sop / jwx

lib/JWX/JWE/EncryptionAlgorithm/A256CBCHS512Algorithm.php

Indentation +56 added lines, -56 removed lines

@@ -11,66 +11,66 @@
  */
 class A256CBCHS512Algorithm extends AESCBCAlgorithm
 {
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function keySize()
-    {
-        return 64;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function keySize()
+	{
+		return 64;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function encryptionAlgorithmParamValue()
-    {
-        return JWA::ALGO_A256CBC_HS512;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function encryptionAlgorithmParamValue()
+	{
+		return JWA::ALGO_A256CBC_HS512;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _cipherMethod()
-    {
-        return "AES-256-CBC";
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _cipherMethod()
+	{
+		return "AES-256-CBC";
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _hashAlgo()
-    {
-        return "sha512";
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _hashAlgo()
+	{
+		return "sha512";
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _encKeyLen()
-    {
-        return 32;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _encKeyLen()
+	{
+		return 32;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _macKeyLen()
-    {
-        return 32;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _macKeyLen()
+	{
+		return 32;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _tagLen()
-    {
-        return 32;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _tagLen()
+	{
+		return 32;
+	}
 }

lib/JWX/JWE/EncryptionAlgorithm/A192GCMAlgorithm.php

Indentation +24 added lines, -24 removed lines

@@ -12,30 +12,30 @@
  */
 class A192GCMAlgorithm extends AESGCMAlgorithm
 {
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function encryptionAlgorithmParamValue()
-    {
-        return JWA::ALGO_A192GCM;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function encryptionAlgorithmParamValue()
+	{
+		return JWA::ALGO_A192GCM;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function keySize()
-    {
-        return 24;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function keySize()
+	{
+		return 24;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _getGCMCipher()
-    {
-        return new AES192Cipher();
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _getGCMCipher()
+	{
+		return new AES192Cipher();
+	}
 }

lib/JWX/JWE/JWE.php

Indentation +327 added lines, -327 removed lines

@@ -18,353 +18,353 @@
  */
 class JWE
 {
-    /**
-     * Protected header.
-     *
-     * @var Header $_protectedHeader
-     */
-    protected $_protectedHeader;
+	/**
+	 * Protected header.
+	 *
+	 * @var Header $_protectedHeader
+	 */
+	protected $_protectedHeader;
     
-    /**
-     * Encrypted key.
-     *
-     * @var string $_encryptedKey
-     */
-    protected $_encryptedKey;
+	/**
+	 * Encrypted key.
+	 *
+	 * @var string $_encryptedKey
+	 */
+	protected $_encryptedKey;
     
-    /**
-     * Initialization vector.
-     *
-     * @var string
-     */
-    protected $_iv;
+	/**
+	 * Initialization vector.
+	 *
+	 * @var string
+	 */
+	protected $_iv;
     
-    /**
-     * Additional authenticated data.
-     *
-     * @var string $_aad
-     */
-    protected $_aad;
+	/**
+	 * Additional authenticated data.
+	 *
+	 * @var string $_aad
+	 */
+	protected $_aad;
     
-    /**
-     * Ciphertext.
-     *
-     * @var string $_ciphertext
-     */
-    protected $_ciphertext;
+	/**
+	 * Ciphertext.
+	 *
+	 * @var string $_ciphertext
+	 */
+	protected $_ciphertext;
     
-    /**
-     * Authentication tag.
-     *
-     * @var string $_authenticationTag
-     */
-    protected $_authenticationTag;
+	/**
+	 * Authentication tag.
+	 *
+	 * @var string $_authenticationTag
+	 */
+	protected $_authenticationTag;
     
-    /**
-     * Constructor.
-     *
-     * @param Header $protected_header JWE Protected Header
-     * @param string $encrypted_key Encrypted key
-     * @param string $iv Initialization vector
-     * @param string $ciphertext Ciphertext
-     * @param string $auth_tag Authentication tag
-     * @param string|null $aad Additional authenticated data
-     */
-    public function __construct(Header $protected_header, $encrypted_key, $iv,
-        $ciphertext, $auth_tag, $aad = null)
-    {
-        $this->_protectedHeader = $protected_header;
-        $this->_encryptedKey = $encrypted_key;
-        $this->_iv = $iv;
-        $this->_aad = $aad;
-        $this->_ciphertext = $ciphertext;
-        $this->_authenticationTag = $auth_tag;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Header $protected_header JWE Protected Header
+	 * @param string $encrypted_key Encrypted key
+	 * @param string $iv Initialization vector
+	 * @param string $ciphertext Ciphertext
+	 * @param string $auth_tag Authentication tag
+	 * @param string|null $aad Additional authenticated data
+	 */
+	public function __construct(Header $protected_header, $encrypted_key, $iv,
+		$ciphertext, $auth_tag, $aad = null)
+	{
+		$this->_protectedHeader = $protected_header;
+		$this->_encryptedKey = $encrypted_key;
+		$this->_iv = $iv;
+		$this->_aad = $aad;
+		$this->_ciphertext = $ciphertext;
+		$this->_authenticationTag = $auth_tag;
+	}
     
-    /**
-     * Initialize from compact serialization.
-     *
-     * @param string $data
-     * @return self
-     */
-    public static function fromCompact($data)
-    {
-        return self::fromParts(explode(".", $data));
-    }
+	/**
+	 * Initialize from compact serialization.
+	 *
+	 * @param string $data
+	 * @return self
+	 */
+	public static function fromCompact($data)
+	{
+		return self::fromParts(explode(".", $data));
+	}
     
