Ejemplo n.º 1
0
 /**
  * https://tools.ietf.org/html/rfc7516#section-9
  * @param string $compact_serialization
  * @return IBasicJWT
  * @throws InvalidJWKType
  * @throws InvalidCompactSerializationException
  */
 public static function build($compact_serialization)
 {
     $segments = explode(IBasicJWT::SegmentSeparator, $compact_serialization);
     // JWSs have three segments separated by two period ('.') characters.
     // JWEs have five segments separated by four period ('.') characters.
     switch (count($segments)) {
         case 3:
             // JWS or unsecured one
             $header = JOSEHeaderSerializer::deserialize($segments[0]);
             if ($header->getAlgorithm()->getString() === 'none' && empty($segments[2])) {
                 return UnsecuredJWT::fromCompactSerialization($compact_serialization);
             }
             return JWSFactory::build(new JWS_CompactFormatSpecification($compact_serialization));
             break;
         case 5:
             // JWE
             return JWEFactory::build(new JWE_CompactFormatSpecification($compact_serialization));
             break;
         default:
             throw new InvalidCompactSerializationException();
             break;
     }
     return null;
 }
Ejemplo n.º 2
0
 /**
  * @throws \jwk\exceptions\InvalidJWKAlgorithm
  * @throws \jwk\exceptions\InvalidJWKType
  */
 public function testSignAndVerificationTokenRSAUnicode()
 {
     $claim_set = JWTClaimSetFactory::build(array(RegisteredJWTClaimNames::Issuer => 'セバスチャン', RegisteredJWTClaimNames::ExpirationTime => 1300819380, "http://example.com/is_root" => true, 'groups' => array('admin', 'sudo', 'devs')));
     //load server private key.
     $key = RSAJWKFactory::build(new RSAJWKPEMPrivateKeySpecification(TestKeys::$private_key_pem, RSAJWKPEMPrivateKeySpecification::WithoutPassword, JSONWebSignatureAndEncryptionAlgorithms::PS512));
     $key->setId('server_key');
     $alg = new StringOrURI(JSONWebSignatureAndEncryptionAlgorithms::PS512);
     $jws = JWSFactory::build(new JWS_ParamsSpecification($key, $alg, $claim_set));
     // and sign with server private key
     $compact_serialization = $jws->toCompactSerialization();
     $this->assertTrue(!is_null($jws));
     $this->assertTrue(!empty($compact_serialization));
     // then on client side, load the JWS from compact format
     $jws_1 = JWSFactory::build(new JWS_CompactFormatSpecification($compact_serialization));
     $this->assertTrue(!is_null($jws_1));
     // get the server public key from jose header ..
