CoseSign1Tag and structure

.github/workflows/integrate.yml

@@ -65,7 +65,7 @@ jobs:
         uses: "shivammathur/setup-php@v2"
         with:
           php-version: "${{ matrix.php-version }}"
-          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter"
+          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter, zlib"
           coverage: "xdebug"
 
       - name: "Checkout code"
@@ -99,7 +99,7 @@ jobs:
         uses: "shivammathur/setup-php@v2"
         with:
           php-version: "8.1"
-          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter"
+          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter, zlib"
           coverage: "none"
 
       - name: "Checkout code"
@@ -131,7 +131,7 @@ jobs:
         uses: "shivammathur/setup-php@v2"
         with:
           php-version: "8.1"
-          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter"
+          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter, zlib"
           coverage: "none"
 
       - name: "Checkout code"
@@ -164,7 +164,7 @@ jobs:
         uses: "shivammathur/setup-php@v2"
         with:
           php-version: "8.1"
-          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter"
+          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter, zlib"
           coverage: "xdebug"
 
       - name: "Checkout code"
@@ -193,7 +193,7 @@ jobs:
         uses: "shivammathur/setup-php@v2"
         with:
           php-version: "8.1"
-          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter"
+          extensions: "ctype, dom, json, libxml, mbstring, openssl, phar, simplexml, tokenizer, xml, xmlwriter, zlib"
           coverage: "xdebug"
 
       - name: "Checkout code"

composer.json

@@ -29,18 +29,19 @@
         }
     },
     "require-dev": {
-        "infection/infection": "^0.26.12",
+        "infection/infection": "^0.27",
         "phpstan/phpstan": "^1.7",
         "phpstan/phpstan-deprecation-rules": "^1.0",
         "phpstan/phpstan-phpunit": "^1.1",
         "phpstan/phpstan-strict-rules": "^1.2",
         "phpunit/phpunit": "^10.0",
-        "rector/rector": "^0.15",
+        "rector/rector": "^0.16",
         "symplify/easy-coding-standard": "^11.0",
         "symfony/phpunit-bridge": "^6.1",
         "ekino/phpstan-banned-code": "^1.0",
         "php-parallel-lint/php-parallel-lint": "^1.3",
-        "qossmic/deptrac-shim": "^1.0"
+        "qossmic/deptrac-shim": "^1.0",
+        "spomky-labs/cbor-php": "^3.0"
     },
     "autoload-dev": {
         "psr-4": {
@@ -49,11 +50,13 @@
     },
     "config": {
         "allow-plugins": {
-            "infection/extension-installer": false
+            "infection/extension-installer": true,
+            "phpstan/extension-installer": true
         }
     },
     "suggest": {
         "ext-gmp": "For better performance, please install either GMP (recommended) or BCMath extension",
-        "ext-bcmath": "For better performance, please install either GMP (recommended) or BCMath extension"
+        "ext-bcmath": "For better performance, please install either GMP (recommended) or BCMath extension",
+        "spomky-labs/cbor-php": "For COSE Signature support"
     }
 }

src/Signature/CoseSign1Tag.php

@@ -0,0 +1,110 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Cose\Signature;
+
+use Assert\Assertion;
+use CBOR\ByteStringObject;
+use CBOR\CBORObject;
+use CBOR\ListObject;
+use CBOR\MapObject;
+use CBOR\Tag as Base;
+
+final class CoseSign1Tag extends Base
+{
+    private const TAG_ID = 18;
+
+    private readonly ByteStringObject $protectedHeader;
+
+    private readonly MapObject $unprotectedHeader;
+
+    private readonly ByteStringObject $payload;
+
+    private readonly ByteStringObject $signature;
+
+    public function __construct(int $additionalInformation, ?string $data, CBORObject $object)
+    {
+        Assertion::isInstanceOf($object, ListObject::class, 'Not a valid CoseSign1 object. No list.');
+        Assertion::count($object, 4, 'Not a valid CoseSign1 object. The list shall have 4 items.');
+        $protectedHeader = $object->get(0);
+        $unprotectedHeader = $object->get(1);
+        $payload = $object->get(2);
+        $signature = $object->get(3);
+
+        Assertion::isInstanceOf(
+            $protectedHeader,
+            ByteStringObject::class,
+            'Not a valid CoseSign1 object. The item 1 shall be a ByteString object.'
+        );
+        Assertion::isInstanceOf(
+            $unprotectedHeader,
+            MapObject::class,
+            'Not a valid CoseSign1 object. The item 2 shall be a Map object.'
+        );
+        Assertion::isInstanceOf(
+            $payload,
+            ByteStringObject::class,
+            'Not a valid CoseSign1 object. The item 3 shall be a ByteString object.'
+        );
+        Assertion::isInstanceOf(
+            $signature,
+            ByteStringObject::class,
+            'Not a valid CoseSign1 object. The item 4 shall be a ByteString object.'
+        );
+
+        parent::__construct($additionalInformation, $data, $object);
+        $this->protectedHeader = $protectedHeader;
+        $this->unprotectedHeader = $unprotectedHeader;
+        $this->payload = $payload;
+        $this->signature = $signature;
+    }
+
+    public static function getTagId(): int
+    {
+        return self::TAG_ID;
+    }
+
+    public static function createFromLoadedData(int $additionalInformation, ?string $data, CBORObject $object): Base
+    {
+        return new self($additionalInformation, $data, $object);
+    }
+
+    public static function create(
+        MapObject $protectedHeader,
+        MapObject $unprotectedHeader,
+        MapObject $payload,
+        ByteStringObject $signature
+    ): self {
+        $protectedHeaderAsBytesString = ByteStringObject::create((string) $protectedHeader);
+        $payloadAsBytesString = ByteStringObject::create((string) $payload);
+        $object = ListObject::create([
+            $protectedHeaderAsBytesString,
+            $unprotectedHeader,
+            $payloadAsBytesString,
+            $signature,
+        ]);
+
+        return new self(self::TAG_ID, null, $object);
+    }
+
+    public function getProtectedHeader(): ByteStringObject
+    {
+        return $this->protectedHeader;
+    }
+
+    public function getUnprotectedHeader(): MapObject
+    {
+        return $this->unprotectedHeader;
+    }
+
+    public function getPayload(): ByteStringObject
+    {
+        return $this->payload;
+    }
+
+    public function getSignature(): ByteStringObject
+    {
+        return $this->signature;
+    }
+}

