/**
* Initialize private key from PEM.
*
* @param PEM $pem
* @throws \UnexpectedValueException
* @return self
*/
public static function fromPEM(PEM $pem)
{
switch ($pem->type()) {
case PEM::TYPE_RSA_PRIVATE_KEY:
return RSAPrivateKey::fromDER($pem->data());
case PEM::TYPE_EC_PRIVATE_KEY:
return ECPrivateKey::fromDER($pem->data());
case PEM::TYPE_PRIVATE_KEY:
return PrivateKeyInfo::fromDER($pem->data())->privateKey();
}
throw new \UnexpectedValueException("PEM type " . $pem->type() . " is not a valid private key.");
}
/**
* Convert JWK to PEM.
*
* @return PEM PRIVATE KEY
*/
public function toPEM()
{
$n = $this->modulusParameter()->number()->base10();
$e = $this->exponentParameter()->number()->base10();
$d = $this->privateExponentParameter()->number()->base10();
$p = $this->firstPrimeFactorParameter()->number()->base10();
$q = $this->secondPrimeFactorParameter()->number()->base10();
$dp = $this->firstFactorCRTExponentParameter()->number()->base10();
$dq = $this->secondFactorCRTExponentParameter()->number()->base10();
$qi = $this->firstCRTCoefficientParameter()->number()->base10();
$pk = new RSAPrivateKey($n, $e, $d, $p, $q, $dp, $dq, $qi);
$pki = new PrivateKeyInfo(new RSAEncryptionAlgorithmIdentifier(), $pk->toDER());
return $pki->toPEM();
}
/**
* Get private key.
*
* @throws \RuntimeException
* @return PrivateKey
*/
public function privateKey()
{
$algo = $this->algorithmIdentifier();
switch ($algo->oid()) {
// RSA
case AlgorithmIdentifier::OID_RSA_ENCRYPTION:
return RSAPrivateKey::fromDER($this->_privateKeyData);
// elliptic curve
// elliptic curve
case AlgorithmIdentifier::OID_EC_PUBLIC_KEY:
$pk = ECPrivateKey::fromDER($this->_privateKeyData);
// if private key doesn't encode named curve, assign from parameters
if (!$pk->hasNamedCurve()) {
if (!$algo instanceof ECPublicKeyAlgorithmIdentifier) {
throw new \UnexpectedValueException("Not an EC algorithm.");
}
$pk = $pk->withNamedCurve($algo->namedCurve());
}
return $pk;
}
throw new \RuntimeException("Private key " . $algo->oid() . " not supported.");
}
