/** * @param JWKInterface $key */ private function checkKey(JWKInterface $key) { Assertion::eq($key->get('kty'), 'OKP', 'Wrong key type.'); Assertion::true($key->has('x'), 'The key parameter "x" is missing.'); Assertion::true($key->has('crv'), 'The key parameter "crv" is missing.'); Assertion::inArray($key->get('crv'), ['Ed25519'], 'Unsupported curve'); }
/** * {@inheritdoc} */ public function getCEK(JWKInterface $key, array $header) { if (!$key->has('kty') || 'dir' !== $key->get('kty') || !$key->has('dir')) { throw new \InvalidArgumentException('The key is not valid'); } return Base64Url::decode($key->get('dir')); }
/** * @param \Jose\Object\JWKInterface $key */ protected function checkKey(JWKInterface $key) { if (!$key->has('kty') || 'oct' !== $key->get('kty') || !$key->has('k')) { throw new \InvalidArgumentException('The key is not valid'); } if ($this->getKeySize() !== strlen(Base64Url::decode($key->get('k')))) { throw new \InvalidArgumentException('The key size is not valid'); } }
/** * @param \Jose\Object\JWKInterface $key * @param string $algorithm * * @return bool */ private function checkKeyAlgorithm(JWKInterface $key, $algorithm) { if (!$key->has('alg')) { return true; } return $key->get('alg') === $algorithm; }
/** * @param \Jose\Object\JWKInterface $key * @param bool $is_private */ private function checkKey(JWKInterface $key, $is_private) { Assertion::true($key->has('x'), 'The key parameter "x" is missing.'); Assertion::true($key->has('crv'), 'The key parameter "crv" is missing.'); switch ($key->get('crv')) { case 'P-256': case 'P-384': case 'P-521': Assertion::eq($key->get('kty'), 'EC', 'Wrong key type.'); Assertion::true($key->has('y'), 'The key parameter "y" is missing.'); break; case 'X25519': Assertion::eq($key->get('kty'), 'OKP', 'Wrong key type.'); break; default: throw new \InvalidArgumentException(sprintf('The curve "%s" is not supported', $key->get('crv'))); } if (true === $is_private) { Assertion::true($key->has('d'), 'The key parameter "d" is missing.'); } }
/** * @param JWKInterface $key */ protected function checkKey(JWKInterface $key) { if (!$key->has('kty') || 'oct' !== $key->get('kty') || !$key->has('k')) { throw new \InvalidArgumentException('The key is not valid'); } }
/** * @param JWKInterface $key */ protected function checkKey(JWKInterface $key) { Assertion::eq($key->get('kty'), 'oct', 'Wrong key type.'); Assertion::true($key->has('k'), 'The key parameter "k" is missing.'); }
/** * @param JWKInterface $key */ private function checkKey(JWKInterface $key) { Assertion::eq($key->get('kty'), 'EC', 'Wrong key type.'); Assertion::true($key->has('x'), 'The key parameter "x" is missing.'); Assertion::true($key->has('y'), 'The key parameter "y" is missing.'); Assertion::true($key->has('crv'), 'The key parameter "crv" is missing.'); }
/** * @param array $complete_header The complete header * @param \Jose\Object\JWKInterface $key * * @return \Jose\Algorithm\SignatureAlgorithmInterface */ private function getSignatureAlgorithm(array $complete_header, Object\JWKInterface $key) { Assertion::keyExists($complete_header, 'alg', 'No "alg" parameter set in the header.'); Assertion::false($key->has('alg') && $key->get('alg') !== $complete_header['alg'], sprintf('The algorithm "%s" is not allowed with this key.', $complete_header['alg'])); $signature_algorithm = $this->getJWAManager()->getAlgorithm($complete_header['alg']); Assertion::isInstanceOf($signature_algorithm, Algorithm\SignatureAlgorithmInterface::class, sprintf('The algorithm "%s" is not supported.', $complete_header['alg'])); return $signature_algorithm; }
/** * @param array $complete_header The complete header * @param \Jose\Object\JWKInterface $key * * @return \Jose\Algorithm\Signature\SignatureInterface */ protected function getSignatureAlgorithm(array $complete_header, JWKInterface $key) { if (!array_key_exists('alg', $complete_header)) { throw new \InvalidArgumentException('No "alg" parameter set in the header.'); } if ($key->has('alg') && $key->get('alg') !== $complete_header['alg']) { throw new \InvalidArgumentException(sprintf('The algorithm "%s" is allowed with this key.', $complete_header['alg'])); } $signature_algorithm = $this->getJWAManager()->getAlgorithm($complete_header['alg']); if (!$signature_algorithm instanceof SignatureInterface) { throw new \InvalidArgumentException(sprintf('The algorithm "%s" is not supported.', $complete_header['alg'])); } return $signature_algorithm; }
/** * @param array $restrictions * @param \Jose\Object\JWKInterface $key * * @return bool */ private function doesKeySatisfyRestrictions(array $restrictions, JWKInterface $key) { foreach ($restrictions as $k => $v) { if (!$key->has($k) || $v !== $key->get($k)) { return false; } } return true; }
/** * @param \Jose\Object\JWKInterface $key * @param bool $is_private */ private function checkKey(JWKInterface $key, $is_private) { if (!$key->has('kty') || 'EC' !== $key->get('kty')) { throw new \InvalidArgumentException('The key type must be "EC"'); } if (!$key->has('x') || !$key->has('y') || !$key->has('crv')) { throw new \InvalidArgumentException('Key components ("x", "y" or "crv") missing'); } if (!$key->has('d') && true === $is_private) { throw new \InvalidArgumentException('The key must be private'); } }
/** * @param \Jose\Object\JWKInterface $key */ protected function checkKey(JWKInterface $key) { Assertion::eq($key->get('kty'), 'oct', 'Wrong key type.'); Assertion::true($key->has('k'), 'The key parameter "k" is missing.'); Assertion::eq($this->getKeySize(), mb_strlen(Base64Url::decode($key->get('k')), '8bit'), 'The key size is not valid'); }
/** * @param \Jose\Object\JWKInterface $key * @param string $algorithm */ protected function checkKeyAlgorithm(JWKInterface $key, $algorithm) { if (!$key->has('alg')) { return; } Assertion::eq($key->get('alg'), $algorithm, sprintf('Key is only allowed for algorithm "%s".', $key->get('alg'))); }
/** * {@inheritdoc} */ public function getCEK(JWKInterface $key) { Assertion::eq($key->get('kty'), 'oct', 'Wrong key type.'); Assertion::true($key->has('k'), 'The key parameter "k" is missing.'); return Base64Url::decode($key->get('k')); }
/** * @param JWKInterface $key */ private function checkKey(JWKInterface $key) { if (!$key->has('kty') || 'EC' !== $key->get('kty')) { throw new \InvalidArgumentException('The key is not valid'); } if (!$key->has('x') || !$key->has('y') || !$key->has('crv')) { throw new \InvalidArgumentException('Key components ("x", "y" or "crv") missing'); } }