[ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Summary view] [Print] [Text view]
1 <?php 2 3 declare(strict_types=1); 4 5 /* 6 * The MIT License (MIT) 7 * 8 * Copyright (c) 2014-2020 Spomky-Labs 9 * 10 * This software may be modified and distributed under the terms 11 * of the MIT license. See the LICENSE file for details. 12 */ 13 14 namespace Jose\Component\Core\Util; 15 16 use function in_array; 17 use InvalidArgumentException; 18 use function is_array; 19 use Jose\Component\Core\JWK; 20 21 /** 22 * @internal 23 */ 24 class KeyChecker 25 { 26 public static function checkKeyUsage(JWK $key, string $usage): void 27 { 28 if ($key->has('use')) { 29 self::checkUsage($key, $usage); 30 } 31 if ($key->has('key_ops')) { 32 self::checkOperation($key, $usage); 33 } 34 } 35 36 /** 37 * @throws InvalidArgumentException if the key is not suitable for the selected algorithm 38 */ 39 public static function checkKeyAlgorithm(JWK $key, string $algorithm): void 40 { 41 if (!$key->has('alg')) { 42 return; 43 } 44 if ($key->get('alg') !== $algorithm) { 45 throw new InvalidArgumentException(sprintf('Key is only allowed for algorithm "%s".', $key->get('alg'))); 46 } 47 } 48 49 /** 50 * @throws InvalidArgumentException if the key is not suitable for the selected operation 51 */ 52 private static function checkOperation(JWK $key, string $usage): void 53 { 54 $ops = $key->get('key_ops'); 55 if (!is_array($ops)) { 56 throw new InvalidArgumentException('Invalid key parameter "key_ops". Should be a list of key operations'); 57 } 58 59 switch ($usage) { 60 case 'verification': 61 if (!in_array('verify', $ops, true)) { 62 throw new InvalidArgumentException('Key cannot be used to verify a signature'); 63 } 64 65 break; 66 67 case 'signature': 68 if (!in_array('sign', $ops, true)) { 69 throw new InvalidArgumentException('Key cannot be used to sign'); 70 } 71 72 break; 73 74 case 'encryption': 75 if (!in_array('encrypt', $ops, true) && !in_array('wrapKey', $ops, true) && !in_array('deriveKey', $ops, true)) { 76 throw new InvalidArgumentException('Key cannot be used to encrypt'); 77 } 78 79 break; 80 81 case 'decryption': 82 if (!in_array('decrypt', $ops, true) && !in_array('unwrapKey', $ops, true) && !in_array('deriveBits', $ops, true)) { 83 throw new InvalidArgumentException('Key cannot be used to decrypt'); 84 } 85 86 break; 87 88 default: 89 throw new InvalidArgumentException('Unsupported key usage.'); 90 } 91 } 92 93 /** 94 * @throws InvalidArgumentException if the key is not suitable for the selected operation 95 */ 96 private static function checkUsage(JWK $key, string $usage): void 97 { 98 $use = $key->get('use'); 99 100 switch ($usage) { 101 case 'verification': 102 case 'signature': 103 if ('sig' !== $use) { 104 throw new InvalidArgumentException('Key cannot be used to sign or verify a signature.'); 105 } 106 107 break; 108 109 case 'encryption': 110 case 'decryption': 111 if ('enc' !== $use) { 112 throw new InvalidArgumentException('Key cannot be used to encrypt or decrypt.'); 113 } 114 115 break; 116 117 default: 118 throw new InvalidArgumentException('Unsupported key usage.'); 119 } 120 } 121 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |