platine-php /
webauthn
@@ -10,6 +10,5 @@ |
||
| 10 | 10 | * @class WebauthnException |
| 11 | 11 | * @package Platine\Webauthn\Exception |
| 12 | 12 | */ |
| 13 | -class WebauthnException extends Exception |
|
| 14 | -{ |
|
| 13 | +class WebauthnException extends Exception { |
|
| 15 | 14 | } |
@@ -284,7 +284,7 @@ |
||
| 284 | 284 | |
| 285 | 285 | $extensionData = CborDecoder::decode($data); |
| 286 | 286 | |
| 287 | - if (! is_array($extensionData)) { |
|
| 287 | + if (!is_array($extensionData)) { |
|
| 288 | 288 | throw new WebauthnException('Invalid extension data'); |
| 289 | 289 | } |
| 290 | 290 | |
@@ -270,9 +270,9 @@ |
||
| 270 | 270 | |
| 271 | 271 | |
| 272 | 272 | /** |
| 273 | - * {@inheritdoc} |
|
| 274 | - * @return mixed |
|
| 275 | - */ |
|
| 273 | + * {@inheritdoc} |
|
| 274 | + * @return mixed |
|
| 275 | + */ |
|
| 276 | 276 | public function jsonSerialize(): mixed |
| 277 | 277 | { |
| 278 | 278 | return get_object_vars($this); |
@@ -44,8 +44,7 @@ discard block |
||
| 44 | 44 | * @class AuthenticatorData |
| 45 | 45 | * @package Platine\Webauthn\Attestation |
| 46 | 46 | */ |
| 47 | -class AuthenticatorData implements JsonSerializable |
|
| 48 | -{ |
|
| 47 | +class AuthenticatorData implements JsonSerializable { |
|
| 49 | 48 | public const EC2_TYPE = 2; |
| 50 | 49 | public const RSA_TYPE = 3; |
| 51 | 50 | |
@@ -89,8 +88,7 @@ discard block |
||
| 89 | 88 | * Create new instance |
| 90 | 89 | * @param string $binary |
| 91 | 90 | */ |
| 92 | - public function __construct(string $binary) |
|
| 93 | - { |
|
| 91 | + public function __construct(string $binary) { |
|
| 94 | 92 | if (strlen($binary) < 37) { |
| 95 | 93 | throw new WebauthnException('Invalid authenticator data provided'); |
| 96 | 94 | } |
@@ -11,8 +11,8 @@ |
||
| 11 | 11 | class None extends BaseFormat |
| 12 | 12 | { |
| 13 | 13 | /** |
| 14 | - * {@inheritdoc} |
|
| 15 | - */ |
|
| 14 | + * {@inheritdoc} |
|
| 15 | + */ |
|
| 16 | 16 | public function validateAttestation(string $clientData): bool |
| 17 | 17 | { |
| 18 | 18 | return true; |
@@ -8,8 +8,7 @@ |
||
| 8 | 8 | * @class None |
| 9 | 9 | * @package Platine\Webauthn\Attestation\Format |
| 10 | 10 | */ |
| 11 | -class None extends BaseFormat |
|
| 12 | -{ |
|
| 11 | +class None extends BaseFormat { |
|
| 13 | 12 | /** |
| 14 | 13 | * {@inheritdoc} |
| 15 | 14 | */ |
@@ -79,8 +79,8 @@ discard block |
||
| 79 | 79 | } |
| 80 | 80 | |
| 81 | 81 | /** |
| 82 | - * {@inheritdoc} |
|
| 83 | - */ |
|
| 82 | + * {@inheritdoc} |
|
| 83 | + */ |
|
| 84 | 84 | public function getCertificatePem(): string |
| 85 | 85 | { |
| 86 | 86 | $pem = '-----BEGIN CERTIFICATE-----' . "\n"; |
@@ -91,8 +91,8 @@ discard block |
||
| 91 | 91 | } |
| 92 | 92 | |
| 93 | 93 | /** |
| 94 | - * {@inheritdoc} |
|
| 95 | - */ |
|
| 94 | + * {@inheritdoc} |
|
| 95 | + */ |
|
| 96 | 96 | public function validateAttestation(string $clientData): bool |
| 97 | 97 | { |
| 98 | 98 | $publicKey = openssl_pkey_get_public($this->getCertificatePem()); |
@@ -129,8 +129,8 @@ discard block |
||
| 129 | 129 | } |
| 130 | 130 | |
| 131 | 131 | /** |
| 132 | - * {@inheritdoc} |
|
| 133 | - */ |
|
| 132 | + * {@inheritdoc} |
|
| 133 | + */ |
|
| 134 | 134 | public function validateRootCertificate(array $rootCertificates): bool |
| 135 | 135 | { |
| 136 | 136 | $chain = $this->createX5cChainFile(); |
@@ -12,8 +12,7 @@ |
||
| 12 | 12 | * @class FidoU2F |
| 13 | 13 | * @package Platine\Webauthn\Attestation\Format |
| 14 | 14 | */ |
| 15 | -class FidoU2F extends BaseFormat |
|
| 16 | -{ |
|
| 15 | +class FidoU2F extends BaseFormat { |
|
| 17 | 16 | /** |
| 18 | 17 | * The algorithm used |
| 19 | 18 | * @var int |
@@ -85,21 +85,21 @@ |
||
| 85 | 85 | } |
| 86 | 86 | |
| 87 | 87 | if ( |
| 88 | - ! array_key_exists('sig', $attestationStatement) || |
|
| 89 | - ! $attestationStatement['sig'] instanceof ByteBuffer |
|
| 88 | + !array_key_exists('sig', $attestationStatement) || |
|
| 89 | + !$attestationStatement['sig'] instanceof ByteBuffer |
|
| 90 | 90 | ) { |
| 91 | 91 | throw new WebauthnException('No signature found'); |
| 92 | 92 | } |
| 93 | 93 | |
| 94 | 94 | if ( |
| 95 | - ! array_key_exists('x5c', $attestationStatement) || |
|
| 96 | - ! is_array($attestationStatement['x5c']) || |
|
| 95 | + !array_key_exists('x5c', $attestationStatement) || |
|
| 96 | + !is_array($attestationStatement['x5c']) || |
|
| 97 | 97 | count($attestationStatement['x5c']) !== 1 |
| 98 | 98 | ) { |
| 99 | 99 | throw new WebauthnException('Invalid X5C certificate'); |
| 100 | 100 | } |
| 101 | 101 | |
| 102 | - if (! $attestationStatement['x5c'][0] instanceof ByteBuffer) { |
|
| 102 | + if (!$attestationStatement['x5c'][0] instanceof ByteBuffer) { |
|
| 103 | 103 | throw new WebauthnException('Invalid X5C certificate must be Byte Buffer)'); |
| 104 | 104 | } |
| 105 | 105 | |
@@ -88,8 +88,8 @@ discard block |
||
| 88 | 88 | } |
| 89 | 89 | |
| 90 | 90 | /** |
| 91 | - * {@inheritdoc} |
|
| 92 | - */ |
|
| 91 | + * {@inheritdoc} |
|
| 92 | + */ |
|
| 93 | 93 | public function getCertificatePem(): ?string |
| 94 | 94 | { |
| 95 | 95 | if (empty($this->x5c)) { |
@@ -100,8 +100,8 @@ discard block |
||
| 100 | 100 | } |
| 101 | 101 | |
| 102 | 102 | /** |
| 103 | - * {@inheritdoc} |
|
| 104 | - */ |
|
| 103 | + * {@inheritdoc} |
|
| 104 | + */ |
|
| 105 | 105 | public function validateAttestation(string $clientData): bool |
| 106 | 106 | { |
| 107 | 107 | if (! empty($this->x5c)) { |
@@ -112,8 +112,8 @@ discard block |
||
| 112 | 112 | } |
| 113 | 113 | |
| 114 | 114 | /** |
| 115 | - * {@inheritdoc} |
|
| 116 | - */ |
|
| 115 | + * {@inheritdoc} |
|
| 116 | + */ |
|
| 117 | 117 | public function validateRootCertificate(array $rootCertificates): bool |