-    /**
-     * Initialize from parts of compact serialization.
-     *
-     * @param array $parts
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromParts(array $parts)
-    {
-        if (count($parts) != 5) {
-            throw new \UnexpectedValueException(
-                "Invalid JWE compact serialization.");
-        }
-        $header = Header::fromJSON(Base64::urlDecode($parts[0]));
-        $encrypted_key = Base64::urlDecode($parts[1]);
-        $iv = Base64::urlDecode($parts[2]);
-        $ciphertext = Base64::urlDecode($parts[3]);
-        $auth_tag = Base64::urlDecode($parts[4]);
-        return new self($header, $encrypted_key, $iv, $ciphertext, $auth_tag);
-    }
+	/**
+	 * Initialize from parts of compact serialization.
+	 *
+	 * @param array $parts
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromParts(array $parts)
+	{
+		if (count($parts) != 5) {
+			throw new \UnexpectedValueException(
+				"Invalid JWE compact serialization.");
+		}
+		$header = Header::fromJSON(Base64::urlDecode($parts[0]));
+		$encrypted_key = Base64::urlDecode($parts[1]);
+		$iv = Base64::urlDecode($parts[2]);
+		$ciphertext = Base64::urlDecode($parts[3]);
+		$auth_tag = Base64::urlDecode($parts[4]);
+		return new self($header, $encrypted_key, $iv, $ciphertext, $auth_tag);
+	}
     
-    /**
-     * Initialize by encrypting the given payload.
-     *
-     * @param string $payload Payload
-     * @param KeyManagementAlgorithm $key_algo Key management algorithm
-     * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
-     * @param CompressionAlgorithm|null $zip_algo Optional compression algorithm
-     * @param Header|null $header Optional desired header. Algorithm specific
-     *        parameters are automatically added.
-     * @param string|null $cek Optional content encryption key. Randomly
-     *        generated if not set.
-     * @param string|null $iv Optional initialization vector. Randomly generated
-     *        if not set.
-     * @throws \RuntimeException If encrypt fails
-     * @return self
-     */
-    public static function encrypt($payload, KeyManagementAlgorithm $key_algo,
-        ContentEncryptionAlgorithm $enc_algo,
-        CompressionAlgorithm $zip_algo = null, Header $header = null, $cek = null, $iv = null)
-    {
-        // if header was not given, initialize empty
-        if (!isset($header)) {
-            $header = new Header();
-        }
-        // generate random CEK
-        if (!isset($cek)) {
-            $cek = $key_algo->cekForEncryption($enc_algo->keySize());
-        }
-        // generate random IV
-        if (!isset($iv)) {
-            $iv = openssl_random_pseudo_bytes($enc_algo->ivSize());
-        }
-        // compress
-        if (isset($zip_algo)) {
-            $payload = $zip_algo->compress($payload);
-            $header = $header->withParameters(...$zip_algo->headerParameters());
-        }
-        return self::_encryptContent($payload, $cek, $iv, $key_algo, $enc_algo,
-            $header);
-    }
+	/**
+	 * Initialize by encrypting the given payload.
+	 *
+	 * @param string $payload Payload
+	 * @param KeyManagementAlgorithm $key_algo Key management algorithm
+	 * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
+	 * @param CompressionAlgorithm|null $zip_algo Optional compression algorithm
+	 * @param Header|null $header Optional desired header. Algorithm specific
+	 *        parameters are automatically added.
+	 * @param string|null $cek Optional content encryption key. Randomly
+	 *        generated if not set.
+	 * @param string|null $iv Optional initialization vector. Randomly generated
+	 *        if not set.
+	 * @throws \RuntimeException If encrypt fails
+	 * @return self
+	 */
+	public static function encrypt($payload, KeyManagementAlgorithm $key_algo,
+		ContentEncryptionAlgorithm $enc_algo,
+		CompressionAlgorithm $zip_algo = null, Header $header = null, $cek = null, $iv = null)
+	{
+		// if header was not given, initialize empty
+		if (!isset($header)) {
+			$header = new Header();
+		}
+		// generate random CEK
+		if (!isset($cek)) {
+			$cek = $key_algo->cekForEncryption($enc_algo->keySize());
+		}
+		// generate random IV
+		if (!isset($iv)) {
+			$iv = openssl_random_pseudo_bytes($enc_algo->ivSize());
+		}
+		// compress
+		if (isset($zip_algo)) {
+			$payload = $zip_algo->compress($payload);
+			$header = $header->withParameters(...$zip_algo->headerParameters());
+		}
+		return self::_encryptContent($payload, $cek, $iv, $key_algo, $enc_algo,
+			$header);
+	}
     
