smarcet /
JOSE4PHP
@@ -43,7 +43,9 @@ |
||
| 43 | 43 | |
| 44 | 44 | $this->file = new \File_X509(); |
| 45 | 45 | $this->info = $this->file->loadX509($pem); |
| 46 | - if($this->info === false) throw new InvalidX509CertificateException($pem); |
|
| 46 | + if($this->info === false) { |
|
| 47 | + throw new InvalidX509CertificateException($pem); |
|
| 48 | + } |
|
| 47 | 49 | $this->original_pem = $pem; |
| 48 | 50 | } |
| 49 | 51 | |
@@ -40,14 +40,17 @@ |
||
| 40 | 40 | protected function __construct(Key $secret, $headers = array()) |
| 41 | 41 | { |
| 42 | 42 | |
| 43 | - if(empty($secret)) |
|
| 44 | - throw new InvalidOctetSequenceJWKException('secret is not set!.'); |
|
| 43 | + if(empty($secret)) { |
|
| 44 | + throw new InvalidOctetSequenceJWKException('secret is not set!.'); |
|
| 45 | + } |
|
| 45 | 46 | |
| 46 | 47 | $this->set[JSONWebKeyParameters::KeyType] = new StringOrURI(JSONWebKeyTypes::OctetSequence); |
| 47 | 48 | |
| 48 | 49 | parent::__construct($headers); |
| 49 | 50 | |
| 50 | - if(count($headers) === 0 ) return; |
|
| 51 | + if(count($headers) === 0 ) { |
|
| 52 | + return; |
|
| 53 | + } |
|
| 51 | 54 | |
| 52 | 55 | $b64 = new Base64UrlRepresentation(); |
| 53 | 56 | |
@@ -41,37 +41,42 @@ discard block |
||
| 41 | 41 | static public function build(IJWKSpecification $spec) |
| 42 | 42 | { |
| 43 | 43 | |
| 44 | - if(is_null($spec)) throw new \InvalidArgumentException('missing spec param'); |
|
| 44 | + if(is_null($spec)) { |
|
| 45 | + throw new \InvalidArgumentException('missing spec param'); |
|
| 46 | + } |
|
| 45 | 47 | |
| 46 | 48 | $algorithm = DigitalSignatures_MACs_Registry::getInstance()->get |
| 47 | 49 | ( |
| 48 | 50 | $spec->getAlg() |
| 49 | 51 | ); |
| 50 | 52 | |
| 51 | - if(is_null($algorithm)) |
|
| 52 | - $algorithm = ContentEncryptionAlgorithms_Registry::getInstance()->get |
|
| 53 | + if(is_null($algorithm)) { |
|
| 54 | + $algorithm = ContentEncryptionAlgorithms_Registry::getInstance()->get |
|
| 53 | 55 | ( |
| 54 | 56 | $spec->getAlg() |
| 55 | 57 | ); |
| 58 | + } |
|
| 56 | 59 | |
| 57 | - if(is_null($algorithm)) |
|
| 58 | - $algorithm = KeyManagementAlgorithms_Registry::getInstance()->get |
|
| 60 | + if(is_null($algorithm)) { |
|
| 61 | + $algorithm = KeyManagementAlgorithms_Registry::getInstance()->get |
|
| 59 | 62 | ( |
| 60 | 63 | $spec->getAlg() |
| 61 | 64 | ); |
| 65 | + } |
|
| 62 | 66 | |
| 63 | - if(is_null($algorithm)) |
|
| 64 | - throw new InvalidJWKAlgorithm |
|
| 67 | + if(is_null($algorithm)) { |
|
| 68 | + throw new InvalidJWKAlgorithm |
|
| 65 | 69 | ( |
| 66 | 70 | sprintf( |
| 67 | 71 | 'alg %s not supported!', |
| 68 | 72 | $spec->getAlg() |
| 69 | 73 | ) |
| 70 | 74 | ); |
| 75 | + } |
|
| 71 | 76 | |
| 72 | 77 | |
| 73 | - if($algorithm->getKeyType() !== JSONWebKeyTypes::OctetSequence) |
|
| 74 | - throw new InvalidJWKAlgorithm |
