Merge branch 'main' into main

Author: bshaffer

src/CachedKeySet.php

@@ -132,13 +132,13 @@ public function offsetUnset($offset): void
 
     private function keyIdExists(string $keyId): bool
     {
-        $keySetToCache = null;
         if (null === $this->keySet) {
             $item = $this->getCacheItem();
             // Try to load keys from cache
             if ($item->isHit()) {
                 // item found! Return it
-                $this->keySet = $item->get();
+                $jwks = $item->get();
+                $this->keySet = JWK::parseKeySet(json_decode($jwks, true), $this->defaultAlg);
             }
         }
 
@@ -148,17 +148,15 @@ private function keyIdExists(string $keyId): bool
             }
             $request = $this->httpFactory->createRequest('get', $this->jwksUri);
             $jwksResponse = $this->httpClient->sendRequest($request);
-            $jwks = json_decode((string) $jwksResponse->getBody(), true);
-            $this->keySet = $keySetToCache = JWK::parseKeySet($jwks, $this->defaultAlg);
+            $jwks = (string) $jwksResponse->getBody();
+            $this->keySet = JWK::parseKeySet(json_decode($jwks, true), $this->defaultAlg);
 
             if (!isset($this->keySet[$keyId])) {
                 return false;
             }
-        }
 
-        if ($keySetToCache) {
             $item = $this->getCacheItem();
-            $item->set($keySetToCache);
+            $item->set($jwks);
             if ($this->expiresAfter) {
                 $item->expiresAfter($this->expiresAfter);
             }

src/JWK.php

@@ -20,6 +20,16 @@
  */
 class JWK
 {
+    private const OID = '1.2.840.10045.2.1';
+    private const ASN1_OBJECT_IDENTIFIER = 0x06;
+    private const ASN1_SEQUENCE = 0x10; // also defined in JWT
+    private const ASN1_BIT_STRING = 0x03;
+    private const EC_CURVES = [
+        'P-256' => '1.2.840.10045.3.1.7', // Len: 64
+        // 'P-384' => '1.3.132.0.34', // Len: 96 (not yet supported)
+        // 'P-521' => '1.3.132.0.35', // Len: 132 (not supported)
+    ];
+
     /**
      * Parse a set of JWK keys
      *
@@ -114,6 +124,26 @@ public static function parseKey(array $jwk, string $defaultAlg = null): ?Key
                     );
                 }
                 return new Key($publicKey, $jwk['alg']);
+            case 'EC':
+                if (isset($jwk['d'])) {
+                    // The key is actually a private key
+                    throw new UnexpectedValueException('Key data must be for a public key');
+                }
+
+                if (empty($jwk['crv'])) {
+                    throw new UnexpectedValueException('crv not set');
+                }
+
+                if (!isset(self::EC_CURVES[$jwk['crv']])) {
+                    throw new DomainException('Unrecognised or unsupported EC curve');
+                }
+
+                if (empty($jwk['x']) || empty($jwk['y'])) {
+                    throw new UnexpectedValueException('x and y not set');
+                }
+
+                $publicKey = self::createPemFromCrvAndXYCoordinates($jwk['crv'], $jwk['x'], $jwk['y']);
+                return new Key($publicKey, $jwk['alg']);
             default:
                 // Currently only RSA is supported
                 break;
@@ -122,6 +152,45 @@ public static function parseKey(array $jwk, string $defaultAlg = null): ?Key
         return null;
     }
 