-    /**
-     * Encrypt content with explicit parameters.
-     *
-     * @param string $plaintext Plaintext content to encrypt
-     * @param string $cek Content encryption key
-     * @param string $iv Initialization vector
-     * @param KeyManagementAlgorithm $key_algo Key management algorithm
-     * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
-     * @param Header $header Header
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    private static function _encryptContent($plaintext, $cek, $iv,
-        KeyManagementAlgorithm $key_algo, ContentEncryptionAlgorithm $enc_algo,
-        Header $header)
-    {
-        // check that content encryption key has correct size
-        if (strlen($cek) != $enc_algo->keySize()) {
-            throw new \UnexpectedValueException("Invalid key size.");
-        }
-        // check that initialization vector has correct size
-        if (strlen($iv) != $enc_algo->ivSize()) {
-            throw new \UnexpectedValueException("Invalid IV size.");
-        }
-        // add key and encryption algorithm parameters to the header
-        $header = $header->withParameters(...$key_algo->headerParameters())
-            ->withParameters(...$enc_algo->headerParameters());
-        // encrypt the content encryption key
-        $encrypted_key = $key_algo->encrypt($cek, $header);
-        // sanity check that header wasn't unset via reference
-        if (!$header instanceof Header) {
-            throw new \RuntimeException("Broken key algorithm.");
-        }
-        // additional authenticated data
-        $aad = Base64::urlEncode($header->toJSON());
-        // encrypt
-        list($ciphertext, $auth_tag) = $enc_algo->encrypt($plaintext, $cek, $iv,
-            $aad);
-        return new self($header, $encrypted_key, $iv, $ciphertext, $auth_tag);
-    }
+	/**
+	 * Encrypt content with explicit parameters.
+	 *
+	 * @param string $plaintext Plaintext content to encrypt
+	 * @param string $cek Content encryption key
+	 * @param string $iv Initialization vector
+	 * @param KeyManagementAlgorithm $key_algo Key management algorithm
+	 * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
+	 * @param Header $header Header
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	private static function _encryptContent($plaintext, $cek, $iv,
+		KeyManagementAlgorithm $key_algo, ContentEncryptionAlgorithm $enc_algo,
+		Header $header)
+	{
+		// check that content encryption key has correct size
+		if (strlen($cek) != $enc_algo->keySize()) {
+			throw new \UnexpectedValueException("Invalid key size.");
+		}
+		// check that initialization vector has correct size
+		if (strlen($iv) != $enc_algo->ivSize()) {
+			throw new \UnexpectedValueException("Invalid IV size.");
+		}
+		// add key and encryption algorithm parameters to the header
+		$header = $header->withParameters(...$key_algo->headerParameters())
+			->withParameters(...$enc_algo->headerParameters());
+		// encrypt the content encryption key
+		$encrypted_key = $key_algo->encrypt($cek, $header);
+		// sanity check that header wasn't unset via reference
+		if (!$header instanceof Header) {
+			throw new \RuntimeException("Broken key algorithm.");
+		}
+		// additional authenticated data
+		$aad = Base64::urlEncode($header->toJSON());
+		// encrypt
+		list($ciphertext, $auth_tag) = $enc_algo->encrypt($plaintext, $cek, $iv,
+			$aad);
+		return new self($header, $encrypted_key, $iv, $ciphertext, $auth_tag);
+	}
     
-    /**
-     * Decrypt the content using explicit algorithms.
-     *
-     * @param KeyManagementAlgorithm $key_algo
-     * @param ContentEncryptionAlgorithm $enc_algo
-     * @throws \RuntimeException If decrypt fails
-     * @return string Plaintext payload
-     */
-    public function decrypt(KeyManagementAlgorithm $key_algo,
-        ContentEncryptionAlgorithm $enc_algo)
-    {
-        // check that key management algorithm matches
-        if ($key_algo->algorithmParamValue() != $this->algorithmName()) {
-            throw new \UnexpectedValueException(
-                "Invalid key management algorithm.");
-        }
-        // check that encryption algorithm matches
-        if ($enc_algo->encryptionAlgorithmParamValue() !=
-             $this->encryptionAlgorithmName()) {
-            throw new \UnexpectedValueException("Invalid encryption algorithm.");
-        }
-        $header = $this->header();
-        // decrypt content encryption key
-        $cek = $key_algo->decrypt($this->_encryptedKey, $header);
-        // decrypt payload
-        $aad = Base64::urlEncode($this->_protectedHeader->toJSON());
-        $payload = $enc_algo->decrypt($this->_ciphertext, $cek, $this->_iv, $aad,
-            $this->_authenticationTag);
-        // decompress
-        if ($header->hasCompressionAlgorithm()) {
-            $payload = CompressionFactory::algoByHeader($header)->decompress(
-                $payload);
-        }
-        return $payload;
-    }
+	/**
+	 * Decrypt the content using explicit algorithms.
+	 *
+	 * @param KeyManagementAlgorithm $key_algo
+	 * @param ContentEncryptionAlgorithm $enc_algo
+	 * @throws \RuntimeException If decrypt fails
+	 * @return string Plaintext payload
+	 */
+	public function decrypt(KeyManagementAlgorithm $key_algo,
+		ContentEncryptionAlgorithm $enc_algo)
+	{
+		// check that key management algorithm matches
+		if ($key_algo->algorithmParamValue() != $this->algorithmName()) {
+			throw new \UnexpectedValueException(
+				"Invalid key management algorithm.");
+		}
+		// check that encryption algorithm matches
+		if ($enc_algo->encryptionAlgorithmParamValue() !=
+			 $this->encryptionAlgorithmName()) {
+			throw new \UnexpectedValueException("Invalid encryption algorithm.");
+		}
+		$header = $this->header();
+		// decrypt content encryption key
+		$cek = $key_algo->decrypt($this->_encryptedKey, $header);
+		// decrypt payload
+		$aad = Base64::urlEncode($this->_protectedHeader->toJSON());
+		$payload = $enc_algo->decrypt($this->_ciphertext, $cek, $this->_iv, $aad,
+			$this->_authenticationTag);
+		// decompress
+		if ($header->hasCompressionAlgorithm()) {
+			$payload = CompressionFactory::algoByHeader($header)->decompress(
+				$payload);
+		}
+		return $payload;
+	}
     