|
| 78 | + if($algorithm->getKeyType() !== JSONWebKeyTypes::OctetSequence) { |
|
| 79 | + throw new InvalidJWKAlgorithm |
|
| 75 | 80 | ( |
| 76 | 81 | sprintf |
| 77 | 82 | ( |
@@ -79,8 +84,11 @@ discard block |
||
| 79 | 84 | $algorithm->getKeyType() |
| 80 | 85 | ) |
| 81 | 86 | ); |
| 87 | + } |
|
| 82 | 88 | |
| 83 | - if(!($spec instanceof OctetSequenceJWKSpecification)) throw new JWKInvalidSpecException; |
|
| 89 | + if(!($spec instanceof OctetSequenceJWKSpecification)) { |
|
| 90 | + throw new JWKInvalidSpecException; |
|
| 91 | + } |
|
| 84 | 92 | |
| 85 | 93 | $shared_secret = $spec->getSharedSecret(); |
| 86 | 94 | $secret_len = strlen($shared_secret); |
@@ -56,8 +56,9 @@ discard block |
||
| 56 | 56 | */ |
| 57 | 57 | public function getKeys() |
| 58 | 58 | { |
| 59 | - if(isset($this->set[JWKSetParameters::Keys])) |
|
| 60 | - return $this->set[JWKSetParameters::Keys]->getValue(); |
|
| 59 | + if(isset($this->set[JWKSetParameters::Keys])) { |
|
| 60 | + return $this->set[JWKSetParameters::Keys]->getValue(); |
|
| 61 | + } |
|
| 61 | 62 | return array(); |
| 62 | 63 | } |
| 63 | 64 | |
@@ -70,14 +71,17 @@ discard block |
||
| 70 | 71 | { |
| 71 | 72 | $id = $key->getId(); |
| 72 | 73 | |
| 73 | - if(empty($id)) |
|
| 74 | - throw new JWKInvalidIdentifierException('key id is empty!'); |
|
| 74 | + if(empty($id)) { |
|
| 75 | + throw new JWKInvalidIdentifierException('key id is empty!'); |
|
| 76 | + } |
|
| 75 | 77 | |
| 76 | - if(array_key_exists($id->getValue(), $this->keys_ids)) |
|
| 77 | - throw new JWKInvalidIdentifierException(sprintf('id %s already exists!'), $key->getId()->getValue()); |
|
| 78 | + if(array_key_exists($id->getValue(), $this->keys_ids)) { |
|
| 79 | + throw new JWKInvalidIdentifierException(sprintf('id %s already exists!'), $key->getId()->getValue()); |
|
| 80 | + } |
|
| 78 | 81 | |
| 79 | - if(!isset($this->set[JWKSetParameters::Keys])) |
|
| 80 | - $this->set[JWKSetParameters::Keys] = new JsonArray(array()); |
|
| 82 | + if(!isset($this->set[JWKSetParameters::Keys])) { |
|
| 83 | + $this->set[JWKSetParameters::Keys] = new JsonArray(array()); |
|
| 84 | + } |
|
| 81 | 85 | |
| 82 | 86 | $keys = $this->set[JWKSetParameters::Keys]; |
| 83 | 87 | $keys->append($key); |
@@ -91,7 +95,9 @@ discard block |
||
| 91 | 95 | */ |
| 92 | 96 | public function getKeyById($kid) |
| 93 | 97 | { |
| 94 | - if(!array_key_exists($kid, $this->keys_ids)) return null; |
|
| 98 | + if(!array_key_exists($kid, $this->keys_ids)) { |
|
| 99 | + return null; |
|
| 100 | + } |
|
| 95 | 101 | return $this->keys_ids[$kid]; |
| 96 | 102 | } |
| 97 | 103 | |
@@ -104,7 +110,9 @@ discard block |
||
| 104 | 110 | static public function fromJson($json){ |
| 105 | 111 | $json = str_replace( array("\n","\r","\t"), '', trim($json)); |
| 106 | 112 | $res = json_decode($json, true); |
