This class is used by the ECDH-ES algorithms
See also: https://tools.ietf.org/html/rfc7518#section-4.6.2
Beispiel #1
0
 /**
  * {@inheritdoc}
  */
 public function getAgreementKey($encryption_key_length, $algorithm, JWKInterface $recipient_key, array $complete_header = [], array &$additional_header_values = [])
 {
     if ($recipient_key->has('d')) {
         $this->checkKey($recipient_key, true);
         $private_key = $recipient_key;
         $public_key = $this->getPublicKey($complete_header);
     } else {
         $this->checkKey($recipient_key, false);
         $public_key = $recipient_key;
         switch ($public_key->get('crv')) {
             case 'P-256':
             case 'P-384':
             case 'P-521':
                 $private_key = JWKFactory::createECKey(['crv' => $public_key->get('crv')]);
                 break;
             case 'X25519':
                 $private_key = JWKFactory::createOKPKey(['crv' => 'X25519']);
                 break;
             default:
                 throw new \InvalidArgumentException(sprintf('The curve "%s" is not supported', $public_key->get('crv')));
         }
         $epk = $private_key->toPublic()->getAll();
         $additional_header_values = array_merge($additional_header_values, ['epk' => $epk]);
     }
     Assertion::eq($private_key->get('crv'), $public_key->get('crv'), 'Curves are different');
     $agreed_key = $this->calculateAgreementKey($private_key, $public_key);
     $apu = array_key_exists('apu', $complete_header) ? $complete_header['apu'] : '';
     $apv = array_key_exists('apv', $complete_header) ? $complete_header['apv'] : '';
     return ConcatKDF::generate($agreed_key, $algorithm, $encryption_key_length, $apu, $apv);
 }
Beispiel #2
0
 /**
  * {@inheritdoc}
  */
 public function getAgreementKey($encryption_key_length, JWKInterface $private_key, JWKInterface $public_key = null, array $complete_header = [], array &$additional_header_values = [])
 {
     $this->checkKey($private_key, true);
     if (null === $public_key) {
         $public_key = $this->getPublicKey($complete_header);
     } else {
         $this->checkKey($public_key, false);
         $additional_header_values = array_merge($additional_header_values, ['epk' => ['kty' => $private_key->get('kty'), 'crv' => $private_key->get('crv'), 'x' => $private_key->get('x'), 'y' => $private_key->get('y')]]);
     }
     if ($private_key->get('crv') !== $public_key->get('crv')) {
         throw new \InvalidArgumentException('Curves are different');
     }
     $agreed_key = $this->calculateAgreementKey($private_key, $public_key);
     $apu = array_key_exists('apu', $complete_header) ? $complete_header['apu'] : '';
     $apv = array_key_exists('apv', $complete_header) ? $complete_header['apv'] : '';
     return ConcatKDF::generate($this->convertDecToBin($agreed_key), $complete_header['enc'], $encryption_key_length, $apu, $apv);
 }