[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  declare(strict_types=1);
   4  
   5  /*
   6   * The MIT License (MIT)
   7   *
   8   * Copyright (c) 2014-2019 Spomky-Labs
   9   *
  10   * This software may be modified and distributed under the terms
  11   * of the MIT license.  See the LICENSE file for details.
  12   */
  13  
  14  namespace Cose\Key;
  15  
  16  use Assert\Assertion;
  17  use FG\ASN1\ExplicitlyTaggedObject;
  18  use FG\ASN1\Universal\BitString;
  19  use FG\ASN1\Universal\Integer;
  20  use FG\ASN1\Universal\ObjectIdentifier;
  21  use FG\ASN1\Universal\OctetString;
  22  use FG\ASN1\Universal\Sequence;
  23  
  24  class Ec2Key extends Key
  25  {
  26      public const CURVE_P256 = 1;
  27      public const CURVE_P256K = 8;
  28      public const CURVE_P384 = 2;
  29      public const CURVE_P521 = 3;
  30  
  31      private const SUPPORTED_CURVES = [
  32          self::CURVE_P256,
  33          self::CURVE_P256K,
  34          self::CURVE_P384,
  35          self::CURVE_P521,
  36      ];
  37  
  38      public const DATA_CURVE = -1;
  39      public const DATA_X = -2;
  40      public const DATA_Y = -3;
  41      public const DATA_D = -4;
  42  
  43      private const NAMED_CURVE_OID = [
  44          self::CURVE_P256 => '1.2.840.10045.3.1.7', // NIST P-256 / secp256r1
  45          self::CURVE_P256K => '1.3.132.0.10', // NIST P-256K / secp256k1
  46          self::CURVE_P384 => '1.3.132.0.34', // NIST P-384 / secp384r1
  47          self::CURVE_P521 => '1.3.132.0.35', // NIST P-521 / secp521r1
  48      ];
  49  
  50      private const CURVE_KEY_LENGTH = [
  51          self::CURVE_P256 => 32,
  52          self::CURVE_P256K => 32,
  53          self::CURVE_P384 => 48,
  54          self::CURVE_P521 => 66,
  55      ];
  56  
  57      public function __construct(array $data)
  58      {
  59          parent::__construct($data);
  60          Assertion::eq($data[self::TYPE], self::TYPE_EC2, 'Invalid EC2 key. The key type does not correspond to an EC2 key');
  61          Assertion::keyExists($data, self::DATA_CURVE, 'Invalid EC2 key. The curve is missing');
  62          Assertion::keyExists($data, self::DATA_X, 'Invalid EC2 key. The x coordinate is missing');
  63          Assertion::keyExists($data, self::DATA_Y, 'Invalid EC2 key. The y coordinate is missing');
  64          Assertion::length($data[self::DATA_X], self::CURVE_KEY_LENGTH[$data[self::DATA_CURVE]], 'Invalid length for x coordinate', null, '8bit');
  65          Assertion::length($data[self::DATA_Y], self::CURVE_KEY_LENGTH[$data[self::DATA_CURVE]], 'Invalid length for y coordinate', null, '8bit');
  66          Assertion::inArray((int) $data[self::DATA_CURVE], self::SUPPORTED_CURVES, 'The curve is not supported');
  67      }
  68  
  69      public function toPublic(): self
  70      {
  71          $data = $this->getData();
  72          unset($data[self::DATA_D]);
  73  
  74          return new self($data);
  75      }
  76  
  77      public function x(): string
  78      {
  79          return $this->get(self::DATA_X);
  80      }
  81  
  82      public function y(): string
  83      {
  84          return $this->get(self::DATA_Y);
  85      }
  86  
  87      public function isPrivate(): bool
  88      {
  89          return \array_key_exists(self::DATA_D, $this->getData());
  90      }
  91  
  92      public function d(): string
  93      {
  94          Assertion::true($this->isPrivate(), 'The key is not private');
  95  
  96          return $this->get(self::DATA_D);
  97      }
  98  
  99      public function curve(): int
 100      {
 101          return (int) $this->get(self::DATA_CURVE);
 102      }
 103  
 104      public function asPEM(): string
 105      {
 106          if ($this->isPrivate()) {
 107              $der = new Sequence(
 108                  new Integer(1),
 109                  new OctetString(bin2hex($this->d())),
 110                  new ExplicitlyTaggedObject(0, new ObjectIdentifier($this->getCurveOid())),
 111                  new ExplicitlyTaggedObject(1, new BitString(\bin2hex($this->getUncompressedCoordinates())))
 112              );
 113  
 114              return $this->pem('EC PRIVATE KEY', $der->getBinary());
 115          }
 116  
 117          $der = new Sequence(
 118              new Sequence(
 119                  new ObjectIdentifier('1.2.840.10045.2.1'),
 120                  new ObjectIdentifier($this->getCurveOid())
 121              ),
 122              new BitString(\bin2hex($this->getUncompressedCoordinates()))
 123          );
 124  
 125          return $this->pem('PUBLIC KEY', $der->getBinary());
 126      }
 127  
 128      private function getCurveOid(): string
 129      {
 130          return self::NAMED_CURVE_OID[$this->curve()];
 131      }
 132  
 133      public function getUncompressedCoordinates(): string
 134      {
 135          return "\x04".$this->x().$this->y();
 136      }
 137  
 138      private function pem(string $type, string $der): string
 139      {
 140          return sprintf("-----BEGIN %s-----\n", mb_strtoupper($type)).
 141              chunk_split(base64_encode($der), 64, "\n").
 142              sprintf("-----END %s-----\n", mb_strtoupper($type));
 143      }
 144  }