-    /**
-     * Decrypt content using given JWK.
-     *
-     * Key management and content encryption algorithms are determined from the
-     * header.
-     *
-     * @param JWK $jwk JSON Web Key
-     * @throws \RuntimeException If algorithm initialization fails
-     * @return string Plaintext payload
-     */
-    public function decryptWithJWK(JWK $jwk)
-    {
-        $header = $this->header();
-        $key_algo = KeyManagementAlgorithm::fromJWK($jwk, $header);
-        $enc_algo = EncryptionAlgorithmFactory::algoByHeader($header);
-        return $this->decrypt($key_algo, $enc_algo);
-    }
+	/**
+	 * Decrypt content using given JWK.
+	 *
+	 * Key management and content encryption algorithms are determined from the
+	 * header.
+	 *
+	 * @param JWK $jwk JSON Web Key
+	 * @throws \RuntimeException If algorithm initialization fails
+	 * @return string Plaintext payload
+	 */
+	public function decryptWithJWK(JWK $jwk)
+	{
+		$header = $this->header();
+		$key_algo = KeyManagementAlgorithm::fromJWK($jwk, $header);
+		$enc_algo = EncryptionAlgorithmFactory::algoByHeader($header);
+		return $this->decrypt($key_algo, $enc_algo);
+	}
     
-    /**
-     * Decrypt content using a key from the given JWK set.
-     *
-     * Correct key shall be sought by the key ID indicated by the header.
-     *
-     * @param JWKSet $set Set of JSON Web Keys
-     * @throws \RuntimeException If algorithm initialization fails
-     * @return string Plaintext payload
-     */
-    public function decryptWithJWKSet(JWKSet $set)
-    {
-        if (!count($set)) {
-            throw new \RuntimeException("No keys.");
-        }
-        $header = $this->header();
-        $factory = new KeyAlgorithmFactory($header);
-        $key_algo = $factory->algoByKeys($set);
-        $enc_algo = EncryptionAlgorithmFactory::algoByHeader($header);
-        return $this->decrypt($key_algo, $enc_algo);
-    }
+	/**
+	 * Decrypt content using a key from the given JWK set.
+	 *
+	 * Correct key shall be sought by the key ID indicated by the header.
+	 *
+	 * @param JWKSet $set Set of JSON Web Keys
+	 * @throws \RuntimeException If algorithm initialization fails
+	 * @return string Plaintext payload
+	 */
+	public function decryptWithJWKSet(JWKSet $set)
+	{
+		if (!count($set)) {
+			throw new \RuntimeException("No keys.");
+		}
+		$header = $this->header();
+		$factory = new KeyAlgorithmFactory($header);
+		$key_algo = $factory->algoByKeys($set);
+		$enc_algo = EncryptionAlgorithmFactory::algoByHeader($header);
+		return $this->decrypt($key_algo, $enc_algo);
+	}
     
-    /**
-     * Get JOSE header.
-     *
-     * @return JOSE
-     */
-    public function header()
-    {
-        return new JOSE($this->_protectedHeader);
-    }
+	/**
+	 * Get JOSE header.
+	 *
+	 * @return JOSE
+	 */
+	public function header()
+	{
+		return new JOSE($this->_protectedHeader);
+	}
     
-    /**
-     * Get the name of the key management algorithm.
-     *
-     * @return string
-     */
-    public function algorithmName()
-    {
-        return $this->header()
-            ->algorithm()
-            ->value();
-    }
+	/**
+	 * Get the name of the key management algorithm.
+	 *
+	 * @return string
+	 */
+	public function algorithmName()
+	{
+		return $this->header()
+			->algorithm()
+			->value();
+	}
     
-    /**
-     * Get the name of the encryption algorithm.
-     *
-     * @return string
-     */
-    public function encryptionAlgorithmName()
-    {
-        return $this->header()
-            ->encryptionAlgorithm()
-            ->value();
-    }
+	/**
+	 * Get the name of the encryption algorithm.
+	 *
+	 * @return string
+	 */
+	public function encryptionAlgorithmName()
+	{
+		return $this->header()
+			->encryptionAlgorithm()
+			->value();
+	}
     
-    /**
-     * Get encrypted CEK.
-     *
-     * @return string
-     */
-    public function encryptedKey()
-    {
-        return $this->_encryptedKey;
-    }
+	/**
+	 * Get encrypted CEK.
+	 *
+	 * @return string
+	 */
+	public function encryptedKey()
+	{
+		return $this->_encryptedKey;
+	}
     
-    /**
-     * Get initialization vector.
-     *
-     * @return string
-     */
-    public function initializationVector()
-    {
-        return $this->_iv;
-    }
+	/**
+	 * Get initialization vector.
+	 *
+	 * @return string
+	 */
+	public function initializationVector()
+	{
+		return $this->_iv;
+	}
     
-    /**
-     * Get ciphertext.
-     *
-     * @return string
-     */
-    public function ciphertext()
-    {
-        return $this->_ciphertext;
-    }
+	/**
+	 * Get ciphertext.
+	 *
+	 * @return string
+	 */
+	public function ciphertext()
+	{
+		return $this->_ciphertext;
+	}
     
