Merge branch 'release/0.1.0'

.gitignore

@@ -6,3 +6,4 @@
 /vendor/
 composer.lock
 /build/
+/.vagrant/

.travis.yml

@@ -1,32 +1,26 @@
 #Travis CI configuration (https://travis-ci.org/)
 language: php
 sudo: false
+php:
+  - 5.6
+  - 7.0
+  - 7.1
+  - hhvm
+  - nightly
+  - hhvm-nightly
+
 matrix:
-    fast_finish: true
-    include:
-        - php: 5.6
-          env: DEPS=low
-        - php: 5.6
-        - php: 7.0
-          env: DEPS=low
-        - php: 7.0
-        - php: 7.0
-          env: DEPS=low
-        - php: 7.1
-          env: DEPS=low
-        - php: 7.1
-        - php: hhvm
-          env: DEPS=low
+    allow_failures:
         - php: hhvm
-        - php: nightly
+        - php: hhvm-nightly
 
 before_script:
     - travis_retry composer self-update
-    - if [[ $DEPS = low ]]; then travis_retry composer update --no-interaction --prefer-lowest --dev; fi
-    - if [[ !$DEPS ]]; then travis_retry composer install --no-interaction --dev; fi
+    - travis_retry composer install --no-interaction --dev
 
 script:
     - composer test-with-coverage
+    - composer benchmark
 
 after_success:
   - travis_retry vendor/bin/coveralls -v

README.md

@@ -4,6 +4,9 @@
 [![Coverage Status](https://coveralls.io/repos/github/swiftcore-lib/php-jose/badge.svg?branch=master)](https://coveralls.io/github/swiftcore-lib/php-jose?branch=master)
 [![PHP 7 ready](http://php7ready.timesplinter.ch/swiftcore-lib/php-jose/master/badge.svg)](https://travis-ci.org/swiftcore-lib/php-jose)
 
-A Javascript Object Signing and Encryption (JOSE) PHP Implementation.
+A hihg performance pure PHP implementation of Javascript Object Signing and Encryption (JOSE).
+
+Refer to [Wiki](https://github.com/swiftcore-lib/php-jose/wiki) page for more information.
+
+
 
-Refer to [Wiki](https://github.com/swiftcore-lib/php-jose/wiki) page for more information.

composer.json

@@ -3,7 +3,10 @@
     "description": "Pure PHP implementation of JSON Object Signing and Encryption library.",
     "type": "library",
     "require": {
-        "php": "^5.6|^7.0"
+        "php": "^5.6|^7.0",
+        "lib-openssl": "*",
+        "ext-gmp": "*",
+        "fgrosse/phpasn1": "^1.5"
     },
     "require-dev": {
         "phpunit/phpunit": "^5.5",
@@ -20,6 +23,7 @@
         }
     },
     "scripts": {
+        "benchmark": "performance/run.php",
         "test": "vendor/bin/phpunit",
         "test-with-coverage": "vendor/bin/phpunit --verbose --coverage-clover build/logs/clover.xml"
     },