+    /**
+     * Converts the EC JWK values to pem format.
+     *
+     * @param   string  $crv The EC curve (only P-256 is supported)
+     * @param   string  $x   The EC x-coordinate
+     * @param   string  $y   The EC y-coordinate
+     *
+     * @return  string
+     */
+    private static function createPemFromCrvAndXYCoordinates(string $crv, string $x, string $y): string
+    {
+        $pem =
+            self::encodeDER(
+                self::ASN1_SEQUENCE,
+                self::encodeDER(
+                    self::ASN1_SEQUENCE,
+                    self::encodeDER(
+                        self::ASN1_OBJECT_IDENTIFIER,
+                        self::encodeOID(self::OID)
+                    )
+                    . self::encodeDER(
+                        self::ASN1_OBJECT_IDENTIFIER,
+                        self::encodeOID(self::EC_CURVES[$crv])
+                    )
+                ) .
+                self::encodeDER(
+                    self::ASN1_BIT_STRING,
+                    \chr(0x00) . \chr(0x04)
+                    . JWT::urlsafeB64Decode($x)
+                    . JWT::urlsafeB64Decode($y)
+                )
+            );
+
+        return sprintf(
+            "-----BEGIN PUBLIC KEY-----\n%s\n-----END PUBLIC KEY-----\n",
+            wordwrap(base64_encode($pem), 64, "\n", true)
+        );
+    }
+
     /**
      * Create a public key represented in PEM format from RSA modulus and exponent information
      *
@@ -162,11 +231,9 @@ private static function createPemFromModulusAndExponent(
             $rsaOID . $rsaPublicKey
         );
 
-        $rsaPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
+        return "-----BEGIN PUBLIC KEY-----\r\n" .
             \chunk_split(\base64_encode($rsaPublicKey), 64) .
             '-----END PUBLIC KEY-----';
-
-        return $rsaPublicKey;
     }
 
     /**
@@ -188,4 +255,68 @@ private static function encodeLength(int $length): string
 
         return \pack('Ca*', 0x80 | \strlen($temp), $temp);
     }
+
+    /**
+     * Encodes a value into a DER object.
+     * Also defined in Firebase\JWT\JWT
+     *
+     * @param   int     $type DER tag
+     * @param   string  $value the value to encode
+     * @return  string  the encoded object
+     */
+    private static function encodeDER(int $type, string $value): string
+    {
+        $tag_header = 0;
+        if ($type === self::ASN1_SEQUENCE) {
+            $tag_header |= 0x20;
+        }
+
+        // Type
+        $der = \chr($tag_header | $type);
+
+        // Length
+        $der .= \chr(\strlen($value));
+
+        return $der . $value;
+    }
+
+    /**
+     * Encodes a string into a DER-encoded OID.
+     *
+     * @param   string $oid the OID string
+     * @return  string the binary DER-encoded OID
+     */
+    private static function encodeOID(string $oid): string
+    {
+        $octets = explode('.', $oid);
+
+        // Get the first octet
+        $first = (int) array_shift($octets);
+        $second = (int) array_shift($octets);
+        $oid = \chr($first * 40 + $second);
+
+        // Iterate over subsequent octets
+        foreach ($octets as $octet) {
+            if ($octet == 0) {
+                $oid .= \chr(0x00);
+                continue;
+            }
+            $bin = '';
+
+            while ($octet) {
+                $bin .= \chr(0x80 | ($octet & 0x7f));
+                $octet >>= 7;
+            }
+            $bin[0] = $bin[0] & \chr(0x7f);
+
+            // Convert to big endian if necessary
+            if (pack('V', 65534) == pack('L', 65534)) {
+                $oid .= strrev($bin);
+            } else {
+                $oid .= $bin;
+            }
+        }
+
+        return $oid;
+    }
 }

src/JWT.php

@@ -98,7 +98,7 @@ public static function decode(
             throw new InvalidArgumentException('Key may not be empty');
         }
         $tks = \explode('.', $jwt);
-        if (\count($tks) != 3) {
+        if (\count($tks) !== 3) {
             throw new UnexpectedValueException('Wrong number of segments');
         }
         list($headb64, $bodyb64, $cryptob64) = $tks;
@@ -136,7 +136,7 @@ public static function decode(
             // OpenSSL expects an ASN.1 DER sequence for ES256/ES384 signatures
             $sig = self::signatureToDER($sig);
         }
-        if (!self::verify("$headb64.$bodyb64", $sig, $key->getKeyMaterial(), $header->alg)) {
+        if (!self::verify("${headb64}.${bodyb64}", $sig, $key->getKeyMaterial(), $header->alg)) {
             throw new SignatureInvalidException('Signature verification failed');
         }
 
