|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace JWX\JWS\Algorithm; |
|
4
|
|
|
|
|
5
|
|
|
use JWX\JWA\JWA; |
|
6
|
|
|
use JWX\JWK\JWK; |
|
7
|
|
|
use JWX\JWK\RSA\RSAPrivateKeyJWK; |
|
8
|
|
|
use JWX\JWK\RSA\RSAPublicKeyJWK; |
|
9
|
|
|
use JWX\JWT\Parameter\AlgorithmParameter; |
|
10
|
|
|
|
|
11
|
|
|
|
|
12
|
|
|
/** |
|
13
|
|
|
* Base class for algorithms implementing signature with PKCS #1. |
|
14
|
|
|
* |
|
15
|
|
|
* @link https://tools.ietf.org/html/rfc7518#section-3.3 |
|
16
|
|
|
*/ |
|
17
|
|
|
abstract class RSASSAPKCS1Algorithm extends OpenSSLSignatureAlgorithm |
|
18
|
|
|
{ |
|
19
|
|
|
/** |
|
20
|
|
|
* Mapping from algorithm name to class name. |
|
21
|
|
|
* |
|
22
|
|
|
* @internal |
|
23
|
|
|
* |
|
24
|
|
|
* @var array |
|
25
|
|
|
*/ |
|
26
|
|
|
const MAP_NAME_TO_CLASS = array( |
|
27
|
|
|
/* @formatter:off */ |
|
28
|
|
|
JWA::ALGO_RS256 => RS256Algorithm::class, |
|
29
|
|
|
JWA::ALGO_RS384 => RS384Algorithm::class, |
|
30
|
|
|
JWA::ALGO_RS512 => RS512Algorithm::class |
|
31
|
|
|
/* @formatter:on */ |
|
32
|
|
|
); |
|
33
|
|
|
|
|
34
|
|
|
/** |
|
35
|
|
|
* Constructor |
|
36
|
|
|
* |
|
37
|
|
|
* @param RSAPublicKeyJWK $pub_key |
|
38
|
|
|
* @param RSAPrivateKeyJWK $priv_key |
|
39
|
|
|
*/ |
|
40
|
11 |
|
protected function __construct(RSAPublicKeyJWK $pub_key, |
|
41
|
|
|
RSAPrivateKeyJWK $priv_key = null) { |
|
42
|
11 |
|
$this->_publicKey = $pub_key; |
|
43
|
11 |
|
$this->_privateKey = $priv_key; |
|
44
|
11 |
|
} |
|
45
|
|
|
|
|
46
|
|
|
/** |
|
47
|
|
|
* Initialize from a public key. |
|
48
|
|
|
* |
|
49
|
|
|
* @param RSAPublicKeyJWK $jwk |
|
50
|
|
|
* @return self |
|
51
|
|
|
*/ |
|
52
|
2 |
|
public static function fromPublicKey(RSAPublicKeyJWK $jwk) { |
|
53
|
2 |
|
return new static($jwk); |
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
/** |
|
57
|
|
|
* Initialize from a private key. |
|
58
|
|
|
* |
|
59
|
|
|
* @param RSAPrivateKeyJWK $jwk |
|
60
|
|
|
* @return self |
|
61
|
|
|
*/ |
|
62
|
9 |
|
public static function fromPrivateKey(RSAPrivateKeyJWK $jwk) { |
|
63
|
9 |
|
return new static($jwk->publicKey(), $jwk); |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
/** |
|
67
|
|
|
* Initialize from a JWK. |
|
68
|
|
|
* |
|
69
|
|
|
* If algorithm is not specified, look from JWK. |
|
70
|
|
|
* |
|
71
|
|
|
* @param JWK $jwk |
|
72
|
|
|
* @param string|null $alg Optional algorithm name |
|
73
|
|
|
* @throws \UnexpectedValueException |
|
74
|
|
|
* @return self |
|
75
|
|
|
*/ |
|
76
|
7 |
View Code Duplication |
public static function fromJWK(JWK $jwk, $alg = null) { |
|
|
|
|
|
|
77
|
|
|
// if algorithm is not explicitly given, consult JWK |
|
78
|
7 |
|
if (!isset($alg)) { |
|
79
|
3 |
|
if (!$jwk->hasAlgorithmParameter()) { |
|
80
|
1 |
|
throw new \UnexpectedValueException( |
|
81
|
1 |
|
"Missing algorithm parameter."); |
|
82
|
|
|
} |
|
83
|
2 |
|
$alg = $jwk->algorithmParameter()->value(); |
|
84
|
2 |
|
} |
|
85
|
6 |
|
if (!array_key_exists($alg, self::MAP_NAME_TO_CLASS)) { |
|
86
|
1 |
|
throw new \UnexpectedValueException( |
|
87
|
1 |
|
"Algorithm '$alg' not supported."); |
|
88
|
|
|
} |
|
89
|
5 |
|
$cls = self::MAP_NAME_TO_CLASS[$alg]; |
|
90
|
5 |
|
$params = RSAPrivateKeyJWK::MANAGED_PARAMS; |
|
91
|
5 |
|
if ($jwk->has(...$params)) { |
|
92
|
3 |
|
return $cls::fromPrivateKey(RSAPrivateKeyJWK::fromJWK($jwk)); |
|
93
|
|
|
} |
|
94
|
2 |
|
$params = RSAPublicKeyJWK::MANAGED_PARAMS; |
|
95
|
2 |
|
if ($jwk->has(...$params)) { |
|
96
|
1 |
|
return $cls::fromPublicKey(RSAPublicKeyJWK::fromJWK($jwk)); |
|
97
|
|
|
} |
|
98
|
1 |
|
throw new \UnexpectedValueException("Not an RSA key."); |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
1 |
|
public function headerParameters() { |
|
102
|
1 |
|
return array(AlgorithmParameter::fromAlgorithm($this)); |
|
103
|
|
|
} |
|
104
|
|
|
} |
|
105
|
|
|
|
sop /
jwx
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.