array($values['keys'])) {
+ return JWKSet::createFromKeyData($values);
+ }
+
+ return new JWK($values);
+ }
+
+ /**
+ * This method create a JWK object using a shared secret.
+ */
+ public static function createFromSecret(string $secret, array $additional_values = []): JWK
+ {
+ $values = \array_merge(
+ $additional_values,
+ [
+ 'kty' => 'oct',
+ 'k' => Base64Url::encode($secret),
+ ]
+ );
+
+ return new JWK($values);
+ }
+
+ /**
+ * This method will try to load a X.509 certificate and convert it into a public key.
+ */
+ public static function createFromCertificateFile(string $file, array $additional_values = []): JWK
+ {
+ $values = KeyConverter::loadKeyFromCertificateFile($file);
+ $values = \array_merge($values, $additional_values);
+
+ return new JWK($values);
+ }
+
+ /**
+ * Extract a keyfrom a key set identified by the given index .
+ *
+ * @param int|string $index
+ */
+ public static function createFromKeySet(JWKSet $jwkset, $index): JWK
+ {
+ return $jwkset->get($index);
+ }
+
+ /**
+ * This method will try to load a PKCS#12 file and convert it into a public key.
+ *
+ * @throws \Exception
+ */
+ public static function createFromPKCS12CertificateFile(string $file, ?string $secret = '', array $additional_values = []): JWK
+ {
+ $res = \openssl_pkcs12_read(\file_get_contents($file), $certs, $secret);
+ if (false === $res || !\is_array($certs) || !\array_key_exists('pkey', $certs)) {
+ throw new RuntimeException('Unable to load the certificates.');
+ }
+
+ return self::createFromKey($certs['pkey'], null, $additional_values);
+ }
+
+ /**
+ * This method will try to convert a X.509 certificate into a public key.
+ */
+ public static function createFromCertificate(string $certificate, array $additional_values = []): JWK
+ {
+ $values = KeyConverter::loadKeyFromCertificate($certificate);
+ $values = \array_merge($values, $additional_values);
+
+ return new JWK($values);
+ }
+
+ /**
+ * This method will try to convert a X.509 certificate resource into a public key.
+ *
+ * @param resource $res
+ *
+ * @throws \Exception
+ */
+ public static function createFromX509Resource($res, array $additional_values = []): JWK
+ {
+ $values = KeyConverter::loadKeyFromX509Resource($res);
+ $values = \array_merge($values, $additional_values);
+
+ return new JWK($values);
+ }
+
+ /**
+ * This method will try to load and convert a key file into a JWK object.
+ * If the key is encrypted, the password must be set.
+ *
+ * @throws \Exception
+ */
+ public static function createFromKeyFile(string $file, ?string $password = null, array $additional_values = []): JWK
+ {
+ $values = KeyConverter::loadFromKeyFile($file, $password);
+ $values = \array_merge($values, $additional_values);
+
+ return new JWK($values);
+ }
+
+ /**
+ * This method will try to load and convert a key into a JWK object.
+ * If the key is encrypted, the password must be set.
+ *
+ * @throws \Exception
+ */
+ public static function createFromKey(string $key, ?string $password = null, array $additional_values = []): JWK
+ {
+ $values = KeyConverter::loadFromKey($key, $password);
+ $values = \array_merge($values, $additional_values);
+
+ return new JWK($values);
+ }
+
+ /**
+ * This method will try to load and convert a X.509 certificate chain into a public key.
+ *
+ * Be careful! The certificate chain is loaded, but it is NOT VERIFIED by any mean!
+ * It is mandatory to verify the root CA or intermediate CA are trusted.
+ * If not done, it may lead to potential security issues.
+ */
+ public static function createFromX5C(array $x5c, array $additional_values = []): JWK
+ {
+ $values = KeyConverter::loadFromX5C($x5c);
+ $values = \array_merge($values, $additional_values);
+
+ return new JWK($values);
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/AlgorithmAnalyzer.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/AlgorithmAnalyzer.php index a7ebcad..81a9566 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/AlgorithmAnalyzer.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/AlgorithmAnalyzer.php @@ -1,26 +1,26 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -use Jose\Component\Core\JWK; - -final class AlgorithmAnalyzer implements KeyAnalyzer -{ - public function analyze(JWK $jwk, MessageBag $bag) - { - if (!$jwk->has('alg')) { - $bag->add(Message::medium('The parameter "alg" should be added.')); - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+use Jose\Component\Core\JWK;
+
+final class AlgorithmAnalyzer implements KeyAnalyzer
+{
+ public function analyze(JWK $jwk, MessageBag $bag)
+ {
+ if (!$jwk->has('alg')) {
+ $bag->add(Message::medium('The parameter "alg" should be added.'));
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyAnalyzer.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyAnalyzer.php index 470b788..6bba0a0 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyAnalyzer.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyAnalyzer.php @@ -1,24 +1,24 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -use Jose\Component\Core\JWK; - -interface KeyAnalyzer -{ - /** - * This method will analyse the key and add messages to the message bag if needed. - */ - public function analyze(JWK $jwk, MessageBag $bag); -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+use Jose\Component\Core\JWK;
+
+interface KeyAnalyzer
+{
+ /**
+ * This method will analyse the key and add messages to the message bag if needed.
+ */
+ public function analyze(JWK $jwk, MessageBag $bag);
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyAnalyzerManager.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyAnalyzerManager.php index 2b8b4a9..e34f416 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyAnalyzerManager.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyAnalyzerManager.php @@ -1,50 +1,50 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -use Jose\Component\Core\JWK; - -class KeyAnalyzerManager -{ - /** - * @var KeyAnalyzer[] - */ - private $analyzers = []; - - /** - * Adds a Key Analyzer to the manager. - * - * @return KeyAnalyzerManager - */ - public function add(KeyAnalyzer $analyzer): self - { - $this->analyzers[] = $analyzer; - - return $this; - } - - /** - * This method will analyze the JWK object using all analyzers. - * It returns a message bag that may contains messages. - */ - public function analyze(JWK $jwk): MessageBag - { - $bag = new MessageBag(); - foreach ($this->analyzers as $analyzer) { - $analyzer->analyze($jwk, $bag); - } - - return $bag; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+use Jose\Component\Core\JWK;
+
+class KeyAnalyzerManager
+{
+ /**
+ * @var KeyAnalyzer[]
+ */
+ private $analyzers = [];
+
+ /**
+ * Adds a Key Analyzer to the manager.
+ *
+ * @return KeyAnalyzerManager
+ */
+ public function add(KeyAnalyzer $analyzer): self
+ {
+ $this->analyzers[] = $analyzer;
+
+ return $this;
+ }
+
+ /**
+ * This method will analyze the JWK object using all analyzers.
+ * It returns a message bag that may contains messages.
+ */
+ public function analyze(JWK $jwk): MessageBag
+ {
+ $bag = new MessageBag();
+ foreach ($this->analyzers as $analyzer) {
+ $analyzer->analyze($jwk, $bag);
+ }
+
+ return $bag;
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyIdentifierAnalyzer.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyIdentifierAnalyzer.php index 71acb70..9b0ad06 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyIdentifierAnalyzer.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/KeyIdentifierAnalyzer.php @@ -1,26 +1,26 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -use Jose\Component\Core\JWK; - -final class KeyIdentifierAnalyzer implements KeyAnalyzer -{ - public function analyze(JWK $jwk, MessageBag $bag) - { - if (!$jwk->has('kid')) { - $bag->add(Message::medium('The parameter "kid" should be added.')); - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+use Jose\Component\Core\JWK;
+
+final class KeyIdentifierAnalyzer implements KeyAnalyzer
+{
+ public function analyze(JWK $jwk, MessageBag $bag)
+ {
+ if (!$jwk->has('kid')) {
+ $bag->add(Message::medium('The parameter "kid" should be added.'));
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/Message.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/Message.php index 4baf868..30e25cf 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/Message.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/Message.php @@ -1,96 +1,96 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -class Message implements \JsonSerializable -{ - /** - * @var string - */ - private $message; - - /** - * @var string - */ - private $severity; - - public const SEVERITY_LOW = 'low'; - - public const SEVERITY_MEDIUM = 'medium'; - - public const SEVERITY_HIGH = 'high'; - - /** - * Message constructor. - */ - private function __construct(string $message, string $severity) - { - $this->message = $message; - $this->severity = $severity; - } - - /** - * Creates a message with severity=low. - * - * @return Message - */ - public static function low(string $message): self - { - return new self($message, self::SEVERITY_LOW); - } - - /** - * Creates a message with severity=medium. - * - * @return Message - */ - public static function medium(string $message): self - { - return new self($message, self::SEVERITY_MEDIUM); - } - - /** - * Creates a message with severity=high. - * - * @return Message - */ - public static function high(string $message): self - { - return new self($message, self::SEVERITY_HIGH); - } - - /** - * Returns the message. - */ - public function getMessage(): string - { - return $this->message; - } - - /** - * Returns the severity of the message. - */ - public function getSeverity(): string - { - return $this->severity; - } - - public function jsonSerialize() - { - return [ - 'message' => $this->message, - 'severity' => $this->severity, - ]; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+class Message implements \JsonSerializable
+{
+ /**
+ * @var string
+ */
+ private $message;
+
+ /**
+ * @var string
+ */
+ private $severity;
+
+ public const SEVERITY_LOW = 'low';
+
+ public const SEVERITY_MEDIUM = 'medium';
+
+ public const SEVERITY_HIGH = 'high';
+
+ /**
+ * Message constructor.
+ */
+ private function __construct(string $message, string $severity)
+ {
+ $this->message = $message;
+ $this->severity = $severity;
+ }
+
+ /**
+ * Creates a message with severity=low.
+ *
+ * @return Message
+ */
+ public static function low(string $message): self
+ {
+ return new self($message, self::SEVERITY_LOW);
+ }
+
+ /**
+ * Creates a message with severity=medium.
+ *
+ * @return Message
+ */
+ public static function medium(string $message): self
+ {
+ return new self($message, self::SEVERITY_MEDIUM);
+ }
+
+ /**
+ * Creates a message with severity=high.
+ *
+ * @return Message
+ */
+ public static function high(string $message): self
+ {
+ return new self($message, self::SEVERITY_HIGH);
+ }
+
+ /**
+ * Returns the message.
+ */
+ public function getMessage(): string
+ {
+ return $this->message;
+ }
+
+ /**
+ * Returns the severity of the message.
+ */
+ public function getSeverity(): string
+ {
+ return $this->severity;
+ }
+
+ public function jsonSerialize()
+ {
+ return [
+ 'message' => $this->message,
+ 'severity' => $this->severity,
+ ];
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/MessageBag.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/MessageBag.php index b41795f..5bb7566 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/MessageBag.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/MessageBag.php @@ -1,59 +1,59 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -class MessageBag implements \JsonSerializable, \IteratorAggregate, \Countable -{ - /** - * @var Message[] - */ - private $messages = []; - - /** - * Adds a message to the message bag. - * - * @return MessageBag - */ - public function add(Message $message): self - { - $this->messages[] = $message; - - return $this; - } - - /** - * Returns all messages. - * - * @return Message[] - */ - public function all(): array - { - return $this->messages; - } - - public function jsonSerialize() - { - return \array_values($this->messages); - } - - public function count() - { - return \count($this->messages); - } - - public function getIterator() - { - return new \ArrayIterator($this->messages); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+class MessageBag implements \JsonSerializable, \IteratorAggregate, \Countable
+{
+ /**
+ * @var Message[]
+ */
+ private $messages = [];
+
+ /**
+ * Adds a message to the message bag.
+ *
+ * @return MessageBag
+ */
+ public function add(Message $message): self
+ {
+ $this->messages[] = $message;
+
+ return $this;
+ }
+
+ /**
+ * Returns all messages.
+ *
+ * @return Message[]
+ */
+ public function all(): array
+ {
+ return $this->messages;
+ }
+
+ public function jsonSerialize()
+ {
+ return \array_values($this->messages);
+ }
+
+ public function count()
+ {
+ return \count($this->messages);
+ }
+
+ public function getIterator()
+ {
+ return new \ArrayIterator($this->messages);
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/NoneAnalyzer.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/NoneAnalyzer.php index a293efd..ce3ee29 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/NoneAnalyzer.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/NoneAnalyzer.php @@ -1,28 +1,28 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -use Jose\Component\Core\JWK; - -final class NoneAnalyzer implements KeyAnalyzer -{ - public function analyze(JWK $jwk, MessageBag $bag) - { - if ('none' !== $jwk->get('kty')) { - return; - } - - $bag->add(Message::high('This key is a meant to be used with the algorithm "none". This algorithm is not secured and should be used with care.')); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+use Jose\Component\Core\JWK;
+
+final class NoneAnalyzer implements KeyAnalyzer
+{
+ public function analyze(JWK $jwk, MessageBag $bag)
+ {
+ if ('none' !== $jwk->get('kty')) {
+ return;
+ }
+
+ $bag->add(Message::high('This key is a meant to be used with the algorithm "none". This algorithm is not secured and should be used with care.'));
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/OctAnalyzer.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/OctAnalyzer.php index 4c2d7c1..223b5e3 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/OctAnalyzer.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/OctAnalyzer.php @@ -1,50 +1,50 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -use Base64Url\Base64Url; -use Jose\Component\Core\JWK; -use ZxcvbnPhp\Zxcvbn; - -final class OctAnalyzer implements KeyAnalyzer -{ - public function analyze(JWK $jwk, MessageBag $bag) - { - if ('oct' !== $jwk->get('kty')) { - return; - } - $k = Base64Url::decode($jwk->get('k')); - $kLength = 8 * \mb_strlen($k, '8bit'); - if ($kLength < 128) { - $bag->add(Message::high('The key length is less than 128 bits.')); - } - - if (\class_exists(Zxcvbn::class)) { - $zxcvbn = new Zxcvbn(); - $strength = $zxcvbn->passwordStrength($k); - switch (true) { - case $strength['score'] < 3: - $bag->add(Message::high('The octet string is weak and easily guessable. Please change your key as soon as possible.')); - - break; - case 3 === $strength['score']: - $bag->add(Message::medium('The octet string is safe, but a longer key is preferable.')); - - break; - default: - break; - } - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\JWK;
+use ZxcvbnPhp\Zxcvbn;
+
+final class OctAnalyzer implements KeyAnalyzer
+{
+ public function analyze(JWK $jwk, MessageBag $bag)
+ {
+ if ('oct' !== $jwk->get('kty')) {
+ return;
+ }
+ $k = Base64Url::decode($jwk->get('k'));
+ $kLength = 8 * \mb_strlen($k, '8bit');
+ if ($kLength < 128) {
+ $bag->add(Message::high('The key length is less than 128 bits.'));
+ }
+
+ if (\class_exists(Zxcvbn::class)) {
+ $zxcvbn = new Zxcvbn();
+ $strength = $zxcvbn->passwordStrength($k);
+ switch (true) {
+ case $strength['score'] < 3:
+ $bag->add(Message::high('The octet string is weak and easily guessable. Please change your key as soon as possible.'));
+
+ break;
+ case 3 === $strength['score']:
+ $bag->add(Message::medium('The octet string is safe, but a longer key is preferable.'));
+
+ break;
+ default:
+ break;
+ }
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/RsaAnalyzer.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/RsaAnalyzer.php index 6274aa0..11a2b85 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/RsaAnalyzer.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/RsaAnalyzer.php @@ -1,34 +1,34 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -use Base64Url\Base64Url; -use Jose\Component\Core\JWK; - -final class RsaAnalyzer implements KeyAnalyzer -{ - public function analyze(JWK $jwk, MessageBag $bag) - { - if ('RSA' !== $jwk->get('kty')) { - return; - } - $n = 8 * \mb_strlen(Base64Url::decode($jwk->get('n')), '8bit'); - if ($n < 2048) { - $bag->add(Message::high('The key length is less than 2048 bits.')); - } - if ($jwk->has('d') && (!$jwk->has('p') || !$jwk->has('q') || !$jwk->has('dp') || !$jwk->has('dq') || !$jwk->has('p') || !$jwk->has('qi'))) { - $bag->add(Message::medium('The key is a private RSA key, but Chinese Remainder Theorem primes are missing. These primes are not mandatory, but signatures and decryption processes are faster when available.')); - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\JWK;
+
+final class RsaAnalyzer implements KeyAnalyzer
+{
+ public function analyze(JWK $jwk, MessageBag $bag)
+ {
+ if ('RSA' !== $jwk->get('kty')) {
+ return;
+ }
+ $n = 8 * \mb_strlen(Base64Url::decode($jwk->get('n')), '8bit');
+ if ($n < 2048) {
+ $bag->add(Message::high('The key length is less than 2048 bits.'));
+ }
+ if ($jwk->has('d') && (!$jwk->has('p') || !$jwk->has('q') || !$jwk->has('dp') || !$jwk->has('dq') || !$jwk->has('p') || !$jwk->has('qi'))) {
+ $bag->add(Message::medium('The key is a private RSA key, but Chinese Remainder Theorem primes are missing. These primes are not mandatory, but signatures and decryption processes are faster when available.'));
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/UsageAnalyzer.php b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/UsageAnalyzer.php index 8cdfaf6..6227458 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/UsageAnalyzer.php +++ b/vendor/web-token/jwt-key-mgmt/KeyAnalyzer/UsageAnalyzer.php @@ -1,31 +1,31 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyAnalyzer; - -use Jose\Component\Core\JWK; - -final class UsageAnalyzer implements KeyAnalyzer -{ - public function analyze(JWK $jwk, MessageBag $bag) - { - if (!$jwk->has('use')) { - $bag->add(Message::medium('The parameter "use" should be added.')); - } elseif (!\in_array($jwk->get('use'), ['sig', 'enc'], true)) { - $bag->add(Message::high(\sprintf('The parameter "use" has an unsupported value "%s". Please use "sig" (signature) or "enc" (encryption).', $jwk->get('use')))); - } - if ($jwk->has('key_ops') && !\in_array($jwk->get('key_ops'), ['sign', 'verify', 'encrypt', 'decrypt', 'wrapKey', 'unwrapKey'], true)) { - $bag->add(Message::high(\sprintf('The parameter "key_ops" has an unsupported value "%s". Please use one of the following values: %s.', $jwk->get('use'), \implode(', ', ['verify', 'sign', 'encryp', 'decrypt', 'wrapKey', 'unwrapKey'])))); - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyAnalyzer;
+
+use Jose\Component\Core\JWK;
+
+final class UsageAnalyzer implements KeyAnalyzer
+{
+ public function analyze(JWK $jwk, MessageBag $bag)
+ {
+ if (!$jwk->has('use')) {
+ $bag->add(Message::medium('The parameter "use" should be added.'));
+ } elseif (!\in_array($jwk->get('use'), ['sig', 'enc'], true)) {
+ $bag->add(Message::high(\sprintf('The parameter "use" has an unsupported value "%s". Please use "sig" (signature) or "enc" (encryption).', $jwk->get('use'))));
+ }
+ if ($jwk->has('key_ops') && !\in_array($jwk->get('key_ops'), ['sign', 'verify', 'encrypt', 'decrypt', 'wrapKey', 'unwrapKey'], true)) {
+ $bag->add(Message::high(\sprintf('The parameter "key_ops" has an unsupported value "%s". Please use one of the following values: %s.', $jwk->get('use'), \implode(', ', ['verify', 'sign', 'encryp', 'decrypt', 'wrapKey', 'unwrapKey']))));
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php b/vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php index 4ab0090..586a24e 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php +++ b/vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php @@ -1,273 +1,273 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyConverter; - -use Base64Url\Base64Url; -use FG\ASN1\ASNObject; -use FG\ASN1\ExplicitlyTaggedObject; -use FG\ASN1\Universal\BitString; -use FG\ASN1\Universal\Integer; -use FG\ASN1\Universal\ObjectIdentifier; -use FG\ASN1\Universal\OctetString; -use FG\ASN1\Universal\Sequence; - -/** - * @internal - */ -class ECKey -{ - /** - * @var array - */ - private $values = []; - - /** - * ECKey constructor. - */ - private function __construct(array $data) - { - $this->loadJWK($data); - } - - /** - * @return ECKey - */ - public static function createFromPEM(string $pem): self - { - $data = self::loadPEM($pem); - - return new self($data); - } - - /** - * @throws \Exception - */ - private static function loadPEM(string $data): array - { - $data = \base64_decode(\preg_replace('#-.*-|\r|\n#', '', $data), true); - $asnObject = ASNObject::fromBinary($data); - - if (!$asnObject instanceof Sequence) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - $children = $asnObject->getChildren(); - if (self::isPKCS8($children)) { - $children = self::loadPKCS8($children); - } - - if (4 === \count($children)) { - return self::loadPrivatePEM($children); - } - if (2 === \count($children)) { - return self::loadPublicPEM($children); - } - - throw new \Exception('Unable to load the key.'); - } - - /** - * @param ASNObject[] $children - */ - private static function loadPKCS8(array $children): array - { - $binary = \hex2bin($children[2]->getContent()); - $asnObject = ASNObject::fromBinary($binary); - if (!$asnObject instanceof Sequence) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - - return $asnObject->getChildren(); - } - - /** - * @param ASNObject[] $children - */ - private static function loadPublicPEM(array $children): array - { - if (!$children[0] instanceof Sequence) { - throw new \InvalidArgumentException('Unsupported key type.'); - } - - $sub = $children[0]->getChildren(); - if (!$sub[0] instanceof ObjectIdentifier) { - throw new \InvalidArgumentException('Unsupported key type.'); - } - if ('1.2.840.10045.2.1' !== $sub[0]->getContent()) { - throw new \InvalidArgumentException('Unsupported key type.'); - } - if (!$sub[1] instanceof ObjectIdentifier) { - throw new \InvalidArgumentException('Unsupported key type.'); - } - if (!$children[1] instanceof BitString) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - - $bits = $children[1]->getContent(); - $bits_length = \mb_strlen($bits, '8bit'); - if ('04' !== \mb_substr($bits, 0, 2, '8bit')) { - throw new \InvalidArgumentException('Unsupported key type'); - } - - $values = ['kty' => 'EC']; - $values['crv'] = self::getCurve($sub[1]->getContent()); - $values['x'] = Base64Url::encode(\hex2bin(\mb_substr($bits, 2, ($bits_length - 2) / 2, '8bit'))); - $values['y'] = Base64Url::encode(\hex2bin(\mb_substr($bits, ($bits_length - 2) / 2 + 2, ($bits_length - 2) / 2, '8bit'))); - - return $values; - } - - private static function getCurve(string $oid): string - { - $curves = self::getSupportedCurves(); - $curve = \array_search($oid, $curves, true); - if (!\is_string($curve)) { - throw new \InvalidArgumentException('Unsupported OID.'); - } - - return $curve; - } - - private static function getSupportedCurves(): array - { - return [ - 'P-256' => '1.2.840.10045.3.1.7', - 'P-384' => '1.3.132.0.34', - 'P-521' => '1.3.132.0.35', - ]; - } - - private static function verifyVersion(ASNObject $children) - { - if (!$children instanceof Integer || '1' !== $children->getContent()) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - } - - private static function getXAndY(ASNObject $children, ?string &$x, ?string &$y) - { - if (!$children instanceof ExplicitlyTaggedObject || !\is_array($children->getContent())) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - if (!$children->getContent()[0] instanceof BitString) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - - $bits = $children->getContent()[0]->getContent(); - $bits_length = \mb_strlen($bits, '8bit'); - - if ('04' !== \mb_substr($bits, 0, 2, '8bit')) { - throw new \InvalidArgumentException('Unsupported key type'); - } - - $x = \mb_substr($bits, 2, ($bits_length - 2) / 2, '8bit'); - $y = \mb_substr($bits, ($bits_length - 2) / 2 + 2, ($bits_length - 2) / 2, '8bit'); - } - - private static function getD(ASNObject $children): string - { - if (!$children instanceof OctetString) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - - return $children->getContent(); - } - - private static function loadPrivatePEM(array $children): array - { - self::verifyVersion($children[0]); - $x = null; - $y = null; - $d = self::getD($children[1]); - self::getXAndY($children[3], $x, $y); - - if (!$children[2] instanceof ExplicitlyTaggedObject || !\is_array($children[2]->getContent())) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - if (!$children[2]->getContent()[0] instanceof ObjectIdentifier) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - - $curve = $children[2]->getContent()[0]->getContent(); - - $values = ['kty' => 'EC']; - $values['crv'] = self::getCurve($curve); - $values['d'] = Base64Url::encode(\hex2bin($d)); - $values['x'] = Base64Url::encode(\hex2bin($x)); - $values['y'] = Base64Url::encode(\hex2bin($y)); - - return $values; - } - - /** - * @param ASNObject[] $children - */ - private static function isPKCS8(array $children): bool - { - if (3 !== \count($children)) { - return false; - } - - $classes = [0 => Integer::class, 1 => Sequence::class, 2 => OctetString::class]; - foreach ($classes as $k => $class) { - if (!$children[$k] instanceof $class) { - return false; - } - } - - return true; - } - - /** - * @param ECKey $private - * - * @return ECKey - */ - public static function toPublic(self $private): self - { - $data = $private->toArray(); - if (\array_key_exists('d', $data)) { - unset($data['d']); - } - - return new self($data); - } - - /** - * @return array - */ - public function toArray() - { - return $this->values; - } - - private function loadJWK(array $jwk) - { - $keys = [ - 'kty' => 'The key parameter "kty" is missing.', - 'crv' => 'Curve parameter is missing', - 'x' => 'Point parameters are missing.', - 'y' => 'Point parameters are missing.', - ]; - foreach ($keys as $k => $v) { - if (!\array_key_exists($k, $jwk)) { - throw new \InvalidArgumentException($v); - } - } - - if ('EC' !== $jwk['kty']) { - throw new \InvalidArgumentException('JWK is not an Elliptic Curve key.'); - } - $this->values = $jwk; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyConverter;
+
+use Base64Url\Base64Url;
+use FG\ASN1\ASNObject;
+use FG\ASN1\ExplicitlyTaggedObject;
+use FG\ASN1\Universal\BitString;
+use FG\ASN1\Universal\Integer;
+use FG\ASN1\Universal\ObjectIdentifier;
+use FG\ASN1\Universal\OctetString;
+use FG\ASN1\Universal\Sequence;
+
+/**
+ * @internal
+ */
+class ECKey
+{
+ /**
+ * @var array
+ */
+ private $values = [];
+
+ /**
+ * ECKey constructor.