src/Signature/Signature1.php

@@ -0,0 +1,45 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Cose\Signature;
+
+use CBOR\ByteStringObject;
+use CBOR\ListObject;
+use CBOR\TextStringObject;
+use Stringable;
+
+final class Signature1 implements Stringable
+{
+    public function __construct(
+        private readonly ByteStringObject $protectedHeader,
+        private readonly ByteStringObject $payload
+    ) {
+    }
+
+    public function __toString(): string
+    {
+        $structure = new ListObject();
+        $structure->add(new TextStringObject('Signature1'));
+        $structure->add($this->protectedHeader);
+        $structure->add(new ByteStringObject(''));
+        $structure->add($this->payload);
+
+        return (string) $structure;
+    }
+
+    public static function create(ByteStringObject $protectedHeader, ByteStringObject $payload): self
+    {
+        return new self($protectedHeader, $payload);
+    }
+
+    public function getProtectedHeader(): ByteStringObject
+    {
+        return $this->protectedHeader;
+    }
+
+    public function getPayload(): ByteStringObject
+    {
+        return $this->payload;
+    }
+}

tests/Algorithm/Mac/HS256Test.php

@@ -0,0 +1,80 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Cose\Tests\Algorithm\Mac;
+
+use Cose\Algorithm\Mac\HS256;
+use Cose\Key\OkpKey;
+use Cose\Key\SymmetricKey;
+use InvalidArgumentException;
+use PHPUnit\Framework\TestCase;
+use function Safe\base64_decode;
+
+final class HS256Test extends TestCase
+{
+    /**
+     * @test
+     * @dataProvider getVectors
+     */
+    public function aMacCanBeComputed(string $k, string $data, string $expectedHash): void
+    {
+        $algorithm = HS256::create();
+        $key = SymmetricKey::create([
+            SymmetricKey::DATA_K => $k,
+            SymmetricKey::TYPE => SymmetricKey::TYPE_OCT,
+        ]);
+        $hash = $algorithm->hash($data, $key);
+
+        static::assertSame(5, HS256::identifier());
+        static::assertSame($k, $key->k());
+        static::assertSame($expectedHash, $hash);
+    }
+
+    /**
+     * @test
+     * @dataProvider getVectors
+     */
+    public function aMacCanBeVerified(string $k, string $data, string $hash): void
+    {
+        $algorithm = new HS256();
+        $key = SymmetricKey::create([
+            SymmetricKey::DATA_K => $k,
+            SymmetricKey::TYPE => SymmetricKey::TYPE_OCT,
+        ]);
+        $isValid = $algorithm->verify($data, $key, $hash);
+
+        static::assertTrue($isValid);
+    }
+
+    /**
+     * @test
+     */
+    public function theKeyIsNotAcceptable(): void
+    {
+        static::expectException(InvalidArgumentException::class);
+        static::expectExceptionMessage('Invalid key. Must be of type symmetric');
+        $algorithm = new HS256();
+        $key = OkpKey::create([
+            OkpKey::TYPE => SymmetricKey::TYPE_OKP,
+            OkpKey::DATA_CURVE => OkpKey::CURVE_X25519,
+            OkpKey::DATA_X => '',
+        ]);
+        $algorithm->hash(
+            'eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOWItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9.SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4',
+            $key
+        );
+    }
+
+    /**
+     * @return array<string>[]
+     */
+    public function getVectors(): iterable
+    {
+        yield [
+            base64_decode('hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG+Onbc6mxCcYg', true),
+            'eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOWItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9.SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4',
+            base64_decode('s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0', true),
+        ];
+    }
+}