/** * @param array $values * * @return \phpseclib\Crypt\RSA */ private function getRsaObject(array $values) { $rsa = KeyConverter::fromArrayToRSACrypt($values); $encryption_mode = $this->getEncryptionMode(); $rsa->setEncryptionMode($encryption_mode); if (PHPSecLibRSA::ENCRYPTION_OAEP === $encryption_mode) { $rsa->setHash($this->getHashAlgorithm()); $rsa->setMGFHash($this->getHashAlgorithm()); } return $rsa; }
/** * @return \Jose\Object\JWKInterface[] */ public function getKeys() { $content = json_decode($this->getContent(), true); Assertion::isArray($content, 'Invalid content.'); $jwkset = new JWKSet(); foreach ($content as $kid => $cert) { $jwk = KeyConverter::loadKeyFromCertificate($cert); Assertion::notEmpty($jwk, 'Invalid content.'); if (is_string($kid)) { $jwk['kid'] = $kid; } $jwkset->addKey(new JWK($jwk)); } return $jwkset->getKeys(); }
/** * {@inheritdoc} */ public function sign(JWKInterface $key, $input) { $this->checkKey($key); $values = array_intersect_key($key->getAll(), array_flip(['n', 'e', 'p', 'd', 'q', 'dp', 'dq', 'qi'])); $rsa = KeyConverter::fromArrayToRSACrypt($values); if ($rsa->getPrivateKey() === false) { throw new \InvalidArgumentException('The key is not a private key'); } $rsa->setHash($this->getAlgorithm()); if ($this->getSignatureMethod() === \phpseclib\Crypt\RSA::SIGNATURE_PSS) { $rsa->setMGFHash($this->getAlgorithm()); $rsa->setSaltLength(0); } $rsa->setSignatureMode($this->getSignatureMethod()); $result = $rsa->sign($input); if ($result === false) { throw new \RuntimeException('An error occurred during the creation of the signature'); } return $result; }
/** * {@inheritdoc} */ public static function createFromX5C(array $x5c, array $additional_values = []) { $values = KeyConverter::loadFromX5C($x5c); $values = array_merge($values, $additional_values); return new JWK($values); }
/** * @param string $x5u * @param bool $allow_unsecured_connection * * @return \Jose\Object\JWKSetInterface */ public static function createFromX5U($x5u, $allow_unsecured_connection = false) { $content = self::downloadContent($x5u, $allow_unsecured_connection); $content = json_decode($content, true); if (!is_array($content)) { throw new \InvalidArgumentException('Invalid content.'); } $jwkset = new JWKSet(); foreach ($content as $kid => $cert) { $jwk = KeyConverter::loadKeyFromCertificate($cert); if (empty($jwk)) { throw new \InvalidArgumentException('Invalid content.'); } if (is_string($kid)) { $jwk['kid'] = $kid; } $jwkset->addKey(new JWK($jwk)); } return $jwkset; }