ILIAS  trunk Revision v11.0_alpha-1713-gd8962da2f67
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
SigningSerializer.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 namespace ILIAS\FileDelivery\Token;
22 
23 use ILIAS\FileDelivery\Token\Serializer\Serializer;
24 use ILIAS\FileDelivery\Token\Signer\Payload\Payload;
25 use ILIAS\FileDelivery\Token\Signer\Payload\StructuredPayload;
26 use ILIAS\FileDelivery\Token\Compression\Compression;
27 use ILIAS\FileDelivery\Token\Transport\Transport;
28 use ILIAS\FileDelivery\Token\Signer\KeyRotatingSigner;
29 use ILIAS\FileDelivery\Token\Signer\Salt\Salt;
30 
36 final class SigningSerializer
37 {
41  private const SEPARATOR = '<<>>';
42 
43  public function __construct(
44  private KeyRotatingSigner $signer,
45  private Serializer $serializer,
46  private Compression $compression,
47  private Transport $transport
48  ) {
49  }
50 
51  public function sign(Payload $payload, Salt $salt): string
52  {
53  // serialize payload
54  $serialized_payload = $this->serializer->serializePayload($payload->get());
55  $serialized_validity = $this->serializer->serializeValidity($payload->until());
56  $signable_payload = $serialized_payload . self::SEPARATOR . $serialized_validity;
57 
58  // sign payload
59  $signature = $this->signer->sign($signable_payload, $salt);
60 
61  $signed_payload = $signable_payload . self::SEPARATOR . $signature;
62 
63  $compressed_payload = $this->compression->compress($signed_payload);
64 
65  $prepare_for_transport = $this->transport->prepareForTransport($compressed_payload);
66 
67  return $prepare_for_transport;
68  }
69 
70  public function verify(string $data, Salt $salt): ?Payload
71  {
72  // decompress payload
73  try {
74  $decompressed_payload = $this->compression->decompress(
75  $this->transport->readFromTransport($data)
76  );
77  } catch (\Throwable) {
78  return null;
79  }
80 
81  $split_data = explode(self::SEPARATOR, $decompressed_payload);
82  $serialized_payload = $split_data[0] ?? '';
83  $validity = $split_data[1] ?? '';
84  $signature = $split_data[2] ?? '';
85 
86  $payload_with_validity = $serialized_payload . self::SEPARATOR . $validity;
87 
88  if ($this->signer->verify($payload_with_validity, $signature, (int) $validity, $salt) === false) {
89  return null;
90  }
91 
92  return new StructuredPayload($this->serializer->unserializePayload($serialized_payload));
93  }
94 }
$payload
if(count($parts) !=3) $payload
Definition: ltitoken.php:67
ILIAS\FileDelivery\Token\SigningSerializer\__construct
__construct(private KeyRotatingSigner $signer, private Serializer $serializer, private Compression $compression, private Transport $transport)
Definition: SigningSerializer.php:43
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ILIAS\FileDelivery\Token\Signer\Salt\Salt
The salt is combined with the secret key to derive a unique key for distinguishing different contexts...
Definition: Salt.php:37