65 public const BEDROCK_SIGNING_KEY_CURVE_NAME =
"secp384r1";
67 private const ASN1_INTEGER_TAG =
"\x02";
68 private const ASN1_SEQUENCE_TAG =
"\x30";
70 private const SIGNATURE_PART_LENGTH = 48;
71 private const SIGNATURE_ALGORITHM = OPENSSL_ALGO_SHA384;
78 public static function split(
string $jwt) : array{
81 $v = explode(
".", $jwt, limit: 4);
83 throw new JwtException(
"Expected exactly 3 JWT parts delimited by a period");
85 return [$v[0], $v[1], $v[2]];
96 public static function parse(
string $token) : array{
97 $v = self::split($token);
98 $header = json_decode(self::b64UrlDecode($v[0]),
true);
99 if(!is_array($header)){
100 throw new JwtException(
"Failed to decode JWT header JSON: " . json_last_error_msg());
102 $body = json_decode(self::b64UrlDecode($v[1]),
true);
103 if(!is_array($body)){
104 throw new JwtException(
"Failed to decode JWT payload JSON: " . json_last_error_msg());
106 $signature = self::b64UrlDecode($v[2]);
107 return [$header, $body, $signature];
110 private static function signaturePartToAsn1(
string $part) : string{
111 if(strlen($part) !== self::SIGNATURE_PART_LENGTH){
112 throw new JwtException(
"R and S for a SHA384 signature must each be exactly 48 bytes, but have " . strlen($part) .
" bytes");
114 $part = ltrim($part,
"\x00");
115 if(ord($part[0]) >= 128){
118 $part =
"\x00" . $part;
122 return self::ASN1_INTEGER_TAG . chr(strlen($part)) . $part;
125 private static function rawSignatureToDer(
string $rawSignature) : string{
126 if(strlen($rawSignature) !== self::SIGNATURE_PART_LENGTH * 2){
127 throw new JwtException(
"JWT signature has unexpected length, expected 96, got " . strlen($rawSignature));
130 [$rString, $sString] = str_split($rawSignature, self::SIGNATURE_PART_LENGTH);
131 $sequence = self::signaturePartToAsn1($rString) . self::signaturePartToAsn1($sString);
134 return self::ASN1_SEQUENCE_TAG . chr(strlen($sequence)) . $sequence;
137 private static function signaturePartFromAsn1(ByteBufferReader $stream) : string{
138 $prefix = $stream->readByteArray(1);
139 if($prefix !== self::ASN1_INTEGER_TAG){
140 throw new \InvalidArgumentException(
"Expected an ASN.1 INTEGER tag, got " . bin2hex($prefix));
143 $length = Byte::readUnsigned($stream);
144 if($length > self::SIGNATURE_PART_LENGTH + 1){
145 throw new \InvalidArgumentException(
"Expected at most 49 bytes for signature R or S, got $length");
147 $part = $stream->readByteArray($length);
148 return str_pad(ltrim($part,
"\x00"), self::SIGNATURE_PART_LENGTH,
"\x00", STR_PAD_LEFT);
151 private static function rawSignatureFromDer(
string $derSignature) : string{
152 if($derSignature[0] !== self::ASN1_SEQUENCE_TAG){
153 throw new \InvalidArgumentException(
"Invalid DER signature, expected ASN.1 SEQUENCE tag, got " . bin2hex($derSignature[0]));
157 $length = ord($derSignature[1]);
158 $parts = substr($derSignature, 2, $length);
159 if(strlen($parts) !== $length){
160 throw new \InvalidArgumentException(
"Invalid DER signature, expected $length sequence bytes, got " . strlen($parts));
163 $stream =
new ByteBufferReader($parts);
164 $rRaw = self::signaturePartFromAsn1($stream);
165 $sRaw = self::signaturePartFromAsn1($stream);
167 if($stream->getUnreadLength() > 0){
168 throw new \InvalidArgumentException(
"Invalid DER signature, unexpected trailing sequence data");
171 return $rRaw . $sRaw;
177 public static function verify(
string $jwt,
string $signingKeyDer,
bool $ec) : bool{
178 [$header, $body, $signature] = self::split($jwt);
180 $rawSignature = self::b64UrlDecode($signature);
181 $derSignature = $ec ? self::rawSignatureToDer($rawSignature) : $rawSignature;
184 $header .