@@ -293,28 +293,29 @@ private static function verify(
                 $success = \openssl_verify($msg, $signature, $keyMaterial, $algorithm); // @phpstan-ignore-line
                 if ($success === 1) {
                     return true;
-                } elseif ($success === 0) {
+                }
+                if ($success === 0) {
                     return false;
                 }
                 // returns 1 on success, 0 on failure, -1 on error.
                 throw new DomainException(
                     'OpenSSL error: ' . \openssl_error_string()
                 );
             case 'sodium_crypto':
-              if (!\function_exists('sodium_crypto_sign_verify_detached')) {
-                  throw new DomainException('libsodium is not available');
-              }
-              if (!\is_string($keyMaterial)) {
-                  throw new InvalidArgumentException('key must be a string when using EdDSA');
-              }
-              try {
-                  // The last non-empty line is used as the key.
-                  $lines = array_filter(explode("\n", $keyMaterial));
-                  $key = base64_decode((string) end($lines));
-                  return sodium_crypto_sign_verify_detached($signature, $msg, $key);
-              } catch (Exception $e) {
-                  throw new DomainException($e->getMessage(), 0, $e);
-              }
+                if (!\function_exists('sodium_crypto_sign_verify_detached')) {
+                    throw new DomainException('libsodium is not available');
+                }
+                if (!\is_string($keyMaterial)) {
+                    throw new InvalidArgumentException('key must be a string when using EdDSA');
+                }
+                try {
+                    // The last non-empty line is used as the key.
+                    $lines = array_filter(explode("\n", $keyMaterial));
+                    $key = base64_decode((string) end($lines));
+                    return sodium_crypto_sign_verify_detached($signature, $msg, $key);
+                } catch (Exception $e) {
+                    throw new DomainException($e->getMessage(), 0, $e);
+                }
             case 'hash_hmac':
             default:
                 if (!\is_string($keyMaterial)) {
@@ -510,7 +511,7 @@ private static function signatureToDER(string $sig): string
     {
         // Separate the signature into r-value and s-value
         $length = max(1, (int) (\strlen($sig) / 2));
-        list($r, $s) = \str_split($sig, $length > 0 ? $length : 1);
+        list($r, $s) = \str_split($sig, $length);
 
         // Trim leading zeros
         $r = \ltrim($r, "\x00");
@@ -610,7 +611,7 @@ private static function readDER(string $der, int $offset = 0): array
         }
 
         // Value
-        if ($type == self::ASN1_BIT_STRING) {
+        if ($type === self::ASN1_BIT_STRING) {
             $pos++; // Skip the first contents octet (padding indicator)
             $data = \substr($der, $pos, $len - 1);
             $pos += $len - 1;

tests/CachedKeySetTest.php

@@ -120,7 +120,7 @@ public function testKeyIdIsCached()
         $cacheItem->isHit()
             ->willReturn(true);
         $cacheItem->get()
-            ->willReturn(JWK::parseKeySet(json_decode($this->testJwks1, true)));
+            ->willReturn($this->testJwks1);
 
         $cache = $this->prophesize(CacheItemPoolInterface::class);
         $cache->getItem($this->testJwksUriKey)
@@ -146,7 +146,7 @@ public function testCachedKeyIdRefresh()
             ->willReturn(true);
         $cacheItem->get()
             ->shouldBeCalledOnce()
-            ->willReturn(JWK::parseKeySet(json_decode($this->testJwks1, true)));
+            ->willReturn($this->testJwks1);
         $cacheItem->set(Argument::any())
             ->shouldBeCalledOnce()
             ->will(function () {
@@ -213,16 +213,15 @@ public function testCacheItemWithExpiresAfter()
     public function testJwtVerify()
     {
         $privKey1 = file_get_contents(__DIR__ . '/data/rsa1-private.pem');
-        $payload = array('sub' => 'foo', 'exp' => strtotime('+10 seconds'));
+        $payload = ['sub' => 'foo', 'exp' => strtotime('+10 seconds')];
         $msg = JWT::encode($payload, $privKey1, 'RS256', 'jwk1');
 
