diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon index d80fb85..fefc32f 100644 --- a/phpstan-baseline.neon +++ b/phpstan-baseline.neon @@ -22,7 +22,7 @@ parameters: - message: "#^Parameter \\#2 \\$secret_key of function sodium_crypto_sign_detached expects non\\-empty\\-string, string given\\.$#" - count: 1 + count: 2 path: src/Algorithm/Signature/EdDSA/EdDSA.php - diff --git a/src/Algorithm/Signature/EdDSA/EdDSA.php b/src/Algorithm/Signature/EdDSA/EdDSA.php index bb762e5..7a0278b 100644 --- a/src/Algorithm/Signature/EdDSA/EdDSA.php +++ b/src/Algorithm/Signature/EdDSA/EdDSA.php @@ -31,6 +31,7 @@ public function sign(string $data, Key $key): string return match ($key->curve()) { OkpKey::CURVE_ED25519 => sodium_crypto_sign_detached($data, $secret), + OkpKey::CURVE_NAME_ED25519 => sodium_crypto_sign_detached($data, $secret), default => throw new InvalidArgumentException('Unsupported curve'), }; } @@ -38,7 +39,7 @@ public function sign(string $data, Key $key): string public function verify(string $data, Key $key, string $signature): bool { $key = $this->handleKey($key); - if ($key->curve() !== OkpKey::CURVE_ED25519) { + if ($key->curve() !== OkpKey::CURVE_ED25519 && $key->curve() !== OkpKey::CURVE_NAME_ED25519) { throw new InvalidArgumentException('Unsupported curve'); } try { diff --git a/src/Key/Ec2Key.php b/src/Key/Ec2Key.php index fcbdae4..e0fa7e1 100644 --- a/src/Key/Ec2Key.php +++ b/src/Key/Ec2Key.php @@ -81,6 +81,11 @@ class Ec2Key extends Key */ public function __construct(array $data) { + foreach ([self::DATA_CURVE, self::TYPE] as $key) { + if (is_numeric($data[$key])) { + $data[$key] = (int) $data[$key]; + } + } parent::__construct($data); if ($data[self::TYPE] !== self::TYPE_EC2 && $data[self::TYPE] !== self::TYPE_NAME_EC2) { throw new InvalidArgumentException('Invalid EC2 key. The key type does not correspond to an EC2 key'); diff --git a/src/Key/OkpKey.php b/src/Key/OkpKey.php index a1ac09d..ad2b800 100644 --- a/src/Key/OkpKey.php +++ b/src/Key/OkpKey.php @@ -7,7 +7,6 @@ use InvalidArgumentException; use function array_key_exists; use function in_array; -use function is_int; /** * @final @@ -23,6 +22,14 @@ class OkpKey extends Key final public const CURVE_ED448 = 7; + final public const CURVE_NAME_X25519 = 'X25519'; + + final public const CURVE_NAME_X448 = 'X448'; + + final public const CURVE_NAME_ED25519 = 'Ed25519'; + + final public const CURVE_NAME_ED448 = 'Ed448'; + final public const DATA_CURVE = -1; final public const DATA_X = -2; @@ -36,13 +43,23 @@ class OkpKey extends Key self::CURVE_ED448, ]; - private const SUPPORTED_CURVES_NAME = ['X25519', 'X448,', 'Ed25519', 'Ed448']; + private const SUPPORTED_CURVES_NAME = [ + self::CURVE_NAME_X25519, + self::CURVE_NAME_X448, + self::CURVE_NAME_ED25519, + self::CURVE_NAME_ED448, + ]; /** * @param array $data */ public function __construct(array $data) { + foreach ([self::DATA_CURVE, self::TYPE] as $key) { + if (is_numeric($data[$key])) { + $data[$key] = (int) $data[$key]; + } + } parent::__construct($data); if ($data[self::TYPE] !== self::TYPE_OKP && $data[self::TYPE] !== self::TYPE_NAME_OKP) { throw new InvalidArgumentException('Invalid OKP key. The key type does not correspond to an OKP key'); @@ -50,8 +67,8 @@ public function __construct(array $data) if (! isset($data[self::DATA_CURVE], $data[self::DATA_X])) { throw new InvalidArgumentException('Invalid EC2 key. The curve or the "x" coordinate is missing'); } - if (is_int($data[self::DATA_CURVE])) { - if (! in_array($data[self::DATA_CURVE], self::SUPPORTED_CURVES_INT, true)) { + if (is_numeric($data[self::DATA_CURVE])) { + if (! in_array((int) $data[self::DATA_CURVE], self::SUPPORTED_CURVES_INT, true)) { throw new InvalidArgumentException('The curve is not supported'); } } elseif (! in_array($data[self::DATA_CURVE], self::SUPPORTED_CURVES_NAME, true)) { diff --git a/src/Key/RsaKey.php b/src/Key/RsaKey.php index d4f6d95..77e2af5 100644 --- a/src/Key/RsaKey.php +++ b/src/Key/RsaKey.php @@ -47,6 +47,11 @@ class RsaKey extends Key */ public function __construct(array $data) { + foreach ([self::TYPE] as $key) { + if (is_numeric($data[$key])) { + $data[$key] = (int) $data[$key]; + } + } parent::__construct($data); if ($data[self::TYPE] !== self::TYPE_RSA && $data[self::TYPE] !== self::TYPE_NAME_RSA) { throw new InvalidArgumentException('Invalid RSA key. The key type does not correspond to a RSA key');