+ */
+ private function __construct(array $data)
+ {
+ $this->loadJWK($data);
+ }
+
+ /**
+ * @return ECKey
+ */
+ public static function createFromPEM(string $pem): self
+ {
+ $data = self::loadPEM($pem);
+
+ return new self($data);
+ }
+
+ /**
+ * @throws \Exception
+ */
+ private static function loadPEM(string $data): array
+ {
+ $data = \base64_decode(\preg_replace('#-.*-|\r|\n#', '', $data), true);
+ $asnObject = ASNObject::fromBinary($data);
+
+ if (!$asnObject instanceof Sequence) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+ $children = $asnObject->getChildren();
+ if (self::isPKCS8($children)) {
+ $children = self::loadPKCS8($children);
+ }
+
+ if (4 === \count($children)) {
+ return self::loadPrivatePEM($children);
+ }
+ if (2 === \count($children)) {
+ return self::loadPublicPEM($children);
+ }
+
+ throw new \Exception('Unable to load the key.');
+ }
+
+ /**
+ * @param ASNObject[] $children
+ */
+ private static function loadPKCS8(array $children): array
+ {
+ $binary = \hex2bin($children[2]->getContent());
+ $asnObject = ASNObject::fromBinary($binary);
+ if (!$asnObject instanceof Sequence) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+
+ return $asnObject->getChildren();
+ }
+
+ /**
+ * @param ASNObject[] $children
+ */
+ private static function loadPublicPEM(array $children): array
+ {
+ if (!$children[0] instanceof Sequence) {
+ throw new \InvalidArgumentException('Unsupported key type.');
+ }
+
+ $sub = $children[0]->getChildren();
+ if (!$sub[0] instanceof ObjectIdentifier) {
+ throw new \InvalidArgumentException('Unsupported key type.');
+ }
+ if ('1.2.840.10045.2.1' !== $sub[0]->getContent()) {
+ throw new \InvalidArgumentException('Unsupported key type.');
+ }
+ if (!$sub[1] instanceof ObjectIdentifier) {
+ throw new \InvalidArgumentException('Unsupported key type.');
+ }
+ if (!$children[1] instanceof BitString) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+
+ $bits = $children[1]->getContent();
+ $bits_length = \mb_strlen($bits, '8bit');
+ if ('04' !== \mb_substr($bits, 0, 2, '8bit')) {
+ throw new \InvalidArgumentException('Unsupported key type');
+ }
+
+ $values = ['kty' => 'EC'];
+ $values['crv'] = self::getCurve($sub[1]->getContent());
+ $values['x'] = Base64Url::encode(\hex2bin(\mb_substr($bits, 2, ($bits_length - 2) / 2, '8bit')));
+ $values['y'] = Base64Url::encode(\hex2bin(\mb_substr($bits, ($bits_length - 2) / 2 + 2, ($bits_length - 2) / 2, '8bit')));
+
+ return $values;
+ }
+
+ private static function getCurve(string $oid): string
+ {
+ $curves = self::getSupportedCurves();
+ $curve = \array_search($oid, $curves, true);
+ if (!\is_string($curve)) {
+ throw new \InvalidArgumentException('Unsupported OID.');
+ }
+
+ return $curve;
+ }
+
+ private static function getSupportedCurves(): array
+ {
+ return [
+ 'P-256' => '1.2.840.10045.3.1.7',
+ 'P-384' => '1.3.132.0.34',
+ 'P-521' => '1.3.132.0.35',
+ ];
+ }
+
+ private static function verifyVersion(ASNObject $children)
+ {
+ if (!$children instanceof Integer || '1' !== $children->getContent()) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+ }
+
+ private static function getXAndY(ASNObject $children, ?string &$x, ?string &$y)
+ {
+ if (!$children instanceof ExplicitlyTaggedObject || !\is_array($children->getContent())) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+ if (!$children->getContent()[0] instanceof BitString) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+
+ $bits = $children->getContent()[0]->getContent();
+ $bits_length = \mb_strlen($bits, '8bit');
+
+ if ('04' !== \mb_substr($bits, 0, 2, '8bit')) {
+ throw new \InvalidArgumentException('Unsupported key type');
+ }
+
+ $x = \mb_substr($bits, 2, ($bits_length - 2) / 2, '8bit');
+ $y = \mb_substr($bits, ($bits_length - 2) / 2 + 2, ($bits_length - 2) / 2, '8bit');
+ }
+
+ private static function getD(ASNObject $children): string
+ {
+ if (!$children instanceof OctetString) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+
+ return $children->getContent();
+ }
+
+ private static function loadPrivatePEM(array $children): array
+ {
+ self::verifyVersion($children[0]);
+ $x = null;
+ $y = null;
+ $d = self::getD($children[1]);
+ self::getXAndY($children[3], $x, $y);
+
+ if (!$children[2] instanceof ExplicitlyTaggedObject || !\is_array($children[2]->getContent())) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+ if (!$children[2]->getContent()[0] instanceof ObjectIdentifier) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+
+ $curve = $children[2]->getContent()[0]->getContent();
+
+ $values = ['kty' => 'EC'];
+ $values['crv'] = self::getCurve($curve);
+ $values['d'] = Base64Url::encode(\hex2bin($d));
+ $values['x'] = Base64Url::encode(\hex2bin($x));
+ $values['y'] = Base64Url::encode(\hex2bin($y));
+
+ return $values;
+ }
+
+ /**
+ * @param ASNObject[] $children
+ */
+ private static function isPKCS8(array $children): bool
+ {
+ if (3 !== \count($children)) {
+ return false;
+ }
+
+ $classes = [0 => Integer::class, 1 => Sequence::class, 2 => OctetString::class];
+ foreach ($classes as $k => $class) {
+ if (!$children[$k] instanceof $class) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ /**
+ * @param ECKey $private
+ *
+ * @return ECKey
+ */
+ public static function toPublic(self $private): self
+ {
+ $data = $private->toArray();
+ if (\array_key_exists('d', $data)) {
+ unset($data['d']);
+ }
+
+ return new self($data);
+ }
+
+ /**
+ * @return array
+ */
+ public function toArray()
+ {
+ return $this->values;
+ }
+
+ private function loadJWK(array $jwk)
+ {
+ $keys = [
+ 'kty' => 'The key parameter "kty" is missing.',
+ 'crv' => 'Curve parameter is missing',
+ 'x' => 'Point parameters are missing.',
+ 'y' => 'Point parameters are missing.',
+ ];
+ foreach ($keys as $k => $v) {
+ if (!\array_key_exists($k, $jwk)) {
+ throw new \InvalidArgumentException($v);
+ }
+ }
+
+ if ('EC' !== $jwk['kty']) {
+ throw new \InvalidArgumentException('JWK is not an Elliptic Curve key.');
+ }
+ $this->values = $jwk;
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php b/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php index 17a5428..d683a2c 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php +++ b/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php @@ -1,256 +1,256 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyConverter; - -use Base64Url\Base64Url; - -/** - * @internal - */ -class KeyConverter -{ - /** - * @throws \InvalidArgumentException - */ - public static function loadKeyFromCertificateFile(string $file): array - { - if (!\file_exists($file)) { - throw new \InvalidArgumentException(\sprintf('File "%s" does not exist.', $file)); - } - $content = \file_get_contents($file); - - return self::loadKeyFromCertificate($content); - } - - /** - * @throws \InvalidArgumentException - */ - public static function loadKeyFromCertificate(string $certificate): array - { - try { - $res = \openssl_x509_read($certificate); - } catch (\Exception $e) { - $certificate = self::convertDerToPem($certificate); - $res = \openssl_x509_read($certificate); - } - if (false === $res) { - throw new \InvalidArgumentException('Unable to load the certificate.'); - } - - $values = self::loadKeyFromX509Resource($res); - \openssl_x509_free($res); - - return $values; - } - - /** - * @param resource $res - * - * @throws \Exception - */ - public static function loadKeyFromX509Resource($res): array - { - $key = \openssl_get_publickey($res); - - $details = \openssl_pkey_get_details($key); - if (isset($details['key'])) { - $values = self::loadKeyFromPEM($details['key']); - \openssl_x509_export($res, $out); - $x5c = \preg_replace('#-.*-#', '', $out); - $x5c = \preg_replace('~\R~', PHP_EOL, $x5c); - $x5c = \trim($x5c); - $values['x5c'] = [$x5c]; - - $values['x5t'] = Base64Url::encode(\openssl_x509_fingerprint($res, 'sha1', true)); - $values['x5t#256'] = Base64Url::encode(\openssl_x509_fingerprint($res, 'sha256', true)); - - return $values; - } - - throw new \InvalidArgumentException('Unable to load the certificate'); - } - - /** - * @throws \Exception - */ - public static function loadFromKeyFile(string $file, ?string $password = null): array - { - $content = \file_get_contents($file); - - return self::loadFromKey($content, $password); - } - - /** - * @throws \Exception - */ - public static function loadFromKey(string $key, ?string $password = null): array - { - try { - return self::loadKeyFromDER($key, $password); - } catch (\Exception $e) { - return self::loadKeyFromPEM($key, $password); - } - } - - /** - * @throws \Exception - */ - private static function loadKeyFromDER(string $der, ?string $password = null): array - { - $pem = self::convertDerToPem($der); - - return self::loadKeyFromPEM($pem, $password); - } - - /** - * @throws \Exception - */ - private static function loadKeyFromPEM(string $pem, ?string $password = null): array - { - if (\preg_match('#DEK-Info: (.+),(.+)#', $pem, $matches)) { - $pem = self::decodePem($pem, $matches, $password); - } - - self::sanitizePEM($pem); - - $res = \openssl_pkey_get_private($pem); - if (false === $res) { - $res = \openssl_pkey_get_public($pem); - } - if (false === $res) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - - $details = \openssl_pkey_get_details($res); - if (!\is_array($details) || !\array_key_exists('type', $details)) { - throw new \InvalidArgumentException('Unable to get details of the key'); - } - - switch ($details['type']) { - case OPENSSL_KEYTYPE_EC: - $ec_key = ECKey::createFromPEM($pem); - - return $ec_key->toArray(); - case OPENSSL_KEYTYPE_RSA: - $rsa_key = RSAKey::createFromPEM($pem); - $rsa_key->optimize(); - - return $rsa_key->toArray(); - default: - throw new \InvalidArgumentException('Unsupported key type'); - } - } - - /** - * This method modifies the PEM to get 64 char lines and fix bug with old OpenSSL versions. - */ - private static function sanitizePEM(string &$pem) - { - \preg_match_all('#(-.*-)#', $pem, $matches, PREG_PATTERN_ORDER); - $ciphertext = \preg_replace('#-.*-|\r|\n| #', '', $pem); - - $pem = $matches[0][0].PHP_EOL; - $pem .= \chunk_split($ciphertext, 64, PHP_EOL); - $pem .= $matches[0][1].PHP_EOL; - } - - /** - * Be careful! The certificate chain is loaded, but it is NOT VERIFIED by any mean! - * It is mandatory to verify the root CA or intermediate CA are trusted. - * If not done, it may lead to potential security issues. - */ - public static function loadFromX5C(array $x5c): array - { - $certificate = null; - $last_issuer = null; - $last_subject = null; - foreach ($x5c as $cert) { - $current_cert = '-----BEGIN CERTIFICATE-----'.PHP_EOL.\chunk_split($cert,64,PHP_EOL).'-----END CERTIFICATE-----'; - $x509 = \openssl_x509_read($current_cert); - if (false === $x509) { - $last_issuer = null; - $last_subject = null; - - break; - } - $parsed = \openssl_x509_parse($x509); - - \openssl_x509_free($x509); - if (false === $parsed) { - $last_issuer = null; - $last_subject = null; - - break; - } - if (null === $last_subject) { - $last_subject = $parsed['subject']; - $last_issuer = $parsed['issuer']; - $certificate = $current_cert; - } else { - if (\json_encode($last_issuer) === \json_encode($parsed['subject'])) { - $last_subject = $parsed['subject']; - $last_issuer = $parsed['issuer']; - } else { - $last_issuer = null; - $last_subject = null; - - break; - } - } - } - - return self::loadKeyFromCertificate($certificate); - } - - /** - * @param string[] $matches - */ - private static function decodePem(string $pem, array $matches, ?string $password = null): string - { - if (null === $password) { - throw new \InvalidArgumentException('Password required for encrypted keys.'); - } - - $iv = \pack('H*', \trim($matches[2])); - $iv_sub = \mb_substr($iv, 0, 8, '8bit'); - $symkey = \pack('H*', \md5($password.$iv_sub)); - $symkey .= \pack('H*', \md5($symkey.$password.$iv_sub)); - $key = \preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $pem); - $ciphertext = \base64_decode(\preg_replace('#-.*-|\r|\n#', '', $key), true); - - $decoded = \openssl_decrypt($ciphertext, \mb_strtolower($matches[1]), $symkey, OPENSSL_RAW_DATA, $iv); - if (!\is_string($decoded)) { - throw new \InvalidArgumentException('Incorrect password. Key decryption failed.'); - } - - $number = \preg_match_all('#-{5}.*-{5}#', $pem, $result); - if (2 !== $number) { - throw new \InvalidArgumentException('Unable to load the key'); - } - - $pem = $result[0][0].PHP_EOL; - $pem .= \chunk_split(\base64_encode($decoded), 64); - $pem .= $result[0][1].PHP_EOL; - - return $pem; - } - - private static function convertDerToPem(string $der_data): string - { - $pem = \chunk_split(\base64_encode($der_data), 64, PHP_EOL); - $pem = '-----BEGIN CERTIFICATE-----'.PHP_EOL.$pem.'-----END CERTIFICATE-----'.PHP_EOL; - - return $pem; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyConverter;
+
+use Base64Url\Base64Url;
+
+/**
+ * @internal
+ */
+class KeyConverter
+{
+ /**
+ * @throws \InvalidArgumentException
+ */
+ public static function loadKeyFromCertificateFile(string $file): array
+ {
+ if (!\file_exists($file)) {
+ throw new \InvalidArgumentException(\sprintf('File "%s" does not exist.', $file));
+ }
+ $content = \file_get_contents($file);
+
+ return self::loadKeyFromCertificate($content);
+ }
+
+ /**
+ * @throws \InvalidArgumentException
+ */
+ public static function loadKeyFromCertificate(string $certificate): array
+ {
+ try {
+ $res = \openssl_x509_read($certificate);
+ } catch (\Exception $e) {
+ $certificate = self::convertDerToPem($certificate);
+ $res = \openssl_x509_read($certificate);
+ }
+ if (false === $res) {
+ throw new \InvalidArgumentException('Unable to load the certificate.');
+ }
+
+ $values = self::loadKeyFromX509Resource($res);
+ \openssl_x509_free($res);
+
+ return $values;
+ }
+
+ /**
+ * @param resource $res
+ *
+ * @throws \Exception
+ */
+ public static function loadKeyFromX509Resource($res): array
+ {
+ $key = \openssl_get_publickey($res);
+
+ $details = \openssl_pkey_get_details($key);
+ if (isset($details['key'])) {
+ $values = self::loadKeyFromPEM($details['key']);
+ \openssl_x509_export($res, $out);
+ $x5c = \preg_replace('#-.*-#', '', $out);
+ $x5c = \preg_replace('~\R~', PHP_EOL, $x5c);
+ $x5c = \trim($x5c);
+ $values['x5c'] = [$x5c];
+
+ $values['x5t'] = Base64Url::encode(\openssl_x509_fingerprint($res, 'sha1', true));
+ $values['x5t#256'] = Base64Url::encode(\openssl_x509_fingerprint($res, 'sha256', true));
+
+ return $values;
+ }
+
+ throw new \InvalidArgumentException('Unable to load the certificate');
+ }
+
+ /**
+ * @throws \Exception
+ */
+ public static function loadFromKeyFile(string $file, ?string $password = null): array
+ {
+ $content = \file_get_contents($file);
+
+ return self::loadFromKey($content, $password);
+ }
+
+ /**
+ * @throws \Exception
+ */
+ public static function loadFromKey(string $key, ?string $password = null): array
+ {
+ try {
+ return self::loadKeyFromDER($key, $password);
+ } catch (\Exception $e) {
+ return self::loadKeyFromPEM($key, $password);
+ }
+ }
+
+ /**
+ * @throws \Exception
+ */
+ private static function loadKeyFromDER(string $der, ?string $password = null): array
+ {
+ $pem = self::convertDerToPem($der);
+
+ return self::loadKeyFromPEM($pem, $password);
+ }
+
+ /**
+ * @throws \Exception
+ */
+ private static function loadKeyFromPEM(string $pem, ?string $password = null): array
+ {
+ if (\preg_match('#DEK-Info: (.+),(.+)#', $pem, $matches)) {
+ $pem = self::decodePem($pem, $matches, $password);
+ }
+
+ self::sanitizePEM($pem);
+
+ $res = \openssl_pkey_get_private($pem);
+ if (false === $res) {
+ $res = \openssl_pkey_get_public($pem);
+ }
+ if (false === $res) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+
+ $details = \openssl_pkey_get_details($res);
+ if (!\is_array($details) || !\array_key_exists('type', $details)) {
+ throw new \InvalidArgumentException('Unable to get details of the key');
+ }
+
+ switch ($details['type']) {
+ case OPENSSL_KEYTYPE_EC:
+ $ec_key = ECKey::createFromPEM($pem);
+
+ return $ec_key->toArray();
+ case OPENSSL_KEYTYPE_RSA:
+ $rsa_key = RSAKey::createFromPEM($pem);
+ $rsa_key->optimize();
+
+ return $rsa_key->toArray();
+ default:
+ throw new \InvalidArgumentException('Unsupported key type');
+ }
+ }
+
+ /**
+ * This method modifies the PEM to get 64 char lines and fix bug with old OpenSSL versions.
+ */
+ private static function sanitizePEM(string &$pem)
+ {
+ \preg_match_all('#(-.*-)#', $pem, $matches, PREG_PATTERN_ORDER);
+ $ciphertext = \preg_replace('#-.*-|\r|\n| #', '', $pem);
+
+ $pem = $matches[0][0].PHP_EOL;
+ $pem .= \chunk_split($ciphertext, 64, PHP_EOL);
+ $pem .= $matches[0][1].PHP_EOL;
+ }
+
+ /**
+ * Be careful! The certificate chain is loaded, but it is NOT VERIFIED by any mean!
+ * It is mandatory to verify the root CA or intermediate CA are trusted.
+ * If not done, it may lead to potential security issues.
+ */
+ public static function loadFromX5C(array $x5c): array
+ {
+ $certificate = null;
+ $last_issuer = null;
+ $last_subject = null;
+ foreach ($x5c as $cert) {
+ $current_cert = '-----BEGIN CERTIFICATE-----'.PHP_EOL.\chunk_split($cert,64,PHP_EOL).'-----END CERTIFICATE-----';
+ $x509 = \openssl_x509_read($current_cert);
+ if (false === $x509) {
+ $last_issuer = null;
+ $last_subject = null;
+
+ break;
+ }
+ $parsed = \openssl_x509_parse($x509);
+
+ \openssl_x509_free($x509);
+ if (false === $parsed) {
+ $last_issuer = null;
+ $last_subject = null;
+
+ break;
+ }
+ if (null === $last_subject) {
+ $last_subject = $parsed['subject'];
+ $last_issuer = $parsed['issuer'];
+ $certificate = $current_cert;
+ } else {
+ if (\json_encode($last_issuer) === \json_encode($parsed['subject'])) {
+ $last_subject = $parsed['subject'];
+ $last_issuer = $parsed['issuer'];
+ } else {
+ $last_issuer = null;
+ $last_subject = null;
+
+ break;
+ }
+ }
+ }
+
+ return self::loadKeyFromCertificate($certificate);
+ }
+
+ /**
+ * @param string[] $matches
+ */
+ private static function decodePem(string $pem, array $matches, ?string $password = null): string
+ {
+ if (null === $password) {
+ throw new \InvalidArgumentException('Password required for encrypted keys.');
+ }
+
+ $iv = \pack('H*', \trim($matches[2]));
+ $iv_sub = \mb_substr($iv, 0, 8, '8bit');
+ $symkey = \pack('H*', \md5($password.$iv_sub));
+ $symkey .= \pack('H*', \md5($symkey.$password.$iv_sub));
+ $key = \preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $pem);
+ $ciphertext = \base64_decode(\preg_replace('#-.*-|\r|\n#', '', $key), true);
+
+ $decoded = \openssl_decrypt($ciphertext, \mb_strtolower($matches[1]), $symkey, OPENSSL_RAW_DATA, $iv);
+ if (!\is_string($decoded)) {
+ throw new \InvalidArgumentException('Incorrect password. Key decryption failed.');
+ }
+
+ $number = \preg_match_all('#-{5}.*-{5}#', $pem, $result);
+ if (2 !== $number) {
+ throw new \InvalidArgumentException('Unable to load the key');
+ }
+
+ $pem = $result[0][0].PHP_EOL;
+ $pem .= \chunk_split(\base64_encode($decoded), 64);
+ $pem .= $result[0][1].PHP_EOL;
+
+ return $pem;
+ }
+
+ private static function convertDerToPem(string $der_data): string
+ {
+ $pem = \chunk_split(\base64_encode($der_data), 64, PHP_EOL);
+ $pem = '-----BEGIN CERTIFICATE-----'.PHP_EOL.$pem.'-----END CERTIFICATE-----'.PHP_EOL;
+
+ return $pem;
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/KeyConverter/RSAKey.php b/vendor/web-token/jwt-key-mgmt/KeyConverter/RSAKey.php index f76b5d4..146ec53 100644 --- a/vendor/web-token/jwt-key-mgmt/KeyConverter/RSAKey.php +++ b/vendor/web-token/jwt-key-mgmt/KeyConverter/RSAKey.php @@ -1,244 +1,244 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement\KeyConverter; - -use Base64Url\Base64Url; -use Jose\Component\Core\JWK; -use Jose\Component\Core\Util\BigInteger; - -/** - * @internal - */ -class RSAKey -{ - /** - * @var array - */ - private $values = []; - - /** - * RSAKey constructor. - */ - private function __construct(array $data) - { - $this->loadJWK($data); - } - - /** - * @return RSAKey - */ - public static function createFromKeyDetails(array $details): self - { - $values = ['kty' => 'RSA']; - $keys = [ - 'n' => 'n', - 'e' => 'e', - 'd' => 'd', - 'p' => 'p', - 'q' => 'q', - 'dp' => 'dmp1', - 'dq' => 'dmq1', - 'qi' => 'iqmp', - ]; - foreach ($details as $key => $value) { - if (\in_array($key, $keys, true)) { - $value = Base64Url::encode($value); - $values[\array_search($key, $keys, true)] = $value; - } - } - - return new self($values); - } - - /** - * @return RSAKey - */ - public static function createFromPEM(string $pem): self - { - $res = \openssl_pkey_get_private($pem); - if (false === $res) { - $res = \openssl_pkey_get_public($pem); - } - if (false === $res) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - - $details = \openssl_pkey_get_details($res); - \openssl_free_key($res); - if (!\array_key_exists('rsa', $details)) { - throw new \InvalidArgumentException('Unable to load the key.'); - } - - return self::createFromKeyDetails($details['rsa']); - } - - /** - * @return RSAKey - */ - public static function createFromJWK(JWK $jwk): self - { - return new self($jwk->all()); - } - - public function isPublic(): bool - { - return !\array_key_exists('d', $this->values); - } - - /** - * @param RSAKey $private - * - * @return RSAKey - */ - public static function toPublic(self $private): self - { - $data = $private->toArray(); - $keys = ['p', 'd', 'q', 'dp', 'dq', 'qi']; - foreach ($keys as $key) { - if (\array_key_exists($key, $data)) { - unset($data[$key]); - } - } - - return new self($data); - } - - public function toArray(): array - { - return $this->values; - } - - private function loadJWK(array $jwk) - { - if (!\array_key_exists('kty', $jwk)) { - throw new \InvalidArgumentException('The key parameter "kty" is missing.'); - } - if ('RSA' !== $jwk['kty']) { - throw new \InvalidArgumentException('The JWK is not a RSA key.'); - } - - $this->values = $jwk; - } - - public function toJwk(): JWK - { - return new JWK($this->values); - } - - /** - * This method will try to add Chinese Remainder Theorem (CRT) parameters. - * With those primes, the decryption process is really fast. - */ - public function optimize() - { - if (\array_key_exists('d', $this->values)) { - $this->populateCRT(); - } - } - - /** - * This method adds Chinese Remainder Theorem (CRT) parameters if primes 'p' and 'q' are available. - */ - private function populateCRT() - { - if (!\array_key_exists('p', $this->values) && !\array_key_exists('q', $this->values)) { - $d = BigInteger::createFromBinaryString(Base64Url::decode($this->values['d'])); - $e = BigInteger::createFromBinaryString(Base64Url::decode($this->values['e'])); - $n = BigInteger::createFromBinaryString(Base64Url::decode($this->values['n'])); - - list($p, $q) = $this->findPrimeFactors($d, $e, $n); - $this->values['p'] = Base64Url::encode($p->toBytes()); - $this->values['q'] = Base64Url::encode($q->toBytes()); - } - - if (\array_key_exists('dp', $this->values) && \array_key_exists('dq', $this->values) && \array_key_exists('qi', $this->values)) { - return; - } - - $one = BigInteger::createFromDecimal(1); - $d = BigInteger::createFromBinaryString(Base64Url::decode($this->values['d'])); - $p = BigInteger::createFromBinaryString(Base64Url::decode($this->values['p'])); - $q = BigInteger::createFromBinaryString(Base64Url::decode($this->values['q'])); - - $this->values['dp'] = Base64Url::encode($d->mod($p->subtract($one))->toBytes()); - $this->values['dq'] = Base64Url::encode($d->mod($q->subtract($one))->toBytes()); - $this->values['qi'] = Base64Url::encode($q->modInverse($p)->toBytes()); - } - - /** - * @return BigInteger[] - */ - private function findPrimeFactors(BigInteger $d, BigInteger $e, BigInteger $n): array - { - $zero = BigInteger::createFromDecimal(0); - $one = BigInteger::createFromDecimal(1); - $two = BigInteger::createFromDecimal(2); - - $k = $d->multiply($e)->subtract($one); - - if ($k->isEven()) { - $r = $k; - $t = $zero; - - do { - $r = $r->divide($two); - $t = $t->add($one); - } while ($r->isEven()); - - $found = false; - $y = null; - - for ($i = 1; $i <= 100; ++$i) { - $g = BigInteger::random($n->subtract($one)); - $y = $g->modPow($r, $n); - - if ($y->equals($one) || $y->equals($n->subtract($one))) { - continue; - } - - for ($j = $one; $j->lowerThan($t->subtract($one)); $j = $j->add($one)) { - $x = $y->modPow($two, $n); - - if ($x->equals($one)) { - $found = true; - - break; - } - - if ($x->equals($n->subtract($one))) { - continue; - } - - $y = $x; - } - - $x = $y->modPow($two, $n); - if ($x->equals($one)) { - $found = true; - - break; - } - } - - if (true === $found) { - $p = $y->subtract($one)->gcd($n); - $q = $n->divide($p); - - return [$p, $q]; - } - } - - throw new \InvalidArgumentException('Unable to find prime factors.'); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement\KeyConverter;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\Util\BigInteger;
+
+/**
+ * @internal
+ */
+class RSAKey
+{
+ /**
+ * @var array
+ */
+ private $values = [];
+
+ /**
+ * RSAKey constructor.
+ */
+ private function __construct(array $data)
+ {
+ $this->loadJWK($data);
+ }
+
+ /**
+ * @return RSAKey
+ */
+ public static function createFromKeyDetails(array $details): self
+ {
+ $values = ['kty' => 'RSA'];
+ $keys = [
+ 'n' => 'n',
+ 'e' => 'e',
+ 'd' => 'd',
+ 'p' => 'p',
+ 'q' => 'q',
+ 'dp' => 'dmp1',
+ 'dq' => 'dmq1',
+ 'qi' => 'iqmp',
+ ];
+ foreach ($details as $key => $value) {
+ if (\in_array($key, $keys, true)) {
+ $value = Base64Url::encode($value);
+ $values[\array_search($key, $keys, true)] = $value;
+ }
+ }
+
+ return new self($values);
+ }
+
+ /**
+ * @return RSAKey
+ */
+ public static function createFromPEM(string $pem): self
+ {
+ $res = \openssl_pkey_get_private($pem);
+ if (false === $res) {
+ $res = \openssl_pkey_get_public($pem);
+ }
+ if (false === $res) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+
+ $details = \openssl_pkey_get_details($res);
+ \openssl_free_key($res);
+ if (!\array_key_exists('rsa', $details)) {
+ throw new \InvalidArgumentException('Unable to load the key.');
+ }
+
+ return self::createFromKeyDetails($details['rsa']);
+ }
+
+ /**
+ * @return RSAKey
+ */
+ public static function createFromJWK(JWK $jwk): self
+ {
+ return new self($jwk->all());
+ }
+
+ public function isPublic(): bool
+ {
+ return !\array_key_exists('d', $this->values);
+ }
+
+ /**
+ * @param RSAKey $private
+ *
+ * @return RSAKey
+ */
+ public static function toPublic(self $private): self
+ {
+ $data = $private->toArray();
+ $keys = ['p', 'd', 'q', 'dp', 'dq', 'qi'];
+ foreach ($keys as $key) {
+ if (\array_key_exists($key, $data)) {
+ unset($data[$key]);
+ }
+ }
+
+ return new self($data);
+ }
+
+ public function toArray(): array
+ {
+ return $this->values;
+ }
+
+ private function loadJWK(array $jwk)
+ {
+ if (!\array_key_exists('kty', $jwk)) {
+ throw new \InvalidArgumentException('The key parameter "kty" is missing.');
+ }
+ if ('RSA' !== $jwk['kty']) {
+ throw new \InvalidArgumentException('The JWK is not a RSA key.');
+ }
+
+ $this->values = $jwk;
+ }
+
+ public function toJwk(): JWK
+ {
+ return new JWK($this->values);
+ }
+
+ /**
+ * This method will try to add Chinese Remainder Theorem (CRT) parameters.
+ * With those primes, the decryption process is really fast.
+ */
+ public function optimize()
+ {
+ if (\array_key_exists('d', $this->values)) {
+ $this->populateCRT();
+ }
+ }
+
+ /**
+ * This method adds Chinese Remainder Theorem (CRT) parameters if primes 'p' and 'q' are available.
+ */
+ private function populateCRT()
+ {
+ if (!\array_key_exists('p', $this->values) && !\array_key_exists('q', $this->values)) {
+ $d = BigInteger::createFromBinaryString(Base64Url::decode($this->values['d']));
+ $e = BigInteger::createFromBinaryString(Base64Url::decode($this->values['e']));
+ $n = BigInteger::createFromBinaryString(Base64Url::decode($this->values['n']));
+
+ list($p, $q) = $this->findPrimeFactors($d, $e, $n);
+ $this->values['p'] = Base64Url::encode($p->toBytes());
+ $this->values['q'] = Base64Url::encode($q->toBytes());
+ }
+
+ if (\array_key_exists('dp', $this->values) && \array_key_exists('dq', $this->values) && \array_key_exists('qi', $this->values)) {
+ return;
+ }
+
+ $one = BigInteger::createFromDecimal(1);
+ $d = BigInteger::createFromBinaryString(Base64Url::decode($this->values['d']));
+ $p = BigInteger::createFromBinaryString(Base64Url::decode($this->values['p']));
+ $q = BigInteger::createFromBinaryString(Base64Url::decode($this->values['q']));
+
+ $this->values['dp'] = Base64Url::encode($d->mod($p->subtract($one))->toBytes());
+ $this->values['dq'] = Base64Url::encode($d->mod($q->subtract($one))->toBytes());
+ $this->values['qi'] = Base64Url::encode($q->modInverse($p)->toBytes());
+ }
+
+ /**
+ * @return BigInteger[]
+ */
+ private function findPrimeFactors(BigInteger $d, BigInteger $e, BigInteger $n): array
+ {
+ $zero = BigInteger::createFromDecimal(0);
+ $one = BigInteger::createFromDecimal(1);
+ $two = BigInteger::createFromDecimal(2);
+
+ $k = $d->multiply($e)->subtract($one);
+
+ if ($k->isEven()) {
+ $r = $k;
+ $t = $zero;
+
+ do {
+ $r = $r->divide($two);
+ $t = $t->add($one);
+ } while ($r->isEven());
+
+ $found = false;
+ $y = null;
+
+ for ($i = 1; $i <= 100; ++$i) {
+ $g = BigInteger::random($n->subtract($one));
+ $y = $g->modPow($r, $n);
+
+ if ($y->equals($one) || $y->equals($n->subtract($one))) {
+ continue;
+ }
+
+ for ($j = $one; $j->lowerThan($t->subtract($one)); $j = $j->add($one)) {
+ $x = $y->modPow($two, $n);
+
+ if ($x->equals($one)) {
+ $found = true;
+
+ break;
+ }
+
+ if ($x->equals($n->subtract($one))) {
+ continue;
+ }
+
+ $y = $x;
+ }
+
+ $x = $y->modPow($two, $n);
+ if ($x->equals($one)) {
+ $found = true;
+
+ break;
+ }
+ }
+
+ if (true === $found) {
+ $p = $y->subtract($one)->gcd($n);
+ $q = $n->divide($p);
+
+ return [$p, $q];
+ }
+ }
+
+ throw new \InvalidArgumentException('Unable to find prime factors.');
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/LICENSE b/vendor/web-token/jwt-key-mgmt/LICENSE index a098645..ce18b6a 100644 --- a/vendor/web-token/jwt-key-mgmt/LICENSE +++ b/vendor/web-token/jwt-key-mgmt/LICENSE @@ -1,21 +1,21 @@ -The MIT License (MIT) - -Copyright (c) 2014-2018 Spomky-Labs - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/web-token/jwt-key-mgmt/UrlKeySetFactory.php b/vendor/web-token/jwt-key-mgmt/UrlKeySetFactory.php index 329a204..80c399a 100644 --- a/vendor/web-token/jwt-key-mgmt/UrlKeySetFactory.php +++ b/vendor/web-token/jwt-key-mgmt/UrlKeySetFactory.php @@ -1,54 +1,54 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement; - -use Http\Client\HttpClient; -use Http\Message\RequestFactory; - -abstract class UrlKeySetFactory -{ - /** - * @var HttpClient - */ - private $client; - - /** - * @var RequestFactory - */ - private $requestFactory; - - /** - * UrlKeySetFactory constructor. - */ - public function __construct(HttpClient $client, RequestFactory $requestFactory) - { - $this->client = $client; - $this->requestFactory = $requestFactory; - } - - /** - * @throws \RuntimeException - */ - protected function getContent(string $url, array $header = []): string - { - $request = $this->requestFactory->createRequest('GET', $url, $header); - $response = $this->client->sendRequest($request); - - if ($response->getStatusCode() >= 400) { - throw new \RuntimeException('Unable to get the key set.', $response->getStatusCode()); - } - - return $response->getBody()->getContents(); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement;
+
+use Http\Client\HttpClient;
+use Http\Message\RequestFactory;
+
+abstract class UrlKeySetFactory
+{
+ /**
+ * @var HttpClient
+ */
+ private $client;
+
+ /**
+ * @var RequestFactory
+ */
+ private $requestFactory;
+
+ /**
+ * UrlKeySetFactory constructor.
