mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-06-14 22:32:23 +00:00
CS adjustments
This commit is contained in:
parent
71fa541c9a
commit
a4dba26ec5
|
@ -394,11 +394,8 @@ abstract class Strings
|
|||
*
|
||||
* ParagoneIE\ConstantTime doesn't use libsodium if it's available so we'll do so
|
||||
* ourselves. see https://github.com/paragonie/constant_time_encoding/issues/39
|
||||
*
|
||||
* @param string $data
|
||||
* @return string
|
||||
*/
|
||||
public static function base64_decode($data)
|
||||
public static function base64_decode(string $data): string
|
||||
{
|
||||
return function_exists('sodium_base642bin') ?
|
||||
sodium_base642bin($data, SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING, '=') :
|
||||
|
@ -407,11 +404,8 @@ abstract class Strings
|
|||
|
||||
/**
|
||||
* Constant Time Base64-decoding (URL safe)
|
||||
*
|
||||
* @param string $data
|
||||
* @return string
|
||||
*/
|
||||
public static function base64url_decode($data)
|
||||
public static function base64url_decode(string $data): string
|
||||
{
|
||||
// return self::base64_decode(str_replace(['-', '_'], ['+', '/'], $data));
|
||||
|
||||
|
@ -422,11 +416,8 @@ abstract class Strings
|
|||
|
||||
/**
|
||||
* Constant Time Base64-encoding
|
||||
*
|
||||
* @param string $data
|
||||
* @return string
|
||||
*/
|
||||
public static function base64_encode($data)
|
||||
public static function base64_encode(string $data): string
|
||||
{
|
||||
return function_exists('sodium_bin2base64') ?
|
||||
sodium_bin2base64($data, SODIUM_BASE64_VARIANT_ORIGINAL) :
|
||||
|
@ -435,11 +426,8 @@ abstract class Strings
|
|||
|
||||
/**
|
||||
* Constant Time Base64-encoding (URL safe)
|
||||
*
|
||||
* @param string $data
|
||||
* @return string
|
||||
*/
|
||||
public static function base64url_encode($data)
|
||||
public static function base64url_encode(string $data): string
|
||||
{
|
||||
// return str_replace(['+', '/'], ['-', '_'], self::base64_encode($data));
|
||||
|
||||
|
@ -450,11 +438,8 @@ abstract class Strings
|
|||
|
||||
/**
|
||||
* Constant Time Hex Decoder
|
||||
*
|
||||
* @param string $data
|
||||
* @return string
|
||||
*/
|
||||
public static function hex2bin($data)
|
||||
public static function hex2bin(string $data): string
|
||||
{
|
||||
return function_exists('sodium_hex2bin') ?
|
||||
sodium_hex2bin($data) :
|
||||
|
@ -463,11 +448,8 @@ abstract class Strings
|
|||
|
||||
/**
|
||||
* Constant Time Hex Encoder
|
||||
*
|
||||
* @param string $data
|
||||
* @return string
|
||||
*/
|
||||
public static function bin2hex($data)
|
||||
public static function bin2hex(string $data): string
|
||||
{
|
||||
return function_exists('sodium_bin2hex') ?
|
||||
sodium_bin2hex($data) :
|
||||
|
|
|
@ -11,6 +11,8 @@
|
|||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace phpseclib3\Crypt\Common\Formats\Keys;
|
||||
|
||||
use phpseclib3\Common\Functions\Strings;
|
||||
|
@ -25,11 +27,9 @@ abstract class JWK
|
|||
/**
|
||||
* Break a public or private key down into its constituent components
|
||||
*
|
||||
* @param string $key
|
||||
* @param string $password
|
||||
* @return array
|
||||
* @param string|array $key
|
||||
*/
|
||||
public static function load($key, $password = '')
|
||||
protected static function loadHelper($key): \stdClass
|
||||
{
|
||||
if (!Strings::is_stringable($key)) {
|
||||
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
|
||||
|
@ -37,20 +37,13 @@ abstract class JWK
|
|||
|
||||
$key = preg_replace('#\s#', '', $key); // remove whitespace
|
||||
|
||||
if (PHP_VERSION_ID >= 73000) {
|
||||
$key = json_decode($key, null, 512, JSON_THROW_ON_ERROR);
|
||||
} else {
|
||||
$key = json_decode($key);
|
||||
if (!$key) {
|
||||
throw new \RuntimeException('Unable to decode JSON');
|
||||
}
|
||||
}
|
||||
$key = json_decode($key, null, 512, JSON_THROW_ON_ERROR);
|
||||
|
||||
if (isset($key->kty)) {
|
||||
return $key;
|
||||
}
|
||||
|
||||
if (count($key->keys) != 1) {
|
||||
if (count($key->keys) != 1) {
|
||||
throw new \RuntimeException('Although the JWK key format supports multiple keys phpseclib does not');
|
||||
}
|
||||
|
||||
|
@ -59,10 +52,8 @@ abstract class JWK
|
|||
|
||||
/**
|
||||
* Wrap a key appropriately
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected static function wrapKey(array $key, array $options)
|
||||
protected static function wrapKey(array $key, array $options): string
|
||||
{
|
||||
return json_encode(['keys' => [$key + $options]]);
|
||||
}
|
||||
|
|
|
@ -29,11 +29,11 @@ declare(strict_types=1);
|
|||
|
||||
namespace phpseclib3\Crypt\DSA\Formats\Keys;
|
||||
|
||||