-    /**
-     * Get authentication tag.
-     *
-     * @return string
-     */
-    public function authenticationTag()
-    {
-        return $this->_authenticationTag;
-    }
+	/**
+	 * Get authentication tag.
+	 *
+	 * @return string
+	 */
+	public function authenticationTag()
+	{
+		return $this->_authenticationTag;
+	}
     
-    /**
-     * Convert to compact serialization.
-     *
-     * @return string
-     */
-    public function toCompact()
-    {
-        return Base64::urlEncode($this->_protectedHeader->toJSON()) . "." .
-             Base64::urlEncode($this->_encryptedKey) . "." .
-             Base64::urlEncode($this->_iv) . "." .
-             Base64::urlEncode($this->_ciphertext) . "." .
-             Base64::urlEncode($this->_authenticationTag);
-    }
+	/**
+	 * Convert to compact serialization.
+	 *
+	 * @return string
+	 */
+	public function toCompact()
+	{
+		return Base64::urlEncode($this->_protectedHeader->toJSON()) . "." .
+			 Base64::urlEncode($this->_encryptedKey) . "." .
+			 Base64::urlEncode($this->_iv) . "." .
+			 Base64::urlEncode($this->_ciphertext) . "." .
+			 Base64::urlEncode($this->_authenticationTag);
+	}
     
-    /**
-     * Convert JWE to string.
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->toCompact();
-    }
+	/**
+	 * Convert JWE to string.
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->toCompact();
+	}
 }

lib/JWX/JWE/KeyAlgorithm/KeyAlgorithmFactory.php

Indentation +83 added lines, -83 removed lines

@@ -12,92 +12,92 @@
  */
 class KeyAlgorithmFactory
 {
-    /**
-     * Header.
-     *
-     * @var Header $_header
-     */
-    protected $_header;
+	/**
+	 * Header.
+	 *
+	 * @var Header $_header
+	 */
+	protected $_header;
     
-    /**
-     * Mapping from algorithm name to class name.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const MAP_ALGO_TO_CLASS = array(
-        /* @formatter:off */
-        JWA::ALGO_A128KW => A128KWAlgorithm::class,
-        JWA::ALGO_A192KW => A192KWAlgorithm::class,
-        JWA::ALGO_A128KW => A256KWAlgorithm::class,
-        JWA::ALGO_A128GCMKW => A128GCMKWAlgorithm::class,
-        JWA::ALGO_A192GCMKW => A192GCMKWAlgorithm::class,
-        JWA::ALGO_A256GCMKW => A256GCMKWAlgorithm::class,
-        JWA::ALGO_PBES2_HS256_A128KW => PBES2HS256A128KWAlgorithm::class,
-        JWA::ALGO_PBES2_HS384_A192KW => PBES2HS384A192KWAlgorithm::class,
-        JWA::ALGO_PBES2_HS512_A256KW => PBES2HS512A256KWAlgorithm::class,
-        JWA::ALGO_DIR => DirectCEKAlgorithm::class,
-        JWA::ALGO_RSA1_5 => RSAESPKCS1Algorithm::class,
-        JWA::ALGO_RSA_OAEP => RSAESOAEPAlgorithm::class
-        /* @formatter:on */
-    );
+	/**
+	 * Mapping from algorithm name to class name.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const MAP_ALGO_TO_CLASS = array(
+		/* @formatter:off */
+		JWA::ALGO_A128KW => A128KWAlgorithm::class,
+		JWA::ALGO_A192KW => A192KWAlgorithm::class,
+		JWA::ALGO_A128KW => A256KWAlgorithm::class,
+		JWA::ALGO_A128GCMKW => A128GCMKWAlgorithm::class,
+		JWA::ALGO_A192GCMKW => A192GCMKWAlgorithm::class,
+		JWA::ALGO_A256GCMKW => A256GCMKWAlgorithm::class,
+		JWA::ALGO_PBES2_HS256_A128KW => PBES2HS256A128KWAlgorithm::class,
+		JWA::ALGO_PBES2_HS384_A192KW => PBES2HS384A192KWAlgorithm::class,
+		JWA::ALGO_PBES2_HS512_A256KW => PBES2HS512A256KWAlgorithm::class,
+		JWA::ALGO_DIR => DirectCEKAlgorithm::class,
+		JWA::ALGO_RSA1_5 => RSAESPKCS1Algorithm::class,
+		JWA::ALGO_RSA_OAEP => RSAESOAEPAlgorithm::class
+		/* @formatter:on */
+	);
     
-    /**
-     * Constructor.
-     *
-     * @param Header $header
-     */
-    public function __construct(Header $header)
-    {
-        $this->_header = $header;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Header $header
+	 */
+	public function __construct(Header $header)
+	{
+		$this->_header = $header;
+	}
     
-    /**
-     * Get key management algorithm by given JWK.
-     *
-     * @param JWK $jwk
-     * @return \JWX\JWE\KeyManagementAlgorithm
-     */
-    public function algoByKey(JWK $jwk)
-    {
-        $alg = JWA::deriveAlgorithmName($this->_header, $jwk);
-        $cls = self::_algoClassByName($alg);
-        return $cls::fromJWK($jwk, $this->_header);
-    }
+	/**
+	 * Get key management algorithm by given JWK.
+	 *
+	 * @param JWK $jwk
+	 * @return \JWX\JWE\KeyManagementAlgorithm
+	 */
+	public function algoByKey(JWK $jwk)
+	{
+		$alg = JWA::deriveAlgorithmName($this->_header, $jwk);
+		$cls = self::_algoClassByName($alg);
+		return $cls::fromJWK($jwk, $this->_header);
+	}
     