+ */
+ public function __construct(HttpClient $client, RequestFactory $requestFactory)
+ {
+ $this->client = $client;
+ $this->requestFactory = $requestFactory;
+ }
+
+ /**
+ * @throws \RuntimeException
+ */
+ protected function getContent(string $url, array $header = []): string
+ {
+ $request = $this->requestFactory->createRequest('GET', $url, $header);
+ $response = $this->client->sendRequest($request);
+
+ if ($response->getStatusCode() >= 400) {
+ throw new \RuntimeException('Unable to get the key set.', $response->getStatusCode());
+ }
+
+ return $response->getBody()->getContents();
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/X5UFactory.php b/vendor/web-token/jwt-key-mgmt/X5UFactory.php index 1163b59..c7e5394 100644 --- a/vendor/web-token/jwt-key-mgmt/X5UFactory.php +++ b/vendor/web-token/jwt-key-mgmt/X5UFactory.php @@ -1,66 +1,66 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\KeyManagement; - -use Http\Client\HttpClient; -use Http\Message\RequestFactory; -use Jose\Component\Core\Converter\JsonConverter; -use Jose\Component\Core\JWK; -use Jose\Component\Core\JWKSet; -use Jose\Component\KeyManagement\KeyConverter\KeyConverter; - -class X5UFactory extends UrlKeySetFactory -{ - private $jsonConverter; - - /** - * X5UFactory constructor. - */ - public function __construct(?JsonConverter $jsonConverter, HttpClient $client, RequestFactory $requestFactory) - { - $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter(); - parent::__construct($client, $requestFactory); - } - - /** - * This method will try to fetch the url a retrieve the key set. - * Throws an exception in case of failure. - * - * @throws \InvalidArgumentException - */ - public function loadFromUrl(string $url, array $header = []): JWKSet - { - $content = $this->getContent($url, $header); - $data = $this->jsonConverter->decode($content); - if (!\is_array($data)) { - throw new \RuntimeException('Invalid content.'); - } - - $keys = []; - foreach ($data as $kid => $cert) { - if (false === \mb_strpos($cert, '-----BEGIN CERTIFICATE-----')) { - $cert = '-----BEGIN CERTIFICATE-----'.PHP_EOL.$cert.PHP_EOL.'-----END CERTIFICATE-----'; - } - $jwk = KeyConverter::loadKeyFromCertificate($cert); - if (\is_string($kid)) { - $jwk['kid'] = $kid; - $keys[$kid] = new JWK($jwk); - } else { - $keys[] = new JWK($jwk); - } - } - - return new JWKSet($keys); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\KeyManagement;
+
+use Http\Client\HttpClient;
+use Http\Message\RequestFactory;
+use Jose\Component\Core\Converter\JsonConverter;
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\JWKSet;
+use Jose\Component\KeyManagement\KeyConverter\KeyConverter;
+
+class X5UFactory extends UrlKeySetFactory
+{
+ private $jsonConverter;
+
+ /**
+ * X5UFactory constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter, HttpClient $client, RequestFactory $requestFactory)
+ {
+ $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter();
+ parent::__construct($client, $requestFactory);
+ }
+
+ /**
+ * This method will try to fetch the url a retrieve the key set.
+ * Throws an exception in case of failure.
+ *
+ * @throws \InvalidArgumentException
+ */
+ public function loadFromUrl(string $url, array $header = []): JWKSet
+ {
+ $content = $this->getContent($url, $header);
+ $data = $this->jsonConverter->decode($content);
+ if (!\is_array($data)) {
+ throw new \RuntimeException('Invalid content.');
+ }
+
+ $keys = [];
+ foreach ($data as $kid => $cert) {
+ if (false === \mb_strpos($cert, '-----BEGIN CERTIFICATE-----')) {
+ $cert = '-----BEGIN CERTIFICATE-----'.PHP_EOL.$cert.PHP_EOL.'-----END CERTIFICATE-----';
+ }
+ $jwk = KeyConverter::loadKeyFromCertificate($cert);
+ if (\is_string($kid)) {
+ $jwk['kid'] = $kid;
+ $keys[$kid] = new JWK($jwk);
+ } else {
+ $keys[] = new JWK($jwk);
+ }
+ }
+
+ return new JWKSet($keys);
+ }
+}
diff --git a/vendor/web-token/jwt-key-mgmt/composer.json b/vendor/web-token/jwt-key-mgmt/composer.json index d3999ad..218dec2 100644 --- a/vendor/web-token/jwt-key-mgmt/composer.json +++ b/vendor/web-token/jwt-key-mgmt/composer.json @@ -1,46 +1,46 @@ -{ - "name": "web-token/jwt-key-mgmt", - "description": "Key Management component of the JWT Framework.", - "type": "library", - "license": "MIT", - "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], - "homepage": "https://github.com/web-token", - "authors": [ - { - "name": "Florent Morselli", - "homepage": "https://github.com/Spomky" - },{ - "name": "All contributors", - "homepage": "https://github.com/web-token/jwt-key-mgmt/contributors" - } - ], - "autoload": { - "psr-4": { - "Jose\\Component\\KeyManagement\\": "" - } - }, - "require": { - "lib-openssl": "*", - "paragonie/sodium_compat": "^1.2", - "web-token/jwt-core": "^1.3", - "web-token/jwt-util-ecc": "^1.3" - }, - "require-dev": { - "php-http/message-factory": "^1.0", - "php-http/httplug": "^1.1", - "php-http/mock-client": "^1.0", - "phpunit/phpunit": "^6.0|^7.0" - }, - "suggest": { - "php-http/message-factory": "To enable JKU/X5U support.", - "php-http/httplug": "To enable JKU/X5U support." - }, - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "config": { - "sort-packages": true - } -} +{
+ "name": "web-token/jwt-key-mgmt",
+ "description": "Key Management component of the JWT Framework.",
+ "type": "library",
+ "license": "MIT",
+ "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+ "homepage": "https://github.com/web-token",
+ "authors": [
+ {
+ "name": "Florent Morselli",
+ "homepage": "https://github.com/Spomky"
+ },{
+ "name": "All contributors",
+ "homepage": "https://github.com/web-token/jwt-key-mgmt/contributors"
+ }
+ ],
+ "autoload": {
+ "psr-4": {
+ "Jose\\Component\\KeyManagement\\": ""
+ }
+ },
+ "require": {
+ "lib-openssl": "*",
+ "paragonie/sodium_compat": "^1.2",
+ "web-token/jwt-core": "^1.3",
+ "web-token/jwt-util-ecc": "^1.3"
+ },
+ "require-dev": {
+ "php-http/message-factory": "^1.0",
+ "php-http/httplug": "^1.1",
+ "php-http/mock-client": "^1.0",
+ "phpunit/phpunit": "^6.0|^7.0"
+ },
+ "suggest": {
+ "php-http/message-factory": "To enable JKU/X5U support.",
+ "php-http/httplug": "To enable JKU/X5U support."
+ },
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.3.x-dev"
+ }
+ },
+ "config": {
+ "sort-packages": true
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/ECDSA.php b/vendor/web-token/jwt-signature-algorithm-ecdsa/ECDSA.php index f3e2790..4f6d617 100644 --- a/vendor/web-token/jwt-signature-algorithm-ecdsa/ECDSA.php +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/ECDSA.php @@ -1,79 +1,79 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Core\JWK; -use Jose\Component\Core\Util\ECKey; -use Jose\Component\Core\Util\ECSignature; - -abstract class ECDSA implements SignatureAlgorithm -{ - public function __construct() - { - if (!\defined('OPENSSL_KEYTYPE_EC')) { - throw new \RuntimeException('Elliptic Curve key type not supported by your environment.'); - } - } - - public function allowedKeyTypes(): array - { - return ['EC']; - } - - public function sign(JWK $key, string $input): string - { - $this->checkKey($key); - if (!$key->has('d')) { - throw new \InvalidArgumentException('The EC key is not private'); - } - - $pem = ECKey::convertPrivateKeyToPEM($key); - $result = \openssl_sign($input, $signature, $pem, $this->getHashAlgorithm()); - if (false === $result) { - throw new \RuntimeException('Signature failed.'); - } - - return ECSignature::fromDER($signature, $this->getSignaturePartLength()); - } - - public function verify(JWK $key, string $input, string $signature): bool - { - $this->checkKey($key); - - try { - $der = ECSignature::toDER($signature, $this->getSignaturePartLength()); - $pem = ECKey::convertPublicKeyToPEM($key); - - return 1 === \openssl_verify($input, $der, $pem, $this->getHashAlgorithm()); - } catch (\Exception $e) { - return false; - } - } - - abstract protected function getHashAlgorithm(): string; - - abstract protected function getSignaturePartLength(): int; - - private function checkKey(JWK $key) - { - if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) { - throw new \InvalidArgumentException('Wrong key type.'); - } - foreach (['x', 'y', 'crv'] as $k) { - if (!$key->has($k)) { - throw new \InvalidArgumentException(\sprintf('The key parameter "%s" is missing.', $k)); - } - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\Util\ECKey;
+use Jose\Component\Core\Util\ECSignature;
+
+abstract class ECDSA implements SignatureAlgorithm
+{
+ public function __construct()
+ {
+ if (!\defined('OPENSSL_KEYTYPE_EC')) {
+ throw new \RuntimeException('Elliptic Curve key type not supported by your environment.');
+ }
+ }
+
+ public function allowedKeyTypes(): array
+ {
+ return ['EC'];
+ }
+
+ public function sign(JWK $key, string $input): string
+ {
+ $this->checkKey($key);
+ if (!$key->has('d')) {
+ throw new \InvalidArgumentException('The EC key is not private');
+ }
+
+ $pem = ECKey::convertPrivateKeyToPEM($key);
+ $result = \openssl_sign($input, $signature, $pem, $this->getHashAlgorithm());
+ if (false === $result) {
+ throw new \RuntimeException('Signature failed.');
+ }
+
+ return ECSignature::fromDER($signature, $this->getSignaturePartLength());
+ }
+
+ public function verify(JWK $key, string $input, string $signature): bool
+ {
+ $this->checkKey($key);
+
+ try {
+ $der = ECSignature::toDER($signature, $this->getSignaturePartLength());
+ $pem = ECKey::convertPublicKeyToPEM($key);
+
+ return 1 === \openssl_verify($input, $der, $pem, $this->getHashAlgorithm());
+ } catch (\Exception $e) {
+ return false;
+ }
+ }
+
+ abstract protected function getHashAlgorithm(): string;
+
+ abstract protected function getSignaturePartLength(): int;
+
+ private function checkKey(JWK $key)
+ {
+ if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) {
+ throw new \InvalidArgumentException('Wrong key type.');
+ }
+ foreach (['x', 'y', 'crv'] as $k) {
+ if (!$key->has($k)) {
+ throw new \InvalidArgumentException(\sprintf('The key parameter "%s" is missing.', $k));
+ }
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/ES256.php b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES256.php index d4166b4..a51da68 100644 --- a/vendor/web-token/jwt-signature-algorithm-ecdsa/ES256.php +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES256.php @@ -1,32 +1,32 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -final class ES256 extends ECDSA -{ - protected function getHashAlgorithm(): string - { - return 'sha256'; - } - - protected function getSignaturePartLength(): int - { - return 64; - } - - public function name(): string - { - return 'ES256'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+final class ES256 extends ECDSA
+{
+ protected function getHashAlgorithm(): string
+ {
+ return 'sha256';
+ }
+
+ protected function getSignaturePartLength(): int
+ {
+ return 64;
+ }
+
+ public function name(): string
+ {
+ return 'ES256';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/ES384.php b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES384.php index c8422bd..91940cd 100644 --- a/vendor/web-token/jwt-signature-algorithm-ecdsa/ES384.php +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES384.php @@ -1,32 +1,32 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -final class ES384 extends ECDSA -{ - protected function getHashAlgorithm(): string - { - return 'sha384'; - } - - protected function getSignaturePartLength(): int - { - return 96; - } - - public function name(): string - { - return 'ES384'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+final class ES384 extends ECDSA
+{
+ protected function getHashAlgorithm(): string
+ {
+ return 'sha384';
+ }
+
+ protected function getSignaturePartLength(): int
+ {
+ return 96;
+ }
+
+ public function name(): string
+ {
+ return 'ES384';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/ES512.php b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES512.php index b0ff651..0606123 100644 --- a/vendor/web-token/jwt-signature-algorithm-ecdsa/ES512.php +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/ES512.php @@ -1,32 +1,32 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -final class ES512 extends ECDSA -{ - protected function getHashAlgorithm(): string - { - return 'sha512'; - } - - protected function getSignaturePartLength(): int - { - return 132; - } - - public function name(): string - { - return 'ES512'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+final class ES512 extends ECDSA
+{
+ protected function getHashAlgorithm(): string
+ {
+ return 'sha512';
+ }
+
+ protected function getSignaturePartLength(): int
+ {
+ return 132;
+ }
+
+ public function name(): string
+ {
+ return 'ES512';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/LICENSE b/vendor/web-token/jwt-signature-algorithm-ecdsa/LICENSE index a098645..ce18b6a 100644 --- a/vendor/web-token/jwt-signature-algorithm-ecdsa/LICENSE +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/LICENSE @@ -1,21 +1,21 @@ -The MIT License (MIT) - -Copyright (c) 2014-2018 Spomky-Labs - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/web-token/jwt-signature-algorithm-ecdsa/composer.json b/vendor/web-token/jwt-signature-algorithm-ecdsa/composer.json index cd41da4..d6a26b3 100644 --- a/vendor/web-token/jwt-signature-algorithm-ecdsa/composer.json +++ b/vendor/web-token/jwt-signature-algorithm-ecdsa/composer.json @@ -1,36 +1,36 @@ -{ - "name": "web-token/jwt-signature-algorithm-ecdsa", - "description": "ECDSA Based Signature Algorithms the JWT Framework.", - "type": "library", - "license": "MIT", - "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], - "homepage": "https://github.com/web-token", - "authors": [ - { - "name": "Florent Morselli", - "homepage": "https://github.com/Spomky" - },{ - "name": "All contributors", - "homepage": "https://github.com/web-token/jwt-core/contributors" - } - ], - "autoload": { - "psr-4": { - "Jose\\Component\\Signature\\Algorithm\\": "" - } - }, - "require": { - "web-token/jwt-signature": "^1.3" - }, - "require-dev": { - "phpunit/phpunit": "^6.0|^7.0" - }, - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "config": { - "sort-packages": true - } -} +{
+ "name": "web-token/jwt-signature-algorithm-ecdsa",
+ "description": "ECDSA Based Signature Algorithms the JWT Framework.",
+ "type": "library",
+ "license": "MIT",
+ "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+ "homepage": "https://github.com/web-token",
+ "authors": [
+ {
+ "name": "Florent Morselli",
+ "homepage": "https://github.com/Spomky"
+ },{
+ "name": "All contributors",
+ "homepage": "https://github.com/web-token/jwt-core/contributors"
+ }
+ ],
+ "autoload": {
+ "psr-4": {
+ "Jose\\Component\\Signature\\Algorithm\\": ""
+ }
+ },
+ "require": {
+ "web-token/jwt-signature": "^1.3"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^6.0|^7.0"
+ },
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.3.x-dev"
+ }
+ },
+ "config": {
+ "sort-packages": true
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-eddsa/EdDSA.php b/vendor/web-token/jwt-signature-algorithm-eddsa/EdDSA.php index 8475c6a..a31a1e4 100644 --- a/vendor/web-token/jwt-signature-algorithm-eddsa/EdDSA.php +++ b/vendor/web-token/jwt-signature-algorithm-eddsa/EdDSA.php @@ -1,76 +1,76 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Base64Url\Base64Url; -use Jose\Component\Core\JWK; - -final class EdDSA implements SignatureAlgorithm -{ - public function allowedKeyTypes(): array - { - return ['OKP']; - } - - public function sign(JWK $key, string $input): string - { - $this->checkKey($key); - if (!$key->has('d')) { - throw new \InvalidArgumentException('The key is not private.'); - } - $x = Base64Url::decode($key->get('x')); - $d = Base64Url::decode($key->get('d')); - $secret = $d.$x; - - switch ($key->get('crv')) { - case 'Ed25519': - return \sodium_crypto_sign_detached($input, $secret); - default: - throw new \InvalidArgumentException('Unsupported curve'); - } - } - - public function verify(JWK $key, string $input, string $signature): bool - { - $this->checkKey($key); - - $public = Base64Url::decode($key->get('x')); - switch ($key->get('crv')) { - case 'Ed25519': - return \sodium_crypto_sign_verify_detached($signature, $input, $public); - default: - throw new \InvalidArgumentException('Unsupported curve'); - } - } - - private function checkKey(JWK $key) - { - if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) { - throw new \InvalidArgumentException('Wrong key type.'); - } - foreach (['x', 'crv'] as $k) { - if (!$key->has($k)) { - throw new \InvalidArgumentException(\sprintf('The key parameter "%s" is missing.', $k)); - } - } - if (!\in_array($key->get('crv'), ['Ed25519'], true)) { - throw new \InvalidArgumentException('Unsupported curve.'); - } - } - - public function name(): string - { - return 'EdDSA'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\JWK;
+
+final class EdDSA implements SignatureAlgorithm
+{
+ public function allowedKeyTypes(): array
+ {
+ return ['OKP'];
+ }
+
+ public function sign(JWK $key, string $input): string
+ {
+ $this->checkKey($key);
+ if (!$key->has('d')) {
+ throw new \InvalidArgumentException('The key is not private.');
+ }
+ $x = Base64Url::decode($key->get('x'));
+ $d = Base64Url::decode($key->get('d'));
+ $secret = $d.$x;
+
+ switch ($key->get('crv')) {
+ case 'Ed25519':
+ return \sodium_crypto_sign_detached($input, $secret);
+ default:
+ throw new \InvalidArgumentException('Unsupported curve');
+ }
+ }
+
+ public function verify(JWK $key, string $input, string $signature): bool
+ {
+ $this->checkKey($key);
+
+ $public = Base64Url::decode($key->get('x'));
+ switch ($key->get('crv')) {
+ case 'Ed25519':
+ return \sodium_crypto_sign_verify_detached($signature, $input, $public);
+ default:
+ throw new \InvalidArgumentException('Unsupported curve');
+ }
+ }
+
+ private function checkKey(JWK $key)
+ {
+ if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) {
+ throw new \InvalidArgumentException('Wrong key type.');
+ }
+ foreach (['x', 'crv'] as $k) {
+ if (!$key->has($k)) {
+ throw new \InvalidArgumentException(\sprintf('The key parameter "%s" is missing.', $k));
+ }
+ }
+ if (!\in_array($key->get('crv'), ['Ed25519'], true)) {
+ throw new \InvalidArgumentException('Unsupported curve.');
+ }
+ }
+
+ public function name(): string
+ {
+ return 'EdDSA';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-eddsa/LICENSE b/vendor/web-token/jwt-signature-algorithm-eddsa/LICENSE index a098645..ce18b6a 100644 --- a/vendor/web-token/jwt-signature-algorithm-eddsa/LICENSE +++ b/vendor/web-token/jwt-signature-algorithm-eddsa/LICENSE @@ -1,21 +1,21 @@ -The MIT License (MIT) - -Copyright (c) 2014-2018 Spomky-Labs - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/web-token/jwt-signature-algorithm-eddsa/composer.json b/vendor/web-token/jwt-signature-algorithm-eddsa/composer.json index ba7d6d0..388ff78 100644 --- a/vendor/web-token/jwt-signature-algorithm-eddsa/composer.json +++ b/vendor/web-token/jwt-signature-algorithm-eddsa/composer.json @@ -1,36 +1,36 @@ -{ - "name": "web-token/jwt-signature-algorithm-eddsa", - "description": "EdDSA Signature Algorithm the JWT Framework.", - "type": "library", - "license": "MIT", - "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], - "homepage": "https://github.com/web-token", - "authors": [ - { - "name": "Florent Morselli", - "homepage": "https://github.com/Spomky" - },{ - "name": "All contributors", - "homepage": "https://github.com/web-token/jwt-core/contributors" - } - ], - "autoload": { - "psr-4": { - "Jose\\Component\\Signature\\Algorithm\\": "" - } - }, - "require": { - "web-token/jwt-signature": "^1.3" - }, - "require-dev": { - "phpunit/phpunit": "^6.0|^7.0" - }, - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "config": { - "sort-packages": true - } -} +{
+ "name": "web-token/jwt-signature-algorithm-eddsa",
+ "description": "EdDSA Signature Algorithm the JWT Framework.",
+ "type": "library",
+ "license": "MIT",
+ "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+ "homepage": "https://github.com/web-token",
+ "authors": [
+ {
+ "name": "Florent Morselli",
+ "homepage": "https://github.com/Spomky"
+ },{
+ "name": "All contributors",
+ "homepage": "https://github.com/web-token/jwt-core/contributors"
+ }
+ ],
+ "autoload": {
+ "psr-4": {
+ "Jose\\Component\\Signature\\Algorithm\\": ""
+ }
+ },
+ "require": {
+ "web-token/jwt-signature": "^1.3"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^6.0|^7.0"
+ },
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.3.x-dev"
+ }
+ },
+ "config": {
+ "sort-packages": true
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php b/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php index e676bed..38faa98 100644 --- a/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php +++ b/vendor/web-token/jwt-signature-algorithm-hmac/HMAC.php @@ -1,49 +1,49 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Base64Url\Base64Url; -use Jose\Component\Core\JWK; - -abstract class HMAC implements SignatureAlgorithm -{ - public function allowedKeyTypes(): array - { - return ['oct']; - } - - public function verify(JWK $key, string $input, string $signature): bool - { - return \hash_equals($this->sign($key, $input), $signature); - } - - public function sign(JWK $key, string $input): string - { - $this->checkKey($key); - - return \hash_hmac($this->getHashAlgorithm(), $input, Base64Url::decode($key->get('k')), true); - } - - protected function checkKey(JWK $key) - { - if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) { - throw new \InvalidArgumentException('Wrong key type.'); - } - if (!$key->has('k')) { - throw new \InvalidArgumentException('The key parameter "k" is missing.'); - } - } - - abstract protected function getHashAlgorithm(): string; -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\JWK;
+
+abstract class HMAC implements SignatureAlgorithm
+{
+ public function allowedKeyTypes(): array
+ {
+ return ['oct'];
+ }
+
+ public function verify(JWK $key, string $input, string $signature): bool
+ {
+ return \hash_equals($this->sign($key, $input), $signature);
+ }
+
+ public function sign(JWK $key, string $input): string
+ {
+ $this->checkKey($key);
+
+ return \hash_hmac($this->getHashAlgorithm(), $input, Base64Url::decode($key->get('k')), true);
+ }
+
+ protected function checkKey(JWK $key)
+ {
+ if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) {
+ throw new \InvalidArgumentException('Wrong key type.');
+ }
+ if (!$key->has('k')) {
+ throw new \InvalidArgumentException('The key parameter "k" is missing.');
+ }
+ }
+
+ abstract protected function getHashAlgorithm(): string;
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-hmac/HS256.php b/vendor/web-token/jwt-signature-algorithm-hmac/HS256.php index 328a008..d21a98b 100644 --- a/vendor/web-token/jwt-signature-algorithm-hmac/HS256.php +++ b/vendor/web-token/jwt-signature-algorithm-hmac/HS256.php @@ -1,27 +1,27 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -final class HS256 extends HMAC -{ - protected function getHashAlgorithm(): string - { - return 'sha256'; - } - - public function name(): string - { - return 'HS256'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+final class HS256 extends HMAC
+{
+ protected function getHashAlgorithm(): string
+ {
+ return 'sha256';
+ }
+
+ public function name(): string
+ {
+ return 'HS256';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-hmac/HS384.php b/vendor/web-token/jwt-signature-algorithm-hmac/HS384.php index b1ca650..af8feab 100644 --- a/vendor/web-token/jwt-signature-algorithm-hmac/HS384.php +++ b/vendor/web-token/jwt-signature-algorithm-hmac/HS384.php @@ -1,27 +1,27 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -final class HS384 extends HMAC -{ - protected function getHashAlgorithm(): string - { - return 'sha384'; - } - - public function name(): string - { - return 'HS384'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+final class HS384 extends HMAC
+{
+ protected function getHashAlgorithm(): string
+ {
+ return 'sha384';
+ }
+
+ public function name(): string
+ {
+ return 'HS384';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-hmac/HS512.php b/vendor/web-token/jwt-signature-algorithm-hmac/HS512.php index 22bf170..d9a4a67 100644 --- a/vendor/web-token/jwt-signature-algorithm-hmac/HS512.php +++ b/vendor/web-token/jwt-signature-algorithm-hmac/HS512.php @@ -1,27 +1,27 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -final class HS512 extends HMAC -{ - protected function getHashAlgorithm(): string - { - return 'sha512'; - } - - public function name(): string - { - return 'HS512'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+final class HS512 extends HMAC
+{
+ protected function getHashAlgorithm(): string
+ {
+ return 'sha512';
+ }
+
+ public function name(): string
+ {
+ return 'HS512';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-hmac/LICENSE b/vendor/web-token/jwt-signature-algorithm-hmac/LICENSE index a098645..ce18b6a 100644 --- a/vendor/web-token/jwt-signature-algorithm-hmac/LICENSE +++ b/vendor/web-token/jwt-signature-algorithm-hmac/LICENSE @@ -1,21 +1,21 @@ -The MIT License (MIT) - -Copyright (c) 2014-2018 Spomky-Labs - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/web-token/jwt-signature-algorithm-hmac/composer.json b/vendor/web-token/jwt-signature-algorithm-hmac/composer.json index f59e02c..4560da7 100644 --- a/vendor/web-token/jwt-signature-algorithm-hmac/composer.json +++ b/vendor/web-token/jwt-signature-algorithm-hmac/composer.json @@ -1,36 +1,36 @@ -{ - "name": "web-token/jwt-signature-algorithm-hmac", - "description": "HMAC Based Signature Algorithms the JWT Framework.", - "type": "library", - "license": "MIT", - "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], - "homepage": "https://github.com/web-token", - "authors": [ - { - "name": "Florent Morselli", - "homepage": "https://github.com/Spomky" - },{ - "name": "All contributors", - "homepage": "https://github.com/web-token/jwt-core/contributors" - } - ], - "autoload": { - "psr-4": { - "Jose\\Component\\Signature\\Algorithm\\": "" - } - }, - "require": { - "web-token/jwt-signature": "^1.3" - }, - "require-dev": { - "phpunit/phpunit": "^6.0|^7.0" - }, - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "config": { - "sort-packages": true - } -} +{
+ "name": "web-token/jwt-signature-algorithm-hmac",
+ "description": "HMAC Based Signature Algorithms the JWT Framework.",
+ "type": "library",
+ "license": "MIT",
+ "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+ "homepage": "https://github.com/web-token",
+ "authors": [
+ {
+ "name": "Florent Morselli",
+ "homepage": "https://github.com/Spomky"
+ },{
+ "name": "All contributors",
+ "homepage": "https://github.com/web-token/jwt-core/contributors"
+ }
+ ],
+ "autoload": {
+ "psr-4": {
+ "Jose\\Component\\Signature\\Algorithm\\": ""
+ }
+ },
+ "require": {
+ "web-token/jwt-signature": "^1.3"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^6.0|^7.0"
+ },
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.3.x-dev"
+ }
+ },
+ "config": {
+ "sort-packages": true
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-none/LICENSE b/vendor/web-token/jwt-signature-algorithm-none/LICENSE index a098645..ce18b6a 100644 --- a/vendor/web-token/jwt-signature-algorithm-none/LICENSE +++ b/vendor/web-token/jwt-signature-algorithm-none/LICENSE @@ -1,21 +1,21 @@ -The MIT License (MIT) - -Copyright (c) 2014-2018 Spomky-Labs - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/web-token/jwt-signature-algorithm-none/None.php b/vendor/web-token/jwt-signature-algorithm-none/None.php index 5504b2a..b0674da 100644 --- a/vendor/web-token/jwt-signature-algorithm-none/None.php +++ b/vendor/web-token/jwt-signature-algorithm-none/None.php @@ -1,48 +1,48 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Core\JWK; - -final class None implements SignatureAlgorithm -{ - public function allowedKeyTypes(): array - { - return ['none']; - } - - public function sign(JWK $key, string $input): string - { - $this->checkKey($key); - - return ''; - } - - public function verify(JWK $key, string $input, string $signature): bool - { - return '' === $signature; - } - - private function checkKey(JWK $key) - { - if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) { - throw new \InvalidArgumentException('Wrong key type.'); - } - } - - public function name(): string - { - return 'none'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Core\JWK;
+
+final class None implements SignatureAlgorithm
+{
+ public function allowedKeyTypes(): array
+ {
+ return ['none'];
+ }
+
+ public function sign(JWK $key, string $input): string
+ {
+ $this->checkKey($key);
+
+ return '';
+ }
+
+ public function verify(JWK $key, string $input, string $signature): bool
+ {
+ return '' === $signature;
+ }
+
+ private function checkKey(JWK $key)
+ {
+ if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) {
+ throw new \InvalidArgumentException('Wrong key type.');
+ }
+ }
+
+ public function name(): string
+ {
+ return 'none';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-none/composer.json b/vendor/web-token/jwt-signature-algorithm-none/composer.json index a10f28a..238f3e0 100644 --- a/vendor/web-token/jwt-signature-algorithm-none/composer.json +++ b/vendor/web-token/jwt-signature-algorithm-none/composer.json @@ -1,36 +1,36 @@ -{ - "name": "web-token/jwt-signature-algorithm-none", - "description": "None Signature Algorithm the JWT Framework.", - "type": "library", - "license": "MIT", - "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], - "homepage": "https://github.com/web-token", - "authors": [ - { - "name": "Florent Morselli", - "homepage": "https://github.com/Spomky" - },{ - "name": "All contributors", - "homepage": "https://github.com/web-token/jwt-core/contributors" - } - ], - "autoload": { - "psr-4": { - "Jose\\Component\\Signature\\Algorithm\\": "" - } - }, - "require": { - "web-token/jwt-signature": "^1.3" - }, - "require-dev": { - "phpunit/phpunit": "^6.0|^7.0" - }, - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "config": { - "sort-packages": true - } -} +{