use phpseclib3\Common\Functions\Strings;
|
||||
use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor;
|
||||
use phpseclib3\File\ASN1;
|
||||
use phpseclib3\File\ASN1\Maps;
|
||||
use phpseclib3\Math\BigInteger;
|
||||
use phpseclib3\Common\Functions\Strings;
|
||||
|
||||
/**
|
||||
* PKCS#1 Formatted DSA Key Handler
|
||||
|
|
|
@ -11,17 +11,19 @@
|
|||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace phpseclib3\Crypt\EC\Formats\Keys;
|
||||
|
||||
use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve;
|
||||
use phpseclib3\Common\Functions\Strings;
|
||||
use phpseclib3\Crypt\Common\Formats\Keys\JWK as Progenitor;
|
||||
use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve;
|
||||
use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve;
|
||||
use phpseclib3\Crypt\EC\Curves\Ed25519;
|
||||
use phpseclib3\Crypt\EC\Curves\secp256k1;
|
||||
use phpseclib3\Crypt\EC\Curves\secp256r1;
|
||||
use phpseclib3\Crypt\EC\Curves\secp384r1;
|
||||
use phpseclib3\Crypt\EC\Curves\secp521r1;
|
||||
use phpseclib3\Crypt\EC\Curves\secp256k1;
|
||||
use phpseclib3\Exception\UnsupportedCurveException;
|
||||
use phpseclib3\Math\BigInteger;
|
||||
|
||||
|
@ -37,13 +39,11 @@ abstract class JWK extends Progenitor
|
|||
/**
|
||||
* Break a public or private key down into its constituent components
|
||||
*
|
||||
* @param string $key
|
||||
* @param string $password optional
|
||||
* @return array
|
||||
* @param string|array $key
|
||||
*/
|
||||
public static function load($key, $password = '')
|
||||
public static function load($key, ?string $password = null): array
|
||||
{
|
||||
$key = parent::load($key, $password);
|
||||
$key = parent::loadHelper($key);
|
||||
|
||||
switch ($key->kty) {
|
||||
case 'EC':
|
||||
|
@ -71,20 +71,20 @@ abstract class JWK extends Progenitor
|
|||
}
|
||||
|
||||
$curve = '\phpseclib3\Crypt\EC\Curves\\' . str_replace('P-', 'nistp', $key->crv);
|
||||
$curve = new $curve;
|
||||
$curve = new $curve();
|
||||
|
||||
if ($curve instanceof TwistedEdwardsCurve) {
|
||||
$QA = self::extractPoint(Strings::base64url_decode($key->x), $curve);
|
||||
if (!isset($key->d)) {
|
||||
return compact('curve', 'QA');
|
||||
}
|
||||
$dA = $curve->extractSecret(Strings::base64url_decode($key->d));
|
||||
return compact('curve', 'dA', 'QA');
|
||||
$arr = $curve->extractSecret(Strings::base64url_decode($key->d));
|
||||
return compact('curve', 'QA') + $arr;
|
||||
}
|
||||
|
||||
$QA = [
|
||||
$curve->convertInteger(new BigInteger(Strings::base64url_decode($key->x), 256)),
|
||||
$curve->convertInteger(new BigInteger(Strings::base64url_decode($key->y), 256))
|
||||
$curve->convertInteger(new BigInteger(Strings::base64url_decode($key->y), 256)),
|
||||
];
|
||||
|
||||
if (!$curve->verifyPoint($QA)) {
|
||||
|
@ -130,17 +130,15 @@ abstract class JWK extends Progenitor
|
|||
/**
|
||||
* Return the array superstructure for an EC public key
|
||||
*
|
||||
* @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve
|
||||
* @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey
|
||||
* @return array
|
||||
*/
|
||||
private static function savePublicKeyHelper(BaseCurve $curve, array $publicKey)
|
||||
private static function savePublicKeyHelper(BaseCurve $curve, array $publicKey): array
|
||||
{
|
||||
if ($curve instanceof TwistedEdwardsCurve) {
|
||||
return [
|
||||
'kty' => 'OKP',
|
||||
'crv' => $curve instanceof Ed25519 ? 'Ed25519' : 'Ed448',
|
||||
'x' => Strings::base64url_encode($curve->encodePoint($publicKey))
|
||||
'x' => Strings::base64url_encode($curve->encodePoint($publicKey)),
|
||||
];
|
||||
}
|
||||
|
||||
|
@ -148,19 +146,16 @@ abstract class JWK extends Progenitor
|
|||
'kty' => 'EC',
|
||||
'crv' => self::getAlias($curve),
|
||||
'x' => Strings::base64url_encode($publicKey[0]->toBytes()),
|
||||
'y' => Strings::base64url_encode($publicKey[1]->toBytes())
|
||||
'y' => Strings::base64url_encode($publicKey[1]->toBytes()),
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert an EC public key to the appropriate format
|
||||
*
|
||||
* @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve
|
||||
* @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey
|
||||
* @param array $options optional
|
||||
* @return string
|
||||
*/
|
||||
public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = [])
|
||||
public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []): string
|
||||
{
|
||||
$key = self::savePublicKeyHelper($curve, $publicKey);
|
||||
|
||||
|
@ -170,19 +165,18 @@ abstract class JWK extends Progenitor
|
|||
/**
|
||||
* Convert a private key to the appropriate format.