| 107 | - if(!isset($res[JWKSetParameters::Keys])) throw new JWKInvalidIdentifierException; |
|
| 113 | + if(!isset($res[JWKSetParameters::Keys])) { |
|
| 114 | + throw new JWKInvalidIdentifierException; |
|
| 115 | + } |
|
| 108 | 116 | $keys = $res[JWKSetParameters::Keys]; |
| 109 | 117 | $jwk_set = new JWKSet; |
| 110 | 118 | foreach($keys as $key){ |
@@ -112,16 +120,24 @@ discard block |
||
| 112 | 120 | $kid = @$key[JSONWebKeyParameters::KeyId]; |
| 113 | 121 | $use = @$key[JSONWebKeyParameters::PublicKeyUse]; |
| 114 | 122 | $alg = @$key[JSONWebKeyParameters::Algorithm]; |
| 115 | - if(empty($alg)) $alg = JSONWebSignatureAndEncryptionAlgorithms::RS256; |
|
| 123 | + if(empty($alg)) { |
|
| 124 | + $alg = JSONWebSignatureAndEncryptionAlgorithms::RS256; |
|
| 125 | + } |
|
| 116 | 126 | |
| 117 | - if(empty($kty) || empty($kid) || empty($use)) continue; |
|
| 127 | + if(empty($kty) || empty($kid) || empty($use)) { |
|
| 128 | + continue; |
|
| 129 | + } |
|
| 118 | 130 | |
| 119 | - if(!in_array($kty, JSONWebKeyTypes::$supported_keys)) continue; |
|
| 131 | + if(!in_array($kty, JSONWebKeyTypes::$supported_keys)) { |
|
| 132 | + continue; |
|
| 133 | + } |
|
| 120 | 134 | |
| 121 | 135 | $n = @$key[RSAKeysParameters::Modulus]; |
| 122 | 136 | $e = @$key[RSAKeysParameters::Exponent]; |
| 123 | 137 | $x5c = @$key[PublicJSONWebKeyParameters::X_509CertificateChain]; |
| 124 | - if(is_null($x5c)) $x5c = array(); |
|
| 138 | + if(is_null($x5c)) { |
|
| 139 | + $x5c = array(); |
|
| 140 | + } |
|
| 125 | 141 | $x5u = @$key[PublicJSONWebKeyParameters::X_509Url]; |
| 126 | 142 | $x5t = @$key[PublicJSONWebKeyParameters::X_509CertificateSHA_1_Thumbprint]; |
| 127 | 143 | $x5t_S256 = @$key[PublicJSONWebKeyParameters::X_509CertificateSHA_256_Thumbprint]; |
@@ -41,7 +41,9 @@ discard block |
||
| 41 | 41 | static public function build(IJWKSpecification $spec) |
| 42 | 42 | { |
| 43 | 43 | |
| 44 | - if(is_null($spec)) throw new \InvalidArgumentException('missing spec param'); |
|
| 44 | + if(is_null($spec)) { |
|
| 45 | + throw new \InvalidArgumentException('missing spec param'); |
|
| 46 | + } |
|
| 45 | 47 | |
| 46 | 48 | $algorithm = DigitalSignatures_MACs_Registry::getInstance()->get($spec->getAlg()); |
| 47 | 49 | |
@@ -50,8 +52,8 @@ discard block |
||
| 50 | 52 | $algorithm = KeyManagementAlgorithms_Registry::getInstance()->get($spec->getAlg()); |
| 51 | 53 | } |
| 52 | 54 | |
| 53 | - if(is_null($algorithm)) |
|
| 54 | - throw new InvalidJWKAlgorithm |
|
| 55 | + if(is_null($algorithm)) { |
|
| 56 | + throw new InvalidJWKAlgorithm |
|
| 55 | 57 | ( |
| 56 | 58 | sprintf |
| 57 | 59 | ( |
@@ -59,9 +61,10 @@ discard block |
||
| 59 | 61 | $spec->getAlg() |
| 60 | 62 | ) |
| 61 | 63 | ); |
| 64 | + } |
|
| 62 | 65 | |
| 63 | - if($algorithm->getKeyType() !== JSONWebKeyTypes::RSA) |
|
| 64 | - throw new InvalidJWKAlgorithm |