+ "name": "web-token/jwt-signature-algorithm-none",
+ "description": "None Signature Algorithm the JWT Framework.",
+ "type": "library",
+ "license": "MIT",
+ "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+ "homepage": "https://github.com/web-token",
+ "authors": [
+ {
+ "name": "Florent Morselli",
+ "homepage": "https://github.com/Spomky"
+ },{
+ "name": "All contributors",
+ "homepage": "https://github.com/web-token/jwt-core/contributors"
+ }
+ ],
+ "autoload": {
+ "psr-4": {
+ "Jose\\Component\\Signature\\Algorithm\\": ""
+ }
+ },
+ "require": {
+ "web-token/jwt-signature": "^1.3"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^6.0|^7.0"
+ },
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.3.x-dev"
+ }
+ },
+ "config": {
+ "sort-packages": true
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-rsa/LICENSE b/vendor/web-token/jwt-signature-algorithm-rsa/LICENSE index a098645..ce18b6a 100644 --- a/vendor/web-token/jwt-signature-algorithm-rsa/LICENSE +++ b/vendor/web-token/jwt-signature-algorithm-rsa/LICENSE @@ -1,21 +1,21 @@ -The MIT License (MIT) - -Copyright (c) 2014-2018 Spomky-Labs - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/web-token/jwt-signature-algorithm-rsa/PS256.php b/vendor/web-token/jwt-signature-algorithm-rsa/PS256.php index 366f4a6..74d53a6 100644 --- a/vendor/web-token/jwt-signature-algorithm-rsa/PS256.php +++ b/vendor/web-token/jwt-signature-algorithm-rsa/PS256.php @@ -1,34 +1,34 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Signature\Util\RSA as JoseRSA; - -final class PS256 extends RSA -{ - protected function getAlgorithm(): string - { - return 'sha256'; - } - - protected function getSignatureMethod(): int - { - return JoseRSA::SIGNATURE_PSS; - } - - public function name(): string - { - return 'PS256'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Signature\Util\RSA as JoseRSA;
+
+final class PS256 extends RSA
+{
+ protected function getAlgorithm(): string
+ {
+ return 'sha256';
+ }
+
+ protected function getSignatureMethod(): int
+ {
+ return JoseRSA::SIGNATURE_PSS;
+ }
+
+ public function name(): string
+ {
+ return 'PS256';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-rsa/PS384.php b/vendor/web-token/jwt-signature-algorithm-rsa/PS384.php index 0f87ca8..c6620a9 100644 --- a/vendor/web-token/jwt-signature-algorithm-rsa/PS384.php +++ b/vendor/web-token/jwt-signature-algorithm-rsa/PS384.php @@ -1,34 +1,34 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Signature\Util\RSA as JoseRSA; - -final class PS384 extends RSA -{ - protected function getAlgorithm(): string - { - return 'sha384'; - } - - protected function getSignatureMethod(): int - { - return JoseRSA::SIGNATURE_PSS; - } - - public function name(): string - { - return 'PS384'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Signature\Util\RSA as JoseRSA;
+
+final class PS384 extends RSA
+{
+ protected function getAlgorithm(): string
+ {
+ return 'sha384';
+ }
+
+ protected function getSignatureMethod(): int
+ {
+ return JoseRSA::SIGNATURE_PSS;
+ }
+
+ public function name(): string
+ {
+ return 'PS384';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-rsa/PS512.php b/vendor/web-token/jwt-signature-algorithm-rsa/PS512.php index 08a58a1..4ac0149 100644 --- a/vendor/web-token/jwt-signature-algorithm-rsa/PS512.php +++ b/vendor/web-token/jwt-signature-algorithm-rsa/PS512.php @@ -1,34 +1,34 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Signature\Util\RSA as JoseRSA; - -final class PS512 extends RSA -{ - protected function getAlgorithm(): string - { - return 'sha512'; - } - - protected function getSignatureMethod(): int - { - return JoseRSA::SIGNATURE_PSS; - } - - public function name(): string - { - return 'PS512'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Signature\Util\RSA as JoseRSA;
+
+final class PS512 extends RSA
+{
+ protected function getAlgorithm(): string
+ {
+ return 'sha512';
+ }
+
+ protected function getSignatureMethod(): int
+ {
+ return JoseRSA::SIGNATURE_PSS;
+ }
+
+ public function name(): string
+ {
+ return 'PS512';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-rsa/RS256.php b/vendor/web-token/jwt-signature-algorithm-rsa/RS256.php index 0bedfa2..b0d9f19 100644 --- a/vendor/web-token/jwt-signature-algorithm-rsa/RS256.php +++ b/vendor/web-token/jwt-signature-algorithm-rsa/RS256.php @@ -1,34 +1,34 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Signature\Util\RSA as JoseRSA; - -final class RS256 extends RSA -{ - protected function getAlgorithm(): string - { - return 'sha256'; - } - - protected function getSignatureMethod(): int - { - return JoseRSA::SIGNATURE_PKCS1; - } - - public function name(): string - { - return 'RS256'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Signature\Util\RSA as JoseRSA;
+
+final class RS256 extends RSA
+{
+ protected function getAlgorithm(): string
+ {
+ return 'sha256';
+ }
+
+ protected function getSignatureMethod(): int
+ {
+ return JoseRSA::SIGNATURE_PKCS1;
+ }
+
+ public function name(): string
+ {
+ return 'RS256';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-rsa/RS384.php b/vendor/web-token/jwt-signature-algorithm-rsa/RS384.php index 1b009ba..b340d4b 100644 --- a/vendor/web-token/jwt-signature-algorithm-rsa/RS384.php +++ b/vendor/web-token/jwt-signature-algorithm-rsa/RS384.php @@ -1,34 +1,34 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Signature\Util\RSA as JoseRSA; - -final class RS384 extends RSA -{ - protected function getAlgorithm(): string - { - return 'sha384'; - } - - protected function getSignatureMethod(): int - { - return JoseRSA::SIGNATURE_PKCS1; - } - - public function name(): string - { - return 'RS384'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Signature\Util\RSA as JoseRSA;
+
+final class RS384 extends RSA
+{
+ protected function getAlgorithm(): string
+ {
+ return 'sha384';
+ }
+
+ protected function getSignatureMethod(): int
+ {
+ return JoseRSA::SIGNATURE_PKCS1;
+ }
+
+ public function name(): string
+ {
+ return 'RS384';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-rsa/RS512.php b/vendor/web-token/jwt-signature-algorithm-rsa/RS512.php index 800573c..47f79d6 100644 --- a/vendor/web-token/jwt-signature-algorithm-rsa/RS512.php +++ b/vendor/web-token/jwt-signature-algorithm-rsa/RS512.php @@ -1,34 +1,34 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Signature\Util\RSA as JoseRSA; - -final class RS512 extends RSA -{ - protected function getAlgorithm(): string - { - return 'sha512'; - } - - protected function getSignatureMethod(): int - { - return JoseRSA::SIGNATURE_PKCS1; - } - - public function name(): string - { - return 'RS512'; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Signature\Util\RSA as JoseRSA;
+
+final class RS512 extends RSA
+{
+ protected function getAlgorithm(): string
+ {
+ return 'sha512';
+ }
+
+ protected function getSignatureMethod(): int
+ {
+ return JoseRSA::SIGNATURE_PKCS1;
+ }
+
+ public function name(): string
+ {
+ return 'RS512';
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-rsa/RSA.php b/vendor/web-token/jwt-signature-algorithm-rsa/RSA.php index 12a4445..337522d 100644 --- a/vendor/web-token/jwt-signature-algorithm-rsa/RSA.php +++ b/vendor/web-token/jwt-signature-algorithm-rsa/RSA.php @@ -1,62 +1,62 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Core\JWK; -use Jose\Component\Core\Util\RSAKey; -use Jose\Component\Signature\Util\RSA as JoseRSA; - -abstract class RSA implements SignatureAlgorithm -{ - abstract protected function getAlgorithm(): string; - - abstract protected function getSignatureMethod(): int; - - public function allowedKeyTypes(): array - { - return ['RSA']; - } - - public function verify(JWK $key, string $input, string $signature): bool - { - $this->checkKey($key); - $pub = RSAKey::createFromJWK($key->toPublic()); - - return JoseRSA::verify($pub, $input, $signature, $this->getAlgorithm(), $this->getSignatureMethod()); - } - - public function sign(JWK $key, string $input): string - { - $this->checkKey($key); - if (!$key->has('d')) { - throw new \InvalidArgumentException('The key is not a private key.'); - } - - $priv = RSAKey::createFromJWK($key); - - return JoseRSA::sign($priv, $input, $this->getAlgorithm(), $this->getSignatureMethod()); - } - - private function checkKey(JWK $key) - { - if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) { - throw new \InvalidArgumentException('Wrong key type.'); - } - foreach (['n', 'e'] as $k) { - if (!$key->has($k)) { - throw new \InvalidArgumentException(\sprintf('The key parameter "%s" is missing.', $k)); - } - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\Util\RSAKey;
+use Jose\Component\Signature\Util\RSA as JoseRSA;
+
+abstract class RSA implements SignatureAlgorithm
+{
+ abstract protected function getAlgorithm(): string;
+
+ abstract protected function getSignatureMethod(): int;
+
+ public function allowedKeyTypes(): array
+ {
+ return ['RSA'];
+ }
+
+ public function verify(JWK $key, string $input, string $signature): bool
+ {
+ $this->checkKey($key);
+ $pub = RSAKey::createFromJWK($key->toPublic());
+
+ return JoseRSA::verify($pub, $input, $signature, $this->getAlgorithm(), $this->getSignatureMethod());
+ }
+
+ public function sign(JWK $key, string $input): string
+ {
+ $this->checkKey($key);
+ if (!$key->has('d')) {
+ throw new \InvalidArgumentException('The key is not a private key.');
+ }
+
+ $priv = RSAKey::createFromJWK($key);
+
+ return JoseRSA::sign($priv, $input, $this->getAlgorithm(), $this->getSignatureMethod());
+ }
+
+ private function checkKey(JWK $key)
+ {
+ if (!\in_array($key->get('kty'), $this->allowedKeyTypes(), true)) {
+ throw new \InvalidArgumentException('Wrong key type.');
+ }
+ foreach (['n', 'e'] as $k) {
+ if (!$key->has($k)) {
+ throw new \InvalidArgumentException(\sprintf('The key parameter "%s" is missing.', $k));
+ }
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-signature-algorithm-rsa/composer.json b/vendor/web-token/jwt-signature-algorithm-rsa/composer.json index 7dee44a..b89570e 100644 --- a/vendor/web-token/jwt-signature-algorithm-rsa/composer.json +++ b/vendor/web-token/jwt-signature-algorithm-rsa/composer.json @@ -1,36 +1,36 @@ -{ - "name": "web-token/jwt-signature-algorithm-rsa", - "description": "RSA Based Signature Algorithms the JWT Framework.", - "type": "library", - "license": "MIT", - "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], - "homepage": "https://github.com/web-token", - "authors": [ - { - "name": "Florent Morselli", - "homepage": "https://github.com/Spomky" - },{ - "name": "All contributors", - "homepage": "https://github.com/web-token/jwt-core/contributors" - } - ], - "autoload": { - "psr-4": { - "Jose\\Component\\Signature\\Algorithm\\": "" - } - }, - "require": { - "web-token/jwt-signature": "^1.3" - }, - "require-dev": { - "phpunit/phpunit": "^6.0|^7.0" - }, - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "config": { - "sort-packages": true - } -} +{
+ "name": "web-token/jwt-signature-algorithm-rsa",
+ "description": "RSA Based Signature Algorithms the JWT Framework.",
+ "type": "library",
+ "license": "MIT",
+ "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+ "homepage": "https://github.com/web-token",
+ "authors": [
+ {
+ "name": "Florent Morselli",
+ "homepage": "https://github.com/Spomky"
+ },{
+ "name": "All contributors",
+ "homepage": "https://github.com/web-token/jwt-core/contributors"
+ }
+ ],
+ "autoload": {
+ "psr-4": {
+ "Jose\\Component\\Signature\\Algorithm\\": ""
+ }
+ },
+ "require": {
+ "web-token/jwt-signature": "^1.3"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^6.0|^7.0"
+ },
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.3.x-dev"
+ }
+ },
+ "config": {
+ "sort-packages": true
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Algorithm/SignatureAlgorithm.php b/vendor/web-token/jwt-signature/Algorithm/SignatureAlgorithm.php index 4f982e7..ce340f6 100644 --- a/vendor/web-token/jwt-signature/Algorithm/SignatureAlgorithm.php +++ b/vendor/web-token/jwt-signature/Algorithm/SignatureAlgorithm.php @@ -1,41 +1,41 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Algorithm; - -use Jose\Component\Core\Algorithm; -use Jose\Component\Core\JWK; - -interface SignatureAlgorithm extends Algorithm -{ - /** - * Sign the input. - * - * @param JWK $key The private key used to sign the data - * @param string $input The input - * - * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation - */ - public function sign(JWK $key, string $input): string; - - /** - * Verify the signature of data. - * - * @param JWK $key The private key used to sign the data - * @param string $input The input - * @param string $signature The signature to verify - * - * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation - */ - public function verify(JWK $key, string $input, string $signature): bool; -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Algorithm;
+
+use Jose\Component\Core\Algorithm;
+use Jose\Component\Core\JWK;
+
+interface SignatureAlgorithm extends Algorithm
+{
+ /**
+ * Sign the input.
+ *
+ * @param JWK $key The private key used to sign the data
+ * @param string $input The input
+ *
+ * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation
+ */
+ public function sign(JWK $key, string $input): string;
+
+ /**
+ * Verify the signature of data.
+ *
+ * @param JWK $key The private key used to sign the data
+ * @param string $input The input
+ * @param string $signature The signature to verify
+ *
+ * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation
+ */
+ public function verify(JWK $key, string $input, string $signature): bool;
+}
diff --git a/vendor/web-token/jwt-signature/JWS.php b/vendor/web-token/jwt-signature/JWS.php index fe94f33..0c7bac1 100644 --- a/vendor/web-token/jwt-signature/JWS.php +++ b/vendor/web-token/jwt-signature/JWS.php @@ -1,159 +1,159 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature; - -use Jose\Component\Core\JWT; - -class JWS implements JWT -{ - /** - * @var bool - */ - private $isPayloadDetached = false; - - /** - * @var string|null - */ - private $encodedPayload = null; - - /** - * @var Signature[] - */ - private $signatures = []; - - /** - * @var string|null - */ - private $payload = null; - - /** - * JWS constructor. - */ - private function __construct(?string $payload, ?string $encodedPayload = null, bool $isPayloadDetached = false) - { - $this->payload = $payload; - $this->encodedPayload = $encodedPayload; - $this->isPayloadDetached = $isPayloadDetached; - } - - /** - * Creates a JWS object. - * - * @return JWS - */ - public static function create(?string $payload, ?string $encodedPayload = null, bool $isPayloadDetached = false): self - { - return new self($payload, $encodedPayload, $isPayloadDetached); - } - - public function getPayload(): ?string - { - return $this->payload; - } - - /** - * Returns true if the payload is detached. - */ - public function isPayloadDetached(): bool - { - return $this->isPayloadDetached; - } - - /** - * Returns the Base64Url encoded payload. - * If the payload is detached, this method returns null. - */ - public function getEncodedPayload(): ?string - { - if (true === $this->isPayloadDetached()) { - return null; - } - - return $this->encodedPayload; - } - - /** - * Returns the signatures associated with the JWS. - * - * @return Signature[] - */ - public function getSignatures(): array - { - return $this->signatures; - } - - /** - * Returns the signature at the given index. - */ - public function getSignature(int $id): Signature - { - if (isset($this->signatures[$id])) { - return $this->signatures[$id]; - } - - throw new \InvalidArgumentException('The signature does not exist.'); - } - - /** - * This method adds a signature to the JWS object. - * Its returns a new JWS object. - * - * @internal - * - * @return JWS - */ - public function addSignature(string $signature, array $protectedHeader, ?string $encodedProtectedHeader, array $header = []): self - { - $jws = clone $this; - $jws->signatures[] = Signature::create($signature, $protectedHeader, $encodedProtectedHeader, $header); - - return $jws; - } - - /** - * Returns the number of signature associated with the JWS. - */ - public function countSignatures(): int - { - return \count($this->signatures); - } - - /** - * This method splits the JWS into a list of JWSs. - * It is only useful when the JWS contains more than one signature (JSON General Serialization). - * - * @return JWS[] - */ - public function split(): array - { - $result = []; - foreach ($this->signatures as $signature) { - $jws = self::create( - $this->payload, - $this->encodedPayload, - $this->isPayloadDetached - ); - $jws = $jws->addSignature( - $signature->getSignature(), - $signature->getProtectedHeader(), - $signature->getEncodedProtectedHeader(), - $signature->getHeader() - ); - - $result[] = $jws; - } - - return $result; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature;
+
+use Jose\Component\Core\JWT;
+
+class JWS implements JWT
+{
+ /**
+ * @var bool
+ */
+ private $isPayloadDetached = false;
+
+ /**
+ * @var string|null
+ */
+ private $encodedPayload = null;
+
+ /**
+ * @var Signature[]
+ */
+ private $signatures = [];
+
+ /**
+ * @var string|null
+ */
+ private $payload = null;
+
+ /**
+ * JWS constructor.
+ */
+ private function __construct(?string $payload, ?string $encodedPayload = null, bool $isPayloadDetached = false)
+ {
+ $this->payload = $payload;
+ $this->encodedPayload = $encodedPayload;
+ $this->isPayloadDetached = $isPayloadDetached;
+ }
+
+ /**
+ * Creates a JWS object.
+ *
+ * @return JWS
+ */
+ public static function create(?string $payload, ?string $encodedPayload = null, bool $isPayloadDetached = false): self
+ {
+ return new self($payload, $encodedPayload, $isPayloadDetached);
+ }
+
+ public function getPayload(): ?string
+ {
+ return $this->payload;
+ }
+
+ /**
+ * Returns true if the payload is detached.
+ */
+ public function isPayloadDetached(): bool
+ {
+ return $this->isPayloadDetached;
+ }
+
+ /**
+ * Returns the Base64Url encoded payload.
+ * If the payload is detached, this method returns null.
+ */
+ public function getEncodedPayload(): ?string
+ {
+ if (true === $this->isPayloadDetached()) {
+ return null;
+ }
+
+ return $this->encodedPayload;
+ }
+
+ /**
+ * Returns the signatures associated with the JWS.
+ *
+ * @return Signature[]
+ */
+ public function getSignatures(): array
+ {
+ return $this->signatures;
+ }
+
+ /**
+ * Returns the signature at the given index.
+ */
+ public function getSignature(int $id): Signature
+ {
+ if (isset($this->signatures[$id])) {
+ return $this->signatures[$id];
+ }
+
+ throw new \InvalidArgumentException('The signature does not exist.');
+ }
+
+ /**
+ * This method adds a signature to the JWS object.
+ * Its returns a new JWS object.
+ *
+ * @internal
+ *
+ * @return JWS
+ */
+ public function addSignature(string $signature, array $protectedHeader, ?string $encodedProtectedHeader, array $header = []): self
+ {
+ $jws = clone $this;
+ $jws->signatures[] = Signature::create($signature, $protectedHeader, $encodedProtectedHeader, $header);
+
+ return $jws;
+ }
+
+ /**
+ * Returns the number of signature associated with the JWS.
+ */
+ public function countSignatures(): int
+ {
+ return \count($this->signatures);
+ }
+
+ /**
+ * This method splits the JWS into a list of JWSs.
+ * It is only useful when the JWS contains more than one signature (JSON General Serialization).
+ *
+ * @return JWS[]
+ */
+ public function split(): array
+ {
+ $result = [];
+ foreach ($this->signatures as $signature) {
+ $jws = self::create(
+ $this->payload,
+ $this->encodedPayload,
+ $this->isPayloadDetached
+ );
+ $jws = $jws->addSignature(
+ $signature->getSignature(),
+ $signature->getProtectedHeader(),
+ $signature->getEncodedProtectedHeader(),
+ $signature->getHeader()
+ );
+
+ $result[] = $jws;
+ }
+
+ return $result;
+ }
+}
diff --git a/vendor/web-token/jwt-signature/JWSBuilder.php b/vendor/web-token/jwt-signature/JWSBuilder.php index 7d8bf43..2877f7d 100644 --- a/vendor/web-token/jwt-signature/JWSBuilder.php +++ b/vendor/web-token/jwt-signature/JWSBuilder.php @@ -1,213 +1,213 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature; - -use Base64Url\Base64Url; -use Jose\Component\Core\AlgorithmManager; -use Jose\Component\Core\Converter\JsonConverter; -use Jose\Component\Core\JWK; -use Jose\Component\Core\Util\KeyChecker; -use Jose\Component\Signature\Algorithm\SignatureAlgorithm; - -class JWSBuilder -{ - /** - * @var JsonConverter - */ - private $jsonConverter; - - /** - * @var string|null - */ - private $payload; - - /** - * @var bool - */ - private $isPayloadDetached; - - /** - * @var array - */ - private $signatures = []; - - /** - * @var AlgorithmManager - */ - private $signatureAlgorithmManager; - - /** - * @var bool|null - */ - private $isPayloadEncoded = null; - - /** - * JWSBuilder constructor. - */ - public function __construct(?JsonConverter $jsonConverter, AlgorithmManager $signatureAlgorithmManager) - { - $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter(); - $this->signatureAlgorithmManager = $signatureAlgorithmManager; - } - - /** - * Returns the algorithm manager associated to the builder. - */ - public function getSignatureAlgorithmManager(): AlgorithmManager - { - return $this->signatureAlgorithmManager; - } - - /** - * Reset the current data. - * - * @return JWSBuilder - */ - public function create(): self - { - $this->payload = null; - $this->isPayloadDetached = false; - $this->signatures = []; - $this->isPayloadEncoded = null; - - return $this; - } - - /** - * Set the payload. - * This method will return a new JWSBuilder object. - * - * @return JWSBuilder - */ - public function withPayload(string $payload, bool $isPayloadDetached = false): self - { - if (false === \mb_detect_encoding($payload, 'UTF-8', true)) { - throw new \InvalidArgumentException('The payload must be encoded in UTF-8'); - } - $clone = clone $this; - $clone->payload = $payload; - $clone->isPayloadDetached = $isPayloadDetached; - - return $clone; - } - - /** - * Adds the information needed to compute the signature. - * This method will return a new JWSBuilder object. - * - * @return JWSBuilder - */ - public function addSignature(JWK $signatureKey, array $protectedHeader, array $header = []): self - { - $this->checkB64AndCriticalHeader($protectedHeader); - $isPayloadEncoded = $this->checkIfPayloadIsEncoded($protectedHeader); - if (null === $this->isPayloadEncoded) { - $this->isPayloadEncoded = $isPayloadEncoded; - } elseif ($this->isPayloadEncoded !== $isPayloadEncoded) { - throw new \InvalidArgumentException('Foreign payload encoding detected.'); - } - $this->checkDuplicatedHeaderParameters($protectedHeader, $header); - KeyChecker::checkKeyUsage($signatureKey, 'signature'); - $signatureAlgorithm = $this->findSignatureAlgorithm($signatureKey, $protectedHeader, $header); - KeyChecker::checkKeyAlgorithm($signatureKey, $signatureAlgorithm->name()); - $clone = clone $this; - $clone->signatures[] = [ - 'signature_algorithm' => $signatureAlgorithm, - 'signature_key' => $signatureKey, - 'protected_header' => $protectedHeader, - 'header' => $header, - ]; - - return $clone; - } - - /** - * Computes all signatures and return the expected JWS object. - */ - public function build(): JWS - { - if (null === $this->payload) { - throw new \RuntimeException('The payload is not set.'); - } - if (0 === \count($this->signatures)) { - throw new \RuntimeException('At least one signature must be set.'); - } - - $encodedPayload = false === $this->isPayloadEncoded ? $this->payload : Base64Url::encode($this->payload); - $jws = JWS::create($this->payload, $encodedPayload, $this->isPayloadDetached); - foreach ($this->signatures as $signature) { - /** @var SignatureAlgorithm $signatureAlgorithm */ - $signatureAlgorithm = $signature['signature_algorithm']; - /** @var JWK $signatureKey */ - $signatureKey = $signature['signature_key']; - /** @var array $protectedHeader */ - $protectedHeader = $signature['protected_header']; - /** @var array $header */ - $header = $signature['header']; - $encodedProtectedHeader = empty($protectedHeader) ? null : Base64Url::encode($this->jsonConverter->encode($protectedHeader)); - $input = \sprintf('%s.%s', $encodedProtectedHeader, $encodedPayload); - $s = $signatureAlgorithm->sign($signatureKey, $input); - $jws = $jws->addSignature($s, $protectedHeader, $encodedProtectedHeader, $header); - } - - return $jws; - } - - private function checkIfPayloadIsEncoded(array $protectedHeader): bool - { - return !\array_key_exists('b64', $protectedHeader) || true === $protectedHeader['b64']; - } - - private function checkB64AndCriticalHeader(array $protectedHeader) - { - if (!\array_key_exists('b64', $protectedHeader)) { - return; - } - if (!\array_key_exists('crit', $protectedHeader)) { - throw new \LogicException('The protected header parameter "crit" is mandatory when protected header parameter "b64" is set.'); - } - if (!\is_array($protectedHeader['crit'])) { - throw new \LogicException('The protected header parameter "crit" must be an array.'); - } - if (!\in_array('b64', $protectedHeader['crit'], true)) { - throw new \LogicException('The protected header parameter "crit" must contain "b64" when protected header parameter "b64" is set.'); - } - } - - private function findSignatureAlgorithm(JWK $key, array $protectedHeader, array $header): SignatureAlgorithm - { - $completeHeader = \array_merge($header, $protectedHeader); - if (!\array_key_exists('alg', $completeHeader)) { - throw new \InvalidArgumentException('No "alg" parameter set in the header.'); - } - if ($key->has('alg') && $key->get('alg') !== $completeHeader['alg']) { - throw new \InvalidArgumentException(\sprintf('The algorithm "%s" is not allowed with this key.', $completeHeader['alg'])); - } - - $signatureAlgorithm = $this->signatureAlgorithmManager->get($completeHeader['alg']); - if (!$signatureAlgorithm instanceof SignatureAlgorithm) { - throw new \InvalidArgumentException(\sprintf('The algorithm "%s" is not supported.', $completeHeader['alg'])); - } - - return $signatureAlgorithm; - } - - private function checkDuplicatedHeaderParameters(array $header1, array $header2) - { - $inter = \array_intersect_key($header1, $header2); - if (!empty($inter)) { - throw new \InvalidArgumentException(\sprintf('The header contains duplicated entries: %s.', \implode(', ', \array_keys($inter)))); - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\AlgorithmManager;
+use Jose\Component\Core\Converter\JsonConverter;
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\Util\KeyChecker;
+use Jose\Component\Signature\Algorithm\SignatureAlgorithm;
+
+class JWSBuilder
+{
+ /**
+ * @var JsonConverter
+ */
+ private $jsonConverter;
+
+ /**
+ * @var string|null
+ */
+ private $payload;
+
+ /**
+ * @var bool
+ */
+ private $isPayloadDetached;
+
+ /**
+ * @var array
+ */
+ private $signatures = [];
+
+ /**
+ * @var AlgorithmManager
+ */
+ private $signatureAlgorithmManager;
+
+ /**
+ * @var bool|null
+ */
+ private $isPayloadEncoded = null;
+
+ /**
+ * JWSBuilder constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter, AlgorithmManager $signatureAlgorithmManager)
+ {
+ $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter();
+ $this->signatureAlgorithmManager = $signatureAlgorithmManager;
+ }
+
+ /**
+ * Returns the algorithm manager associated to the builder.
+ */
+ public function getSignatureAlgorithmManager(): AlgorithmManager
+ {
+ return $this->signatureAlgorithmManager;
+ }
+
+ /**
+ * Reset the current data.
+ *
+ * @return JWSBuilder
+ */
+ public function create(): self
+ {
+ $this->payload = null;
+ $this->isPayloadDetached = false;
+ $this->signatures = [];
+ $this->isPayloadEncoded = null;
+
+ return $this;
+ }
+
+ /**
+ * Set the payload.
+ * This method will return a new JWSBuilder object.
+ *
+ * @return JWSBuilder
+ */
+ public function withPayload(string $payload, bool $isPayloadDetached = false): self
+ {
+ if (false === \mb_detect_encoding($payload, 'UTF-8', true)) {
+ throw new \InvalidArgumentException('The payload must be encoded in UTF-8');
+ }
+ $clone = clone $this;
+ $clone->payload = $payload;
+ $clone->isPayloadDetached = $isPayloadDetached;
+
+ return $clone;
+ }
+
+ /**
+ * Adds the information needed to compute the signature.
+ * This method will return a new JWSBuilder object.
+ *
+ * @return JWSBuilder
+ */
+ public function addSignature(JWK $signatureKey, array $protectedHeader, array $header = []): self
+ {
+ $this->checkB64AndCriticalHeader($protectedHeader);
+ $isPayloadEncoded = $this->checkIfPayloadIsEncoded($protectedHeader);
+ if (null === $this->isPayloadEncoded) {
+ $this->isPayloadEncoded = $isPayloadEncoded;
+ } elseif ($this->isPayloadEncoded !== $isPayloadEncoded) {
+ throw new \InvalidArgumentException('Foreign payload encoding detected.');
+ }
+ $this->checkDuplicatedHeaderParameters($protectedHeader, $header);
+ KeyChecker::checkKeyUsage($signatureKey, 'signature');
+ $signatureAlgorithm = $this->findSignatureAlgorithm($signatureKey, $protectedHeader, $header);
+ KeyChecker::checkKeyAlgorithm($signatureKey, $signatureAlgorithm->name());
+ $clone = clone $this;
+ $clone->signatures[] = [
+ 'signature_algorithm' => $signatureAlgorithm,
+ 'signature_key' => $signatureKey,
+ 'protected_header' => $protectedHeader,
+ 'header' => $header,
+ ];
+
+ return $clone;
+ }
+
+ /**
+ * Computes all signatures and return the expected JWS object.
