kawaiipunk/laipower
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

installed plugin WP-WebAuthn version 1.2.8

Browse Source
This commit is contained in:
KawaiiPunk
2022-10-08 02:41:03 +00:00
committed by Gitium
parent 15c71c7c0f
commit 7b1024e711
923 changed files with 124568 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/AlgorithmAnalyzer.php vendored Normal file
View File

@ -0,0 +1,26 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Jose\Component\Core\JWK;
final class AlgorithmAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if (!$jwk->has('alg')) {
$bag->add(Message::medium('The parameter "alg" should be added.'));
}
}
}

61
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/ES256KeyAnalyzer.php vendored Normal file
View File

@ -0,0 +1,61 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Base64Url\Base64Url;
use Brick\Math\BigInteger;
use Jose\Component\Core\JWK;
use Jose\Component\Core\Util\Ecc\NistCurve;
use RuntimeException;
final class ES256KeyAnalyzer implements KeyAnalyzer
{
/**
* @throws RuntimeException if the component "web-token/jwt-util-ecc" is missing
*/
public function __construct()
{
if (!class_exists(NistCurve::class)) {
throw new RuntimeException('Please install web-token/jwt-util-ecc to use this key analyzer');
}
}
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('EC' !== $jwk->get('kty')) {
return;
}
if (!$jwk->has('crv')) {
$bag->add(Message::high('Invalid key. The components "crv" is missing.'));
return;
}
if ('P-256' !== $jwk->get('crv')) {
return;
}
$x = Base64Url::decode($jwk->get('x'));
$xLength = 8 * mb_strlen($x, '8bit');
$y = Base64Url::decode($jwk->get('y'));
$yLength = 8 * mb_strlen($y, '8bit');
if ($yLength !== $xLength || 256 !== $yLength) {
$bag->add(Message::high('Invalid key. The components "x" and "y" size shall be 256 bits.'));
}
$xBI = BigInteger::fromBase(bin2hex($x), 16);
$yBI = BigInteger::fromBase(bin2hex($y), 16);
$curve = NistCurve::curve256();
if (!$curve->contains($xBI, $yBI)) {
$bag->add(Message::high('Invalid key. The point is not on the curve.'));
}
}
}

61
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/ES384KeyAnalyzer.php vendored Normal file
View File

@ -0,0 +1,61 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Base64Url\Base64Url;
use Brick\Math\BigInteger;
use Jose\Component\Core\JWK;
use Jose\Component\Core\Util\Ecc\NistCurve;
use RuntimeException;
final class ES384KeyAnalyzer implements KeyAnalyzer
{
/**
* @throws RuntimeException if the component "web-token/jwt-util-ecc" is missing
*/
public function __construct()
{
if (!class_exists(NistCurve::class)) {
throw new RuntimeException('Please install web-token/jwt-util-ecc to use this key analyzer');
}
}
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('EC' !== $jwk->get('kty')) {
return;
}
if (!$jwk->has('crv')) {
$bag->add(Message::high('Invalid key. The components "crv" is missing.'));
return;
}
if ('P-384' !== $jwk->get('crv')) {
return;
}
$x = Base64Url::decode($jwk->get('x'));
$xLength = 8 * mb_strlen($x, '8bit');
$y = Base64Url::decode($jwk->get('y'));
$yLength = 8 * mb_strlen($y, '8bit');
if ($yLength !== $xLength || 384 !== $yLength) {
$bag->add(Message::high('Invalid key. The components "x" and "y" size shall be 384 bits.'));
}
$xBI = BigInteger::fromBase(bin2hex($x), 16);
$yBI = BigInteger::fromBase(bin2hex($y), 16);
$curve = NistCurve::curve384();
if (!$curve->contains($xBI, $yBI)) {
$bag->add(Message::high('Invalid key. The point is not on the curve.'));
}
}
}

61
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/ES512KeyAnalyzer.php vendored Normal file
View File