     $public_key = $jws_1->getJOSEHeader()->getHeaderByName(RegisteredJOSEHeaderNames::JSONWebKey);
     $this->assertTrue(!is_null($public_key));
     $public_key = $public_key->getRawValue();
     // and re built it from params
     $public_key = RSAJWKFactory::build(new RSAJWKParamsPublicKeySpecification($public_key[RSAKeysParameters::Modulus], $public_key[RSAKeysParameters::Exponent], $public_key[JSONWebKeyParameters::Algorithm], $public_key[JSONWebKeyParameters::PublicKeyUse]));
     //set the server public key and then proceed to verify signature
     $res = $jws_1->setKey($public_key)->verify($alg->getString());
     $this->assertTrue($res);
     $this->assertTrue($jws_1->getClaimSet()->getIssuer()->getString() === 'セバスチャン');
 }
Ejemplo n.º 3
0
 public function testDecryptZipped()
 {
     $jwe_compact_form = 'eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0.QsuGdnlMU4koqOkEXn-pJOjq-qsdVjMas_324HoUJgmPTNvL7Q6JNb2sa62rPp2oCumhXiPXss2HkvPKrEsy1WxrAaJtzKKMp_bl65IUe4l7eiHX0TbUiUoCpsacJa7K7L_vY4uEb5nr6sZ8IsdaW9mlJNrQf_dlq18rl6RoIKkGsHU7cNPxw-V7WtFWJjgMdDBJ2MJw050DLQrA217r7HuahLvts1lHUWLOXkiLpThYr0K2iV4mXouODcz8c90jTh-gCUz1yjwGajpeMwUovabPjPAQKhaOjHaoxaRBh1SD2DTnhvbtEPaxuRxvKEiM7uf3t3qBm1vs4Tjjma2PNSHf-iEJEUkUMVl10PPZ0Q4smS622KgcG371_JAjdBMn614gB2x8FBV_0y6EAc1DHF4Lxrpo4B2yw8WOdsS9ooUFakXRulcpAj4DYfL4ZJphzC7tXbrIX6vq-yo1a-nPAAGY87hkQow1nSoYUSeSVvEDFZD0MVzuSXE1btVZJfnHd8mjDEFTLxfqrCWZxC5jhzdGcGnBFOV3Gzt3obvn20iS-8jds3LVe4to28aSOX_jGUJjxXRQXRCzVuy9kUeHfrX56gKIp8IEaeQQP4Cr9cyXsbrS5WvUw8dmZjPLvC_t_pb5dHFeDK7gE3rPKlNgsjecfhlgmdp7Tve3Evee83Q.uIUD3haEyB45qWTbY-3txWWlDUX3XA8cVwonOYoX_543hxqSHkegWZ3IgU4PhcAFcHB3RFackjw6C4ZnbIGQvw.DeSYoiSvZ5YvXrnWc90XVwWDmUvfYZgdAcx2x4Y5CTSRPEIuZTnOoTGrsHZDg25hlTPXfE8w2z4LFc1_OYVIBlDZ82p3-doMZqr6k0fiR_J3TJV2oRzs10gZveWbqHGTQRZ3TE7IOJtJ-dh_saO4R_IcZG_FwIq_d9YHHXBv2Bd8yEA7U7e1LBZA_CFYryQz2RHjaEnxVhwpKXkBId26MUS7eOBUhJ9yie0kEB-E6Rd7a6gvMxItM7feoe23M1069Ydt8UEqbtls4l496Qus61nxE0g5VZuhpQmR_CFRjQhgrKjyZPLQit2gmwt8yk_Ow7fzHK0TVxUe40TV6Nzf-9XueLhFbRc_KKyey10LDwX_QSijYS8keKcu3s84DHTapujLO7x3CAZ6VzdKYvMBkm_KtHyIU4V6UbT_uX3RtDIfQDhJ7XRrz8Zg9sEtctt3kSdUAKkvvlANOAsqK4Z-9nNCFP2IfYlR5LXFofzVtxZCMMLYCymB-1KmKwLEXDTWcooVAT2cC0nDX6IlYT3r3-VcNIuquJwji_yxDvcszziSdTMIlExrYXSDwDc2z-jvXCu11iZJ5u3MscVgTXypPUkrGAhIvdl6lQTWhtdwuKvcPBZbrOeAJq-tHnC0Sr49wecEmpaGvq3UCRTqYgzR-u9DEEzlMa_d54Y64ilOXWblBc3JcxblnQuO9tGBqVis1KwZ1CYLlYC2gye6BpPkYR73_tueisOKciaZIBYEDYhfow5PFFS1rQZFDu6Iq04S43IXvGg9k7JWv3d5cE1iqmMzMehZ7hf4_2gbF05s02y4HLxoooP7r6tekOAMcPkBCSqEqW04g993QhbOwCDnn2H_I-9YavdBknuDopVxcGQPydih-nJaID50rmAcszUCX5mIyMt3LMzJH6WdDhw__3kl2PeQO0