Inheritance: extends Jose\Object\JWTInterface
JWEInterface Interface Documentation
コード例 #1
0
ファイル: EncrypterTrait.php プロジェクト: spomky-labs/jose 
 /**
  * @param \Jose\Object\JWEInterface $jwe
  *
  * @return \Jose\Algorithm\ContentEncryptionAlgorithmInterface
  */
 private function getContentEncryptionAlgorithm(Object\JWEInterface $jwe)
 {
     $algorithm = null;
     foreach ($jwe->getRecipients() as $recipient) {
         $complete_headers = array_merge($jwe->getSharedProtectedHeaders(), $jwe->getSharedHeaders(), $recipient->getHeaders());
         Assertion::keyExists($complete_headers, 'enc', 'Parameter "enc" is missing.');
         if (null === $algorithm) {
             $algorithm = $complete_headers['enc'];
         } else {
             Assertion::eq($algorithm, $complete_headers['enc'], 'Foreign content encryption algorithms are not allowed.');
         }
     }
     $content_encryption_algorithm = $this->getJWAManager()->getAlgorithm($algorithm);
     Assertion::isInstanceOf($content_encryption_algorithm, Algorithm\ContentEncryptionAlgorithmInterface::class, sprintf('The content encryption algorithm "%s" is not supported or not a content encryption algorithm instance.', $algorithm));
     return $content_encryption_algorithm;
 }
コード例 #2
0
ファイル: Decrypter.php プロジェクト: gitter-badger/jose 
 /**
  * @param \Jose\Object\JWEInterface $jwe
  *
  * @throws \InvalidArgumentException
  */
 private function checkCompleteHeader($jwe)
 {
     foreach (['enc', 'alg'] as $key) {
         if (!$jwe->hasHeader($key)) {
             throw new \InvalidArgumentException(sprintf("Parameters '%s' is missing.", $key));
         }
     }
 }
コード例 #3
0
ファイル: Decrypter.php プロジェクト: spomky-labs/jose 
 /**
  * @param \Jose\Object\JWEInterface                           $jwe
  * @param string                                              $cek
  * @param \Jose\Algorithm\ContentEncryptionAlgorithmInterface $content_encryption_algorithm
  * @param array                                               $complete_headers
  *
  * @return bool
  */
 private function decryptPayload(Object\JWEInterface &$jwe, $cek, Algorithm\ContentEncryptionAlgorithmInterface $content_encryption_algorithm, array $complete_headers)
 {
     $payload = $content_encryption_algorithm->decryptContent($jwe->getCiphertext(), $cek, $jwe->getIV(), null === $jwe->getAAD() ? null : Base64Url::encode($jwe->getAAD()), $jwe->getEncodedSharedProtectedHeaders(), $jwe->getTag());
     if (null === $payload) {
         return false;
     }
     $this->decompressIfNeeded($payload, $complete_headers);
     $decoded = json_decode($payload, true);
     $jwe = $jwe->withPayload(null === $decoded ? $payload : $decoded);
     return true;
 }
コード例 #4
0
 /**
  * @param \Jose\Object\JWEInterface $jwe
  *
  * @throws \OAuth2\Exception\BaseExceptionInterface
  *
  * @return \Jose\Object\JWSInterface
  */
 protected function decryptAssertion(JWEInterface $jwe)
 {
     if (!in_array($jwe->getHeader('alg'), $this->allowed_encryption_algorithms) || !in_array($jwe->getHeader('enc'), $this->allowed_encryption_algorithms)) {
         throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, sprintf('Algorithm not allowed. Authorized algorithms: %s.', json_encode($this->allowed_encryption_algorithms)));
     }
     $this->decrypter->decrypt($jwe, $this->key_set);
     if (null === $jwe->getPayload()) {
         throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'Unable to decrypt the payload. Please verify keys used for encryption.');
     }
     $jws = $this->loader->load($jwe->getPayload());
     if (!$jws instanceof JWSInterface) {
         throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'The encrypted assertion does not contain a single JWS.');
     }
     return $jws;
 }
コード例 #5
0
ファイル: Encrypter.php プロジェクト: spomky-labs/jose 
 /**
  * @param \Jose\Object\JWEInterface                           $jwe
  * @param \Jose\Algorithm\ContentEncryptionAlgorithmInterface $content_encryption_algorithm
  * @param string                                              $cek
  * @param string                                              $iv
  * @param \Jose\Compression\CompressionInterface|null         $compression_method
  */
 private function encryptJWE(Object\JWEInterface &$jwe, Algorithm\ContentEncryptionAlgorithmInterface $content_encryption_algorithm, $cek, $iv, Compression\CompressionInterface $compression_method = null)
 {
     if (!empty($jwe->getSharedProtectedHeaders())) {
         $jwe = $jwe->withEncodedSharedProtectedHeaders(Base64Url::encode(json_encode($jwe->getSharedProtectedHeaders())));
     }
     $tag = null;
     $payload = $this->preparePayload($jwe->getPayload(), $compression_method);
     $aad = null === $jwe->getAAD() ? null : Base64Url::encode($jwe->getAAD());
     $ciphertext = $content_encryption_algorithm->encryptContent($payload, $cek, $iv, $aad, $jwe->getEncodedSharedProtectedHeaders(), $tag);
     $jwe = $jwe->withCiphertext($ciphertext);
     $jwe = $jwe->withIV($iv);
     if (null !== $tag) {
         $jwe = $jwe->withTag($tag);
     }
 }