These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php namespace jwk\impl; |
||
2 | /** |
||
3 | * Copyright 2015 OpenStack Foundation |
||
4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
5 | * you may not use this file except in compliance with the License. |
||
6 | * You may obtain a copy of the License at |
||
7 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
8 | * Unless required by applicable law or agreed to in writing, software |
||
9 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
10 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
11 | * See the License for the specific language governing permissions and |
||
12 | * limitations under the License. |
||
13 | **/ |
||
14 | use jwk\exceptions\InvalidJWKVisibilityException; |
||
15 | use jwk\IAsymmetricJWK; |
||
16 | use jwk\JSONWebKeyVisibility; |
||
17 | use jwk\PublicJSONWebKeyParameters; |
||
18 | use security\exceptions\X509CertMismatchException; |
||
19 | use security\PrivateKey; |
||
20 | use security\PublicKey; |
||
21 | use security\x509\X509Certificate; |
||
22 | use security\x509\X509CertificateFactory; |
||
23 | use utils\json_types\JsonArray; |
||
24 | use utils\json_types\StringOrURI; |
||
25 | /** |
||
26 | * Class AsymmetricJWK |
||
27 | * @package jwk\impl |
||
28 | */ |
||
29 | abstract class AsymmetricJWK |
||
30 | extends JWK |
||
31 | implements IAsymmetricJWK |
||
32 | { |
||
33 | |||
34 | /** |
||
35 | * @var int |
||
36 | */ |
||
37 | protected $visibility; |
||
38 | |||
39 | /** |
||
40 | * @var PrivateKey |
||
41 | */ |
||
42 | protected $private_key; |
||
43 | |||
44 | /** |
||
45 | * @var PublicKey |
||
46 | */ |
||
47 | protected $public_key; |
||
48 | |||
49 | /** |
||
50 | * @var X509Certificate[] |
||
51 | */ |
||
52 | protected $x509_certificates_chain = []; |
||
53 | |||
54 | /** |
||
55 | * @param array $headers |
||
56 | * @throws X509CertMismatchException |
||
57 | */ |
||
58 | protected function __construct(array $headers = array()) |
||
59 | { |
||
60 | parent::__construct($headers); |
||
61 | |||
62 | if(count($headers) === 0 ) return; |
||
63 | |||
64 | // certificates |
||
65 | if(in_array(PublicJSONWebKeyParameters::X_509CertificateChain, $headers) && is_array($headers[PublicJSONWebKeyParameters::X_509CertificateChain])){ |
||
66 | |||
67 | // json array |
||
68 | foreach($headers[PublicJSONWebKeyParameters::X_509CertificateChain] as $x509_pem){ |
||
69 | $this->x509_certificates_chain[] = X509CertificateFactory::buildFromPEM($x509_pem); |
||
70 | } |
||
71 | |||
72 | if($this->checkX509CertMismatch()){ |
||
73 | throw new X509CertMismatchException; |
||
74 | } |
||
75 | |||
76 | $this->set[PublicJSONWebKeyParameters::X_509CertificateChain] = new JsonArray($headers[PublicJSONWebKeyParameters::X_509CertificateChain]); |
||
77 | } |
||
78 | |||
79 | View Code Duplication | if(in_array(PublicJSONWebKeyParameters::X_509CertificateSHA_1_Thumbprint, $headers)){ |
|
0 ignored issues
–
show
|
|||
80 | $this->set[PublicJSONWebKeyParameters::X_509CertificateSHA_1_Thumbprint] = new StringOrURI($headers[PublicJSONWebKeyParameters::X_509CertificateSHA_1_Thumbprint]) ; |
||
81 | } |
||
82 | |||
83 | View Code Duplication | if(in_array(PublicJSONWebKeyParameters::X_509CertificateSHA_256_Thumbprint, $headers)){ |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
84 | $this->set[PublicJSONWebKeyParameters::X_509CertificateSHA_256_Thumbprint] = new StringOrURI($headers[PublicJSONWebKeyParameters::X_509CertificateSHA_256_Thumbprint]); |
||
85 | } |
||
86 | |||
87 | View Code Duplication | if(in_array(PublicJSONWebKeyParameters::X_509Url, $headers)){ |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
88 | $this->set[PublicJSONWebKeyParameters::X_509Url] = new StringOrURI($headers[PublicJSONWebKeyParameters::X_509Url]); |
||
89 | } |
||
90 | } |
||
91 | |||
92 | /** |
||
93 | * @return int |
||
94 | */ |
||
95 | public function getVisibility() |
||
96 | { |
||
97 | return $this->visibility; |
