Hotfix for web-token internal class used by the library (#289)

* Hotfix for web-token internal class used by the library

* Native scalar mul

* Native scalar mul

* Fix composer error

* PHPStan config and bugs fixed

Author: Spomky

.gitignore

@@ -6,4 +6,5 @@ phpunit.xml
 cli.log
 module.log
 .vagrant
-Vagrantfile # temp, may be?
+Vagrantfile # temp, may be?
+/.phpunit.result.cache

.travis.yml

@@ -40,6 +40,7 @@ env:
     - TRAVIS_NODE_VERSION="stable"
 
 before_install:
+  - composer config discard-changes true
   - nvm install node
 
 install:

composer.json

@@ -14,13 +14,12 @@
   ],
   "scripts": {
     "test:unit": "./vendor/bin/phpunit --color",
-    "test:typing": "./vendor/bin/phpstan analyse --level max src",
+    "test:typing": "./vendor/bin/phpstan analyse",
     "test:syntax": "./vendor/bin/php-cs-fixer fix ./src --dry-run --stop-on-violation --using-cache=no"
   },
   "require": {
     "php": "^7.2",
     "ext-curl": "*",
-    "ext-gmp": "*",
     "ext-json": "*",
     "ext-mbstring": "*",
     "ext-openssl": "*",
@@ -31,8 +30,8 @@
     "web-token/jwt-util-ecc": "^2.0"
   },
   "require-dev": {
-    "phpunit/phpunit": "^7.0",
-    "phpstan/phpstan": "0.11.19",
+    "phpunit/phpunit": "^8.0|^9.0",
+    "phpstan/phpstan": "^0.11|^0.12",
     "friendsofphp/php-cs-fixer": "^2.14"
   },
   "autoload": {

phpstan.neon

@@ -0,0 +1,5 @@
+parameters:
+    level: 7
+    paths:
+        - src
+    checkMissingIterableValueType: false

src/Encryption.php

@@ -14,10 +14,12 @@
 namespace Minishlink\WebPush;
 
 use Base64Url\Base64Url;
+use Brick\Math\BigInteger;
+use Jose\Component\Core\JWK;
+use Jose\Component\Core\Util\Ecc\Curve;
 use Jose\Component\Core\Util\Ecc\NistCurve;
-use Jose\Component\Core\Util\Ecc\Point;
 use Jose\Component\Core\Util\Ecc\PrivateKey;
-use Jose\Component\Core\Util\Ecc\PublicKey;
+use Jose\Component\Core\Util\ECKey;
 
 class Encryption
 {
@@ -82,25 +84,41 @@ public static function deterministicEncrypt(string $payload, string $userPublicK
         $userPublicKey = Base64Url::decode($userPublicKey);
         $userAuthToken = Base64Url::decode($userAuthToken);
 
-        $curve = NistCurve::curve256();
-
         // get local key pair
-        list($localPublicKeyObject, $localPrivateKeyObject) = $localKeyObject;
-        $localPublicKey = hex2bin(Utils::serializePublicKey($localPublicKeyObject));
+        if (count($localKeyObject) === 1) {
+            /** @var JWK $localJwk */
+            $localJwk = current($localKeyObject);
+            $localPublicKey = hex2bin(Utils::serializePublicKeyFromJWK($localJwk));
+        } else {
+            /** @var PrivateKey $localPrivateKeyObject */
+            list($localPublicKeyObject, $localPrivateKeyObject) = $localKeyObject;
+            $localPublicKey = hex2bin(Utils::serializePublicKey($localPublicKeyObject));
+            $localJwk = new JWK([
+                'kty' => 'EC',
+                'crv' => 'P-256',
+                'd' => $localPrivateKeyObject->getSecret()->getX(), // @phpstan-ignore-line
+                'x' => Base64Url::encode($localPublicKeyObject[0]),
+                'y' => Base64Url::encode($localPublicKeyObject[1]),
+            ]);
+        }
         if (!$localPublicKey) {
             throw new \ErrorException('Failed to convert local public key from hexadecimal to binary');
         }
 
         // get user public key object
         [$userPublicKeyObjectX, $userPublicKeyObjectY] = Utils::unserializePublicKey($userPublicKey);
-        $userPublicKeyObject = $curve->getPublicKeyFrom(
-            gmp_init(bin2hex($userPublicKeyObjectX), 16),
-            gmp_init(bin2hex($userPublicKeyObjectY), 16)
-        );
+        $userJwk = new JWK([
+            'kty' => 'EC',
+            'crv' => 'P-256',
+            'x' => Base64Url::encode($userPublicKeyObjectX),
+            'y' => Base64Url::encode($userPublicKeyObjectY),
+        ]);
 
