5f16f2 | 2016-11-05 | Martin Nilsson | | #pike __REAL_VERSION__
|
200326 | 2016-04-20 | Henrik Grubbström (Grubba) | |
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | |
|
c6c587 | 2017-03-22 | Henrik Grubbström (Grubba) | |
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | |
string(7bit) encode_jws(Crypto.Sign.State|Crypto.MAC.State sign,
|
c6c587 | 2017-03-22 | Henrik Grubbström (Grubba) | | mixed tbs,
string(7bit)|void media_type)
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | | {
string json_tbs = Standards.JSON.encode(tbs);
|
c6c587 | 2017-03-22 | Henrik Grubbström (Grubba) | | mapping(string(7bit):string(7bit)) header = ([]);
if (media_type) {
header->typ = media_type;
}
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | | return sign->jose_sign &&
|
c6c587 | 2017-03-22 | Henrik Grubbström (Grubba) | | sign->jose_sign(string_to_utf8(json_tbs), header);
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | | }
array decode_jws(array(Crypto.Sign.State|Crypto.MAC.State)|
Crypto.Sign.State|Crypto.MAC.State sign,
string(7bit) jws)
{
if (!arrayp(sign)) sign = ({ sign });
array(mapping(string(7bit):string(7bit)|int)|string(8bit)) decoded_jws;
foreach(sign, Crypto.Sign s) {
if (decoded_jws = s->jose_decode(jws)) {
break;
}
}
if (!decoded_jws) return 0;
catch {
|
7dafa1 | 2018-02-20 | Henrik Grubbström (Grubba) | | decoded_jws[1] = Standards.JSON.decode_utf8(decoded_jws[1]);
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | | return decoded_jws;
};
return 0;
}
|
3cc5d0 | 2017-05-30 | Martin Nilsson | |
|
200326 | 2016-04-20 | Henrik Grubbström (Grubba) | |
|
4878c9 | 2016-05-04 | Henrik Grubbström (Grubba) | |
|
200326 | 2016-04-20 | Henrik Grubbström (Grubba) | |
|
4878c9 | 2016-05-04 | Henrik Grubbström (Grubba) | | string(7bit) encode_jwt(Crypto.Sign.State|Crypto.MAC.State sign,
mapping(string:string|int) claims)
|
200326 | 2016-04-20 | Henrik Grubbström (Grubba) | | {
claims->iat = time(1);
if (!claims->jti) claims->jti = (string)Standards.UUID.make_version4();
|
c6c587 | 2017-03-22 | Henrik Grubbström (Grubba) | | return encode_jws(sign, claims, "JWT");
|
200326 | 2016-04-20 | Henrik Grubbström (Grubba) | | }
|
4878c9 | 2016-05-04 | Henrik Grubbström (Grubba) | |
|
200326 | 2016-04-20 | Henrik Grubbström (Grubba) | |
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | |
mapping(string:string|int) decode_jwt(array(Crypto.Sign.State|Crypto.MAC.State)|
Crypto.Sign.State|Crypto.MAC.State sign,
|
200326 | 2016-04-20 | Henrik Grubbström (Grubba) | | string(7bit) jwt)
{
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | | array(mapping(string(7bit):string(7bit)|int)|string(8bit)) jws =
decode_jws(sign, jwt);
|
200326 | 2016-04-20 | Henrik Grubbström (Grubba) | | if (!jws) return 0;
[mapping(string(7bit):string(7bit)|int) jose_header,
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | | mapping(string:string|int) claims] = jws;
|
f09b86 | 2016-12-21 | Henrik Grubbström (Grubba) | | if ((jose_header->typ || "JWT") != "JWT") return 0;
|
110b99 | 2017-03-22 | Henrik Grubbström (Grubba) | | if (!mappingp(claims)) return 0;
int now = time(1);
if (!zero_type(claims->exp) && (claims->exp < now)) return 0;
if (claims->nbf - 60 > now) return 0;
return claims;
|
200326 | 2016-04-20 | Henrik Grubbström (Grubba) | | }
|
8802f5 | 2016-12-29 | Henrik Grubbström (Grubba) | |
#if constant(Crypto.ECC.Curve)
#pragma dynamic_dot
protected mapping(string(7bit):Crypto.ECC.Curve) curve_lookup;
#endif