| 118 | 118 | { |
| 119 | 119 | if (empty($this->x5c)) { |
@@ -12,8 +12,7 @@ |
||
| 12 | 12 | * @class Packed |
| 13 | 13 | * @package Platine\Webauthn\Attestation\Format |
| 14 | 14 | */ |
| 15 | -class Packed extends BaseFormat |
|
| 16 | -{ |
|
| 15 | +class Packed extends BaseFormat { |
|
| 17 | 16 | /** |
| 18 | 17 | * The algorithm used |
| 19 | 18 | * @var int |
@@ -75,15 +75,15 @@ discard block |
||
| 75 | 75 | // check u2f data |
| 76 | 76 | $attestationStatement = $this->attestationData['attStmt']; |
| 77 | 77 | if ( |
| 78 | - ! array_key_exists('alg', $attestationStatement) || |
|
| 78 | + !array_key_exists('alg', $attestationStatement) || |
|
| 79 | 79 | $this->getCoseAlgorithm($attestationStatement['alg']) === null |
| 80 | 80 | ) { |
| 81 | 81 | throw new WebauthnException('Unsupported algorithm or not provided'); |
| 82 | 82 | } |
| 83 | 83 | |
| 84 | 84 | if ( |
| 85 | - ! array_key_exists('sig', $attestationStatement) || |
|
| 86 | - ! $attestationStatement['sig'] instanceof ByteBuffer |
|
| 85 | + !array_key_exists('sig', $attestationStatement) || |
|
| 86 | + !$attestationStatement['sig'] instanceof ByteBuffer |
|
| 87 | 87 | ) { |
| 88 | 88 | throw new WebauthnException('No signature found'); |
| 89 | 89 | } |
@@ -98,7 +98,7 @@ discard block |
||
| 98 | 98 | ) { |
| 99 | 99 | // The attestation certificate attestnCert MUST be the first element in the array |
| 100 | 100 | $attestCert = array_shift($attestationStatement['x5c']); |
| 101 | - if (! $attestCert instanceof ByteBuffer) { |
|
| 101 | + if (!$attestCert instanceof ByteBuffer) { |
|
| 102 | 102 | throw new WebauthnException('Invalid X5C certificate'); |
| 103 | 103 | } |
| 104 | 104 | |
@@ -130,7 +130,7 @@ discard block |
||
| 130 | 130 | */ |
| 131 | 131 | public function validateAttestation(string $clientData): bool |
| 132 | 132 | { |
| 133 | - if (! empty($this->x5c)) { |
|
| 133 | + if (!empty($this->x5c)) { |
|
| 134 | 134 | return $this->validateOverX5C($clientData); |
| 135 | 135 | } |
| 136 | 136 | |
@@ -188,7 +188,7 @@ discard block |
||
| 188 | 188 | 'hash' => 'SHA1', |
| 189 | 189 | 'openssl' => OPENSSL_ALGO_SHA1, |
| 190 | 190 | 'cose' => [ |
| 191 | - -65535, // RS1 |
|
| 191 | + -65535, // RS1 |
|
| 192 | 192 | ], |
| 193 | 193 | ], |
| 194 | 194 | [ |
@@ -196,9 +196,9 @@ discard block |
||
| 196 | 196 | 'openssl' => OPENSSL_ALGO_SHA256, |
| 197 | 197 | 'cose' => [ |
| 198 | 198 | -257, // RS256 |
| 199 | - -37, // PS256 |
|
| 200 | - -7, // ES256 |
|
| 201 | - 5, // HMAC256 |
|
| 199 | + -37, // PS256 |
|
| 200 | + -7, // ES256 |
|
| 201 | + 5, // HMAC256 |
|
| 202 | 202 | ], |
| 203 | 203 | ], |
| 204 | 204 | [ |
@@ -206,9 +206,9 @@ discard block |
||
| 206 | 206 | 'openssl' => OPENSSL_ALGO_SHA384, |
| 207 | 207 | 'cose' => [ |
| 208 | 208 | -258, // RS384 |