         // get shared secret from user public key and local private key
-        $sharedSecret = $curve->mul($userPublicKeyObject->getPoint(), $localPrivateKeyObject->getSecret())->getX();
-        $sharedSecret = hex2bin(str_pad(gmp_strval($sharedSecret, 16), 64, '0', STR_PAD_LEFT));
+
+        $sharedSecret = self::calculateAgreementKey($localJwk, $userJwk);
+
+        $sharedSecret = str_pad($sharedSecret, 32, chr(0), STR_PAD_LEFT);
         if (!$sharedSecret) {
             throw new \ErrorException('Failed to convert shared secret from hexadecimal to binary');
         }
@@ -132,7 +150,7 @@ public static function deterministicEncrypt(string $payload, string $userPublicK
         ];
     }
 
-    public static function getContentCodingHeader($salt, $localPublicKey, $contentEncoding): string
+    public static function getContentCodingHeader(string $salt, string $localPublicKey, string $contentEncoding): string
     {
         if ($contentEncoding === "aes128gcm") {
             return $salt
@@ -186,7 +204,7 @@ private static function hkdf(string $salt, string $ikm, string $info, int $lengt
      *
      * @throws \ErrorException
      */
-    private static function createContext(string $clientPublicKey, string $serverPublicKey, $contentEncoding): ?string
+    private static function createContext(string $clientPublicKey, string $serverPublicKey, string $contentEncoding): ?string
     {
         if ($contentEncoding === "aes128gcm") {
             return null;
@@ -256,9 +274,10 @@ private static function createLocalKeyObjectUsingPurePhpMethod(): array
     {
         $curve = NistCurve::curve256();
         $privateKey = $curve->createPrivateKey();
+        $publicKey = $curve->createPublicKey($privateKey);
 
         return [
-            $curve->createPublicKey($privateKey),
+            $publicKey,
             $privateKey,
         ];
     }
@@ -285,11 +304,13 @@ private static function createLocalKeyObjectUsingOpenSSL(): array
         }
 
         return [
-            new PublicKey(Point::create(
-                gmp_init(bin2hex($details['ec']['x']), 16),
-                gmp_init(bin2hex($details['ec']['y']), 16)
-            )),
-            PrivateKey::create(gmp_init(bin2hex($details['ec']['d']), 16))
+            new JWK([
+                'kty' => 'EC',
+                'crv' => 'P-256',
+                'x' => Base64Url::encode($details['ec']['x']),
+                'y' => Base64Url::encode($details['ec']['y']),
+                'd' => Base64Url::encode($details['ec']['d']),
+            ])
         ];
     }
 
@@ -318,4 +339,64 @@ private static function getIKM(string $userAuthToken, string $userPublicKey, str
 
         return $sharedSecret;
     }
+
+    private static function calculateAgreementKey(JWK $private_key, JWK $public_key): string
+    {
+        if (function_exists('openssl_pkey_derive')) {
+            try {
+                $publicPem = ECKey::convertPublicKeyToPEM($public_key);
+                $privatePem = ECKey::convertPrivateKeyToPEM($private_key);
+
+                $result = openssl_pkey_derive($publicPem, $privatePem, 256); // @phpstan-ignore-line
+                if ($result === false) {
+                    throw new \Exception('Unable to compute the agreement key');
+                }
+                return $result;
+            } catch (\Throwable $throwable) {
+                //Does nothing. Will fallback to the pure PHP function
+            }
+        }
+
+
+        $curve = NistCurve::curve256();
+        try {
+            $rec_x = self::convertBase64ToBigInteger($public_key->get('x'));
+            $rec_y = self::convertBase64ToBigInteger($public_key->get('y'));
+            $sen_d = self::convertBase64ToBigInteger($private_key->get('d'));
+            $priv_key = PrivateKey::create($sen_d);
+            $pub_key = $curve->getPublicKeyFrom($rec_x, $rec_y);
+
+            return hex2bin($curve->mul($pub_key->getPoint(), $priv_key->getSecret())->getX()->toBase(16)); // @phpstan-ignore-line
+        } catch (\Throwable $e) {
+            $rec_x = self::convertBase64ToGMP($public_key->get('x'));
+            $rec_y = self::convertBase64ToGMP($public_key->get('y'));
+            $sen_d = self::convertBase64ToGMP($private_key->get('d'));
+            $priv_key = PrivateKey::create($sen_d); // @phpstan-ignore-line
+            $pub_key = $curve->getPublicKeyFrom($rec_x, $rec_y); // @phpstan-ignore-line
+
+            return hex2bin(gmp_strval($curve->mul($pub_key->getPoint(), $priv_key->getSecret())->getX(), 16)); // @phpstan-ignore-line
+        }
+    }
+
+    /**
+     * @param string $value
+     * @return BigInteger
+     */
+    private static function convertBase64ToBigInteger(string $value): BigInteger
+    {
+        $value = unpack('H*', Base64Url::decode($value));
+
+        return BigInteger::fromBase($value[1], 16);
+    }
+
+    /**
+     * @param string $value
+     * @return \GMP
+     */
+    private static function convertBase64ToGMP(string $value): \GMP
+    {
+        $value = unpack('H*', Base64Url::decode($value));
+
+        return gmp_init($value[1], 16);
+    }
 }