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | | protected mapping(string(7bit):Crypto.MAC) mac_lookup;
|
8802f5 | 2016-12-29 | Henrik Grubbström (Grubba) | |
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | |
Crypto.Sign.State|Crypto.MAC.State decode_jwk(mapping(string(7bit):string(7bit)) jwk)
|
8802f5 | 2016-12-29 | Henrik Grubbström (Grubba) | | {
switch(jwk->kty) {
case "RSA":
return Crypto.RSA(jwk);
#if constant(Crypto.ECC.Curve)
case "EC":
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | |
|
8802f5 | 2016-12-29 | Henrik Grubbström (Grubba) | | if (!curve_lookup) {
mapping(string(7bit):Crypto.ECC.Curve) m = ([]);
foreach(values(Crypto.ECC), Crypto.ECC.Curve c) {
string(7bit) n = objectp(c) && c->jose_name && c->jose_name();
if (n) {
m[n] = c;
}
}
curve_lookup = m;
}
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | |
|
8802f5 | 2016-12-29 | Henrik Grubbström (Grubba) | | Crypto.ECC.Curve c = curve_lookup[jwk->crv];
if (!c) break;
|
8e3d62 | 2017-09-22 | Henrik Grubbström (Grubba) | | if (jwk->d) {
Crypto.ECC.Curve.ECDSA ecdsa = c.ECDSA(jwk);
ecdsa->set_private_key(MIME.decode_base64url(jwk->d));
return ecdsa;
}
|
8802f5 | 2016-12-29 | Henrik Grubbström (Grubba) | | return c.Point(jwk);
#endif /* constant(Crypto.ECC.Curve) */
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | | case "oct":
if (!mac_lookup) {
mapping(string(7bit):Crypto.MAC) m = ([]);
foreach(values(Crypto), mixed x) {
if (!objectp(x) || !objectp(x = x["HMAC"]) || !x->jwa) continue;
string(7bit) jwa = x->jwa();
if (!jwa) continue;
m[jwa] = x;
}
mac_lookup = m;
}
Crypto.MAC mac = mac_lookup[jwk->alg];
if (!mac) break;
string(7bit) key = jwk->k;
if (!key) break;
return mac(MIME.decode_base64url(key));
|
8802f5 | 2016-12-29 | Henrik Grubbström (Grubba) | | default:
break;
}
return UNDEFINED;
}
#pragma no_dynamic_dot
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | |
|
f8d0d8 | 2017-09-22 | Henrik Grubbström (Grubba) | | variant Crypto.Sign.State|Crypto.MAC.State decode_jwk(string(8bit) jwk)
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | | {
|
7dafa1 | 2018-02-20 | Henrik Grubbström (Grubba) | | return decode_jwk(Standards.JSON.decode_utf8(MIME.decode_base64url(jwk)));
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | | }
|
7f62b1 | 2017-09-21 | Henrik Grubbström (Grubba) | |
string(7bit) encode_jwk(mapping(string(7bit):string(7bit)) jwk)
{
if (!mappingp(jwk)) return UNDEFINED;
|
7dafa1 | 2018-02-20 | Henrik Grubbström (Grubba) | | return MIME.encode_base64url(string_to_utf8(Standards.JSON.encode(jwk)));
|
7f62b1 | 2017-09-21 | Henrik Grubbström (Grubba) | | }
variant string(7bit) encode_jwk(Crypto.Sign.State|Crypto.MAC.State sign,
int(0..1)|void private_key)
{
mapping(string(7bit):string(7bit)) jwk = sign && sign->jwk(private_key);
if (!jwk) return UNDEFINED;
return encode_jwk(jwk);
}
|
8802f5 | 2016-12-29 | Henrik Grubbström (Grubba) | |
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | | array(Crypto.Sign.State|Crypto.MAC.State)
|
8802f5 | 2016-12-29 | Henrik Grubbström (Grubba) | | decode_jwk_set(mapping(string(8bit):
array(mapping(string(7bit):string(7bit)))) jwk_set)
{
return filter(map(jwk_set->keys, decode_jwk), objectp);
}
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | |
variant array(Crypto.Sign.State|Crypto.MAC.State)
decode_jwk_set(string(7bit) jwk_set)
{
|
7dafa1 | 2018-02-20 | Henrik Grubbström (Grubba) | | return decode_jwk_set(Standards.JSON.decode_utf8(jwk_set));
|
a36a76 | 2017-03-20 | Henrik Grubbström (Grubba) | | }
|