/** * {@inheritdoc} */ public function sign(JWKInterface $key, $input) { $this->checkKey($key); Assertion::true($key->has('d'), 'The key is not a private key'); $priv = new RSAKey($key); if ($this->getSignatureMethod() === self::SIGNATURE_PSS) { $signature = JoseRSA::sign($priv, $input, $this->getAlgorithm()); $result = is_string($signature); } else { $result = openssl_sign($input, $signature, $priv->toPEM(), $this->getAlgorithm()); } Assertion::true($result, 'An error occurred during the creation of the signature'); return $signature; }
/** * {@inheritdoc} */ public function decryptKey(JWKInterface $key, $encrypted_key, array $header) { $this->checkKey($key); Assertion::true($key->has('d'), 'The key is not a private key'); $priv = new RSAKey($key); if (self::ENCRYPTION_OAEP === $this->getEncryptionMode()) { $decrypted = JoseRSA::decrypt($priv, $encrypted_key, $this->getHashAlgorithm()); Assertion::string($decrypted, 'Unable to decrypt the data.'); return $decrypted; } else { $res = openssl_private_decrypt($encrypted_key, $decrypted, $priv->toPEM(), OPENSSL_PKCS1_PADDING | OPENSSL_RAW_DATA); Assertion::true($res, 'Unable to decrypt the data.'); return $decrypted; } }