performance/run.php

@@ -0,0 +1,135 @@
+#!/usr/bin/env php
+<?php
+ini_set('memory_limit', '512M');
+define('BASE_PATH', __DIR__  . '/..');
+require_once BASE_PATH . '/vendor/autoload.php';
+
+use Swiftcore\Jose\JWK;
+use Swiftcore\Jose\Element\Headers;
+use Swiftcore\Jose\Element\Payload;
+use Swiftcore\Jose\JWS;
+use Swiftcore\Jose\Element\Signature;
+
+$results = [];
+$jwkPrivate = JWK::create(
+    new Headers(['kty' => 'RSA']),
+    ['file' => BASE_PATH . '/tests/keys/rsa_private1.pem',
+        'pwd' => '123123']
+);
+$jwkPublic = JWK::create(
+    new Headers(['kty' => 'RSA']),
+    ['file' => BASE_PATH . '/tests/keys/rsa_public1.pem']
+);
+
+$testdata = [
+    '1KB' => [
+        'payload' => openssl_random_pseudo_bytes(1024),
+        'loop' => 1000,
+    ],
+    '100KB' => [
+        'payload' => openssl_random_pseudo_bytes(1024 * 100),
+        'loop' => 1000,
+    ],
+    '2MB' => [
+        'payload' => openssl_random_pseudo_bytes(1024 * 1024 * 2),
+        'loop' => 50,
+    ],
+    '10MB' => [
+        'payload' => openssl_random_pseudo_bytes(1024 * 1024 * 10),
+        'loop' => 20,
+    ],
+];
+foreach ($testdata as $size => $data) {
+    $methods = ['RS256', 'RS384', 'RS512'];
+    foreach ($methods as $method) {
+        output("Running signature {$method} signing with {$size} payload benchmark...");
+        $start = microtime(true);
+        for ($i = 0; $i < $data['loop']; $i++) {
+            $headers = new Headers([
+                'alg' => 'RS256',
+                'b64' => true,
+                'crit' => ['b64', 'alg']
+            ]);
+            $payload = new Payload($data['payload']);
+
+            $jws = new JWS($jwkPrivate, $payload, $headers);
+            $jws->sign();
+        }
+        $stop = microtime(true);
+        output("Signature {$method} signing benchmark DONE!");
+        $total = ($stop - $start) * 1000;
+
+        $results[$size]['signature']['signing'][$method] = [
+            'total' => $total,
+            'loop' => $data['loop'],
+        ];
+    }
+
+    // verifying
+    $jws = [
+        'RS256' => new JWS(
+            $jwkPublic,
+            new Payload($data['payload']),
+            new Headers(['alg' => 'RS256', 'b64' => true, 'crit' => ['b64', 'alg']]),
+            new Signature('P2rxkB1tbnABHAbhKafL3MgkXCVszkfTrZrtEzAEqY9azVKI90v3wz0Peh-WIt7BC_GTaoQx91bz2tfEYtZm2sAxlbSzEc1JK4FlgpQw8UdLLkbw2pi73ABVo675Z2OPjQuD_hlDhLp0jisE0Z65epusCc45ol9HQSRCwZNUZLf5RK10OtsvCmSwxEcrd0INOJbb_MibTg40d49iJ74KZHv5taCBPv9ilqXmjwlQ1eGpfsg7XZtn4sPmIzkFvFTMNEXCIRn5AX20uRtjNqMKClFOPkQdNE_-YHmacrfL03EJDsJDcGATCWrMtbs09u1lfMSvnncw0HLcYze74FTfaA')
+        ),
+        'RS384' => new JWS(
+            $jwkPublic,
+            new Payload($data['payload']),
+            new Headers(['alg' => 'RS384', 'b64' => true, 'crit' => ['b64', 'alg']]),
+            new Signature('P-4dDr4dterZnq5KwprUK3eb1zSmIwF8ZNkNsV_QFyFELE6mBSbmyEwOanODjjpgoNnQwdT9ZJuNCQlT4pdYcqyrKxamUPSVOciNIbDYzFeDz5DFX71hn_J3kIRQiEIYGMufEXhgO8kzvMysZ0GJJnVWR2FHpHd5ihlIXowda5919WEHKpPbtNm_i1Guw06W9O9JyUJtFmxoDrK1RkaI-JhEHCfJiN0oKy0mYFS7LzfrqOTFt6l16T7AVjeovXH_j-_AQbn9ZmTy9PqlsdXHpKFipMCM59gpJqK9bzNDa92GUmMeadv5vtu2wZf9n818GVT8Xs7ECG7Dv1bWdpEyYg')
+        ),
+        'RS512' => new JWS(
+            $jwkPublic,
+            new Payload($data['payload']),
+            new Headers(['alg' => 'RS512', 'b64' => true, 'crit' => ['b64', 'alg']]),
+            new Signature('ZuuSCKZ-xPWCeT1Fd3MPBdFDi2XG3sNd6uWK7A2EkBID2bWg1qy0vJpd6UkwS5lFbA2AgwH5aIvm7gwLwj1UxIroeWqJEJ5bhgakjfasG3X7DNhr3l6GLzRS97jLsy6OtEqkspiHgxhYLCZkJ2SKJ0dThyjBT2E1vyaaqhRRrMBITfFX_tYyqPuBb1hvvstXPN_MfAa6yvGa_4E627lsqLTbEtdTXPa6wxWV3cmGlwE3_tDInBU5d3HEKUMwlv7GLXHMwL-6TBhurqepSRzkD_DM6zyuzzH8fFBo0QmnwivHXkggsT-lTFBO_zhgi4NtCvpqsw-A2jV3huBViCLxzA')
+        ),
+    ];
+
+    foreach ($methods as $method) {
+        output("Running signature {$method} verifying benchmark...");
+        $start = microtime(true);
+        for ($i = 0; $i < $data['loop']; $i++) {
+            // verify signature
+            $result = $jws[$method]->verify();
+        }
+        $stop = microtime(true);
+        output("Signature {$method} verifying benchmark DONE!");
+        $total = ($stop - $start) * 1000;
+
+        $results[$size]['signature']['verifying'][$method] = [
+            'total' => $total,
+            'loop' => $data['loop'],
+        ];
+    }
+}
+
+
+
+
+//	Algorithm	|	Average	|	Total		|	Count
+//	---------	|	-------	|	-----		|	-----
+//	RS256		|	0.123ms	|	11434.123ms	|	1000000
+foreach ($results as $size => $tests) {
+    foreach ($tests as $type => $actions) {
+        output('### ' . ucwords($type) . " Benchmark of {$size} payload" . PHP_EOL);
+        foreach ($actions as $action => $methods) {
+            output("#### " . ucwords($action) . PHP_EOL);
+            output("\tAlgorithm\t|\tAverage\t|\tTotal\t\t|\tCount");
+            output("\t---------\t|\t-------\t|\t-----\t\t|\t-----");
+            foreach ($methods as $method => $result) {
+                $total = round($result['total'], 0);
+                $count = $result['loop'];
+                $average = round($result['total'] / $result['loop'], 3);
+                output("\t{$method}\t\t|\t{$average} ms\t|\t{$total} ms\t|\t{$count}");
+            }
+            output(PHP_EOL);
+        }
+    }
+}
+
+function output($line)
+{
+    echo $line . PHP_EOL;
+}

