Add Key, KeySet and Converter to handle JWKs

Author: Strobotti

.gitignore

@@ -0,0 +1,4 @@
+.idea
+.phpunit.result.cache
+composer.lock
+vendor

.travis.yml

@@ -0,0 +1,9 @@
+language: php
+
+php:
+  - 7.2
+
+sudo: false
+
+before_script: composer install
+script: phpunit

README.md

@@ -1,2 +1,2 @@
 # php-jwk
-A small PHP library to handle JWK (Json Web Key)
+A small PHP library to handle JWKs (Json Web Keys)

composer.json

@@ -0,0 +1,30 @@
+{
+  "name": "strobotti/php-jwk",
+  "description": "A small PHP library to handle JWKs (Json Web Keys)",
+  "homepage": "https://github.com/Strobotti/php-jwk",
+  "authors": [
+    {
+      "name": "Juha Jantunen",
+      "email": "[email protected]",
+      "role": "Developer"
+    }
+  ],
+  "license": "MIT",
+  "require": {
+    "php": ">=7.2.0",
+    "phpseclib/phpseclib": "^2.0"
+  },
+  "autoload": {
+    "psr-4": {
+      "Strobotti\\JWK\\": "src"
+    },
+    "autoload-dev": {
+      "psr-4": {
+        "Strobotti\\JWK\\Tests\\": "tests/"
+      }
+    }
+  },
+  "require-dev": {
+    "phpunit/phpunit": "^8.0"
+  }
+}

phpunit.xml

@@ -0,0 +1,9 @@
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/8.0/phpunit.xsd"
+         bootstrap="vendor/autoload.php">
+    <testsuites>
+        <testsuite name="unit tests">
+            <directory>tests</directory>
+        </testsuite>
+    </testsuites>
+</phpunit>

src/Converter.php

@@ -0,0 +1,86 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Strobotti\JWK;
+
+use phpseclib\Crypt\RSA;
+use phpseclib\Math\BigInteger;
+
+/**
+ * @package Strobotti\JWK
+ * @author  Juha Jantunen <[email protected]>
+ * @license https://opensource.org/licenses/MIT MIT
+ * @link    https://github.com/Strobotti/php-jwk
+ */
+class Converter
+{
+    /**
+     * @param Key $key
+     *
+     * @return string
+     */
+    public function keyToPem(Key $key): string
+    {
+        // TODO implement strategies to support different key types
+        $rsa = new RSA();
+
+        $modulus = $this->base64UrlDecode($key->getRsaModulus(), true);
+
+        $rsa->loadKey([
+            'e' => new BigInteger(\base64_decode($key->getRsaExponent(), true), 256),
+            'n' => new BigInteger($modulus, 256),
+        ]);
+
+        return $rsa->getPublicKey();
+    }
+
+    /**
+     * @param string $pem     A PEM encoded (RSA) Public Key
+     * @param array  $options An array of key-options, such as ['kid' => 'eXaunmL', 'use' => 'sig', ...]
+     *
+     * @return Key
+     */
+    public function pemToKey(string $pem, array $options = []): Key
+    {
+        $keyInfo = openssl_pkey_get_details(openssl_pkey_get_public($pem));
+
+        $jsonData = array_merge(
+            $options,
+            [
+                'kty' => 'RSA',
+                'n' => $this->base64UrlEncode($keyInfo['rsa']['n']),
+                'e' => $this->base64UrlEncode($keyInfo['rsa']['e']),
+            ]
+        );
+
+        return Key::createFromJSON(json_encode($jsonData));
+    }
+
+    /**
+     * https://tools.ietf.org/html/rfc4648#section-5.
+     *
+     * @param string $data
+     * @param bool   $strict
+     *
+     * @return string
+     */
+    private function base64UrlDecode(string $data, $strict = false): string
+    {
+        $b64 = \strtr($data, '-_', '+/');
+
+        return \base64_decode($b64, $strict);
+    }
+
+    /**
+     * https://tools.ietf.org/html/rfc4648#section-5.
+     *
+     * @param string $data
+     *
+     * @return string
+     */
+    private function base64UrlEncode(string $data): string
+    {
+        return rtrim(\strtr(\base64_encode($data), '+/', '-_'), '=');
+    }
+}

src/Key.php

@@ -0,0 +1,166 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Strobotti\JWK;
+
+/**
+ * @package Strobotti\JWK
+ * @author  Juha Jantunen <[email protected]>
+ * @license https://opensource.org/licenses/MIT MIT
+ * @link    https://github.com/Strobotti/php-jwk
+ */
+class Key implements \JsonSerializable
+{
+    public const KEY_TYPE_RSA = 'RSA';
+
+    public const PUBLIC_KEY_USE_SIGNATURE = 'sig';
+    public const PUBLIC_KEY_USE_ENCRYPTION = 'enc';
+
+    public const ALGORITHM_RS256 = 'RS256';
+
+    /**
+     * The key type.
+     *
+     * @var string
+     */
+    private $kty;
+
+    /**
+     * The key ID.
+     *
+     * @var string
+     */
+    private $kid;
+
+    /**
+     * The public key use.
+     *
+     * @var string
+     */
+    private $use;
+
+    /**
+     * The algorithm.
+     *
+     * @var string
+     */
+    private $alg;
+
+    /**
+     * The modulus for the RSA public key.
+     *
+     * @var null|string
+     */
+    private $n;
+
+    /**
+     * The exponent for the RSA public key.
+     *
+     * @var null|string
+     */
+    private $e;
+
+    /**
+     * @return string
+     */
+    public function getKeyType(): string
+    {
+        return $this->kty;
+    }
+
+    /**
+     * @return string
+     */
+    public function getKeyId(): string
+    {
+        return $this->kid;
+    }
+
+    /**
+     * @return string
+     */
+    public function getPublicKeyUse(): string
+    {
+        return $this->use;
+    }
+
+    /**
+     * @return string
+     */
+    public function getAlgorithm(): string
+    {
+        return $this->alg;
+    }
+
+    /**
+     * Returns the modulus for the RSA public key.
+     *
+     * @todo Implement different key types through inheritance
+     *
+     * @return null|string
+     */
+    public function getRsaModulus(): ?string
+    {
+        return $this->n;
+    }
+
+    /**
+     * Returns the exponent for the RSA public key.
+     *
+     * @todo Implement different key types through inheritance
+     *
+     * @return null|string
+     */
+    public function getRsaExponent(): ?string
+    {
+        return $this->e;
+    }
+
+    /**
+     * Returns an array presentation of the key
+     *
+     * @return array An assoc to be passed to json_encode
+     */
+    public function jsonSerialize(): array
+    {
+        $assoc = [
+            'kty' => $this->kty,
+            'kid' => $this->kid,
+            'use' => $this->use,
+            'alg' => $this->alg,
+        ];
+
+        if (null !== $this->n) {
+            $assoc['n'] = $this->n;
+        }
+
+        if (null !== $this->e) {
+            $assoc['e'] = $this->e;
+        }
+
+        return $assoc;
+    }
+
+    /**
+     * @param string $json
+     *
+     * @return static
+     */
+    public static function createFromJSON(string $json): self
+    {
+        $assoc = \json_decode($json, true);
+
+        $instance = new static();
+
+        foreach ($assoc as $key => $value) {
+            if (!\property_exists($instance, $key)) {
+                continue;
+            }
+
+            $instance->{$key} = $value;
+        }
+
+        return $instance;
+    }
+}