PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.4.2
WP 2FA – Two-factor authentication for WordPress v2.4.2
4.0.0 1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / vendor / firebase / php-jwt / src / JWK.php
wp-2fa / vendor / firebase / php-jwt / src Last commit date
BeforeValidException.php 3 years ago ExpiredException.php 3 years ago JWK.php 3 years ago JWT.php 3 years ago Key.php 3 years ago SignatureInvalidException.php 3 years ago
JWK.php
138 lines
1 <?php
2
3 namespace WP2FA_Vendor\Firebase\JWT;
4
5 use DomainException;
6 use InvalidArgumentException;
7 use UnexpectedValueException;
8 /**
9 * JSON Web Key implementation, based on this spec:
10 * https://tools.ietf.org/html/draft-ietf-jose-json-web-key-41
11 *
12 * PHP version 5
13 *
14 * @category Authentication
15 * @package Authentication_JWT
16 * @author Bui Sy Nguyen <nguyenbs@gmail.com>
17 * @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD
18 * @link https://github.com/firebase/php-jwt
19 */
20 class JWK
21 {
22 /**
23 * Parse a set of JWK keys
24 *
25 * @param array $jwks The JSON Web Key Set as an associative array
26 *
27 * @return array An associative array that represents the set of keys
28 *
29 * @throws InvalidArgumentException Provided JWK Set is empty
30 * @throws UnexpectedValueException Provided JWK Set was invalid
31 * @throws DomainException OpenSSL failure
32 *
33 * @uses parseKey
34 */
35 public static function parseKeySet(array $jwks)
36 {
37 $keys = array();
38 if (!isset($jwks['keys'])) {
39 throw new UnexpectedValueException('"keys" member must exist in the JWK Set');
40 }
41 if (empty($jwks['keys'])) {
42 throw new InvalidArgumentException('JWK Set did not contain any keys');
43 }
44 foreach ($jwks['keys'] as $k => $v) {
45 $kid = isset($v['kid']) ? $v['kid'] : $k;
46 if ($key = self::parseKey($v)) {
47 $keys[$kid] = $key;
48 }
49 }
50 if (0 === \count($keys)) {
51 throw new UnexpectedValueException('No supported algorithms found in JWK Set');
52 }
53 return $keys;
54 }
55 /**
56 * Parse a JWK key
57 *
58 * @param array $jwk An individual JWK
59 *
60 * @return resource|array An associative array that represents the key
61 *
62 * @throws InvalidArgumentException Provided JWK is empty
63 * @throws UnexpectedValueException Provided JWK was invalid
64 * @throws DomainException OpenSSL failure
65 *
66 * @uses createPemFromModulusAndExponent
67 */
68 public static function parseKey(array $jwk)
69 {
70 if (empty($jwk)) {
71 throw new InvalidArgumentException('JWK must not be empty');
72 }
73 if (!isset($jwk['kty'])) {
74 throw new UnexpectedValueException('JWK must contain a "kty" parameter');
75 }
76 switch ($jwk['kty']) {
77 case 'RSA':
78 if (!empty($jwk['d'])) {
79 throw new UnexpectedValueException('RSA private keys are not supported');
80 }
81 if (!isset($jwk['n']) || !isset($jwk['e'])) {
82 throw new UnexpectedValueException('RSA keys must contain values for both "n" and "e"');
83 }
84 $pem = self::createPemFromModulusAndExponent($jwk['n'], $jwk['e']);
85 $publicKey = \openssl_pkey_get_public($pem);
86 if (\false === $publicKey) {
87 throw new DomainException('OpenSSL error: ' . \openssl_error_string());
88 }
89 return $publicKey;
90 default:
91 // Currently only RSA is supported
92 break;
93 }
94 }
95 /**
96 * Create a public key represented in PEM format from RSA modulus and exponent information
97 *
98 * @param string $n The RSA modulus encoded in Base64
99 * @param string $e The RSA exponent encoded in Base64
100 *
101 * @return string The RSA public key represented in PEM format
102 *
103 * @uses encodeLength
104 */
105 private static function createPemFromModulusAndExponent($n, $e)
106 {
107 $modulus = JWT::urlsafeB64Decode($n);
108 $publicExponent = JWT::urlsafeB64Decode($e);
109 $components = array('modulus' => \pack('Ca*a*', 2, self::encodeLength(\strlen($modulus)), $modulus), 'publicExponent' => \pack('Ca*a*', 2, self::encodeLength(\strlen($publicExponent)), $publicExponent));
110 $rsaPublicKey = \pack('Ca*a*a*', 48, self::encodeLength(\strlen($components['modulus']) + \strlen($components['publicExponent'])), $components['modulus'], $components['publicExponent']);
111 // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption.
112 $rsaOID = \pack('H*', '300d06092a864886f70d0101010500');
113 // hex version of MA0GCSqGSIb3DQEBAQUA
114 $rsaPublicKey = \chr(0) . $rsaPublicKey;
115 $rsaPublicKey = \chr(3) . self::encodeLength(\strlen($rsaPublicKey)) . $rsaPublicKey;
116 $rsaPublicKey = \pack('Ca*a*', 48, self::encodeLength(\strlen($rsaOID . $rsaPublicKey)), $rsaOID . $rsaPublicKey);
117 $rsaPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . \chunk_split(\base64_encode($rsaPublicKey), 64) . '-----END PUBLIC KEY-----';
118 return $rsaPublicKey;
119 }
120 /**
121 * DER-encode the length
122 *
123 * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
124 * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information.
125 *
126 * @param int $length
127 * @return string
128 */
129 private static function encodeLength($length)
130 {
131 if ($length <= 0x7f) {
132 return \chr($length);
133 }
134 $temp = \ltrim(\pack('N', $length), \chr(0));
135 return \pack('Ca*', 0x80 | \strlen($temp), $temp);
136 }
137 }
138