         $cacheItem = $this->prophesize(CacheItemInterface::class);
         $cacheItem->isHit()
             ->willReturn(true);
         $cacheItem->get()
-            ->willReturn(JWK::parseKeySet(
-                json_decode(file_get_contents(__DIR__ . '/data/rsa-jwkset.json'), true)
-            ));
+            ->willReturn(file_get_contents(__DIR__ . '/data/rsa-jwkset.json')
+            );
 
         $cache = $this->prophesize(CacheItemPoolInterface::class);
         $cache->getItem($this->testJwksUriKey)

tests/JWKTest.php

@@ -127,19 +127,33 @@ public function testDecodeByJwkKeySetTokenExpired()
     }
 
     /**
-     * @depends testParseJwkKeySet
+     * @dataProvider provideDecodeByJwkKeySet
      */
-    public function testDecodeByJwkKeySet()
+    public function testDecodeByJwkKeySet($pemFile, $jwkFile, $alg)
     {
-        $privKey1 = file_get_contents(__DIR__ . '/data/rsa1-private.pem');
+        $privKey1 = file_get_contents(__DIR__ . '/data/' . $pemFile);
         $payload = ['sub' => 'foo', 'exp' => strtotime('+10 seconds')];
-        $msg = JWT::encode($payload, $privKey1, 'RS256', 'jwk1');
+        $msg = JWT::encode($payload, $privKey1, $alg, 'jwk1');
 
-        $result = JWT::decode($msg, self::$keys);
+        $jwkSet = json_decode(
+            file_get_contents(__DIR__ . '/data/' . $jwkFile),
+            true
+        );
+
+        $keys = JWK::parseKeySet($jwkSet);
+        $result = JWT::decode($msg, $keys);
 
         $this->assertEquals('foo', $result->sub);
     }
 
+    public function provideDecodeByJwkKeySet()
+    {
+        return [
+            ['rsa1-private.pem', 'rsa-jwkset.json', 'RS256'],
+            ['ecdsa256-private.pem', 'ec-jwkset.json', 'ES256'],
+        ];
+    }
+
     /**
      * @depends testParseJwkKeySet
      */

tests/data/ec-jwkset.json

@@ -0,0 +1,22 @@
+{
+    "keys": [
+        {
+            "kty": "EC",
+            "use": "sig",
+            "crv": "P-256",
+            "kid": "jwk1",
+            "x": "ALXnvdCvbBx35J2bozBkIFHPT747KiYioLK4JquMhZU",
+            "y": "fAt_rGPqS95Ytwdluh4TNWTmj9xkcAbKGBRpP5kuGBk",
+            "alg": "ES256"
+        },
+        {
+            "kty": "EC",
+            "use": "sig",
+            "crv": "P-256",
+            "kid": "jwk2",
+            "x": "mQa0q5FvxPRujxzFazQT1Mo2YJJzuKiXU3svOJ41jhw",
+            "y": "jAz7UwIl2oOFk06kj42ZFMOXmGMFUGjKASvyYtibCH0",
+            "alg": "ES256"
+        }
+    ]
+}

tests/data/ecdsa256-private.pem

@@ -0,0 +1,4 @@
+-----BEGIN PRIVATE KEY-----
+MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCD0KvVxLJEzRBQmcEXf
+D2okKCNoUwZY8fc1/1Z4aJuJdg==
+-----END PRIVATE KEY-----