+ */
+ public function build(): JWS
+ {
+ if (null === $this->payload) {
+ throw new \RuntimeException('The payload is not set.');
+ }
+ if (0 === \count($this->signatures)) {
+ throw new \RuntimeException('At least one signature must be set.');
+ }
+
+ $encodedPayload = false === $this->isPayloadEncoded ? $this->payload : Base64Url::encode($this->payload);
+ $jws = JWS::create($this->payload, $encodedPayload, $this->isPayloadDetached);
+ foreach ($this->signatures as $signature) {
+ /** @var SignatureAlgorithm $signatureAlgorithm */
+ $signatureAlgorithm = $signature['signature_algorithm'];
+ /** @var JWK $signatureKey */
+ $signatureKey = $signature['signature_key'];
+ /** @var array $protectedHeader */
+ $protectedHeader = $signature['protected_header'];
+ /** @var array $header */
+ $header = $signature['header'];
+ $encodedProtectedHeader = empty($protectedHeader) ? null : Base64Url::encode($this->jsonConverter->encode($protectedHeader));
+ $input = \sprintf('%s.%s', $encodedProtectedHeader, $encodedPayload);
+ $s = $signatureAlgorithm->sign($signatureKey, $input);
+ $jws = $jws->addSignature($s, $protectedHeader, $encodedProtectedHeader, $header);
+ }
+
+ return $jws;
+ }
+
+ private function checkIfPayloadIsEncoded(array $protectedHeader): bool
+ {
+ return !\array_key_exists('b64', $protectedHeader) || true === $protectedHeader['b64'];
+ }
+
+ private function checkB64AndCriticalHeader(array $protectedHeader)
+ {
+ if (!\array_key_exists('b64', $protectedHeader)) {
+ return;
+ }
+ if (!\array_key_exists('crit', $protectedHeader)) {
+ throw new \LogicException('The protected header parameter "crit" is mandatory when protected header parameter "b64" is set.');
+ }
+ if (!\is_array($protectedHeader['crit'])) {
+ throw new \LogicException('The protected header parameter "crit" must be an array.');
+ }
+ if (!\in_array('b64', $protectedHeader['crit'], true)) {
+ throw new \LogicException('The protected header parameter "crit" must contain "b64" when protected header parameter "b64" is set.');
+ }
+ }
+
+ private function findSignatureAlgorithm(JWK $key, array $protectedHeader, array $header): SignatureAlgorithm
+ {
+ $completeHeader = \array_merge($header, $protectedHeader);
+ if (!\array_key_exists('alg', $completeHeader)) {
+ throw new \InvalidArgumentException('No "alg" parameter set in the header.');
+ }
+ if ($key->has('alg') && $key->get('alg') !== $completeHeader['alg']) {
+ throw new \InvalidArgumentException(\sprintf('The algorithm "%s" is not allowed with this key.', $completeHeader['alg']));
+ }
+
+ $signatureAlgorithm = $this->signatureAlgorithmManager->get($completeHeader['alg']);
+ if (!$signatureAlgorithm instanceof SignatureAlgorithm) {
+ throw new \InvalidArgumentException(\sprintf('The algorithm "%s" is not supported.', $completeHeader['alg']));
+ }
+
+ return $signatureAlgorithm;
+ }
+
+ private function checkDuplicatedHeaderParameters(array $header1, array $header2)
+ {
+ $inter = \array_intersect_key($header1, $header2);
+ if (!empty($inter)) {
+ throw new \InvalidArgumentException(\sprintf('The header contains duplicated entries: %s.', \implode(', ', \array_keys($inter))));
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-signature/JWSBuilderFactory.php b/vendor/web-token/jwt-signature/JWSBuilderFactory.php index 1c0e6c9..a5885d7 100644 --- a/vendor/web-token/jwt-signature/JWSBuilderFactory.php +++ b/vendor/web-token/jwt-signature/JWSBuilderFactory.php @@ -1,51 +1,51 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature; - -use Jose\Component\Core\AlgorithmManagerFactory; -use Jose\Component\Core\Converter\JsonConverter; - -class JWSBuilderFactory -{ - /** - * @var JsonConverter|null - */ - private $jsonConverter; - - /** - * @var AlgorithmManagerFactory - */ - private $signatureAlgorithmManagerFactory; - - /** - * JWSBuilderFactory constructor. - */ - public function __construct(?JsonConverter $jsonConverter, AlgorithmManagerFactory $signatureAlgorithmManagerFactory) - { - $this->jsonConverter = $jsonConverter; - $this->signatureAlgorithmManagerFactory = $signatureAlgorithmManagerFactory; - } - - /** - * This method creates a JWSBuilder using the given algorithm aliases. - * - * @param string[] $algorithms - */ - public function create(array $algorithms): JWSBuilder - { - $algorithmManager = $this->signatureAlgorithmManagerFactory->create($algorithms); - - return new JWSBuilder($this->jsonConverter, $algorithmManager); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature;
+
+use Jose\Component\Core\AlgorithmManagerFactory;
+use Jose\Component\Core\Converter\JsonConverter;
+
+class JWSBuilderFactory
+{
+ /**
+ * @var JsonConverter|null
+ */
+ private $jsonConverter;
+
+ /**
+ * @var AlgorithmManagerFactory
+ */
+ private $signatureAlgorithmManagerFactory;
+
+ /**
+ * JWSBuilderFactory constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter, AlgorithmManagerFactory $signatureAlgorithmManagerFactory)
+ {
+ $this->jsonConverter = $jsonConverter;
+ $this->signatureAlgorithmManagerFactory = $signatureAlgorithmManagerFactory;
+ }
+
+ /**
+ * This method creates a JWSBuilder using the given algorithm aliases.
+ *
+ * @param string[] $algorithms
+ */
+ public function create(array $algorithms): JWSBuilder
+ {
+ $algorithmManager = $this->signatureAlgorithmManagerFactory->create($algorithms);
+
+ return new JWSBuilder($this->jsonConverter, $algorithmManager);
+ }
+}
diff --git a/vendor/web-token/jwt-signature/JWSLoader.php b/vendor/web-token/jwt-signature/JWSLoader.php index b7eb8dd..23da3de 100644 --- a/vendor/web-token/jwt-signature/JWSLoader.php +++ b/vendor/web-token/jwt-signature/JWSLoader.php @@ -1,122 +1,122 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature; - -use Jose\Component\Checker\HeaderCheckerManager; -use Jose\Component\Core\JWK; -use Jose\Component\Core\JWKSet; -use Jose\Component\Signature\Serializer\JWSSerializerManager; - -class JWSLoader -{ - /** - * @var JWSVerifier - */ - private $jwsVerifier; - - /** - * @var HeaderCheckerManager|null - */ - private $headerCheckerManager; - - /** - * @var JWSSerializerManager - */ - private $serializerManager; - - /** - * JWSLoader constructor. - */ - public function __construct(JWSSerializerManager $serializerManager, JWSVerifier $jwsVerifier, ?HeaderCheckerManager $headerCheckerManager) - { - $this->serializerManager = $serializerManager; - $this->jwsVerifier = $jwsVerifier; - $this->headerCheckerManager = $headerCheckerManager; - } - - /** - * Returns the JWSVerifier associated to the JWSLoader. - */ - public function getJwsVerifier(): JWSVerifier - { - return $this->jwsVerifier; - } - - /** - * Returns the Header Checker Manager associated to the JWSLoader. - */ - public function getHeaderCheckerManager(): ?HeaderCheckerManager - { - return $this->headerCheckerManager; - } - - /** - * Returns the JWSSerializer associated to the JWSLoader. - */ - public function getSerializerManager(): JWSSerializerManager - { - return $this->serializerManager; - } - - /** - * This method will try to load and verify the token using the given key. - * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown. - * - * @throws \Exception - */ - public function loadAndVerifyWithKey(string $token, JWK $key, ?int &$signature, ?string $payload = null): JWS - { - $keyset = new JWKSet([$key]); - - return $this->loadAndVerifyWithKeySet($token, $keyset, $signature, $payload); - } - - /** - * This method will try to load and verify the token using the given key set. - * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown. - * - * @throws \Exception - */ - public function loadAndVerifyWithKeySet(string $token, JWKSet $keyset, ?int &$signature, ?string $payload = null): JWS - { - try { - $jws = $this->serializerManager->unserialize($token); - $nbSignatures = $jws->countSignatures(); - for ($i = 0; $i < $nbSignatures; ++$i) { - if ($this->processSignature($jws, $keyset, $i, $payload)) { - $signature = $i; - - return $jws; - } - } - } catch (\Exception $e) { - // Nothing to do. Exception thrown just after - } - - throw new \Exception('Unable to load and verify the token.'); - } - - private function processSignature(JWS $jws, JWKSet $keyset, int $signature, ?string $payload): bool - { - try { - if (null !== $this->headerCheckerManager) { - $this->headerCheckerManager->check($jws, $signature); - } - - return $this->jwsVerifier->verifyWithKeySet($jws, $keyset, $signature, $payload); - } catch (\Exception $e) { - return false; - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature;
+
+use Jose\Component\Checker\HeaderCheckerManager;
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\JWKSet;
+use Jose\Component\Signature\Serializer\JWSSerializerManager;
+
+class JWSLoader
+{
+ /**
+ * @var JWSVerifier
+ */
+ private $jwsVerifier;
+
+ /**
+ * @var HeaderCheckerManager|null
+ */
+ private $headerCheckerManager;
+
+ /**
+ * @var JWSSerializerManager
+ */
+ private $serializerManager;
+
+ /**
+ * JWSLoader constructor.
+ */
+ public function __construct(JWSSerializerManager $serializerManager, JWSVerifier $jwsVerifier, ?HeaderCheckerManager $headerCheckerManager)
+ {
+ $this->serializerManager = $serializerManager;
+ $this->jwsVerifier = $jwsVerifier;
+ $this->headerCheckerManager = $headerCheckerManager;
+ }
+
+ /**
+ * Returns the JWSVerifier associated to the JWSLoader.
+ */
+ public function getJwsVerifier(): JWSVerifier
+ {
+ return $this->jwsVerifier;
+ }
+
+ /**
+ * Returns the Header Checker Manager associated to the JWSLoader.
+ */
+ public function getHeaderCheckerManager(): ?HeaderCheckerManager
+ {
+ return $this->headerCheckerManager;
+ }
+
+ /**
+ * Returns the JWSSerializer associated to the JWSLoader.
+ */
+ public function getSerializerManager(): JWSSerializerManager
+ {
+ return $this->serializerManager;
+ }
+
+ /**
+ * This method will try to load and verify the token using the given key.
+ * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown.
+ *
+ * @throws \Exception
+ */
+ public function loadAndVerifyWithKey(string $token, JWK $key, ?int &$signature, ?string $payload = null): JWS
+ {
+ $keyset = new JWKSet([$key]);
+
+ return $this->loadAndVerifyWithKeySet($token, $keyset, $signature, $payload);
+ }
+
+ /**
+ * This method will try to load and verify the token using the given key set.
+ * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown.
+ *
+ * @throws \Exception
+ */
+ public function loadAndVerifyWithKeySet(string $token, JWKSet $keyset, ?int &$signature, ?string $payload = null): JWS
+ {
+ try {
+ $jws = $this->serializerManager->unserialize($token);
+ $nbSignatures = $jws->countSignatures();
+ for ($i = 0; $i < $nbSignatures; ++$i) {
+ if ($this->processSignature($jws, $keyset, $i, $payload)) {
+ $signature = $i;
+
+ return $jws;
+ }
+ }
+ } catch (\Exception $e) {
+ // Nothing to do. Exception thrown just after
+ }
+
+ throw new \Exception('Unable to load and verify the token.');
+ }
+
+ private function processSignature(JWS $jws, JWKSet $keyset, int $signature, ?string $payload): bool
+ {
+ try {
+ if (null !== $this->headerCheckerManager) {
+ $this->headerCheckerManager->check($jws, $signature);
+ }
+
+ return $this->jwsVerifier->verifyWithKeySet($jws, $keyset, $signature, $payload);
+ } catch (\Exception $e) {
+ return false;
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-signature/JWSLoaderFactory.php b/vendor/web-token/jwt-signature/JWSLoaderFactory.php index 3517cd5..d2ed58b 100644 --- a/vendor/web-token/jwt-signature/JWSLoaderFactory.php +++ b/vendor/web-token/jwt-signature/JWSLoaderFactory.php @@ -1,62 +1,62 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature; - -use Jose\Component\Checker\HeaderCheckerManagerFactory; -use Jose\Component\Signature\Serializer\JWSSerializerManagerFactory; - -class JWSLoaderFactory -{ - /** - * @var JWSVerifierFactory - */ - private $jwsVerifierFactory; - - /** - * @var JWSSerializerManagerFactory - */ - private $jwsSerializerManagerFactory; - - /** - * @var HeaderCheckerManagerFactory|null - */ - private $headerCheckerManagerFactory = null; - - /** - * JWSLoaderFactory constructor. - */ - public function __construct(JWSSerializerManagerFactory $jwsSerializerManagerFactory, JWSVerifierFactory $jwsVerifierFactory, ?HeaderCheckerManagerFactory $headerCheckerManagerFactory) - { - $this->jwsSerializerManagerFactory = $jwsSerializerManagerFactory; - $this->jwsVerifierFactory = $jwsVerifierFactory; - $this->headerCheckerManagerFactory = $headerCheckerManagerFactory; - } - - /** - * Creates a JWSLoader using the given serializer aliases, signature algorithm aliases and (optionally) - * the header checker aliases. - */ - public function create(array $serializers, array $algorithms, array $headerCheckers = []): JWSLoader - { - $serializerManager = $this->jwsSerializerManagerFactory->create($serializers); - $jwsVerifier = $this->jwsVerifierFactory->create($algorithms); - if (null !== $this->headerCheckerManagerFactory) { - $headerCheckerManager = $this->headerCheckerManagerFactory->create($headerCheckers); - } else { - $headerCheckerManager = null; - } - - return new JWSLoader($serializerManager, $jwsVerifier, $headerCheckerManager); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature;
+
+use Jose\Component\Checker\HeaderCheckerManagerFactory;
+use Jose\Component\Signature\Serializer\JWSSerializerManagerFactory;
+
+class JWSLoaderFactory
+{
+ /**
+ * @var JWSVerifierFactory
+ */
+ private $jwsVerifierFactory;
+
+ /**
+ * @var JWSSerializerManagerFactory
+ */
+ private $jwsSerializerManagerFactory;
+
+ /**
+ * @var HeaderCheckerManagerFactory|null
+ */
+ private $headerCheckerManagerFactory = null;
+
+ /**
+ * JWSLoaderFactory constructor.
+ */
+ public function __construct(JWSSerializerManagerFactory $jwsSerializerManagerFactory, JWSVerifierFactory $jwsVerifierFactory, ?HeaderCheckerManagerFactory $headerCheckerManagerFactory)
+ {
+ $this->jwsSerializerManagerFactory = $jwsSerializerManagerFactory;
+ $this->jwsVerifierFactory = $jwsVerifierFactory;
+ $this->headerCheckerManagerFactory = $headerCheckerManagerFactory;
+ }
+
+ /**
+ * Creates a JWSLoader using the given serializer aliases, signature algorithm aliases and (optionally)
+ * the header checker aliases.
+ */
+ public function create(array $serializers, array $algorithms, array $headerCheckers = []): JWSLoader
+ {
+ $serializerManager = $this->jwsSerializerManagerFactory->create($serializers);
+ $jwsVerifier = $this->jwsVerifierFactory->create($algorithms);
+ if (null !== $this->headerCheckerManagerFactory) {
+ $headerCheckerManager = $this->headerCheckerManagerFactory->create($headerCheckers);
+ } else {
+ $headerCheckerManager = null;
+ }
+
+ return new JWSLoader($serializerManager, $jwsVerifier, $headerCheckerManager);
+ }
+}
diff --git a/vendor/web-token/jwt-signature/JWSTokenSupport.php b/vendor/web-token/jwt-signature/JWSTokenSupport.php index 667f3fc..8fb3137 100644 --- a/vendor/web-token/jwt-signature/JWSTokenSupport.php +++ b/vendor/web-token/jwt-signature/JWSTokenSupport.php @@ -1,38 +1,38 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature; - -use Jose\Component\Checker\TokenTypeSupport; -use Jose\Component\Core\JWT; - -final class JWSTokenSupport implements TokenTypeSupport -{ - public function supports(JWT $jwt): bool - { - return $jwt instanceof JWS; - } - - public function retrieveTokenHeaders(JWT $jwt, int $index, array &$protectedHeader, array &$unprotectedHeader): void - { - if (!$jwt instanceof JWS) { - return; - } - - if ($index > $jwt->countSignatures()) { - throw new \InvalidArgumentException('Unknown signature index.'); - } - $protectedHeader = $jwt->getSignature($index)->getProtectedHeader(); - $unprotectedHeader = $jwt->getSignature($index)->getHeader(); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature;
+
+use Jose\Component\Checker\TokenTypeSupport;
+use Jose\Component\Core\JWT;
+
+final class JWSTokenSupport implements TokenTypeSupport
+{
+ public function supports(JWT $jwt): bool
+ {
+ return $jwt instanceof JWS;
+ }
+
+ public function retrieveTokenHeaders(JWT $jwt, int $index, array &$protectedHeader, array &$unprotectedHeader): void
+ {
+ if (!$jwt instanceof JWS) {
+ return;
+ }
+
+ if ($index > $jwt->countSignatures()) {
+ throw new \InvalidArgumentException('Unknown signature index.');
+ }
+ $protectedHeader = $jwt->getSignature($index)->getProtectedHeader();
+ $unprotectedHeader = $jwt->getSignature($index)->getHeader();
+ }
+}
diff --git a/vendor/web-token/jwt-signature/JWSVerifier.php b/vendor/web-token/jwt-signature/JWSVerifier.php index bf49150..c5a536c 100644 --- a/vendor/web-token/jwt-signature/JWSVerifier.php +++ b/vendor/web-token/jwt-signature/JWSVerifier.php @@ -1,160 +1,160 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature; - -use Base64Url\Base64Url; -use Jose\Component\Core\AlgorithmManager; -use Jose\Component\Core\JWK; -use Jose\Component\Core\JWKSet; -use Jose\Component\Core\Util\KeyChecker; -use Jose\Component\Signature\Algorithm\SignatureAlgorithm; - -class JWSVerifier -{ - /** - * @var AlgorithmManager - */ - private $signatureAlgorithmManager; - - /** - * JWSVerifier constructor. - */ - public function __construct(AlgorithmManager $signatureAlgorithmManager) - { - $this->signatureAlgorithmManager = $signatureAlgorithmManager; - } - - /** - * Returns the algorithm manager associated to the JWSVerifier. - */ - public function getSignatureAlgorithmManager(): AlgorithmManager - { - return $this->signatureAlgorithmManager; - } - - /** - * This method will try to verify the JWS object using the given key and for the given signature. - * It returns true if the signature is verified, otherwise false. - * - * @return bool true if the verification of the signature succeeded, else false - */ - public function verifyWithKey(JWS $jws, JWK $jwk, int $signature, ?string $detachedPayload = null): bool - { - $jwkset = new JWKSet([$jwk]); - - return $this->verifyWithKeySet($jws, $jwkset, $signature, $detachedPayload); - } - - /** - * This method will try to verify the JWS object using the given key set and for the given signature. - * It returns true if the signature is verified, otherwise false. - * - * @param JWS $jws A JWS object - * @param JWKSet $jwkset The signature will be verified using keys in the key set - * @param string|null $detachedPayload If not null, the value must be the detached payload encoded in Base64 URL safe. If the input contains a payload, throws an exception. - * - * @return bool true if the verification of the signature succeeded, else false - */ - public function verifyWithKeySet(JWS $jws, JWKSet $jwkset, int $signature, ?string $detachedPayload = null): bool - { - $this->checkJWKSet($jwkset); - $this->checkSignatures($jws); - $this->checkPayload($jws, $detachedPayload); - - $signature = $jws->getSignature($signature); - - return $this->verifySignature($jws, $jwkset, $signature, $detachedPayload); - } - - private function verifySignature(JWS $jws, JWKSet $jwkset, Signature $signature, ?string $detachedPayload = null): bool - { - $input = $this->getInputToVerify($jws, $signature, $detachedPayload); - foreach ($jwkset->all() as $jwk) { - $algorithm = $this->getAlgorithm($signature); - - try { - KeyChecker::checkKeyUsage($jwk, 'verification'); - KeyChecker::checkKeyAlgorithm($jwk, $algorithm->name()); - if (!\in_array($jwk->get('kty'), $algorithm->allowedKeyTypes(), true)) { - throw new \InvalidArgumentException('Wrong key type.'); - } - if (true === $algorithm->verify($jwk, $input, $signature->getSignature())) { - return true; - } - } catch (\Exception $e) { - //We do nothing, we continue with other keys - continue; - } - } - - return false; - } - - private function getInputToVerify(JWS $jws, Signature $signature, ?string $detachedPayload): string - { - $encodedProtectedHeader = $signature->getEncodedProtectedHeader(); - if (!$signature->hasProtectedHeaderParameter('b64') || true === $signature->getProtectedHeaderParameter('b64')) { - if (null !== $jws->getEncodedPayload()) { - return \sprintf('%s.%s', $encodedProtectedHeader, $jws->getEncodedPayload()); - } - - $payload = empty($jws->getPayload()) ? $detachedPayload : $jws->getPayload(); - - return \sprintf('%s.%s', $encodedProtectedHeader, Base64Url::encode($payload)); - } - - $payload = empty($jws->getPayload()) ? $detachedPayload : $jws->getPayload(); - - return \sprintf('%s.%s', $encodedProtectedHeader, $payload); - } - - private function checkSignatures(JWS $jws) - { - if (0 === $jws->countSignatures()) { - throw new \InvalidArgumentException('The JWS does not contain any signature.'); - } - } - - private function checkJWKSet(JWKSet $jwkset) - { - if (0 === \count($jwkset)) { - throw new \InvalidArgumentException('There is no key in the key set.'); - } - } - - private function checkPayload(JWS $jws, ?string $detachedPayload = null) - { - if (null !== $detachedPayload && !empty($jws->getPayload())) { - throw new \InvalidArgumentException('A detached payload is set, but the JWS already has a payload.'); - } - if (empty($jws->getPayload()) && null === $detachedPayload) { - throw new \InvalidArgumentException('The JWS has a detached payload, but no payload is provided.'); - } - } - - private function getAlgorithm(Signature $signature): SignatureAlgorithm - { - $completeHeader = \array_merge($signature->getProtectedHeader(), $signature->getHeader()); - if (!\array_key_exists('alg', $completeHeader)) { - throw new \InvalidArgumentException('No "alg" parameter set in the header.'); - } - - $algorithm = $this->signatureAlgorithmManager->get($completeHeader['alg']); - if (!$algorithm instanceof SignatureAlgorithm) { - throw new \InvalidArgumentException(\sprintf('The algorithm "%s" is not supported or is not a signature algorithm.', $completeHeader['alg'])); - } - - return $algorithm; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\AlgorithmManager;
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\JWKSet;
+use Jose\Component\Core\Util\KeyChecker;
+use Jose\Component\Signature\Algorithm\SignatureAlgorithm;
+
+class JWSVerifier
+{
+ /**
+ * @var AlgorithmManager
+ */
+ private $signatureAlgorithmManager;
+
+ /**
+ * JWSVerifier constructor.
+ */
+ public function __construct(AlgorithmManager $signatureAlgorithmManager)
+ {
+ $this->signatureAlgorithmManager = $signatureAlgorithmManager;
+ }
+
+ /**
+ * Returns the algorithm manager associated to the JWSVerifier.
+ */
+ public function getSignatureAlgorithmManager(): AlgorithmManager
+ {
+ return $this->signatureAlgorithmManager;
+ }
+
+ /**
+ * This method will try to verify the JWS object using the given key and for the given signature.
+ * It returns true if the signature is verified, otherwise false.
+ *
+ * @return bool true if the verification of the signature succeeded, else false
+ */
+ public function verifyWithKey(JWS $jws, JWK $jwk, int $signature, ?string $detachedPayload = null): bool
+ {
+ $jwkset = new JWKSet([$jwk]);
+
+ return $this->verifyWithKeySet($jws, $jwkset, $signature, $detachedPayload);
+ }
+
+ /**
+ * This method will try to verify the JWS object using the given key set and for the given signature.
+ * It returns true if the signature is verified, otherwise false.
+ *
+ * @param JWS $jws A JWS object
+ * @param JWKSet $jwkset The signature will be verified using keys in the key set
+ * @param string|null $detachedPayload If not null, the value must be the detached payload encoded in Base64 URL safe. If the input contains a payload, throws an exception.
+ *
+ * @return bool true if the verification of the signature succeeded, else false
+ */
+ public function verifyWithKeySet(JWS $jws, JWKSet $jwkset, int $signature, ?string $detachedPayload = null): bool
+ {
+ $this->checkJWKSet($jwkset);
+ $this->checkSignatures($jws);
+ $this->checkPayload($jws, $detachedPayload);
+
+ $signature = $jws->getSignature($signature);
+
+ return $this->verifySignature($jws, $jwkset, $signature, $detachedPayload);
+ }
+
+ private function verifySignature(JWS $jws, JWKSet $jwkset, Signature $signature, ?string $detachedPayload = null): bool
+ {
+ $input = $this->getInputToVerify($jws, $signature, $detachedPayload);
+ foreach ($jwkset->all() as $jwk) {
+ $algorithm = $this->getAlgorithm($signature);
+
+ try {
+ KeyChecker::checkKeyUsage($jwk, 'verification');
+ KeyChecker::checkKeyAlgorithm($jwk, $algorithm->name());
+ if (!\in_array($jwk->get('kty'), $algorithm->allowedKeyTypes(), true)) {
+ throw new \InvalidArgumentException('Wrong key type.');
+ }
+ if (true === $algorithm->verify($jwk, $input, $signature->getSignature())) {
+ return true;
+ }
+ } catch (\Exception $e) {
+ //We do nothing, we continue with other keys
+ continue;
+ }
+ }
+
+ return false;
+ }
+
+ private function getInputToVerify(JWS $jws, Signature $signature, ?string $detachedPayload): string
+ {
+ $encodedProtectedHeader = $signature->getEncodedProtectedHeader();
+ if (!$signature->hasProtectedHeaderParameter('b64') || true === $signature->getProtectedHeaderParameter('b64')) {
+ if (null !== $jws->getEncodedPayload()) {
+ return \sprintf('%s.%s', $encodedProtectedHeader, $jws->getEncodedPayload());
+ }
+
+ $payload = empty($jws->getPayload()) ? $detachedPayload : $jws->getPayload();
+
+ return \sprintf('%s.%s', $encodedProtectedHeader, Base64Url::encode($payload));
+ }
+
+ $payload = empty($jws->getPayload()) ? $detachedPayload : $jws->getPayload();
+
+ return \sprintf('%s.%s', $encodedProtectedHeader, $payload);
+ }
+
+ private function checkSignatures(JWS $jws)
+ {
+ if (0 === $jws->countSignatures()) {
+ throw new \InvalidArgumentException('The JWS does not contain any signature.');
+ }
+ }
+
+ private function checkJWKSet(JWKSet $jwkset)
+ {
+ if (0 === \count($jwkset)) {
+ throw new \InvalidArgumentException('There is no key in the key set.');
+ }
+ }
+
+ private function checkPayload(JWS $jws, ?string $detachedPayload = null)
+ {
+ if (null !== $detachedPayload && !empty($jws->getPayload())) {
+ throw new \InvalidArgumentException('A detached payload is set, but the JWS already has a payload.');
+ }
+ if (empty($jws->getPayload()) && null === $detachedPayload) {
+ throw new \InvalidArgumentException('The JWS has a detached payload, but no payload is provided.');
+ }
+ }
+
+ private function getAlgorithm(Signature $signature): SignatureAlgorithm
+ {
+ $completeHeader = \array_merge($signature->getProtectedHeader(), $signature->getHeader());
+ if (!\array_key_exists('alg', $completeHeader)) {
+ throw new \InvalidArgumentException('No "alg" parameter set in the header.');
+ }
+
+ $algorithm = $this->signatureAlgorithmManager->get($completeHeader['alg']);
+ if (!$algorithm instanceof SignatureAlgorithm) {
+ throw new \InvalidArgumentException(\sprintf('The algorithm "%s" is not supported or is not a signature algorithm.', $completeHeader['alg']));
+ }
+
+ return $algorithm;
+ }
+}
diff --git a/vendor/web-token/jwt-signature/JWSVerifierFactory.php b/vendor/web-token/jwt-signature/JWSVerifierFactory.php index 49bb868..7230871 100644 --- a/vendor/web-token/jwt-signature/JWSVerifierFactory.php +++ b/vendor/web-token/jwt-signature/JWSVerifierFactory.php @@ -1,44 +1,44 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature; - -use Jose\Component\Core\AlgorithmManagerFactory; - -class JWSVerifierFactory -{ - /** - * @var AlgorithmManagerFactory - */ - private $algorithmManagerFactory; - - /** - * JWSVerifierFactory constructor. - */ - public function __construct(AlgorithmManagerFactory $algorithmManagerFactory) - { - $this->algorithmManagerFactory = $algorithmManagerFactory; - } - - /** - * Creates a JWSVerifier using the given signature algorithm aliases. - * - * @param string[] $algorithms - */ - public function create(array $algorithms): JWSVerifier - { - $algorithmManager = $this->algorithmManagerFactory->create($algorithms); - - return new JWSVerifier($algorithmManager); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature;
+
+use Jose\Component\Core\AlgorithmManagerFactory;
+
+class JWSVerifierFactory
+{
+ /**
+ * @var AlgorithmManagerFactory
+ */
+ private $algorithmManagerFactory;
+
+ /**
+ * JWSVerifierFactory constructor.
+ */
+ public function __construct(AlgorithmManagerFactory $algorithmManagerFactory)
+ {
+ $this->algorithmManagerFactory = $algorithmManagerFactory;
+ }
+
+ /**
+ * Creates a JWSVerifier using the given signature algorithm aliases.
