/**
* @param \Cyh\Jose\Signing\Signer\SignerInterface $signer
* @param mixed $claims
* @param resource|string $key default null
* @param string $pass_phrase default null
* @return string
* @throws UnexpectedValueException
* @throws InvalidSignatureException
*/
public static function sign(SignerInterface $signer, $claims, $key = null, $pass_phrase = null)
{
$header_arr = array('typ' => 'JWT', 'alg' => $signer->getAlg());
$header = new Header($header_arr);
$message = $header->toString() . '.' . Base64Url::encode(Json::encode($claims));
$signature = $signer->sign($message, $key, $pass_phrase);
$signature_base64 = Base64Url::encode($signature);
return $message . '.' . $signature_base64;
}
/**
* @param AlgInterface $alg
* @param EncInterface $enc
* @param string $content
* @param string $public_or_secret_key
* @return string
*/
public static function encrypt(AlgInterface $alg, EncInterface $enc, $content, $public_or_secret_key)
{
$protected_header = new Header(array('alg' => $alg->getAlg(), 'enc' => $enc->getEnc()));
$aad_base64 = $protected_header->toString();
$cek = new ContentEncryptionKey();
$encrypted_cek = $alg->encrypt($cek->getCek(), $public_or_secret_key);
list($iv, $cipher_text, $auth_tag) = $enc->encrypt($aad_base64, $cek, $content);
return implode('.', [$aad_base64, Base64Url::encode($encrypted_cek), Base64Url::encode($iv), Base64Url::encode($cipher_text), Base64Url::encode($auth_tag)]);
}