@ -0,0 +1,61 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Base64Url\Base64Url;
use Brick\Math\BigInteger;
use Jose\Component\Core\JWK;
use Jose\Component\Core\Util\Ecc\NistCurve;
use RuntimeException;
final class ES512KeyAnalyzer implements KeyAnalyzer
{
/**
* @throws RuntimeException if the component "web-token/jwt-util-ecc" is missing
*/
public function __construct()
{
if (!class_exists(NistCurve::class)) {
throw new RuntimeException('Please install web-token/jwt-util-ecc to use this key analyzer');
}
}
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('EC' !== $jwk->get('kty')) {
return;
}
if (!$jwk->has('crv')) {
$bag->add(Message::high('Invalid key. The components "crv" is missing.'));
return;
}
if ('P-521' !== $jwk->get('crv')) {
return;
}
$x = Base64Url::decode($jwk->get('x'));
$xLength = 8 * mb_strlen($x, '8bit');
$y = Base64Url::decode($jwk->get('y'));
$yLength = 8 * mb_strlen($y, '8bit');
if ($yLength !== $xLength || 528 !== $yLength) {
$bag->add(Message::high('Invalid key. The components "x" and "y" size shall be 528 bits.'));
}
$xBI = BigInteger::fromBase(bin2hex($x), 16);
$yBI = BigInteger::fromBase(bin2hex($y), 16);
$curve = NistCurve::curve521();
if (!$curve->contains($xBI, $yBI)) {
$bag->add(Message::high('Invalid key. The point is not on the curve.'));
}
}
}

35
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/HS256KeyAnalyzer.php vendored Normal file
View File

@ -0,0 +1,35 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Base64Url\Base64Url;
use Jose\Component\Core\JWK;
final class HS256KeyAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('oct' !== $jwk->get('kty')) {
return;
}
if (!$jwk->has('alg') || 'HS256' !== $jwk->get('alg')) {
return;
}
$k = Base64Url::decode($jwk->get('k'));
$kLength = 8 * mb_strlen($k, '8bit');
if ($kLength < 256) {
$bag->add(Message::high('HS256 algorithm requires at least 256 bits key length.'));
}
}
}

35
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/HS384KeyAnalyzer.php vendored Normal file
View File

@ -0,0 +1,35 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Base64Url\Base64Url;
use Jose\Component\Core\JWK;
final class HS384KeyAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('oct' !== $jwk->get('kty')) {
return;
}
if (!$jwk->has('alg') || 'HS384' !== $jwk->get('alg')) {
return;
}
$k = Base64Url::decode($jwk->get('k'));
$kLength = 8 * mb_strlen($k, '8bit');
if ($kLength < 384) {
$bag->add(Message::high('HS384 algorithm requires at least 384 bits key length.'));
}
}
}

35
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/HS512KeyAnalyzer.php vendored Normal file
View File

@ -0,0 +1,35 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Base64Url\Base64Url;
use Jose\Component\Core\JWK;
final class HS512KeyAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('oct' !== $jwk->get('kty')) {
return;
}
if (!$jwk->has('alg') || 'HS512' !== $jwk->get('alg')) {
return;
}
$k = Base64Url::decode($jwk->get('k'));
$kLength = 8 * mb_strlen($k, '8bit');
if ($kLength < 512) {
$bag->add(Message::high('HS512 algorithm requires at least 512 bits key length.'));
}
}
}

24
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/KeyAnalyzer.php vendored Normal file
View File

@ -0,0 +1,24 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Jose\Component\Core\JWK;
interface KeyAnalyzer
{
/**
* This method will analyse the key and add messages to the message bag if needed.
*/
public function analyze(JWK $jwk, MessageBag $bag): void;
}

46
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/KeyAnalyzerManager.php vendored Normal file
View File

@ -0,0 +1,46 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Jose\Component\Core\JWK;
class KeyAnalyzerManager
{
/**
* @var KeyAnalyzer[]
*/
private $analyzers = [];
/**
* Adds a Key Analyzer to the manager.
*/
public function add(KeyAnalyzer $analyzer): void
{
$this->analyzers[] = $analyzer;
}
/**
* This method will analyze the JWK object using all analyzers.
* It returns a message bag that may contains messages.
*/
public function analyze(JWK $jwk): MessageBag
{
$bag = new MessageBag();
foreach ($this->analyzers as $analyzer) {
$analyzer->analyze($jwk, $bag);
}
return $bag;
}
}

26
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/KeyIdentifierAnalyzer.php vendored Normal file
View File

@ -0,0 +1,26 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Jose\Component\Core\JWK;
final class KeyIdentifierAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if (!$jwk->has('kid')) {
$bag->add(Message::medium('The parameter "kid" should be added.'));
}
}
}

24
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/KeysetAnalyzer.php vendored Normal file
View File

@ -0,0 +1,24 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Jose\Component\Core\JWKSet;
interface KeysetAnalyzer
{
/**
* This method will analyse the key set and add messages to the message bag if needed.
*/
public function analyze(JWKSet $JWKSet, MessageBag $bag): void;
}

46
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/KeysetAnalyzerManager.php vendored Normal file
View File