'.' . $body,
186 self::derPublicKeyToPem($signingKeyDer),
187 $ec ? self::SIGNATURE_ALGORITHM : OPENSSL_ALGO_SHA256
190 case 0:
return false;
192 case -1:
throw new JwtException(
"Error verifying JWT signature: " . openssl_error_string());
201 public static function create(array $header, array $claims, \OpenSSLAsymmetricKey $signingKey) : string{
202 $jwtBody =
JwtUtils::b64UrlEncode(json_encode($header, JSON_THROW_ON_ERROR)) .
"." .
JwtUtils::b64UrlEncode(json_encode($claims, JSON_THROW_ON_ERROR));
208 self::SIGNATURE_ALGORITHM
211 $rawSignature = self::rawSignatureFromDer($derSignature);
212 $jwtSig = self::b64UrlEncode($rawSignature);
214 return "$jwtBody.$jwtSig";
217 public static function b64UrlEncode(
string $str) : string{
218 return rtrim(strtr(base64_encode($str),
'+/',
'-_'),
'=');
221 public static function b64UrlDecode(
string $str) : string{
222 if(($len = strlen($str) % 4) !== 0){
223 $str .= str_repeat(
'=', 4 - $len);
225 $decoded = base64_decode(strtr($str,
'-_',
'+/'),
true);
226 if($decoded ===
false){
227 throw new JwtException(
"Malformed base64url encoded payload could not be decoded");
232 public static function emitDerPublicKey(\OpenSSLAsymmetricKey $opensslKey) : string{
233 $details = Utils::assumeNotFalse(openssl_pkey_get_details($opensslKey),
"Failed to get details from OpenSSL key resource");
235 $pemKey = $details[
'key'];
236 if(preg_match(
"@^-----BEGIN[A-Z\d ]+PUBLIC KEY-----\n([A-Za-z\d+/\n]+)\n-----END[A-Z\d ]+PUBLIC KEY-----\n$@", $pemKey, $matches) === 1){
237 $derKey = base64_decode(str_replace("\n",
"", $matches[1]),
true);
238 if($derKey !==
false){
242 throw new AssumptionFailedError(
"OpenSSL resource contains invalid public key");
249 private static function encodeDerLength(
int $length) : string{
250 if ($length <= 0x7F) {
254 $lengthBytes = ltrim(BE::packUnsignedInt($length),
"\x00");
256 return chr(0x80 | strlen($lengthBytes)) . $lengthBytes;
259 private static function encodeDerBytes(
int $tag,
string $data) : string{
260 return chr($tag) . self::encodeDerLength(strlen($data)) . $data;
263 public static function parseDerPublicKey(
string $derKey) : \OpenSSLAsymmetricKey{
264 $signingKeyOpenSSL = openssl_pkey_get_public(self::derPublicKeyToPem($derKey));
265 if($signingKeyOpenSSL ===
false){
266 throw new JwtException(
"OpenSSL failed to parse key: " . openssl_error_string());
268 return $signingKeyOpenSSL;
271 public static function derPublicKeyToPem(
string $derKey) : string{
272 return sprintf(
"-----BEGIN PUBLIC KEY-----\n%s\n-----END PUBLIC KEY-----\n", base64_encode($derKey));
282 $mod = self::b64UrlDecode($nBase64);
283 $exp = self::b64UrlDecode($eBase64);
285 $modulus = self::encodeDerBytes(2, $mod);
286 $publicExponent = self::encodeDerBytes(2, $exp);
288 $rsaPublicKey = self::encodeDerBytes(48, $modulus . $publicExponent);
291 $rsaOID = hex2bin(
'300d06092a864886f70d0101010500');
292 $rsaPublicKey = chr(0) . $rsaPublicKey;
293 $rsaPublicKey = self::encodeDerBytes(3, $rsaPublicKey);
295 return self::encodeDerBytes(48, $rsaOID . $rsaPublicKey);