|
||||
*
|
||||
* @param \phpseclib3\Math\BigInteger $privateKey
|
||||
* @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve
|
||||
* @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey
|
||||
* @param string $password optional
|
||||
* @param array $options optional
|
||||
* @return string
|
||||
*/
|
||||
public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $password = '', array $options = [])
|
||||
{
|
||||
public static function savePrivateKey(
|
||||
BigInteger $privateKey,
|
||||
BaseCurve $curve,
|
||||
array $publicKey,
|
||||
?string $secret = null,
|
||||
?string $password = null,
|
||||
array $options = []
|
||||
): string {
|
||||
$key = self::savePublicKeyHelper($curve, $publicKey);
|
||||
$key['d'] = $curve instanceof TwistedEdwardsCurve ?
|
||||
$privateKey->secret :
|
||||
$privateKey->toBytes();
|
||||
$key['d'] = $curve instanceof TwistedEdwardsCurve ? $secret : $privateKey->toBytes();
|
||||
$key['d'] = Strings::base64url_encode($key['d']);
|
||||
|
||||
return self::wrapKey($key, $options);
|
||||
|
|
|
@ -11,6 +11,8 @@
|
|||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace phpseclib3\Crypt\RSA\Formats\Keys;
|
||||
|
||||
use phpseclib3\Common\Functions\Strings;
|
||||
|
@ -27,13 +29,11 @@ abstract class JWK extends Progenitor
|
|||
/**
|
||||
* Break a public or private key down into its constituent components
|
||||
*
|
||||
* @param string $key
|
||||
* @param string $password optional
|
||||
* @return array
|
||||
* @param string|array $key
|
||||
*/
|
||||
public static function load($key, $password = '')
|
||||
public static function load($key, ?string $password = null): array
|
||||
{
|
||||
$key = parent::load($key, $password);
|
||||
$key = parent::loadHelper($key);
|
||||
|
||||
if ($key->kty != 'RSA') {
|
||||
throw new \RuntimeException('Only RSA JWK keys are supported');
|
||||
|
@ -90,17 +90,10 @@ abstract class JWK extends Progenitor
|
|||
/**
|
||||
* Convert a private key to the appropriate format.