src/Utils.php

@@ -13,6 +13,9 @@
 
 namespace Minishlink\WebPush;
 
+use Base64Url\Base64Url;
+use Brick\Math\BigInteger;
+use Jose\Component\Core\JWK;
 use Jose\Component\Core\Util\Ecc\PublicKey;
 
 class Utils
@@ -35,8 +38,28 @@ public static function safeStrlen(string $value): int
     public static function serializePublicKey(PublicKey $publicKey): string
     {
         $hexString = '04';
-        $hexString .= str_pad(gmp_strval($publicKey->getPoint()->getX(), 16), 64, '0', STR_PAD_LEFT);
-        $hexString .= str_pad(gmp_strval($publicKey->getPoint()->getY(), 16), 64, '0', STR_PAD_LEFT);
+        $point = $publicKey->getPoint();
+        if ($point->getX() instanceof BigInteger) {
+            $hexString .= str_pad($point->getX()->toBase(16), 64, '0', STR_PAD_LEFT);
+            $hexString .= str_pad($point->getY()->toBase(16), 64, '0', STR_PAD_LEFT);
+        } else { // @phpstan-ignore-line
+            $hexString .= str_pad(gmp_strval($point->getX(), 16), 64, '0', STR_PAD_LEFT);
+            $hexString .= str_pad(gmp_strval($point->getY(), 16), 64, '0', STR_PAD_LEFT); // @phpstan-ignore-line
+        }
+
+        return $hexString;
+    }
+
+    /**
+     * @param JWK $jwk
+     *
+     * @return string
+     */
+    public static function serializePublicKeyFromJWK(JWK $jwk): string
+    {
+        $hexString = '04';
+        $hexString .= str_pad(bin2hex(Base64Url::decode($jwk->get('x'))), 64, '0', STR_PAD_LEFT);
+        $hexString .= str_pad(bin2hex(Base64Url::decode($jwk->get('y'))), 64, '0', STR_PAD_LEFT);
 
         return $hexString;
     }

src/VAPID.php

@@ -16,9 +16,6 @@
 use Base64Url\Base64Url;
 use Jose\Component\Core\AlgorithmManager;
 use Jose\Component\Core\JWK;
-use Jose\Component\Core\Util\Ecc\NistCurve;
-use Jose\Component\Core\Util\Ecc\Point;
-use Jose\Component\Core\Util\Ecc\PublicKey;
 use Jose\Component\KeyManagement\JWKFactory;
 use Jose\Component\Signature\Algorithm\ES256;
 use Jose\Component\Signature\JWSBuilder;
@@ -55,12 +52,8 @@ public static function validate(array $vapid): array
             if ($jwk->get('kty') !== 'EC' || !$jwk->has('d') || !$jwk->has('x') || !$jwk->has('y')) {
                 throw new \ErrorException('Invalid PEM data.');
             }
-            $publicKey = new PublicKey(Point::create(
-                gmp_init(bin2hex(Base64Url::decode($jwk->get('x'))), 16),
-                gmp_init(bin2hex(Base64Url::decode($jwk->get('y'))), 16)
-            ));
 