|
| 66 | + if($algorithm->getKeyType() !== JSONWebKeyTypes::RSA) { |
|
| 67 | + throw new InvalidJWKAlgorithm |
|
| 65 | 68 | ( |
| 66 | 69 | sprintf |
| 67 | 70 | ( |
@@ -69,6 +72,7 @@ discard block |
||
| 69 | 72 | $algorithm->getKeyType() |
| 70 | 73 | ) |
| 71 | 74 | ); |
| 75 | + } |
|
| 72 | 76 | |
| 73 | 77 | if ($spec instanceof RSAJWKPEMPrivateKeySpecification) |
| 74 | 78 | { |
@@ -39,8 +39,9 @@ |
||
| 39 | 39 | $kid = null |
| 40 | 40 | ) |
| 41 | 41 | { |
| 42 | - if(!empty($alg) && !in_array($alg, RSAKeysParameters::$valid_algorithms_values)) |
|
| 43 | - throw new InvalidJWKAlgorithm(sprintf('alg %s', $alg)); |
|
| 42 | + if(!empty($alg) && !in_array($alg, RSAKeysParameters::$valid_algorithms_values)) { |
|
| 43 | + throw new InvalidJWKAlgorithm(sprintf('alg %s', $alg)); |
|
| 44 | + } |
|
| 44 | 45 | |
| 45 | 46 | parent::__construct($alg, $use, $kid); |
| 46 | 47 | } |
@@ -45,8 +45,9 @@ |
||
| 45 | 45 | $use = JSONWebKeyPublicKeyUseValues::Signature |
| 46 | 46 | ) |
| 47 | 47 | { |
| 48 | - if(!in_array($alg, OctetSequenceKeysParameters::$valid_algorithms_values)) |
|
| 49 | - throw new InvalidJWKAlgorithm(sprintf('alg %s', $alg)); |
|
| 48 | + if(!in_array($alg, OctetSequenceKeysParameters::$valid_algorithms_values)) { |
|
| 49 | + throw new InvalidJWKAlgorithm(sprintf('alg %s', $alg)); |
|
| 50 | + } |
|
| 50 | 51 | |
| 51 | 52 | parent::__construct($alg, $use); |
| 52 | 53 | |
@@ -53,11 +53,14 @@ discard block |
||
| 53 | 53 | |
| 54 | 54 | parent::__construct($headers); |
| 55 | 55 | |
| 56 | - if (count($headers) === 0) return; |
|
| 56 | + if (count($headers) === 0) { |
|
| 57 | + return; |
|
| 58 | + } |
|
| 57 | 59 | |
| 58 | 60 | foreach (RSAKeysParameters::$public_key_params as $p) { |
| 59 | - if (!array_key_exists($p, $headers)) |
|
| 60 | - throw new RSAJWKMissingPublicKeyParamException(); |
|
| 61 | + if (!array_key_exists($p, $headers)) { |
|
| 62 | + throw new RSAJWKMissingPublicKeyParamException(); |
|
| 63 | + } |
|
| 61 | 64 | $this->set[$p] = new Base64urlUInt($headers[$p]); |
| 62 | 65 | } |
| 63 | 66 | |
@@ -74,8 +77,9 @@ discard block |
||
| 74 | 77 | //its has one private param, must have all ... |
| 75 | 78 | if (in_array(RSAKeysParameters::FirstPrimeFactor, $headers)) { |
| 76 | 79 | foreach (RSAKeysParameters::$producers_private_key_params as $p) { |
| 77 | - if (!array_key_exists($p, $headers)) |
|
| 78 | - throw new RSAJWKMissingPrivateKeyParamException(); |
|
| 80 | + if (!array_key_exists($p, $headers)) { |
|
| 81 | + throw new RSAJWKMissingPrivateKeyParamException(); |
|
| 82 | + } |
|
| 79 | 83 | $this->set[$p] = new Base64urlUInt($headers[$p]); |
| 80 | 84 | } |
| 81 | 85 | $this->private_key = RSAFacade::getInstance()->buildPrivateKey( |
@@ -112,11 +116,13 @@ discard block |
||
| 112 | 116 | */ |
| 113 | 117 | static public function fromKeys(KeyPair $keys) |