| 209 | - -38, // PS384 |
|
| 210 | - -35, // ES384 |
|
| 211 | - 6, // HMAC384 |
|
| 209 | + -38, // PS384 |
|
| 210 | + -35, // ES384 |
|
| 211 | + 6, // HMAC384 |
|
| 212 | 212 | ], |
| 213 | 213 | ], |
| 214 | 214 | [ |
@@ -216,9 +216,9 @@ discard block |
||
| 216 | 216 | 'openssl' => OPENSSL_ALGO_SHA512, |
| 217 | 217 | 'cose' => [ |
| 218 | 218 | -259, // RS512 |
| 219 | - -39, // PS512 |
|
| 220 | - -36, // ES512 |
|
| 221 | - 7, // HMAC512 |
|
| 219 | + -39, // PS512 |
|
| 220 | + -36, // ES512 |
|
| 221 | + 7, // HMAC512 |
|
| 222 | 222 | ], |
| 223 | 223 | ], |
| 224 | 224 | ]; |
@@ -40,8 +40,7 @@ discard block |
||
| 40 | 40 | * @class BaseFormat |
| 41 | 41 | * @package Platine\Webauthn\Attestation\Format |
| 42 | 42 | */ |
| 43 | -abstract class BaseFormat implements JsonSerializable |
|
| 44 | -{ |
|
| 43 | +abstract class BaseFormat implements JsonSerializable { |
|
| 45 | 44 | /** |
| 46 | 45 | * The X5C Chain data |
| 47 | 46 | * @var array<string> |
@@ -68,8 +67,7 @@ discard block |
||
| 68 | 67 | /** |
| 69 | 68 | * Destructor |
| 70 | 69 | */ |
| 71 | - public function __destruct() |
|
| 72 | - { |
|
| 70 | + public function __destruct() { |
|
| 73 | 71 | // delete X.509 chain certificate file after use |
| 74 | 72 | if ($this->x5cTempFile !== null && is_file($this->x5cTempFile)) { |
| 75 | 73 | unlink($this->x5cTempFile); |
@@ -188,9 +188,9 @@ |
||
| 188 | 188 | } |
| 189 | 189 | |
| 190 | 190 | /** |
| 191 | - * {@inheritdoc} |
|
| 192 | - * @return mixed |
|
| 193 | - */ |
|
| 191 | + * {@inheritdoc} |
|
| 192 | + * @return mixed |
|
| 193 | + */ |
|
| 194 | 194 | public function jsonSerialize(): mixed |
| 195 | 195 | { |
| 196 | 196 | return get_object_vars($this); |
@@ -132,8 +132,8 @@ discard block |
||
| 132 | 132 | } |
| 133 | 133 | |
| 134 | 134 | /** |
| 135 | - * {@inheritdoc} |
|
| 136 | - */ |
|
| 135 | + * {@inheritdoc} |
|
| 136 | + */ |
|
| 137 | 137 | public function getCertificatePem(): ?string |
| 138 | 138 | { |
| 139 | 139 | if (empty($this->x5c)) { |
@@ -144,16 +144,16 @@ discard block |
||
| 144 | 144 | } |
| 145 | 145 | |
| 146 | 146 | /** |
| 147 | - * {@inheritdoc} |
|
| 148 | - */ |
|
| 147 | + * {@inheritdoc} |
|
| 148 | + */ |
|
| 149 | 149 | public function validateAttestation(string $clientData): bool |
| 150 | 150 | { |
| 151 | 151 | return $this->validateOverX5C($clientData); |
| 152 | 152 | } |
| 153 | 153 | |
| 154 | 154 | /** |
| 155 | - * {@inheritdoc} |
|
| 156 | - */ |
|
| 155 | + * {@inheritdoc} |
|
| 156 | + */ |
|
| 157 | 157 | public function validateRootCertificate(array $rootCertificates): bool |
| 158 | 158 | { |
| 159 | 159 | if (empty($this->x5c)) { |
@@ -206,7 +206,7 @@ discard block |
||
| 206 | 206 | $dataToVerify = $this->authenticatorData->getBinary(); |
| 207 | 207 | $dataToVerify .= $clientData; |
| 208 | 208 | |
