protected function getPublicKeySet()
{
$private = $this->getPrivateKeySet();
$set = new KeySet();
foreach ($private->getKeys() as $key) {
if ($key instanceof SymmetricKey) {
$set->add($key);
} else {
$set->add($key->getPublicKey());
}
}
return $set;
}
function testRSAOAEP256()
{
$cek = base64_decode('VIWbNCxJ6io=');
$private_set = new KeySet();
$private_set->add(new RSAKey(array("kty" => "RSA", "kid" => "rsa-oaep-256", "n" => "pylWkxVbGBO7hId_tFNDVW4FaAQ95ZEIcqOlGMwR4j4tt06vRUUGjE49JYonGPus3MPq-kV2lblX6I-_EQrtBJqZLZxDAjLQLzUpxno0GZNeqbVp-FsbzTfea4mc1iaX6EMTD_BSnQnJfYE8sV8pN1H_VvlD-9q7Y5ccx_T21b_xWUQWsfWQe95ahKRPmALvKbQ72hlg-Uj4r7h2bBq4DTLuyI7WbQtlrr5EptCzxeCrBRqqG5EvvMF7jnUd3sxTZbbbbasAIMMFfbQBOlEhOleYo6q2eYWw9NiGJ6VKDz8ChfvLSv3-tlyxU69mglZW1DI4t1UDIxUAdT9OQh48Vw", "e" => "AQAB", "d" => "ZdrVasffertDTky17q2xYJOqbafwAzqtOBUomwR1fTK_7mred0nI5KMjtQUKL7niqZ4jRp4e1Lpbq1QzavIKW_zLizQkzGkj2y_8pXh-2HqoeqYUzQTO2uvI9iOi0gYwF5EPQ23_GLsG8BdYYQeH-LJY8Kjv2L194wAHxHsqEDFpbH1lI7wZHU2RiSen4LCVhO0gW9L_T8Q4JnjfgjU_dTKzu7gdaePzkHCu0_tk_OAyoIno5klVr6UhOm6yQSMb2Y1wL7pyWpsgWVL9oYZBLZ4Nk0TSmYxFWtjCuuhe5nJ1FGbVKIMEAytbfgL35VjHr4LH-_WO6gu07w8AHmzQqQ", "p" => "1P2aw0dPuDqvgyRwZDYJZZ5RGzImMrI5tojzzSqth1J9bPZS-5ycpnlA6EeJRE8umbDLDPq71N6VOWEGyGXzji-3uCsjEmCpTfDgF1a_c84DhoaNnEFkVWCoGvL1PBjk983z1R2AJnNy5uAhavv2f2VclFB2nMpJTk9mMbI5zhs", "q" => "yOqg4qGzpEEqcCvM2pP00VDaYNc2yZx8Vm_epN0bQBy8DYwGParwtXmVPTY0OqGLM9v4uerpRFJJDMkFJF-Pe54psaKIvGZzGinh3RpFyf1_gjj_cnrcSf_3OZHQ3AliBrnToI9h50YuK4BNeMuMXszbm3-9Ktao_qRsEFPhvnU", "dp" => "EO3LVEQhwPnhI2JNEJn-6zXHKos04Aisb6a5AhCnVD8pOvTlKZyMEutGTnAJKAXHJW4Y5YI0VboPUE029cysrBt81cWP9xD5w_kmRpSdiP3R5-pf7RCBggu5sNKozUsJP-z9uW2r1uKMOm-MGG3IbN3Imv0-QD4Pz4qeC8snrws", "dq" => "l_wlSEtaQV6qY8A-bvqNr-mhyLAE2e5ugFSP79byzkTuXLEX535wKFeY9X0TdWbOjqRQOxPg8bXtXKaUJTfEqpayo5V4Kky1tY0JNuCw-mOxGSlU05ztF21x7zLG9CyE4uGfnU3ZmcIVGwMrl70iqnP9jFvNFaLcpARtWsyZcCE", "qi" => "S7gGTh7_fp78PEV4_O21nKSu8Jk6gxLf3LGz3s9FiqZlDT0IZvFDy_DTgl6TgRgRcKChZR7vzX3veGuOs1ZVXZ-gfIW19cvddDgvESm142tBZrbMkVeSNplwhkghLEhJWDUf3JzxTyGNvn-_fL2TogmkaB_iPOtEurZ9ZvRdHJ0"), 'php'));
$public_set = new KeySet();
$public_set->add($private_set->getById('rsa-oaep-256')->getPublicKey());
$headers = array();
$alg = new RSAES('RSA-OAEP-256');
$encrypted_key = $alg->encryptKey($cek, $public_set, $headers);
$new_cek = $alg->decryptKey($encrypted_key, $private_set, $headers);
$this->assertEquals(base64_encode($cek), base64_encode($new_cek));
}
/**
* Convenience function for creating a `KeySet` from a single symmetric
* key.
*
* @param string $secret the secret
* @param string $format the format of the secret - see {@link SymmetricKey::__create()}
* for further details
* @return KeySet the created key set
*/
public static function createFromSecret($secret, $format = 'bin')
{
$set = new KeySet();
$key = new SymmetricKey($secret, $format);
$set->add($key);
return $set;
}
public function execute(InputInterface $input, OutputInterface $output)
{
parent::execute($input, $output);
$key_file = $input->getArgument('key_file');
if (!file_exists($key_file)) {
$output->writeln('File not found: ' . $key_file);
return 1;
}
$jwks_file = $input->getArgument('jwks_file');
if (file_exists($jwks_file)) {
$set = $this->loadKeySet(file_get_contents($jwks_file));
} else {
if ($input->getOption('create')) {
$set = new KeySet();
} else {
$output->writeln('File not found: ' . $jwks_file);
return 1;
}
}
try {
$key = KeyFactory::create(file_get_contents($key_file), $input->getOption('format'));
} catch (KeyException $e) {
$output->writeln($e->getMessage());
return 2;
}
if ($key == null) {
$output->writeln('Key format or type not recognised');
return 2;
}
if ($input->getOption('id')) {
$key->setKeyId($input->getOption('id'));
}
if ($input->getOption('use')) {
$key->setUse($input->getOption('use'));
}
if ($input->getOption('ops')) {
$key->setOperations($input->getOption('ops'));
}
try {
$set->add($key);
} catch (KeyException $e) {
$output->writeln($e->getMessage());
return 2;
}
$output->writeln('Added key: ' . $key->getKeyId());
file_put_contents($jwks_file, $this->saveKeySet($set));
}
private function getKeySetFromPassword($password, $headers)
{
$salt = $headers['alg'] . "" . Util::base64url_decode($headers['p2s']);
$hash = hash_pbkdf2($this->hash_alg, $password, $salt, $headers['p2c'], $this->getAESKWKeySize() / 8, true);
$keys = new KeySet();
$keys->add(new SymmetricKey($hash, 'bin'));
return $keys;
}
