168 lines
3.6 KiB
PHP
168 lines
3.6 KiB
PHP
<?php namespace Models\OAuth2;
|
|
/**
|
|
* Copyright 2016 OpenStack Foundation
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
**/
|
|
use Utils\Model\BaseModelEloquent;
|
|
use OAuth2\Models\IAsymmetricKey;
|
|
use jwa\cryptographic_algorithms\ICryptoAlgorithm;
|
|
use jwa\cryptographic_algorithms\KeyManagementAlgorithms_Registry;
|
|
use jwa\cryptographic_algorithms\DigitalSignatures_MACs_Registry;
|
|
use DateTime;
|
|
use Exception;
|
|
/**
|
|
* Class AsymmetricKey
|
|
*/
|
|
abstract class AsymmetricKey extends BaseModelEloquent implements IAsymmetricKey
|
|
{
|
|
|
|
protected $table = 'oauth2_asymmetric_keys';
|
|
|
|
protected $stiClassField = 'class_name';
|
|
|
|
protected $stiBaseClass = \Models\OAuth2\AsymmetricKey::class;
|
|
|
|
protected $fillable = array
|
|
(
|
|
'kid',
|
|
'pem_content',
|
|
'active',
|
|
'usage',
|
|
'type',
|
|
'last_use',
|
|
'valid_from',
|
|
'valid_to',
|
|
'alg'
|
|
);
|
|
|
|
/**
|
|
* @return int
|
|
*/
|
|
public function getId()
|
|
{
|
|
return (int)$this->id;
|
|
}
|
|
|
|
/**
|
|
* @return string
|
|
*/
|
|
public function getType()
|
|
{
|
|
return $this->type;
|
|
}
|
|
|
|
/**
|
|
* @return string
|
|
*/
|
|
public function getUse()
|
|
{
|
|
return $this->usage;
|
|
}
|
|
|
|
/**
|
|
* @return bool
|
|
*/
|
|
public function isActive()
|
|
{
|
|
return (bool)$this->active;
|
|
}
|
|
|
|
/**
|
|
* @return \DateTime
|
|
*/
|
|
public function getLastUse()
|
|
{
|
|
return $this->last_use;
|
|
}
|
|
|
|
/**
|
|
* @return $this
|
|
*/
|
|
public function markAsUsed()
|
|
{
|
|
$this->last_use = new DateTime();
|
|
return $this;
|
|
}
|
|
|
|
/**
|
|
* @return string
|
|
*/
|
|
public function getKeyId()
|
|
{
|
|
return $this->kid;
|
|
}
|
|
|
|
private function calculateThumbprint($alg)
|
|
{
|
|
$res = '';
|
|
try {
|
|
$pem = str_replace(array("\n", "\r"), '', trim($this->getPublicKeyPEM()));
|
|
$res = strtoupper(hash($alg, base64_decode($pem)));
|
|
}
|
|
catch(Exception $ex)
|
|
{
|
|
$res = 'INVALID';
|
|
}
|
|
return $res;
|
|
}
|
|
|
|
/**
|
|
* @return string
|
|
*/
|
|
public function getSHA_1_Thumbprint()
|
|
{
|
|
return $this->calculateThumbprint('sha1');
|
|
}
|
|
|
|
/**
|
|
* @return string
|
|
*/
|
|
public function getSHA_256_Thumbprint()
|
|
{
|
|
return $this->calculateThumbprint('sha256');
|
|
}
|
|
|
|
abstract public function getPublicKeyPEM();
|
|
|
|
/**
|
|
* @return string
|
|
*/
|
|
public function getPEM()
|
|
{
|
|
return $this->pem_content;
|
|
}
|
|
|
|
/**
|
|
* checks validity range with now
|
|
* @return bool
|
|
*/
|
|
public function isExpired()
|
|
{
|
|
$now = new DateTime();
|
|
return ( $this->valid_from <= $now && $this->valid_to >= $now);
|
|
}
|
|
|
|
/**
|
|
* algorithm intended for use with the key
|
|
* @return ICryptoAlgorithm
|
|
*/
|
|
public function getAlg()
|
|
{
|
|
$algorithm = DigitalSignatures_MACs_Registry::getInstance()->get($this->alg);
|
|
|
|
if(is_null($algorithm))
|
|
{
|
|
$algorithm = KeyManagementAlgorithms_Registry::getInstance()->get($this->alg);
|
|
}
|
|
return $algorithm;
|
|
}
|
|
|
|
} |