| 209 | - // Verify that magic is set to TPM_GENERATED_VALUE. |
|
| 209 | + // Verify that magic is set to TPM_GENERATED_VALUE. |
|
| 210 | 210 | if ($this->certInfo->getBytes(0, 4) !== self::TPM_GENERATED_VALUE) { |
| 211 | 211 | throw new WebauthnException('TPM magic value not the same TPM_GENERATED_VALUE'); |
| 212 | 212 | } |
@@ -62,7 +62,7 @@ discard block |
||
| 62 | 62 | $attestationStatement = $this->attestationData['attStmt']; |
| 63 | 63 | |
| 64 | 64 | if ( |
| 65 | - ! array_key_exists('ver', $attestationStatement) || |
|
| 65 | + !array_key_exists('ver', $attestationStatement) || |
|
| 66 | 66 | $attestationStatement['ver'] !== '2.0' |
| 67 | 67 | ) { |
| 68 | 68 | throw new WebauthnException(sprintf( |
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | } |
| 73 | 73 | |
| 74 | 74 | if ( |
| 75 | - ! array_key_exists('alg', $attestationStatement) || |
|
| 75 | + !array_key_exists('alg', $attestationStatement) || |
|
| 76 | 76 | $this->getCoseAlgorithm($attestationStatement['alg']) === null |
| 77 | 77 | ) { |
| 78 | 78 | throw new WebauthnException(sprintf( |
@@ -82,22 +82,22 @@ discard block |
||
| 82 | 82 | } |
| 83 | 83 | |
| 84 | 84 | if ( |
| 85 | - ! array_key_exists('sig', $attestationStatement) || |
|
| 86 | - ! $attestationStatement['sig'] instanceof ByteBuffer |
|
| 85 | + !array_key_exists('sig', $attestationStatement) || |
|
| 86 | + !$attestationStatement['sig'] instanceof ByteBuffer |
|
| 87 | 87 | ) { |
| 88 | 88 | throw new WebauthnException('No signature found'); |
| 89 | 89 | } |
| 90 | 90 | |
| 91 | 91 | if ( |
| 92 | - ! array_key_exists('certInfo', $attestationStatement) || |
|
| 93 | - ! $attestationStatement['certInfo'] instanceof ByteBuffer |
|
| 92 | + !array_key_exists('certInfo', $attestationStatement) || |
|
| 93 | + !$attestationStatement['certInfo'] instanceof ByteBuffer |
|
| 94 | 94 | ) { |
| 95 | 95 | throw new WebauthnException('No certificate information found'); |
| 96 | 96 | } |
| 97 | 97 | |
| 98 | 98 | if ( |
| 99 | - ! array_key_exists('pubArea', $attestationStatement) || |
|
| 100 | - ! $attestationStatement['pubArea'] instanceof ByteBuffer |
|
| 99 | + !array_key_exists('pubArea', $attestationStatement) || |
|
| 100 | + !$attestationStatement['pubArea'] instanceof ByteBuffer |
|
| 101 | 101 | ) { |
| 102 | 102 | throw new WebauthnException('No public area information found'); |
| 103 | 103 | } |
@@ -114,7 +114,7 @@ discard block |
||
| 114 | 114 | ) { |
| 115 | 115 | // The attestation certificate attestnCert MUST be the first element in the array |
| 116 | 116 | $attestCert = array_shift($attestationStatement['x5c']); |
| 117 | - if (! $attestCert instanceof ByteBuffer) { |
|
| 117 | + if (!$attestCert instanceof ByteBuffer) { |
|
| 118 | 118 | throw new WebauthnException('Invalid X5C certificate'); |
| 119 | 119 | } |
| 120 | 120 | |
