feat: add support for P-384 curve (#515)

firebase · Jun 14, 2023 · 5de4323 · 5de4323
1 parent 15d579a
commit 5de4323
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 7 deletions.
diff --git a/src/JWK.php b/src/JWK.php
@@ -27,7 +27,7 @@ class JWK
     private const EC_CURVES = [
         'P-256' => '1.2.840.10045.3.1.7', // Len: 64
         'secp256k1' => '1.3.132.0.10', // Len: 64
-        // 'P-384' => '1.3.132.0.34', // Len: 96 (not yet supported)
+        'P-384' => '1.3.132.0.34', // Len: 96
         // 'P-521' => '1.3.132.0.35', // Len: 132 (not supported)
     ];
 
@@ -182,7 +182,7 @@ public static function parseKey(array $jwk, string $defaultAlg = null): ?Key
     /**
      * Converts the EC JWK values to pem format.
      *
-     * @param   string  $crv The EC curve (only P-256 is supported)
+     * @param   string  $crv The EC curve (only P-256 & P-384 is supported)
      * @param   string  $x   The EC x-coordinate
      * @param   string  $y   The EC y-coordinate
      *

diff --git a/tests/JWKTest.php b/tests/JWKTest.php
@@ -129,11 +129,11 @@ public function testDecodeByJwkKeySetTokenExpired()
     /**
      * @dataProvider provideDecodeByJwkKeySet
      */
-    public function testDecodeByJwkKeySet($pemFile, $jwkFile, $alg)
+    public function testDecodeByJwkKeySet($pemFile, $jwkFile, $alg, $keyId)
     {
         $privKey1 = file_get_contents(__DIR__ . '/data/' . $pemFile);
         $payload = ['sub' => 'foo', 'exp' => strtotime('+10 seconds')];
-        $msg = JWT::encode($payload, $privKey1, $alg, 'jwk1');
+        $msg = JWT::encode($payload, $privKey1, $alg, $keyId);
 
         $jwkSet = json_decode(
             file_get_contents(__DIR__ . '/data/' . $jwkFile),
@@ -149,9 +149,10 @@ public function testDecodeByJwkKeySet($pemFile, $jwkFile, $alg)
     public function provideDecodeByJwkKeySet()
     {
         return [
-            ['rsa1-private.pem', 'rsa-jwkset.json', 'RS256'],
-            ['ecdsa256-private.pem', 'ec-jwkset.json', 'ES256'],
-            ['ed25519-1.sec', 'ed25519-jwkset.json', 'EdDSA'],
+            ['rsa1-private.pem', 'rsa-jwkset.json', 'RS256', 'jwk1'],
+            ['ecdsa256-private.pem', 'ec-jwkset.json', 'ES256', 'jwk1'],
+            ['ecdsa384-private.pem', 'ec-jwkset.json', 'ES384', 'jwk4'],
+            ['ed25519-1.sec', 'ed25519-jwkset.json', 'EdDSA', 'jwk1'],
         ];
     }
 

diff --git a/tests/data/ec-jwkset.json b/tests/data/ec-jwkset.json
@@ -26,6 +26,15 @@
             "x": "EFpwNuP322bU3WP1DtJgx67L0CUV1MxNixqPVMH2L9Q",
             "y": "_fSTbijIJjpsqL16cIEvxxf3MaYMY8MbqEq066yV9ls",
             "alg": "ES256K"
+        },
+        {
+            "kty": "EC",
+            "use": "sig",
+            "crv": "P-384",
+            "kid": "jwk4",
+            "x": "FhXXcyKmWkTkdVbWYYU3dtJqpJ0JmLGftEdNzUEFEKSU5MlnLr_FjcneszvXAqEB",
+            "y": "M4veJF_dO_zhFk44bh_ELXbp0_nn9QaViVtQpuTvpu29eefx6PfUMqX0K--IS4NQ",
+            "alg": "ES384"
         }
     ]
 }