| 114 | 118 | { |
| 115 | - if(!($keys->getPrivate() instanceof RSAPrivateKey)) |
|
| 116 | - throw new \RuntimeException('Private key of invalid type!'); |
|
| 119 | + if(!($keys->getPrivate() instanceof RSAPrivateKey)) { |
|
| 120 | + throw new \RuntimeException('Private key of invalid type!'); |
|
| 121 | + } |
|
| 117 | 122 | |
| 118 | - if(!($keys->getPublic() instanceof RSAPublicKey)) |
|
| 119 | - throw new \RuntimeException('Public key of invalid type!'); |
|
| 123 | + if(!($keys->getPublic() instanceof RSAPublicKey)) { |
|
| 124 | + throw new \RuntimeException('Public key of invalid type!'); |
|
| 125 | + } |
|
| 120 | 126 | |
| 121 | 127 | $jwk = new RSAJWK(); |
| 122 | 128 | $jwk->public_key = $keys->getPublic(); |
@@ -134,7 +140,9 @@ discard block |
||
| 134 | 140 | */ |
| 135 | 141 | static public function fromPublicKey(PublicKey $public_key) |
| 136 | 142 | { |
| 137 | - if (!($public_key instanceof RSAPublicKey)) throw new InvalidJWKType(); |
|
| 143 | + if (!($public_key instanceof RSAPublicKey)) { |
|
| 144 | + throw new InvalidJWKType(); |
|
| 145 | + } |
|
| 138 | 146 | $jwk = new RSAJWK(); |
| 139 | 147 | $jwk->public_key = $public_key; |
| 140 | 148 | $jwk->set[RSAKeysParameters::Exponent] = Base64urlUInt::fromBigInt($public_key->getPublicExponent()); |
@@ -149,7 +157,9 @@ discard block |
||
| 149 | 157 | */ |
| 150 | 158 | static public function fromPrivateKey(PrivateKey $private_key) |
| 151 | 159 | { |
| 152 | - if (!($private_key instanceof RSAPrivateKey)) throw new InvalidJWKType(); |
|
| 160 | + if (!($private_key instanceof RSAPrivateKey)) { |
|
| 161 | + throw new InvalidJWKType(); |
|
| 162 | + } |
|
| 153 | 163 | $jwk = new RSAJWK(); |
| 154 | 164 | $jwk->private_key = $private_key; |
| 155 | 165 | $jwk->set[RSAKeysParameters::Exponent] = Base64urlUInt::fromBigInt($private_key->getPublicExponent()); |
@@ -63,7 +63,9 @@ discard block |
||
| 63 | 63 | { |
| 64 | 64 | parent::__construct($headers); |
| 65 | 65 | |
| 66 | - if(count($headers) === 0 ) return; |
|
| 66 | + if(count($headers) === 0 ) { |
|
| 67 | + return; |
|
| 68 | + } |
|
| 67 | 69 | |
| 68 | 70 | // certificates |
| 69 | 71 | if(in_array(PublicJSONWebKeyParameters::X_509CertificateChain, $headers) && is_array($headers[PublicJSONWebKeyParameters::X_509CertificateChain])){ |
@@ -109,8 +111,9 @@ discard block |
||
| 109 | 111 | */ |
| 110 | 112 | public function setVisibility($visibility) |
| 111 | 113 | { |
| 112 | - if(!in_array($visibility, JSONWebKeyVisibility::$valid_values)) |
|
| 113 | - throw new InvalidJWKVisibilityException; |
|
| 114 | + if(!in_array($visibility, JSONWebKeyVisibility::$valid_values)) { |
|
| 115 | + throw new InvalidJWKVisibilityException; |
|
| 116 | + } |
|
| 114 | 117 | $this->visibility = $visibility; |
| 115 | 118 | return $this; |
| 116 | 119 | } |
