@@ -1,8 +1,8 @@ |
||
1 | 1 | <?php |
2 | 2 | |
3 | 3 | // if library is in dev environement with its own vendor, include its autoload |
4 | -if(file_exists(__DIR__ . '/vendor')) |
|
5 | - require_once __DIR__ . '/vendor/autoload.php'; |
|
4 | +if (file_exists(__DIR__.'/vendor')) |
|
5 | + require_once __DIR__.'/vendor/autoload.php'; |
|
6 | 6 | // if library is in vendor of another project, include the global autolaod |
7 | 7 | else |
8 | - require_once __DIR__ . '/../../autoload.php'; |
|
8 | + require_once __DIR__.'/../../autoload.php'; |
@@ -1,8 +1,10 @@ |
||
1 | 1 | <?php |
2 | 2 | |
3 | 3 | // if library is in dev environement with its own vendor, include its autoload |
4 | -if(file_exists(__DIR__ . '/vendor')) |
|
4 | +if(file_exists(__DIR__ . '/vendor')) { |
|
5 | 5 | require_once __DIR__ . '/vendor/autoload.php'; |
6 | +} |
|
6 | 7 | // if library is in vendor of another project, include the global autolaod |
7 | -else |
|
8 | +else { |
|
8 | 9 | require_once __DIR__ . '/../../autoload.php'; |
10 | +} |
@@ -44,7 +44,7 @@ discard block |
||
44 | 44 | * @param string $plainText |
45 | 45 | * @param string|resource $cek |
46 | 46 | * |
47 | - * @return array [iv, cipherText, authTag] |
|
47 | + * @return string[] [iv, cipherText, authTag] |
|
48 | 48 | */ |
49 | 49 | public function encrypt($aad, $plainText, $cek) |
50 | 50 | { |
@@ -103,10 +103,10 @@ discard block |
||
103 | 103 | } |
104 | 104 | |
105 | 105 | /** |
106 | - * @param $aad |
|
107 | - * @param $iv |
|
108 | - * @param $cipherText |
|
109 | - * @param $hmacKey |
|
106 | + * @param string $aad |
|
107 | + * @param string $iv |
|
108 | + * @param string $cipherText |
|
109 | + * @param string $hmacKey |
|
110 | 110 | * |
111 | 111 | * @return string |
112 | 112 | */ |
@@ -58,17 +58,17 @@ discard block |
||
58 | 58 | public function encrypt($aad, $plainText, $cek) |
59 | 59 | { |
60 | 60 | $cekLen = StringUtils::length($cek); |
61 | - if ($cekLen * 8 != $this->keySize) { |
|
62 | - throw new JoseJwtException(sprintf('AES-CBC with HMAC algorithm expected key of size %s bits, but was given %s bits', $this->keySize, $cekLen * 8)); |
|
61 | + if ($cekLen*8 != $this->keySize) { |
|
62 | + throw new JoseJwtException(sprintf('AES-CBC with HMAC algorithm expected key of size %s bits, but was given %s bits', $this->keySize, $cekLen*8)); |
|
63 | 63 | } |
64 | - if ($cekLen % 2 != 0) { |
|
64 | + if ($cekLen%2 != 0) { |
|
65 | 65 | throw new JoseJwtException('AES-CBC with HMAC encryption expected key of even number size'); |
66 | 66 | } |
67 | 67 | |
68 | - $hmacKey = StringUtils::substring($cek, 0, $cekLen / 2); |
|
69 | - $aesKey = StringUtils::substring($cek, $cekLen / 2, $cekLen / 2); |
|
68 | + $hmacKey = StringUtils::substring($cek, 0, $cekLen/2); |
|
69 | + $aesKey = StringUtils::substring($cek, $cekLen/2, $cekLen/2); |
|
70 | 70 | |
71 | - $method = sprintf('AES-%d-CBC', $this->keySize / 2); |
|
71 | + $method = sprintf('AES-%d-CBC', $this->keySize/2); |
|
72 | 72 | $ivLen = openssl_cipher_iv_length($method); |
73 | 73 | $iv = $this->randomGenerator->get($ivLen); |
74 | 74 | $cipherText = openssl_encrypt($plainText, $method, $aesKey, true, $iv); |
@@ -90,22 +90,22 @@ discard block |
||
90 | 90 | public function decrypt($aad, $cek, $iv, $cipherText, $authTag) |
91 | 91 | { |
92 | 92 | $cekLen = StringUtils::length($cek); |
93 | - if ($cekLen * 8 != $this->keySize) { |
|
94 | - throw new JoseJwtException(sprintf('AES-CBC with HMAC algorithm expected key of size %s bits, but was given %s bits', $this->keySize, $cekLen * 8)); |
|
93 | + if ($cekLen*8 != $this->keySize) { |
|
94 | + throw new JoseJwtException(sprintf('AES-CBC with HMAC algorithm expected key of size %s bits, but was given %s bits', $this->keySize, $cekLen*8)); |
|
95 | 95 | } |
96 | - if ($cekLen % 2 != 0) { |
|
96 | + if ($cekLen%2 != 0) { |
|
97 | 97 | throw new JoseJwtException('AES-CBC with HMAC encryption expected key of even number size'); |
98 | 98 | } |
99 | 99 | |
100 | - $hmacKey = StringUtils::substring($cek, 0, $cekLen / 2); |
|
101 | - $aesKey = StringUtils::substring($cek, $cekLen / 2); |
|
100 | + $hmacKey = StringUtils::substring($cek, 0, $cekLen/2); |
|
101 | + $aesKey = StringUtils::substring($cek, $cekLen/2); |
