/**
* @param array $headers
* @throws RSAJWKMissingPrivateKeyParamException
* @throws RSAJWKMissingPublicKeyParamException
*/
protected function __construct($headers = array())
{
$this->set[JSONWebKeyParameters::KeyType] = new StringOrURI(JSONWebKeyTypes::RSA);
parent::__construct($headers);
if (count($headers) === 0) {
return;
}
foreach (RSAKeysParameters::$public_key_params as $p) {
if (!array_key_exists($p, $headers)) {
throw new RSAJWKMissingPublicKeyParamException();
}
$this->set[$p] = new Base64urlUInt($headers[$p]);
}
$this->visibility = JSONWebKeyVisibility::PublicOnly;
//calculate public key
$this->public_key = RSAFacade::getInstance()->buildPublicKey($this[RSAKeysParameters::Modulus]->toBigInt(), $this[RSAKeysParameters::Exponent]->toBigInt());
if (in_array(RSAKeysParameters::PrivateExponent, $headers)) {
// its a private key
$this->visibility = JSONWebKeyVisibility::IncludePrivate;
$this[RSAKeysParameters::PrivateExponent] = new Base64urlUInt($headers[RSAKeysParameters::PrivateExponent]);
//its has one private param, must have all ...
if (in_array(RSAKeysParameters::FirstPrimeFactor, $headers)) {
foreach (RSAKeysParameters::$producers_private_key_params as $p) {
if (!array_key_exists($p, $headers)) {
throw new RSAJWKMissingPrivateKeyParamException();
}
$this->set[$p] = new Base64urlUInt($headers[$p]);
}
$this->private_key = RSAFacade::getInstance()->buildPrivateKey($this[RSAKeysParameters::Modulus]->toBigInt(), $this[RSAKeysParameters::Exponent]->toBigInt(), $this[RSAKeysParameters::PrivateExponent]->toBigInt(), $this[RSAKeysParameters::FirstPrimeFactor]->toBigInt(), $this[RSAKeysParameters::SecondPrimeFactor]->toBigInt(), $this[RSAKeysParameters::FirstFactorCRTExponent]->toBigInt(), $this[RSAKeysParameters::SecondFactorCRTExponent]->toBigInt(), $this[RSAKeysParameters::FirstCRTCoefficient]->toBigInt());
} else {
$this->private_key = RSAFacade::getInstance()->buildMinimalPrivateKey($this[RSAKeysParameters::Modulus]->toBigInt(), $this[RSAKeysParameters::PrivateExponent]->toBigInt());
}
}
}
/**
* @param IJWKSpecification $spec
* @return IJWK
* @throws InvalidJWKAlgorithm
* @throws InvalidJWKType
*/
public static function build(IJWKSpecification $spec)
{
if (is_null($spec)) {
throw new \InvalidArgumentException('missing spec param');
}
$algorithm = DigitalSignatures_MACs_Registry::getInstance()->get($spec->getAlg());
if (is_null($algorithm)) {
$algorithm = KeyManagementAlgorithms_Registry::getInstance()->get($spec->getAlg());
}
if (is_null($algorithm)) {
throw new InvalidJWKAlgorithm(sprintf('alg %s not supported!', $spec->getAlg()));
}
if ($algorithm->getKeyType() !== JSONWebKeyTypes::RSA) {
throw new InvalidJWKAlgorithm(sprintf('key type %s not supported!', $algorithm->getKeyType()));
}
if ($spec instanceof RSAJWKPEMPrivateKeySpecification) {
$private_key = RSAFacade::getInstance()->buildPrivateKeyFromPEM($spec->getPEM(), $spec->getPrivateKeyPassword());
$public_key = RSAFacade::getInstance()->buildPublicKey($private_key->getModulus(), $private_key->getPublicExponent());
$jwk = RSAJWK::fromKeys(new KeyPair($public_key, $private_key));
$jwk->setAlgorithm($spec->getAlg());
$jwk->setKeyUse($spec->getUse());
return $jwk;
}
if ($spec instanceof RSAJWKParamsPublicKeySpecification) {
$public_key = RSAFacade::getInstance()->buildPublicKey($spec->getModulus()->toBigInt(), $spec->getExponent()->toBigInt());
$jwk = RSAJWK::fromPublicKey($public_key);
$jwk->setAlgorithm($spec->getAlg());
$jwk->setKeyUse($spec->getUse());
$jwk->setId($spec->getKeyId());
$jwk->setX509CertificateChain($spec->getX509CertificateChain());
return $jwk;
}
if ($spec instanceof RSAJWKPEMPublicKeySpecification) {
$public_key = RSAFacade::getInstance()->buildPublicKeyFromPEM($spec->getPEM());
$jwk = RSAJWK::fromPublicKey($public_key);
$jwk->setAlgorithm($spec->getAlg());
$jwk->setKeyUse($spec->getUse());
return $jwk;
}
// default ...
$keys = RSAFacade::getInstance()->buildKeyPair($algorithm->getMinKeyLen());
$jwk = RSAJWK::fromKeys($keys);
$jwk->setAlgorithm($spec->getAlg());
$jwk->setKeyUse($spec->getUse());
return $jwk;
}
public function testRSAFacade()
{
$keys = RSAFacade::getInstance()->buildKeyPair(2048);
$this->assertTrue(!is_null($keys));
}