||
98 | } |
||
99 | |||
100 | /** |
||
101 | * @param int $visibility |
||
102 | * @return $this |
||
103 | * @throws InvalidJWKVisibilityException |
||
104 | */ |
||
105 | public function setVisibility($visibility) |
||
106 | { |
||
107 | if(!in_array($visibility, JSONWebKeyVisibility::$valid_values)) |
||
108 | throw new InvalidJWKVisibilityException; |
||
109 | $this->visibility = $visibility; |
||
110 | return $this; |
||
111 | } |
||
112 | |||
113 | /** |
||
114 | * @return PrivateKey |
||
115 | */ |
||
116 | public function getPrivateKey() |
||
117 | { |
||
118 | return $this->private_key; |
||
119 | } |
||
120 | |||
121 | /** |
||
122 | * @return PublicKey |
||
123 | */ |
||
124 | public function getPublicKey() |
||
125 | { |
||
126 | return $this->public_key; |
||
127 | } |
||
128 | |||
129 | /** |
||
130 | * @return null | X509Certificate |
||
131 | */ |
||
132 | public function getX509LeafCertificate(){ |
||
133 | return count($this->x509_certificates_chain) > 0 ? $this->x509_certificates_chain[0] : null; |
||
134 | } |
||
135 | |||
136 | |||
137 | /** |
||
138 | * @return X509Certificate[] |
||
139 | */ |
||
140 | public function getCertificateChain() |
||
141 | { |
||
142 | return $this->x509_certificates_chain; |
||
143 | } |
||
144 | |||
145 | /** |
||
146 | * @param bool $fallback_on_x5c |
||
147 | * @return string |
||
148 | */ |
||
149 | View Code Duplication | public function getX509CertificateSha1Thumbprint($fallback_on_x5c = false) |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
150 | { |
||
151 | $res = is_null($this[PublicJSONWebKeyParameters::X_509CertificateSHA_1_Thumbprint])? null : $this[PublicJSONWebKeyParameters::X_509CertificateSHA_1_Thumbprint]->getString(); |
||
152 | if(empty($res) && $fallback_on_x5c){ |
||
153 | $x509 = $this->getX509LeafCertificate(); |
||
154 | if(!is_null($x509)){ |
||
155 | return $x509->getSHA_1_Thumbprint(); |
||
156 | } |
||
157 | } |
||
158 | return $res; |
||
159 | } |
||
160 | |||
161 | /** |
||
162 | * @param bool $fallback_on_x5c |
||
163 | * @return string |
||
164 | */ |
||
165 | View Code Duplication | public function getX509CertificateSha256Thumbprint($fallback_on_x5c = false) |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
166 | { |
||
167 | $res = is_null($this[PublicJSONWebKeyParameters::X_509CertificateSHA_256_Thumbprint])? null : $this[PublicJSONWebKeyParameters::X_509CertificateSHA_256_Thumbprint]->getString(); |
||
168 | if(empty($res) && $fallback_on_x5c){ |
||
169 | $x509 = $this->getX509LeafCertificate(); |
||
170 | if(!is_null($x509)){ |
||
171 | return $x509->getSHA_256_Thumbprint(); |
||
172 | } |
||
173 | } |
||
174 | return $res; |
||
175 | } |
||
176 | |||
177 | /** |
||
178 | * @return string |
||
179 | */ |
||
180 | public function getX509Url() |
||
181 | { |
||
182 | return is_null($this[PublicJSONWebKeyParameters::X_509Url])? null : $this[PublicJSONWebKeyParameters::X_509Url]->getString(); |
||
183 | } |
||
184 | |||
185 | /** |
||
186 | * @return bool |
||
187 | */ |
||
188 | protected function checkX509CertMismatch(){ |
||
189 | $x509 = $this->getX509LeafCertificate(); |
||
190 | return !is_null($x509) && $x509->getPublicKey() !== $this->public_key->getStrippedEncoded(); |
||
191 | } |
||
192 | |||
193 | /** |
||
194 | * @param array $x5c |
||
195 | * @return $this |
||
196 | * @throws X509CertMismatchException |
||
197 | */ |
||
198 | public function setX509CertificateChain(array $x5c){ |
||
199 | // json array |
||
200 | foreach($x5c as $x509_pem){ |
||
201 | array_push($this->x509_certificates_chain, X509CertificateFactory::buildFromPEM($x509_pem)); |
||
202 | } |
||
203 | |||
204 | if($this->checkX509CertMismatch()){ |
||
205 | throw new X509CertMismatchException; |
||
206 | } |
||
207 | |||
208 | $this->set[PublicJSONWebKeyParameters::X_509CertificateChain] = new JsonArray($x5c); |
||
209 | |||
210 | return $this; |
||
211 | } |
||
212 | } |
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.