@ -0,0 +1,46 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Jose\Component\Core\JWKSet;
class KeysetAnalyzerManager
{
/**
* @var KeysetAnalyzer[]
*/
private $analyzers = [];
/**
* Adds a Keyset Analyzer to the manager.
*/
public function add(KeysetAnalyzer $analyzer): void
{
$this->analyzers[] = $analyzer;
}
/**
* This method will analyze the JWKSet object using all analyzers.
* It returns a message bag that may contains messages.
*/
public function analyze(JWKSet $jwkset): MessageBag
{
$bag = new MessageBag();
foreach ($this->analyzers as $analyzer) {
$analyzer->analyze($jwkset, $bag);
}
return $bag;
}
}

97
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/Message.php vendored Normal file
View File

@ -0,0 +1,97 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use JsonSerializable;
class Message implements JsonSerializable
{
public const SEVERITY_LOW = 'low';
public const SEVERITY_MEDIUM = 'medium';
public const SEVERITY_HIGH = 'high';
/**
* @var string
*/
private $message;
/**
* @var string
*/
private $severity;
/**
* Message constructor.
*/
private function __construct(string $message, string $severity)
{
$this->message = $message;
$this->severity = $severity;
}
/**
* Creates a message with severity=low.
*
* @return Message
*/
public static function low(string $message): self
{
return new self($message, self::SEVERITY_LOW);
}
/**
* Creates a message with severity=medium.
*
* @return Message
*/
public static function medium(string $message): self
{
return new self($message, self::SEVERITY_MEDIUM);
}
/**
* Creates a message with severity=high.
*
* @return Message
*/
public static function high(string $message): self
{
return new self($message, self::SEVERITY_HIGH);
}
/**
* Returns the message.
*/
public function getMessage(): string
{
return $this->message;
}
/**
* Returns the severity of the message.
*/
public function getSeverity(): string
{
return $this->severity;
}
public function jsonSerialize(): array
{
return [
'message' => $this->message,
'severity' => $this->severity,
];
}
}

71
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/MessageBag.php vendored Normal file
View File

@ -0,0 +1,71 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use ArrayIterator;
use function count;
use Countable;
use IteratorAggregate;
use JsonSerializable;
use Traversable;
class MessageBag implements JsonSerializable, IteratorAggregate, Countable
{
/**
* @var Message[]
*/
private $messages = [];
/**
* Adds a message to the message bag.
*/
public function add(Message $message): void
{
$this->messages[] = $message;
}
/**
* Returns all messages.
*
* @return Message[]
*/
public function all(): array
{
return $this->messages;
}
/**
* {@inheritdoc}
*/
public function jsonSerialize(): array
{
return array_values($this->messages);
}
/**
* {@inheritdoc}
*/
public function count(): int
{
return count($this->messages);
}
/**
* {@inheritdoc}
*/
public function getIterator(): Traversable
{
return new ArrayIterator($this->messages);
}
}

49
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/MixedKeyTypes.php vendored Normal file
View File

@ -0,0 +1,49 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Jose\Component\Core\JWKSet;
final class MixedKeyTypes implements KeysetAnalyzer
{
public function analyze(JWKSet $jwkset, MessageBag $bag): void
{
if (0 === $jwkset->count()) {
return;
}
$hasSymmetricKeys = false;
$hasAsymmetricKeys = false;
foreach ($jwkset as $jwk) {
switch ($jwk->get('kty')) {
case 'oct':
$hasSymmetricKeys = true;
break;
case 'OKP':
case 'RSA':
case 'EC':
$hasAsymmetricKeys = true;
break;
}
}
if ($hasAsymmetricKeys && $hasSymmetricKeys) {
$bag->add(Message::medium('This key set mixes symmetric and assymetric keys.'));
}
}
}

48
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/MixedPublicAndPrivateKeys.php vendored Normal file
View File

@ -0,0 +1,48 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Jose\Component\Core\JWKSet;
final class MixedPublicAndPrivateKeys implements KeysetAnalyzer
{
public function analyze(JWKSet $jwkset, MessageBag $bag): void
{
if (0 === $jwkset->count()) {
return;
}
$hasPublicKeys = false;
$hasPrivateKeys = false;
foreach ($jwkset as $jwk) {
switch ($jwk->get('kty')) {
case 'OKP':
case 'RSA':
case 'EC':
if ($jwk->has('d')) {
$hasPrivateKeys = true;
} else {
$hasPublicKeys = true;
}
break;
}
}
if ($hasPrivateKeys && $hasPublicKeys) {
$bag->add(Message::high('This key set mixes public and private keys.'));
}
}
}