-    /**
-     * Get key management algorithm using a matching key from given JWK set.
-     *
-     * @param JWKSet $set
-     * @throws \UnexpectedValueException If a key cannot be found
-     * @return \JWX\JWE\KeyManagementAlgorithm
-     */
-    public function algoByKeys(JWKSet $set)
-    {
-        if (!$this->_header->hasKeyID()) {
-            throw new \UnexpectedValueException("No key ID paremeter.");
-        }
-        $id = $this->_header->keyID()->value();
-        if (!$set->hasKeyID($id)) {
-            throw new \UnexpectedValueException("No key for ID '$id'.");
-        }
-        return $this->algoByKey($set->keyByID($id));
-    }
+	/**
+	 * Get key management algorithm using a matching key from given JWK set.
+	 *
+	 * @param JWKSet $set
+	 * @throws \UnexpectedValueException If a key cannot be found
+	 * @return \JWX\JWE\KeyManagementAlgorithm
+	 */
+	public function algoByKeys(JWKSet $set)
+	{
+		if (!$this->_header->hasKeyID()) {
+			throw new \UnexpectedValueException("No key ID paremeter.");
+		}
+		$id = $this->_header->keyID()->value();
+		if (!$set->hasKeyID($id)) {
+			throw new \UnexpectedValueException("No key for ID '$id'.");
+		}
+		return $this->algoByKey($set->keyByID($id));
+	}
     
-    /**
-     * Get the algorithm implementation class name by an algorithm name.
-     *
-     * @param string $alg Algorithm name
-     * @throws \UnexpectedValueException
-     * @return string Class name
-     */
-    private static function _algoClassByName($alg)
-    {
-        if (!array_key_exists($alg, self::MAP_ALGO_TO_CLASS)) {
-            throw new \UnexpectedValueException(
-                "Algorithm '$alg' not supported.");
-        }
-        return self::MAP_ALGO_TO_CLASS[$alg];
-    }
+	/**
+	 * Get the algorithm implementation class name by an algorithm name.
+	 *
+	 * @param string $alg Algorithm name
+	 * @throws \UnexpectedValueException
+	 * @return string Class name
+	 */
+	private static function _algoClassByName($alg)
+	{
+		if (!array_key_exists($alg, self::MAP_ALGO_TO_CLASS)) {
+			throw new \UnexpectedValueException(
+				"Algorithm '$alg' not supported.");
+		}
+		return self::MAP_ALGO_TO_CLASS[$alg];
+	}
 }

lib/JWX/JWE/KeyAlgorithm/DirectCEKAlgorithm.php

Indentation +92 added lines, -92 removed lines

@@ -16,104 +16,104 @@
  */
 class DirectCEKAlgorithm extends KeyManagementAlgorithm
 {
-    /**
-     * Content encryption key.
-     *
-     * @var string $_cek
-     */
-    protected $_cek;
+	/**
+	 * Content encryption key.
+	 *
+	 * @var string $_cek
+	 */
+	protected $_cek;
     
-    /**
-     * Constructor.
-     *
-     * @param string $cek Content encryption key
-     */
-    public function __construct($cek)
-    {
-        $this->_cek = $cek;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $cek Content encryption key
+	 */
+	public function __construct($cek)
+	{
+		$this->_cek = $cek;
+	}
     
-    /**
-     *
-     * @param JWK $jwk
-     * @param Header $header
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromJWK(JWK $jwk, Header $header)
-    {
-        $jwk = SymmetricKeyJWK::fromJWK($jwk);
-        $alg = JWA::deriveAlgorithmName($header);
-        if ($alg != JWA::ALGO_DIR) {
-            throw new \UnexpectedValueException("Invalid algorithm '$alg'.");
-        }
-        return new self($jwk->key());
-    }
+	/**
+	 *
+	 * @param JWK $jwk
+	 * @param Header $header
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromJWK(JWK $jwk, Header $header)
+	{
+		$jwk = SymmetricKeyJWK::fromJWK($jwk);
+		$alg = JWA::deriveAlgorithmName($header);
+		if ($alg != JWA::ALGO_DIR) {
+			throw new \UnexpectedValueException("Invalid algorithm '$alg'.");
+		}
+		return new self($jwk->key());
+	}
     