|
102 | 102 | |
103 | 103 | $expectedAuthTag = $this->computeAuthTag($aad, $iv, $cipherText, $hmacKey); |
104 | 104 | if (false === StringUtils::equals($expectedAuthTag, $authTag)) { |
105 | 105 | throw new IntegrityException('Authentication tag does not match'); |
106 | 106 | } |
107 | 107 | |
108 | - $method = sprintf('AES-%d-CBC', $this->keySize / 2); |
|
108 | + $method = sprintf('AES-%d-CBC', $this->keySize/2); |
|
109 | 109 | $plainText = openssl_decrypt($cipherText, $method, $aesKey, true, $iv); |
110 | 110 | |
111 | 111 | return $plainText; |
@@ -127,11 +127,11 @@ discard block |
||
127 | 127 | $aad, |
128 | 128 | $iv, |
129 | 129 | $cipherText, |
130 | - pack('N2', ($aadLen / $max32bit) * 8, ($aadLen % $max32bit) * 8), |
|
130 | + pack('N2', ($aadLen/$max32bit)*8, ($aadLen%$max32bit)*8), |
|
131 | 131 | ]); |
132 | 132 | $authTag = $this->hashAlgorithm->sign($hmacInput, $hmacKey); |
133 | 133 | $authTagLen = StringUtils::length($authTag); |
134 | - $authTag = StringUtils::substring($authTag, 0, $authTagLen / 2); |
|
134 | + $authTag = StringUtils::substring($authTag, 0, $authTagLen/2); |
|
135 | 135 | |
136 | 136 | return $authTag; |
137 | 137 | } |
@@ -37,7 +37,7 @@ |
||
37 | 37 | * @param string $securedInput |
38 | 38 | * @param string $key |
39 | 39 | * |
40 | - * @return bool |
|
40 | + * @return integer |
|
41 | 41 | */ |
42 | 42 | public function verify($signature, $securedInput, $key) |
43 | 43 | { |
@@ -58,14 +58,14 @@ discard block |
||
58 | 58 | public function wrapNewKey($cekSizeBits, $kek, array $header) |
59 | 59 | { |
60 | 60 | $kekLen = StringUtils::length($kek); |
61 | - if ($kekLen * 8 != $this->kekLengthBits) { |
|
62 | - throw new JoseJwtException(sprintf('AesKeyWrap management algorithm expected key of size %s bits, but was given %s bits', $this->kekLengthBits, $kekLen * 8)); |
|
61 | + if ($kekLen*8 != $this->kekLengthBits) { |
|
62 | + throw new JoseJwtException(sprintf('AesKeyWrap management algorithm expected key of size %s bits, but was given %s bits', $this->kekLengthBits, $kekLen*8)); |
|
63 | 63 | } |
64 | - if ($cekSizeBits % 8 != 0) { |
|
64 | + if ($cekSizeBits%8 != 0) { |
|
65 | 65 | throw new JoseJwtException('CekSizeBits must be divisible by 8'); |
66 | 66 | } |
67 | 67 | |
68 | - $cek = $this->randomGenerator->get($cekSizeBits / 8); |
|
68 | + $cek = $this->randomGenerator->get($cekSizeBits/8); |
|
69 | 69 | |
70 | 70 | $encryptedCek = $this->aesWrap($kek, $cek); |
71 | 71 | |
@@ -83,8 +83,8 @@ discard block |
||
83 | 83 | public function unwrap($encryptedCek, $kek, $cekSizeBits, array $header) |
84 | 84 | { |
85 | 85 | $kekLen = StringUtils::length($kek); |
86 | - if ($kekLen * 8 != $this->kekLengthBits) { |
|
87 | - throw new JoseJwtException(sprintf('AesKeyWrap management algorithm expected key of size %s bits, but was given %s bits', $this->kekLengthBits, $kekLen * 8)); |
|
86 | + if ($kekLen*8 != $this->kekLengthBits) { |
|
87 | + throw new JoseJwtException(sprintf('AesKeyWrap management algorithm expected key of size %s bits, but was given %s bits', $this->kekLengthBits, $kekLen*8)); |
|
88 | 88 | } |
89 | 89 | |
90 | 90 | return $this->aesUnwrap($kek, $encryptedCek); |
@@ -43,7 +43,7 @@ |
||
43 | 43 | * @param string|resource $kek |
44 | 44 | * @param array $header |
45 | 45 | * |
46 | - * @return array [cek, encryptedCek] |
|
46 | + * @return string[] [cek, encryptedCek] |
|
47 | 47 | */ |
48 | 48 | public function wrapNewKey($cekSizeBits, $kek, array $header) |
49 | 49 | { |
@@ -41,7 +41,7 @@ |
||
41 | 41 | */ |
42 | 42 | public function wrapNewKey($cekSizeBits, $kek, array $header) |
43 | 43 | { |
44 | - $cek = $this->randomGenerator->get($cekSizeBits / 8); |
|
44 | + $cek = $this->randomGenerator->get($cekSizeBits/8); |
|
45 | 45 | if (false == openssl_public_encrypt($cek, $cekEncrypted, $kek, $this->padding)) { |
46 | 46 | throw new JoseJwtException('Unable to encrypt CEK'); |
47 | 47 | } |
@@ -43,7 +43,7 @@ |
||
43 | 43 | * @param string|resource $kek |
44 | 44 | * @param array $header |
45 | 45 | * |
46 | - * @return array [cek, encryptedCek] |
|
46 | + * @return string[] [cek, encryptedCek] |
|
47 | 47 | */ |
48 | 48 | public function wrapNewKey($cekSizeBits, $kek, array $header) |
49 | 49 | { |