28
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/NoneAnalyzer.php vendored Normal file
View File

@ -0,0 +1,28 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Jose\Component\Core\JWK;
final class NoneAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('none' !== $jwk->get('kty')) {
return;
}
$bag->add(Message::high('This key is a meant to be used with the algorithm "none". This algorithm is not secured and should be used with care.'));
}
}

32
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/OctAnalyzer.php vendored Normal file
View File

@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Base64Url\Base64Url;
use Jose\Component\Core\JWK;
final class OctAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('oct' !== $jwk->get('kty')) {
return;
}
$k = Base64Url::decode($jwk->get('k'));
$kLength = 8 * mb_strlen($k, '8bit');
if ($kLength < 128) {
$bag->add(Message::high('The key length is less than 128 bits.'));
}
}
}

54
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/RsaAnalyzer.php vendored Normal file
View File

@ -0,0 +1,54 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Base64Url\Base64Url;
use InvalidArgumentException;
use function is_array;
use Jose\Component\Core\JWK;
final class RsaAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('RSA' !== $jwk->get('kty')) {
return;
}
$this->checkExponent($jwk, $bag);
$this->checkModulus($jwk, $bag);
}
private function checkExponent(JWK $jwk, MessageBag $bag): void
{
$exponent = unpack('l', str_pad(Base64Url::decode($jwk->get('e')), 4, "\0"));
if (!is_array($exponent) || !isset($exponent[1])) {
throw new InvalidArgumentException('Unable to get the private key');
}
if ($exponent[1] < 65537) {
$bag->add(Message::high('The exponent is too low. It should be at least 65537.'));
}
}
private function checkModulus(JWK $jwk, MessageBag $bag): void
{
$n = 8 * mb_strlen(Base64Url::decode($jwk->get('n')), '8bit');
if ($n < 2048) {
$bag->add(Message::high('The key length is less than 2048 bits.'));
}
if ($jwk->has('d') && (!$jwk->has('p') || !$jwk->has('q') || !$jwk->has('dp') || !$jwk->has('dq') || !$jwk->has('p') || !$jwk->has('qi'))) {
$bag->add(Message::medium('The key is a private RSA key, but Chinese Remainder Theorem primes are missing. These primes are not mandatory, but signatures and decryption processes are faster when available.'));
}
}
}

32
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/UsageAnalyzer.php vendored Normal file
View File

@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use function in_array;
use Jose\Component\Core\JWK;
final class UsageAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if (!$jwk->has('use')) {
$bag->add(Message::medium('The parameter "use" should be added.'));
} elseif (!in_array($jwk->get('use'), ['sig', 'enc'], true)) {
$bag->add(Message::high(sprintf('The parameter "use" has an unsupported value "%s". Please use "sig" (signature) or "enc" (encryption).', $jwk->get('use'))));
}
if ($jwk->has('key_ops') && !in_array($jwk->get('key_ops'), ['sign', 'verify', 'encrypt', 'decrypt', 'wrapKey', 'unwrapKey'], true)) {
$bag->add(Message::high(sprintf('The parameter "key_ops" has an unsupported value "%s". Please use one of the following values: %s.', $jwk->get('use'), implode(', ', ['verify', 'sign', 'encryp', 'decrypt', 'wrapKey', 'unwrapKey']))));
}
}
}

48
wp-content/plugins/wp-webauthn/vendor/web-token/jwt-key-mgmt/Analyzer/ZxcvbnKeyAnalyzer.php vendored Normal file
View File

@ -0,0 +1,48 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\KeyManagement\Analyzer;
use Base64Url\Base64Url;
use Jose\Component\Core\JWK;
use ZxcvbnPhp\Zxcvbn;
final class ZxcvbnKeyAnalyzer implements KeyAnalyzer
{
public function analyze(JWK $jwk, MessageBag $bag): void
{
if ('oct' !== $jwk->get('kty')) {
return;
}
$k = Base64Url::decode($jwk->get('k'));
if (class_exists(Zxcvbn::class)) {
$zxcvbn = new Zxcvbn();
$strength = $zxcvbn->passwordStrength($k);
switch (true) {
case $strength['score'] < 3:
$bag->add(Message::high('The octet string is weak and easily guessable. Please change your key as soon as possible.'));
break;
case 3 === $strength['score']:
$bag->add(Message::medium('The octet string is safe, but a longer key is preferable.'));
break;
default:
break;
}
}
}
}