-            $binaryPublicKey = hex2bin(Utils::serializePublicKey($publicKey));
+            $binaryPublicKey = hex2bin(Utils::serializePublicKeyFromJWK($jwk));
             if (!$binaryPublicKey) {
                 throw new \ErrorException('Failed to convert VAPID public key from hexadecimal to binary');
             }
@@ -173,16 +166,14 @@ public static function getVapidHeaders(string $audience, string $subject, string
      */
     public static function createVapidKeys(): array
     {
-        $curve = NistCurve::curve256();
-        $privateKey = $curve->createPrivateKey();
-        $publicKey = $curve->createPublicKey($privateKey);
+        $jwk = JWKFactory::createECKey('P-256');
 
-        $binaryPublicKey = hex2bin(Utils::serializePublicKey($publicKey));
+        $binaryPublicKey = hex2bin(Utils::serializePublicKeyFromJWK($jwk));
         if (!$binaryPublicKey) {
             throw new \ErrorException('Failed to convert VAPID public key from hexadecimal to binary');
         }
 
-        $binaryPrivateKey = hex2bin(str_pad(gmp_strval($privateKey->getSecret(), 16), 2 * self::PRIVATE_KEY_LENGTH, '0', STR_PAD_LEFT));
+        $binaryPrivateKey = hex2bin(str_pad(bin2hex(Base64Url::decode($jwk->get('d'))), 2 * self::PRIVATE_KEY_LENGTH, '0', STR_PAD_LEFT));
         if (!$binaryPrivateKey) {
             throw new \ErrorException('Failed to convert VAPID private key from hexadecimal to binary');
         }

tests/EncryptionTest.php

@@ -12,8 +12,10 @@
  */
 
 use Base64Url\Base64Url;
+use Jose\Component\Core\JWK;
 use Jose\Component\Core\Util\Ecc\NistCurve;
 use Jose\Component\Core\Util\Ecc\PrivateKey;
+use Jose\Component\KeyManagement\JWKFactory;
 use Minishlink\WebPush\Encryption;
 use Minishlink\WebPush\Utils;
 
@@ -32,16 +34,16 @@ public function testDeterministicEncrypt()
         $userAuthToken = 'BTBZMqHH6r4Tts7J_aSIgg';
 
         $localPublicKey = Base64Url::decode('BP4z9KsN6nGRTbVYI_c7VJSPQTBtkgcy27mlmlMoZIIgDll6e3vCYLocInmYWAmS6TlzAC8wEqKK6PBru3jl7A8');
-        $localPrivateKey = Base64Url::decode('yfWPiYE-n46HLnH0KqZOF1fJJU3MYrct3AELtAQ-oRw');
         $salt = Base64Url::decode('DGv6ra1nlYgDCS1FRnbzlw');
 
-        $localPrivateKeyObject = PrivateKey::create(gmp_init(bin2hex($localPrivateKey), 16));
-        $curve = NistCurve::curve256();
         [$localPublicKeyObjectX, $localPublicKeyObjectY] = Utils::unserializePublicKey($localPublicKey);
-        $localPublicKeyObject = $curve->getPublicKeyFrom(
-            gmp_init(bin2hex($localPublicKeyObjectX), 16),
-            gmp_init(bin2hex($localPublicKeyObjectY), 16)
-        );
+        $localJwk = new JWK([
+            'kty' => 'EC',
+            'crv' => 'P-256',
+            'd' => 'yfWPiYE-n46HLnH0KqZOF1fJJU3MYrct3AELtAQ-oRw',
+            'x' => Base64Url::encode($localPublicKeyObjectX),
+            'y' => Base64Url::encode($localPublicKeyObjectY),
+        ]);
 
         $expected = [
             'localPublicKey' => $localPublicKey,
@@ -54,7 +56,7 @@ public function testDeterministicEncrypt()
             $userPublicKey,
             $userAuthToken,
             $contentEncoding,
-            [$localPublicKeyObject, $localPrivateKeyObject],
+            [$localJwk],
             $salt
         );
 
@@ -87,7 +89,7 @@ public function testPadPayload(string $payload, int $maxLengthToPad, int $expect
     {
         $res = Encryption::padPayload($payload, $maxLengthToPad, "aesgcm");
 
-        $this->assertContains('test', $res);
+        $this->assertStringContainsString('test', $res);
         $this->assertEquals($expectedResLength, Utils::safeStrlen($res));
     }