-    /**
-     * Get content encryption key.
-     *
-     * @return string
-     */
-    public function cek()
-    {
-        return $this->_cek;
-    }
+	/**
+	 * Get content encryption key.
+	 *
+	 * @return string
+	 */
+	public function cek()
+	{
+		return $this->_cek;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _encryptKey($key, Header &$header)
-    {
-        if ($key != $this->_cek) {
-            throw new \LogicException("Content encryption key doesn't match.");
-        }
-        return "";
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _encryptKey($key, Header &$header)
+	{
+		if ($key != $this->_cek) {
+			throw new \LogicException("Content encryption key doesn't match.");
+		}
+		return "";
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _decryptKey($ciphertext, Header $header)
-    {
-        if ($ciphertext !== "") {
-            throw new \UnexpectedValueException(
-                "Encrypted key must be an empty octet sequence.");
-        }
-        return $this->_cek;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _decryptKey($ciphertext, Header $header)
+	{
+		if ($ciphertext !== "") {
+			throw new \UnexpectedValueException(
+				"Encrypted key must be an empty octet sequence.");
+		}
+		return $this->_cek;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function cekForEncryption($length)
-    {
-        if (strlen($this->_cek) != $length) {
-            throw new \UnexpectedValueException("Invalid key length.");
-        }
-        return $this->_cek;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function cekForEncryption($length)
+	{
+		if (strlen($this->_cek) != $length) {
+			throw new \UnexpectedValueException("Invalid key length.");
+		}
+		return $this->_cek;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function algorithmParamValue()
-    {
-        return JWA::ALGO_DIR;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function algorithmParamValue()
+	{
+		return JWA::ALGO_DIR;
+	}
     
-    /**
-     *
-     * @see \JWX\JWE\KeyManagementAlgorithm::headerParameters()
-     * @return \JWX\JWT\Parameter\JWTParameter[]
-     */
-    public function headerParameters()
-    {
-        return array_merge(parent::headerParameters(),
-            array(AlgorithmParameter::fromAlgorithm($this)));
-    }
+	/**
+	 *
+	 * @see \JWX\JWE\KeyManagementAlgorithm::headerParameters()
+	 * @return \JWX\JWT\Parameter\JWTParameter[]
+	 */
+	public function headerParameters()
+	{
+		return array_merge(parent::headerParameters(),
+			array(AlgorithmParameter::fromAlgorithm($this)));
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -64,7 +64,7 @@
      *
      * {@inheritdoc}
      */
-    protected function _encryptKey($key, Header &$header)
+    protected function _encryptKey($key, Header&$header)
     {
         if ($key != $this->_cek) {
             throw new \LogicException("Content encryption key doesn't match.");

lib/JWX/JWE/KeyAlgorithm/PBES2HS384A192KWAlgorithm.php

Indentation +32 added lines, -32 removed lines

@@ -12,39 +12,39 @@
  */
 class PBES2HS384A192KWAlgorithm extends PBES2Algorithm
 {
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _hashAlgo()
-    {
-        return "sha384";
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _hashAlgo()
+	{
+		return "sha384";
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _keyLength()
-    {
-        return 24;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _keyLength()
+	{
+		return 24;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _kwAlgo()
-    {
-        return new AESKW192();
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _kwAlgo()
+	{
+		return new AESKW192();
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function algorithmParamValue()
-    {
-        return JWA::ALGO_PBES2_HS384_A192KW;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function algorithmParamValue()
+	{
+		return JWA::ALGO_PBES2_HS384_A192KW;
+	}
 }

lib/JWX/JWE/KeyAlgorithm/A192GCMKWAlgorithm.php

Indentation +24 added lines, -24 removed lines

@@ -12,30 +12,30 @@
  */
 class A192GCMKWAlgorithm extends AESGCMKWAlgorithm
 {
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _getGCMCipher()
-    {
-        return new AES192Cipher();
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _getGCMCipher()
+	{
+		return new AES192Cipher();
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _keySize()
-    {
-        return 24;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _keySize()
+	{
+		return 24;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function algorithmParamValue()
-    {
-        return JWA::ALGO_A192GCMKW;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function algorithmParamValue()
+	{
+		return JWA::ALGO_A192GCMKW;
+	}
 }

lib/JWX/JWE/KeyAlgorithm/AESKWAlgorithm.php

Indentation +109 added lines, -109 removed lines

@@ -17,124 +17,124 @@
  */
 abstract class AESKWAlgorithm extends KeyManagementAlgorithm
 {
-    use RandomCEK;
+	use RandomCEK;
     
-    /**
-     * Key encryption key.
-     *
-     * @var string $_kek
-     */
-    protected $_kek;
+	/**
+	 * Key encryption key.
+	 *
+	 * @var string $_kek
+	 */
+	protected $_kek;
     
-    /**
-     * Key wrapping algorithm.
-     *
-     * Lazily initialized.
-     *
-     * @var \AESKW\AESKeyWrapAlgorithm|null $_kw
-     */
-    protected $_kw;
+	/**
+	 * Key wrapping algorithm.
+	 *
+	 * Lazily initialized.
+	 *
+	 * @var \AESKW\AESKeyWrapAlgorithm|null $_kw
+	 */
+	protected $_kw;
     
-    /**
-     * Mapping from algorithm name to class name.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const MAP_ALGO_TO_CLASS = array(
-        /* @formatter:off */
-        JWA::ALGO_A128KW => A128KWAlgorithm::class, 
-        JWA::ALGO_A192KW => A192KWAlgorithm::class, 
-        JWA::ALGO_A256KW => A256KWAlgorithm::class
-        /* @formatter:on */
-    );
+	/**
+	 * Mapping from algorithm name to class name.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const MAP_ALGO_TO_CLASS = array(
+		/* @formatter:off */
+		JWA::ALGO_A128KW => A128KWAlgorithm::class, 
+		JWA::ALGO_A192KW => A192KWAlgorithm::class, 
+		JWA::ALGO_A256KW => A256KWAlgorithm::class
+		/* @formatter:on */
+	);
     
-    /**
-     * Get the size of the key encryption key in bytes.
-     *
-     * @return int
-     */
-    abstract protected function _kekSize();
+	/**
+	 * Get the size of the key encryption key in bytes.
+	 *
+	 * @return int
+	 */
+	abstract protected function _kekSize();
     