phpunit.xml

@@ -17,9 +17,11 @@
     </testsuites>
 
     <filter>
-        <whitelist processUncoveredFilesFromWhitelist="true">
+        <whitelist addUncoveredFilesFromWhitelist="true"
+                   processUncoveredFilesFromWhitelist="false">
             <directory suffix=".php">./</directory>
             <exclude>
+                <directory>./performance</directory>
                 <directory>./tests</directory>
                 <directory>./vendor</directory>
             </exclude>

src/Exception/InvalidJwkException.php

@@ -4,4 +4,4 @@
 class InvalidJwkException extends \InvalidArgumentException
 {
 
-}
+}

src/Jose/Algorithm/RSASHA.php

@@ -0,0 +1,39 @@
+<?php
+namespace Swiftcore\Jose\Algorithm;
+
+use Swiftcore\Jose\JWK;
+use Swiftcore\Jose\JWS;
+
+abstract class RSASHA
+{
+    protected $method;
+
+    protected function method($method = null)
+    {
+        if (!empty($method)) {
+            $this->method = $method;
+        }
+
+        return $this->method;
+    }
+
+    public function sign(JWK $jwk, JWS $jws)
+    {
+        $payload = strval($jws->payload);
+        $protected = strval($jws->protected);
+
+        $input = sprintf('%s.%s', $protected, $payload);
+        openssl_sign($input, $signature, $jwk->key, $this->method);
+        return $signature;
+    }
+
+    public function verify(JWK $jwk, JWS $jws)
+    {
+        $signature = $jws->signature->raw();
+        $input = sprintf('%s.%s', $jws->protected, $jws->payload);
+
+        $verified = openssl_verify($input, $signature, $jwk->key, $this->method);
+
+        return 1 === $verified;
+    }
+}

src/Jose/Algorithm/Signature/RS256.php

@@ -1,30 +1,12 @@
 <?php
 namespace Swiftcore\Jose\Algorithm\Signature;
 
-use Swiftcore\Base64Url;
-use Swiftcore\Jose\JWK;
-use Swiftcore\Jose\JWS;
+use Swiftcore\Jose\Algorithm\RSASHA;
 
-class RS256
+class RS256 extends RSASHA
 {
-    public static function sign(JWK $jwk, JWS $jws)
+    public function __construct()
     {
-        $payload = strval($jws->payload);
-        $protected = strval($jws->protected);
-
-        $input = sprintf('%s.%s', $protected, $payload);
-
-        openssl_sign($input, $signature, $jwk->key, OPENSSL_ALGO_SHA256);
-        return $signature;
-    }
-
-    public static function verify(JWK $jwk, JWS $jws)
-    {
-        $signature = $jws->signature->raw();
-        $input = sprintf('%s.%s', $jws->protected, $jws->payload);
-
-        $verified = openssl_verify($input, $signature, $jwk->key, OPENSSL_ALGO_SHA256);
-
-        return 1 === $verified;
+        $this->method('SHA256');
     }
-}
+}

src/Jose/Algorithm/Signature/RS384.php

@@ -0,0 +1,12 @@
+<?php
+namespace Swiftcore\Jose\Algorithm\Signature;
+
+use Swiftcore\Jose\Algorithm\RSASHA;
+
+class RS384 extends RSASHA
+{
+    public function __construct()
+    {
+        $this->method('SHA384');
+    }
+}

src/Jose/Algorithm/Signature/RS512.php

@@ -0,0 +1,12 @@
+<?php
+namespace Swiftcore\Jose\Algorithm\Signature;
+
+use Swiftcore\Jose\Algorithm\RSASHA;
+
+class RS512 extends RSASHA
+{
+    public function __construct()
+    {
+        $this->method('SHA512');
+    }
+}

src/Jose/Element/Arrayable.php

@@ -1,7 +1,7 @@
 <?php
 namespace Swiftcore\Jose\Element;
 
-use Swiftcore\Base64Url;
+use Swiftcore\Utility\Base64Url;
 
 abstract class Arrayable extends \ArrayObject
 {

src/Jose/Element/Stringable.php

@@ -1,7 +1,7 @@
 <?php
 namespace Swiftcore\Jose\Element;
 
-use Swiftcore\Base64Url;
+use Swiftcore\Utility\Base64Url;
 
 abstract class Stringable
 {

src/Jose/JWK.php

@@ -1,7 +1,6 @@
 <?php
 namespace Swiftcore\Jose;
 
-use Swiftcore\Exception\InvalidJwkException;
 use Swiftcore\Jose\Element\Headers;
 
 class JWK