Skip to content

feat(alg): Add ES512 support #566

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Ninos wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat(alg): Add ES512 support #566

Ninos wants to merge 3 commits into from

Conversation

@Ninos
Copy link

@Ninos Ninos commented May 25, 2024
edited
Loading

  • Added: ES512 algorithm
  • CS: strict types & phpdoc

@google-cla
Copy link

google-cla bot commented May 25, 2024

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

@Ninos
Copy link
Author

Ninos commented Oct 9, 2024

I rebased the branch/resolved conflicts, can someone pls review? :-)

bshaffer
bshaffer requested changes Apr 9, 2025
View reviewed changes
composer.json Outdated
"require": {
"php": "^8.0"
"php": "^8.0",
"ext-openssl": "*"
Copy link
Collaborator

@bshaffer bshaffer Apr 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why would we require the extension? This would block existing users from upgrading who are not currently using openssl.

src/JWT.php Outdated
} elseif ($alg === 'ES384') {
$signature = self::signatureFromDER($signature, 384);
} elseif ($alg === 'ES512') {
$signature = self::signatureFromDER($signature, 512);
Copy link
Collaborator

@bshaffer bshaffer Apr 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

am I right in understanding this is the only real code change (other than adding ES512 to the list of supported algorithms)? If so, then this is a small enough change, but I would like to see some tests! See here for examples

php-jwt/tests/JWTTest.php

Line 487 in 27179e1

public function provideEncodeDecode()

@bshaffer
Copy link
Collaborator

bshaffer commented Jan 13, 2026

@Ninos are you still hoping to add this? If so please resolve the conflicts and respond to my questions! thank you.

@Ninos
Copy link
Author

Ninos commented Jan 27, 2026

To be honest, I gave up after getting an empty openssl error & have no much requirements for this lib... Pushed my latest stage, if someone wants to fix, you're welcome :)

The folder ./tests/examples/ can be removed after, also the container (podman/docker) part, if not welcomed. To test, run following:
php tests/examples/jwtTest.php ES512

After that you should get following error:

PHP Fatal error:  Uncaught DomainException: OpenSSL error:  in /srv/app/src/JWT.php:327
Stack trace:
#0 /srv/app/src/JWT.php(150): Firebase\JWT\JWT::verify()
#1 /srv/app/tests/examples/jwtTest.php(37): Firebase\JWT\JWT::decode()
#2 {main}
  thrown in /srv/app/src/JWT.php on line 327

Best part of this, \openssl_error_string() returns empty string :-)

bshaffer
bshaffer reviewed Jan 27, 2026
View reviewed changes
bshaffer
bshaffer reviewed Jan 27, 2026
View reviewed changes
src/JWT.php
$length = max(1, (int) (\strlen($sig) / 2));
$length = match ($alg) {
'ES512' => 66,
default => max(1, (int) (\strlen($sig) / 2)),
Copy link
Collaborator

@bshaffer bshaffer Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
default => max(1, (int) (\strlen($sig) / 2)),
'ES256', 'ES256K', 'ES384' => max(1, (int) (\strlen($sig) / 2)),
default => throw new InvalidArgumentException('unknown ECDNA alg: ' . $alg),

src/JWT.php
*
* @param string $der binary signature in DER format
* @param int $keySize the number of bits in the key
* @param string $alg The algorithm
Copy link
Collaborator

@bshaffer bshaffer Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

$alg parameter here is never used

Suggested change
* @param string $alg The algorithm

src/JWT.php
* @return string the signature
*/
private static function signatureFromDER(string $der, int $keySize): string
private static function signatureFromDER(string $der, int $keySize, string $alg): string
Copy link
Collaborator

@bshaffer bshaffer Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

$alg parameter here is never used

Suggested change
private static function signatureFromDER(string $der, int $keySize, string $alg): string
private static function signatureFromDER(string $der, int $keySize): string

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bshaffer bshaffer bshaffer requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Ninos @bshaffer