Implement PS256/384/512

The heavy work is offloaded to phpseclib/phpseclib v3, which is added as a dependency.

composer.json

@@ -20,6 +20,7 @@
         "php": "~8.2.0 || ~8.3.0 || ~8.4.0",
         "ext-openssl": "*",
         "ext-sodium": "*",
+        "phpseclib/phpseclib": "^3.0.36",
         "psr/clock": "^1.0"
     },
     "require-dev": {

src/Signer/RsaPss.php

@@ -0,0 +1,72 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer;
+
+use Lcobucci\JWT\Signer;
+use phpseclib3\Crypt\PublicKeyLoader;
+use phpseclib3\Crypt\RSA;
+use phpseclib3\Crypt\RSA\PrivateKey;
+use phpseclib3\Crypt\RSA\PublicKey;
+use phpseclib3\Exception\NoKeyLoadedException;
+
+use function assert;
+use function is_string;
+
+abstract class RsaPss implements Signer
+{
+    private const MINIMUM_KEY_LENGTH = 2048;
+
+    final public function sign(string $payload, Key $key): string
+    {
+        try {
+            $private = PublicKeyLoader::loadPrivateKey($key->contents(), $key->passphrase());
+        } catch (NoKeyLoadedException $e) {
+            throw new InvalidKeyProvided('It was not possible to parse your key, reason: ' . $e->getMessage());
+        }
+
+        if (! $private instanceof PrivateKey) {
+            throw InvalidKeyProvided::incompatibleKeyType('RSA', $private::class);
+        }
+
+        if ($private->getLength() < self::MINIMUM_KEY_LENGTH) {
+            throw InvalidKeyProvided::tooShort(self::MINIMUM_KEY_LENGTH, $private->getLength());
+        }
+
+        $signature = $private
+            ->withPadding(RSA::SIGNATURE_PSS)
+            ->withHash($this->algorithm())
+            ->withMGFHash($this->algorithm())
+            ->sign($payload);
+
+        assert(is_string($signature) && $signature !== '');
+
+        return $signature;
+    }
+
+    final public function verify(string $expected, string $payload, Key $key): bool
+    {
+        try {
+            $public = PublicKeyLoader::loadPublicKey($key->contents());
+        } catch (NoKeyLoadedException $e) {
+            throw new InvalidKeyProvided('It was not possible to parse your key, reason: ' . $e->getMessage());
+        }
+
+        if (! $public instanceof PublicKey) {
+            throw InvalidKeyProvided::incompatibleKeyType('RSA', $public::class);
+        }
+
+        return $public
+            ->withPadding(RSA::SIGNATURE_PSS)
+            ->withHash($this->algorithm())
+            ->withMGFHash($this->algorithm())
+            ->verify($payload, $expected);
+    }
+
+    /**
+     * Returns which algorithm to be used to create/verify the signature (using phpseclib hash identifiers)
+     *
+     * @internal
+     */
+    abstract public function algorithm(): string;
+}

src/Signer/RsaPss/Sha256.php

@@ -0,0 +1,19 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer\RsaPss;
+
+use Lcobucci\JWT\Signer\RsaPss;
+
+final class Sha256 extends RsaPss
+{
+    public function algorithmId(): string
+    {
+        return 'PS256';
+    }
+
+    public function algorithm(): string
+    {
+        return 'sha256';
+    }
+}

src/Signer/RsaPss/Sha384.php

@@ -0,0 +1,19 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer\RsaPss;
+
+use Lcobucci\JWT\Signer\RsaPss;
+
+final class Sha384 extends RsaPss
+{
+    public function algorithmId(): string
+    {
+        return 'PS384';
+    }
+
+    public function algorithm(): string
+    {
+        return 'sha384';
+    }
+}

src/Signer/RsaPss/Sha512.php

@@ -0,0 +1,19 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer\RsaPss;
+
+use Lcobucci\JWT\Signer\RsaPss;
+
+final class Sha512 extends RsaPss
+{
+    public function algorithmId(): string
+    {
+        return 'PS512';
+    }
+
+    public function algorithm(): string
+    {
+        return 'sha512';
+    }
+}