+ *
+ * @param string[] $algorithms
+ */
+ public function create(array $algorithms): JWSVerifier
+ {
+ $algorithmManager = $this->algorithmManagerFactory->create($algorithms);
+
+ return new JWSVerifier($algorithmManager);
+ }
+}
diff --git a/vendor/web-token/jwt-signature/LICENSE b/vendor/web-token/jwt-signature/LICENSE index a098645..ce18b6a 100644 --- a/vendor/web-token/jwt-signature/LICENSE +++ b/vendor/web-token/jwt-signature/LICENSE @@ -1,21 +1,21 @@ -The MIT License (MIT) - -Copyright (c) 2014-2018 Spomky-Labs - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/web-token/jwt-signature/Serializer/CompactSerializer.php b/vendor/web-token/jwt-signature/Serializer/CompactSerializer.php index 7e26d79..9518543 100644 --- a/vendor/web-token/jwt-signature/Serializer/CompactSerializer.php +++ b/vendor/web-token/jwt-signature/Serializer/CompactSerializer.php @@ -1,97 +1,97 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Serializer; - -use Base64Url\Base64Url; -use Jose\Component\Core\Converter\JsonConverter; -use Jose\Component\Signature\JWS; - -final class CompactSerializer extends Serializer -{ - public const NAME = 'jws_compact'; - - /** - * @var JsonConverter - */ - private $jsonConverter; - - /** - * JSONFlattenedSerializer constructor. - */ - public function __construct(?JsonConverter $jsonConverter = null) - { - $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter(); - } - - public function displayName(): string - { - return 'JWS Compact'; - } - - public function name(): string - { - return self::NAME; - } - - public function serialize(JWS $jws, ?int $signatureIndex = null): string - { - if (null === $signatureIndex) { - $signatureIndex = 0; - } - $signature = $jws->getSignature($signatureIndex); - if (!empty($signature->getHeader())) { - throw new \LogicException('The signature contains unprotected header parameters and cannot be converted into compact JSON.'); - } - if (!$this->isPayloadEncoded($signature->getProtectedHeader()) && !empty($jws->getEncodedPayload())) { - if (1 !== \preg_match('/^[\x{20}-\x{2d}|\x{2f}-\x{7e}]*$/u', $jws->getPayload())) { - throw new \LogicException('Unable to convert the JWS with non-encoded payload.'); - } - } - - return \sprintf( - '%s.%s.%s', - $signature->getEncodedProtectedHeader(), - $jws->getEncodedPayload(), - Base64Url::encode($signature->getSignature()) - ); - } - - public function unserialize(string $input): JWS - { - $parts = \explode('.', $input); - if (3 !== \count($parts)) { - throw new \InvalidArgumentException('Unsupported input'); - } - - try { - $encodedProtectedHeader = $parts[0]; - $protectedHeader = $this->jsonConverter->decode(Base64Url::decode($parts[0])); - if (empty($parts[1])) { - $payload = null; - $encodedPayload = null; - } else { - $encodedPayload = $parts[1]; - $payload = $this->isPayloadEncoded($protectedHeader) ? Base64Url::decode($encodedPayload) : $encodedPayload; - } - $signature = Base64Url::decode($parts[2]); - - $jws = JWS::create($payload, $encodedPayload, empty($parts[1])); - $jws = $jws->addSignature($signature, $protectedHeader, $encodedProtectedHeader); - - return $jws; - } catch (\Error | \Exception $e) { - throw new \InvalidArgumentException('Unsupported input'); - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\Converter\JsonConverter;
+use Jose\Component\Signature\JWS;
+
+final class CompactSerializer extends Serializer
+{
+ public const NAME = 'jws_compact';
+
+ /**
+ * @var JsonConverter
+ */
+ private $jsonConverter;
+
+ /**
+ * JSONFlattenedSerializer constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter = null)
+ {
+ $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter();
+ }
+
+ public function displayName(): string
+ {
+ return 'JWS Compact';
+ }
+
+ public function name(): string
+ {
+ return self::NAME;
+ }
+
+ public function serialize(JWS $jws, ?int $signatureIndex = null): string
+ {
+ if (null === $signatureIndex) {
+ $signatureIndex = 0;
+ }
+ $signature = $jws->getSignature($signatureIndex);
+ if (!empty($signature->getHeader())) {
+ throw new \LogicException('The signature contains unprotected header parameters and cannot be converted into compact JSON.');
+ }
+ if (!$this->isPayloadEncoded($signature->getProtectedHeader()) && !empty($jws->getEncodedPayload())) {
+ if (1 !== \preg_match('/^[\x{20}-\x{2d}|\x{2f}-\x{7e}]*$/u', $jws->getPayload())) {
+ throw new \LogicException('Unable to convert the JWS with non-encoded payload.');
+ }
+ }
+
+ return \sprintf(
+ '%s.%s.%s',
+ $signature->getEncodedProtectedHeader(),
+ $jws->getEncodedPayload(),
+ Base64Url::encode($signature->getSignature())
+ );
+ }
+
+ public function unserialize(string $input): JWS
+ {
+ $parts = \explode('.', $input);
+ if (3 !== \count($parts)) {
+ throw new \InvalidArgumentException('Unsupported input');
+ }
+
+ try {
+ $encodedProtectedHeader = $parts[0];
+ $protectedHeader = $this->jsonConverter->decode(Base64Url::decode($parts[0]));
+ if (empty($parts[1])) {
+ $payload = null;
+ $encodedPayload = null;
+ } else {
+ $encodedPayload = $parts[1];
+ $payload = $this->isPayloadEncoded($protectedHeader) ? Base64Url::decode($encodedPayload) : $encodedPayload;
+ }
+ $signature = Base64Url::decode($parts[2]);
+
+ $jws = JWS::create($payload, $encodedPayload, empty($parts[1]));
+ $jws = $jws->addSignature($signature, $protectedHeader, $encodedProtectedHeader);
+
+ return $jws;
+ } catch (\Error | \Exception $e) {
+ throw new \InvalidArgumentException('Unsupported input');
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php b/vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php index 82b79ab..0391c67 100644 --- a/vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php +++ b/vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php @@ -1,109 +1,109 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Serializer; - -use Base64Url\Base64Url; -use Jose\Component\Core\Converter\JsonConverter; -use Jose\Component\Signature\JWS; - -final class JSONFlattenedSerializer extends Serializer -{ - public const NAME = 'jws_json_flattened'; - - /** - * @var JsonConverter|\Jose\Component\Core\Util\JsonConverter|null - */ - private $jsonConverter; - - /** - * JSONFlattenedSerializer constructor. - */ - public function __construct(?JsonConverter $jsonConverter = null) - { - $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter(); - } - - public function displayName(): string - { - return 'JWS JSON Flattened'; - } - - public function name(): string - { - return self::NAME; - } - - public function serialize(JWS $jws, ?int $signatureIndex = null): string - { - if (null === $signatureIndex) { - $signatureIndex = 0; - } - $signature = $jws->getSignature($signatureIndex); - - $data = []; - $values = [ - 'payload' => $jws->getEncodedPayload(), - 'protected' => $signature->getEncodedProtectedHeader(), - 'header' => $signature->getHeader(), - ]; - - foreach ($values as $key => $value) { - if (!empty($value)) { - $data[$key] = $value; - } - } - $data['signature'] = Base64Url::encode($signature->getSignature()); - - return $this->jsonConverter->encode($data); - } - - public function unserialize(string $input): JWS - { - $data = $this->jsonConverter->decode($input); - if (!\is_array($data) || !\array_key_exists('signature', $data)) { - throw new \InvalidArgumentException('Unsupported input.'); - } - - $signature = Base64Url::decode($data['signature']); - - if (\array_key_exists('protected', $data)) { - $encodedProtectedHeader = $data['protected']; - $protectedHeader = $this->jsonConverter->decode(Base64Url::decode($data['protected'])); - } else { - $encodedProtectedHeader = null; - $protectedHeader = []; - } - if (\array_key_exists('header', $data)) { - if (!\is_array($data['header'])) { - throw new \InvalidArgumentException('Bad header.'); - } - $header = $data['header']; - } else { - $header = []; - } - - if (\array_key_exists('payload', $data)) { - $encodedPayload = $data['payload']; - $payload = $this->isPayloadEncoded($protectedHeader) ? Base64Url::decode($encodedPayload) : $encodedPayload; - } else { - $payload = null; - $encodedPayload = null; - } - - $jws = JWS::create($payload, $encodedPayload, null === $encodedPayload); - $jws = $jws->addSignature($signature, $protectedHeader, $encodedProtectedHeader, $header); - - return $jws; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\Converter\JsonConverter;
+use Jose\Component\Signature\JWS;
+
+final class JSONFlattenedSerializer extends Serializer
+{
+ public const NAME = 'jws_json_flattened';
+
+ /**
+ * @var JsonConverter|\Jose\Component\Core\Util\JsonConverter|null
+ */
+ private $jsonConverter;
+
+ /**
+ * JSONFlattenedSerializer constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter = null)
+ {
+ $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter();
+ }
+
+ public function displayName(): string
+ {
+ return 'JWS JSON Flattened';
+ }
+
+ public function name(): string
+ {
+ return self::NAME;
+ }
+
+ public function serialize(JWS $jws, ?int $signatureIndex = null): string
+ {
+ if (null === $signatureIndex) {
+ $signatureIndex = 0;
+ }
+ $signature = $jws->getSignature($signatureIndex);
+
+ $data = [];
+ $values = [
+ 'payload' => $jws->getEncodedPayload(),
+ 'protected' => $signature->getEncodedProtectedHeader(),
+ 'header' => $signature->getHeader(),
+ ];
+
+ foreach ($values as $key => $value) {
+ if (!empty($value)) {
+ $data[$key] = $value;
+ }
+ }
+ $data['signature'] = Base64Url::encode($signature->getSignature());
+
+ return $this->jsonConverter->encode($data);
+ }
+
+ public function unserialize(string $input): JWS
+ {
+ $data = $this->jsonConverter->decode($input);
+ if (!\is_array($data) || !\array_key_exists('signature', $data)) {
+ throw new \InvalidArgumentException('Unsupported input.');
+ }
+
+ $signature = Base64Url::decode($data['signature']);
+
+ if (\array_key_exists('protected', $data)) {
+ $encodedProtectedHeader = $data['protected'];
+ $protectedHeader = $this->jsonConverter->decode(Base64Url::decode($data['protected']));
+ } else {
+ $encodedProtectedHeader = null;
+ $protectedHeader = [];
+ }
+ if (\array_key_exists('header', $data)) {
+ if (!\is_array($data['header'])) {
+ throw new \InvalidArgumentException('Bad header.');
+ }
+ $header = $data['header'];
+ } else {
+ $header = [];
+ }
+
+ if (\array_key_exists('payload', $data)) {
+ $encodedPayload = $data['payload'];
+ $payload = $this->isPayloadEncoded($protectedHeader) ? Base64Url::decode($encodedPayload) : $encodedPayload;
+ } else {
+ $payload = null;
+ $encodedPayload = null;
+ }
+
+ $jws = JWS::create($payload, $encodedPayload, null === $encodedPayload);
+ $jws = $jws->addSignature($signature, $protectedHeader, $encodedProtectedHeader, $header);
+
+ return $jws;
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php b/vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php index 35958c6..308c97c 100644 --- a/vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php +++ b/vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php @@ -1,174 +1,174 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Serializer; - -use Base64Url\Base64Url; -use Jose\Component\Core\Converter\JsonConverter; -use Jose\Component\Signature\JWS; - -final class JSONGeneralSerializer extends Serializer -{ - public const NAME = 'jws_json_general'; - - /** - * @var \Jose\Component\Core\Util\JsonConverter - */ - private $jsonConverter; - - /** - * JSONFlattenedSerializer constructor. - */ - public function __construct(?JsonConverter $jsonConverter = null) - { - $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter(); - } - - public function displayName(): string - { - return 'JWS JSON General'; - } - - public function name(): string - { - return self::NAME; - } - - public function serialize(JWS $jws, ?int $signatureIndex = null): string - { - if (0 === $jws->countSignatures()) { - throw new \LogicException('No signature.'); - } - - $data = []; - $this->checkPayloadEncoding($jws); - - if (false === $jws->isPayloadDetached()) { - $data['payload'] = $jws->getEncodedPayload(); - } - - $data['signatures'] = []; - foreach ($jws->getSignatures() as $signature) { - $tmp = ['signature' => Base64Url::encode($signature->getSignature())]; - $values = [ - 'protected' => $signature->getEncodedProtectedHeader(), - 'header' => $signature->getHeader(), - ]; - - foreach ($values as $key => $value) { - if (!empty($value)) { - $tmp[$key] = $value; - } - } - $data['signatures'][] = $tmp; - } - - return $this->jsonConverter->encode($data); - } - - private function checkData($data) - { - if (!\is_array($data) || !\array_key_exists('signatures', $data)) { - throw new \InvalidArgumentException('Unsupported input.'); - } - } - - private function checkSignature($signature) - { - if (!\is_array($signature) || !\array_key_exists('signature', $signature)) { - throw new \InvalidArgumentException('Unsupported input.'); - } - } - - public function unserialize(string $input): JWS - { - $data = $this->jsonConverter->decode($input); - $this->checkData($data); - - $isPayloadEncoded = null; - $rawPayload = \array_key_exists('payload', $data) ? $data['payload'] : null; - $signatures = []; - foreach ($data['signatures'] as $signature) { - $this->checkSignature($signature); - list($encodedProtectedHeader, $protectedHeader, $header) = $this->processHeaders($signature); - $signatures[] = [ - 'signature' => Base64Url::decode($signature['signature']), - 'protected' => $protectedHeader, - 'encoded_protected' => $encodedProtectedHeader, - 'header' => $header, - ]; - $isPayloadEncoded = $this->processIsPayloadEncoded($isPayloadEncoded, $protectedHeader); - } - - $payload = $this->processPayload($rawPayload, $isPayloadEncoded); - $jws = JWS::create($payload, $rawPayload); - foreach ($signatures as $signature) { - $jws = $jws->addSignature( - $signature['signature'], - $signature['protected'], - $signature['encoded_protected'], - $signature['header'] - ); - } - - return $jws; - } - - private function processIsPayloadEncoded(?bool $isPayloadEncoded, array $protectedHeader): bool - { - if (null === $isPayloadEncoded) { - return self::isPayloadEncoded($protectedHeader); - } - if ($this->isPayloadEncoded($protectedHeader) !== $isPayloadEncoded) { - throw new \InvalidArgumentException('Foreign payload encoding detected.'); - } - - return $isPayloadEncoded; - } - - private function processHeaders(array $signature): array - { - $encodedProtectedHeader = \array_key_exists('protected', $signature) ? $signature['protected'] : null; - $protectedHeader = null !== $encodedProtectedHeader ? $this->jsonConverter->decode(Base64Url::decode($encodedProtectedHeader)) : []; - $header = \array_key_exists('header', $signature) ? $signature['header'] : []; - - return [$encodedProtectedHeader, $protectedHeader, $header]; - } - - private function processPayload(?string $rawPayload, ?bool $isPayloadEncoded): ?string - { - if (null === $rawPayload) { - return null; - } - - return false === $isPayloadEncoded ? $rawPayload : Base64Url::decode($rawPayload); - } - - private function checkPayloadEncoding(JWS $jws) - { - if ($jws->isPayloadDetached()) { - return; - } - $is_encoded = null; - foreach ($jws->getSignatures() as $signature) { - if (null === $is_encoded) { - $is_encoded = $this->isPayloadEncoded($signature->getProtectedHeader()); - } - if (false === $jws->isPayloadDetached()) { - if ($is_encoded !== $this->isPayloadEncoded($signature->getProtectedHeader())) { - throw new \LogicException('Foreign payload encoding detected.'); - } - } - } - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\Converter\JsonConverter;
+use Jose\Component\Signature\JWS;
+
+final class JSONGeneralSerializer extends Serializer
+{
+ public const NAME = 'jws_json_general';
+
+ /**
+ * @var \Jose\Component\Core\Util\JsonConverter
+ */
+ private $jsonConverter;
+
+ /**
+ * JSONFlattenedSerializer constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter = null)
+ {
+ $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter();
+ }
+
+ public function displayName(): string
+ {
+ return 'JWS JSON General';
+ }
+
+ public function name(): string
+ {
+ return self::NAME;
+ }
+
+ public function serialize(JWS $jws, ?int $signatureIndex = null): string
+ {
+ if (0 === $jws->countSignatures()) {
+ throw new \LogicException('No signature.');
+ }
+
+ $data = [];
+ $this->checkPayloadEncoding($jws);
+
+ if (false === $jws->isPayloadDetached()) {
+ $data['payload'] = $jws->getEncodedPayload();
+ }
+
+ $data['signatures'] = [];
+ foreach ($jws->getSignatures() as $signature) {
+ $tmp = ['signature' => Base64Url::encode($signature->getSignature())];
+ $values = [
+ 'protected' => $signature->getEncodedProtectedHeader(),
+ 'header' => $signature->getHeader(),
+ ];
+
+ foreach ($values as $key => $value) {
+ if (!empty($value)) {
+ $tmp[$key] = $value;
+ }
+ }
+ $data['signatures'][] = $tmp;
+ }
+
+ return $this->jsonConverter->encode($data);
+ }
+
+ private function checkData($data)
+ {
+ if (!\is_array($data) || !\array_key_exists('signatures', $data)) {
+ throw new \InvalidArgumentException('Unsupported input.');
+ }
+ }
+
+ private function checkSignature($signature)
+ {
+ if (!\is_array($signature) || !\array_key_exists('signature', $signature)) {
+ throw new \InvalidArgumentException('Unsupported input.');
+ }
+ }
+
+ public function unserialize(string $input): JWS
+ {
+ $data = $this->jsonConverter->decode($input);
+ $this->checkData($data);
+
+ $isPayloadEncoded = null;
+ $rawPayload = \array_key_exists('payload', $data) ? $data['payload'] : null;
+ $signatures = [];
+ foreach ($data['signatures'] as $signature) {
+ $this->checkSignature($signature);
+ list($encodedProtectedHeader, $protectedHeader, $header) = $this->processHeaders($signature);
+ $signatures[] = [
+ 'signature' => Base64Url::decode($signature['signature']),
+ 'protected' => $protectedHeader,
+ 'encoded_protected' => $encodedProtectedHeader,
+ 'header' => $header,
+ ];
+ $isPayloadEncoded = $this->processIsPayloadEncoded($isPayloadEncoded, $protectedHeader);
+ }
+
+ $payload = $this->processPayload($rawPayload, $isPayloadEncoded);
+ $jws = JWS::create($payload, $rawPayload);
+ foreach ($signatures as $signature) {
+ $jws = $jws->addSignature(
+ $signature['signature'],
+ $signature['protected'],
+ $signature['encoded_protected'],
+ $signature['header']
+ );
+ }
+
+ return $jws;
+ }
+
+ private function processIsPayloadEncoded(?bool $isPayloadEncoded, array $protectedHeader): bool
+ {
+ if (null === $isPayloadEncoded) {
+ return self::isPayloadEncoded($protectedHeader);
+ }
+ if ($this->isPayloadEncoded($protectedHeader) !== $isPayloadEncoded) {
+ throw new \InvalidArgumentException('Foreign payload encoding detected.');
+ }
+
+ return $isPayloadEncoded;
+ }
+
+ private function processHeaders(array $signature): array
+ {
+ $encodedProtectedHeader = \array_key_exists('protected', $signature) ? $signature['protected'] : null;
+ $protectedHeader = null !== $encodedProtectedHeader ? $this->jsonConverter->decode(Base64Url::decode($encodedProtectedHeader)) : [];
+ $header = \array_key_exists('header', $signature) ? $signature['header'] : [];
+
+ return [$encodedProtectedHeader, $protectedHeader, $header];
+ }
+
+ private function processPayload(?string $rawPayload, ?bool $isPayloadEncoded): ?string
+ {
+ if (null === $rawPayload) {
+ return null;
+ }
+
+ return false === $isPayloadEncoded ? $rawPayload : Base64Url::decode($rawPayload);
+ }
+
+ private function checkPayloadEncoding(JWS $jws)
+ {
+ if ($jws->isPayloadDetached()) {
+ return;
+ }
+ $is_encoded = null;
+ foreach ($jws->getSignatures() as $signature) {
+ if (null === $is_encoded) {
+ $is_encoded = $this->isPayloadEncoded($signature->getProtectedHeader());
+ }
+ if (false === $jws->isPayloadDetached()) {
+ if ($is_encoded !== $this->isPayloadEncoded($signature->getProtectedHeader())) {
+ throw new \LogicException('Foreign payload encoding detected.');
+ }
+ }
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JWSSerializer.php b/vendor/web-token/jwt-signature/Serializer/JWSSerializer.php index 285aef4..c25795a 100644 --- a/vendor/web-token/jwt-signature/Serializer/JWSSerializer.php +++ b/vendor/web-token/jwt-signature/Serializer/JWSSerializer.php @@ -1,42 +1,42 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Serializer; - -use Jose\Component\Signature\JWS; - -interface JWSSerializer -{ - /** - * The name of the serialization. - */ - public function name(): string; - - public function displayName(): string; - - /** - * Converts a JWS into a string. - * - * @throws \Exception - */ - public function serialize(JWS $jws, ?int $signatureIndex = null): string; - - /** - * Loads data and return a JWS object. - * - * @param string $input A string that represents a JWS - * - * @throws \Exception - */ - public function unserialize(string $input): JWS; -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Jose\Component\Signature\JWS;
+
+interface JWSSerializer
+{
+ /**
+ * The name of the serialization.
+ */
+ public function name(): string;
+
+ public function displayName(): string;
+
+ /**
+ * Converts a JWS into a string.
+ *
+ * @throws \Exception
+ */
+ public function serialize(JWS $jws, ?int $signatureIndex = null): string;
+
+ /**
+ * Loads data and return a JWS object.
+ *
+ * @param string $input A string that represents a JWS
+ *
+ * @throws \Exception
+ */
+ public function unserialize(string $input): JWS;
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php b/vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php index 198dfd1..fc7a714 100644 --- a/vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php +++ b/vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php @@ -1,104 +1,104 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Serializer; - -use Jose\Component\Signature\JWS; - -class JWSSerializerManager -{ - /** - * @var JWSSerializer[] - */ - private $serializers = []; - - /** - * JWSSerializerManager constructor. - * - * @param JWSSerializer[] $serializers - */ - public function __construct(array $serializers) - { - foreach ($serializers as $serializer) { - $this->add($serializer); - } - } - - /** - * @deprecated Will be removed in v2.0. Please use constructor instead - * - * @param JWSSerializer[] $serializers - * - * @return JWSSerializerManager - */ - public static function create(array $serializers): self - { - return new self($serializers); - } - - /** - * @return JWSSerializerManager - */ - private function add(JWSSerializer $serializer): self - { - $this->serializers[$serializer->name()] = $serializer; - - return $this; - } - - /** - * @return string[] - */ - public function list(): array - { - return \array_keys($this->serializers); - } - - /** - * Converts a JWS into a string. - * - * @throws \Exception - */ - public function serialize(string $name, JWS $jws, ?int $signatureIndex = null): string - { - if (!\array_key_exists($name, $this->serializers)) { - throw new \InvalidArgumentException(\sprintf('Unsupported serializer "%s".', $name)); - } - - return ($this->serializers[$name])->serialize($jws, $signatureIndex); - } - - /** - * Loads data and return a JWS object. - * - * @param string $input A string that represents a JWS - * @param string|null $name the name of the serializer if the input is unserialized - * - * @throws \Exception - */ - public function unserialize(string $input, ?string &$name = null): JWS - { - foreach ($this->serializers as $serializer) { - try { - $jws = $serializer->unserialize($input); - $name = $serializer->name(); - - return $jws; - } catch (\InvalidArgumentException $e) { - continue; - } - } - - throw new \InvalidArgumentException('Unsupported input.'); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Jose\Component\Signature\JWS;
+
+class JWSSerializerManager
+{
+ /**
+ * @var JWSSerializer[]
+ */
+ private $serializers = [];
+
+ /**
+ * JWSSerializerManager constructor.
+ *
+ * @param JWSSerializer[] $serializers
+ */
+ public function __construct(array $serializers)
+ {
+ foreach ($serializers as $serializer) {
+ $this->add($serializer);
+ }
+ }
+
+ /**
+ * @deprecated Will be removed in v2.0. Please use constructor instead
+ *
+ * @param JWSSerializer[] $serializers
+ *
+ * @return JWSSerializerManager
+ */
+ public static function create(array $serializers): self
+ {
+ return new self($serializers);
+ }
+
+ /**
+ * @return JWSSerializerManager
+ */
+ private function add(JWSSerializer $serializer): self
+ {
+ $this->serializers[$serializer->name()] = $serializer;
+
+ return $this;
+ }
+
+ /**
+ * @return string[]
+ */
+ public function list(): array
+ {
+ return \array_keys($this->serializers);
+ }
+
+ /**
+ * Converts a JWS into a string.
+ *
+ * @throws \Exception
+ */
+ public function serialize(string $name, JWS $jws, ?int $signatureIndex = null): string
+ {
+ if (!\array_key_exists($name, $this->serializers)) {
+ throw new \InvalidArgumentException(\sprintf('Unsupported serializer "%s".', $name));
+ }
+
+ return ($this->serializers[$name])->serialize($jws, $signatureIndex);
+ }
+
+ /**
+ * Loads data and return a JWS object.
+ *
+ * @param string $input A string that represents a JWS
+ * @param string|null $name the name of the serializer if the input is unserialized
+ *
+ * @throws \Exception
+ */
+ public function unserialize(string $input, ?string &$name = null): JWS
+ {
+ foreach ($this->serializers as $serializer) {
+ try {
+ $jws = $serializer->unserialize($input);
+ $name = $serializer->name();
+
+ return $jws;
+ } catch (\InvalidArgumentException $e) {
+ continue;
+ }
+ }
+
+ throw new \InvalidArgumentException('Unsupported input.');
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php b/vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php index 1b2c234..043f141 100644 --- a/vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php +++ b/vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php @@ -1,64 +1,64 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Serializer; - -class JWSSerializerManagerFactory -{ - /** - * @var JWSSerializer[] - */ - private $serializers = []; - - /** - * @param string[] $names - */ - public function create(array $names): JWSSerializerManager - { - $serializers = []; - foreach ($names as $name) { - if (!\array_key_exists($name, $this->serializers)) { - throw new \InvalidArgumentException(\sprintf('Unsupported serialiser "%s".', $name)); - } - $serializers[] = $this->serializers[$name]; - } - - return JWSSerializerManager::create($serializers); - } - - /** - * @return string[] - */ - public function names(): array - { - return \array_keys($this->serializers); - } - - /** - * @return JWSSerializer[] - */ - public function all(): array - { - return $this->serializers; - } - - /** - * @return JWSSerializerManagerFactory - */ - public function add(JWSSerializer $serializer): self - { - $this->serializers[$serializer->name()] = $serializer; - - return $this; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+class JWSSerializerManagerFactory
+{
+ /**
+ * @var JWSSerializer[]
+ */
+ private $serializers = [];
+
+ /**
+ * @param string[] $names
+ */
+ public function create(array $names): JWSSerializerManager
+ {
+ $serializers = [];
+ foreach ($names as $name) {
+ if (!\array_key_exists($name, $this->serializers)) {
+ throw new \InvalidArgumentException(\sprintf('Unsupported serialiser "%s".', $name));
+ }
+ $serializers[] = $this->serializers[$name];
+ }
+
+ return JWSSerializerManager::create($serializers);
+ }
+
+ /**
+ * @return string[]
+ */
+ public function names(): array
+ {
+ return \array_keys($this->serializers);
+ }
+
+ /**
+ * @return JWSSerializer[]
+ */
+ public function all(): array
+ {
+ return $this->serializers;
+ }
+
+ /**
+ * @return JWSSerializerManagerFactory
+ */
+ public function add(JWSSerializer $serializer): self
+ {
+ $this->serializers[$serializer->name()] = $serializer;
+
+ return $this;
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/Serializer.php b/vendor/web-token/jwt-signature/Serializer/Serializer.php index 85636b6..ea9971a 100644 --- a/vendor/web-token/jwt-signature/Serializer/Serializer.php +++ b/vendor/web-token/jwt-signature/Serializer/Serializer.php @@ -1,22 +1,22 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Serializer; - -abstract class Serializer implements JWSSerializer -{ - protected function isPayloadEncoded(array $protectedHeader): bool - { - return !\array_key_exists('b64', $protectedHeader) || true === $protectedHeader['b64']; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+abstract class Serializer implements JWSSerializer
+{
+ protected function isPayloadEncoded(array $protectedHeader): bool
+ {
+ return !\array_key_exists('b64', $protectedHeader) || true === $protectedHeader['b64'];
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Signature.php b/vendor/web-token/jwt-signature/Signature.php index 9b2ef20..23892f1 100644 --- a/vendor/web-token/jwt-signature/Signature.php +++ b/vendor/web-token/jwt-signature/Signature.php @@ -1,144 +1,144 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature; - -class Signature -{ - /** - * @var string|null - */ - private $encodedProtectedHeader; - - /** - * @var array - */ - private $protectedHeader; - - /** - * @var array - */ - private $header; - - /** - * @var string - */ - private $signature; - - /** - * Signature constructor. - */ - private function __construct(string $signature, array $protectedHeader, ?string $encodedProtectedHeader, array $header) - { - $this->protectedHeader = null === $encodedProtectedHeader ? [] : $protectedHeader; - $this->encodedProtectedHeader = $encodedProtectedHeader; - $this->signature = $signature; - $this->header = $header; - } - - /** - * Creates a new signature. - * - * @internal - * - * @return Signature - */ - public static function create(string $signature, array $protectedHeader, ?string $encodedProtectedHeader, array $header = []): self - { - return new self($signature, $protectedHeader, $encodedProtectedHeader, $header); - } - - /** - * The protected header associated with the signature. - */ - public function getProtectedHeader(): array - { - return $this->protectedHeader; - } - - /** - * The unprotected header associated with the signature. - */ - public function getHeader(): array - { - return $this->header; - } - - /** - * The protected header associated with the signature. - */ - public function getEncodedProtectedHeader(): ?string - { - return $this->encodedProtectedHeader; - } - - /** - * Returns the value of the protected header of the specified key. - * - * @param string $key The key - * - * @return mixed|null Header value - */ - public function getProtectedHeaderParameter(string $key) - { - if ($this->hasProtectedHeaderParameter($key)) { - return $this->getProtectedHeader()[$key]; - } - - throw new \InvalidArgumentException(\sprintf('The protected header "%s" does not exist', $key)); - } - - /** - * Returns true if the protected header has the given parameter. - * - * @param string $key The key - */ - public function hasProtectedHeaderParameter(string $key): bool - { - return \array_key_exists($key, $this->getProtectedHeader()); - } - - /** - * Returns the value of the unprotected header of the specified key. - * - * @param string $key The key - * - * @return mixed|null Header value - */ - public function getHeaderParameter(string $key) - { - if ($this->hasHeaderParameter($key)) { - return $this->header[$key]; - } - - throw new \InvalidArgumentException(\sprintf('The header "%s" does not exist', $key)); - } - - /** - * Returns true if the unprotected header has the given parameter. - * - * @param string $key The key - */ - public function hasHeaderParameter(string $key): bool - { - return \array_key_exists($key, $this->header); - } - - /** - * Returns the value of the signature. - */ - public function getSignature(): string - { - return $this->signature; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature;
+
+class Signature
+{
+ /**
+ * @var string|null
+ */
+ private $encodedProtectedHeader;
+
+ /**
+ * @var array
+ */
+ private $protectedHeader;
+
+ /**
+ * @var array
+ */
+ private $header;
+
+ /**
+ * @var string
+ */
+ private $signature;
+
+ /**
+ * Signature constructor.
+ */
+ private function __construct(string $signature, array $protectedHeader, ?string $encodedProtectedHeader, array $header)
+ {
+ $this->protectedHeader = null === $encodedProtectedHeader ? [] : $protectedHeader;
+ $this->encodedProtectedHeader = $encodedProtectedHeader;
+ $this->signature = $signature;
+ $this->header = $header;
+ }
+
+ /**
+ * Creates a new signature.