hKCiTSDfdFVxJb0m7vdCFMFKOlpC1GneYU7x1YWEbulru57g4wmjkkmEO9G6oQPn-1SmCRQb5r16TH2_cYQsbCKFHeZxLWugcbUcnXZKdIVKre8icNUFQjjxypjJw6pNkXHzRXP6jvvfxmudsRuq6LB6VyiuMlmnuafqf55XlJLU9wQJGbj86-sUIpqW9o8YaYZSsFhgiwT6ETSOhJRRA91GDyhjJzjaskf3Grr0PGtWNv2fHBJyT469RspK6lQuCNhOGg4yd7itGoMT61sqxdYWVp8qMcBz1NPb0dQ93ibCRtPZO5GkUSOsLJHsu9axtB0DYICbCZwayjal-4FY6Tm-feuP84bqZEQy--vYogJ48DWEm_HOV-7Ihx3ibrVLahpn773HvS4QK8X6ifLbWhum563-hXBNc_6TK0BWBcQXJbDkVGlaiA4qAhczMnMifCzTLwLOjvbvaKl4rPTjdZr-uS-MgRzTIZK6U7MDZOMlYedj1jhmKROP0h7eQapIhugguKuILAdyy_36ckq-GSNpgolqI4m3AfIRxlUAo5nMECy8rSRtCusT90OhPbwR01Vr_tUze4-eot9sqquy85kAi8AtiwknLF_KKUnyNDS8dT8GzHbMilJK3OvL0P6iLyDBRpaGQ3Sb8YDKJBmSQvxGlqdxzTeAw4QMLJCogPkuT4vGsg6b6RomrX1UhtM6T03ia1qR8WMvrpRhwJPQCbG0vTEmaKMJiJ4YKmnGPPLJ7zClZ_OxYoDr-DXk10A-jHAJ-8xX-l88dD-cgYlyOvT6GZxjjvx9Qmzr3WJsFSA2U2gC5sHqrHzD-vUky9I7WFHieOpUW3_hM_-ypZDfWJnn7ehNi8te-EbUUSlhYmn_GoygalbCdx0zvVpZlzZsCEYjvOlU9ZdKFST2BPbjpRKppLhLUnlWHH7-KpP3elyiJy2GJcY1N0JY4LP3ZTJyCI_CVTeNDDbZHUdMD3v-oO78wu4DAK_XgVX_-rCOrt1pFZ_k-FONSVq8zQtts6LVeWcaX60Q-zc4jGvZ7bn88UuNNtiBuq3jzskSgI0jS185-EZd5gBM_ahkcEHnkEVk4DLC6fnKp5V3Cek8xEw7p_ADsVx-cNPR46T3JIblOQil_u4I8gh-w1S9R7J_5QVFDsFsdRWy-yzI2fmzbw7DUsysNUqXPXyFKnUOUFjTAIhiYtLKsXx2YO8l5Dj2P9lLgEkwGq3oxlf7vVG29A1iVtcKtyLqah5hMvi7Dp445jvHzHQmvb7Psi0Yy8_PjepEP0pWZ982NBn75Fx9D04FqBIoHvsAg0hVhykOMoBEdCA8GHzMP8zUDXeH7Gj6QeTYmRL0Q7JLdPxQUGsPyiwPCo9Q-5SirIJpDZjDwtH6_vZ_BrB_kWQSSWdDvd2okqpqaynVhlSutJdyU.pO_I4zL-ky1p1OQPd1Ta2bAV3kpcdOjrvY1whQ7-7Q6kuA-iaVkIoHilDhCslp6_PZ_wdTun96yG8JxQfH56AA';
     $jwe_2 = JWEFactory::build(new JWE_CompactFormatSpecification($jwe_compact_form));
     $this->assertTrue(!is_null($jwe_2));
     $recipient_key = RSAJWKFactory::build(new RSAJWKPEMPrivateKeySpecification(TestKeys::$private_key2_pem, RSAJWKPEMPrivateKeySpecification::WithoutPassword, $jwe_2->getJOSEHeader()->getAlgorithm()->getString()));
     $recipient_key->setKeyUse(JSONWebKeyPublicKeyUseValues::Encryption)->setId('recipient_public_key');
     $jwe_2->setRecipientKey($recipient_key);
     $payload_2 = $jwe_2->getPlainText();
     $this->assertTrue(!empty($payload_2));
     $jws = JWSFactory::build(new JWS_CompactFormatSpecification($payload_2));
     $this->assertTrue(!is_null($jws));
     $server_key = RSAJWKFactory::build(new RSAJWKPEMPublicKeySpecification(TestKeys::$public_key_pem, JSONWebSignatureAndEncryptionAlgorithms::RS384));
     $server_key->setId('rsa_server');
     // and verify signature.
     $res = $jws->setKey($server_key)->verify(JSONWebSignatureAndEncryptionAlgorithms::RS384);
     $this->assertTrue($res);
 }