-    /**
-     * Get key wrapping algorithm instance.
-     *
-     * @return \AESKW\AESKeyWrapAlgorithm
-     */
-    abstract protected function _AESKWAlgo();
+	/**
+	 * Get key wrapping algorithm instance.
+	 *
+	 * @return \AESKW\AESKeyWrapAlgorithm
+	 */
+	abstract protected function _AESKWAlgo();
     
-    /**
-     * Constructor.
-     *
-     * @param string $kek Key encryption key
-     */
-    public function __construct($kek)
-    {
-        if (strlen($kek) != $this->_kekSize()) {
-            throw new \LengthException(
-                "Key encryption key must be " . $this->_kekSize() . " bytes.");
-        }
-        $this->_kek = $kek;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $kek Key encryption key
+	 */
+	public function __construct($kek)
+	{
+		if (strlen($kek) != $this->_kekSize()) {
+			throw new \LengthException(
+				"Key encryption key must be " . $this->_kekSize() . " bytes.");
+		}
+		$this->_kek = $kek;
+	}
     
-    /**
-     *
-     * @param JWK $jwk
-     * @param Header $header
-     * @throws \UnexpectedValueException
-     * @return AESKWAlgorithm
-     */
-    public static function fromJWK(JWK $jwk, Header $header)
-    {
-        $jwk = SymmetricKeyJWK::fromJWK($jwk);
-        $alg = JWA::deriveAlgorithmName($header, $jwk);
-        if (!array_key_exists($alg, self::MAP_ALGO_TO_CLASS)) {
-            throw new \UnexpectedValueException("Unsupported algorithm '$alg'.");
-        }
-        $cls = self::MAP_ALGO_TO_CLASS[$alg];
-        return new $cls($jwk->key());
-    }
+	/**
+	 *
+	 * @param JWK $jwk
+	 * @param Header $header
+	 * @throws \UnexpectedValueException
+	 * @return AESKWAlgorithm
+	 */
+	public static function fromJWK(JWK $jwk, Header $header)
+	{
+		$jwk = SymmetricKeyJWK::fromJWK($jwk);
+		$alg = JWA::deriveAlgorithmName($header, $jwk);
+		if (!array_key_exists($alg, self::MAP_ALGO_TO_CLASS)) {
+			throw new \UnexpectedValueException("Unsupported algorithm '$alg'.");
+		}
+		$cls = self::MAP_ALGO_TO_CLASS[$alg];
+		return new $cls($jwk->key());
+	}
     
-    /**
-     * Get key wrapping algorithm.
-     *
-     * @return \AESKW\AESKeyWrapAlgorithm
-     */
-    protected function _kw()
-    {
-        if (!isset($this->_kw)) {
-            $this->_kw = $this->_AESKWAlgo();
-        }
-        return $this->_kw;
-    }
+	/**
+	 * Get key wrapping algorithm.
+	 *
+	 * @return \AESKW\AESKeyWrapAlgorithm
+	 */
+	protected function _kw()
+	{
+		if (!isset($this->_kw)) {
+			$this->_kw = $this->_AESKWAlgo();
+		}
+		return $this->_kw;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _encryptKey($key, Header &$header)
-    {
-        return $this->_kw()->wrap($key, $this->_kek);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _encryptKey($key, Header &$header)
+	{
+		return $this->_kw()->wrap($key, $this->_kek);
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _decryptKey($ciphertext, Header $header)
-    {
-        return $this->_kw()->unwrap($ciphertext, $this->_kek);
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _decryptKey($ciphertext, Header $header)
+	{
+		return $this->_kw()->unwrap($ciphertext, $this->_kek);
+	}
     
-    /**
-     *
-     * @see \JWX\JWE\KeyManagementAlgorithm::headerParameters()
-     * @return \JWX\JWT\Parameter\JWTParameter[]
-     */
-    public function headerParameters()
-    {
-        return array_merge(parent::headerParameters(),
-            array(AlgorithmParameter::fromAlgorithm($this)));
-    }
+	/**
+	 *
+	 * @see \JWX\JWE\KeyManagementAlgorithm::headerParameters()
+	 * @return \JWX\JWT\Parameter\JWTParameter[]
+	 */
+	public function headerParameters()
+	{
+		return array_merge(parent::headerParameters(),
+			array(AlgorithmParameter::fromAlgorithm($this)));
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -113,7 +113,7 @@
      *
      * {@inheritdoc}
      */
-    protected function _encryptKey($key, Header &$header)
+    protected function _encryptKey($key, Header&$header)
     {
         return $this->_kw()->wrap($key, $this->_kek);
     }

lib/JWX/JWE/KeyAlgorithm/A256KWAlgorithm.php

Indentation +24 added lines, -24 removed lines

@@ -12,30 +12,30 @@
  */
 class A256KWAlgorithm extends AESKWAlgorithm
 {
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _kekSize()
-    {
-        return 32;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _kekSize()
+	{
+		return 32;
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _AESKWAlgo()
-    {
-        return new AESKW256();
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _AESKWAlgo()
+	{
+		return new AESKW256();
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    public function algorithmParamValue()
-    {
-        return JWA::ALGO_A256KW;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	public function algorithmParamValue()
+	{
+		return JWA::ALGO_A256KW;
+	}
 }