/** * * @see \JWX\JWS\SignatureAlgorithm::computeSignature() * @throws \LogicException If private key was not provided * @throws \RuntimeException For generic errors * @return string */ public function computeSignature($data) { /** * NOTE: OpenSSL uses PKCS #1 v1.5 padding by default, so no explicit * padding is required by sign and verify operations. */ if (!isset($this->_privateKey)) { throw new \LogicException("Private key not set."); } $key = openssl_pkey_get_private($this->_privateKey->toPEM()->string()); if (!$key) { throw new \RuntimeException("openssl_pkey_get_private() failed: " . $this->_getLastOpenSSLError()); } $result = @openssl_sign($data, $signature, $key, $this->_mdMethod()); if (!$result) { throw new \RuntimeException("openssl_sign() failed: " . $this->_getLastOpenSSLError()); } return $signature; }
/** * Constructor * * @param JWKParameter ...$params * @throws \UnexpectedValueException If missing required parameter */ public function __construct(JWKParameter ...$params) { parent::__construct(...$params); foreach (self::MANAGED_PARAMS as $name) { if (!$this->has($name)) { throw new \UnexpectedValueException("Missing '{$name}' parameter."); } } if ($this->keyTypeParameter()->value() != KeyTypeParameter::TYPE_RSA) { throw new \UnexpectedValueException("Invalid key type."); } // cast private exponent to correct class $key = JWKParameter::PARAM_PRIVATE_EXPONENT; $this->_parameters[$key] = new PrivateExponentParameter($this->_parameters[$key]->value()); }