+ *
+ * @internal
+ *
+ * @return Signature
+ */
+ public static function create(string $signature, array $protectedHeader, ?string $encodedProtectedHeader, array $header = []): self
+ {
+ return new self($signature, $protectedHeader, $encodedProtectedHeader, $header);
+ }
+
+ /**
+ * The protected header associated with the signature.
+ */
+ public function getProtectedHeader(): array
+ {
+ return $this->protectedHeader;
+ }
+
+ /**
+ * The unprotected header associated with the signature.
+ */
+ public function getHeader(): array
+ {
+ return $this->header;
+ }
+
+ /**
+ * The protected header associated with the signature.
+ */
+ public function getEncodedProtectedHeader(): ?string
+ {
+ return $this->encodedProtectedHeader;
+ }
+
+ /**
+ * Returns the value of the protected header of the specified key.
+ *
+ * @param string $key The key
+ *
+ * @return mixed|null Header value
+ */
+ public function getProtectedHeaderParameter(string $key)
+ {
+ if ($this->hasProtectedHeaderParameter($key)) {
+ return $this->getProtectedHeader()[$key];
+ }
+
+ throw new \InvalidArgumentException(\sprintf('The protected header "%s" does not exist', $key));
+ }
+
+ /**
+ * Returns true if the protected header has the given parameter.
+ *
+ * @param string $key The key
+ */
+ public function hasProtectedHeaderParameter(string $key): bool
+ {
+ return \array_key_exists($key, $this->getProtectedHeader());
+ }
+
+ /**
+ * Returns the value of the unprotected header of the specified key.
+ *
+ * @param string $key The key
+ *
+ * @return mixed|null Header value
+ */
+ public function getHeaderParameter(string $key)
+ {
+ if ($this->hasHeaderParameter($key)) {
+ return $this->header[$key];
+ }
+
+ throw new \InvalidArgumentException(\sprintf('The header "%s" does not exist', $key));
+ }
+
+ /**
+ * Returns true if the unprotected header has the given parameter.
+ *
+ * @param string $key The key
+ */
+ public function hasHeaderParameter(string $key): bool
+ {
+ return \array_key_exists($key, $this->header);
+ }
+
+ /**
+ * Returns the value of the signature.
+ */
+ public function getSignature(): string
+ {
+ return $this->signature;
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Util/RSA.php b/vendor/web-token/jwt-signature/Util/RSA.php index e71e6da..0501df2 100644 --- a/vendor/web-token/jwt-signature/Util/RSA.php +++ b/vendor/web-token/jwt-signature/Util/RSA.php @@ -1,229 +1,229 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Signature\Util; - -use Jose\Component\Core\Util\BigInteger; -use Jose\Component\Core\Util\Hash; -use Jose\Component\Core\Util\RSAKey; - -/** - * @internal - */ -class RSA -{ - /** - * Probabilistic Signature Scheme. - */ - public const SIGNATURE_PSS = 1; - - /** - * Use the PKCS#1. - */ - public const SIGNATURE_PKCS1 = 2; - - private static function convertIntegerToOctetString(BigInteger $x, int $xLen): string - { - $x = $x->toBytes(); - if (\mb_strlen($x, '8bit') > $xLen) { - throw new \RuntimeException(); - } - - return \str_pad($x, $xLen, \chr(0), STR_PAD_LEFT); - } - - /** - * MGF1. - */ - private static function getMGF1(string $mgfSeed, int $maskLen, Hash $mgfHash): string - { - $t = ''; - $count = \ceil($maskLen / $mgfHash->getLength()); - for ($i = 0; $i < $count; ++$i) { - $c = \pack('N', $i); - $t .= $mgfHash->hash($mgfSeed.$c); - } - - return \mb_substr($t, 0, $maskLen, '8bit'); - } - - /** - * EMSA-PSS-ENCODE. - */ - private static function encodeEMSAPSS(string $message, int $modulusLength, Hash $hash): string - { - $emLen = ($modulusLength + 1) >> 3; - $sLen = $hash->getLength(); - $mHash = $hash->hash($message); - if ($emLen <= $hash->getLength() + $sLen + 2) { - throw new \RuntimeException(); - } - $salt = \random_bytes($sLen); - $m2 = "\0\0\0\0\0\0\0\0".$mHash.$salt; - $h = $hash->hash($m2); - $ps = \str_repeat(\chr(0), $emLen - $sLen - $hash->getLength() - 2); - $db = $ps.\chr(1).$salt; - $dbMask = self::getMGF1($h, $emLen - $hash->getLength() - 1, $hash); - $maskedDB = $db ^ $dbMask; - $maskedDB[0] = ~\chr(0xFF << ($modulusLength & 7)) & $maskedDB[0]; - $em = $maskedDB.$h.\chr(0xBC); - - return $em; - } - - /** - * EMSA-PSS-VERIFY. - */ - private static function verifyEMSAPSS(string $m, string $em, int $emBits, Hash $hash): bool - { - $emLen = ($emBits + 1) >> 3; - $sLen = $hash->getLength(); - $mHash = $hash->hash($m); - if ($emLen < $hash->getLength() + $sLen + 2) { - throw new \InvalidArgumentException(); - } - if ($em[\mb_strlen($em, '8bit') - 1] !== \chr(0xBC)) { - throw new \InvalidArgumentException(); - } - $maskedDB = \mb_substr($em, 0, -$hash->getLength() - 1, '8bit'); - $h = \mb_substr($em, -$hash->getLength() - 1, $hash->getLength(), '8bit'); - $temp = \chr(0xFF << ($emBits & 7)); - if ((~$maskedDB[0] & $temp) !== $temp) { - throw new \InvalidArgumentException(); - } - $dbMask = self::getMGF1($h, $emLen - $hash->getLength() - 1, $hash/*MGF*/); - $db = $maskedDB ^ $dbMask; - $db[0] = ~\chr(0xFF << ($emBits & 7)) & $db[0]; - $temp = $emLen - $hash->getLength() - $sLen - 2; - if (\mb_substr($db, 0, $temp, '8bit') !== \str_repeat(\chr(0), $temp)) { - throw new \InvalidArgumentException(); - } - if (1 !== \ord($db[$temp])) { - throw new \InvalidArgumentException(); - } - $salt = \mb_substr($db, $temp + 1, null, '8bit'); // should be $sLen long - $m2 = "\0\0\0\0\0\0\0\0".$mHash.$salt; - $h2 = $hash->hash($m2); - - return \hash_equals($h, $h2); - } - - private static function encodeEMSA15(string $m, int $emBits, Hash $hash): string - { - $h = $hash->hash($m); - switch ($hash->name()) { - case 'sha256': - $t = "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20"; - - break; - case 'sha384': - $t = "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x05\x00\x04\x30"; - - break; - case 'sha512': - $t = "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x05\x00\x04\x40"; - - break; - default: - throw new \InvalidArgumentException(); - } - $t .= $h; - $tLen = \mb_strlen($t, '8bit'); - if ($emBits < $tLen + 11) { - throw new \RuntimeException(); - } - $ps = \str_repeat(\chr(0xFF), $emBits - $tLen - 3); - $em2 = "\0\1$ps\0$t"; - - return $em2; - } - - public static function sign(RSAKey $key, string $message, string $hash, int $mode): string - { - switch ($mode) { - case self::SIGNATURE_PSS: - return self::signWithPSS($key, $message, $hash); - case self::SIGNATURE_PKCS1: - return self::signWithPKCS15($key, $message, $hash); - default: - throw new \InvalidArgumentException('Unsupported mode.'); - } - } - - /** - * Create a signature. - */ - public static function signWithPSS(RSAKey $key, string $message, string $hash): string - { - $em = self::encodeEMSAPSS($message, 8 * $key->getModulusLength() - 1, Hash::$hash()); - $message = BigInteger::createFromBinaryString($em); - $signature = RSAKey::exponentiate($key, $message); - - return self::convertIntegerToOctetString($signature, $key->getModulusLength()); - } - - /** - * Create a signature. - */ - public static function signWithPKCS15(RSAKey $key, string $message, string $hash): string - { - $em = self::encodeEMSA15($message, $key->getModulusLength(), Hash::$hash()); - $message = BigInteger::createFromBinaryString($em); - $signature = RSAKey::exponentiate($key, $message); - - return self::convertIntegerToOctetString($signature, $key->getModulusLength()); - } - - public static function verify(RSAKey $key, string $message, string $signature, string $hash, int $mode): bool - { - switch ($mode) { - case self::SIGNATURE_PSS: - return self::verifyWithPSS($key, $message, $signature, $hash); - case self::SIGNATURE_PKCS1: - return self::verifyWithPKCS15($key, $message, $signature, $hash); - default: - throw new \InvalidArgumentException('Unsupported mode.'); - } - } - - /** - * Verifies a signature. - */ - public static function verifyWithPSS(RSAKey $key, string $message, string $signature, string $hash): bool - { - if (\mb_strlen($signature, '8bit') !== $key->getModulusLength()) { - throw new \InvalidArgumentException(); - } - $s2 = BigInteger::createFromBinaryString($signature); - $m2 = RSAKey::exponentiate($key, $s2); - $em = self::convertIntegerToOctetString($m2, $key->getModulusLength()); - $modBits = 8 * $key->getModulusLength(); - - return self::verifyEMSAPSS($message, $em, $modBits - 1, Hash::$hash()); - } - - /** - * Verifies a signature. - */ - public static function verifyWithPKCS15(RSAKey $key, string $message, string $signature, string $hash): bool - { - if (\mb_strlen($signature, '8bit') !== $key->getModulusLength()) { - throw new \InvalidArgumentException(); - } - $signature = BigInteger::createFromBinaryString($signature); - $m2 = RSAKey::exponentiate($key, $signature); - $em = self::convertIntegerToOctetString($m2, $key->getModulusLength()); - - return \hash_equals($em, self::encodeEMSA15($message, $key->getModulusLength(), Hash::$hash())); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Util;
+
+use Jose\Component\Core\Util\BigInteger;
+use Jose\Component\Core\Util\Hash;
+use Jose\Component\Core\Util\RSAKey;
+
+/**
+ * @internal
+ */
+class RSA
+{
+ /**
+ * Probabilistic Signature Scheme.
+ */
+ public const SIGNATURE_PSS = 1;
+
+ /**
+ * Use the PKCS#1.
+ */
+ public const SIGNATURE_PKCS1 = 2;
+
+ private static function convertIntegerToOctetString(BigInteger $x, int $xLen): string
+ {
+ $x = $x->toBytes();
+ if (\mb_strlen($x, '8bit') > $xLen) {
+ throw new \RuntimeException();
+ }
+
+ return \str_pad($x, $xLen, \chr(0), STR_PAD_LEFT);
+ }
+
+ /**
+ * MGF1.
+ */
+ private static function getMGF1(string $mgfSeed, int $maskLen, Hash $mgfHash): string
+ {
+ $t = '';
+ $count = \ceil($maskLen / $mgfHash->getLength());
+ for ($i = 0; $i < $count; ++$i) {
+ $c = \pack('N', $i);
+ $t .= $mgfHash->hash($mgfSeed.$c);
+ }
+
+ return \mb_substr($t, 0, $maskLen, '8bit');
+ }
+
+ /**
+ * EMSA-PSS-ENCODE.
+ */
+ private static function encodeEMSAPSS(string $message, int $modulusLength, Hash $hash): string
+ {
+ $emLen = ($modulusLength + 1) >> 3;
+ $sLen = $hash->getLength();
+ $mHash = $hash->hash($message);
+ if ($emLen <= $hash->getLength() + $sLen + 2) {
+ throw new \RuntimeException();
+ }
+ $salt = \random_bytes($sLen);
+ $m2 = "\0\0\0\0\0\0\0\0".$mHash.$salt;
+ $h = $hash->hash($m2);
+ $ps = \str_repeat(\chr(0), $emLen - $sLen - $hash->getLength() - 2);
+ $db = $ps.\chr(1).$salt;
+ $dbMask = self::getMGF1($h, $emLen - $hash->getLength() - 1, $hash);
+ $maskedDB = $db ^ $dbMask;
+ $maskedDB[0] = ~\chr(0xFF << ($modulusLength & 7)) & $maskedDB[0];
+ $em = $maskedDB.$h.\chr(0xBC);
+
+ return $em;
+ }
+
+ /**
+ * EMSA-PSS-VERIFY.
+ */
+ private static function verifyEMSAPSS(string $m, string $em, int $emBits, Hash $hash): bool
+ {
+ $emLen = ($emBits + 1) >> 3;
+ $sLen = $hash->getLength();
+ $mHash = $hash->hash($m);
+ if ($emLen < $hash->getLength() + $sLen + 2) {
+ throw new \InvalidArgumentException();
+ }
+ if ($em[\mb_strlen($em, '8bit') - 1] !== \chr(0xBC)) {
+ throw new \InvalidArgumentException();
+ }
+ $maskedDB = \mb_substr($em, 0, -$hash->getLength() - 1, '8bit');
+ $h = \mb_substr($em, -$hash->getLength() - 1, $hash->getLength(), '8bit');
+ $temp = \chr(0xFF << ($emBits & 7));
+ if ((~$maskedDB[0] & $temp) !== $temp) {
+ throw new \InvalidArgumentException();
+ }
+ $dbMask = self::getMGF1($h, $emLen - $hash->getLength() - 1, $hash/*MGF*/);
+ $db = $maskedDB ^ $dbMask;
+ $db[0] = ~\chr(0xFF << ($emBits & 7)) & $db[0];
+ $temp = $emLen - $hash->getLength() - $sLen - 2;
+ if (\mb_substr($db, 0, $temp, '8bit') !== \str_repeat(\chr(0), $temp)) {
+ throw new \InvalidArgumentException();
+ }
+ if (1 !== \ord($db[$temp])) {
+ throw new \InvalidArgumentException();
+ }
+ $salt = \mb_substr($db, $temp + 1, null, '8bit'); // should be $sLen long
+ $m2 = "\0\0\0\0\0\0\0\0".$mHash.$salt;
+ $h2 = $hash->hash($m2);
+
+ return \hash_equals($h, $h2);
+ }
+
+ private static function encodeEMSA15(string $m, int $emBits, Hash $hash): string
+ {
+ $h = $hash->hash($m);
+ switch ($hash->name()) {
+ case 'sha256':
+ $t = "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20";
+
+ break;
+ case 'sha384':
+ $t = "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x05\x00\x04\x30";
+
+ break;
+ case 'sha512':
+ $t = "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x05\x00\x04\x40";
+
+ break;
+ default:
+ throw new \InvalidArgumentException();
+ }
+ $t .= $h;
+ $tLen = \mb_strlen($t, '8bit');
+ if ($emBits < $tLen + 11) {
+ throw new \RuntimeException();
+ }
+ $ps = \str_repeat(\chr(0xFF), $emBits - $tLen - 3);
+ $em2 = "\0\1$ps\0$t";
+
+ return $em2;
+ }
+
+ public static function sign(RSAKey $key, string $message, string $hash, int $mode): string
+ {
+ switch ($mode) {
+ case self::SIGNATURE_PSS:
+ return self::signWithPSS($key, $message, $hash);
+ case self::SIGNATURE_PKCS1:
+ return self::signWithPKCS15($key, $message, $hash);
+ default:
+ throw new \InvalidArgumentException('Unsupported mode.');
+ }
+ }
+
+ /**
+ * Create a signature.
+ */
+ public static function signWithPSS(RSAKey $key, string $message, string $hash): string
+ {
+ $em = self::encodeEMSAPSS($message, 8 * $key->getModulusLength() - 1, Hash::$hash());
+ $message = BigInteger::createFromBinaryString($em);
+ $signature = RSAKey::exponentiate($key, $message);
+
+ return self::convertIntegerToOctetString($signature, $key->getModulusLength());
+ }
+
+ /**
+ * Create a signature.
+ */
+ public static function signWithPKCS15(RSAKey $key, string $message, string $hash): string
+ {
+ $em = self::encodeEMSA15($message, $key->getModulusLength(), Hash::$hash());
+ $message = BigInteger::createFromBinaryString($em);
+ $signature = RSAKey::exponentiate($key, $message);
+
+ return self::convertIntegerToOctetString($signature, $key->getModulusLength());
+ }
+
+ public static function verify(RSAKey $key, string $message, string $signature, string $hash, int $mode): bool
+ {
+ switch ($mode) {
+ case self::SIGNATURE_PSS:
+ return self::verifyWithPSS($key, $message, $signature, $hash);
+ case self::SIGNATURE_PKCS1:
+ return self::verifyWithPKCS15($key, $message, $signature, $hash);
+ default:
+ throw new \InvalidArgumentException('Unsupported mode.');
+ }
+ }
+
+ /**
+ * Verifies a signature.
+ */
+ public static function verifyWithPSS(RSAKey $key, string $message, string $signature, string $hash): bool
+ {
+ if (\mb_strlen($signature, '8bit') !== $key->getModulusLength()) {
+ throw new \InvalidArgumentException();
+ }
+ $s2 = BigInteger::createFromBinaryString($signature);
+ $m2 = RSAKey::exponentiate($key, $s2);
+ $em = self::convertIntegerToOctetString($m2, $key->getModulusLength());
+ $modBits = 8 * $key->getModulusLength();
+
+ return self::verifyEMSAPSS($message, $em, $modBits - 1, Hash::$hash());
+ }
+
+ /**
+ * Verifies a signature.
+ */
+ public static function verifyWithPKCS15(RSAKey $key, string $message, string $signature, string $hash): bool
+ {
+ if (\mb_strlen($signature, '8bit') !== $key->getModulusLength()) {
+ throw new \InvalidArgumentException();
+ }
+ $signature = BigInteger::createFromBinaryString($signature);
+ $m2 = RSAKey::exponentiate($key, $signature);
+ $em = self::convertIntegerToOctetString($m2, $key->getModulusLength());
+
+ return \hash_equals($em, self::encodeEMSA15($message, $key->getModulusLength(), Hash::$hash()));
+ }
+}
diff --git a/vendor/web-token/jwt-signature/composer.json b/vendor/web-token/jwt-signature/composer.json index e0ceab9..c7503a0 100644 --- a/vendor/web-token/jwt-signature/composer.json +++ b/vendor/web-token/jwt-signature/composer.json @@ -1,49 +1,49 @@ -{ - "name": "web-token/jwt-signature", - "description": "Signature component of the JWT Framework.", - "type": "library", - "license": "MIT", - "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], - "homepage": "https://github.com/web-token", - "authors": [ - { - "name": "Florent Morselli", - "homepage": "https://github.com/Spomky" - },{ - "name": "All contributors", - "homepage": "https://github.com/web-token/jwt-signature/contributors" - } - ], - "autoload": { - "psr-4": { - "Jose\\Component\\Signature\\": "" - } - }, - "require": { - "web-token/jwt-core": "^1.3", - "web-token/jwt-signature-algorithm-ecdsa": "^1.3", - "web-token/jwt-signature-algorithm-eddsa": "^1.3", - "web-token/jwt-signature-algorithm-hmac": "^1.3", - "web-token/jwt-signature-algorithm-none": "^1.3", - "web-token/jwt-signature-algorithm-rsa": "^1.3" - }, - "require-dev": { - "phpunit/phpunit": "^6.0|^7.0" - }, - "suggest": { - "web-token/jwt-signature-algorithm-ecdsa": "ECDSA Based Signature Algorithms", - "web-token/jwt-signature-algorithm-eddsa": "EdDSA Based Signature Algorithms", - "web-token/jwt-signature-algorithm-hmac": "HMAC Based Signature Algorithms", - "web-token/jwt-signature-algorithm-none": "None Signature Algorithm", - "web-token/jwt-signature-algorithm-rsa": "RSA Based Signature Algorithms", - "web-token/jwt-signature-algorithm-experimental": "Experimental Signature Algorithms" - }, - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "config": { - "sort-packages": true - } -} +{
+ "name": "web-token/jwt-signature",
+ "description": "Signature component of the JWT Framework.",
+ "type": "library",
+ "license": "MIT",
+ "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+ "homepage": "https://github.com/web-token",
+ "authors": [
+ {
+ "name": "Florent Morselli",
+ "homepage": "https://github.com/Spomky"
+ },{
+ "name": "All contributors",
+ "homepage": "https://github.com/web-token/jwt-signature/contributors"
+ }
+ ],
+ "autoload": {
+ "psr-4": {
+ "Jose\\Component\\Signature\\": ""
+ }
+ },
+ "require": {
+ "web-token/jwt-core": "^1.3",
+ "web-token/jwt-signature-algorithm-ecdsa": "^1.3",
+ "web-token/jwt-signature-algorithm-eddsa": "^1.3",
+ "web-token/jwt-signature-algorithm-hmac": "^1.3",
+ "web-token/jwt-signature-algorithm-none": "^1.3",
+ "web-token/jwt-signature-algorithm-rsa": "^1.3"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^6.0|^7.0"
+ },
+ "suggest": {
+ "web-token/jwt-signature-algorithm-ecdsa": "ECDSA Based Signature Algorithms",
+ "web-token/jwt-signature-algorithm-eddsa": "EdDSA Based Signature Algorithms",
+ "web-token/jwt-signature-algorithm-hmac": "HMAC Based Signature Algorithms",
+ "web-token/jwt-signature-algorithm-none": "None Signature Algorithm",
+ "web-token/jwt-signature-algorithm-rsa": "RSA Based Signature Algorithms",
+ "web-token/jwt-signature-algorithm-experimental": "Experimental Signature Algorithms"
+ },
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.3.x-dev"
+ }
+ },
+ "config": {
+ "sort-packages": true
+ }
+}
diff --git a/vendor/web-token/jwt-util-ecc/Curve.php b/vendor/web-token/jwt-util-ecc/Curve.php index 8c7d07d..d688598 100644 --- a/vendor/web-token/jwt-util-ecc/Curve.php +++ b/vendor/web-token/jwt-util-ecc/Curve.php @@ -1,315 +1,315 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util\Ecc; - -/** - * @internal - */ -class Curve -{ - /** - * Elliptic curve over the field of integers modulo a prime. - * - * @var \GMP - */ - private $a; - - /** - * @var \GMP - */ - private $b; - - /** - * @var \GMP - */ - private $prime; - - /** - * Binary length of keys associated with these curve parameters. - * - * @var int - */ - private $size; - - /** - * @var Point - */ - private $generator; - - public function __construct(int $size, \GMP $prime, \GMP $a, \GMP $b, Point $generator) - { - $this->size = $size; - $this->prime = $prime; - $this->a = $a; - $this->b = $b; - $this->generator = $generator; - } - - public function getA(): \GMP - { - return $this->a; - } - - public function getB(): \GMP - { - return $this->b; - } - - public function getPrime(): \GMP - { - return $this->prime; - } - - public function getSize(): int - { - return $this->size; - } - - public function getPoint(\GMP $x, \GMP $y, ?\GMP $order = null): Point - { - if (!$this->contains($x, $y)) { - throw new \RuntimeException('Curve '.$this->__toString().' does not contain point ('.Math::toString($x).', '.Math::toString($y).')'); - } - $point = Point::create($x, $y, $order); - if (!\is_null($order)) { - $mul = $this->mul($point, $order); - if (!$mul->isInfinity()) { - throw new \RuntimeException('SELF * ORDER MUST EQUAL INFINITY. ('.(string) $mul.' found instead)'); - } - } - - return $point; - } - - public function getPublicKeyFrom(\GMP $x, \GMP $y): PublicKey - { - $zero = \gmp_init(0, 10); - if (Math::cmp($x, $zero) < 0 || Math::cmp($this->generator->getOrder(), $x) <= 0 || Math::cmp($y, $zero) < 0 || Math::cmp($this->generator->getOrder(), $y) <= 0) { - throw new \RuntimeException('Generator point has x and y out of range.'); - } - $point = $this->getPoint($x, $y); - - return PublicKey::create($point); - } - - public function contains(\GMP $x, \GMP $y): bool - { - $eq_zero = Math::equals( - ModularArithmetic::sub( - Math::pow($y, 2), - Math::add( - Math::add( - Math::pow($x, 3), - Math::mul($this->getA(), $x) - ), - $this->getB() - ), - $this->getPrime() - ), - \gmp_init(0, 10) - ); - - return $eq_zero; - } - - public function add(Point $one, Point $two): Point - { - if ($two->isInfinity()) { - return clone $one; - } - - if ($one->isInfinity()) { - return clone $two; - } - - if (Math::equals($two->getX(), $one->getX())) { - if (Math::equals($two->getY(), $one->getY())) { - return $this->getDouble($one); - } else { - return Point::infinity(); - } - } - - $slope = ModularArithmetic::div( - Math::sub($two->getY(), $one->getY()), - Math::sub($two->getX(), $one->getX()), - $this->getPrime() - ); - - $xR = ModularArithmetic::sub( - Math::sub(Math::pow($slope, 2), $one->getX()), - $two->getX(), - $this->getPrime() - ); - - $yR = ModularArithmetic::sub( - Math::mul($slope, Math::sub($one->getX(), $xR)), - $one->getY(), - $this->getPrime() - ); - - return $this->getPoint($xR, $yR, $one->getOrder()); - } - - public function mul(Point $one, \GMP $n): Point - { - if ($one->isInfinity()) { - return Point::infinity(); - } - - /** @var \GMP $zero */ - $zero = \gmp_init(0, 10); - if (Math::cmp($one->getOrder(), $zero) > 0) { - $n = Math::mod($n, $one->getOrder()); - } - - if (Math::equals($n, $zero)) { - return Point::infinity(); - } - - /** @var Point[] $r */ - $r = [ - Point::infinity(), - clone $one, - ]; - - $k = $this->getSize(); - $n = \str_pad(Math::baseConvert(Math::toString($n), 10, 2), $k, '0', STR_PAD_LEFT); - - for ($i = 0; $i < $k; ++$i) { - $j = $n[$i]; - Point::cswap($r[0], $r[1], $j ^ 1); - $r[0] = $this->add($r[0], $r[1]); - $r[1] = $this->getDouble($r[1]); - Point::cswap($r[0], $r[1], $j ^ 1); - } - - $this->validate($r[0]); - - return $r[0]; - } - - /** - * @param Curve $other - */ - public function cmp(self $other): int - { - $equal = Math::equals($this->getA(), $other->getA()); - $equal &= Math::equals($this->getB(), $other->getB()); - $equal &= Math::equals($this->getPrime(), $other->getPrime()); - - return $equal ? 0 : 1; - } - - /** - * @param Curve $other - */ - public function equals(self $other): bool - { - return 0 === $this->cmp($other); - } - - public function __toString(): string - { - return 'curve('.Math::toString($this->getA()).', '.Math::toString($this->getB()).', '.Math::toString($this->getPrime()).')'; - } - - private function validate(Point $point) - { - if (!$point->isInfinity() && !$this->contains($point->getX(), $point->getY())) { - throw new \RuntimeException('Invalid point'); - } - } - - public function getDouble(Point $point): Point - { - if ($point->isInfinity()) { - return Point::infinity(); - } - - $a = $this->getA(); - $threeX2 = Math::mul(\gmp_init(3, 10), Math::pow($point->getX(), 2)); - - $tangent = ModularArithmetic::div( - Math::add($threeX2, $a), - Math::mul(\gmp_init(2, 10), $point->getY()), - $this->getPrime() - ); - - $x3 = ModularArithmetic::sub( - Math::pow($tangent, 2), - Math::mul(\gmp_init(2, 10), $point->getX()), - $this->getPrime() - ); - - $y3 = ModularArithmetic::sub( - Math::mul($tangent, Math::sub($point->getX(), $x3)), - $point->getY(), - $this->getPrime() - ); - - return $this->getPoint($x3, $y3, $point->getOrder()); - } - - public function createPrivateKey(): PrivateKey - { - return PrivateKey::create($this->generate()); - } - - public function createPublicKey(PrivateKey $privateKey): PublicKey - { - $point = $this->mul($this->generator, $privateKey->getSecret()); - - return PublicKey::create($point); - } - - private function generate(): \GMP - { - $max = $this->generator->getOrder(); - $numBits = $this->bnNumBits($max); - $numBytes = (int) \ceil($numBits / 8); - // Generate an integer of size >= $numBits - $bytes = \random_bytes($numBytes); - $value = Math::stringToInt($bytes); - $mask = \gmp_sub(\gmp_pow(2, $numBits), 1); - $integer = \gmp_and($value, $mask); - - return $integer; - } - - /** - * Returns the number of bits used to store this number. Non-significant upper bits are not counted. - * - * @see https://www.openssl.org/docs/crypto/BN_num_bytes.html - */ - private function bnNumBits(\GMP $x): int - { - $zero = \gmp_init(0, 10); - if (Math::equals($x, $zero)) { - return 0; - } - $log2 = 0; - while (false === Math::equals($x, $zero)) { - $x = Math::rightShift($x, 1); - ++$log2; - } - - return $log2; - } - - public function getGenerator(): Point - { - return $this->generator; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util\Ecc;
+
+/**
+ * @internal
+ */
+class Curve
+{
+ /**
+ * Elliptic curve over the field of integers modulo a prime.
+ *
+ * @var \GMP
+ */
+ private $a;
+
+ /**
+ * @var \GMP
+ */
+ private $b;
+
+ /**
+ * @var \GMP
+ */
+ private $prime;
+
+ /**
+ * Binary length of keys associated with these curve parameters.
