/** * {@inheritdoc} */ public static function createRSAKey(array $values) { Assertion::keyExists($values, 'size', 'The key size is not set.'); $size = $values['size']; unset($values['size']); Assertion::true(0 === $size % 8, 'Invalid key size.'); Assertion::greaterOrEqualThan($size, 384, 'Key length is too short. It needs to be at least 384 bits.'); $key = openssl_pkey_new(['private_key_bits' => $size, 'private_key_type' => OPENSSL_KEYTYPE_RSA]); openssl_pkey_export($key, $out); $rsa = new RSAKey($out); $values = array_merge($values, $rsa->toArray()); return new JWK($values); }
/** * @param string $pem * @param null|string $password * * @throws \Exception * * @return array */ private static function loadKeyFromPEM($pem, $password = null) { if (preg_match('#DEK-Info: (.+),(.+)#', $pem, $matches)) { $pem = self::decodePem($pem, $matches, $password); } self::sanitizePEM($pem); $res = openssl_pkey_get_private($pem); if ($res === false) { $res = openssl_pkey_get_public($pem); } Assertion::false($res === false, 'Unable to load the key'); $details = openssl_pkey_get_details($res); Assertion::isArray($details, 'Unable to get details of the key'); Assertion::keyExists($details, 'type', 'Unable to get details of the key'); switch ($details['type']) { case OPENSSL_KEYTYPE_EC: $ec_key = new ECKey($pem); return $ec_key->toArray(); case OPENSSL_KEYTYPE_RSA: $rsa_key = new RSAKey($pem); return $rsa_key->toArray(); default: throw new \InvalidArgumentException('Unsupported key type'); } }
/** * @param \Jose\KeyConverter\RSAKey $private * * @return \Jose\KeyConverter\RSAKey */ public static function toPublic(RSAKey $private) { $data = $private->toArray(); $keys = ['p', 'd', 'q', 'dp', 'dq', 'qi']; foreach ($keys as $key) { if (array_key_exists($key, $data)) { unset($data[$key]); } } return new self($data); }