@@ -41,8 +41,7 @@ |
||
| 41 | 41 | * @class Tpm |
| 42 | 42 | * @package Platine\Webauthn\Attestation\Format |
| 43 | 43 | */ |
| 44 | -class Tpm extends BaseFormat |
|
| 45 | -{ |
|
| 44 | +class Tpm extends BaseFormat { |
|
| 46 | 45 | public const TPM_GENERATED_VALUE = "\xFF\x54\x43\x47"; |
| 47 | 46 | public const TPM_ST_ATTEST_CERTIFY = "\x80\x17"; |
| 48 | 47 | |
@@ -10,8 +10,7 @@ |
||
| 10 | 10 | * @class WebauthnConfiguration |
| 11 | 11 | * @package Platine\Webauthn |
| 12 | 12 | */ |
| 13 | -class WebauthnConfiguration extends AbstractConfiguration |
|
| 14 | -{ |
|
| 13 | +class WebauthnConfiguration extends AbstractConfiguration { |
|
| 15 | 14 | /** |
| 16 | 15 | * {@inheritdoc} |
| 17 | 16 | */ |
@@ -90,14 +90,14 @@ |
||
| 90 | 90 | */ |
| 91 | 91 | public function __construct(int $binaryFlag) |
| 92 | 92 | { |
| 93 | - $this->bit0 = !! ($binaryFlag & 1); |
|
| 94 | - $this->bit1 = !! ($binaryFlag & 2); |
|
| 95 | - $this->bit2 = !! ($binaryFlag & 4); |
|
| 96 | - $this->bit3 = !! ($binaryFlag & 8); |
|
| 97 | - $this->bit4 = !! ($binaryFlag & 16); |
|
| 98 | - $this->bit5 = !! ($binaryFlag & 32); |
|
| 99 | - $this->bit6 = !! ($binaryFlag & 64); |
|
| 100 | - $this->bit7 = !! ($binaryFlag & 128); |
|
| 93 | + $this->bit0 = !!($binaryFlag & 1); |
|
| 94 | + $this->bit1 = !!($binaryFlag & 2); |
|
| 95 | + $this->bit2 = !!($binaryFlag & 4); |
|
| 96 | + $this->bit3 = !!($binaryFlag & 8); |
|
| 97 | + $this->bit4 = !!($binaryFlag & 16); |
|
| 98 | + $this->bit5 = !!($binaryFlag & 32); |
|
| 99 | + $this->bit6 = !!($binaryFlag & 64); |
|
| 100 | + $this->bit7 = !!($binaryFlag & 128); |
|
| 101 | 101 | |
| 102 | 102 | $this->userPresent = $this->bit0; |
| 103 | 103 | $this->userVerified = $this->bit2; |
@@ -39,8 +39,7 @@ discard block |
||
| 39 | 39 | * @class Flag |
| 40 | 40 | * @package Platine\Webauthn\Entity |
| 41 | 41 | */ |
| 42 | -class Flag implements JsonSerializable |
|
| 43 | -{ |
|
| 42 | +class Flag implements JsonSerializable { |
|
| 44 | 43 | /** |
| 45 | 44 | * The bit 0 |
| 46 | 45 | * @var bool |
@@ -117,8 +116,7 @@ discard block |
||
| 117 | 116 | * Create new instance |
| 118 | 117 | * @param int $binaryFlag |
| 119 | 118 | */ |
| 120 | - public function __construct(int $binaryFlag) |
|
| 121 | - { |
|
| 119 | + public function __construct(int $binaryFlag) { |
|
| 122 | 120 | $this->bit0 = !! ($binaryFlag & 1); |
| 123 | 121 | $this->bit1 = !! ($binaryFlag & 2); |
| 124 | 122 | $this->bit2 = !! ($binaryFlag & 4); |
@@ -188,9 +188,9 @@ |
||
| 188 | 188 | } |
| 189 | 189 | |
| 190 | 190 | /** |
| 191 | - * {@inheritdoc} |
|
| 192 | - * @return mixed |
|
| 193 | - */ |
|
| 191 | + * {@inheritdoc} |
|
| 192 | + * @return mixed |
|
| 193 | + */ |
|
| 194 | 194 | public function jsonSerialize(): mixed |
| 195 | 195 | { |
| 196 | 196 | return get_object_vars($this); |