+ *
+ * @var int
+ */
+ private $size;
+
+ /**
+ * @var Point
+ */
+ private $generator;
+
+ public function __construct(int $size, \GMP $prime, \GMP $a, \GMP $b, Point $generator)
+ {
+ $this->size = $size;
+ $this->prime = $prime;
+ $this->a = $a;
+ $this->b = $b;
+ $this->generator = $generator;
+ }
+
+ public function getA(): \GMP
+ {
+ return $this->a;
+ }
+
+ public function getB(): \GMP
+ {
+ return $this->b;
+ }
+
+ public function getPrime(): \GMP
+ {
+ return $this->prime;
+ }
+
+ public function getSize(): int
+ {
+ return $this->size;
+ }
+
+ public function getPoint(\GMP $x, \GMP $y, ?\GMP $order = null): Point
+ {
+ if (!$this->contains($x, $y)) {
+ throw new \RuntimeException('Curve '.$this->__toString().' does not contain point ('.Math::toString($x).', '.Math::toString($y).')');
+ }
+ $point = Point::create($x, $y, $order);
+ if (!\is_null($order)) {
+ $mul = $this->mul($point, $order);
+ if (!$mul->isInfinity()) {
+ throw new \RuntimeException('SELF * ORDER MUST EQUAL INFINITY. ('.(string) $mul.' found instead)');
+ }
+ }
+
+ return $point;
+ }
+
+ public function getPublicKeyFrom(\GMP $x, \GMP $y): PublicKey
+ {
+ $zero = \gmp_init(0, 10);
+ if (Math::cmp($x, $zero) < 0 || Math::cmp($this->generator->getOrder(), $x) <= 0 || Math::cmp($y, $zero) < 0 || Math::cmp($this->generator->getOrder(), $y) <= 0) {
+ throw new \RuntimeException('Generator point has x and y out of range.');
+ }
+ $point = $this->getPoint($x, $y);
+
+ return PublicKey::create($point);
+ }
+
+ public function contains(\GMP $x, \GMP $y): bool
+ {
+ $eq_zero = Math::equals(
+ ModularArithmetic::sub(
+ Math::pow($y, 2),
+ Math::add(
+ Math::add(
+ Math::pow($x, 3),
+ Math::mul($this->getA(), $x)
+ ),
+ $this->getB()
+ ),
+ $this->getPrime()
+ ),
+ \gmp_init(0, 10)
+ );
+
+ return $eq_zero;
+ }
+
+ public function add(Point $one, Point $two): Point
+ {
+ if ($two->isInfinity()) {
+ return clone $one;
+ }
+
+ if ($one->isInfinity()) {
+ return clone $two;
+ }
+
+ if (Math::equals($two->getX(), $one->getX())) {
+ if (Math::equals($two->getY(), $one->getY())) {
+ return $this->getDouble($one);
+ } else {
+ return Point::infinity();
+ }
+ }
+
+ $slope = ModularArithmetic::div(
+ Math::sub($two->getY(), $one->getY()),
+ Math::sub($two->getX(), $one->getX()),
+ $this->getPrime()
+ );
+
+ $xR = ModularArithmetic::sub(
+ Math::sub(Math::pow($slope, 2), $one->getX()),
+ $two->getX(),
+ $this->getPrime()
+ );
+
+ $yR = ModularArithmetic::sub(
+ Math::mul($slope, Math::sub($one->getX(), $xR)),
+ $one->getY(),
+ $this->getPrime()
+ );
+
+ return $this->getPoint($xR, $yR, $one->getOrder());
+ }
+
+ public function mul(Point $one, \GMP $n): Point
+ {
+ if ($one->isInfinity()) {
+ return Point::infinity();
+ }
+
+ /** @var \GMP $zero */
+ $zero = \gmp_init(0, 10);
+ if (Math::cmp($one->getOrder(), $zero) > 0) {
+ $n = Math::mod($n, $one->getOrder());
+ }
+
+ if (Math::equals($n, $zero)) {
+ return Point::infinity();
+ }
+
+ /** @var Point[] $r */
+ $r = [
+ Point::infinity(),
+ clone $one,
+ ];
+
+ $k = $this->getSize();
+ $n = \str_pad(Math::baseConvert(Math::toString($n), 10, 2), $k, '0', STR_PAD_LEFT);
+
+ for ($i = 0; $i < $k; ++$i) {
+ $j = $n[$i];
+ Point::cswap($r[0], $r[1], $j ^ 1);
+ $r[0] = $this->add($r[0], $r[1]);
+ $r[1] = $this->getDouble($r[1]);
+ Point::cswap($r[0], $r[1], $j ^ 1);
+ }
+
+ $this->validate($r[0]);
+
+ return $r[0];
+ }
+
+ /**
+ * @param Curve $other
+ */
+ public function cmp(self $other): int
+ {
+ $equal = Math::equals($this->getA(), $other->getA());
+ $equal &= Math::equals($this->getB(), $other->getB());
+ $equal &= Math::equals($this->getPrime(), $other->getPrime());
+
+ return $equal ? 0 : 1;
+ }
+
+ /**
+ * @param Curve $other
+ */
+ public function equals(self $other): bool
+ {
+ return 0 === $this->cmp($other);
+ }
+
+ public function __toString(): string
+ {
+ return 'curve('.Math::toString($this->getA()).', '.Math::toString($this->getB()).', '.Math::toString($this->getPrime()).')';
+ }
+
+ private function validate(Point $point)
+ {
+ if (!$point->isInfinity() && !$this->contains($point->getX(), $point->getY())) {
+ throw new \RuntimeException('Invalid point');
+ }
+ }
+
+ public function getDouble(Point $point): Point
+ {
+ if ($point->isInfinity()) {
+ return Point::infinity();
+ }
+
+ $a = $this->getA();
+ $threeX2 = Math::mul(\gmp_init(3, 10), Math::pow($point->getX(), 2));
+
+ $tangent = ModularArithmetic::div(
+ Math::add($threeX2, $a),
+ Math::mul(\gmp_init(2, 10), $point->getY()),
+ $this->getPrime()
+ );
+
+ $x3 = ModularArithmetic::sub(
+ Math::pow($tangent, 2),
+ Math::mul(\gmp_init(2, 10), $point->getX()),
+ $this->getPrime()
+ );
+
+ $y3 = ModularArithmetic::sub(
+ Math::mul($tangent, Math::sub($point->getX(), $x3)),
+ $point->getY(),
+ $this->getPrime()
+ );
+
+ return $this->getPoint($x3, $y3, $point->getOrder());
+ }
+
+ public function createPrivateKey(): PrivateKey
+ {
+ return PrivateKey::create($this->generate());
+ }
+
+ public function createPublicKey(PrivateKey $privateKey): PublicKey
+ {
+ $point = $this->mul($this->generator, $privateKey->getSecret());
+
+ return PublicKey::create($point);
+ }
+
+ private function generate(): \GMP
+ {
+ $max = $this->generator->getOrder();
+ $numBits = $this->bnNumBits($max);
+ $numBytes = (int) \ceil($numBits / 8);
+ // Generate an integer of size >= $numBits
+ $bytes = \random_bytes($numBytes);
+ $value = Math::stringToInt($bytes);
+ $mask = \gmp_sub(\gmp_pow(2, $numBits), 1);
+ $integer = \gmp_and($value, $mask);
+
+ return $integer;
+ }
+
+ /**
+ * Returns the number of bits used to store this number. Non-significant upper bits are not counted.
+ *
+ * @see https://www.openssl.org/docs/crypto/BN_num_bytes.html
+ */
+ private function bnNumBits(\GMP $x): int
+ {
+ $zero = \gmp_init(0, 10);
+ if (Math::equals($x, $zero)) {
+ return 0;
+ }
+ $log2 = 0;
+ while (false === Math::equals($x, $zero)) {
+ $x = Math::rightShift($x, 1);
+ ++$log2;
+ }
+
+ return $log2;
+ }
+
+ public function getGenerator(): Point
+ {
+ return $this->generator;
+ }
+}
diff --git a/vendor/web-token/jwt-util-ecc/LICENSE b/vendor/web-token/jwt-util-ecc/LICENSE index a098645..ce18b6a 100644 --- a/vendor/web-token/jwt-util-ecc/LICENSE +++ b/vendor/web-token/jwt-util-ecc/LICENSE @@ -1,21 +1,21 @@ -The MIT License (MIT) - -Copyright (c) 2014-2018 Spomky-Labs - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/web-token/jwt-util-ecc/Math.php b/vendor/web-token/jwt-util-ecc/Math.php index e5732da..7d3f5ea 100644 --- a/vendor/web-token/jwt-util-ecc/Math.php +++ b/vendor/web-token/jwt-util-ecc/Math.php @@ -1,97 +1,97 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util\Ecc; - -/** - * @internal - */ -class Math -{ - public static function cmp(\GMP $first, \GMP $other): int - { - return \gmp_cmp($first, $other); - } - - public static function equals(\GMP $first, \GMP $other): bool - { - return 0 === \gmp_cmp($first, $other); - } - - public static function mod(\GMP $number, \GMP $modulus): \GMP - { - return \gmp_mod($number, $modulus); - } - - public static function add(\GMP $augend, \GMP $addend): \GMP - { - return \gmp_add($augend, $addend); - } - - public static function sub(\GMP $minuend, \GMP $subtrahend): \GMP - { - return \gmp_sub($minuend, $subtrahend); - } - - public static function mul(\GMP $multiplier, \GMP $multiplicand): \GMP - { - return \gmp_mul($multiplier, $multiplicand); - } - - public static function pow(\GMP $base, int $exponent): \GMP - { - return \gmp_pow($base, $exponent); - } - - public static function bitwiseAnd(\GMP $first, \GMP $other): \GMP - { - return \gmp_and($first, $other); - } - - public static function bitwiseXor(\GMP $first, \GMP $other): \GMP - { - return \gmp_xor($first, $other); - } - - public static function toString(\GMP $value): string - { - return \gmp_strval($value); - } - - public static function inverseMod(\GMP $a, \GMP $m): \GMP - { - return \gmp_invert($a, $m); - } - - public static function baseConvert(string $number, int $from, int $to): string - { - return \gmp_strval(\gmp_init($number, $from), $to); - } - - public static function rightShift(\GMP $number, int $positions): \GMP - { - return \gmp_div($number, \gmp_pow(\gmp_init(2, 10), $positions)); - } - - public static function stringToInt(string $s): \GMP - { - $result = \gmp_init(0, 10); - $sLen = \mb_strlen($s, '8bit'); - - for ($c = 0; $c < $sLen; ++$c) { - $result = \gmp_add(\gmp_mul(256, $result), \gmp_init(\ord($s[$c]), 10)); - } - - return $result; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util\Ecc;
+
+/**
+ * @internal
+ */
+class Math
+{
+ public static function cmp(\GMP $first, \GMP $other): int
+ {
+ return \gmp_cmp($first, $other);
+ }
+
+ public static function equals(\GMP $first, \GMP $other): bool
+ {
+ return 0 === \gmp_cmp($first, $other);
+ }
+
+ public static function mod(\GMP $number, \GMP $modulus): \GMP
+ {
+ return \gmp_mod($number, $modulus);
+ }
+
+ public static function add(\GMP $augend, \GMP $addend): \GMP
+ {
+ return \gmp_add($augend, $addend);
+ }
+
+ public static function sub(\GMP $minuend, \GMP $subtrahend): \GMP
+ {
+ return \gmp_sub($minuend, $subtrahend);
+ }
+
+ public static function mul(\GMP $multiplier, \GMP $multiplicand): \GMP
+ {
+ return \gmp_mul($multiplier, $multiplicand);
+ }
+
+ public static function pow(\GMP $base, int $exponent): \GMP
+ {
+ return \gmp_pow($base, $exponent);
+ }
+
+ public static function bitwiseAnd(\GMP $first, \GMP $other): \GMP
+ {
+ return \gmp_and($first, $other);
+ }
+
+ public static function bitwiseXor(\GMP $first, \GMP $other): \GMP
+ {
+ return \gmp_xor($first, $other);
+ }
+
+ public static function toString(\GMP $value): string
+ {
+ return \gmp_strval($value);
+ }
+
+ public static function inverseMod(\GMP $a, \GMP $m): \GMP
+ {
+ return \gmp_invert($a, $m);
+ }
+
+ public static function baseConvert(string $number, int $from, int $to): string
+ {
+ return \gmp_strval(\gmp_init($number, $from), $to);
+ }
+
+ public static function rightShift(\GMP $number, int $positions): \GMP
+ {
+ return \gmp_div($number, \gmp_pow(\gmp_init(2, 10), $positions));
+ }
+
+ public static function stringToInt(string $s): \GMP
+ {
+ $result = \gmp_init(0, 10);
+ $sLen = \mb_strlen($s, '8bit');
+
+ for ($c = 0; $c < $sLen; ++$c) {
+ $result = \gmp_add(\gmp_mul(256, $result), \gmp_init(\ord($s[$c]), 10));
+ }
+
+ return $result;
+ }
+}
diff --git a/vendor/web-token/jwt-util-ecc/ModularArithmetic.php b/vendor/web-token/jwt-util-ecc/ModularArithmetic.php index 29be145..f4b0e0e 100644 --- a/vendor/web-token/jwt-util-ecc/ModularArithmetic.php +++ b/vendor/web-token/jwt-util-ecc/ModularArithmetic.php @@ -1,35 +1,35 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util\Ecc; - -/** - * @internal - */ -class ModularArithmetic -{ - public static function sub(\GMP $minuend, \GMP $subtrahend, \GMP $modulus): \GMP - { - return Math::mod(Math::sub($minuend, $subtrahend), $modulus); - } - - public static function mul(\GMP $multiplier, \GMP $muliplicand, \GMP $modulus): \GMP - { - return Math::mod(Math::mul($multiplier, $muliplicand), $modulus); - } - - public static function div(\GMP $dividend, \GMP $divisor, \GMP $modulus): \GMP - { - return self::mul($dividend, Math::inverseMod($divisor, $modulus), $modulus); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util\Ecc;
+
+/**
+ * @internal
+ */
+class ModularArithmetic
+{
+ public static function sub(\GMP $minuend, \GMP $subtrahend, \GMP $modulus): \GMP
+ {
+ return Math::mod(Math::sub($minuend, $subtrahend), $modulus);
+ }
+
+ public static function mul(\GMP $multiplier, \GMP $muliplicand, \GMP $modulus): \GMP
+ {
+ return Math::mod(Math::mul($multiplier, $muliplicand), $modulus);
+ }
+
+ public static function div(\GMP $dividend, \GMP $divisor, \GMP $modulus): \GMP
+ {
+ return self::mul($dividend, Math::inverseMod($divisor, $modulus), $modulus);
+ }
+}
diff --git a/vendor/web-token/jwt-util-ecc/NistCurve.php b/vendor/web-token/jwt-util-ecc/NistCurve.php index 70d7070..0cec998 100644 --- a/vendor/web-token/jwt-util-ecc/NistCurve.php +++ b/vendor/web-token/jwt-util-ecc/NistCurve.php @@ -1,92 +1,92 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util\Ecc; - -/** - * ********************************************************************* - * Copyright (C) 2012 Matyas Danter. - * - * Permission is hereby granted, free of charge, to any person obtaining - * a copy of this software and associated documentation files (the "Software"), - * to deal in the Software without restriction, including without limitation - * the rights to use, copy, modify, merge, publish, distribute, sublicense, - * and/or sell copies of the Software, and to permit persons to whom the - * Software is furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included - * in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS - * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL - * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES - * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, - * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR - * OTHER DEALINGS IN THE SOFTWARE. - * *********************************************************************** - */ - -/** - * @internal - */ -class NistCurve -{ - /** - * Returns an NIST P-256 curve. - */ - public static function curve256(): Curve - { - $p = \gmp_init('ffffffff00000001000000000000000000000000ffffffffffffffffffffffff', 16); - $a = \gmp_init('ffffffff00000001000000000000000000000000fffffffffffffffffffffffc', 16); - $b = \gmp_init('5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b', 16); - $x = \gmp_init('6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296', 16); - $y = \gmp_init('4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5', 16); - $n = \gmp_init('ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551', 16); - $generator = Point::create($x, $y, $n); - - return new Curve(256, $p, $a, $b, $generator); - } - - /** - * Returns an NIST P-384 curve. - */ - public static function curve384(): Curve - { - $p = \gmp_init('fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff', 16); - $a = \gmp_init('fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc', 16); - $b = \gmp_init('b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef', 16); - $x = \gmp_init('aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7', 16); - $y = \gmp_init('3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f', 16); - $n = \gmp_init('ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973', 16); - $generator = Point::create($x, $y, $n); - - return new Curve(384, $p, $a, $b, $generator); - } - - /** - * Returns an NIST P-521 curve. - */ - public static function curve521(): Curve - { - $p = \gmp_init('000001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff', 16); - $a = \gmp_init('000001fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc', 16); - $b = \gmp_init('00000051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00', 16); - $x = \gmp_init('000000c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66', 16); - $y = \gmp_init('0000011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650', 16); - $n = \gmp_init('000001fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409', 16); - $generator = Point::create($x, $y, $n); - - return new Curve(521, $p, $a, $b, $generator); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util\Ecc;
+
+/**
+ * *********************************************************************
+ * Copyright (C) 2012 Matyas Danter.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
+ * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ * ***********************************************************************
+ */
+
+/**
+ * @internal
+ */
+class NistCurve
+{
+ /**
+ * Returns an NIST P-256 curve.
+ */
+ public static function curve256(): Curve
+ {
+ $p = \gmp_init('ffffffff00000001000000000000000000000000ffffffffffffffffffffffff', 16);
+ $a = \gmp_init('ffffffff00000001000000000000000000000000fffffffffffffffffffffffc', 16);
+ $b = \gmp_init('5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b', 16);
+ $x = \gmp_init('6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296', 16);
+ $y = \gmp_init('4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5', 16);
+ $n = \gmp_init('ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551', 16);
+ $generator = Point::create($x, $y, $n);
+
+ return new Curve(256, $p, $a, $b, $generator);
+ }
+
+ /**
+ * Returns an NIST P-384 curve.
+ */
+ public static function curve384(): Curve
+ {
+ $p = \gmp_init('fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff', 16);
+ $a = \gmp_init('fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc', 16);
+ $b = \gmp_init('b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef', 16);
+ $x = \gmp_init('aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7', 16);
+ $y = \gmp_init('3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f', 16);
+ $n = \gmp_init('ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973', 16);
+ $generator = Point::create($x, $y, $n);
+
+ return new Curve(384, $p, $a, $b, $generator);
+ }
+
+ /**
+ * Returns an NIST P-521 curve.
+ */
+ public static function curve521(): Curve
+ {
+ $p = \gmp_init('000001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff', 16);
+ $a = \gmp_init('000001fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc', 16);
+ $b = \gmp_init('00000051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00', 16);
+ $x = \gmp_init('000000c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66', 16);
+ $y = \gmp_init('0000011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650', 16);
+ $n = \gmp_init('000001fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409', 16);
+ $generator = Point::create($x, $y, $n);
+
+ return new Curve(521, $p, $a, $b, $generator);
+ }
+}
diff --git a/vendor/web-token/jwt-util-ecc/Point.php b/vendor/web-token/jwt-util-ecc/Point.php index bf73b2b..6fcee1d 100644 --- a/vendor/web-token/jwt-util-ecc/Point.php +++ b/vendor/web-token/jwt-util-ecc/Point.php @@ -1,152 +1,152 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util\Ecc; - -/** - * ********************************************************************* - * Copyright (C) 2012 Matyas Danter. - * - * Permission is hereby granted, free of charge, to any person obtaining - * a copy of this software and associated documentation files (the "Software"), - * to deal in the Software without restriction, including without limitation - * the rights to use, copy, modify, merge, publish, distribute, sublicense, - * and/or sell copies of the Software, and to permit persons to whom the - * Software is furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included - * in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS - * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL - * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES - * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, - * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR - * OTHER DEALINGS IN THE SOFTWARE. - * *********************************************************************** - */ - -/** - * @internal - */ -class Point -{ - /** - * @var \GMP - */ - private $x; - - /** - * @var \GMP - */ - private $y; - - /** - * @var \GMP - */ - private $order; - - /** - * @var bool - */ - private $infinity = false; - - /** - * Initialize a new instance. - * - * @throws \RuntimeException when either the curve does not contain the given coordinates or - * when order is not null and P(x, y) * order is not equal to infinity - */ - private function __construct(\GMP $x, \GMP $y, \GMP $order, bool $infinity = false) - { - $this->x = $x; - $this->y = $y; - $this->order = $order; - $this->infinity = $infinity; - } - - /** - * @return Point - */ - public static function create(\GMP $x, \GMP $y, ?\GMP $order = null): self - { - return new self($x, $y, null === $order ? \gmp_init(0, 10) : $order); - } - - /** - * @return Point - */ - public static function infinity(): self - { - $zero = \gmp_init(0, 10); - - return new self($zero, $zero, $zero, true); - } - - public function isInfinity(): bool - { - return $this->infinity; - } - - public function getOrder(): \GMP - { - return $this->order; - } - - public function getX(): \GMP - { - return $this->x; - } - - public function getY(): \GMP - { - return $this->y; - } - - /** - * @param Point $a - * @param Point $b - */ - public static function cswap(self $a, self $b, int $cond) - { - self::cswapGMP($a->x, $b->x, $cond); - self::cswapGMP($a->y, $b->y, $cond); - self::cswapGMP($a->order, $b->order, $cond); - self::cswapBoolean($a->infinity, $b->infinity, $cond); - } - - private static function cswapBoolean(bool &$a, bool &$b, int $cond) - { - $sa = \gmp_init((int) ($a), 10); - $sb = \gmp_init((int) ($b), 10); - - self::cswapGMP($sa, $sb, $cond); - - $a = (bool) \gmp_strval($sa, 10); - $b = (bool) \gmp_strval($sb, 10); - } - - private static function cswapGMP(\GMP &$sa, \GMP &$sb, int $cond) - { - $size = \max(\mb_strlen(\gmp_strval($sa, 2), '8bit'), \mb_strlen(\gmp_strval($sb, 2), '8bit')); - $mask = (string) (1 - (int) ($cond)); - $mask = \str_pad('', $size, $mask, STR_PAD_LEFT); - $mask = \gmp_init($mask, 2); - $taA = Math::bitwiseAnd($sa, $mask); - $taB = Math::bitwiseAnd($sb, $mask); - $sa = Math::bitwiseXor(Math::bitwiseXor($sa, $sb), $taB); - $sb = Math::bitwiseXor(Math::bitwiseXor($sa, $sb), $taA); - $sa = Math::bitwiseXor(Math::bitwiseXor($sa, $sb), $taB); - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util\Ecc;
+
+/**
+ * *********************************************************************
+ * Copyright (C) 2012 Matyas Danter.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
+ * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ * ***********************************************************************
+ */
+
+/**
+ * @internal
+ */
+class Point
+{
+ /**
+ * @var \GMP
+ */
+ private $x;
+
+ /**
+ * @var \GMP
+ */
+ private $y;
+
+ /**
+ * @var \GMP
+ */
+ private $order;
+
+ /**
+ * @var bool
+ */
+ private $infinity = false;
+
+ /**
+ * Initialize a new instance.
+ *
+ * @throws \RuntimeException when either the curve does not contain the given coordinates or
+ * when order is not null and P(x, y) * order is not equal to infinity
+ */
+ private function __construct(\GMP $x, \GMP $y, \GMP $order, bool $infinity = false)
+ {
+ $this->x = $x;
+ $this->y = $y;
+ $this->order = $order;
+ $this->infinity = $infinity;
+ }
+
+ /**
+ * @return Point
+ */
+ public static function create(\GMP $x, \GMP $y, ?\GMP $order = null): self
+ {
+ return new self($x, $y, null === $order ? \gmp_init(0, 10) : $order);
+ }
+
+ /**
+ * @return Point
+ */
+ public static function infinity(): self
+ {
+ $zero = \gmp_init(0, 10);
+
+ return new self($zero, $zero, $zero, true);
+ }
+
+ public function isInfinity(): bool
+ {
+ return $this->infinity;
+ }
+
+ public function getOrder(): \GMP
+ {
+ return $this->order;
+ }
+
+ public function getX(): \GMP
+ {
+ return $this->x;
+ }
+
+ public function getY(): \GMP
+ {
+ return $this->y;
+ }
+
+ /**
+ * @param Point $a
+ * @param Point $b
+ */
+ public static function cswap(self $a, self $b, int $cond)
+ {
+ self::cswapGMP($a->x, $b->x, $cond);
+ self::cswapGMP($a->y, $b->y, $cond);
+ self::cswapGMP($a->order, $b->order, $cond);
+ self::cswapBoolean($a->infinity, $b->infinity, $cond);
+ }
+
+ private static function cswapBoolean(bool &$a, bool &$b, int $cond)
+ {
+ $sa = \gmp_init((int) ($a), 10);
+ $sb = \gmp_init((int) ($b), 10);
+
+ self::cswapGMP($sa, $sb, $cond);
+
+ $a = (bool) \gmp_strval($sa, 10);
+ $b = (bool) \gmp_strval($sb, 10);
+ }
+
+ private static function cswapGMP(\GMP &$sa, \GMP &$sb, int $cond)
+ {
+ $size = \max(\mb_strlen(\gmp_strval($sa, 2), '8bit'), \mb_strlen(\gmp_strval($sb, 2), '8bit'));
+ $mask = (string) (1 - (int) ($cond));
+ $mask = \str_pad('', $size, $mask, STR_PAD_LEFT);
+ $mask = \gmp_init($mask, 2);
+ $taA = Math::bitwiseAnd($sa, $mask);
+ $taB = Math::bitwiseAnd($sb, $mask);
+ $sa = Math::bitwiseXor(Math::bitwiseXor($sa, $sb), $taB);
+ $sb = Math::bitwiseXor(Math::bitwiseXor($sa, $sb), $taA);
+ $sa = Math::bitwiseXor(Math::bitwiseXor($sa, $sb), $taB);
+ }
+}
diff --git a/vendor/web-token/jwt-util-ecc/PrivateKey.php b/vendor/web-token/jwt-util-ecc/PrivateKey.php index d33fb5b..4444ab7 100644 --- a/vendor/web-token/jwt-util-ecc/PrivateKey.php +++ b/vendor/web-token/jwt-util-ecc/PrivateKey.php @@ -1,67 +1,67 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util\Ecc; - -/** - * ********************************************************************* - * Copyright (C) 2012 Matyas Danter. - * - * Permission is hereby granted, free of charge, to any person obtaining - * a copy of this software and associated documentation files (the "Software"), - * to deal in the Software without restriction, including without limitation - * the rights to use, copy, modify, merge, publish, distribute, sublicense, - * and/or sell copies of the Software, and to permit persons to whom the - * Software is furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included - * in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS - * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL - * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES - * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, - * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR - * OTHER DEALINGS IN THE SOFTWARE. - * *********************************************************************** - */ - -/** - * @internal - */ -class PrivateKey -{ - /** - * @var \GMP - */ - private $secret; - - private function __construct(\GMP $secret) - { - $this->secret = $secret; - } - - /** - * @return PrivateKey - */ - public static function create(\GMP $secret): self - { - return new self($secret); - } - - public function getSecret(): \GMP - { - return $this->secret; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util\Ecc;
+
+/**
+ * *********************************************************************
+ * Copyright (C) 2012 Matyas Danter.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
+ * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ * ***********************************************************************
+ */
+
+/**
+ * @internal
+ */
+class PrivateKey
+{
+ /**
+ * @var \GMP
+ */
+ private $secret;
+
+ private function __construct(\GMP $secret)
+ {
+ $this->secret = $secret;
+ }
+
+ /**
+ * @return PrivateKey
+ */
+ public static function create(\GMP $secret): self
+ {
+ return new self($secret);
+ }
+
+ public function getSecret(): \GMP
+ {
+ return $this->secret;
+ }
+}
diff --git a/vendor/web-token/jwt-util-ecc/PublicKey.php b/vendor/web-token/jwt-util-ecc/PublicKey.php index a85c0e2..7aa50f0 100644 --- a/vendor/web-token/jwt-util-ecc/PublicKey.php +++ b/vendor/web-token/jwt-util-ecc/PublicKey.php @@ -1,70 +1,70 @@ -<?php - -declare(strict_types=1); - -/* - * The MIT License (MIT) - * - * Copyright (c) 2014-2018 Spomky-Labs - * - * This software may be modified and distributed under the terms - * of the MIT license. See the LICENSE file for details. - */ - -namespace Jose\Component\Core\Util\Ecc; - -/** - * ********************************************************************* - * Copyright (C) 2012 Matyas Danter. - * - * Permission is hereby granted, free of charge, to any person obtaining - * a copy of this software and associated documentation files (the "Software"), - * to deal in the Software without restriction, including without limitation - * the rights to use, copy, modify, merge, publish, distribute, sublicense, - * and/or sell copies of the Software, and to permit persons to whom the - * Software is furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included - * in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS - * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL - * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES - * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, - * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR - * OTHER DEALINGS IN THE SOFTWARE. - * *********************************************************************** - */ - -/** - * @internal - */ -class PublicKey -{ - /** - * @var Point - */ - private $point; - - /** - * PublicKey constructor. - */ - private function __construct(Point $point) - { - $this->point = $point; - } - - /** - * @return PublicKey - */ - public static function create(Point $point): self - { - return new self($point); - } - - public function getPoint(): Point - { - return $this->point; - } -} +<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Core\Util\Ecc;
+
+/**
+ * *********************************************************************
+ * Copyright (C) 2012 Matyas Danter.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
+ * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ * ***********************************************************************
+ */
+
+/**
+ * @internal
+ */
+class PublicKey
+{
+ /**
+ * @var Point
+ */
+ private $point;
+
+ /**
+ * PublicKey constructor.
+ */
+ private function __construct(Point $point)
+ {
+ $this->point = $point;
+ }
+
+ /**
+ * @return PublicKey
+ */
+ public static function create(Point $point): self
+ {
+ return new self($point);
+ }
+
+ public function getPoint(): Point
+ {
+ return $this->point;
+ }
+}
diff --git a/vendor/web-token/jwt-util-ecc/composer.json b/vendor/web-token/jwt-util-ecc/composer.json index 0598e3e..ea0784d 100644 --- a/vendor/web-token/jwt-util-ecc/composer.json +++ b/vendor/web-token/jwt-util-ecc/composer.json @@ -1,38 +1,38 @@ -{ - "name": "web-token/jwt-util-ecc", - "description": "ECC Tools for the JWT Framework.", - "type": "library", - "license": "MIT", - "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"], - "homepage": "https://github.com/web-token", - "authors": [ - { - "name": "Florent Morselli", - "homepage": "https://github.com/Spomky" - },{ - "name": "All contributors", - "homepage": "https://github.com/web-token/jwt-core/contributors" - } - ], - "autoload": { - "psr-4": { - "Jose\\Component\\Core\\Util\\Ecc\\": "" - } - }, - "require": { - "php": "^7.1", - "ext-gmp": "*", - "ext-mbstring": "*" - }, - "require-dev": { - "phpunit/phpunit": "^6.0|^7.0" - }, - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "config": { - "sort-packages": true - } -} +{
+ "name": "web-token/jwt-util-ecc",
+ "description": "ECC Tools for the JWT Framework.",
+ "type": "library",
+ "license": "MIT",
+ "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+ "homepage": "https://github.com/web-token",
+ "authors": [
+ {
+ "name": "Florent Morselli",
+ "homepage": "https://github.com/Spomky"
+ },{
+ "name": "All contributors",
+ "homepage": "https://github.com/web-token/jwt-core/contributors"
+ }
+ ],
+ "autoload": {
+ "psr-4": {
+ "Jose\\Component\\Core\\Util\\Ecc\\": ""
+ }
+ },
+ "require": {
+ "php": "^7.1",
+ "ext-gmp": "*",
+ "ext-mbstring": "*"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^6.0|^7.0"
+ },
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.3.x-dev"
+ }
+ },
+ "config": {
+ "sort-packages": true
+ }
+}
|