Sub-packages for algorithms

Author: Spomky

.github/CONTRIBUTING.md

@@ -0,0 +1,4 @@
+# Contributing
+
+This repository is a sub repository of [the JWT Framework](https://github.com/web-token/jwt-framework) project and is READ ONLY. 
+Please do not submit any Pull Requests here. It will be automatically closed.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,3 @@
+Please do not submit any Pull Requests here. It will be automatically closed.
+
+You should submit it here: https://github.com/web-token/jwt-framework/pulls

LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014-2018 Spomky-Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,15 @@
+RSA Based Key Encryption Algorithms For JWT-Framework
+=====================================================
+
+This repository is a sub repository of [the JWT Framework](https://github.com/web-token/jwt-framework) project and is READ ONLY.
+
+**Please do not submit any Pull Request here.**
+You should go to [the main repository](https://github.com/web-token/jwt-framework) instead.
+
+# Documentation
+
+The official documentation is available as https://web-token.spomky-labs.com/ 
+
+# Licence
+
+This software is release under [MIT licence](LICENSE).

RSA.php

@@ -0,0 +1,82 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Encryption\Algorithm\KeyEncryption;
+
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\Util\RSAKey;
+use Jose\Component\Encryption\Util\RSACrypt;
+
+abstract class RSA implements KeyEncryption
+{
+    /**
+     * {@inheritdoc}
+     */
+    public function allowedKeyTypes(): array
+    {
+        return ['RSA'];
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function encryptKey(JWK $key, string $cek, array $completeHeader, array &$additionalHeader): string
+    {
+        $this->checkKey($key);
+        $pub = RSAKey::toPublic(RSAKey::createFromJWK($key));
+
+        return RSACrypt::encrypt($pub, $cek, $this->getEncryptionMode(), $this->getHashAlgorithm());
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function decryptKey(JWK $key, string $encrypted_cek, array $header): string
+    {
+        $this->checkKey($key);
+        if (!$key->has('d')) {
+            throw new \InvalidArgumentException('The key is not a private key');
+        }
+        $priv = RSAKey::createFromJWK($key);
+
+        return RSACrypt::decrypt($priv, $encrypted_cek, $this->getEncryptionMode(), $this->getHashAlgorithm());
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getKeyManagementMode(): string
+    {
+        return self::MODE_ENCRYPT;
+    }
+
+    /**
+     * @param JWK $key
+     */
+    protected function checkKey(JWK $key)
+    {
+        if (!in_array($key->get('kty'), $this->allowedKeyTypes())) {
+            throw new \InvalidArgumentException('Wrong key type.');
+        }
+    }
+
+    /**
+     * @return int
+     */
+    abstract protected function getEncryptionMode(): int;
+
+    /**
+     * @return null|string
+     */
+    abstract protected function getHashAlgorithm(): ?string;
+}

RSA15.php

@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Encryption\Algorithm\KeyEncryption;
+
+use Jose\Component\Encryption\Util\RSACrypt;
+
+final class RSA15 extends RSA
+{
+    /**
+     * {@inheritdoc}
+     */
+    protected function getEncryptionMode(): int
+    {
+        return RSACrypt::ENCRYPTION_PKCS1;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getHashAlgorithm(): ?string
+    {
+        return null;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function name(): string
+    {
+        return 'RSA1_5';
+    }
+}

RSAOAEP.php

@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Encryption\Algorithm\KeyEncryption;
+
+use Jose\Component\Encryption\Util\RSACrypt;
+
+final class RSAOAEP extends RSA
+{
+    /**
+     * {@inheritdoc}
+     */
+    protected function getEncryptionMode(): int
+    {
+        return RSACrypt::ENCRYPTION_OAEP;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getHashAlgorithm(): string
+    {
+        return 'sha1';
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function name(): string
+    {
+        return 'RSA-OAEP';
+    }
+}

RSAOAEP256.php

@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Encryption\Algorithm\KeyEncryption;
+
+use Jose\Component\Encryption\Util\RSACrypt;
+
+final class RSAOAEP256 extends RSA
+{
+    /**
+     * {@inheritdoc}
+     */
+    public function getEncryptionMode(): int
+    {
+        return RSACrypt::ENCRYPTION_OAEP;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getHashAlgorithm(): string
+    {
+        return 'sha256';
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function name(): string
+    {
+        return 'RSA-OAEP-256';
+    }
+}

composer.json

@@ -0,0 +1,36 @@
+{
+    "name": "web-token/jwt-encryption-algorithm-rsa",
+    "description": "RSA Based Key Encryption Algorithms the JWT Framework.",
+    "type": "library",
+    "license": "MIT",
+    "keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
+    "homepage": "https://github.com/web-token",
+    "authors": [
+        {
+            "name": "Florent Morselli",
+            "homepage": "https://github.com/Spomky"
+        },{
+            "name": "All contributors",
+            "homepage": "https://github.com/web-token/jwt-core/contributors"
+        }
+    ],
+    "autoload": {
+        "psr-4": {
+            "Jose\\Component\\Encryption\\Algorithm\\KeyEncryption\\":  ""
+        }
+    },
+    "require": {
+        "web-token/jwt-encryption": "^1.2"
+    },
+    "require-dev": {
+        "phpunit/phpunit": "^6.0|^7.0"
+    },
+    "extra": {
+        "branch-alias": {
+            "dev-master": "1.2.x-dev"
+        }
+    },
+    "config": {
+        "sort-packages": true
+    }
+}

phpunit.xml.dist

@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<phpunit
+        backupGlobals="false"
+        backupStaticAttributes="false"
+        convertErrorsToExceptions="true"
+        convertNoticesToExceptions="true"
+        convertWarningsToExceptions="true"
+        processIsolation="false"
+        stopOnFailure="false"
+        syntaxCheck="true"
+        bootstrap="vendor/autoload.php"
+        colors="true">
+    <testsuites>
+        <testsuite name="Test Suite">
+            <directory>./Tests/</directory>
+        </testsuite>
+    </testsuites>
+
+    <filter>
+        <whitelist>
+            <directory suffix=".php">./</directory>
+            <exclude>
+                <directory>./vendor</directory>
+                <directory>./Tests</directory>
+                <directory suffix="Test.php">./src</directory>
+            </exclude>
+        </whitelist>
+    </filter>
+</phpunit>