|
||||
*
|
||||
* @param \phpseclib3\Math\BigInteger $n
|
||||
* @param \phpseclib3\Math\BigInteger $e
|
||||
* @param \phpseclib3\Math\BigInteger $d
|
||||
* @param array $primes
|
||||
* @param array $exponents
|
||||
* @param array $coefficients
|
||||
* @param string $password optional
|
||||
* @param array $options optional
|
||||
* @return string
|
||||
*/
|
||||
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, $password = '', array $options = [])
|
||||
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, ?string $password = null, array $options = []): string
|
||||
{
|
||||
if (count($primes) != 2) {
|
||||
throw new \InvalidArgumentException('JWK does not support multi-prime RSA keys');
|
||||
|
@ -115,7 +108,7 @@ abstract class JWK extends Progenitor
|
|||
'q' => Strings::base64url_encode($primes[2]->toBytes()),
|
||||
'dp' => Strings::base64url_encode($exponents[1]->toBytes()),
|
||||
'dq' => Strings::base64url_encode($exponents[2]->toBytes()),
|
||||
'qi' => Strings::base64url_encode($coefficients[2]->toBytes())
|
||||
'qi' => Strings::base64url_encode($coefficients[2]->toBytes()),
|
||||
];
|
||||
|
||||
return self::wrapKey($key, $options);
|
||||
|
@ -123,18 +116,13 @@ abstract class JWK extends Progenitor
|
|||
|
||||
/**
|
||||
* Convert a public key to the appropriate format
|
||||
*
|
||||
* @param \phpseclib3\Math\BigInteger $n
|
||||
* @param \phpseclib3\Math\BigInteger $e
|
||||
* @param array $options optional
|
||||
* @return string
|
||||
*/
|
||||
public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = [])
|
||||
public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []): string
|
||||
{
|
||||
$key = [
|
||||
'kty' => 'RSA',
|
||||
'n' => Strings::base64url_encode($n->toBytes()),
|
||||
'e' => Strings::base64url_encode($e->toBytes())
|
||||
'e' => Strings::base64url_encode($e->toBytes()),
|
||||
];
|
||||
|
||||
return self::wrapKey($key, $options);
|
||||
|
|
|
@ -577,7 +577,7 @@ MIIEDwIBADATBgcqhkjOPQIBBggqhkjOPQMBBwSCA/MwggPvAgEBBIID6P//////
|
|||
$this->assertInstanceOf(PrivateKey::class, $key);
|
||||
}
|
||||
|
||||
public function testECasJWK()
|
||||
public function testECasJWK(): void
|
||||
{
|
||||
// keys are from https://datatracker.ietf.org/doc/html/rfc7517#appendix-A
|
||||
|
||||
|
@ -601,7 +601,7 @@ MIIEDwIBADATBgcqhkjOPQIBBggqhkjOPQMBBwSCA/MwggPvAgEBBIID6P//////
|
|||
|
||||
$phpseclibKey = str_replace('=', '', $key->toString('JWK', [
|
||||
'use' => 'enc',
|
||||
'kid' => '1'
|
||||
'kid' => '1',
|
||||
]));
|
||||
|
||||
$this->assertSame($keyWithoutWS, $phpseclibKey);
|
||||
|
@ -625,7 +625,7 @@ MIIEDwIBADATBgcqhkjOPQIBBggqhkjOPQMBBwSCA/MwggPvAgEBBIID6P//////
|
|||
|
||||
$phpseclibKey = str_replace('=', '', $key->toString('JWK', [
|
||||
'use' => 'enc',
|
||||
'kid' => '1'
|
||||
'kid' => '1',
|
||||
]));
|
||||
|
||||
$this->assertSame($keyWithoutWS, $phpseclibKey);
|
||||
|
@ -633,7 +633,7 @@ MIIEDwIBADATBgcqhkjOPQIBBggqhkjOPQMBBwSCA/MwggPvAgEBBIID6P//////
|
|||
$this->assertTrue($key->verify($plaintext, $sig));
|
||||
}
|
||||
|
||||
public function testEd25519asJWK()
|
||||
public function testEd25519asJWK(): void
|
||||
{
|
||||
// keys are from https://www.rfc-editor.org/rfc/rfc8037.html#appendix-A
|
||||
|
||||
|
|
|
@ -1280,7 +1280,7 @@ LrIZULwMa4nI4Y+RkFftEponSYw=
|
|||
$this->assertInstanceOf(PrivateKey::class, $key);
|
||||
}
|
||||
|
||||
public function testJWK()
|
||||
public function testJWK(): void
|
||||
{
|
||||
// keys are from https://datatracker.ietf.org/doc/html/rfc7517#appendix-A
|
||||
|
||||
|
@ -1328,7 +1328,7 @@ LrIZULwMa4nI4Y+RkFftEponSYw=
|
|||
|
||||
$phpseclibKey = str_replace('=', '', $key->toString('JWK', [
|
||||
'alg' => 'RS256',
|
||||
'kid' => '2011-04-29'
|
||||
'kid' => '2011-04-29',
|
||||
]));
|
||||
|
||||
$this->assertSame($keyWithoutWS, $phpseclibKey);
|
||||
|
@ -1344,7 +1344,6 @@ LrIZULwMa4nI4Y+RkFftEponSYw=
|
|||
w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw",
|
||||
"e":"AQAB",
|
||||
"alg":"RS256",
|
||||
|
||||
"kid":"2011-04-29"}';
|
||||
|
||||
$keyWithoutWS = preg_replace('#\s#', '', $key);
|
||||
|
@ -1354,7 +1353,7 @@ LrIZULwMa4nI4Y+RkFftEponSYw=
|
|||
|
||||
$phpseclibKey = str_replace('=', '', $key->toString('JWK', [
|
||||
'alg' => 'RS256',
|
||||
'kid' => '2011-04-29'
|
||||
'kid' => '2011-04-29',
|
||||
]));
|
||||
|
||||
$this->assertSame($keyWithoutWS, $phpseclibKey);
|
||||
|
|
Loading…
Reference in New Issue
Block a user